C2150-606 IBM Security Guardium V10.0 Administration - Practice Questions

Question 1

A Guardium administrator is using the Classification, Entitlement and Vulnerability assessment features of the product.

Which of the following are correct with regards to these features? (Select two.)

Select all that apply, then click Submit answer.

○
Vulnerability Assessment reports are populated to the Guardium appliance via S-TAP.
○
Classification for databases and files use the same mechanisms and patterns to search for sensitive data.
○
Entitlement reports are predefined database privilege reports and are populated to the Guardium appliance via S-TAP.
○
Vulnerability Assessment identifies and helps correct security vulnerabilities and threats in the database infrastructures.
○
The classification feature discovers sensitive assets including credit card numbers or national card numbers from various data sources.

Reference / correct answer:

Vulnerability Assessment identifies and helps correct security vulnerabilities and threats in the database infrastructures.

The classification feature discovers sensitive assets including credit card numbers or national card numbers from various data sources.

D: Guardium Vulnerability Assessment enables you to identify and correct security vulnerabilities in your database infrastructure.

E: As the size and organization of the corporate database grows, sensitive information like credit card numbers and transactions, or personal financial data, may be present in multiple locations, without the knowledge of the current owners of that data. This frequently happens in corporations that have experienced mergers and acquisitions and in older corporations where legacy systems have outlasted their original owners. Even in the best of cases, integration and enhancement projects between disparate systems can easily leave sensitive data unknown and unprotected.

Guardium provides the Classification feature to discover and classify sensitive data, so that you can make and enforce effective access policy decisions.

Incorrect:

Not A: The Guardium S-TAP is a lightweight software agent installed on a database server system. The S-TAP monitors database traffic and forwards information about that traffic to a Guardium system. Guardium S-TAP includes support for:

Capture of all database activities on DB2 for z/OS by privileged users, mainframe-resident applications, and network clients

Capture of critical operations such as SELECTs, DML, DDL, GRANTS, and REVOKES

Not C: Use Guardium’s predefined database entitlement (privilege) reports) to see who has system privileges and who has granted these privileges to other users and roles. Database entitlement reports are important for auditors tracking changes to database access and to ensure that security holes do not exist from lingering accounts or ill-granted privileges.

Reference: http://www-01.ibm.com/support/knowledgecenter/SSMPHH_10.0.0/com.ibm.guardium.doc/assess/va_intro.html?lang=en

Reference: https://www-01.ibm.com/support/knowledgecenter/SSMPHH_9.1.0/com.ibm.guardium91.doc/discover/topics/classification.html

Question 2

Simple Mail Transfer Protocol (SMTP) has recently been configured on a Guardium appliance. How can the administrator confirm the configuration is correct? (Select 2)

Select all that apply, then click Submit answer.

○
Restart the Anomaly detection process
○
Send a test email with CLI diag command
○
From the GUI Alerter page, test the SMTP connection
○
Create a query in access domain to see the sent messages
○
Obtain the syslog file from fileserver and check for SMTP messages

Question 3

A company has recently acquired Guardium software entitlement to help meet their upcoming PCI-DSS audit requirements. The company is entitled to Standard Guardium DAM offering.

Which of the following features can the Guardium administrator use with the current entitlement? (Select two.)

Select all that apply, then click Submit answer.

○
Run Vulnerability Assessment reports
○
Generate audit reports using PCI-DSS Accelerator
○
Block and quarantine an unauthorized database connection
○
Mask sensitive PCI-DSS information from web application interface
○
Log and alert all database activities that access PCI-DSS Sensitive Objects.

C2150-606 – IBM Security Guardium V10.0 Administration