• Home
  • Articles
  • SailPoint Certification SailPoint-Certified-IdentityNow-Engineer Practice Test Engine Try These 110 Exam Questions [Q17-Q36]

SailPoint Certification SailPoint-Certified-IdentityNow-Engineer Practice Test Engine Try These 110 Exam Questions [Q17-Q36]

Share

SailPoint Certification SailPoint-Certified-IdentityNow-Engineer Practice Test Engine: Try These 110 Exam Questions

Guaranteed Success in SailPoint Certification SailPoint-Certified-IdentityNow-Engineer Exam Dumps

NEW QUESTION # 17
The customer has a system that matches the following description. Is this a suitable connector type to use?
The system is a modern, cloud-based, web application that uses a MySQL database backend provided by the cloud platform. The database is only accessible from the web application. The web application exposes a fully compliant SCIM 2.0 interface with OAuth 2.0 client credentials.
Solution: Generic Cloud Connector

  • A. Yes
  • B. No

Answer: B

Explanation:
No, the Generic Cloud Connector is not the most suitable connector type for this use case. The system described is a modern, cloud-based web application that exposes a SCIM 2.0 interface with OAuth 2.0 client credentials for authentication. The Generic Cloud Connector is typically used for systems that do not have specialized connectors but can integrate via general APIs or REST endpoints. Since the application supports SCIM 2.0, which is a standardized protocol for managing identities, the SCIM 2.0 Connector would be the more appropriate choice, as it is specifically designed for this type of integration.
Reference:
SailPoint IdentityNow SCIM 2.0 Connector Guide.
SailPoint IdentityNow Connector Overview Documentation.


NEW QUESTION # 18
Is this an item that an IdentityNow engineer should configure when implementing a source that uses a JDBC connector?
Solution: Select the checkbox to use database admin as service account.

  • A. Yes
  • B. No

Answer: B

Explanation:
No, selecting a checkbox to use the database admin as the service account is not a recommended or required configuration when implementing a source that uses a JDBC connector. Typically, for security and least privilege, a dedicated service account with only the necessary permissions to read and manage identities within the database is used. Granting database administrator (DBA) privileges to the service account introduces unnecessary security risks and is against best practices.
Reference:
SailPoint IdentityNow JDBC Connector Configuration Guide.
SailPoint IdentityNow Best Practices for Service Accounts Documentation.


NEW QUESTION # 19
In an IdentityNow environment, the source lest connection is failing with a timeout error.
Is this a step an identityNow engineer should take to troubleshoot the problem?
Solution: Turn off the virtual appliance's (VA) internal firewall.

  • A. Yes
  • B. No

Answer: B

Explanation:
Turning off the Virtual Appliance's (VA) internal firewall is not recommended as a standard troubleshooting step in SailPoint IdentityNow. The VA's firewall is crucial for maintaining the security of the environment, and disabling it can expose the system to unnecessary risks. Instead, an IdentityNow engineer should verify the VA's network configuration and ensure that the required ports are open for communication between the VA and the source.
Key Reference from SailPoint Documentation:
VA Configuration and Network Troubleshooting: Troubleshooting connection issues typically involves checking network connectivity and firewall rules, not turning off the internal firewall.


NEW QUESTION # 20
An IdentityNow engineer needs to find identities with disabled AD accounts by using IdentityNow's search features. Is this the correct search syntax to perform this task?
Solution:

  • A. Yes
  • B. No

Answer: B

Explanation:
No, the search syntax @accounts( source.name:"AD" AND disabled:true ) is incorrect for SailPoint IdentityNow because the attribute disabled may not be universally recognized or applicable for all sources in the system. Using the state:"disabled" condition (as in previous correct answers) is a more reliable and system-compliant approach to find disabled accounts.
Key Reference from SailPoint Documentation:
Standard Account State Search: The correct search syntax involves using state:"disabled" instead of disabled:true for querying disabled accounts.


NEW QUESTION # 21
When preparing for a manager certification campaign is this a step that is considered a best practice before the campaign preview is generated?
Solution: Evaluate available campaign administration filters

  • A. Yes
  • B. No

Answer: A

Explanation:
Yes, evaluating available campaign administration filters is a best practice before generating the campaign preview. Campaign filters allow administrators to control the scope of the campaign by filtering users, entitlements, or other criteria, which is crucial for tailoring the certification to the right audience. By evaluating and applying filters, administrators ensure that only the relevant users and entitlements are included in the certification campaign, leading to more effective and targeted certifications.
Reference:
SailPoint IdentityNow Campaign Administration Guide.
SailPoint IdentityNow Certification Campaign Filtering and Scope Documentation.


NEW QUESTION # 22
HOTSPOT
Match each Virtual Appliance command to Its purpose.

Answer:

Explanation:
1. sudo timedatectl
Purpose: Display the current system date and time.
2. sudo journalctl -f -u ccsd Of tail /home/sailpoint/ccs.log
Purpose: Review a log file. This command is used to view logs related to the CCS (Cloud Connector Service) for troubleshooting or analysis.
3. ldapsearch -x -D
Purpose: Search an Active Directory domain controller. This command queries an LDAP directory to retrieve information about users, groups, etc.
4. nc -vz -w 5 192.168.0.1 80
Purpose: Test a port on a remote system. This command is using "netcat" to test whether port 80 on the specified IP address is open and responding.


NEW QUESTION # 23
Is this statement accurate regarding SailPoint's multi-tenant processing environment?
Solution: identityNow admins have the option to choose how often updates to their tenant occur.

  • A. Yes
  • B. No

Answer: B

Explanation:
No, IdentityNow administrators do not have the option to choose how often updates to their tenant occur. SailPoint operates a multi-tenant SaaS model, where updates are rolled out centrally by SailPoint on a predefined schedule. SailPoint controls and manages updates to ensure consistency and security across all tenants. This means that all tenants receive updates automatically as part of SailPoint's continuous delivery model, without the ability for individual admins to control or delay updates.
Reference:
SailPoint IdentityNow SaaS Release Management Guide.
SailPoint IdentityNow Multi-Tenant Environment Overview.


NEW QUESTION # 24
An IdentityNow engineer has the following problem:
IdentityNow shows status failed on a virtual appliance (VA).
Is this one of the steps that should be taken troubleshoot the issue?
Solution: Log in to the console of the VA and verify that the VA has connectivity to the internet.

  • A. Yes
  • B. No

Answer: A

Explanation:
Yes, verifying that the Virtual Appliance (VA) has connectivity to the internet is a critical step when troubleshooting a "failed" status in IdentityNow. The VA requires internet connectivity to communicate with SailPoint IdentityNow's cloud services for synchronization, updates, and other key functions. If the VA is unable to reach the internet, it can lead to a failed status. Logging in to the VA's console to test network connectivity (e.g., using ping or curl commands) is an important step in diagnosing the issue.
Key Reference from SailPoint Documentation:
VA Internet Connectivity Troubleshooting: SailPoint recommends checking the network connectivity as one of the first steps when the VA shows a failed status.


NEW QUESTION # 25
Is the following description of an access profile correct?
Solution: It allows definition of an approval process.

  • A. Yes
  • B. No

Answer: A

Explanation:
Yes, an access profile allows the definition of an approval process. When an access profile is created, administrators can configure specific approval workflows that must be followed before the access is granted. This includes designating approvers or specifying multiple levels of approval, depending on the organization's policies. This capability is useful for ensuring that sensitive access requests are properly reviewed and approved.
Reference:
SailPoint IdentityNow Access Request and Approval Workflow Guide.
SailPoint IdentityNow Access Profile Configuration Documentation.


NEW QUESTION # 26
Is the following true about the web-services connector in IdentityNow?
Solution: The connector supports SAML authentication.

  • A. Yes
  • B. No

Answer: B

Explanation:
The Web Services connector in SailPoint IdentityNow does not support SAML authentication. SAML is primarily used for Single Sign-On (SSO) authentication for web applications, whereas the Web Services connector in IdentityNow typically supports Basic Authentication, OAuth, or custom header- based authentication for API-based integrations. SAML authentication is generally used for federated identity management rather than for API-based interactions.
Reference:
SailPoint IdentityNow Web Services Connector Configuration Guide.
SailPoint IdentityNow Authentication Methods for Connectors.


NEW QUESTION # 27
Review the current identity model and scenario below.

Scenario
John Doe requests "Sales" access on Salesforce for himself. In the approval process, John Doe's manager approves. The access request is tils the expected provisioning action sent to the source connectors?
Solution: Expected Provisioning No provisioning is sent out.

  • A. Yes
  • B. No

Answer: B

Explanation:
In SailPoint IdentityNow, provisioning is the process of granting or revoking access to systems and applications based on access requests or changes in user identity attributes. The scenario describes John Doe requesting access to the "Sales" profile in Salesforce, which is approved by his manager.
However, simply approving an access request does not automatically trigger provisioning unless specific conditions are met:
Provisioning Policy: For the access to be provisioned, SailPoint IdentityNow requires a provisioning policy that defines the action to be taken after the approval process. This policy is often configured to specify whether access should be granted or denied after approval. If no provisioning policy is linked to the requested access, no action will be triggered.
Source Configuration: The Salesforce source (connector) in SailPoint IdentityNow must also be properly configured to handle provisioning tasks. Without proper configuration of the Salesforce source, no provisioning action will be sent even if the request is approved.
Manual Provisioning Workflow: In some cases, IdentityNow might be configured to require manual intervention after approval (e.g., triggering a manual provisioning workflow or an additional step) to enforce the provisioning action. If this configuration is missing, the approved request will not lead to automatic provisioning.
Since the scenario does not explicitly state that a provisioning policy or source configuration exists to handle the access request, the correct conclusion is that no provisioning would be sent out.
Key Reference from SailPoint Documentation:
Provisioning Concepts in IdentityNow: Documentation emphasizes that provisioning is triggered by defined workflows and provisioning policies that link the request to the connector source. Without these, the approval does not lead to actual provisioning.


NEW QUESTION # 28
Is the following description of an access profile correct?
Solution: It directly references roles to provide access.

  • A. Yes
  • B. No

Answer: B

Explanation:
No, an access profile does not directly reference roles to provide access. Instead, access profiles are collections of entitlements or permissions that are bundled together to simplify access provisioning.
Access profiles can be associated with roles, but they do not reference roles directly. Roles in IdentityNow define broader sets of permissions, which may include access profiles, but access profiles themselves are not tied directly to roles.
Reference:
SailPoint IdentityNow Access Profiles Documentation.
SailPoint IdentityNow Roles and Access Profiles Configuration Guide.


NEW QUESTION # 29
Does this run on the VA?
Solution: Active Directory connector

  • A. Yes
  • B. No

Answer: A

Explanation:
Yes, the Active Directory connector can run on the Virtual Appliance (VA). The VA is responsible for hosting connectors that communicate with various target systems, including Active Directory. The connector establishes the communication between IdentityNow and the target Active Directory instance for operations such as provisioning, deprovisioning, and account synchronization. The VA acts as the bridge between IdentityNow's cloud service and the on-premises AD environment, enabling secure communication through the connector.
Reference:
SailPoint IdentityNow Active Directory Connector Configuration Guide.
SailPoint IdentityNow Virtual Appliance Architecture and Setup Documentation.


NEW QUESTION # 30
Is this statement true about certification campaigns?
Solution: Search-based certification campaigns are used to review access for non-correlated accounts.

  • A. Yes
  • B. No

Answer: A

Explanation:
Yes, search-based certification campaigns can be used to review access for non-correlated accounts.
Non-correlated accounts are accounts that do not have a direct link to any identity in the system, which means they may represent orphaned or unmanaged accounts. Search-based certifications allow administrators to create campaigns based on specific criteria, including targeting these non- correlated accounts to ensure they are properly reviewed and addressed within the organization.
Reference:
SailPoint IdentityNow Search-Based Certification Campaign Guide.
SailPoint IdentityNow Non-Correlated Account Management Documentation.


NEW QUESTION # 31
Exhibit.

Solution: An engineer has one small production data center with an Active Directory, a database server, and two cloud applications to which they need to connect Where would the virtual appliances (VAs) reside In this scenario?
Solution: A

  • A. Yes
  • B. No

Answer: B

Explanation:
No, the Virtual Appliances (VAs) should not reside in A, which represents the SailPoint cloud environment. VAs are typically deployed in the on-premises network to interface directly with internal resources like Active Directory, databases, and applications. The cloud environment is where IdentityNow services are hosted, but the VAs need to be positioned closer to on-premise resources to manage identity synchronization and provisioning tasks.
Key Reference from SailPoint Documentation:
VA Placement Recommendations: Virtual Appliances are deployed in the on-premise network rather than the cloud, to ensure they have direct and secure access to internal resources.


NEW QUESTION # 32
Is this an item that an IdentityNow engineer should configure when implementing a source that uses a JDBC connector?
Solution: This item is complete

  • A. Yes
  • B. No

Answer: B

Explanation:
No, the statement "This item is complete" is vague and does not represent any actionable configuration when implementing a JDBC connector. An IdentityNow engineer needs to focus on specific technical configurations like setting up schemas, defining SQL queries, mapping attributes, and ensuring the correct service account permissions. Simply stating "This item is complete" is not a valid step in the implementation process.
Reference:
SailPoint IdentityNow JDBC Connector Implementation Checklist.
SailPoint IdentityNow Configuration and Implementation Documentation.


NEW QUESTION # 33
Exhibit.

Solution: An engineer has one small production data center with an Active Directory, a database server, and two cloud applications to which they need to connect Where would the virtual appliances (VAs) reside In this scenario?
Solution: B

  • A. Yes
  • B. No

Answer: B

Explanation:
In this scenario, the Virtual Appliances (VAs) should not reside in the DMZ (B), which is typically used for hosting services that need to be exposed to both internal and external networks, like web servers or email gateways. However, VAs require more direct and secure access to internal resources like Active Directory and databases. The VA needs to reside where it has secure and reliable connectivity to internal resources like Active Directory and database servers, which would be in the internal network.
Key Reference from SailPoint Documentation:
VA Placement Guidance: Virtual Appliances are placed within the internal network, where they can securely connect to Active Directory, databases, and other internal applications for synchronization and provisioning tasks.


NEW QUESTION # 34
The customer has a system that matches the following description. Is this a suitable connector type to use?
The system is a modern, cloud-based, web application that uses a MySQL database backend provided by the cloud platform. The database is only accessible from the web application. The web application exposes a fully compliant SCIM 2.0 interface with OAuth 2.0 client credentials.
Solution: SCIM 2.0 Connector

  • A. Yes
  • B. No

Answer: A

Explanation:
Yes, the SCIM 2.0 Connector is the most suitable connector for this use case. The system described is a modern, cloud-based web application that exposes a fully compliant SCIM 2.0 interface and uses OAuth 2.0 client credentials for authentication. SCIM (System for Cross-domain Identity Management) is a standardized protocol designed to simplify identity management in cloud applications. The SCIM 2.0 Connector in SailPoint IdentityNow is specifically built to integrate with systems that provide a SCIM interface, making it the ideal connector for this scenario.
Reference:
SailPoint IdentityNow SCIM 2.0 Connector Guide.
SailPoint IdentityNow Cloud-Based Integration Documentation.


NEW QUESTION # 35
Is the following statement accurate regarding Separation of Duties (SoD)?
Solution: An SoD policy must define control matrix.

  • A. Yes
  • B. No

Answer: B

Explanation:
No, an SoD (Separation of Duties) policy does not require a control matrix to be defined. While a control matrix can be a useful tool for organizations to visualize and enforce SoD policies by mapping roles to potential conflicting access rights, it is not a mandatory component of an SoD policy. An SoD policy primarily focuses on preventing conflicts of interest by ensuring that no individual has access to perform conflicting tasks within a business process (e.g., approving and processing payments). The control matrix is a recommended method for managing SoD but not a requirement.
Key Reference from SailPoint Documentation:
SoD Policy Overview: SailPoint recommends structuring SoD policies to focus on preventing conflicting access but does not mandate the use of a control matrix, which is an optional best practice for visualizing these controls.


NEW QUESTION # 36
......

Test Engine to Practice SailPoint-Certified-IdentityNow-Engineer Test Questions: https://tesking.pass4cram.com/SailPoint-Certified-IdentityNow-Engineer-dumps-torrent.html

Related Articles

more
SailPoint SailPoint-Certified-IdentityNow-Engineer Certification Practice Exam

The most valid exam cram is the best study and review material for your upcoming IT exam. With the useful and accurate pass4cram study material, you will pass your exam with a high core.

Latest Valid Exams

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Pass4cram NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy