Upload
robert-torres-flores
View
212
Download
0
Embed Size (px)
Citation preview
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 1/54
© 2015 IBM Corporation
Certification Study Guide
IBM DataPower Gateway v7.1 Soution I!pe!entation
Bi Barru"# $$ C%anne &ec% Sae"# IBM Sy"te!" 'nit Software
Senior Software (n)ineer# Certified I& Speciai"t* ++arru",u".i+!.co!
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 2/54
© 2015 IBM Corporation2
Test C2180-416: IBM DataPower Gateway V7.1, Solt!o"
I#$le#e"tat!o"
- u!+er of /ue"tion" 71
- &i!e aowed 2 %our"
- 3e/uired pa""in) "core 46
- &e"t an)ua)e (n)i"%
- %tt$:&&www.!'#.(o#&(ert!)y&tests&o*rC2180-416.s%t#l
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 3/54
© 2015 IBM Corporation
+e(o##e"e Prere!s!te S!lls / Bas!( "owlee
etworin) 8&CP9IP# DS# oad +aancin)# pacet tracin) and faiover:
P;I 8Di)ita certificate"# Certificate 3evocation <i"t" 8C3<:# SS<:
&ran"port" 8IMS Connect# $e+Sp%ere M=# >MS# ?&P# S?&P and @&&P: AM< 8ASD# AS<&9APat%:
$e+ "ervice" 8SP# $SD< and $SPoicy:
$e+ "ervice" "ecurity 8$SSecurity# AM< encryption and AM< di)ita "i)nature:
Identity !ana)e!ent "oftware and protoco" 8;er+ero"# <DP# ut% and SM<:
S Governance 8we+ "ervice" !ana)e!ent and re)i"trie":
Data !appin) and tran"for!ation"
peration" Mana)e!ent 8o))in) and !onitorin):
(nterpri"e rc%itecture 8Coud# S and (nterpri"e Security:
>avaScript (CM Script 5.1 E
>S E
Per Co!pati+e 3e)uar (Fpre""ion 8PC3(: "yntaF E
E new "i" re/uired "ince ver"ion 5
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 4/54
© 2015 IBM Corporation
Pre$arat!o" sest!o"s
1. $or t%rou)% t%e
Di"coverin) t%e vaue of IBM $e+Sp%ere DataPower S ppiance" a+" and
"tudy t%e eFceent a+ note".
2. &ae t%e two ca""e" if you can.
cceerate# Secure and Inte)rate wit% IBM DataPower H7.1#
d!ini"tration of IBM $e+Sp%ere DataPower Gateway H7
. '"e t%e foowin) re"ource" a" you )o t%rou)% eac% "ection" o+Jective i"t &e"t preparation ta+ $e+ 3e"ource i"ted +y topic "earc% %yperined ter!". DataPower v7.1 ;nowed)e Center t%e officia product docu!entation
. &ae t%e Sa!pe 9 ""e""!ent &e"t if you %ave not taen t%e certification te"t
yet. &%ere are ony 4 /ue"tion"# w%ic% can )ive you a "en"e for t%e for!at of t%e rea te"t#
and it provide" t%e an"wer".
5. &ae note" a" we "tep t%rou)% t%e re!ainin) "ide" to %ep direct your focu" of
"tudy. Study your note" prior to tain) t%e eFa!.
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 5/54
© 2015 IBM Corporation5
Se(t!o"s o) t%e Test
1. r(%!te(tre a" Bas!( Co")!rat!o" 183
2. d!ini"tration and perationa rc%itecture 8216:
. Security Scenario" 8156:
. Inte)ration Scenario" 8216:
5. S Governance Scenario" 846:
4. &rou+e"%ootin) and &unin) 81K6:
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 6/54
© 2015 IBM Corporation4
Se(t!o" 1 - r(%!te(tre a" Bas!( Co")!rat!o"
a. Seect t%e appropriate IBM DataPower Gateway !odue" and for! factor" +a"ed on "pecified u"e ca"e".
+. Seect t%e appropriate u"a)e "cenario" "uc% a" oad +aancin) and redundancy for @i)% vaia+iity.
c. Seect t%e appropriate DataPower "ervice type for a )iven u"e ca"e "cenario. L rc%itectura de"i)n pattern"
C%apter 2.
d. Seect t%e appropriate !e""a)e type and9or !e""a)e eFc%an)e pattern +a"ed on u"e ca"e "cenario". LSP#
AM<# >S# Pa""&%ru and onAM<. L rc%itectura de"i)n pattern" C%apter 2.
e. Identify inte)ration capa+iitie" +etween DataPower and ot%er product". Lfor eFa!pe M=# S=<# $S33# $&A#
and e"peciay front "ide %ander"
f. rc%itect a "ervice con"iderin) capacity# "caa+iity# "ecurity and future )rowt% .
). rc%itect a "ervice con"iderin) faiure %andin)# audit o))in) and !onitorin). L
d!ini"tration# Depoy!ent# and Be"t Practice" C%apter 4
%. Identify t%e i!pication" of ena+in) Co!!on Criteria !ode durin) t%e appiance initiaiNation proce"".
i. Perfor! initia "etup and ena+e!ent of t%e ad!ini"trative interface".
J. Confi)ure a "ervice and a""ociated DataPower o+Ject" u"in) t%e $e+G'I# C<I and AM< Mana)e!entInterface.
. Identify# confi)ure# and depoy u"e ca"e pattern" via t%e Bueprint Con"oe.
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 7/54© 2015 IBM Corporation7
25 P%ys!(al, V!rtal !t!o"
ISM
ProyMole
I"terat!o"
Mole
B2B
Mole
Mole
TIBCMS
Mole
IBM DataPower Gateway i" t%e new na!e of a con"oidated# eFten"i+e O !oduar patfor! Conver)e" t%ree eFi"tin) product"# AG5 9 AI52 9 AB42# into a s!"le #olar o))er!"
vaia+e in p%y"ica and virtua for! factor
P%ys!(al $$l!a"(e 25 ra( #o"t appiance u"in) ate"t )eneration %ardware patfor! Two 'ase e!t!o"s on@SM and @SM 8?IPS 102 <eve certified:
(ac% "oftware !odue i" icen"ed "eparatey
V!rtal !t!o" &%ree edition" Deveoper# onProduction# Production
De*elo$er incude" a so)tware #oles at "o a!t!o"al (ost# eFcept &IBC (MS 9o"-Pro(t!o" incude" a so)tware #oles at "o a!t!o"al (ost# eFcept &IBC (MS O ISM ProFy Pro(t!o" (ac% "oftware !odue i" icen"ed "eparatey
S$$orts V7.1 a'o*e
ll so)tware#oles are )!el
$raea'le
S!"le, #olar ete"s!'le $lat)or# 1
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 8/54© 2015 IBM CorporationK
Moles
ISM Proy Mole'"er acce"" contro# "e""ion!ana)e!ent# we+ SS enforce!ent dvanced !o+ie "ecurity !o+ieSS# conteFt+a"ed acce""# oneti!epa""word# !utifactor aut%nInte)ration wit% ISM for Mo+ie
$$l!(at!o" $t!#!;at!o"Mole
?rontend "ef+aancin)
Bacend intei)ent oad di"tri+utionSe""ion affinityN Sy"peF Di"tri+utor inte)ration
I"terat!o"Mole
nytony !e""a)e tran"for!ation
Data+a"e connectivityMainfra!e IMS connectivity
B2B MoleB2B DM )ateway
(DII& S1#S2#S#e+AM<Partner profie !ana)e!entB2B tran"action viewer nytony !e""a)e tran"for!ationData+a"e connectivity
TIBC MSMole
Inte)rate wit% &IBC (MS !e""a)in)!iddewareSupport for /ueue" O topic"<oad +aancin) O fauttoerance
IBM DataPower Gateway Base
Se(re ut%entication# aut%oriNationSecurity toen tran"ationService 9 PI virtuaiNation&%reat protectionMe""a)e vaidationMe""a)e fiterin)Me""a)e di)ita "i)natureMe""a)e encryption H "cannin) inte)ration
I"terate&ran"port protoco +rid)in)Me""a)e enric%!entMe""a)e tran"for!ation O
proce""in) u"in) >avaScript#>Si/# A=uery# AS<&Mainfra!e inte)ration Oena+e!ent?eFi+e pipeine !e""a)eproce""in) en)ine
Co"trol Ma"aeService eve !ana)e!ent=uota O rate enforce!entContent+a"ed routin)Me""a)e accountin)Inte)ration w9 !ana)e!ent Ovi"i+iity patfor!" incudin) IBM PI Mana)e!ent O $S33 forpoicy enforce!ent
$t!#!;e ))loaSS< 9 &<S offoad@ardware acceerated cryptoE>S# AM< offoad>avaScript# >Si/# AS<&#
A=uery acceeration<oca re"pon"e cac%in)Di"tri+uted cac%in) wit% $ASor AC10Bacend oad +aancin)
25 P%ys!(al or V!rtal !t!o"
S!"le, #olar ete"s!'le $lat)or# 2
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 9/54© 2015 IBM CorporationQ
<!r#ware V7.1, Moles S$$orte Plat)or#s <!r#ware V7.1 deiver"
ISM ProFy Modue to ena+e advance acce"" enforce!ent of !o+ie O we+ u"e ca"e" B2B Modue to ena+e "ecure B2B inte)ration capa+iitie"# for!ery avaia+e on AB42 ony Inte)ration Modue to ena+e inte)ration functionaity incudin) anytoany !e""a)e
tran"for!ation# data+a"e connectivity O !ainfra!e connectivity ;er+ero" S'2Sef functionaity to provide feFi+e aut%entication for Micro"oft environ!ent"
Increa"e in AM< a!e" !aFi!u! to aow for ar)e confi)uration"# 3S O ot%er en%ance!ent" V7.1 "upport" t%e foowin)
IBM DataPower Gateway (Physical and Virtual Edition) XG45 (Physical and Virtual Edition) XI52 (Physical and Virtual Edition), XI5B (242! " 4#$5 %odels) XB!2 (Physical)
ISM Proy #ole re/uire" H7.1 and i" avaia+e on t%e foowin) IBM DataPower Gateway (Physical and Virtual Edition) XG45 (Physical, and Virtual Edition) XI52 (Physical, and Virtual Edition) XB!2 (Physical)
B2B #ole re/uire" H7.1 and i" avaia+e on t%e foowin) IBM DataPower Gateway (Physical and Virtual Edition)
XG45 (Physical, and Virtual Edition) XI52 (Physical, and Virtual Edition)
I"terat!o" #ole re/uire" H7.1 and i" avaia+e on t%e foowin) IBM DataPower Gateway (Physical and Virtual Edition)
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 10/54© 2015 IBM Corporation10
IBM DataPower Gateway ppiance" are t%e indu"tryeadin)Se(r!ty I"terat!o" )ateway" t%at %ep provide se(r!ty# !"terat!o", (o"trol and
o$t!#!;e acce"" to a fu ran)e ofMo+ie# $e+# PI# S# B2B# O Coud woroad"
Co##o" 5se Cases
Internet Trusted Domain
Consumer
Application or Servic
DMZ
Trading partners
1 Mobile Gateway 2 API Gateway
3 Web Gateway
4 B2B Partner
Gateway
5 !A " API Gateway# $B % Inte&ration Gateway
' Internal e(urity $n)or(ement
* Web er+i(es Go+ernan(e "
Mana&ement
,-e&a(y Inte&ration
Consumer
Middleware
z System
DataPower Gateway DataPower Gateway
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 11/54© 2015 IBM Corporation11
Pro(ess!" Pol!(y
- "ervice define" a "in)e poicy
‒ &%e poicy i" enforced t%rou)% rue".
- (ac% rue contain"‒ Matc% action
Define" criteria to deter!ine if inco!in) traffic i" proce""ed +y t%e rue
‒ Proce""in) action"
rue define" one or !ore action" taen on t%e "u+!itted !e""a)e.
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 12/54© 2015 IBM Corporation12
Pro(ess!" +les
- 3ue" %ave t%e foowin) direction"‒ Server to Cient 8re"pon"e:
‒ Cient to Server 8re/ue"t:
‒ Bot% Direction" 8re/ue"t and re"pon"e:
‒ (rror eFecute" w%en error" occur durin) proce""in) in t%e re/ue"t and re"pon"e rue"
- 3ue" %ave priority and can +e reordered.‒ Mutipe rue" !ay !atc% on "a!e '3< can +e reordered
‒ Specific rue" %ave %i)%er priority t%an catc% a rue"
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 13/54© 2015 IBM Corporation1
Mat(%!" +le
- !atc% action aow" you to provide different proce""in) +a"ed on
!atc%in) condition".
- Matc% criteria can +e +a"ed on‒ (rror code vaue
‒ ?uy /uaified '3<
‒ @o"t
‒ @&&P %eader vaue
‒ '3<
‒ APat% eFpre""ion
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 14/54© 2015 IBM Corporation1
Pro(ess!" (t!o"s
- rue con"i"t" of !utipe proce""in) action" wit% "cope
‒ ction" "uc% a" trans&or%ation or 'alidation eFecute durin) t%e re/ue"t orre"pon"e rue 8if any:.
‒ ConteFt" or defined varia+e" wit%in t%e "cope are u"ed to pa"" infor!ation
+etween action".
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 15/54© 2015 IBM Corporation15
Se(t!o"s o) t%e Test
1. rc%itecture and Ba"ic Confi)uration &a"" 81K6:
2. #!"!strat!o" a" $erat!o"al r(%!te(tre 213
. Security Scenario" 8156:
. Inte)ration Scenario" 8216:
5. S Governance Scenario" 846:
4. &rou+e"%ootin) and &unin) 81K6:
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 16/54
© 2015 IBM Corporation14
Se(t!o" 2 - #!"!strat!o" a" $erat!o"al r(%!te(tre
a. Create and ad!ini"ter u"er"# roe"# and 3oe Ba"ed Mana)e!ent on t%e appiance.
+. Seect and confi)ure networ "ettin)" incudin) in a))re)ation and H< "ettin)".c. I!pe!ent confi)uration !ana)e!ent 8i!port# eFport# "ecure +acup and "ecure re"tore.:
d. I!pe!ent @i)% vaia+iity# incudin) ppication pti!iNation# and di"a"ter recovery
"oution" a" t%ey appy to t%e IBM DataPower Gateway.
e. Confi)ure depoy!ent poicie" and depoy!ent poicy varia+e".
f. '"e %o"t na!e" and aia"e" for porta+iity +etween environ!ent".
). Perfor! ta"" u"in) t%e appiance" ad!ini"trative interface" 8C<I# $e+G'I# AM<
Mana)e!ent:.
%. Mana)e appiance fir!ware ver"ion".
i. Mana)e and +acup certificate" and ey" incudin) t%e u"e of t%e @ardware Security
Modue 8@SM:.
J. (na+e !onitorin) for t%e appiance.
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 17/54
© 2015 IBM Corporation17
I"!t!al 9etwor Set$
- '"e t%e nu!ode! ca+e or a 'SBto"eria converter ca+e to connect
t%e ter!ina or PC to t%e S(3I< connector on t%e device.
- (n"ure t%at t%e ter!ina or PC i" confi)ured for "tandard 115200 K1
8Q400 for 71QK9Q or 224 appiance": and no fow contro operation.
- &urn on t%e appiance. Rou "%oud %ear t%e fan" c%an)e "peed a" t%e
"creen di"pay" t%e foowin) infor!ation. DPS... $ait for a few
"econd" for t%e device to +oot.
- <o)in a" ad!in9ad!in.
- 3ead and accept t%e icen"e a)ree!ent. Rou wi +e pro!pted to c%an)e
t%e defaut ad!in pa""word.
- Rou can define t%e +a"e confi)uration in one of t%e foowin) way"‒ $it% t%e start$ co!!and# w%ic% u"e" t%e DataPower in"taation wiNard.
‒ $it% a !anua procedure# w%ic% u"e" a "erie" of DataPower co!!and".
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 18/54
© 2015 IBM Corporation1K
5sers a" +oles
5ser a((o"ts
- Groupdefined‒ &%e rou*de&ined account type e"ta+i"%e" t%i" u"er a" a !e!+er of a u"er )roup.
- Privie)ed‒ &%e ri'ileed account type provide" t%i" u"er wit% acce"" to t%e entire re"ource
"uite fro! t%e $e+G'I and C<I on a do!ain+ydo!ain +a"i". '"er" wit% privie)ed
acce"" can confi)ure and can !onitor a appiance operation".
- '"er‒ &%e user account type provide" t%i" u"er wit% acce"" to view confi)uration detai" to
!o"t# +ut not a# o+Ject".
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 19/54
© 2015 IBM Corporation1Q
5sers a" +oles
5ser Gro$s
user rou repre"ent" a coection of u"er" w%o perfor! "i!iar dutie" and re/uiret%e "a!e eve of acce"" to t%e DataPower appiance.
Creatin) a )roup account
Specify a na!e for t%e u"er )roup.
?or!at of acce"" poicy
addre""9do!ain9re"ourceTcce""Uprivie)e"OLfiedUvaue
&%e aress 8appiance addre"":# o#a!" 8appication do!ain:# and resor(e 8e.) c%an)epa""word#
radiu": )!els !u"t +e fuy "pecified or "pecified wit% an a"teri" 8E:. n a"teri" !atc%e" a vaue". &%e privie)e" "trin) i" co!pri"ed of t%e individua per!i""ion "y!+o" t%at are "eparated +y t%e pu" "i)n 8V:
c%aracter. ?or eFa!pe# t%e "trin) aVdVFVrVw repre"ent" add# deete# eFecute# read# and write per!i""ion". &%e fied toen !u"t +e one of t%e additiona fied" t%at can +e added to t%e "trin). &%e corre"pondin) vaue
can +e a PC3(. (.). a!e# <ocadre""# <ocaPort# etc.
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 20/54
© 2015 IBM Corporation20
+ole-'ase Ma"ae#e"t +BM
- 3oe+a"ed !ana)e!ent con"i"t" of t%e foowin) capa+iitie"
‒ t%e"t!(at!" sers (Ftract t%e u"er identity fro! t%e acce"" re/ue"t and
aut%enticate t%e u"er identity t%at i" pre"ented. ne of t%e foowin) !et%od" can+e u"ed for u"er aut%entication 8<oca '"er# Cu"to!# <DP# 3DI'S# S?#
SP(G# SS< '"er Certificate# AM< ?ie:
‒ *alat!" t%e a((ess $ro)!le &%e acce"" profie define" t%e "et of privie)e"
for one or !ore re"ource" on t%e DataPower appiance. n acce"" profie can
ori)inate fro! any of t%e foowin) credentia !appin) "ource" 8<oca '"erGroup# Cu"to!# AM< ?ie:
‒ ")or(!" a((ess to resor(es fter t%e u"er i" aut%enticated and t%e acce""
profie i" evauated# t%e DataPower appiance enforce" t%e e"ta+i"%ed acce""
profie
(Fa!pe C%ec out "tore9993BMInfo.F! 8found on t%e DataPower fie "y"te!:
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 21/54
© 2015 IBM Corporation21
Co")!rat!o" Ma"ae#e"t =!% *a!la'!l!ty
DataPower Confi)uration
?ie Mana)e!ent
ppication Do!ain" Device" and (nviron!ent
<oad Baancer"# ctive9ctive# ctive9Stand+y Confi)uration
etwor +Ject"
@o"t ia" Static @o"t"
DS Settin)"
3eference %ttp99www.i+!.co!9deveoperwor"9we+"p%ere9i+rary9tec%artice"90K01Wra"
!u""en90K01Wra"!u""en.%t!
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 22/54
© 2015 IBM Corporation22
Ma"a!" !saster re(o*ery
Di"a"ter 3ecovery 8D3: i" t%e a+iity to create a "ecure +acup t%at you can u"e to
recover t%e co!pete confi)uration of a o"t appiance. D3 u"e" a +acupre"tore
proce"" t%at !u"t +e ena+ed. &o c%ec# cic #!"!strat!o" X De*!(e X Syste#Sett!"s. If t%e Ba($ Moe property i" "et to Se(re# di"a"ter recovery i" avaia+e.
- 'nie a "tandard +acup# a "ecure +acup contain"‒ private data fro! t%e appiance 8certificate"# ey"# and u"er data:# w%ic% t%e appiance encrypt"
wit% a cu"to!erprovided certificate and a DataPower certificate.
‒ an unencrypted AM< !anife"t fie# w%ic% incude" infor!ation "uc% a" t%e date of t%e +acup and
t%e fir!ware eve# !ode# and "eria nu!+er of t%e +acedup appiance. Rou can view t%e
unencrypted !anife"t fie.
‒ &%e +acupre"tore proce"" !u"t +e u"ed a!on) appiance" t%at are at t%e "a!e fir!ware eve
and %ave t%e "a!e co!pati+e confi)uration.
- "ecure re"tore doe" not !er)e data. &%e re"tore deete" a private data 8certificate"#
ey"# and u"er data: t%at i" currenty on t%e tar)et appiance.
3eference InfoCenter Y Mana)in) Di"a"ter 3ecovery
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 23/54
© 2015 IBM Corporation2
Co"sol!ate yor !")rastr(tre w!t% $$l!(at!o"
$t!#!;at!o"
- '"e SefBaancin) tec%noo)y to "pread in+ound traffic oad acro""
!utipe DataPower appiance" u"in) a "in)e tar)et.‒ (i!inate t%e need for additiona p%y"ica oad +aancer".
‒ (fficienty di"tri+ute" traffic wit% !ini!a over%ead.
- '"e Intei)ent <oad Di"tri+ution to opti!iNe out+ound
traffic acro"" !utipe de"tination".‒ Support" dyna!ic $e+Sp%ere ce interro)ation.
‒ uto!aticay update" tar)et" and wei)%t".
- '"e Se""ion ffinity to pre"erve tar)et
"e""ion "tate acro"" !utipe re/ue"t".‒ Support" $e+Sp%ere and non$e+Sp%ere tar)et".
- $S ppication cceerator for Pu+ic etwor"
- Secure Coud Connector
3eference $S&( pre"entation on
deveoper$or" artice '"in) DataPower etc.
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 24/54
© 2015 IBM Corporation2
#!"!strat!o" I"ter)a(es
- C>I‒ Seect 9etwor X Ma"ae#e"t X SS= Ser*!(e to di"pay t%e SS@ Service Confi)uration
8Main: "creen.
‒ Tel"et‒ Seect 9etwor X Ma"ae#e"t X Tel"et Ser*!(e to di"pay t%e &enet Service catao).
- ?e'G5I‒ cce"" to t%e appiance via t%e $e+G'I i" "upported +y a dedicated @&&P "erver t%at you
confi)ured durin) t%e initia appiance confi)uration proce"".
- @M> Ma"ae#e"t I"ter)a(e‒ &%e DataPower appiance can +e confi)ured and !ana)ed co!petey t%rou)% t%e AM<
Mana)e!ent Interface. $%en ena+ed# t%i" interface aow" ad!ini"trator" to "end "tatu" and
confi)uration re/ue"t" to t%e DataPower appiance t%rou)% a "tandard SP interface.
- ?SDM !"ter)a(e‒ $%en ena+ed# t%i" i!pe!entation provide" a protoco"pecific interface for !ana)in) $e+
Service endpoint" t%at were in"tantiated on t%e appiance t%rou)% $e+ Service ProFy o+Ject".
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 25/54
© 2015 IBM Corporation25
Go 'a( to $re*!os )!r#ware le*el
Ao (a" tole 'etwee" releases 'y roll!" 'a( a" )ort% 'etwee"
t%e (rre"t a" t%e $re*!os !#ae. &%i" incude" roin) +ac +etween!aJor reea"e".
- In t%e $e+Gui‒ fro! t%e Contro Pane# c%oo"e Sy"te! Contro.
‒ in t%e ?ir!ware 3oBac "ection cic t%e Z?ir!ware 3oBacZ +utton to
to))e +etween i!a)e".
- '"in) t%e C<I‒ (nter t%e co!!and ZCZ.
‒ (nter t%e co!!and Zfa"%Z pre"" enter.
‒ (nter t%e co!!and Z+oot "witc%Z pre"" enter.
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 26/54
© 2015 IBM Corporation24
Se(t!o"s o) t%e Test
1. rc%itecture and Ba"ic Confi)uration &a"" 81K6:
2. d!ini"tration and perationa rc%itecture 8216:
. Se(r!ty S(e"ar!os 13
. Inte)ration Scenario" 8216:
5. S Governance Scenario" 846:
4. &rou+e"%ootin) and &unin) 81K6:
S ! S ! S !
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 27/54
© 2015 IBM Corporation27
Se(t!o" - Se(r!ty S(e"ar!os
a. Confi)ure crypto o+Ject".
+. Confi)ure a "ervice to u"e SS<.
c. Confi)ure a "ervice to u"e $SSecurity.
d. Confi)ure a "ervice to "ecure a $SD<de"cri+ed we+ "ervice.
LIte!" e and f are covered in "u+"e/uent "ide"
e. Confi)ure a "ervice to enforce nonrepudiation u"in) di)ita "i)nature".
f. Confi)ure a "ervice to enforce confidentiaity u"in) encryption.
). Confi)ure a "ervice to enforce aut%entication and aut%oriNation.
%. Confi)ure !e""a)eeve t%reat protection.
i. Confi)ure a "ervice to u"e ut%.
J. Confi)ure t%e u"e of a "ecurity "erver "uc% a" IBM Security cce"" Mana)er 8ISM:# SM< and <DP.. Identify t%e i!pication" of ena+in) t%e ?IPS 102 <eve Co!piance !ode".
S !t T ! l
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 28/54
© 2015 IBM Corporation2K
Se(r!ty Ter#!"oloy
- t%e"t!(at!o" verifie" t%e identity of a cient.
- t%or!;at!o" decide" a cient[" eve of acce"" to a protected re"ource.
- I"ter!ty en"ure" t%at a !e""a)e %a" not +een !odified w%ie in tran"it. crytorahic hash aow" t%e end u"er to c%ec if a certain !e""a)e wa" intercepted or ta!pered wit%.
- Co")!e"t!al!ty en"ure" t%at t%e content" of a !e""a)e are ept "ecret. DataPower aow"%essae and &ield le'el encrytion# w%ic% en"ure" t%at no one can acce"" t%e payoadwit%out t%e appropriate decrypt ey.
- 9o"-re$!at!o" aow" t%e cient to prove t%at t%e "erver %a" received a previou"y "ent!e""a)e# and vicever"a. Diital sinatures are u"ed to deter!ine if t%e !e""a)e wa" "ent+y t%e actua ori)inator.
- Se(r!" ata w%!le !"-)l!%t DataPower provide" infi)%t "ecurity u"in) t%e "ecure "ocetayer 8SS<:. It provide" "upport for @&&PS# ?&PS# S?&P# and M=.
- !t!" !aintain" record" to %od cient" accounta+e to t%eir action".
3eference c%ievin) PCI co!piance u"in) $e+Sp%ere DataPower
? ' S ! S !t
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 29/54
© 2015 IBM Corporation2Q
?e' Ser*!(es Se(r!ty
- $e+ "ervice" "ecurity 8$SSecurity: provide" a "tandard# patfor!independentway for "pecifyin) !e""a)eeve "ecurity infor!ation.
- ?eFi+e "et of !ec%ani"!" for u"in) a ran)e of "ecurity protoco"‒ Doe" "ot define a "et of "ecurity protoco"‒ Provide" endtoend "ecurity
- ""ociate "ecurity toen" wit% a !e""a)e‒ '"erna!e &oen profie‒ A.50Q &oen profie‒ ;er+ero" &oen profie‒ SM< &oen profie Security ""ertion Marup <an)ua)e‒ 3(< &oen profie 3i)%t" (Fpre""ion <an)ua)e
- Confidentiaity 8AM< (ncryption:‒ Proce"" for encryptin) data and repre"entin) t%e re"ut in AM<
- Inte)rity 8AM< Si)nature:‒ Di)itay "i)n t%e SP AM< docu!ent# providin) inte)rity and "i)ner aut%entication
- AM< CanonicaiNation‒ or!aiNe" AM< docu!ent‒ (n"ure" two "e!anticay e/uivaent AM< docu!ent" contain t%e "a!e octet "trea!
3eference $e+ Service ProFy Deveoper" Guide
© 2
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 30/54
© 2015 IBM Corporation0
<le!'le t%e"t!(at!o", t%or!;at!o", a" !t!"
$ol!(!es
tra(tIe"t!ty
@&&P @eader"
$SSecurity &oen"
$SSecureConver"ation
$S&ru"t
;er+ero"
A.50Q
SM< ""ertion
IP ddre""
<&P &oen
Cu"to!
t%e"t!(ate
tra(t
+esor(e
'3<
SP peration
@&&P peration
Cu"to!
<DP
Sy"te!9N SS 83C?# S?:
&ivoi cce"" Mana)er ;er+ero"
$S&ru"t
ete)rity SiteMinder
3DI'S
SM<
<&P
Herify Si)nature
Cu"to!
t%or!;e!t
Post-Pro(ess
Ma$Ie"t!ty
Ma$
+esor(e
<DP
ctiveDirectory
Sy"te!9N SS
&ivoi cce"" Mana)er
SM<
ACM<Cu"to!
dd $SSecurity
Generate N9S IC3A &oen
Generate ;er+ero"
Generate SM<
Generate <&PMap &ivoi ?ederated Identity
(Fterna acce"" contro "erver or on+oard identity !ana)e!ent "tore
inut outut
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 31/54
© 2015 IBM Corporation1
Se(re yor ata w!t% @M> t%reat $rote(t!o"
@M> T%reat Prote(t!o"
(ntity eFpan"ion9recur"ion attac"
Pu+ic ;ey DoS
AM< ?ood
3e"ource @iJac
Dictionary ttac
3epay ttac
Me""a)e9data ta!perin)
Me""a)e "noopin)
Apat% or S=< inJection
AM< encap"uation
AM< viru"
Confi)urin) AM< t%reat protection
S ! ) % T
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 32/54
© 2015 IBM Corporation2
Se(t!o"s o) t%e Test
1. rc%itecture and Ba"ic Confi)uration &a"" 81K6:
2. d!ini"tration and perationa rc%itecture 8216:
. Security Scenario" 8156:
4. I"terat!o" S(e"ar!os 213
5. S Governance Scenario" 846:
4. &rou+e"%ootin) and &unin) 81K6:
S t! 4 I t t! S !
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 33/54
© 2015 IBM Corporation
Se(t!o" 4 - I"terat!o" S(e"ar!os
a. Confi)ure a "ervice ?ront Side Protoco @ander .
+. Confi)ure a "ervice Bacend '3<. Ldyna!ic +aced
c. Confi)ure a "ervice for !ediation +etween protoco".
d. Confi)ure a "ervice for inte)ration wit% !e""a)in) "y"te!" "uc% a" IBM M=.
e. Confi)ure a "ervice to tran"for! AM< and onAM< !e""a)e". Ltran"for!ation u"in) t%e
&ran"for! action" for v7.1
f. Confi)ure a "ervice for $e+ 2.0 "cenario". 3(S& proFy depoy!ent#3e"t +rid)e depoy!ent
). Confi)ure a "ervice for data+a"e inte)ration.
%. Confi)ure a "ervice to inte)rate wit% IMS Connect.
i. '"e t%e Interopera+iity &e"t Service durin) "ervice deveop!ent.
J. '"e eFten"ion function" a" appropriate wit%in a "tye"%eet.
. Cu"to!iNe !e""a)e proce""in) u"in) GatewayScript !odue function".
. Confi)ure "ervice" t%at "upport porta+iity +etween environ!ent". L"ee neFt "ide
!. Confi)ure a "ervice to perfor! >S "c%e!a vaidation.
C )! t! ) M! t!
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 34/54
© 2015 IBM Corporation
Co")!rat!o" )or M!rat!o"
- (nviron!ent" in t%i" ca"e are‒ Deveop!ent
‒ &e"t
‒ Production
- '"e t%e"e +e"t practice" 8c%apter : to !ae a confi)uration !ore
porta+e and !aintaina+e
‒ '"e @o"t ia" rat%er t%an dot deci!a addre"" in Service" t%at eFpo"e
eFterna port".
‒ '"e (nviron!ent Specific DS w%en po""i+e rat%er t%an dot deci!a
addre""
‒ '"e Static @o"t" to %ande DS a+erration".
‒ (FternaiNe A<S& IP9Port and @o"t a!e reference" via t%e Identity
Docu!ent.
‒ Mi)rate ony t%o"e o+Ject" w%ic% re/uire !i)ration.
S t! ) t% T t
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 35/54
© 2015 IBM Corporation5
Se(t!o"s o) t%e Test
1. rc%itecture and Ba"ic Confi)uration &a"" 81K6:
2. d!ini"tration and perationa rc%itecture 8216:
. Security Scenario" 8156:
. Inte)ration Scenario" 8216:
. S Go*er"a"(e S(e"ar!os 63
4. &rou+e"%ootin) and &unin) 81K6:
S t! S G S !
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 36/54
© 2015 IBM Corporation4
Se(t!o" / S Go*er"a"(e S(e"ar!os
a. Confi)ure Me""a)e Monitor" and Service <eve Monitorin) 8S<M:
poicie" to enforce Service <eve )ree!ent" 8S<":.+. ttac% and enforce $SPoicy "tate!ent" u"in) a we+ "ervice proFy
"ervice. Lfocu" on enforce!ent in t%e nowed)e center artice
c. ttac% and enforce $SMediationPoicy "tate!ent" wit%in a we+
"ervice proFy "ervice.d. Confi)ure "u+"cription" to eFterna "ervice re)i"trie" "uc% a"
$e+Sp%ere Service 3e)i"try and 3epo"itory 8$S33:.
Mo"!tors
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 37/54
© 2015 IBM Corporation7
Mo"!tors
ow for con"tant feed+ac on !e""a)e" t%at fow t%rou)% t%e appiance. Rou can
confi)ure !onitor" to )enerate o) !e""a)e" at a )iven o) eve after reac%in) a count or
atency t%re"%od or ot%er event tri))er. Monitor" can a"o t%rotte 8reJect: or "%ape 8deay:
traffic after reac%in) a count or atency t%re"%od or ot%er event tri))er
-Count Monitor"‒ Incre!ent a counter every ti!e !e""a)e" of a particuar type pa"" t%rou)% a "ervice
-Duration Monitor"‒ Incre!ent a counter every ti!e a confi)ured a!ount of ti!e pa""e" durin) t%e proce""in) of
!e""a)e" of a particuar type
-$e+ Service Monitor"‒ ffer t%e a+iity to confi)ure !onitorin) +a"ed on t%e "ervice" defined in a $SD<
-Service <eve Monitor"‒ ow finer de)ree of contro w%ic% can eFtend to t%e preci"e definition of u"er" or re"ource" and
t%e "c%eduin) of operation"
?S Pol!(y
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 38/54
© 2015 IBM CorporationK
?S-Pol!(y
- &%e $SPoicy "tandard provide" an AM< voca+uary for $e+ "ervice" to de"cri+in)
t%eir con"traint" and re/uire!ent".‒ (ac% poicy con"i"t" of one or !ore poicy a""ertion".
- Poicy a""ertion" define t%e re/uire!ent" of a "ervice for a particuar poicy do!ain.‒ 3e/uire u"erna!e toen
‒ 3e/uire encryption
‒ 3e/uire di)ita "i)nature
- Poicy a""ertion" do not foow any predefined for!at# eFcept t%at t%ey are
e!+edded wit%in a \Poicy] ta).\w"pPoicyF!n"w"pUZ%ttp99www.w.or)920049079w"poicyZ]
\'"erna!e&oen9] 9E Poicy ""ertion E9
\9w"pPoicy]
- &%e $SPoicy "pecification aow" you to enforce re/uire!ent" t%at cannot +e de"cri+ed +y
a $SD< fie. ?or eFa!pe# if you re/uire a re/ue"t" to +e di)itay "i)ned# it i" not po""i+e to
encode t%at re/uire!ent in a $SD< fie.
Se(t!o"s o) t%e Test
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 39/54
© 2015 IBM CorporationQ
Se(t!o"s o) t%e Test
1. rc%itecture and Ba"ic Confi)uration &a"" 81K6:
2. d!ini"tration and perationa rc%itecture 8216:
. Security Scenario" 8156:
. Inte)ration Scenario" 8216:
5. S Governance Scenario" 846:
6. Tro'les%oot!" a" T"!" 183
Se(t!o" 6 Tro'les%oot!" a" T"!" 13
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 40/54
© 2015 IBM Corporation0
Se(t!o" 6 - Tro'les%oot!" a" T"!" 13
a. 3e"ove networ connectivity pro+e!".
+. Perfor! and anayNe pacet capture".
c. Confi)ure <o) &ar)et" for anay"i" and aertin).
d. Confi)ure event tri))er".
e. nayNe and interpret "y"te! o)".
f. De+u) !e""a)e fow" u"in) t%e Pro+e.
). Confi)ure a "ervice for tran"action o))in).
%. Confi)ure t%e appiance to !ana)e !e!ory u"a)e.
i. Confi)ure t%e appiance for networ opti!iNation. LStatic route ta+e J. '"e "tatu" provider" and +uitin capa+iitie" to perfor! anay"i" and
trou+e"%ootin).
. Confi)ure cac%in) on a "ervice.
Pa(et Ca$tre
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 41/54
© 2015 IBM Corporation1
Pa(et Ca$tre
- Generate" a PCP fie
-'"e $ire"%ar 8(t%erea: or ot%er PCP too to anayNe t%e re"ut".
*e"t Tr!ers
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 42/54
© 2015 IBM Corporation2
*e"t Tr!ers
- Rou can u"e t%e event tri))er" to auto!aticay run co!!and" w%en
"pecific !e""a)e" are o))ed. &ypica u"a)e woud +e to )enerate an
error report w%en a rarey o+"erved +ut recurrin) !e""a)e i" o))ed.
- Rou can define event tri))er" for a variety of "ituation"‒ Startin) and "toppin) a pacet capture.
‒ Creatin) an error report w%en a di"crete "ervice encounter" a pro+e!.
‒ '"in) a cu"to! !e""a)e.
9etwor Co""e(t!*!ty
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 43/54
© 2015 IBM Corporation
9etwor Co""e(t!*!ty
Pre$arat!o" sest!o"s re$eate
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 44/54
© 2015 IBM Corporation
Pre$arat!o" sest!o"s - re$eate
1. $or t%rou)% t%e
Di"coverin) t%e vaue of IBM $e+Sp%ere DataPower S ppiance" a+" and
"tudy t%e eFceent a+ note".
2. &ae t%e two ca""e" if you can. cceerate# Secure and Inte)rate wit% IBM
DataPower H7.1# d!ini"tration of IBM $e+Sp%ere DataPower Gateway H7
. '"e t%e foowin) re"ource" a" you )o t%rou)% eac% "ection" o+Jective i"t &e"t preparation ta+ $e+ 3e"ource i"ted +y topic "earc% %yperined ter!". DataPower v7.1 ;nowed)e Center t%e officia product docu!entation
. &ae t%e Sa!pe 9 ""e""!ent &e"t if you %ave not taen t%e certification te"t
yet. &%ere are ony 4 /ue"tion"# w%ic% can )ive you a "en"e for t%e for!at of t%e rea te"t#
and it provide" t%e an"wer".
5. &ae note". Study your note" prior to tain) t%e eFa!.
T% t t
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 45/54
© 2015 IBM Corporation5
T%e test
- Contain" /ue"tion" re/uirin) "in)e and !utipe an"wer"
‒ ?or !utipean"wer /ue"tion"# you need to c%oo"e a re/uired option" to )et t%ean"wer correct
‒ Rou wi +e advi"ed %ow !any option" !ae up t%e correct an"wer
- I" de"i)ned to provide dia)no"tic feed+ac on t%e a#!"at!o" S(ore +e$ort‒ Correatin) +ac to t%e test objectives
‒ Infor!in) t%e te"t taer %ow t%ey did on eac% "ection of t%e te"t.
‒ =ue"tion" and an"wer" are not di"tri+uted
T! ) ! t% t t
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 46/54
© 2015 IBM Corporation4
T!$s )or $ass!" t%e test
Ta!" t%e Test
- So!e /ue"tion" are very tricy w%ie ot%er" are very "trai)%tforward.
- &ry not to )et di"coura)ed and return to t%e !ore difficut /ue"tion" if
ti!e per!it".
- 3e!e!+er t%at a "core of 46 i" enou)% to pa"".
)terwars
- If you pa""# cee+rate
- If not# record /ue"tion" t%at you !i""ed
- ?ind an"wer" you !i""ed in t%e ;nowed)e Center or ot%er "ource" and"c%edue to tae t%e te"t a)ain "oon.
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 47/54
© 2015 IBM Corporation7
++arru",u".i+!.co!
Ba($
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 48/54
© 2015 IBM CorporationK
Ba($
<o"at!o"al Te(%"olo!es
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 49/54
© 2015 IBM CorporationQ
a. Identify t%e c%aracteri"tic" of &CP9IP networin).
+. Identify t%e c%aracteri"tic" of Pu+ic ;ey Infra"tructure 8P;I:.c. De"cri+e %ow SS< tran"port encryption and endpoint aut%entication wor".
d. Identify t%e c%aracteri"tic" of an AM< !e""a)e# SP !e""a)e and >S
Me""a)e.
e. Identify t%e c%aracteri"tic" of AS<&# APat% eFpre""ion"# ASD and $SD<.f. Identify +a"ic !e""a)eeve "ecurity concept".
). Identify t%e c%aracteri"tic" of attac%!ent" in we+ "ervice".
%. De"cri+e t%e c%aracteri"tic" of !e""a)in) "y"te!" "uc% a" $e+Sp%ere M=
and >MS.
i. Identify t%e c%aracteri"tic" of $e+ 2.0 "ervice".
SS> =a"s%ae
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 50/54
© 2015 IBM Corporation50
SS> =a"s%ae
SS< Cient SS< Server
81: Cient @eo# Cip%er Suite"Supported# ver"ion "upported
82: Server @eo# Cip%er Suite
Seected# Server Certificate#
Cient Certificate 3e/ue"t
8optiona:
8: Herify Server
certificate. C%ec
crypto)rap%ic
cip%er"uite
"eected +y t%e
"erver
8: Cient ey eFc%an)e# Send
"ecret ey 8encrypted wit% "erver
pu+ic ey:
85: Send cient certificate 8optiona:
87: Cient ?ini"%
8K: Server ?ini"%
8Q: (Fc%an)e !e""a)e"
8encrypted:
More on SS< %and"%ae
84: Herify cient
certificate
8optiona:
SS> 'Ee(t =!erar(%y a" "erly!" PFI !"terat!o"
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 51/54
© 2015 IBM Corporation51
SS> 'Ee(t =!erar(%y a" "erly!" PFI !"terat!o"
-&%e Crypto Identification Credentia o+Ject i" u"ed w%en providin) an identity toconnectin) cient". $%en a cient connect"# it re/ue"t" a certificate. &%e crypto ID
credentia reference" w%ic% certificate "%oud +e returned to t%e cient. It a"o reference"
a private ey w%ic% i" u"ed +y SS<.
- Crypto Haidation Credentia can +e u"ed w%en verifyin) a di)ita "i)nature w%en t%e
"i)ner !ay +e one of !any different +u"ine"" partner". $it% a crypto vaidation credentia
8often referred to a" a vacred:# you can create a "in)e proce""in) rue wit% a "in)e"i)nature verification action t%at wi acco!!odate counte"" pu+ic certificate".
-&%e Crypto Profie o+Ject tie" to)et%er a Crypto ID credentia and a Crypto Haidation
credentia.
-&%e SS< ProFy Profie provide" "o!e protoco"pecific option" and reference" a crypto
profie. &%e SS< ProFy Profie t%u" contain" every +it of infor!ation needed to e"ta+i"%one or twoway SS< %and"%ain).
@M> a#$le
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 52/54
© 2015 IBM Corporation52
@M> a#$le
- &e"t i" focu"ed on eFa!pe". @ere i" an eFa!pe fro! w"c%oo".co! taen out of APat%"ection.
\TF! ver"ionUZ1.0Z encodin)UZISKK5Q1ZT]\+oo"tore]\9+oo]\+oo cate)oryUZ$(BZ] \tite an)UZenZ]A=uery ;ic Start\9tite] \aut%or]>a!e" McGovern\9aut%or] \aut%or]Per Bot%ner\9aut%or]
\aut%or];urt Ca)e\9aut%or] \aut%or]>a!e" <inn\9aut%or] \aut%or]Haidyanat%an a)araJan\9aut%or] \year]200\9year] \price]Q.QQ\9price]\9+oo]\+oo cate)oryUZ$(BZ]
\tite an)UZenZ]<earnin) AM<\9tite] \aut%or](ri &. 3ay\9aut%or] \year]200\9year] \price]Q.Q5\9price]\9+oo]\9+oo"tore]
@S>T
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 53/54
© 2015 IBM Corporation5
- AS<& i" u"ed to tran"for! an AM< docu!ent into anot%er AM< docu!ent# or anot%er
type of docu!ent t%at i" reco)niNed +y a +row"er# ie @&M< and A@&M<. or!ay
AS<& doe" t%i" +y tran"for!in) eac% AM< ee!ent into an 8A:@&M< ee!ent.
- $it% AS<& you can add9re!ove ee!ent" and attri+ute" to or fro! t%e output fie. Rou
can a"o rearran)e and "ort ee!ent"# perfor! te"t" and !ae deci"ion" a+out w%ic%
ee!ent" to %ide and di"pay# and a ot !ore.
- In t%e tran"for!ation proce""# AS<& u"e" APat% to define part" of t%e "ource docu!ent
t%at "%oud !atc% one or !ore predefined te!pate". $%en a !atc% i" found# AS<& wi
tran"for! t%e !atc%in) part of t%e "ource docu!ent into t%e re"ut docu!ent.
3efer to %ttp99www.w"c%oo".co!9F"9F"Wintro.a"p for !ore infor!ation.
@Pat%
8/20/2019 CertStudyGuideIDGv7.1SolnImplSlides 20150814
http://slidepdf.com/reader/full/certstudyguideidgv71solnimplslides-20150814 54/54
- APat% i" a "pecification for de"cri+in) a ocation wit% an AM< docu!ent.‒ S%ared +y !any AM<+a"ed "tandard"9tec%noo)ie"
‒ '"ed +y AS<&# APointer# and A=uery
- ow" you to addre"" ee!ent" of a docu!ent t%at !eet "pecified criteria.‒ (Fa!pe In AM< for a +oo on >ava# find t%e c%apter" wit% >DBC in t%e tite
- Provide" t%e a+iity to retrieve a "u+"et of an AM< docu!ent in any direction.‒ ?orward"# +acward" or "ideway"
- (Fpre""ion "%ortcut"‒ ^99Lee!ent_ "eect" ee!ent node re)arde"" of ocation
‒ ^._ "eect" t%e current node
‒ ^.._ "eect" t%e parent of t%e current node
‒ ^,Lattri+utena!e_ "eect" an attri+ute