The date is Monday, March 1, 2003. Your company hired a consultant to work on your system. The consultant needs temporary shell access for the week and will finish on Friday.

The account will be called temp. Which policy absolutely disables the shell account after Friday?

Your company has implemented a policy that states that accounts should become unavailable if they have not been used in 21 days. How is account inactivity calculated in the Solaris 9 OE if no naming service is used?

You are in the process of configuring RBAC for a specific command that requires a single user name (or a numeric user ID) to run. After creating the appropriate entry in /etc/security/exec_attr, you should verify that the program will work using the euid of the user. Why is this preferred?

Which condition is impossible to configure using Access Control Lists (ACLs)?

How do you enable the logging of PAM messages for the login service?

You are setting up an application server on a Solaris 9 system. This application will be configured using the user app. This user does not require shell access to the system.

What is the most secure way to add a user?

Which is the best way to add new password triviality and composition checks into the Solaris OE?

The security administrator wants to assign user bob to a netsec role so that the user can run the ifconfig(1M) and snoop(1M) commands with a rights profile named NSM. Which entries are contained in the /etc/security/exec_attr file after the required RBAC configuration has been implemented?

Under which directory should a new Solaris 9 PAM module be installed?

What is the method used by Sun Kerberos to protect user passwords?