IBM Datapower Interview Questions and Answers
by Subashini, on Jul 29, 2022 10:50:50 PM
Q1. What is the definition of IBM data power?
IBM data power is a Service-oriented architecture tool, this helps the organization to meet pre-built security and integrating digital business needs. This tool also helps to accelerate XML and web service deployments in a single platform.
Q2. What are the uses of IBM data power?
The following are the important benefits of using IBM data power;
- Enhances the reliability of IMS transactions for IMS commit mode.
- Supports distributed caching with IBM data power to provide improved response time and better application performances.
- Enhance security intelligence and compliance through integration with QRadar security information and security management platform.
- Easy to use and secured B2B integration.
Q3. How do you implement Dynamic routings in IBM data power?
If you are working with dynamic routing, you need to update all the URL’s in an extended markup language (XML) file. To process this you should use an XSLT file. This will read the URL from the XML files on the base of customized conditions and set the variable var: //service/routing-URL in XSLT.
Q4. What is the default log size in the log targets? What happens when that log size is reached?
The default log size is 500 kilobytes.
When the log file reaches the limit, the system will upload it to the TP server. Suppose if it is successfully uploaded, the system appliance will delete the log file automatically to free up some spaces.
Q5. What is an XML manager and why do we need it?
XML manager is a basic network configuration system, which helps in load balancing and able to access the remote servers.
Benefits are as follows;
- XML manager sometimes acts as an XML parser to provide threat and security.
- This also helps in implementing the caching process.
- XML manager to configure the user-agent.
Q6. Give three popular algorithms used for the encryption process?
Below are the popular algorithms used in the IBM data encryption process;
Triple DES algorithm -> this uses the three separate individual keys of 56 bits each. The total key length is about 168 bits, but sometimes experts would use 112 bits to strengthen the keysets.
RSA algorithm -> this is a public key data encryption algorithm and is a standard for encrypting data over the internet.
AES algorithm -> this is an extremely 128-bit key form algorithm. This algorithm also uses the keys of 192 and 256 bits for the heavily used encryption process.
Q7. How do you gauge the strength of the key, what is the parameter used?
We know that the algorithm should be available to the public, but the key values should be confidential;
- Key size parameters
- Performance and response time to perform encryption and decryption process
- Mathematical proofs used for standardization and offers security
Q8. What are the different modes through which you can connect to IBM data power?
There are three different modes available to connect IBM data power;
- GUI or graphical user interface: this helps the user to make use of the graphical user interface components.
- CLI or command line integration: this is used to develop command line arguments to perform the encryption process.
- XML management interface: this is available in the form of XML files to perform load balancing and the encryption processes.
Q9. Why XSLT used in IBM data power?
The below three features explain the IBM data power;
1. XSLT is a programming language and therefore gives added flexibility and power when creating the PNX.
2. Only one copy of the rules needed when working with multiple institutions. Use if-else statements for differences between institutions.
3. Some normalization rules can be extremely lengthy and very complex. The logic can be greatly simplified through the power of XSLT.
Q10. What are the components of WSDL?
The various components used in WSDL;
- WSDL definitions
- WSDL port and operations
- WSDL types
- WSDL message
- WSDL binding.
Q11. What are the roles and responsibilities of the IBM data power professional?
Below are the primary roles and responsibilities of IBM data power professional;
- To gather the requirements from respected clients.
- Help to prepare the design documentation.
- Present the design document to the client for approval task
- Configure the services in the software development environment
- Perform testing and troubleshooting of data process services
- Migrate the data services from the development team to test and transmission to the production environment.
Q12. What is the processing rule?
Every data process service should have a certain type of policies and every policy should have processing rules.
The important factors included are;
- Request the process rule to manage request messages.
- Response to the process rule to handle or manage request messages
- Error rules are used to manage error scenarios
Q13. What are the different services that have you used in Data power?
- Web service proxy
- Multiprotocol gateway
- XML firewall.
Q14. What actions have you used in the processing policy?
AAA, SLM, match, transform, Result, sign, verify, encrypt, decrypt.
Q15. Why do we need a log target when there is already a default logging mechanism available in data power?
Log target in data power is used to capture important messages which are posted by several objects and services that are running on the application. One more important thing about log target is that Users make use of this file to retrieve specific objects or events, and also get log information.
Q16. What is a trust store?
A trust store contains certificates from other parties that we expect to communicate with, or from Certificate Authorities that we trust to identify other parties.
For example, Google (chrome) contains certificates of many companies or websites. Whenever we browse that site the browser automatically checks the site for its certificate from the store and compares it.
If it is true, Google will add the ‘s’ on ‘HTTP’. That way we know that website is secured and trustworthy.
Q17. What are the different modes of archival? Explain each mode in two lines each?
Rotate, rotate the log file when the maximum size is reached. The appliance creates a copy of the file and starts a new file. The appliance retains the archived copies up to the specified number of rotations.
After reaching the maximum number of rotations and the log file reaches its maximum size, the appliance deletes the oldest file and copies the current file.
Upload, upload the log file when the maximum size is reached. The appliance uploads the file using the specified upload method.
Q18. What is cryptography? Why do we need it?
Cryptography is to protects private communication in the public world. For example, two entities wanting to communicate – Ajitab and Mulu – are shouting their messages in a room full of people.
Everyone can hear what they are saying. The goal of cryptography is to protect this communication so that only Ajitab and Mulu can understand the content of the messages.
Q19. What is the weakness of symmetric key cryptography and what is the strength of asymmetric key cryptography?
Symmetric key cryptography:
- The biggest obstacle in successfully deploying a symmetric-key algorithm is the necessity for a proper exchange of private keys. This transaction must be completed in a secure manner.
- If the face-to-face meeting, which proves quite impractical in many circumstances when taking distance and time into account, cannot be possible to exchange private keys.
- If one assumes that security is a risk, to begin with, due to the desire for a secret exchange of data in the first place, the exchange of keys becomes further complicated.
- Another problem concerns the compromise of a private key. In symmetric-key cryptography, every participant has an identical private key.
- As the number of participants in a transaction increases, both the risk of compromise and the consequences of such a compromise increase dramatically. Each additional user adds another potential point of weakness that an attacker could take advantage of.
- If such an attacker succeeds in gaining control of just one of the private keys in this world, every user, whether there are hundreds of users or only a few, is completely compromised.
- Both Symmetric and Asymmetric-key cryptography also has vulnerabilities to attacks such as the man in the middle attack. In this situation, a malicious third party intercepts a public key on its way to one of the parties involved.
- The third party can then instead pass along his or her own public key with a message claiming to be from the original sender.
- An attacker can use this process at every step of an exchange in order to successfully impersonate each member of the conversation without any other parties having knowledge of this deception.
Asymmetric cryptography –More secure!
- Asymmetric keys must be many times longer than keys in symmetric-cryptography in order to boost security.
- While generating longer keys in other algorithms will usually prevent a brute force attack from succeeding in any meaningful length of time, these computations become more computationally intensive.
- These longer keys can still vary in effectiveness depending on the computing power available to an attacker.
Q20. What is the difference between object type and object name and what happens when I keep the add referenced object option to ‘off’?
- Object Type, specify the type of object. This filter restricts log messages to only those messages generated by the selected object.
- Whereas, Object name specifies the name of an existing object of the selected type.
- When the add referenced object option is turned ‘off’, the appliance generates no additional object filters anymore and includes events for only the specified object.
Q21. What is the value timestamp format in log target for?
Timestamp Format: Syslog
Q22. What is the default log size in the log target? What happens when that log size is reached?
Log size: 500 kilobytes, When the log file reached the limit, the system will upload it to the FTP server and if it is successfully uploaded, the appliance will delete the log in the system to free space.
Q23. Why do we need log target when there is already a default logging mechanism available in DataPower?
We need a log target to capture messages that are posted by the various objects and services that are running on the appliance. In order to get a specific event or/and object log information, we utilize log targets.