Fundamentals of Applying Tivoli Security and Compliance Management Solutions: 000-536 Exam
- 000-536 Questions & Answers
- Exam Code: 000-536
- Exam Name: Fundamentals of Applying Tivoli Security and Compliance Management Solutions
- Q & A: 66 Q&As
1.Which statement is true about privileged user activity monitoring?
A. Privileged user activity monitoring is not necessary.
B. Privileged user activity is applicable to the overall compliance picture.
C. Privileged user activity monitoring is only necessary if sudo is implemented.
D. Privileged user activity monitoring is only necessary if sudo is not implemented.
Answer: B
2.In the Business Process Modeling Notation (BPMN), what does this symbol represent?
A. Event
B. Action
C. Decision Point
D. IT-based Activity
Answer: C
3.The customer applies a strict password policy including: Password aging set to 60 days Password complexity set to high Password recycling time set to never These restrictions apply both to user accounts, system accounts, database accounts, and application accounts.Which level of detail are these policies referenced in the IT Security Baseline document?
A. Every detailed setting.
B. Only those password policy details that affect the deployment of the IBM tools are referenced.
C. Password policies are not part of the IT Security Baseline document and therefore are not referenced.
D. The document references the existence of the password policy and then refers to the customer’s Password Policy Guideline document for more details.
Answer: D
4.What is the most accurate statement about compliance?
A. MRO and SSO are primarily compliance tools.
B. Compliance has no interest in privileged user activity.
C. Compliance is concerned mostly with security profiles.
D. Compliance is concerned mostly with operator behaviors.
Answer: D
5.A customer may have to comply to which security compliance regulation?
A. PCI
B. ITIL
C. CoBIT
D. Six Sigma
Answer: A
6.A customer has a process which needs centralized keystore management. Which IBM solution should be proposed?
A. IBM Tivoli Directory Server
B. IBM Tivoli Key Lifecycle Manager
C. IBM Tivoli Federated Identity Manager
D. IBM Tivoli Compliance Insight Manager
Answer: B
7.Which document should be in place as a partial indicator of IT compliance maturity?
A. Compliance Policy Registry
B. FFA Compliance ORM Document
C. Business Resilience Continuity Plan
D. Risk Management Mitigation Portfolio
Answer: A
8.Who has information about the different quality management processes in a customer’s organi ation?
A. team leads
B. line managers
C. security officer
D. process consultants
Answer: D
9.What are three possible database products that applications could be using? (Choose three.)
A. Perl
B. RACF
C. Oracle
D. MSSQL
E. IBM DB2 F. ISS SiteProtector
Answer: CDE
10.Which two areas help assess the customer’s level of maturity for IT process security and compliance management (Choose two.)
A. Risk Management
B. Incident Response
C. Project Management
D. Hardware Acquisition
E. Employee Certification
Answer: AB