ITExamDump의 Oracle인증 1Z0-881덤프는 최근 유행인 PDF버전과 소프트웨어버전 두가지 버전으로 제공됩니다.PDF버전을 먼저 공부하고 소프트웨어번으로 PDF버전의 내용을 얼마나 기억하였는지 테스트할수 있습니다. 두 버전을 모두 구입하시면 시험에서 고득점으로 패스가능합니다.
만약ITExamDump선택여부에 대하여 망설이게 된다면 여러분은 우선 우리ITExamDump 사이트에서 제공하는Oracle 1Z0-881관련자료의 일부분 문제와 답 등 샘플을 무료로 다운받아 체험해볼 수 있습니다. 체험 후 우리의ITExamDump에 신뢰감을 느끼게 됩니다. 우리ITExamDump는 여러분이 안전하게Oracle 1Z0-881시험을 패스할 수 있는 최고의 선택입니다. ITExamDump을 선택함으로써 여러분은 성공도 선택한것이라고 볼수 있습니다.
ITExamDump는Oracle인증1Z0-881시험에 대하여 가이드를 해줄 수 있는 사이트입니다. ITExamDump는 여러분의 전업지식을 업그레이드시켜줄 수 잇고 또한 한번에Oracle인증1Z0-881시험을 패스하도록 도와주는 사이트입니다. ITExamDump제공하는 자료들은 모두 it업계전문가들이 자신의 지식과 끈임없은 경헌등으로 만들어낸 퍼펙트 자료들입니다. 품질은 정확도 모두 보장되는 문제집입니다.Oracle인증1Z0-881시험은 여러분이 it지식을 한층 업할수 잇는 시험이며 우리 또한 일년무료 업데이트서비스를 제공합니다.
이 글을 보시게 된다면Oracle인증 1Z0-881시험패스를 꿈꾸고 있는 분이라고 믿습니다. Oracle인증 1Z0-881시험공부를 아직 시작하지 않으셨다면 망설이지 마시고ITExamDump의Oracle인증 1Z0-881덤프를 마련하여 공부를 시작해 보세요. 이렇게 착한 가격에 이정도 품질의 덤프자료는 찾기 힘들것입니다. ITExamDump의Oracle인증 1Z0-881덤프는 고객님께서 Oracle인증 1Z0-881시험을 패스하는 필수품입니다.
시험 번호/코드: 1Z0-881
시험 이름: Oracle (Oracle Solaris 10 Security Administrator Certified Expert Exam)
당신이 구입하기 전에 시도
일년동안 무료 업데이트
100% 환불보장약속
100% 합격율 보장
Q&A: 293 문항
업데이트: 2014-01-26
ITExamDump에서는 소프트웨어버전과 PDF버전 두가지버전으로 덤프를 제공해드립니다.PDF버전은 구매사이트에서 무료샘플을 다움받아 체험가능합니다. 소프트웨어버전은실력테스트용으로 PDF버전공부후 보조용으로 사용가능합니다. Oracle 인증1Z0-881덤프 무료샘플을 다운받아 체험해보세요.
안심하시고ITExamDump 를 선택하게 하기 위하여, ITExamDump에서는 이미Oracle 1Z0-881인증시험의 일부 문제와 답을 사이트에 올려놨으니 체험해보실 수 있습니다. 그러면 저희한테 신뢰가 갈 것이며 또 망설임 없이 선택하게 될 것입니다. 저희 덤프로 여러분은 한번에 시험을 패스할 수 있으며 또 개인시간도 절약하고 무엇보다도 금전상으로 절약이 제일 크다고 봅니다. ITExamDump는 여러분들한테 최고의Oracle 1Z0-881문제와 답을 제공함으로 100%로의 보장 도를 자랑합니다, 여러분은Oracle 1Z0-881인증시험의 패스로 IT업계여서도 또 직장에서도 한층 업그레이드되실 수 있습니다. 여러분의 미래는 더욱더 아름다울 것입니다.
영어가 서툴러 국제승인 인기 IT인증자격증 필수시험 과목인Oracle인증 1Z0-881시험에 도전할 엄두도 낼수 없다구요? 이런 생각은 이글을 보는 순간 버리세요. Oracle인증 1Z0-881시험을 패스하려면ITExamDump가 고객님의 곁을 지켜드립니다. ITExamDump의Oracle인증 1Z0-881덤프는 Oracle인증 1Z0-881시험패스 특효약입니다. 영어가 서툴러고 덤프범위안의 문제만 기억하면 되기에 영어로 인한 문제는 걱정하지 않으셔도 됩니다.
1Z0-881 덤프무료샘플다운로드하기: http://www.itexamdump.com/1Z0-881.html
NO.1 A cryptographically signed patch provides system administrators with assurance that the patch
possesses certain qualities. Which two qualities are assured when a patch signature is verified? (Choose
two.)
A. The patch has a verified origin.
B. The patch has NOT been modified since it was signed.
C. The patch was created by a Sun Certified Systems Engineer.
D. The contents of the patch have NOT been revealed to anyone who does NOT have a Sun service plan.
Answer: A,B
Oracle인증 1Z0-881 1Z0-881기출문제 1Z0-881인증
NO.2 You decided it was worth maintaining an extremely paranoid policy when configuring your firewall
rules. Therefore, you had your management approve the implementation of a security policy
stance to deny all inbound connection requests to your corporate network. How is it possible that
you still suffer from remote exploits that your adversaries are using to obtain interactive sessions
inside your firewall?
A. TCP splicing is easy to do.
B. Internal software may be vulnerable.
C. UDP vulnerabilities are well-known and exploited.
D. ICMP hijacking attacks can still succeed through any firewall.
Answer: B
Oracle 1Z0-881 1Z0-881 1Z0-881 1Z0-881최신덤프
NO.3 Due to changes to the security policy of your organization, access restriction must be applied to
systems. The changes specify that access to systems through the ftp protocol is NOT allowed according
to the Human Resources department, which has the 10.10.10.0/24 address space assigned. TCP
wrappers have been enabled for the ftp daemon, and these files have been configured: # cat
/etc/hosts.allow in.ftpd: ALL # cat /etc/hosts.deny in.ftpd: 10.10.10.0/24 Despite the implemented
configuration, Human Resources is still able to access systems through the ftp protocol. What action must
be taken?
A. The ftp daemon must be restarted.
B. The inetd daemon must be restarted.
C. The entry in the hosts.deny file is wrong and must be changed.
D. The entry in the hosts.allow file is wrong and must be changed.
Answer: D
Oracle 1Z0-881자료 1Z0-881덤프 1Z0-881인증
NO.4 Solaris Auditing supports the selective logging of which two kinds of events? (Choose two.)
A. file access by selected users
B. access to selected files by all users
C. selected users making outbound network connections
D. password changes which do not meet the system password policy
Answer: A,C
Oracle최신덤프 1Z0-881 1Z0-881자료 1Z0-881 1Z0-881시험문제
NO.5 Given:
jupiter:$md5,rounds=2006$2amXesSj5$$kCF48vfPsHDjlKNXeEw7V.:12210:::::: What is the
characteristic of this /etc/shadow entry?
A. User jupiter uses the md5 hash, with salt 2006$2amXesSj5$, and with the encrypted password
$kCF48vfPsHDjlKNXeEw7V.
B. User jupiter uses the 2a hash, with 2006 iterations of the hash, with salt 2amXesSj5, and with the
encrypted password kCF48vfPsHDjlKNXeEw7V.
C. User jupiter uses the md5 hash, with 2006 iterations of the hash, with salt 2amXesSj5, and with the
encrypted password kCF48vfPsHDjlKNXeEw7V.
D. User jupiter uses the md5 hash, with 2006 iterations of the hash, with no salt, and with the encrypted
password $rQmXesSj5$$kCF48vfPsHDjlKNXeEw7V.
Answer: C
Oracle 1Z0-881자격증 1Z0-881 1Z0-881시험문제 1Z0-881기출문제
NO.6 A new security related patch has been released for the Solaris OS. This patch needs to be applied
to the system that functions as your web server. The web server is configured to run in a non-
global zone. Can you just use patch add to apply the patch to the global zone to update the web
server zone?
A. No, you need to shut down the web server zone first.
B. Yes, patches will be automatically applied to all zones.
C. No, you need to apply the patch to the web server zone separately.
D. Yes, but you must make sure that the web server zone is booted first.
Answer: B
Oracle인증 1Z0-881인증 1Z0-881 1Z0-881 1Z0-881
NO.7 Click the Exhibit button.
You maintain a minimized and hardened web server. The exhibit shows the current credentials that the
web server runs with. You receive a complaint about the fact that a newly installed webbased application
does not function. This application is based on a /bin/ksh cgi-bin script.
What setting prevents this cgi-bin program from working?
A. The system might NOT have /bin/ksh installed.
B. The server is NOT allowed to call the exec system call.
C. The server should run with uid=0 to run cgi-bin scripts.
D. Some of the libraries needed by /bin/ksh are NOT present in the webserver's chroot
environment.
Answer: B
Oracle자격증 1Z0-881시험문제 1Z0-881
NO.8 One of the operators of the mainframe group was moved to the UNIX group and tasked to activate and
configure password history. For every user, the last 10 passwords should be remembered in the history. In
what file is the size of the password history configured?
A. /etc/shadow
B. /etc/pam.conf
C. /etc/default/passwd
D. /etc/security/policy.conf
Answer: C
Oracle 1Z0-881기출문제 1Z0-881 1Z0-881 1Z0-881시험문제
NO.9 To harden a newly installed Solaris OS, an administrator is required to make sure that syslogd is
configured to NOT accept messages from the network. Which supported method can be used to
configure syslogd like this?
A. Run svcadm disable -t svc:/network/system-log.
B. Edit /etc/default/syslogd to set LOG_FROM_REMOTE=NO.
C. Edit /etc/rc2.d/S74syslog to start syslogd with the -t option.
D. Edit /lib/svc/method/system-log to set LOG_FROM_REMOTE=NO.
Answer: B
Oracle덤프 1Z0-881인증 1Z0-881 1Z0-881 1Z0-881자료
NO.10 You have been asked to grant the user ennovy, a member of the staff group, read and write access to
the file /app/notes which has the following properties: ls -l /app/notes -rw-rw---- 1 root app 0 Jun 6 15:11
/app/notes Which options will NOT grant the user the ability to read and write the file?
A. usermod -G app ennovy
B. setfacl -m user:ennovy:rw- /app/notes
C. setfacl -m group:staff:rw- /app/notes
D. usermod -K defaultpriv=basic,file_dac_read,file_dac_write ennovy
Answer: D
Oracle인증 1Z0-881 1Z0-881 1Z0-881 dump
NO.11 A security administrator has a requirement to help configure and deploy a new server. What are two
security tasks that the security administrator should perform? (Choose two.)
A. Configure the server to use LDAP for authentication.
B. Configure network interfaces and routing information.
C. Install a DTrace probe to capture the use of privileges.
D. Disable any network services that are NOT being used.
E. Apply software patches to correct security vulnerabilities.
Answer: D,E
Oracle 1Z0-881자격증 1Z0-881인증
NO.12 A security administrator is required to periodically validate binaries against the Solaris Fingerprint
Database. While attempting to capture MD5 file signatures for key Solaris OS files, the security
administrator encounters the following error: digest: no cryptographic provider was found for this
algorithm -- md5 What command should the administrator use to help determine the cause of the
problem?
A. crypt
B. digest
C. kcfadm
D. openssl
E. cryptoadm
Answer: E
Oracle 1Z0-881 1Z0-881자료 1Z0-881인증 1Z0-881시험문제
NO.13 Your company is running a DNS test server on the internal network. Access to this server must be
blocked by using IP Filter. The administrator prefers that this access control is not obvious to someone
trying to contact the server from the outside. Which rule implements the access control but hides the use
of IP Filter to the outside?
A. pass in quick on eri0 from 192.168.0.0/24 to any
B. block in quick proto udp from any to any port = 53
C. pass out quick on eri0 proto icmp from 192.168.1.2 to any keep state
D. block return-icmp(port-unr) in proto udp from any to 192.168.1.2 port = 53
Answer: D
Oracle시험문제 1Z0-881시험문제 1Z0-881자격증 1Z0-881자료
NO.14 Which two commands are part of Sun Update Connection? (Choose two.)
A. /usr/bin/pkgadm
B. /usr/bin/keytool
C. /usr/sbin/smpatch
D. /usr/sbin/patchadd
E. /usr/bin/updatemanager
Answer: C,E
Oracle 1Z0-881인증 1Z0-881 1Z0-881
NO.15 Packet filters and firewalls are an important component of any defense-in-depth security strategy.
Which two types of threats can IP Filter be deployed as an effective countermeasure against? (Choose
two.)
A. a Christmas Tree scan
B. an attempt to log in to a system using SSH by an unauthorized user
C. an attempt to exploit a SQL injection vulnerability in a web storefront application
D. an attempt to exploit a buffer overflow vulnerability in rpcbind, originating from a host on an authorized
network
E. an attempt to exploit a buffer overflow vulnerability in rpcbind, originating from a host on an
unauthorized network
Answer: A,E
Oracle dumps 1Z0-881 1Z0-881 pdf 1Z0-881 1Z0-881 dump
NO.16 A security administrator creates a directory called prevoy with the following access control policy:
$ getfacl prevoy # file: prevoy # owner:
secadm # group: secadm user::rwx group::r-x #effective:r-x mask:r-x other:r-x default:user::r-default:
user:
sysadm:rw- default:group::r-- default:group:sysadm:rw- default:mask:rwx default:other:--- Into this
directory, the security administrator creates a file called secrets. The ls command reports the following for
the prevoy directory and secrets file: $ ls -ld . secrets drwxr-xr-x+ 2 secadm secadm 512 Jun 6 16:38 .
-r--r-----+ 1 secadm secadm
0 Jun 6 16:38 secrets Which two actions can be successfully taken by the sysadm role? (Choose two.)
A. The sysadm role can read the secrets file.
B. The sysadm role can write to the secrets file.
C. The sysadm role can remove the secrets file.
D. The sysadm role can create new files under the prevoy directory.
E. The sysadm role can change the Access Control Lists of the prevoy directory.
Answer: A,B
Oracle 1Z0-881자료 1Z0-881 1Z0-881 1Z0-881기출문제 1Z0-881시험문제
NO.17 A security administator has a requirement to make an encrypted backup copy of an application and its
data, using the AES algorithm, so that it can be safely transmitted to a partner. Which two command
sequences can be used to generate an encrypted backup of the files under /app1? (Choose two.)
A. crypt < /app1/* > app1.backup.aes
B. encrypt -a aes -d /app1 -o app1.backup.aes
C. tar cf - /app1 | gzip -d -e aes > app1.backup.aes
D. ufsdump 0f - /app1 |\ crypt -a aes > app1.backup.aes
E. ufsdump 0f - /app1 |\ encrypt -a aes -o app1.backup.aes
F. tar cf - /app1 |\ openssl enc -out app1.backup.aes -aes-128-cbc
Answer: E,F
Oracle자격증 1Z0-881 1Z0-881 pdf 1Z0-881 pdf 1Z0-881기출문제 1Z0-881인증
NO.18 An Internet service provider is offering shell accounts on their systems. As a special service,
customers can also apply for a root account to get their own virtual machine. The provider has
implemented this by using zones, and the customers get root access to the non-global zone. One of their
customers is developing cryptographic software and is using the ISP machine for testing newly developed
Solaris crypto providers. What kind of testing is available to this developer?
A. The developer is able to test newly developed user-level providers.
B. The developer is able to test newly developed kernel software providers.
C. The developer can NOT test newly developed providers in a non-global zone.
D. The developer is able to do the same tests as if developing as root in the global zone.
Answer: A
Oracle 1Z0-881 1Z0-881 pdf 1Z0-881자격증
NO.19 A security administrator is required to validate the integrity of a set of operating system files on a
number of Solaris systems. The administrator decides to use the Solaris Fingerprint Database to validate
configuration and data files as well as binaries and libraries. What command, available by default in
Solaris 10, will help the security administrator collect the necessary information that will be used with the
Solaris Fingerprint Database?
A. md5sum
B. digest
C. encrypt
D. elfsign
E. cryptoadm
Answer: B
Oracle dump 1Z0-881시험문제 1Z0-881 1Z0-881시험문제
NO.20 The company security policy now requires very detailed auditing of all actions. This includes capturing
all executed commands together with their arguments and the environment variables.
After activating auditing on all Solaris 10 systems, the security auditor complains about having to check
the audit trail on each individual host. He asks for a central place to capture all audit trails.
Using standard Solaris 10 security features, which is a solution to this problem.?
A. Configure auditd to send email with the events.
B. Configure auditd to send the output using syslog to a central loghost.
C. Configure auditd to store the audit trail using NFS on a central server.
D. Configure auditd to store the audit trail using LDAP in a central directory.
Answer: C
Oracle 1Z0-881최신덤프 1Z0-881자격증 1Z0-881 dump
NO.21 You have been asked to implement defense in depth for network access to a system, where a web
server will be running on an Internet-facing network interface. Which is NOT contributing to the defense in
depth?
A. running the web server in a zone
B. using svcadm to disable unused services
C. using IP Filter to limit which network ports can be accessed from the Internet
D. using VLANs on a single network interface instead of using multiple network interfaces
E. using TCP wrappers to limit from which system SSH be used to connect to the system
Answer: D
Oracle dump 1Z0-881시험문제 1Z0-881인증 1Z0-881 1Z0-881 pdf
NO.22 Within the context of file integrity, rules can be implemented to change the scope of the Basic Audit
and Report Tool (BART) manifest. Given the rule file: /home/bert/docs *.og[dt] CHECK all IGNORE mtime
Which two statements are valid? (Choose two.)
A. All files on the system will be checked.
B. The last modification time of all checked files will not be checked.
C. Key words such as CHECK and IGNORE can NOT be used in a rule file.
D. Only files with extension .ogt and .ogd in the directory /home/bert/docs will be checked.
E. All files on the system will be checked, except for files with extensions .ogt and .ogd in the directory
/home/bert/docs.
Answer: B,D
Oracle 1Z0-881 1Z0-881기출문제 1Z0-881 dump 1Z0-881
NO.23 The /etc/default/passwd file contains a number of configuration parameters that can be used to
constrain the character composition of user passwords. What is one of the dangers of having password
composition too tightly constrained?
A. Password complexity rules apply only to the English alphabet.
B. The entropy of the resulting password strings will be very high.
C. Duplication of encrypted user password strings is much more likely.
D. Limited password value possibilities can simplify brute force attacks.
E. Passwords are harder to compute when using many character classes.
Answer: D
Oracle 1Z0-881시험문제 1Z0-881 dumps 1Z0-881 1Z0-881자료 1Z0-881자료
NO.24 A security administrator has a requirement to deploy the Solaris Security Toolkit onto all Solaris servers
in the department. In this environment, there are a variety of platforms and operating system versions
deployed. Onto which two platforms and operating system combinations can the Solaris Security Toolkit
be deployed in a supported configuration? (Choose two.)
A. x86, Solaris 2.4
B. x64, Solaris 9
C. x86, Solaris 10
D. SPARC, Solaris 2.6
E. SPARC, Solaris 8
Answer: C,E
Oracle 1Z0-881 dumps 1Z0-881 pdf 1Z0-881시험문제 1Z0-881기출문제
NO.25 Which option is used in /etc/vfstab to limit the size of a tmpfs file system to 512MB to prevent a
memory denial of service (DoS)?
A. size=512m
B. maxsize=512
C. minsize=512
D. swapfs=512mb
Answer: A
Oracle 1Z0-881시험문제 1Z0-881인증 1Z0-881최신덤프 1Z0-881 1Z0-881자료
NO.26 After a recent audit, you have been requested to minimize an existing Solaris system which runs a third
party database application. Which two should you do before starting to minimize the system? (Choose
two.)
A. Back up the system.
B. Remove any unneeded patches.
C. Install the SUNWrnet metacluster.
D. Remove any unneeded packages.
E. Confirm with the vendor of the database software that they support minimization.
Answer: A,E
Oracle자료 1Z0-881 1Z0-881 1Z0-881최신덤프 1Z0-881
NO.27 Which are two advantages of the Service Management Facility compared to the init.d startup scripts?
(Choose two.)
A. It restarts processes if they die.
B. It handles service dependencies.
C. It has methods to start and stop the service.
D. It specifies what the system should do at each run level.
Answer: A,B
Oracle 1Z0-881 dump 1Z0-881 1Z0-881
NO.28 You are configuring a new system to be used as an intranet web server. After you have installed the
minimal amount of packages and patched the system, you added the appropriate web server packages
(SUNWapch2r and SUNWapch2u). By default, the web server daemon will be started using UID
webservd and the basic privilege set. To comply with the company's policy of least privilege, you need to
minimize the privileges that the web server will have. What will you modify to specify the privileges that
the web service will run with?
A. the PRIV_DEFAULT setting in /etc/security/policy.conf
B. the defaultpriv setting of webserverd in /etc/user_attr
C. the privileges property of the web service in the SMF repository
D. the privs property of the web service in /etc/security/exec_attr
Answer: C
Oracle자료 1Z0-881 dumps 1Z0-881 1Z0-881 1Z0-881
NO.29 The Key Distribution Center (KDC) is a central part of the Kerberos authentication system. How should
the system running the KDC be configured?
A. It should be a hardened, minimized system.
B. It should be a hardened, non-networked system.
C. The KDC implementation employs cryptography and can therefore run securely on an ordinary
multi-user system.
D. For improved security, users must log in to the KDC before authenticating themselves, so it must be a
multiuser system.
Answer: A
Oracle기출문제 1Z0-881인증 1Z0-881 1Z0-881자료
NO.30 Which two tasks does the Key Distribution Center (KDC) perform? (Choose two.)
A. issues service tickets
B. authenticates services
C. issues ticket-granting-tickets
D. validates passwords sent in clear text
E. provides private sessions to services
Answer: A,C
Oracle 1Z0-881기출문제 1Z0-881 1Z0-881시험문제 1Z0-881덤프
ITexamdump의 ICGB덤프의 VCE테스트프로그램과 C4040-123덤프는 한방에 시험을 패스하도록 도와드립니다. ITexamdump 에서는 최신버전의 200-001시험에 대비한 고품질 덤프와 1Z0-409시험 최신버전덤프를 제공해드립니다. 최고품질 000-619시험자료는 100% 간단하게 시험패스하도록 최선을 다하고 있습니다. IT인증시험패스는 이토록 간단합니다.
댓글 없음:
댓글 쓰기