Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

IBM 000-896 Exam - Cheat-Test.com

Free 000-896 Sample Questions:

Q: 1 After IBM Tivoli Compliance Insight Manager is configured on an AIX platform, what is the default location for the audit trail files?
A. /var/audit
B. /var/log/audit
C. /var/log/eprise
D. /var/audit/eprise
Answer: C

Q: 2 What is the purpose of scoping?
A. to regulate access to GEM databases
B. to regulate access to policies in the policy explorer
C. to regulate access to information generated in reports
D. to regulate access to the Tivoli Compliance Insight Manager Web portal
Answer: C

Q: 3 What is the advantage of collect-time data processing for a GEM database?
A. Chunks are mapped as soon as they are collected.
B. Chunks are mapped and loaded as soon as they are collected.
C. Reports are readily available in iView as soon as the chunks are collected.
D. Processing of chunks is performed at collection time to prevent loss of information when the IBM Tivoli Compliance Insight Manager server is accidentally rebooted.
Answer: A

Q: 4 Which components are installed by default for a Standard server?
A. Tivoli Compliance Insight Manager server, Tivoli Compliance Insight Manager Management Console, and Tivoli Compliance Insight Manager Consolidation
B. Tivoli Compliance Insight Manager server, Tivoli Compliance Insight Manager Web Applications, and Tivoli Compliance Insight Manager Management Console
C. Tivoli Compliance Insight Manager server, Tivoli Compliance Insight Manager Web Applications, Tivoli Compliance Insight Manager Management Console, and Tivoli Compliance Insight Manager Actuator
D. Tivoli Compliance Insight Manager server, Tivoli Compliance Insight Manager Web Applications, Tivoli Compliance Insight Manager Management Console, and Tivoli Compliance Insight Manager Consolidation
Answer: B

Q: 5 From which two Tivoli products can IBM Tivoli Compliance Insight Manager v8.0 retrieve information using User Information Source? (Choose two.)
A. Tivoli Identity Manager
B. Tivoli Access Manager
C. Tivoli Directory Integrator
D. Tivoli Security Operations Manager
E. Tivoli Access Manager for Enterprise Single Sign-On
Answer: A, B

Q: 6 A customer wants to use several groups from an Active Directory User Information Source to define the policy. How can this goal be accomplished?
A. Drag Active Directory Groups from the View Automatic Policy.
B. Collect the grouping information from the Active Directory using W7 Log and use them in the policy.
C. Copy and paste the name of the Groups from the Domain Controller Users and Group Management view.
D. Import the Active Directory group names into the Grouping Wizard by using an LDAP data interchange format (LDIF) file.
Answer: A

Q: 7 Which IBM Tivoli Compliance Insight Manager component provides the capability to report against the ISO 17799 standard?
A. Audit policy
B. Log Manager
C. Compliance module
D. Management Console
Answer: C

Q: 8 What is the procedure to verify that the diagnostics file has been successfully generated?
A. Run the Diagnostics under the Administrator account.
B. The only method is to check whether the Diagnostics Application ended without reporting any message.
C. Check whether a fresh copy of Diagnostics file with the correct file extension has been created in the destination folder.
D. Check whether the Diagnostics Application has provided a dialog message reporting that the diagnostics file was successfully generated.
Answer: C

Q: 9 What does the error retention property in the z/OS event source define?
A. sets of error files maintained in each *.err directory
B. sets of error files maintained in each *.etc directory
C. sets of log files maintained in each *.props directory
D. sets of log files maintained in each *.property directory
Answer: C

Q: 10 What are two advantages of using Secure Shell (SSH) remote collection? (Choose two.)
A. Can have an SSH Collection user as a non-root account
B. Can be used to collect logs remotely from any event source
C. Uses secure user name-password authentication during collection
D. Reduces maintenance costs in terms of agent installation and upgrade
E. Requires less number of ports to be opened on the firewall when compared to IBM Tivoli Compliance Insight Manager-point of presence communication port requirements
Answer: A, D

Q: 11 What action could be performed to determine if the point of presence is listening?
A. From the Management Console, click Test IP and Port.
B. From the Management Console, double-click machine plus Network.
C. From a command window, execute the tracer machine 5992 command.
D. From a command window, execute the ping command to the point of presence.
Answer: A

Q: 12 When are the alert events processed and delivered?
A. when a Windows scheduled task is run
B. when the Event source log files are collected
C. when the mainmapper process maps collected events during a manual load
D. when the mainmapper maps the collected events for a scheduled GEM database
Answer: D

Q: 13 Which statement about the universal event source (w7Log) is true?
A. Uses the getnewrecs script to collect the audit trail.
B. Keeps track of the last record read in the audit trail.
C. A regular expression is used to specify the path to the log file.
D. Provides the ability to collect, load, and map a custom audit trail.
Answer: D

Q: 14 On which systems can an IBM Tivoli Compliance Insight Manager Compliance Module be installed?
A. on a system where an IBM Tivoli Compliance Insight Manager Management Console is installed
B. on a system where an IBM Tivoli Compliance Insight Manager point of presence has been installed
C. on any HTTP server where the IBM Tivoli Compliance Insight Manager Runtime environment has been installed
D. on any system where IBM Tivoli Compliance Insight Manager Web Applications components have been installed
Answer: D

Q: 15 Which set of steps is the correct order to create and test an attention rule?
A. Select the group. Drag the corresponding W7 dimension. Define the severity. Save the attention rule. Load the GEM database.
B. Define the severity. Drag the corresponding W7 dimension. Load the GEM database. Select the group. Save the attention rule.
C. Load the GEM database. Select the group. Define the severity. Drag the corresponding W7 dimension. Save the attention rule.
D. Load the GEM database. Define the severity. Select the group. Save the attention rule. Drag the corresponding W7 dimension.
Answer: A

Q: 16 Which account is used to invoke the remote installation of a Windows Point of Presence?
A. Windows SYSTEM account
B. IBM Tivoli Compliance Insight Manager administrator (default is cearoot)
C. A user defined account with administrative authority on the target machine
D. IBM Tivoli Compliance Insight Manager Server service runas account (default is DOMAIN\cearoot)
Answer: C

Q: 17 Which configuration file contains entries for the Standard servers that are registered with an Enterprise server?
A. beat.ini
B. cluster.ini
C. aggregation.ini
D. consolidation.ini
Answer: A

Q: 18 On a Microsoft Windows platform, what is the main weakness in the audit system?
A. User access to files is not logged.
B. Administrator access to files is not logged.
C. File open and closes are logged, but file read and writes are not.
D. File read and writes are logged, but file open and closes are not.
Answer: C

Q: 19 Which two options are valid data-processing properties? (Choose two.)
A. scheduled load
B. load time mapping
C. collect size mapping
D. collect time mapping
E. selective sources load
Answer: B, D

Q: 20 A Cisco PIX Syslog real-time event source has the Source Address property set to the asterisk (*). Which statement is true?
A. The point of presence can receive SNMP messages from Cisco PIX devices.
B. The point of presence can receive real-time messages from any Cisco PIX device.
C. No syslog messages are received because * (asterisk) is not a valid IP address or host name.
D. The point of presence can receive reliable syslog messages from Cisco PIX devices over TCP.
Answer: B

Q: 21 Where is collection activity for an Actuator logged on the point of presence?
A. client.log
B. collect.log
C. actuator.log
D. actuatorXXX.log
Answer: D

Q: 22 Which of the following actions occurs with a UNIX hotfix installation?
A. File modifications are rolled back when the hotfix installation fails.
B. Hotfix script aborts when a higher hotfix has already been installed.
C. The hotfix number in the register.ini is registered in the point of presence (POP) installation folder
D. The register.ini updates on the IBM Tivoli Compliance Insight Manager server after the hotfix installation completes successfully.
Answer: A

Q: 23 The audit settings for which event sources can be configured using the Management Console?
A. Windows and Microsoft SQL
B. Windows and DB2 for Windows
C. Windows and Oracle for Windows
D. Windows and Sybase for Windows
Answer: C

Q: 24 What are the Oracle DAT event source properties?
A. Name of DSN, SSH user, key password, user id
B. Name of DSN, instance name, user id, SSH key file
C. Name of DSN, SSH key file, key password, instance name
D. Name of DSN, Name of Database view, user name, password
Answer: D

Q: 25 Which Windows service is added when a Standard server named Server1 is registered to a cluster?
A. IBM Tivoli Compliance Insight Manager Cluster Server1
B. IBM Tivoli Compliance Insight Manager Indexer Server1
C. IBM Tivoli Compliance Insight Manager Aggregation Server1
D. IBM Tivoli Compliance Insight Manager EventMapper Server1
Answer: B

Q: 26 If an audited machine has been removed from the IBM Tivoli Compliance Insight Manager environment, how are imported chunks from this audited machine represented in the Management Console?
A. as an active event source
B. as an inactive event source
C. as a remotely connected event source
D. they are not represented in the Management Console
Answer: B

Q: 27 Which elements match the W7 model What?
A. Logon, Logoff, Write, Read
B. Opening hours, closing hours, holidays
C. Platform XYZ, Workstation X, Workstation Z
D. Workstation ABC, File X, C:/filepath/file, Printer Z
Answer: A

Q: 28 Which parameter must be defined for the target machine during the Add Machine wizard to collect logs locally?
A. Domain name
B. SSH private key
C. Host name or IP address
D. E-mail address of administrator
Answer: C

Q: 29 Where is the audit data saved if the default path \export is used?
A. \IBM\TCIM\server\export\yyyymmdd\logs
B. \IBM\TCIM\depot\export\yyyymmdd\logs
C. \IBM\TCIM\depot\export\yyyymmdd\\config
D. \IBM\TCIM\server\export\yyyymmdd\config
Answer: A


© 2014 Cheat-Test.com, All Rights Reserved