Latest CA SiteMinder Interview Questions and Answers

Q1. What is the benefit of using Global web page?

Ans

 In the process of interrogating a particular web page, there is an interrogator popup which has different interrogation options. Within this option, you can see a checkbox for “Create a Global page”. So using this option you will be able to assign interrogated objects to the newly created global page.

Q2. What is a block component in siteminder?

Ans

• A Web Agent 
• A Policy Server 
• A user store 
• A policy store  An Administrative UI 

Q3. A SiteMinder environment can operate on what FIPS modes of operation?

Ans

• FIPS–compatibility 
• FIPS–migration 
• FIPS–only 

Q4. Name the two methods by which Penetrating tests can be considering?

Ans

Black Box Testing and White Box Testing are the two methods. It can also be done through another approach which is known as Grey Box.

Q5. What is remote administration? Can it cause risk to the business data and information?

Ans

• Remote access is a common approach. It is basically a method which enable a user to control a PC without his/her physical presence at the site.
• The device can be controlled through a remote connection which is based on internet. Remote access is generally given to the internal resources. In case an unauthorized person outside the organization is given such an access, there are certain chances of data and information leakage.

Q6. Name some domains that fall under the Identity Management?

Ans

• Directory management 
• Access Management
• Identity Management directory
• OVD
• OID

Q7. What do you mean by Federation Security Services Administrative UI ?

Ans

• The SiteMinder Federation Security Services Administrative UI (FSS Administrative UI) is an applet–based application that is optionally installed with the Policy Server. Federation Security Services components consist of the affiliates (consumers, service providers, resource partners) and SAML authentication schemes that you configure to support federated communication between two partners. 
• The FSS Administrative UI is intended for only managing tasks related to SiteMinder Federation Security Services.

Q8. Describe SiteMinder Administrative UI?

Ans

The SiteMinder Administrative UI (Administrative UI) is a web-based administration console that is installed independent of the Policy Server. The Administrative UI functions as the primary UI in a SiteMinder implementation and is intended for managing all tasks related to access control, such as: 

• Authentication and authorization policies 
• Enterprise Policy Management (EPM) 
• Reporting and policy analysis 

The Administrative UI is intended for viewing, modifying, and deleting all Policy Server objects, except objects related to Federation Security Services (FSS). All federation-related configuration tasks are managed using the FSS Administrative UI. 

Q9. What are SiteMinder Key Database?

Ans

• Some SiteMinder features and some SiteMinder product integrations require keys for signing, verifying, encrypting, and decrypting information. The purpose of the SiteMinder key database (smkeydatabase) is to make the private keys and the certificate authority (CA) certificates available to the environment. 
• The smkeydatabase is a separate component from a SiteMinder key store, and is a local, embedded database that does not require an external store. 
• For example, use of the SiteMinder Microsoft InfoCard authentication scheme and integrating SiteMinder with Federation Security Services are both examples of an implementation that require a smkeydatabase. 

Q10. What are SiteMinder Audit Database?

Ans

By default, the Policy Server writes audit events to a text file, which is known as the Policy Server log. The purpose of audit logs is to track information about all user activity, including: 

• All successful authentications 
• All failed authentications 
• All successful authorization attempts 
• All failed authorization attempts 
• All administrative login attempts 
• All administrative actions, such as changes to administrator passwords, the creation of policy store objects, and changes to policy store objects 

Q11. Name some attributes of security testing?

Ans

• Non-repudiation
• Authentication
• Confidentiality
• Resilience
• Availability
• Authorization
• Integrity

Q12. What exactly do you know about the Access management and identity management?

Ans

Access management assures web access management such as authorizing users to accomplish a task, authentication, avoiding fraud and handling other similar tasks. On the other side identity management help clients to simply manage identity lifecycle of those who work in an organization.

Q13. What are Data Stores in siteminder?

Ans

A SiteMinder implementation contains multiple data stores. Some stores are required, while others are optional, or only required to implement specific features.

The following descriptions detail: 

• If the store is required or optional 
• The purpose of the store 

Q14. Who are SiteMinder Agents ?

Ans

A SiteMinder Agent can reside on a web server, a J2EE application server, an Enterprise Resource Planning (ERP) system, or custom application. An Agent acts as the Policy Enforcement Point (PEP), intercepting user requests for resources and communicating with a Policy Server to determine if the resource is protected. 

If the resource is not protected, the Agent allows access. If the resource is protected, the Agent continues to communicate with the Policy Server to authenticate and authorize users. A successful authorization prompts the Agent to let the resource request proceed to the server. Agents also: 

• Provide information to web applications to enable content personalization 
• Cache information about authenticated users and protected resources to allow quicker access to resources 
• Enable single sign–on (SSO) 

Q15. What is policy server in siteminder?

Ans

• Policy-based user management 
• Authentication services 
• Authorization services 
• Password services 
• Session management 
• Auditing services 

Q16. What are SiteMinder Components ?

Ans

• A SiteMinder environment includes multiple components. Some components are required to secure resources, while others are optional, or only required to implement specific features. These components work with the resources, applications, directories, and databases in your organization to provide secure access to resources in your enterprise network. All SiteMinder components are supported on a number of operating environments.
• Your SiteMinder implementation is highly dependent on the environment to which you are deploying it. Your implementation does not have to reflect the following diagram. Rather, the purpose of the following diagram is to illustrate the major components in a SiteMinder environment and their general relationships with each other.

Q17. What is SiteMinder Documentation ?

Ans

• Use a single console to view all documents published for SiteMinder. 
• Use a single alphabetical index to find a topic in any document. 
• Execute a full–text search of the entire documentation set. 

Q18. What is the Purpose and Audience of siteminder?

Ans

This guide outlines the important architectural and configuration decisions an organization can consider when implementing SiteMinder. This document is intended to assist with the planning the following: 

• A new SiteMinder implementation 
• A significant modification to an existing implementation 

This guide is intended for IT personnel who are familiar with the enterprise network and access management concepts and technologies. 

This guide assumes familiarity with the following: 

• Application servers 
• Directory servers 
• Databases 
• Web Servers 

Q19. What Is Security Testing?

Ans

Q20. What Do You Know About Penetration Testing?

Ans

It is basically a method to detect several vulnerabilities in a system. It can be done manually or through automated approaches and it aims to evaluate the system security. Just like other approaches, the prime objective of this is to ensure the system stays protected against the attacks. In this approach, if a vulnerability is found, the same is used to find others after understanding its behavior and cause.

Q21. What are the different tasks that allow administrators to manage CA Identity Manager Environment?

Ans

• Bulk Loader tasks
• View submitted tasks
• Bulk task
• Logical Attribute Handler tasks
• Select Box Data tasks
• Email tasks

Q22. What are Authentication events?

Ans

• OnAuthAccept
• OnAuthAttempt
• OnAuthChallenge
• OnAuthReject
• OnAuthUserNotFound

Q23. What is replication? What types it contains? what is the replication id range?

Ans

It contains 

• master – Read&Write 
• consumer – only Read 
• hub – no Read &Write
  The replication id range is 1 to 65534