Is this a correct procedure for testing generated emails in a non-production system?
Solution: Change the Email Notification Type to Redirect to file using FTP protocol under Global Settings > Configure IdentitylQ Settings > Mail Settings, run the test scenario, and verify that the email text saved to the redirected file.
Is this configuration option required when an engineer sets up any application?
Proposed Solution:
Create Policy
Can the search type in Syslog be used to accomplish this result?
Solution: Identifying details of a system error presented in the Ul
Can the Provisioning tab under " Administrator Console ' be used to do the following task?
Solution: Manually retry the provisioning attempt for pending transactions.
IdentityIQ has been installed and set up with the contents of IdentityExtended.hbm.xml.
Is this a correct statement about the installation?
Proposed Solution:
An unlimited number of additional searchable placeholder extended attributes can be added to this installation beyond the 10 shown.
Is the following true of Identity Provisioning Policies?
Solution: Identity Provisioning Policies can be used to include allowed-values definitions or validation logic on fields so that only valid/authorized values can be specified for those fields when using the Create Identity feature to add an identity.
IdentityIQ is using emails to notify users about completion of steps within a process, or actions that need to be addressed. To ensure this notification is working, a main configuration must be set up in IdentityIQ to provide mail server and mail server authentication details.
Is this a required setting that an engineer must set up in IdentityIQ in order to ensure successful communication with the SMTP server?
Proposed Solution:
SMTP Port
Can the Provisioning tab under " Administrator Console ' be used to do the following task?
Solution: View the specific operations on each attribute being provisioned.
Is this statement correct about writing and executing source mapping rules to populate identity attributes?
Solution: The Identity object is passed to the rule.
Can the Provisioning tab under " Administrator Console ' be used to do the following task?
Solution: Map the associated WorkflowCase to a particular Provisioning Transaction.
Is this a question that an engineer should ask the customer when initially setting up a new IdentitylQ test environment?
Solution: Does the customer need a deployment accelerator? "
Can the following IdentityIQ object be extended to store client-specific data by updating the corresponding .HBM file?
Proposed Solution:
Bundle
Can this be achieved using Rapid Setup user interface configuration options?
Solution: Disable an account on a particular application for one set of users and delete the account for another set of users during administrative Terminations.
The engineer is configuring a new application definition.
The customer wants an Audit record to be created with the error message, if provisioning fails.
Is this the rule an engineer should write to accomplish the goal?
Solution: Configure a Postlterate rule
Can the following IdentitylQ object be extended to store client-specific data by updating the corresponding .HBM file?
Solution: Link
Can the following be achieved via configuration of control variables in the out-of-the-box Lifecycle Manager (LCM) workflows?
Solution: Specify which access items may be requested.
is the following a valid role option that can be configured?
Solution: Configure a role to include a set of IdentitylQ capabilities.
Is this a default functionality of the Lifecycle Manager (LCM) module?
Solution: Terminate Identity
An engineer needs to first create a custom audit event and then set up an associated report.
What are four steps to accomplish this goal?
Proposed Solution:
Create a Custom Certification Event Schedule and associated ruleRunner task.
Is this a purpose of an IdentitylQ certification?
Solution: to attest to a user ' s integrity
The engineer uses the sailpoint.api.IdentityService in a BeanShell method to look up and return all account names for an identity on the application ' MagicBox ' . Is this a correct implementation?
Proposed Solution:
import sailpoint.api.IdentityService;
import sailpoint.api.SailPointContext;
import sailpoint.object.Application;
import sailpoint.object.Identity;
import sailpoint.object.Link;
import sailpoint.tools.GeneralException;
public List getAccountNames(SailPointContext context, Identity identity) throws GeneralException {
Application application = context.getObjectByName(Application.class, " MagicBox " );
IdentityService service = new IdentityService(context);
List < String > accountNames = new ArrayList < String > ();
List < Link > links = service.getLinks(identity, application);
if (links != null) {
for (Link link : links) {
accountNames.add(link.getNativeIdentity());
}
}
return accountNames;
}
Can the following IdentitylQ object be extended to store client-specific data by updating the corresponding .HBM file?
Solution: WorkItem
Is this statement valid regarding the control and usability of the Debug pages in IdentitylQ?
Solution: The application server must be restarted after reloading the logging file through the Debug-Logging page.
Is the following statement true?
Solution: Every Link object must be associated to an Identity object
A client needs a custom quicklink, which only managers can launch, in order to launch a simple workflow. Is this a valid step to take during the development of this custom quicklink?
Solution: Set the quicklink options to Tor Others " in order to launch the workflow immediately when the quicklink is clicked.
Can the Environment tab under ‘Administrator Console’ be used to do the following task?
Proposed Solution:
View status of installed SailPoint modules/extensions.
For a user who already has an account on an application and wants to be able to request access to a new account through Manage User Access, does this configuration need to be performed in Lifecycle Manager (LCM)?
Proposed Solution:
Select “Allow requesting new accounts” in the Manage Accounts QuickLink configuration for the user’s QuickLink population.
Is this a valid step to take when importing SailPoint XML file objects into IdentitylQ?
Solution: Import the XML object through the IdentitylQ console.
Can the search type in Identity be used to accomplish this result?
Proposed Solution:
Identifying the number of employees that report to a specific person
Is the following statement true?
Solution: All ManagedAttribute objects associated to an Identity can be viewed on the ' Attributes ' tab from ' View Identity ' QuickLink.
An engineer needs to trigger a workflow when a Division attribute changes from IT to Senior IT, but only when the user is a manager.
Is this a valid process that the engineer could use to launch a workflow for a lifecycle event?
Proposed Solution:
Create a trigger with an event type of create.
Is this an example of a mover lifecycle event?
Solution: An employee quits their job and needs all of their accounts disabled.
Is this statement correct about writing and executing source mapping rules to populate identity attributes?
Solution: All Identity Mappings must use a rule to set the identity attribute.
An engineer is assigned to configure an identity attribute. The requirements are:
Purpose: Add a user ' s security clearance to their identity
Read from: Workday; if not found in Workday, Contractor file; otherwise, leave empty
Usage 1: Display as option in Advanced Analytics
Usage 2: Use when writing rules
Usage 3: Can be updated through the Edit Identity Quicklink, but Workday is authoritative
Usage 4: List as entitlement on Identity Cubes
Does the engineer need to set this configuration option on the identity attribute to meet the requirements?
Proposed Solution:
Entitlement
Is the following statement about workflows and sub-workflows (subprocesses) true?
Solution: Sub-workflows can be nested up to 3 levels only.
Can the search type in Identity be used to accomplish this result?
Proposed Solution:
Identifying details of a system error presented in the UI
Assuming that the policy violation owner has the necessary permissions, is this a valid option for the policy violation owner to use when acting on a policy violation of type ' Account Policy ' ?
Proposed Solution:
Export CSV / Import CSV
Is this a true statement about localization support in IdentitylQ?
Solution: The language displayed in the user interface is always based on the default language selected in the global settings.
Assuming that the policy violation owner has the necessary permissions, is this a valid option for the policy violation owner to use when acting on a policy violation of type ' Role SOD Policy?
Solution: Schedule Policy Composition Certification
Is this a purpose of an IdentitylQ certification?
Solution: to certify user expense reports
Is this what should be performed in order to generate the database script to extend Application attributes in the IdentitylQ database on the initial installation?
Solution: Run a build with the updated schema placed inside it.
Can this be achieved using Rapid Setup user interface configuration options?
Solution: Reassign all object ownership to the user ' s manager during Leaver and Termination events.
An engineer needs to first create a custom audit event and then set up an associated report.
What are four steps to accomplish this goal?
Proposed Solution:
Set up a new AuditAction in the AuditConfig object XML:
< AuditAction displayName= " Custom New Audit Event " enabled= " true " name= " actionname " / >
A client needs a custom quicklink, which only managers can launch, in order to launch a simple workflow. Is this a valid step to take during the development of this custom quicklink?
Solution: Place a quicklink object on the workflow that is to be launched
IdentityIQ is using emails to notify users about completion of steps within a process, or actions that need to be addressed. To ensure this notification is working, a main configuration must be set up in IdentityIQ to provide mail server and mail server authentication details.
Is this a required setting that an engineer must set up in IdentityIQ in order to ensure successful communication with the SMTP server?
Proposed Solution:
Mail Server Certificate
Can the following be achieved via configuration of control variables in the out-of-the-box Lifecycle Manager (LCM) workflows?
Proposed Solution:
Specify which applications support password change requests through the IdentityIQ user interface.
Assuming that the policy violation owner has the necessary permissions, is this a valid option for the policy violation owner to use when acting on a policy violation of type ' Account Policy ' ?
Proposed Solution:
Allow
Is this a valid statement about connector rules?
Solution: A Post-Iterate Rule, if configured, is run after reading accounts from a SQL Loader application.
Is this statement true about the IdentityIQ Audit functionality and/or options?
Proposed Solution:
The majority of IdentityIQ’s auditing is managed through the Audit Configuration page in the UI.
An engineer is developing an instance of IdentitylQ using the Services Standard Build (SSB) for a client. Is this a valid action the engineer can perform when setting up or using the SSB?
Solution: Place the patch jar file in the build ' s base/patch folder that matches the patch version the client is using
Is this an example of a joiner lifecycle event?
Proposed Solution:
An employee, who has not previously been with the company, is hired and needs all new access and new accounts for company systems.
Is this a valid step to take when importing SailPoint XML file objects into IdentityIQ?
Proposed Solution:
Select the file from Global Settings > Import From File.
A customer wants to make changes in their IdentitylQ user interface. Consider branding and other IdentitylQ Ul changes. Is this statement valid?
Solution: The sets of columns displayed in most tables in the IdentitylQ user interface are controlled by entries in the ColumnConfig elements of the UlConfig object.
Is this statement true about certifications?
Solution: All certifications include generation, the active period, sign-off, and the end period.
Assuming that the policy violation owner has the necessary permissions, is this a valid option for the policy violation owner to use when acting on a policy violation of type ' Account Policy ' ?
Proposed Solution:
Schedule Policy Composition Certification
For a user who wants to be able to enable an account for a subordinate or themselves through Manage Accounts, does this configuration need to be performed in Lifecycle Manager (LCM)?
Select the Rehire action under Manage Accounts Options in the LCM Configuration.
Solution: Select the Rehire action under Manage Accounts Options in the LCM Configuration.