Which IPsec mechanism provides confidentiality for network traffic?
Answer : C
An administrator has applied patch 120543-02 to a server. Unfortunately, this patch is causing compatibility problems with one of the core applications running on that server.
The patch needs to be backed out to solve the application problems. Which command performs the uninstallation of this patch?
Answer : D
Which are two advantages of the Service Management Facility compared to the init.d startup scripts? (Choose two.)
Answer : A,B
Which action can a system administrator with the solaris.smf.modify.sendmail authorization execute?
Answer : D
You suspect that the /usr/bin/ls binary on a system might have been replaced with a
"Trojan horse." You have been able to determine that the correct MD5 checksum for the real /usr/bin/ls binary is: md5 (/usr/bin/ls) = b526348afd2d57610dd3635e46602d2a Which standard Solaris command can be used to calculate the MD5 checksum for the /usr/bin/ls file?
Answer : E
Click the Exhibit button.
You maintain a minimized and hardened web server. The exhibit shows the current credentials that the web server runs with. You receive a complaint about the fact that a newly installed webbased application does not function. This application is based on a
/bin/ksh cgi-bin script. What setting prevents this cgi-bin program from working?
Answer : B
Click the Task button.
When a user logs into a Solaris 10 system, a default project for the use is located.
Place the locations in the order in which the Solaris OS searches for the users default project.
Drag and drop question. Drag the items to the proper locations.
Answer :
A Solaris 10 system has IP Filter enabled and configured. A section of the /etc/ipf/ipf.conf configuration file is reported below: block return-rst in quick proto tcp from any to any port =
23 flags S block return-icmp (port-unr) in proto udp from any to any port > 3000 Which two statements are true? (Choose two.)
Answer : B,E
Which two statements are true about roles in the Solaris 10 OS? (Choose two.)
Answer : A,B
A system administrator wants to remove most of the basic privileges for ordinary users and adds the following line to the appropriate configuration file to achieve this:
PRIV_DEFAULT=basic,!proc_info,!proc_session,!
file_link_any It would be shorter to list the two remaining privileges specified in Solaris 10.
Should the administrator have written this instead?
PRIV_DEFAULT=proc_exec,proc_fork
Answer : C
A security administrator has been asked to construct a Solaris Security Toolkit security profile (that is, driver) to enable Solaris Auditing. If the security administrator starts with the secure.driver profile, which Finish script must be added to enable Solaris Auditing?
Answer : A
Which two statements about the digest and mac commands are true? (Choose two.)
Answer : A,B
The company you work for is leasing zones to customers to run their applications in. You want each customer to be able to run the zoneadm command to start their zone in case of accidental shutdown, and also zlogin so they can access the console of their zone. Which are three reasons why you should NOT create accounts for them in the global zone and grant them the Zone Management profile? (Choose three.)
Answer : B,C,D
In which location is the signature for a signed binary found?
Answer : A
Which two tasks can you perform using the Audit facility? (Choose two.)
Answer : C,E