Oracle 1Z0-881 Online Practice Questions and Exam Preparation

Oracle 1Z0-881 Online Questions & Answers

• Question 181:

  Two administrators are trying to figure out how to implement encryption within a small network consisting of five machines. The requirement is to keep all the traffic between the nodes within that network private. They could not agree on a solution, because they are not sure what options are available. Which technology will solve their problem?

  A. SSH
  B. IPsec
  C. IP Filter
  D. Kerberos
  B. IPsec

• Question 182:

  A security administrator would like to restrict the number of simultaneous lightweight processes (LWPs) that the webadm role may have at any given time. The security administrator has created the following policy in /etc/projects: user.webadm:10000::::task.max-lwps=(privileged,5,deny) What will be the impact if the webadm role attempted to start a sixth LWP?

  A. The LWP creation attempt will fail and an error code will be returned to the initiating process.
  B. The LWP will be created and webadm's oldest LWP will be suspended until sufficient resources become available.
  C. The LWP creation attempt will fail but the system will automatically retry until the LWP has been successfully created.
  D. The LWP creation attempt will suspend until sufficient resources become available allowing the LWP to be created.
  E. The LWP will be created but it will immediately be suspended until sufficient resources become available for it to run.
  A. The LWP creation attempt will fail and an error code will be returned to the initiating process.

• Question 183:

  A security administrator is required to periodically validate binaries against the Solaris Fingerprint Database. While attempting to capture MD5 file signatures for key Solaris OS files, the security administrator encounters the following error: digest: no cryptographic provider was found for this algorithm -- md5 What command should the administrator use to help determine the cause of the problem?

  A. crypt
  B. digest
  C. kcfadm
  D. openssl
  E. cryptoadm
  E. cryptoadm

• Question 184:

  An administrator has applied patch 120543-02 to a server. Unfortunately, this patch is causing compatibility problems with one of the core applications running on that server. The patch needs to be backed out to solve the application problems. Which command performs the uninstallation of this patch?

  A. pkgrm 120543-02
  B. patchadm -d 120543-02
  C. patchremove 120543-02
  D. smpatch remove -i 120543-02
  E. rm -rf /var/sadm/patch/120543-02
  D. smpatch remove -i 120543-02

• Question 185:

  A security administrator has created these "Restricted Commands" rights profiles in the /etc/security/exec_attr file that will be assigned to a number of application developers: $ grep "^Restricted Commands" /etc/security/exec_attr Restricted

  Commands:solaris:cmd:::/my/bin/progA:uid=yadm;gid=yadm Restricted Commands:

  solaris:cmd:::/my/bin/progB:uid=vadm;gid=vadm Restricted Commands:solaris:cmd:::/my/bin/progC:uid=oamd;

  gid=aadm Restricted Commands:solaris:cmd:::/my/bin/progD:uid=nadm;gid=badm Restricted Commands:

  solaris:cmd:::/my/bin/progD:uid=nadm;gid=cadm Restricted Commands:solaris:cmd:::/my/bin/progD:uid=eadm;

  gid=eadm Restricted Commands:solaris:cmd:::/my/bin/progD: As what UID and GID will the command /my/bin/progD run when the command is executed as followed by an application developer who has been assigned the "Restricted

  Commands" rights profile?

  A. UID nadm and GID badm
  B. UID nadm and GID cadm
  C. UID eadm and GID eadm
  D. UID and GID of the application developer
  A. UID nadm and GID badm

• Question 186:

  Click the Exhibit button.

  

  You maintain a minimized and hardened web server. The exhibit shows the current credentials that the web server runs with. You receive a complaint about the fact that a newly installed webbased application does not function. This application is based on a /bin/ksh cgi-bin script. What setting prevents this cgi-bin program from working?

  A. The system might NOT have /bin/ksh installed.
  B. The server is NOT allowed to call the exec system call.
  C. The server should run with uid=0 to run cgi-bin scripts.
  D. Some of the libraries needed by /bin/ksh are NOT present in the webserver's chroot environment.
  B. The server is NOT allowed to call the exec system call.

• Question 187:

  Traditionally, UNIX systems have allowed users to hard-link files of other users. Your company's current policy disallows this, and you need to implement this change. In the Solaris 10 OS, there is a special privilege that controls this particular capability: the file_link_any privilege. Which statement is true?

  A. You can remove the privilege from all users by editing /etc/default/login.
  B. You can remove the privilege from all users by assigning them a profile shell.
  C. You can NOT remove the privilege from the user's privilege sets because it is a basic privilege.
  D. You can remove the privilege from all users by editing /etc/security/policy.conf.
  D. You can remove the privilege from all users by editing /etc/security/policy.conf.

• Question 188:

  Click the Task button.

  Drag and drop question. Drag the items to the proper locations.

  Select and Place:

  

  

• Question 189:

  During a recent Solaris security assessment, a security administrator found a directory on a local UFS file system that contained the following files: $ ls -@ total 7200 -rwxr-----+ 1 webadm webadm 1048576 Jun 6 15:34 bar -rw---l--- 1 webadm webadm 512000 Jun 6 15:35 baz -rw-------@ 1 webadm webadm 2097152 Jun 6 15:34 foo What is the meaning of the @ symbol associated with file foo?

  A. The file has the sticky bit set.
  B. The file contains extended file attributes.
  C. The file is configured for mandatory locking.
  D. The file has at least one access control list defined.
  E. The file has permissions with an undefined bit state.
  B. The file contains extended file attributes.

• Question 190:

  To enforce security within your organization, access restrictions to systems must be applied. In particular, restrictions to the telnet protocol must be configured. Which action must be taken to enable TCP wrappers for the telnet protocol?

  A. svcadm tcp_wrappers start
  B. svcadm enable tcp_wrappers
  C. inetadm -m telnet=tcp_wrappers
  D. inetadm -m telnet tcp_wrappers=true
  D. inetadm -m telnet tcp_wrappers=true