The Strategic Elements Flashcards
What are the three elements of the value proposition for IBM Cloud?
- Open Hybrid Cloud
- Security Leadership
- Enterprise grade
Explain Business Framing
- Aligns your vision and desired business outcomes
- Confirm executive sponsor, product owner
- Select candidate app workloads
What are the 6 stages of IBM garage client journey?
- Business Framing
- Technical Discovery
- Design Thinking
- Architecture
- Minimum Viable Product build
- Build Out
What is the IBM garage methodology?
A single seamless set of proven agile practices that integrate user experience, implementation & cultural change to guide solutions from idea to enterprise scale adoption
Explain Technical Discovery
- Explore technical areas of interest and nonfunctional requirements, for example applications, security, integration, and edge
- Recommend technical next steps and further discovery as needed to build proposal
Explain Design Thinking
- Business and IT alignment on user experience to meet your business outcome
- Identification of risks and assumptions in your modernization approach such as data security
- A series of minimum viable products and agreement on the next MVP experiment
Explain Architecture (IBM Cloud)
- Define a secure minimum viable architecture that mitigrates risk
- Architect and create an implementation roadmap for a hybrid, multicloud platform and DevOps adoption
Explain Minimum Viable Product Build
- Modernize, deploy and test application on the cloud environment
- Test hypothesis using learning-driven production release against the state business outcome
Explain Build Out
- Iterate across multiple minimum MVPs, refine solution until you achieve the stated business out come
- Become self-sufficient in achieving business results with the IBM Garage Method
- Scale production environment and applications
Why use IBM Cloud for Financial Services?
Only public cloud platform with the framework in place to support regulatory workloads with automated security and industry leading encryption service
What is unique about keep-your-own-key (KYOK)?
Only the IBM Cloud Hyper Protect Crypto Services offering features keep your own key encryption capabilities back by the highest level of security certification FIPS 140-2 Level 4- commercially available
What is the IBM Cloud Framework for Financial Services?
- VMware
- Cloud Native
- Red Hat Open Shift
Explain IBM’s secure and enterprise-grade public cloud
has extensive service deployment options like VMware and Red Hat OpenShift as a service
Why use IBM Cloud for VMware Regulated Workloads?
- Effectively implement and govern security controls in the cloud
- Ensure auditing of all cloud administration
- Protect business critical data assets
- Prioritize meeting IT compliance for various national or industrial entities
What do clients gain with IBM Cloud for VMware Regulated Workloads?
Rapid scalability
Deployment in global data centers
Disaster recovery
Backup & Security
Compliance Solutions
The IBM Cloud for VMware Regulated Workloads uses what policy for framework?
IBM Cloud for Financial Services Policy
which deploys a shared-responsibility model for implementing controls
Name the key attributes and enabling technologies of IBM Cloud for VMware Regulated Workloads
Isolation
Access Restrictions- IAM, Role Based Admin
Policies
Encryption - Key management (BYOK & KYOK)
Compliance
Backup and Data Recovery
Management
Why use IBM Cloud Security Portfolio?
You can:
Manage Access
Protect Data
Gain Visibility-
Optimize Operations
Explain Manage Access as it pertains to IBM Cloud Security
when you create secure cloud enabled solutions you must enable identity and access management so that you can authenticate and authorize a user.
when you’re using infrastructure from the cloud it’s important to manage the identities that are associated with privileged activities, such as tasks done by cloud administrators
You also must track the activities of the people who are involved in development and operations.
You must also manage user and customer access to your cloud applications
Explain Protecting Infrastructure, Application, and Data as it pertains to IBM Security Cloud
In traditional data centers you must provide tenant- specific network and isolation to protect the cloud infrastructure
For application protection you must design a secure development and operation process ( SecDevOPs or DevSecOps) * process includes steps to manage vulnerabilities in VMs, container, and application code
For data protection, your solution must cover techniques to encrypt data at rest, such as files, objects, and storage
* must also include steps for how to monitor data activity and processes to verify and audit data that is outsource
Explain Gain Visibily as it pertains to IBM Securtiy Cloud
You need end to end visibility and integration of security processes and tooling throughout your organization
- You can build improved security and visibility into virtual infrastructure by collecting and analyzing logs in real time across the various components and services in cloud
What two environments can you implement security monitoring and intelligence?
IBM Cloud Foundry Environment - multi tenant public cloud instance
IBM Cloud Kubernetes Service Environment - multi tenant control plane and a single tenant compute node
Explain the architecuture of Security on the cloud
Identity and Access Application Security - App Scanning, Threat Protection Data Security- Activity Monitoring Infrastructure Security Security Intelligence
To secure data protection, what should you consider?
Data Encryption
Block and File Storage
Key Management Services (KMS)
Security Key Lifecycle Manager (SKLM)
Object Storage
Data Services
Certificate Management
Crypto Services
What does data integrity refer to?
maintaining and assuring the accuracy and consistency of data over its entire lifecycle
What does hashing data mean?
It allows you to detect unauthorized modifications that have been made into data
Used for data at rest ( such as rows in the table of a database) or for data in motion
Give an example of hashing data
When data is stored in a database, you can generate a hash for the row of a table and store the hash value. If a row is tampered with by modifying a field in the row, a comparison with the previously generated hash value will indicate someone has tampered with the data
In the IBM Cloud catalog, database-related services will have what?
built in data integrity capabilities
In IBM Cloud Object Storage what combinations of encryption and data integrity algorithms are supported?
RC4-128 encryption with MD5-128 Hash for data Integrity
AES-128 encryption with MD5-128 Hash for data integrity
IBM DB2 Hosted has what?
the same enterprise data integrity controls in place as IBM DB2.
It provides entity and referential integrity
Explain IBM Security Guardium
provides integrated data classification capabilities and a seamless approach to finding, classifying, and protecting your most critical data.
Why Use IBM Secure DevOps?
Secure Engineering
Secure Deployment and Operations
Separation of Duties
Availability and Business Continuity Management
Security Evaluation and Learning
Why IBM Security Policy and Governance Approach
IBM builds security into its cloud solutions and meets strict governmental and industry security guidelines and policies
What are IBM Cloud Paks?
package of one or more enterprise-grade, secure and lifecycle manage IBM Certified Container Offerings
Runs on a Red Hat Kubernetes-based OpenShift Container Platform base layer
Why use Cloud Paks?
Cloud Paks are an open, faster, more reliable way to build, deploy and run applications on hybrid cloud
Help streamline development task and reduce operational expenses, help improve business agility
Cloud Paks run anywhere, are open and secure, and are consumable
Features of Red Hat OpenShift
Enterprise grade- not subjet to continual community updates
Fully supported by Red Hat to run anywhere
Capable of supporting deployment on any infrastructure from mainframes to commercial public clouds
How many cloud paks does IBM offer?
six
Explain IBM Cloud Pak for Security
Delivers the next generation of Security threat Management platform that will enable managed security service providers (MSSPs) to scale their business
Provides an open secure platform by which users can access security data across different tools, clouds and IT environments
Explain IBM Cloud Pak for Applications?
Enterprise ready contanerized software solution for modernizing existing applications and developing new cloud native apps that run on Red Hat OpenShift
Explain IBM Cloud Pak for Data
lets you connect to your data, govern it, and trust it. It facilitates data scaling by streamlining legacy data sources.
Gives you the ability to lift and shift your data to IBM platform
Explain IBM Cloud Pak for Integration
allows enterprises to modernize it s processes while positioning itself for future innovation.
Creates and manages APIs to help client access data in a fast and secure manner
Explain IBM Cloud Pak for MultiCloud
Runs on Red Hat OpenShift
multicluster management
event management
application management
infrastructure management
Explain IBM Cloud Pak for Automation
Lets you quickly scale up or down to meet fluctuating customer demand, create new products and increase productivity of remote and onsite workers
a complete and flexible set of integrated automation software that can be deployed whenever you need it, on any cloud.
What is the difference between a value statement and value proposition
A value statmement desribes a benefit of a product
A value proposition is the value statement that resolves a client’s needs
Supports regulatory workloads with automated security and encryption services
IBM Cloud for Financial Services
Ensures auditing of all cloud administration
IBM Cloud for VMware Solutions for Financial Services
