IBM IBM Certified Administrator C2150-606 Questions & Answers

• Question 1:

  The quard_tap.ini of a UNIX S-TAP is configured with the following parameters:

  

  

  The administrator must create a policy that will terminate the session on the delete statement in the below scenario:

  A session is started to the monitored database from client IP 9.9.8.7. In the session the user plans to perform a select statement and then a delete statement.

  What actions should the administrator configure?

  A. Rule 1 - S-GATE Attach Rule2 - S-GATE Detach

  B. Rule 1 - S-GATE Detach Rule 2 - S-GATE Terminate

  C. Rule 1 - S-GATE Attach Rule 2 - S-GATE Terminate

  D. Rule1 - S-TAP Terminate Rule 2 - S-GATE Terminate

  Correct Answer: A

• Question 2:

  A company is installing S-TAPS on new Database Clusters. The Guardium administrator was provided with the PVU load of each node. The clusters are in active/passive mode. The administrator is associating S-TAPs to Collectors using the PVU count.

  How should the administrator treat the PVUs of passive nodes?

  A. include the PVU load of passive nodes.

  B. include half of the passive nodes PVU load.

  C. include a third of the passive nodes PVU load.

  D. Not include the PVU load of passive nodes.

  Correct Answer: D

• Question 3:

  An administrator previously had an issue with a Guardium system. This was resolved with the assistance from the IBM Guardium support team, who provided the shell script, a CLI command and the encrypted key to execute the uploaded shell script.

  Which CLI command should the administrator use to review the commands that were previously run?

  A. fjieserver

  B. support execute showlog

  C. show log external state

  D. support must_gather system_db_info

  Correct Answer: B

• Question 4:

  The last Vulnerability Assessment tests performed in a company were run one year ago. The company wants to ensure the Vulnerability Assessment tests keep up with the latest database common vulnerabilities. The company wants to use the Guardium default tests instead of customer designed tests. What should the Guardium administrator do to update the tests that will be run?

  A. install the latest patch on the Guardium appliance.

  B. Install the latest released Database Activity Monitor Content.

  C. Ask the database administrators to provide the default tests.

  D. Ask the Company Security Provider to supply the default tests

  Correct Answer: B

• Question 5:

  Guardium reports are showing multiple records with client ip as 0.0.0.0. Users are unable to identify which client the connections came from. The Guardium administrator has identified that the databases are using encryption.

  Which column can the administrator add that would help users to better identify the client?

  A. Client OS

  B. Client MAC

  C. Access ID

  D. Analyzed Client IP

  Correct Answer: B

• Question 6:

  AGuardium administrator must configure a policy to ignore all traffic from an application with a known client IP. Due to the high amount of traffic from this application, performance of the S-TAP and sniffer is a concern.

  What action should the administrator use in the rule?

  A. Ignore Session

  B. ignore S-TAP Session

  C. ignore SQL per Session

  D. ignore Responses per Session

  Correct Answer: B

• Question 7:

  During a Guardium deployment planning meeting, a database administrator indicated that the mission critical databases were clustered. How should the Guardium administrator handle S-TAP installation and configuration with respect to clustered databases?

  A. Install S-TAP agents on all active nodes. Set ALL_CAN_CONTROL=1 to failover the S- TAP process to the passive nodes when a database failover occurs.

  B. install S-TAP agents on all active nodes Set WAIT_FOR_DB_EXEC=-1 to set the agent process to failover to the passive node when a database failover occurs.

  C. Install S-TAP agents on all active and passive nodes. Set ALL_CAN_CONTROL=0 to disable all passive nodes until a database failover occurs.

  D. Install S-TAP agents on all active and passive nodes: Set WAIT_FOR_DB_EXEC>0 on all nodes to start S-TAP processes without waiting for a correct DB home.

  Correct Answer: A

• Question 8:

  An administrator manages a Guardium environment including 4 Collectors exporting data to an Aggregator. The Collectors export their data daily at 2, 3, 4 and 5 am Eastern Standard Time (EST) respectively. The Collectors receive traffic every day. The logs on all the Collectors confirm data is exported daily without errors, and all the exported files always have data. A Session report is run on the Aggregator at noon EST for data from the last day.

  Which of the following will ensure there is data in the report?

  A. Schedule Data Purge on the Aggregator to run every day after 5 am EST.

  B. Schedule Data Import on the Aggregator to run at any time of the day.

  C. Schedule Data Import in the Aggregator to run every day before 2 am EST.

  D. Schedule Data Import on the Aggregator to run every day at 6 am EST or later.

  Correct Answer: C

• Question 9:

  An administrator has a new standalone Guardium appliance that will be placed into production next week. The appliance will monitor traffic from a number of databases with a high volume of traffic. The administrator needs to configure the schedule to ensure the appliance internal database does not get full with incoming data.

  Which data management function does the administrator need to configure?

  A. Purge

  B. Data Export

  C. Data Restore

  D. System Backup

  Correct Answer: A

• Question 10:

  A Guardium administrator noticed that while the data activity monitoring is working fine, the Guardium appliance is slower than usual. The administrator wants to check the current CPU load of the Guardium appliance.

  Which predefined Guardium report(s) allows the administrator to determine the current system CPU load of the Guardium Appliance?

  A. CPU Util report

  B. CPU Tracker report

  C. Unit summary and CPU Util report

  D. Buff Usage Monitor and System monitor report

  Correct Answer: D