While looking at the S-TAP Status report on a Collector, a Guardium administrator notices that the status of the S-TAPs is changing every few minutes. The administrator suspects that the sniffer is restarting every few minutes and that is why the status change is happening.
How can the Guardium administrator confirm if the sniffer is restarting every few minutes?
A. Review the Audit Process Log for 'Sniffer stopped' message.
B. Review the Aggregation/Archive Log for 'Sniffer is restarting message.
C. Review the Scheduled Jobs Exceptions for 'Sniffer process failed' message.
D. Review the Buff Usage Monitor for the column TID to see if it changed every few minutes.
AGuardium environment is set up to send daily reports to users. The users are complaining that their report has not been delivered to their inbox for the past week. What is the first action the Guardium administrator should take in order to diagnose the problem?
A. Open a ticket with IBM Support.
B. Pause the User Portal Sync process.
C. Check in the Aggregation/Archive log.
D. Check in the Scheduled Job Exceptions.
Auditors request a report of all unsuccessful login attempts to a database monitored by Guardium. How should a Guardium administrator create such a report?
A. Add a failed login rule to the policy.
B. Create a failed login query and report using access domain in Guardium.
C. Create a failed login query and report using exceptions domain in Guardium.
D. Create a failed login query and report using application data domain in Guardium.
The Quick Search window does not show up on the GUI of a standalone Collector What technical feature should the Guardium administrator check first?
A. That the Collector has at least 24 GB.
B. That the Collector has at least 32 GB.
C. That the Collector has at least 64 GB.
D. Check the contract and verify whether that feature was purchased.
Which use cases are covered with the File Activity Monitoring feature? (Select two.)
A. Classify sensitive files on mainframe systems.
B. Encrypts database data files on file systems based on policies.
C. Selectively redacts sensitive data patterns in files based on policies.
D. Provides audit trail of access to files, alert and/or block when unauthorized users or processes attempt access.
E. Identifies files containing Personally Identifiable Information (Pll) or proprietary confidential information on Linux Unix Windows (LUW) systems.
A Guardium administrator needs to install and configure a physical appliance to ensure network redundancy. Which port should the administrator use to configure IP teaming (bonding)?
A. eth1 only
B. eth2 only
C. eth3 only
D. any port
AGuardium administrator is registering a new Collector to a Central Manager (CM). The registration failed. As part of the investigation, the administrator wants to identify if the firewall ports are open-How can the administrator do this?
A. Ask the company's network administrators.
B. Ask IBM technical support to login as root and verify.
C. Login as CLI and execute telnet
D. Login as CLI and execute support show port open
A Guardium administrator needs to build new appliances with the latest version of Guardium. How should the administrator obtain the ISO image?
A. Contact IBM Support.
B. Download fromibm.com
C. Download from IBM Fix Central.
D. Download from IBM Passport Advantage.
A Guardium administrator manages an environment containing four standalone Collectors. The administrator has been asked to provide a weekly report showing all Data Manipulation Language (DML) SQL statements performed by all database administrators on all databases. The administrator does not want to run the report on each Collector.
What should the administrator do to simplify this task and run the report in only one place every week?
A. Replace the 4 Collectors with one Aggregator.
B. Create an Enterprise Report on one Collector combining the data.
C. Add a Guardium Aggregator to the environment. Create and run the report on the Aggregator.
D. install a Configuration Auditing System (CAS) on each Database Server. Configure the CAS Client to send data to a Collector. Create and run the report on the Collector.
Guardium reports are showing multiple records with client ip as 0.0.0.0. Users are unable to identify which client the connections came from. The Guardium administrator has identified that the databases are using encryption.
Which column can the administrator add that would help users to better identify the client?
A. Client OS
B. Client MAC
C. Access ID
D. Analyzed Client IP