Get Prepared for Your SailPoint-Certified-IdentityNow-Engineer Exam With Actual 110 Questions
Valid SailPoint-Certified-IdentityNow-Engineer Test Answers Full-length Practice Certification Exams
NEW QUESTION # 10
Can a user with Report-admin level permissions within IdentityNow perform this action?
Solution: View a live display of events in progress
- A. Yes
- B. No
Answer: B
Explanation:
No, a user with Report-admin level permissions cannot view a live display of events in progress. The Report-admin role is primarily concerned with reporting functions, such as viewing and managing reports. Viewing live events, especially operational or real-time system events, would require higher- level permissions, typically associated with System Admin or Operations Admin roles, which have access to system dashboards, monitoring tools, and event logs.
Reference:
SailPoint IdentityNow Role-Based Access Control (RBAC) Documentation.
SailPoint IdentityNow Monitoring and Event Logging Permissions Guide.
NEW QUESTION # 11
An IdentityNow engineer needs to find identities with disabled AD accounts by using IdentityNow's search features. Is this the correct search syntax to perform this task?
Solution:
- A. Yes
- B. No
Answer: A
Explanation:
Yes, the search syntax @accounts( source.name:"AD" AND state:"disabled" ) is correct, as it matches the necessary criteria for finding disabled AD accounts. This query searches for accounts in the AD source where the account state is set to "disabled," which effectively filters for the desired result.
Key Reference from SailPoint Documentation:
Correct Syntax for Disabled Accounts: The search correctly identifies accounts with a disabled state using this syntax.
NEW QUESTION # 12
Is this statement true about deploying and configuring IdentityNow's virtual appliance (VA)?
Solution: When using the AWS deployment option, SailPoint shares an AWS Amazon Machine image (AMI) with the customer's AWS account on a region they select.
- A. Yes
- B. No
Answer: A
Explanation:
Yes, when using the AWS deployment option, SailPoint shares an Amazon Machine Image (AMI) with the customer's AWS account in the selected region. This AMI contains the pre-configured Virtual Appliance (VA) image that the customer can use to deploy within their own AWS environment, simplifying the deployment process and ensuring compatibility with AWS services.
Key Reference from SailPoint Documentation:
AWS AMI for VA Deployment: SailPoint provides a dedicated AMI that is shared with customers in their chosen AWS region to facilitate the deployment of the Virtual Appliance.
NEW QUESTION # 13
Does this run on the VA?
Solution: IQService
- A. Yes
- B. No
Answer: B
Explanation:
IQService does not run on the Virtual Appliance (VA). It is a separate service that must be installed on a Windows Server within the environment that has access to the target system, particularly for Active Directory and other Windows-based systems. IQService acts as a proxy between the IdentityNow tenant and these target systems, allowing operations such as password management and account provisioning to be executed on systems that do not support native connectors on the VA. It communicates with the VA but is not hosted on it.
Reference:
SailPoint IdentityNow IQService Installation Guide.
SailPoint IdentityNow Target Connector Architecture.
NEW QUESTION # 14
Is this statement true about certification campaigns?
Solution: Certifications are assigned to the reviewer when the campaign status is Preview Ready.
- A. Yes
- B. No
Answer: B
Explanation:
Certifications are not assigned to the reviewer when the campaign status is "Preview Ready." The
"Preview Ready" status indicates that the campaign is prepared for review by administrators, and the certification details can be previewed before launching the campaign. However, the certifications are only assigned to the reviewers once the campaign is in the "Active" status, which signifies the start of the certification process. At this point, reviewers can access the certifications assigned to them.
Reference:
SailPoint IdentityNow Certification Campaign Lifecycle Guide.
SailPoint IdentityNow Certification Campaign Status Documentation.
NEW QUESTION # 15
A customer wants to configure a virtual appliance (VA) to use a static IP address. Does this file on the VA need to be modified to perform the configuration?
Solution: /etc/ systemd/network/ static, network
- A. Yes
- B. No
Answer: A
Explanation:
Yes, the file /etc/systemd/network/static.network (or a similarly named file depending on the Linux distribution used by the Virtual Appliance) is typically used to configure a static IP address for the VA.
This file is part of the systemd network configuration, and modifying it allows you to specify static IP settings, such as the IP address, netmask, gateway, and DNS servers, for the Virtual Appliance's network interface.
To set a static IP address, you would need to modify this file and restart the network service for the changes to take effect.
Reference:
SailPoint IdentityNow Virtual Appliance Network Configuration Guide.
Linux systemd Network Configuration Documentation.
NEW QUESTION # 16
Is this an example of a vanity URL?
Solution: https://identityNowacme.com
- A. Yes
- B. No
Answer: B
Explanation:
https://identityNowacme.com is not typically considered a vanity URL. While it includes the
"identityNow" term, it does not appear to follow the format of a vanity URL, which generally includes a company-specific subdomain (like my) and a custom domain (example.com). In this case, the URL is more generic and lacks the branding or simplicity typically associated with vanity URLs.
Key Reference from SailPoint Documentation:
Vanity URL Structure in IdentityNow: Vanity URLs typically feature a customized subdomain that reflects the organization's branding, and identityNowacme.com does not fit this pattern.
NEW QUESTION # 17
An IdentityNow engineer has the following problem:
IdentityNow shows status failed on a virtual appliance (VA).
Is this one of the steps that should be taken troubleshoot the issue?
Solution: Verify that the VA is configured for automatic updates by setting 'autoupdate=true' in the config.yaml file.
- A. Yes
- B. No
Answer: B
Explanation:
No, verifying that the VA is configured for automatic updates by setting autoupdate=true in the config.yaml file is not directly related to troubleshooting a failed status on the VA. While keeping the VA updated is important for long-term stability and functionality, the configuration for automatic updates does not resolve immediate connection or service failure issues. The troubleshooting focus should be on network connectivity, service status, and log reviews.
Key Reference from SailPoint Documentation:
VA Autoupdate Configuration: Configuring the VA for automatic updates is a best practice for maintaining up-to-date software but is not a direct troubleshooting step for addressing an immediate VA failure.
NEW QUESTION # 18
When preparing for a manager certification campaign is this a step that is considered a best practice before the campaign preview is generated?
Solution: Load entitlement descriptions
- A. Yes
- B. No
Answer: A
Explanation:
Yes, loading entitlement descriptions is considered a best practice before generating the campaign preview for a manager certification campaign. Providing clear and concise entitlement descriptions ensures that managers reviewing access during the certification process have a full understanding of what each entitlement or role entails. This helps in making informed decisions regarding whether an individual's access should be approved or revoked.
Without proper descriptions, the campaign participants might have difficulty evaluating access, which can lead to inefficiencies or errors in the certification process.
Reference:
SailPoint IdentityNow Certification Campaign Best Practices.
SailPoint IdentityNow Campaign Preparation Guidelines.
NEW QUESTION # 19
Is this statement correct about security and/or encryption of data?
Solution: identityNow uses a hashing algorithm for secure encryption of data in transit and uses TLS for hashing passwords and the answers to security questions
- A. Yes
- B. No
Answer: B
Explanation:
No, this statement is incorrect. While IdentityNow does use TLS (Transport Layer Security) for securing data in transit, TLS is not a hashing algorithm; it is a protocol used for encryption to ensure secure communication over networks. Additionally, IdentityNow uses hashing algorithms for securely storing passwords and answers to security questions (e.g., SHA-256 or bcrypt), but it does not use TLS for hashing these values. Hashing algorithms are one-way functions that help store sensitive data securely by converting them into irreversible fixed-length representations.
TLS protects data during transmission by encrypting it, while hashing is used for securing stored data such as passwords.
Reference:
SailPoint IdentityNow Encryption and Security Practices Documentation.
SailPoint IdentityNow Password Hashing and Encryption Mechanisms Guide.
NEW QUESTION # 20
An IdentityNow engineer needs to review logs to diagnose when the secure tunnel fails to allow communication. Could reviewing thi9 log file help diagnose the issue?
Solution: /home/sailpoint/log/vs_agent.log
- A. Yes
- B. No
Answer: B
Explanation:
No, the vs_agent.log file is not typically used to diagnose secure tunnel communication issues. The vs_agent.log file is related to virtual appliance services and tasks but does not provide detailed information about the secure tunnel or communication errors. For troubleshooting the secure tunnel, the relay.log file is more appropriate.
Key Reference from SailPoint Documentation:
Log File Purposes: The vs_agent.log does not capture information about secure tunnel communication issues. Instead, the relay.log is the correct log file for such issues.
NEW QUESTION # 21
When an engineer goes to Global > System Settings and clicks on System Notifications, the following page opens:
What email notifications are enabled if the engineer selects Sources?
Solution: A notification is immediately sent after successful
- A. Yes
- B. No
Answer: B
Explanation:
In SailPoint IdentityNow, email notifications related to source events (such as successful connections or other operational states) are not automatically sent immediately after a successful source connection. The system focuses on error conditions or alerts based on source status changes or failures. While successful source operations may be logged, notifications are not configured by default to trigger upon every successful action.
Key Reference from SailPoint Documentation:
Source Event Notifications: SailPoint's notifications for source-related events primarily focus on error handling rather than successful operations, which are generally logged for reference but do not trigger immediate notifications.
NEW QUESTION # 22
An IdentityNow engineer has set up an access profile for an application. The access profile allows for users to request access, and for a user's manager to approve or deny access.
After a recent staff meeting, management has expressed that they want to remove any approval requirements for this application.
Is management's request possible in IdentityNow. and. if so. are these the recommended steps the engineer should take to meet their new requirement?
Solution: It is possible. Delete the access profile.
- A. Yes
- B. No
Answer: B
Explanation:
No, deleting the access profile is not the correct way to meet the requirement of removing approval for access requests. The access profile defines the entitlements and permissions that users can request for an application. Deleting it would remove the entire ability to request access, rather than just removing the approval workflow. The correct step would be to modify the approval settings in the access profile (as explained in Question 44), not to delete it.
Key Reference from SailPoint Documentation:
Access Profile Management: Modifying approval settings in the access profile is the appropriate step to meet management's new requirement, not deleting the profile itself.
NEW QUESTION # 23
An IdentityNow engineer needs to find identities with disabled AD accounts by using IdentityNow's search features. Is this the correct search syntax to perform this task?
Solution:
- A. Yes
- B. No
Answer: A
Explanation:
Yes, the search syntax @accounts( source.name:"AD" AND state:"disabled" ) is correct for finding identities with disabled AD accounts. In this case, the query filters accounts based on the state being
"disabled," which is valid and effective for identifying disabled accounts.
Key Reference from SailPoint Documentation:
Search by Account State: Using state:"disabled" is an accurate way to search for disabled accounts in SailPoint IdentityNow.
NEW QUESTION # 24
Does the following use case accurately describe provisioning on a source that has provisioning disabled?
Solution: Provisioning is initialed by a process (e.g. Access Request Role Assignments). Provisioning instructions are calculated based on current access, and go through filtering and expansion processes. Provisioning is then assigned to a source for provisioning. Since provisioning is disabled on the source a manual task is opened in IdentityNow A person carries out the provisioning manually.
- A. Yes
- B. No
Answer: A
Explanation:
In this use case, provisioning is initiated, but the source has provisioning disabled, meaning automated provisioning cannot proceed. The process described is accurate: when provisioning is assigned to a source where provisioning is disabled, IdentityNow does not execute the provisioning through its automated system. Instead, a manual task is generated for a human to complete the provisioning process. This manual intervention ensures that the necessary access changes can still occur, albeit through human oversight rather than an automated connector.
This scenario aligns with how IdentityNow handles sources that are flagged as non-provisionable.
The provisioning logic is still calculated within the system, but actual implementation requires manual steps when the source is configured in this way.
Reference:
SailPoint IdentityNow Provisioning Architecture.
SailPoint IdentityNow Manual Provisioning Workflow Documentation.
NEW QUESTION # 25
......
Accurate & Verified 2025 New SailPoint-Certified-IdentityNow-Engineer Answers As Experienced in the Actual Test!: https://quizguide.actualcollection.com/SailPoint-Certified-IdentityNow-Engineer-exam-questions.html