SailPoint Certified IdentityNow Engineer Exam Practice Test

Answer : A

Yes, search-based certification campaigns can be used to review access for non-correlated accounts. Non-correlated accounts are accounts that do not have a direct link to any identity in the system, which means they may represent orphaned or unmanaged accounts. Search-based certifications allow administrators to create campaigns based on specific criteria, including targeting these non-correlated accounts to ensure they are properly reviewed and addressed within the organization.

SailPoint IdentityNow Search-Based Certification Campaign Guide.

SailPoint IdentityNow Non-Correlated Account Management Documentation.

Answer : A

Yes, a certification item can be reassigned multiple times during a certification campaign. If a reviewer is unable to certify an item or needs another individual to review the access, they can reassign the certification to a different reviewer. This reassignment functionality allows flexibility in handling access certifications and ensuring the right person evaluates the access. There are no limits on how many times an item can be reassigned, making it a versatile feature within the certification process.

SailPoint IdentityNow Certification Reassignment Feature Documentation.

SailPoint IdentityNow Certification Workflow Guide.

Answer : B

Certifications are not assigned to the reviewer when the campaign status is 'Preview Ready.' The 'Preview Ready' status indicates that the campaign is prepared for review by administrators, and the certification details can be previewed before launching the campaign. However, the certifications are only assigned to the reviewers once the campaign is in the 'Active' status, which signifies the start of the certification process. At this point, reviewers can access the certifications assigned to them.

SailPoint IdentityNow Certification Campaign Lifecycle Guide.

SailPoint IdentityNow Certification Campaign Status Documentation.

Answer : A

Yes, 'Create Account' is a valid operation type for the Web Services connector in SailPoint IdentityNow. The Web Services connector is designed to interact with REST or SOAP APIs, allowing it to perform operations such as account creation, updating, or deleting accounts on external systems. The 'Create Account' operation is a standard function used when provisioning new identities to external applications or systems through the connector.

SailPoint IdentityNow Web Services Connector Operations Guide.

SailPoint IdentityNow Web Services Connector API Provisioning Documentation.

Answer : A

Yes, the Web Services connector in SailPoint IdentityNow supports Basic Authentication. Basic Authentication is a standard method for securing API requests by sending credentials (username and password) encoded in the HTTP headers. This is a common practice for authenticating web service requests, and the Web Services connector in IdentityNow supports it along with other authentication methods like OAuth.

SailPoint IdentityNow Web Services Connector Configuration Guide.

SailPoint IdentityNow Connector Authentication Methods Documentation.

Answer : A

Yes, loading entitlement descriptions is considered a best practice before generating the campaign preview for a manager certification campaign. Providing clear and concise entitlement descriptions ensures that managers reviewing access during the certification process have a full understanding of what each entitlement or role entails. This helps in making informed decisions regarding whether an individual's access should be approved or revoked.

Without proper descriptions, the campaign participants might have difficulty evaluating access, which can lead to inefficiencies or errors in the certification process.

SailPoint IdentityNow Certification Campaign Best Practices.

SailPoint IdentityNow Campaign Preparation Guidelines.

Answer : B

The provided use case incorrectly describes the provisioning process on a source that has provisioning disabled. If provisioning is disabled for a source, automated provisioning via the Virtual Appliance and connectors is not possible. The Virtual Appliance cannot retry or carry out the provisioning in this case, as the system explicitly prevents automated provisioning operations on sources marked as non-provisionable.

When a source has provisioning disabled, the system only supports manual provisioning, where a task is opened in IdentityNow for a person to manually execute the provisioning steps. The Virtual Appliance does not handle provisioning for disabled sources, so the described scenario where it retries the request and carries out provisioning is inaccurate.

SailPoint IdentityNow Provisioning Configuration Guide.

SailPoint IdentityNow Virtual Appliance and Connector Operations Documentation.