Oracle Solaris 11 Installation and Configuration Essentials v6.0 (1z0-580)

Page:    1 / 5   
Total 79 questions

Which five steps (dealing with first boot script creation) can be omitted when working with provisioning Oracle Solaris 11 Zones and services with the appropriate Zone context?
1. Create the first-boot script.
2. Create the manifest for an SMF service that runs once at first boot and executes the script.
3. Create an IPS package that contains the service manifest and the script.
4. Add the package to an IPS package repository.
5. Install that lockage during the Automated Installer installation by specifying that package in the AI manifest.

  • A. Step l can he omitted because the first-boot script is already deployed in the Global Zone.
  • B. Step3can be omitted because Zones do not require IPS packages and can accept SVR4packages.
  • C. None of the steps canbe omitted.
  • D. Step5can be omittedbecauseZones are notinstallable using Automated Installer,yet.
  • E. Step2can be omitted because Zonesdo not have a concept of a first boot that is distinct from a Global Zone once the Global Zone is booted,the script executes for all Zones.

Answer : C

Running a Custom Script During First Boot
To perform any additional installation or configuration that cannot be done in the AI manifest or in a system configuration profile, you can create a script that is executed at first boot by a run-once SMF service.
-> Create the first-boot script.
-> Create the manifest for an SMF service that runs once at first boot and executes the script.
-> Create an IPS package that contains the service manifest and the script.
-> Add the package to an IPS package repository.
-> Install that package during the AI installation by specifying that package in the AI manifest.
The service runs and executes the script at first reboot after the AI installation.
Reference:Installing Oracle Solaris 11 Systems,Running a Custom Script During First Boot

Which command can be used to determine which apache web server packages are installed?

  • A. pkg list apache
  • B. pkg list *apache*
  • C. pkg list installed apache
  • D. pkg listallapache
  • E. pkg list all web installed

Answer : A

Explanation: To display information about software packages, refer to the following examples. No special privileges are required to display information about packages.
List the packages that are currently installed on your system:
$ pkg list -H entire
Determine whether a specific package is installed in the current image and whether an update is available.
$ pkg list amp
pkg list: no packages matching 'amp' installed

As part of an automated install of Oracle Solaris 11, a new role called "operator" is created and a password is correctly assigned, but you are not able to successfully assume this role.
What is the problem?

  • A. Youarenot accessing the role from the system console.
  • B. Your account isnot yetauthorizedto assume this role.
  • C. The "operator" role must be enabled before being used.
  • D. You must firstbe assigned the "Role User" rights profile
  • E. The "operator" role is not yet assigned a profile shell.

Answer : B

*A user can only assume roles that are assigned to the user's login account.
*After you have set up roles with default Solaris rights profiles, and assigned the roles to users, the roles can be used. A role can be assumed on the command line. In the Solaris
Management Console, a role can also be used for administering the system locally and over the network.
*How to Assume a Role in a Terminal Window
The role must already be assigned to you. The name service must be updated with that information.
-> In a terminal window, determine which roles you can assume.
-> % roles
-> Use the su command to assume a role.
-> % su -rolename
-> Password: <Type rolename password>
command changes the shell to a profile shell for the role. A profile shell recognizes security attributes (authorizations, privileges, and set ID bits).
-> Verify that you are now in a role.
-> $ /usr/ucb/whoami
You can now perform role tasks in this terminal window.

What is the difference between the default configuration for zones and an immutable zone?

  • A. Immutable zonescannot have users.
  • B. Immutable zones cannotbe modified from within the zone.
  • C. Immutable zones cannot run DTrace.
  • D. A processinanimmutable zone can see processes in other zones.

Answer : B

*Immutable Zones provide read-only file system profiles for solaris non-global zones.
*A zone with a read-only zone root is called an Immutable Zone. A solaris Immutable Zone preserves the zone's configuration by implementing read-only root file systems for non- global zones. This zone extends the zones secure runtime boundary by adding additional restrictions to the runtime environment. Unless performed as specific maintenance operations, modifications to system binaries or system configurations are blocked.
Reference:Oracle Solaris 11 Information Library,Read-Only Zone Overview

When conducting an installation using Live Media (such as the Live DVD image, for example), the system boots into console mode because the system's graphics card is not supported by the contents of the Live Media. In lieu of downloading and using the Text
Installer image, you opt to perform installation using a second system. Do both systems have to be on the same subnet in order for this method of installation to succeed?

  • A. Yes, furthermore they also have to be of the same architecture.
  • B. No, even though they must be of the same architecture.
  • C. Insufficientinformation provided with respect to how they are networked.
  • D. Yes,they both have tobe on the same subnet and moreover, have to be of the samearchitecture.
  • E. No, they do not have to be on the same subnet, and do not have to be of the same architecture.

Answer : E

Explanation: How to Install Oracle Solaris From the Live Media If Your System Boots in

Console Mode -
For this procedure, two networked systems are required: the system on which the Live
Media was booted (target system) and a remote system from which the installation will be performed. Both systems must have network access. The two systems are not required to be on the same subnet. However, the target system must be reachable from the remote system. Also, the remote system must be running an OS that supports a graphical desktop.
*If your system's graphics card is not supported by the Live Media or your system does not have a graphics card, the system boots in console mode when you insert the Live Media. In this case, you cannot perform a GUI installation.
Your two alternatives are as follows:
-> Use the text installer image instead of the Live Media ISO image.
You can run the text installer on the local console without network access.
-> Perform a remote installation
Reference:Installing Oracle Solaris 11.1 Systems,What to Do If Your System Boots in

Console Mode -

When troubleshooting the client boot process, you notice the following scenario:
What is the most likely reason for this?

  • A. This error could occur if another DHCP server is responding to the client.
  • B. This error could occur if the switch has auto-negotiation disabled.
  • C. This error could occur when you try to use a x86 Automated Installer server to boot a SPARC client.
  • D. There isan HTTP versionmismatch.
  • E. Thiscannot occur if there is no DHCP server configured yet, so you need to configure one first.

Answer : A

Explanation: Boot Load Failed -
If the AI client starts downloading the boot_archive, but then fails with the error, Boot load failed, that indicates that the client DHCP information is configured incorrectly.
Rebooting with command: boot net:dhcp - install
Boot device: /pci@7c0/pci@0/network@4:dhcp File and args:
1000 Mbps FDX Link up
HTTP: Bad Response: 500 Internal Server Error

Boot load failed -
This error could happen if another DHCP server is responding to the client. Check the
DHCP configuration for this client. If the configuration appears to be correct, determine whether there is another DHCP server in the subnet.
Reference:Installing Oracle Solaris 11 Systems,Boot Load Failed

The beadm utility ______.

  • A. can create and manage both UFS and ZFS boot environments
  • B. cannot manage boot environment snapshots
  • C. can be used only on Solaris 11 for x86 systems that use GRUB
  • D. can manage boot environments in non-global zones
  • E. cannot create a new boot environment from an inactive boot environment

Answer : B

Explanation: You can use the beadm utility to create and manage snapshots and clones of your boot environments.
Note:The following distinctions relevant to boot environment administration:
A snapshot is a read-only image of a dataset or boot environment at a given point in time.
A snapshot is not bootable.
A boot environment is a bootable Oracle Solaris environment, consisting of a root dataset and, optionally, other datasets mounted underneath it. Exactly one boot environment can be active at a time.
A clone of a boot environment is created by copying another boot environment. A clone is bootable.
Reference:Managing Boot EnvironmentsWith Oracle Solaris 11 Express,Using beadm

Utility -

When upgrading to Oracle Solaris 11 from Oracle Solaris 11 Express or Oracle Solaris 11
Early Adopter, the progress suddenly fails. Which command can you rely upon to get you to a good known state where you can still boot the Oracle Solaris 11 Express or Oracle
Snarls 11 Early Adopter images, as they were, prior to your upgrade attempt?

  • A. pkg
  • B. beadm
  • C. installadm
  • D. zfs
  • E. ifconfig

Answer : B

Explanation: If an error occurs when booting the new BE, activate and boot to the previous BE.
# beadm activate solaris
# init 6

The dladm command manages these:

  • A. NICs
  • B. VNICs
  • C. VLANs
  • D. Bridges
  • E. Routers

Answer : B,C,D

A virtual network interface created on a link or an etherstub. It is a pseudo device that can be treated as if it were an network interface card on a machine.
A VLAN datalink.
A bridge instance, identified by an administratively-chosen name. The name may use any alphanumeric characters or the underscore, _, but must start and end with an alphabetic character. A bridge name can be at most 31 characters. The name default is reserved, as are all names starting with SUNW.
*dladm administer data links
*The dladm command is used to administer data-links. A data-link is represented in the system as a STREAMS DLPI (v2) interface which can be plumbed under protocol stacks such as TCP/IP. Each data-link relies on either a single network device or an aggregation of devices to send packets to or receive packets from a network.
Each dladm subcommand operates on one of the following objects: link
A datalink, identified by a name. In general, the name can use any alphanumeric characters (or the underscore, _), but must start with an alphabetic character and end with a number. A datalink name can be at most 31 characters, and the ending number must be between 0 and 4294967294 (inclusive). The ending number must not begin with a zero.
Datalink names between 3 and 8 characters are recommended.
Some subcommands operate only on certain types or classes of datalinks. For those cases, the following object names are used: phys-link
A physical datalink.
A VLAN datalink.
An aggregation datalink (or a key; see NOTES).
A physical Ethernet datalink.
A WiFi datalink.
A virtual network interface created on a link or an etherstub. It is a pseudo device that can be treated as if it were an network interface card on a machine. iptun-link
An IP tunnel link.
A network device, identified by concatenation of a driver name and an instance number. etherstub
An Ethernet stub can be used instead of a physical NIC to create VNICs. VNICs created on an etherstub will appear to be connected through a virtual switch, allowing complete virtual networks to be built without physical hardware. bridge
A bridge instance, identified by an administratively-chosen name. The name may use any alphanumeric characters or the underscore, _, but must start and end with an alphabetic character. A bridge name can be at most 31 characters. The name default is reserved, as are all names starting with SUNW.
Note that appending a zero (0) to a bridge name produces a valid link name, used for observability. secobj
A secure object, identified by an administratively-chosen name. The name can use any alphanumeric characters, as well as underscore (_), period (.), and hyphen (-). A secure object name can be at most 32 characters.

After installing an Oracle Solaris 11 system, you execute the following command to create a data set into which several non-global zones will be installed:
What impact will this command have on any zones installed under this ZFS data set?

  • A. The zones will have encrypted swap and /tmp file systems.
  • B. The zones will not permit any move or clone operations.
  • C. The zones will be required to be "Solaris" brands only.
  • D. The zones will cache the encryption key while running.
  • E. The zones will be unable to start during system boot.

Answer : E

*Oracle Solaris 11 adds transparent data encryption functionality to ZFS. All data and file system metadata (such as ownership, access control lists, quota information, and so on) are encrypted when stored persistently in the ZFS pool.
*A ZFS pool can support a mix of encrypted and unencrypted ZFS data sets (file systems and ZVOLs). Data encryption is completely transparent to applications and other Oracle
Solaris file services, such as NFS or CIFS. Since encryption is a first-class feature of ZFS, we are able to support compression, encryption, and deduplication together. Encryption key management for encrypted data sets can be delegated to users, Oracle Solaris Zones, or both. Oracle Solaris with ZFS encryption provides a very flexible system for securing data at rest, and it doesn't require any application changes or qualification.
ZFS makes it easy to encrypt data and manage data encryption. You can have both encrypted and unencrypted file systems in the same storage pool. You can also use different encryption keys for different systems, and you can manage encryption either locally or remotely.
Reference:How to Manage ZFS Data Encryption

You are working on a system that appears to be hanging during the boot process. Which would be the course of action for determining which step in the boot process is causing the issue?

  • A. Bootthe system into single user mode, run ps -ef to determine processes thatare notrunning.
  • B. Boot the system into the "none" milestone, enable all services, then run svcs-ato determine thestate of your services, as well as check forerror messages in /var/svc/log.
  • C. Boot the system, disable all services using the "svcs disable all" command, reboot and bring up eachserviceindividually.
  • D. Interrupt the boot processbefore services are started with Stop-A or<CTRL><ALT><DELETE>.
  • E. Perform an Interactive boot, and disable services as they request startup.

Answer : B

Explanation: *Booting a system using the none milestone can be very useful for debugging startup problems. There is no equivalent run level to the none milestone.
*If problems with starting services occur, sometimes a system will hang during the boot.
This procedure shows how to troubleshoot this problem.
2.Boot without starting any services.
This command instructs the svc.startd daemon to temporarily disable all services and start sulogin on the console. ok boot -m milestone=none
2.Log in to the system as root.
3.Enable all services.
# svcadm milestone all
4.Determine where the boot process is hanging.
When the boot process hangs, determine which services are not running by running svcs - a. Look for error messages in the log files in /var/svc/log.
-> After fixing the problems, verify that all services have started.
Verify that all needed services are online.
# svcs -x
Verify that the console-login service dependencies are satisfied.
This command verifies that the login process on the console will run.
# svcs -l system/console-login:default
6.Continue the normal booting process.
Reference:How to Boot Without Starting Any Services

Which three options are features of the Oracle Solaris 11 Automated Installer?

  • A. direct reuse of Jumpstart profiles and rules
  • B. Solaris 11 Zones provisioning
  • C. Solaris 10 branded (BrandZ) Zone provisioning
  • D. directly bootable installation images
  • E. Image Packaging System (IPS) integration

Answer : B,D,E

Not A:
* Jumpstart Profiles and Rules would have to be converted to be used in Automated
Use the js2ai utility with the -r option to convert both JumpStart rules and their associated profiles to AI criteria and manifests.
*Both Solaris Custom JumpStart and Oracle Solaris Automated Installer (AI) provide hands-free installation of multiple systems on a network. Clients are booted over the network, and once the client is booted, the installer takes over.

Which term describes a read-only copy of a file system or volume, which can be created quickly easily, and initially consumes no additional Space within the pool?

  • A. vdev
  • B. dataset
  • C. snapshot
  • D. clone
  • E. pool

Answer : C

Explanation: A snapshot is a read-only point-in-time copy of a file system. The copy-on- write design of ZFS makes them essentially free - They are space efficient and instantaneous, providing an invaluable part of backup strategies and synchronizing data between systems.
NotA:A ZFS vdev (aka "virtual device") is either:
a single disk, or
two or more disks that are mirrored, or
a group of disks that are organized using RAID-Z.
There are also special kinds of vdevs like hot-spares, ZIL or cache devices, etc.
Not D:
Clones are writeable snapshots, ideal for storing many private copies of shared data for operations such as data migration, test and development, or backup.

Which two statements about flows are true?

  • A. Aflow must have a bandwidth limit defined in order to be observed.
  • B. A flow can useNIChardware resources when supported andavailable.
  • C. Aflow can only be setwithin the globalzonesyet canbeobservedwithin a non-globalzone.
  • D. A flowcan bedefined with local and remote portcombination.
  • E. Aflowstat allows collection ofonly receive-side statistics.

Answer : B,C

Explanation: B:Example:Creating a Policy Around a Mission-Critical Port
The command below creates a policy around inbound HTTPS traffic on an HTTPS server so that HTTPS obtains dedicated NIC hardware and kernel TCP/IP resources. The name specified, https-1, can be used later to modify or delete the policy.
# flowadm add-flow -l bge0 -a transport=TCP,local_port=443 https-1
# flowadm show-flow -l bge0
https1 bge0 -- tcp 443 -- --
*Flow Restrictions Per Zone
Within a zone, no two flows can have the same name. After adding a flow with the link specified, the link will not be required for display, modification, or deletion of the flow.

Not A:Flow Properties -
The following flow properties are supported. Note that the ability to set a given property to a given value depends on the driver and hardware. maxbw
Sets the full duplex bandwidth for the flow. The bandwidth is specified as an integer with one of the scale suffixes(K, M, or G for Kbps, Mbps, and Gbps). If no units are specified, the input value will be read as Mbps. The default is no bandwidth limit. priority
Sets the relative priority for the flow. The value can be given as one of the tokens high, medium, or low. The default is medium.
Not D:The following types of combinations of attributes are supported: local_ip[/prefixlen]=address remote_ip[/prefixlen]=address transport={tcp|udp|sctp|icmp|icmpv6} transport={tcp|udp|sctp},local_port=port transport={tcp|udp|sctp},remote_port=port dsfield=val[:dsfield_mask]
On a given link, the combinations above are mutually exclusive. An attempt to create flows of different combinations will fail.

Note:Flow Attributes -
The flow operand that identify a flow in a flowadm command is a comma-separated list of one or more keyword, value pairs from the list below. local_ip[/prefix_len] remote_ip[/prefix_len] transport={tcp|udp|sctp|icmp|icmpv6} local_port
Identifies a service specified by the local port.
Identifies a service specified by the remote port.
- report flow statistics
*The flowstat command reports run time statistics about user defined flows. flowadm show- flow provides the flow name information for this command.
*flowstat [-r | -t] [-i interval] [-l link] [flow]
This form of the command iteratively examines all flows and reports statistics. The output is sorted in descending order of flow utilization. If no flow is specified, the system displays statistics for all flows.
Display receive-side statistics only. Includes bytes and packets received, drops, and so forth.
Display transmit-side statistics only. Includes bytes and packets sent, drops, and so forth.
-i interval
Specify an interval in seconds at which statistics are refreshed. The default interval is one second.
-l link | flow]
Display statistics for all flows on the specified link or statistics for the specified flow.
Reference: man flowadm, man flowstat

Examine the message below.
What would be the next action?

Intel(R) Boot Agent GE v1.2.42 -
Copyright (C) 1997-2006, Intel Corporation
Intel(R) Boot Agent PXE Base Code (PXE-2.1 build 085)
Copyright (C) 1997-2006, Intel Corporation


PXE-T02: Access violation -
PXE-E3C: TFTP Error - Access Violation

  • A. Contact the secondary tftp server.
  • B. Load the pxegrub file.
  • C. Abandon network boot and hang.
  • D. Boot the internal raid device.
  • E. Boot the CDROM.

Answer : C

Explanation: TFTP Error or System Hangs After GATEWAY Message
The DHCP server provides an IP address and a location of the initial boot program as part of the DHCP response.
If the boot program does not exist, then the AI client boot cannot proceed. The following message is displayed:
Intel(R) Boot Agent PXE Base Code (PXE-2.1 build 0.86)
Copyright(C) 1997-2007, Intel Corporation


PXE-T02: Access Violation -
PXE-E3C: TFTP Error - Access violation
PXE-MOF: Exiting Intel Boot Agent
Reference:Oracle Solaris 11 Express,Client Installation Fails

Page:    1 / 5   
Total 79 questions