Notes on the The Oracle Identity Governance Suite 11g Essentials Exam (1Z1-459)

Here’s some notes on the The Oracle Identity Governance Suite 11g Essentials Exam (1Z1-459)

There were 139 questions with a 2 1/2 hours time limit.  I took about 90-95 minutes before I called it good enough.  I’m going to go through topic by topic to anything I think you should focus on.  I will say to start, they asked for a lot more detailed questions about stuff that I would call nitpicky type stuff than I expected.  There were a lot of pick 3 answer questions.  They asked a lot about specific api’s to use, filenames to edit, etc.  Make sure to use the strike-through functionality in the test to mark off answers you know are incorrect, its very helpful with the pick multiple answer questions.  With that, lets go into the topics.


Topic 1: OIG Fundamentals

There were a surprising number of questions for this topic (5-10) about what the goals of OIG are, what the goals of OIA are, OIM, etc.  Know what the benefits of both OIA and the suite as a whole are.  Know what benefits to SOX auditing are provided by OIG!

Topic 2: OIG System Architecture

This is kind of connected to topic 1 in my head.  You need to know the benefits of the ICF.  Need to know what needs to be setup for HA.  How to use sandboxes.

Topic 3: Branding and UI

This was an area that I didn’t think was too important when studying but they wound up asking several questions on it.  Specifically, say you want to add a field to x page, what part of the page would that be under <pageformat>, <pagelayoutformat> etc (Those aren’t the right tags but its something like that)  There were multiple questions about how to do this so bone up on it if you haven’t looked at it already.

Topic 4: Catalog

A bunch of questions here.  Specifically how to populate, how to modify, what admins can edit it, what admin accounts are needed to administer it.

Topic 5: Approval Workflows and Requests Configuration

You need to know how approvals are setup in OIM, where you would change the workflow to add reviews, which policies would be used in a certain situation, Need to know request dataset info

Topic 6: Security

There were a couple questions on OES.  Several questions on delegated Admin that I was able to eliminate answers and then it was easy to see the answer.

Topic 7: Bulk Load and Postprocessing

Know what input sources you can use, know what types of data you can import, there were a couple post processing questions that I did not cover in my evernote, stuff like what’s the goal of postprocessing, etc.

Topic 8: Reconciliation and Postprocessing

There were a number of questions on this topic (~10-20) about how you could configure recon, what fields are necessary, what are the requirements for trusted recon.  Re-eval and Ad-hoc linking

Topic 9: Provisioning, RBAC, and Access Policies

Provisioning to disconnected resources had several questions, know what rbac is, you need to know access policies in and out.  There were a bunch of questions about what you’re configuring to achieve x,y or z

Topic 10: Connectors

They wanted detailed knowledge about what api or spi is used for which connector/plugin etc.  You need to know ICF and how it interacts with both OIM as well as OPAM.

Topic 11: Event Handlers, Notifications, Reports and Scheduled tasks

Event Handlers had in depth questions about what classes are used, etc Notifications didn’t have much, maybe a question or two.  Reports focused more on how BIPub integrates into weblogic and the db.  As well as how to create the schema (i.e. RCU)  Scheduled tasks had many (~10-20) questions.  How are they used, setup, etc

Topic 12:  Identity Analytics

You need to know identity seeding, role mining, a lot of SOD, Certification process in detail, a lot of closed loop remediation, and in depth info about audit policies

Topic 13: OPAM

Need to know basics of check-in/check-out (know what each does), How OPAM interacts with OIM, How OPAM integrates with OUD, OPAM request (who can request, how its setup), there was one question on break-glass access (something like what would the account do), a couple questions on risk-based cert and closed loop remediation

Topic 14: Deployment

There were some in depth questions about what prereqs are needed for different packages (specifically OIA onto an OIM install) Need to know the OIM/OIA/OPAM integration, a couple LDAPsync questions as well, how its setup, what it does, etc

Overall, like I said, I was surprised how in depth they went at some points (connectors, event handlers, scheduled tasks, recon – which class would you use, which plugin, etc)