Sie sind auf Seite 1von 232
Front cover Certification Study Guide: IBM Tivoli Compliance Insight Manager V8.5 Axel Buecker Frank Muehlenbrock

Front cover

Front cover Certification Study Guide: IBM Tivoli Compliance Insight Manager V8.5 Axel Buecker Frank Muehlenbrock Murat

Certification Study Guide:

IBM Tivoli Compliance Insight Manager V8.5

Axel Buecker Frank Muehlenbrock Murat Yildiz
Axel Buecker
Frank Muehlenbrock
Murat Yildiz
Manager V8.5 Axel Buecker Frank Muehlenbrock Murat Yildiz Developed specifically for Tivoli Compliance Insight Manager

Developed specifically for Tivoli Compliance Insight Manager

Developed specifically for Tivoli Compliance Insight Manager Explains the certification path and prerequisites Includes

Explains the certification path and prerequisites

Manager Explains the certification path and prerequisites Includes sample test questions and answers ibm.com

Includes sample test questions and answers

Manager Explains the certification path and prerequisites Includes sample test questions and answers ibm.com /redbooks
Manager Explains the certification path and prerequisites Includes sample test questions and answers ibm.com /redbooks
International Technica l Support Organization Certification Study Guide: IBM Tivoli Compliance Insight Manager V8.5

International Technical Support Organization

Certification Study Guide:

IBM Tivoli Compliance Insight Manager V8.5

September 2008

SG24-7664-00

Note: Before using this information and the product it supports, read the information in “Notices” on page vii.

First Edition (September 2008)

This edition applies to Version 8.5 of IBM Tivoli Compliance Insight Manager.

© Copyright International Business Machines Corporation 2008. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

Contents

Notices

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

vii

Trademarks

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. viii

. The team that wrote this book

Preface

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.ix

.ix

Become a published author

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.xi

Comments

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.xi

Chapter 1.

 

Certification overview

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

1

1.1 IBM Professional Certification Program

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2

1.1.1 Benefits of certification

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3

1.1.2 Tivoli Software Professional Certification

 

4

1.2 IBM Tivoli Compliance Insight Manager V8.5 certification

.

.

.

.

.

.

.

.

.

.

.

.

.

7

1.2.1 Job description and target audience

 

7

1.2.2 Key areas of competency

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

8

1.2.3 Required prerequisites

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

8

1.2.4 Test 937 objectives

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

9

1.3 Recommended educational resources

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

31

1.3.1

Courses.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

32

Chapter 2.

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

39

2.1 Overview .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

40

2.2 Product architecture

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

42

2.2.1 Tivoli Compliance Insight Manager cluster

 

43

2.2.2 Tivoli Compliance Insight Manager Enterprise Server

 

43

2.2.3 Tivoli Compliance Insight Manager Standard Server

 

45

2.2.4 Actuators

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

45

2.2.5 Management Console

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

46

2.2.6 The iView Web portal

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

48

2.2.7 Databases .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

48

2.2.8 Component architecture

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

50

2.3 Product processes.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

51

2.3.1 Collection

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

53

2.3.2 Mapping and loading.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

61

2.3.3 Data aggregation and consolidation

 

72

2.3.4 Reporting and 2.4 .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

72

75

Chapter 3.

 

Installation.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

77

3.1 Planning of the installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

78

3.1.1 Supported software and operating systems

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

78

3.1.2 Network traffic requirements

 

80

3.1.3 Centralized user management

 

80

3.2 Installation of Tivoli Compliance Insight Manager

 

81

3.2.1 Security Server installation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

81

3.2.2 Installation of Tivoli Compliance Insight Manager Standard Server . 82

3.2.3 Installation of Tivoli Compliance Insight Manager Enterprise Server 88

3.2.4 Registering a Standard Server with the Enterprise Server 3.3 .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

88

90

Chapter 4.

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

91

4.1 Auditing settings for the Windows platforms

 

92

 

4.1.1 Auditing settings for the Windows Security log

 

92

4.1.2 Active Directory audit policy

 

93

4.1.3 File server settings: Object access auditing

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

96

4.2 Auditing settings for UNIX-based platforms

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

102

 

4.2.1

Configuration of the auditing settings on an AIX

 

102

4.3 Configuring the new event sources

 

103

 

4.3.1 Create the GEM database

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

103

4.3.2 Create system group and add Windows

 

104

4.3.3 Add event sources

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

110

4.4 Installing an Actuator on a target machine

 

116

4.5 Configuration of the audit policy (W7 groups and rules)

 

119

 

4.5.1 Adding User Information Sources (UIS)

 

119

4.5.2 Configuring a new policy with W7 rules

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

127

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

142

4.5.3 Load the database 4.6 .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

Chapter 5. Performance tuning and problem

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

150

151

5.1 Problem determination

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

152

 

5.1.1 Problem determination of installation errors

 

152

5.1.2 Problem determination of operation errors

 

156

5.2 Troubleshooting using log files

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

158

 

5.2.1

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

158

5.3 Diagnostic and performance

.

5.3.1

Dynamical Tracing

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

176

176

. 5.4 The Management Console 5.5 .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

177

178

Chapter 6.

Administration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

179

6.1

Administration of a Tivoli Compliance Insight Manager environment

 

180

6.1.1 Management Console

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

180

6.1.2 Primary administration responsibilities

 

181

6.2

Reporting.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

183

6.2.1 iView reporting application

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

186

6.2.2 Log Manager .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

188

6.2.3 Policy Generator

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

188

6.2.4 Scoping

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.