What is the correct command to remove these set-uid binaries in a supported way?

Refer to the Exhibit. A system administrator needs to minimize a freshly installed Solaris system. After verifying that the correct metacluster is installed, the administrator tries to further minimize the number of installed set-uid binaries. After inspection, the administrator finds a number of printing related binaries, reviewing the relevant contents of the /var/sadm/install/contents file. What […]

Read More

Which three statements are true about the configured accounts?

Refer to the Exhibit. One step in the hardening process is to examine the user accounts and determine what steps need to be taken to tighten access to the system. As part of this process, an administrator executes the command passwd -sa. Which three statements are true about the configured accounts? (Choose three.) A.User uucp […]

Read More

How do you find out what privileges are needed?

Your organization wants to deploy a third party network monitoring tool. A requirement for deploying this tool is that it runs with as few privileges as possible. The tool needs access to /dev/ip which is listed as: crw-rw-rw- 1 root sys 3, 0 Jun 5 09:11 /dev/ip. When the tool is run as the unprivileged […]

Read More

What happened?

Refer to the Exhibit. You notice that the following line has been added to /etc/passwd: admin:x:0:0:Administrator:/:/bin/sh To figure out when this file was changed, you look at the file creation date, but based on that information, the file hasn’t been touched since the system was installed. You look at the audit logs for this system […]

Read More

Why does this error occur?

A web server administrator must configure an Apache 2 web server to start as the user webservd. The web server administrator has been assigned the “Service Operator” rights profile. While attempting to set the SMF service property start/user, the web server administrator receives the following error message: $ /usr/sbin/svccfg -s svc:/network/http:apache2 svc:/network/http:apache2> setprop start/user = […]

Read More

what UID and GID will the command /my/bin/progD run when the command is executed as followed by an application

A security administrator has created these “Restricted Commands” rights profiles in the /etc/security/exec_attr file that will be assigned to a number of application developers: $ grep “^Restricted Commands” /etc/security/exec_attr Restricted Commands:solaris:cmd:::/my/bin/progA:uid=yadm;gid=yadm Restricted Commands:solaris:cmd:::/my/bin/progB:uid=vadm;gid=vadm Restricted Commands:solaris:cmd:::/my/bin/progC:uid=oamd;gid=aadm Restricted Commands:solaris:cmd:::/my/bin/progD:uid=nadm;gid=badm Restricted Commands:solaris:cmd:::/my/bin/progD:uid=nadm;gid=cadm Restricted Commands:solaris:cmd:::/my/bin/progD:uid=eadm;gid=eadm Restricted Commands:solaris:cmd:::/my/bin/progD As what UID and GID will the command /my/bin/progD run when the […]

Read More

What way is most efficient to reliably accomplish this task?

The security group is testing software in a special lab which is configured in the same secure way as the production servers. Some of the tested code might even be malicious. Due to budget restrictions, the available lab systems for these tests have been reduced to only three remaining systems. The system administrator is responsible […]

Read More