• Barajar
    Activar
    Desactivar
  • Alphabetizar
    Activar
    Desactivar
  • Frente Primero
    Activar
    Desactivar
  • Ambos lados
    Activar
    Desactivar
  • Leer
    Activar
    Desactivar
Leyendo...
Frente

Cómo estudiar sus tarjetas

Teclas de Derecha/Izquierda: Navegar entre tarjetas.tecla derechatecla izquierda

Teclas Arriba/Abajo: Colvea la carta entre frente y dorso.tecla abajotecla arriba

Tecla H: Muestra pista (3er lado).tecla h

Tecla N: Lea el texto en voz.tecla n

image

Boton play

image

Boton play

image

Progreso

1/52

Click para voltear

52 Cartas en este set

  • Frente
  • Atrás
The deployment health views gather and display information about your....
entire Guardium
environment in powerful, easily consumed graphical views.
he deployment health views are
designed to....
work together by consolidating several different sources of information into unique
but related views
The deployment health views present data gathered from an entire Guardium
environment and are only available from...
a central manager
Access the topology view by navigating to.... di la direccion
Manage > System View > Deployment Health
Topology
Access the table view by navigating to ... di la direccion
Manage > System View > Deployment
Health Table.
The deployment health dashboard provides an....
t-a-glance summary of issues that are
found across a Guardium deployment
The dashboard is especially useful for....
identifying
patterns and trends in the health data before investigating individual systems where
problems are identified.
Access the dashboard by navigating to... di la direccion
Manage > System View > Deployment Health
Dashboard.
que se requiere configurar para deployment health?
the collection of unit utilization data, the configuration of correlation alerts, and that data
import, export, and S-TAP verification is correctly configured.
The deployment health dashboard supports several tiles based on Guardium correlation alerts, menciona cuales
Alerts by category, Alerts by name, Alerts by severity, and
Alerts by system
Correlation alerts must be explicitly configured for inclusion on the....
deployment
health dashboard.
The resource requirements tile indicates....
whether systems in a Guardium
deployment meet the minimum hardware requirements for CPU, memory, and
/var disk capacity.
Any system resource that does not meet the minimum
requirement ....que es lo que pasa?
is designated as a high-severity issue and displayed on both the
resource requirements tile and the high severity issues tile.
System resource issues are not displayed in the Events timeline because.......
they are not associated with a specific time stamp
Unit utilization timecharts allow the....
bservation of trends in unit utilization data
over time.
Unit utilization timecharts can be configured to show multiple unit
utilization metrics for a single Guardium system or to.....
show a single unit utilization
metric for multiple Guardium systems.
The deployment health table view is accessible from....
any central manager and provides a
sortable table view of deployment health data of the entire Guardium environment that is
connected to that central manager.
en deployment health information,
about all connected aggregators and collectors along these dimensions (listalos)
• Overall
• Connectivity
• Unit utilization
• Aggregation
It also shows import and export relationships among collectors and aggregators. The
view is available at ...di la ruta
Manage > System View > Deployment Health Table.
Open the Services Status panel by clicking... di la ruta
Setup > Tools & Views > Services Status
que es The Services Status panel ?
is a centralized place to check status of services such as Unit
Utilization levels, data archiving, alerter and others, and if necessary, investigate each service
further
donde queda su menu de the Services Status panel
Setup > Tools & Views > Services Status
Each service displays one of the following icons... enlistalos
• Service is running/scheduled: paloma verde
• Service is paused: pausa roja
• Service is off: equis gris
en donde queda el buff usage monitor?
Reports > Guardium Operational Reports > Buff Usage Monitor
Displays the maximum unit utilization level for each unit in the given timeframe..... en donde se ubica ese reporta?
Reports > Real-Time Guardium Operational Reports
> Unit Utilization
Partes que componen un s-tap event?
Event Type Success: Error Type, and so on
Event Description: Short description of the event
Timestamp Date: and time the event occurred
que haces con el comando support show db-top-tables all ?
identify which tables are full and
causing the problem (fillingup de databeis)
Two areas can get full on a Guardium Appliance which can then cause the GUI to be
stopped... cuales son?
- The Internal Database
- The filesystem itself (usually its the /var partition that can fill up)
To check if /var partition (filesystem) is 90% full or more, run a must gather from cli....cual es el comando?
support must_gather system_db_info
para que sirve este comando? support show large_files 10 0
identificar archivos grandes a partir de 10mb y que tengan 0 dias de antiguedad
Que es The analyzer rate?
is the amount of incoming data into the sniffer. The value of analyzer
rate can be different depending on the appliance and traffic.
Que es The analyzer queue?
is the amount of traffic queued for analysis. This value will probably
be going up and down meaning the queue is growing an being processed. If the queue is
constantly high it is very likely to cause a problem.
The analyzer part of the sniffer has a circular buffer. When the queue is full any incoming
data will be dropped. The amount of dropped data from the last minute is logged in.......
flat
log requests
Que pasa si se incrementa el flat log request?
If there was data dropped by the analyzer in the last minute, the flat log
requests will increase. Increasing flat log requests is the key indicator of analyzer queue
overflow. For a healthy sniffer it should not be increasing.
Lee el siguiente caso:
If the analyzer queue is overflowing it means the traffic is coming into the
appliance faster than the analyzer can process it. Improvements in the latest
sniffer patches will help, but reducing the amount of traffic to the collector is often
the best solution, for example by
(enlista las sugerencias)
• Using Ignore S-TAP Session action on more traffic in the policy
• Moving S-TAPs to a less loaded collector
• Load balancing traffic between more than one collector
• Adding more collectors to the environment
List the tasks that access management consists of enlistalas
Account administration, maintenance,
monitoring and revocation
There are two predefined users on a Guardium® appliance...cuales son?
accessmgr and admin.
Admin and accessmgr roles cannot be assigned to ......
the same user.
decribe el rol "user"
Provides the default layout and access for all common users. This role can not
be deleted.
describe el rol "admin"
Provides the default layout and access for Guardium administrators. Do not
confuse the admin role with the admin user, which is a special user account
having the admin role, but also having additional powers that are reserved for
the admin user account only. This role can not be deleted.
describe el rol "accessmgr"
Provides the default layout and access for the access manager. This role can
not be deleted.
describe el rol "datasec exempt"
Data Security - Exempt. This role is activated when Data level security is
enabled (see Global Profile in Administration Console) and the datasecexempt role has been assigned. If the user has this role, a Show all check box
appears in all reports. If checked, all sniffed data records are shown (no filter is
applied). This role cannot be deleted in the Role Browser.
describe el rol "review-only"
Users with this role is allowed to enter comments in the audit process viewer
(not workflow or comments/data per row, but comments at process/result
level).
Users with this role cannot perform any changes/actions on any workflow
automation result (escalate, reassign, etc)
describe el rol "audit role"
Auditors and others who need to view audit reports
describe el rol "infosec"
Users who have an information security focus, including tracking access to the
database, and handling network requests, audits, and forensics
describe el rol "GDPR"
The Guardium GDPR accelerator provides predefined reports based on GDPR
groups and policies. To begin working with the GDPR accelerator, assign the
GDPR role to a Guardium user. This role cannot be deleted.
Pasos para crear un rol customizado
• Creating a new role
• Managing permissions for the role to limit what users can access
• Optionally customizing the navigation menu for the role to further limit what users
can see
• Adding users to the role
Limit access from the application by deselecting the All Roles check box on ....menciona la direccion
Role Permissions > Edit Application Role Permissions screen
Data Archive and Results Archive can be found... di la direccion
Manage > Data Management.
Patch is successfully installed on central manager, but cannot be pushed to
managed units.
Verify that
TCP port 3306 is open bidirectional
The only dependency that must be successfully installed before installing the Guardium v10.0 p200 GPU, is.....
v10.0 Health Check patch 9997
v10.1.2 v10.0 p200 GPU can be installed on any v10.xsystem regardless whether it was
upgraded from....
v9.x or built from earlier v10.x image.