1Z0-479 Online Practice Questions and Answers

Which additional cookie needs to be cleared out on performing centralized logout when a Detached Credentials Collector is used in Oracle Access Manager with 11g WebGates?

A. ObSSOCookie

B. DCCCtxCookie

C. _WL_AUTHCOOKIE_JSESSIONID

D. iPlanetDirectoryPro

Which statement is true about Oracle Access Manager 11g session management?

A. Oracle Access Manager 11guses Coherence to reliably cache millions of user sessions simultaneously.

B. Oracle Access Manager 11guses encrypted cookies that track the login time, authentication level, and the idle and maximum session times.

C. Oracle Access Manager 11gsession information is stored in lightweight directory access protocol (LDAP) directory.

D. Oracle Access Manager11grequires an Oracle database to reliably store session information.

Identity two settings that are available from the common settings for a session in Oracle Access Manager system configuration.

A. Session Lifetime

B. Minimum Number of Sessions per User

C. Maximum Number of Sessions per User

D. Session Cache Memory size

E. Session Security Protocol

Identify three attributes that are a part of mobile device fingerprinting by default when Oracle Adaptive Access Manager is used.

A. Operating System Type

B. Hardware IMEI Number

C. Hardware MAC address

D. Hardware IP Address

You are configuring Oracle Entitlements Server (OES) and have a requirement to make a connection to an external Policy Information Point (PIP) in order to retrieve an attribute for use in a condition.

You need to modify the security module configuration to configure the PIP. Which two options do you have for making this modification?

A. Configure the PIP settings in your OES policy and distribute it to each security module as part of the policy distribution.

B. Manually edit thejps-config.xmlfile on each security module.

C. Use the OES admin console to define the PIP settings and write them to a database for each security module to retrieve during bootstrap.

D. Use the SMConfig UI to configure the settings.

What extra configuration must be performed only when a detached Credentials Collector is separated from a Resource WebGate and not when they are combined?

A. The Allow Credential Collector Operations check box must be selected.

B. The Resource WebGate should set the Logout Redirect URL to the Detached Credentials Collector'slogout.pl.

C. The Allow Token Scope Operations check box must be selected.

D. The IP Validation check box must be selected.

By default, which four Oracle Access Management platform components write attributes into the Identity Context? (Choose four.)

A. Oracle Entitlements Server

B. Oracle Access Manager

C. Oracle Security Token Service

D. Oracle Enterprise Single Sign-On

E. Oracle Access Management Mobile and Social

F. Oracle Adaptive Access Manager

Which statement is true about the Detached Credentials Collector (DCC) used in Oracle Access Manager?

A. It is the default credentials collector for Oracle Access Manager 11gR1.

B. It is the default credentials collector for Oracle Access Manager 11gR2.

C. It is supported only by OracleAccess Manager 11gR1.

D. It is supported only by Oracle Access Manager 11gR2.

In a high availability deployment for Oracle Access Manager, which configuration will make sure that the Request to Login page goes to the load balancer?

A. changing Server Host, Port, and Protocol from the WebLogic administration console

B. changing Server Host, Port, and Protocol in a WebGate or an agent configuration

C. changing Server Host, Port, and Protocol in a Credentials Collector configuration

D. changing Server Host, Port, and Protocol in Access Manager settings under System configuration from the Oracle Access Management console

Your portfolio trading customer is using Oracle Entitlements Server (OES) to externalize authorization decisions from their share dealing application.

The trading customer has stipulated the following policy need to be implemented:

-Customers can purchase shared only if their credit limit is 20% higher than the value of the shares in their basket at checkout.

The value of basket and a customer's credit limit are both available in the application, and can be passed to OES as part of an authorization request if required.

You are looking to implement the most efficient policy within OES. Which three steps would you implement?

A. Configure a Policy Information Point (PIP) to retrieve the basket value and credit limit from an internal system.

B. Configure an authorization policy to include a condition that executes a custom function.

C. Configure the application to include the basket value and credit limit in the authorization request.

D. Create a custom function to calculate the difference between the basket value and the credit limit.

E. Use a PIP to call a web service that returns the calculated difference between the basket value and the credit limit.

F. Return an obligation that contains the difference value so that the application can decide whether to allow the transaction or not.