Browse [LATEST] Sailpoint Interview Questions & Answers
Last updated on 04th Jul 2020, Blog, Interview Questions
These Sailpoint Interview Questions have been designed specially to get you acquainted with the nature of questions you may encounter during your interview for the subject of Sailpoint . As per my experience good interviewers hardly plan to ask any particular question during your interview, normally questions start with some basic concept of the subject and later they continue based on further discussion and what you answer.we are going to cover top 100 Sailpoint Interview questions along with their detailed answers. We will be covering Sailpoint scenario based interview questions, Sailpoint interview questions for freshers as well as Sailpoint interview questions and answers for experienced.
1) Tell Something you know about the Hypervisor along with its Types and Examples?
It is basically a VM monitor that manages the resources for a virtual machine in the cloud. They are of two types.
|Type 1||It runs directly over the host hardware||VMWare, ESXI|
|Type 2||It needs a host OS for running over a hardware||Oracle Virtual Box|
2) What According to you is the Importance of Cloud Identity Management?
Well, in the present scenario, the overall cyber attacks and privacy have become a major concern for organizations. Identity management and access simply make sure that only the authorized person can access the data on the cloud and can manage the same.
This often enhances the privacy and security in a cloud environment and enables the business to simply keep up the pace all the time. Cloud identity management avoids the chances of data leak by imposing various restrictions on the same.
3) Define Cloud Identity Management in your own words and its Usefulness?
It is basically defined as the process of authorization and authentication in a cloud environment. It all started from the security of common applications and later transformed into the entire cloud. One of the main aims of this approach is to make the cloud environment more and more visible to organizations with complex and unique data storage needs.
4) Compare app SSO Solution with Cloud Identity Management and put them Separate from one another?
Well, Cloud Identity management is more than just a simple app SSO solution. It provides better privacy and makes sure every user can have individual access. It is also possible to restrict or limit access to this approach.
All the traditional systems can be made compatible with the cloud identity management and the good thing is it is based on Directory-as-a-service. Unlike SSO solutions, there is no concern in the CIM (Cloud Identity Management) when it comes to different devices and the Operating system.
5) Tell anyone Difference among the Traditional Cloud Identity Management Solutions and the Sailpoint?
The Sail Point focuses more on the multi-protocol approach and it mainly focuses on enabling any Information Technology resource to be considered simply. One of the key benefits is it simply accept the default language of the tool or the program and simply make sure of the favorable results in the shortest possible time.
6) What are the Benefits that a Business can Derive from an Effective Cloud Identity Management Solution according to you?
One of the best things is it can connect the employees to each other in a very secure manner and in fact without compromising with anything. All the IT applications an organization uses and the devices they own can be made to communicate with each other with a central control or an eye on them.
Probably this restricts the frauds and other problems. Organizations can simply enjoy the zero management overhead, as well as enhanced security. Also, the directory management can be done in a very reliable manner and without compromising with anything.
In addition to this, all the cloud servers of an organization can be connected to the current AD. The same can also be extended up to a good extent. All the devices can be managed under one central control regardless of their location.
7) Give Abbreviation for APMFA?
It stands for Application-Level multi-factor authentication.
8) What could be the Influence of an Effective Cloud Identity Management Solution on a Large Scale Organization with Complex Needs and Operation Handling?
There is nothing wrong to say that this approach is very critical to any organization with complex needs and management solutions on a cloud. One of the biggest factors is the overall productivity of the employees can be enhanced up to a great extent and without worrying about the overall cost associated. The technology at the same time can also be improved. In case organizations have to face issues about the platform because of directory services, a cloud identity management solution with the neutral vendor can be very useful.
9) How the Sailpoint Cloud Identity Management Solution Could be useful than any other Parallel Approach or Solution?
- Its data storage and backup is secure and organization can always make sure of the same
- It offers management abilities without compromising with the server capabilities
- There are inbuilt sandboxing features which the users can simply make sure of without compromising with anything else
- It saves a lot of costs, as well as efforts of experts when it comes to managing the data on a cloud
10) Can you name a few Models in the Cloud in which the Sailpoint Solutions can be Applied Directly?
The Sail point is compatible with all the models such as Private Clouds, Community cloud, Public Cloud, as well as the Hybrid cloud. However, its implementation and installation could be different
11) Can you tell How Cloud Computing is Different from Mobile Computing?
They seem quite similar to one another but are actually different. Both use the same concept and Cloud computing has additional benefits. It becomes data operational through the World Wide Web than just a specific device. The data which is demanded by the users can be accessed anytime. On the other side, all the application in mobile generally runs on a remote server. Thus, users can have access to stores, as well as managing the data.
12) Is it Possible to Manage the Identities in the Utility Computing?
Yes, this is possible and because it is plug-in management, the nature of services could be different. In most of the cases, it is a Hybrid approach and the identity management is not a big deal through an effective solution
13) While Transporting the Data within a Cloud, give one Method you use to Secure it?
Attention should be paid on the encryption key and make sure the same is implemented along with the files or the data
14) With a Cloud Identity Management Solution, What are the other benefits you can have than just a tool for Authorizing the Application Services?
In addition to authorizing the identities, a cloud identity management solution can simply enable the organization to have better access control. This makes sure of the permission management for handling the tasks on other’s behalf. Anyone entering a restricted section of a cloud can be controlled. In addition to this, the other benefits include the authorization, as well as the authentication so that a limited number of users can access the data.
15) Being a Cloud Identity Management Expert, are you Familiar with the Different Layers in Cloud Architecture?
These are Walrus, Node Controller, Cluster Controller, Cloud Controller, and Storage Controller
16) In the Cloud Environment, what exactly do you mean by the term System Integrators and how they are related to Identity Management?
One of the main responsibilities of the system integrator is to provide the best strategy for the designing of the process which is complicated but is useful in identity management. A strong network of private or hybrid cloud with effective access management capabilities can be assured with the help of this approach.
17) While Managing the Identities, give one Approach which you can Consider to make your Cloud more Intelligent?
This can be done by simply providing the integrator the knowledge about the data center and the creation of the same.
18) Name one Approach which you can Consider for the Linking of Programs to the useful Systems?
This can be done with the help of an approach called EUCALYPTUS. It is also deployed for clustering in the cloud environment so that identities can be managed on a complex network very easily.
19) Suppose there are Issues related to the Performance, What Sort of Actions you will take?
The load, as well as the performance testing, is something that would be extremely helpful for you but this would be done in the initial stage. Code analyzing is the next thing that can be done for this. Moreover, the operation fortification and the enlistment can be done. Attention is to be paid on the data files, disk space availability, as well as on the factors that can enhance the downtime.
20) While Implementing the Cloud Security Policies and Identity Management, what would be the Need for Virtualization?
Virtualization simply makes sure of the effective implementation of all the service level policies as well as the policies binding the Operating systems. In addition to this, virtualization is the approach that is useful in keeping the user level concepts, as well as the back end level concepts different from one another.
21)What is Roles?
Set of Entitlements can be clubbed together to form a role. An Entitlement can be stated as an authorization on a particular system/application.
22)What is Application on boarding?
The process of verifying the connectivity, getting the user data from applications in to the Sail Point IIQ is called Application on boarding.
23)How many types of certification are there in Sail point?
There are 3 major types of certification in Sail Point:
- Application owner Certification.
- Manager Certification.
- Role Composition Certification.
Apart from the above 3 major types, there are 3 more type of certifications:
- Role Membership certification
- Account Group Permission
- Account Group Membership certification.
24)What is Identity cube?
Any account from source application is called an Identity after it is aggregated in to the Sail Point IIQ. The entire data of the user such as Identity, Identity Detail and Entitlements combined is referred as an Identity cube.
25)How many types of Roles can be created in Sail point?
There are two types of roles can be created in Sail Point, they are:
- Business role
- IT role
26)What is Native Identity?
Native Identity is the one which are directly created in the IIQ rather than source or target systems.
27)How we can represent an organization in Sail point?
We can represent an organization by integrating it with all the systems or targets of that particular organization.
28)What are lifecycle events?
All actions which happen in IIQ related to life cycles of an employee is called a life cycle event.
Types of events:
- Terminate etc
29)What is role based access control?
The process of generating authorizations/accesses to a particular system/application based on the role of the user is called role based access control or RBAC.
30)When eve a user joins the firm, what all things is done in sail point for that. What all configurations required?
Depending on the firm’s processes, if the user has to self-register for any of the access to be requested, that can be done using Sail Point. If not, then the accounts are provisioned automatically once the employee data is aggregated in to the IIQ, which usually has a one day interval.
31)What is rule Library? What is the purpose of writing a rule library?
Instead of writing multiple rules to be used in different areas such workflows or life cycle events, we can write all the rules in a single java class and instantiate the objects from the same.
32)What is the difference between capabilities and roles?
Capabilities are not the correct term. It should be entitlement. Entitlement is the access to a particular system, whereas roles are groups of such accesses.
33)What are approval items?
Every administrator or the manager has few items on his dashboard, which some subordinate employee has an access request/ account request in place, for the manager to approve.
34)What are different modes of approval?
Email based or browser based.
35)How we can open a custom form in approval?
If the form is enabled and the approval is denied, then the admin can inform the employee about the reason.
36)Is there any difference between role mining and role engineering. If it is there what are them?
Nothing that I know of.
37)What is role mining? What are different approaches for role mining?
The process of following either top to bottom based approach or bottom up approach when trying to create a entitlement, role and organization unit is called Role mining.
38)What is native change type of life cycle event?
It enables the option to check whether the change has been done in IIQ or source system.
39)What is meant by Host configuration?
The Host Configuration page is to control current servers which are running an Identity IQ case. It is also called as an Identity IQ group.
40)When moving the data to a cloud, which method is used to secure it?
Consideration should be given on the encryption code and make sure the same is completed along with the records or the data.
41)Give the differences between the regular identity management and the Sail Point?
The Sail Point concentrates on the multi-protocol access and it’s mainly converging on allowing an Information resource to be simply viewed. The benefits are that, it allow the default expression of the tool and make sure of the positive effects in the least time.
42)What is exclusion rule?
Exclusion rule is written for certification to exclude some of the identities with specific attribute to be left out of certification.
For example: to exclude all the identities which are from a particular department, this can be achieved by writing an exclusion rule stating the same.
Best Sailpoint Course with In-Depth Modules to PracticalWeekday / Weekend BatchesSee Batch Details
43)What are bean shell scripts?
Scripting that is most commonly used in JRE Runtime.
44)What is meant by Host configuration?
The Host Configuration is to control current servers running an Identity IQ instance. This is also called as an Identity IQ group. The object provided on that page informs system controllers of the current workload as each server is managing.
45)When moving the data to a cloud, which method can be used to secure it?
Consideration should be given on the encryption and the same should be performed with the records.
46)How to Create a Service Account from Simple Mapping?
To configure the mapping:
- Enter the Account Attributes page.
- Click on the System Setup tab then select Mapping Account from the board.
- Click on Add New Attribute to perform the Edit Attribute page.
- Define the following values:
- Attribute Name as service
- Service Account as Display Name
- Read Only as Edit Mode
- Boolean as Attribute Type
- Read Only as Searchable. Just leave the multi values portion.
- Click on Add Source to display the source to the attribute table.
- Now, Map the attribute:
- Pick the Application Attribute.
- Select DB Application from the Application drop‐down list.
- Select the Service from the Attribute drop‐down list.
- Click on Add.
47)Where to approach, for linking of programs to the useful systems?
Linking of programs can be done by the assistance of a proposal called as EUCALYPTUS. It is also used for collecting in the cloud conditions so that connections can be achieved on a multiple systems also.
48)What are the key drivers of IAM?
- Improved security
- Audit and compliance
- Operational efficiency
- Business enablement
49)What is an Identity in IDM? (L1) – IDM Concepts?
- Identity is unique, should be identifiable.
- Identity is a collection of characteristics by which a person is identified.
- Users are those who have access to systems and identity information.
50)What is a connector?
Connector is a mediator between Other systems and Sailpoint repository. Connector helps to import data into Sailpoint database from other systems and vice versa.
51)What is meant by exclusion rule?
Exclusion rule is written for certification to exclude some of the identities with specific attribute to be left out of certification. For e.g. To exclude an identity which is from a particular department, we can write an exclusion rule in Sail point.
52)Name the main Stages of Identity Life Cycle in typical IDM?
- New User Creation or On boarding
- Account Maintenance – Password management, Role addition etc.
- Departing user or termination or Off-boarding
53)Difference between Scope and Capability in Sailpoint?
- Capabilities control the actions that a user can perform and which menu options are available
- Scoping controls which objects a user can act upon and which objects are available
- Both affect what the user can see in IdentityIQ
54)What does SSO mean?
Single Sign On is a property of access control of multiple related, but independent software systems. With this property a user logs in with a single user login to gain access to connected systems without being prompted for different usernames or passwords or in some configurations seamlessly sign on to all system.
55)What are the differences between Authentication and Authorization?
Authentication: Process of determining the identity of a user that is attempting to access a system.
56)Who is the user?· Is the user really who he/she represents himself to be?
Authorization: Process of determining what types of activities are permitted. Usually, authorization is in the context of an authenticated identity.
- Is user X authorized to access resource D?
- Is user X authorized to perform operation J?
- Is user X authorized to perform operation D on resource J?
57)What is Sailpoint Identity Cube?
Term to refer to each unique identity stored in Identity IQ repository. Stores all information known about an identity (Employee/Consultant/User).
Examples: * Identity Attributes * Application Accounts * Entitlements/Roles * History * Risk Score * Policy Violations * User Rights (Capabilities/Scoping)
58)What is Scoping in Sailpoint?
- Subdividing data into logical groups and granting access based on those subdivisions.
- Any IIQ object can have Assigned scopes: o Application, Identity, Role etc
- User can have authorized Access.
59)What are the different types of roles in IIQ?
- By default, there are four types of roles configured in IdentityIQ:
- Organizational: organize the roles in the IdentityIQ UI for easier management
- Business: identify job functions or titles
- IT: encapsulate sets of system entitlements
- Entitlement: represent individual system entitlements
Custom role types can be created to model a structure that doesn’t easily fit into the Identity IQ default model. In addition, the existing role types can be configured to function differently from their default behaviors.
60)How is an organization represented in Sailpoint??
Organization is represented in Sail point By integrating all the systems / target systems of that particular organization in Sail point
61)What is data merging during application configuration? Which applications support the data merging feature?
Data merging is a connector level feature available in delimited and JDBC type of applications. Multiple entries of data are merged during aggregation. Which columns to be merged and which is the unique identifier needs to be configured.
Take Your Career to Next Level with Sailpoint Training to Build Your Skills
- Instructor-led Sessions
- Real-life Case Studies
62)What is a Governance Platform, and what is a Compliance Manager?
This is one of the top Sail point interview questions that deal with the ground-level architecture of Sailpoint. Governance Platform is one that supports the centralization of identity data, business policy, risk modeling, and roles for supporting user life cycle and compliance initiatives. The Compliance Manager is responsible for streamlining the compliance controls and improvement of audit performance with automated policy enforcement and automated access certifications.
63)What is Identity Intelligence?
Candidates could find this entry among most common Sail point interview questions. Identity Intelligence can transform technical identity data from multiple enterprise systems for creating a centralized and business-eccentric, easily understandable information such as reports and dashboards.
64)What is the Audit Configuration?
This Sail point interview question is also one of the common entries you can find from various sources. Audit Configuration page on Sail point helps in specifying actions collected for different audit logs. The system administrator has to specify actions subjected to audit because of the impact of collecting and storing even information in audit logs on performance.
Generally, candidates will encounter this entry among Sail point interview questions related to Identity IQ. Prior to the collection of any data by audit logs for use in audit search, the configuration of Identity IQ for auditing is mandatory.
65) What are the investments needed in Cloud Architecture?
Indeed, the investments are nearly nil then in that particular event, one requires a committed cloud. It is especially evident that cloud innovation is well secure and safe in each angle as it essentially ensures the in the nick of time foundation.
66)What are the various Components that are instrumental in Cloud Architecture?
The primary thing that issues is the speed of the processor. The next in line, are Cloud Ingress and Intra-cloud interchange of information. Also, the powerful Cloud Provided Services and the capacity administrations are likewise obligatory.
67)How can you validate the performance of a build in the Sailpoint environment?
By doing a simple Load testing of 20% more users than the projected number is a good way of starting the validation.
68)Suppose- In a matter of just 30 seconds, you have to take over a project where almost all the development has been done, how will you review the existing code?
Probably the most ideal ways are to survey the unit experiments utilized during advancement. Likewise, on the off chance that you run every one of the utilization cases in debugger method of the IDE as it is going to give me a superior picture at a time when a specific strategy is conjured
69) Name the important tables of the database for Sailpoint IdentityIQ?
Spt application etc.
70) What is a rule library in Sailpoint? Why do we write a rule library?
Rather than composing various rules to be utilized in various areas, for example, work processes or lifecycle events we can simply compose all the guidelines in a solitary java class and start up the items from the equivalent.
71) What can you do to secure data migration within the cloud system?
We can secure it by paying attention to the encryption key and ensure the equivalent is actualized alongside the documents or the information that has been provided
72) What is Library in workflow?
It is the same as a rule library.
73) Whenever a user joins the firm, what all things are done in Sailpoint and for that? What configurations are required?
It relies upon the association’s procedures. If the client needs to self-register for any of the entrances to be mentioned, that should be possible utilizing Sail point. On the off chance that not, at that point the records are provisioned consequently once the worker information is amassed into the IIQ, which for the most part has a one-day interim.
74) What do you understand by the native change type of a life cycle event?
A native change type of a life cycle event empowers the option to check whether or not the requisite change has been done in the source system or the IIQ.
75) Differentiate between capabilities and roles?
Well, Capability is not the correct term here. It is called entitlement. Entitlement is the access that is given to a particular system and on the other hand, the roles are the groups or clusters of these accesses.
76) What do you understand by the approval items?
Each head or the director has scarcely any things on his dashboard, which some subordinate representative has an access request/account demand set up, for the supervisor to endorse.
77) Name the different modes of approval?
Approvals can be either Email-based or browser-based.
78) How can you open a custom form within approval?
On the off chance that the structure is empowered and the endorsement is denied, at that point, the administrator can tell the representative about the reason for the same
79) Define the concept of role mining?
The way toward following either top to bottom based methodology or simple base up approach when attempting to make an entitlement, role and association unit is called Role mining.
80) How many types of extended attributes are there in Sailpoint?
We have 8 types of extended attributes in Sail point.
81) How the need of writing the complex programs, again and again, can be eliminated in the cloud?
This can be done with the help of Application Programming Interface. All the instructions that govern the control over the application communication are defined by it and new systems can be added to the cloud without changing the existing security policies binding identification and access management
82) What is the significance of Elasticity and the Scalability in Cloud Identity management?
Elasticity is useful for the commissioning of the apps and the reverse action of the same which is quite useful in the identity management. On the other side, the Scalability is a characteristic that makes sure that the extra workload could be managed by boosting the resource capacity. Both are useful in managing the identities and cut down the chances of so many errors.
83) What sort of investments is required in Cloud Architecture?
Well, the investments are almost nil than in case one needs a dedicated cloud. It is very much true that the cloud technology is secure and safe in every aspect as it simply makes sure of the just in time infrastructure.
84) Name the different components which are useful in cloud architecture?
The first thing that matters is the speed of the processor. Next are Cloud Ingress and the Intra-cloud communications. Moreover, the effective Cloud Provided Services and the storage services are also mandatory.
85) What type of Web Services are you working on? Did you build custom interfaces to go with them?
Working on using XML based web services to connect with OAM as the native interfaces do not play well with custom legacy application. In the past used and JMS with CORBA interface to connect with legacy mainframe application.
86) What are some of the steps to validate the performance of build?
Load testing for 20% more users than projected is a good starting place.
87) Hibernate – how handle performance for end user?
- Keep session memory footprint low
- Page at DB level instead of at web server level
- While load testing use a wide range of data to avoid the cache and simulate the real performance of end users
88) When writing code, how do you handle multi-threading?
First of all, if you are planning to have a lot of receivers, I would not use the ONE-THREAD-AND-QUEUE-PER-RECEIVER approach. You could end up with a lot of threads not doing anything most of the time and I could hurt your performance wide. An alternative is using a thread pool of worker threads, just picking tasks from a shared queue, each task with its own receiver ID, and perhaps, a shared dictionary with socket connections to each receiver for the working threads to use.
89) If dealing with a J2EE application, what app server would you deploy? Why WebSphere over Tomcat?
WebSphere is app server and tomcat is web server. So Websphere is preferred if you want to run distributed transactions and ejb. Tomcat is good enough if you provide merely http protocol level service alone.
90)How to Extend Identity Management from the Data Center to the Cloud?
Identity IQ helps organizations to quickly and easily integrate cloud-based applications into their existing identity management program without impacting business users or processes. This provides a consistent user experience for common identity business processes, such as requesting access, provisioning accounts, managing passwords and certifying user access – across all IT resources, regardless of where an application is hosted.
Identity IQ provides two components that work together to quickly extend compliance and provisioning activities beyond the data center to cloud-based applications.
SaaS Connectors seamlessly integrate user access data from SaaS applications such as Google Apps and Salesforce CRM into Identity IQ to manage access certification, policy enforcement, access request and provisioning processes. Cloud Identity Bridge extends identity governance and provisioning into public and private cloud environments, providing a secure and reliable link between IdentityIQ and cloud-based resources.
91)What is Identity Warehouse?
The Identity Warehouse is at the core of the Governance Platform serving as the central repository for identity and access data across all enterprise IT applications in the data center and the cloud. The warehouse is populated by importing user data from any authoritative source (e.g., HRMS) and user account and entitlement data from business applications, databases, platforms, and other systems. It is designed to scale and rapidly import access data from large numbers of applications and users by leveraging out-of-the-box connectors or via flat files.
92)What is Role Modeler?
Identity IQ automates the creation, enforcement and verification of role-based access across enterprise applications. Organizations can quickly define roles which fit the unique requirements of their environment using Identity IQ’s adaptive role model. More importantly, Identity IQ enables organizations to create roles which enforce “least-privilege” access while controlling role proliferation. To speed the combination of top-down, business-oriented role modeling and bottom-up IT role mining, Identity IQ enables cross-functional participation in the role-modeling process and makes it easy for both business and technical users to create roles that accurately reflect the organization’s business and IT needs.
93)Why SailPoint? Innovations in Identity Management?
Only SailPoint brings a unique combination of strengths to bear on every aspect of the new challenges of identity management. With innovative, industry-proven technology, a strong heritage in identity and access management, and a laser-like focus on identity governance, SailPoint is best equipped to help any organization run a successful identity management program with the following industry innovations.
- Risk-based approach: Only SailPoint offers 360° visibility into identity and access data and applies a risk model that makes it easy to promptly identify specific business risks before they pose a threat to security or compliance.
- Unified architecture: SailPoint is the only identity provider that has built an identity governance and provisioning solution from the ground up to deliver all the capabilities that organizations require to address today’s risk, compliance and lifecycle management needs.
- Flexible last-mile provisioning approach: IdentityIQ integrates easily with whatever identity technologies, tools and process are established or preferred. With SailPoint, the customer decides how changes are fulfilled to the resources across the organization.
- High performance and scalability: SailPoint meets the performance and scalability requirements of some of the world’s largest customers. IdentityIQ is designed to scale horizontally, vertically and functionally, making it possible for SailPoint to manage hundreds of thousands of users, thousands of applications and millions of entitlements.
- Centralized governance across datacenter and cloud environments: IdentityIQ is designed to handle access to all data, applications and other resources throughout the organization, from the datacenter to the cloud.
94)What are the Provisioning Integration Modules?
SailPoint recognizes that many organizations have significant investments in legacy provisioning systems. To maximize existing investments in these systems, IdentityIQ can leverage existing connectivity through alternative provisioning systems to connect to enterprise resources and pull user account data into its Identity Warehouse to support compliance and identity lifecycle management activities. IdentityIQ can also be configured to push changes resulting from day-to-day identity business processes down to the provisioning solution to implement account changes in target IT systems. SailPoint offers Provisioning Integration Modules (PIMs) for numerous legacy user provisioning solutions, including BMC Identity Manager, IBM Tivoli Identity Manager, Novell Identity Manager, Oracle Identity Manager, and Sun Identity Manager (Oracle Waveset).
95)What is Lifecycle Manager ?
Identity IQ Life cycle Manager delivers a business oriented solution to deliver access securely and cost-effectively, through:
- Self-Service Access Request
- Automated Provisioning