A customer has configured the IBM Security Access Manager V9.0 appliance authentication to an external LDAP server. The customer wants to allow support staff with LDAP accounts that are members of the HelpDesk group to view appliance and audit logs.Where should the deployment professional configure a new role and map it to the HelpDesk LDAP group for the support staff?
An attacker has compromised the private key associated with a certificate.Which two methods can be used to ensure that certificates have not been revoked by the Certification authority that issued it? (Choose two.)
A large bank has multiple applications protected by two identically configured WebSEAL servers. One junction supports a reporting application that frequently expenses performance issues which slows response time. The worst case results in the entire site becoming unresponsive when all WebSEAL worker threads on all WebSEAL instances are consumed on the junctions to this one reporting application.Which configuration change will prevent this situation from occurring without impacting the behavior of any other application (junction), and keeping the entire site up?
A company has deployed an IBM Security Access Manager V9.0 solution for protecting web resources and has enabled auditing for monitoring purposes. A security deployment professional has observed that audit records are using large quantities of disk space due to the large number of audit events related to HTTP access.Which two strategies will help to reduce the volume of audit events in above scenario? (Choose two.)
During testing of an application the deployment professional is receiving frequent alerts about high disk utilization.What action can be taken to resolve this issue?
A customer has a developed an OAuth 2.0 Client application to access resources on behalf of a user. The customer states that the OAuth client has the following two constraints:1. The OAuth client is not capable of maintaining its credentials confidential for authentication with the authorization server.2. The resources owner does not have a trust relationship with the client.What is the suitable OAuth 2.0 grant type for the API Protection Policy if the user resource accessed by the OAuth 2.0 client is to be protected by IBM SecurityAccess Manager V9.0?
