000 006 Chanakya PDF

Chanakya “The King of IT Certifications”
000‐006

IBM Tivoli Identity Manager V5.1 Implementation
Ver 6.40
Q&A 158
itchanakya@hotmail.com
itcertification39@gmail.com
Chanakya was founded in 2008. The safer, easier way to help you
pass any IT Certification exams. We provide high quality IT
Certification exams practice questions and answers (Q&A).
Especially Adobe, Apple, Citrix, Comptia, EMC, HP,IBM, Cognos,
Microsoft, Business Objects ,Symantec, Juniper, LPI, Nortel,
Oracle, SUN, VMware and Many more and help you pass any IT
Certification exams at the first try.
You can reach us at any of the email addresses listed below.
http://doallcertificationhere.blogspot.com

Exam A
QUESTION 1
Which two join directives can be used when multiple provisioning policies affect the same account?
(Choose two.)
A. Xor
B. Not
C. And
D. None
E. Union
s"
Answer: CE
n
io
QUESTION 2
at
Which two options should be included in a custom adapter design document? (Choose two.)
ic
A. supported platforms, Java version, log file locations
tif
B. input requirements, installation instructions, prerequisites
C. process flow diagram, debugging information and log file information
er
D. prerequisites, supported platforms, process flow diagrams, source code
C
E. security certificate configuration, installation location, input requirements
IT
Answer: BC
of
QUESTION 3
Click the Exhibit button.
ng
Ki
he
"T
a
ky
na
ha
C
Based on the organization chart and list of roles, which option is correct for this IBM Tivoli Identity Manager
V5.1 configuration?
A. A user in the On Demand Incorporated business unit can be granted the DESIGNER organizational
role.
itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

B. Only users in the Engineering and any sub tree business units can be granted the DESIGNER
organizational role.
C. A provisioning policy with DESIGNER organizational role as membership can only be created in the
Engineering business unit.
D. Users in the On Demand Incorporated and sub tree business units will automatically be granted the
EMPLOYEE organizational role
Answer: A
QUESTION 4
Which information is stored in a certificate used to secure the connection between IBM Tivoli Identity
s"
Manager Server and its adapters?
n
A. certificate expiration date
io
B. certificate encryption type
at
C. certificate requester's name
D. certificate encryption strength
ic
tif
Answer: A
er
QUESTION 5
C
The Business Continuity Review describes the system availability characteristics of the solution design. In
a typical high availability (HA) configuration, a load balancer is configured in front of several peer masters
IT
for the directory server. Which statement is true regarding load balancing in an IBM Tivoli Identity Manager
(Tivoli Identity Manager) HA solution design?
of
A. If a primary master goes down, all traffic to that master is held until the master is available.
B. Load balancing of write traffic is unwise, because it leads to a possibility of an update conflict.
ng
C. If the primary system goes down, the remaining systems do not need to be able to bear the work load.
Ki
D. The Tivoli Identity Manager dataservices component will assist the load balancer in the redirecting of
requests to one of the other replicated Tivoli Identity Manager servers.
he
Answer: B
"T
QUESTION 6
Which steps are needed to create the password policy design?
a
ky
A. define password policy scope, select password settings, document password policy design
B. define password policy requirements, analyze password settings, document password policy design
na
C. gather current password settings, analyze password policy, define password scope, document
password policy design
ha
D. gather password policy requirements, define password policy scope, define password settings,
document password policy design
C
Answer: D
QUESTION 7
Which option is relevant to gathering requirements and creating an IBM Tivoli Identity Manager (Tivoli
Identity Manager) system architecture document?
A. formulate list of questions, identify interviewees, identify timelines for project phases, and delegate
responsibility

B. formulate list of questions, identify interviewees, identify network topology, and ensure business
continuity planning
C. formulate list of questions, identify interviewees, discuss organization chart structure, and discuss Tivoli
Identity Manager ACI and group security model
D. discuss firewall rules, discuss certificate installations for HTTPS communication, and discuss Tivoli
Identity Manager Web application security and hijack-prevention features
Answer: B
QUESTION 8
Which sequence of actions best describes a secure practice for sensitive data in an IBM Tivoli Identity
s"
Manager (Tivoli Identity Manager) database?
n
A. Schedule periodic database backups regularly in order to prevent losing sensitive data.
io
B. Enable security on the WebSphere Application Server and disallow running the WebSphere Application
at
Server using a non-root account.
C. Restrict network traffic to those ports or systems needed by the deployment only. If you write your own
ic
application and use a Tivoli Identity Manager API to retrieve sensitive data, encrypt the data before
tif
sending it over the network.
D. Restrict operating system access to database files. Limit the privileges of the operating system
er
accounts (administrative, root-privileged, or DBA) to the least privileges needed, change the default
passwords, and enforce periodic password changes.
Answer: D
C
IT
QUESTION 9
of
Given the desired services list and organization structure design, which two options are essential to create
a service design? (Choose two.)
ng
A. Define reporting data.

Ki
B. Validate human resource data.

C. Define organization requirements.
he
D. Gather platform business processes.

E. Gather IBM Tivoli Identity Manager access requirements
"T
Answer: CD
a
ky
QUESTION 10
In which formats can reports from the IBM Tivoli Identity Manager user interface be generated?
na
A. PDF, CSV
ha
B. TXT, XML
C. PDF, TXT
C
D. HTML, PDF
Answer: A
QUESTION 11
A simple IBM Tivoli Identity Manager (Tivoli Identity Manager) implementation running on a Windows-
based server includes a single AIX platform with two adapters (UNIX and DB2). What are two necessary
considerations when creating an upgrade planning document for this scenario?
A. middleware versions and domain trust relationships

B. secure FTP constraints and domain trust relationships
C. middleware versions and operating system release levels
D. secure FTP constraints and operating system release levels
Answer: C
QUESTION 12
Which two options describe components of the Self-Service User Interface that can be included in the
customization design? (Choose two.)
A. changing the button text
s"
B. changing the banner colors
n
C. creating a custom workflow approval process
io
D. changing the default lifecycle management flow
at
E. creating new views for IBM Tivoli Identity Manager groups
ic
Answer: AB
tif
QUESTION 13
er
When performing analysis for designing a global identity policy, which considerations are essential?
C
A. UID constraints of each managed service type, and the erglobalid of the person object
IT
B. which managed service has the least restrictive UID constraints, and the erglobalid of the person
objects
C. UID constraints of each managed service type, and which attributes are available from the person
of
objects
D. which managed service has the least restrictive UID constraints, and which attributes are available from
ng
the person object

Ki
Answer: C
he
QUESTION 14
Given the information in the sample Organization Chart, which three pairs of roles are valid in a rule of a
"T
separation of duty policy? (Choose three.)
A. Operations and Web Page design

a
B. Development and Web page design

ky
C. Operations and Production Web Team

na
D. Web page design and Production Web Team

E. Engineering and Web Infrastructure Engineering
ha
F. Development and Web Infrastructure Engineering
Answer: ADF
C
QUESTION 15
In preparation for an initial identity or Identity feed to IBM Tivoli Identity Manager (Tivoli Identity Manager)
V5.1 „ which two person attributes are required as a minimum in the feed? (Choose two.)
A. Last Name (attribute sn)

B. Common Name (attribute cn)
C. Organizational Unit (attribute ou)
D. First Name (attribute givenname)

E. Employee Number (attribute employeeNumber)
Answer: AB
QUESTION 16
A customer has chosen to separate the administration in IBM Tivoli Identity Manager (Tivoli Identity
Manager) of some target application services and provisioning parameters using Tivoli Identity Manager
groups. Which two options will be required, as a minimum, to implement security in this instance? (Choose
two.)
A. group-based ACIs
s"
B. service-based ACIs for the application services
C. account-based ACIs for the application targets
n
io
D. provisioning policy ACIs for the provisioning policies
E. organizational unit ACIs with services and policies defined at that level
at
Answer: BD
ic
tif
QUESTION 17
er
In a CSV identity feed, what is the definition of the name attribute?
C
A. the attribute that uniquely identifies the person
B. the attribute that contains the full name of the person
IT
C. the attribute that is used by IBM Tivoli Identity Manager to resolve account ownerships during
reconciliations
of
D. the attribute that contains the fully qualified DN of the person in the IBM Tivoli Identity Manager
ou=person container
ng
Answer: A
Ki
QUESTION 18
he
The account and password design document indicates that new accounts and passwords are initially set
up by a designated security officer Therefore, the notification is sent to the security officer and Is not sent
to each account owner. Which two options can be configured to meet this requirement? (Choose two.)
"T
A. Modify the existing e-mail notification templates to add the custom recipient.
a
B. Design a new e-mail notification template and add to the list of available workflow notification
ky
templates.
C. Configure a mail node in the operation workflow where the participant is a person with an e-mail
na
account.
D. The IBM Tivoli Identity Manager administrator would disable the New Account Notification template and
ha
the New Password template in Configuration > Properties > Notification Templates.
E. The IBM Tivoli Identity Manager administrator would disable the New Account Notification template and
the New Password template in Configure System > Workflow Notification Properties.
C
Answer: CE
QUESTION 19
What is the proper ordering of tasks during an IBM Tivoli Identity Manager V5.1 solution project?
A. solution design, installation, configuration, customization, testing, turn over

B. assessment, solution design, installation, customization, configuration, testing, turn over
C. assessment, solution design, installation, configuration, testing, customization, turn over

D. assessment, solution design, installation, configuration, customization, testing, turn over
Answer: D
QUESTION 20
When can an IBM Tivoli Identity Manager (Tivoli Identity Manager) functional test case be executed on a
Tivoli Identity Manager adapter?
A. after performance tests on the adapter have been completed

B. after the adapter is installed and the corresponding service has been reconciled
C. when a remediation procedure exists as part of the risk assessment if the test case fails
s"
D. after test cases on the Tivoli Identity Manager server configuration have been completed
n
Answer: D
io
at
QUESTION 21
ic
A backup design requiring backups of all IBM Tivoli Identity Manager (Tivoli Identity Manager)-related
tif
components (WebSphere, LDAP, database) to occur at midnight has been created. All Tivoli Identity
Manager processes are quiesced for the duration of the backups. The backups run successfully, and Tivoli
er
Identity Manager is restarted. During the night an identity feed runs, creating 1000 new employees. The
identify feed specifies Use Workflow on the service definition and both a Tivoli Identity Manager account
C
and an AD account are automatically provisioned for each person. Both services specify that non-
compliance must be corrected. The related provisioning policies use UID from the person object for eruid
IT
on both services. An adoption policy exists for AD to search person objects for UIDs matching eruid during
reconciliation. The identify feed and all of its provisioning operations are completed by 3 a.m. At 7 a.m., a
catastrophic hardware failure occurs against the Tivoli Identity Manager LDAP and a restoration from the
of
previous 12 a.m. backup must be performed.

Which actions must be taken to recover the updates to LDAP that occurred during the identity feed and
ng
related provisioning activities?
A. Rerun the identify feed exactly as it was originally run.

Ki
B. Rerun the identify feed with Use Workflow disabled. Then perform reconciliation against the Tivoli
Identity Manager service specifying policy checking.
he
C. Rerun the identify feed, disabling Use Workflow. Then perform reconciliation against the AD service
specifying that policy checking not be performed during the reconciliation.
"T
D. Make the AD provisioning policy manual. Rerun the identify feed as it was originally run. Then perform
reconciliation against the AD service specifying that policy checking be performed during the
reconciliation. Make the AD provisioning policy automatic.
a
ky
Answer: D
na
QUESTION 22
ha
Which two options would be included in a customization design? (Choose two.)
A. definitions of e-mail content for all approval e-mails

C
B. JavaScript for the Active Directory service identity policy

C. a matrix of requirements for password policies for all UNIX platforms
D. requirements for JavaScript extensions that will be used in workflows
E. requirements for a service provider that will be used to interface with the managed platform using Web
Services
Answer: DE
QUESTION 23

Which three recertification reports can be requested? (Choose three.)
A. Recertification Policies Report

B. Recertification Completion Report
C. Recertification Compliance Report
D. Recertification Change History Report
E. Recertification Accounts/Access Pending Report
F. Accounts/Access Pending Recertification Report
Answer: ADF
s"
QUESTION 24
n
Which steps are needed to create an organization structure design from an existing organization and
io
reporting structure?
at
A. define organization structure, review organization structure with customer, document organization
structure
ic
B. review organization and reporting structure, formalize organization structure, document organization
tif
structure
er
C. gather organization structure requirements, discuss alternatives, formalize organization structure,
document organization structure
C
D. gather organization structure requirements, formalize organization structure, review organization
structure with customer, document organization structure
IT
Answer: C
of
QUESTION 25
ng
Which basic tasks should a recertification process include?

Ki
A. user notification, user acknowledgment

B. user notification, user acknowledgment, logging
he
C. manager notification, manager approval, logging

D. user notification, user acknowledgment, manager approval, logging
"T
Answer: B
a
QUESTION 26
ky
Which option would be most appropriate to include in a lifecycle management design?

na
A. provisioning policy definition

B. the requirements for dynamic role definition
ha
C. reconciliation requirements for Active Directory

D. the requirements for how often to check for inactive accounts
C
Answer: D
QUESTION 27

n s"
io
at
ic
tif
er
C
IT
of
A. The request is escalated to the first-line manager peer, and the remaining workflows continue.
B. The Enterprise LDAP User account will not be created, and the remainder of the workflow continues.
ng
C. The Enterprise LDAP Global Administrator account will not be created, and the remainder of the
workflow continues.
Ki
D. All accounts for the user are created except for the Enterprise LDAP Global Administrator account, and
an escalation is sent to the Service Desk.
he
Answer: C
"T
QUESTION 28
Where do the assembly lines associated with RMI-based adapter functions reside?
a
ky
A. IBM Tivoli Identity Manager LDAP

B. IBM Tivoli Identity Manager database
na
C. IBM Tivoli Identity Manager property files

D. IBM Tivoli Directory Integrator Solutions directory
ha
Answer: A
C
QUESTION 29
Which three database servers are supported by IBM Tivoli Identity Manager V5.1? (Choose three.)
A. Oracle
B. MySQL Enterprise Edition
C. IBM DB2 Enterprise Edition
D. IBM Informix Dynamic Server
E. Sybase Adaptive Server Enterprise

F. Microsoft SQL Server Enterprise Edition
Answer: ACF
QUESTION 30
On a single-server WebSphere configuration, where is the SelfServiceUI.properties file located?
A. <ITIM_HOME>/data
B. <WAS_PROFILE_HOME>\installedApps\<node_name>\itim_self_service.war
C. <WAS_PROFILE_HOME>\installedApps\<node_name>\ITIM.ear\itim_self_service.war
s"
D. <WAS_PROFILE_HOME>\installedApps\<node_name>\ITIM.ear\itim_self_seivice.war/custom
n
Answer: A
io
at
QUESTION 31
The process of creating a Certificate Signing Request with the adapter certificate tool would only apply to
ic
which class of adapters?
tif
A. JAAS-based
er
B. DAML-based
C. TDI/RMI-based
D. Secure FTP-based
C
IT
Answer: B
of
QUESTION 32
ng
Which two steps are required to independently install IBM Tivoli Directory Integrator (Tivoli Directory
Integrator) on a separate computer? (Choose two.)
Ki
A. Read the IBM Tivoli Identity Manager (Tivoli Identity Manager) release notes relating to support levels
of Tivoli Directory Integrator and fixes required.
he
B. After Tivoli Identity Manager is installed, the agentless adapters and the adapter profiles are
automatically installed on the computer that hosts Tivoli Identity Manager.
"T
C. After Tivoli Identity Manager is installed, the agentless adapters are automatically installed. Manually
install the adapter profiles on the computer that hosts Tivoli Identity Manager.
D. After Tivoli Identity Manager is installed, manually install the 5.1 agentless adapters provided with the
a
product on the computer that hosts Tivoli Directory Integrator. Manually install the adapter profiles on
ky
the computer that hosts Tivoli Identity Manager.

E. After Tivoli Identity Manager is installed, the agentless adapters are automatically installed on the
na
computer that hosts Tivoli Identity Manager. Import the adapter profiles using the Import/Export facility
on the Tivoli Identity Manager administrative console.
ha
Answer: AD
C
QUESTION 33
In a cluster installation, which option should be used to create the IBM Tivoli Identity Manager V5.1
installation directories?
A. Directory name must be unique for all cluster members.

B. Directory name must be the same for all cluster members.
C. Directory name must contain the host name of the cluster members.
D. Directory should be shared among cluster members on a storage area network (SAN) drive

Answer: B
QUESTION 34
Which two commands are used to schedule a report in IBM Tivoli Common Reporting? (Choose two.)
A. trcmd -run
B. scheduler -run
C. scheduler -set
D. trcmd -distribute
E. scheduler -distribute
s"
Answer: AD
n
io
QUESTION 35
at
What is the initial logon password for the itim manager user?
ic
A. reset
tif
B. admin
C. secret
er
D. itim mana
Answer: C
C
IT
QUESTION 36
of
What sets of areas can be disabled on the Self Service Console?

ng
A. Banner area, Toolbar area, and Footer area

B. Banner area, Content area, and Footer area
Ki
C. Content area, Banner area, and Toolbar area

D. Navigation area, Toolbar area, and Content area
he
Answer: A
"T
QUESTION 37
a
Which statement is true regarding the function that post office configuration can provide?
ky
A. The post office template can be cloned to reuse as different types of aggregate templates.
B. It allows a test of aggregation to be performed with chosen notification style from the administrative
na
console. C. It controls the volume of e-mail notifications if post office is enabled globally and Is not
disallowed by Workflow activities.
ha
C. It provides the capability to configure an alert facility to indicate that e-mail notifications are not being
sent to the mail server
C
Answer: C
QUESTION 38
Where are the challenge-response questions and Answer:s stored?
A. enRole.properties file
B. IBM Tivoli Identity Manager Database
C. WebSphere Application Server database
D. IBM Tivoli Identity Manager LDAP Directory

Answer: D
QUESTION 39
Which statement is true of Email Notification templates in IBM Tivoli Identity Manager (Tivoli Identity
Manager) V5.1?
A. JavaScript content or tags are only available to Plaintext and XHTML bodies when customizing a
Workflow Notification template.
B. The Tivoli Identity Manager Administrative Console will throw a parsing error if it finds a dynamic
content tag Is not recognized when saving an edited template.
s"
C. The Manual Activity templates can be disabled by choosing the Disable option for the template under
Configure System > Workflow Notification Properties.
n
D. Mail templates saved using the Tivoli Identity Manager Mail activity template in Entitlement or
io
Operational Workflows are available under Configure System > Workflow Notification Properties.
at
Answer: B
ic
tif
QUESTION 40
er
Which two tasks can be included as direct URL links on the IBM Tivoli Identity Manager V5.1
Administrative Console home page? (Choose two.)
A. Manage service types.

C
IT
B. Monitor recycle bin properties.
C. Set workflow notification properties.
of
D. Change core component logging levels.

E. Configure number of search results displayed on a panel
ng
Answer: AC
Ki
QUESTION 41
he
Which option describes the choices for defining an e-mail activity template?
A. The system template can be modified.

"T
B. User-defined templates are not allowed.

C. Only system-defined templates can be selected.
a
D. The system template can be copied and modified

ky
Answer: D
na
QUESTION 42
ha
The join directive behavior for the provisioning policy for the ITIMService needs to be customized. Which
option is the correct method to change the join behavior?
C
A. From the navigation tree, select Manage Services> ITIMService > Configure Policy Join Behaviors.
B. From the navigation tree, select Manage Policies > Manage Provisioning Policies, and click Service
Type to select ITIMService.
C. From the Tivoli Identity Manager administrative console, select Configuration > Policy, and click Service
Type to select ITIMService
D. From the navigation tree, select Configure System > Configure Policy Join Behaviors, and click Service
Type to select ITIMService.
Answer: D

QUESTION 43
What are the two valid settings or behaviors for the enrole.workflow.notifypassword property? (Choose
two.)
A. True: e-mail notification of a password change is sent to the user.

B. False: e-mail notification of a password change is not sent to the user.
C. Sup: e-mail notification of a password change is not sent to the user; it is instead sent to his supervisor
(manager).
D. URL: e-mail notification of a password change is sent to the user. The e-mail contains a URL where the
user can obtain the password by entering his shared secret.
s"
E. False: e-mail notification of a password change is sent to the user. The e-mail contains a URL where
n
the user can obtain the password by entering his shared secret.
io
Answer: AE
at
ic
QUESTION 44
Which two of these entities can be customized? (Choose two.)
tif
er
A. Person
B. Location
C
C. Admin Domain
IT
D. Identity Manager User
E. BPerson (Business Partner Person)
of
Answer: AE
ng
QUESTION 45
Where can a password policy for a service reside in the organizational chart in relation to its target
Ki
service?
he
A. It can only reside in the same business unit that contains the service.
B. It can reside in the same business unit that contains the service or above the business unit that
"T
contains the service.

C. It can reside in the same business unit that contains the service, or below the business unit that
contains the service.
a
D. It can reside anywhere in relation to its target service because the location of the password policy is
ky
driven by the location of the users to whose passwords it will apply.

na
Answer: B
ha
QUESTION 46
What JavaScript engine is used by IBM Tivoli Identity Manager V5.1 as a script interpreter?
C
A. IBM JSEngine
B. Windows Scripting Host
C. Rhino JavaScript Engine
D. PHP JavaScript Interpreter
Answer: A
QUESTION 47

The IBM Tivoli Identity Manager (Tivoli Identity Manager) Server uses a placement rule to determine where
in the organization chart a person should be placed. Which statement is true regarding placement rules?
A. Placement rules are only evaluated during an add operation.

B. Placement rules are written with JavaScript that returns the organization path in a common name (cn)
format.
C. Placement rules are written with JavaScript that returns the organization path in a distinguished name
(dn) format.
D. If organization information cannot be determined by the placement rule, then the person is not added to
the Tivoli Identity Manager directory
Answer: C
n s"
QUESTION 48
io
Which option is vital to ensuring that IBM Tivoli Identity Manager is properly tuned?
at
A. Minimize the use of static roles.
ic
B. Use dynamic roles whenever possible.
tif
C. Ensure that all attributes used in searches are indexed in LDAP.
D. Place all ACIs as high as possible in the organization tree to ensure maximum coverage
er
Answer: C
C
IT
QUESTION 49
Afresh copy of IBM Tivoli Identity Manager (Tivoli Identity Manager) has been installed and the Active
of
Directory (AD) adapter profile has been imported. Where are the labels for the attributes on the AD
account form stored?
ng
A. Tivoli Identity Manager database

B. Tivoli Identity Manager LDAP directory
Ki
C. Formtemplates.properties in <$itim_home>/data
D. CustomLabels.properties file in <$itim_home>/data
he
Answer: A
"T
QUESTION 50
a
Which three types of files control the appearance of the Self-Service user interface? (Choose three.)
ky
A. Properties configuration files

na
B. Java Archive (JAR) configuration files

C. Java Key Store (JKS) configuration files
ha
D. HyperText Markup Language (HTML) flies

E. Java Server Pages (JSP) configuration files
C
F. Cascading Style Sheet (CSS) configuration files
Answer: AEF
QUESTION 51
Which two actions cause dynamic roles to be reevaluated? (Choose two.)
A. when the LDAP filter is modified

B. when a new ou is added to the organization tree

C. when a person entity's personal information is modified
D. when the IBM Tivoli Identity Manager LDAP schema is updated
E. when an associated provisioning policy is modified (one for which the role defines membership)
Answer: AC
QUESTION 52
Which IBM Tivoli Identity Manager service types are available by default?
A. IDI data feed, HTTP identity feed, XML
s"
B. RMI dispatcher, DAML service, Hosted service
C. DSML identity feed, CSV identity feed, Hosted service
n
D. LDAP service, Windows service, inetOrgPerson identity feed
io
Answer: C
at
ic
QUESTION 53
tif
Custom workflow elements are registered with IBM Tivoli Identity Manager by editing which file in the
$ITIM_HOME/data directory?
er
A. enRole.properties
B. workflowextensions.xml
C
IT
C. workflowDataSyntax.xm!
D. workflowextensions.properties
of
Answer: B
ng
QUESTION 54
Ki
Which list displays all the entitlement workflow design elements available in IBM Tivoli Identity Manager?
A. Approval, Loop, Subprocess, RFI, Operation, Work Order, Script, Extension

he
B. Approval, Mail, RFI, Operation, Loop, Extension, Script, Work Order, Subprocess
C. Approval, Loop, Subprocess, RFI, Operation, Event Notification, Script, Extension
"T
D. Approval, Denial, Suspend, Subprocess, RFI, Operation, Work Order, Script, Extension
a
Answer: B
ky
QUESTION 55
na
Which two fields are required when an identity policy is defined? (Choose two.)
ha
A. Name
B. Prefix
C
C. Business Unit
D. Common Name
E. Organizational Name
Answer: AC
QUESTION 56
Which option describes valid memberships for a Report ACI (an ACI that protects a Report category item)
in IBM Tivoli Identity Manager (Tivoli Identity Manager)?

A. members of an organizational role
B. members of an Tivoli Identity Manager group
C. the report owner, members of an Tivoli Identity Manager group
D. the supervisor of the business unit in which the user resides, members of an Tivoli Identity Manager
group
Answer: B
QUESTION 57
The administrator has modified the system-defined add operation for the person entity type by adding an
approval node to the workflow. The requirements have changed, and the approval for adding a new person
s"
is no longer required. The administrator would like to remove the approval node from the workflow. Which
n
activity should the administrator perform?
io
A. From Configuration > Entities, select the person entity. Select Define Operations. Select the Add
at
operation and Delete pushbutton option.
B. From Configure System > Manage Operations, select Entity type level and the Entity type of Person.
ic
Select the Add operation and the Delete pushbutton option.
tif
C. From Design Workflows > Manage Person Request Workflows, search for the Person Add Workflow.
Select the Default Person Add Workflow of type Entity override and Delete pushbutton option.
er
D. From Configure System > Manage Operations, select Entity type level and the Entity type of Person.
Select the Add operation and the Change pushbutton option. Then remove the approval node from the
C
operation diagram.
IT
Answer: D
of
QUESTION 58
Which IBM Tivoli Identity Manager (Tivoli Identity Manager) users can approve exemptions to Separation
ng
of Duty policy violations?

Ki
A. Only the Policy owner can approve exemptions to Separation of Duty violations.
B. Approval of exemptions to Separation of Duty policy violations is not allowed in Tivoli Identity Manager.
he
C. Only members of the Tivoli Identity Manager Administrator Group can approve exemptions to
Separation of Duty violations.
"T
D. Both members of the Tivoli Identity Manager Administrator Group and the Policy owner can approve
exemptions to Separation of Duty violations.
a
Answer: D
ky
na
QUESTION 59
Which two statements are true of service selection policies? (Choose two.)
ha
A. Any JavaScript entered in the service selection script Is syntax-checked before saving.
B. Deleting a service selection policy may result in the removal of previous accesses provided by this
C
policy.
C. Deleting a service selection policy will not result in the removal of previous accesses provided by this
policy.
D. After a policy is saved, it will perform an immediate evaluation, regardless of whether it is enabled or
disabled.
E. As a result of a service selection evaluation, IBM Tivoli Identity Manager V5.1 access entitlements can
be provisioned
Answer: BE

QUESTION 60
When specifying All Users in the Organization as the membership type for a provisioning policy, which
option describes the operation of the policy when a single service is specified as the manual entitlement?
A. All users on the system can only have an account of the specified service.
B. Any user in the system is authorized to have an account on the specified service.
C. This policy overrides any automatic policy for the same service for all users in the system.
D. All users in the system will be provisioned an account on the specified service when the policy is
evaluated
Answer: B
s"
QUESTION 61
n
For IBM Tivoli Identity Manager (Tivoli Identity Manager) 5.1 DAML-based adapters, what item relating to
io
reconciliations can be configured using agentCfg?
at
A. use of xforms.xml
ic
B. use of LDAP v3 reconciliation filters
tif
C. specification of supporting-data-only reconciliation parameters
D. use of SSL communication with the Tivoli Identity Manager server
er
Answer: D
C
IT
QUESTION 62
Which default objectclass will IBM Tivoli Identity Manager V5.1 expect during an identity feed?
of
A. inetOrgPerson
ng
B. hruserOrgPerson
C. distinguishedName
Ki
D. userPrincipalName
Answer: A
he
"T
QUESTION 63
A company uses PeopleSoft to generate a unique employee designator as each new employee is entered
Into the HR system. IBM Tivoli Identity Manager has been configured to import the HR data from
a
PeopleSoft, including the unique Identifier (gbculd). As a policy, the company has used the gbcuid attribute
ky
as the UID of its managed targets. During the implementation, which action would the IBM consultants take
to match the AD accounts to their corresponding person entities and minimize any orphans?
na
A. Set the eraliases attribute to the gbcuid.

ha
B. Configure the identity policy to return the gbcuid.

C. Create a dynamic role with the filter: (eralias=gbcuid).
C
D. Mimic the gbcuid algorithm with JavaScript for generating the uid attribute on the AD entitlements form
Answer: A
QUESTION 64
Click the Exhibit button. Based on the logical architecture, which action can be considered to enforce
provisioning policies on target resources during the identity feed process?

n s"
io
at
ic
tif
er
A.
C
Configure adapters to enforce provisioning policies of new identities.
IT
B. Enable workflow to enforce provisioning policies of incoming identities.
C. Initiate a reconciliation activity immediately on an identity feed service.
of
D. Schedule a reconciliation to run at a specific interval. During the reconciliation, IBM Tivoli Identity
Manager automatically enforces provisioning policies.
ng
Answer: B
Ki
QUESTION 65
he
Which two statements are true when enabling increased trace logging to help determine a problem in IBM
Tivoli Identity Manager? (Choose two.)
"T
A. Set logger.trace.level=DEBUG_MAX in errorLogging.properties.

B. Set logger.trace.com.ibm=DEBUG_MA>; in errorLogging.properties.
a
C. Set logger.trace.level=DEBUG_MAX in the file enRoleLogging.properties.

ky
D. Turn on the setting logger.trace.logging=true in enRoleLogging.properties.

E. Configure the setting logger.trace.level=10 for maximum detail in the trace log
na
Answer: CD
ha
QUESTION 66
C
Which statement is true of message, trace, and authentication log formats in IBM Tivoli Identity Manager
(Tivoli Identity Manager)?
A. All files are stored by Tivoli Identity Manager in XML format.

B. All files are stored by Tivoli Identity Manager in HTML format.
C. All files are stored by Tivoli Identity Manager in CTGIM format.
D. All files are stored by Tivoli Identity Manager in plaintext format
Answer: A

QUESTION 67
After making changes to a custom adapter and reloading the profile into IBM Tivoli Identity Manager (Tivoli
Identity Manager) using the import capability, a test is run on the adapter. The test results show that the
changes did not appear to make any difference in the results. After inspecting the IBM Tivoli Directory
Integrator (Tivoli Directory Integrator) log file for the adapter, the logging statements that were added do
not appear to be logging any output. What is one possible explanation for this behavior?
A. Logging is not supported in Tivoli Directory Integrator-based adapters.

B. The existing profile must be uninstalled before installing a new profile update.
C. The Tivoli Directory Integrator server was not restarted after the profile was reloaded.
D. Tivoli Identity Manager must be restarted after making any changes to the profile information
s"
Answer: C
n
io
QUESTION 68
at
Which command can be used on a UNIX system to collect data to be sent to a support representative?
ic
A. ffdc.sh
tif
B. itiittbackup. sh
er
C. collect_ffdc.sh
D. serviceability.sh
Answer: D C
IT
of
QUESTION 69
Which statement is true when evaluating a placement rule on an identity feed service?
ng
A. The placement rule is only evaluated if the "Use workflow" option is checked.
B. The placement rule determines the placement of the identity into organizational roles.
Ki
C. The placement rule returns the organizational container where the identity is to be anchored.
D. The placement rule returns a true or false value to determine if an identity can be placed into IBM Tivoli
he
Identity Manager or not

"T
Answer: C
a
QUESTION 70
ky
When migrating IBM Tivoli Identity Manager (Tivoli Identity Manager) from a test to a production
environment, which task is valid?
na
A. Export all the LDAP user accounts from test to production.

ha
B. Use the Import/Export feature to migrate the Tivoli Identity Manager configuration.
C. Assign the Tivoli Identity Manager test server the same host name as the production server.
C
D. Copy all the IBM Tivoli Directory Server data files to the Tivoli Identity Manager production system
Answer: B
QUESTION 71
New accounts that are reconciled from a remote platform are put up for adoption through the applicable
adoption policy, or they are orphaned. What person attribute Is matched against the account eruid attribute
by the default global adoption policy in IBM Tivoli Identity Manager V5.1?
A. the sn attribute

B. the cn attribute
C. the uid attribute
D. the eraliases attribute
Answer: C
QUESTION 72
After testing the SSL connection between the IBM Tivoli Identity Manager V5.1 server and the directory
server, the login fails. Which two options should be checked? (Choose two.)
A. The .der file Is corrupted.
s"
B. The truststore file is corrupted.
n
C. The path to the .der file is valid.
io
D. The path to the truststore file is valid.
at
E. The path to the IdapConfig file is valid
ic
Answer: BD
tif
QUESTION 73
er
What are the correct steps to set up a reconciliation of only supporting data after the service definition has
C
been created and reconciliation was not initially defined? IT
A. Supporting data can only be reconciled when the service is created
B. Existing service definitions are displayed by selecting Configure System > Managing Service Types.
C. Existing service definitions are displayed by selecting Manage Services and then searching for the
of
specific service. When the service is listed, click the service name hyperlink to specify the Query to
Reconcile supporting data only.
ng
D. Existing service definitions are displayed by selecting Manage Services and then searching for the
specific service. When the service is listed, selecting the icon next to the name of the service will allow
Ki
the administrator to set up Reconciliation and specify the Query to Reconcile supporting data only.
Answer: D
he
"T
QUESTION 74
IBM Tivoli Identity Manager (Tivoli Identity Manager) development has released a fix pack to address a
specific problem that was found with the reporting module. Which three components, at a minimum, should
a
be backed up? (Choose three.)

ky
A. JDK/SDK
na
B. Database
C. JMS queues
ha
D. LDAP Directory
E. WebSphere Application Server configuration files
C
F. Data subdirectory of Tivoli Identity Manager installation directory
Answer: BDF
QUESTION 75
When an AD Adapter is being upgraded, what consideration must be given to the ADK component?
A. Any AD upgrade requires an ADK upgrade.

B. None; they can be upgraded independently of each other.

C. The ADK must be at the same or higher level than the AD Adapter.
D. The AD Adapter and ADK are one component and are upgraded together
Answer: B
QUESTION 76
The IBM Tivoli Identity Manager (Tivoli Identity Manager) system has been installed and configured with
the initial default parameter settings. The administrator detects rollback errors in the trace.log.Which area
of the Tivoli Identity Manager system should the administrator review in order to eliminate the rollback
errors?
s"
A. Transaction rollbacks can be reduced or eliminated by creating additional indexes for the Directory
Server.
n
B. Transaction rollbacks can be reduced or eliminated by increasing the number of max_connections for
io
the IBM HTTP Server.
at
C. Transaction rollbacks can be reduced or eliminated by adjusting the database storage space or
database locking or database memory.
ic
D. Transaction rollbacks can be reduced or eliminated by increasing the value of the
tif
SearchAIUmUsedTimeout parameter for the RMI Dispatcher
er
Answer: C
QUESTION 77
C
IT
Which two options are correct for configuring the recycle bin in IBM Tivoli Identity Manager (Tivoli Identity
Manager)? (Choose two.)
of
A. The recycle bin is disabled by default in Tivoli Identity Manager and must be enabled explicitly.
B. The recycle bin age limit is the number of days, after which the recycle bin is emptied automatically.
ng
C. The recycle bin can be explicitly emptied by running the Tivoli Identity Manager runConfig script and
setting the Recycle Bin Age Limit parameter to 0 (zero).
Ki
D. The recycle bin age limit is the number of days after which an object in the recycle bin is eligible for
deletion by the Tivoli Identity Manager IdapClean cleanup script.
he
E. The recycle bin holds data objects that are deleted from the Tivoli Identity Manager LDAP repository
and the Tivoli Identity Manager database during the course of operations.
"T
Answer: AD
a
ky
QUESTION 78
Which option describes a prerequisite for installing an IBM Tivoli Identity Manager (Tivoli Identity Manager)
fix pack?
na
A. Stop the LDAP server that is used to contain the Tivoli Identity Manager data.
ha
B. Install the WebSphere Update installer for the appropriate WebSphere version.
C. Make sure that the WebSphere server that is running the Tivoli Identity Manager application is running.
C
D. Ensure that the SOAP request timeout value is set to 150 or less by using the com.ibm.SOAP.
requestTimeout property
Answer: B
QUESTION 79
What is the main purpose of the IBM Tivoli Identity Manager recycle bin?
A. to enhance LDAP performance

B. to preserve a history of user IDs that have been used
C. to provide a ready-recoverability of inadvertently deleted objects
D. to provide a quick failover mechanism if IBM Tivoli Identity Manager LDAP fails
Answer: B
QUESTION 80
IBM Tivoli Identity Manager (Tivoli Identity Manager) development has released a fix pack to address a
specific problem that was found with the reporting module. Which three components, at a minimum, should
be backed up? (Choose three.)
s"
A. JDK/SDK
n
B. Database
io
C. JMS queues
D. LDAP Directory
at
E. WebSphere Application Server configuration files
ic
F. Data subdirectory of Tivoli Identity Manager installation directory
tif
Answer: BDF
er
C
QUESTION 81
The e-rnail business process design indicates that there will be a large number of e-mail transactions. The
IT
IBM Tivoli Identity Manager (Tivoli Identity Manager) administrator has configured the system to enable
store forwarding with a collection interval of 60. Which of these scenarios will occur?
of
A. When the collection interval expires and notifications are aggregated, and there is only one notification
for a given group e-mail topic, the message will be delivered using the post office e-mail template.
ng
B. All activities that generate e-mail notifications will be intercepted and held for 60 minutes. After that
time, notifications are aggregated into one e-mail based on the group e-mail topic value and sent to the
Ki
recipients.
C. All manual activities that generate e-mail notifications that have the Use Group E-mail Topic enabled
will be intercepted and held for up to 60 minutes. After that time, notifications are aggregated into one
he
e-mail based on the group e-mail topic value and sent to the recipients.
D. All manual activities that generate e-mail notifications that have the Use Group E-mail Topic enabled
"T
will be intercepted and held for up to 60 seconds. After that time, notifications are aggregated into one
e-mail based on the group e-mail topic value and sent to the recipients.
a
Answer: C
ky
na
QUESTION 82
Which three statements are valid regarding the IBM Tivoli Identity Manager organization tree? (Choose
ha
three.)
A. ACIs are attached to nodes in the organization tree.

C
B. After it is defined, an organization tree cannot be modified.

C. An organization tree can have multiple organizational units.
D. People are attached at a single point in the organization tree.
E. There can be only one organization at the top of the organization tree.
F. Locations, organizational units, and business partner organizations are technically different containers
Answer: ACD
QUESTION 83

n s"
io
at
ic
tif
er
C
IT
A. Accounts for Active Directory, Enterprise LDAP User, and Exchange are provisioned immediately. An
of
approval request is sent to the Payroll system owner for approval of the Payroll account. An approval
request is sent to the Sales system owner for approval of the Sales account. An approval request is
ng
sent to the Information Technology Risk group for approval of the Global Administrator account and for
justification information.
Ki
B. Accounts for Active Directory, Enterprise LDAP User, and Exchange are provisioned immediately. An
approval request is sent to the employee's first-line manager for approval of the Payroll account. An
approval request is sent to the Sales system owner for approval of the Sales account. An approval
he
request is sent to the Information Technology Risk group for approval of the Global Administrator
account and for justification information.
"T
C. Accounts for Active Directory, Enterprise LDAP User, and Exchange are provisioned immediately. An
approval request is sent to the peer of the employee's first-line manager for approval of the Payroll
account. An approval request is sent to the Sales system owner for approval of the Sales account. An
a
approval request is sent to the Information Technology Risk group for approval of the Global
ky
Administrator account and for justification information.

D. Accounts for Active Directory, Enterprise LDAP User, and Human Resources are provisioned
na
immediately. An approval request Is sent to the peer of the employee's first-line manager for approval
of the Payroll account. An approval request is sent to the Sales system owner for approval of the Sales
ha
account. An approval request Is sent to the Information Technology Risk group for approval of the
Global Administrator account and for justification information.
C
Answer: B
QUESTION 84
What is the key area of concern when considering the high availability (HA) design for the IBM Tivoli
Identity Manager (Tivoli Identity Manager) Application Server?
A. the directory server replication framework to eliminate single points of failure and provide peer-to-peer
failover for the Tivoli Identity Manager application server
B. the configuration of DB2 high availability disaster recovery (HADR) to eliminate single points of failure
and provide peer-to-peer failover for the Tivoli Identity Manager application server

C. the configuration of the WebSphere Application Server vertical clustering to eliminate single points of
failure and provide peer-to-peer failover for the Tivoli Identity Manager application server
D. the WebSphere Application Server high availability framework and configuration to eliminate single
points of failure and provide peer-to-peer failover for the Tivoli Identity Manager application server
Answer: D
QUESTION 85
Which two options should be included in a custom adapter design document? (Choose two.)
A. supported platforms, Java version, log file locations
s"
B. input requirements, installation instructions, prerequisites
n
C. process flow diagram, debugging information and log file information
io
D. prerequisites, supported platforms, process flow diagrams, source code
E. security certificate configuration, installation location, input requirements
at
Answer: BC
ic
tif
QUESTION 86
er
Which option would be included in the lifecycle management design?
A. reconciliation schedule for all UNIX services

C
IT
B. approval requirements for the Active Directory accounts
C. e-mail notification to the service owner when accounts are provisioned
D. e-mail notification requirements when a new IBM Tivoli Identity Manager identity is created with an
of
identity feed
ng
Answer: D
Ki
QUESTION 87
Which methodology can be used to extend the standard password rules?
he
A. None; password rules cannot be extended.

"T
B. Password rules can be extended using JavaScript.

C. Password Java APIs can be used to extend password rules.
a
D. Password rules can be extended using the Pluggable Authentication Module (PAM) framework
ky
Answer: C
na
QUESTION 88
ha
Which two options are part of the customization design process? (Choose two.)
C
A. Test the customization.

B. Create a customization prototype.
C. Document the customization code.
D. Determine the customization scope.
E. Determine the feasibility of the customization
Answer: DE
QUESTION 89
Which two statements are true in relation to designing custom person entities? (Choose two.)

A. Required attributes must be specified in new entity objectclasses.
B. A custom person objectclass must have inetorgperson as its parent.
C. ACIs for the new person entities must be defined before the entity is created.
D. An objectclass can be used by multiple person entities in IBM Tivoli Identity Manager.
E. An entity's objectclass in IBM Tivoli Identity Manager can be named the same as the objectclass in the
customer's authoritative source directory.
Answer: BE
s"
QUESTION 90
n
io
at
ic
tif
er
C
IT
of
ng
Ki
he
"T
a
A customer wants to translate the logical architecture into a physical model the IBM Tivoli Identity Manager
ky
(Tivoli Identity Manager) configuration? Which change must be made to increase the security and
performance of the IBM Tivoli Identity Manager (Tivoli Identity Manager) configuration?
na
A. Keep the configuration as it is, no changes are needed.

ha
B. Move the HTTP server to a standalone computer that has no other Tivoli Identity Manager omponent.
C. Remove the HTTP server component and use built-in WAS HTTP service to improve performance and
avoid a security breach.
C
D. Establish a two-way SSL channel between the HTTP server and Tivoli Identity Manager. Gain
performance by keeping the HTTP server in the same Tivoli Identity Manager computer.
Answer: B
QUESTION 91
Which information is stored in a certificate used to secure the connection between IBM Tivoli Identity
Manager Server and its adapters?

A. certificate expiration date
B. certificate encryption type
C. certificate requester's name
D. certificate encryption strength
Answer: A
QUESTION 92
Which file in English locale contains the definition for the IBM Tivoli Identity Manager screen text that can
be customized?
s"
A. enRole.properties
n
B. CustomLabels. properties
io
C. CustomScreenText_en.propeities
at
D. SelfServiceScreenText_en.properties
ic
Answer: D
tif
QUESTION 93
er
Which statement is correct regarding separation of duty rules?
A. Each separation of duty policy has no more than 7 rules.

C
IT
B. With the use of a permit rule, a user can belong to all the roles in a given rule.
C. The number of roles that you allow to coexist must be at least one fewer than the number of roles in the
list.
of
D. Each rule must have one or more roles listed, the number of roles to which a user can belong depends
on the number in the list
ng
Answer: C
Ki
QUESTION 94
he
A customer is setting up a role-based access control (RBAC) model. Which relationship (between
organizational roles and another entity) must be primarily factored in when designing organizational roles?
"T
A. the relationship between organizational roles and provisioning policies

a
B. the relationship between organizational roles and workflow participants

ky
C. the relationship between organizational roles and entitlement workflows

D. the relationship between organizational roles and IBM Tivoli Identity Manager groups
na
Answer: A
ha
QUESTION 95
C
What are the primary sources for gathering identity policy requirements?
A. IBM Tivoli Identity Manager System Architecture and IT Security account creation procedures
B. IBM Tivoli Identity Manager Solution Design Document and IT Security account creation procedures
C. IBM Tivoli Identity Manager System Architecture and the access control policies for the customer's
Web space
D. IBM Tivoli Identity Manager Solution Design Document and the access control policies for the
customer's Web space
Answer: B

QUESTION 96
Which three options are valid membership types of a provisioning policy? (Choose three.)
A. All(*)
B. None
C. Others
D. All other users
E. Organizational role
F. All users in the organization
s"
Answer: DEF
n
io
QUESTION 97
During an architecture discussion, a customer states that their company already has an extensive LDAP
at
infrastructure in place that supports the Enterprise Directory project. The Enterprise Directory is currently
provisioned by a feed from a human resources system. The eventual goal is for IBM Tivoli Identity
ic
Manager (Tivoli Identity Manager) to provision the Enterprise Directory so that other external applications
tif
can use It for authentication and authorization. As a result, a significant amount of data interaction is
expected to occur between Tivoli Identity Manager and the Enterprise Directory.
er
Which option would be appropriate for a Tivoli Identity Manager architecture at the customer site?
C
A. Create a separate instance of the LDAP directory server to use for Tivoli Identity Manager.
B. Create a new suffix for Tivoli Identity Manager in the existing Enterprise Directory LDAP directory
IT
server.
C. Create a new root for Tivoli Identity Manager under one of the existing suffixes in the Enterprise
of
Directory LDAP directory server.

D. Phase out the Enterprise Directory, because the Tivoli Identity Manager LDAP directory can be
ng
positioned as the Enterprise Directory by augmenting its person and account attributes.
Answer: A
Ki
he
QUESTION 98
When using the IBM Tivoli Identity Manager user interface, which categories can the report templates be
applied to?
"T
A. Users, Accounts, Services, Custom

a
B. Requests, Services, Custom, Users

ky
C. Requests, Users and Accounts, Services, Audit and Security, Custom

D. Transactions, Users and Groups, Services, Audit and Security, Custom
na
Answer: C
ha
QUESTION 99
C
A customer requires additional attributes as per their IBM Tivoli Identity Manager solution design. Which
base LDAP objectclass is used to extend the schema to add new attributes to create a custom person
class?
A. person
B. erPerson
C. erPersonltem
D. inetOrgPerson
Answer: D

QUESTION 100
Identification of target platform business processes is essential to which IBM Tivoli Identity Manager
configuration task?
A. Adoption policies
B. Account re certification
C. Organization administration
D. Provisioning policy join directives
Answer: B
n s"
QUESTION 101
io
Which post-upgrade validation test would verify that the custom entity object was intact?
at
A. creating a new person
ic
B. modifying an existing ACI
tif
C. creating a new dynamic role
D. scanning completed requests
er
Answer: A
C
IT
QUESTION 102
Which two statements are true of groups and ACIs in an out-of-the box IBM Tivoli Identity Manager (Tivoli
of
Identity Manager) environment populated with some users and some basic services reconciled? (Choose
two.)
ng
A. The default HelpDesk Assistant group allows members of that group to manage entitlement workflows.
B. Groups define what tasks Tivoli Identity Manager users will see on the administrative console through
Ki
their group membership.

C. In the shipped product, default groups and default ACIs reflect the typical needs of administrative users
he
in Tivoli Identity Manager.

D. Access owners can access the basic services relating to their defined target group Accesses without
"T
the need for additional ACIs.

E. Members of the default Auditor group need additional ACIs only to manage their directly defined
subordinates in Tivoli Identity Manager
a
ky
Answer: CD
na
QUESTION 103
ha
Which three recertification reports can be requested? (Choose three.)
A. Recertification Policies Report

C
B. Recertification Completion Report

C. Recertification Compliance Report
D. Recertification Change History Report
E. Recertification Accounts/Access Pending Report
F. Accounts/Access Pending Recertification Report
Answer: ADF
QUESTION 104

Which option describes best practices for scheduling recertification in large organizations?
A. Schedule on a rolling basis.

B. Schedule all accounts for the end of the calendar year.
C. Schedule all accounts for the beginning of the calendar year.
D. Divide the accounts into quarters and schedule them on a quarterly basis
Answer: A
QUESTION 105
Which test phase should occur first in an IBM Tivoli Identity Manager acceptance plan?
n s"
A. system testing
io
B. functional testing
C. performance testing
at
D. user acceptance testing
ic
Answer: B
tif
er
QUESTION 106
C
A customer requires that mission-critical LDAP-based applications like IBM Tivoli Identity Manager (Tivoli
Identity Manager) use LDAP replication. The Tivoli Identity Manager recovery design implements an LDAP
master/replica topology. Which statement describes the actions that must be taken to most quickly recover
IT
from a failure of the master LDAP?
of
A. Tivoli Identity Manager must be quiesced and pointed to the correct LDAP.
B. WebSphere must be stopped, pointed to the correct LDAP, and restarted.
ng
C. Tivoli Identity Manager must be quiesced while the master LDAP is re-created from the subordinate.
D. Tivoli Identity Manager will fail over automatically to the subordinate LDAP because of properties
Ki
specified in the enRoleLDAPConnection .properties file.
Answer: A
he
"T
QUESTION 107
Which task is least likely to be affected by client delays?
a
A. installation
ky
B. assessment
C. customization
na
D. solution design
ha
Answer: D
C
QUESTION 108
Which two LDAP directory servers does IBM Tivoli Identity Manager V5.1 support? (Choose two.)
A. OpenLDAP
B. Novel! eDirectory
C. Microsoft Active Directory
D. Sun ONE Directory Server
E. IBM Tivoli Directory Server

Answer: DE
QUESTION 109
Why will a test of a DAML-based adapter fail?
A. HOSTADDR is incorrect in agentcfg.

B. SRV_PORTNUMBER is incorrect in agentcfg.
C. CA is not defined to WebSphere and USE_SSL is set to FALSE.
D. USE_SSL=FALSE in agentcfg and https:// is specified on the service form
Answer: D
n s"
QUESTION 110
io
What configuration file is used to set up the default values for IBM Tivoli Common Reporting?
at
A. config.xml
ic
B. defaults .xml
tif
C. defaultsConfig .xml
D. reportingConfig.xml
er
Answer: D
C
IT
QUESTION 111
When installing IBM Tivoli Identity Manager V5.1 on a UNIX system, what is the log-in account type
of
requirement?
ng
A. Root
B. Superuser
Ki
C. Administrator
D. Root Equivalent
he
Answer: A
"T
QUESTION 112
A customer has created a new custom True64 UNIX RMI-based agentless adapter profile using a toolkit
a
capability. The customer is ready to use this profile. If IBM Tivoli Directory Integrator is installed on the
ky
same computer as IBM Tivoli Identity Manager, what is required for the customer to use this particular
profile?
na
A. Import the custom jar file using Import/Export from the administrative console; install the adapter on the
target.
ha
B. Import the custom jar file using Import/Export from the administrative console; the adapter profile is
ready for use.
C
C. Import the custom jar file and the Service Definition file using the Import button on Manage Services
Types on the administrative console.
D. Click Create under Manage Service Types, define the new Service Type name, and then browse for
the new custom service schema on the LDAP class search facility.
Answer: C
QUESTION 113
Generating a Certificate Signing Request (CSR) is Option A of which utility?

A. CertCfg
B. CertTool
C. agentCfg
D. agentTool
Answer: B
QUESTION 114
Which file must be modified to change the background color in the IBM Tivoli Identity Manager V5.1 Self-
Service user interface?
s"
A. nav.jsp
n
B. Home.jsp
io
C. console.css
at
D. SelfServiceUI.properties
ic
Answer: C
tif
QUESTION 115
er
Which files can be checked to verify that IBM Tivoli Directory Server is running normally?
A. Ids.log and ids.trace

C
IT
B. slapd.msg and slapd.trace
C. ibmslapd.log and db2cli.log
of
D. ibmlDS.log and ibmlDS.ffdc
Answer: C
ng
Ki
QUESTION 116
Which option lists a set of valid membership items for an ACI to protect a static organizational role in IBM
Tivoli Identity Manager (Tivoli Identity Manager)?
he
A. the owner of the role, the role members, and the administrator of the domain in which the roles resides
"T
B. the owner of the role, the supervisor of the business unit in which the role resides, and members of
Tivoli Identity Manager groups
a
C. the supervisor of the role owner, the supervisor of the business unit in which the role resides, and
ky
members of Tivoli Identity Manager groups

D. the supervisor of the business unit in which the role resides, the owner of the services that the role
na
grants access using provisioning policy, and members of Tivoli Identity Manager groups
Answer: B
ha
C
QUESTION 117
Afresh copy of IBM Tivoli Identity Manager (Tivoli Identity Manager) has been installed and the Active
Directory (AD )adapter profile has been imported. Extension attributes are added to customize the AD
profile. The account form labels for the new attributes are specified in which two places? (Choose two.)
A. schema .dsml in the AD profile

B. Tivoli Identity Manager database
C. Tivoli Identity Manager LDAP directory
D Formtemplales properties in <$itim_home>/data
D. CustomLabels.properties file in <$itim_home>/data

Answer: B
QUESTION 118
Where are the challenge-response questions and Answer:s stored?
A. enRole.properties file
B. IBM Tivoli Identity Manager Database
C. WebSphere Application Server database
D. IBM Tivoli Identity Manager LDAP Directory
Answer: D
n s"
QUESTION 119
io
Under which three conditions are service selection policies evaluated? (Choose three.)
at
A. whenever a service instance is deleted
ic
B. whenever the service selection policy script is changed
tif
C. whenever an IBM Tivoli Identity Manager user's attributes are modified
D. whenever a provisioning policy that targets a service selection policy is changed
er
E. whenever a user is added to an organizational unit where a provisioning policy is defined
C
F. whenever a user is added to an organizational role (static or dynamic) that is a member of a
provisioning policy that targets such a service selection policy
IT
Answer: BCF
of
QUESTION 120
ng
Which two Configure View options can be set for the IBM Tivoli Identity Manager V5.1 Administrative
Console? (Choose two.)
Ki
A. View Accounts
B. Request Accounts
he
C. Change Passwords
D. Manage Adoption Policies
"T
E. Change My Personal Profile

a
Answer: CD
ky
QUESTION 121
na

ha
C
A priority-based provisioning policy join directive is in place. According to the information in the table, which
definition of erdivision, a single-valued attribute, will be valid during policy validation including reconciliation
with policy checking enabled?
A. An error will occur during evaluation.

B. Policy 2 has a higher priority, therefore erdivision will be set to divisionB.
C. divisionA can exist on the erdivision attribute. All other values are also valid.

D. Any value other than divisionB will be invalid because enforcement = Mandatory
Answer: C
QUESTION 122
Which option describes the initial setting of the recycle bin in IBM Tivoli Identity Manager (Tivoli Identity
Manager) V5.1?
A. The recycle bin is disabled by default.

B. The recycle bin is enabled by default.
C. There is no recycle bin in Tivoli Identity Manager V5.1.
s"
D. The recycle bin settings cannot be modified in Tivoli Identity Manager V5.1
n
Answer: A
io
at
QUESTION 123
ic
Which option describes the processing when two provisioning policies apply to a user for the same
tif
service?
er
A. The provisioning request fails.
B. The policy with the lowest priority is the only one that is processed.
C.
C
The policy with the highest priority is the only one that is processed.
IT
D. The policies are joined according to the current join directives, and the resulting attribute elements are
provisioned
of
Answer: D
ng
QUESTION 124
When the IBM Tivoli Identity Manager administrator is searching for a user from the Manage User > Select
Ki
a User panel, the default value for Search By is set to Last Name. The administrator would like to set the
default value to MyCoUid, which is a unique identifier used at MyCo. Which action must the administrator
he
perform?
A. Using the Directory tools, remove the Last Name attribute and add the MyCoUid attribute.
"T
B. From Manage Users > Advanced Search, modify the default search attribute for the Person User type.
C. From Configure System > Manage Entities, modify the default search attribute on the Entity Detail
a
Information form.
ky
D. From the Manage Users > Select a User panel, select MyCoUid from the drop-down Search By list box
and click Save
na
Answer: C
ha
QUESTION 125
C
How is the post office enabled for workflow activities?
A. Workflow activities cannot use the post office function.

B. On the Post Office configuration panel, select the General tab, select workflow activities, and save the
post office configuration.
C. Select the Notification tab on the workflow activity in the Workflow Designer, check the Use Group
Email Topic, enter a value, and save the workflow.
D. Open the Post Office configuration panel, select the Workflow tab, select the workflows that will use the
post office using the check boxes, and save the post office configuration.

Answer: C
QUESTION 126
Which two rules apply when two or more access control items conflict? (Choose two.)
A. An explicit denial (using a Deny selection) by one access control item overrides an explicit grant by
other access control items.
B. An implied denial (using a None selection) by one access control item overrides an explicit grant by
C. An explicit grant by one access control item overrides an implied denial (using a None selection) by
s"
D. An implied grant by one access control item overrides an implied denial (using a None selection) by
n
E. An explicit grant by one access control item at the organization level overrides an implied denial (using
io
a None selection) by other access control items.
at
Answer: AC
ic
tif
QUESTION 127
er
An organization would like the End User community to be able to change personal profile information. To
accomplish this change in the self-service application, which two tasks would the administrator need to
C
perform IBM Tivoli Identity Manager (Tivoli Identity Manager)? (Choose two.)
IT
A. No changes are needed to the Access Control Item.
B. Change the Access Control Item and grant the modify permission for person.
of
C. Change the Access Control Item and grant the modify permission for account.
D. From the Tivoli Identity Manager Self-Service User Interface, enable the Change My Personal Profile
from Set System Security > Manage Views > User Views > Configure Views > Self Service Console.
ng
E. From the Tivoli Identity Manager Administrative Console, enable the Change My Personal Profile from
Set System Security > Manage Views > User Views > Configure Views > Self Service Console.
Ki
Answer: BE
he
QUESTION 128
"T
Which two statements are true for service type account defaults? (Choose two.)
a
A. Account defaults must be hard-coded values or a person attribute.

ky
B. Service type account defaults must be specified for each created service.
C. Service type account defaults are global and are inherited by a service when the service is created.
na
D. Subsequent changes to the account defaults on the service type are not reflected in existing services.
E. Account defaults for an existing service can be modified by changing the service type account defaults
ha
Answer: CD
C
QUESTION 129
What is separation of duty in IBM Tivoli Identity Manager V5.1?
A. It is a feature to manage invalid combinations of Groups.

B. It is a feature to manage invalid participants in Workflows.
C. It is a feature to manage potential or existing Role conflicts.
D. It is a feature to manage ACI violations in the Administrative Console
Answer: A

QUESTION 130
n s"
io
at
ic
tif
er
C
From the code snippet displayed in the exhibit, what will be the result for a new identity if the base Identity
IT
variable is null or empty?
A. An identity will be created based on the person's last name only.

of
B. An identity will be created based on the person's common name.

C. An identity will be created based on the person's first initial and last name
ng
D. An identity will be created based on the person's last initial and first name
Ki
Answer: C
he
QUESTION 131
Click the Exhibit button. What impact will the value of the enrole.ui.pageLinkMax properly have on the
"T
behavior of the Self Service Console?

a
A. This property determines the number of page links displayed for multipage result sets.
ky
B. This property determines the maximum time period before a timeout occurs when a user clicks a link on
the Self Service Console.
na
C. This property determines the number of page links displayed for multipage result sets. It cannot exceed
the value specified by the enrole.ui.pageLinkMax property specified in the ITIM_HOME/data/ui.
properties file.
ha
D. This property determines the maximum number of Web page links to tasks that will be displayed in a
section. If more page links exist, the Self Service Console will display a More link that can be clicked to
C
display the rest of the tasks.
Answer: A
QUESTION 132
Transfer between different business units is supported by which entity type?
A. Person
B. Service
C. Provisioning policy

D. Access control item
Answer: A
QUESTION 133
A company has a policy not to notify users directly when they have a new account and password; instead,
they want the respective department security administrators to inform the employees when a new account
and password is created. Each of the five departments has its own administrator which has been granted
the IBM Tivoli Identity Manager (Tivoli Identity Manager) Group Dept Admin. Additionally, every department
administrator has the isAdmin check box checked on the Tivoli Identity Manager person profile. The
company wants only the department administrator to be notified when a new account is created for any
s"
employee in their department. Which step would not be required in implementing a solution for the above
scenario?
n
io
A. Disabling the New Account notification base template.
B. Disabling the New Password notification base template.
at
C. Modifying the add person operational workflow by adding a work order to the department administrator.
ic
D. Modifying the add account operational workflow by adding a work order to the department administrator
tif
Answer: C
er
C
QUESTION 134
When multiple password policies apply to a service, which option describes how password policy is applied
IT
to the service?
A. All the password policies that target the service are joined and applied.
of
B. The password policy that most specifically targets the service is applied.
C. The global password policy (that applies to All Service Types) is joined with the password policy that
ng
targets the service most specifically and applied.

D. The password policy that most specifically targets the service is applied. If there Is more than one
Ki
policy that
targets the service at the same specificity, they are joined and applied.
he
Answer: B
"T
QUESTION 135
When adding an e-mail activity to a workflow, which option is a valid system template from which e-mail
a
content can be created?

ky
A. RFISubmitted
na
B. ActivityRejected
C. ActivityApproved
ha
D. WorkflowCornplete
C
Answer: A
QUESTION 136
The IBM Tivoli Identity Manager system-wide Escalation Limit is set to 2 days 0 hours 0 minutes. The
Reminder Interval is set to 1 day and an entitlement workflow approval activity (Escalation participant:
Branch Manager) set to an escalation period of 3 days, 12 hours, 0 minutes. Assuming that Post office is
turned off, no approval for the Access request has taken place and default Approval activity notification
settings apply, which statement is true?
A. The Branch Manager will receive two reminder e-mails before receiving the escalation e-mail.

B. The Branch Manager will receive an escalation e-mail after 2 days 0 hours 0 minutes as no approval
has taken place.
C. The Branch Manager will receive an escalation e-mail after 3 days 0 hours 0 minutes as no approval
has taken place.
D. The Branch Manager will receive an escalation e-mail after 3 days, 12 hours, 0 minutes as no approval
has taken place
Answer: D
QUESTION 137
What is one drawback when using dynamic roles versus static roles?
s"
A. Dynamic roles add a performance hit.
n
io
B. Dynamic roles can only be used for assigning membership to provisioning policies.
C. Membership (assignments) cannot be viewed from the Person Entity Information panel.
at
D. Membership (assignments) cannot be viewed from the organizational roles information panel
ic
Answer: A
tif
er
QUESTION 138
Which two workflows have notification templates? (Choose two.)
A. new person
C
IT
B. new account
C. suspend person
of
D. change password
E. password expiration
ng
Answer: BD
Ki
QUESTION 139
he
What is the response from the IBM Tivoli Identity Manager logon page when the LDAP directory server is
not currently running?
"T
A. CTGIM<error code> The directory server refused the connection

a
B. CTGIM <error code> The specified user ID is not found.

ky
C. CTGIM <error code>

A communication error occurred: A remote host refused an attempted connect operation
na
D. CTGIM <error code> The specified user ID and password are not valid. CTGIM <error code> The
directory server is not available.
ha
Answer: D
C
QUESTION 140
A company has a requirement that all account creations be logged into the Remedy tracking system. As a
result, a custom JavaScript extension developed to send the new account information to Remedy in near-
real-time. The new extension Java class, gbcUtilitiesExtension, in package com.ibm.itim.script.extensions
was developed by the IBM consulting team and packaged into gbcUtilities.jar. Which addition to the
scriptframework.properties file would be the most appropriate for integrating the new extension?
A. ITIM .interpreter.Workflow=gbcUtilities
B. ITIM .extension .Workflow.gbcUtils=com .ibm .itim .script.extensions .gbcUtilities
C. ITIM .extension .Workflow.gbcUtils=com .ibm .itim .script.extensions .gbcUtilitiesExtension

D. ITIM.extension.accountAdd.gbcUtils=com.ibm.itim.script.extensions.gbcUtilitiesExtension
Answer: C
QUESTION 141
n s"
io
at
ic
tif
er
C
IT
of
ng
Based on the logical architecture, which two services can be used to import the identity feed file into IBM
Ki
A. AD
he
B. CSV
"T
C. DSML
D. IDI Data Feed
E. Hosted Service
a
ky
Answer: BC
na
QUESTION 142
ha
Which default objectclass will IBM Tivoli Identity Manager V5.1 expect during an identity feed?
A. inetOrgPerson
C
B. hruserOrgPerson
C. distinguishedName
D. userPrincipalName
Answer: A
QUESTION 143
A company uses PeopleSoft to generate a unique employee designator as each new employee is entered
into the HR system. IBM Tivoli Identity Manager has been configured to import the HR data from

PeopleSoft, including the unique identifier (gbcuid). As a policy, the company has used the gbcuid attribute
as the DID of its managed targets. Recently, IBM consultants implemented the AD service to manage the
company's primary AD domain. During the discovery phase, it was found that an older algorithm for
generating AD UIDs had been used before the company's policy of using the gbcuid attribute. The older
algorithm concatenated the last name with a serial number. Which action could the IBM consultants take to
match all of the AD accounts to their corresponding person entities?
A. In the Add workflow, set the erllases values to both the gbcuid and the value generated by the older
algorithm; then rerun the data feed from PeopleSoft.
B. Create an adoption rule that includes logic for returning people that correspond to both eraliases and
the older algorithm; then rerun the AD reconciliation.
C. Create an adoption rule that includes logic for returning people that correspond to both eraliases and
s"
the older algorithm; then rerun the data feed from PeopleSoft.
D. Create an adoption rule that includes logic for returning people that correspond to the older algorithm,
n
and in the Add workflow, set the erliases values to the gbcuid; then rerun the AD reconciliation
io
Answer: B
at
ic
QUESTION 144
tif
For IBM Tivoli Identity Manager (Tivoli Identity Manager) 5.1 DAML-based adapters, what item relating to
reconciliations can be configured using agentCfg?
er
C
A. use of xforms.xml
B. use of LDAP v3 reconciliation filters
IT
C. specification of supporting-data-only reconciliation parameters
D. use of SSL communication with the Tivoli Identity Manager server
of
Answer: D
ng
QUESTION 145
Ki
Which file contains the output for Java extensions that use system, out. println() methods?
A. msg.log
he
B. trace.log
"T
C. SystemOut.log
D. System Err. out
a
Answer: C
ky
na
QUESTION 146
Which two log files found under the WAS_HOME/profiles/<profile name>/logs/server1 directory are useful
in troubleshooting an IBM Tivoli Identity Manager application problem with a standard installation using
ha
WebSphere? (Choose two.)

C
A. msg.log
B. trace.log
C. SystemErr.log
D. SystemOut.log
E. cfg_itim_mw.log
Answer: CD
QUESTION 147
While testing communications to a DAML managed resource in the Manage Services screens, a message

is displayed indicating failed communication What are two possible reasons for this failure? (Choose two.)
A. Incorrect user IDs or passwords

B. Service locked for reconciliation
C. No ACIs defined for adapter testing
D. Incorrect URL to the managed resource
E. No provisioning policy defined for the service
Answer: AD
s"
QUESTION 148
Which two statements are true when enabling increased trace logging to help determine a problem in IBM
n
io
A. Set logger.trace.level=DEBUG_MAX in errorLogging.properties.
at
B. Set logger trace.com.iom=DEBUG_MAX in errorLogging.properties.
ic
C. Set logger trace level=DEBUG_MAX in the file enRoleLogging properties.
D. Turn on the setting logger trace.logging=true in enRoleLogging properties.
tif
E. Configure the setting logger.trace.level=IO for maximum detail in the trace log
er
Answer: CD
C
IT
QUESTION 149
A functioning IBM Tivoli Identity Manager (Tivoli Identity Manager) test environment has been configured
and tested and is ready to move into production. The information in the Tivoli Identity Manager Directory
of
Server has been migrated to production. Additional configuration information should be promoted from the
Tivoli Identity Manager server file system. Which additional data would need to be promoted to production?
ng
A. The <ITIM-HOME> directory

Ki
B. The enroleDatabase.properties file

C. The customizations defined in the ui.properties file
he
D. The audit tables in the Tivoli Identity Manager database
Answer: C
"T
a
QUESTION 150
ky
When migrating IBM Tivoli Identity Manager (Tivoli Identity Manager) from a test to a production
environment, which task is valid?
na
A. Export all the LDAP user accounts from test to production.

B. Use the Import/Export feature to migrate the Tivoli Identity Manager configuration.
ha
C. Assign the Tivoli Identity Manager test server the same host name as the production server.
D. Copy all the IBM Tivoli Directory Server data files to the Tivoli Identity Manager production system
C
Answer: B
QUESTION 151
After testing the SSL connection between the IBM Tivoli Identity Manager V5.1 server and the directory
server, the login fails. Which two options should be checked? (Choose two.)
A. The .der file is corrupted.

B. The truststore file is corrupted.

C. The path to the .der file is valid.
D. The path to the truststore file is valid.
E. The path to the IdapConfig file is valid
Answer: BD
QUESTION 152
Consider an identity synchronization scenario at a customer where the customer wants to pull in identities
at scheduled times, and push emergency identity deletes to IBM Tivoli Identity Manager (Tivoli Identity
Manager) for offboarding in near real time. Which statement is true in this scenario?
s"
A. A DSML identity feed service in Tivoli Identity Manager can onboard and offboard identities.
n
B. Identities deleted in Tivoli Identity Manager during an identity feed are never placed into the Recycle
io
Bin.
C. Reconciling an identity feed service with the Use Workflow option enabled will allow provisioning and
at
separation of duty policies to be evaluated during processing.
D. An IDI data feed identity service can be reconciled to pull in identities into Tivoli Identity Manager, and
ic
can be contacted by an external process to push identities to Tivoli Identity Manager.
tif
Answer: D
er
C
QUESTION 153
A manual service has been created to provision voice mail accounts in IBM Tivoli Identity Manager (Tivoli
IT
Identity Manager). Which reconciliation strategy is available to reconcile voice mail accounts?
of
A. The voice mail accounts can be reconciled with a CSV file that contains voice mail account attribute
and group information.
B. Reconciliation is a redundant concept for manual services because Tivoli Identity Manager does not
ng
actually communicate with the remote platform.

C. Account data must be reconciled by using an external process or utility that can read voice mail
Ki
account data and use the Tivoli Identity Manager API to perform reconciliation.
D. The voice mail account and group data must be sent over as a form submittal using HTTP or HTTPS to
he
the Tivoli Identity Manager 5.1 Reconcile Manual Service servlet at http(s)://itimServer:port/itim/
reconcileManualServlet.
"T
Answer: A
a
ky
QUESTION 154
What are two means of testing connectivity to the IBM Tivoli Identity Manager LDAP directory? (Choose
two.)
na
A. DBConfig
ha
B. runConflg
C. Idapsearch
C
D. SetupEnrole
E. WebSphere administrative console
Answer: BC
QUESTION 155
Which statement is true for the use of V4.6 adapters with IBM Tivoli Identity Manager (Tivoli Identity
Manager) V5.1?

A. Tivoli Identity Manager V5.1 only supports V5.X adapters.
B. All V4.X adapters are fully supported by Tivoli Identity Manager V5.1.
C. All V4.6 adapters based on RMI are fully supported by Tivoli Identity Manager V5.1.
D. All non-FTP V4.6 adapters can be used with Tivoli Identity Manager V5.1 (upgrade scenario); the
adapters will not support any new V5.1 adapter features.
Answer: D
QUESTION 156
In IBM Tivoli Identity Manager (Tivoli Identity Manager), which two data can the DBPurge utility affect?
(Choose two.)
n s"
A. Orphaned accounts
io
B. Auditing data in the Tivoli Identity Manager database
C. identities which have been unused for a period of time
at
D. The current error backlog in the WebSphere Messaging Queue
ic
E. Transactional / Reconciliation data in the Tivoli Identity Manager database
tif
Answer: BE
er
C
QUESTION 157
IBM Tivoli Identity Manager (Tivoli Identity Manager) reconciliations are resource-intensive operations that
IT
can take a long time for services with a large account population. Which option will improve reconciliation
performance?
of
A. Enable Tivoli Identity Manager server-side sorting.

B. Decrease the default maximum duration as specified in the reconciliation schedule.
ng
C. Decrease the SearchALUnusedTimeout configuration parameter in the RMI Dispatcher.

D. Limit the number of attributes returned by the adapter and processed by Tivoli Identity Manager
Ki
Answer: D
he
QUESTION 158
"T
Which option correctly describes a task to be done before the installation of a fix pack on the IBM Tivoli
Identity Manager V5.1 server?
a
A. Back up the WebSphere properties files.

ky
B. Back up all IBM Tivoli Directory Integrator configuration files.

na
C. Make sure all running processes have completed successfully.

D. Back up all configuration flies, including properties files located in the ITIM_HOME/data directory
ha
Answer: D
C

000 006 Chanakya PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

000 006 Chanakya PDF

Uploaded by

Copyright:

Available Formats

Chanakya “The King of IT Certifications”

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

A. Define reporting data.

B. Validate human resource data.

D. Gather platform business processes.

A. middleware versions and domain trust relationships

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

A. changing the button text

the person object

separation of duty policy? (Choose three.)

A. Operations and Web Page design

B. Development and Web page design

C. Operations and Production Web Team

D. Web page design and Production Web Team

F. Development and Web Infrastructure Engineering

A. Last Name (attribute sn)

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

A. solution design, installation, configuration, customization, testing, turn over

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

A. after performance tests on the adapter have been completed

previous 12 a.m. backup must be performed.

related provisioning activities?

A. Rerun the identify feed exactly as it was originally run.

Which two options would be included in a customization design? (Choose two.)

A. definitions of e-mail content for all approval e-mails

B. JavaScript for the Active Directory service identity policy

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

A. Recertification Policies Report

Which basic tasks should a recertification process include?

A. user notification, user acknowledgment

C. manager notification, manager approval, logging

Which option would be most appropriate to include in a lifecycle management design?

A. provisioning policy definition

C. reconciliation requirements for Active Directory

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

A. IBM Tivoli Identity Manager LDAP

C. IBM Tivoli Identity Manager property files

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

the computer that hosts Tivoli Identity Manager.

A. Directory name must be unique for all cluster members.

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

What sets of areas can be disabled on the Self Service Console?

A. Banner area, Toolbar area, and Footer area

C. Content area, Banner area, and Toolbar area

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

A. Manage service types.

D. Change core component logging levels.

A. The system template can be modified.

B. User-defined templates are not allowed.

D. The system template can be copied and modified

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

A. True: e-mail notification of a password change is sent to the user.

contains the service.

driven by the location of the users to whose passwords it will apply.

itchanakya@hotmail.com | itchanakya@ymail.com | itcertification39@gmail.com

A. Placement rules are only evaluated during an add operation.

A. Tivoli Identity Manager database

A. Properties configuration files

B. Java Archive (JAR) configuration files

D. HyperText Markup Language (HTML) flies

F. Cascading Style Sheet (CSS) configuration files

A. when the LDAP filter is modified