Exam information

Exam 310-303: Sun Certified Security Administrator for the Solaris 10 OS

What is the correct command to remove these set-uid binaries in a supported way?

Refer to the Exhibit. A system administrator needs to minimize a freshly installed Solaris system. After verifying that the correct metacluster is installed, the administrator tries to further minimize the number of installed set-uid binaries. After inspection, the administrator finds a number […]

Which three statements are true about the configured accounts?

Refer to the Exhibit. One step in the hardening process is to examine the user accounts and determine what steps need to be taken to tighten access to the system. As part of this process, an administrator executes the command passwd -sa. Which three statements are true about the configured […]

When will the audit subsystem switch from the first directory to the second configured directory?

A company has activated auditing on all of their systems. The default destination directory for the audit trail is /var/audit on each system. In the past few weeks, they had problems with one of the systems acting as a print server. A user sent a large print job, which caused /var on the print […]

How do you find out what privileges are needed?

Your organization wants to deploy a third party network monitoring tool. A requirement for deploying this tool is that it runs with as few privileges as possible. The tool needs access to /dev/ip which is listed as: crw-rw-rw- 1 root sys 3, 0 Jun 5 09:11 /dev/ip When the tool is run as the […]

What happened?

Refer to the Exhibit. You notice that the following line has been added to /etc/passwd: admin:x:0:0:Administrator:/:/bin/sh To figure out when this file was changed, you look at the file creation date, but based on that information, the file hasn’t been touched since the system was installed. […]

Why is it preferred to run the program as daemon with added privileges?

You have a legacy non-privilege aware program which runs as root to be able to open a privileged port. Now that you have upgraded the system to Solaris 10 you want to take advantage of privileges. You can either run the program as root with fewer privileges, or you can run the program as […]

What is the significance ofthe output generated by the jass-check-sum command?

Refer to the Exhibit. What is the significance ofthe output generated by the jass-check-sum command?

Why does this error occur?

A web server administrator must configure an Apache 2 web server to start as the user webservd. The web server administrator has been assigned the "Service Operator" rights profile. While attempting to set the SMF service property start/user, the web server administrator receives the […]

what UID and GID will the command /my/bin/progD run when the command is executed as followed by an application

A security administrator has created these "Restricted Commands" rights profiles in the /etc/security/exec_attr file that will be assigned to a number of application developers: $ grep "^Restricted Commands" /etc/security/exec_attr Restricted […]

What way is most efficient to reliably accomplish this task?

The security group is testing software in a special lab which is configured in the same secure way as the production servers. Some of the tested code might even be malicious. Due to budget restrictions, the available lab systems for these tests have been reduced to only three remaining […]

Page 1 of 2012345...1020...Last »