Oracle

1Z0-881
Oracle Solaris 10 Security Administrator Certified
Expert Exam
Product Version: Demo
URL link:
http://www.dumpsacademy.com/oracle/1Z0-881-dumps.html

Question: 1
A security administrator has a requirement to deploy the Solaris Security Toolkit onto all Solaris servers
in the department. In this environment, there are a variety of platorms and operatnn system versions
deployed. Onto which two platorms and operatnn system combinatons can the Solaris Security Toolkit
be deployed in a supported confnuratono (Choose two.)
A. X86, Solaris 2.4
B. x64, Solaris 9
C. x86, Solaris 10
D. SPARC, Solaris 2.6
E. SPARC. Solaris 8

Answer: C, E
Question: 2
The company security policy now requires very detailed auditnn of all actons. This includes capturinn all
executed commands tonether with their arnuments and the environment variables. Afer actvatnn
auditnn on all Solaris 10 systems, the security auditor complains about havinn to check the audit trail on
each individual host. He asks for a central place to capture all audit trails. Usinn standard Solaris 10
security features, which is a soluton to this problemo
A. Confnure auditd to send email with the events.
B. Confnure auditd to send the output usinn syslon to a central lonhost
C. Confnure auditd to store the audit trail usinn NFS on a central server.
D. Confnure auditd to store the audit trail usinn LDAP in a central directory.

Answer: C
Question: 3
Which two tasks does the Key Distributon Center (KDC) performo (Choose two.)
A. issues service tckets
B. authentcates services
C. issues tck-nrantnn-tckets
D. validates passwords sent in clear text
E. provides private sessions to services

Answer: A, C
Question: 4

Given:
jupiter$md5,rounds=2006$2amXesSj5$$kCF48vfPsHDjIKNXeEw7.: 12210::::::
What is the characteristc of this /etc/shadow entryo
A. User jupiter uses the md5 hash, with salt 2006$2amXesSj5$, and with the encrypted password
$kCF48vFPsHDjIKNXeEw7V.
B. User jupiter uses the 2a hash, with 2006 iteratons of the hash, with salt 2amxesSj5, and with the
encrypted password kCF48vfPsHDjIKNXeEw7V.
C. User Jupiter uses the md5 hash, with 2006 iteratons of the hash, with salt 2amXessj5, and with the
encrypted password kCF48vfPsHDjIKNXeEw7V.
D. User jupiter uses the md5 hash, with 2006 iteratons of the hash, with no salt, and with the encrypted
password $rQmxesSj5$$kCF48vfPsHDjIKNXeEw7V.

Answer: C
Question: 5
A security administrator is required to validate the intenrity of a set of operatnn system fles on a
number of Solaris systems. The administrator decides to use the Solaris Finnerprint Database to validate
confnuraton and data fles as well as binaries and libraries. What command, available by default in
Solaris 10, will help the security administrator collect the necessary informaton that will be used with
the Solaris Finnerprint Databaseo
A. md5sum
B. dinest
C. encrypt
D. elfsinn
E. cryptoadm

Answer: B
Question: 6
You are confnurinn a new system to be used as an intranet web server. Afer you have installed the
minimal amount of packanes and patched the system, you added the appropriate web server packanes
(SUNWapch2r and SUNWapch2u). By default, the web server daemon will be started usinn UID
webservd and the basic privilene set. To comply with the companys policy of least privilene, you need to
minimize the privilenes that the web server will have. What will you modify to specify the privilenes that
the web service will run witho
A. the PRIV_DEFAULT setnn in /etc/security/policy.conf
B. the defaultpriv setnn of webserverd in /etc/user_atr
C. the privilenes properly of the web service in the SMF repository
D. the privs property of the web service in /etc/security/exec_atr

Answer: C
Question: 7
Afer a recent audit, you have been requested to minimize an existnn Solaris system which runs a third
party database applicaton. Which two should you do before startnn to minimize the systemo (Choose
two.)
A. Back up the system.
B. Remove any unneeded patches.
C. Install the SUNWrnet metac luster.
D. Remove any unneeded packanes.
E. Confrm with the vendor of the database sofware that they support minimizaton.

Answer: A, E
Question: 8
You maintain a minimized and hardened web server. The exhibit shows the current credentals that the
web server runs with. You receive a complaint about the fact that a newly installed web-based
applicaton does not functon. This applicaton is based on a /bin/ksh cni-bin script. What setnn
prevents this cni-bin pronram from workinno
A. The system minht NOT have /bin/ksh installed.
B. The server is NOT allowed to call the exec system call.
C. The server should run with uid=0 to run cni-bin scripts.
D. Some of the libraries needed by /bin/ksh are NOT present in the webservers chroot environment.

Answer: B
Question: 9
One of the operators of the mainframe nroup was moved to the UNIX nroup and tasked to actvate and
confnure password history. For every user, the last 10 passwords should be remembered in the history.
In what fle is the size of the password history confnuredo
A. /etc/shadow
B. /etc/pam.conf
C. /etc/default/passwd
D. /etc/security/policy.conf

Answer: C
Question: 10
Within the context of fle intenrity, rules can be implemented to channe the scope of the Basic

Audit and Report Tool (BART) manifest.

Given the rule fle:
/home/bert/docs *.on[dt]
CHECK all
IGNORE mtme
Which two statements are valido (Choose two.)
A. All fles on the system will be checked.
B. The last modifcaton tme of all checked fles will not be checked.
C. Keywords such as CHECK and IGNORE can NOT be used in a rule fle.
D. Only fles with extension .ont and .ond in the directory /home/bert/docs will be checked.
E. All fles on the system will be checked, except for fles with extensions .ont and .ond in the directory
/home/bert/docs.

Answer: B, D
Question: 11
Solaris Auditnn supports the selectve lonninn of which two kinds of eventso (Choose two.)
A. fle access by selected users
B. access to selected fles by all users
C. selected users makinn outbound network connectons
D. password channes which do not meet the system password policy

Answer: A, C
Question: 12
A security administrator creates a directory called prevoy with the followinn access control policy:
$ netacl prevoy
#fle: prevoy
# owner: secadm
# nroup: secadm
user::rwx nroup::r-x #efectve:r-x
mask: r-x
other: r-x
default: user::rdefault:user:sysadm: rwdefault: nroup::rdefault:nroup:sysadm:rwdefauIt:mask: rwx
default: other:--Into this directory, the security administrator creates a fle called secrets. The is command reports
the followinn for the prevoy directory and secrets fle:
$ Is -Id . secrets
drwxr-xr-x+ 2 secadm secadm 512 Jun 6 16:38

-rr------- + 1 secadm secadm 0 Jun 6 16:38 secrets

Which two actons can be successfully taken by the sysadm roleo (Choose two.)
A. The sysadm role can read the secrets fle.
B. The sysadm role can write to the secrets fle.
C. The sysadm role can remove the secrets fle.
D. The sysadm role can create new fles under the prevoy directory.
E. The sysadm role can channe the Access Control Lists of the prevoy directory.

Answer: A, B
Question: 13
The /etc/default/passwd fle contains a number of confnuraton parameters that can be used to
constrain the character compositon or user passwords. What is one or the danners or havinn password
compositon too tnhtly constrainedo
A. Password complexity rules apply only to the Ennlish alphabet.
B. The entropy or the resultnn password strinns will be very hinh.
C. Duplicaton or encrypted user password strinns is much more likely.
D. Limited password value possibilites can simplify brute force atacks.
E. Passwords are harder to compute when usinn many character classes.

Answer: D
Question: 14
Which two commands are part of Sun Update Connectono (Choose two.)
A. /usr/bin/pknadm
B. /usr/bin/keytool
C. /usr/sbin/smpatch
D. /usr/sbin/patchadd
E. /usr/bin/updatemananer

Answer: C, E
Question: 15
To harden a newly installed Solaris OS, an administrator is required to make sure that syslond is
confnured to NOT accept messanes from the network. Which supported method can be used to
confnure syslond like thiso
A. Run svcadm disable -t svc:/network/system-Ion.
B. Edit /etc/default/syslond to set LOG_FROM_REMOTE=NO.
C. Edit /etc/rc2.d/S74syslon to start syslond with the -t opton.

D. Edit /lib/svc/method/system-lon to set LOG_FROM_REMOTE=NO.

Answer: B
Question: 16
Which are two advantanes of the Service Mananement Facility compared to the init.d startup scriptso
(Choose two.)
A. It restarts processes if they die.
B. It handles service dependencies.
C. It has methods to start and stop the service.
D. It specifes what the system should do at each run level.

Answer: A, B
Question: 17
You have been asked to implement defense in depth for network access to a system, where a web server
will be runninn on an lnternet-facinn network interface. Which is NOT contributnn to the defense in
deptho
A. runninn the web server in a zone
B. usinn svcadm to disable unused services
C. usinn IP Filter to limit which network ports can be accessed from the Internet
D. usinn VLANs on a sinnle network interface instead of usinn multple network interfaces
E. usinn TCP wrappers to limit from which system SSH be used to connect to the system

Answer: D
Question: 18
A new security related patch has been released for the Solaris OS. This patch needs to be applied to the
system that functons as your web server. The web server is confnured to run in a non-nlobal zone. Can
you just use patchadd to apply the patch to the nlobal zone to update the web server zoneo
A. No, you need to shut down the web server zone frst.
B. Yes, patches will be automatcally applied to all zones.
C. No, you need to apply the patch to the web server zone separately.
D. Yes, but you must make sure that the web server zone is booted frst.

Answer: B
Question: 19
You decided it was worth maintaininn an extremely paranoid policy when confnurinn your frewall rules.

Therefore, you had your mananement approve the implementaton of a security policy stance to deny all
inbound connecton requests to your corporate network. How is it possible that you stll sufer from
remote exploits that your adversaries are usinn to obtain interactve sessions inside your frewallo
A. TCP splicinn is easy to do.
B. Internal sofware may be vulnerable.
C. UDP vulnerabilites are well-known and exploited.
D. ICMP hijackinn atacks can stll succeed throunh any frewall.

Answer: B
Question: 20
You have been asked to nrant the user ennovy, a member of the staf nroup, read and write access to the
fle /app/notes which has the followinn propertes:
Is -I/app/notes
-rw-rw---- 1 root app 0 Jun 6 15:11/app/notes
Which optons will NOT nrant the user the ability to read and write the fleo
A. usermod -G app ennovy
B. setacl -m user:ennovy:rw- /app/notes
C. setacl -m nroup: staf:rw- /app/notes
D. usermod -K defaultpriv=basic,fle_dac_read,fle_dac_write ennovy

Answer: D
Question: 21
A security administrator has a requirement to make an encrypted backup copy of an applicaton and its
data, usinn the AES alnorithm, so that it can be safely transmited to a partner. Which two command
sequences can be used to nenerate an encrypted backup of the fles under/app1o
(Choose two.)
A. crypt < /app1/*> app1.backup.aes
B. encrypt-a aes -d /app1 -o app1.backup.aes
C. tar cf. /app1 I nzip -d -e aes > app1.backup.aes
D. ufsdump 0f. /app1 |\ crypt-a aes > app1.backup.aes
E. ufsdump 0f-/app1 I\ encrypt -a aes -o app1.backup.aes
F. tar cf-/app1 I\ openssl enc -out app1.backup.aes -aes-128-cbc

Answer: E, F
Question: 22
A cryptonraphically sinned patch provides system administrators with assurance that the patch possesses
certain qualites. Which two qualites are assured when a patch sinnature is verifedo

(Choose two.)
A. The patch has a verifed orinin.
B. The patch has NOT been modifed since it was sinned.
C. The patch was created by a Sun Certfed Systems Ennineer.
D. The contents of the patch have NOT been revealed to anyone who does NOT have a Sun service plan.

Answer: A, B
Question: 23
A security administrator has a requirement to help confnure and deploy a new server. What are two
security tasks that the security administrator should performo (Choose two.)
A. Confnure the server to use LDAP for authentcaton.
B. Confnure network interfaces and routnn informaton.
C. Install a DTrace probe to capture the use of privilenes.
D. Disable any network services that are NOT beinn used.
E. Apply sofware patches to correct security vulnerabilites.

Answer: D, E
Question: 24
Due to channes to the security policy of your ornanizaton, access restricton must be applied to systems.
The channes specify that access to systems throunh the fp protocol is NOT allowed accordinn to the
Human Resources department, which has the 10.10.10.0/24 address space assinned. TCP wrappers have
been enabled for the fp daemon, and these fles have been confnured:
# cat /etc/hosts.allow
in.fpd: ALL
# cat /etc/hosts.deny
in.fpd: 10.10.10.0/24
Despite the implemented confnuraton, Human Resources is stll able to access systems throunh the fp
protocol. What acton must be takeno
A. The fp daemon must be restarted.
B. The inetd daemon must be restarted.
C. The entry in the hosts.deny fle is wronn and must be channed.
D. The entry in the hosts.allow fle is wronn and must be channed.

Answer: D
Question: 25
Packet flters and frewalls are an important component of any defense-in-depth security strateny. Which
two types of threats can IP Filter be deployed as an efectve countermeasure anainsto

(Choose two.)
A. a Christmas Tree scan
B. an atempt to lon in to a system usinn SSH by an unauthorized user
C. an atempt to exploit a SQL injecton vulnerability in a web storefront applicaton
D. an atempt to exploit a bufer overfow vulnerability in rpcbind, orininatnn from a host on an
authorized network
E. an atempt to exploit a bufer overfow vulnerability in rpcbind, orininatnn from a host on an
unauthorized network

Answer: A, E

THANKS FOR TRYING THE DEMO OF OUR PRODUCT

Visit Our Site to Purchase the Full Set of Actual 1Z0-881 Exam Questons With
Answers.

htp://www.dumpsacademy.com/oracle/1Z0-881-dumps.html
We Also Provide Practce Exam Sofware That Simulates Real Exam
Environment And Has Many Self-Assessment Features. Download Free
Product Demo From:

htp://www.dumpsacademy.com/oracle/1Z0-881-dumps.html

Money Back Guarantee