매달, 우리는 1000명 이상의 사람들이 시험 준비를 잘하고 시험을 잘 통과할 수 있도록 도와줍니다.
SailPoint Certified IdentityNow Engineer 온라인 연습
최종 업데이트 시간: 2025년01월12일
당신은 온라인 연습 문제를 통해 SailPoint IdentityNow Engineer 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 IdentityNow Engineer 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 108개의 시험 문제와 답을 포함하십시오.
정답:
Explanation:
Yes, the search syntax @accounts( source.name:"AD" AND state:"disabled" ) is correct for finding identities with disabled AD accounts. In this case, the query filters accounts based on the state being "disabled," which is valid and effective for identifying disabled accounts.
Key Reference from SailPoint Documentation:
Search by Account State: Using state:"disabled" is an accurate way to search for disabled accounts in SailPoint IdentityNow.
정답:
Explanation:
The search syntax @accounts( source.name:"AD" AND disabled:false ) is not correct for finding disabled AD accounts. This query would return accounts that are not disabled because it is filtering for disabled:false. To find disabled accounts, the filter should specify disabled:true.
Key Reference from SailPoint Documentation:
Search Syntax for Disabled Accounts: To search for disabled accounts, the condition should check for disabled:true.
정답:
Explanation:
Yes, when using the AWS deployment option, SailPoint shares an Amazon Machine Image (AMI) with the customer’s AWS account in the selected region. This AMI contains the pre-configured Virtual Appliance (VA) image that the customer can use to deploy within their own AWS environment, simplifying the deployment process and ensuring compatibility with AWS services.
Key Reference from SailPoint Documentation:
AWS AMI for VA Deployment: SailPoint provides a dedicated AMI that is shared with customers in their chosen AWS region to facilitate the deployment of the Virtual Appliance.
정답:
Explanation:
No, when deploying the Virtual Appliance (VA) in Azure, the IdentityNow engineer does not necessarily need to use the Azure CLI to deploy the VA image. While using the Azure CLI is one option, SailPoint provides multiple ways to deploy the VA in Azure, including using the Azure portal or ARM (Azure Resource Manager) templates. The process does not mandate using the CLI specifically.
Key Reference from SailPoint Documentation:
Azure VA Deployment Methods: SailPoint supports multiple methods for deploying the VA in Azure, including through the Azure portal or ARM templates, without requiring the CLI.
정답:
Explanation:
No, when deploying the Virtual Appliance (VA) using the AWS deployment option, the IdentityNow engineer does not need to convert the VA image. SailPoint provides an AWS-compatible Amazon Machine Image (AMI) that can be directly used to deploy the VA in AWS without any additional conversion steps. The AMI is shared with the customer’s AWS account, allowing for a streamlined deployment process.
Key Reference from SailPoint Documentation:
VA Deployment in AWS: SailPoint provides a ready-to-use AMI for AWS deployments, and no image conversion is necessary for this deployment method.
정답:
Explanation:
No, this statement describes Manager Certification rather than Manager Correlation. Manager Certification refers to an approval process in which managers are required to periodically review and approve the access rights of their direct reports. This is a governance feature used to ensure that employees only have the access they need, and it helps managers validate their team’s access periodically. Manager Correlation, on the other hand, is about linking identities to their managers based on attributes.
Key Reference from SailPoint Documentation:
Manager Certification vs. Manager Correlation: While Manager Certification involves periodic review and approval of access by managers, Manager Correlation is strictly about linking identities to their respective managers based on defined attributes.
정답:
Explanation:
Yes, this correctly describes Manager Correlation in SailPoint IdentityNow. Manager Correlation is the process of linking the manager of a given identity based on the value of an attribute in an account or identity profile, such as an employee's manager attribute. This allows the system to automatically identify and associate the correct manager for an identity, which can be important for tasks like access approvals and certification reviews.
Key Reference from SailPoint Documentation:
Manager Correlation Process: Manager correlation involves linking an identity to its manager based on specific attributes in the identity or account, such as the managerId or similar fields.
정답:
Explanation:
Yes, checking for missing critical attributes like lastname, email, or uid is a valid step when troubleshooting an identity listed under "Identities with Errors" in SailPoint IdentityNow. These attributes are often required for proper identity processing, synchronization, and provisioning. If any of these attributes are missing or incorrectly configured, it could result in errors, preventing the identity from being fully processed by the system.
Key Reference from SailPoint Documentation:
Identity Attributes and Error Handling: SailPoint IdentityNow requires certain core identity attributes (such as lastname, email, uid) to be present and correctly populated. Missing or invalid values for these attributes can lead to errors and prevent identity synchronization or provisioning.
정답:
Explanation:
Yes, an SoD policy can define mitigating controls. Mitigating controls are measures put in place to reduce the risk of having conflicting duties. For example, if it's not possible to completely segregate duties due to resource constraints or other business factors, mitigating controls such as enhanced auditing, periodic reviews, or dual approvals can be defined to manage the risk. SailPoint IdentityNow allows for the creation of SoD policies that include such mitigating controls to ensure compliance with security and governance requirements.
Key Reference from SailPoint Documentation:
Mitigating Controls in SoD Policies: SailPoint supports the definition of mitigating controls within SoD policies to manage and reduce risks when full separation of duties cannot be achieved.
정답:
Explanation:
No, an SoD (Separation of Duties) policy does not require a control matrix to be defined. While a control matrix can be a useful tool for organizations to visualize and enforce SoD policies by mapping roles to potential conflicting access rights, it is not a mandatory component of an SoD policy. An SoD policy primarily focuses on preventing conflicts of interest by ensuring that no individual has access to perform conflicting tasks within a business process (e.g., approving and processing payments). The control matrix is a recommended method for managing SoD but not a requirement.
Key Reference from SailPoint Documentation:
SoD Policy Overview: SailPoint recommends structuring SoD policies to focus on preventing conflicting access but does not mandate the use of a control matrix, which is an optional best practice for visualizing these controls.
정답:
Explanation:
No, verifying that the VA is configured for automatic updates by setting autoupdate=true in the config.yaml file is not directly related to troubleshooting a failed status on the VA. While keeping the VA updated is important for long-term stability and functionality, the configuration for automatic updates does not resolve immediate connection or service failure issues. The troubleshooting focus should be on network connectivity, service status, and log reviews.
Key Reference from SailPoint Documentation:
VA Autoupdate Configuration: Configuring the VA for automatic updates is a best practice for maintaining up-to-date software but is not a direct troubleshooting step for addressing an immediate VA failure.
정답:
Explanation:
Yes, reviewing the log files in the /home/sailpoint/log directory is a standard troubleshooting step for diagnosing a failed VA. The log files, such as relay.log, vs_agent.log, and others, can provide detailed error messages and insights into what might be causing the VA failure, such as connectivity issues, service failures, or configuration problems.
Key Reference from SailPoint Documentation:
Log Files for VA Troubleshooting: SailPoint's best practices for troubleshooting VA issues involve reviewing log files to check for error messages or warnings that can help identify the root cause of the failure.
정답:
Explanation:
Yes, verifying that the Virtual Appliance (VA) has connectivity to the internet is a critical step when
troubleshooting a "failed" status in IdentityNow. The VA requires internet connectivity to communicate with SailPoint IdentityNow’s cloud services for synchronization, updates, and other key functions. If the VA is unable to reach the internet, it can lead to a failed status. Logging in to the VA’s console to test network connectivity (e.g., using ping or curl commands) is an important step in diagnosing the issue.
Key Reference from SailPoint Documentation:
VA Internet Connectivity Troubleshooting: SailPoint recommends checking the network connectivity as one of the first steps when the VA shows a failed status.
정답:
Explanation:
The provided transform is of type "Concat", which means it concatenates values from multiple sources. In this case, it appears to be concatenating the "cn" value with the "displayName" attribute of an identity. The "type": "IdentityAttribute" section specifies that the transform is pulling the "displayName" attribute from the identity object.
Given the input where the displayName is "Thomas Miller", the expected output is in the format cn=Thomas Miller,ou=users,dc=example, which aligns with the displayed output in the example. The transformation concatenates the displayName value with the rest of the distinguished name (DN), which is a common use case for generating a DN from user attributes.
Key Reference from SailPoint Documentation:
Concat Transform in IdentityNow: The concat transform is used to join multiple attribute values, and in this example, it successfully creates the expected DN string using the provided displayName input.
정답:
Explanation:
No, the Virtual Appliances (VAs) should not reside in A, which represents the SailPoint cloud environment. VAs are typically deployed in the on-premises network to interface directly with internal resources like Active Directory, databases, and applications. The cloud environment is where IdentityNow services are hosted, but the VAs need to be positioned closer to on-premise resources to manage identity synchronization and provisioning tasks.
Key Reference from SailPoint Documentation:
VA Placement Recommendations: Virtual Appliances are deployed in the on-premise network rather than the cloud, to ensure they have direct and secure access to internal resources.