000-875 Exam

Quality and Value for the 000-875 Exam

Test4pass Practice Exams for IBM 000-875 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development.

100% Guarantee to Pass Your 000-875 Exam

If you prepare for the exam using our Test4pass testing engine, we guarantee your success in the first attempt. If you do not pass the IBM certifications I 000-875 exam (ProCurve Secure WAN) on your first attempt we will give you a FULL REFUND of your purchasing fee AND send you another same value product for free.

IBM 000-875 Downloadable, Printable Exams (in PDF format)

Our Exam 000-875 Preparation Material provides you everything you will need to take your 000-875 Exam. The 000-875 Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first try, but also save your valuable time.

000-875 Downloadable, Interactive Testing engines

We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our Exam Preparation Material provides you everything you will need to take a certification examination. Like actual certification exams, our Practice Tests are in multiple-choice (MCQs) Our IBM 000-875 Exam will provide you with free 000-875 dumps questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the 000-875 Exam:100% Guarantee to Pass Your IBM certifications I exam and get your IBM certifications I Certification.

Hot KeyWords On 000-875 test

We collect some hot keywords about this exam:
Test4pass , Pass 4 Sure , Test in Side ,Pass Guide ,Test King 000-875 exam | 000-875 pdf exam | 000-875 braindumps | 000-875 study guides | 000-875 trainning materials | 000-875 simulations | 000-875 testing engine | 000-875 vce | 000-875 torrent | 000-875 dumps | free download 000-875 | 000-875 practice exam | 000-875 preparation files | 000-875 questions | 000-875 answers.

How to pass your 000-875 exam

You can search on Search Engine and Find Best IT Certification site: Test4pass.com - Find the Method to succeed 000-875 test,The safer.easier way to get IBM certifications I Certification .

��
��
Exam : IBM 000-875
Title : IBM Tivoli Fenerated Identity Manager V6.0 Implementation


1. Click the Exhibit button.
You have started with an EchoApplication.ear that has no WS-Security configured. When configuring WS-Security on the EchoApplication.ear, which piece of the configuration indicates that a UsernameToken will be required for Java Authentication and Authorization Service (JAAS) login?
A. Caller Part
B. Token Consumer
C. Required Confidentiality
D. Required Security Token
Answer: A

2. Consider the following scenario involving customers of companies RBTelco and RBBenefits. RBTelco is a large multinational company that outsources health care benefit management to RBBenefits. RBTelco employees access RBBenefits resources through an authenticate-able account at each company.
RBTelco employees are being moved to a federated environment. Employees will access RBBenefits's resources using Single Sign-On. When Single Sign-On is enabled, all RBTelco employees will be migrated to the federated Single Sign-On implementation. RBTelco employees will have access to RBBenefits's resources based on his or her RBTelco authentication. After the migration, ALL access to RBBenefits's resources will be by Single Sign-On from RBTelco direct authentication to RBBenefits by a RBTelco employee will not be possible.
RBBenefits requires that RBTelco identify each employee with an alias that is based on a mathematical function using the employee number, social insurance number, and several other variables (shared between RBTelco and RBBenefits only). They will use a Liberty ID-FF 1.2 Browser/POST approach for Single Sign-On between companies. The number of machines required to support this environment when each machine is an Intel-based processor with 1GB RAM, 10 GB hard drive, and RHEL 30 is:
A. 2 = (TAMeB WebSEAL on one machine) + (remainder TAMeB and all ITFIM components on one machine)
B. 3 = (TAMeB WebSEAL on one machine) + (remainder TAMeB on one machine) + (all ITFIM components on one machine)
C. 3 = (TAMeB WebSEAL on one machine) + (remainder TAMeB and ITFIM runtime/management on one machine) + (remainder ITFIM on one machine)
D. 2 = (TAMeB WebSEAL and IBM Tivoli Federated Identity Manager (ITFIM) runtime/management on one machine) + (remainder TAMeB and ITFIM on one machine)
Answer: C

3. What would result in this error message?
com.tivoli.am.fim.trustserver.sts.STSException: FBTSTM015E The given TokenType or AppliesTo({{https://sp.benefitsx.com/demo/FIMDemo/Benefits/protected/accountinfo.jsp};{};{}}) in the request is not supported by this server's configuration for http://schemas.xmlsoap.org/ws/2004/04/security/trust/Validate RequestType and Issuer ({{https://idp.myemployerx.com/FIM/sps/wsfed/wsf};{};{}}).
A. An incorrect certificate has been configured at the Service Provider.
B. The resource being requested by the Identity Provider is not recognised.
C. The clocks on the Identity Provider and Service Provider are out of sync.
D. The partner realm name at the Service Provider has been configured incorrectly.
Answer: D

4. What error condition would cause the error message below to appear in the logs?
FBTLIB204E No federation exists for this principal
A. Consent to federate was not granted.
B. IBM Tivoli Access Manager user account is invalid.
C. The federation being requested by the user has not been enabled.
D. The federation being requested has not been defined for this user.
Answer: A

5. Company-A has created a web service application for use by both its trading partners. The application requires a web services security request that includes a SAML token identifying both the end-user and attributes of that user.
The trading partners have agreed to submit a web service request with a signed SAML token that includes both the user's identity and attributes of the user. The SAML attributes will vary by partner but the application requires a consistent set of attributes for example, the same set of attributes are required for all client requests.
SAML Assertions must be authenticated via validation of the token's element.
Which scenario satisfies the requirements of the application?
A. A WSSM Partner is configured for each trading partner. Each WSSM Partner configuration specifies the mapping rules required to transform the identity & attributes received from the partner into those required by the application. The signed SAML token of each WSSM partner will be validated with a key that is unique to that trading partner.
B. A WSSM Partner is configured for each trading partner that is not already part of a SAML federation for SSO. The mapping rules for all partners must transform the identity and attributes received from the partner into those required by the application. The signed SAML token of each partner will be validated with a key that is unique to that trading partner.
C. The SAML token submitted by the trading partner is known to be trustworthy because its element will be validated by WebSphere. A WSSM Partner is configured for each trading partner and each configuration specifies the mapping rules required to transform the attributes received from the partner into those required by the application.
D. A Web Services Security Management (WSSM) Partner is configured for each trading partner. The signed SAML token of each WSSM partner is validated with a key that is unique to that trading partner. Because all partners submit a SAML token, mapping rules are not required. SAML is a standard and all elements of a SAML token must comply with that standard.
Answer: A

6. Click the Exhibit button.
In the IBM Tivoli Federated Identity Manager (ITFIM) Console, you have two different domains: domain1 and domain2. Which steps would back up domain2 if the domains currently appear as in the exhibit?
A. Click the import and Export Configuration link, click the export Configuration button, and save the archive.
B. Backup files included in /opt/IBM/WebSphere/AppServer/profiles//config/itfim/domain2.
C. Click the elete button to remove domain1, then click the mport and Export Configuration link, click the export Configuration button, and save the archive.
D. Select domain2, click the take Active button, then click the mport and Export Configuration link, click the export Configuration button, and save the archive.
Answer: D

7. What do the IBM Extensions to the SAML Single Sign-On (SSO) protocol enable?
A. the SSO profile to be specified in the SSO Trigger
B. an SSO exchange to be initiated from the Service Provider
C. signed messages to be passed over the SOAP backchannel
D. additional identity mapping information to be passed in the SAML message
Answer: A

8. A financial planning company would like to enter into a Federation with an online business partner who provides financial forecasting and modeling for customers. The expected user flow would have the customer authenticating to their account with the financial planner and selecting a special link for orecasting and Modeling. This would re-direct the user to the business partner who would obtain the customer's portfolio information and balances via a real-time back channel communication initiated by a Liberty ID-FF V1.1 Browser/Artifact SSO flow. This information will be used by the business partner to establish and update the user's local business partner side information.
What can you determine about the type of provisioning solution that has been agreed upon?
A. a piori
B. runtime
C. no account linking
D. unable to determine
Answer: B

9. Which two commands can be used to query the status of WebSEAL servers on the local machine? (Choose two.)
A. iv status
B. amstatus
C. pdweb status
D. pd_start status
E. webseald -status
Answer: CD

10. What triggers the onsent to Federate page to be displayed?
A. The Consent flag is set in an incoming federate request.
B. The Consent flag is set in an incoming authentication request.
C. The Identity Provider configuration requires the page to be displayed.
D. The Service Provider configuration requires the page to be displayed.
Answer: C

11. Once you have successfully placed your custom alias service plug-in in the correct location, what are the three Runtime custom properties required to enable your plug-in? (Choose three.)
A. com.tivoli.am.fim.alias.factory.moduleId
B. com.tivoli.am.fim.alias.service.factory.id
C. com.tivoli.am.fim.alias.service.moduleName
D. com.tivoli.am.fim.alias.factory.moduleVersion
E. com.tivoli.am.fim.alias.service.moduleVersion
F. com.tivoli.am.fim.alias.factory.exposedClassId
Answer: ADF

12. Under which IBM Tivoli Federated Identity Manager Console main menu option would you find the settings for logging and tracing?
A. Service Settings
B. Logging and Auditing
C. Service Management
D. Monitoring and Logging
Answer: A

13. Which IBM Tivoli Directory Server utility is used to perform LDAP tracing?
A. ldtrc
B. trace
C. slapdtrc
D. ldapmodify
Answer: A

14. Which two security tokens may carry user attribute information as part of the defined token format? (Choose two.)
A. Kerberos
B. X.509 Token
C. SAML Assertion
D. Liberty Assertion
E. Username Token
Answer: CD