1. Home
  2. Oracle
  3. 1Z0-881

Oracle 1Z0-881 Online Practice Questions and Exam Preparation

1Z0-881 Exam Details

  • Exam Code
    :1Z0-881
  • Exam Name
    :Oracle Solaris 10 Security Administrator Certified Expert Exam
  • Certification
    :Oracle Certifications
  • Vendor
    :Oracle
  • Total Questions
    :293 Q&As
  • Last Updated
    :Dec 09, 2021

Oracle 1Z0-881 Online Questions & Answers

  • Question 91:

    An application file system stores unchanging data only. How should this file system be mounted defensively in /etc/vfstab?

    A. /dev/dsk/c0t3d0s6 /dev/rdsk/c0t3d0s6 /data ufs 2 yes ro,nosuid,anon=0
    B. /dev/dsk/c0t3d0s6 /dev/rdsk/c0t3d0s6 /data ufs 2 yes nodevices,noexec,ro
    C. /dev/dsk/c0t3d0s6 /dev/rdsk/c0t3d0s6 /data ufs 2 yes nosuid,noxattr,noexec
    D. /dev/dsk/c0t3d0s6 /dev/rdsk/c0t3d0s6 /data ufs 2 yes noexec,nosuid,nodevices

  • Question 92:

    A company has produced several inhouse applications that have to deal with authentication using passwords. The Solaris systems have been reconfigured to use the password history checking option. What is the impact of this change for their applications?

    A. All applications automatically benefit from the new password history checking.
    B. Only privilege aware applications will benefit from the password history checking.
    C. Every application has to be changed to call the new functions for password history checking.
    D. Applications which use the PAM framework will automatically use password history checking.

  • Question 93:

    What is the purpose of the Solaris cryptographic framework metaslot?

    A. It is a storage facility for all of the encryption algorithms.
    B. It is a pointer to the next available cryptographic token slot.
    C. It is a library to limit algorithms based on export control laws.
    D. It is a door-based interface to the kernel cryptographic services.
    E. It is an interface to connect to any available cryptographic service.

  • Question 94:

    Which two statements about the digest and mac commands are true? (Choose two.)

    A. The mac command can use the Digital Encryption Standard (DES) in cipher-block chained (CBC) mode. The digest command can NOT.
    B. The mac command uses a distinct class of hash functions called message authentication codes (MACs). MAC functions combine the input file with a key supplied by the user, returning a fixed length digest.
    C. The mac command uses a distinct class of hash functions called MACs. A MAC function combines the input file with a randomly generated salt, and returns a digest.
    D. The digest command requires that the user supply a key. The mac command does NOT. The digest command takes an input file, combines it with the key, and a variable length digest is returned.

  • Question 95:

    An application that you are installing needs to be able to run the snoop command, which normally requires root access. Which two Solaris features could you use to allow this application to run without giving it full root access to your system? (Choose two.)

    A. Solaris Zones
    B. Kerberos-enabled snoop
    C. Trusted Extensions snoop
    D. Process Rights Management
    E. Role Based Access Control (RBAC)

  • Question 96:

    A startup company suspects that one of its sales people is accessing confidential research and development files, which are kept on a Solaris 10 system, and leaking their contents to the press. Which measure can the system administrator put in place to detect this activity?

    A. Solaris Auditing
    B. Process Accounting
    C. File Access Control Lists
    D. Basic Audit and Report Tool (BART)
    E. Role Based Access Control (RBAC)

  • Question 97:

    To harden a newly installed Solaris OS, an administrator is required to make sure that syslogd is configured to NOT accept messages from the network. Which supported method can be used to configure syslogd like this?

    A. Run svcadm disable -t svc:/network/system-log.
    B. Edit /etc/default/syslogd to set LOG_FROM_REMOTE=NO.
    C. Edit /etc/rc2.d/S74syslog to start syslogd with the -t option.
    D. Edit /lib/svc/method/system-log to set LOG_FROM_REMOTE=NO.

  • Question 98:

    Solaris 10 includes the ability to lock a user's account after a fixed number of failed login accounts. What is the disadvantage of enabling this feature?

    A. Only login attempts using telnet are counted.
    B. It can be used to enable a Denial-of-Service attack.
    C. Entering a blank password will reset the failed login count.
    D. It requires passwords to be stored in clear-text on the system.

  • Question 99:

    The system administrator is required by the security policy to restrict the ability of users to view other processes on the system. This needs to be done for all users on the system. Which course of action should the administrator take?

    A. Edit the file /etc/security/exec_attr and add privs=basic,!proc_info to the "All" entry.
    B. Edit the file /etc/security/prof_attr and add privs=basic,!proc_info to the "Basic Solaris User" entry.
    C. Edit the file /etc/user_attr and add defaultpriv=basic,!proc_info for all users present in the file.
    D. Edit the file /etc/security/policy.conf and create the following setting: PRIV_DEFAULT=basic,!proc_info.

  • Question 100:

    To harden a newly installed Solaris OS, an administrator is required to make sure that syslogd is configured to NOT accept messages from the network. Which supported method can be used to configure syslogd like this?

    A. Run svcadm disable -t svc:/network/system-log.
    B. Edit /etc/default/syslogd to set LOG_FROM_REMOTE=NO.
    C. Edit /etc/rc2.d/S74syslog to start syslogd with the -t option.
    D. Edit /lib/svc/method/system-log to set LOG_FROM_REMOTE=NO.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Oracle exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 1Z0-881 exam preparations and Oracle certification application, do not hesitate to visit our Vcedump.com to find your solutions here.