《exam1pass 000-889 exam braindumps free download》由会员分享,可在线阅读,更多相关《exam1pass 000-889 exam braindumps free download(7页珍藏版)》请在金锄头文库上搜索。
1、Exam:IBM 000- 889 Title:Fundamentals of Ent Solutions Using IBM Tivoli Security 2007 Version :Demo 1. What information should a customers baseline document include? A. proof that there are no existing orphan accounts B. the naming convention in place for all current users C. the customers key busine
2、ss processes related to security D. a list of all authentication mechanisms used by the customer Answer: C 2. In order to correctly understand the data protection requirements, which two groups of people must be interviewed? (Choose two.) A. all managers B. IT department personnel C. Business Unit m
3、anagement D. Legal department personnel E. Human Resource department Answer: CD 3. In security solution design development, when do you document the business and IT organizational structure map? A. when establishing the customers baseline for planning purposes B. when identifying opportunities for b
4、usiness partner security offerings C. when evaluating the customers IT processes, people and technologies D. when defining a long- term vision for the future direction of the customers security solutions Answer: A 4. Which is an accurate description of a highly mature company, in the area of authori
5、zation? A. They are highly mature, because they use a single authorization engine, shared by many applications. B. Their approach to authorization is in a leadership position, because they address WS- Provisioning, SAML and Liberty. C. They are addressing authorization optimally because they are han
6、dling authorization within the application, and its best to address authorization decisions close to the decision point. D. Their approach to authorization is highly secure and therefore highly mature, because their infrastructure uses many different authorization standards and thus is least likely
7、to be penetrated. Answer: A 5. Which technology needs to be available when managing a nonstandard database with an IBM Tivoli Identity Manager adapter? A. SQL B. JDBC C. ODBC D. TCP/IP Answer: B 6. What is the purpose of the context diagram for a security solution? A. It provides a detailed listing
8、of the software used in the solution and how the software is connected. B. It provides a detailed listing of the hardware used in the solution and how the hardware is connected. C. It scopes the security systems responsibilities and provides a black box view of the system interface. D. It provides a
9、 listing of the hardware and software used in the system and how they are interconnected. Answer: C 7. What information is needed when creating a document on a customers IT and business organizational structure? (Choose two.) A. number of business units B. annual expenditure on IT assets C. number o
10、f employees in IT organization D. list of divisions within the IT department E. total number of systems used by the company Answer: AD 8. A customer shows a good level of maturity regarding IT security compliance when they understand two essential elements as a basis for achieving and demonstrating
11、compliance. One element is a security policy that clearly states goals. What is the second essential element? A. audit B. workflow C. data integrity D. administration Answer: A 9. A customer has resources being managed in different facilities. When you configure a security solution, what is the most
12、 important element to consider in the design of the system? A. use of a fiber optic backbone B. the encryption protocol to be used C. location of firewalls in the internal network D. the time zone in which each facility is located Answer: C 10. Which statement is true about “new initiative deploymen
13、t“? A. New initiatives typically involve advanced authentication, and advanced authentication must be properly provisioned. B. New initiatives are typically coded in Java, .NET or C+, and each of these requires a tool that measures security compliance. C. All new initiatives require a service- orien
14、ted architecture (SOA), and SOA standards demand that a security component be present. D. When you deploy new applications, you can get them coded, tested and updated more quickly if you use an authentication and authorization solution that avoids coding security into the application. Answer: D 11.
15、In describing their business processes, the customer has described the following aspects of “audit/compliance“: 1. Physical building access security 2. Security of servers 3. Security of desktops 4. Audit of user identities/accounts 5. Audit of access control (policy and actuals) 6. Audit of securit
16、y of business partners 7. Revoke compromised certificates From this list, what can be addressed by IBM Tivoli security solutions? A. 2, 3, 5, 7 B. 2, 3, 4, 5 C. 2, 3, 4, 6 D. 4, 5, 6, 7 Answer: B 12. Business rules catalogs are effective in gathering requirements for what items? A. user registry layout B. password strength policies C. user interaction with the system D. administrator interaction with the system Answer: B 13. Which document describes what needs to be addressed in a security
