Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Sun 310-301 Exam - Cheat-Test.com

Free 310-301 Sample Questions:

1.Given that the entry below is listed in the /etc/dfs/dfstab file: share ­F nfs ­o rw=foo,root=foo,ro
/export Who can write to this file system?
A.all users on system foo
B.the root user on system foo
C.the root user on systems foo and ro
D.all users on systems that have mounted this file system
Answer: A

2.What cryptographic assurance is provided by public key cryptography that is NOT provided by secret key cryptography?
A.integrity
B.confidentiality
C.authentication
D.non­repudiation
Answer: D

3./var/adm/messages contains this output: Jan 28 21:23:18 mailhost in.telnetd[20911]: [ID 808958 daemon.warning] refused connect from ns.foo.com (access denied) Why was this line generated?
A.A user connecting from ns.foo.com failed to authenticate.
B.The user daemon is not allowed to log in from ns.foo.com.
C.A portscan was run against mailhost from ns.foo.com.
D.The TCP Wrapper configuration does not allow telnet connections from ns.foo.com.
Answer: D

4.Which two types of host keys are supported by Solaris Secure Shell? (Choose two.)
A.AES
B.RSA
C.DSA
D.DES
E.3DES
Answer: B, C

5.Which is a public key encryption algorithm?
A.AH
B.AES
C.RSA
D.PGP
E.IDEA
Answer: C

6.Which cryptographic assurances are provided by SSL?
A.confidentiality, integrity, availability
B.authorization, confidentiality, message integrity
C.confidentiality, client authentication, server authentication
D.authentication, confidentiality, access control, non­repudiation
Answer: C

7.To which file does the Solaris 9 OE accounting facility log commands?
A./var/adm/utmpx
B./var/adm/pacct
C./var/adm/exacct
D./var/log/syslog
Answer: B

8.Which command generates client key pairs and adds them to the $HOME/.ssh directory?
A.ssh­add
B.ssh­agent
C.ssh­keygen
D.ssh­keyadd
Answer: C

9.Which two services support TCP Wrappers by default in the Solaris 9 OE? (Choose two.)
A.inetd
B.rpcbind
C.sendmail
D.automountd
E.Solaris Secure Shell
Answer: A, E

10.Which threat can be mitigated by setting the Open Boot PROM security mode to full?
A.system panics
B.booting into single user mode
C.remotely accessing the console
D.logging in as root at the console
Answer: B

11.Which is uncharacteristic of a Trojan horse program used to escalate privileges?
A.It is installed in /usr/bin.
B.It is owned by a normal user.
C.It has the same name as a common program.
D.It contains additional functionality which the user does not expect.
Answer: A

12.Which setting in the /etc/system file limits the maximum number of user processes to 100 to prevent a user from executing a fork bomb on a system?
A.set maxuprc = 100
B.set maxusers = 100
C.set user_procs = 100
D.set max_nprocs = 100
Answer: A

13.The system administrator finds a Trojaned login command using md5 and the Solaris
Fingerprint Database. What is true about the system administrator's incident response tasks?
A.The server must be rebuilt.
B.BSM will identify the attacker.
C.All other replaced system files can be identified using md5 and the Solaris Fingerprint Database.
D.All other replaced system files can be identified using md5 and the Solaris Fingerprint Database and replaced with trusted versions.
Answer: A

14.Which two regular user PATH assignments expose the user to a Trojan horse attack? (Choose two.)
A.PATH=/usr/bin:/bin
B.PATH=/usr/bin:/sbin:/usr/sbin
C.PATH=/usr/bin:/sbin:/usr/sbin:
D.PATH=.:/usr/bin:/sbin:/usr/sbin
Answer: C, D

15.How do you distinguish between denial of service attacks and programming errors?
A.You cannot make this distinction.
B.You examine the audit events for the process.
C.You verify that the process user ID is that of a valid user.
D.You check the binary against the Solaris Fingerprint Database.
Answer: A

16.User fred runs a program that consumes all of the system's memory while continuously spawning a new program. You decide to terminate all of fred's programs to put a stop to this. What command should you use?
A.kill ­u fred
B.pkill ­U fred
C.passwd ­l fred
D.kill `ps ­U fred ­o pid`
Answer: B

17.Which evasion technique can NOT be detected by system integrity checks?
A.installing a rootkit
B.adding user accounts
C.abusing an existing user account
D.installing a loadable kernel module
Answer: C

18.Which statement about denial of service attack is FALSE?
A.Denial of service is always preventable.
B.Multiple machines may be used as the source of the attack.
C.Service is denied on the victim host when a key resource is consumed.
D.A denial of service attack is an explicit attempt by an attacker to prevent legitimate users of a service from using that service.
Answer: A

19.Which command can customize the size for system log file rotation?
A.dmesg
B.logger
C.logadm
D.syslog
E.syslogd
Answer: C

20.Which syslog facility level specification can be used to record unsuccessful attempts to su(1M)?
A.su.warning
B.cron.debug
C.kernel.alert
D.auth.warning
Answer: D

21.When will a removable diskette be deallocated?
A.when the owner logs out
B.when the system is rebooted
C.when the owner removes the diskette
D.when the root user allocates the device
E.when the owner runs deallocate(1M)
Answer: E

22.How should you configure BSM to help you detect whether an attacker has removed audit records?
A.Audit records already indicate this by default.
B.You execute the command bsmconv +cnt and reboot.
C.auditconfig ­setpolicy +cnt should be added to /etc/security/audit_startup.
D.auditconfig ­setpolicy +seq should be added to /etc/security/audit_startup.
Answer: D

23.Given: $ showmount ­e What information is provided?
A.the NFS server statistics
B.all file systems exported by the local system
C.all file systems mounted on the local system
D.all file systems mounted from the local file system by other systems
Answer: B

24.A system administrator sets up a global BSM policy that audits all user events except file access. Which is the correct entry in audit_user(4)?
A.flags:all,^fa
B.flags:^all:fc
C.naflags:all:fr
D.naflags:all:^fr
Answer: A

25.A security administrator is reviewing the BSM configuration on a system. While looking at the
/etc/security/audit_control file, the administrator finds that the system is configured to audit the fa audit class. Which two statements are true? (Choose two.)
A.The security of the system will be significantly enhanced.
B.The performance of the system will be significantly degraded. C.The performance of the system will be significantly enhanced. D.The system will audit all failures and alert events on the system.
E.The system will audit all file accesses for all users and processes. F.The system will audit all failed administrative actions on the system.
Answer: B, E

26.What information is collected by process accounting? (Choose two.)
A.UID and GID
B.files modified by users
C.IP address of the remote host
D.a process's controlling terminal
Answer: A, D


© 2014 Cheat-Test.com, All Rights Reserved