Number of questions: 55
Time allowed in minutes: 90
Required passing score: 63%
IBM Certified Administrator – Security Guardium V10.0
The test consists of 6 sections containing a total of approximately 55 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.
Section 1 – Product features and capabilities (16%)
Understand high-level components of a Guardium solution.
Describe the features and capabilities of Data Activity Monitoring (DAM) and File Activity Monitoring (FAM).
Describe the features and capabilities of Classification, Entitlement, and Vulnerability Assessment.
Use data level access control features (SGATE and Redaction).
Describe features and capabilities of available agents and modules (GIM, S-TAP, CAS, etc).
Section 2 – Planning, sizing and capacity (15%)
Identify the main factors that affect the volume of data managed by Guardium including backups and archives.
Plan appliance location architecture.
Understand properties of the systems to be monitored such as operating systems, databases, type of data and volume and their effects.
Plan strategy for high availability.
Calculate the number and type of appliances required based on Processor Value Unit (PVU) load.
Identify the system requirements of Guardium appliances.
Section 3 – Installation and configuration (25%)
Locate and download appropriate Guardium appliance and agent installers.
Build new collectors and aggregators.
Perform initial appliance setup and configuration.
Configure appliance data management processes and schedules.
Configure the appliance for interfacing with standard systems (mail, SNMP, LDAP, SIEM).
Manage the access of Guardium users.
Install Guardium Installation Manager (GIM) and upgrade agents and modules with GIM.
Install software tap (S-TAP) from command line.
Demonstrate detailed understanding of agent configuration and inspection engine parameters.
Section 4 – Data monitoring, policy rules and reporting (15%)
Perform a Vulnerability Assessment test.
Differentiate the effects of policy rules and associated actions.
Define and use monitoring features such as queries, reports, audit processes, and alerts.
Use Enterprise Search.
Section 5 – Self-monitoring and performance (15%)
Use Guardium self-monitoring reports and alerts.
Analyze and act upon errors or exceptions.
Identify and resolve appliance performance issues.
Optimize internal database tables to maintain performance.
Monitor and report on Guardium user activity.
Maintain a managed environment.
Section 6 – Maintenance and support (15%)
Use available IBM troubleshooting resources and services, for example, Knowledge Center, technotes and IBM Support.
Plan and install appliance patches and agent upgrades.
Collect diagnostic information and troubleshoot problems.
Use common Command Line Interface (CLI) and GrdAPI commands including support commands.
Restore data and configuration from backups and archives.
IBM Certified Administrator – Security Guardium V10.0
Job Role Description / Target Audience
This intermediate level certification is intended for Guardium administrators (data security and deployment professionals).
This certification covers the products IBM Security Guardium Data Activity Monitor V10.0, IBM Security Guardium File Activity Monitor V10.0, and IBM Security Guardium Vulnerability Assessment 10.0.
These Guardium administrators are familiar with the product features and capabilities, plan, install and configure, self-monitor and monitor data, define policy rules and report, maintain and support.
To attain the IBM Certified Administrator – Security Guardium V10.0 certification, candidates must pass 1 test. To prepare for the test, it is recommended to refer to the job role description and recommended prerequisite skills, and click the link to the test below to refer to the test objectives and the test preparation tab.
Basic knowledge of:
operating systems and databases.
hardware or virtual machines.
networking and protocols.
auditing and compliance.
information security guidelines.
This certification requires 1 test(s).
AGuardium administrator just finished installing the Guardium product to build a Collector. The administrator wants to make sure the Collector has the licenses needed to provide functionality for data activity monitoring, masking and blocking (terminate).
Which of the following lists the minimum licenses the administrator needs to install?
A. Base Collector license.
B. None, the licenses required are already installed automatically by the Guardium product installer.
C. Base Collector license plus IBM Security Guardium Standard Activity Monitor for Databases (DAM Standard).
D. Base Collector license plus IBM Security Guardium Advanced Activity Monitor for Databases (DAM Advanced).
A Guardium administrator is planning to build an environment that contains an S-TAP with one primary Collector and one failover Collector. What must the administrator ensure when setting up this environment?
A. Both Collectors are centrally managed.
B. There is network connectivity between the S-TAP and both Collectors.
C. Guardium Installation Manager (GIM) is installed on the Database Server.
D. in the guard_tap.ini file of the S-TAP set participate_in_load_balancing=1
During a Guardium deployment planning meeting, the team decides to deploy all S-TAP agents on all Unix/Linux database systems. A Unix/Linux system administrator team manager asks a Guardium administrator if there are any differences between Guardium S-TAPs for AIX and Linux systems that the team should be aware of.
What should be the Guardium administrator’s response?
A. A-TAP is required on all AIX DB Servers.
B. aserver reboot is required to capture shared memory traffic from all databases on AIX.
C. K-TAP is required on the AIX DB servers. The exact uname -a output is required to determine the correct K-TAP module for the server.
D. K-TAP is required on the Linux DB servers. The exact uname -a output is required to determine the correct K-TAP module for the server.