Types of Data ( Practice Quiz )
Q1) True or False: If all of your organization's data is centralized in a small number of data centers, than focusing security on perimiter defense is adequate to assure your data is safe.
- False
Q2) Which two (2) of the following data source types are considered structured data ?
- Distributed databases
- Data warehouses
Q3) Data that has not been organized into a specialized repository, but does have associated information, such as metadata that makes it more amenable to processing than raw data, is an example of which data model type ?
- Semi-structured data
Q4) How are the tables in a relational database linked together ?
- Through the use of primary and foreign keys.
______________________________________________________________________________________________________________________
Securing Databases ( Practice Quiz )
Q1) In the video Securing the Crown Jewels, the "Identification and Baseline" phase contains which three (3) of the following items ?
- Vulnerability Assessment
- Discovery & Classification
- Entitlements Reporting
Q2) In the video Leveraging Security Industry Best Practices, which US Government agency is a co-publisher of the Database Security Requirements Guide (SRG) ?
- Department of Defense (DoD)
Q3) For added security, a firewall is often placed between which of these ?
- The database and the hardened data repository.
Q4) True or False: In a vulnerability assessment test, a new commercial database installed on a new instance of a major operating system should pass 80-90% of the vulnerability tests out-of-the-box unless there is a major flaw or breach.
- False
Q5) Which of these hosting environments requires the enterprise to manage the largest number of different data sources ?
- On Premises
Q6) While data security is an ongoing process, what is the correct order to consider these steps ?
- Discover, Harden, Monitor & Protect, Repeat
______________________________________________________________________________________________________________________
A Data Protection Solution Example, IBM Security Guardium Use Cases ( Practice Quiz )
Q1) In setting up policy rules for data monitoring, what is the purpose of "exclude" rules ?
- To exclude certain applications or safe activities from being logged.
Q2) True or False: Data monitoring products such as IBM Guardium can send access alerts to syslog for manual intervention by a security analyst but must be connected to addition applications if automated interventions are desired.
- False
Q3) To created auditable reports of data access using the IBM Guardium product, the administrator would do which of the following ?
- Use the Audit Process Builder feature to automate the reporting process.
Q4) True or False: The IBM Guardium monitoring applications is capable of monitoring activities in non-relational databases such as Hadoop, Cognos, and Spark.
- True
Q5) At a minimum, which 3 entities should be captured in any event log ?
- Who or what committed the activity.
- When the activity took place.
- What activity took place.
Q6) True of False: In the IBM Guardium data monitoring tool, the number of failed login attempts that would trigger an alert are always counted since the last successful login.
- False
Q7) Which activity should be considered suspicious and might indicate inappropriate activity is being attempted ?
- Attempts are made to access data using nonstandard tools, such as MS Excel or MS Access, rather than through the application the data belongs to.
Q8) Which two (2) activities should be considered suspicious and warrant further investigation ?
- Use of an Application ID from an IP that is different from what has been specified by the application owner.
- Use of an Application ID from a hostname that is different from what has been specified by the application owner.
______________________________________________________________________________________________________________________
Introduction to Databases ( Main Quiz )
Q1) Distributed databases, data warehouses, big data, and File shares are all classified as what ?
- Data source types
Q2) Hadoop, MongoDB, and BigTable are all examples of which data source type ?
- Big data databases
Q3) Data that has been organized into a formatted repository, typically a database, so its elements can be made addressable, is an example of which data model type ?
- Structured data
Q4) Which of the following is the primary difference between a flat file database and a relational database ?
- All the data in a flat file database is stored in a single table.
Q5) In the video Securing the Crown Jewels, the "Real-Time Monitor & Protection" phase contains which three (3) of the following items ?
- Activity Monitoring
- Blocking & Quarantine
- Dynamic Data Masking
Q6) In the video Leveraging Security Industry Best Practices, where would you turn to look for help on establishing security benchmarks for your database ?
- Center for Internet Security (CIS).
Q7) Most of the time, how do users access data ?
- Through an application.
Q8) True or False: In a vulnerability assessment test, it is not uncommon to fail more than 50% of the tests before the operating system and database are hardened.
- True
Q9) Which of these hosting environments requires the service provider to manage the largest number of different data sources ?
- SaaS
Q10) While data security is an ongoing process, what is the correct order to consider these steps ?
- Identification & Baseline, Raise the Bar, Real-time Monitor & Protection
Q11) To automatically terminate a session if an attempt is made to access data in a sensitive table, such as Social Security (SSN) ID numbers, you would set up which type of rule ?
- An Access rule.
Q12) True or False: Data monitoring products such as IBM Guarduim are fully capable of blocking access to sensitive data based upon access parameters configured in policy rules.
- True
Q13) In which two (2) ways can security events collected by a data monitoring tool be logged to a security incident and event management (SIEM) system ?
- Configure bidirectional communication between the monitoring and SIEM systems, if available.
- Configure the monitoring system to write to the SIEM systems syslog file.
Q14) True or False: Data monitoring tools such as IBM Guardium are designed to monitor activities within a database, but external products, such as a privileged identity management (PIM) tool would be required to monitor changes to the data monitoring tool itself, such as the addition of new users or the alteration of existing user accounts.
- False
Q15) True or False: In the IBM Guardium data monitoring tool, it is possible to create a report that shows not only how many SQL unauthorized access attempts were made by an individual, but also exactly which SQL statements were disallowed.
- True
Q16) Which activity should be considered suspicious and might indicate inappropriate activity is being attempted ?
- Attempts are made to SELECT lists of usernames and passwords by a non-administrator account.
Q17) Which two (2) activities should be considered suspicious and warrant further investigation ?
- The data monitoring logging system was manually shut down.
- There were attempts to purge event logs.
______________________________________________________________________________________________________________________
5 Comments
Hi, thank you for providing these!
ReplyDeleteI believe the answer for Q9) Which of these hosting environments requires the service provider to manage the largest number of different data sources? should be On premises. The question is phrased weirdly
thanks for sharing your opinion, i will check ASAP..
DeleteDear Dongu
Deletei checked ( Question 9 )
Saas is write answer.
Hello Niyander,
DeleteI agree that SaaS is the right answer, but the quiz says On Premises is the correct answer, possibly due to thinking of the enterprise as a service provider as well.
Thank you for checking this though :) Hopefully the question is changed to be more clear in the future
Hi Niyander,
DeleteI can verify what Dongu said is correct. I just took this test and the correct answer that they are looking for is indeed "On premises". Whoever wrote the question definitely phrased it incorrectly. Again, as Dongu said, thank you for providing these.