Exam Title

: IBM 000-896 : IBM Tivoli Compliance Insight Manager V8.0 Implementation

Version : R6.1

www.Prepking.com

Prepking - King of Computer Certification Important Information, Please Read Carefully

Other Prepking products A) Offline Testing engine Use the offline Testing engine product to practice the questions in an exam environment. B) Study Guide (not available for all exams) Build a foundation of knowledge which will be useful also after passing the exam. Latest Version We are constantly reviewing our products. New material is added and old material is updated. Free updates are available for 90 days after the purchase. You should check your member zone at Prepking and update 3-4 days before the scheduled exam date. Here is the procedure to get the latest version: 1.Go towww.Prepking.com 2.Click on Member zone/Log in (right side) 3. Then click My Account 4.The latest versions of all purchased products are downloadable from here. Just click the links. For most updates,it is enough just to print the new questions at the end of the new version, not the whole document. Feedback If you spot a possible improvement then please let us know. We always interested in improving product quality. Feedback should be send to feedback@Prepking.com. You should include the following: Exam number, version, page number, question number, and your login ID. Our experts will answer your mail promptly. Copyright Each PDF file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular PDF file is being distributed by you, Prepking reserves the right to take legal action against you according to the International Copyright Laws. Explanations This product does not include explanations at the moment. If you are interested in providing explanations for this exam, please contact feedback@Prepking.com.

www.Prepking.com

 1. After IBM Tivoli Compliance Insight Manager is configured on an AIX platform, what is the default location for the audit trail files? A. /var/audit B. /var/log/audit C. /var/log/eprise D. /var/audit/eprise Answer: C 2. What is the purpose of scoping? A. to regulate access to GEM databases B. to regulate access to policies in the policy explorer C. to regulate access to information generated in reports D. to regulate access to the Tivoli Compliance Insight Manager Web portal Answer: C 3. What is the advantage of collect-time data processing for a GEM database? A. Chunks are mapped as soon as they are collected. B. Chunks are mapped and loaded as soon as they are collected. C. Reports are readily available in iView as soon as the chunks are collected. D. Processing of chunks is performed at collection time to prevent loss of information when the IBM Tivoli Compliance Insight Manager server is accidentally rebooted. Answer: A 4. Which components are installed by default for a Standard server? A. Tivoli Compliance Insight Manager server, Tivoli Compliance Insight Manager Management Console, and Tivoli Compliance Insight Manager Consolidation B. Tivoli Compliance Insight Manager server, Tivoli Compliance Insight Manager Web Applications, and Tivoli Compliance Insight Manager Management Console C. Tivoli Compliance Insight Manager server, Tivoli Compliance Insight Manager Web Applications, Tivoli Compliance Insight Manager Management Console, and Tivoli Compliance Insight Manager Actuator D. Tivoli Compliance Insight Manager server, Tivoli Compliance Insight Manager Web Applications, Tivoli Compliance Insight Manager Management Console, and Tivoli Compliance Insight Manager Consolidation Answer: B 5. From which two Tivoli products can IBM Tivoli Compliance Insight Manager v8.0 retrieve information using User Information Source? (Choose two.) A. Tivoli Identity Manager B. Tivoli Access Manager C. Tivoli Directory Integrator

www.Prepking.com

 D. Tivoli Security Operations Manager E. Tivoli Access Manager for Enterprise Single Sign-On Answer: AB 6. A customer wants to use several groups from an Active Directory User Information Source to define the policy. How can this goal be accomplished? A. Drag Active Directory Groups from the View Automatic Policy. B. Collect the grouping information from the Active Directory using W7 Log and use them in the policy. C. Copy and paste the name of the Groups from the Domain Controller Users and Group Management view. D. Import the Active Directory group names into the Grouping Wizard by using an LDAP data interchange format (LDIF) file. Answer: A 7. Which IBM Tivoli Compliance Insight Manager component provides the capability to report against the ISO 17799 standard? A. Audit policy B. Log Manager C. Compliance module D. Management Console Answer: C 8. What is the procedure to verify that the diagnostics file has been successfully generated? A. Run the Diagnostics under the Administrator account. B. The only method is to check whether the Diagnostics Application ended without reporting any message. C. Check whether a fresh copy of Diagnostics file with the correct file extension has been created in the destination folder. D. Check whether the Diagnostics Application has provided a dialog message reporting that the diagnostics file was successfully generated. Answer: C 9. What does the error retention property in the z/OS event source define? A. sets of error files maintained in each *.err directory B. sets of error files maintained in each *.etc directory C. sets of log files maintained in each *.props directory D. sets of log files maintained in each *.property directory Answer: C 10. What are two advantages of using Secure Shell (SSH) remote collection? (Choose two.) A. Can have an SSH Collection user as a non-root account

www.Prepking.com

 B. Can be used to collect logs remotely from any event source C. Uses secure user name-password authentication during collection D. Reduces maintenance costs in terms of agent installation and upgrade E. Requires less number of ports to be opened on the firewall when compared to IBM Tivoli Compliance Insight Manager-point of presence communication port requirements Answer: AD 11. What action could be performed to determine if the point of presence is listening? A. From the Management Console, click Test IP and Port. B. From the Management Console, double-click machine plus Network. C. From a command window, execute the tracer machine 5992 command. D. From a command window, execute the ping command to the point of presence. Answer: A 12. When are the alert events processed and delivered? A. when a Windows scheduled task is run B. when the Event source log files are collected C. when the mainmapper process maps collected events during a manual load D. when the mainmapper maps the collected events for a scheduled GEM database Answer: D 13. Which statement about the universal event source (w7Log) is true? A. Uses the getnewrecs script to collect the audit trail. B. Keeps track of the last record read in the audit trail. C. A regular expression is used to specify the path to the log file. D. Provides the ability to collect, load, and map a custom audit trail. Answer: D 14. On which systems can an IBM Tivoli Compliance Insight Manager Compliance Module be installed? A. on a system where an IBM Tivoli Compliance Insight Manager Management Console is installed B. on a system where an IBM Tivoli Compliance Insight Manager point of presence has been installed C. on any HTTP server where the IBM Tivoli Compliance Insight Manager Runtime environment has been installed D. on any system where IBM Tivoli Compliance Insight Manager Web Applications components have been installed Answer: D 15. Click the Exhibit button. An event initiated by a user with the logon name joe will be categorized under which Who group or groups?

www.Prepking.com

A. Database Admin B. End User, ePHI Users C. Database Admin, End User D. Database Admin, End User, ePHI Users Answer: A 16. Which account is used to invoke the remote installation of a Windows Point of Presence? A. Windows SYSTEM account B. IBM Tivoli Compliance Insight Manager administrator (default is cearoot) C. A user defined account with administrative authority on the target machine D. IBM Tivoli Compliance Insight Manager Server service runas account (default is DOMAIN\cearoot) Answer: C 17. Which configuration file contains entries for the Standard servers that are registered with an Enterprise server? A. beat.ini B. cluster.ini C. aggregation.ini D. consolidation.ini Answer: A 18. On a Microsoft Windows platform, what is the main weakness in the audit system? A. User access to files is not logged. B. Administrator access to files is not logged. C. File open and closes are logged, but file read and writes are not. D. File read and writes are logged, but file open and closes are not. Answer: C 19. Which two options are valid data-processing properties? (Choose two.) A. scheduled load

www.Prepking.com

 B. load time mapping C. collect size mapping D. collect time mapping E. selective sources load Answer: BD 20. A Cisco PIX Syslog real-time event source has the Source Address property set to the asterisk (*). Which statement is true? A. The point of presence can receive SNMP messages from Cisco PIX devices. B. The point of presence can receive real-time messages from any Cisco PIX device. C. No syslog messages are received because * (asterisk) is not a valid IP address or host name. D. The point of presence can receive reliable syslog messages from Cisco PIX devices over TCP. Answer: B 21. Where is collection activity for an Actuator logged on the point of presence? A. client.log B. collect.log C. actuator.log D. actuatorXXX.log Answer: D 22. Which of the following actions occurs with a UNIX hotfix installation? A. File modifications are rolled back when the hotfix installation fails. B. Hotfix script aborts when a higher hotfix has already been installed. C. The hotfix number in the register.ini is registered in the point of presence (POP) installation folder D. The register.ini updates on the IBM Tivoli Compliance Insight Manager server after the hotfix installation completes successfully. Answer: A 23. The audit settings for which event sources can be configured using the Management Console? A. Windows and Microsoft SQL B. Windows and DB2 for Windows C. Windows and Oracle for Windows D. Windows and Sybase for Windows Answer: C 24. What are the Oracle DAT event source properties? A. Name of DSN, SSH user, key password, user id B. Name of DSN, instance name, user id, SSH key file C. Name of DSN, SSH key file, key password, instance name

www.Prepking.com

 D. Name of DSN, Name of Database view, user name, password Answer: D 25. Which Windows service is added when a Standard server named Server1 is registered to a cluster? A. IBM Tivoli Compliance Insight Manager Cluster Server1 B. IBM Tivoli Compliance Insight Manager Indexer Server1 C. IBM Tivoli Compliance Insight Manager Aggregation Server1 D. IBM Tivoli Compliance Insight Manager EventMapper Server1 Answer: B 26. If an audited machine has been removed from the IBM Tivoli Compliance Insight Manager environment, how are imported chunks from this audited machine represented in the Management Console? A. as an active event source B. as an inactive event source C. as a remotely connected event source D. they are not represented in the Management Console Answer: B 27. Which elements match the W7 model What? A. Logon, Logoff, Write, Read B. Opening hours, closing hours, holidays C. Platform XYZ, Workstation X, Workstation Z D. Workstation ABC, File X, C:/filepath/file, Printer Z Answer: A 28. Which parameter must be defined for the target machine during the Add Machine wizard to collect logs locally? A. Domain name B. SSH private key C. Host name or IP address D. E-mail address of administrator Answer: C 29. Where is the audit data saved if the default path \export is used? A. \IBM\TCIM\server\export\yyyymmdd\logs B. \IBM\TCIM\depot\export\yyyymmdd\logs C. \IBM\TCIM\depot\export\yyyymmdd\\config D. \IBM\TCIM\server\export\yyyymmdd\config Answer: A 30. Which set of steps is the correct order to create and test an attention rule?

www.Prepking.com

 A. Select the group. Drag the corresponding W7 dimension. Define the severity. Save the attention rule. Load the GEM database. B. Define the severity. Drag the corresponding W7 dimension. Load the GEM database. Select the group. Save the attention rule. C. Load the GEM database. Select the group. Define the severity. Drag the corresponding W7 dimension. Save the attention rule. D. Load the GEM database. Define the severity. Select the group. Save the attention rule. Drag the corresponding W7 dimension. Answer: A 31. From where can the Ubiquitous Log Event Source be collected? A. only using remote Secure Shell (SSH) B. only from the IBM Tivoli Compliance Insight Manager server C. from any point of presence and using Windows Remote Collect D. from both the IBM Tivoli Compliance Insight Manager server and any point of presence Answer: D 32. Which Log Manager option can help identify malicious attacks on audited platforms? A. History B. Activity C. Retrieval D. Continuity Answer: B 33. What is the name of the IBM Tivoli Compliance Insight Manager v8.0 repository where the audit logs of event sources are stored after collection? A. Depot B. Archive C. Collector D. Repository Answer: A 34. From the URL http://localhost/portal, the user logs in to the IBM Tivoli Compliance Insight Manager Web portal on the IBM Tivoli Compliance Insight Manager server such as localhost and encounters an error. What could be the likely cause? A. URL is incorrect. B. IBM Tivoli Compliance Insight Manager iView service is not functioning. C. IBM Tivoli Compliance Insight Manager Server Service is not functioning. D. The customer does not have authority to access the IBM Tivoli Compliance Insight Manager portal login

www.Prepking.com

 page. Answer: A 35. When attempting to commit a draft policy, the commit option is not available. What could cause this problem? A. The draft policy is in read-only mode. B. The policy is open in another window. C. A policy with the same name has already been committed. D. The user attempting to commit the policy is not assigned the Edit Security Policy role. Answer: B 36. Which three IBM Tivoli Compliance Insight Manager v8.0 Windows NT/2000/XP/2003 log files are relevant when verifying a manual Actuator installation? (Choose three.) A. <Home Directory>\log\Setup.log B. <Home Directory>\InstallCeA.log C. <Home Directory>\ApplyPatch.log D. <Home Directory>\Server\auditctl.log E. all installation log files in the <Home Directory>\Actuator\support\ directory F. all installation and plugger install log files in the <Home Directory>\Actuator\log\ directory Answer: BCF 37. Between which components does Database sqlnet2 use port 1521? A. the Enterprise server and Standard server B. the Standard server and the Syslog collector C. the Standard server and the point of presence D. the Syslog collector and the point of presence Answer: A 38. Assuming that an automated report distribution task runs three times a week (Sunday, Tuesday, and Thursday), the related database loads once a week (Saturday), and the related event source collects logs twice a week (Monday and Thursday), how many non-empty reports would be distributed in a week? A. 1 B. 2 C. 3 D. 5 Answer: A 39. Where can the Web applications log files be found? A. \IBM\TCIM\iview\log B. \IBM\TCIM\server\log

www.Prepking.com

100% Pass Guaranteed or Full Refund Word to Word Real Exam Questions from Real Test Buy full version of exam from this link below http://www.prepking.com/000-896.htm