Oracle 1Z0-881 Online Practice Questions and Exam Preparation

Oracle 1Z0-881 Online Questions & Answers

• Question 71:

  A cryptographically signed patch provides system administrators with assurance that the patch possesses certain qualities. Which two qualities are assured when a patch signature is verified? (Choose two.)

  A. The patch has a verified origin.
  B. The patch has NOT been modified since it was signed.
  C. The patch was created by a Sun Certified Systems Engineer.
  D. The contents of the patch have NOT been revealed to anyone who does NOT have a Sun service plan.
  A. The patch has a verified origin.
  B. The patch has NOT been modified since it was signed.

• Question 72:

  Solaris 10 provides password history checking out of the box. Which name services currently support this feature?

  A. NIS
  B. NIS+
  C. Kerberos
  D. local files
  D. local files

• Question 73:

  In which Solaris OS subsystem is User Rights Management implemented?

  A. Process Privileges
  B. Mandatory Access Control
  C. Service Management Facility
  D. Discretionary Access Control
  E. Role Based Access Control (RBAC)
  E. Role Based Access Control (RBAC)

• Question 74:

  You have been asked to let your manager's children run their homework assignments on one of the servers you administer. You have been promised that it will not impact the overall performance of the server, but you aren't sure, so you want to track how many resources they use. After you have created a new user called kids and assigned a new project called homework to the user, what do you need to do to gather the resource usage information?

  A. Enable Solaris Auditing for the kids user.
  B. Use the acctadm command to enable extended accounting for tasks.
  C. Use the poolcfg command to assign the homework project to a resource pool.
  D. Use the rctladm command to enable the syslog action for the homework project.
  B. Use the acctadm command to enable extended accounting for tasks.

• Question 75:

  You suspect that the /usr/bin/lsbinary on a system might have been replaced with a "Trojan horse." You have been able to determine that the correct MD5 checksum for the real /usr/bin/ls binary is: md5 (/usr/bin/ls) = b526348afd2d57610dd3635e46602d2a Which standard Solaris command can be used to calculate the MD5 checksum for the /usr/bin/ls file?

  A. md5 /usr/bin/ls
  B. sum -r /usr/bin/ls
  C. sum -a md5 /usr/bin/ls
  D. crypt -a md5 /usr/bin/ls
  E. digest -a md5 /usr/bin/ls
  E. digest -a md5 /usr/bin/ls

• Question 76:

  A company has activated auditing on all of their systems. The default destination directory for the audit trail is /var/audit on each system. In the past few weeks, they had problems with one of the systems acting as a print server. A user sent a large print job, which caused /var on the print server to become full. As a result, auditing was no longer working. They changed the /etc/security/audit_control file to include a second destination directory (using the dir: keyword). When will the audit subsystem switch from the first directory to the second configured directory?

  A. after 24 hours
  B. when the first directory is full
  C. depends on the configuration of /etc/logadm.conf
  D. when the first directory has less than minfree percent free
  E. auditd will use both directories in round-robin and switch after writing a complete audit event record.
  D. when the first directory has less than minfree percent free

• Question 77:

  Which two components are part of the Solaris Cryptographic Framework? (Choose two.)

  A. single sign-on capabilities
  B. encryption and decryption
  C. random number generation
  D. Kerberos principle generation
  B. encryption and decryption
  C. random number generation

• Question 78:

  A Solaris 10 system has IP Filter enabled and configured. A section of the /etc/ipf/ipf.conf configuration file is reported below: block return-rst in quick proto tcp from any to any port = 23 flags S block return-icmp (port-unr) in proto udp from any to any port > 3000 Which two statements are true? (Choose two.)

  A. The system blocks TCP RST packets.
  B. The system will block incoming telnet connections and returns a TCP RST packet.
  C. The system will block all incoming echo requests and replies with an ICMP port unreachable packet.
  D. The system does NOT return ICMP-type packets for UDP incoming connections received on ports greater than 3000.
  E. The system will block and replay with an ICMP port unreachable packet to UDP connections received for ports greater than 3000.
  B. The system will block incoming telnet connections and returns a TCP RST packet.
  E. The system will block and replay with an ICMP port unreachable packet to UDP connections received for ports greater than 3000.

• Question 79:

  Which are two advantages of the Service Management Facility compared to the init.d startup scripts? (Choose two.)

  A. It restarts processes if they die.
  B. It handles service dependencies.
  C. It has methods to start and stop the service.
  D. It specifies what the system should do at each run level.
  A. It restarts processes if they die.
  B. It handles service dependencies.

• Question 80:

  Which two tasks can you perform using the Audit facility? (Choose two.)

  A. generate an overview of CPU usage by users
  B. generate an overview of disk space occupied by a particular user
  C. generate an overview of which users recently changed their password
  D. generate an overview of the network bandwith in use by a particular user
  E. generate an overview of all the applications executed by a particular user
  C. generate an overview of which users recently changed their password
  E. generate an overview of all the applications executed by a particular user