Pre-Summer Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > SailPoint > Identity Security Engineer > IdentityIQ-Engineer

IdentityIQ-Engineer SailPoint Certified IdentityIQ Engineer Question and Answers

Question # 4

Can the rule library named Common Rules Library " be included in a Rule by adding this code?

Solution:

A.

Yes

B.

No

Full Access
Question # 5

An engineer is assigned to configure an account attribute. The requirements are:

Purpose: Flag privileged accounts

Read from: Financial application, privileged attribute

Calculate from: Keystore application, responsibility-code attribute

Usage 1: Display as option in Advanced Analytics

Usage 2: Use when writing rules

Usage 3: Include in policies

Does the engineer need to set this configuration option on the account attribute to meet the requirements?

Solution: Source Mappings: Application Rule

A.

Yes

B.

No

Full Access
Question # 6

Is the following true of Identity Provisioning Policies?

Solution: Identity Provisioning Policies can be used to include allowed-values definitions or validation logic on fields so that only valid/authorized values can be specified for those fields when using the Create Identity feature to add an identity.

A.

Yes

B.

No

Full Access
Question # 7

Can a Workgroup be used for the following scenario?

Solution: Providing a group of users with specific capabilities.

A.

Yes

B.

No

Full Access
Question # 8

Can the following be achieved via configuration of control variables in the out-of-the-box Lifecycle Manager (LCM) workflows?

Proposed Solution:

Specify which applications support new account requests.

A.

Yes

B.

No

Full Access
Question # 9

Is this a piece of information that an engineer needs when initially setting up a new IdentityIQ sandbox environment?

Proposed Solution:

the IdentityIQ version

A.

Yes

B.

No

Full Access
Question # 10

Is this a true statement about localization support in IdentitylQ?

Solution: Localized messages can be retrieved from custom Java/BeanShell code using SailPoint APIs.

A.

Yes

B.

No

Full Access
Question # 11

A bank is two years into an ongoing project to provide all access through roles. The bank is actively using roles and actively adding to their role model. They need to ensure that all roles include the correct entitlements.

Will this certification type achieve the goal?

Solution: Account Group Membership Certification

A.

Yes

B.

No

Full Access
Question # 12

Is the following statement about workflow step types and their usage true?

Proposed Solution:

A step named " end " is required to allow the workflow to end correctly.

A.

Yes

B.

No

Full Access
Question # 13

An engineer needs to trigger a workflow when a Division attribute changes from IT to Senior IT, but only when the user is a manager.

Is this a valid process that the engineer could use to launch a workflow for a lifecycle event?

Proposed Solution:

Create a trigger with an event type of rule that checks if the previous value is IT and the new value is Senior IT, and return true if the managerStatus on the user ' s Identity Cube is true.

A.

Yes

B.

No

Full Access
Question # 14

Can a Workgroup be used for the following scenario?

Solution: Automatically creating multiple groups based on the values of a single identity attribute.

A.

Yes

B.

No

Full Access
Question # 15

An engineer is assigned to configure an identity attribute. The requirements are:

Purpose: Add a user ' s security clearance to their identity

Read from: Workday; if not found in Workday, Contractor file; otherwise, leave empty

Usage 1: Display as option in Advanced Analytics

Usage 2: Use when writing rules

Usage 3: Can be updated through the Edit Identity Quicklink, but Workday is authoritative

Usage 4: List as entitlement on Identity Cubes

Does the engineer need to set this configuration option on the identity attribute to meet the requirements?

Proposed Solution:

Entitlement

A.

Yes

B.

No

Full Access
Question # 16

Is this configuration option required when an engineer sets up a SCIM 2.0 application?

Solution: Comment Character

A.

Yes

B.

No

Full Access
Question # 17

An engineer is assigned to configure an account attribute. The requirements are:

Purpose: Flag privileged accounts

Read from: Financial application, privileged attribute

Calculate from: Keystore application, responsibility-code attribute

Usage 1: Display as option in Advanced Analytics

Usage 2: Use when writing rules

Usage 3: Include in policies

Does the engineer need to set this configuration option on the account attribute to meet the requirements?

Solution: Edit Mode: Read Only

A.

Yes

B.

No

Full Access
Question # 18

Can the Environment tab under ‘Administrator Console’ be used to do the following task?

Proposed Solution:

View status of installed SailPoint modules/extensions.

A.

Yes

B.

No

Full Access
Question # 19

Can the search type in Syslog be used to accomplish this result?

Solution: Launching a certification using the search results

A.

Yes

B.

No

Full Access
Question # 20

Can the following action be performed using Rapid Setup application onboarding?

Solution: Specify account correlation by mapping an identity attribute to an account attribute.

A.

Yes

B.

No

Full Access
Question # 21

Is the following a valid role option that can be configured?

Proposed Solution:

Configure a role that can be requested only if the user already has a related role.

A.

Yes

B.

No

Full Access
Question # 22

Is this configuration option required when an engineer sets up any application?

Proposed Solution:

Create Policy

A.

Yes

B.

No

Full Access
Question # 23

Is this statement true about email templates or behavior within them?

Solution: Whole paragraphs cannot be included or omitted based on conditional tests, such as #if (SremindersRemaining > 0). Only individual lines can be omitted in this manner.

A.

Yes

B.

No

Full Access
Question # 24

Is this where email templates can be viewed after product installation?

Proposed Solution:

In the Debug page as an EmailTemplate object.

A.

Yes

B.

No

Full Access
Question # 25

An engineer needs to trigger a workflow when a Division attribute changes from IT to Senior IT, but only when the user is a manager.

Is this a valid process that the engineer could use to launch a workflow for a lifecycle event?

Proposed Solution:

Create a trigger with an event type of create.

A.

Yes

B.

No

Full Access
Question # 26

Assuming that the policy violation owner has the necessary permissions, is this a valid option for the policy violation owner to use when acting on a policy violation of type ' Role SOD Policy?

Solution: Schedule Policy Composition Certification

A.

Yes

B.

No

Full Access
Question # 27

The engineer is working on a workflow implementation.

After a form step, the workflow can transition to three steps:

Stop if the Reject (back) button is used,

Audit if the Approve (next) button is used and the field named comment is returned from the form to the workflow variable comment and has a value,

Provision otherwise.

The engineer writes the transitions in XML code.

Is this a valid implementation?

Proposed Solution:

< Transition to= " Stop " when= " !ref:approved " / >

< Transition to= " Audit " when= " script:sailpoint.tools.Util.isNotNullOrEmpty(comment); " / >

< Transition to= " Provision " / >

A.

Yes

B.

No

Full Access
Question # 28

Is this a question that an engineer should ask the customer when initially setting up a new IdentitylQ test environment?

Solution: Does the customer need a deployment accelerator? "

A.

Yes

B.

No

Full Access
Question # 29

Can the Provisioning tab under " Administrator Console ' be used to do the following task?

Solution: Manually retry the provisioning attempt for pending transactions.

A.

Yes

B.

No

Full Access
Question # 30

Assuming that the policy violation owner has the necessary permissions, is this a valid option for the policy violation owner to use when acting on a policy violation of type ' Account Policy ' ?

Proposed Solution:

Schedule Policy Composition Certification

A.

Yes

B.

No

Full Access
Question # 31

IdentityIQ has been installed and set up with the contents of IdentityExtended.hbm.xml.

Is this a correct statement about the installation?

Proposed Solution:

An unlimited number of additional searchable placeholder extended attributes can be added to this installation beyond the 10 shown.

A.

Yes

B.

No

Full Access
Question # 32

Is the following statement true about out-of-the-box reporting?

Solution: In the Reporting user interface, instances of reports are located on the ' My Reports ' tab, and templates are located on the ' Reports ' tab.

A.

Yes

B.

No

Full Access
Question # 33

Is the following true of Identity Provisioning Policies?

Proposed Solution:

If no Update Identity Provisioning Policy is defined for the installation, the Create Identity Provisioning Policy will be used in Edit Identity operations.

A.

Yes

B.

No

Full Access
Question # 34

An engineer needs to first create a custom audit event and then set up an associated report.

What are four steps to accomplish this goal?

Proposed Solution:

Set up a new AuditAction in the AuditConfig object XML:

< AuditAction displayName= " Custom New Audit Event " enabled= " true " name= " actionname " / >

A.

Yes

B.

No

Full Access
Question # 35

Is this statement correct about writing and executing source mapping rules to populate identity attributes?

Solution: The rule type must be IdentityAttribute.

A.

Yes

B.

No

Full Access
Question # 36

Is this a purpose of an IdentitylQ certification?

Solution: to attest lo a user ' s system access

A.

Yes

B.

No

Full Access
Question # 37

Is the following statement about IdentityIQ rule inputs and outputs correct?

Proposed Solution:

The default description of a Rule, which originates from the Rule Registry, usually provides information about the Rule ' s purpose and its expected output.

A.

Yes

B.

No

Full Access
Question # 38

Is this a correct procedure for testing generated emails in a non-production system?

Solution: Change the Email Notification Type to POP3 under Global Settings > Configure IdentitylQ Settings > Mail Settings, run the test scenario. and verity if the emails were successfully delivered to mailboxes specified on Identity objects.

A.

Yes

B.

No

Full Access
Question # 39

Is this a purpose of an IdentityIQ certification?

Proposed Solution:

to attest assignment of roles to users

A.

Yes

B.

No

Full Access
Question # 40

Is the following statement about workflows and sub-workflows (subprocesses) true?

Proposed Solution:

Many standard LCM sub-workflows can be leveraged in custom workflows, with their behavior controlled via input variables.

A.

Yes

B.

No

Full Access
Question # 41

Is this statement true about email templates or behavior within them?

Solution: Only identity object attributes or methods can be accessed through the reference variables of a template ' s input arguments.

A.

Yes

B.

No

Full Access
Question # 42

Is this a default functionality of the Lifecycle Manager (LCM) module?

Proposed Solution:

Launch Certification Campaign

A.

Yes

B.

No

Full Access
Question # 43

A customer wants to make changes in their IdentitylQ user interface. Consider branding and other IdentitylQ Ul changes. Is this statement valid?

Solution: Text on the login page is set through message keys in the message catalog.

A.

Yes

B.

No

Full Access
Question # 44

Is this statement valid regarding the control and usability of the Debug pages in IdentitylQ?

Solution: The application server must be restarted after reloading the logging file through the Debug-Logging page.

A.

Yes

B.

No

Full Access
Question # 45

Is this a purpose of an IdentitylQ certification?

Solution: to review a snapshot of a user ' s system access

A.

Yes

B.

No

Full Access
Question # 46

Is the following statement about IdentitylQ rule inputs and outputs correct?

Solution: The lypical input variables for a rule are listed in the BeanShell rule editor in IdentitylQ, based on the rule registry.

A.

Yes

B.

No

Full Access
Question # 47

Can the following be achieved via configuration of control variables in the out-of-the-box Lifecycle Manager (LCM) workflows?

Proposed Solution:

Specify the email template for notifications.

A.

Yes

B.

No

Full Access
Question # 48

A client wants users who belong to an IdentitylQ workgroup named Management to be able to request entitlements and roles, but only for other users whose location attribute is the same as theirs.

Is this a population that will achieve the goal?

Solution: Create a quicklink population, set the membership match list to the IdentitylQ workgroup " Management, " and set " Who can members request for? " as report to the requester.

A.

Yes

B.

No

Full Access
Question # 49

Is this a purpose of an IdentitylQ certification?

Solution: to attest to a user ' s integrity

A.

Yes

B.

No

Full Access
Question # 50

Is this a correct procedure for testing generated emails in a non-production system?

Proposed Solution:

Change the Email Notification Type to IMAP under Global Settings > Configure IdentityIQ Settings > Mail Settings, run the test scenario, and verify if the emails were successfully delivered to mailboxes specified on Identity objects.

A.

Yes

B.

No

Full Access
Question # 51

Can the following IdentityIQ object be extended to store client-specific data by updating the corresponding .HBM file?

Proposed Solution:

CertificationItem

A.

Yes

B.

No

Full Access
Question # 52

Is this a default functionality of the Lifecycle Manager (LCM) module?

Solution: Define Application

A.

Yes

B.

No

Full Access
Question # 53

Is this statement valid regarding the control and usability of the Debug pages in IdentitylQ?

Solution: The current version and patch level of IdentitylQ can be found through the Debug-About page.

A.

Yes

B.

No

Full Access
Question # 54

is the following a valid role option that can be configured?

Solution: Configure a role to include a set of IdentitylQ capabilities.

A.

Yes

B.

No

Full Access
Question # 55

An engineer needs to first create a custom audit event and then set up an associated report. What are four steps to accomplish this goal?

Solution:

A.

Yes

B.

No

Full Access
Question # 56

Is this an example of a mover lifecycle event?

Solution: A contractor whose contract expired and accounts were disabled has a new contract with the company; the contractor needs all of their previous accounts enabled.

A.

Yes

B.

No

Full Access
Question # 57

Can the search type in Syslog be used to accomplish this result?

Solution: Identifying all Link objects from a particular application

A.

Yes

B.

No

Full Access
Question # 58

An engineer needs to first create a custom audit event and then set up an associated report.

What are four steps to accomplish this goal?

Proposed Solution:

Write logic in a BeanShell rule, task, or workflow step to created the audit event, populated with the appropriate data values.

A.

Yes

B.

No

Full Access
Question # 59

The engineer is configuring a new application definition.

The customer wants an Audit record to be created with the error message, if provisioning fails.

Is this the rule an engineer should write to accomplish the goal?

Solution: Configure a Postlterate rule

A.

Yes

B.

No

Full Access