1Z0-878 - Oracle Solaris 10 System Administrator Certified Professional Exam, Part II
Go back to Oracle
Your companys security policy does not allow you to connect your servers directly to the internet. You would like to utilize some of the functionality in Solaris 10 to analyze your systems for available OS updates, and also download and install those updates from Sun Microsystems. Which answer describes how to utilize this functionality to analyze your systems for available OS updates, and also download and install those updates without connecting your server directly to the internet?
Use the update manager proxy software and re-direct the client to look for updates on the proxy server.
You want to allow the NFS server saturn to share the /var/tmp directory read-only with clients pluto and mars. You also want to allow pluto to have root access to this directory. Which line should you add to the /etc/dfs/dfstab file for saturn?
share -F nfs -o,ro=mars:pluto,root=pluto /var/tmp
You want to backup an active ZFS file system named dbase. When listing the information on the file system, the following information is displayed: NAME USED AVAIL REFER MOUNTPOINT data/dbase 24.5K 72.8G 24.5K /data/dbase Rather than unmount the file system and make it unavailable during the backup, you want to create a point in time snapshot of the file system and backup that snapshot. Which command is used to create a point in time snapshot of the dbase file system?
zfs snapshot data/[email protected] dbase_snapshot
systemA has a file system that is being shared as follows: - /data/dbase rw "" systemB mounts that file system so that users on systemB can use /data as a working directory for adding, changing, and removing files in the /data/dbase file system located on systemA. Which answers describe the correct method of mounting the remote file system?
mount -F nfs -o hard,nointr,bg systemA:/data/dbase /data
You are responsible for maintaining a server used to support installations by means of Flash archives. Because of the diversity of systems on your organization's network, you have many different Flash archives on this server. Which command can be used to find out who created the archives and when they were created?
flar info archivename
The adminuser already has the following authorizations: solaris.admin.usermgr.pswd, solaris.system.shutdown, solaris.admin.fsmgr.write To add the ability to purge log files, you need to add solaris.admin.logsvc.purge to the list of authorizations for adminuser. Which command would you use to perform this task?
rolemod -A solaris.admin.logsvc.purge,solaris.admin.usermgr.pswd, solaris.system.shutdown,solaris.admin.fsmgr.write adminuser
You run the following command: ping host1 After a short time, you receive the following response: no answer from host1 Which is a cause of this message?
The interface on host1 is configured as down.
You log in as the root user and issue the command: # snoop -q -o filename What are two results of issuing this command? (Choose two.)
Packet count is NOT displayed.
Network traffic is sent to filename.
Commands can be listed in multiple profiles with different attributes. Additionally, the system takes the default profiles into account. What is the algorithm the Solaris system uses to determine the attributes of an executable?
The system searches the profiles in order, starting with the profiles in user_attr, then the default profiles from /etc/security/policy.conf, followed by All, if NOT already specified.
Which two entries are valid for the contents of the /etc/hostname.ce0 file? (Choose two.)
On a Solaris 10 OS, you want to enable a syslog message for all incoming inetd requests. What do you need to do?
execute inetadm -M tcp_trace=true
Given: # rpcinfo -p |grep rusersd 100002 2 tcp 32776 rusersd 100002 3 tcp 32776 rusersd 100002 2 udp 32786 rusersd 100002 3 udp 32786 rusersd Which three statements are true? (Choose three.)
rusersd is registered with rpcbind.
rusersd uses TCP and UDP protocols.
rusersd is currently using ports 32776 and 32786.
Which Solaris 10 tools provide a user interface which enables the system administrator to analyze a system for available updates and install only those updates that youve selected? (Choose two.)
Given the following system: # metadb -s clones -i flags first blk block count a m luo 16 8192 /dev/dsk/c4t1d0s7 r - replica does not have device relocation information o - replica active prior to last mddb configuration change u - replica is up to date l - locator for this replica was read successfully c - replica's location was in /etc/lvm/mddb.cf p - replica's location was patched in kernel m - replica is master, this is replica selected as input W - replica has device write errors a - replica is active, commits are occurring to this replica M - replica had problem with master blocks D - replica had problem with data blocks F - replica had format problems S - replica is too small to hold current data base R - replica had device read errors # metastat -ac clones/d30 p 5.0GB c4t1d0s0 clones/d20 p 5.0GB c4t1d0s0 clones/d10 p 5.0GB c4t1d0s0 What are two features of Solaris Volume Manager software configured on this system? (Choose two.)
While installing the Solaris operating environment, you select LDAP as a name service. As you continue the installation, which information is required to complete the LDAP client installation? (Choose two.)
The domain name must be set for this client.
The IP address for the profile server must be set on this client.
Users dbadmin, webadmin, and user6 all have their home directories located on server1 in the /export/home directory. Given the following three files on a system named client6: /etc/passwd: dbadmin:x:100:10:Database Admin:/home/dbadmin:/bin/csh webadmin:x:101:10:Web Admin:/home/webadmin:/bin/ksh user6:x:101:10:User number 6:/home/user6:/bin/csh /etc/auto_master: #Master map for automounter /net -hosts -nosuid,nobrowse /home auto_home -nobrowse /etc/auto_home: #Home automounter map * server1:/export/home/& Only user6 is currently logged in to client6. dbadmin and webadmin have no processes running and have never logged in to client6. There have been no attempts to access the home directories of dbadmin and webadmin. Which two statements are correct? (Choose two.)
Running ls /home outputs user6.
A new user named user7 that is added to /etc/passwd on client6 and has a home directory on server1 as /export/home/user7 will be able to log in without restarting the automounter on client6.
Which three commands are valid ways to start the NIS server? (Choose three.)
svcadm enable nis/server
svcadm enable svc:/network/nis/server
A company has an order-processing server that has only 512 megabytes of physical RAM and no disk-based swap space. Due to an increase in orders, 512 megabytes of disk swap space is added to the system: # swap -l swapfile dev swaplo blocks free /dev/dsk/c0t0d0s1 136,1 16 1049312 1049312 # swap -s total: 148136k bytes allocated + 22344k reserved = 170480k used, 744232k avail What is the total virtual memory configured on the system?
The security team has requested that NFS logging be enabled. They have supplied you with the configuration parameters that they want. In which file do you need to place the configuration parameters?
A system called renegade is configured to access a CAD application and the man pages using automount. The system has the following /etc/auto_master file: # Master map for automounter # /home auto_home -nobrowse /- auto_direct -ro The renegade system also has the following /etc/auto_direct file: # Superuser-created direct map for automounter # /tools/cad -ro,soft cadserver:/export/cad,v2 /usr/share/man -ro,soft docserver1,docserver2:/usr/share/man Which two statements are true about the renegade system? (Choose two.)
To access the CAD application, the user can type # cd /tools/cad.
The /usr/share/man directory is mounted from docserver1 or docserver2, depending upon availability.
systemA mounts a NFS file system located on systemB as follows: /data on systemB:/data/dbase remote/read/write/setuid/devices/xattr/dev=4c00003 systemB mounts an NFS file system located on systemA as follows: /data on systemA:/data/dbase remote/read/write/setuid/devices/xattr/dev=4c00003 After a power outage, both systems tried booting at the same time and would not boot up to a login prompt. Upon further investigation, both systems were stopping at the point where the NFS mount was trying to be established. Which answer provides a solution to correct this problem?
On systemA, mount the NFS file system as follows: mount -o bg systemB:/data/dbase /data and on systemB, mount the NFS file system as follows: mount -o bg systemA:/data/dbase /data
Your x86-based system has a ZFS file system named /files on the c0d1 drive. You want to rename this file system, so that every time the system boots, it is automatically mounted under the name /data. Which answer describes how to change the ZFS file system name from /files to /data?
zfs set mountpoint=/data data
Given the line taken from the syslogd daemon configuration file: mail.debug /var/adm/messages What is the result of implementing this entry?
The mail.debug messages are logged locally in the /var/adm/messages file, regardless of any loghost alias.
The security administrator wishes to create a rights profile which is a superset of another rights profile. Certain commands in the new rights profile are to be run with different attributes to the original profile. How would you implement this using the RBAC framework?
Modify the /etc/exec_attr file to use a shell script which checks the rights profile being used and then executes the commands with the appropriate attributes using the pfexec command. C Assign both rights profiles to the appropriate roles and give a higher priority to the commands for the new rights profile when different attributes are required.
systemA has a file system that is being shared as follows: -/data/dbase rw "" systemB mounts that file system as follows: /data on systemA:/data/dbase\ remote/read/write/setuid/devices/xattr/dev=4c00002 On systemB, whenever root tries to create or copy a file to the /data directory, root receives the following error: cannot create Which answer describes a solution to this problem?
On systemA, share /data/dbase as follows: share -F nfs -o root=systemB /data/dbase
Which three statements are true about Solaris Volume Manager software state databases? (Choose three.)
The state database tracks the location of all known state database replicas.
Solaris Volume Manager software state databases can be added at any time.
The Solaris Volume Manager software state database contains configuration information for all volumes and hot spares.
SystemA has a file system named /data/dbase that is being shared. systemB needs to mount that file system so that users on systemB can access the data remotely on systemA. The information in the /data/dbase file system is confidential and access to that data must be restricted so that only user1 and user2 can access the data from systemB. Which answer describes a method to protect the data on systemA so that only specific users on system can access that data?
On systemA, protect the /data/dbase directory using conventional UNIX permissions so that only user1 and user2 can access the data. Then, share the file system on systemA as follows:
You are preparing to install several UltraSPARC machines that will function as servers using JumpStart. Since these machines are servers, you want to disable the power management feature of Solaris 10 OS during installation. What JumpStart configuration technique must you use to disable power management during a JumpStart installation?
There is no way to disable power management if you are using JumpStart.
Given the following command: add_install_client -d [...] add_install_client -d -e <address> [...] In addition to configuring the JumpStart server, which two statements are true about the format of this command? (Choose two.)
The first format displays information necessary to configure DHCP to PXE boot a class of machines.
The second format displays information necessary to configure DHCP to PXE boot a single, specific system.
if your system uses a large number of mirrors, make sure that you have an adequate number of state databases. If you create too few state database replicas, performance could be negatively impacted. What is the recommended number of state database replicas for mirrored volumes?
At least two state database replicas per RAID-1 volume.
When creating a slice for your database replicas, how much space should be allocated to the slice?
4 Mbytes in size for each replica that it will store.
Assuming the directory /swapdir exists, what is the result of executing the following command? # mkfile 100m /swapdir/file1
A 100 megabyte swap file named /swapdir/file1 is created.
You believe that you have a correctly configured boot server on the local network for the SPARC system currently being installed. Your JumpStart configuration is based on files only and does NOT use a naming service at any stage. Upon running the following command: boot net -install the client displays the following output: Boot device: /[email protected],0/[email protected],1/[email protected],1 File and args: - install 38600 panic - boot: Could not mount filesystem. Program terminated ok What is the cause of this problem?
The root file system is NOT shared using NFS from the boot server.
The security team requests that NFS logging be enabled. They supply you with the configuration parameters that they want. In which file do you need to place the configuration parameters?
The production server needs additional swap space due to lack of physical memory. The system has only one disk and is partitioned as follows: Part Tag Flag Cylinders Size Blocks 0 root wm 1041 - 38491 18.00GB (37451/0/0) 37750608 1 swap wu 0 - 1040 512.37MB (1041/0/0) 1049328 2 backup wm 0 - 39532 19.00GB (39533/0/0) 39849264 3 unassigned wm 0 0 (0/0/0) 0 4 unassigned wm 0 0 (0/0/0) 0 5 unassigned wm 0 0 (0/0/0) 0 6 unassigned wm 0 0 (0/0/0) 0 7 unassigned wm 0 0 (0/0/0) 0 There is one swap slice configured and active: # swap -l swapfile dev swaplo blocks free /dev/dsk/c0t0d0s1 136,1 16 1049312 0 The root file system is a flat file system: # df -k / Filesystem kbytes used avail capacity Mounted on /dev/dsk/c0t0d0s0 18575269 9549546 9025723 53% / Which two methods can be used to temporarily add swap space? (Choose two.)
create a 512 megabyte swap file on the root disk: # mkfile 512m /swapfile # swap -a /swapfile
repartition the disk so that slice 3 contains the unused cylinders 38492 through 39532, and then add slice 3 as swap: # swap -a /dev/dsk/c0t0d0s3
Given the command and output: # profiles -l testrole Audit Control: /etc/init.d/audit euid=0, egid=3 /etc/security/bsmconv uid=0 /etc/security/bsmunconv uid=0 /usr/sbin/audit euid=0 /usr/sbin/auditconfig euid=0 /usr/sbin/auditd uid=0 All: * And given the fact that test role executes commands with a profile shell. With what effective UID and real UID will the /usr/sbin/auditd program be started?
effective UID 0 and real UID 0
Given the entry from the /etc/user_attr file: user10::::profiles=User Security,Maintenance and Repair;roles=MediaAdmin;type=normal Which statement is correct?
The User Security and Maintenance and Repair profiles are defined in the /etc/security/prof_attr file.
Your system has three disk drives allocated for data storage. You are using Solaris Volume Manager to create your file system on these drives. The application will be write-intensive. Which configuration will provide the best performance?
RAID 0 Striped Structure
A user is having LDAP client problems. The profile with which the client was configured was updated overnight. Error messages indicate that the daemon on the client responsible for updating the profile might NOT have started. Which daemon on the client is responsible for updating the profile?
Given: usermod -P Profile user1 Which two statements are true? (Choose two.)
The user1 user loses all other profiles.
The user1 user gets assigned Profile.
Given this line from the name service configuration file: hosts: nis [NOTFOUND=return] files Which two statements correctly describe the behavior of the name service switch? (Choose two.)
If NIS were unavailable, the attempt to locate the host's address would be continued within the local file (/etc/inet/hosts).
If NIS were available, but a host IP address was NOT in the NIS map, the attempt to locate the host's address would be abandoned.
On a system with a number of zones installed, all zones are NIS clients of the global zone. A second NIS domain is required. Which statement is true?
The administrator can create a new zone with a second NIS server; each zone is free to pick its own domain name.
You log on as root and issue the command: #snoop -a What are two results of issuing this command? (Choose two.)
Network traffic is displayed.
Packets can be listened to on /dev/audio.
With the Solaris OS, you are required to reserve swap space prior to executing any process. This requires the available of swap space. The required amount of swap space varies from system to system. Which two statements about available swap space requirements are true? (Choose two.)
It does not require physical disk space.
It must be sufficient to supplement physical RAM to meet the needs of concurrently running processes.
The security administrator wants to assign user bob to a netsec role so that the user can run the ifconfig(1M) and snoop(1M) commands with a rights profile named NSM. Which entries are contained in the /etc/security/exec_attr file after the required RBAC configuration is implemented when using privileges rather than uid 0?
Given: usermod -R role2 user1 Which two statements are true? (Choose two.)
The user1 user gets assigned role2.
The user1 user loses all previous roles.
You are creating a new direct map to allow a new application that has been installed on an application server to become available. Which two commands activate the new map? (Choose two.)
usr/sbin/svcadm restart svc:/system/fileystem/autofs
Which two profile keywords are required to install a differential flash archive? (choose two)
A junior administrator is having difficulty getting a service installed and configured on a Solaris 10 OS and has asked for assistance. The service must be started automatically from inetd. The installation script places entries appropriate to the service in /etc/inetd.conf and they are formatted correctly. The service does NOT start on demand and the administrator has issued several pkill -HUP inetd commands. This same service installs and works fine on a Solaris 9 OS. There are no problems with the binaries associated with the service. What command must be run to configure and enable this service on the Solaris 10 OS?
inetconv -e -f
A system administrator needs to halt a zone. Which two commands properly shut down a zone? (Choose two.)
zlogin zonename init 5
zlogin zonename shutdown -y -i5