In an organization's testing environment, the IBM Security Access Manager V9.0 deployment professional is required to deploy the virtual appliance on Amazon EC2 with a single reverse proxy instance with a single network interface.
How should the deployment professional configure the reverse proxy so that end-users can access the reverse proxy without specifying a non-standard port (other than 80 and 443)?
A. Use port forwarding to map non-standard port to a standard port on appliance using LMI
B. Use port forwarding to map non-standard port to a standard port on appliance using CLI
C. Configure appliance management port to listen on non-standard port and set reverse proxy port to listen on standard port using LMI
D. Configure appliance management port to listen on non-standard port and set reverse proxy port to listen on standard port using CLI
The Distributed Session Cache has been enabled to replace the Session Management Server in a recently migrated IBM Security Access Manager V9.0 environment. Several Reverse Proxies have not yet been migrated from ISAM V7.0. The help desk is now receiving user complaints due to multiple logins required for applications protected by the ISAM V7.0 Reverse Proxies.
Which Distributed Session Cache option should be checked?
A. enable_sms-functionality
B. provide_700_attribute_ids
C. Replicate certificate databases
D. Support internal and external clients
During testing of an application the deployment professional is receiving frequent alerts about high disk utilization.
What action can be taken to resolve this issue?
A. Enable log rotation and compression
B. Resize the virtual disk and extend the active partition
C. Configure the appliance to store log and trace to a remote server
D. Enable the appliance background scheduler to clear unused log and trace files on a periodic basis.
A company has deployed an IBM Security Access Manager V9.0 solution for protecting web resources and has enabled auditing for monitoring purposes. A security deployment professional has observed that audit records are using large quantities of disk space due to the large number of audit events related to HTTP access.
Which two strategies will help to reduce the volume of audit events in above scenario? (Choose two.)
A. Generate audit records for specific groups only
B. Generate events for unsuccessful HTTP accesses only
C. Generating selective audit records using authorization rules
D. Reconfigure WebSEAL to use CARS auditing, instead of native auditing.
E. Selectively disable the generation of events by using attached protected object policies (POPs)
A large bank has multiple applications protected by two identically configured WebSEAL servers. One junction supports a reporting application that frequently expenses performance issues which slows response time. The worst case results in the entire site becoming unresponsive when all WebSEAL worker threads on all WebSEAL instances are consumed on the junctions to this one reporting application.
Which configuration change will prevent this situation from occurring without impacting the behavior of any other application (junction), and keeping the entire site up?
A. Change worker-thread-hard-limit to 75 in WebSEAL configuration file on both WebSEAL servers.
B. Use the "throttle" option on the "pdadmin server task" command for the reporting application junction on both WebSEAL instances.
C. Use the –L 75 and –f options on the “pdadmin server task” command for the reporting application junction on both WebSEAL instances.
D. Create a third WebSEAL instance supporting only this one reporting application and load balance requests across all three WebSEAL instances.
An attacker has compromised the private key associated with a certificate.
Which two methods can be used to ensure that certificates have not been revoked by the Certification authority that issued it? (Choose two.)
A. Public Key Information
B. Online Status Certificate Protocol
C. Online Certificate Status Protocol
D. Certificate Rejection List located in LDAP
E. Certificate Revocation List located in LDAP
The appliance dashboard Reverse Proxy Health widget indicates a problem with the /snoop junction on the Test instance.
Which log file can be examined to find product errors?
A. agent.log
B. referer.log
C. request.log
D. msg_webseald-test.log
A customer has configured the IBM Security Access Manager V9.0 appliance authentication to an external LDAP server. The customer wants to allow support staff with LDAP accounts that are members of the HelpDesk group to view appliance and audit logs.
Where should the deployment professional configure a new role and map it to the HelpDesk LDAP group for the support staff?
A. Manage System Settings-> Management Delegation
B. Manage System Settings-> Administrator Settings
C. Manage System Settings-> Management Authorization
D. Manage System Settings-> Management Authentication
After a test cycle the deployment professional wants to search the WebSEAL WGA1 instance request log for HTTP 404 responses.
Where can this log be found in the Local Management Interface?
A. Monitor> Manage Reverse Proxy Log Files, select the WGA1 instance, select the request.log file and click View
B. Monitor> Application Log Files, expand the var/logs/pdweb/WGA 1 folder, select the request.log file and click View
C. From the Home page, click on the WGA1 instance in Reverse Proxy Health widget, select the request.log file and click View.
D. Secure Web Settings> Reverse Proxy, select the WGA1 instance, access the Manage> Troubleshooting> Tracing menu item, select the request.log file and click View
A company is using the embedded LDAP server to store IBM Security Access Manager V9.0 user data. However, there is a requirement to create another suffix to hold a set of user data.
Which two suffix elements are supported when creating a top level entry for the suffix? (Choose two.)
A. c
B. l
C. dn
D. st
E. cn
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IBM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your C2150-609 exam preparations and IBM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.