1. Home
  2. Oracle
  3. 1Z0-881

Oracle 1Z0-881 Online Practice Questions and Exam Preparation

1Z0-881 Exam Details

  • Exam Code
    :1Z0-881
  • Exam Name
    :Oracle Solaris 10 Security Administrator Certified Expert Exam
  • Certification
    :Oracle Certifications
  • Vendor
    :Oracle
  • Total Questions
    :293 Q&As
  • Last Updated
    :Dec 09, 2021

Oracle 1Z0-881 Online Questions & Answers

  • Question 171:

    The security administrator is reviewing a Solaris Security Toolkit audit run against the global zone of a server. The administrator discovers that the Basic Audit and Report Tool (BART) reports failures related to file changes in non-global zones. How would the administrator correct this problem?

    A. In the global zone, create a BART rules file that excludes non-global zone file systems from the manifest.
    B. In the non-global zone, create a BART rules file that excludes non-global zone file systems from the manifest.
    C. In the global zone, edit the enable-bart.aud script and add options to the bart create command to exclude the non-global zone file systems.
    D. In the global zone, edit the enable-bart.fin script and add options to the bart compare command to exclude the non-global zone file systems.
    E. In the non-global zone, edit the enable-bart.aud script and add options to the bart create command to exclude the non-global zone file systems.

  • Question 172:

    Solaris 10 includes the ability to lock a user's account after a fixed number of failed login accounts. What is the disadvantage of enabling this feature?

    A. Only login attempts using telnet are counted.
    B. It can be used to enable a Denial-of-Service attack.
    C. Entering a blank password will reset the failed login count.
    D. It requires passwords to be stored in clear-text on the system.

  • Question 173:

    Within the context of file integrity, rules can be implemented to change the scope of the Basic Audit and Report Tool (BART) manifest. Given the rule file: /home/bert/docs *.og[dt] CHECK all IGNORE mtime Which two statements are valid? (Choose two.)

    A. All files on the system will be checked.
    B. The last modification time of all checked files will not be checked.
    C. Key words such as CHECK and IGNORE can NOT be used in a rule file.
    D. Only files with extension .ogt and .ogd in the directory /home/bert/docs will be checked.
    E. All files on the system will be checked, except for files with extensions .ogt and .ogd in the directory /home/bert/docs.

  • Question 174:

    It is corporate practice to use the Solaris Security Toolkit on all Sun systems. This has been sucessfully done for years, and the administrators are experienced with the tool. Starting with Solaris 10, the company now also uses Solaris zones. Which two statements regarding Solaris Security Toolkit are correct? (Choose two.)

    A. All minimization and hardening is done from the global zone.
    B. The Solaris Security Toolkit should be run in the non-global zone after installation.
    C. Configuration of the global zone does not impact hardening of the non-global zone.
    D. Hardening and auditing with the Solaris Security Toolkit can be done within each individual zone.

  • Question 175:

    A system administrator wants to share NFS file systems to two different sets of systems. Both sets of systems require integrity checks and Kerberos authentication. The second set of systems also requires encryption. What option is open to the system administrator?

    A. Use an NFS server in two different zones, sharing the same data.
    B. Share the same file system with different sec options for both sets of clients.
    C. Share the file system only with NFSv4, because older NFS versions do not support this.
    D. Logically divide the file system into two separate file systems, each shared with different sec options.

  • Question 176:

    A system administrator is new to the Solaris cryptographic framework. During minimization and hardening, the system administrator discovered a running /usr/lib/crypto/kcfd and disabled this daemon. To verify the integrity of a Solaris binary, the system administrator is comparing the MD5 checksum of a binary with the information from the Solaris Fingerprint Database at SunSolve. To get the local checksum, he is using the command digest. What will happen when executing this command?

    A. The command will fail with an error.
    B. The command will run as usual and provide the MD5 sum.
    C. The command will run but won't be able to use any installed crypto accelerator hardware (if installed).
    D. The command will run slower because the kernel function can't be accessed, and the userland implementation (libmd5.so.1) will be used.

  • Question 177:

    Which three are useful tools to monitor the integrity of a system? (Choose three.)

    A. bart
    B. logadm
    C. elfsign
    D. cryptoadm
    E. Solaris Fingerprint Database

  • Question 178:

    Given: $ ppriv -s I-proc_exec $$ What is the result of this command?

    A. The shell process can no longer execute programs
    B. New commands started by the shell can no longer execute programs.
    C. The command fails because an ordinary user cannot execute this command.
    D. There is no noticible effect because the Inheritable set is NOT used by a process.

  • Question 179:

    A security administrator needs to configure a Solaris system to act as a firewall between your company's corporate network and the Internet, using Solaris IP Filter software to control the traffic passing between these two networks. Which is an efficient way to limit the software that can be run on this system?

    A. Use IPsec to limit execution of non-system binaries.
    B. Use the Solaris Security Toolkit and allow it to automatically minimize the system.
    C. Install Solaris using the Entire Distribution Metacluster, and remove any unneeded packages.
    D. Install Solaris using the Reduced Networking Core System Metacluster and add any extra required packages.

  • Question 180:

    A system administrator wants to share NFS file systems to two different sets of systems. Both sets of systems require integrity checks and Kerberos authentication. The second set of systems also requires encryption. What option is open to the system administrator?

    A. Use an NFS server in two different zones, sharing the same data.
    B. Share the same file system with different sec options for both sets of clients.
    C. Share the file system only with NFSv4, because older NFS versions do not support this.
    D. Logically divide the file system into two separate file systems, each shared with different sec options.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Oracle exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 1Z0-881 exam preparations and Oracle certification application, do not hesitate to visit our Vcedump.com to find your solutions here.