Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. SailPoint
  5. IdentityIQ-Engineer

SailPoint IdentityIQ-Engineer Exam
SailPoint Certified IdentityIQ Engineer (Page 4 )

Updated On: 7-Feb-2026
Page 4 of 26
PDF with 122 Questions

The engineer needs to write some ad-hoc BeanShell code to search for GroupDefmition objects owned by Randy.Knight and print their names. Is this BeanShell code correct as written?

Solution:

  1. Yes
  2. No

Answer(s): B

Explanation:

The provided BeanShell code snippet attempts to filter and print the names of GroupDefinition objects owned by "Randy.Knight." However, the code contains a few issues that prevent it from functioning correctly as written:

Class Import: The GroupDefinition class should be imported explicitly at the beginning of the script, which is missing here.

Query Execution: The use of context.getObjectsByNumber(GroupDefinition.class, i) is incorrect. This method does not exist in this context. The correct approach would be to use context.getObjects() to retrieve the list of objects and iterate over them.

Looping Logic: The loop logic also contains a flaw. Instead of using a counter-based loop with context.getObjectsByNumber(), the recommended approach is to use context.search() to retrieve a list of filtered objects and then iterate through the results.

A corrected version of this code would look something like this:

import sailpoint.object.GroupDefinition;

import sailpoint.object.Filter;

import sailpoint.object.QueryOptions;

Filter filter = Filter.eq("owner.name", "Randy.Knight");

QueryOptions qo = new QueryOptions();

qo.addFilter(filter);

List<GroupDefinition> groupDefinitions = context.getObjects(GroupDefinition.class, qo);

for (GroupDefinition group : groupDefinitions) {

System.out.println(group.getName());

}

In this corrected version:

We explicitly import GroupDefinition.

We retrieve the filtered objects with context.getObjects(GroupDefinition.class, qo) instead of getObjectsByNumber.

Thus, the original code is not correct as written. The correct answer is B. No.


Reference:

This correction and explanation are based on SailPoint IdentityIQ's API documentation, which provides detailed guidance on the proper methods to retrieve and manipulate objects using Beanshell scripting within the platform.



Is this a valid step to take when importing SailPoint XML file objects into IdentitylQ?

Solution: Move the XML file into the IIQ_HOME/WEB-INF/database.

  1. Yes
  2. No

Answer(s): B

Explanation:

The statement suggests moving the XML file into IIQ_HOME/WEB-INF/database as part of the process to import SailPoint XML file objects into IdentityIQ. However, this is not a valid step for importing XML objects.

The correct procedure to import SailPoint XML objects typically involves the following steps:

Use the iiq console command-line tool provided by SailPoint to import the XML file.

The command typically looks like: iiq console import <filename>.xml.

The XML file does not need to be moved to any specific directory like WEB-INF/database for the import process.

Moving the XML file into the WEB-INF/database directory does not align with the documented process and does not facilitate the import. The correct answer is B. No.


Reference:

This answer is based on the official SailPoint IdentityIQ documentation regarding object import procedures, which clearly states that imports should be performed using the IdentityIQ console or through the user interface (for smaller imports).



Is this a valid step to take when importing SailPoint XML file objects into IdentitylQ?

Solution: Import the XML object through the IdentitylQ console.

  1. Yes
  2. No

Answer(s): A

Explanation:

Yes, this is a valid step to take when importing SailPoint XML file objects into IdentityIQ. The IdentityIQ console (iiq console) is a command-line tool used for various administrative tasks, including importing and exporting XML objects.

To import an XML object through the IdentityIQ console, the general procedure involves:

Navigating to the IdentityIQ installation directory.

Running the console with the import command:

iiq console import <filename>.xml

The console will process the XML file, importing the defined objects (roles, policies, identity mappings, etc.) into the IdentityIQ database.

This method is officially documented and is a common practice for importing configuration and objects into SailPoint IdentityIQ. Therefore, the answer is A. Yes.


Reference:

This explanation is derived from the SailPoint IdentityIQ Administration Guide, which details how to manage XML imports and exports using the IdentityIQ console tool.



An engineer needs to trigger a workflow when a Division attribute changes from /7"to Senior IT, but only when the user is a manager.

Is this a valid process that the engineer could use to launch a workflow for a lifecycle event?

Solution: Create a trigger with an event type of rule and return True when the user's previous value of the division attribute is /7"andthe new value of the division attribute is Senior IT.

  1. Yes
  2. No

Answer(s): B

Explanation:

The scenario describes triggering a workflow when a "Division" attribute changes from a specific value to "Senior IT," but only when the user is a manager. The proposed solution suggests creating a trigger with an event type of "rule" that checks the previous and new values of the "Division" attribute.

However, this approach has a couple of issues:

Trigger Configuration: In SailPoint IdentityIQ, a lifecycle event trigger typically operates on changes in identity attributes, but it's not standard to define this trigger using a rule that directly inspects the previous and new values. Instead, the lifecycle event would usually be configured in the context of the application or identity to directly listen to specific changes without needing to define the logic in a custom rule.

Condition Validation: The condition of checking if the user is a manager should ideally be integrated within the workflow itself or the lifecycle event configuration, not just as part of a rule in the trigger.

While a rule can be used to define complex conditions, the correct way to implement this in IdentityIQ would involve setting up the lifecycle event trigger specifically for the attribute change and managing any additional conditions (like checking if the user is a manager) within the workflow or using an appropriate script/rule in that context.

Therefore, while partially correct in approach, the described solution is not the best practice or a valid process in IdentityIQ, so the correct answer is B. No.


Reference:

This answer is based on the SailPoint IdentityIQ Lifecycle Manager Guide, which provides best practices for configuring lifecycle events and triggers, as well as proper use of rules and workflow triggers in these scenarios.



Can the search type in Syslog be used to accomplish this result?

Solution: Identifying the number of employees that report to a specific person

  1. Yes
  2. No

Answer(s): B

Explanation:

Syslog is primarily used for logging system events and not for performing complex searches or queries on hierarchical or organizational data like identifying the number of employees that report to a specific person. Such a query would typically require access to the organizational hierarchy or identity data, which is better achieved through IdentityIQ's reporting or search capabilities within the application rather than using Syslog. Syslog captures log events related to system operations, errors, and other activity logs but isn't designed for the type of structured query described in the question.


Reference:

SailPoint IdentityIQ Logging and Monitoring Guide

SailPoint IdentityIQ Administration Guide (Sections on Reporting and Search)






Post your Comments and Discuss SailPoint IdentityIQ-Engineer exam prep with other Community members:

Join the IdentityIQ-Engineer Discussion