Fundamentals of Enterprise Solutions Using IBM Tivoli
Questions, Answers, Braindumps (000-695)
to all and thanks to www.exams.ws and www.4exam.com
But there’s no need to have it from both of
them, only questions from only one are sufficient
I think. Here is my contribution.
Abc .com has stated the following security requirement:
Are need to provide certain groups of users with special
identification, so that they can get at sensitive
data that other users cannot. This is an indication
of a requirement leading to which two types of security
scenarios? (Choose two.)
C. Single sign-on
D. Risk management
E. Intrusion detection
Which IBM Tivoli Product offers a component that is
a point of contact for incoming federation requests?
A. IBM Tivoli Identity Manager
B. IBM Tivoli Access Manager
C. IBM Tivoli Privacy Manager
D. IBM Tivoli Risk Manager
As you analyze Abc .com business processes, you focus
on a subset dealing with cross-enterprise Web transactions,
both HTML- and SOAP-based. Which three corresponding
security requirements can be addressed by IBM Tivoli
Federated Identity Manager? (Choose three.)
A. Federated (cross-enterprise) authorization
of access to Web resources (SOAP and HTML)
B. Federated (cross-enterprise) provisioning of users
C. Federated (cross-enterprise) assurance of compliance
for both enterprises?desktops and servers
D. Federated (cross-enterprise) authorization of access
to Web resources (HTML only)
E. Federated (cross-enterprise) Web single sign-on
F. Federated (cross-enterprise) authorization of access
to Web resources (SOAP only)
What is important when considering security audit/compliance
A. Avoid considering all rules, regulations,
laws and internal customer requirements, as this can
consume a lot of time while not yielding much useful
B. Align the scope with the capabilities of Tivoli
Security Compliance Manager compliance of servers
and desktops to stated security policies.
C. Avoid consolidating audit information, as that
can dilute the value of the collected information
and possibly render it useless.
D. Consider compliance from multiple points of view,
including desktop security, server security, access
control policy, provisioning policy, authentication
policy and risk management policy.
You are documenting a recommended future direction
for a current customer of IBM Tivoli identity, access,
risk and compliance solutions. The customer has implemented
IBM Tivoli Identity Manager, IBM Tivoli Access Manager
for e-business, IBM Tivoli Risk Manager, and IBM Tivoli
Security Compliance Manager.) This customer has solved
a good number of security exposures and is realizing
the efficiencies and efficacy of integrated, enterprise-level
security within their enterprise. It is clear that
a natural evolution for this customer is to consider
many of the same security services across enterprise
boundaries. Which three recommendations would you
make pertaining to the security of cross-enterprise
transactions? (Choose three.)
A. Any recommended approach must be based
on Worldwide Federated Data Interchange (WWFDI) standards.
B. A service-oriented architecture approach allows
significant business expansion with relatively minor
investment, and securing this architecture in a Web
services standards-based fashion is critical to success.
C. IBM Tivoli Federated Identity Manager is an appropriate
investment for this customer.
D. The preferred route for addressing secure cross-enterprise
(federated) transactions is to base your approach
on emerging Web services architecture and standards.
E. The key technology in any cross-enterprise configuration
is enterprise content filtering technology.
F. They can cover the cross-enterprise case simply
by using cross-enterprise options for the IBM Tivoli
security products they already have.
Which security capability relates most strongly to
the customer business process eployment of new or
updated application initiatives?
A. Callable authentication and access services
- because that eliminates the need to include authentication
and access code in the applications.
B. PKI - because it makes it easy to drive single
sign-on to the deployed applications.
C. Firewalls - because they protect the deployed applications
D. Compliance management - because the application
is guaranteed to be running in a safe environment.
As you are analyzed the customer's business processes,
you have noticed a theme involving auditing and ensuring
compliance to policy. You filter out the following
requirements list from the processes:
- Desktop/server compliance from an anti-virus perspective
- Desktop/server compliance from a vulnerability list
- Desktop/server compliance from a patch level perspective
- Desktop/server compliance from a forbidden program
- Access control compliance for Web transactions
- Access control compliance for message-based transactions
- Compliance to user management policy
- Compliance to application password policy
- Compliance to system password policy
- Compliance to desktop/server password policy
Which IBM Tivoli security products are the proper
set to address these requirements?
A. IBM Tivoli Security Compliance Manager
and IBM Tivoli Risk Manager
B. IBM Tivoli Security Compliance Manager, IBM Tivoli
Risk Manager, IBM Tivoli Access Manager for e-business,
and IBM Tivoli Access Manager for Business Integration
C. IBM Tivoli Security Compliance Manager and IBM
Tivoli Privacy Manager
D. IBM Tivoli Security Compliance Manager, IBM Tivoli
Identity Manager, IBM Tivoli Access Manager for e-business,
and IBM Tivoli Access Manager for Business Integration