Oracle 1Z0-881 Online Practice Questions and Exam Preparation

Oracle 1Z0-881 Online Questions & Answers

• Question 231:

  Click the Task button.

  Place the cryptographic providers next to the correct class functions.

  Drag and drop question. Drag the items to the proper locations.

  Select and Place:

  

  

• Question 232:

  Which item in the list would be specifically required for a VPN compared to a mode without encryption?

  A. Authentication Header (AH)
  B. Internet Key Exchange (IKE)
  C. Encapsulating Security Payload (ESP)
  D. Streams Control Transmission Protocol (SCTP)
  C. Encapsulating Security Payload (ESP)

• Question 233:

  Your company is running a DNS test server on the internal network. Access to this server must be blocked by using IP Filter. The administrator prefers that this access control is not obvious to someone trying to contact the server from the outside. Which rule implements the access control but hides the use of IP Filter to the outside?

  A. pass in quick on eri0 from 192.168.0.0/24 to any
  B. block in quick proto udp from any to any port = 53
  C. pass out quick on eri0 proto icmp from 192.168.1.2 to any keep state
  D. block return-icmp(port-unr) in proto udp from any to 192.168.1.2 port = 53
  D. block return-icmp(port-unr) in proto udp from any to 192.168.1.2 port = 53

• Question 234:

  Due to changes to the security policy of your organization, access restriction must be applied to systems. The changes specify that access to systems through the ftp protocol is NOT allowed according to the Human Resources department, which has the 10.10.10.0/24 address space assigned. TCP wrappers have been enabled for the ftp daemon, and these files have been configured: # cat /etc/hosts.allow in.ftpd: ALL # cat /etc/hosts.deny in.ftpd: 10.10.10.0/24 Despite the implemented configuration, Human Resources is still able to access systems through the ftp protocol. What action must be taken?

  A. The ftp daemon must be restarted.
  B. The inetd daemon must be restarted.
  C. The entry in the hosts.deny file is wrong and must be changed.
  D. The entry in the hosts.allow file is wrong and must be changed.
  D. The entry in the hosts.allow file is wrong and must be changed.

• Question 235:

  A security administrator has created these "Restricted Commands" rights profiles in the /etc/security/exec_attr file that will be assigned to a number of application developers: $ grep "^Restricted Commands" /etc/security/exec_attr Restricted

  Commands:solaris:cmd:::/my/bin/progA:uid=yadm;gid=yadm Restricted Commands:

  solaris:cmd:::/my/bin/progB:uid=vadm;gid=vadm Restricted Commands:solaris:cmd:::/my/bin/progC:uid=oamd;

  gid=aadm Restricted Commands:solaris:cmd:::/my/bin/progD:uid=nadm;gid=badm Restricted Commands:

  solaris:cmd:::/my/bin/progD:uid=nadm;gid=cadm Restricted Commands:solaris:cmd:::/my/bin/progD:uid=eadm;

  gid=eadm Restricted Commands:solaris:cmd:::/my/bin/progD: As what UID and GID will the command /my/bin/progD run when the command is executed as followed by an application developer who has been assigned the "Restricted

  Commands" rights profile?

  A. UID nadm and GID badm
  B. UID nadm and GID cadm
  C. UID eadm and GID eadm
  D. UID and GID of the application developer
  A. UID nadm and GID badm

• Question 236:

  After a recent security breach, you have been asked to create a Security Policy for your company. Which statement describes a Security Policy?

  A. details of which tools should be used to maintain security
  B. specific procedures to implement security in your organization
  C. a security baseline for use when implementing systems and procedures
  D. an audit report on how security is currently configured within your organization
  E. a report on how the security breach occurred, and how to avoid another occurrence in the future
  C. a security baseline for use when implementing systems and procedures

• Question 237:

  Click the Task button.

  Drag and drop question. Drag the items to the proper locations.

  Select and Place:

  

  

• Question 238:

  Which action can a system administrator with the solaris.smf.modify.sendmail authorization execute?

  A. svcadm enable sendmail
  B. svcadm refresh sendmail
  C. svcadm disable sendmail
  D. svccfg -s sendmail listprop
  D. svccfg -s sendmail listprop

• Question 239:

  You have a legacy non-privilege aware program which runs as root to be able to open a privileged port. Now that you have upgraded the system to Solaris 10 you want to take advantage of privileges. You can either run the program as root with fewer privileges, or you can run the program as daemon with additional privileges. Why is it preferred to run the program as daemon with added privileges?

  A. root is not able to drop privileges.
  B. root owns most of the system files.
  C. daemon has preconfigured profiles for this kind of privileges.
  D. root is able to regain dropped privileges using the ppriv command.
  B. root owns most of the system files.

• Question 240:

  An adminstrator has designed a system as an Internet proxy server. This system has been installed with packages that support the proxy software and secure administration. All other packages have been removed from the system. Which statement describes the system installation?

  A. This system has been hardened.
  B. This system has a standard installation metacluster.
  C. This system has been installed using strict minimization.
  D. This system has been installed using loose minimization.
  C. This system has been installed using strict minimization.