Upload
jacob-noah
View
212
Download
0
Embed Size (px)
DESCRIPTION
000-889,000-889exam,000-889examquestions,000-889dumps
Citation preview
www.Prepking.com
Exam : IBM 000-889
Title : Fundamentals of Ent Solutions
Using IBM Tivoli Security
2007
Version : R6.1
www.Prepking.com
Prepking - King of Computer Certification
Important Information, Please Read Carefully
Other Prepking products A) Offline Testing engine Use the offline Testing engine product to practice the questions in an exam environment. B) Study Guide (not available for all exams) Build a foundation of knowledge which will be useful also after passing the exam. Latest Version We are constantly reviewing our products. New material is added and old material is updated. Free updates are available for 90 days after the purchase. You should check your member zone at Prepking and update 3-4 days before the scheduled exam date. Here is the procedure to get the latest version: 1.Go towww.Prepking.com 2.Click on Member zone/Log in (right side) 3. Then click My Account 4.The latest versions of all purchased products are downloadable from here. Just click the links. For most updates,it is enough just to print the new questions at the end of the new version, not the wholedocument. Feedback If you spot a possible improvement then please let us know. We always interested in improving product quality. Feedback should be send to [email protected]. You should include the following: Exam number, version, page number, question number, and your login ID. Our experts will answer your mail promptly. Copyright Each PDF file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular PDF file is being distributed by you, Prepking reserves the right to take legal action against you according to the International Copyright Laws. Explanations This product does not include explanations at the moment. If you are interested in providing explanations for this exam, please contact [email protected].
www.Prepking.com
1. What information should a customers baseline document include?
A. proof that there are no existing orphan accounts
B. the naming convention in place for all current users
C. the customers key business processes related to security
D. a list of all authentication mechanisms used by the customer
Answer: C
2. In order to correctly understand the data protection requirements, which two groups of people must be
interviewed? (Choose two.)
A. all managers
B. IT department personnel
C. Business Unit management
D. Legal department personnel
E. Human Resource department
Answer: CD
3. In security solution design development, when do you document the business and IT organizational
structure map?
A. when establishing the customer's baseline for planning purposes
B. when identifying opportunities for business partner security offerings
C. when evaluating the customer's IT processes, people and technologies
D. when defining a long-term vision for the future direction of the customer's security solutions
Answer: A
4. Which is an accurate description of a highly mature company, in the area of authorization?
A. They are highly mature, because they use a single authorization engine, shared by many applications.
B. Their approach to authorization is in a leadership position, because they address WS-Provisioning,
SAML and Liberty.
C. They are addressing authorization optimally because they are handling authorization within the
application, and its best to address authorization decisions close to the decision point.
D. Their approach to authorization is highly secure and therefore highly mature, because their infrastructure
uses many different authorization standards and thus is least likely to be penetrated.
Answer: A
5. Which technology needs to be available when managing a nonstandard database with an IBM Tivoli
Identity Manager adapter?
A. SQL
B. JDBC
C. ODBC
www.Prepking.com
D. TCP/IP
Answer: B
6. What is the purpose of the context diagram for a security solution?
A. It provides a detailed listing of the software used in the solution and how the software is connected.
B. It provides a detailed listing of the hardware used in the solution and how the hardware is connected.
C. It scopes the security system's responsibilities and provides a black box view of the system interface.
D. It provides a listing of the hardware and software used in the system and how they are interconnected.
Answer: C
7. What information is needed when creating a document on a customer's IT and business organizational
structure? (Choose two.)
A. number of business units
B. annual expenditure on IT assets
C. number of employees in IT organization
D. list of divisions within the IT department
E. total number of systems used by the company
Answer: AD
8. A customer shows a good level of maturity regarding IT security compliance when they understand two
essential elements as a basis for achieving and demonstrating compliance. One element is a security policy
that clearly states goals. What is the second essential element?
A. audit
B. workflow
C. data integrity
D. administration
Answer: A
9. A customer has resources being managed in different facilities. When you configure a security solution,
what is the most important element to consider in the design of the system?
A. use of a fiber optic backbone
B. the encryption protocol to be used
C. location of firewalls in the internal network
D. the time zone in which each facility is located
Answer: C
10. Which statement is true about "new initiative deployment"?
A. New initiatives typically involve advanced authentication, and advanced authentication must be properly
provisioned.
B. New initiatives are typically coded in Java, .NET or C++, and each of these requires a tool that measures
www.Prepking.com
security compliance.
C. All new initiatives require a service-oriented architecture (SOA), and SOA standards demand that a
security component be present.
D. When you deploy new applications, you can get them coded, tested and updated more quickly if you use
an authentication and authorization solution that avoids coding security into the application.
Answer: D
11. In describing their business processes, the customer has described the following aspects of
"audit/compliance":
1. Physical building access security
2. Security of servers
3. Security of desktops
4. Audit of user identities/accounts
5. Audit of access control (policy and actuals)
6. Audit of security of business partners
7. Revoke compromised certificates
From this list, what can be addressed by IBM Tivoli security solutions?
A. 2, 3, 5, 7
B. 2, 3, 4, 5
C. 2, 3, 4, 6
D. 4, 5, 6, 7
Answer: B
12. Business rules catalogs are effective in gathering requirements for what items?
A. user registry layout
B. password strength policies
C. user interaction with the system
D. administrator interaction with the system
Answer: B
13. Which document describes what needs to be addressed in a security solution for a customer?
A. Installation History
B. Design Specification
C. Interface Specification
D. Requirements Specification
Answer: D
14. A customer is using IBM Tivoli Security Compliance Manager. They know which servers/desktops are in
compliance and which are not. Non-compliant servers/desktop owners are notified of the steps they need to
www.Prepking.com
take to achieve compliance. Which two additional actions would further enhance the customers security
process maturity level? (Choose two.)
A. removing users accounts until they can demonstrate compliance
B. removing Web single sign-on until users can demonstrate their machines are in compliance
C. encrypting select files on offending server/desktop systems disks, until they can demonstrate
compliance
D. providing a "sentry" service that prevents non-compliant machines from connecting to the network, until
they achieve compliance
E. offering push-button compliance options, thereby simplifying the steps users must take to get their
non-compliant servers/desktops in compliance
Answer: DE
15. Selecting from the list of options below, what would need to be accomplished during an initial meeting
with the customer when reviewing a company organizational chart?
1. Identify key decision makers
2. Document the key players and their roles
3. Determine the products to be used
4. Proof of Concept of the products in the solution
A. 3,4
B. 2,4
C. 1,3
D. 1,2
Answer: D
16. Which is considered the lowest maturity level in Identity Management maturity?
A. password management
B. access rights accountability
C. provisioning approval and process automation
D. connectors to access controlled systems (one tool managing multiple systems)
Answer: D
17. A good user management process includes the following tasks:
- receive new user identity requests
- receive requests for changes to user identities
- use access policies to evaluate requests
- gather approvals
- place users in groups
- update accounts
www.Prepking.com
- synchronize passwords
Which additional step is essential in a good user management process?
A. back up directory information
B. check that existing accounts are valid
C. verify user management process ownership
D. grant or block access to programs based on access policy
Answer: B
18. Which specification has completed the OASIS standardization process?
A. WS-Trust
B. WS-Security
C. WS-Federation
D. WS-SecureConversation
Answer: B
19. A current IBM Tivoli security customer is highly satisfied with their current IBM Tivoli Identity Manager
(ITIM) and IBM Tivoli Access Manager (ITAM) implementations. The customer has benefited greatly from
their user management and provisioning, authentication, authorization and Web single sign-on processes
now in place.
The customer sees the value of Web services and wants to leverage their business partnerships to greatly
expand their online services, for a relatively small investment. They are expecting that their existing ITIM
and ITAM investments can simply be stretched to include these business-to-business (B2B) flows.
IBM Tivoli Federated Identity Manager should be added to this scenario to address which security
requirement?
A. the blocking of threats that might otherwise cross enterprise boundaries
B. the handling of potentially millions of users, which neither ITIM nor ITAM was built to address
C. the integration with firewalls that control security between any two businesses involved in these B2B
flows
D. the handling of multiple types of standards-based protocols and user tokens that need to be passed
between participating businesses
Answer: D
20. While reviewing the current security policies for a company, you find that a standard exists, which
dictates that information access must conform to HIPAA. Currently the customer has no automated method
to verify adherence to this policy. Which IBM Tivoli security solution should you recommend to provide the
customer with the ability to report on exceptions to this policy?
A. IBM Tivoli Identity Manager
B. IBM Tivoli Security Compliance Manager
www.Prepking.com
C. IBM Tivoli Access Manager for e-business
D. IBM Tivoli Access Manager for Enterprise Single Sign-On
Answer: B
21. Which encryption method is used by IBM Tivoli Access Manager for e-business (ITAMeb) when ITAMeb
is configured with the FIPS mode enabled?
A. SSLv3
B. TLSv1
C. WPAv2
D. Kerberos
Answer: B
22. Which three actions provide relevant input to customer authentication scenarios? (Choose three.)
A. The customer wants to digitally sign all messages.
B. The customer runs a successful PKI project and now wants to more fully adopt PKI.
C. The customer partially implements single sign-on, and wants to more fully implement it.
D. The customer feels they have too many places where audit data is kept, and they want to consolidate it.
E. The customer needs to issue identification tokens to people holding certain special job categories, for
use in Web transactions.
F. The customer wants to cipher (encrypt) sensitive data while it is stored on servers, on desktops and while
in transit in message flows and Web transactions.
Answer: BCE
23. Click the Exhibit button.
The customers list of requirements includes this exhibit.
Which security scenario is indicated by the word "Enforcer" that appears several times in the exhibit?
A. audit
B. authorization
C. authentication
www.Prepking.com
D. confidentiality
Answer: B
24. You are analyzing the customers business processes and trying to come up with corresponding security
requirements related to authorization.
The most comprehensive checklist for targets for which IBM Tivoli Access Manager for e-business can
provide authorization includes: URLs; Java server pages; servlets; EJBs (programmatic, declarative); .NET
targets (programmatic, declarative) and C/C++ programs.
This checklist would also include: (Choose two.)
A. OS security
B. BEA J2EE targets
C. client-server applications
D. WebSphere Portal portlets
Answer: BD
25. Which statement describes a risk management scenario?
A. "Server A holds data that only users in special class A can access."
B. "A banks nightly reconciliation data must be ciphered while sitting in message queues."
C. "Unless we accomplish Web single sign-on, we are likely to face dissatisfied users and high help-desk
costs."
D. "All incoming security alerts and events must be analyzed quickly, in order to react to possible attacks on
systems/networks."
Answer: D
26. The current requirements specification document for a project dictates that a report be available to show
a companys workstation and server security policy violations. Which IBM Tivoli solution can address this
requirement?
A. IBM Tivoli Identity Manager
B. IBM Tivoli Federated Identity Manager
C. IBM Tivoli Security Compliance Manager
D. IBM Tivoli Access Manager for e-business
Answer: C
27. Which IBM Tivoli security product provides single sign-on support for both UNIX Telnet and host-based
mainframe applications?
A. IBM Tivoli Identity Manager
B. IBM Tivoli Federated Identity Manager
C. IBM Tivoli Access Manager for e-business
D. IBM Tivoli Access Manager for Enterprise Single Sign-On
www.Prepking.com
Answer: D
28. In a conversation about business requirements, a customer states:
"We are going through the latest big initiative right now. The focus is on time to market with new, bigger and
better Web-based business applications. We have no time for implementing stronger security and we do
not see how you can help us with this."
What is the primary security requirement indicated by the customers statement?
A. Standards-based federated identity management tools are required.
B. User management and provisioning can help this customer achieve more efficient and effective
processes.
C. Strong risk management infrastructure will eliminate the need for security in these applications, allowing
the focus to be on business logic.
D. More consistent authentication and authorization service-oriented architecture is needed for the
applications, saving application development time, which otherwise would have gone into building ad-hoc
security into the applications.
Answer: D
29. Which technologies are most likely to influence a companys future direction regarding IT security?
A. Passport, SPML, and NTLM
B. OSPF, CORBA, and RFID
C. EDIFACT, SSH, and Key Recovery
D. WS-Federation, XACML and J2EE
Answer: D
30. A customer needs to have a federated single sign-on with a requirement to not have any user
identifiable information transmitted between parties. Which two protocols are supported by IBM Tivoli
Federated Identity Manager that fulfills this requirement? (Choose two.)
A. SAML V1.0
B. Liberty V1.2
C. Liberty V1.1
D. WS-Federation
E. WS-Provisioning
Answer: BC
31. All persons entering XYZ corporation are required to swipe their employee badge to get access to the
building. Which procedure, if implemented, would prove to be a stronger form of authentication than the
current one?
A. Each employee inputs a unique userid and password on a terminal to unlock the door.
B. Employees are each given a key to the building, which they should not share with others.