- Home
- Oracle
- Upgrade to Oracle Solaris 11 System Administrator
- Oracle.1Z0-820.v2018-04-12.q131
- Question 79
Valid 1Z0-820 Dumps shared by ExamDiscuss.com for Helping Passing 1Z0-820 Exam! ExamDiscuss.com now offer the newest 1Z0-820 exam dumps, the ExamDiscuss.com 1Z0-820 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 1Z0-820 dumps with Test Engine here:
Access 1Z0-820 Dumps Premium Version
(133 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 79/131
A change in your company's security policy now requires an audit trial of all administrators assuming the sysadm role, capturing:
Executed commands, including options
Logins and logouts
There are two command necessary to accomplish this change. One is a rolemod command. What is the other?
Executed commands, including options
Logins and logouts
There are two command necessary to accomplish this change. One is a rolemod command. What is the other?
Correct Answer: B
Explanation/Reference:
Audit Significant Events in Addition to Login/Logout (see step 2 below) Use this procedure to audit administrative commands, attempts to invade the system, and other significant events as specified by your site security policy.
1. Audit all uses of privileged commands by users and roles.
For all users and roles, add the AUE_PFEXEC audit event to their preselection mask.
# usermod -K audit_flags=lo,ps:no username
# rolemod -K audit_flags=lo,ps:no rolename
2. Record the arguments to audited commands.
# auditconfig -setpolicy +argv
3- Record the environment in which audited commands are executed.
# auditconfig -setpolicy +arge
Note: [-t] -setpolicy [+|-]policy_flag[,policy_flag ...]
Set the kernel audit policy. A policy policy_flag is literal strings that denotes an audit policy. A prefix of + adds the policies specified to the current audit policies. A prefix of - removes the policies specified from the current audit policies. No policies can be set from a local zone unless the perzone policy is first set from the global zone.
Incorrect answers:
A: No subcommand set policy.
C: -setflags audit_flags
Set the default user audit preselection flags; see audit_flags(5). The default preselection flags are combined with the user's specific audit flags to form the user's audit preselection mask.
D: No subcommand set flags.
Reference: Oracle Solaris 11 Security Guidelines, Audit Significant Events in Addition to Login/Logout
Audit Significant Events in Addition to Login/Logout (see step 2 below) Use this procedure to audit administrative commands, attempts to invade the system, and other significant events as specified by your site security policy.
1. Audit all uses of privileged commands by users and roles.
For all users and roles, add the AUE_PFEXEC audit event to their preselection mask.
# usermod -K audit_flags=lo,ps:no username
# rolemod -K audit_flags=lo,ps:no rolename
2. Record the arguments to audited commands.
# auditconfig -setpolicy +argv
3- Record the environment in which audited commands are executed.
# auditconfig -setpolicy +arge
Note: [-t] -setpolicy [+|-]policy_flag[,policy_flag ...]
Set the kernel audit policy. A policy policy_flag is literal strings that denotes an audit policy. A prefix of + adds the policies specified to the current audit policies. A prefix of - removes the policies specified from the current audit policies. No policies can be set from a local zone unless the perzone policy is first set from the global zone.
Incorrect answers:
A: No subcommand set policy.
C: -setflags audit_flags
Set the default user audit preselection flags; see audit_flags(5). The default preselection flags are combined with the user's specific audit flags to form the user's audit preselection mask.
D: No subcommand set flags.
Reference: Oracle Solaris 11 Security Guidelines, Audit Significant Events in Addition to Login/Logout
- Question List (131q)
- Question 1: You are creating a non-global zone on your system. Which opt...
- Question 2: This iron is displayed on the desktop of a laptop computer, ...
- Question 3: The ZFS configuration on your server is: Pool1 6.67G 31K /po...
- Question 4: Select the two statements that correctly describe the operat...
- Question 5: A process associated with a user application keeps crashing ...
- Question 6: Which three are true of a solaris10 branded zone running on ...
- Question 7: You are setting up a local IPS package repository on your Or...
- Question 8: View the Exhibit, a file named testzone.cfg: (Exhibit) Selec...
- Question 9: In an effort to reduce storage space on your server, you wou...
- Question 10: Identify the correctly matching pair of equivalent functiona...
- Question 11: You are using AI to install a new system. You have added to ...
- Question 12: You have already generated a 256-bit AES raw key and named t...
- Question 13: Consider the following rule file for use with the Basic Audi...
- Question 14: You create a flash archive of the Solaris 10 global zone on ...
- Question 15: Which modification needs to be made to the Service Managemen...
- Question 16: On SystemA, you are troubleshooting a new installation of a ...
- Question 17: Your mentor suggests using the dladm rename-link command to ...
- Question 18: Which three installation options allow for a "hands-free" an...
- Question 19: Identify the Automated Installer's (AI) equivalent to jumpSt...
- Question 20: You have a Solaris 10 system with a host name of sysAand it ...
- Question 21: The current ZFS configuration on serverA is: Pool1 c3t2d0 c3...
- Question 22: You create a flash archive of the Solaris 10 global zone on ...
- Question 23: Which four statements describe the function of the svc://sys...
- Question 24: You have Solaris 11 system with a host name of sysA and it u...
- Question 25: View the Exhibit. (Exhibit) To simplify administration of a ...
- Question 26: View the Exhibit to inspect the boot environment Information...
- 1 commentQuestion 27: You created a new zpool. Now you need to migrate the existin...
- Question 28: United States of America export laws include restrictions on...
- Question 29: You display the IP Interface information with ipmpstat - i W...
- Question 30: After installing the OS, you boot the system and notice that...
- Question 31: Your task is to convert a JumpStart sysidcfgfile to an Autom...
- Question 32: Review the output from a ZFS file system: NAME PROPERTY VALU...
- Question 33: Which three statements accurately describe the Automated Ins...
- Question 34: You are using Wireshark or snoop to observe network traffic,...
- Question 35: Which two accurately describe the Image Packaging System (IP...
- Question 36: You are troubleshooting the Oracle Solaris11 Automated Insta...
- Question 37: View the Exhibit. (Exhibit) The file came from your Automate...
- Question 38: View the Exhibit and review the file system configuration. (...
- Question 39: You have been tasked with creating a dedicated virtual netwo...
- Question 40: The core dump configuration in your non global zone is (Exhi...
- Question 41: Which three events trigger the automated NWAM configuration?...
- Question 42: Which five statements describe options available for install...
- Question 43: New features wore added to ZFS in Oracle Solaris11. Your jus...
- Question 44: You need to migrate a UFS file system named /production_ufs ...
- Question 45: The following information is displayed during the migration ...
- Question 46: On server A, you enter the following command to add a static...
- Question 47: Select two statements that correctly describe the capabiliti...
- Question 48: You run the command dlstat show-link -r. Select the two corr...
- Question 49: You have been asked to troubleshoot the initial configuratio...
- Question 50: The Automated Installer is used, rather than JumpStart, to i...
- Question 51: You need to remove the gzipsoftware package. Before you remo...
- Question 52: You are troubleshooting the failure of a computer to mount a...
- Question 53: You need to update an OS image on a client. The pkg publishe...
- Question 54: Which three options describe the purpose of the zonep2vchk c...
- Question 55: You are using AI to install a new system. You have added the...
- Question 56: Before booting test zone a non-global zone, you want to conn...
- Question 57: You need a copy of the zone configuration installed on your ...
- Question 58: You want to configure an iSCSI target device on your system....
- Question 59: View the Exhibit and review the zpool and ZFS configuration ...
- Question 60: After installing the OS, you boot the system and notice that...
- 1 commentQuestion 61: You are asked to troubleshoot networking issues on an unfami...
- Question 62: You need to set up a local package repository to serve 75 cl...
- Question 63: View the Exhibit. (Exhibit) You executed the command on the ...
- Question 64: Identify the two advantages offered by the Automated Install...
- Question 65: Which command should you choose to display the current param...
- Question 66: ServerAcontains two ISO images of a package repository, name...
- 1 commentQuestion 67: You create a flash archive of the Solaris 10 global zone on ...
- Question 68: You are troubleshooting the failure of an Automated Installa...
- Question 69: Review the ZFS dataset output that is displayed on your syst...
- Question 70: Select the two correct descriptions of the configuration of ...
- Question 71: You want to deploy oracle Solaris 11 with the automated inst...
- Question 72: ServerA contains two ISO images of a package repository name...
- Question 73: When you issue the gzipcommand, the "gzip: command not found...
- Question 74: Identify three options that describe the new Oracle Solaris ...
- Question 75: The rctladmcommand reports the following: # rctladm |grep ta...
- Question 76: You execute the command: usermod -К limitpriv=all,\!file_wr...
- Question 77: View the exhibit to inspect the file system configuration on...
- Question 78: Identify the two security features incorporated in the Oracl...
- Question 79: A change in your company's security policy now requires an a...
- Question 80: Which three statements accurately describe the Automated Ins...
- Question 81: Which three supported in previous versions of Solaris are no...
- Question 82: The core dump configuration for your system is: (Exhibit) A ...
- Question 83: Solaris 11 includes a redesigned software packaging model: t...
- Question 84: You are going to use the- Automated installer (AI) to instal...
- Question 85: View the Exhibit and review the zpool and ZFS configuration ...
- Question 86: For an Oracle Solaris 11 Automated Installation (AI), select...
- Question 87: The current ZFS configuration on server is: (Exhibit) You ne...
- Question 88: When setting up Automated Installer (AI) clients, an interac...
- Question 89: View the exhibit to inspect the file system configuration on...
- Question 90: You are using this rule file with the Basic Audit Reporting ...
- Question 91: You have set up the task.max-lwps resource control on your S...
- Question 92: Select the five tasks that need to be performed on the Autom...
- Question 93: You need to set up an Oracle Solaris 11 host as an iSCSI tar...
- Question 94: View the Exhibit to inspect the boot environment information...
- Question 95: Which three Installation option allow for a "hands free" and...
- Question 96: You upgraded your server to Oracle Solaris 11 and you import...
- Question 97: The resource control in your zone is: rctl: name : zone.cpu-...
- Question 98: The following information is displayed about the compress/zj...
- Question 99: You upgraded your server to Oracle Solaris 11 and you import...
- Question 100: You want to deploy Oracle Solaris 11 with the Automated Inst...
- Question 101: You are going to create live zones on you server. Disk space...
- Question 102: Alice is a user account used by Alice on a Solaris 11 system...
- Question 103: Your server hangs intermittently and you believe it may be d...
- Question 104: When you issue the "gzip: zommand not found" message is disp...
- Question 105: Which three statements are true for the Oracle Solaris 11 Im...
- Question 106: The crash dump notification on your server is: (Exhibit) Doc...
- Question 107: Which three options are valid methods of installing a Solari...
- Question 108: The COMSTAR framework provides support for the iSCSI protoco...
- Question 109: Review the zonestatcommand: zonestat -q -r physical-memory -...
- Question 110: You are planning the configuration for IPMP (IP Multipathing...
- Question 111: Review the zpool information on your server: (Exhibit) You e...
- Question 112: You are setting up a local image packaging System (IPS) pack...
- Question 113: Your task is to convert a JumpStart sysidcfg file to an Auto...
- Question 114: Which three methods of delivering a package are provided by ...
- Question 115: How should you permanently restrict the non-global zone test...
- Question 116: Identify two correct statements about the Distribution Const...
- Question 117: You are to create a ZFS file system with the following speci...
- Question 118: You are configuring NFS on a server. Select the two statemen...
- Question 119: Your are troubleshooting network throughput on your server. ...
- Question 120: You want the system to generate core files when an applicati...
- Question 121: A local repository is available on this system and you need ...
- Question 122: Before booting testzone, a non-global zone, you want to conn...
- Question 123: The current ZFS configuration on your server is: pool1 200K ...
- Question 124: You are setting up a local IPS package repository on your Or...
- Question 125: You need to update an OS image on a client. The pkgpublisher...
- Question 126: Review the zonestat command: zonestate - q physical - memory...
- Question 127: The COMSTAR framework provides support for the iSCSI protoco...
- Question 128: You are setting up an automated installer (AI) install serve...
- Question 129: You need to set up a local package repository to serve 75 cl...
- Question 130: A non-global zone named testzoneis currently running. Which ...
- Question 131: View the Exhibit, and review the zpool and ZFS configuration...
