Which two actions can be successfully taken by the sysadm role?
A security administrator creates a directory called prevoy with the following access control policy: $ getfacl prevoy # file: prevoy # owner:
secadm # group: secadm user::rwx group::r-x #effective:r-x mask:r-x other:r-x default:user::r– default:user:sysadm:rw- default:group::r– default:group:sysadm:rw- default:mask:rwx default:other:— Into this directory, the security administrator creates a file called secrets. The ls command reports the following for the prevoy directory and secrets file: $ ls -ld . secrets drwxr-xr-x+ 2 secadm secadm 512 Jun 6 16:38 . -r–r—–+ 1 secadm secadm 0 Jun 6 16:38 secrets Which two actions can be successfully taken by the sysadm role? (Choose two.)
which two kinds of events?
Solaris Auditing supports the selective logging of which two kinds of events? (Choose two.)
Which two statements are valid?
Within the context of file integrity, rules can be implemented to change the scope of the Basic Audit and Report Tool (BART) manifest. Given the rule file: /home/bert/docs *.og[dt] CHECK all IGNORE mtime Which two statements are valid? (Choose two.)
what file is the size of the password history configured?
One of the operators of the mainframe group was moved to the UNIX group and
tasked to activate and configure password history. For every user, the last 10 passwords should be remembered in the history. In what file is the size of the password history configured?
Which two should you do before starting to minimize the system?
After a recent audit, you have been requested to minimize an existing Solaris system which runs a third party database application. Which two should you do before starting to minimize the system? (Choose two.)
What will you modify to specify the privileges that the web service will run with?
You are configuring a new system to be used as an intranet web server. After you have installed the minimal amount of packages and patched the system, you added the appropriate web server packages (SUNWapch2r and SUNWapch2u). By default, the web server daemon will be started using UID webservd and the basic privilege set. To comply with the company’s policy of least privilege, you need to minimize the privileges that the web server will have. What will you modify to specify the privileges that the web service will run with?
What command, available by default in Solaris 10, will help the security administrator collect the necessary i
A security administrator is required to validate the integrity of a set of operating system files on a number of Solaris systems. The administrator decides to use the Solaris Fingerprint Database to validate configuration and data files as well as binaries and libraries. What command, available by default in Solaris 10, will help the security administrator collect the necessary information that will be used with the Solaris Fingerprint Database?
What is the characteristic of this /etc/shadow entry?
Given: jupiter:$md5,rounds=2006$2amXesSj5$$kCF48vfPsHDjlKNXeEw7V.:12210:::::: What is the characteristic of this /etc/shadow entry?
Which two tasks does the Key Distribution Center (KDC) perform?
Which two tasks does the Key Distribution Center (KDC) perform? (Choose two.)
which is a solution to this problem?
The company security policy now requires very detailed auditing of all actions. This includes capturing all executed commands together with their arguments and the environment variables. After activating auditing on all Solaris 10 systems, the security auditor complains about having to check the audit trail on each individual host. He asks for a central place to capture all audit trails. Using standard Solaris 10 security features, which is a solution to this problem?