Oracle 1Z0-881 Online Practice Questions and Exam Preparation

Oracle 1Z0-881 Online Questions & Answers

• Question 161:

  Click the Task button.

  Place each Solaris Security Toolkit parameter with its description.

  Drag and drop question. Drag the items to the proper locations.

  Select and Place:

  

  

• Question 162:

  Click the Exhibit button.

  

  Based on this output from verifying a signed patch, which statement is correct?

  A. The patch is correctly signed.
  B. The patch signature manifest is invalid.
  C. The patch signature hash was NOT supplied.
  D. The patch signature is invalid, because NOT all files are signed.
  A. The patch is correctly signed.

• Question 163:

  Which two statements about the digest and mac commands are true? (Choose two.)

  A. The mac command can use the Digital Encryption Standard (DES) in cipher-block chained (CBC) mode. The digest command can NOT.
  B. The mac command uses a distinct class of hash functions called message authentication codes (MACs). MAC functions combine the input file with a key supplied by the user, returning a fixed length digest.
  C. The mac command uses a distinct class of hash functions called MACs. A MAC function combines the input file with a randomly generated salt, and returns a digest.
  D. The digest command requires that the user supply a key. The mac command does NOT. The digest command takes an input file, combines it with the key, and a variable length digest is returned.
  A. The mac command can use the Digital Encryption Standard (DES) in cipher-block chained (CBC) mode. The digest command can NOT.
  B. The mac command uses a distinct class of hash functions called message authentication codes (MACs). MAC functions combine the input file with a key supplied by the user, returning a fixed length digest.

• Question 164:

  Click the Exhibit button.

  

  The Exhibit shows the contents of a file named rule, and the output of a Basic Audit and Report Tool (BART) command. The purpose of the command is to create a manifest file of the directory /opt/SUNWrtvc, but unfortunately the command did not succeed. What caused the error from BART?

  A. BART creates only manifest files for the entire system.
  B. The -r rule option has to be removed from the command.
  C. The -R /opt option has to be removed from the command.
  D. The subcommand create has to be removed from the command.
  C. The -R /opt option has to be removed from the command.

• Question 165:

  Given the command reported in /etc/dfs/dfstab from a system export: share -F nfs rw=foo,root=foo,ro /export Who can write to this file system?

  A. all users on system foo
  B. the root user on system foo
  C. the root user on systems foo and ro
  D. all users on systems that have mounted this file system
  A. all users on system foo

• Question 166:

  The company security policy now requires very detailed auditing of all actions. This includes capturing all executed commands together with their arguments and the environment variables. After activating auditing on all Solaris 10 systems, the security auditor complains about having to check the audit trail on each individual host. He asks for a central place to capture all audit trails. Using standard Solaris 10 security features, which is a solution to this problem?

  A. Configure auditd to send email with the events.
  B. Configure auditd to send the output using syslog to a central loghost.
  C. Configure auditd to store the audit trail using NFS on a central server.
  D. Configure auditd to store the audit trail using LDAP in a central directory.
  C. Configure auditd to store the audit trail using NFS on a central server.

• Question 167:

  A security administrator is required to validate the integrity of a set of operating system files on a number of Solaris systems. The administrator decides to use the Solaris Fingerprint Database to validate configuration and data files as well as binaries and libraries. What command, available by default in Solaris 10, will help the security administrator collect the necessary information that will be used with the Solaris Fingerprint Database?

  A. md5sum
  B. digest
  C. encrypt
  D. elfsign
  E. cryptoadm
  B. digest

• Question 168:

  To enforce security within your organization, access restrictions to systems must be applied. In particular, restrictions to the telnet protocol must be configured. Which action must be taken to enable TCP wrappers for the telnet protocol?

  A. svcadm tcp_wrappers start
  B. svcadm enable tcp_wrappers
  C. inetadm -m telnet=tcp_wrappers
  D. inetadm -m telnet tcp_wrappers=true
  D. inetadm -m telnet tcp_wrappers=true

• Question 169:

  A single system must run a number of different network services. Among them is a web server, a mail server, a DNS server, and a MySQL database used by an e-commerce application. After several months of successful operation, a compromise is discovered: an attacker exploited a vulnerability in the mail server and ultimately obtained a root shell. However, none of the highly sensitive personal information in the e-commerce database was compromised, nor was the operation of the web server or DNS server affected. How can this be?

  A. A system administrator deployed each service in its own non-global zone.
  B. The system was deployed in a DMZ, sensibly segmented from the corporate intranet by a packet filtering firewall.
  C. An administrator had deployed IP Filter with an aggressive policy, blocking all connections to non-essential ports.
  D. Remote access to the system was only available through SSH using RSA public key authentication, protecting users' credentials from eavesdroppers.
  A. A system administrator deployed each service in its own non-global zone.

• Question 170:

  A security administrator is required to periodically validate binaries against the Solaris Fingerprint Database. While attempting to capture MD5 file signatures for key Solaris OS files, the security administrator encounters the following error: digest: no cryptographic provider was found for this algorithm -- md5 What command should the administrator use to help determine the cause of the problem?

  A. crypt
  B. digest
  C. kcfadm
  D. openssl
  E. cryptoadm
  E. cryptoadm