SailPoint IdentityNow-Engineer SailPoint Certified IdentityNow Engineer Exam Practice Test

Answer : B

No, the statement 'This item is complete' is vague and does not represent any actionable configuration when implementing a JDBC connector. An IdentityNow engineer needs to focus on specific technical configurations like setting up schemas, defining SQL queries, mapping attributes, and ensuring the correct service account permissions. Simply stating 'This item is complete' is not a valid step in the implementation process.

SailPoint IdentityNow JDBC Connector Implementation Checklist.

SailPoint IdentityNow Configuration and Implementation Documentation.

Answer : A

Yes, using a query select statement with a clause to match the incoming account to an existing account is a key configuration for the Single Account SQL Query in a JDBC connector. This query is used to fetch specific account details from the database and must be written in such a way that it uniquely identifies each account, ensuring accurate correlation between the data in the source and the identities in IdentityNow. Properly configuring this SQL query ensures the right accounts are matched and managed.

SailPoint IdentityNow JDBC Connector Single Account Query Configuration Guide.

SailPoint IdentityNow SQL Query Best Practices Documentation.

Answer : A

Yes, defining an account schema is an essential step when implementing a JDBC connector. The schema defines the structure of the identity data being pulled from the database, including the attributes that will be mapped to identity profiles in IdentityNow. The schema can be defined either by using the 'Discover Schema' option, which automatically identifies available attributes, or by manually configuring the schema attributes if specific custom mappings are required.

SailPoint IdentityNow JDBC Connector Schema Configuration Guide.

SailPoint IdentityNow Source Schema Discovery Documentation.

Answer : B

No, selecting a checkbox to use the database admin as the service account is not a recommended or required configuration when implementing a source that uses a JDBC connector. Typically, for security and least privilege, a dedicated service account with only the necessary permissions to read and manage identities within the database is used. Granting database administrator (DBA) privileges to the service account introduces unnecessary security risks and is against best practices.

SailPoint IdentityNow JDBC Connector Configuration Guide.

SailPoint IdentityNow Best Practices for Service Accounts Documentation.

Answer : A

Yes, the SCIM 2.0 Connector is the most suitable connector for this use case. The system described is a modern, cloud-based web application that exposes a fully compliant SCIM 2.0 interface and uses OAuth 2.0 client credentials for authentication. SCIM (System for Cross-domain Identity Management) is a standardized protocol designed to simplify identity management in cloud applications. The SCIM 2.0 Connector in SailPoint IdentityNow is specifically built to integrate with systems that provide a SCIM interface, making it the ideal connector for this scenario.

SailPoint IdentityNow SCIM 2.0 Connector Guide.

SailPoint IdentityNow Cloud-Based Integration Documentation.

Answer : A

Yes, the Active Directory connector can run on the Virtual Appliance (VA). The VA is responsible for hosting connectors that communicate with various target systems, including Active Directory. The connector establishes the communication between IdentityNow and the target Active Directory instance for operations such as provisioning, deprovisioning, and account synchronization. The VA acts as the bridge between IdentityNow's cloud service and the on-premises AD environment, enabling secure communication through the connector.

SailPoint IdentityNow Active Directory Connector Configuration Guide.

SailPoint IdentityNow Virtual Appliance Architecture and Setup Documentation.

Answer : B

IQService does not run on the Virtual Appliance (VA). It is a separate service that must be installed on a Windows Server within the environment that has access to the target system, particularly for Active Directory and other Windows-based systems. IQService acts as a proxy between the IdentityNow tenant and these target systems, allowing operations such as password management and account provisioning to be executed on systems that do not support native connectors on the VA. It communicates with the VA but is not hosted on it.

SailPoint IdentityNow IQService Installation Guide.

SailPoint IdentityNow Target Connector Architecture.