Home » IBM » C2150-606 » How would the administrator identify the changes that were made and who made them?
A Guardium administrator observes certain changes to the configuration and policies.
How would the administrator identify the changes that were made and who made them?
A. Review the Audit Process Log report.
B. Review the sniffer buffer usage report.
C. Review the /var/log/messages log file.
D. Review the results of ‘Detailed Guardium User Activity’ report.
Correct Answer: D
Explanation/Reference:
User Activity Audit Trail Reports
The User Activity Audit Trail menu selection displays two reports. In addition, from each of those reports, a third report can be produced.
* User Activity Audit Trail
* System/Security Activities
* Detailed Guardium User Activity (Drill-Down)
Detailed Guardium User Activity report lists the following attribute values, all of which are from the Guardium User Activity Audit entity, except for the Activity Type Description, which is from the Guardium Activity Types entity: User Name, Timestamp, Modified Entity, Object Description, All Values, and a count of Guardium User Activity Audits entities.
Reference: https://www-01.ibm.com/support/knowledgecenter/SSMPHH_9.1.0/com.ibm.guardium91.doc/appendices/topics/predefined_admin_reports.html
Download Printable PDF. VALID exam to help you PASS.
|
|