ERASED TEST, YOU MAY BE INTERESTED ON Nagesh-2
COMMENTS | STATISTICS | RECORDS |
---|
TAKE THE TEST
Title of test:
Nagesh-2 Description: Nagesh-2-IG Author:
Creation Date: 29/12/2017 Category: Driving Test Number of questions: 81 |
Share the Test:
New Comment
Gun0912 ( uploaded 5 years ) Harry, did you ever find out about these answers ? are they correct ? |
harry9876 ( uploaded 6 years ) some of the answers are wrong? are these answers correct????? |
Content:
Which item must be enabled on the client side to allow users to complete certification in offline mode? In Microsoft Excel, navigate to Excel Options > Trust Center tab > Trust Center Settlings> Macro Settlings tab and select the "Trust access to the VBA project object model" check box. In Microsoft Excel, navigate to Excel Options > Trust Center tab > Trust Center Settlings > Macro Settlings tab andselect the "Oracle-adfdi-excel-addin" check box.
In Microsoft Windows, search for /HKEY_CURRENT_USER\ Software\Microsoft\Office\12. 0\Excel\Security and add the following value (DWORD) "ExtensionHardening" = 0. .In Microsoft Excel, navigate to ExcelOptions > Trust Center tab > Trust Center Settlings > Macro Settings tab and select the "Disable all macros without notification" check box. A company created a Catalog with items tagged with one or more of the following categories using the custom tags metadata attribute: Enterprise, Department, Team, and Project. Select the option showing the code that builds the right CatalogSearchCriteria for a search that will correctly populate the Catalog search results with the list of Entitlements tagged with a selected category. Only Entitlements must be displayed. CatalogSearchCriteria tags = new CatalogSearchCriteria(Catalogsaarchcriteria.Argument.TAG,selectedcategory,CatalogSearchCriteria.Operator.EQUAL); CatalogSearchCriteria cat = new CatalogSearchCriteria(CatalogSearchCriteria.Argument.CATEGORY,"Entitlement",Catalog SearchCriteria.Operator.EQUAL); CatalogSearchCriteria scrt = new CatalogSearchCriteria (tags,cat,CatalogSearchCriteria.Operator.AND); Catalogsearchcriteria scrt. = new CatalogsearchCriteria(Catalogsearchcriteria.Argument.CATEGORY,"Entitlement",CatalogSearchCritetia. Operator.EQUAL); CatalogSearchCriteria scrt = new CatalogSearchCriteria(CatalogSearchCriteria.Argument.TAG,selectedCategory,CatalogSearchCriteria. Operator. EQUAL); CatalogSearchCriteria tags = new CatalogSearchCriteria(CatalogSearchCriteria.Argument. TAG,selectedcategory,CatalogSearchCriteria.Operator.EQUAL); CatalogSearchCriteria cat = new CatalogSearchCriteria(CatalogSearchCriteria. Argument. CATEGORY, "Entitlement",CatalogSearchCriteria.Operator.EQUAL);CatalogSearchCriteria scrt = new CatalogSearchCriteria (tags, cat,CatalogSearchCriteria.Operator.OR); . Identify a capability of role mining in Oracle Identity Governance. identifies users within the same organization and having access to similar target systems verifies Pre-Existing roles only in disconnected target systems search for roles in platform audit logs identifies users with similar access entitlements verifies Pre-Existing roles only in connected application instances. A user authenticated using Oracle Access Management Console is redirected to the Oracle Identity Manager login page to enter his or her credentials. Identify two reasons for this (Choose two.) The Oracle Virtual Directory adapters are not configured correctly. OAMIDAsserter is not configured correctly in Oracle WebLogic Server. The security providers for the OIM domain are not configured correctly in Oracle WebLogic Server. A config issue in oam-config.xml is causing this. What minimum level is required for attestation of form data for user profile auditing? None Resource Resource Form Core Process Task. In the Oracle Identity Manager System for Cross-domain Identity Management (SCIM) API. which service is available to create, search, modify, and delete Roles? /Groups /Roles /Users /Organizations. You are running an upgrade from Oracle Identity Manager 11g Release 1 to Oracle Identity Manager 11g Release 2 PS3. Which is the first step that you must perform to enable Oracle Platform Security Services(OPSS)? Use the Repository Creation Utility (RCU) and create the underlining OPSS database schemas. Create a new Weblogic domain for the new Oracle Identity Manager Release. Upgrade SOA to 11.1.1.8. Upgrade the OIM database schema. Use the patch set assistant (PSA) to upgrade OIM and dependent component schemas. As part of a company's new Identity Management strategy, you are requested to enable OPAM's Microsoft Windows accounts support in order to manage privileged account and record users activities. The customer is unable to track ongoing sessions. Why is this happening? You must install the OPAMAgentservice in the Microsoft Windows target to track ongoing sessions. The Microsoft Windows session recording is only available in checkout history when the session has ended. The Microsoft Windows"over-the-shoulder" capability must be enabled in the OPAM target configuration window. You must register the OPAM agent in the Microsoft Windows target with the –r option:OpamAgencUtility.exe –r. Your customer reports that several users submitted self-registration requests and those entries are shown as auto approved. Identify the reason. Default Home Organization Policy is disabled. SOA Server is off. Default Home Organization Policy has been deleted. Two or more Home Organization Policies are overlapping. An organization requires that all the requests for Catalog Items be approved by the Catalog Item Administrator, which is defined as a Custom Metadata Attribute of Catalog Items. Which are the four configuration and customization steps required to achieve this functionality? (Choose four.) Create Approval Workflow Rules to configure the customized SOA Composite as the Approval Process for the requested resources. Customize the Human Task to route the requests to the Login ID of the Catalog ItemAdministrator of the requested resource. Add Custom Metadata Attribute to hold the Login ID of the Catalog Item Administrator. Create a managed bean to do the routing of the request to the proper target user. Customize the SOA Composite used forApprovals to invoke OIM APIs for the Catalog to extract the Login ID of the Catalog Item Administrator from the Catalog Item's metadata. Create one or more Approval Polices to configure the customized SOA Composite as the Approval Process for the requested resources. Your customer has notified you that an Oracle Privileged Account Manager end user can access the grants associated with another user. Identify the correct statement. You have configured multiple authenticators in Weblogic, with control flags as required. You have configured multiple authenticators in Weblogic, with control flags set as sufficient and users with the same username exist in more than one authenticator. SOA Managed Server is down. You have configured OUD and Default Authenticator, with control flags as optional and users with the same username exist in more than one authenticator. Identify two detection mechanisms through which Identity Audit monitors the actual access to resources and captures any violations on a continuous basis (Choose two.) Preventive mode, wherein only the specified access request that is requested via the access catalog in real time can be automatically detected as an Identity Audit policy violation and preventative action can be taken. Detective mode, wherein all Identity Warehouse users can be monitored for toxic combinations of user access rights. Detective mode, wherein only specified Identity Warehouse users can be monitored for toxic combinations of user accessrights. Preventive mode, wherein any access request that is requested via the access catalog in real time can be automatically detected as an Identity Audit policy violation and preventative action can be taken. A user has a resource that was provisioned via an Access Policy. Then the user is added to a role that denies the resource via another Access Policy. Select the option that describes OIM’s expected behavior. The resource will be denied. The resource will be allowed. It depends upon the priorityof theAccess Policy. This is a conflict and is reported at the time of adding the role to the user. You are running an upgrade from Oracle Identity Manager PS2 to PS3. As part of thedeployment of the workow orchestration service, you must set up two components from the system administration console. Select the two system values to be changed (Choose two.) set SOA Workflow Enabled as TRUE set SOA Workflow Policies Enabled as TRUE set Workflow Disabled as FALSE set Workflow Policies Disabled as FALSE set Workflow Enabled as TRUE set Workflow Policies Enabled as TRUE. As part of a new customer User ID life cycle improvement project, you have deployed Oracle Identity Manager with Auditor mode enabled. They use Oracle Unified Directory as their main LDAP repository. Which Oracle component acts as the Identity Store for the solution provided? Oracle Access Manager Oracle Identity Manager Weblogic Oracle Privileged Account Manager Database Oracle Unified Directory. Which three features can be managed only by using the Oracle Identity Manager Design Console? (Chose three.) Forms Designer Adapter Factory Lookup Definitions Process Definitions Reconciliation Rules IT Resource Definitions. During a reconciliation process, the auto retry count is exhausted and the reconciliation engine does not process events. How can you overcome this issue? Manually retry by requesting for re-evaluation from Event Management. Disable and re-enable the reconciliation task from the system admin console. Delete auto retry parameters that are stored as part of the reconciliation proles, create them anew,and rerun the reconciliation task. Setthe Retry Count for recon eventvalue to 0 and rerun the reconciliation task. Identify the schema that must be installed during the upgrade process of Oracle Identity manager in addition to the existing schemas that are already installed. ORASDPM schema Business Intelligence Platform Schema Metadata Services Schema Oracle Platform Security Services Schema. Customer has upgraded their Oracle Identity Manager deployment from PS2 to PS3. What must be ensured from the approval workflow perspective during this upgrade process? Approval workflows replace the older approval policies structure. In an upgraded environment, you need to enable the use of newer approval workflow through the System Administration console. Approval Policies replace the older approval workflows structure. In an upgradedenvironment, you need to enable the use of newer approval policies through the System Administration console. Approval workflows work in tandem with the approval policies structure. In an upgraded environment, you need to enable the use of newer approval workflow through the System Administration console. Approval workflows work in tandem with the approval policies structure. In an upgraded environment you need to enable the use of newer approval policies through the System Administration console. What happens in Oracle Identity Manager (OIM) if there are five access policies with priority 1 to priority 5, and you define a new policy with priority 3? The current policy at priority 3 is replaced by the new policy. An error is displayed during policy definition. The policy administrator is alerted about the conflict. Policies with lower priorities are shifted lower. As part of a customer requirement for a particular test environment, you have disabled workow support for Oracle Identity Manager 11g Release 2 PS3. You need to test some disconnected application instances. You realize that manual fulfillment is not working for this type of instance. Select the correct statement. Manual fulfillment tasks for disconnected application instances do not work when workow is turned off. Provisioning operations for disconnected application instances will fail. You must allow disconnected application instance support without approval workow from the system administration console. Disconnected application instances must be re-created without approval workow support. Oracle Identity Manager Weblogic instance must be restarted after disabling core functions such as approval workflows. The customer wants to extend one of their IT mobile applications. They are trying to pull out service account passwords through a REST API; however, they can't get that information. These are the configuration parameters: URI: https://opam_server_host:opam_ssl_port/opam/target/{targetUID}/showpassword Method: PUT Content-Type: application/json Body: NA What is the reason for this issue? Content-Type must be set asapplication/x-javascript. URI must be set to https://opam_server_host:opam_ssl_port/opam/target/{targetName}/showpassword. The method must be set asGET. This API is not available in Oracle Privileged Account Manager. Identify three correct statements about disconnected application instances (Choose three.) cannot be certified cannot have entitlements associated with them have predefined forms, resource objects, and IT resources not associated with target systems such as a directory server or a database can be created with the Flat File Connector. Which option must be enabled in Oracle Identity Manager to allow users to complete certifications in offline mode? Certification Offline mode Offline Interactive Excel Offline mode Interactive Excel. User1 has delegated her UNIX HR production access privileges in OPAM to User2 during her time off. User2 has been informed that he would be working on a new project the following week after User1 left. To keep SOD, he decides to delegate the same privileges to User2. Later, he removes these access privileges from his list. Now User2 needs the access restored but User1 or even User3 are available.How can he claim back those privileges? Request access through OIM catalog. Because the privilege was originally delegated by User1, the request requires Userr1's manager's approval. Request access through OIM catalog. Because the privilege was originally delegated by User1, the request will be automatically approved. He can't remove a delegated access privilege. He would be ableto reach the targets even if he can't see them within his ACL. The only workaround for a removed delegated privilege is to have it redelegated. Which three Oracle components must you deploy on a Windows server in order to set up a Windows session recording on Oracle Privileged Account Manager (OPAM)? (Choose three.) .NET connector framework OPAM Agent ConnectorServer SSH connector Remote Server Windows Connector. What configuration must be defined for Oracle Identity Manager (OIM) access policies to be re-evaluated automatically for existing affected users? The "Revoke if no longer applied" flag must be selected. The "Disable if no longer applied" flag needs tobe selected The "Evaluate User Policies" scheduled job needs to be scheduled. The "Retrofit" flag must be selected in the policy definition. Identify two features of Oracle Identity Manager System for Cross-domain Identity Management (SCIM) API (Choose two.) Allow HTTPS calls through SOAP/WebService using valid certificates Allow requests to API services through REST Interfaces only Allow requests to services through the HTTP channel without SOAP/WebService complexity Allow requests to APIservices without libraries dependency Allow requests to API services through SOAP/WebService. A disconnected resource definition includes two multivalued attributes. The ACCTSVCS attribute has the following subfields: SVCCODE, SVCDESC, and SVCRATE of type string, string, and oat, respectively. The ACCTLNS attribute doesn't have subfields. The header of the at le is defined as: ACCTID, USRID, CUSTFN, CUSTLN, ACCTSVCS, ACCTLNS. The default delimiters are configured. Which is the correct structure of the data rows that will be reconciled into OIM using the Flat File Connector? 29839928, mharmond, Maurine, Harmond,"dvr-mthly#monthly rate DVR#12.00;hispmthly# HiSpeed Internet#30.00; ldloc-inc#Local LongDistance#0.00","C3974993; C947732; C8392239" 29839928, mharmond, Maurine, Harmond,"dvr-mthly;monthly rate DVR;12.00#hispmthly; HiSpeed Internet#30.00; ldloc-inc;Local LongDistance;0.00","C3974993; C947732; C8392239" 29839928; mharmond; Maurine; Harmond;"dvr-mthly#monthly rate DVR#12.00; hispmthly# HiSpeed Internet#30.00; ldloc-inc#Local LongDistance#0.00","C3974993; C947732; C8392239" 29839928, mharmond, Maurine, Harmond,"dvr-mthly#monthly rateDVR#12.00";" C3974993; C947732; C8392239"29839928, mharmond, Maurine, Harmond,"hisp-mthly#Hi SpeedInternet#30.00";" C3974993; C947732; C8392239"29839928, mharmond, Maurine, Harmond," ldloc-inc#Local LongDistance#0.00","C3974993; C947732; C8392239". Your customer requires an approval workflow rule that allows User Administrators with the beneficiary’s organization to submit a request without initiating approval workflows. Select the correct option that allows such behavior. Rule Condition:requester.adminroles CONTAINS OrclOIMUserAdminRule Outcome:Direct Rule Condition:requester.adminroles CONTAINS OIMUserAdminRule Outcome:Direct Rule Condition:requester.admin CONTAINS OIMUserAdminRule Outcome:Indirect Rule Condition:requester.admin CONTAINS OrclOIMUserAdmlnRule Outcome:NoApprovalRequire. As part of the deployment process, the CISO requires certification reports to be shown in the Detailed Information section of the Oracle Identity Manager Dashboard. Which option within the Identity Self-Service Console must be configured? Under Identity Audit, select Enable Certification Reports. Under Identity Audit, click Identity Configuration and select EnableCertification Reports. Under Configuration, click Certification Configuration and select Enable Certification Reports. Under Identity Certification, click Certification Configuration and select Enable Certification Reports. Identify two purposes of Oracle Identity Manager (OIM) Bulk Load Post Processing Scheduled Task (Choose two.) Loading requests Seeding the catalog User orchestration Reconciling users Username and password notification. You need to create a Custom Metadata Attribute for the Catalog which should accept a value from a predefined list of values. Which are the three steps that need to be performed to configure this behavior? (Choose three.) Add the custom attribute in the UI as a List of Values component. Create a custom attribute of type Lookup. Configure the attribute as a Searchable List of Values. Create a Lookup Code with the predefined List of values. Create a custom attribute of type Text. Create a custom form and attach it to the Catalog. User1 has delegated security_manager privileges in OPAM to User2. User2 wants to further delegate this access to User3 with read access privileges only. How can User2 accomplish this task? Security_managerdelegations are not allowed to further delegate access privileges to resource groups. Log in to OPAM Console, click the resource, the Delegate tab, select theuser_managerrole and add User3 within the user list. If the delegation is forsecurity_managerprivilege, User2can only delegatesecurity_manager. Log in to OPAM Console, click the resource, the Delegate tab, add User3 within the user list and select the "Read Only" check box. A company wants to provision access to conference rooms using OIM. The reservation should contain the start and end date of the reservation, the name of the conference room, and the location code.Which three steps are required to Implement a Disconnected Application Instance for Conference Room access provisioning based on the previous description? (Choose three.) Create a Sandbox in OIM Administration Console. Create a Sandbox in OIM Self Service Console. Create a Form to represent a Conference Room Reservation. Create a Disconnected Application Instance named "ConferenceRoom Reservation". Modify the Form generated by default when creating the Disconnected Application Instance. Add a child form for the reservation entitlements. Identify the correct statement about role consolidation. It informs you that a role cannot be created. It alerts you about other similar roles that already exist. It alerts you about identical roles that already exist. It informs you that a role does not have any members. Your customer has requested to deploy Oracle Identity Governance certification service to enhance compliance processes. Which system property must be set up to enable this feature? OIM Certification Feature SetAvailability set to ENABLE Identity Certification Feature Set Availability set to ENABLE OIAOIM Integration Feature Set Availability set to TRUE Identity Auditor Feature Set Availability Set to TRUE. Your customer reports duplicate account creation and the status unexpectedly getting changed along with various data corruption issues resulting due to duplicate processing. They are using push-based connectors to process reconciliation using the processReconciliationEvent API. How can you fix this issue? Check if related batches are in the Ready For Processing statue by using the following statement:select rb_batch_status, rb_note from recon_batches whererb_batch_status = 'Ready For Processing' and rj_key = JOB_ID_ON_UI. Set the reconciliation batch size (batchSize parameter) to 0 in the reconciliation profile of the affected resource object. Perform reconciliation twice if the size of the data is large. Modify the field length of these columns from the console and then re-create the recon profile. A customer has built a self-service capability rule that allows users to modify their profiles and also makes User Login a denied attribute if the user is a full-time employee and the country is not USA. It does this through the following parameter: deniedAttribute Equal User Login However, the rule is not working. Select the correct statement that applies to this scenario. Denied attributes must beevaluated in a separate rule. User Login cannot be included in the denied attributes list. The correct parameter is deniedAttribute rule User Login. The correct parameter is deniedAttribute Equal Login. Your customer has deployed Oracle Identity Manager 11g PS3 and Oracle Mobile Security Suite as part of their new security and enterprise mobility strategy. They realize that both components are not working seamlessly. Why is this happening? The OMSS Enabled system value must be set as TRUE to enable OIM and OMSS integration. The OMSS Disabled system value must be set as FALSE to enable OIM and OMSS integration. The XL. IsOMSSEnabled system value must be set as TRUE to enable OIM and OMSS integration. The XL.IsOMSSDisabled system value must be set as FALSE to enable OIM and OMSS integration. Which rule is seeded during Oracle Identity Manager initialization as part of the default home organization policy? All Users To Single Organization All Users To All Organizations Default All Users To Single Organization Default All Users To All Organizations. Your customer requires a secure connectors communication Channel between Oracle Identity Manager and IT Resources using SSL. You analyzed the entire configuration process but the target system is still not able to reach Identity Manager. You reviewed the logs and found the following error message: java.net.SocketException: Default SSL context init failed: null.How should you handle this exception? Nonstandard certificate authorities must be imported to the standard $(JAVA_HOME)/1ib/security/cacerts directory. This means that the connectoronly supports TLS V1.1 and later. New keys must be generated using the following command:keytool -genkey -alias keyconnserv -keyalg dsa –keystore <yourKeystore.jks> -storepass <yourPassword> -validity 360. This means that the path to keystore is incorrect and that you must provide the full/absolute path:./connectorserver.sh /run "-JDjavax. net.ssl.keyStore=/path/mykeystore.jks" "-JDjavax. net.ssl.keyStorePassword=password". A key has not been imported into Weblogic. You must run the following command:keycool - import -trustcacerts -alias icfkey -file icfkey-public.cer -keystore<pathToYouKeystore>. You were requested to modify a Disconnected Application Instance and add a child form to it. After making the modifications and publishing your work, the child form doesn't appear in the request form. What is causing this? A Lookup Code for the new child form was not created. The Regenerate View button was not clicked. The custom child form was not saved. The Catalog Synchronization Scheduled Jobwas not run. You belong to the Retail organization, which is a suborganization of Product Development.The following configuration is in place ln the Catalog: 1. The Account Manager, Customer Advocate, and Technical Support Agent roles have been created and published to the Product Development organization. 2. The Create Account, Remove Account, View Account Details, Submit Purchase Order,and Cancel Purchase Order entitlements have been published to the Retail, Manufacturing, and Public Sector organizations. Select three correct statements about Catalog searches performed by you (Choose three.) You will not see any of the roles published to the Product Development organization. You will see all roles and entitlements published to the parent organization to which her organization belongs. You will not see any of the entitlements published to the Retail organization because they have not been published to the Product Development organization. You will not see any roles but will see all the entitlements as per the described configuration. You will not see any roles published to the Product Development organization unless the "Include Sub-Orgs" check box was selected when the roles were published to it. Which two statements are true regarding Identity Virtualization Library? (Choose two.) If the back-end LDAP server port is configured over SSL, then the Oracle Identity Manager user must use keytool to import the trusted certificate from the LDAP server into the Identity Virtualization Library keystore. Identity Virtualization Library and Oracle Identity Manager are deployed on the same container. Identity Virtualization Library can be installed on aseparate server on which the directory server is installed. Identity Virtualization Library and Oracle Access Manager are on the same container. What configuration is required in Oracle Identity Manager (OIM) PS3 to provision access with approvals? The Approval Policy configuration should have provisioning enabled. The "Provision with approval" flag should be selected when you create the role. The "Provision with approval" flag should be selected when you create the access pollce. The "Provision ApplicationInstance" operation for workflow approval must be linked to a workflow through a rule. During an OIM UI customization process, you have a current sandbox (name: IdM_UIcompany1) running in production. You must test the new custom interface developed internally. You imported and updated the sandbox (name: IdM_UIcompany1). After several tests, you found some minor user experience issues that were not reported during QA. You Want to roll back to your previous sandbox but you are not able to accomplish that task.Identify the correct statement. Log in to the Weblogic admin console, look for OIM ADF components, delete the new sandbox, and restart OIM. The old sandbox has been stored as IdM_UIcompany1. backup after the import process. You must import the backup file to restore previous configuration. Any available sandbox with the same name is overwritten by the imported sandbox. Both sandboxes have been merged and you can't restore the previous configuration. A customer has requested that the OIM self-service UI be customized to show their new logo. After running the customization, you are not able to see the changes. The old logo still remains visible on the main page. What is the reason for this? As part of the customization process, during sandbox creation, the "Activate Sandbox" option was not selected. The command Image Link component was deleted. The command Image Link component binding property was set toFalse. The command Image Link component icon property is set asNULL. Identify two prerequisites for configuring Oracle Identity Manager Server (Choose two.) Starting the OAM Managed Server Starting the SOA Managed Server Starting the Oracle WebLogic Administration Server for the domain in which OIM has been deployed Starting the OUD Managed Server. Identify two correct statements about creating Disconnected Resources using the Flat File Connector (Choose two.) A. The type of value for a field is defined using the Type field qualifier. The order in which the list of subfields is specified in the Schema File does not affect the format of the flatle containing the data handled by the connector. It is required to specify the EmbeddedObjectClassproperty for Child Forms with only one subfield. It is required to specify a Schema File defining the structure of the Flat File processed by the connector. The Subfields field qualifier is used to specify the subfields of a complex child form. You are customizing Self-Service capabilities. You have been requested to create a rule for temporary users that allows them to add roles to their own profiles only. Select the correct code fragment that enables such behavior. If user.Profile Equal TempUsers THEN capability rule addRoles If user.Role Equal TempUsers THEN capability Equal addSelfRoles If user.Role Equal TempUsers THEN capability rule selfModifyUser If user.Profile Equal TempUsers THEN capability rule selfModifyRoles. A customer has requested a report listing any account existing in the production environment that is also provisioned to the corresponding user in OIM, but for which the process data does not match. Which kind of report would allow you to show such data? Orphaned Account Summary Report Fine Grained Entitlement Exceptions By Resource Rogue Accounts By Resource AccountReconciliation Exceptions by Resource. A company provisions mobile phones to their employees and wants to use OIM to manage the provisioning of the devices and keep a record of the plan features enabled in each account. Which three OIM configuration items support the company's requirements? (Choose three.) Custom Post Process Event Handler to process entitlement provisioning Custom Form with Child Form attached for Plan Features Lookup Code containing the list of available Plan Features Disconnected Application Instance Custom SOA Composite to provision entitlements. You are asked to set approvals for all role management tasks such as creating and modifying roles.How will you achieve this in OIM 11g R2 PS3? Select the Approval Required flag while defining a role. Enable Identity Auditor features. Select the Approval Required flag while defining access policy Define an approval policy. A customer requests you to create a new set of roles. Each role should have a single title associated with it. You have successfully executed the Role Mining process. With the results of this process you must ensure that there is a 100% correlation between users and their job type before roles are created. How can you achieve that goal? After mining has been completed for business roles, create another mining task for entitlements and set "correlation" value on the setup page at 100%. On the mining setup page, set the "role correlation" value at 100%. On the mining result page, set the "cut-off" value at 100%. On the mining setup page, select business and entitlements attributes to ensure 100% correlation. You are trying to set up session recording within Oracle Privileged Account Manager (OPAM) to record Windows sessions. You have deployed all of the correct components to the Windows server. However, when you try to test the target from the administrative console, you get the following error: ConnectionFailedException: Unable to get the Directory Entry You have confirmed that the credentials in the target configuration are correct. What is the problem? The Connector Server is not running on the target. A firewall is blocking the connection from the OPAM server to the target. The Windows server is a domain controlleror joined to an Active Directory domain. The administrator does not have permissions within OPAM to create a new target. Which two options represent correct statements about how Closed-Loop Remediation works by default? (Choose two.) A revoke request coming from someone other than the user’s manager can be challenged. A revoke request coming from the user's manager can still be challenged. After a revoke request is submitted in a review, the user can't do anything about it. Only requests coming from the user's manager are auto-approved. Because the revoke requests come from the Certification Process, they are carried out immediately. Your customer is deploying Oracle Privileged Account Manager as part of their new security strategy. One of their requirements is to enable schema encryption. Identify the script that needs to be executed to enable encryption in the OPAM schema. opamxencrypt.sql in IAM_HOME/opam opamxencrypt.sql in IAM_HOME /opam/sql opamencrypt.sql in IAM_ HOME /opam/sql opamencrypt.sql in IAM_ HOME /opam. What is the global of the Oracle Web Services Manager (OWSM) policy oracle/multi_token_noauth_rest_service_policy? gets/modifies My Profile, Change My Password, and Change My Challenge Responses creates HTTPS calls to the REST Interfaces enforces OAM-OIM Authorization secures SCIM resources. You have the Application Instance Viewer administrative role of the Customer Relations organization. The Customer Relations organization has three children: Public Sector,Commercial, and Health Care. Identify three correct statements about what will happen when you perform searches in the Catalog (Choose three.) You will only be able to see application Instances published to the Customer Relations organization. You will not be able to see any application instances published to the three suborganizations unless the "Include Sub-Orgs" was selected when you were added to the Application Instance Viewer administrative role. You will be able to see all application instances published to all three sub organizations. You cannot see anything because you cannot see the users of the Customer Relations organization. You will only be able to see application instances published to the Customer Relations organization but you cannot request those resources for users that belong to the Customer Relations organization or any of its sub organizations. Which three role definitions can be provided to a user after he or she is assigned an admin role? (Choose three.) Entity Catalog Administrator Entity Administrator Entity Authorizer Entity Reader Entity Role Authorizer Entity Viewer. Which report contains information on temporary access that even if granted may not be appropriate or justified in the long term? Certified Access Report Abstained Access Report Certified Conditionally Access Report CertifiedTemporary Access Report. Your customer reports that the IT staff is not able to update some OPAM configuration resource objects through RESTful interfaces by using the configuration resource API. They claim that they are trying to update the number of Windows agents that have been deployed and that the parameters sent are correct. However, they are not receiving a successful message. API Parameters URI: https://opam_server_host:opam_ssl_port/opam/config/sessionmgrconfig Method: GET Content-Type: NA Body: JSON representation of Modification What should you do to x this? Set the method as POST. TheWindowsAgentCountresource object can't be updated through the configuration resource API. Set URI ashttps://opam_server_host:opam_ssl_port/opam/config/sessionconfig. SendconfigUIDandconfigTypealong with theWindowsAgentCountparameter to run the update. You are asked to integrate Oracle Privileged Account Manager-Oracle Identity Manager. As part of this process, you must enable Oracle Privileged Account Manager to search the Oracle Identity Manager catalog. How can you accomplish this task? by manually creating the OPAM_TAGS and OPAM_CERT_TAGS user-defined fields(UDF) in the Oracle Identity Manager catalog by manually enabling the OPAM _TAGS and OPAM_CERT_TAGS in the Oracle Privileged Account Manager Admin Console by running the. /opamSetup. sh (or. /opamSetup. bat) script with the --TAGS parameter andtheir definitions by running the. /opamSetup. sh (or. /opamSetup. bat) script with the –opamItResource parameter and the TAGS definitions. By default, the New User Registration facility is available from the login page of the Identity Self-Service interface. How can you disable this behavior for cases where identity creation is allowed only through reconciliation? It can be controlled through the Access Policy configuration. It can be controlled through the Approval Policy configuration. It can be controlled through the System Configuration property. It cannot be overridden, so you can remove the self-register link from the UI. You have deployed a new SOA Composite. As part of one of the customers use cases, they want you to allow all users to withdraw their requests made through self-service console. Select the correct statement. A request can be withdrawn during any stage of the process. A request can be withdrawn before the Operation Initiated stage. Only admin users are able to withdraw ongoing requests. A request can be withdrawn during any stage of the process. A request can always be withdrawn by a requester only, which is done by using Identity Self Service. A request can be withdrawn before the Operation Initiated stage. A user's managers are the only ones able to withdraw employee requests. A request can be withdrawn before the Operation Initiated stage. Only admin users are able to withdraw ongoing requests. A request can be withdrawn before the Operation Initiated stage. A request can always be withdrawn by a requester only, which is done by using identity Self Service. Your customer requests you to update a reconciliation profile to match new attributes from their authoritative source. You run those changes through the design console and test the reconciliation process. However, the results are not shown. What is the reason? You must run a full reconciliation task to ensure that all the new attributes are captured. If a reconciliation profile is modified by using the Design Console, the profile must be regenerated by clicking the Create Reconciliation Profile button in the object Reconciliation tab of the Design Console. Reconciliation profiles can't bemodified by using the Design Console; you must delete and create a new profile. Change the value of thechangeTypeattribute in the profile toNEW<profile xmlns="http://www.oracle.com/oracle/iam/reconciliation/config/"changeType="NEW" batchSize="500"resourceType="Organization" name="Xellerate Organization">. You are deploying Oracle Identity Governance. As part of one of the implementation milestones, the customer wants to enable the certification feature to enhance the compliance review process. Which three tags must be set up through Design Console to generate certification for entities? (Choose three.) User_Key = true Account_Status = true AppInstance = true UID = true ITResource = true AccountName = true Entitlement = true. Which two types of information does Role Analytics provide? (Choose two.) Users affected Policies affected Accounts affected Entitlements affected. Which two methods can be used to seed Identity Analytics warehouse? (Choose two.) using the Identity Audit Console importing Identity feeds through federation standards using seamless integration with Oracle Mobile and Social using seamless integration with Oracle Identity Manager importing Identity and Entitlements feeds by using ETL processing. You have been asked to configure OIM to detect Segregation of Duties (SoD) violations. Which feature must you enable to achieve this? Duty Violations Identity Analytics Identity Certification Identity Audit. Which two parameters from the User profile audit data collection level must be set to none in order to disable auditing capabilities in Oracle Identity Manager? (Choose two.) XL.UserProfile XL.AuditDataCollection XL.RoleAuditLevel XL.UserProfileAuditDataCollection XL.RoleAudit. Your customer has reported that the IT staff is not able to access a Microsoft Windows privileged account through OPAM. According to them, both OPAM and the Connector on the target system are properly configured. How should you access the Microsoft Windows server and enable the logging in verbose mode? Edit ConnectorServer.exe.config and add the following lines:^switches^^add name="ActiveDirectorySwitch" value="3" /^^/switches^ Edit ConnectorServer.exe.config and add the following lines:^switches^^add name="ActiveDirectorySwitch" value="4" /^^/switches^ Edit ConnectorServer.conf and add the following lines:^switches^^add name="LocalAccountSwitch" value="5" /^^/switches^ Edit ConnectorServer.exe.conf and add the following lines:^switches^^add name=" LocalAccountSwitch " value="5" /^^/switches^. You changed a role name by using Oracle Identity Self Service, However, you realize that the User Prole Audit (UPA) tables in the database are not updated. What should you do? Nothing. The change will be shown during the next snapshot of the user. Manually update the User Policy Profile data (UPD). Disable theXL.UserProfileAuditDataCollectionsystem property to allowchanges through Self-Service Console. Update role names through the UGP table only. What is the scope of an admin’s role rights? Catalog only the same Organization Level only roles at the Organization Level users. A company is using a Disconnected Application Instance to represent Conference Room Reservation. There is a new requirement of having the list of attendees along with their email addresses, and a list of equipment items to be provided for the meeting. Which three tasks should you perform to implement this requirement? (Choose three.) Create a Child Form for the Equipment Items provided for the meeting and configure it as an Entitlement form. Create a Sandbox in Administration Console. Modify the parent form to add multi value attributes to hold the attendees and equipment items. Create a Lookup code containing items of equipment that can be provisioned to a meeting in a given conference room. Create a Child Form for the Equipment Items provided for the meeting. Which two features are provided to a user from the login page of the Identity Self Service interface by default? (Choose two.) Credentials retrieval Self registration and tracking User profile modification User creation Role association. Identify the type of action that needs to be performed in order to execute an identity audit policy along with its associated rules against a given population of entities. Identity Audit Scan Identity Remediation Identity Policy Violation Identity Rule Condition. As part of a new UI requirement, a customer has requested that a new option be created within the main OIM dashboard that is only accessible by system administrators. In addition to that, they want the application called by this new UI customization to open in a new tab. Identify the property value that allows such behavior. instructionClickAction = "#(backingBeanScope.dashboardNavigationBean.launchTaskFlow)" clientAttribute taskFlow ="#(backingBeanScope.dashboardNavigationBean.launchTaskFlow)" iconClickAction = "# (backingBeanScope.dashboardNavigationBean.launchTaskFlow)" clientAttribute ClickAction = "#(backingBeanScope.dashboardNavigationBean.launchTaskFlow)". The approval request for the Help Desk Rep role must go to multiple people. How should you use the Catalog Item's metadata to fulfill this requirement? Set the Approver User to a list of users separated by commas. Set the Fulfillment Role to the role containing the approvers of the request. Set Provisioning Role to the role containing the approvers of the request. Set the Approver Role to the role containing the approvers of the request. A customer has reported issues when authenticating from the OPAM manager console against the OPAM Manager Server. Which server must you verify to allow the user interface to reach the server? OPAM Session Manager Identity Connector Framework (ICF) Oracle Platform Security Services (OPSS) Policy Store Oracle Platform Security Services (OPSS) Trust Service. |
Report abuse