IBM WebSphere DataPower SOA Appliances Firmware V5.0 Solution Implementation Sample Questions:

1. An SLM Policy has been associated with a web service proxy to restrict access to a backend web service if one of a number of conditions has been met. The list of conditions are described in a series of SLM statements. What Evaluation Method mustthe solution implementer select in the SLM Policy to ensure that every SLM statement is checked until a throttle condition is executed?

A) terminate-at-first-filter
B) terminate-at-first-refuse
C) terminate-at-first-reject
D) terminate-at-first-action

2. Which of the following SOAP messages is valid according to the SOAP specification?

A) Option D
B) Option C
C) Option B
D) Option A

3. A company has exposed aweb service to both internal and external clients. Requests from internal clients are sent in plain text and requests from external clients are encrypted in accordance with the WS-Security specification. A single web service proxy has been created using the WSDL that describes the web service. How can the solution implementer accommodate both the plain text and encrypted requests in the same web service proxy?

A) Add a Decrypt action to the Default Request Rule, with a Certificate object that is associatedwith the external client's private key.
B) Provide thecompany's public certificate to the external client for use in encryption, create a Crypto Key object that points to the company's public certificate, and use it to add a Decrypt action to the Default Request Rule.
C) Provide the company's public certificate to the external client for use in encryption, create a Crypto Key object that points to the company private key, and set the Decrypt Key at the proxy level.
D) Create a Crypto Certificate object using the external client's public certificate, create a Crypto Validation Credential (valcred) using the Crypto Certificate object, and add a Decrypt action that uses valcred to the Default Request Rule.

4. A company has an extensive list of Miscellaneous XML Threats that they require protection from. The list includes: ?XML Entity Expansion and RecursionAttacks ?XML Wellformedness-based Parser Attacks ?Memory Space Breach and Buffer Overflow Attacks ?Public Key DoS Attacks ?Resource Hijack Attacks What must the solution implementer do to protect SOA Applications exposed via a WSDL and a Web Service Proxyservice?

A) Enable the web service proxy's ingle Message XML Denial of Service (XDoS) Protection".Enable the web service proxy's ?ingle Message XML Denial of Service (XDoS) Protection".
B) Enable the web service proxy's ultiple Message XML Denial of Service (MMXDoS) Protection".Enable the web service proxy's ?ultiple Message XML Denial of Service (MMXDoS) Protection".
C) Enable the web service proxy's QL Injection Protection?Enable the web service proxy's ?QL Injection Protection?
D) Web service proxy default options protect against these threats. No configuration is required.

5. Operations management has identified a list of activities for its staff to perform in their DataPower appliances. The solution implementer has installed WebSphere Appliance Management Center (WAMC) V5. What activities can the solution implementer recommend to operations management to perform with WAMC? (choose 3)

A) Upload files such as style sheets and schemas from the WAMC repository to the appliances.
B) Perform a standard backup at the domain level or the appliance level.
C) Create and delete domains and services.
D) Deploy firmware from the WAMC repository to one or more appliances at a time.
E) Download firmware upgrades from IBM Fix Central into the WAMC repository.
F) Perform a secure backup at the appliance level.

Solutions: