Practice Free C1000-197 Exam Online Questions
What two steps should administrators take if appliance performance suddenly degrades after a policy update? (Choose two)
- A . Remove the central manager from the deployment
- B . Check CPU and memory utilization on the appliance
- C . Disable all S-TAPs permanently
- D . Review the policy changes for inefficient rules
Which Guardium feature allows administrators to track who modified a policy and when the modification was applied?
- A . Report builder activity logs
- B . Aggregator synchronization report
- C . Policy builder audit trail
- D . S-TAP connection history
Where can administrators configure Guardium to store and manage results from multiple discovery and assessment scans across the enterprise? (Choose two)
- A . Aggregator appliance repositories
- B . Central manager dashboards
- C . S-TAP local logs
- D . External syslog-only servers
What is the main reason to purge data in the Guardium system?
- A . Speed up access operations on the internal database
- B . To avoid adding disk partitions for the internal database
- C . GDPR security compliance reasons for internal database
- D . Minimize the risk to access sensitive data in the internal database
Which two report types can administrators create in Guardium to assist with investigations of suspicious activity? (Choose two)
- A . Policy violation reports
- B . Appliance firmware update reports
- C . Sensitive data discovery reports
- D . S-TAP installation status reports
Which two tasks are performed during a Guardium vulnerability assessment of databases? (Choose two)
- A . Evaluate security patches and configuration compliance
- B . Generate baseline reports for normal query activity
- C . Check database privileges and weak password usage
- D . Consolidate collector data into an aggregator
When deploying Guardium appliances, what should be done before placing collectors into production?
- A . Run a vulnerability assessment on the collectors
- B . Apply latest patches and ensure time synchronization with NTP
- C . Configure collectors as aggregators by default
- D . Disable local logging to save space
What maintenance action ensures Guardium appliances retain compliance evidence even after periodic data purges?
- A . Export reports and archive them to external secure storage
- B . Disable automatic purge jobs permanently
- C . Store all evidence only on collector appliances
- D . Rely on central manager to retain all purged data
What does the Investigation Dashboard display?
- A . Insider Threat Events
- B . S-TAP Failover Events
- C . Active Threat Analytic Events
- D . Data Patterns, Anomalies, and Relationships
How can administrators maintain Guardium system health for long-term stability? (Choose two)
- A . Disable all logging to save disk space
- B . Allow unlimited log retention for audit purposes
- C . Schedule periodic data purge jobs
- D . Apply patches and firmware updates regularly