Which Solaris 10 subsystem will be used to log changes to the device policy?
The security administrator wants to log all changes that are made to the device policy. Which Solaris 10 subsystem will be used to log changes to the device policy?
Which two statements are true?
The Solaris 10 cryptographic framework provides user-level commands to encrypt files. A combination of commands is reported below: # tar cvf – /data | encrypt -a arcfour -k /tmp/key -o /tmp/backup Which two statements are true? (Choose two.)
Which two components are part of the Solaris Cryptographic Framework?
Which two components are part of the Solaris Cryptographic Framework? (Choose two.)
How should the system running the KDC be configured?
The Key Distribution Center (KDC) is a central part of the Kerberos authentication system. How should the system running the KDC be configured?
Which option is used in /etc/vfstab to limit the size of a tmpfs file system to 512MB to prevent a memory deni
Which option is used in /etc/vfstab to limit the size of a tmpfs file system to 512MB to prevent a memory denial of service (DoS)?
Which rule implements the access control but hides the use of IP Filter to the outside?
Your company is running a DNS test server on the internal network. Access to this server must be blocked by using IP Filter. The administrator prefers that this access control is not obvious to someone trying to contact the server from the outside. Which rule implements the access control but hides the use of IP Filter to the outside?
What command should the administrator use to help determine the cause of the problem?
A security administrator is required to periodically validate binaries against the Solaris Fingerprint Database. While attempting to capture MD5 file signatures for key Solaris OS files, the security administrator encounters the following error: digest: no cryptographic provider was found for this algorithm — md5 What command should the administrator use to help determine the cause of the problem?
What kind of testing is available to this developer?
An Internet service provider is offering shell accounts on their systems. As a special service, customers can also apply for a root account to get their own virtual machine. The provider has implemented this by using zones, and the customers get root access to the non-global zone. One of their customers is developing cryptographic software and is using the ISP machine for testing newly developed Solaris crypto providers. What kind of testing is available to this developer?
Which two types of threats can IP Filter be deployed as an effective countermeasure against?
Packet filters and firewalls are an important component of any defense-in-depth security strategy. Which two types of threats can IP Filter be deployed as an effective countermeasure against? (Choose two.)
What are two security tasks that the security administrator should perform?
A security administrator has a requirement to help configure and deploy a new server. What are two security tasks that the security administrator should perform? (Choose two.)