Pass4sure SUN SCSA10 Exam 310-303

Sun Certified Security Administrator for the Solaris 10 OS : 310-303 Exam

Exam Number/Code: 310-303
Exam Name: Sun Certified Security Administrator for the Solaris 10 OS
Questions Type: Single choice,
Exam Language(s): English

“Sun Certified Security Administrator for the Solaris 10 OS”, also known as 310-303 exam, is a SUN certification.
Preparing for the 310-303 exam? Searching 310-303 Test Questions, 310-303 Practice Exam, 310-303 Dumps?
Exam Name: Sun Certified Security Administrator for the Solaris 10 OS
Exam Type: Sun
Exam Code: 310-303 Total Questions: 295

Question: 1
A security administrator has a requirement to deploy the Solaris Security Toolkit onto all Solaris
servers in the department. In this environment, there are a variety of platforms and operating
system versions deployed. Onto which two platforms and operating system combinations can the
Solaris Security Toolkit be deployed in a supported configuration? (Choose two.)
A – X86, Solaris 2.4
B – x64, Solaris 9
C – x86, Solaris 10
D – SPARC, Solaris 2.6
E – SPARC. Solaris 8
Answer: C, E
Question: 2
The company security policy now requires very detailed auditing of all actions. This includes
capturing all executed commands together with their arguments and the environment variables.
After activating auditing on all Solaris 10 systems, the security auditor complains about having to
check the audit trail on each individual host. He asks for a central place to capture all audit trails.
Using standard Solaris 10 security features, which is a solution to this problem?
A – Configure auditd to send email with the events.
B – Configure auditd to send the output using syslog to a central loghost

C – Configure auditd to store the audit trail using NFS on a central server.
D – Configure auditd to store the audit trail using LDAP in a central directory.

Answer: C

Question: 3
Which two tasks does the Key Distribution Center (KDC) perform? (Choose two.)

A – issues service tickets
B – authenticates services
C – issues tick-granting-tickets
D – validates passwords sent in clear text
E – provides private sessions to services

Answer: A, C

Question: 4
Given:

jupiter$md5,rounds=2006$2amXesSj5$$kCF48vfPsHDjIKNXeEw7.: 12210::::::

What is the characteristic of this /etc/shadow entry?

A – User jupiter uses the md5 hash, with salt 2006$2amXesSj5$, and with the encrypted
password $kCF48vFPsHDjIKNXeEw7V.
B – User jupiter uses the 2a hash, with 2006 iterations of the hash, with salt 2amxesSj5, and with
the encrypted password kCF48vfPsHDjIKNXeEw7V.
C – User Jupiter uses the md5 hash, with 2006 iterations of the hash, with salt 2amXessj5, and
with the encrypted password kCF48vfPsHDjIKNXeEw7V.
D – User jupiter uses the md5 hash, with 2006 iterations of the hash, with no salt, and with the
encrypted password $rQmxesSj5$$kCF48vfPsHDjIKNXeEw7V.

Answer: C

Question: 5
A security administrator is required to validate the integrity of a set of operating system files on a
number of Solaris systems. The administrator decides to use the Solaris Fingerprint Database to
validate configuration and data files as well as binaries and libraries. What command, available
by default in Solaris 10, will help the security administrator collect the necessary information that
will be used with the Solaris Fingerprint Database?

A – md5sum
B – digest
C – encrypt
D – elfsign
E – cryptoadm

Answer: B

Question: 6
You are configuring a new system to be used as an intranet web server. After you have installed
the minimal amount of packages and patched the system, you added the appropriate web server
packages (SUNWapch2r and SUNWapch2u). By default, the web server daemon will be started
using UID webservd and the basic privilege set. To comply with the company’s policy of least
privilege, you need to minimize the privileges that the web server will have. What will you modify
to specify the privileges that the web service will run with?

A – the PRIV_DEFAULT setting in /etc/security/policy.conf
B – the defaultpriv setting of webserverd in /etc/user_attr
C – the privileges properly of the web service in the SMF repository
D – the privs property of the web service in /etc/security/exec_attr
Answer: C

Question: 7
After a recent audit, you have been requested to minimize an existing Solaris system which runs
a third party database application. Which two should you do before starting to minimize the
system? (Choose two.)

A – Back up the system.
B – Remove any unneeded patches.
C – Install the SUNWrnet metac luster.
D – Remove any unneeded packages.
E – Confirm with the vendor of the database software that they support minimization.

Donwload Free PassGuide Braindumps-The Most Realistic Practice Questions and Answers,Help You Pass any Exams

Answer: A, E

Question: 8
You maintain a minimized and hardened web server.

The exhibit shows the current credentials that the web server runs with. You receive a complaint
about the fact that a newly installed web-based application does not function. This application is
based on a /bin/ksh cgi-bin script.

What setting prevents this cgi-bin program from working?

A – The system might NOT have /bin/ksh installed.
B – The server is NOT allowed to call the exec system call.
C – The server should run with uid=0 to run cgi-bin scripts.
D – Some of the libraries needed by /bin/ksh are NOT present in the webserver’s chroot
environment.

Answer: B

Question: 9
One of the operators of the mainframe group was moved to the UNIX group and tasked to
activate and configure password history. For every user, the last 10 passwords should be
remembered in the history. In what file is the size of the password history configured?

A – /etc/shadow
B – /etc/pam.conf
C – /etc/default/passwd
D – /etc/security/policy.conf

Answer: C

Question: 10
Within the context of file integrity, rules can be implemented to change the scope of the Basic
Audit and Report Tool (BART) manifest.

Given the rule file:

/home/bert/docs *.og[dt]
CHECK all
IGNORE mtime

Which two statements are valid? (Choose two.)

A – All files on the system will be checked.
B – The last modification time of all checked files will not be checked.
C – Keywords such as CHECK and IGNORE can NOT be used in a rule file.
D – Only files with extension .ogt and .ogd in the directory /home/bert/docs will be checked.
E – All files on the system will be checked, except for files with extensions .ogt and .ogd in the
directory /home/bert/docs.

Answer: B, D

Question: 11
Solaris Auditing supports the selective logging of which two kinds of events? (Choose two.)

A – file access by selected users
B – access to selected files by all users
C – selected users making outbound network connections
D – password changes which do not meet the system password policy

Answer: A, C

Question: 12
A security administrator creates a directory called prevoy with the following access control policy:

$ getfacl prevoy
#file: prevoy
# owner: secadm
# group: secadm
user::rwx group::r-x #effective:r-x
mask: r-x
other: r-x
default: user::r-
default:user:sysadm: rw-
default: group::r-
default:group:sysadm:rw-
defauIt:mask: rwx
default: other:—

Into this directory, the security administrator creates a file called secrets. The is command reports
the following for the prevoy directory and secrets file:

$ Is -Id . secrets
drwxr-xr-x+ 2 secadm secadm 512 Jun 6 16:38
-r—r——- + 1 secadm secadm 0 Jun 6 16:38 secrets

Which two actions can be successfully taken by the sysadm role? (Choose two.)

A – The sysadm role can read the secrets file.
B – The sysadm role can write to the secrets file.
C – The sysadm role can remove the secrets file.
D – The sysadm role can create new files under the prevoy directory.
E – The sysadm role can change the Access Control Lists of the prevoy directory.

Answer: A, B

Question: 13
The /etc/default/passwd file contains a number of configuration parameters that can be used to
constrain the character composition or user passwords. What is one or the dangers or having
password composition too tightly constrained?

A – Password complexity rules apply only to the English alphabet.
B – The entropy or the resulting password strings will be very high.
C – Duplication or encrypted user password strings is much more likely.
D – Limited password value possibilities can simplify brute force attacks.
E – Passwords are harder to compute when using many character classes.

Answer: D

Question: 14
Which two commands are part of Sun Update Connection? (Choose two.)

A – /usr/bin/pkgadm
B – /usr/bin/keytool
C – /usr/sbin/smpatch
D – /usr/sbin/patchadd
E – /usr/bin/updatemanager

Answer: C, E
With the complete collection of questions and answers, Pass4sure has assembled to take you through 295 Q&A to your 310-303 Exam preparation. In the 310-303 exam resources, you will cover every field and category in SCSA10 helping to ready you for your successful SUN Certification.
Questions and Answers : 295 Q&A
Updated: 2008-04-25
Market Price: $129.99
Member Price: $89.99

Free down:Pass4sure 310-303
password:www.certbible.org

High quality IT Certification Training Exam Questions, Study Guides and Practice Tests are in Downloadable PassGuide Testing Engine,Successful for IT Certification or Full Refund for you.Contact Us:Sales@PassGuide.com

Type	Exam Bible	New Questions & Answers	Latest Updated	Download link
PDF	All Certbible 's Exam Dumps	597	1 days ago	Available

PassGuide Training Materials & Practice Tests

• 200809 latest testking pass4sure actualtest vce format exams update
• Pass4sure SUN Java Technology Exam 310-065 v2.83
• Pass4sure SUN SCWCD Exam 310-082 v2.73
• free pass4sure sun exam
• Latest pass4sure SUN Certification Exams
• pass4sure sun 310-880 v2.28
• pass4sure sun 310-879 v2.43
• pass4sure sun 310-878 v2.16
• pass4sure sun 310-876 v2.16
• pass4sure sun 310-875 v2.16