2015 IBM Security Sales Mastery Exam

1. The following items are all capabilities of IBM Security Privileged Identity Manager.  If a customer of yours asked which of them are new for the most recent (Version 2) update, which one is the right answer? *This question is required.

• a. Secure application use of privileged credentials.
• b. Tracking usage of shared identities.
• c. An optional Privileged Session Recorder.
• d. Automated checkout of IDs, hide password from requesting employee, automate password reset to eliminate password theft.

2. When promoting IBM Endpoint Management, what steps should a seller take to ensure we differentiate IBM as the leader? *This question is required.

• a. Initiate a sales meeting, supported with industry relevant client references & Analyst data, followed by a POC and BVA over time
• b. Send the latest Gartner Magic Quadrant and allow the client to follow up
• c. Send detailed product information to the client and ask them to call you

3. An existing IBM Security Identity Manager Version 6 client needs better identity governance for meeting compliance needs.   They've been told that there is no migration available from SIM V6 to SIM V7.  What do you sell them? *This question is required.

• a. IBM Security Identity Manager Version 7
• b. IBM Security Identity Governance and Administration V7
• c. IBM Identity Governance V5.1 (Foundation)
• d. IBM Professional Services to build a governance solution using the free RaPM component of IBM Security Identity Manager V6.

4. Which of the following is NOT one of the things IBM MobileFirst Protect (MaaS360) can secure in a trusted workplace? *This question is required.

• a. Device
• b. Content
• c. Apps
• d. Personal Email

5. What has been a focus of enhancements in IBM Security Identity Manager's latest versions? *This question is required.

• a. Quick install and time to operation.
• b. Support for a large number of target environments.
• c. A business-centric/friendly user interface (UI).
• d. Role mining and modeling.

In December 2014, IBM moved ahead of which company in the Gartner IPS Magic Quadrant? *This question is required.

• a. Cisco
• b. McAfee
• c. HP
• d. Palo Alto

6. QRadar Incident Forensics delivers which key capabilities? *This question is required.

• a. Detects threats and automatically generates forensic evidentiary information admissable by a court of law.
• b. Correlates data from threat feeds, network flows, security events, and other data to determine the total impact of a breach.
• c. Provides highly scalable cyber forensics capabilities, available either as a QRadar add-on or as a standalone offering.
• d. Supports cyber forensic investigations by collecting full packet data, integrating with QRadar offenses and performing session reconstruction.

7. Apex can protect which of the following devices? *This question is required.

• a. Enterprise endpoints
• b. Enterprise servers
• c. All BYOD devices
• d. Point of Sale (PoS) terminals

Which of the following Guardium solutions provides dynamic data masking capabilities? *This question is required.

• a. Guardium Data Encryption
• b. Guardium Database Activity Monitoring
• c. Guardium Vulnerability Assessment
• d. Guardium for Applications

8. You are in a competitive user management/identity management/user provisioning sale, and the decision seems to hinge on who has the superior role management capabilities. The client is unhappy with their current user management solution. You handle this by: *This question is required.

• a. Expanding the discussion to include access management and pulling Access Manager into the sale.
• b. Expanding the discussion to include enterprise audit management and compliance and pulling QRadar into the sale.
• c. Proposing an assessment of their RBAC (role-based access control) needs.
• d. Scheduling a briefing and demo of the IBM Security Governance and Administration bundle.

9. What is a common z/OS security vulnerability? *This question is required.

• a. Storage is not properly encrypted
• b. Network access points are not properly protected
• c. Too many users with the ability to circumvent controls
• d. System z does not have certifications for Common Critera or FIPS 140

What are the three main solutions within the AppScan porfolio? *This question is required.

• a. AppScan Express, AppScan Enterprise, AppScan Static
• b. AppScan Standard, AppScan Build, AppScan Dynamic
• c. AppScan Standard, AppScan Enterprise, AppScan Source
• d. AppScan PenTester, AppScan Developer, AppScan QA

10. A single appliance to collect events and flow data, perform data correlation and rule matching, report alerts and provide admin capability is called what? *This question is required.

• a. Flow processor.
• b. QFlow Collector.
• c. Combined Flow/Event Appliance.
• d. An All-in-One.

IBM Security Directory Integrator has two editions: Identity and General Purpose. What is the only difference between the two editions? *This question is required.

• a. The General Purpose Edition provides adapters for non-user registry data stores.
• b. The charge metric.
• c. The Identity Edition has unique adapters for Cloud and Social environments.
• d. The General Purpose Edition's embedded IBM Security Directory Server isn't used.

11. Which of the following best describes the Trusteer Apex solution? *This question is required.

• a. An Anti-Virus solution for the consumer market
• b. An Advanced Threat Protection solution for enterprises
• c. A solution to detect and prevent fraudulent online transactions
• d. A solution for Android and iOS devices to detect and remove malware

12. Which of the Trusteer Advanced Web Fraud Protection solutions prevents infection and removes live and inactive Man-in-Browser (MitB) from infected computers? *This question is required.

• a. Rapport
• b. Mobile Risk Engine (MRE)
• c. Pinpoint Malware Detection
• d. Pinpoint Criminal Detection

Which are examples of On-line Financial Web Fraud Threat Vectors? *This question is required.

• a. Phishing, Advance Threats (Employees), Account Takeover
• b. Advanced Threats (Employees), Malware, Phishing
• c. Phishing, Mobile Fraud, Account Takeover
• d. Jailbreak, Mobile Fraud, Account Takeover

13. Which of the following is NOT a capability of Guardium Data Activity Monitor? *This question is required.

• a. Activity Monitoring
• b. Blocking & Masking
• c. Encryption Key Safeguarding
• d. Compliance Automation

14. How many devices does MaaS360 wipe a day on average? *This question is required.

• a. 450
• b. 550
• c. 150
• d. 950

15. What are the 2 main defining advantages of MaaS360’s SaaS deployment? *This question is required.

• a. Requires no infrastructure changes and does not create a single point of failure.
• b. Requires minimal added infrastructure and minimal hardware costs.
• c. Requires a personal cloud and dedicated specialist admins.

Who are the primary competitors to AppScan? *This question is required.

• a. McAfee, Splunk, Oracle
• b. Symantec, Computer Associates, Cenzic
• c. Cisco, Dell, Lenovo
• d. HP, Veracode, White Hat

16. Name a competitor to IBM zSecure: *This question is required.

• a. Oracle
• b. Vanguard
• c. Hewlett Packard
• d. Serena Software

17. Which IBM Security solutions can feed System z security events to QRadar? *This question is required.

• a. zSecure, Guardium, AppScan
• b. RACF, SKLM, IAM
• c. WebSphere, RACF, AppScan
• d. zSecure, SKLM

18. There are several key integrations of AppScan and other IBM Security solutions. Name two of those integrations and their value. *This question is required.

• a. Integration with Guardium to identify application vulnerabilities of high value databases; Integration with Access Manager to protect applications from unauthorized access
• b. Integration with IPS to remediate identified vulnerabilities and identify virtual patches; Integration with Trusteer to identify applications that allow fraud
• c. Integration with IPS to remediate identified vulnerabilities and identify virtual patches; Integration with QRadar to identify application vulnerabilities that contribute to enterprise exposures
• d. Integration with QRadar to identify application vulnerabilities that contribute to enterprise exposures; Integration with Key Lifecycle Manager to provide application encryption key management

19. Which of the following features can be purchased as "add-ons" to the base XGS appliance and enabled using licenses? *This question is required.

• a. Replacement motherboards
• b. SSL Inspection, IP Reputation and Application Control
• c. Network Interface Modules (NIMs)
• d. Additional CPUs.

20. When selling Trusteer Web Fraud Solutions the clients Trusteer has been most successful with to date have been in what industry: *This question is required.

• a. eCommerce
• b. Retail
• c. Banking
• d. Insurance

21. What is NOT a capability provided by IBM Security Governance (based on IBM's acquisition of CrossIdeas)? *This question is required.

• a. Access Re-Certification campaigns.
• b. User provisioning and access enforcement.
• c. Separation of Duties conflict detection and remediation.
• d. Role management, including mining and modeling.

22. In considering the overall SIEM competitive landscape, what are the 2 top points that favor QRadar over all of its competitors? *This question is required.

• a. Broadest set of integrated capabilities and fastest deployment time.
• b. Deepest packet inspection and at the end of the day, frequently the lowest priced offering.
• c. Runs on any platform and offers a toolkit with the greatest modularity - a real plus with technical teams.
• d. Easiest to learn customization language and search performance.

23. The following list of capabilities are all part of IBM Security Directory Integrator, except one.  Which one is NOT part of IBM Security Directory Integrator? *This question is required.

• a. A world-class Virtual Directory.
• b. Simplified sourcing of identities and attributes for enterprise applications, Cloud/SaaS integrations.
• c. Intelligent White Pages search with social networking feature to enable intuitive identity store browsing.
• d. A way to sell IBM Security Directory Server with User Value Unit (UVU)-based pricing.

IBM is recognized as a Leader in which 2014 Gartner Magic Quadrants?

• a. Client Management Tools / Network Protection Tools
• b. Data Loss Prevention / Enterprise Mobility Management Suites
• c. Client Management Tools / Anti-Virus
• d. All of the above

24. What are the 3 main capabilities of Arxan Application Protection for mobile applications? *This question is required.

• a. Analyze, Re-mediate, Quarantine
• b. Defend, Detect, React
• c. Automate, Protect, Encrypt
• d. Validate, Swizzle, Vaccinate

25. The XGS Product Family integrates with which other product as a key part of the IBM Security Threat Protection System? *This question is required.

• a. AppScan
• b. IBM EndPoint Manager
• c. Fiberlink MaaS360
• d. QRadar SIEM

In what way is Trusteer Apex different from traditional Anti-Virus (AV) solutions? *This question is required.

• a. Apex works in the same way as a traditional desktop signature-based AV solution
• b. Apex focuses on the root cause of infection by detecting application anomalies and suspicious behavior
• c. Apex can be integrated into the customer's mobile application
• d. Apex prevents fraudulent online transactions from taking place

26. What is the new component of zSecure that is focused on QRadar SIEM Integration? *This question is required.

• a. zSecure Audit
• b. zSecure Alert
• c. zSecure Security Intelligence integrator
• d. zSecure Adapters for QRadar SIEM

Which one of these is NOT a current customer of MaaS360 as referenced on the recording? *This question is required.

• a. Delhaize
• b. RBC
• c. McDonalds
• d. PetSmart

27. Trusteer Apex can block malicious communications from an endpoint infected with data-stealing malware. When doing so, which of the following functions does it perform? *This question is required.

• a. Prevent the exploitation of known and zero-day vulnerabilities and stop drive-by downloads
• b. Detect and remove known advanced malware from mobile devices
• c. Prevent malware from compromising other processes and opening external communication channels
• d. Prevent leakage of sensitive information via email and USB drives

28. Which one of these is NOT a key buying initiative when it comes to IBM Endpoint Manager (BigFix)? *This question is required.

• a. Ensure regulatory compliance.
• b. Create a service desk to help solve IT problems.
• c. Security manage the diversity of enterprise mobility challenges.
• d. Reduce costs, downtime and risk of managing all endpoints.

29. How many models are there in the XGS Product Family? *This question is required.

• a. 1
• b. 2
• c. 3
• d. 4

30. What is the term we are now using with clients to indicate our end-to-end approach to best in class endpoint management & security? *This question is required.

• a. Unified Device Management
• b. Unified Endpoint Management
• c. Total Endpoint Management
• d. Total Mobility Management

Which of the following is a common objection to clients purchasing the Guardium Data Activity Monitor? *This question is required.

• a. We already have a Data Encryption Solution
• b. We already have an Identity Access Management Solution
• c. We already have native database logging turned on
• d. We have a solution to create virtual patches

31. Which one of these is NOT a key buying initiative when it comes to Endpoint & Mobility Management? *This question is required.

• a. Ensure continuous security & compliance.
• b. Create a service desk to help solve IT problems.
• c. Securely manage the diversity of enterprise mobility challenges: BYOD, OS, Apps, Content & Transactions.
• d. Reduce costs, downtime & risk of managing data centers and remote servers.

One of the main ways that organizations are attacked is when hackers initially obtain a user's corporate credentials using Phishing techniques. Trusteer Apex can help to prevent this by performing which of the following? *This question is required.

• a. Deleting the corporate credentials
• b. Preventing the user entering the same credentials on a non-corporate website
• c. Prevent the use of simple passwords
• d. Apex cannot help against corporate credential theft

32. In the Enterprise Security Core Education training course, what were identified as the key Enterprise Security Sales Situation? *This question is required.

• a. Upsell to existing customers, Competitive takeouts
• b. Security Intelligence, Securing Big Data, Securing Private Clouds, Securing Mobile Deployments
• c. Automating administration, addressing compliance requirements
• d. New System z customers, System z security breaches

33. Which scenario is NOT addressed by IBM Federated Identity Manager? (At the end) *This question is required.

• a. Federated Single Sign-On (FSSO).
• b. Self-service user care.
• c. Bring your own ID (BYO-ID) support through Oauth server-side support.
• d. Separation of Duty (SoD) violation detection and remediation.

34. Trusteer Apex is an Enterprise Endpoint Protection solution. Which platforms can be protected by Trusteer Apex? *This question is required.

• a. Smartphones and tablets
• b. Windows and Mac devices
• c. Windows, Mac, iOS and Android devices
• d. Windows Mobile devices

35. What are the three main characteristics of AppScan? *This question is required.

• a. Holistic, Adaptable, Comprehensive
• b. Complete, Integrated, Modular
• c. Accurate, Automated, Integrated
• d. Easy, Simple, Depth

36. The XGS Product Family consists of a number of different models. The XGS 7100 can protect up to which of the following "inspected throughput" values? *This question is required.

• a. 800Mbps
• b. 1.5Gbps
• c. 7Gbps
• d. 20Gbps

Which products are part of Advanced Web Fraud Protection: *This question is required.

• a. Rapport, Apex, Mobile SDK
• b. Pinpoint Malware Detection, Pinpoint Criminal Detection, Apex
• c. Pinpoint Criminal Detection, Rapport, Mobile SDK
• d. Mobile App, Rapport, Apex

37. Your client uses IBM DataPower (DP) appliances in their DMZ for detecting and mitigating XML-based threats. They're currently unhappy with their (non-IBM) web and mobile security solution(s). What should you do? *This question is required.

• a. Talk to them about Tivoli Security Policy Manager as a policy authoring tool and decision engine in support of the DP policy enforcement points.
• b. Talk to them about IBM SAM for DataPower. They can leverage their DataPower investment, adding web and enhanced mobile security to their DP appliances.
• c. Talk to them about IBM SAM for Mobile's ability to integrate with DataPower.
• d. Propose a replacement of their current Web and Mobile controls in their DMZ with IBM SAM for Web and Mobile appliances, with a SAM for Mobile policy server supporing the SAM and DP appliances in the DMZ.

38. When looking across the financial fraud vectors the first target is: *This question is required.

• a. Application
• b. Mainframe
• c. Network
• d. Customer

39. IBM SAM for Mobile provides strong protection. When talking to clients about it, what might you want to work into the discussion? *This question is required.

• a. SAM for Mobile provides Federated Single Sign-On (FSSO).
• b. SAM for Mobile detects and remediates out of compliance mobile endpoints.
• c. SAM for Mobile integrates other key IBM security controls (e.g., Trusteer, Worklight and MaaS360) to enforce more informed policy-driven access.
• d. SAM for Mobile provides an X-Force(R) web application firewall (WAF).

40. What is the primary customer requirement that IBM Security Access Manager addresses? *This question is required.

• a. Web single sign-on.
• b. Service oriented architecture application access management.
• c. Hardening servers involved in e-business transactions.
• d. Enterprise e-business audit log management and reporting.

41. Why would a client use the Guardium Vulnerability Assessment? *This question is required.

• a. Harden databases by identifying unpatched and misconfigured systems
• b. Identify location of database threats
• c. Virus identification and removal
• d. Mask structured data to meet PCI requirements in big data environments.

42. The XGS Product Family was designed to have a high level of modularity in mind, to cope with changing customer needs. Which add-on module/feature below is NOT available in the XGS? *This question is required.

• a. Network Interface Modules (NIMs)
• b. User/Application Control
• c. SSL Inspection
• d. Vulnerability Manager

43. Sellers can sell software to System z customers in what three licensing scenarios: *This question is required.

• a. Via AAS, via PPA, via ESW
• b. To address new workloads, to replace competitors products, to reduce license expenses
• c. z/OS, zLinux, zWorkstation
• d. Direct from ibm.com, via purchase order, via 3rd party supplier

44. Which one of the following best describes IBM Endpoint Manager (BigFix)? *This question is required.

• a. A comprehensive platform with the unique ability to find and fix vulnerabilities in minutes, across all endpoints.
• b. A product that manages mobile devices only.
• c. A solution thta manages Microsoft Windows machines only.
• d. A comprehensive platform that secures financial transactions.

45. What are the key sales situations for AppScan? *This question is required.

• a. Big Data, Security Intelligence, Access Management
• b. Mobile, Upsell to existing customers, Sell to QRadar & System z customers
• c. Breaches, Competitive Pressures, Executive Directives, Regulations
• d. Competitive Takeouts, Mergers & Acquisitions, Right after a breach

46. The best way to stop web fraud is to: *This question is required.

• a. Catch the malware when it first enters the company’s website
• b. Identify the criminals and catch their user id’s before they commit fraud
• c. Block the root causes
• d. Hire more staff to monitor the enterprise

47. In a potential IBM Security Access Manager (SAM) sale, the client is a large customer and has large numbers of applications and servers involved in their SSO/Web authorization plans. Oracle Access Manager (OAM) is the main competitor. What might you emphasize as you try to move the customer in your direction? *This question is required.

• a. SAM for Web appliances are quick to deploy and don't require Oracle's heavy software footprint.
• b.. SAM for Web is easier to integrate with existing Oracle software.
• c. SAM for Web provides risk-aware and context-aware access control.
• d. SAM for Web provides Federated Single Sign-On (FSSO).

48. What key advantages does the QRadar Security Intelligence Platform offer over the competition? *This question is required.

• a. Provides a single UI, workflow, reporting and correlation platform for all QRadar products, now and into the future.
• b. Virtually every component of the QRadar platform is exposed via a robust set of APIs, allowing customers and partners to easily develop their own Security Intelligence applications.
• c. The QRadar platform runs on most major operating systems, easing deployment and reducing overall costs.
• d. QRadar itself is highly secure, and because its architecture is open, it has been certified by NIST and OASIS.

The organizations that receive the highest value from our endpoint management (BigFix) solution display which of the following characteristics? *This question is required.

• a. Organizations with multiple locations, large quantity of remote or mobile computers or distributed servers.
• b. Multi-platform environments –desktops, laptops, servers, point-of-sale/embedded; Windows, UNIX, Linux, Mac, iOS, Android.
• c. Compliance requirements –need to prove compliance with specific government regulations (e.g. HIPAA, PCI) and IT standards and policies; security compliance; license compliance, audits.
• d. All of the above

49. The customer needs to provide PCI compliance controls to encrypt the PCI PAN data inside of DB2, Oracle and SQL Server. Which product do you recommend to the customer? *This question is required.

• a. Guardium Data Encryption
• b. Guardium Database Activity Monitoring
• c. Guardium Vulnerability Assessment
• d. Guardium for Applications

There were 3 themes used to describe QRadar's value. Which of those 3 themes is one that best relates to the unified view that the QRadar Console offers its customers? *This question is required.

• a. Universal.
• b. Automated.
• c. Intelligent.
• d. Integrated.

50. What advantages does QRadar Vulnerability Manager (QVM) bring to the customer? *This question is required.

• a. Performs asset vulnerability scanning and application source code checking.
• b. Performs asset vulnerability scanning and prioritization through correlations with data like flows and threat feeds.
• c. Centralizes vulnerabilities from third party scanners and performs asset vulnerability scanning.
• d. Determines risk by correlating network topology with vulnerabilities.