PracticeVideosBlogFlashcardsEspañol
All Practice Exams

100+ Free IBM C1000-120 Practice Questions

Pass your IBM Certified Administrator - IBM Security Verify SaaS v1 (C1000-120) exam on the first try — instant access, no signup required.

✓ No registration✓ No credit card✓ No hidden fees✓ Start practicing immediately
100+ Questions
100% Free

Loading practice questions...

Same family resources

Explore More IBM Certifications

Continue into nearby exams from the same family. Each card keeps practice questions, study guides, flashcards, videos, and articles in one place.

IBM AIX v7.3 Administrator Specialty (S2000-025)

Practice Questions

IBM Certified Administrator - Db2 12 for z/OS (C1000-078)

Practice Questions

IBM Certified Administrator - Maximo Manage v8.x (C1000-141)

Practice Questions

IBM Certified Analyst — Security QRadar SIEM V7.5 (C1000-162)

Practice Questions

IBM Certified Associate SRE - Cloud v2 (C1000-169)

Practice Questions

IBM Certified Cognos Analytics v12 Administrator - Professional (C1000-178)

Practice Questions
2026 Statistics

Key Facts: IBM C1000-120 Exam

44 questions

The C1000-120 exam contains 44 multiple-choice and multiple-response questions

IBM Training - IBM Certified Administrator Security Verify SaaS v1

90 minutes

Candidates have 90 minutes to complete the C1000-120 exam

IBM Training - IBM Certified Administrator Security Verify SaaS v1

About 70%

The passing score is roughly 31 of 44 correct, about 70 percent

IBM Training - IBM Certified Administrator Security Verify SaaS v1

USD 200

The standard exam fee is USD 200, varying by country and currency

Pearson VUE IBM exam registration

Pearson VUE

The C1000-120 exam is delivered by Pearson VUE for IBM

IBM Training - IBM Certified Administrator Security Verify SaaS v1

Cloud IAM

The exam validates administration of IBM Security Verify SaaS, IBM's cloud identity and access management platform

IBM Security Verify product documentation

FIDO2/WebAuthn

IBM Security Verify supports FIDO2/WebAuthn security keys for passwordless and strong MFA

IBM Security Verify product documentation

100

Free original C1000-120 practice questions available here

OpenExamPrep

The IBM C1000-120 exam earns the IBM Certified Administrator - IBM Security Verify SaaS v1 credential for administrators of IBM's cloud IAM platform. It is a 44-question, 90-minute, proctored multiple-choice and multiple-response exam delivered by Pearson VUE, with a passing score of about 70 percent (roughly 31 of 44). The exam fee is USD 200 (prices vary by region). Objectives span tenant architecture and onboarding, identity sources and user lifecycle, authentication and MFA, single sign-on and federation, access and adaptive policies, and governance, reporting and troubleshooting. This 100-question bank provides original, exam-style practice with detailed explanations across all of those areas.

Sample IBM C1000-120 Practice Questions

Try these sample questions to test your IBM C1000-120 exam readiness. Each question includes a detailed explanation. Start the interactive quiz above for the full 100+ question experience with AI tutoring.

1Which IBM Security Verify SaaS component provides a built-in user repository that an administrator can populate without connecting any external directory?
A.Cloud Directory
B.IBM Security Verify Bridge
C.On-premises LDAP connector
D.SCIM gateway
Explanation: Cloud Directory is the native user repository inside an IBM Security Verify SaaS tenant. Administrators can create users and groups directly in it without integrating any external identity source.
2An administrator wants users to sign in to a cloud application without entering a password, using only an IBM Verify push approval and a biometric on their phone. Which capability is the administrator using?
A.Passwordless authentication
B.Just-in-time provisioning
C.SCIM deprovisioning
D.Identity proofing
Explanation: Passwordless authentication lets users prove identity with a possession-and-biometric factor such as an IBM Verify push with device biometrics instead of a password. IBM Security Verify supports passwordless flows for supported factors.
3Which protocol does an administrator configure when onboarding a service provider that exchanges signed XML assertions for single sign-on in IBM Security Verify?
A.SAML 2.0
B.RADIUS
C.Kerberos
D.LDAP
Explanation: SAML 2.0 uses signed XML assertions exchanged between an identity provider and a service provider for browser single sign-on. IBM Security Verify acts as the SAML identity provider when onboarding a SAML application.
4In IBM Security Verify, what is the primary difference between an authentication policy and an access policy?
A.An authentication policy controls how a user proves identity, while an access policy controls whether and under what conditions a user can reach an application
B.An authentication policy applies only to administrators, while an access policy applies only to end users
C.An authentication policy is evaluated after the access policy in every flow
D.They are two names for the same object and are always configured together
Explanation: An authentication policy defines the methods and factors a user must complete to prove identity, while an access policy decides whether a user may access a specific application and under what conditions, such as requiring MFA. They are distinct and serve different purposes.
5An administrator must synchronize users from an on-premises Active Directory into IBM Security Verify SaaS without exposing the directory directly to the internet. Which component should be deployed?
A.IBM Security Verify Bridge (provisioning agent)
B.A second Cloud Directory
C.A SAML service provider connector
D.The OAuth token endpoint
Explanation: The IBM Security Verify Bridge, deployed inside the customer network, connects to on-premises Active Directory or LDAP and synchronizes identities to the SaaS tenant over an outbound connection, avoiding direct internet exposure of the directory.
6Which multi-factor method in IBM Security Verify is based on the FIDO2/WebAuthn standard and uses a hardware security key or platform authenticator?
A.FIDO2 security key (WebAuthn)
B.Time-based one-time passcode (TOTP)
C.Email one-time passcode
D.Knowledge-based questions
Explanation: FIDO2/WebAuthn uses public-key cryptography with a hardware security key or platform authenticator (such as a laptop or phone biometric) and is phishing-resistant. IBM Security Verify supports FIDO2 for strong MFA and passwordless login.
7An administrator onboards a modern web application that supports OpenID Connect. Which role does IBM Security Verify play in this integration?
A.OpenID Provider (identity provider issuing ID tokens)
B.Relying party consuming ID tokens
C.RADIUS authentication server
D.SCIM resource server only
Explanation: When onboarding an OpenID Connect application, IBM Security Verify acts as the OpenID Provider (identity provider), authenticating the user and issuing ID and access tokens to the application, which is the relying party.
8What does IBM Security Verify Trust contribute to an adaptive access decision?
A.A risk score derived from context and behavior that policy can act on
B.A static password complexity rule
C.A list of SAML attribute mappings
D.The tenant's billing usage report
Explanation: IBM Security Verify Trust analyzes context and behavioral signals to produce a risk score. Adaptive access policies use that score to allow access, deny it, or challenge the user with additional authentication such as MFA.
9An administrator wants new users from a federated identity source to be created automatically the first time they sign in. Which feature accomplishes this?
A.Just-in-time (JIT) provisioning
B.Access certification
C.Consent management
D.Token introspection
Explanation: Just-in-time provisioning creates the user account in IBM Security Verify on first successful federated login, using attributes from the asserting identity provider, so accounts do not need to be pre-created.
10Which standard does IBM Security Verify use to automatically provision and deprovision user accounts in downstream SaaS applications?
A.SCIM
B.SAML metadata exchange
C.SMTP
D.SNMP
Explanation: SCIM (System for Cross-domain Identity Management) is the standard protocol IBM Security Verify uses to create, update and remove user accounts in supported downstream applications, automating lifecycle provisioning.

About the IBM C1000-120 Exam

The IBM Certified Administrator - IBM Security Verify SaaS v1 (C1000-120) exam validates the skills of an administrator who manages an IBM Security Verify SaaS tenant, IBM's cloud identity and access management (IAM) platform. It covers the platform's cloud architecture and tenant administration; configuring identity sources including Cloud Directory, external identity providers and the on-premises bridge; managing the user and group lifecycle with provisioning and lifecycle rules; configuring authentication, including password policies, multi-factor authentication (TOTP, OTP, IBM Verify push and FIDO2/WebAuthn) and passwordless flows; onboarding applications for single sign-on using SAML 2.0 and OpenID Connect/OAuth; building access and authentication policies including context- and risk-based adaptive access; and using access certifications, reporting, auditing and troubleshooting. The exam assumes hands-on experience administering a live tenant.

Assessment

44 multiple-choice and multiple-response questions across architecture and onboarding, identity sources and lifecycle, authentication and MFA, SSO and federation, access and adaptive policies, and governance/reporting/troubleshooting.

Time Limit

90 minutes.

Passing Score

Approximately 70 percent - candidates must answer about 31 of 44 questions correctly. IBM publishes the exact pass mark on the official exam page.

Exam Fee

USD 200 (varies by country and currency). (IBM, delivered through Pearson VUE.)

IBM C1000-120 Exam Content Outline

16%

Architecture, Tenant Administration and Onboarding

IBM Security Verify SaaS multi-tenant cloud architecture, tenant provisioning and initial setup, administrator roles and entitlements, the admin console and Launchpad, branding and theme customization, and the application/onboarding workflow.

18%

Identity Sources and User Lifecycle Management

Cloud Directory, external SAML/OIDC identity sources, the IBM Security Verify Bridge and provisioning agent for on-premises Active Directory/LDAP, directory synchronization, user and group management, just-in-time provisioning, lifecycle rules and SCIM provisioning to applications.

20%

Authentication, MFA and Passwordless

Password policies, factor enrollment, second-factor methods (TOTP authenticator apps, SMS and email OTP, IBM Verify push and QR-code login, FIDO2/WebAuthn security keys), passwordless authentication, and enforcing multi-factor authentication through policy.

18%

Single Sign-On, Federation and Application Onboarding

Onboarding applications from the catalog or as custom apps using SAML 2.0 and OpenID Connect/OAuth 2.0, identity provider and service provider roles, attribute and identity mapping, API clients, scopes and tokens, and managing the user application launchpad.

16%

Access Policies and Adaptive Access

Access policies and authentication policies, context attributes (network, device, geolocation), risk- and behavior-based adaptive access, IBM Security Verify Trust risk scoring and policy actions (allow, deny, challenge with MFA).

12%

Governance, Reporting, Auditing and Troubleshooting

Access certification campaigns and entitlements, privacy and consent management, reports and dashboards, event and audit logs, and troubleshooting authentication, federation, provisioning and bridge connectivity issues.

How to Pass the IBM C1000-120 Exam

What You Need to Know

  • Passing score: Approximately 70 percent - candidates must answer about 31 of 44 questions correctly. IBM publishes the exact pass mark on the official exam page.
  • Assessment: 44 multiple-choice and multiple-response questions across architecture and onboarding, identity sources and lifecycle, authentication and MFA, SSO and federation, access and adaptive policies, and governance/reporting/troubleshooting.
  • Time limit: 90 minutes.
  • Exam fee: USD 200 (varies by country and currency).

Keys to Passing

  • Complete 500+ practice questions
  • Score 80%+ consistently before scheduling
  • Focus on highest-weighted sections
  • Use our AI tutor for tough concepts

IBM C1000-120 Study Tips from Top Performers

1Spin up a free IBM Security Verify SaaS tenant and practice the core admin tasks - add an identity source, onboard a SAML and an OIDC app, enroll an MFA factor and build an access policy - because the exam tests how the console actually works.
2Learn the difference between an authentication policy (how a user proves identity) and an access policy (whether and under what conditions a user can reach an application); the exam frequently contrasts the two.
3Memorize which factors are supported (TOTP, SMS/email OTP, IBM Verify push, FIDO2/WebAuthn) and when each is appropriate, including which support true passwordless login.
4Understand the IBM Security Verify Bridge and provisioning agent: what they connect to (on-premises AD/LDAP), the direction of synchronization and how just-in-time and SCIM provisioning differ.
5Study adaptive access and IBM Security Verify Trust: what context and risk signals feed the risk score and what policy actions (allow, deny, require MFA) can result.
6Review reporting, audit logs and access certification campaigns so you can answer governance and troubleshooting questions about where to find evidence of an event.

Frequently Asked Questions

How many questions are on the IBM C1000-120 exam and how long is it?

The C1000-120 exam has 44 multiple-choice and multiple-response questions and a 90-minute time limit. It is delivered by Pearson VUE at a test centre or through online proctoring.

What passing score do I need for C1000-120?

You need to answer about 31 of the 44 questions correctly, roughly a 70 percent passing score. IBM sets the exact cut score through psychometric review and publishes it on the official exam page.

What product does the C1000-120 exam cover?

It covers IBM Security Verify SaaS v1, IBM's cloud identity and access management platform, including identity sources, authentication and MFA, single sign-on and federation, adaptive access policies, governance and reporting.

Do I need prior certifications to take C1000-120?

No. There are no required prerequisite certifications. IBM recommends hands-on experience administering an IBM Security Verify SaaS tenant before sitting the exam.

How much does the C1000-120 exam cost?

The exam fee is USD 200, though the price varies by country and currency. Check the Pearson VUE registration page for IBM to see the exact cost in your region.

Are these official IBM exam questions?

No. These are original OpenExamPrep practice questions written to teach the C1000-120 objectives and IBM Security Verify terminology. They are not copied from the actual IBM exam.