[Free] 2018(Jan) EnsurePass Testinsides Oracle 1z0-881 Dumps with VCE and PDF 11-20

By | January 25, 2018

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Oracle Official New Released 1z0-881
100% Free Download! 100% Pass Guaranteed!

Oracle Solaris 10 Security Administrator Certified Expert Exam

Question No: 11 – (Topic 1)

Solaris Auditing supports the selective logging of which two kinds of events? (Choose two.)

  1. file access by selected users

  2. access to selected files by all users

  3. selected users making outbound network connections

  4. password changes which do not meet the system password policy

Answer: A,C

Question No: 12 – (Topic 1)

A security administrator creates a directory called prevoy with the following access control policy: $ getfacl prevoy # file: prevoy # owner:

secadm # group: secadm user::rwx group::r-x #effective:r-x mask:r-x other:r-x

default:user::r- default:user:

sysadm:rw- default:group::r- default:group:sysadm:rw- default:mask:rwx default:other:– Into this directory, the security administrator creates a file called secrets. The ls command reports the following for the prevoy directory and secrets file: $ ls -ld . secrets drwxr-xr-x 2 secadm secadm 512 Jun 6 16:38 . -r-r— 1 secadm secadm

0 Jun 6 16:38 secrets Which two actions can be successfully taken by the sysadm role? (Choose two.)

  1. The sysadm role can read the secrets file.

  2. The sysadm role can write to the secrets file.

  3. The sysadm role can remove the secrets file.

  4. The sysadm role can create new files under the prevoy directory.

  5. The sysadm role can change the Access Control Lists of the prevoy directory.

Answer: A,B

Question No: 13 – (Topic 1)

The /etc/default/passwd file contains a number of configuration parameters that can be used to constrain the character composition of user passwords. What is one of the dangers of having password composition too tightly constrained?

  1. Password complexity rules apply only to the English alphabet.

  2. The entropy of the resulting password strings will be very high.

  3. Duplication of encrypted user password strings is much more likely.

  4. Limited password value possibilities can simplify brute force attacks.

  5. Passwords are harder to compute when using many character classes.

Answer: D

Question No: 14 – (Topic 1)

Which two commands are part of Sun Update Connection? (Choose two.)

  1. /usr/bin/pkgadm

  2. /usr/bin/keytool

  3. /usr/sbin/smpatch

  4. /usr/sbin/patchadd

  5. /usr/bin/updatemanager

Answer: C,E

Question No: 15 – (Topic 1)

To harden a newly installed Solaris OS, an administrator is required to make sure that syslogd is configured to NOT accept messages from the network. Which supported method can be used to configure syslogd like this?

  1. Run svcadm disable -t svc:/network/system-log.

  2. Edit /etc/default/syslogd to set LOG_FROM_REMOTE=NO.

  3. Edit /etc/rc2.d/S74syslog to start syslogd with the -t option.

  4. Edit /lib/svc/method/system-log to set LOG_FROM_REMOTE=NO.

Answer: B

Question No: 16 – (Topic 1)

Which are two advantages of the Service Management Facility compared to the init.d startup scripts? (Choose two.)

  1. It restarts processes if they die.

  2. It handles service dependencies.

  3. It has methods to start and stop the service.

  4. It specifies what the system should do at each run level.

Answer: A,B

Question No: 17 – (Topic 1)

You have been asked to implement defense in depth for network access to a system, where a web server will be running on an Internet-facing network interface. Which is NOT

contributing to the defense in depth?

  1. running the web server in a zone

  2. using svcadm to disable unused services

  3. using IP Filter to limit which network ports can be accessed from the Internet

  4. using VLANs on a single network interface instead of using multiple network interfaces

  5. using TCP wrappers to limit from which system SSH be used to connect to the system

Answer: D

Question No: 18 – (Topic 1)

A new security related patch has been released for the Solaris OS. This patch needs to be applied to the system that functions as your web server. The web server is configured to run in a non-global zone. Can you just use patch add to apply the patch to the global zone to update the web server zone?

  1. No, you need to shut down the web server zone first.

  2. Yes, patches will be automatically applied to all zones.

  3. No, you need to apply the patch to the web server zone separately.

  4. Yes, but you must make sure that the web server zone is booted first.

Answer: B

Question No: 19 – (Topic 1)

You decided it was worth maintaining an extremely paranoid policy when configuring your firewall rules. Therefore, you had your management approve the implementation of a security policy stance to deny all inbound connection requests to your corporate network. How is it possible that you still suffer from remote exploits that your adversaries are using to obtain interactive sessions inside your firewall?

  1. TCP splicing is easy to do.

  2. Internal software may be vulnerable.

  3. UDP vulnerabilities are well-known and exploited.

  4. ICMP hijacking attacks can still succeed through any firewall.

Answer: B

Question No: 20 – (Topic 1)

You have been asked to grant the user ennovy, a member of the staff group, read and write access to the file /app/notes which has the following properties: ls -l /app/notes -rw- rw– 1 root app 0 Jun 6 15:11 /app/notes Which options will NOT grant the user the ability to read and write the file?

  1. usermod -G app ennovy

  2. setfacl -m user:ennovy:rw- /app/notes

  3. setfacl -m group:staff:rw- /app/notes

  4. usermod -K defaultpriv=basic,file_dac_read,file_dac_write ennovy

Answer: D

100% Ensurepass Free Download!
Download Free Demo:1z0-881 Demo PDF
100% Ensurepass Free Guaranteed!
1z0-881 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.