Distributed databases, data warehouses, big data, and File shares are all classified as what?
Data source types
Database types
Data center types
... [Show More] ---
Data models
Hadoop, MongoDB, and BigTable are all examples of which data source type?
Big data databases
Distributed databases ---
Data warehouses
File Shares
Data that has been organized into a formatted repository, typically a database, so its elements can be made addressable, is an example of which data model type?
Structureless data
Structured data ---
Unstructured data
Semi-structured data
Which of the following is the primary difference between a flat file database and a relational database?
All the data in a flat file database is stored in a single table. ---
All the data in a relational database is stored in a single table.
Flat file databases consist of a table that references internally stored files.
Flat file databases consist of a table that references externally stored files.
In the video Securing the Crown Jewels, the "Real-Time Monitor & Protection" phase contains which three (3) of the following items?
Activity Monitoring ---
Blocking & Quarantine
Dynamic Data Masking
Vulnerability Assessment
Reconfigure, Mask & Encrypt
In the video Leveraging Security Industry Best Practices, where would you turn to look for help on establishing security benchmarks for your database?
Common Vulnerability and Exposures (CVE).
Central Intelligence Agency (CIA).
Department of Defense/Defence Information Systems Agency (DoD/DISA). ---
Center for Internet Security (CIS).
Most of the time, how do users access data?
Directly from a hardened repository.
Directly from a database.
Through an application. ---
Through a database client.
True or False: In a vulnerability assessment test, it is not uncommon to fail more than 50% of the tests before the operating system and database are hardened.
True ---
False
Which of these hosting environments requires the service provider to manage the largest number of different data sources?
On Premises
IaaS
PaaS
SaaS ---
While data security is an ongoing process, what is the correct order to consider these steps?
Identification & Baseline,Real-time Monitor & Protection, Raise the Bar ---
Raise the Bar, Identification & Baseline, Real-time Monitor & Protection
Real-time Monitor & Protection, Identification & Baseline, Raise the Bar
Identification & Baseline, Raise the Bar, Real-time Monitor & Protection
To automatically terminate a session if an attempt is made to access data in a sensitive table, such as Social Security (SSN) ID numbers, you would set up which type of rule?
An Exclude rule.
An Access rule.
A Terminate rule. ---
An Exception rule.
True or False: Data monitoring products such as IBM Guarduim are fully capable of blocking access to sensitive data based upon access parameters configured in policy rules.
True ---
False
In which two (2) ways can security events collected by a data monitoring tool be logged to a security incident and event management (SIEM) system?
Export security events from your monitoring tool and import them into your SIEM tool. ---
Configure bidirectional communication between the monitoring and SIEM systems, if available.
Configure the monitoring system to write to the SIEM systems syslog file.
Configure your SIEM system to read the monitoring systems local syslog file.
True or False: Data monitoring tools such as IBM Guardium are designed to monitor activities within a database, but external products, such as a privileged identity management (PIM) tool would be required to monitor changes to the data monitoring tool itself, such as the addition of new users or the alteration of existing user accounts.
True ---
False
True or False: In the IBM Guardium data monitoring tool, it is possible to create a report that shows not only how many SQL unauthorized access attempts were made by an individual, but also exactly which SQL statements were disallowed.
True ---
False
Which activity should be considered suspicious and might indicate inappropriate activity is being attempted?
A user routinely enters the incorrect password once or twice before entering the correct password for his account.---
A known user attempts to run invalid SQL statements against data his ID is authorized to access.
Data accessed by an accounting application dramatically increases in the last few days of every month.
Attempts are made to SELECT lists of usernames and passwords by a non-administrator account.
Which two (2) activities should be considered suspicious and warrant further investigation?
The data monitoring logging system was manually shut down.---
There were attempts to purge event logs.
An authorized user attempts to run SQL statements with invalid syntax.
It takes an authorized user 3 attempts to enter the correct password.
Add or remove terms [Show Less]