Can the rule library named Common Rules Library " be included in a Rule by adding this code?
Solution:
An engineer is assigned to configure an account attribute. The requirements are:
Purpose: Flag privileged accounts
Read from: Financial application, privileged attribute
Calculate from: Keystore application, responsibility-code attribute
Usage 1: Display as option in Advanced Analytics
Usage 2: Use when writing rules
Usage 3: Include in policies
Does the engineer need to set this configuration option on the account attribute to meet the requirements?
Solution: Source Mappings: Application Rule
Is the following true of Identity Provisioning Policies?
Solution: Identity Provisioning Policies can be used to include allowed-values definitions or validation logic on fields so that only valid/authorized values can be specified for those fields when using the Create Identity feature to add an identity.
Can a Workgroup be used for the following scenario?
Solution: Providing a group of users with specific capabilities.
Can the following be achieved via configuration of control variables in the out-of-the-box Lifecycle Manager (LCM) workflows?
Proposed Solution:
Specify which applications support new account requests.
Is this a piece of information that an engineer needs when initially setting up a new IdentityIQ sandbox environment?
Proposed Solution:
the IdentityIQ version
Is this a true statement about localization support in IdentitylQ?
Solution: Localized messages can be retrieved from custom Java/BeanShell code using SailPoint APIs.
A bank is two years into an ongoing project to provide all access through roles. The bank is actively using roles and actively adding to their role model. They need to ensure that all roles include the correct entitlements.
Will this certification type achieve the goal?
Solution: Account Group Membership Certification
Is the following statement about workflow step types and their usage true?
Proposed Solution:
A step named " end " is required to allow the workflow to end correctly.
An engineer needs to trigger a workflow when a Division attribute changes from IT to Senior IT, but only when the user is a manager.
Is this a valid process that the engineer could use to launch a workflow for a lifecycle event?
Proposed Solution:
Create a trigger with an event type of rule that checks if the previous value is IT and the new value is Senior IT, and return true if the managerStatus on the user ' s Identity Cube is true.
Can a Workgroup be used for the following scenario?
Solution: Automatically creating multiple groups based on the values of a single identity attribute.
An engineer is assigned to configure an identity attribute. The requirements are:
Purpose: Add a user ' s security clearance to their identity
Read from: Workday; if not found in Workday, Contractor file; otherwise, leave empty
Usage 1: Display as option in Advanced Analytics
Usage 2: Use when writing rules
Usage 3: Can be updated through the Edit Identity Quicklink, but Workday is authoritative
Usage 4: List as entitlement on Identity Cubes
Does the engineer need to set this configuration option on the identity attribute to meet the requirements?
Proposed Solution:
Entitlement
Is this configuration option required when an engineer sets up a SCIM 2.0 application?
Solution: Comment Character
An engineer is assigned to configure an account attribute. The requirements are:
Purpose: Flag privileged accounts
Read from: Financial application, privileged attribute
Calculate from: Keystore application, responsibility-code attribute
Usage 1: Display as option in Advanced Analytics
Usage 2: Use when writing rules
Usage 3: Include in policies
Does the engineer need to set this configuration option on the account attribute to meet the requirements?
Solution: Edit Mode: Read Only
Can the Environment tab under ‘Administrator Console’ be used to do the following task?
Proposed Solution:
View status of installed SailPoint modules/extensions.
Can the search type in Syslog be used to accomplish this result?
Solution: Launching a certification using the search results
Can the following action be performed using Rapid Setup application onboarding?
Solution: Specify account correlation by mapping an identity attribute to an account attribute.
Is the following a valid role option that can be configured?
Proposed Solution:
Configure a role that can be requested only if the user already has a related role.
Is this configuration option required when an engineer sets up any application?
Proposed Solution:
Create Policy
Is this statement true about email templates or behavior within them?
Solution: Whole paragraphs cannot be included or omitted based on conditional tests, such as #if (SremindersRemaining > 0). Only individual lines can be omitted in this manner.
Is this where email templates can be viewed after product installation?
Proposed Solution:
In the Debug page as an EmailTemplate object.
An engineer needs to trigger a workflow when a Division attribute changes from IT to Senior IT, but only when the user is a manager.
Is this a valid process that the engineer could use to launch a workflow for a lifecycle event?
Proposed Solution:
Create a trigger with an event type of create.
Assuming that the policy violation owner has the necessary permissions, is this a valid option for the policy violation owner to use when acting on a policy violation of type ' Role SOD Policy?
Solution: Schedule Policy Composition Certification
The engineer is working on a workflow implementation.
After a form step, the workflow can transition to three steps:
Stop if the Reject (back) button is used,
Audit if the Approve (next) button is used and the field named comment is returned from the form to the workflow variable comment and has a value,
Provision otherwise.
The engineer writes the transitions in XML code.
Is this a valid implementation?
Proposed Solution:
< Transition to= " Stop " when= " !ref:approved " / >
< Transition to= " Audit " when= " script:sailpoint.tools.Util.isNotNullOrEmpty(comment); " / >
< Transition to= " Provision " / >
Is this a question that an engineer should ask the customer when initially setting up a new IdentitylQ test environment?
Solution: Does the customer need a deployment accelerator? "
Can the Provisioning tab under " Administrator Console ' be used to do the following task?
Solution: Manually retry the provisioning attempt for pending transactions.
Assuming that the policy violation owner has the necessary permissions, is this a valid option for the policy violation owner to use when acting on a policy violation of type ' Account Policy ' ?
Proposed Solution:
Schedule Policy Composition Certification
IdentityIQ has been installed and set up with the contents of IdentityExtended.hbm.xml.
Is this a correct statement about the installation?
Proposed Solution:
An unlimited number of additional searchable placeholder extended attributes can be added to this installation beyond the 10 shown.
Is the following statement true about out-of-the-box reporting?
Solution: In the Reporting user interface, instances of reports are located on the ' My Reports ' tab, and templates are located on the ' Reports ' tab.
Is the following true of Identity Provisioning Policies?
Proposed Solution:
If no Update Identity Provisioning Policy is defined for the installation, the Create Identity Provisioning Policy will be used in Edit Identity operations.
An engineer needs to first create a custom audit event and then set up an associated report.
What are four steps to accomplish this goal?
Proposed Solution:
Set up a new AuditAction in the AuditConfig object XML:
< AuditAction displayName= " Custom New Audit Event " enabled= " true " name= " actionname " / >
Is this statement correct about writing and executing source mapping rules to populate identity attributes?
Solution: The rule type must be IdentityAttribute.
Is this a purpose of an IdentitylQ certification?
Solution: to attest lo a user ' s system access
Is the following statement about IdentityIQ rule inputs and outputs correct?
Proposed Solution:
The default description of a Rule, which originates from the Rule Registry, usually provides information about the Rule ' s purpose and its expected output.
Is this a correct procedure for testing generated emails in a non-production system?
Solution: Change the Email Notification Type to POP3 under Global Settings > Configure IdentitylQ Settings > Mail Settings, run the test scenario. and verity if the emails were successfully delivered to mailboxes specified on Identity objects.
Is this a purpose of an IdentityIQ certification?
Proposed Solution:
to attest assignment of roles to users
Is the following statement about workflows and sub-workflows (subprocesses) true?
Proposed Solution:
Many standard LCM sub-workflows can be leveraged in custom workflows, with their behavior controlled via input variables.
Is this statement true about email templates or behavior within them?
Solution: Only identity object attributes or methods can be accessed through the reference variables of a template ' s input arguments.
Is this a default functionality of the Lifecycle Manager (LCM) module?
Proposed Solution:
Launch Certification Campaign
A customer wants to make changes in their IdentitylQ user interface. Consider branding and other IdentitylQ Ul changes. Is this statement valid?
Solution: Text on the login page is set through message keys in the message catalog.
Is this statement valid regarding the control and usability of the Debug pages in IdentitylQ?
Solution: The application server must be restarted after reloading the logging file through the Debug-Logging page.
Is this a purpose of an IdentitylQ certification?
Solution: to review a snapshot of a user ' s system access
Is the following statement about IdentitylQ rule inputs and outputs correct?
Solution: The lypical input variables for a rule are listed in the BeanShell rule editor in IdentitylQ, based on the rule registry.
Can the following be achieved via configuration of control variables in the out-of-the-box Lifecycle Manager (LCM) workflows?
Proposed Solution:
Specify the email template for notifications.
A client wants users who belong to an IdentitylQ workgroup named Management to be able to request entitlements and roles, but only for other users whose location attribute is the same as theirs.
Is this a population that will achieve the goal?
Solution: Create a quicklink population, set the membership match list to the IdentitylQ workgroup " Management, " and set " Who can members request for? " as report to the requester.
Is this a purpose of an IdentitylQ certification?
Solution: to attest to a user ' s integrity
Is this a correct procedure for testing generated emails in a non-production system?
Proposed Solution:
Change the Email Notification Type to IMAP under Global Settings > Configure IdentityIQ Settings > Mail Settings, run the test scenario, and verify if the emails were successfully delivered to mailboxes specified on Identity objects.
Can the following IdentityIQ object be extended to store client-specific data by updating the corresponding .HBM file?
Proposed Solution:
CertificationItem
Is this a default functionality of the Lifecycle Manager (LCM) module?
Solution: Define Application
Is this statement valid regarding the control and usability of the Debug pages in IdentitylQ?
Solution: The current version and patch level of IdentitylQ can be found through the Debug-About page.
is the following a valid role option that can be configured?
Solution: Configure a role to include a set of IdentitylQ capabilities.
An engineer needs to first create a custom audit event and then set up an associated report. What are four steps to accomplish this goal?
Solution:
Is this an example of a mover lifecycle event?
Solution: A contractor whose contract expired and accounts were disabled has a new contract with the company; the contractor needs all of their previous accounts enabled.
Can the search type in Syslog be used to accomplish this result?
Solution: Identifying all Link objects from a particular application
An engineer needs to first create a custom audit event and then set up an associated report.
What are four steps to accomplish this goal?
Proposed Solution:
Write logic in a BeanShell rule, task, or workflow step to created the audit event, populated with the appropriate data values.
The engineer is configuring a new application definition.
The customer wants an Audit record to be created with the error message, if provisioning fails.
Is this the rule an engineer should write to accomplish the goal?
Solution: Configure a Postlterate rule