1Z0-479 Online Practice Questions and Answers

Your customer wants to use the information available in the Identity Context in their application to determine a user's journey through various screens and functions.

One of the attributes they want to use is the Oracle Adaptive Access Manager (OAAM) risk score. They have deployed OAAM and think they have integrated it correctly into the Oracle Access Management platform. However, when their application interrogates Identity Context, none of the OAAM attributes are present.

Which three configuration settings should you check as part of troubleshooting the problem? (Choose three.)

A. The OAAM propertyoracle.oaam.idcontext.enabledhas been set totrue.

B. Oracle Access Manager is using the "OAAM Advanced" authentication scheme.

C. The TAP token version is set to 2.1 in OAAM properties.

D. The application has been given proper source code grants to access the Identity Context runtime.

E. A configurable action has been defined in OAAM to generate the Identity Context attributes.

F. Oracle Security Token Service has been configured to generate the Identity Contextassertion.

In an enterprise deployment, where are the binary and library files that are required for Oracle Access Management located? (Choose the best answer.)

A. IDM_ORACLE_HOME

B. IAM_ORACLE_HOME

C. ORACLE_COMMON_HOME

D. IAM_MW_HOME/iam

Which statement is true about Oracle Access Manager 11g session management?

A. Oracle Access Manager 11guses Coherence to reliably cache millions of user sessions simultaneously.

B. Oracle Access Manager 11guses encrypted cookies that track the login time, authentication level, and the idle and maximum session times.

C. Oracle Access Manager 11gsession information is stored in lightweight directory access protocol (LDAP) directory.

D. Oracle Access Manager11grequires an Oracle database to reliably store session information.

Which statement is true about moving Oracle Access Management Mobile and Social from a test environment to a production environment?

A. A new application profile needs to be created always for Internet Identity Services.

B. The ChallengeRedirect URL in authentication schemes needs to be updated.

C. Thecwallet.ssofile needs to be edited for the production host.

D. Themerge-creds.xmlfile needs to be created on the production host.

Which authentication scheme is the preferred option for integrating OAM with OAAM in 11gR2?

A. OAAMBasic authentication scheme

B. TAPScheme authentication scheme

C. OAAMAdvanced authentication scheme

D. LDAPScheme authentication scheme

What is the role of a user data store in Oracle Identity Federation (OIF) 11g when it is configured as an Identity Provider (IdP)? (Choose the best answer.)

A. Oracle Identity Federation uses the repository to map the information in received assertions to user identities at the destination.

B. When creating a new federation, Oracle Identity Federation uses the repository to identify a user and link the new federation tothat user's account.

C. Oracle Identity Federation uses the repository to authorize users for access to protected resources.

D. Oracle Identity Federation uses therepository to verify user identities and to build protocol assertions.

You are configuring Oracle Entitlements Server (OES) and have a requirement to make a connection to an external Policy Information Point (PIP) in order to retrieve an attribute for use in a condition.

You need to modify the security module configuration to configure the PIP. Which two options do you have for making this modification?

A. Configure the PIP settings in your OES policy and distribute it to each security module as part of the policy distribution.

B. Manually edit thejps-config.xmlfile on each security module.

C. Use the OES admin console to define the PIP settings and write them to a database for each security module to retrieve during bootstrap.

D. Use the SMConfig UI to configure the settings.

How would you add support for additional Internet Identity Providers for Oracle Access Management Mobile and Social, other than the preconfigured ones such as Facebook and LinkedIn? (Choose the best answer.)

A. You do this by implementing theoracle.security.idaas.rp.spi.ServiceproviderJava interface.

B. Support for Internet Identity Providers is limited to the ones that are available out of the box from Oracle Access Management.

C. Support for Internet Identity Providers is enabled through the connectors built on the Identity Connector Framework (ICF).

D. You do this by implementing theoracle.security.idaas.rp.spi.IdentityProviderJava interface.

Identify two functions of the heartbeat check performed by Oracle Access Manager Access Servers.

A. It checks if an LDAP store can be accessed.

B. It check if a WebGate can beaccessed.

C. It check if a session cache store can be accessed.

D. It check if a policy store can be accessed.

E. It check if a database can be accessed.

You have configured a new pattern in Oracle Adaptive Access Manager (OAAM) to capture login times of devices. Your customer wants to ensure that devices that are used outside their normal times are blocked.

After creating your pattern, which two additional steps must you perform to configure OAAM to meet this requirement?

A. Create a transaction definition for the pattern.

B. Create a new rule in an existing policy that contains an appropriate condition to evaluate your new pattern.

C. Linkyour chosen policy to the appropriate user groups.

D. Configure a block action for your new rule.

E. Restart the OAAM Managed Server for the pattern to take effect.

Which statement is true about a single sign-on operation initiated from a Service Provider using SAML 2.0 in Oracle Identity Federation (OIF)?

A. Oracle Access Manager is required as a Service Provider integration module.

B. An Oracle Access Manager WebGate is needed to protect the target web resource and redirect requests to OIF.

C. HTTP post binding is only supported.

D. Any HTTP request hitting the target resource is redirected to the Service Provider's OIF instance.

Which statement is true about Service Providers and Service Profiles in Oracle Access Management Mobile and Social?

A. A service Provider instance may or may not have a corresponding Service Profile instance.

B. A Service Profile instance may or may not have a corresponding Service Provider instance.

C. Each Service Provider instance requires at least onecorresponding Service Profile instance.

D. One Service Profile cannot be assigned to multiple Service Domains.

Which protocol does WebGate use to communicate with the Access Manager server? (choose the best answer.)

A. TCP

B. HTTP

C. SSL

D. Oracle AccessProtocol (OAP)

E. Policy Administration Protocol (PAP)

Which Oracle Access Management Suite Plus 11g service provides Access Management components the ability to share information during a user's session that enables security decisions?

A. Security Token Service

B. Oracle WSM Agent

C. Policy Context

D. Identity Context

Identify two ways in which you can specify trusted Identity Provider (Idp) partners while configuring Service Provides (SP) in Oracle Access Management Identity Federation.

A. Manually create a new Idp configuration and fill the form with all attributes.

B. Import the metadata file generated from an Idp deployment to create a new Identity Provider configuration.

C. Automatic discovery of an Idp populates the configuration data.

D. A request can be broadcast to all IdPs and the one that matches returns its configuration data is populated.

E. A sample XML configuration file is provided, which needs to be modified, and the Server needs to be restarted.