M2150-709 - IBM Security Systems Sales Mastery Test v3
Go back to IBM
What is the average cost to a development organization to identify and correct security defects that have gotten into production?
$7,600 per defect multiplied by 100 defects for a total of $760,000 USD
Who are typical target buyer(s) for Trusteer?
Line of Business and Chief Information Security Officer (CISO)
IBM Endpoint Manager can provide which of the following functions to a client?
Control of their endpoints - both traditional and mobile devices
IBM Endpoint Manager is an agent-based solution. Which of the following characteristics/features are provided by the agent?
Continuous policy enforcement
Which of these attack vectors is something Trusteer does not address at this time?
Denial of Service
Apex Exploit Prevention is designed to do which of the following?
Prevent the exploitation of known and zero-day vulnerabilities and stop drive-by downloads
What is a security challenge to System z environments?
Misconfigurations to subsystems can expose unanticipated vulnerabilities
With Federated Identity Manager, which of the following customer scenarios are able to be addressed?
Cross-domain single sign-on, whether the requester is an external user or an internal employee.
The IBM Endpoint Manager Mobile Device module provides full management support for iOS and Android devices. Which feature or features does it offer?
Fully wipe a device if lost or stolen
The IBM Endpoint Manager solution consists of a centrally deployed server and agents deployed on the customer endpoints. Which of the following best describes the agent platform support?
Which product(s) could you introduce into a customer discussion about how to manage and protect their endpoints?
Both A and B
What is the key to the significant time and money efficiencies that IBM Security Identity Manager (formerly Tivoli Identity Manager or TIM) is able to afford customers?
Assignment of users to roles and provisioning policies based on roles rather than individual users.
There are several key integrations of AppScan and other IBM Security solutions. Choose the answer that names two of those integrations and their value.
Integration with IPS to remediate identified vulnerabilities and identify virtual patches; Integration with QRadar to identify application vulnerabilities that contribute to enterprise exposures
Which add-on license allows clients to purchase additional inspected throughput for their IBM Security Network Protection (XGS) product?
Flexible Performance Licensing
What is a value/feature of zSecure Administration?
Allows capture of unauthorized back door changes to RACF
A single appliance to collect events and flow data, perform data correlation and rule matching, report alerts and provide admin capability is called what?
What value does QRadar Vulnerability Manager's (QVM's) integration with other IBM Security products bring to the customer?
QVM uses information from these products to clearly identify for the customer which vulnerabilities need the most attention.
When touting QRadar and its abilities to help customers address advanced threats, which 2 points are the best ones to highlight?
QRadar works well with IBM's network protection and intrusion prevention offerings, and QRadar benefits from regular Security Intelligence feeds from IBM's X-Force R and D team.
Which of the following statements best distinguishes between why customers purchase Access Manager for Web (formerly Access Manager for e-business) versus Security Policy Manager?
Access Manager addresses coarse-grained access control and Security Policy Manager addresses fine-grained access control.
What is the other main capability offered by Federated Identity Manager, besides federated (cross- domain) single sign-on?
Identity propagation and consistent auditing in portal, Service-Oriented Architecture or Web Services scenarios.
Name a competitor to IBM zSecure.
In addition to vulnerability research and malware analysis, IBM Security X-Force Research and Development performs which of the following tasks?
Content analysis of web pages and images
What systems/devices does Apex protect?
Devices of online banking customers
What are the primary buying agendas for application security?
Compliance, Breaches, Mobile, Customer Driven
What are the three main solutions within the AppScan portfolio?
AppScan Standard, AppScan Enterprise, AppScan Source
What is the Apex solution?
An Advanced Threat Protection solution for enterprises
Which of the following is Apex Exfiltration Prevention is designed to do?
Prevent malware from compromising other processes and opening external communication channels
What are the aspects of Mobile deployments that are unique as compared to other deployments and therefore heighten security concerns?
Mobile devices are easier to hack, Mobile devices are hard to manage
Which of the following statements are true for IBM Endpoint Manager?
It offers patching of various Operating Systems and Third Party applications
What is the primary customer requirement that Access Manager for Web (formerly Access Manager for e-business) addresses?
Web single sign-on.
What is a key market for selling Security Key Lifecycle Manager?
System z customers using EKM
IBM's full set of single sign-on solutions address which environments?
Web, federated and enterprise.
The IBM Endpoint Manager Core Protection module is an OEM product from Trend Micro. Which feature or features does this module provide?
What are the three main application security functions of AppScan?
Scan, Analyze and Report
Which IBM Security solutions can feed System z security events to QRadar?
zSecure, Guardium, AppScan
According to Trusteer a balanced approach to the "Security Dilemma" will address which of these items?
All of the above
Which product is used to manage both IBM Security Network IPS and IBM Security Network Protection products?
IBM Security SiteProtector
Which of the following is NOT one of the "4 Principles" of a successful Fraud Prevention Architecture?
IBM introduced the Access Manager for Mobile appliance in October 2013. Which of the following is not provided by Access Manager for Mobile?
Federated SSO for software as a service (SaaS) targets such as SalesForce.
You are in a competitive user management/identity management/user provisioning sale, and the decision seems to hinge on who has the superior role management capabilities. You handle this by:
Touting Identity Manager's significant role management capabilities and emphasizing the fact that IBM SIM comes with Role and Policy Modeling in the package, whereas competitors charge extra for it.
In a potential Access Manager for Web sale, the client is a large customer and has large numbers of applications and servers involved in their SSO/Web authorization plans. Oracle Access Manager (OAM) is the main competitor. What might you emphasize as you try to move the customer in your direction?
Access Manager for Web scales well, and is much easier to manage, given a relatively small number of Access Manager for Web servers involved, versus many OAM plug-ins to manage And the appliance version of Access Manager for Web provides faster time to value (TTV).
What is a value/feature of zSecure Compliance and Auditing?
Addresses real time audit control points, especially network audit control points
There were 3 themes used to describe QRadar"s value. Which of those 3 themes is one that best relates to the unified view that the QRadar Console offers its customers?
Which are business drivers for either the LOB and CISO when evaluating Trusteer?
Reduce online and cross channel fraud and meet regulatory compliance
IBM Privileged Identity Manager addresses what business problems?
All of the Above
In the RSA breach case study, how was the attack enabled?
A Spear-Phishing email containing a weaponized attachment
In considering the overall SIEM competitive landscape, what are the 2 top points that favor QRadar over all of its competitors?
Broadest set of integrated capabilities and ease of deployment.
The common architecture across the QRadar products offers advantages over the competition. What are the main 2 advantages that were covered?
Opens areas of visibility into your network and scales easily.
The IBM Security Network Protection (XGS) platform provides which of the following features on top of what is provided by the IBM Security Network IPS platform?
Visibility and Control