Category «310-303»

Exam 310-303: Sun Certified Security Administrator for the Solaris 10 OS

What is the correct command to remove these set-uid binaries in a supported way?

Refer to the Exhibit. A system administrator needs to minimize a freshly installed Solaris system. After verifying that the correct metacluster is installed, the administrator tries to further minimize the number of installed set-uid binaries. After inspection, the administrator finds a number of printing related binaries, reviewing the relevant contents of the /var/sadm/install/contents file. What …

What happened?

Refer to the Exhibit. You notice that the following line has been added to /etc/passwd: admin:x:0:0:Administrator:/:/bin/sh To figure out when this file was changed, you look at the file creation date, but based on that information, the file hasn’t been touched since the system was installed. You look at the audit logs for this system …

Why does this error occur?

A web server administrator must configure an Apache 2 web server to start as the user webservd. The web server administrator has been assigned the “Service Operator” rights profile. While attempting to set the SMF service property start/user, the web server administrator receives the following error message: $ /usr/sbin/svccfg -s svc:/network/http:apache2 svc:/network/http:apache2> setprop start/user = …

what UID and GID will the command /my/bin/progD run when the command is executed as followed by an application

A security administrator has created these “Restricted Commands” rights profiles in the /etc/security/exec_attr file that will be assigned to a number of application developers: $ grep “^Restricted Commands” /etc/security/exec_attr Restricted Commands:solaris:cmd:::/my/bin/progA:uid=yadm;gid=yadm Restricted Commands:solaris:cmd:::/my/bin/progB:uid=vadm;gid=vadm Restricted Commands:solaris:cmd:::/my/bin/progC:uid=oamd;gid=aadm Restricted Commands:solaris:cmd:::/my/bin/progD:uid=nadm;gid=badm Restricted Commands:solaris:cmd:::/my/bin/progD:uid=nadm;gid=cadm Restricted Commands:solaris:cmd:::/my/bin/progD:uid=eadm;gid=eadm Restricted Commands:solaris:cmd:::/my/bin/progD As what UID and GID will the command /my/bin/progD run when the …