Download as pdf or txt
Download as pdf or txt
You are on page 1of 14

Started on Tuesday, March 19, 2024, 9:13 AM

State Finished
Completed on Tuesday, March 19, 2024, 9:20 AM
Time taken 7 mins 32 secs Back Next
Feedback Congratulations, you passed the
Guardium Key Lifecycle Management
Level 2 Quiz!

Question 1

Correct

Points out of 1.00

During a client briefing, one of the storage managers at ABC


Bank complains about the high cost to retire old hardware
because of previously stored sensitive information. The client
was very interested to know that Guardium Key Lifecycle
Manager (GKLM) can simplify this process by removing the
encryption keys from the storage media thus making the data
permanently unreadable. What is this process called?

Data retention

Cryptographic erasure 

Media disposal

Insider threat
Question 2

Correct

Points out of 1.00

Back Next

The global encryption software market size in 2020 was $9.8B.


With increasing global regulation and the shift to hybrid multi-
cloud environments, what is the market size expected to be in
2025?

$15B

$10B

$20.1B 

$29.9B

Question 3

Correct

Points out of 1.00

Whilst discussing the benefits of data encryption at a client


briefing, you highlight the primary use case of Guardium Key
Lifecycle Manager (GKLM). One of the biggest data encryption
challenges in any organization is efficient key management.
Which one of the following activities can be classified as part of
the key management process?

Key obfuscation

Cryptographic erasure

Key generation 

Encrypting data from plain text to ciphertext


Question 4

Correct

Points out of 1.00

Back Next

Your client, ABC Bank, contacts you regarding using the storage
capacity of the organization’s storage media to license
Guardium Key Lifecycle Manager (GKLM). The regional data
center supports mortgage applications and has a lot of
sensitive customer data. The current capacity of the storage
media to be encrypted by GKLM is 300 Terabyte (TB) in size.
What license option would you recommend?

Number of registered GKLM users

Processor Value Unit (PVU) license

Terabyte license 

Petabyte license

Question 5

Correct

Points out of 1.00

You're at a client site and you meet the Chief Technology Officer
in passing in the hallway. She knows you are from IBM and
visiting about Guardium Key Lifecycle Manager (GKLM), but she
isn't sure what it is. What do you say GKLM is for?

Creating ciphertext

Encrypting sensitive information

Managing and securing data encryption keys 

Data redaction
Question 6

Correct

Points out of 1.00

Back Next

A client in the financial services industry must comply with


Federal Information Processing Standard (FIPS) 140-2. This is
a higher level of compliance within the industry. What optional
Guardium Key Lifecycle Manager (GKLM) feature meets this
regulatory requirement?

Implementing a Hardware Security Module (HSM) 

Implementing a multi-master architecture

Implementing a firewall

Implementing a master-clone architecture

Question 7

Correct

Points out of 1.00

Guardium Key Lifecycle Manager (GKLM) was ranked highly by


industry analysts as an overall market leader amongst
competing key management systems. What main feature
distinguishes GKLM from its competition?

Appliance form factor

Low processing overhead

Platform agnostic 

Virtual machine form factor


Question 8

Correct

Points out of 1.00

Back Next

Clients can benefit from a key-lifecycle-management solution


that can integrate with other key managers and self-encrypting
devices. How does Guardium Key Lifecycle Manager (GKLM)
communicate with endpoints?

Interoperability protocols 

Asymmetric protocol

Email

Token Ring

Question 9

Correct

Points out of 1.00

The master-clone architecture is a way to implement hyper


redundancy with Guardium Key Lifecycle Manager (GKLM).
Which of the following characteristics of the master-clone
architecture is NOT correct?

This architecture supports a maximum of 21 masters

New keys can only be created by the master

Clients can talk to masters or clones

This architecture supports a maximum of 20 clones 


Question 10

Correct

Points out of 1.00

Back Next

The volume of business data has grown at exponential rates.


One aspect of security can be easily implemented at various
layers of files, applications, and in hardware to provide extra
protection. What security activity is this?

Data encryption 

Data activity monitoring

Vulnerability assessment

Rules-based access control

Question 11

Correct

Points out of 1.00

A client, ABC Bank, has decided to go ahead with implementing


Guardium Key Lifecycle Manager (GKLM) and they have opted
for a high availability deployment configuration. Which of the
following are configuration options in which GKLM can address
the need for redundancy and high availability?

Multi-master and master-clone 

Hyper redundancy and clone backup

Multi-clone and primary master

Redundant master and clone


Question 12

Correct

Points out of 1.00

Back Next

You are in a whiteboarding session with a client, and you bring


up asymmetric encryption. The client asks you what
asymmetric encryption is used for. What do you tell them?

It uses a public key to decrypt the data

It incurs less than 4% overhead

It uses one key for encrypting and the same key for
decrypting

It is most frequently used for key wrapping 

Question 13

Correct

Points out of 1.00

With the modern-day explosion of data, organizations are


challenged by the complexities of managing a data encryption
solution. Your client, ABC Bank, has complained about how
difficult it is to manually manage 1000’s of encryption keys
generated by self-encrypting media. Which of the following is
an operational benefit when organizations implement Guardium
Key Lifecycle Manager (GKLM)?

Automated key rotation 

Packet scanning

Ciphertext

Plaintext rotation
Question 14

Correct

Points out of 1.00

Back Next

The Chief Information Security Officer (CISO) from ABC Bank


talks about the Federal Information Processing Standard (FIPS)
140-2 compliance requirement, which the bank needs to meet
and wants to know if Guardium Key Lifecycle Manager (GKLM)
meets these requirements. You respond by explaining that the
Hardware Security Module (HSM) does comply with the FIPS
requirement, and you describe the benefits of an HSM. What
characteristic below accurately describes the HSM?

It creates an extra level of security by storing the


encrypted data on the cloud

It is a module enabled within the Guardium dashboard

It is a tamper-proof hardware appliance that can be 


locked down if inappropriate access is detected

It is an alternate configuration to a multi-master


deployment

Question 15

Correct

Points out of 1.00

When counting software licenses for a master-clone


deployment of Guardium Key Lifecycle Manager (GKLM), clients
are entitled to 1 free copy of GKLM basic edition. If a client has
deployed a single master and 15 clones in their data center,
what is the most accurate license?

N-1 

17

1
Question 16

Correct

Points out of 1.00

Back Next

Guardium Key Lifecycle Manager (GKLM) manages data


encryption keys that are created by storage hardware. The
created keys are further encrypted using a master key.
However, a client of yours is subject to strict regulatory
compliance requirements and they need to implement
additional controls when managing their encryption keys. What
hardware device do you suggest in order to achieve this
elevated level of key security?

a. GKLM virtual appliance

b. Guardium Data Protection (GDP) hardware appliance

c. GKLM server

d. Hardware security module (HSM) 

Question 17

Correct

Points out of 1.00

You are meeting with the procurement team at a client. They


ask you what metrics are used for licensing Guardium Key
Lifecycle Manager (GKLM). What metrics are used for GKLM?

Number of GKLM servers and storage capacity 

Number of encrypted servers

Processor Value Unit (PVU) based

Number of registered GKLM users


Question 18

Correct

Points out of 1.00

Back Next

Which one of the following is NOT a benefit of data encryption?

Protects sensitive data

Helps discover sensitive data on storage media 

Helps reduce media disposal costs

Helps meet regulatory compliance mandates

Question 19

Correct

Points out of 1.00

You want to progress an opportunity with a client and talk to


some potential buyers. Which of the following people are NOT a
typical buyer within an organization for Guardium Key Lifecycle
Manager (GKLM)?

Chief Information Security Officer (CISO)

Chief Technology Officer (CTO)

Vice President (VP) of Software Development 

IT Storage Manager
Question 20

Correct

Points out of 1.00

Back Next

You are meeting with a C-Level executive at ABC Bank. They ask
you what the core functionality of Guardium Key Lifecycle
Manager (GKLM) is. What do you tell them?

GKLM helps clients manage the lifecycle of the many 


encryption keys created in a data encrypted
environment

GKLM enables clients to communicate with storage devices


using a Virtual Private Network (VPN)

GKLM helps clients maintain keys across various platforms


as IBM is continually investing in the solution to broaden
the supported devices footprint

GKLM enables clients to communicate with storage devices


using IBM Proprietary Operations (IPO)
Question 21

Correct

Points out of 1.00

Back Next

Your client, ABC Bank, has decided to implement Guardium Key


Lifecycle Manager (GKLM) across 12 datacenters and is
concerned about losing access to it's data should a failure occur
if one of the servers goes down. The bank has decided to follow
the recommended redundancy and high availability
configuration. What is the risk of not having these measures in
an environment which has a single primary GKLM server and no
backup?

It will take longer to decrypt the data without the


decryption key

There is no risk as a new GKLM server will be able to


restore the data

The encrypted data automatically reverts to clear text if the


GKLM server goes offline

There is a high risk of losing access to the encrypted 


data forever if the encryption keys are lost

Question 22

Correct

Points out of 1.00

In which phase of the Data Security Lifecycle does Guardium


Key Lifecycle Manager (GKLM) fit into?

Remediate

Protect 

Detect

Respond
Question 23

Correct

Points out of 1.00

Back Next

Your client, ABC Bank, is considering deploying Guardium Key


Lifecycle Manager (GKLM) globally with redundancy across 32
sites in a multi-master configuration. Which of the following
statements describing this deployment is accurate?

Each site will have a single GKLM server with a max of 


21 synchronized GKLM servers

A master-clone configuration is more suitable as it can


synchronize more than 21 servers

New keys can only be created by a primary master in a


multi-master configuration

Each site will have a single GKLM master and these will be
synchronized across sites

Question 24

Correct

Points out of 1.00

As an added security measure, keys are sometimes used to


encrypt other keys. What is this process known as?

Key loss

Unstructured data encryption

Key wrapping 

Cryptographic erasure
Question 25

Correct

Points out of 1.00

Back Next

The multi-master architecture is a way to implement hyper


redundancy with Guardium Key Lifecycle Manager (GKLM).
Which of the following characteristics of the multi-master
architecture is NOT correct?

Multi-master architecture means that new keys may be


created by any master

Multi-master architecture means that application clients


can talk to any master for existing and new keys

Multi-master architecture is limited to a maximum of 21


masters

Multi-master architecture can support an infinite 


number of master servers across data centers

You might also like