質問 1:
To run grdapi commands users needto use the Command Line Interface (CLI) account. Access to the CLI account is required. Which statement is true?
A. Thestandard CLI user cannot run all of the grdapi commands because it doesn't have the appropriate roles.
B. GUI users of the Guardium system have default access to run grdapi commands from the guardcli1,...,guardcli5 accounts.
C. grdapi commands can only be run from the standard CLI user.
D. Roles to the CLI accounts are given to users by the Admin account.
正解:A
質問 2:
Given the security policy guard_tap.ini configuration shown below:
What must be done in order for an S-Gate Terminate action to work properly with a two rule policy?
A. You must have a rule with an action of "S-Gate Attach" above the "S-Gate Terminate" rule in the policy.
B. You must have a rule with an action of "S-Gate Attach" with "continue" flag checked above the "S-Gate Terminate" rule in the policy.
C. Youmust have a rule with an action of "S-Gate Attach" below the "S-Gate Terminate" rule in the policy.
D. You must have a rule with an action of "S-Gate Attach" with "continue" flag checked below the "S-Gate Terminate" rule in the policy.
正解:B
質問 3:
S-TAP for Z will offload processing to which hardware component?
A. CICS transaction server when available
B. DASD when available
C. Encryption Accelerator module when available
D. ZIIP Processors when available
正解:D
質問 4:
By default, when an access policy rule is triggered, which statement is true?
A. The unmasked SQL statement is logged.
B. The policy stops processing subsequent rules unless the 'Cont. to next rule' box is checked.
C. An alert is sent.
D. The statement continues to the next rule, unless the 'Stop Processing More Rules' box is checked.
正解:B
質問 5:
When using the Group Builder, you can automatically populate a group with members. Which of the following isNOT a valid method to populate group members?
A. Importing information from an LDAP server.
B. Running a database auto-discovery job.
C. Running a query on a custom table.
D. Running a classification process.
正解:B
質問 6:
With Guardium version 8.x "S-TAP for z" monitoring a single DB2 instance on z/OS, which statement is true?
A. There istypically 1 started task running on z: ADHSPAGT = Agent
B. There are typically 2 started tasks running on z: ADHCXXXX = Collector ADHSPSRV = Server
C. There are typically 3 started tasks running on z: ADHMXXXX = Master ADHSPAGT = Agent ADHSPSRV = Server
D. There are typically 4 started tasks running on z: ADHCXXXX = Collector ADHMXXXX = Master ADHSPAGT = Agent ADHSPSRV = Server
正解:D
質問 7:
What is the difference between real time alerts and correlation alerts?
A. Real time alerts are based on policy rules. Correlation alerts are Querybased.
B. There is no difference, terminology is used interchangeably.
C. Real time alerts are driven by anomaly detection. Correlation alerts are policy driven.
D. Real time alerts could only be run on the Managed Units. Correlation alerts can only be run on Central Manager.
正解:A
質問 8:
Which storage type requires a dsm.sys file to be uploaded to the Guardium appliance?
A. TSM
B. SFTP
C. SCP
D. CENTERA
正解:A
質問 9:
In order to add a user and associate the user to a role like "Admin", "CAS", "CLI", "DBA", or "InfoSec", you would login to the Guardium Appliance as what user?
A. accessmgr
B. cli
C. admin
D. infosec
正解:A
To run grdapi commands users needto use the Command Line Interface (CLI) account. Access to the CLI account is required. Which statement is true?
A. Thestandard CLI user cannot run all of the grdapi commands because it doesn't have the appropriate roles.
B. GUI users of the Guardium system have default access to run grdapi commands from the guardcli1,...,guardcli5 accounts.
C. grdapi commands can only be run from the standard CLI user.
D. Roles to the CLI accounts are given to users by the Admin account.
正解:A
質問 2:
Given the security policy guard_tap.ini configuration shown below:
What must be done in order for an S-Gate Terminate action to work properly with a two rule policy?
A. You must have a rule with an action of "S-Gate Attach" above the "S-Gate Terminate" rule in the policy.
B. You must have a rule with an action of "S-Gate Attach" with "continue" flag checked above the "S-Gate Terminate" rule in the policy.
C. Youmust have a rule with an action of "S-Gate Attach" below the "S-Gate Terminate" rule in the policy.
D. You must have a rule with an action of "S-Gate Attach" with "continue" flag checked below the "S-Gate Terminate" rule in the policy.
正解:B
質問 3:
S-TAP for Z will offload processing to which hardware component?
A. CICS transaction server when available
B. DASD when available
C. Encryption Accelerator module when available
D. ZIIP Processors when available
正解:D
質問 4:
By default, when an access policy rule is triggered, which statement is true?
A. The unmasked SQL statement is logged.
B. The policy stops processing subsequent rules unless the 'Cont. to next rule' box is checked.
C. An alert is sent.
D. The statement continues to the next rule, unless the 'Stop Processing More Rules' box is checked.
正解:B
質問 5:
When using the Group Builder, you can automatically populate a group with members. Which of the following isNOT a valid method to populate group members?
A. Importing information from an LDAP server.
B. Running a database auto-discovery job.
C. Running a query on a custom table.
D. Running a classification process.
正解:B
質問 6:
With Guardium version 8.x "S-TAP for z" monitoring a single DB2 instance on z/OS, which statement is true?
A. There istypically 1 started task running on z: ADHSPAGT = Agent
B. There are typically 2 started tasks running on z: ADHCXXXX = Collector ADHSPSRV = Server
C. There are typically 3 started tasks running on z: ADHMXXXX = Master ADHSPAGT = Agent ADHSPSRV = Server
D. There are typically 4 started tasks running on z: ADHCXXXX = Collector ADHMXXXX = Master ADHSPAGT = Agent ADHSPSRV = Server
正解:D
質問 7:
What is the difference between real time alerts and correlation alerts?
A. Real time alerts are based on policy rules. Correlation alerts are Querybased.
B. There is no difference, terminology is used interchangeably.
C. Real time alerts are driven by anomaly detection. Correlation alerts are policy driven.
D. Real time alerts could only be run on the Managed Units. Correlation alerts can only be run on Central Manager.
正解:A
質問 8:
Which storage type requires a dsm.sys file to be uploaded to the Guardium appliance?
A. TSM
B. SFTP
C. SCP
D. CENTERA
正解:A
質問 9:
In order to add a user and associate the user to a role like "Admin", "CAS", "CLI", "DBA", or "InfoSec", you would login to the Guardium Appliance as what user?
A. accessmgr
B. cli
C. admin
D. infosec
正解:A
0 お客様のコメント