Cyber Security for IBM Power Level 2 Quiz: Attempt review https://learn.ibm.com/mod/quiz/review.php?

attempt=1606850&cmid=199144

Started on Monday, April 11, 2022, 12:38 PM

State Finished
Completed on Monday, April 11, 2022, 1:25 PM
Time taken 46 mins 21 secs
Grade 21.00 out of 25.00 (84%)
Feedback A minimum of 19 correct answers is required to pass.
Congratulations, you passed the quiz Cyber Security for IBM Power Level 2!

Question 1

Incorrect

0.00 points out of 1.00

Your client has both IBM Power and IBM Z systems in their data center. They mention that they need to share �les between the
systems, but the �les are encrypted. Which of the following would you recommend for them?

Use the storage system’s default encryption key for all reads and writes to disk
Create a common encryption key that every system uses 

Use Guardium Key Lifecycle Manager to centrally manage keys

Use Guardium Key Manager Enterprise Edition to centrally manage keys

Question 2

Incorrect

0.00 points out of 1.00

A malicious actor is in a coffee shop and video records the person at the table beside them remotely accessing an IBM Power
system that has been setup in the enterprise’s zero trust architecture. They now have the system’s IP Address as
well as the user’s credentials. If the malicious actor tries to access the system from their laptop, will he/she be granted
access?

Yes

Only if the user has access to the Power system

No
Only if the user's credentials are also de�ned on the malicious actor's computer 

1 of 9 4/11/2022, 7:26 PM
Cyber Security for IBM Power Level 2 Quiz: Attempt review https://learn.ibm.com/mod/quiz/review.php?attempt=1606850&cmid=199144

Question 3

Correct

1.00 points out of 1.00

You are meeting with Maddie at General Hospital (GH) and they are rolling out iPads for all medical professionals to use to access
and enter patient data. Maddie is concerned about someone stealing an iPad and gaining access to all of the patient data. You
tell Maddie that access in a Zero Trust environment is only granted if the signal sent is authorized. To ensure that the signal will
not allow access to non GH medical staff, you tell her that she needs to ensure that:

The application uses a common userid and password

The application needs to run as root to check privileges for the users
All users must authenticate on the iPad using multifactor authentication 

The iPads connect to the private hotel network via a secret port so they cannot be used outside the hospital

Question 4

Correct

1.00 points out of 1.00

Zero Trust is built around the following six elements:

Identities, Devices, Applications, Infrastructure, Data, Applications 

Identities, Devices, Signal, Infrastructure, Data, Applications

Signal, Decision, Enforcement, Identities, Devices, Data
Identities, Devices, Signal, Decision, Enforcement, Data

Question 5

Incorrect

0.00 points out of 1.00

You are talking about application security to your client, and they say that their Power system is very secure, so why is
application security so important? You tell them that:

Applications are the leading cause of breaches by a wide margin - More than twice the next leading cause. Attacks searching
for these vulnerabilities are also widespread. The typical application can expect to see thousands or millions of attacks each
month.
Applications typically always have a debug userid, and if the credentials for that ID is used, the application can be taken 
over.
All applications leave open backdoors (i.e. ports, etc.) for debugging, so they are all vulnerable
Application security is only important for mobile apps, not enterprise apps running on IBM Power

2 of 9 4/11/2022, 7:26 PM
Cyber Security for IBM Power Level 2 Quiz: Attempt review https://learn.ibm.com/mod/quiz/review.php?attempt=1606850&cmid=199144

Question 6

Correct

1.00 points out of 1.00

You are presenting SafeGuarded copies to one of your clients, PTG Bank. Paul, the CISO, is impressed that SafeGuarded copies
ensure that he can always recover even if his system is attacked by Ransomware. He then says "if I can always recover, why
should I spend money, time, and effort on securing the system"? You answer that:

Ransomware is the most predominant attack currently, so this will protect you from the most costly and predominant attack
type. Are you ready to buy Cyber Vault now?
While Ransomware is the most expensive and predominant attack type today, a data breach is not far behind. You need 
to secure your system and data to prevent these as well.
SafeGuarded copies are all the protection you need to keep your data safe. Are you ready to buy the storage system now?
IBM Power is so secure that you do not need to worry about any other attack, so you are right.

Question 7

Correct

1.00 points out of 1.00

The Zero Trust architecture is built around the following:

User, Device, Signal

User, Signal, Decision
Signal, Decision, Enforcement 

User, Workload, System

Question 8

Correct

1.00 points out of 1.00

While talking to an IBM Power client you hear them say that they are not using any form of encryption because it causes too
much of a performance impact. You immediately tell them that:

They can add GPUs to their server to offload some of the load of the encryption
The Power system includes cryptographic accelerators making encryption a zero cost event 

They can add more CPUs into the system to offset the load of the encryption processing
That is a wise move

3 of 9 4/11/2022, 7:26 PM
Cyber Security for IBM Power Level 2 Quiz: Attempt review https://learn.ibm.com/mod/quiz/review.php?attempt=1606850&cmid=199144

Question 9

Correct

1.00 points out of 1.00

You are talking to a client about their move to a containerized environment, and they say that they are hard to secure. Which IBM
System would you tell them about that offers Enterprise Protected Containers, so that containers are provided the same level of
security as LPARs?

IBM Power 

IBM Z

IBM LinuxONE and IBM Z

IBM LinuxONE

Question 10

Correct

1.00 points out of 1.00

PPS is one of your banking customers running IBM Power. They need to create a failover con�guration with 2 systems in data
centers approximately 5km apart. Trevor, the CTO at PPS, asks about the security of migrating VMs from one system to the other
between data centers. You tell Trevor that:

Live Partition Mobility encrypts the partition’s data if/when it needs to be moved from one system to another
Pervasive encryption encrypts the entire partition if/when it needs to be moved from one system to another
Live Partition Mobility encrypts the entire partition if/when it needs to be moved from one system to another 

Pervasive encryption encrypts the partition’s data if/when it needs to be moved from one system to another

Question 11

Correct

1.00 points out of 1.00

Fuzz testing is de�ned as:

Making API/function calls with large amounts of random data 

Making API/function calls with a random parameter

Making API/function calls with large amounts of static data

Making API/function calls with the same parameters

4 of 9 4/11/2022, 7:26 PM
Cyber Security for IBM Power Level 2 Quiz: Attempt review https://learn.ibm.com/mod/quiz/review.php?attempt=1606850&cmid=199144

Question 12

Correct

1.00 points out of 1.00

You just presented the Zero Trust maturity model to your client, and they start asking about automation and operations. They
want to know what level they would be at if they have implemented best practices and repeatable processes. You tell them:

Intermediate 

Advanced
Preparing
Basic

Question 13

Correct

1.00 points out of 1.00

A malicious actor �nds a laptop on a table at a coffee shop. They grab the laptop and on it is a �le with the owner’s
userids and passwords for all of their web sites and also for work. If the malicious actor attempts to connect to an IBM Power
system that has been setup in the enterprise’s zero trust architecture, will he/she be granted access?

Only if the user has access to the Power system 

No
Only if the user and laptop have access to the Power system
Yes

Question 14

Correct

1.00 points out of 1.00

A client tells you that they are concerned that an attacker who gains access to their Power system can infect their system and
VMs, and that could them impact everything on their system. You tell them that the Power system:

Has a Protected Execution Facility that will stop updates to the VMs
Has an Ultravisor mode to allow you to revert back to your old VM if this happens
Supports secure virtual machines (SVMs) that are cryptographically protected at rest and at run time 

Has an Ultravisor mode that runs a validation check of all VMs at boot time

5 of 9 4/11/2022, 7:26 PM
Cyber Security for IBM Power Level 2 Quiz: Attempt review https://learn.ibm.com/mod/quiz/review.php?attempt=1606850&cmid=199144

Question 15

Correct

1.00 points out of 1.00

Which IBM system provides the ability for data to remain encrypted in memory?

IBM Z and IBM LinuxONE

IBM Power 

IBM LinuxONE
IBM Z

Question 16

Correct

1.00 points out of 1.00

You are meeting with a client and ask about their cyber resiliency requirements. They say that they are very worried about a
ransomware attack. You should tell them that according to a recent survey, breaches at organizations with advanced Zero Trust
deployments were less costly than at organizations without Zero Trust by:

$4.5M US

$3.4M US
$1.76 M US 

$3.81M US

Question 17

Correct

1.00 points out of 1.00

While talking to Trevor at PPS Inc you mention that there are multiple levels of data encryption. Trevor asks what these levels
are, and you answer:

Tape, Disk, memory, CPU

Full disk/tape, network interconnect, �le and data set, database, application 

Network, Tape, Disk, memory CPU

Tape, disk, network interconnect, �le and data set, database, application

6 of 9 4/11/2022, 7:26 PM
Cyber Security for IBM Power Level 2 Quiz: Attempt review https://learn.ibm.com/mod/quiz/review.php?attempt=1606850&cmid=199144

Question 18

Correct

1.00 points out of 1.00

When a user attempts to access an element in the Zero Trust architecture, what pieces of information are used by the Policy
Enforcement service to determine if access should be granted?

The risk for the user and device

The risk and compliance state of the device and user
The risk and compliance state of the device and the risk for the user 

The risk and compliance state of the device

Question 19

Correct

1.00 points out of 1.00

You are presenting to a client about the Zero Trust maturity model. Alyssa (the client’s CISO) says that they have every
product on the chart installed and running, and have repeatable processes and best practices. What level of maturity would that
put them at, and how should they move forward to get better?

Intermediate ZT - They need to automate the processes and best practices to move to Advanced ZT 

Basic ZT - They need IBM to certify the proper integration of the components to move to Intermediate ZT
Intermediate ZT - They need IBM to certify the proper integration of the components to move to Advanced ZT
Basic ZT - They need to automate the processes and best practices to move to Intermediate ZT

Question 20

Incorrect

0.00 points out of 1.00

A malicious actor (Des) �nds a laptop in a coffee shop containing a �le with the owner's userIDs and passwords for work. Des
connects to an IBM Power system that has been setup in the enterprise's Zero Trust architecture and tries accessing �les. The
userID has permission on the �rst couple of �les, so Des is allowed access.When Des tries to access �les the userID does not
have access to, which parts of the Zero Trust architecture are needed to revoke access?

Visibility, Analytics, Automation, and Orchestration

Analytics and Automation

Identities, Devices, Applications, Infrastructure, Data, Applications 

Identities and Devices

7 of 9 4/11/2022, 7:26 PM
Cyber Security for IBM Power Level 2 Quiz: Attempt review https://learn.ibm.com/mod/quiz/review.php?attempt=1606850&cmid=199144

Question 21

Correct

1.00 points out of 1.00

You are meeting with a client and ask about their cyber resiliency requirements. They say that anyone on their corporate network
can access any system, across the enterprise. You mention that over 30% of attacks come from someone inside the �rewall, and
introduce the Zero Trust approach as cutting off all access until the systems know:

Who you are and if you are authorized 

If the request is coming from inside or outside the �rewall

If the data is sensitive or not
Where the request is coming from

Question 22

Correct

1.00 points out of 1.00

© Copyright IBM Corporation 2022 Course materials may not be reproduced in whole or in part without the prior written
permission of IBM.
It is 3am and your phone keeps ringing. It is Paul, the CISO at PTG Bank and he sounds worried. PTG bank was migrating some
systems from one data center to another, and their DS8000 storage system has gone missing. This storage system is normally
connected to their IBM Power System and stores and manages all ATM, teller, online banking, and credit card transactions. Paul
has a backup of the data, but is concerned that the data could fall into the wrong hands. You remind Paul that:

The data can only be accessed by an IBM Power system, so he should be OK

When IBM helped PTG setup the system they turned on pervasive encryption, so the data is safe since no one outside 
PTG Bank has their encryption key
When IBM helped PTG setup the system they turned on pervasive encryption, so the data is safe since only IBM and PTG
Bank knows the storage systems default encryption key
This is not IBM's responsibility since IBM was not managing the move, so IBM is not liable if the data is exposed

Question 23

Correct

1.00 points out of 1.00

System level security is built around:

Maintaining the isolation and integrity of the hardware and �rmware, Operating System, and workloads 

Ensuring isolation between all workloads on the system

The runtime veri�cation of all workload �les
Ensuring isolation between all workloads on the system

8 of 9 4/11/2022, 7:26 PM
Cyber Security for IBM Power Level 2 Quiz: Attempt review https://learn.ibm.com/mod/quiz/review.php?attempt=1606850&cmid=199144

Question 24

Correct

1.00 points out of 1.00

A client tells you that they are concerned that an attacker who gains access to their system can infect their �rmware and that
could them impact everything on their system. You tell them that the Power system can detect this during a:

Trusted Startup
Secure Startup
Secure Boot 

Trusted Boot

Question 25

Correct

1.00 points out of 1.00

In a Zero Trust architecture, which elements make up the Signal?

User + Workload
User + Network

User + Device 

Workload + Device

9 of 9 4/11/2022, 7:26 PM