IBM


IBM Professional Certification Program

Accelerate insight. Improve skills. Get certified now.

Test C2150-536: Fundamentals of Applying Tivoli Security and Compliance Management Solutions V3


Note: This test will be withdrawn on Oct 31 2014.
The replacement test is: (C2150-201) Fundamentals of Applying IBM Security Systems Identity and Access Assurance


Section 1: Establish the Customer's Baseline


  1. Given the company organization chart schedule an introductory meeting with customer sponsor and all interested parties so that a list of key players and decision makers with corresponding roles and responsibilities is created.
    With emphasis on performing the following:

    1. Identify the customer sponsor, stakeholders and the actual decision maker.

    2. Schedule an introductory meeting with customer sponsor and all interested parties.

    3. Record key names and identify key players, including key decision makers.

    4. Verify that key players and decision makers are valid.

    5. Match key players with key security functionality within the organization.

    6. Compile a final list of key players and decision makers (title, contact information, etc.).

    7. Determine the relationships between the key players and decision makers.

  2. Given a list of key decision makers, interview key decision makers and compile the customer's security requirements so that a document is created containing the customer's business and desired security requirements.
    With emphasis on performing the following:

    1. Document the customer's business requirements.

    2. Obtain customer's immediate business/security needs.

    3. Obtain customer's long term business/security vision.

    4. Schedule meetings with key decision makers.

    5. Interview key decision makers.

    6. Gather customer's stated security requirements.

    7. Compile a list of desired security requirements from customer. This may include (single enterprise or federated):

      1. authentication

      2. authorization

      3. audit compliance

      4. identity management

      5. identity provisioning

      6. privacy management

      7. risk management

      8. incident management

      9. risk mitigation

      10. single sign-on

      11. high-availability

      12. disaster recovery

      13. workflow management

      14. compliance management

      15. encryption

      16. intrusion detection

      17. configuration management

      18. vulnerability scanning

    8. Compile a list of governing standards that affect security direction and customer.

    9. Document customer's stated security requirements.

  3. Given the availability of customer key personnel, describe the networking, operating systems, hardware, relational databases, applications (Java, .NET, etc.), Open Source applications (Apache, Geronimo) and key vendor (SAP, Siebel, PeopleSoft, etc.) environments within the customer organization so that a document is produced that properly describes the customer environments.
    With emphasis on performing the following:

    1. Request information on networking, operating systems, hardware, relational databases, applications and key vendor environments.

    2. Validate customer reported environment is accurate and up to date, using an existing Change and Configuration Management Database if available.

    3. Interview and meet with the technical owners of the networking, operating systems, hardware, relational databases, applications and key vendor environments to discuss potential impact on overall security design.

    4. Interview and meet with any other security, compliance, or auditing teams.

    5. Document findings as it relates to the security infrastructure.

    6. Document any limitations of the customer environment.

  4. Given a customer contact, obtain a description of the IT and business organizational structure and create a document that represents the organizational structure within the customer environment so that the IT and business organizational structures are documented.
    With emphasis on performing the following:

    1. Request IT and business organizational structure information from the customer, including any vendor-related relationships.

    2. Compile the results of the processed information.

    3. Create a document that represents the IT and business organizational structures, including roles and responsibilities, within the customer environment.

  5. Given a list of the customer's business processes, identify the key areas of the processes that relate to security so that the customer's current business processes are documented including any gaps.
    With emphasis on performing the following:

    1. Identify key areas in the business process that relate to security and compliance, such as:

      1. Configuration management

      2. Identity and access management

      3. Data and information security

      4. Risk management

      5. Threat identification and mitigation

      6. Disaster recovery

      7. Vulnerability scanning

      8. Penetration testing

      9. Change management

    2. Create a process map.

    3. Create a gap analysis.

  6. Given a list of the customer's business processes, identify the key areas of the processes that relate to compliance management so that the customer's current business processes are documented including any gaps.
    With emphasis on performing the following:

    1. Identify key areas in the business process that relate to managing compliance with enterprise policies and legal requirements, such as:

      1. Asset classification (risk-based assessment of threat, vulnerability and value)

      2. Assess, plan, implement and manage controls

      3. Monitor the effectiveness of controls.

      4. Compliance auditing and reporting

      5. Identify and investigate policy exceptions.

      6. Incident response

      7. Demonstrate the effectiveness of controls and compliance with enterprise policies and legal requirements.

    2. Create process map.

    3. Create gap assessment.

  7. Given the availability of the information and key persons, analyze the customer's IT process maturity as it relates to security and compliance management so that the customer's IT process maturity is understood.
    With emphasis on performing the following:

    1. Request information on the practice of IT process maturity as it relates to security and compliance management. This may include:

      1. Configuration management

      2. Identity and access management

      3. Data and information security

      4. Risk management

      5. Threat identification and mitigation

      6. Disaster recovery

      7. Vulnerability scanning

      8. Penetration testing

      9. Change management

      10. Asset classification (risk-based assessment of threat, vulnerability and value)

      11. Assess, plan, implement and manage controls

      12. Monitor the effectiveness of controls

      13. Compliance auditing and reporting

      14. Identify and investigate policy exceptions

      15. Incident response

      16. Demonstrate the effectiveness of controls and compliance with enterprise policies and legal requirements

    2. Interview the overall Information Technology Owner and the Information Security Owner if applicable.

    3. Compile information received.

    4. Create a document that outlines the customer IT process maturity as it relates to security and compliance management.

  8. Given the documents describing a customer's current security environment combine the documents so that the customer's baseline is documented.
    With emphasis on performing the following:

    1. Identify the documents to be included in the baseline document.

    2. Combine the documents to create a baseline document.


Section 2: Evaluate the Customer's IT Processes, People, and Technologies


  1. Given in-house security standards documents, certification requirements, and IBM security standards documents, analyze existing in-house standards and certification requirements, taking into account relevant international (government or civil) standards so that a document describing relevant security standards and certification requirements is available for the project.
    With emphasis on performing the following:

    1. Analyze existing in-house standards and certification requirements.

    2. Identify relevant security standards and certification requirements available for the project.

    3. Document relevant security standards and certification requirements available for the project.

  2. Given access to key information and personnel, retrieve the customer's legal requirements as they relate to managing and demonstrating compliance with governing regulations so that applicable regulations are documented.
    With emphasis on the following:

    1. Retrieve existing documentation of applicable regulations and standards.

    2. Retrieve findings from regulatory audits and exams.

    3. Document applicable regulations.

  3. Given the customer's baseline document, analyze business processes from a security and compliance management perspective so that a document describing true security requirements is created.
    With emphasis on performing the following:

    1. Analyze business processes from an authorization perspective.

    2. Analyze business process from an authentication/single sign-on perspective.

    3. Analyze business processes from an audit/compliance perspective.

    4. Analyze business process from an identity management perspective.

    5. Analyze business process from an identity provisioning perspective.

    6. Analyze business process from a risk management perspective.

    7. Analyze business process from a privacy perspective.

    8. Analyze business process from a data and application and storage perspective.

    9. Analyze business processes from exceptions from the standards perspective.

    10. Analyze business process from a separation of duties perspective.

    11. Document the business scenarios and their security exposure.

  4. Given the customer's business priorities and the security environment in which they do business, understand the general risks that may face the customer, plus indentify particular security pain points the customer might have so that a basic risk assessment and security priorities can be compiled.
    With emphasis on performing the following:

    1. Understand the business environment and the related threats.

    2. Analyze core business functions.

    3. Indentify security threats to those business functions.

    4. Understand the customer's capabilities to indentify vulnerabilities.

    5. Understand the customer's capabilities to classify assets.

    6. Understand the customer previous struggles with information security

  5. Given the customer's chosen IT process best practice framework, understand the customer's alignment to IT process best practices so that the gaps are documented.
    With emphasis on performing the following:

    1. Review the customer's chosen IT process best practice framework, if applicable.

    2. Compare baseline document to best practices to identify gaps.

    3. Document gaps.


Section 3: Identify Security Opportunities


  1. Given the customer's baseline and true security requirements, perform a gap analysis so that a document describing the gaps in the customer's security and compliance management environment is produced.
    With emphasis on performing the following:

    1. Analyze customer's baseline document against industry and international (government or civil) standards, industry best practices (i.e.ISO 27001, COBIT, and ITIL) and compliance regulations (i.e. HIPAA, SOX, and PCI) to identify gaps.

    2. Analyze the customer's security requirements document against industry and international (government or civil) standards, industry best practices (i.e. ISO 27001, COBIT, and ITIL) and compliance regulations (i.e. HIPAA, SOX, and PCI) to identify gaps.

    3. Analyze the customer's baseline and security requirements to determine security gaps in customer's current environment with respect to their security goals. For example, if a customer wants to implement self care.

    4. Document gaps in customer's security and compliance management plan.

  2. Given the customer baseline document, evaluate the baseline to identify security and compliance management scenarios so that a document describing the security and compliance management scenarios to scope the project is created.
    With emphasis on performing the following:

    1. Evaluate baseline to identify configuration management scenarios.

    2. Evaluate baseline to identify identity and access management scenarios.

    3. Evaluate baseline to identify data and information security scenarios.

    4. Evaluate baseline to identify risk management scenarios.

    5. Evaluate baseline to identify threat identification and mitigation scenarios.

    6. Evaluate baseline to identify disaster recovery scenarios.

    7. Evaluate baseline to identify vulnerability scanning scenarios.

    8. Evaluate baseline to identify penetration testing scenarios.

    9. Evaluate baseline to identify change management scenarios.

    10. Evaluate baseline to identify asset classification (risk-based assessment of threat, vulnerability and value) scenarios.

    11. Evaluate baseline to identify IT control assessment, planning, implementation and management scenarios.

    12. Evaluate baseline to identify compliance auditing and reporting scenarios.

    13. Evaluate baseline to identify policy exception scenarios.

    14. Evaluate baseline to identify incident response scenarios.

    15. Document these security and compliance management scenarios.

  3. Given a failed audit, perform analysis using information from the audit report, so that gaps in the customer's security and compliance management environment are identified.
    With emphasis on performing the following:

    1. Identify the data that was presented in the audit report.

    2. Identify the gaps in the failed audit report.

    3. Check with the improvement plan the customer has in place to determine if the gaps are already covered.

    4. Identify Tivoli Security products that will fulfill the gaps.

  4. Given the understanding of the customer's primary security requirements and the understanding of Tivoli's security offerings (including IBM, other Tivoli, and Tivoli Partner products), match the customer's security and compliance management requirements to Tivoli security solutions and consolidate into a single document identifying those opportunities.
    With emphasis on performing the following:

    1. Identify Tivoli security software offerings that fulfill the customer's primary security and compliance management requirements.

    2. Identify Tivoli security software offerings that fulfill the customer's identified gaps in process or technology.

    3. Create a document that maps the Tivoli security software offerings that fulfill the customer's primary security and compliance management requirements and identified gaps.

  5. Given the understanding of the customer's business growth and consolidation plans, industry and IBM Tivoli's long-range vision for security solutions, define the long-range vision for future direction of customer's security solutions and consolidate into a single document.
    With emphasis on performing the following:

    1. Analyze the customer documents or results of interviews expressing vision to determine influence on future direction.

    2. Analyze the customer's business plans.

    3. Analyze and differentiate between customer's tactic solutions and IBM Tivoli strategic solutions.

    4. Identify any effect of industry analysts (Gartner, Forrester) on the customer.

    5. Analyze the current security industry standards to determine influence on future direction.

    6. Analyze IBM/Tivoli's security vision to determine influence on future direction.

    7. Incorporate the above information into a future direction document.


Section 4: Create, Justify, and Deliver Solution Design/Recommendation


  1. Given the need to propose an IBM solution design, have working knowledge of the Identity and Access Assurance products and familiarity with related Tivoli Security products, so that the client understands the breadth and depth of the capabilities and reach of the Tivoli portfolio which can address their tactical and strategic requirements.
    With emphasis on performing the following:

    1. IBM Tivoli Access Manager for e-business: A versatile solution for Authentication and Authorization problems. It manages growth and complexity, controls management costs, and addresses the difficulty of enforcing security policies across a wide range of Web application resources.

    2. IBM Tivoli Access Manager for Enterprise Single Sign-On: It helps automate single sign-on, enhances security with automatic password management, and extends audit and reporting capabilities in a quick, simple-to-deploy solution.

    3. IBM Tivoli Access Manager for Operating Systems: It blocks both insiders and outsiders from unauthorized access to and use of valuable customer, employee and business partner data.

    4. IBM Tivoli Federated Identity Manager: It spans companies or security domains to provide identities access to information and services without replicating identity and security administration at both companies.

    5. IBM Tivoli Identity Manager Provides a secure, automated and policy-based user management solution that helps effectively manage user accounts, access permission's and passwords from creation to termination across the IT environment.

    6. IBM Tivoli Security Information and Event Manager (TSIEM) : Protects intellectual property and privacy against insider threat and helps control the cost of demonstrating compliance.

  2. Given the need to propose an IBM solution design, have working knowledge of the Data and Application Security products and familiarity with related Tivoli Security products, so that the client understands the breadth and depth of the capabilities and reach of the Tivoli portfolio which can address their tactical and strategic requirements.
    With emphasis on performing the following:

    1. IBM Tivoli Security Compliance Manager: It acts as an early warning system and helps small, medium and large businesses define consistent security policies and monitor compliance of these defined security policies.

    2. TSIEM: Provides visibility into your organization's security compliance posture through log management and monitoring privileged users for insider threat, audit, and compliance. Includes dashboard views and reporting to help measure security posture and respond to auditors' requests.

    3. IBM Tivoli Security Policy Manager: Centralizes security policy management and fine-grained data access control for applications, databases, portals and services.

    4. IBM Tivoli Federated Identity Manager: It spans companies or security domains to provide identities access to information and services without replicating identity and security administration at both companies.

    5. IBM Tivoli Access Manager for Operating Systems: It blocks both insiders and outsiders from unauthorized access to and use of valuable customer, employee and business partner data.

    6. IBM Tivoli Key Lifecycle Manager: Helps IT organizations better manage the encryption key lifecycle by enabling them to centralize and strengthen key management processes throughout the enterprise.

  3. Given the need to propose an IBM solution design, have working knowledge of the IBM Tivoli zSecure Admin and Audit products and familiarity with related Tivoli Security products, so that the client understands the breadth and depth of the capabilities and reach of the Tivoli portfolio which can address their tactical and strategic requirements.
    With emphasis on performing the following:

    1. IBM Tivoli zSecure Admin: Enables more efficient and effective RACF security administration, user management, and compliance management using significantly less resources.

    2. IBM Tivoli zSecure Audit: Compliance and audit solution that enables you to automatically analyze and report on security events and detect security exposures on the mainframe.

    3. TSIEM: Provides visibility into your organization's security compliance posture through log management and monitoring privileged users for insider threat, audit, and compliance. Includes dashboard views and reporting to help measure security posture and respond to auditors' requests.

  4. Given the need to propose an IBM solution design, have working knowledge of the IBM Internet Security Systems products and familiarity with related Tivoli Security products, so that the client understands the breadth and depth of the capabilities and reach of the Tivoli portfolio which can address their tactical and strategic requirements.
    With emphasis on performing the following:

    1. IBM Security Network Intrusion Prevention System (Formerly IBM Proventia Network Intrusion Prevention System): Blocks network threats with security convergence of IBM Virtual Patch® technology, client side application protection, advanced IPS, data security, Web application protection and application control.

    2. IBM Proventia Server Protection: Delivers multilayered intrusion prevention and detection to protect servers from attack and more thoroughly manage compliance through extensive monitoring, recording and auditing capabilities.

    3. IBM Security Virtual Server Protection for VMware: Offers integrated threat protection for VMware vSphere 4 that provides security for every layer of the virtual infrastructure, including host, network, hypervisor, virtual machine (VM) and traffic between VMs.

    4. IBM Proventia Network Multi-Function Security: Provides protection at the gateway and network levels with six layers of preemptive security from a single solution.

    5. IBM Proventia Management SiteProtector system: Central management of security devices, policies and events to help evaluate and communicate your overall risk posture.

    6. IBM Proventia Network Enterprise Scanner: Reduces enterprise security risk by accurately identifying, prioritizing, tracking and reporting security vulnerabilities.

    7. IBM Proventia Desktop Endpoint Security: Secures desktops and laptops against known and unknown attacks by providing multilayered security in a single agent.

    8. IBM Security Content Analysis Software Development Kit: Delivering robust content inspection through a feature-rich analysis framework from IBM.

    9. IBM Tivoli Security Operations Manager: Centralizes and stores security data from throughout the technology infrastructure to improve security operations and information risk management.

  5. Given the need to propose an IBM solution design, have working knowledge of the IBM BigFix products and familiarity with related Tivoli Security products, so that the client understands the breadth and depth of the capabilities and reach of the Tivoli portfolio which can address their tactical and strategic requirements.
    With emphasis on performing the following:

    1. IBM BigFix Systems Lifecycle Management: Manage the full lifecycle of your IT assets with tasks like Asset Discovery, Patch Management, Power Management, Software Distribution, Software Asset Management and more.

    2. IBM BixFix Security Configuration & Vulnerability Management: Provide several security management tasks including Security Configuration Management, Vulnerability Management, Patch Management, Asset Discovery, and more

    3. IBM BigFix Endpoint Protection: Provides desktop and server security functions like Anti-Virus / Anti-Malware, Client Manager for Endpoint Protection, Device Control, Endpoint Firewall, Network Access Control, and more.

  6. Given an understanding of IBM Tivoli products and the customer's baseline, evaluation results and identified security opportunities, present the proposed solution based on the IBM Tivoli security framework so that the proposed solution is accepted by the customer.
    With emphasis on performing the following:

    1. Explain IBM Tivoli's current security portfolio.

      1. List the recommended IBM Tivoli security portfolio and describe the benefits.

      2. Describe the technical value of recommended IBM Tivoli security solution.

      3. Describe general security concepts related to recommended customer solution.

      4. Assess customer's skill set against recommended IBM Tivoli security solution.

      5. Explain "Best Practices" for IT processes as it relates to the solution.

      6. Create business case justification for project.

      7. Differentiate IBM security solution from competitors.

      8. Identify scope of customer's operational IT environment as it relates to the solution.

      9. Assess the potential impact to the customer's current environment.

      10. Highlight performance and availability characteristics of recommended customer's security solution.

      11. Locate the appropriate links to IBM information.

      12. Describe IBM Tivoli security products, functionality, and integration points involved in the customer solution.

  7. Given the proposed solution, develop an implementation budget plan so that the customer understands what is involved in the implementation.With emphasis on performing the following:

    1. Determine level of effort and roles from each service provider including the customer's own staff.

    2. Estimate the total level of effort for each role (i.e. implementation, solution design, project management)

    3. Document the planning and budget estimate.

  8. Given a proposed solution, determine the pricing model so that the appropriate pricing model is proposed.
    With emphasis on performing the following:

    1. Determine the usage.

    2. Determine the mode of entitlement, including licensing.

    3. Determine the pricing model for the proposed product (for example, Processor Value Unit Pricing [VUP] or (non-Monthly License Charge (MLC) licensing for Distributed Software)

    4. Propose the appropriate pricing model.

  9. Given a list of Tivoli products in the solution and results of prior and ongoing interactions with customer personnel, provide the customer with a document describing recommended education.
    With emphasis on performing the following:

    1. Gather educational materials relevant to security and compliance management requirements.

    2. Identify customer's preference for education (custom on-site versus public versus Intructor-Led online).

    3. Determine cost of education based on customer preference.

    4. Disseminate recommended educational opportunities and related materials relevant to the recommended solution.

  10. Given the proposed solution document, education recommendations, and implementation budget plan, create a transition document so that interested parties can review it.
    With emphasis on performing the following:

    1. Describe any security related examination services available, i.e. security readiness, security reviews etc.

    2. Create a transition plan with the recommended solution, services and education.

    3. Make transition plan available for interested parties.




Promotions


Connect with Us