IBM Security Identity Manager V6.0 Implementation Set 3

A provisioning policy governs only services that are associated the same business unit or sub tree of the business unit with which the policy is associated. A role referenced in the provisioning policy must be associated the same business unit or sub tree of the business unit with which the policy is associated. ✘ A provisioning policy governs only services that are associated the same business unit or sub tree ofthe business unit with which the policy is associated. A role referenced in the provisioning policy can be anywhere in the tree of the organization. ✘ A provisioning policy governs services that are anywhere in the tree of the organization. A rolereferenced in the provisioning policy must be associated the same business unit or sub tree of the business unit with which the policy is associated. ✘ A provisioning policy governs services that are anywhere in the tree of the organization. A rolereferenced in the provisioning policy can be anywhere in the tree of the organization. ✔

Websphere application and messaging clusters must be stopped prior to installing the ISIM fixpack. ✘ Websphere application and messaging clusters must be running prior to installing the ISIM fixpack. ✘ All Websphere processes must be stopped prior to installing the ISIM fixpack. ✘ All Websphere processes must be running prior to installing the ISIM fixpack. ✔

Disabling anonymous read access, enabling SSL communication only ✘ Allow only read access to IBM Security Identity Manager LDAP ✘ Run the IBM Security Identity Manager server as non-root user ✘ Enabled WebSphere global security ✔

An owner with a contractor email address ✘ An account manager ✘ An account owner ✘ A group owner ✔

Write custom code to query the ISIM Database tables to find services that have had communication
failure. Recovery is not possible, blocked requests on these services will need to be resubmitted. ✘ Write custom code to query the ISIM Database tables to find services that have communication failure.After communication is restored, ISIM will automatically retry requests that were blocked. ✘ Use the ISIM Administration console to query services with a Failed status. After communication isrestored, resubmit blocked requests. ✘ Use the ISIM Administration console to query services with a Failed status. After communication isrestored, retry blocked requests. ✔

com.ibm.tivoli.itim.passwordrules.PasswordGenerator ✘ com.ibm.passwordrules.PasswordGenerator ✘ generator.ibm.tivoli.itim.CustomGenerator ✘ com.ibm.passwordrules.Rule ✔

The frequency of replicating objects containing the attribute to a replica. ✘ The frequency of reading and writing information to / from the attribute. ✘ The frequency of writing information to the attribute. ✘ The frequency of reading information based on the attribute's contents. ✔

1280MB ✘ 4096MB ✘ 1024MB ✘ 2048MB ✔

enrole.generic.randomizer should be set to true for generation of random URL for each password
retrieval request. ✘ enrole.password.retrievalURL should be set to the value of the URL where the user can retrieve thepassword. ✘ The shared secret attribute of the Person object should be populated by the user beforehand. ✘ enrole.workflow.notifyPassword should be set to false. ✔ enrole.password.retrieval should be set to true. ✔

Point IBM Security Identity Manager test environment services to production environment end points to
be managed ✘ Use the threaded_damlserver.pl script from the IBM Security Identity Manager tuning guide ✘ Install thousands of separate TDI dispatchers ✘ Use the virtual service adapter setup ✔