Vendor: IBM

Exam Code: C2150-610

Exam Name: IBM Security Identity Governance and Intelligence V5.2 Deployment
Question Number: 50

NO.1 The deployment professional for IBM Security Governance and Internee (IGI) is using the IGI Admin Console to define
visibility rules for group hierarchy. The entities assigned to a group will be visible to users who belong to the group.
Which entity type can be assigned to a group hierarchy by the deployment professional?

A. Risks
B. Rules
C. Entitlements
D. Business Activities

Correct Answer: C
Revision: C

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.0/com.ibm.igi.doc/CrossIdeas_Topics/AGC/GestioneOU.html

NO.2 A customer has a solution design which requires an active-passive disaster recovery environment for an Identity
Governance and Intelligence (IGl) deployment What must the deployment professional do to create a secondary appliance for
disaster recovery?

A. Set up HADR for the database

B. Set up master-master LOAP replication
C. Add another node to the database infrastructure
D. Import a configuration snapshot of the primary appliance

Correct Answer: D
Revision: D
IGI VA no contiene la opción de configurar un nodo del VA como Backup del primario.
https://www-01.ibm.com/support/docview.wss?uid=swg27049923&aid=1

NO.3 A new fix pock has been released by IBM Customer Support This fix pact contains the second released Firmware Upgrade.
When the first Firmware Upgrade was released, the deployment professional created 0 backup of me original firmware in the first
virtual appliance partition and then proceeded using the second partition.
Before applying this second Firmware upgrade, the deployment professional wants to create another backup for the current
firmware. How should the deployment professional proceed1

A. Create backup in an external drive.

B. Create the third partition and backup the current firmware.
C. Create $ backup in the second partition, and then proceed with using the first partition, overwriting the first backup.
D. Take advantage of the multiple backup feature and create the backup of the current firmware en the first partition again.

Correct Answer: B
Revision: D

Se debe crear un backup en la partición inactiva, también existe la posibilidad de crear un snapshot del estado actual del VA(Al
ser el FIX no se crea un backup de la partición de forma automatica).

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.0/com.ibm.igi.doc/installing/tsk/t_installing_fix_pack.html
https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.0/com.ibm.igi.doc/installing/tsk/t_managing_firmware_settings.
html

NO.4 The deployment professional has discovered a bug in the client installation. The bug has been fixed by the released fix
pock. What are two ways the deployment professional can access the Virtual Appliance (VA) to install the fix pack' (Choose
two.)

A. Access VA via telnet and use required scripts.

B. Copy to a special folder in the VA the fix pack.
C. Access WebSphere Admin console and install the fix pack.
D. Access VA via SSH, and use required scripts to install the uploaded fix pack.
E. Access VA via HTTP Browser, and follow the required steps to upload and install the fix pack.

Correct Answer: C,D

Revidion: D

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.0/com.ibm.igi.doc/installing/tsk/t_installing_fix_pack.html

NO.5 A solution design requires that the solution be High Availability (HA). The deployment will start with two nodes in the HA
cluster. A smart load balancer will be used to detect the outage of a component server. Two Identity Governance and Intelligence
(101) database servers are installed as part of the solution and database HADR is used to keep them synchronized.
When configuring the load balancer for failover of a database server, where should the deployment professional insert the load
balancer in the data flow?

A. Between the LDAP server and the IGI databases

B. Between the user's browser and the IGl databases
C. Between the IGI Virtual Appliance and the IGI databases
D. Between the user's browser and the IGI Virtual Appliances

Correct Answer: A
Revision: C

https://www-01.ibm.com/support/docview.wss?uid=swg27049923&aid=1

NO.6 A deployment professional is preparing to install the database tier components for Identity Governance and Intelligence
(IGIV When would it be mandatory that the Directory Server component be installed by the deployment professional''

A. Only when the Identity Lifecycle features will be used

B. The directory server is a critical component that must always be installed
C. Only when the installation will be deployed in a high availability architecture
D. Only when interfacing to IBM Security Identity Manager (ISIM) via the IGI-ISIM data integrator

Correct Answer: A
Revision: A

Adicionalmente es necesario para el uso de los adaptadores de identidades (Identity Brokerage Adapters)

https://www.ibm.com/support/knowledgecenter/SSGHJR_5.2.0/com.ibm.igi.doc/installing/tsk/t_managingldap.html
https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.0/com.ibm.igi.doc/product_overview/cpt/cpt_econn_adapters.ht
ml

NO.7 The deployment professional is configuring IBM Identity Governance and intelligence (IGI) in order to import and export
data from/to an external target. This target requires some password creation policies How con the deployment professional
manage this password requirement?

A. It is not possible to manage password requirements.

B. Force the reset password tor the IGI account related to this target.
C. Enable and configure the "Password Construction" for the IGI account related to this target.
D. List the password requirements in the "Comment' section of the IGI account related to this target.

Correct Answer: B
Revision: C

Se requiere el uso de políticas de contraseñas para el servicio.

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.0/com.ibm.igi.doc/CrossIdeas_Topics/AGC/GestioneCfgPwd_Pa
ssword_Creation.html
NO.8 A client's business requirements include using their corporate Active Directory (AD) as f single source of authentication
for all corporate applications. What high-level steps (s) should the deployment professional provide to configure an AD-based
Authentication supported by Identity Governance and Intelligence (IGI)?

A. Configure IGI server

B. Configure Apache Web server and IGI server
C. Configure Client's LDAP server and IGI server
D. Configure Client's LDAP server, IGI DB2 Instance, and IGI server

Correct Answer: A
Revision:A

Para algunos servidores puede ser necesario utilizar la configuración mencionada en el punto B.
https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.5/com.ibm.igi.doc/installing/tsk/t_configure_apache_ws_ad_isig
.html

NO.9 The deployment professional would like to add support for access requests for business users using IBM Security ldentity
Governance .-id Intelligence (IGI).
The customer currently has IBM Security Identity Manager (ISIM) deployed. and the deployment professional would lice to
continue to use the ISIM account lifecycle operations for account provisioning An IBM Security Identity Governance and
Administration Data Integrator (ISlGADI) is set up (o retrieve access request events from IGI and send them to ISIM.
Which type of events ate supported by ISIGADI?

A. Create new user events.

B. Create new role events.
C. Create new application events.
D. Add or remove user entitlement events

Correct Answer: A
Revision: A

ISIM se integra como una nueva aplicación en IGI, no se puede enviar creación de roles y políticas a ISIM.
https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.5/com.ibm.igi.doc/administering/cpt/cpt_isigadi_triggers.html

NO.10 The deployment professional has completed the base configuration of Identity Governance and Intelligence (IGI). What
sanity check should the deployment professional use to verify minimal functionality?

A. Create a User or Group.

B. Force a failover of one of the nodes.
C. Run an Access certification campaign.
D. Query the database from the DB server.

Correct Answer: D
Revision: D

Verificar que se crearan las tablas de forma correcta, verificar la autenticación de forma correcta.

NO.11 The deployment professional wants to efficiently search for a new Risk which was created from the Access Risk Control
module in the administration console.
Which search category can the deployment professional use?

A. "SA''Risk
B. "SOD" Risk
C. Mitigated Risk
D. Not Assigned Risk

Correct Answer: D
Revision: D

Esto depende de lo que se quiera buscar, usualmente los nuevos riesgos creados no tienen “entitlements” asociados.
NO.12 In the IBM Security Identity Governance and Intelligence (IGI) model, polyarchies provide different organizational views
in a hierarchical notation. The deployment professional configures a hierarchy in IGI to group users by locations and teams.
What can the deployment professional base the simple hierarchy definition on?

A. Attributes of a role
B. Attributes of a user
C. Attributes of an application
D. Attributes of an entitlement

Correct Answer: D
Revision: B

Las unidades organizacionales se asignan basadas en un atributo especifico del usuario, las poliarquitecturas en cualquier
usuario al igual que los “entitlements”.

https://www.ibm.com/support/knowledgecenter/SSGHJR_5.2.0/com.ibm.igi.doc/CrossIdeas_Topics/ISIG_CoreDataModel/ISIG_
Core_Data_Model.html

NO.13 The deployment professional has constructed business activities and the associated permissions and risks.
Why should the deployment professional map the Business Activity to reflect the business processes in an organization?

A. To closely align departments with lines of business

B. So auditors and IT staff can work together to identify risk
C. To view business activities and review holders of entitlements
D. So managers can easily define appropriate re-certification requirements

Correct Answer: A
Revision: A

Esto depende mucho de las personas encargadas de aprobar o rechazar las campañas y los riesgos, pero lo mejor asemejar los
procesos a las unidades organizacionales para facilitar el trabajo de recertificación.

NO.14 The deployment professional must configure the identity Governance and Internet (IGI) environment in High Availability
(HA). In order to achieve this, an architecture component must be previously configured Which configuration step must the
deployment professional perform and for which component?

A. Extension of the Identity Brokerage object class in the LDAP

B. Execution of system scripts from the Virtual Appliance command line
C. Execution of database scripts in the Identity Governance and Intelligence database
D. Execution of system tasks from the Task Planner of Identity Governance and Intelligence solution

Correct Answer: A
Revision: A

Esto depende de la versión, pero las mas recientes ya incluyen esta funcionalidad de forma nativa en el appliance.

https://www.ibm.com/support/knowledgecenter/SSGHJR_5.2.0/com.ibm.igi.doc/installing/tsk/t_installing_VA.html
NO.15 A client's business requirement includes having a one-stop User Interface for the person who manages relations and
"upping between governed applications' permissions and enterprise business activities.
At a minimum, access to which IBM Governance and Intelligence (IGI) module(s) must be suggested by the deployment
professional to satisfy this requirement?

A. Access Governance Core

B. Business Activity mapping
C. Business Activity mapping and Access Requests
D. User-Account matching. Access Requests, and Access Certifier

Correct Answer: B
Revision: B

Habla de dar permisos a las vistas a un rol especifico o a una unidad organizacional, el permiso al modulo de “Bussines Activity
Mapping da permisos a la ejecución de actividades.
https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.3/com.ibm.igi.doc/CrossIdeas_Topics/ARC/ProfileManagement.
html

NO.16 The deployment professional is using a CSV connector with driver class set "SimpleCsv" and "read from" channel, in
order to import users in Identity Governance and Intelligence (IGI).
The deployment professional runs the connector using a CSV file composed of these lines:

The user is correctly created in IGI.

The deployment professional delete theuser1 manually from Access Governance Core module interface and runs the connector
again using a CSV file of these lines:

What happens in IGI?

A. user2 is created
B. user1 and user2 are created.
C. Connector stops with an error.
D. Connector does not slop with error, but users are not created.

Correct Answer: A
Revision: B

Los dos usuarios serán creados.

https://www.iamteam.com/single-post/2017/07/04/Adding-Users-to-IGI-Using-CSV-Feed

NO.17 The deployment professional installed an Identity Governance and Intelligence solution and needs to set up identity
Brokerage adapters. The deployment professional navigates to the Target Administration module and the Manage Target Types
section.
Which two administrative tasks are available in the Manage Target Types console for the deployment professional? (Choose
two.)

A. Schedule an account reconciliation.

B. Schedule an external role reconciliation.
C. Import properties definition files and adapter profiles.
D. Import target definition files, also called adapter profiles.
E. Define account defaults for a target type (adapter profile).

Correct Answer: C,E

Revision C,E
 Task Refer to

Import a target profile. Use this option for importing Identity Brokerage profiles only. Importing target profiles

Edit a target profile. Editing target profiles

Remove a target profile. Removing target profiles

View a list of the target profiles that are in the system. Viewing a list of target profiles

Import an attribute mapping definition file. Importing attribute mapping definition files

Map profile account attributes to Identity Governance and Intelligence user attributes. Mapping attributes for a connector

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.3/com.ibm.igi.doc/administering/cpt/cpt_ac_profiles_overview.h
tml

NO.18 The deployment professional has used the appropriate configuration mode for the initial setup of the Identity Governance
and Intelligence (IGl) Virtual Appliance.
What must the deployment professional perform immediately after using the corresponding
"Complete Setup" or "Sat Configuration"?

A. Restart the virtual appliance.

B. Import the created configuration response file.
C. Select the appropriate language to accept the license.
D. Start the HTTP Proxy and Identity Governance services.

Correct Answer: C
Revision: C

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.3/com.ibm.igi.doc/installing/tsk/t_configuring_initial_VAsettin
gs.html

NO.19 The deployment professional imported a significant number of users in Access Governance Core module using me Bulk
Load feature. Just after importing, the file imported is declared incorrect by the customer.
How can the deployment professional proceed to restore the state before this operation?

A. Apply a previously created snapshot.

B. Restart the virtual appliance before confirming the commit of the data.
C. Set the other appliance partition that was previously backed up to Active.
D. The slate of the data can be restored only if an external backup of the database has been done.

Correct Answer: D
Revision: D

NO.20 A deployment professional must configure a one-way SSL authentication between the Identity Brokerage and on adapter.
Which archive file format should the deployment professional use to store the certificate and the private key?

A. PFX
B. PEM
C. PKCS8
D. PKCS12

Correct Answer: D
Revision: D

Las llaves privadas únicamente pueden ser compartidas en llaveros

NO.21 A client asked to set up a new complex process work-flow which contains tow actives and an escalation step. The
deployment professional created it with Process Designer on a test environment. The client accepted the new work flow.
How can the deployment professional move the process configuration from test to production environment?

A. There is no automation; the process is manual.

B. In Process Designer, use the specific export report and bulk import.
C. Process Designer has the capability to export and import a work-flow definition.
D. Use the generic sync job that aligns content between two specified environments.

Correct Answer: C
Revision: C

https://www.ibm.com/support/knowledgecenter/SSGHJR_5.2.3/com.ibm.igi.doc/CrossIdeas_Topics/PD/ProcessModifyAndDelet
e.html#ProcessModifyAndDelete__export

NO.22 A deployment professional is assisting the project lead with planning an Identity Governance and Intelligence (IGI)
deployment.
Which client system is relevant when considering IGI notification?

A. The SMTP gateway

B. The load balancer fronting the HTTP server cluster
C. The Primary Domain Controller (or Active Directory
D. The Contacts database belonging to Lotus Notes or MS Exchange

Correct Answer: A
Revision: A

NO.23 A deployment professional has scheduled a task every night in Task Planner module.
Sometimes this task performs unexpectedly. Many operations are performed during the day. However, one day after the task is
performed, the deployment professional is not able to find any night-related log entries. The related Support Files only show
entries starting from 10:22 AM.
What should the deployment professional do to properly discover the issue and gather useful Support Files?

A. Stop other nightly tasks.

B. Assure that logging level is set to DEBUG.
C. Schedule the Support Files generation during the night, right after the issue involved task.
D. Increase the maximum size for log file rotation and/or the maximum number of historical tog files.

Correct Answer: D
Revision: D

NO.24 A deployment professional is performing the initial configuration of the OB2 database for Identity Governance and
Intelligence (IGI). What utility is used by the deployment professional to run the scripts provided by the IGI product?

A. sqlplus
B. clpplus
C. db2plus
D. tronsact-sql tonsole

Correct Answer: A
Revision: A

NO.25 Using Process Designer module, s deployment professional is trying to set a process
"Online''. A ''Warning- message appears and the process is still not online. Reading the related log file in Support Files does not
explain the cause.
What should the deployment professional do to increase the information content of log files?

A. Assure that logging level is set to ERROR, reproduce the issue, and generate Support Files again.
B. Assure that logging level is set to DEBUG, reproduce the issue, and generate Support Files again
C. Restart the Security Identity Governance and Intelligence server, and generate the Support Files again.
D. Assure that logging level is set to INFORMATION, reproduce the issue, and generate Support Files again.

Correct Answer: D
Revision: D

Para detector claramente los errores deben incrementarse el nivel de detalle (INFO/DEBUG)

NO.26 The deployment professional Is installing the ISM Security Identity Governance and Administration Data Integrator
(ISIGADI) and is evaluating which data stole is supported.
What prerequisite should the deployment professional be aware of?

A. IBMDB2v10.x
B. IBMzSecureSuite2 2x
C. Window Server 20O8 R2
D. IBM Security Directory Server v70.x

Correct Answer: B
Revision: A

ISIGADI soporta DB2 10.1, 10.5 y Oracle 12C

http://www-01.ibm.com/support/docview.wss?uid=swg21968516&aid=1

NO.27 A client has conflicting activities, and more than one mitigation control has been applied to the same activities. What
result does the deployment professional encounter?

A. Over Mitigation
B. Under Mitigation
C. Pending Mitigation
D. Workflow Mitigation

Correct Answer: C
Revision: A

Se aplica cuando varios controles de mitigación se aplican a las mismas actividades en conflicto.

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.1/com.ibm.igi.doc/CrossIdeas_Topics/ISIG_ExtendedDataModel
/Risk_Mitigation.html

NO.28 A client's requirements include establishing the maximum possible integration between existing IBM Security Identity
Manager |ISIM) and the to-be deployed IBM Identity Governance and Intelligence (IGI) Application.
After the deployment professional confirms this is possible, what two levels of integration can be achieved. (Choose two.)

A. Entitlement assignment changes synchronization from IGI to ISIM

B. Full and incremental load of people, roles, and policies - from ISIM to IGI
C. Full and incremental load of people, roles, and policies - from IGI to ISIM
D. Full and incremental load of people, roles, services, groups, and their organizations - from ISIM to IGI
E. Full and incremental load for people, roles, services, groups, and their organizations - from IGI to ISIM

Correct Answer: C,E

Revision: B,D

La integración solo puede leer los grupos roles y personas de SIM a IGI, pero puede ser asignados los grupos de las cuentas de
ISIM desde IGI.

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.5/com.ibm.igi.doc/configuring/cpt/cpt_int_isim_igi.html

NO.29 The deployment professional is trouble shooting configuration or login problems encountered With IBM Security Identity
Governance and Intelligence (IGI).
How can the deployment professional resolve these problems?

A. Delete the SOL statements required.

B. Delete db2 from schema.name SIBOWNERO.
C. Clear the Service Integration Bus (SIB) data from the database
D. Run the command su - db2admin where db2admin is me database administrator

Correct Answer: A
Revision: C

Según lo que se encuentra en la documentación.

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.3.1/com.ibm.igi.doc/installing/ref/r_clear_sib_tables.html

NO.30 The IBM Security Identity Governance and Intelligence (IGI) deployment professional needs to set up IG1 to connect to a
Windows Active Directory server using IBM Security Identity Manager adapter.
What should the deployment professional do?

A. Use Target Administration module in IGI Admin Console to add a new target.
B. Use Enterprise Connectors module in IGI Admin Console to add a new connector.
C. Use IGI Appliance admin console and create a connection to Active Directory server.
D. Use Access Governance Core in Admin Console to add a new account configuration.

Correct Answer: A
Revision: B

Se debe crear un nuevo conector al nuevo directorio activo.

NO.31 The solution design includes a segregation of duty risk based campaign. Which customer stakeholder will need to provide
input to the deployment professional in order to map the permissions needed to perform a specific business activity and will need
to provide input into the project plan?

A. System Operator
B. Security Architect
C. Application Owner
D. Help Desk Manager

Correct Answer: C
Revision: C

Los administradores de las aplicaciones deben proveer la información necesaria para estas configuraciones, roles o grupos de
las aplicaciones conflictivas

NO.32 The deployment professional is defining the template to be used during the installation of Identity Governance and
Intelligence on the hypervisor. The customer is trying to determine the memory requirements.
What is the minimum memory size that must be set by the deployment professional?

A. 4GB
B. 8GB
C. 16GB
D. 32GB

Correct Answer: D
Revision: C

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.0/com.ibm.igi.doc/installing/cpt/c_hardware_reqs.html

NO.33 The deployment professional would like to enable IBM Security Identity Manager (ISIM) integration with IBM Security
Identity Governance and Intelligence (IGI) The IBM Security Identity Governance and Administration Data Integrator (ISIGA0I)
is installed and is now ready to configure ISIGADI to connect to IGI.
What is required by the deployment professional to set up connection to IGI property?

A. IGI server and database connection information

B. IGI web services and database connection information
C. IGI server connection information and IGI admin user credential
D. IGI server and database connection information and IGI admin user credential
Correct Answer: D
Revision: D

Se requieren los siguientes datos:

Configuración DB ISIGADI
Configuración DB IGI
Configuración parametros de conexión servidor IGI
Configuración WebServices ISIM
http://www-01.ibm.com/support/docview.wss?uid=swg21968516&aid=1

NO.34 The deployment professional needs to upgrade the firmware for the Identity Governance and Intelligence (IGI) Virtual
Appliance.
What process must be performed by the deployment professional during the upgrade?

A. Nothing, a VM-Ware ESX Snaphot is automatically created then the virtual appliance is updated.
B. Nothing, an automatic snapshot of the first partition is created and that partition's firmware is updated.
C. Nothing, the update is installed on partition 2, and the policies and settings are copied from partition 1 to partition 2
automatically.
D. The virtual appliance firmware is updated and then the deployment professional must apply the appropriate WebSphere
Application Server fix packs.

Correct Answer: D
Revision: C

En una instalación de firmware se realiza la el backup de forma automática en la partición inactiva.

NO.35 A basic level of disaster recovery is provided for the IBM Security Identity Governance and Intelligence (IGI) Virtual
Appliance. A deployment professional can provide a basic level of disaster recovery. Backing up the Virtual Appliance is an
optional procedure.
What intrinsic mechanism is provided for IBM Identity Governance and Intelligence?

A. The Virtual Appliance has two disk partitions; at any time one is active, and another is inactive and can be enabled.
B. The Virtual Appliance can be configured to point to a replicated (standby) data tier for disaster recovery configuration
C. A secondary Virtual Appliance can be configured to point to the same data tier as the primary Virtual Appliance for High
Availably configuration.
D. A back up and restore that is created from a configured Virtual Appliance can be applied on the same Virtual Appliance to
restore the configuration and policy settings.

Correct Answer: D
Revision: D

Se pueden crear snapshots de las configuraciones del appliance y cargarlas en nuevos servidores.

NO.36 A target service has been successfully created by the deployment professional.
What should the deployment professional do next to ensure a successful provisioning?

A. Install the specific target type.

B. Configure the account reconciliation process
C. Configure the account defaults for the target's required attributes.
D. Configure the account defaults for Identity Governance and Intelligence.

Correct Answer: C
Revision: C

NO.37 An administrator is trying to access the Target Administration from the Identity Governance and Intelligence (IGI)
administration console. The Target Administration cannot be opened.
What checks need to be performed by the deployment professional to find the cause?

A. Check the IGI documentation.

B. Check the availability of the virtual appliance.
C. Check the IGI Administration Console interface.
D. Check the web browser configuration settings of the Target Administration user interface.

Correct Answer: C
Revision: C

NO.38 A deployment professional needs to use the Database Server Configuration page to configure, reconfigure, or unconfigure
the database server for the IBM Security Identity Governance and Intelligence Virtual Appliance.
Which database types are available?

A. IBM DB2, Microsoft SOL. SAP

B. IBM DB2, MySQL, Oracle. PeopleSoft
C. IBM DB2. FileMakerPro. AJAX XML HttP
D. IBM DB2, Oracle (Standard). Oracle (Custom)

Correct Answer: C
Revision: D

NO.39 A customer wants to use IBM Security Identity Governance and Administration Data Integrator (ISlGADI). and it needs
to work on an existing IBM Tivoli Directory Integrator multi-instance server What should the deployment professional do to
ensure a correct configuration?

A. Install the Oracle JDSC driver ojdbc6jar

B. Configure the IGI Virtual Appliance for multi-instance.
C. Ensure that each IBM Tivoli Directory Integrator server has its own distinct Solution Directory.
D. Run the Assembly lines "Delta" and "ISIGtolSIM" in the IBM Security Identity Governance and Intelligence virtual appliance

Correct Answer: D
Revision: C

NO.40 The deployment professional will deploy an IBM Identity Governance and Intelligence (IGI) solution for a dent Some of
the client's documents ate related to a large' Security enhancements Project end are not directly linked to the IGI deployment
effort which the deployment professional is planning What associated project document must be analyzed by the deployment
professional?

A. Enterprise Physical Security standards

B. Enterprise High Availability and Disaster Recovery model
C. Enterprise Identity and Access Management Architecture
D. Enterprise Security standards and policies for physical security

Correct Answer: D
Revision: D

NO.41 A client is seeking real lime User to Risk associations from a dashboard view using IBM's Identity Governance solution
Administration Console User Interface.
Which Admin Console module should the deployment professional check to show the users holding risk?

A. Task Planner
B. Target Administration
C. Enterprise Connectors
D. Access Governance Core

Correct Answer: B
Revision: B

NO.42 A customer needs to use existing IBM Security Identity Manager (ISIM) Adapters for Identity Governance and
lntelfcger.ee (IGl) reconciliation.
When planning the Key Static Component Model, which component must the deployment professional include in the design
along with the ISIM adapters?

A. The IGl Identity Brokerage

B. The ISIM Workflow Adapter
C. The IGI-ISIM Universal Interface
D. The IBM Security Identity Governance and Administration Data Integrator (ISIGADI)

Correct Answer: A
Revision: A

Muchos de los adaptadores existentes de ISIM pueden ser usados en IGI

NO.43 The IBM Security Identity Governance and Intelligence (IGI) deployment professional will configure IGI to manage
users' entitlements on a Windows Active director/ using Identity Manager adapter.
What should the deployment professional do after downloading the adapter package?

A. Use the Target Administration module in the IGI Admin Console to create a new target.
B. Use the Target Administration module in the IGI Admin Console to import adapter package directly.
C. Use the Target Administration module in the IGI Admin Console to import the target profile jar file extracted from the adaptor
package
D. Use the Target Administration module in the IGI Admin Console to import the attribute mapping file extracted from the
adapter package

Correct Answer: B
Revision: C

El paquete incluye varios archivos y únicamente se necesita el “jar”

NO.44 The IBM Security Identity Governance find Intelligence (IGI) Central Administration Console returns an error during
login. What should be done by the deployment professional to determine the cause of the" loginerror?error=error.2000 * error?

A. Verify that the host file is correctly set up

B. Verify that the 10AP directory has been started.
C. Verify that the application server has been started
D. Verify that the database is connected to the appliance.

Correct Answer: C
Revision: D

Este error es un problema de comunicación con la DB

https://www-01.ibm.com/support/docview.wss?uid=swg21973257

NO.45 The solution design includes integrating with the customer's existing IBM Security Identity Manager deployment. The
design requires the installation and configuration of the ISM Security Identity Governance Administration Data Integrator
(ISIGADI), including the Tivoli Directory Integrator 7.1.1 server and the ISIGADI assembly lines.
How much effort should the deployment professional add to the plan for the ISIGADI component installation and configuration
task?

A. an hour
B. days
C. weeks
D. months

Correct Answer: A
Revision: A

NO.46 The deployment professional is installing an Identity Governance and Intelligence solution.
What actions must be performed by the deployment professional to configure the solution for a cluster environment?

A. Set up the correct IP and db configuration.

B. Set up a reverse proxy in front of the solution.
C. Copy service settings and add schema to the database
D. No actions: the solution cluster is standard; everything is automatic.

Correct Answer: B
Revision: D
Esta configuración puede realizarse de forma nativa en él VA

NO.47 The deployment professional is configuring an IBM Identity Governance and Intelligence (IGI) Access Governance Core
(AGC). After creating an IT-Role using the Administration Console interface, the deployment professional is not able to add an
Organizational Und (OU) from the Roles fab in the AGC.
Why is the deployment professional not able to add the OU to the role?

A. No user exists.
B. IT-Role cannot be associated to an Organizational Unit.
C. The entitlements must be published before adding Organizational Units.
D. Entitlements must be associated to an application before adding Organizational Units.

Correct Answer: C
Revision: C

Esto se debe a que los roles que se encuentran sin publicar no son válidos para asignación

NO.48 A customer has configured a duster with four Virtual Appliance nodes However, duo to actions from ditfer.ni people the
Virtual Appliance machines now have different configuration and policy settings, and only one is correctly configured How it Is
possible for the deployment professional to synchronize the same configuration and policy settings among the Virtual
Appliances''

A. Create a backup of the external data tier and import it into the other Virtual Appliances
B. Create a snapshot of the correctly configured Virtual Appliance and import it into the other Virtual Appliances.
C. Create a hot copy of the correctly configured Virtual Appliance and restore is into the other Virtual Appliances.
D. Create a snapshot of the database system of the most used Virtual Appliance and import it into the other Virtual Appliances.

Correct Answer: A
Revision: B

Esto podría solucionarse aplicando una sincronización de nodos

NO.49 The deployment professional is responsible for the IBM Identity Governance and Intelligence (IGI) solution for the
customer.
The customer has multiple documents and regulations, describing various aspects of Business Processes (BP). BP players, and
BP implementation models Not all of these BPs are related to Enterprise Governance and Intelligence.
What information is critical for the deployment professional in order to map the customer's business needs and requirements to
IGI capabilities?

A. The most recent Enterprise Security Audit Report

B. Current Enterprise Authentication Architecture documentation
C. Current and Required Enterprise Security Identity and Access Management Architecture
D. Enterprise Network topology (Firewalls. Networks, Replication mechanisms) documentation

Correct Answer: A
Revision: A

NO.50 A client is asking the deployment professional to set up a document defining which actions should be performed before
installing a fix pack on the appliance Which manual action should the deployment professional define as required?

A. Activate the other partition.

B. Create an Appliance backup.
C. Take a VMware snapshot of the Virtual Appliance.
D. Nothing, the Virtual Appliance will automatically take a backup before fix pack install.

Correct Answer: C
Revision: C