SailPoint IdentityIQ-Engineer Exam Actual Questions

In SailPoint IdentityIQ, certain objects, such as the Link object, cannot be directly extended by updating the corresponding .HBM (Hibernate Mapping) file. Modifying or extending core IdentityIQ objects typically requires a deeper level of customization involving the extension of the application schema and possibly custom Java code. The .HBM files are part of IdentityIQ's internal persistence framework, and altering them is not a supported or recommended method for extending objects in a production environment. Customization should instead be done using SailPoint's supported extension points, such as using ManagedAttributes or CustomAttributes within the IdentityIQ application framework. For guidelines on extending IdentityIQ objects, refer to the SailPoint IdentityIQ Customization Guide and best practices documentation.

Top of Form

Bottom of Form

In SailPoint IdentityIQ, certain objects are designed to be extended by updating their corresponding Hibernate Mapping (.HBM) files. However, the WorkItem object is not one of these extendable objects. The WorkItem is a system object that primarily represents tasks or actions that need to be processed within the workflow. It is not intended to store client-specific data through direct modification of its .HBM file. Instead, client-specific data should be handled using other mechanisms, such as custom attributes or the extension of Identity or Account objects. Attempting to modify the WorkItem object's HBM file could lead to unexpected behavior and is not supported by SailPoint's best practices.

SailPoint IdentityIQ Customization Guide

SailPoint IdentityIQ Object Model Documentation

The provided solution does not fulfill the client's requirement. Setting 'Who can members request for?' to 'report to the requester' only limits the request scope to users who directly report to the requester, which does not account for the location attribute. The goal is to restrict requests based on the location attribute, and this specific configuration does not consider that attribute. To achieve the desired behavior, the configuration should include logic that filters users based on the same location as the requester.

SailPoint IdentityIQ Quicklink Population Configuration Guide

SailPoint IdentityIQ Advanced Population Management Guide

This solution correctly addresses the client's requirement. By setting the membership match list to 'All' and configuring 'Who can members request for?' as 'share attributes with the requester,' with the attribute set to location, the system ensures that users in the 'Management' workgroup can only request roles and entitlements for other users who share the same location. This setup effectively filters based on the location attribute, aligning with the client's needs.

SailPoint IdentityIQ Quicklink Population Configuration Guide

SailPoint IdentityIQ Attribute-Based Access Control Guide

The statement is incorrect. Email templates in SailPoint IdentityIQ are not restricted to just Identity object attributes or methods. They can access attributes and methods of any object passed to the template through its input arguments, including WorkItems, CertificationItems, and others. The template system allows the use of various objects' properties as long as they are properly referenced within the script or template context.

SailPoint IdentityIQ Email Templates Guide

SailPoint IdentityIQ API Reference Documentation