C2150-606 Online Practice Questions and Answers

A Guardium administrator installed the BUNDLE-STAP module and is monitoring the state of the install. Which state requires a database server reboot to complete the installation process?

A. Ip

B. IP-PR

C. FAILED

D. PENDING-UPDATE

Auditors request a report of all unsuccessful login attempts to a database monitored by Guardium. How should a Guardium administrator create such a report?

A. Add a failed login rule to the policy.

B. Create a failed login query and report using access domain in Guardium.

C. Create a failed login query and report using exceptions domain in Guardium.

D. Create a failed login query and report using application data domain in Guardium.

A Guardium administrator is setting up a Collector schedule to export data to an Aggregator and Archive its data to an Archive storage unit for additional data safety.

Given this scenario, which is true regarding the purge schedule?

A. The Archive and the Export have independent purge schedules but should not be run at the same time.

B. The Guardium unit would run the Export and Archive before any purge, so you would only see the last purge run each day.

C. it would not be possible to configure both on a Collector, the Aggregator should do the archiving and only export from the Collector.

D. Any time that Data Export and Data Archive are both configured, the purge age must be greater than both the ageat which to export and the ageat which to archive.

During the initial phase of the Guardium deployment, the Guardium administrator wants to figure out an ideal time period to purge data from the appliance based on the data load.

Which predefined Guardium report(s) allows the administrator to determine the current database disk usage of the Guardium Appliance?

A. Disk UtiI report

B. Aggregation/Archive log

C. DB Server throughput report

D. Buff Usage Monitor and System Monitor reports

Simple Mail Transfer Protocol (SMTP) has recently been configured on a Guardium appliance. How can the administrator confirm the configuration is correct? (Select 2)

A. Restart the Anomaly detection process

B. Send a test email with CLI diag command

C. From the GUI Alerter page, test the SMTP connection

D. Create a query in access domain to see the sent messages

E. Obtain the syslog file from fileserver and check for SMTP messages

A Guardium administrator needs to monitor an Oracle database on a production database server.

Which component does the administrator need to install on this database server that will monitor the traffic?

A. S-TAP

B. Guardium Collector

C. Guardium Installation Manager (GIM)

D. Configuration Auditing System (CAS)

AGuardium administrator needs to upgrade BUNDLE-STAP on a Linux server to the latest version using GIM. What parameter should the administrator set to ensure the upgrade will not require a reboot of the server?

A. KTAP_ENABLED=1

B. KTAP_NO_ROLLBACK=1

C. KTAP_LIVE_UPDATE=Y

D. KTAP_ALLOW_MODULE_COMBOS=Y

Which port must be open for encrypted communication between UNIX S-TAP and Collector?

A. 9500

B. 16016

C. 16017

D. 16018

A Guardium administrator is preparing commands to install or upgrade an S-TAP using the command line method. Which operating system can use the ktap_allow_module_combos parameter for the installation and upgrade?

A. AIX

B. Linux

C. Solaris

D. HP-UX

A Guardium administrator is preparing a command to install Configuration Auditing System (CAS) on a Linux server using the command line method. Which parameter is required?

A. dir

B. tapip

C. java-home

D. sqlguardip

AGuardium administrator is checking the scheduled jobs exceptions report on a standalone Collector The

following error is repeating every 15 minutes.

java.lang.NumberFormatException: empty String

The administrator also notices that the anomaly detection polling interval is 15 minutes.

What should the administrator do next to contribute troubleshooting the problem?

A. Pause all scheduled jobs and check if the exception comes back.

B. identify the alert that is causing the problem by deactivating one alert at a time.

C. Check in the alert builder to see which alerts have accumulation interval of 15 minutes.

D. in the CLI run support must_gather aggjssues and send the file to IBM support.

A Guardium administrator handles a large environment and has been asked to restore old data for auditors to review. This old data needs to be restored so that it does not impact the current data being collected or any merge settings. In order to keep the reports separate (old datavs current data), the administrator sets up an Investigation Center.

Which is a key requirement for users of the Investigation Center?

A. The user must be in one of the groups INV_1, INV_2, or INV_3 (case-sensitive).

B. The users must login as one of the predefined user accounts INV_1, INV_2, orlNV_3 (case-sensitive).

C. A separate user must be used with a role of either INV_1, INV_2, or INV_3 (case- sensitive).

D. To correctly configure an investigation user, the user's Last Name must be set to the name of one of the three investigation databases, INV_1, INV_2, or INV_3 (case-sensitive).

A Guardium administrator noticed that while the data activity monitoring is working fine, the Guardium appliance is slower than usual. The administrator wants to check the current CPU load of the Guardium appliance.

Which predefined Guardium report(s) allows the administrator to determine the current system CPU load of the Guardium Appliance?

A. CPU Util report

B. CPU Tracker report

C. Unit summary and CPU Util report

D. Buff Usage Monitor and System monitor report

An administrator previously had an issue with a Guardium system. This was resolved with the assistance from the IBM Guardium support team, who provided the shell script, a CLI command and the encrypted key to execute the uploaded shell script.

Which CLI command should the administrator use to review the commands that were previously run?

A. fjieserver

B. support execute showlog

C. show log external state

D. support must_gather system_db_info

A company is installing S-TAPS on new Database Clusters. The Guardium administrator was provided with the PVU load of each node. The clusters are in active/passive mode. The administrator is associating S-TAPs to Collectors using the PVU count.

How should the administrator treat the PVUs of passive nodes?

A. include the PVU load of passive nodes.

B. include half of the passive nodes PVU load.

C. include a third of the passive nodes PVU load.

D. Not include the PVU load of passive nodes.