Security Model
For which two TYPES of conditions can you create a Conditional Security restriction. (Choose Two) a. CLASS b. GLOBAL c. LOGICAL d. EXPRESSION e. CONDITIONAL
CLASS, EXPRESSION
For which two TYPES of conditions can you create a Global Data Restriction. (Choose Two) a. CLASS b. GLOBAL c. LOGICAL d. EXPRESSION e. CONDITIONAL
CLASS, EXPRESSION
Which of the following steps is not used to convert from Native Maximo authentication to LDAP authentication? a. Configure IBM Websphere b. Configure Maximo web.xml files c. Configure a Maximo cron task for synchronization d. Configure the Maximo database with an LDAP tool
Configure the Maximo database with an LDAP tool
When using LDAP with Maximo, which of the following is authenticated? a. E-mail b. Password c. User Name d. Security Group e. First Name and Last Name
Password, User Name
Authentication :a. Is the validation of user credentials (username and password) b. Is both user credential validation and application access c. Controls which users can work with which application d. Is always LDAP controlled through IBM Websphere
The correct answer is: Is the validation of user credentials (username and password)
For which of the following is the best use of the mxe.sec.IPblock.num property? a. To control the number of user sessions or windows. b. To set the number to block intrusion attempts c. For none of the above d. For both of the above.
To set the number to block intrusion attempts.
How do you remove self-registration access from Maximo in a local environment? Select one a. Change the properties in the maximo.properties file b. Change the properties, and rebuild then redeploy the EAR file c. Use the Database Configuration Application to change the value of two newuserlabel and newuserlink messages to $nbsp d. None of the above. You cannot remove the label nor the link " from the Maximo sign-in page
Use the Database Configuration Application to change the value of two newuserlabel and newuserlink messages to $nbsp
Native Authentication: Select one: a. Is not used by Maximo b. Is controlled by a Maximo cron task c. Bypasses IBM Websphere and communicates with an LDAP " tool d. Uses java encryption to check user credentials against the Maximo database
Uses java encryption to check user credentials against the Maximo database
What status does a User (record) require to access Maximo? Select one: a. Active b. Licensedc. Approved d. Operational
a. Active
When LDAP is used, which two elements cannot be changed in Maximo? Select one or more: a. Passwords b. Usernames c. Security Group Privileges d. User's Email Address
a. Passwords b. Usernames
What happens when a user exceeds the forgotten password allowed attempts? a. The user becomes blocked. b. The user should check their email for instructions. c. The user must wait one hour before attempting to login again. d. Nothing, users are always allowed an unlimited number of attempts
a. The user becomes blocked.
For which one of the following would you typically use Conditional Security? a. To control data access for a specific security group b. To control data access for a specific user c. To control data access into the system d. To control data access for all users e. All of the above
a. To control data access for a specific security group
A person could be associated with both a user record and a labor record. Select one: a. True b. False
a. True
A user must have access to at least one site within a labor's organization before the system adds the assigned labor authorization to the user's security profile? a. True b. False
a. True
A user must have access to both storeroom and the storeroom's site before the system adds the authorization to the user's security profile? a. True b. False
a. True
Any individual who might appear in a text field in Maximo should have a person record?
a. True
Apart from LDAP, a user can change their own password in Maximo? a. True b. False
a. True
For the VMMSYNC cron task, the Principal parameter is the IBM Websphere User ID. a. True b. False
a. True
In order for a user to have access to an application. They must have access to at least one site among their assigned security groups. a. True b. False
a. True
Login tracking allows you to specify a maximum number of login attempts and is required for electronic auditing. a. True b. False
a. True
One way to build a security model is to use two independent groups with one independent security group to configured for site access and another for Application access? a. True b. False
a. True
The default security group for new users is the security group to which Maximo automatically assigns new users, including those who self- register. a. True b. False
a. True
The limits and tolerances that you specify for a group are at the organization level, however, users inherit only authorizations for those sites to which they have access? Select one: a. True b. False
a. True
The security controls window accessed from the Users application is the same as the security controls window accessed from the Security Group's Application? a. True b. False
a. True
Use the Security Groups Application to set a user's authorization. a. True b. False
a. True
When there is conflict among combine (dependent) security groups, Maximo's business process calculates and grants the highest level of access? a. True b. False
a. True
When you create a user record, you must also create the associated person record if one does not exist. a. True b. False
a. True
A user can only be a member of one Independent security group, but can a member more than one dependent group? Select one: a. True b. False
b. False
NEWREG is the only initial status allowed for self-registered users? a. True b. False
b. False
The labor application is at the organization level and therefore any user who has labor authorization, and access to one site in the organization, can view labor for all sites in the organization, regardless of their site access? Select one: a. True b. False
b. False
When creating a new user, what other entity must also exist? Select one: a. Labor Record b. Person Record c. Labor Group d. Person Group
b. Person Record
Which type of object level Global Data Restriction would you use to HIDE records? a. HIDDEN b. QUALIFIED c. RESTRICTED d. READ ONLY
b. QUALIFIED
Which type of object level restriction would you use to HIDE records? a. HIDDEN b. QUALIFIED c. RESTRICTED d. READ ONLY
b. QUALIFIED
Which of the following statements is true when a user has application access but no site access? a. The user cannot open the application. b. The user can open the application, but cannot view nor create records. c. The user can open the application and view records, but cannot create records. d. The user can open the application and view records, but must specify a site to view or create records.
b. The user can open the application, but cannot view nor create records.
How would you view the access and privileges of one or more security groups? a. View the Person record of the individual. b. Use the Security Group Access Report. c. Use the Groups tab of the User's Application. d. Use the Security Group's Application's View Security Profile window.
b. Use the Security Group Access Report.
What is the purpose of self-registration? a. To shorten the approval process for administrators b. To allow users to begin working with Maximo c. To allow users to request access to Maximo d. All of the above
c. To allow users to request access to Maximo
What is the strategy or strategies that you could use to design and create security groups? Select one: a. Create a group for each criterion and assign users to a combination of groups. b. Create a group for each role and assign users to their applicable role or roles. c. Create both dependent and independent groups. d. All of the above could be used.
d. All of the above could be used.
The LDAPSYNC cron task can be used with: Select one: a. Microsoft Active Directory (MSAD) b. IBM Trivoli Directory Server (TDS) c. Neither IBM TDS and MSAD d. Both IBM TDS and MSAD
d. Both IBM TDS and MSAD
What is the purpose of the Authorize Group Reassignment function? a. To assign a user to the security group b. To authorize users for a security group c. To authorize a user to modify a security group d. To authorize a user to assign users to a security group
d. To authorize a user to assign users to a security group
For which one of the following would you typically use a Global Data Restriction? a. To control data access for a specific security group b. To control data access for a specific user c. To control data access intro the system d. To control data access for all users e. All of the above
d. To control data access for all users
Security can be configured to block IP addresses for which of the following? a. Too many logins, only. b. Too many forgotten passwords, only. c. Too many logins or too many forgotten passwords, only. d. Too many logins, too many forgotten passwords, or too many self-registration attempts.
d. Too many logins, too many forgotten passwords, or too many self-registration attempts.
How do you determine the name of the attribute for a fields in an application? a. By its label b. Use the F3 key c. Double click on the field d. Use the Alt+F1 key combination e. You can only find the attribute name in the database
d. Use the Alt+F1 key combination
LDAP Authentication: Select one: a. Is not used by Maximo b. Uses only the VMMSYNC cron task c. Uses only the LDAPSYNC cron task d. Uses either the VMMSYNC or LDAPSYNC cron task
d. Uses either the VMMSYNC or LDAPSYNC cron task
The VMMSYNC cron task can be used with: Select one: a. Microsoft Active Directory (MSAD) b. IBM Trivoli Directory Server (TDS) c. Neither IBM TDS and MSAD d. Both IBM TDS and MSAD
s: IBM Trivoli Directory Server (TDS)