Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Oracle 1Z0-881 Exam -

Free 1Z0-881 Sample Questions:

Q: 1
To comply with new security guidelines, your company requires you to implement a new password policy that performs stricter checks on new passwords than those performed by Solaris. Which Solaris subsystem can you consider extending?
A. Solaris PAM
B. Solaris /usr/bin/passwd
C. Solaris User Rights Management
D. Solaris Cryptographic Framework
Answer: A

Q: 2
A new security related patch has been released for the Solaris OS. This patch needs to be applied to the system that functions as your web server. The web server is configured to run in a non-global zone.
Can you just use patchadd to apply the patch to the global zone to update the web server zone?
A. No, you need to shut down the web server zone first.
B. Yes, patches will be automatically applied to all zones.
C. No, you need to apply the patch to the web server zone separately.
D. Yes, but you must make sure that the web server zone is booted first.
Answer: B

Q: 3
To harden a newly installed Solaris OS, an administrator is required to make sure that syslogd is configured to NOT accept messages from the network.
Which supported method can be used to configure syslogd like this?
A. Run svcadm disable -t svc:/network/system-log.
B. Edit /etc/default/syslogd to set LOG_FROM_REMOTE=NO.
C. Edit /etc/rc2.d/S74syslog to start syslogd with the -t option.
D. Edit /lib/svc/method/system-log to set LOG_FROM_REMOTE=NO.
Answer: B

Q: 4
In which Solaris OS subsystem is User Rights Management implemented?
A. Process Privileges
B. Mandatory Access Control
C. Service Management Facility
D. Discretionary Access Control
E. Role Based Access Control (RBAC)
Answer: E

Q: 5
One of the operators of the mainframe group was moved to the UNIX group and tasked to activate and configure password history. For every user, the last 10 passwords should be remembered in the history. In what file is the size of the password history configured?
A. /etc/shadow
B. /etc/pam.conf
C. /etc/default/passwd
D. /etc/security/policy.conf
Answer: C

Q: 6
Company policy dictates that offsite backups need to be encrypted with 256-bit keys. The infrastructure is in place, so all the administrator must do is select which algorithm to use for this operation. Which two algoritms can the administrator choose? (Choose two.)
A. MD5
F. arcfour
Answer: B, F

Q: 7
In which location is the signature for a signed binary found?
A. the ELF header
B. a trailer attached to the file
C. stored in a system database
D. added to the binary at compile time
E. created and stored in memory at system boot
Answer: A

Q: 8
Given the command reported in /etc/dfs/dfstab from a system export:
share -F nfs rw=foo,root=foo,ro /export
Who can write to this file system?
A. all users on system foo
B. the root user on system foo
C. the root user on systems foo and ro
D. all users on systems that have mounted this file system
Answer: A

Q: 9
After returning from training, the security administrator is getting asked by his coworkers about the features of Solaris auditing. He starts with some basic information. Which three statements are correct? (Choose three.)
A. Auditing is a new feature of Solaris 10.
B. Auditing can be configured for each zone.
C. Auditing can be configured for an individual user.
D. Auditing can be configured for each individual file.
E. Auditing can be used to record logins and logouts.
Answer: B, C, E

Q: 10
You have been asked to implement defense in depth for network access to a system, where a web server will be running on an Internet-facing network interface.
Which is NOT contributing to the defense in depth?
A. running the web server in a zone
B. using svcadm to disable unused services
C. using IP Filter to limit which network ports can be accessed from the Internet
D. using VLANs on a single network interface instead of using multiple network interfaces
E. using TCP wrappers to limit from which system SSH be used to connect to the system
Answer: D

© 2014, All Rights Reserved