Examice

Exam C2150-609 All QuestionsBrowse all questions from this exam

Question 45

An IBM Security Access Manager V9.0 deployment at a customer has enabled audit.authz, audit.authn, audit.http for meeting auditing requirements and results in large volume of audit records and poses significant data management challenges to the client. The customer wants to exclude the audit events to certain static resources such as images.

What action should be taken to implement this?

Disable audit.http events only

Disable audit.http.unsuccessful events only

Define a POP with the audithttp set to "no"; attach this to the static resources

Define an ACL with the audithttp operation set to "no"; attach this to the static resources

Correct Answer: C

To exclude audit events for certain static resources in IBM Security Access Manager, it's appropriate to define a Policy Object (POP) with the auditing for HTTP (audithttp) set to 'no' and attach this policy to the specific static resources. This way, the specific resources that do not need to be audited are excluded while maintaining auditing for other necessary resources.

Discussion

fuckthatallOption: C

The right answer is C https://www.ibm.com/docs/en/sva/9.0.3?topic=logging-disabling-resource-access-events