IT Certification Guaranteed, The Easy Way!
Exam
:
1z0-821
Title
:
Oracle Solaris 11 System
Administrator
Vendor
:
Oracle
Version
:
V14.35
1
IT Certification Guaranteed, The Easy Way!
NO.1 You need to make sure that all of the software packages on your server are up to date.
Without installing any updates, which two commands would display .my software updates that are
available in the default Oracle repository?
A. pkg list -u
B. pkg verify -u '*'
C. pkg search -u
D. pkg info -r '*'
E. pkg install -nv
F. pkg update -nv '*'
Answer: A,D
Explanation:
A: the pgk list command display a list of packages in the current image, including state and other
information. By default, package variants for a different architecture or zone type are excluded.
D: pkginfo displays information about software packages that are installed on the system (with the
first synopsis, with -l) or that reside on a particular device or directory (with the second synopsis, with
-r).
Without options, pkginfo lists the primary category, package instance, and the names of all
completely installed and partially installed packages. It displays one line for each package selected.
With -r, retrieve the data from the repositories of the image's configured publishers. Note that you
must specify one or more package patterns in this case.
NO.2 You are troubleshooting the failure of a computer to mount an NFS file system hosted by a
server (hostname mars) in the local area network.
Select the three commands that will enable you to identify the problem.
A. ping - s mars
B. cat /etc/vfstab
C. cat /etc/dfs/dfstab
D. sharemgr show -v
E. showmount -e mars
F. rpcinfo -s mars | egrep 'nfs|mountd'
Answer: B,E,F
Explanation:
B: The mount point Error. The following message appears during the boot process or in response
toan explicit mount request and indicates a non-existent mount point.
Mount: mount-point /DS9 does not exist.
To solve the mount point error condition, check that the mount point exists on the client.
Check the spelling of the mount point on the command line or in the /etc/vfstab file (B) on the client,
or comment outthe entry and reboot the system.
Note: The /etc/vfstab file lists all the file systems to be automatically mounted at system boot time,
with the exception of the /etc/mnttab and /var/run file systems.
E: showmount
This command displays all clients that have remotely mounted file systems that are shared from an
NFS server, or only the file systems that are mounted by clients, or the shared file systems with the
client access information. The command syntax is:
2
IT Certification Guaranteed, The Easy Way!
showmount [ -ade ] [ hostname ]
where -a prints a list of all the remote mounts (each entry includes the client name and the
directory), -d prints a list of the directories that are remotely mounted by clients, -e prints a list of the
files shared (or exported), and hostname selects the NFS server to gather the information from. If
hostname is not specified the local host is queried.
F: * mountd Daemon
This daemon handles file-system mount requests from remote systems and provides access control.
The mountd daemon checks /etc/dfs/sharetab to determine which file systems are available for
remote mounting and which systems are allowed to do the remote mounting.
* Commands for Troubleshooting NFS Problems
These commands can be useful when troubleshooting NFS problems.
rpcinfo Command
This command generates information about the RPC service that is running on a system.
NO.3 Review the storage pool information:
Choose the correct procedure to repair this storage pool.
A. Shut the system down, replace disk c3t3d0, and boot the system. When the system is booted,
execute the zpool clear pool1 command.
B. Shut the system down, replace disk c3t3d0, and boot the system. When the system is booted
execute the zpool online pool1 command.
C. Shut the system down, replace disk c3t3d0, and boot the system. When the system is booted,
execute the zpool replace pool1 c3t3d0 command.
D. Shut the system down, replace disk c3t3d0, and boot the system. When the system is booted,
execute the zpool replace pool1 c3t3d0 c3t3d0 command.
Answer: C
Explanation:
You might need to replace a disk in the root pool for the following reasons:
The root pool is too small and you want to replace it with a larger disk The root pool disk is failing. In
a non-redundant pool, if the disk is failing so that the system won't boot, you'll need to boot from an
alternate media, such as a CD or the network, before you replace the root pool disk.
In a mirrored root pool configuration, you might be able to attempt a disk replacement without
having to boot from alternate media. You can replace a failed disk by using the zpool replace
command.
Some hardware requires that you offline and unconfigure a disk before attempting the zpool replace
operation to replace a failed disk.
For example:
3
IT Certification Guaranteed, The Easy Way!
# zpool offline rpool c1t0d0s0
# cfgadm -c unconfigure c1::dsk/c1t0d0
< Physically remove failed disk c1t0d0>
< Physically insert replacement disk c1t0d0>
# cfgadm -c configure c1::dsk/c1t0d0
# zpool replace rpool c1t0d0s0
# zpool online rpool c1t0d0s0
# zpool status rpool
< Let disk resilver before installing the boot blocks>
SPARC# installboot -F zfs /usr/platform/`uname -i`/lib/fs/zfs/bootblk /dev/rdsk/c1t0d0s0 x86#
installgrub /boot/grub/stage1 /boot/grub/stage2 /dev/rdsk/c1t9d0s0
NO.4 View the exhibit.
The configuration information in the exhibit is displayed on your system immediately after installing
the OS.
Choose the option that describes the selection made during the Installation of the OS to obtain this
configuration.
A. The automatic network configuration option was chosen during the installation of the OS.
B. The manual network configuration option was chosen during the installation of the OS.
C. The network was not configured during the installation of the OS.
D. The DHCP network configuration option was chosen during the Installation of the OS.
Answer: A
Explanation:
There are two ways to configure the network configuration: automatic or manual.
In the exhibit we see that DHCP has been used used. This indicates an automatic network
configuration.
NO.5 You are installing the Solaris 11 Operation System by using the Text Installer. A panel prompts
you to create a root password and a user account.
Which four describe your options for completing this panel of the Installation?
A. Creating a user account is optional.
B. The root password must be set and cannot be blank.
C. The root password can be left blank.
D. If you provide a username, that user is assigned the root role.
E. If you provide a username, that user is given root privileges.
F. If you provide a username, root is an account rather than a role and is set to expire immediately.
G. If you do not provide a username, root is an account rather than a role and is set to expire
immediately.
4
IT Certification Guaranteed, The Easy Way!
Answer: A,B,D,G
Explanation:
A: You are not required to create a user account.
B: You must create a root password.
D: If you create a user account in this panel, you need to provide both the user's password and a root
password.
In this case, root will be a role assigned to the user.
G: If you do not create a user account, you still need to provide a root password.
In this case, root will be a regular user.
NO.6 Which two options accurately describe the network characteristics of a zone?
A. DHCP address assignment cannot be configured in a shared IP zone.
B. Shared IP is the default type of network configuration.
C. Exclusive IP is the default type of network configuration.
D. By default, all IP addresses, netmasks, and routes are set by the global zone and cannot be altered
in a non global zone.
E. IPMP cannot be managed within the non-global zone.
F. Commands such as snoop and dladm cannot be used on datalinks that are in use by a running
zone.
Answer: A,B
Explanation:
A: Non-global zones can not utilize DHCP (neither client nor server).
B (not C): By default, non-global zones will be configured with a shared IP functionality.
What this means is that IP layer configuration and state is shared between the zone you're creating
and the global zone. This usually implies both zones being on the same IP subnet for each given NIC.
Note: A zone is a virtual operating system abstraction that provides a protected environment in
which applications run. The applications are protected from each other to provide software fault
isolation. To ease the labor of managing multiple applications and their environments, they co-exist
within one operating system instance, and are usually managed as one entity.
The original operating environment, before any zones are created, is also called the "global zone" to
distinguish it from non-global zones, The global zone is the operating system instance.
Incorrect answer:
E: Exclusive-IP zones can use IPMP. IPMP is configured the same way in an exclusive-IP zone as it is on
a system not using zones.
For shared-IP zones, IPMP can be configured in the global zone.
F: Full IP-level functionality is available in an exclusive-IP zone.
An exclusive-IP zone has its own IP-related state.
An exclusive-IP zone is assigned its own set of data-links using the zonecfg command. The zone is
given a data-link name such as xge0, e1000g1, or bge32001, using the physical property of the net
resource. The address property of the net resource is not set.
Note that the assigned data-link enables the snoop command to be used.
The dladm command can be used with the show-linkprop subcommand to show the assignment of
data-links to running exclusive-IP zones.
NO.7 A datalink can best be described as______.
5
IT Certification Guaranteed, The Easy Way!
A. a driver for a Network Interface Card
B. the software connecting the Internet Layer and the Physical Layer
C. a device that provides Classless Inter-Domain Routing
D. a logical object used for IP Multipathing
Answer: D
Explanation:
The command dladm is used to configure data-link interfaces in Sun Solaris. A configured data-link is
represented in the system as interface that can be used for TCP/IP. Each data- link relies on either a
single network device or an link aggregation device to send & recieve packets.
Network interfaces provide the connection between the system and the network. These interfaces
are configured over data links, which in turn correspond to instances of hardware devices in the
system.
In the current model of the network stack, interfaces and links on the software layer build on the
devices in the hardware layer. More specifically, a hardware device instance in the hardware layer
has a corresponding link on the data-link layer and a configured interface on the interface layer. This
one-to-one relationship among the network device, its data link, and the IP interface is illustrated in
the figure that follows.
Network Stack Showing Network Devices, Links, and Interfaces:
NO.8 Review the non-global zone configuration displayed below:
6
IT Certification Guaranteed, The Easy Way!
The global zone has 1024 MB of physical memory. You need to limit the non-global zone so that it
uses no more than 500 MB of the global zone's physical memory. Which option would you choose?
7
IT Certification Guaranteed, The Easy Way!
A. Option A
B. Option B
C. Option C
D. Option D
E. Option E
Answer: C
Explanation:
Add a memory cap.
zonecfg:my-zone> add capped-memory
Set the memory cap.
zonecfg:my-zone:capped-memory> set physical=50m
End the memory cap specification.
zonecfg:my-zone:capped-memory> end
NO.9 You are asked to determine user jack's default login directory. Which command would provide
you with useful information?
A. cat /etc/passwd | grep jack
B. cat /etc/group | grep jack
C. cat /etc/shadow | grep jack
D. cat /etc/default/passwd | grep jack
Answer: A
Explanation:
8
IT Certification Guaranteed, The Easy Way!
The /etc/passwd contains one entry per line for each user (or user account) of the system.
All fields are separated by a colon (:) symbol. Total seven fields as follows.
1 . Username: It is used when user logs in. It should be between 1 and 32 characters in length.
2 . Password: An x character indicates that encrypted password is stored in /etc/shadow file.
3. User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and UIDs
1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by system for
administrative and system accounts/groups.
4. Group ID (GID): The primary group ID (stored in /etc/group file)
5. User ID Info: The comment field. It allow you to add extra information about the users such as
user's full name, phone number etc. This field use by finger command.
6 . Home directory: The absolute path to the directory the user will be in when they log in. If this
directory does not exists then users directory becomes /
7 . Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell.
Please note that it does not have to be a shell.
NO.10 You are having an issue with the shutdown command. You wish to determine if the file is a
script or an executable program. Which command would you use to determine this?
A. od shutdown
B. file shutdown
C. test shutdown
D. cksum shutdown
E. attrib shutdown
Answer: B
Explanation:
The file command determines the file type file tests each argument in an attempt to classify it. There
are three sets of tests, performed in this order: filesystem tests, magic tests, and language tests. The
first test that succeeds causes the file type to be printed.
NO.11 You are installing the Oracle Solaris 11 Operating System by using the Text Installer.
Which two options describe the features associated with the Text Installer?
A. It can be used to install only SPARC systems.
B. It installs gnome as the default user environment on a system capable of displaying a graphical
environment.
C. You can choose whether root is a role or user account.
D. You can do both automatic and manual configuration of the network.
E. You can select how to configure the remaining network interfaces.
Answer: C,D
NO.12 To inspect network interface net3, you enter the following commands:
What problem do you suspect? Assume the user is authorized and provided the correct password.
A. The net3 interface hasn't been enabled yet.
9
IT Certification Guaranteed, The Easy Way!
B. The net3 vnic hasn't been created.
C. The net3/v4 ip object hasn't been configured.
D. The net3 interface is not attached to a NIC or etherstub.
Answer: C
Explanation:
The following command marks the address object net1/v4a up that was previously marked down.
# ipadm up-addr net1/v4a
NO.13 You need to set up an Oracle Solaris 11 host as an iSCSI target so that the host's disk can be
accessed over a storage network. The disk device is c3t4d0.
Which six options describe the steps that need to be taken on this host to enable an iSCSI target?
A. Create a ZFS file system named iscsi/target.
B. Create a zpool named iscsi with disk device c3t4d0
C. Create zfs volume named iscsi/target.
D. Use the stmfadm command to create a LUN using /dev/zvol/rdsk/iscsi/target.
E. Use the stmfadm command to create a LUN using iscsi/target.
F. Use the stmfadm command to make the LUN viewable.
G. Use the stmfadm command to make the volume viewable.
H. Enable the svc:/network/iscsi/target:default Service.
I. Use the itadm command to create the iSCSI target.
Answer: B,C,D,F,H,I
Explanation:
How to Create an iSCSI LUN
The following steps are completed on the system that is providing the storage device.
Example: target# zpool create sanpool mirror c2t3d0 c2t4d0
(C)2. Create a ZFS volume to be used as a SCSI LUN.
(D)3. Create a LUN for the ZFS volume.
Example:
target# stmfadm create-lu /dev/zvol/rdsk/sanpool/vol1
Logical unit created: 600144F0B5418B0000004DDAC7C10001
4. Confirm that the LUN has been created.
Example
target# stmfadm list-lu
LU Name: 600144F0B5418B0000004DDAC7C10001
(F) 5. Add the LUN view.
This command makes the LUN accessible to all systems.
target# stmfadm add-view 600144F0B5418B0000004DDAC7C10001
How to Create the iSCSI Target
This procedure assumes that you are logged in to the local system will contains the iSCSI target.
Note: The stmfadm command manages SCSI LUNs. Rather than setting a special iSCSI property on the
ZFS volume, create the volume and use stmfadm to create the LUN.
(H) 1. Enable the iSCSI target service.
target# svcadm enable -r svc:/network/iscsi/target:default
(I) 2. Create the iSCSI target.
target# itadm create-target
10
IT Certification Guaranteed, The Easy Way!
NO.14 You are setting up a local IPS package repository on your Oracle Solaris11 server:
solaris.example.com.
You want to point the existing local IPS publisher to the new local IPS repository located in
/repo.
These are the stops that you have followed:
1. Download and rsync the contents of the Oracle Solaris11 repository ISO image to the
/repo directory.
2. Configure the repository server service properties. The svcprop command display, the IPS related
properties:
pkg/inst_root astring/repo
pkg/readonly Boolean true
The 1s command displays the contents of the /repo directory:
#ls/repo
Pkg5.repository publisher
The svcs publisher command shows the svc: /application/pkg/server: default service is online.
The pkg publisher command shows the svc: /application/pkg/server: default service is online.
The pkg publisher command still displays:
PUBLISHERTYPESTATUSURI
solarisoriginonlinehttp://pkg.oracle.com/solaris/release/
Which steps needs to be performed to set the local IPS publisher to the local IPS repository/repo?
A. Issue the pkgrepo refresh -s command to refresh the repository.
B. Restart the svc:/application/pkg/server:default service.
C. pkg set-publisher command to set the new repository location.
D. Issue the pkgrepo rebuild command to rebuild the repository.
E. Issue the pkgrepo set command to set the new repository location.
Answer: C
Explanation:
Set the Publisher Origin To the File Repository URI
To enable client systems to get packages from your local file repository, you need to reset the origin
for the solaris publisher. Execute the following command on each client:
Example:
# pkg set-publisher -G '*' -M '*' -g /net/host1/export/repoSolaris11/ solaris
NO.15 View the Exhibit.
11
IT Certification Guaranteed, The Easy Way!
The file came from your Automated Installer (AI) install server.
The file is ____________.
A. An AI SC profile for non-global zones
B. The default AI conf ig file for non-global zones
C. The default AI manifest for non-global zones
12
IT Certification Guaranteed, The Easy Way!
D. A custom AI manifest
Answer: D
Explanation:
ai_manifest
- Automated installation manifest file format
Synopsis
/usr/share/install/ai.dtd.1
Some customizations have been made, such as the selection of specific locales.
NO.16 Your server has a ZFS storage pool that is configured as follows:
The server has two spare 146-GB disk drives: c3t5d0 c3t6d0
You need to add more space to the pool1 storage pool. Which command would add more mirrored
storage to the pool1 storage pool?
A. zpool add pool1 mirror c3t5d0 c3t6d0
B. zpool attach pool1 mirror c3t5d0 c3t6d0
C. zpool attach pool1 c3r3d0 c3r5d0; zpool attach pool1 c3r4d0 c3r6d0
D. zpool add pool1 c3r3d0 c3r5d0; zpool add pool1 c3r4d0 c3r6d0
Answer: A
NO.17 You want to display network interface information. Which command should you use?
A. ipadm show-if
B. ipadm show-addr
C. ipadm show-prop
D. ipadm show-addrprop
Answer: A
NO.18 You are logged in to a Solaris 11 system as user jack. You issue the following sequence of
commands:
Identify two correct statements.
A. You have the effective privilege of the account root.
B. Your GID is 10.
C. Your home directory is /root.
D. You are running the shell specified for the account root.
13
IT Certification Guaranteed, The Easy Way!
E. Your UID is 1.
Answer: A,B
Explanation:
Oracle Solaris provides predefined rights profiles. These profiles, listed in the
/etc/security/prof_attr, can be assigned by the root role to any account. The root role is assigned all
privileges and all authorizations, so can perform all tasks, just as root can when root is a user.
To perform administrative functions, you open a terminal and switch the user to root. In that
terminal, you can then perform all administrative functions.
$ su - root
Password: Type root password
#
When you exit the shell, root capabilities are no longer in effect.
NO.19 Which three Installation option allow for a "hands free" and "unattended'" Installation of the
Solaris 11 environment?
A. Jumpstart
B. LiveCD
C. A text Installation over the network
D. An Automated Installation performed on an x86 client
E. An Automated Installation using media from a local DVD or USB drive
F. An Automated Installation using a networked repository
Answer: D,E,F
Explanation:
Oracle Solaris 11 uses Automated Installer (AI) for unattended installations.
Unattended installations are possible by placing the contents of the AI Image media (or ISO image
contents from a download) on an AI server.
NO.20 Which three statements accurately describe the Automated Installation (AI) client?
A. If the AI client does not match any criteria to use a custom manifest or script, the default manifest
is used.
B. If the AI client does not match any criteria to use a custom manifest or script, the automated
installation aborts.
C. Any manifest or script in a service can be designated to be the default for that service.
D. Only the default.xml file is used as the default AT client manifest.
E. If a client system does not use any SC profile, then an interactive tool opens on that client at first
boot after that client installation to complete the configuration of that client.
F. If a client system does not use any SC profile, then the install server will use the default SC profile.
Answer: A,C,E
Explanation:
Each client uses one and only one AI manifest to complete its installation. The AI manifest is selected
for a client according to the following algorithm:
* If no custom AI manifests are defined for this install service, the default AI manifest is used. The
default AI manifest is not associated with any client criteria etc.
Each client can use any number of system configuration profiles. If a client system does not use any
14
IT Certification Guaranteed, The Easy Way!
configuration profile, then an interactive tool opens on that client at first boot after that client
installation to complete the configuration of that client.
NO.21 You want to display the IP address assignments of the network interfaces. Which command
should you use?
A. ipadm show-if
B. ipadm show-addr
C. ipadm show-prop
D. ipadm show-addrprop
Answer: B
Explanation:
'ipadm show-addr' displays all the configured addresses on the system.
Example:
# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
lo0/v6 static ok ::1/128
NO.22 When speaking to an Oracle Support Engineer, you are asked to verify the version of the
Solaris 11 build currently running on your system.
Which command would display the Solaris 11 build version currently running on your system?
A. pkg info all
B. cat /etc/release
C. cat /etc/update
D. prtconf | grep -i update
E. pkg info entire
Answer: B
Explanation:
Which Solaris release you are running on your system can be determined using the following
command:
cat /etc/release
This will tell you which release you are running and when it was released.
The more recent your system, the more info is contained in this file.
Example:
# cat /etc/release
Oracle Solaris 10 8/11 s10s_u10wos_17b SPARC
Copyright (c) 1983, 2011, Oracle and/or its affiliates. All rights reserved.
Assembled 23 August 2011
NO.23 You need to update an OS image on a client. The pkg publishers command displays the wrong
publisher with the wrong update:
PUBLISHERTYPESTATUSURI
Solaris origin onlinehttp://pkg.oracle.com/solaris/release
The update is available on the updated publisher:
PUBLISHERTYPESTATUSURI
15
IT Certification Guaranteed, The Easy Way!
Solaris originonlinehttp://sysA.example.com
Select the option that describes the procedure used to update the OS image on the system from the
updated publisher.
A. Copy the repository from the ISO image onto the local client. Configure the repository on the
client by using the svccfg - s command so that the Solaris publisher is connected to the new
repository. Refresh the application/pkg/server service. Issue the pkgrepo refresh command to refresh
the repository catalog
B. Configure the publisher on the client using the svcfg - s command so that the Solaris publisher is
connected to the repository at http://sysA.example.comRefresh the application/pkg/server service.
Issue the pkgrepo refresh command to repository catalog
C. Use the pkg set-publisher command to change the URL of the publisher Solaris to
http://sysA.example.com. Issue the pkg update command to update the OS image.
D. Add the new publisher http://sysA.example.com SolarisUse the pkg set-publisher command to set
the publisher search order and place http://sysA.example.com of
http://pkg.oracle.com/solaris/releaseIssue the pkg publisher command to view the publishers. Set
the new publisher to sticky. Issue the pkg update command to update the OS image.
Answer: C
Explanation:
You can use the pkg set-publisher command to change a publisher URI.
Changing a Publisher Origin URI
To change the origin URI for a publisher, add the new URI and remove the old URI. Use the -g option
to add a new origin URI. Use the -G option to remove the old origin URI.
# pkg set-publisher -g http://pkg.example.com/support \
-G http://pkg.example.com/release example.com
Note: You can use either the install or update subcommand to update a package.
The install subcommand installs the package if the package is not already installed in the image. If
you want to be sure to update only packages that are already installed, and not install any new
packages, then use the update subcommand.
NO.24 Which statement is correct about shudown and init commands?
A. shutdown broadcasts one or more periodic shutdown warning messages to all logged-in users
whereas init issues none.
B. The shutdown command performs a clean shutdown of all services whereas init does not.
C. The shutdown command brings the system to the single-user milestone by default. The init
command must be used to shut the system down to run level 0.
D. The shutdown command accepts SMF milestones, init stages, or run levels as arguments whereas
init accepts only init stages or run levels as arguments.
Answer: A
NO.25 View the Exhibit to see the information taken from the installation log file.
Based on the information presented in the Exhibit, which two options describe the state of the
system when the server is booted for the first time after the installation is complete?
16
IT Certification Guaranteed, The Easy Way!
A. NWAM will be used to configure the network interface.
B. The network/physical service is offline.
C. You cannot log in from the console as root. You must first log in as a user and then su to root
account.
D. The root user can log in from the console login.
E. You will be prompted to configure the network interface after the initial login.
Answer: B,D
NO.26 Solaris 11 includes a redesigned software packaging model: the Image Packaging system.
Which three describe advantages of the Image Packaging System over the previous Solaris 10 SVR4
packaging model?
A. Eliminates patching of the software package
B. Makes the patching process more efficient with less downtime
C. Eliminates OS version upgrade
D. Allows for the installation of the OS without a local DVD or installation server
E. Allows the use of a repository mirror to speed up package operation
F. Allows users to publish their own software package in a software repository
Answer: A,E,F
NO.27 You are installing the Solaris 11 OE by using the Interactive Text Installer. You have selected
the option to automatically configure the primary network controller. Which three items will
automatically be configured as a result of this selection?
A. The IP address.
B. The name service.
C. The time zone.
D. A default user account.
E. The terminal type.
F. The root password.
G. The host name.
17
IT Certification Guaranteed, The Easy Way!
Answer: A,B,C
Explanation:
IP address and name service (such as a DNS server) are provided by the DHCP server.
NO.28 The default publisher on your system is:
You want to update the Oracle Solaris 11 environment on your system, but you are not able to
connect this system to the Internet to access the default Oracle repository. A repository has been
created on your local network and is named
http://server1.example.com.
Which command would you choose to connect your system to the local repository?
A. pkg publisher to specify the new publisher
B. pkg set-publisher to set the stickiness on the http://server1.example.com publisher and unset
stickiness for http://pkg.oracle.com/solaris/release
C. pkg add-publisher to add the new publisher
D. pkg set-publisher to set the origin for the publisher
Answer: D
Explanation:
Solaris 11 Express makes it pretty easy to set up a local copy of the repository.
A common reason folks need access to a local repository is because their system is not connected to
the Internet.
Tthe pkg set-publisher command can be used to for example add a publisher or to enable or disable a
publisher.
Note: Example Adding a Publisher
Use the -g option to specify the publisher origin URI.
# pkg set-publisher -g http://pkg.example.com/release example.com
Example Specifying the Preferred Publisher
Use the -P option to specify a publisher as the preferred publisher. The specified publisher moves to
the top of the search order. You can specify the -P option when you add a publisher or you can
modify an existing publisher.
# pkg set-publisher -P example.com
Example Enabling or Disabling a Publisher
Use the -d option to disable a publisher. The preferred publisher cannot be disabled. A disabled
publisher is not used in package operations such as list and install. You can modify the properties of a
disabled publishers.
Use the -e option to enable a publisher.
# pkg set-publisher -d example2.com
NO.29 User jack logs in to host solar in and issues the following command:
jack@solaris:-$ ls .ssh
id_dsa id_dsa.pub id_rsa id_rsa.pub known_hosts authorized_keys
Which two are true?
A. The id_rsa file contains the private key for rhosts-based host authentication.
B. The id_dsa.pub file contains the Digital Signature Algorithm public key for the user jack.
C. The id_rsa.pub file contains the Rivest Shamir Adelman public key for the host solaris.
18
IT Certification Guaranteed, The Easy Way!
D. The authorized_keys file contains the private keys of remote users authorized to access jack's
account on solaris.
E. The known_hosts file contains the verified public keys of remote hosts known to be trusted.
Answer: A,E
Explanation:
A: You will see two files starting with id_rsa. id_rsa is the private key and id_rsa.pub is public key.
E: The .ssh/known_hosts file
In order to use public-key secure connection with other hosts (ssh, scp, sftp) there is a special
directory, ~/.ssh/, where passphrases and public keys are stored. Normally you wouldn't need to
know the gory details, but from time to time a host will change its public key and then you have
difficulty using ssh or scp with that host, and have to edit a file named known_hosts.
If you try to ssh to another computer, but get an error message that warns about a changed or
incorrect public key, then it is probably just a case of that host changing its public key. (It is possible,
though usually not the case, that malicious hacking is involved.) Unless you actually suspect hacker
involvement, you can edit the file ~/.ssh/known_hosts using your usual text editor (vi, emacs, nedit,
or pico) and delete any line with the name of that host.
Then when you try to ssh that host again, it will be like the first time ever; ssh will ask you if you want
to accept a new public key, you type the whole word yes, and everything will proceed normally from
there.
Here is what a typical ~/.ssh/known_hosts file might contain. Note that newton is represented on
two different lines:
newton 1024 35
153438062610297067329638677441205712613292203533062535600064224677647442
245028855505387934431717435134842994423656065076260604296084868001730665
553662299156116414854701274715680961503198280525759778667306417179500370
189017139564144825610347509023078143132936185076849630461827976942220442
313116255293297021841
ucsub 1024 37
132170811640421742212085598383135714069016332111955003414250071326834884
018721183646445780180633494496866895830879394309011412231102757022090299
732775466435482517698989962531081214859205054227533597152962802400251809
883548442498002326460312850336779152617243800769119880843882425555806081
435017335194477605333
simpson 1024 41
840896920592494584403453622735282634536002054701576247765078766974814128
393752943151071629834843909016027026612791643752972116459602750267266908
365259665072736159491719667576217171370458928680504368847255632477925660
234893185547218857655484574619075125368470792976275806263534208879722192
77539015703446529603
newton, 128.138.249.8 ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEA0d7Aoure0toNJ+YMYi61QP2ka8m5x5ZQlT7obP8C
K3eropfqsMPPY6uiyIh9vpiFX2r1LHcbx139+vG6HOtVvuS8+IfMDtawm3WQvRuOopz3vVy
5GtMwtaOgehsXoT930Ryev1bH5myPtWKlipITsOd2sX9k3tvjrmme4KCGGss=
NO.30 You are planning group names for a new system. You decide to use a numbering convention
that includes the year and month the project began, to form the group number and name for work
19
IT Certification Guaranteed, The Easy Way!
associated with that project.
So, for example, a project targeted to begin in January, 2013 would have the number (name):
201301(Pr20l301)
What are the two problems with your plan?
A. Group names may not contain a numeric character
B. Group names may be no longer than 7 characters.
C. Group numbers should not be larger than 60000.
D. Group names should be all lowercase.
Answer: C,D
Explanation:
C: The Group ID (GID) field contains the group's numerical ID. GIDs can be assigned whole numbers
between 100 and 60000.
D: Group names contain only lowercase characters and numbers.
NO.31 You have edited /etc/profile to include the lines:
dennis_says=hello
export dennie_says
You have also edited /etc/skel/local.profile to include the line:
dennis_says=world
You now create a new user account brian, and specify use of the bash shell. When brian logs in and
enters Echo $dennis_says What will he see, and why?
A. world, because the local.profile entry will be executed last
B. hello, because the global /etc/profile entry overrides the local.profile entry
C. hello, because the local.profile entry is not automatically sourced on login
D. hello, because the value specified in local.profile was not exported
E. nothing, because the variable was not exported in local.profile
Answer: A
Explanation:
The $HOME/.profile file is an initialization file that is executed after the /etc/profile when logging in
to the Bourne or Korn shell. The file contains user preferences for variable settings. If the ENV
variable is set to .kshrc, the .kshrc file executes every time a new shell begins execution. The
$HOME/.profile is copied from the /etc/skel/local.profile file by the Administration Tool when
creating a new account.
Note: /etc/skel/local.profile
Per-system configuration file for
sh/ksh/ksh93/bash login sessions,
installed for new users
NO.32 You have installed the SMF notification framework to monitor services. Which command is
used to set up the notifications for a particular service?
A. svccfg
B. svcadm
C. setnotify
D. smtp-notify
20
IT Certification Guaranteed, The Easy Way!
Answer: A
Explanation:
How to Set Up Email Notification of SMF Transition Events
This procedure causes the system to generate an email notification each time one of the services or a
selected service has a change in state. You can choose to use either SMTP or SNMP. Normally, you
would only select SNMP if you already have SNMP configured for some other reason.
By default, SNMP traps are sent on maintenance transitions. If you use SNMP for monitoring, you can
configure additional traps for other state transitions.
1 . Become an administrator or assume a role that includes the Service Management rights profile.'
2 . Set notification parameters.
Example 1:
The following command creates a notification that sends email when transactions go into the
maintenance state.
# /usr/sbin/svccfg setnotify -g maintenance mailto:sysadmins@example.com Example 2:
The following command creates a notification that sends email when the switch service goes into the
online state.
# /usr/sbin/svccfg -s svc:/system/name-service/switch:default setnotify to-online \
mailto:sysadmins@example.com Note: The svccfg command manipulates data in the service
configuration repository. svccfg can be invoked interactively, with an individual subcommand, or by
specifying a command file that contains a series of subcommands.
Changes made to an existing service in the repository typically do not take effect for that service until
the next time the service instance is refreshed.
NO.33 Review the ZFS dataset output that is displayed on your system:
Which four correctly describe the output?
A. /data/file4 has been added.
B. The link /data/file3 has been added.
C. /data/file3 has been renamed to /data/file13.
D. /data/file4 has been modified and is now larger.
E. /data/file1 has been deleted.
F. /data/file1 has been modified and is now smaller.
G. /data/file5 has been modified.
H. /data/file3 (a link) has been removed.
Answer: A,C,E,G
Explanation:
A: + Indicates the file/directory was added in the later dataset
C: R Indicates the file/directory was renamed in the later dataset
E: - Indicates the file/directory was removed in the later dataset
G: M Indicates the file/directory was modified in the later dataset
Note: Identifying ZFS Snapshot Differences (zfs diff)
You can determine ZFS snapshot differences by using the zfs diff command.
The following table summarizes the file or directory changes that are identified by the zfs diff
21
IT Certification Guaranteed, The Easy Way!
command.
File or Directory Change Identifier
* File or directory is modified or file or directory link changed
M
* File or directory is present in the older snapshot but not in the newer snapshot
* File or directory is present in the newer snapshot but not in the older snapshot
+
* File or directory is renamed
R
NO.34 You are attempting to troubleshoot an event that should have made an entry into the
messages log. This event happened about two weeks ago. Which file should you look at first?
A. /var/adm/messages
B. /var/adm/messages.0
C. /var /adm/messagas.1
D. /var/adm/messages.2
E. /var/adm/messages.3
Answer: A
Explanation:
The /var/adm/messages is the file to which all the messages printed on the console are logged to by
the Operating System. This helps to track back check the console messages to troubleshoot any
issues on the system.
Syslog daemon also writes to this /var/adm/messages file.
The /var/adm/messages file monitored and managed by newsyslog and its configuration file is
/usr/lib/newsyslog.
This script runs as the roots cron job everyday, checks the /var/adm/messages file and copies/moves
it to /var/adm/messages.0, 1, 2, 3, 4, 5, 6, 7. In other words, it does the Log Rotation for the
/var/adm/messages.
In an event the /var file system is running out of space, these files needs to checked and can be
removed (not the actual /var/adm/messages itself) to free up space on the file system.
However, care has to be taken, if you decide to empty the /var/adm/messages itself for any reason.
This process is called Truncation.
SOLARIS SYSTEM ADMIN TIPS, /var/adm/messages
NO.35 You need to migrate a UFS file system named /production_ufs to a ZFS file system named
/production_ufs. The /production_ufs file system cannot be taken down or be out of production
during the migration, and the current /production_ufs file system must remain active until the
/ptoduction_zfs file system is copied and ready.
Which method allows you to meet both requirements?
1 . Copy live data from /production_ufs to /production_zfs while /production_ufs is in use.
2 . When the copy is complete, /production_zfs will contain an up-to date copy of
/production_ufs
A. Create a snapshot of the UFS file system. Create the new ZFS file system. Use cpio to copy data
from the snapshot to the new ZFS file system.
22
IT Certification Guaranteed, The Easy Way!
B. Create a new Boot Environment. Create the ZFS file system. Use lucreate -m to copy data from the
Current UFS file system to the new ZFS file system.
C. Mirror the existing UFS file system by using SVM.After both submissions are in sync, migrate one
of the submissions to a ZFS file System by using Live Upgrade.
D. Create the new ZFS file system by using zfs create import to import data from the existing UFS file
system into the new ZFS file system
E. Create the new zfs file system by using the zfs create -o shadow.
Answer: E
Explanation:
Migrating Data With ZFS Shadow Migration
ZFS shadow migration is a tool you can use to migrate data from an existing file system to a new file
system. A shadow file system is created that pulls data from the original source as necessary.
You can use the shadow migration feature to migrate file systems as follows:
* A local or remote ZFS file system to a target ZFS file system
* A local or remote UFS file system to a target ZFS file system
Shadow migration is a process that pulls the data to be migrated:
* Create an empty ZFS file system.
* Set the shadow property on an empty ZFS file system, which is the target (or shadow) file system,
to point to the file system to be migrated.
For example:
# zfs create -o shadow=nfs://system/export/home/ufsdata users/home/shadow2
* Data from file system to be migrated is copied over to the shadow file system.
NO.36 Before booting testzone, a non-global zone, you want to connect to the zone's console so
that you can watch the boot process.
Choose the command used xo connect to testzone's console.
A. zoneadm - C testzone
B. zoneadm - console testzone
C. zlogin - z testzone console
D. zlogin - z testzone - C
E. zlogin - C testzone
F. zoneadm - z testzone - C
Answer: E
NO.37 Review the boot environment information displayed on your system:
Which two options accurately describe the newBE boot environment?
A. It cannot be destroyed.
B. It cannot be activated.
C. It cannot be renamed.
D. You can create a snapshot of it.
E. It is activated but unbootable.
23
IT Certification Guaranteed, The Easy Way!
F. It has been deleted and will be removed at the next reboot.
Answer: B,C
Explanation:
If the boot environment is unbootable, it is marked with an exclamation point (!) in the Active column
in the beadm list output.
The beadm command restricts actions on unbootable boot environments as follows:
You cannot activate an unbootable boot environment. (B)
You cannot destroy a boot environment that is both unbootable and marked as active on reboot.
You cannot create a snapshot of an unbootable boot environment.
You cannot use an unbootable boot environment or boot environment snapshot with the -e option of
beadm create.
You cannot rename an unbootable boot environment. (C)
NO.38 Which two capabilities are provided by the OpenBoot PROM?
A. a command to safely shut down the system
B. hardware testing and initialization
C. booting from a disk or network
D. starting the GRUB loader
Answer: B,C
Explanation:
OpenBoot firmware is executed immediately after you turn on your system. The primary tasks of
OpenBoot firmware are to:
* Test and initialize the system hardware (B)
* Determine the hardware configuration
*Boot the operating system from either a mass storage device or from a network (C)
*Provide interactive debugging facilities for testing hardware and software
NO.39 You are asked to troubleshoot networking issues on an unfamiliar system.
Select the correct command to display what network devices are installed.
A. ifconfig -a
B. dladm show-dev
C. dladm show-phys
D. dladm show-ether
E. netadm show-dev
F. netadm show-ether
Answer: C
NO.40 Which two options describe how to override the default boot behavior of an Oracle Solaris
11 SPARC system to boot the system to the single-user milestone?
A. from the ok prompt, issue this command: boot -m milestone=single-user
B. From the ok prompt, issue this command: boot -m milestone/single-user
C. From the ok prompt, issue this command: boot -milestone=single-user
D. From the ok prompt. issue this command:boot -s
E. From from the ok prompt, issue this command:boot -m milestone=s
24
IT Certification Guaranteed, The Easy Way!
Answer: A,D
Explanation:
By default, Solaris will boot to the pseudo milestone "all" and start all services. This behaviour can be
changed at boot time using either "-s" to reach single-user, or the new SMF option "-m
milestone=XXX" (see kernel(1M) for a list of the bootable milestones) to select an explicit milestone.
Note: boot -s is the same as: boot -m milestone=single-user
with the difference being that the former is a lot less to type and is what most SysAdmins will be
familiar with.
NO.41 The su command by default makes an entry into the log file for every su command attempt.
The following is a single line from the file:
SU 12/18 23:20 + pts/1 user1-root
What does the + sign represent?
A. unsuccessful attempt
B. successful attempt
C. The attempt was from a pseudo terminal, and not the console.
D. The attempt was from a user that is in the adm group, same as root.
E. Time zone is not set.
Answer: B
Explanation:
The sulog file, /var/adm/sulog, is a log containing all attempts (whether successful or not) of the su
command. An entry is added to the sulog file every time the su command is executed. The fields in
sulog are: date, time, successful (+) or unsuccessful (-), port, user executing the su command, and
user being switched to. In the preceding example, all su attempts were successful, except for the
attempt on 2/23 at 20:51, when user pete unsuccessfully attempted to su to user root.
Look for entries where an unauthorized user has used the command inappropriately. The following
entry shows a successful (indicated by +) su from user userid to root.
SU 03/31 12:52 + pts/0 <userid>-root
NO.42 You have been tasked with creating a dedicated virtual network between two local zones
within a single system, in order to isolate the network traffic from other zones on that system.
To accomplish this, you will create_____.
A. an ether stub
B. virtual router
C. a virtual bridge
D. a virtual network interface
E. nothing, because a virtual switch is automatically created when the virtual network interfaces are
created
Answer: D
Explanation:
First create a virtual switch, then create a virtual network interface.
NO.43 A change in your company's security policy now requires an audit trial of all administrators
assuming the sysadm role, capturing:
There are two command necessary to accomplish this change. One is a rolemod command. What is
25
IT Certification Guaranteed, The Easy Way!
the other?
A. auditconfig set policy=argv
B. auditconfig -setpolicy +argv
C. auditconfig -setflags lo, ex sysadm
D. auditconfig set flags=lo, ex sysadm
Answer: B
Explanation:
Audit Significant Events in Addition to Login/Logout (see step 2 below) Use this procedure to audit
administrative commands, attempts to invade the system, and other significant events as specified by
your site security policy.
For all users and roles, add the AUE_PFEXEC audit event to their preselection mask.
# usermod -K audit_flags=lo, ps:no username
# rolemod -K audit_flags=lo, ps:no rolename
# auditconfig -setpolicy +argv
3 - Record the environment in which audited commands are executed.
# auditconfig -setpolicy +arge
Note: [-t] -setpolicy [+|-]policy_flag[, policy_flag ...]
Set the kernel audit policy. A policy policy_flag is literal strings that denotes an audit policy.
A prefix of + adds the policies specified to the current audit policies. A prefix of - removes the policies
specified from the current audit policies. No policies can be set from a local zone unless the perzone
policy is first set from the global zone.
NO.44 You have installed an update to the gzip package and need to "undo" .ho update and return
the package to its "as-delivered" condition. Which command would you use?
A. pkg undo
B. pkg revert
C. pkg fix
D. pkg uninstall
Answer: B
Explanation:
Use the pkg revert command to restore files to their as-delivered condition.
NO.45 Which two options are characteristics of a fast reboot?
A. A fast reboot bypasses grub.
B. A fast reboot cannot be used after a system panic on the x86 platform.
C. A fast reboot can only be executed on the SPARC platform when the
config/fastreboot_default property for the svc:/system/boot-config:default service is set to true.
D. A fast reboot uses an in-kernel boot loader to load the kernel into memory.
E. A fast reboot is the default on all platforms.
Answer: C,D
Explanation:
C: To change the default behavior of the Fast Reboot feature on the SPARC platform, so that a fast
reboot is automatically performed when the system reboots, see below.
The following example shows how to set the property's value to true on the SPARC platform, so that
26
IT Certification Guaranteed, The Easy Way!
a fast reboot is initiated by default:
# svccfg -s "system/boot-config:default" setprop config/fastreboot_default=true
# svcadm refresh svc:/system/boot-config:default
D: Fast Reboot implements an in-kernel boot loader that loads the kernel into memory and then
switches to that kernel.
The firmware and boot loader processes are bypassed, which enables the system to reboot within
seconds.
The Fast Reboot feature is managed by SMF and implemented through a boot configuration service,
svc:/system/boot-config. The boot-config service provides a means for setting or changing the default
boot configuration parameters. When the config/fastreboot_default property is set to true, the
system performs a fast reboot automatically, without the need to use the reboot -f command. This
property's value is set to true on the x86 platform. For task-related information, including how to
change the default behavior of Fast Reboot on the SPARC platform, see Accelerating the Reboot
Process on an x86 Based System.
Note: One new feature, called Fast Reboot, will allow the system to boot up without doing the
routine set of hardware checks, a move that can make system boot times up to two- and-a-half times
faster, Oracle claimed. This feature can be handy in that an administrator applying a patch or
software update across thousands of Solaris deployments can reboot them all the more quickly.
NO.46 Which two SMF milestones can be specified at boot time?
A. none
B. network
C. all
D. config
E. unconfig
F. devices
Answer: A,C
Explanation:
The milestones that can be specified at boot time are
none
single-user
multi-user
multi-user-server
all
NO.47 To confirm the IP address and netmask have been correctly configured on the network
interfaces which command should you use?
A. ipdilm show-if
B. ipadm show-nic
C. ipadm show-addr
D. ipadm show-ifconfig
E. ipadm show-addripadm show-mask
Answer: C
Explanation:
Show address information, either for the given addrobj or all the address objects configured on the
27
IT Certification Guaranteed, The Easy Way!
specified interface, including the address objects that are only in the persistent configuration.
State can be: disabled, down, duplicate, inaccessible, ok, tentative
Example:
# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
lo0/v6 static ok ::1/128
NO.48 You are going to use the- Automated installer (AI) to install a non global zone named zone1.
You have created a custom manifest for the non-global zone and named it zone1manifest Which
command will you use to add this custom manifest to the s11-sparc install service and associate this
custom manifest with the non-global zone?
A. installadm create-profile -n s11-sparc -f /tmp/zone1manifest.xml - c
B. installadm create-manifest -n s11-sparc -f /tmp/zone1manifest.xml -m
C. installadm create-client -n s11-sparc -f /tmp/zone1manifest.xml -m zone1manifest -c zonename=
"zone1"
D. installadm create-service - n s11-sparc -f /tmp/zone1manifest.xml -m zone1manifest c zonename="zone1"
Answer: B
Explanation:
installadm add-manifest
Associates manifests with a specific install service, thus making the manifests available on the
network, independently from creating a service. When publishing a non-default manifest, it is
required to associate criteria either via criteria entered on the command line (-c) or via a criteria XML
file (-C).
NO.49 Which command would you use to determine which package group is installed on your
system?
A. pkg list group/system/\*
B. pkg info
C. uname -a
D. cat /var/sadm/system/admin/CLUSTEP
Answer: B
Explanation:
The pkg info command provides detailed information about a particular IPS package.
Note: The pkginfo command does the same for any SVR4 packages you may have installed on the
same system.
pkg info example:
$ pkg info p7zip
Name: compress/p7zip
Summary: The p7zip compression and archiving utility
Description: P7zip is a unix port of the 7-Zip utility. It has support for numerous compression
algorithms, including LZMA and LZMA2, as well as for various archive and compression file formats,
including 7z, xz, bzip2, gzip, tar, zip (read-write) and cab, cpio, deb, lzh, rar, and rpm (read-only).
Category: System/Core
28
IT Certification Guaranteed, The Easy Way!
State: Installed
Publisher: solaris
Version: 9.20.1
Build Release: 5.11
Branch: 0.175.0.0.0.2.537
Packaging Date: Wed Oct 19 09:13:22 2011
Size: 6.73 MB
FMRI: pkg://solaris/compress/p7zip@9.20.1, 5.11-0.175.0.0.0.2.537:20111019T091322Z
NO.50 Which two are implemented using the Internet Control Message Protocol (ICMP)?
A. ping
B. DHCP
C. HTTP
D. telnet
E. syslog
F. traceroute
Answer: A,F
Explanation:
The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet Protocol
Suite.
ICMP differs from transport protocols such as TCP and UDP in that it is not typically used to exchange
data between systems, nor is it regularly employed by end-user network applications (with the
exception of some diagnostic tools like ping and traceroute).
NO.51 Select the five tasks that need to be performed on the Automated Installer (AI) install server
before setting up the client.
A. Create a local IPS repository on the AI Install server and start the repository server service, the
publisher origin to the repository file.
B. Set up a IP address on the AI install server.
C. The DHCP server must be enabled on the install server and must provide the DHCP service for the
clients.
D. DHCP must be available on the network for the Install server and the clients, but the install server
does not need to be the DHCP server.
E. Download the AI boot image. The image must be the same version as the Oracle Solaris OS that
you plan to install on the client.
F. Download the text install image into the IPS repository.
G. Install the AI installation tools.
H. Create the AI install service. Specify the path to the AI network boot image ISO file and the path
where the AI net image ISO file should be unpacked.
I. Create the AI install service. Specify the path to the AI network boot image ISO file and the path to
the IPS repository.
Answer: B,D,F,G,I
Explanation:
B: Configure the AI install server to use a static IP address and default route.
29
IT Certification Guaranteed, The Easy Way!
D: The create-service command can set up DHCP on the AI install server. If you want to set up a
separate DHCP server or configure an existing DHCP server for use with AI. The DHCP server must be
able to provide DNS information to the systems to be installed.
E: An automated installation of a client over the network consists of the following high-level steps:
1. The client system boots over the network and gets its network configuration and the location of
the install server from the DHCP server.
2. The install server provides a boot image to the client.
3. Characteristics of the client determine which installation instructions and which system
configuration instructions are used to install the client.
4. The Oracle Solaris 11 OS is installed on the client, pulling packages from the package repository
specified by the installation instructions in the AI install service.
G: Install the AI tool set.
Use the installadm create-service command to create an AI install service. Give the service a
meaningful name, and specify the path where you want the service created. Specify the source of the
network boot image (net image) package or ISO file.
installadm create-service [-n svcname]
[-s FMRI_or_ISO] [-d imagepath]
-d imagepath
The imagepath is the location of the new install service. The install-image/solaris-auto- install package
is installed to this location, or the specified ISO file is expanded at this location.
NO.52 Which best describes the svc:/system/boot-config service?
A. It is used to change the milestone on a system.
B. It is used to set the default run level of the system.
C. It provides the parameters used to set the system to automatically perform a fast or slow reboot.
D. When the service is enabled, the system performs a fast reboot by default; when it is disable the
system performs a slow reboot by default.
Answer: C
Explanation:
Starting with the Oracle Solaris 11 Express release, Fast Reboot is supported on the SPARC platform,
as well as the x86 platform. On both platforms, this feature is controlled by the SMF and
implemented through a boot configuration service, svc:/system/boot- config. The boot-config service
provides a means for setting or changing the default boot configuration parameters.
The fastreboot_default property of the boot-config service enables an automatic fast reboot of the
system when either the reboot or the init 6 command is used. When the config/fastreboot_default
property is set to true the system automatically performs a fast reboot, without the need to use the
reboot -f command. By default, this property's value is set to false on the SPARC platform and to true
on the x86 platform.
NO.53 Subnets are created by using________.
A. subnet
B. netmask
C. unicast
D. broadcast
Answer: B
30
IT Certification Guaranteed, The Easy Way!
Explanation:
The process of subnetting involves the separation of the network and subnet portion of an address
from the host identifier. This is performed by a bitwise AND operation between the IP address and
the (sub)network prefix. The result yields the network address or prefix, and the remainder is the
host identifier.
The routing prefix of an address is written in a form identical to that of the address itself.
This is called the network mask, or netmask, of the address. For example, a specification of the mostsignificant 18 bits of an IPv4 address, 11111111.11111111.11000000.00000000, is written as
255.255.192.0.
NO.54 The advantage of core tiles is that they allow you an opportunity to examine the cause of
problems, so that they can be resolved.
However, core files must be managed because they_____.
A. take up large amounts of disk space
B. make numerous entries into the /var/adm/wtmpx file
C. steal resources from the processor, slowing down system performance
D. fill up swap space; this will begin to slow the system due to swaps
E. fill up swap space; this will begin to slow the system due to paging
Answer: A
Explanation:
Part of the job of cleaning up heavily loaded file systems involves locating and removing files that
have not been used recently. You can locate unused files by using the ls or find commands.
Other ways to conserve disk space include emptying temporary directories such as the directories
located in /var/tmp or /var/spool, and deleting core and crash dump files.
Note: Core files are generated when a process or application terminates abnormally. Core files are
managed with the coreadm command.
For example, you can use the coreadm command to configure a system so that all process core files
are placed in a single system directory. This means it is easier to track problems by examining the
core files in a specific directory whenever a process or daemon terminates abnormally.
NO.55 Your are troubleshooting network throughput on your server.
To confirm that the load balancing among aggregated links is functioning properly, you want to
examine the traffic statistics on the links comprising the aggregation.
The correct command is ___________.
A. dlstat - aggr
B. dlstat show-aggr
C. dlstat show-link -r
D. dlstat show-link -aggr
E. dlstat show-phys -aggr
Answer: B
Explanation:
dlstat show-aggr [-r | -t] [-i interval] [-p] [ -o field[, ...]] [-u R|K|M|G|T|P] [link] Display per-port
statistics for an aggregation.
NO.56 When issuing the zonestat 2 1h is command, the following information is displayed:
31
IT Certification Guaranteed, The Easy Way!
Which two options accurately describe the statistics contained in the output?
A. dbzone is using 0.21% of the total CPU resource available in the zone's processor set.
B. dbzone is using 0.21% of the global zone's total CPU.
C. dbzone is using 5.48% of the total physical memory that has been allocated to the zone.
D. dbzone is using 2.37% of the global zone's total virtual memory.
E. The network is being utilized 100% with no physical bandwidth remaining.
Answer: A,C
Explanation:
A: %PART
The amount of cpu used as a percentage of the total cpu in a processor-set to which the zone is
bound. A zone can only have processes bound to multiple processor sets if it is the global zone, or if
psrset(1m) psets are used. If multiple binding are found for a zone, it's
%PART is the fraction used of all bound psets. For [total] and [system], %PART is the percent used of
all cpus on the system.
Note: The zonestat utility reports on the cpu, memory, and resource control utilization of the
currently running zones. Each zone's utilization is reported both as a percentage of system resources
and the zone's configured limits.
The zonestat utility prints a series of interval reports at the specified interval. It optionally also prints
one or more summary reports at a specified interval.
NO.57 View the Exhibit and review the file system information displayed from a remote server.
32
IT Certification Guaranteed, The Easy Way!
You are configuring a new server. This new server has the following storage pool configured:
This new server also has the following file systems configured:
When you are finished building this new server, the pool1/data dataset must be an exact duplicate of
note server. What is the correct procedure to create the pool1/data dataset on this new server?
A. zfs create -o mountpoint=/data -o refquota=1g pool1/data
B. zfs set mountpoint=none pool1zfs create pool1/data
C. zfs set mountpoint=none pool1zfs create -o mountpoint=/data -o quota=1g pool1/data
D. zfs create quota=1g pool1/data
E. zfs create mountpoint=/data pool1/data
F. zfs set quota=1g pool1/data
Answer: A
NO.58 Which two are user definable OpenBoot parameters that can be set in the OpenBoot PROM?
A. IP address for the system console
B. Host ID
C. System date and time
D. Default boot device
E. Verbose hardware diagnostics
F. Powering off the hardware
Answer: D,E
Explanation:
The NVRAM chip stores user-definable system parameters, also referred to as NVRAM variables or
EEPROM parameters. The parameters allow administrators to control variables such as the default
boot device and boot command. The NVRAM also contains writeable areas for user-controlled
diagnostics, macros, and device aliases. NVRAM is where the system identification information is
stored, such as the host ID, Ethernet address, and time-of-day (TOD) clock.
Examples of NVRAM variables:
Variable Default Description boot-device disk or net
The device from which to start up.
diag-device net The diagnostic startup source device.
diag-file Empty string Arguments passed to the startup program in diagnostic mode.
diag-switch? false Whether to run in diagnostic mode
NO.59 User1 is attempting to run the following command:
33
IT Certification Guaranteed, The Easy Way!
cp bigfile verybig
The system displays the following errer:
cp: cannot create verybig: Disc quota exceeded
Your initial troubleshooting shows that the df -h command indicates the account is at 100% capacity.
What command would you use to determine how much disk space the user has available?
A. zfs get quota rpool/export/home/user1
B. zfs userused@user1
C. zfs quota=1M /rpool/export/home/user1
D. df -h | grep user1
Answer: A
Explanation:
ZFS quotas can be set and displayed by using the zfs set and zfs get commands. In the following
example, a quota of 10 Gbytes is set on tank/home/bonwick.
# zfs set quota=10G tank/home/bonwick
# zfs get quota tank/home/bonwick
NAME PROPERTY VALUE SOURCE
tank/home/bonwick quota 10.0G local
NO.60 Oracle Solaris 11 kernel encounters a fatal error, and it results in a system panic.
What type of file does this generate?
A. a.out
B. objdump
C. core dump
D. tape dump
E. crash dump
Answer: C
Explanation:
A kernel panic is a type of error that occurs when the core (kernel) of an operating system receives an
instruction in an unexpected format or when it fails to handle properly. A kernel panic can also follow
when the operating system can't recover from a different type of error.
A kernel panic can be caused by damaged or incompatible software or, more rarely, damaged or
incompatible hardware.
When a server kernel panics it abruptly halts all normal system operations. Usually, a kernel process
named panic() outputs an error message to the console and stores debugging information in
nonvolitile memory to be written to a crash log file upon restarting the computer. Saving the memory
contents of the core and associated debugging information is called a "core dump."
NO.61 When upgrading an existing system from Solaris 11 Express to Oracle Solaris 11, what
happens to the datalink names?
A. They follow the default naming convention for the newly installed version.
B. They maintain their names.
C. They are called eth#.
D. They are called el00g#.
E. They are left unnamed, to avoid conflicts, and need to be renamed after the installation process is
34
IT Certification Guaranteed, The Easy Way!
complete.
Answer: A
Explanation:
Network configuration in Oracle Solaris 11 includes
* Generic datalink name assignment - Generic names are automatically assigned to datalinks using the
net0, net1, netN naming convention, depending on the total number of network devices that are on
the system Note: There is no upgrade path from Oracle Solaris 10 to Oracle Solaris 11. You must
perform a fresh installation.
NO.62 You have a process called bigscript, and you need to know the PID number for this process.
Which command will provide that information?
A. pkill bigscript
B. ps bigscript
C. pgrep bigscript
D. prstat bigscript
Answer: C
Explanation:
Pgrep takes a process name and return a PID.
Note: pgrep looks through the currently running processes and lists the process IDs which matches
the selection criteria to stdout. All the criteria have to match. For example, pgrep - u root sshd will
only list the processes called sshd AND owned by root.
Incorrec answers:
ps bigscript: You can't pass a name to ps, it interprets it as arguments.
NO.63 You are going to create live zones on you server. Disk space is critical on this server so you
need to reduce the amount of disk space required for these zones. Much of the data required for
each of these zones is identical, so you want to eliminate the duplicate copies of data and store only
data that is unique to each zone.
Which two options provide a solution for eliminating the duplicate copies of data that is common
between all of these zones?
A. Create the zones by using sparse root zones.
B. Set the dedup property to on and the dedupratio to at least 1.5 for the zpool.Create a separate
ZFS file system for each zone in the zpool.
C. Put all of the zones in the same ZFS file system and set the dedupratio property for the ZFS file
system to at least 1.5.
D. Put all of the zones in the same ZFS file system and set the dedup property for the file system to
on.
E. Put each zone in a separate ZFS file system within the same zpool. Set the dedup property to on
for each ZFS file system.
Answer: D,E
Explanation:
n Oracle Solaris 11, you can use the deduplication (dedup) property to remove redundant data from
your ZFS file systems. If a file system has the dedup property enabled, duplicate data blocks are
removed synchronously. The result is that only unique data is stored, and common components are
shared between files.
35
IT Certification Guaranteed, The Easy Way!
NO.64 Which command would you use from the bash shell to determine the total amount of
physical memory installed in your Solaris system (x86 and SPARC)?
A. uname -a
B. prtconf | grep -i memory
C. sysdef | grep -i memory
D. vmstat
E. prtdiag | grep -i memory
Answer: B
Explanation:
The prtconf command prints the system configuration information. The output includes the total
amount of memory, and the configuration of system peripherals formatted as a device tree.
If a device path is specified on the command line for those command options that can take a device
path, prtconf will only display information for that device node.
NO.65 You need to set up a local package repository to serve 75 client systems. Multiple clients will
being the package repository concurrently and you need to ensure that the local repository performs
very well under this heavy load, especially during package intensive operations.
Which option would ensure the best performance of the repository during package- intensive rations
by multiple clients?
A. Set up multipathing on the package repository server to distribute the network load multiple
network interfaces.
B. Deploy a second instance of the package repository server to run as a read writable mirror.
C. Deploy a second instance of the package repository server to run as a read-only mirror.
D. Deploy a second instance of the package repository server to run as a clone of the primary
repository server.
E. Deploy a package repository locally on each client.
Answer: A
NO.66 On server A, you enter the following command to add a static route to serverA route -p add
-host 192.168.1.101 192.168.1.101 -static
What is the purpose of this command?
A. to temporarily bypass IP Filter rules
B. to specify an IPMP target IP address to in.mpathd
C. to specify routing to an adjacent network when in.rdisc is not used
D. to specify routing to an adjacent network when in.routed is not used
E. to ensure the IP address for serverB is not flushed from the ARP cache
F. to optimize link aggregation using a direct connection between two systems
Answer: B
Explanation:
Note: # route -p add -host destination-IP gateway-IP -static
where destination-IP and gateway-IP are IPv4 addresses of the host to be used as a target.
For example, you would type the following to specify the target system 192.168.10.137, which is on
the same subnet as the interfaces in IPMP group itops0:
36
IT Certification Guaranteed, The Easy Way!
$ route -p add -host 192.168.10.137 192.168.10.137 -static
This new route will be automatically configured every time the system is restarted. If you want to
define only a temporary route to a target system for probe-based failure detection, then do not use
the -p option.
NO.67 Which three files must be edited in order to set up logging of all failed login attempts?
A. /var/adm/authlog
B. /etc/syslog.conf
C. /etc/default/login
D. /var/adm/loginlog
Answer: A,B,C
Explanation:
How to Monitor All Failed Login Attempts
This procedure captures in a syslog file all failed login attempts.
Assume the Primary Administrator role, or become superuser.
1 . Assume the Primary Administrator role, or become superuser.
2 . (C) Set up the /etc/default/login file with the desired values
for SYSLOG and SYSLOG_FAILED_LOGINS
3 . (A) Create a file with the correct permissions to hold the logging information.
Create the authlog file in the /var/adm directory.
4 . (B) Edit the syslog.conf file to log failed password attempts.
NO.68 The current ZFS configuration on server is:
You need to backup the /data file system while the file system is active.
Select the option that creates a full backup of the /data file system and stores the backup on server in
the pool named backup.
A. Mount -F nfs system: /backup / mntzfs snapshot pool/data@monday>/mnt/Monday
B. Mount -F nfs systemB: /backup/mntzfs snapshot pool1/data@Mondayzfs clone
pool1/data@monday/mnt/Monday
C. Zfs send pool1/data@Monday | ssh system zfs recv backup/monday
D. Zfs snapshot pool1/data@Monday | ssh system zfs recv backup/monday
Answer: C
Explanation:
http://docs.oracle.com/cd/E23823_01/html/819-5461/ghzvz.html
37
IT Certification Guaranteed, The Easy Way!
NO.69 In a fresh installation of Oracle Solaris 11, default datalinks are named with a genetic naming
convention, and they increment as you add interfaces. What is the default name?
A. eth#
B. net#
C. el000g#
D. lo#
E. nic#
Answer: B
Explanation:
When you install this Oracle Solaris release on a system for the first time, Oracle Solaris automatically
provides generic link names for all the system's physical network devices.
This name assignment uses the net# naming convention, where the # is the instance number. This
instance number increments for each device, for example, net0, net1, net2, and so on.
Note:
Network configuration in Oracle Solaris 11 includes
* Generic datalink name assignment - Generic names are automatically assigned to datalinks using the
net0, net1, netN naming convention, depending on the total number of network devices that are on
the system
NO.70 To confirm the IP addresses and netmasks have been correctly configured on the network
interfaces, which command(s) should you use?
A. ipadm show-if
B. ipadm show-nic
C. ipadm show-addr
D. ipadm show-addripadm show-mask
E. ipadm show-ipipadm show-mask
F. ipadm show-config
Answer: C
Explanation:
Show address information, either for the given addrobj or all the address objects configured on the
specified interface, including the address objects that are only in the persistent configuration.
Example:
# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
lo0/v6 static ok ::1/128
NO.71 What is the output of the following command, if executed using the default shell for the root
role account of a standard Live CD Install of Oracle Solaris 11? echo '$SHELL'
A. /usr/bin/bash
B. /usr/bin/ksh
C. $SHELL
D. the PID for the current shell
Answer: C
38
IT Certification Guaranteed, The Easy Way!
Explanation:
Single quotes are most strict. They prevent even variable expansion. Double quotes prevent wildcard
expansion but allow variable expansion. For example:
#!/bin/sh
echo $SHELL
echo "$SHELL"
echo '$SHELL'
This will print:
/usr/bin/bash
/usr/bin/bash
$SHELL
NO.72 Select the two statements that correctly describe the operation of NWAM.
A. If a location is explicitly enabled, it remains active until explicitly changed.
B. Wireless security keys can be configured by using the nwammgr command.
C. NWAM stores profile information in /etc/ipadm/ipadm.conf and /etc/dladm/datalink.conf.
D. Multiple locations may be automatically activated in systems with multiple network interface
cards.
E. Interface NCU Properties "float" and are automatically attached to the highest priority Link NCU
Property.
F. If the DefaultFixed NCP is enabled, persistent configuration, stored in /etc/ipadm.conf and
/etc/dladm/datalink.conf is used.
Answer: A,D
Explanation:
A: Conditional and system locations can be manually activated, which means that the location
remains active until explicitly disabled.
D: A location comprises certain elements of a network configuration, for example a name service and
firewall settings, that are applied together, when required. You can create multiple locations for
various uses. For example, one location can be used when you are connected at the office by using
the company intranet. Another location can be used at home when you are connected to the public
Internet by using a wireless access point.
Locations can be activated manually or automatically, according to environmental conditions, such as
the IP address that is obtained by a network connection.
39
IT Certification Guaranteed, The Easy Way!
NO.73 You start to execute a program by using the following command:
~ /bigscript &
You then determine that the process is not behaving as expected, and decide that you need to
terminate the process.
Based on the information shown below, what is the process number you should terminate?
A. 15163
B. 15156
C. 15166
D. 15165
Answer: A
Explanation:
From the output exhibit we can deduce that the shell has id 15156.
It has spawned three subprocesses:
grep: id 15166
ps -aef 15165
The remaining 15163 must be the subshell (see note below).
This is the id of the process which should be terminated.
NO.74 When setting up Automated Installer (AI) clients, an interactive tool can be used to generate
a custom system configuration profile. The profile will specify the time zone, data and time, user and
root accounts, and name services used for an AI client installation. This interactive tool will prompt
you to enter the client information and an SC profile (XML) will be created.
Which interactive tool can be used to generate this question configuration?
A. sys-unconfig
B. installadm set-criteria
C. sysconfig create-profile
D. installadm create-profile
Answer: B
Explanation:
Use the installadm set-criteria command to update the client criteria associated with an AI manifest
that you already added to a service using installadm add-manifest.
Use the installadm add-manifest command to add a custom AI manifest to an install service.
The value of manifest is a full path and file name with .xml extension. The manifest file contains an AI
manifest (installation instructions). The manifest file can also reference or embed an SC manifest
(system configuration instructions).
NO.75 View the Exhibit and review the disk configuration.
40
IT Certification Guaranteed, The Easy Way!
The following command is executed on the disk:
zpool create pool1 c3t3d0s0
What is the result of executing this command?
A. A zpool create error is generated.
B. A 1-GB ZFS file system named /pool1 is created.
C. A 15.97-GB storage pool named pool1 is created.
D. The disk will contain an EFI disk label.
Answer: B
NO.76 In Oracle Solaris 11, where is the Oracle default repository located?
A. /var/spool/pkg
B. http://localhost/solaris
C. http://pkg.oracle.com/solaris/release
D. http://www.oracle.com/Solaris/download
E. /cdrom/cdrom0
Answer: C
Explanation:
REPOSITORY DESCRIPTION
* http://pkg.oracle.com/solaris/release
The default repository for new Oracle Solaris 11 users. This repository receives updates for each new
release of Oracle Solaris. Significant bug fixes, security updates, and new software may be provided
at any time for users to install at Oracle's discretion.
*https://pkg.oracle.com/solaris/support
Provides bug fixes and updates. Accessible with a current support contract from Oracle.
* https://pkg.oracle.com/solaris/dev Provides the latest development updates. Accessible to users
enrolled in the Oracle Solaris 11 Platinum Customer Program and approved Oracle Partners.
41
IT Certification Guaranteed, The Easy Way!
NO.77 You have a ZFS file system named /dbase/oral and you want to guarantee that 10 GB of
storage space is available to that dataset for all data, snapshots, and clones.
Which option would you choose?
A. zfs set refreservation=10g dbase/oral
B. zfs set quota=10g dbase/oral
C. zfs set refquota=10g dbase/oral
D. zfs set reservation=10g dbase/oral
Answer: D
Explanation:
A ZFS reservation is an allocation of disk space from the pool that is guaranteed to be available to a
dataset. As such, you cannot reserve disk space for a dataset if that space is not currently available in
the pool. The total amount of all outstanding, unconsumed reservations cannot exceed the amount
of unused disk space in the pool. ZFS reservations can be set and displayed by using the zfs set and zfs
get commands. For example:
# zfs set reservation=5G tank/home/bill
# zfs get reservation tank/home/bill
NAME PROPERTY VALUE SOURCE
tank/home/bill reservation 5G local
NO.78 user1, while in his home directory, is attempting to run the following command in his home
directory: cp bigfile verybig The system displays the following error:
cp: cannot create verybig: Disc quota exceeded
Your initial troubleshooting shows that the df -h command indicates he is at 100% capacity.
What command would you use to increase the disk space available to the user?
A. zfs get quota rpool/export/home/user1
B. zfs userused@user1
C. zfs quota=none /rpool/export/home/user1
D. df -h | grep user1
E. zfs set quota=none /rpool/export/home/user1
Answer: E
Explanation:
ZFS quotas can be set and displayed by using the zfs set and zfs get commands.
We can remove the quota restriction by setting to quota to none.
NO.79 Your mentor suggests using the dladm rename-link command to rename the network
datalinks.
What are the two advantages of following this advice?
A. It can clarify which network interface has what purpose.
B. It can simplify specifying the network interface with the dladm modify-aggr command.
C. It can simplify specifying the network interface with the dladm modify-bridge command.
D. It can simplify IP filter rule changes if the network interface is replaced with a different type.
E. It can prevent accidental deletion of the network interface with the dladm delete-phys command.
F. It can prevent accidental deletion of the network interface configuration with the ipadm deleteaddr command.
42
IT Certification Guaranteed, The Easy Way!
Answer: A,D
Explanation:
Note: dladm rename-link [-R root-dir] link new-link
Rename link to new-link. This is used to give a link a meaningful name, or to associate existing link
configuration such as link properties of a removed device with a new device.
NO.80 A user on the system has started a process, but it needs to be terminated.
The process ID was determined as follows:
pgrep userprogram
l5317
The user attempted to terminate the program as follows:
pkill 15317
This command runs without an error message, and the process continues to run.
What is the issue?
A. You need to run the pkill command with the process name.
B. You need to switch to super user to kill the process.
C. You need to run the ps command to get more information.
D. You need to run the prstat command to get more information.
Answer: B
Explanation:
You can use the pgrep and pkill commands to identify and stop command processes that you no
longer want to run. These commands are useful when you mistakenly start a process that takes a
long time to run.
To terminate a process:
Type pgrep to find out the PID(s) for the process(es).
Type pkill followed by the PID(s).
You can kill any process that you own. Superuser can kill any process in the system except for those
processes with process IDs of 0, 1, 2, 3, and 4. Killing these processes most likely will crash the
system.
NO.81 Examine this command and its output:
$ zfs list -r -t all tank
Name USED AVAIL REFER MOUNTPOINT
tank 2.41G 2.43G 32K /tank
tank/database 2.41G 2.43G 2.41G /tank/database
tank/[email protected] 20K - 2.00G Next you execute:
# zfs destroy tank/database
Which statement is true about the result of executing this command?
A. It destroys the tank/database dataset.
B. It destroys tank/database and all descendant datasets.
C. It fails because the tank/[email protected] snapshot depends on the tank/database dataset.
D. It fails because the tank/[email protected] clone depends on the tank/database dataset.
E. It fails because the tank/database data set is not empty.
Answer: C
43
IT Certification Guaranteed, The Easy Way!
NO.82 Which network protocol provides connectionless, packet-oriented communication between
applications?
A. TCP
B. UDP
C. IP
D. ICMP
E. NFS
F. IPSec
Answer: B
Explanation:
The User Datagram Protocol (UDP) is one of the core members of the Internet Protocol Suite, the set
of network protocols used for the Internet. With UDP, computer applications can send messages, in
this case referred to as datagrams, to other hosts on an Internet Protocol (IP) network without
requiring prior communications to set up special transmission channels or data paths.
Compared to TCP, UDP is a simpler message-based connectionless protocol.
NO.83 The OpenBoot firmware controls the operation of the system before the operating system is
loaded.
Which four tasks are directly controlled by the OpenBoot firmware?
A. Provides a list of boot entries from which to choose
B. Allows hardware to identify itself and load its own plug-in device driver
C. Loads the boot loader from the configured boot device
D. Performs basic hardware testing
E. Installs the console
F. Reads and executes the boot archive
G. Extract and executes the kernel image
Answer: A,B,C,D
Explanation:
OpenBoot firmware is executed immediately after you turn on your system. The primary tasks of
OpenBoot firmware are to:
* Test and initialize the system hardware (D)
* Determine the hardware configuration (D)
*Boot the operating system from either a mass storage device or from a network
*Provide interactive debugging facilities for testing hardware and software Some notable features of
OpenBoot firmware.
* Plug-in Device Drivers (B)
Most common tasks that you perform using OpenBoot
* Booting Your System
The most important function of OpenBoot firmware is to boot the system.
Note: If auto-boot? is true, the system will boot from either the default boot device or from the
diagnostic boot device depending on whether OpenBoot is in diagnostic mode. (C)
NO.84 How should you permanently restrict the non-global zone testzone so that it does not use
more than 20 CPU shares while it is running?
44
IT Certification Guaranteed, The Easy Way!
A. While configuring the zone, add this entry:add rct1set name = capped.cpu-sharesadd value (priv =
privileged, limit = 20, action = none)endexit
B. While configuring the zone, add this entry: add rct1set name= zone.cpu-sharesadd value
(priv=privileged, limit=20, action=none)endexitfrom command line, enter: # dispadmin
- d FSS
C. From the command line enter: #prct1 -n zone.cpu-shares - r - v 20 - i zone testzone
D. From the command line, enter:#prct1 - n zone.cpu-shares - v 80 - r - i zone global
Answer: C
Explanation:
The prctl utility allows the examination and modification of the resource controls associated with an
active process, task, or project on the system. It allows access to the basic and privileged limits and
the current usage on the specified entity.
How to Change the zone.cpu-shares Value in a Zone Dynamically
This procedure can be used in the global zone or in a non-global zone.
For more information about roles, see Configuring and Using RBAC (Task Map) in System
Administration Guide: Security Services.
# prctl -n zone.cpu-shares -r -v value -i zone zonename
idtype is either the zonename or the zoneid. value is the new value.
Note: project.cpu-shares
Number of CPU shares granted to a project for use with the fair share scheduler
NO.85 zone1 is a non-global zone that has been configured and installed.
zone1 was taken down for maintenance, and the following command was run:
zoneadm -z zone1 mark incomplete
The following information is displayed when listing the zones on your system:
Which task needs to be performed before you can boot zone1?
A. The zone needs to be installed.
B. The zone needs to be brought to the ready state.
C. The zone needs to be uninstalled and reinstalled.
D. The zone needs to be brought to the complete state.
Answer: C
Explanation:
If administrative changes on the system have rendered a zone unusable or inconsistent, it is possible
to change the state of an installed zone to incomplete.
Marking a zone incomplete is irreversible. The only action that can be taken on a zone marked
incomplete is to uninstall the zone and return it to the configured state.
NO.86 You are attempting to edit your crontab file in the bash shell. Instead of getting your usual vi
interface, you are presented with an unfamiliar interface. In order to have your editor of choice-viwhat command must you type after exiting the unfamiliar editor?
45
IT Certification Guaranteed, The Easy Way!
A. EDITOR=vi
B. crontab=vi
C. crontab - e vi
D. env
Answer: A
Explanation:
Set the EDITOR variable to vi.
Commands like `crontab -e` will use ed per default. If you'd like to use some better editor (like vi) you
can use the environment variable EDITOR:
# EDITOR=vi; crontab -e will open the users crontab in vi. Of course you can set this variable
permanently.
Incorrect answers
C: -e Edits a copy of the current user's crontab file, or creates an empty file to edit if crontab does not
exist. When editing is complete, the file is installed as the user's crontab file. If a username is given,
the specified user's crontab file is edited, rather than the current user's crontab file; this can only be
done by a user with the solaris.jobs.admin authorization. The environment variable EDITOR
determines which editor is invoked with the -e option. The default editor is ed(1). All crontab jobs
should be submitted using crontab. Do not add jobs by just editing the crontab file, because cron is
not aware of changes made this way.
NO.87 Before booting test zone a non-global zone, you want to connect to the zone's console so
that you can watch the boot process.
Choose the command used to connect to testzone's console.
A. zoneadm -C testzone
B. zoneadm -console testzone
C. zlogin - z testzone console
D. zlogin - z testzone - C
E. zlogin -C testzone
F. zoneadm - testzone - c
Answer: E
Explanation:
The following options are supported:
C
Connects to the zone console. Connects to the zone console.
Note:
After you install a zone, you must log in to the zone to complete its application environment. You
might log in to the zone to perform administrative tasks as well. Unless the -C option is used to
connect to the zone console, logging in to a zone using zlogin starts a new task. A task cannot span
two zones
NO.88 In order to display the IP addresses of network interfaces, what command would you use?
A. dladm
B. ipconfig
C. sves
46
IT Certification Guaranteed, The Easy Way!
D. ipadm
E. ipaddr
Answer: D
Explanation:
'ipadm show-addr' displays all the configured addresses on the system.
Example:
# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
lo0/v6 static ok ::1/128
NO.89 On localSYS, your SPARC based server, you back up the root file system with recursive
snapshots of the root pool. The snapshots are stored on a remote NTS file system.
This information describes the remote system where the snapshots are stored:
Remote system name: backupSYS
File system whore the snapshots are stored: /backups/localSYS
Mounted file system on localSYS: /rpool/snaps
Most recent backup name: rpool-1202
Disk c0t0d0 has failed in your root pool and has been replaced. The disk has already been part< and
labeled and now you need to restore the root file system. Which procedure would you follow to
restore the ZFS root file system on localSYS?
A. boot cdrom -smount -f nfs backup_server:/rpool/snaps /rmtzpool create rpool c0t0d0s0cat
/mnt/rpool.1202 | zfs receive -Fdu rpoolzpool set bootfs=rpool/ROOT/solaris rpoolRecreate swap
and dump devices.Reinstall the bootblock on c0t0d0.
B. boot cdrom -smount -f nfs backup_server:/rpool/snaps /mntzpool create rpool c0t0d0s0zfs create
-o mountpoint=/ rpool/ROOTcat /mnt/rpool.1011 | zfs receive -Fdu rpoolzpool set
bootfs=rpool/ROOT/solaris rpoolRecreate swap and dump devices.Reinstall the bootblock on c0t0d0.
C. boot cdrom -smount -F nfs backup_server:/rpool/snaps /mntcat /mnt/rpool.1011 | zfs receive Fdu rpoolzpool set bootfs=rpool/ROOT/solaris rpool c0t0d0s0Reinstall the bootblock on c0t0d0s0
D. boot cdrom -smount -f nfs backup_server:/rpool/snaps /rmtzpool create rpool c0t0d0s0zfs receive
-Fdu /mnt/rpool.1011zpool set bootfs=rpool/ROOT/solaris rpoolReinstall the bootblock on c0t0d0.
Answer: A
Explanation:
How to Recreate a ZFS Root Pool and Restore Root Pool Snapshots
In this scenario, assume the following conditions:
* ZFS root pool cannot be recovered
* ZFS root pool snapshots are stored on a remote system and are shared over NFS
* The system is booted from an equivalent Solaris release to the root pool version so that the Solaris
release and the pool version match. Otherwise, you will need to add the -o version=version-number
property option and value when you recreate the root pool in step
4 below.
All steps below are performed on the local system.
1.
Boot from CD/DVD or the network.
On a SPARC based system, select one of the following boot methods:
47
IT Certification Guaranteed, The Easy Way!
ok boot net -s
ok boot cdrom -s
If you don't use -s option, you'll need to exit the installation program.
2.
Mount the remote snapshot dataset.
For example:
# mount -F nfs remote-system:/rpool/snaps /mnt
3.
Recreate the root pool.
For example:
# zpool create -f -o failmode=continue -R /a -m legacy -o cachefile=/etc/zfs/zpool.cache rpool
c1t0d0s0
4.
Restore the root pool snapshots.
This step might take some time. For example:
# cat /mnt/rpool.0311 | zfs receive -Fdu rpool
Using the -u option means that the restored archive is not mounted when the zfs receive operation
completes.
5.
Set the bootfs property on the root pool BE.
For example:
# zpool set bootfs=rpool/ROOT/osolBE rpool
6.
Install the boot blocks on the new disk.
On a SPARC based system:
# installboot -F zfs /usr/platform/`uname -i`/lib/fs/zfs/bootblk /dev/rdsk/c1t0d0s0
NO.90 View the exhibit to inspect the file system configuration on your server.
View the Exhibit to inspect the file system configuration on your server.
Your department's backup policy is to perform a full backup to a remote system disk on Saturday.
On Sunday through Friday, you are to perform a differential backup to the same remote system disk:
Following your company policy, which option describes a valid procedure for backing up the /data file
system to a remote disk named /remote/backup?
48
IT Certification Guaranteed, The Easy Way!
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
NO.91 The global zone has 8 CPUS. YOU suspect that one of your non global /ones, dbzone, is
consuming all of the CPU resources.
Which command would you use to view the CPU utilization for all of the zones to confirm this?
A. Run from the global zone:prstat -Z
B. Run from each zonezlogin <zonename> mpstat
C. Run from the global zone:zonestar -r summary
D. Run from the global zone:rctladm -1
E. Run from the global zone:prctl -i
Answer: A
Explanation:
If you're logged on to the system, you can run prstat -Z to generate a summary of cpu/memory
utilization by zone.
NO.92 Identify the correct description of an IPS image.
A. An ISO image of the Solaris media DVD
49
IT Certification Guaranteed, The Easy Way!
B. An IPS repository
C. A depot location or source where Solaris packages can be installed from
D. A location where packages can be installed, for example, your Solaris instance
Answer: D
Explanation:
An image is a location where packages can be installed.
An image can be one of three types:
* Full images are capable of providing a complete system.
* Partial images are linked to a full image (the parent image), but do not provide a complete system
on their own.
* User images contain only relocatable packages.
NO.93 You need to connect two nonglobal zones using a private virtual network.
Identify the network resources required in the global zone to accomplish this.
A. an etherstub and two virtual network interfaces
B. a virtual bridge
C. two virtual network interfaces.
D. two etherstubs
Answer: A
NO.94 Identify three options that describe the new Oracle Solaris 11 zone features.
A. There are boot environments for zones.
B. Administrators can delegate common administration tasks by using RBAC.
C. Oracle Solaris 11 supports Solaris 8, 9, and 10 branded zones.
D. You can migrate a physical Solaris 10 system and its non-global zones to a solaris10 branded zone
running on an Oracle Solaris 11 system.
E. It is possible to change the host ID of a zone.
Answer: A,B,D
Explanation:
A: The beadm utility includes support for creating and administering non-global zone boot
environments.
Note: A boot environment is a bootable instance of the Oracle Solaris operating system image plus
any other application software packages installed into that image. System administrators can
maintain multiple boot environments on their systems, and each boot environment can have
different software versions installed.
B: Role-based access control (RBAC) is a security feature for controlling user access to tasks that
would normally be restricted to the root role. By applying security attributes to processes and to
users, RBAC can divide up superuser capabilities among several administrators.
NO.95 You want to deploy Oracle Solaris 11 with the Automated Installer (AI). You need to make
sure that your server and network meet the requirements for using AI.
Choose the three options that describe the requirements for using AI.
A. You can create only one manifest per install service. If you need more than one manifest create
multiple install services.
50
IT Certification Guaranteed, The Easy Way!
B. If two client machines have different architectures and need to be installed with the same version
of the Oracle Solaris 11 OS, then create two AI manifests and a single install service.
C. You need a separate install service for each different client architecture that you plan to install,
and for each different version of the Oracle Solaris 11 OS that you plan to install on client systems.
D. If two client machines have different architectures and need to be installed with different versions
of the Oracle Solaris 11 OS, then create two AI manifests and two install services.
E. The install server needs to be able to access an Oracle Solaris Image Packaging System (IPS)
software package repository; the clients do not.
F. The install server can be either an x86 machine or a SPARC machine.
Answer: B,E,F
Explanation:
B (not A, not D, Not C): If two client machines need to be installed with the same version of the
Oracle Solaris 11 OS but need to be installed differently in other ways, then create two AI manifests
for the AI install service. The different AI manifests can specify different packages to install or a
different slice as the install target, for example.
Note: An AI manifest provides installation instructions.
The AI manifest specifies one or more IPS package repositories where the client retrieves the
packages needed to complete the installation. The AI manifest also includes the names of additional
packages to install and information such as target installation device and partition information.
F: The install server can be either an x86 machine or a SPARC machine.
NO.96 Which four can the SMF notification framework be configured to monitor and report?
A. all service transition states
B. service dependencies that have stopped or faulted
C. service configuration modifications
D. legacy services that have not started
E. services that have been disabled
F. service fault management events
G. processes that have been killed
Answer: A,E,F,G
Explanation:
Note 1: State Transition Sets are defined as:
to<state>
Set of all transitions that have <state> as the final state of the transition.
form-<state>
Set of all transitions that have <state> as the initial state of the transition.
< state>
Set of all transitions that have <state> as the initial state of the transitional.
Set of all transitions. (A)
Valid values of state are maintenance, offline (G), disabled (E), online and degraded. An example of a
transitions set definition: maintenance, from-online, to-degraded.
F: In this context, events is a comma separated list of SMF state transition sets or a comma separated
list of FMA (Fault Management Architecture) event classes. events cannot have a mix of SMF state
transition sets and FMA event classes. For convenience, the tags problem- {diagnosed, updated,
51
IT Certification Guaranteed, The Easy Way!
repaired, resolved} describe the lifecycle of a problem diagnosed by the FMA subsystem - from initial
diagnosis to interim updates and finally problem closure.
Note 2:
SMF allows notification by using SNMP or SMTP of state transitions. It publishes Information Events
for state transitions which are consumed by notification daemons like snmp-notify(1M) and smtpnotify(1M). SMF state transitions of disabled services do not generate notifications unless the final
state for the transition is disabled and there exist notification parameters for that transition.
Notification is not be generated for transitions that have the same initial and final state.
NO.97 Which five statements describe options available for installing the Oracle Solaris
11operating system using the installation media?
A. You can perform a text or LiveCD installation locally or over the network.
B. The text Installer does not install the GNOME desktop. The GNOME desktop package must he
added after you have installed the operating system.
C. The LiveCD Installation cannot be used to install multiple instances of Oracle Solaris.
D. The LiveCD installer cannot be used if you need to preserve a specific Solaris Volume Table of
Contents (VTOC) slice in your current operating system.
E. The LiveCD Installer is for x86 platforms only.
F. The GUI installer cannot be used to upgrade your operating system from Solaris 10.
G. If you are installing Oracle Solaris 11 on an x86-based system that will have more than one
operating system installed in it, you cannot partition your disk during the installation process.
H. The LiveCD installer can be used for SPARC or x86 platforms.
Answer: A,B,D,F,H
Explanation:
A: If the network is setup to perform automated installations, you can perform a text installation over
the network by setting up an install service on the network and selecting a text installation when the
client system boots.
B: After a fresh install of Solaris 11 express, only the console mode is activated.
To add Gnome, simply do :
$ sudo pkg install slim_install
This will install additional packages that are not installed by default.
D: The text installer advantages over the GUI installer include:
* In addition to modifying partitions, the text installer enables you to create and modify VTOC slices
within the Solaris partition.
F: How do I upgrade my Solaris 10 or lower systems to Solaris 11?
Unfortunately, you CAN'T. There is no direct upgrade installer or other tool that will allow you to
upgrade from earlier releases of Solaris to Solaris 11. This is primarily due to the vast changes in the
packaging mechanism in Solaris 10.
NO.98 User jack logs in to host Solaris and executes the following command sequence:
52
IT Certification Guaranteed, The Easy Way!
Which three statements are correct?
A. User jack can edit testfile because he has read and write permissions at the group level.
B. User jack can use cat to output the contents of testfile because he has read permission as the file
owner.
C. User jill can change the permissions of testfile because she has write permission for the file at the
group level.
D. User jill can edit testfile because she has read and write permission at the group level.
E. User jack can change permissions for testfile because he is the owner of the file.
F. User jack can change permissions for testfile because he has execute permission for the file.
Answer: D,E,F
NO.99 You are currently working in both your home directory and the system directory /tmp. You
are switch back and forth with full path names. Which pair of cd commands will provide you with a
shortcut to switch between these two locations?
A. cd ~ and cd B. cd and cd.
C. cd ~ and cd
D. cd * and cd . .
Answer: A
Explanation:
In the Bourne Again, C, Korn, TC, and Z shells, the tilde (~) is used as a shortcut for specifying your
home directory.
cd It's the command-line equivalent of the back button (takes you to the previous directory you were
in).
Note:
To make certain that you are in your home directory, type the cd (change directory) command. This
command moves you to your home (default) directory.
NO.100 The following image properties are displayed on your system:
Which two options describe the boot environment policy property that is currently set for this
image?
53
IT Certification Guaranteed, The Easy Way!
A. All package operations are performed in a new BE set as active on the next boot.
B. Do not create a new BE. The install, update, uninstall, or revert operation is not performed if a
new BE is required.
C. If a BE is created, do not set it as the active BE on the next boot
D. A reboot is required for all package operations
E. A reboot is not required after a package operation.
F. For package operations that require a reboot, this policy creates a new BE set as active on the next
boot.
Answer: D,F
Explanation:
Image properties described below.
* be-policy
Specifies when a boot environment is created during packaging operations. The following values are
allowed:
/ default
Apply the default BE creation policy: create-backup.
/ always-new (D, F)
Require a reboot for all package operations (D) by performing them in a new BE set as active on the
next boot (F). A backup BE is not created unless explicitly requested.
This policy is the safest, but is more strict than most sites need since no packages can be added
without a reboot.
NO.101 You create a flash archive of the Solaris 10 global zone on the serves named sysA. The
archive name is s10-system.flar, and it is stored on a remote server named backup_server.
On sysA, you create a Solaris 10 branded zone named s10-zone.
You want to use the flash archive, located On" /net/bactup_servers/10-system.flar, to install the
Operating system in the s10-zone zone.
Which command do you choose to install the s10-system.flar archive in the Solaris 10 branded zone
(s10-zone)?
A. zoneadm -z s10 -zone install - a /net/backup_server/s10-system.flar -u
B. zonecfg -z s10 -zone install - a /net/backup_server/s10-system.flar -u
C. zoneadm - z s10 -zone clone - s /net/backup_server/s10-system.flar
D. zone cfg - a s10-zone create - t SUNWsolaris10\</net/backup_server/s10-system.flar
E. zonecfg -z s10-zone install -f /net/backup/backup_server/s10-system.flar
Answer: A
Explanation:
The zoneadm command is the primary tool used to install and administer non-global zones.
Operations using the zoneadm command must be run from the global zone on the target system.
How to Install the solaris10 Branded Zone
A configured solaris10 branded zone is installed by using the zoneadm command with the install
subcommand.
Example: global# zoneadm -z s10-zone install -a /net/machine_name/s10-system.flar -u
NO.102 You have Solaris 11 system with a host name of sysA and it uses LDAP as a naming service.
You have created a flash archive of sysA and you want to migrate this system to an Oracle Solaris11
54
IT Certification Guaranteed, The Easy Way!
server, Solaris10 branded zone.
The zone Status on the Oracle Solaris 11 server is:
- zone10 incomplete/zone/zone1solaris10exc1
Select the option that will force the non-global zone to prompt you for a host name and name service
the first time it is booted.
A. Use zonecfg to change the zonename before booting the system for the first time
B. Use the - u option with the zoneadm - z zone10 attach command.
C. Use the -u option with the zoneadn -z zone10 install command.
D. Remove the sysidcfg file from the <zonepath>/root directory before booting the non- global zone.
Answer: C
Explanation:
Oracle Solaris 10 branded zones - Oracle Solaris 10 Zones provide an Oracle Solaris 10 environment on
Oracle Solaris 11. You can migrate an Oracle Solaris 10 system or zone to a solaris10 zone on an
Oracle Solaris 11 system in the following ways:
* Create a zone archive and use the archive to create an s10zone on the Oracle Solaris 11 system.
This option applies in the current scenario.
Example of command to Install the Oracle Solaris 10 non-global zone.
s11sysB# zoneadm -z s10zone install -u -a /pond/s10archive/s10.flar
* Detach the zone from the Oracle Solaris 10 system and attach the zone on the Oracle Solaris 11
zone. The zone is halted and detached from its current host. The zonepath is moved to the target
host, where it is attached.
Note:
install [-x nodataset] [brand-specific options]
A subcommand of the zoneadm.
Install the specified zone on the system. This subcommand automatically attempts to verify first. It
refuses to install if the verify step fails.
-u uuid-match
Unique identifier for a zone, as assigned by libuuid(3LIB). If this option is present and the argument is
a non-empty string, then the zone matching the UUID is selected instead of the one named by the -z
option, if such a zone is present.
NO.103 In an effort to reduce storage space on your server, you would like to eliminate duplicate
copies of data in your server's ZFS file systems.
How do you specify that pool1/data should not contain duplicate data blocks (redundant data) on
write operations?
A. zfs create - o compression=on pool1/data
B. zpool create -o deduplication =on pool1; zfs create pool1/data
C. zfs create - o deduplication=on pool1; zfs create pool1/data
D. zfs create - o dedupratio=2 pool1/data
E. zfs create - o dedup=on pool1/data
Answer: E
Explanation:
ZFS Deduplication Property
Solaris Express Community Edition, build 129: In this Solaris release, you can use the deduplication
property to remove redundant data from your ZFS file systems. If a file system has the dedup
55
IT Certification Guaranteed, The Easy Way!
property enabled, duplicate data blocks are removed synchronously.
The result is that only unique data is stored and common components are shared between files.
You can enable this property as follows:
# zfs set dedup=on tank/home
NO.104 Which two statements describe the COMSTAR framework available in Oracle Solaris 11?
A. It converts an Oracle Solaris 11 host into a SCSI target device that can be accessed over a storage
network by Linux, Mac OS, or Windows client systems.
B. iSCSI targets cannot be configured as dump devices.
C. It provides support for iSCSI devices that use SLP.
D. It is used to connect to Fibre Channel or iSCSI Storage Area Network (SAN) environments.
E. It provides an upgrade and update path to convert your iSCSI LUNs from Solaris 10 systems.
Answer: A,B
Explanation:
A: You can configure Common Multiprotocol SCSI TARget, or COMSTAR, a software framework that
enables you to convert any Oracle Solaris 11 host into a SCSI target device that can be accessed over
a storage network by initiator hosts.
This means you can make storage devices on a system available to Linux, Mac OS, or Windows client
systems as if they were local storage devices. Supported storage protocols are iSCSI, FC, iSER, and
SRP.
B: iSCSI targets cannot be configured as dump devices.
NO.105 You are troubleshooting the Oracle Solaris11 Automated Installer (AI), which is not
connecting with the IPS software repository.
Which three steps will help determine the cause of DNS name resolution failure?
A. Verify the contents of /etc/resolve.conf.
B. Run netstat -nr to verify the routing to the DNS server.
C. Ping the IP address of the IPS server to verify connectivity.
D. On the installation server, verify that the menu.1st file for the client points to a valid boot arc hive.
E. Run df -k to verify that the boot directory containing the boot archive is loopback mounted under
/etc/netboot.
F. Run the command /sbin/dhcpinfo DNSserv to ensure that the DHCP server providing the DNS
server information.
Answer: A,B,F
Explanation:
Check DNS
* (A) Check whether DNS is configured on your client by verifying that a non-empty
/etc/resolv.conf file exists.
* (F) If /etc/resolv.conf does not exist or is empty, check that your DHCP server is providing DNS
server information to the client:
# /sbin/dhcpinfo DNSserv
If this command returns nothing, the DHCP server is not set up to provide DNS server information to
the client. Contact your DHCP administrator to correct this problem.
* (B) If an /etc/resolv.conf file exists and is properly configured, check for the following possible
problems and contact your system administrator for resolution:
56
IT Certification Guaranteed, The Easy Way!
** The DNS server might not be resolving your IPS repository server name.
** No default route to reach the DNS server exists.
NO.106 On which is the open boot prom available?
A. x86 only
B. x86 64-Bit only
C. SPARC only
D. both x86 and x86 64-Bit
E. x86, x86 64-Bit and SPARC
Answer: C
Explanation:
No OpenBoot Environment on the Intel Platform. The Intel environment has no OpenBoot PROM or
NVRAM. On Intel systems, before the kernel is started, the system is controlled by the basic
input/output system (BIOS), the firmware interface on a PC. Therefore, many features provided by
OpenBoot are not available on Intel systems.
Note: The Open Boot PROM (OBP) bootloader only exists within SPARC. Before Solaris
10 01/06, the bootloader for Solaris x86 was a Sun customized bootstrap software. After Solaris 10
01/06, it uses GRUB, a well known bootloader that's commonly used in the Linux world.
With GRUB, it's much easier to make the system dual-boot Linux and Solaris. GRUB extends the
capabilities of the bootloader that was not available previously such as the ability to boot from a USB
DVD drive. Those who have used Linux will be quite familiar with GRUB and its options.
NO.107 User jack, whose account is configured to use the korn shell, logs in and examines the value
of his PATH environment variable:
What will happen, and why?
A. He will get a "file not found" error, because the current directory is not in his seaech path.
B. He will get a "file not found" error, because his home directory is not in his search path.
C. The useradd script will execute, because jack is in the same directory that the script is located in.
D. The command /user/sbin/useradd will execute, because it is the last match in the search path.
E. The command /user/sbin/useradd will execute, because it is the first match in the search path.
Answer: D
NO.108 You log in to the system as user1, then switch user to root by using the su - command.
After entering the correct password, yon enter the following commands:
whoami;who am i;id
Which option correctly represents the output?
57
IT Certification Guaranteed, The Easy Way!
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
Explanation:
* The whoami utility displays your effective user ID as a name.
Here this would be root.
* who am i
The command who shows who is logged on.
Here this would be:
user1 console Dec 30 20:20
* The id utility displays the user and group names and numeric IDs, of the calling process, to the
standard output. If the real and effective IDs are different, both are displayed, otherwise only the real
ID is displayed.
Here this would be:
uid=0(root) gid=0(root)
Note:
Each UNIX proces has 3 UIDs associated to it. Superuser privilege is UID=0.
Real UID
-------This is the UID of the user/process that created THIS process. It can be changed only if the running
process has EUID=0.
Effective UID
------------This UID is used to evaluate privileges of the process to perform a particular action. EUID can be
change either to RUID, or SUID if EUID!=0. If EUID=0, it can be changed to anything.
Saved UID
--------If the binary image file, that was launched has a Set-UID bit on, SUID will be the UID of the owner of
the file. Otherwise, SUID will be the RUID.
NO.109 The storage pool configuration on your server is:
58
IT Certification Guaranteed, The Easy Way!
You back up the /pool1/data file system, creating a snapshot and copying that snapshot to tape
(/dev/rmt/0). You perform a full backup on Sunday night and Incremental backups on Monday
through Saturday night at 11:00 pm. Each incremental backup will copy only the data that has been
modified since the Sunday backup was started.
On Thursday, at 10:00 am, you had a disk failure. You replaced the disk drive (c4t0d0).
You created pool (pool1) on that disk.
Which option would you select to restore the data in the /pool1/data file system?
A. zfs create pool1/dataLoad the Monday tape and enter:zfs recv pool1/data <
/dev/rmt/0Load the Wednesday tape and enter:zfs recv -F pool1/data < /dev/rmt/0
B. Load the Sunday tape and restore the Sunday snapshot:zfs recv pooll/data <
/dev/rmt/0zfs rollback pool1/data@monLoad the Wednesday tape and restore the Wednesday
snapshot:zfs recv -i pooll/data < /dev/rmt/0zfs rollback pool1/data@wed
C. zfs create pooll/dataLoad the Wednesday tape and enter:zfs recv -F pool1/data <
/dev/rmt/0
D. Load the Sunday tape and enter:zfs recv pool1/data < /dev/rmt/0Load the Wednesday tape and
enter:* commands missing*
Answer: D
Explanation:
First the full backup must be restored. This would be the Sunday backup.
Then the last incremental backup must be restored. This would be the Wednesday backup.
Before restoring the Wednesday incremental file system snapshot, the most recent snapshot must
first be rolled back.
By exclusion D) would be best answer even though it is incomplete.
NO.110 Consider the following commands:
What is displayed when this sequence of commands is executed using the bash shell?
A. Hello, world
B. cat: cannot open file1: No such file or directory Hello, world
C. cat: cannot open file1: No such file or directory
D. bash: syntax error near unexpected token '| |'
E. bash: syntax error broker pipe
Answer: B
NO.111 United States of America export laws include restrictions on cryptography.
Identify the two methods with which these restrictions are accommodated in the Oracle Solaris 11
Cryptographic Framework.
A. Corporations must utilize signed X.509 v3 certificates.
59
IT Certification Guaranteed, The Easy Way!
B. A third-party provider object must be signed with a certificate issued by Oracle.
C. Loadable kernel software modules must register using the Cryptographic Framework SPI.
D. Third-party providers must utilize X.509 v3 certificates signed by trusted Root Certification
Authorities.
E. Systems destined for embargoed countries utilize loadable kernel software modules that restrict
encryption to 64 bit keys.
Answer: B,C
Explanation:
B: Binary Signatures for Third-Party Software
The elfsign command provides a means to sign providers to be used with the Oracle Solaris
Cryptographic Framework. Typically, this command is run by the developer of a provider.
The elfsign command has subcommands to request a certificate from Sun and to sign binaries.
Another subcommand verifies the signature. Unsigned binaries cannot be used by the Oracle Solaris
Cryptographic Framework. To sign one or more providers requires the certificate from Sun and the
private key that was used to request the certificate.
C: Export law in the United States requires that the use of open cryptographic interfaces be
restricted. The Oracle Solaris Cryptographic Framework satisfies the current law by requiring that
kernel cryptographic providers and PKCS #11 cryptographic providers be signed.
NO.112 You need to install the solaris-desktop group package. Which command would you use to
list the set of packages included in that software group?
A. pkg search
B. pkg info
C. pkginfo
D. pkg contents
Answer: A
Explanation:
Use the pkg search command to search for packages whose data matches the specified pattern.
Like the pkg contents command, the pkg search command examines the contents of packages. While
the pkg contents command returns the contents, the pkg search command returns the names of
packages that match the query.
NO.113 Select two correct statements about the authentication services available in Oracle Solaris
11.
A. Pluggable Authentication Modules (PAM) is used to control the operation of services such console
logins and ftp.
B. The Secure Shell can be configured to allow logins across a network to remote servers without
transmitting passwords across the network.
C. Secure Remote Procedure Calls (Secure RPC) provides a mechanism to encrypt data on any IP
Socket connection.
D. Pluggable Authentication Modules (PAM) is used to implement the Secure Shell in Oracle Solaris
11.
E. Simple Authentication and Security Layer (SASL) provides a mechanism to authenticate and
encrypt access to local file system data.
60
IT Certification Guaranteed, The Easy Way!
Answer: A,E
Explanation:
A: Pluggable Authentication Modules (PAM) are an integral part of the authentication mechanism for
the Solaris. PAM provides system administrators with the ability and flexibility to choose any
authentication service available on a system to perform end-user authentication.
By using PAM, applications can perform authentication regardless of what authentication method is
defined by the system administrator for the given client.
PAM enables system administrators to deploy the appropriate authentication mechanism for each
service throughout the network. System administrators can also select one or multiple authentication
technologies without modifying applications or utilities. PAM insulates application developers from
evolutionary improvements to authentication technologies, while at the same time allowing
deployed applications to use those improvements.
PAM employs run-time pluggable modules to provide authentication for system entry services.
E: The Simple Authentication and Security Layer (SASL) is a method for adding authentication support
to connection-based protocols.
Simple Authentication and Security Layer (SASL) is a framework for authentication and data security
in Internet protocols. It decouples authentication mechanisms from application protocols, in theory
allowing any authentication mechanism supported by SASL to be used in any application protocol
that uses SASL. Authentication mechanisms can also support proxy authorization, a facility allowing
one user to assume the identity of another. They can also provide a data security layer offering data
integrity and data confidentiality services.
DIGEST-MD5 provides an example of mechanisms which can provide a data-security layer.
Application protocols that support SASL typically also support Transport Layer Security (TLS) to
complement the services offered by SASL.
NO.114 Review the information taken from your server:
Which option describes the command used to create these snapshots of the root file system?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
61
IT Certification Guaranteed, The Easy Way!
Explanation:
zfs snapshot [-r] [-o property=value] ... filesystem@snapname|volume@snapname Creates a
snapshot with the given name. All previous modifications by successful system calls to the file system
are part of the snapshot. See the "Snapshots" section for details.
-r
Recursively create snapshots of all descendent datasets. Snapshots are taken atomically, so that all
recursive snapshots correspond to the same moment in time.
NO.115 What is the result of executing the following command?
svcs -d svc:/network/ssh:default
A. disables the svc:/network/ssh:default service
B. displays the services that svc: /network/ssh:default is dependent on
C. displays the services that are dependent on the svc: /network/ssh:default service
D. deletes the svc: /network/ssh:default service
Answer: B
Explanation:
The svcs command displays information about service instances as recorded in the service
configuration repository.
-d Lists the services or service instances upon which the given service instances depend.
NO.116 dbzone is currently running on your server.
Which two methods would you use to safely and cleanly shut down dbzone and all of its applications
?
A. zlogin -z dbzone halt
B. zoneadm -z dbzone shutdown -i0
C. zoneadm -z dbzone shutdown
D. zoneadm -z dbzone halt
E. zlogin dbzone shutdown -i0
Answer: D,E
Explanation:
D: zoneadm halt command halts the specified zones. halt bypasses running the shutdown scripts
inside the zone. It also removes run time resources of the zone.
E: Use: zlogin zone shutdown
to cleanly shutdown the zone by running the shutdown scripts.
Use this procedure to cleanly shut down a zone.
1. Become superuser, or assume the Primary Administrator role.
2. Log in to the zone to be shut down, for example, my-zone, and specify shutdown as the name of
the utility and init 0 as the state global# zlogin my-zone shutdown -y -g0 -i 0
NO.117 Given:
file1 and file2 are text files.
dir1 and dir2 are directories.
Which two commands will be successful?
A. cp dir1 dir1
B. cp dir1 file1
62
IT Certification Guaranteed, The Easy Way!
C. cp file? dir1
D. cp file. dir1
E. cp file% dir2
F. cp file1 file2 dir1
Answer: C,F
Explanation:
C: Here the wildcard character ? is used (Matches any single character).
file1 and file2 will be copied into dir1
F: the two files file1 and file2 are copied into directoy dir1.
Note: cp - copy files and directories
Copy SOURCE to DEST, or multiple SOURCE(s) to DIRECTORY.
Cp has three principal modes of operation. These modes are inferred from the type and count of
arguments presented to the program upon invocation.
* When the program has two arguments of path names to files, the program copies the contents of
the first file to the second file, creating the second file if necessary.
* When the program has one or more arguments of path names of files and following those an
argument of a path to a directory, then the program copies each source file to the destination
directory, creating any files not already existing.
* When the program's arguments are the path names to two directories, cp copies all files in the
source directory to the destination directory, creating any files or directories needed.
This mode of operation requires an additional option flag, typically r, to indicate the recursive
copying of directories. If the destination directory already exists, the source is copied into the
destination, while a new directory is created if the destination does not exist.
NO.118 Which two options are accurate regarding the non-global zone console?
A. Access the non-global zone console by using the zlogin -c command.
B. Access the non-global zone console by using the zlogin -1 command.
C. Disconnect from the non-global zone console by using the ~. keys.
D. Disconnect from the non-global zone console by using the #. keys.
Answer: A,C
Explanation:
A: How to Log In to the Zone Console Use the zlogin command with the -C option and the name of
the zone, for example, my-zone.
global# zlogin -C my-zone
C: To disconnect from a non-global zone, use one of the following methods.
* To exit the zone non-virtual console:
zonename# exit
* To disconnect from a zone virtual console, use the tilde (~) character and a period:
zonename# ~.
NO.119 The /etc/hosts file can be best described as______.
A. a local database of host names for rlogin, rsh, and rep
B. the configuration file for the host name of the system
C. a local database of information for the uname command
D. the configuration file for the Domain Name Service (DNS)
63
IT Certification Guaranteed, The Easy Way!
E. a local database of host names and their associated IP addresses
Answer: E
Explanation:
As your machine gets started, it will need to know the mapping of some hostnames to IP addresses
before DNS can be referenced. This mapping is kept in the /etc/hosts file. In the absence of a name
server, any network program on your system consults this file to determine the IP address that
corresponds to a host name.
NO.120 Which command should you choose to display the current parameters for the FSS
scheduler?
A. dispadmin - c FSS
B. prionctl -c FSS
C. dispadmin -c FSS -g
D. priocntl -c FSS -g
Answer: C
Explanation:
The dispadmin command displays or changes process scheduler parameters while the system is
running.
-c class
Specifies the class whose parameters are to be displayed or changed. Valid class values are: RT for
the real-time class, TS for the time-sharing class, IA for the inter-active class, FSS for the fair-share
class, and FX for the fixed-priority class. The time-sharing and inter- active classes share the same
scheduler, so changes to the scheduling parameters of one will change those of the other.
-g
Gets the parameters for the specified class and writes them to the standard output.
NO.121 You created an IP address for interface not.3 with the following command, which executed
successfully:
ipadm create-addr -T static -a 192.168.0.100/24 net3/v4
You then ran:
ipadm show-if
The result indicated that the interface was down.
You then ran:
ipadm delete-addr net3/v4
ipadm create-addr -T static -a 192.168.0.101/24 net3/v4
ipadm show-if
The last command indicated that the interface was up.
Why did it work with the second address specified, but not the first?
A. The 192.168.0.100 address is reserved for broadcast messages.
B. Another device exists on the network, using the 192.168.0.100 address.
C. The network interface card does not support the address 192.168.0.100.
D. The address 192.168.0.100 is at a boundary and may not be configured in Oracle Solaris 11.
E. 192.168.0.100 is a DHCP address and may not be statically configured in Oracle Solaris
11.
Answer: B
64
IT Certification Guaranteed, The Easy Way!
Explanation:
The first IP address is already in use.
NO.122 You run the command dlstat show-link -r.
Select the two correct statements regarding the information displayed in the INTRS column.
A. No value is listed for virtual network interfaces.
B. A value of 0 is listed for virtual interfaces and ether stubs.
C. The number of Interrupts is listed, which indicates network efficiency.
D. A number equal to the number of transmitted Ethernet frames is listed for physical links.
E. The number of packets that were interrupted by a collision is listed, which may indicate hardware
problems.
Answer: C,E
Explanation:
In this output, the statistics for interrupt (INTRS) are significant. Low interrupt numbers indicate
greater efficiency in performance. If the interrupt numbers are high, then you might need to add
more resources to the specific link.
Example:
# dlstat -r -i 1
LINK IPKTS RBYTES INTRS POLLS CH<10 CH10-50 CH>50
e1000g0 101.91K 32.86M 87.56K 14.35K 3.70K 205 5
nxge1 9.61M 14.47G 5.79M 3.82M 379.98K 85.66K 1.64K
vnic1 8 336 0 0 0 0 0
e1000g0 0 0 0 0 0 0 0
nxge1 82.13K 123.69M 50.00K 32.13K 3.17K 724 24
vnic1 0 0 0 0 0 0 0
Note: dlstat show-link [-r [-F] | -t] [-i interval] [-a] [-p] [ -o field[, ...]] [-u R|K|M|G|T|P] [link] Display
statistics for a link.
-r
Display receive-side statistics only. Includes bytes and packets received, hardware and software
drops, and so forth.
List of supported RX fields:
link
iusedby
ibytes
ipkts
intrs
polls
hdrops: hardware drops
sdrops: software drops (owing to bandwidth enforcement)
ch<10: number of packet chains of length < 10
ch10-50: number of packet chains of length between 10 and 50
ch>50: number of packet chains of length > 50
NO.123 View the Exhibit.
65
IT Certification Guaranteed, The Easy Way!
Which is true regarding the disk drive?
A. This disk configuration could be used as a ZFS root disk.
B. This disk contains an SMI disk label.
C. Slice 7 represents the entire disk and cannot be used as a slice for a file system
D. The disk contains an EFI disk label.
Answer: A
Explanation:
Installing a ZFS Root Pool
The installer searches for a disk based on a recommended size of approximately 13 GB.
NO.124 View the Exhibit to inspect the boot environment Information displayed within a non global
zone on your system.
Which two options describe the solaris-1 boot environment?
A. The solaris-1 boot environment is not bootable.
B. The solaris-1 boot environment is incomplete.
C. The solaris-1 boot environment was created automatically when the non global zone was created.
D. The solaris-1 boot environment was created in the non-global zone using the beadm create
command.
E. The solaris-1 boot environment is associated with a non active global zone boot environment.
Answer: A,E
Explanation:
A: The - of the Active Column indicates that this boot environment is inactive, and hence not
bootable.
Note: The values for the Active column are as follows:
R - Active on reboot.
N - Active now.
66
IT Certification Guaranteed, The Easy Way!
NR - Active now and active on reboot.
"-" - Inactive.
"!" - Unbootable boot environments in a non-global zone are represented by an exclamation point.
http://docs.oracle.com/cd/E23824_01/html/E21801/unbootable.html#scrolltoc
NO.125 You have completed configuring a zone named dbzone on your Solaris 11 server. The
configuration is as following:
The global zone displays the following network information:
The zone has never been booted. Which three options correctly describe this zone?
A. It is a sparse root zone.
B. It is a whole root zone.
C. It is an immutable zone.
D. It is a native zone.
E. The zone shares the network interface with the host.
F. The zone uses a virtual network interface.
G. The hostid is the same as the global zone.
67
IT Certification Guaranteed, The Easy Way!
H. The IP address of the zone is 10.0.2.18.
Answer: C,E,G
Explanation:
C: Immutable Zones provide read-only file system profiles for solaris non-global zones.
Note that ip-type: exclusive:
Starting with OpenSolaris build 37 and Oracle Solaris 10 8/07, a default zone can be configured as an
"exclusive-IP zone" which gives it exclusive access to the NIC(s) that the zone has been assigned.
Applications in such a zone can communicate directly with the NIC(s) available to the zone.
Note on zones:
After installing Oracle Solaris on a system, but before creating any zones, all processes run in the
global zone. After you create a zone, it has processes that are associated with that zone and no other
zone. Any process created by a process in a non-global zone is also associated with that non-global
zone.
Any zone which is not the global zone is called a non-global zone. Most people call non- global zones
simply "zones." Some people call them "local zones" but this is discouraged.
The default native zone file system model on Oracle Solaris 10 is called "sparse-root." This model
emphasizes efficiency and security at the cost of some configuration flexibility.
Sparse-root zones optimize physical memory and disk space usage by sharing some directories, like
/usr and /lib. Sparse-root zones have their own private file areas for directories like /etc and /var.
Whole-root zones increase configuration flexibility but increase resource usage. They do not use
shared file systems for /usr, /lib, and a few others.
There is no supported way to convert an existing sparse-root zone to a whole-root zone.
Creating a new zone is required.
NO.126 A user brian is configured to use the bash shell. His home directory is /export/home/brian,
and contains a .profile and a .bashrc file.
In the -profile, there are these lines:
genius =ritchie
export genius
In the .bashrc us this line:
genius=kernighan
In /etc/profile are these lines:
genius=thompson
export genius
When brian logs in and asks for the value of genius, what will he find, and why?
A. genius will be ritchie, because that was the value exported in .profile.
B. genius will be kernighan, because .bashrc executes after .profile.
C. genius will be ritchie because variable settings in .profile take precedence over variable settings in
.bashrc.
D. genius will be ritchie because .profile executes after .bashrc.
E. genius will be thompson because /etc/profile system settings always override local settings.
Answer: C
NO.127 You enter dladm show-phys, which provides the following output:
68
IT Certification Guaranteed, The Easy Way!
You then enter:
ipadm create-ip net3
What is the output?
A. ipadm: cannot; create interface net3: Operation failed.
B. ipadm: cannot create interface net3: Interface already exists.
C. ipadm: cannot create interface net3: IP address object not specified.
D. No_response, The command was successful.
Answer: B
Explanation:
According to the exhibit the interface already exists.
The command ipadm create-ip net3 is supposed to create a new interface net3.
NO.128 The following line is from /etc/shadow in a default Solaris 11 Installation:
jack: $5$9JFrt54$7JdwmO.F11Zt/ jFeeOhDmnw93LG7Gwd3Nd/cwCcNWFFg:0:15:30:3:::
Which two are true?
A. Passwords for account jack must be a minimum of 15 characters long.
B. The password for account jack has expired.
C. The password for account jack has 5 characters.
D. A history of 3 prior passwords for the account jack is kept to inhibit password reuse.
E. The minimum lifetime for a password for account jack is 15 days.
Answer: B,E
Explanation:
From the content of the /etc/shadow file we get:
* username: jack
* encrypted password: $5$9JFrt54$7JdwmO.F11Zt/
jFeeOhDmnw93LG7Gwd3Nd/cwCcNWFFg
* Last password change (lastchanged): Days since Jan 1, 1970 that password was last changed: 0
* Minimum: The minimum number of days required between password changes i.e. the number of
days left before the user is allowed to change his/her password: 15 Maximum: The maximum number
of days the password is valid (after that user is forced to change his/her password): 30 Warn : The
number of days before password is to expire that user is warned that his/her password must be
changed: 3
* Inactive : The number of days after password expires that account is disabled
* Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the
login may no longer be used
NO.129 View the Exhibit.
69
IT Certification Guaranteed, The Easy Way!
After Installing the OS, you need to verify the network interface information. Which command was
used to display the network interface information in the exhibit?
A. ifconfiq -a
B. ipadm show-addr
C. svcs -1 network/physical
D. netstat -a
Answer: B
Explanation:
'ipadm show-addr' displays all the configured addresses on the system.
Example:
# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
lo0/v6 static ok ::1/128
NO.130 user1 has a disk quota of 0.5 MB. The user attempts to run the following command on a file
called .bigfile that is 495 KB in size:
cp bigfile /tmp
Will the command execute successfully?
A. Yes. Quotas do not include any of the system files such as /tmp /swap.
B. Yes. The quota is set at the directory level, not the user level.
C. No. The command will fail because it will cause him to exceed his user quota.
D. No. A user cannot place files into the /tmp directory.
Answer: A
Explanation:
UFS quotas enable system administrators to control the size of file systems. Quotas limit the amount
of disk space and the number of inodes, which roughly corresponds to the number of files, that
individual users can acquire. For this reason, quotas are especially useful on the file systems where
user home directories reside. As a rule, the public and
/tmp file systems usually do not benefit significantly by establishing quotas.
Note: The cp command copies files and directories.
NO.131 Consider the following commands:
What is displayed when this sequence of commands is executed using the bash shell?
A. Hello, world
70
IT Certification Guaranteed, The Easy Way!
B. cat: cannot open file1
C. cat: cannot open file1Hello, world
D. cat: cannot open file1 Hello, World
E. bash: syntax error near unexpected token '&&'
Answer: B
Explanation:
First line (rm file1) deletes/removes file1.
Second line captures the text into file2.
The first part of line 3 (cat file1) fails as the file1 does not exist.
The && (AND) operator will ensure that the third line fails. The result of line 3 will be the result of
first part of line 3 (cat file1).
Note: cat - concatenate files and print on the standard output
Note #1: A list is a sequence of one or more pipelines separated by one of the operators ';',
'&', '&&', or '||', and optionally terminated by one of ';', '&', or a newline.
Of these list operators, '&&' and '||' have equal precedence, followed by ';' and '&', which have equal
precedence.
AND and OR lists are sequences of one or more pipelines separated by the control operators '&&' and
'||', respectively. AND and OR lists are executed with left associativity.
An AND list has the form
command1 && command2
command2 is executed if, and only if, command1 returns an exit status of zero.
An OR list has the form
command1 || command2
command2 is executed if, and only if, command1 returns a non-zero exit status.
The return status of AND and OR lists is the exit status of the last command executed in the list.
Note #2 (on exit status): Zero means command executed successfully, if exit status returns non-zero
value then your command failed to execute.
NO.132 You are troubleshooting a newly installed desktop Oracle Solaris 11 system with a single
network interface. From this system, you can connect to other systems within the company intranet,
but cannot access any external services (such as websites and email), even when using IP addresses.
Examining the routing table confirms that the default route to 192.168.1.1 is missing. DHCP is not
used at this site. Which two commands will temporarily mid permanently configure the default
route?
A. ipadm set-gateway 192.168.1.1
B. route add default 192.168.1.1
C. ipadm set-default 192.168.1.1
D. dladm route-add -d 192.168.1.1
E. echo 192.168.1.1 >/etc/gateway
F. echo 192.168.1.1 >/etc/defaultrouter
Answer: B,F
Explanation:
B: Setting the default route on Solaris is easy. If you are trying to just set the route temporarily you
can use the route command:
Route add default <ipaddress>
71
IT Certification Guaranteed, The Easy Way!
Example:
Route add default 192.168.1.1
Note: Route command manipulates the kernel routing tables. Routing is the process of forwarding a
packet from one computer to another. It is based on the IP address in the IP packet header and
netmask.
F: If you want the route to be persisted when you reboot the system, you will need to set the route in
the /etc/defaultrouter file.
/etc/defaultrouter
Example:
Echo 192.168.1.1 > /etc/defaultrouter
NO.133 You have been asked to terminate a process that appears to be hung and will not terminate.
The process table is shown below:
root 15163 15156 0 12:51:15 pts/3 0:00 hungscript
What command will terminate the process?
A. kill -9 15163
B. kill -1 15163
C. kill -15 15163
D. kill -2 15163
Answer: A
Explanation:
Here we should use SIGTERM to terminate the process.
Note:
When no signal is included in the kill command-line syntax, the default signal that is used is
-15 (SIGKILL). Using the -9 signal (SIGTERM) with the kill command ensures that the process
terminates promptly. However, the -9 signal should not be used to kill certain processes, such as a
database process, or an LDAP server process. The result is that data might be lost.
Tip - When using the kill command to stop a process, first try using the command by itself, without
including a signal option. Wait a few minutes to see if the process terminates before using the kill
command with the -9 signal.
NO.134 alice is a user account used by Alice on a Solaris 11 system.
sadmin is a role account on the same system.
Your task is to add the command /usr/sbin/cryptoadm to the Network management profile, so that
Alice can execute it, while assuming the sadmin role.
Select the three activities necessary to accomplish this.
A. To the file /etc/security/prof_attr, add the line: Network Management:
solaris:cmd:RO::/usr/sbin/cryptoadm:euid=0
B. To the file /etc/security/auth_attr, add the line:Network Management:
solaris:cmd:RO::/usr/sbin/cryptoadm:euid=0
C. To the file /etc/security/exec_attr.d/local-entriies, add the line:Network Management:
solaris:cmd:RO::/usr/sbin/cryptoadm:euid=0
D. Run the roles alice to ensure that alice may assume the role sadmin.
E. Run the command profiles sadmin to ensure that the role sadmin includes the network
Management profile.
72
IT Certification Guaranteed, The Easy Way!
F. Run the command profiles alice to ensure that the Alice has permissions to access the Network
management profile.
G. Run the command profiles "Network management" to ensure that the Network management
profile includes the sadmin role.
Answer: C,D,G
Explanation:
C: /etc/security/exec_attr is a local database that specifies the execution attributes associated with
profiles. The exec_attr file can be used with other sources for execution profiles, including the
exec_attr NIS map and NIS+ table.
A profile is a logical grouping of authorizations and commands that is interpreted by a profile shell to
form a secure execution environment.
NO.135 User jack logs in to host solaris and then attempts to log in to host oracle using ssh. He
receives the following error message:
The authenticity of host oracle (192.168.1.22) can't be established. RSA key fingerprint is
3B:23:a5:6d:ad:a5:76:83:9c:c3:c4:55:a5:18:98:a6
Are you sure you want to continue connecting (yes/no)?
Which two are true?
A. The public host key supplied by solaria is not known to the host oracle.
B. The error would not occur if the RSA key fingerprint shown in the error message was added to the
/etc/ssh/known_hosts file on solaris.
C. The private host key supplied by oracle is not known to solaris.
D. If jack answers yes, the RSA public key for the host oracle will be added to the known_hosts file for
the user jack.
E. The public host key supplied by oracle is not known to the host solaris.
Answer: B,D
Explanation:
The fingerprints are used to guard against man in the middle attacks. Since ssh logins usually work
over the internet (an insecure connection), someone could hijack your connection. When you try to
log into yourmachine.com, he could get "in the middle" and return your challenge as if he was
yourmachine.com. That way, he could get hold of your login password.
To make this attack harder, ssh stores the fingerprint of the server's public key on the first connection
attempt. You will see a prompt like:
The authenticity of host 'eisen (137.43.366.64)' can't be established.
RSA key fingerprint is cf:55:30:31:7f:f0:c4:a0:9a:02:1d:1c:41:cf:63:cf.
Are you sure you want to continue connecting (yes/no)
When you enter yes, ssh will add the fingerprint to your known_hosts file. you will see Code:
Warning: Permanently added 'eisen, 137.43.366.64' (RSA) to the list of known hosts.
The next time you login, ssh will check whether the host key has changed. A changing host key usually
indicates a man in the middle attack, and ssh refuses to connect.
NO.136 Which two are true about accounts, groups, and roles in the Solaris user database?
A. All Solaris user accounts must have a unique UID number.
B. A Solaris account name may be any alphanumeric string, and can have a maximum length of 8
characters.
73
IT Certification Guaranteed, The Easy Way!
C. Account UID numbers 0-09 are system-reserved.
D. The GID for an account determines the default group ownership of new files created by that
account.
E. The groups that an account is a member of are determined by the entries in the
/etc/group file.
Answer: A,B
Explanation:
A: Solaris uses a UID (User ID) to identify each user account. The UID is a unique number assigned to
each user. It is usually assigned by the operating system when the account is created.
B: In Solaris the account name can include any alphanumeric string (and . _ -). The maximum length is
8 characters.
NO.137 The core dump configuration in your non global zone is
A user is running a process in a non-global zone (testzone) and the process crashes. The process
information is:
user126632618017:46:42pts/20:00/usr/bin/bash
When the user's process crashes in testzone, a non-global zone, where will the core dump be saved?
A. The file will be stored in the non-global zone's directory:
/var/core/pprocess/core.hash.2663.
B. The file will be saved in the global zone's directory: /var/core/core.bash.2663.
C. A core file cannot be generated in a non-global zone because it shares the kernel with the global
zone.
D. The file will be stored in the global zone's directory: /var/core/pprocess/core.bash.2663.
E. The file will be saved in non-global zone's directory: /var/core/core.bash.2663
Answer: E
Explanation:
The line
init core file pattern: /var/core/core.%f.%p
will be used for the non-global process to determine the destination of the dump file.
Note: When a process is dumping core, up to three core files can be produced: one in the per-process
location, one in the system-wide global location, and, if the process was running in a local (nonglobal) zone, one in the global location for the zone in which that process was running.
NO.138 You upgraded your server to Oracle Solaris 11 and you imported zpool (pool1) that was
created in Solaris 10. You need to create an encrypted ZFS file system in pool1, but first you need to
make sure that your server supports ZFS encryption.
Which four statements are true for support of ZFS encryption?
74
IT Certification Guaranteed, The Easy Way!
A. The encrypted file system must have been created in Oracle Solaris11. To encrypt a ZFS file system
from a previous version of Solaris, upgrade the zpool and create a new encrypted ZFS file system into
the encrypted ZFS file system.
B. If you plan to create an encrypted file system in an existing zpool, the zpool must be upgraded to
ZFS version 30.
C. ZFS encryption is integrated with the ZFS command set and no additional packages need to be
installed.
D. ZFS encryption requires that the ZFS Dataset Encryption package be installed.
E. If you plan to create an encrypted file system in an existing zpool, the pool must be upgraded to
ZFS version 21, minimum.
F. Encryption is supported at the pool or dataset (file system) level.
G. Encryption is supported at the pool level only for every file system in the pool will be encrypted.
H. You cannot create an encrypted file system in a zpool that was created prior to oracle Solaris11.
Create a new zpool in Solaris11, create an encrypted ZFS file system in the new zpool, and move or
copy the data from the existing file system into the new encrypted file system.
Answer: A,B,C,F
Explanation:
A (not H): You can use your existing storage pools as long as they are upgraded. You have the
flexibility of encrypting specific file systems.
B (not E): Can I enable encryption on an existing pool?
Yes, the pool must be upgraded to pool version 30 to allow encrypted ZFS file systems and volumes.
C (not D): ZFS encryption is integrated with the ZFS command set. Like other ZFS operations,
encryption operations such as key changes and rekey are performed online.
F (not G): Encryption is the process in which data is encoded for privacy and a key is needed by the
data owner to access the encoded data. You can set an encryption policy when a ZFS dataset is
created, but the policy cannot be changed.
NO.139 Your users are experiencing delay issues while using their main application that requires
connections to remote hosts. You run the command uptime and get the flowing output:
1:07am up 346 day(s), 12:03, 4 users, load average: 0.02, 0.02, 0.01
Which command will be useful in your next step of troubleshooting?
A. ipadm
B. traceroute
C. dladm
D. snoop
E. arp
Answer: B
Explanation:
Test the remote connection with traceroute.
The Internet is a large and complex aggregation of network hardware, connected together by
gateways. Tracking the route one's packets follow (or finding the miscreant gateway that's discarding
your packets) can be difficult. traceroute utilizes the IP protocol `time to live' field and attempts to
elicit an ICMP TIME_EXCEEDED response from each gateway along the path to some host.
This program attempts to trace the route an IP packet would follow to some internet host by
75
IT Certification Guaranteed, The Easy Way!
launching UDP probe packets with a small ttl (time to live) then listening for an ICMP "time
exceeded" reply from a gateway.
NO.140 You have been asked to do an orderly shutdown on a process with a PID of 1234, with the
kill command.
Which command is best?
A. kill -2 1234
B. kill -15 1234
C. kill -9 1234
D. kill -1 1234
Answer: B
Explanation:
On POSIX-compliant platforms, SIGTERM is the signal sent to a process to request its termination. The
symbolic constant for SIGTERM is defined in the header file signal.h.
Symbolic signal names are used because signal numbers can vary across platforms, however on the
vast majority of systems, SIGTERM is signal #15.
SIGTERM is the default signal sent to a process by the kill or killall commands. It causes the
termination of a process, but unlike the SIGKILL signal, it can be caught and interpreted (or ignored)
by the process. Therefore, SIGTERM is akin to asking a process to terminate nicely, allowing cleanup
and closure of files. For this reason, on many Unix systems during shutdown, init issues SIGTERM to
all processes that are not essential to powering off, waits a few seconds, and then issues SIGKILL to
forcibly terminate any such processes that remain.
NO.141 Which two accurately describe the Solaris IPS repository?
A. It contains a collection of operating system patches.
B. It contains a collection of software packages.
C. All packages within an IPS package repository reside in a catalog.
D. It is an ISO image of the Solaris installation media.
E. The packages in a catalog are associated with a specific publisher.
Answer: B,E
Explanation:
Image Packaging System (IPS) is a new network based package management system included in
Oracle Solaris 11. It provides a framework for complete software lifecycle management such as
installation, upgrade and removal of software packages. IPS also enables you to create your own
software packages, create and manage package repositories, and mirror existing package
repositories.
Oracle Solaris software is distributed in IPS packages. IPS packages are stored in IPS package
repositories, which are populated by IPS publishers.
E: The following command displays property information about the local repository.
$ pkgrepo get -s /export/repoSolaris11
SECTION PROPERTY VALUE publisher prefix solaris repository description This\ repository\ serves\ a\
copy\ of\ the\ Oracle\ Solaris\ 11\ Build\ 175b\ Package\ Repository.
repository name Oracle\ Solaris\ 11\ Build\ 175b\ Package\ Repository
repository version 4
The value of the publisher prefix specifies that solaris is to be used in the following cases:
76
IT Certification Guaranteed, The Easy Way!
When more than one publisher's packages are present and no publisher is specified in the package
name in the pkg command When packages are published to the repository and no publisher is
specified.
NO.142 A user jack, using a bash shell, requests a directory listing as follows:
Which three statements are correct?
A. The pattern dir? will expand to dira dirb dirc.
B. The pattern dir*a will expand to diraa.
C. The pattern dir*a will expand to dira diraa.
D. The pattern dir*b? will expand to dirabc.
E. The pattern dir*b? will expand to dirb dirabc.
Answer: A,C,D
Explanation:
A: dir followed by a single letter.
C: dir followed by any characters ending with a.
D: dir followed by any characters, then character b, then one single character.
only dirabc matches
NO.143 You created a new zpool. Now you need to migrate the existing ZFS file system from
pool1/prod to pool2/prod.
You have these requirements:
1. Users must have access to the data during the migration, so you cannot shutdown the file system
while the migration takes place.
2. Because you want to copy the data as quickly as possible, you need to increase the server
resources devoted to the ZFS migration.
Which method would you use to modify the ZFS shadow migration daemon defaults to increase the
concurrency and overall speed of migration?
A. Svccfg - s filesystem/shadowd:defaultsetprop config_params/shadow_threads=integer:
1 6endsvcadm refresh filesystem/shadowd: default
B. Specify the -b <blocksize> option with the zfs create command and increase the value of
< blocksize>
C. Use the -o -volblocksize=<blocksize>option with the zfs create command and increase the value of
the default <blocksize>.
D. Svccfg -s filesystem/zfs: defaultsetprop config_params/shadow_threads = integer:
16endsvcadm refresh filesystem/zfs:default
Answer: A
Explanation:
shadowd is a daemon that provides background worker threads to migrate data for a shadow
migration. A shadow migration gradually moves data from a source file system into a new "shadow"
file system. Users can access and change their data within the shadow file system while migration is
occurring.
The shadowd service is managed by the service management facility, smf(5).
Administrative actions on this service, such as enabling, disabling, or requesting restart, can be
77
IT Certification Guaranteed, The Easy Way!
performed using svcadm(1M). The service's status can be queried using the svcs(1) command.
The svccfg(1M) command can be used to manage the following parameter related to shadowd:
config_params/shadow_threads
Note: Oracle Solaris 11: In this release, you can migrate data from an old file system to a new file
system while simultaneously allowing access and modification of the new file system during the
migration process.
Setting the shadow property on a new ZFS file system triggers the migration of the older data. The
shadow property can be set to migrate data from the local system or a remote system with either of
the following values:
file:///path
nfs://host:path
NO.144 Identify the two security features incorporated in the Oracle Solaris 11 Cryptographic
Framework.
A. Layer 5 IP address encryptions
B. Internet protocol security
C. Diffie-Kerberos coaxial key encryption
D. Signed cryptographic plugins (providers)
E. Kernel support for signed antivirus plugins
Answer: D,E
Explanation:
The framework enables providers of cryptographic services to have their services used by many
consumers in the Oracle Solaris operating system. Another name for providers is plugins. The
framework allows three types of plugins:
* User-level plugins - Shared objects that provide services by using PKCS #11 libraries, such as
pkcs11_softtoken.so.1.
* Kernel-level plugins - Kernel modules that provide implementations of cryptographic algorithms in
software, such as AES.
Many of the algorithms in the framework are optimized for x86 with the SSE2 instruction set and for
SPARC hardware.
* Hardware plugins - Device drivers and their associated hardware accelerators. The Niagara chips,
the ncp and n2cp device drivers, are one example. A hardware accelerator offloads expensive
cryptographic functions from the operating system. The Sun Crypto Accelerator 6000 board is one
example.
NO.145 Which option would you choose to display the kernel revision level for your operating
system?
A. cat. /etc/release
B. uname -a
C. pkg info kernel
D. banner (issued from the OpenBoot Prom)
E. cat /etc/motd
Answer: B
NO.146 Your server has a ZFS storage pool that is configured as follows:
78
IT Certification Guaranteed, The Easy Way!
The server has two spate 140-GB disk drives: c3t5d0 c3t6d0
Which command would add redundancy to the pool1 storage pool?
A. zpool attach pool1 c3t5d0 c3t6d0
B. zpool attach pool1 c3t3d0 c3c5d0; zpoo1 attach pool1 c3t4d0 c3t6d0
C. zpool mirror pool1 c3t5d0 c3t6d0
D. zpool add pool1 mirror c3t5d0 c3t6d0
E. zpool add raidz pool1 c3t5d0 c3t6d0
Answer: A
Explanation:
You can convert a non-redundant storage pool into a redundant storage pool by using the zpool
attach command.
Note: zpool attach [-f] pool device new_device
Attaches new_device to an existing zpool device. The existing device cannot be part of a raidz
configuration. If device is not currently part of a mirrored configuration, device automatically
transforms into a two-way mirror of device and new_device. If device is part of a two-way mirror,
attaching new_device creates a three-way mirror, and so on. In either case, new_device begins to
resilver immediately.
NO.147 Select the packet type that identifies members of the group and sends information to all the
network interfaces in that group.
A. Unicast
B. Multicast
C. Broadcast
D. Bayesian
E. Quality of Service Priority
Answer: B
Explanation:
IPv6 defines three address types:
unicast
Identifies an interface of an individual node.
multicast
Identifies a group of interfaces, usually on different nodes. Packets that are sent to the multicast
address go to all members of the multicast group.
anycast
Identifies a group of interfaces, usually on different nodes. Packets that are sent to the anycast
address go to the anycast group member node that is physically closest to the sender.
NO.148 You have a ticket from a new user on the system, indicating that he cannot log in to his
79
IT Certification Guaranteed, The Easy Way!
account. The information in the ticket gives you both the username and password. The ticket also
shows that the account was set up three days ago.
As root, you switch users to this account with the following command:
su - newuser
You do not get an error message.
You then run 1s -1a and see the following files:
local1.cshrc local1.login local1.profile .bash_history .bashrc .profile As root, you grep the /etc/passwd
file and the /etc/shadow file for this username, with these results:
/etc/passwd contains newuser:x:60012:10:/home/newuser:/usr/bin/bash
/etc/shadow contains newuser:UP: : : : :10: :
As root, what is your next logical step?
A. Usermod -f 0
B. passwd newuser
C. mkdir /home/newuser
D. useradd -D
Answer: B
Explanation:
The content of the /etc/shadow document indicates that the newuser account has no password.
We need to add a password.
The passwd utility is used to update user's authentication token(s).
D: Here the user account already exist. There is no need to create it.
When invoked without the -D option, the useradd command creates a new user account using the
values specified on the command line plus the default values from the system.
Depending on command line options, the useradd command will update system files and may also
create the new user's home directory and copy initial files.
NO.149 You are creating a non-global zone on your system.
Which option assigns a zpool to a non-global zone, and gives the zone administrator permission to
create zfs file system in that zpool?
A. While creating the non-global zone, make the following entry: add deviceset
match=/dev/rdsk/c4t0d0endBoot the zone and log in the zone as root. Create the zpool:
zpool create pool2 c4t0d0In the non-global zone, root can now create ZFS file system in the pool2
zpool
B. In the global zone, create the zpool: global# zpool create pool2 c4t1d0While creating the no-global
zone, make the following entry: add datasetset name=pool2endadd fsset dir=pool1set
special=pool1set type=zfspool1endBoot the zone, log in the zone as root, and create the zfs file
system in the pool2 zpool.
C. In the global zone, create the zpool:global#zpool create pool2 c4t1d0While creating the global
zone, make the following entry: add datasetset name=pool2endBoot the zone, log in to the zone as
root and create the zfs file systems in the pool2 zpool.
D. In the global zone, create the zpool and the ZFS file systems that you want to use in the non-global
zone: global#zpool create pool2 c4t1d0global#zfs create pool2/dataWhile creating the non-global
zone, make the following entry for each ZFS file system that you want to make available in the zone:
add fsset dir=/dataset special=pool2/dataset type=zfsend
E. Create the zpool in the global zone: global#zpool create pool2 c4t1d0Boot the non- global zone, log
80
IT Certification Guaranteed, The Easy Way!
in to the zone as root, and issue this command to delegate ZFS permissions to root: non-global zone#
zfs allow root create , destroy, mount pool2Log in to the non-global zone create ZFS file systems in
the pool2 zpool.
Answer: C
Explanation:
http://docs.oracle.com/cd/E19253-01/819-5461/gbbst/index.html
NO.150 Which option displays the result of running the zfs list command?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
Explanation:
The zfs list command provides an extensible mechanism for viewing and querying dataset
information.
You can list basic dataset information by using the zfs list command with no options. This command
displays the names of all datasets on the system and the values of their used, available, referenced,
and mountpoint properties. For more information about these properties, see Introducing ZFS
Properties.
For example:
# zfs list
NAME USED AVAIL REFER MOUNTPOINT
pool 476K 16.5G 21K /pool
pool/clone 18K 16.5G 18K /pool/clone
pool/home 296K 16.5G 19K /pool/home
pool/home/marks 277K 16.5G 277K /pool/home/marks
pool/home/marks@snap 0 - 277K pool/test 18K 16.5G 18K /test
81
IT Certification Guaranteed, The Easy Way!
NO.151 Which two options are valid methods of installing a solaris10 branded zone on a system
running Oracle Solaris 11?
A. Use the V2V process to migrate an existing Solaris 8 or 9 non-global zone from a Solaris 10 system
to a solaris10 branded zone.
B. Use the V2V process to migrate an existing Solaris 10 non-global whole root zone from a Solaris 10
system to a solaris10 branded whole root zone.
C. Install a solaris10 branded zone directly from the Oracle Solaris 10 media.
D. Migrate an existing 64-bit Solaris 10 system to a solaris10 branded non-global zone using the P2V
process.
E. Use the V2V process to migrate an existing Solaris 10 non-global sparse root zone from a Solaris 10
system to a solaris10 branded sparse root zone.
Answer: B,C
Explanation:
B: How to Migrate an Existing native Non-Global Zone
Use the V2V process to migrate an existing zone on your Solaris 10 system to a solaris10 brand zone
on a system running the Oracle Solaris 11 release.
C: How to Install the solaris10 Branded Zone
A configured solaris10 branded zone is installed by using the zoneadm command with the install
subcommand.
NO.152 You are troubleshooting interface net3 and you enter the following sequence of commands:
Your next command should be:
A. ipadm up-addr net3/v4
B. ipadm enable-if -T net3
C. <ipadm create-vnic -a 192.168.1.25/24 net3/v4
D. ipadm create-ip -T static -a 192.168.1.25/24 -n net3
E. ipadm create-addr -T static -a 192.168.1.25/24 net3
Answer: E
Explanation:
If you are assigning a static IP address, use the following syntax:
# ipadm create-addr -T static -a address addrobj
where addrobj uses the naming format interface/user-defined-string, such as e1000g0/v4globalz.
Note:
82
IT Certification Guaranteed, The Easy Way!
create-addr [-t] -T static [-d] -a {local | remote}=addr[/prefixlen], ... addrobj Creates a static IPv4 or
IPv6 address on the interface specified in addrobj. If the interface on which the address is created is
not plumbed, this subcommand will implicitly plumb the interface. The created static address will be
identified by addrobj.
By default, a configured address will be marked up, so that it can be used as a source or destination
of or for outbound and inbound packets.
NO.153 You are using AI to install a new system. You have added to following information to the AI
manifest:
< configuration type= "zone" name= "dbzone"
source = "http://sysA.example.com/zone_cfg/zone.cfg"/>
Which statement is true with regard to the zone.cfg?
A. The zone.cfg file is text file in a zonecfg export format.
B. The zone.cfg file is an AI manifest that specifies how the zone is to be installed.
C. The zone.cfg file is an xml file in a form suitable for use as a command file for the zonecfg
command.
D. The zone.cfg file is an SC profile with keywords that are specific for configuring a as part of the
installation process.
E. It is am xml configuration file from the /etc/zone directory. It will be used as a profile for the zone.
It specifies the zonename, zonepath, and other zonecfg parameters.
Answer: A
Explanation:
https://docs.oracle.com/cd/E23824_01/html/E21798/glitd.html#scrolltoc
http://docs.oracle.com/cd/E23824_01/html/E21798/glitd.html#aizoneconf
NO.154 _________ serves as the interface between the SMF repository and the user to ensure that
a consistent, picture of the repository is presented to the user.
A. repository.db
B. service manifest
C. svc.startd
D. svc.configd
Answer: D
Explanation:
SVC.CONFIGD is the repository daemon responsible for maintaining /etc/svc/repository.db.
The repository.db must come clean during this integrity check otherwise it is a "no go" for usual boot
sequence to run level 3. The repository may get corrupted due to various hardware issues, software
bugs, disk write failures, etc.
Note: When svc.configd(1M), the Solaris Repository Daemon, is started, it does an integrity check of
the smf(5) repository, stored in /etc/svc/repository.db. This integrity check can fail due to a disk
failure, the database file being corrupted either due to a hardware bug, a software bug, or an
accidental overwrite. If the integrity check fails, svc.configd will write a message to the console.
NO.155 Which three options describe the purpose of the zonep2vchk command?
A. Used on a Solaris 10 global zone to access the system for problems before migrating that system
to a Solaris 10 branded zone.
83
IT Certification Guaranteed, The Easy Way!
B. Used to access a Solaris 10 global zone for problems before migrating that zone to a Solaris 11
global zone
C. Used to create zonecfg template for a Solaris 10 global zone that that will be migrated to a
solaris10 branded zone.
D. Used to migrate an Oracle Solaris 11 global zone to a non-global zone.
E. Used to migrate a Solaris 10 global zone to a non-global zone on the same server; the non-global
zone can then be migrated to a Solaris 11 server as a Solaris10 branded zone.
Answer: C,D,E
Explanation:
zonep2vchk
- check a global zone's configuration for physical to virtual migration into non-global zone The
zonep2vchk utility is used to evaluate a global zone's configuration before the process of physical-tovirtual (p2v) migration into a non-global zone.
The p2v process involves archiving a global zone (source), and then installing a non-global zone
(target) using that archive Zonep2vchk serves two functions. First, it can be used to report issues on
the source which might prevent a successful p2v migration. Second, it can output a template zonecfg,
which can be used to assist in configuring the non-global zone target.
Zonep2vchk can be executed on a Solaris 10 or later global zone. To execute on Solaris
10, copy the zonep2vchkutility to the Solaris 10 source global zone.
When run on Solaris 10, a target release of S11 can be specified, which will check for p2v into a
Solaris 10 Branded zone.
NO.156 Which two statements are true concerning the network stack on Oracle Solaris 11?
A. Hardware network interfaces and datalinks have a one-to-one relationship.
B. IP addresses are assigned to datalinks.
C. A single IP interface can have either an IPv4 address or an IPv6 address but not both.
D. A single IP interface can have both an IPv4 address and an IPv6 address.
E. A single datalink can have only one IP interface.
Answer: A,D
NO.157 You have been asked to troubleshoot the initial configuration of a virtual network
connecting two local zones with the outside world.
View the exhibit.
84
IT Certification Guaranteed, The Easy Way!
The command
dladm create-vnic -1 vswitch192.168.1 vnic1
fails with the error
dladm: invalid link name 'vswitch192.168.1'
What is the reason for this error?
A. The name vswitch192.168.1 is not legal.
B. The zone must be specified withdladm create-vnic -z zone3 vnic1.
C. The virtual interface must be specified withdladm create-vnic -z zone3 vnic1.
D. The virtual interface must be created withipadm create-vnic -1 switch192.168.1.
E. The virtual switch must be created first withdladm create -etherstub vswitch192.168.1.
Answer: E
Explanation:
There is no data-link named vswitch192.168.
We need to create an etherstub first.
See Note and example below for details.
Note: Create a VNIC in the system's global zone.
# dladm create-vnic -l data-link vnic-name
data-link is the name of the interface where the VNIC is to be configured.
-l link, --link=link
link can be a physical link or an etherstub.
vnic-name is the name that you want to give the VNIC.
For example, to create a VNIC named vnic0 on interface e1000g0, you would type the following:
# dladm create-vnic -l e1000g0 vnic0
Example: Creating a Virtual Network Without a Physical NIC
First, create an etherstub with name stub1:
# dladm create-etherstub stub1
Create two VNICs with names hello0 and test1 on the etherstub. This operation implicitly creates a
virtual switch connecting hello0 and test1.
85
IT Certification Guaranteed, The Easy Way!
# dladm create-vnic -l stub1 hello0
# dladm create-vnic -l stub1 test1
NO.158 What determines which bits in an IP address represent the subnet, and which represent the
host?
A. Subnet
B. unicast
C. netmask
D. multicast
E. broadcast
Answer: C
Explanation:
A subnetwork, or subnet, is a logically visible subdivision of an IP network. The practice of dividing a
network into two or more networks is called subnetting.
The routing prefix of an address is written in a form identical to that of the address itself.
This is called the network mask, or netmask, of the address. For example, a specification of the mostsignificant 18 bits of an IPv4 address, 11111111.11111111.11000000.00000000, is written as
255.255.192.0.
NO.159 Examine this command and its output:
$ zfs list -r -t all tank
Name USED AVAIL REFER MOUNTPOINT
tank 3.00G 1.84G 32K /tank
tank/database 3.00G 1.84G 2.00G /tank/database
tank/[email protected] 1.00G - 2.00G Which two conclusions can be drawn based on this output?
A. The tank dataset consumes 3 GB of storage.
B. The tank/[email protected] dataset consumes 1 GB of storage that is shared with its parent.
C. The tank/[email protected] dataset consumes 1 GB of storage that is not shared with its parent.
D. The tank/[email protected] dataset consumes 2 GB of storage that is shared with its child.
E. The tank/[email protected] dataset consumes 2 GB of storage that is not shared with its child.
Answer: A,B
NO.160 The core dump configuration for your system is:
A user is running a process in the global zone and the process crashes. The process information is:
User1 2663 2618 0 17:46:42 pts/2 0:00 /usr/bin/bash
86
IT Certification Guaranteed, The Easy Way!
The server host name is: zeus
What will the per-process core file be named?
A. core.bash.2663.global
B. core.bash.2663.zeus
C. /var/core/core.bash.2663
D. /var/core/core.bash.2663.global
Answer: C
Explanation:
Note the first line:
global core file pattern: /globalcore/core.%f.%p
The program name is bash
The runtime process ID is 2663
Note: By default, the global core dump is disabled. You need to use the coreadm command with the e global option to enable it. The -g option causes the command to append the program name(%f) and
the runtime process ID (%p) to the core file name.
NO.161 The line
set noexec_user_stack= l
should be added to the /etc/system file to prevent an executable stack while executing user
programs. What is the purpose of this?
A. help prevent core dumps on program errors
B. help programs to execute more quickly by keeping to their own memory space
C. log any messages into the stack log
D. help make buffer-overflow attacks more difficult
Answer: D
Explanation:
How to Disable Programs From Using Executable Stacks
Purpose: Prevent executable stack from overflowing.
You must be in the root role.
Edit the /etc/system file, and add the following line:
set noexec_user_stack=1
Reboot the system.
# reboot
NO.162 User jack on host solaris attempts to use ssh to log in to host oracle and receives this
message:
jack@solaris:~$ ssh oracle
ssh: connect to host oracle port 22: connection refused
What is the problem?
A. Host oracle does not have a valid host public key.
B. Host oracle does not have a valid host private key.
C. Host solaris does not have a valid host public key.
D. Host does not have a valid host private key.
E. Host solaris is not configured for host-based authentication.
87
IT Certification Guaranteed, The Easy Way!
F. Host oracle is not configured for host-based authentication.
G. Host oracle is not running the ssh service.
H. Host solaris is not running the ssh service.
Answer: G
Explanation:
The host he is trying to connect to (oracle) is not running the required service (ssh).
NO.163 The crash dump notification on your server is:
Documentation states that there should be two core files for each crash dump in the
/var/crash directory named vmdump.0
Which command should you choose to display theses two files?
A. savecore -f vmdump.0
B. dumpadm uncompressed
C. gunzip vmdump.0
D. dumpadm -z off
Answer: A
Explanation:
Decompress using savecore -f vmdump.0
savecore - save a crash dump of the operating system
-f dumpfile Attempt to save a crash dump from the specified file instead of from the system's current
dump device. This option may be useful if the information stored on the dump device has been
copied to an on-disk file by means of the dd(1M) command.
NO.164 Which operation will fail if the DNS configuration is incorrect?
A. domainname
B. ping localhost.
C. ping 192.168.1.1
D. ping 23.45.82.174
E. ping www.oracle.com.
F. cat /etc/resolv.conf
Answer: E
Explanation:
www.oracle.com would have to be resolved to an IP name by the domain name service.
NO.165 User1 is attempting to assist user2 with terminating user2's process 1234.
User1 entered the following: kill -9 1234
88
IT Certification Guaranteed, The Easy Way!
Why does the process continue to run?
A. You can kill a process only if you are root.
B. You can kill only a process that you own.
C. You can kill the process only with the pkill command.
D. You need to kill the process with a stronger kill signal.
Answer: B
Explanation:
Kill -9
Kill (terminates without cleanup)
Only works if issued by process owner or super user (root)
The program cannot respond to this signal; it must terminate
Note: Unix provides security mechanisms to prevent unauthorized users from killing other processes.
Essentially, for a process to send a signal to another, the owner of the signaling process must be the
same as the owner of the receiving process or be the superuser.
NO.166 A local repository is available on this system and you need to enable clients to access this
repository via HTTP. The repository information is:
PUBLISHERTYPESTATUSURI
solarisoriginonlinehttp://sysA.example.com
Identify two of the steps that are required to make the local repository on this server available to the
client via HTTP.
A. On the server: set the pkg/inst_root and pkg/readonly properties for the
svc:/application/pkg/server:default service and enabled the service
B. On the server: set the sharefs property on the ZFS file system containing the IPS repository.
C. On the client: reset the origin for the solaris publisher.
D. On the client: set the pkg/inst_root and pkg/readonly properties for the
svc:/application/server:default service enable the service.
E. On the client: start the pkg.depotd process.
Answer: A,E
Explanation:
A: Configure the Repository Server Service
To enable clients to access the local repository via HTTP, enable the application/pkg/server Service
Management Facility (SMF) service.
# svccfg -s application/pkg/server setprop pkg/inst_root=/export/repoSolaris11
# svccfg -s application/pkg/server setprop pkg/readonly=true
E: Use pkg.depotd to serve the repository to clients.
Start the Repository Service
Restart the pkg.depotd repository service.
# svcadm refresh application/pkg/server
# svcadm enable application/pkg/server
To check whether the repository server is working, open a browser window on the localhost location.
NO.167 After installing the OS, the following network configuration information is displayed from
the system:
89
IT Certification Guaranteed, The Easy Way!
Which option describes the state of this server?
A. The automatic network configuration option was chosen during the installation of the OS.
B. The manual network configuration option was chosen during the installation of the OS.
C. The network was not configured during the installation of the OS.
D. The network interface is configured with a static IP address.
Answer: C
Explanation:
Only the loopback addresses are configured. No IP address is configured.
NO.168 You have set up the task.max-lwps resource control on your Solaris 11 system.
Which option describes how to configure the system so that syslogd notifies you when the resources
control threshold value for the task.max-lwps resource has been exceeded?
A. Use the rctladm command to enable the global action on the task.max-lwpa resource control.
B. Modify the /etc/syslog.conf file to activate system logging of all violations of task.max- lwps and
then refresh then svc: /system/system-log:default service.
C. Activate system logging of all violations of task.max-lwpp in the /etc/rctldm.conf file and then
execute the rctladm-u command.
D. Use the prct1 command to set the logging of all resource control violations at the time the
task.max-lwps resource control is being setup.
E. Use the setrct1 command to set the logging of all resource control violations for the task.max-lwps
resource control.
Answer: A
Explanation:
rctladm - display and/or modify global state of system resource controls The following command
activates system logging of all violations of task.max-lwps.
# rctladm -e syslog task.max-lwps
#
NO.169 To help with your troubleshooting, you need to determine the version of the OBP. Which
two commands will provide you with this information?
A. printenv
B. banner
C. .version
D. set-env
E. show-devs
F. value version
Answer: B,C
Explanation:
B: banner
Displays power-on banner.
The PROM displays the system banner. The following example shows a SPARCstation 2 banner. The
90
IT Certification Guaranteed, The Easy Way!
banner for your SPARC system may be different.
SPARCstation 2, Type 4 Keyboard
ROM Rev. 2.0, 16MB memory installed, Serial # 289
Ethernet address 8:0:20:d:e2:7b, Host ID: 55000121
C: .version
Displays version and date of the boot PROM.
Note: OBP-OpenBootProm is a firmware which is placed on the sun machine's prom chip.
It is a os independent user interface to deal with the sun machine's hardware components.
The user interface provides one or more commands to display system information.
NO.170 New features wore added to ZFS in Oracle Solaris11. Your justification to upgrade from
Solaris10 to oracle Solaris11 is that it will be possible to take advantage of the enhancements that
were made to ZFS.
Identify the three ZFS functions and features that are included in Oracle Solaris 11, but not in Solaris
10.
A. Encrypted ZFS datasets
B. Ability for ZFS to detect and remove redundant data from the tile system
C. Shadow Data Migration
D. Ability to split a mirrored ZFS storage pool
E. Ability to use ZFS on the boot drive and boot to a ZFS root file system.
F. elimination of the swap file system when using ZFS on the root disk
Answer: A,B,C
Explanation:
http://www.oracle.com/technetwork/server-storage/solaris11/overview/solaris-matrix1549264.html
NO.171 You suspect a problem with the oponldap package and want to make sure that the files
have not be modified or otherwise tampered with.
Which command would validate all of the files contained in the openldap package and report any
problems?
A. pkgchk openldap
B. pkginfo openldap
C. pkg contents openldap
D. pkg verify openldap
E. pkg set-property signature-policy verify
Answer: A
Explanation:
pkgchk checks the accuracy of installed files or, by using the -l option, displays information about
package files. pkgchk checks the integrity of directory structures and files.
Discrepancies are written to standard error along with a detailed explanation of the problem.
NO.172 View the following information for a software package:
91
IT Certification Guaranteed, The Easy Way!
Which command would you use to display this information for a software package that is not
currently installed on your system?
A. pkg list gzip
B. pkg info -r gzip
C. pkg search -1 gzip
D. pkg verify -v gzip
E. pkg contents gzip
Answer: B
Explanation:
By default, the pkg info command only lists information about installed packages on the system;
however, we can use a similar command to look up information about uninstalled packages, as
shown in here:
Example:
Listing Information About an Uninstalled Package
# pkg info -r php-52
Name: web/php-52
Summary: PHP Server 5.2
Description: PHP Server 5.2
Category: Development/PHP
State: Not Installed
Publisher: solaris
Version: 5.2.17
Build Release: 5.11
Branch: 0.175.0.0.0.1.530
Packaging Date: Wed Oct 12 14:01:41 2011
Size: 44.47 MB
FMRI: pkg://solaris/web/php-52@5.2.17, 5.11-0.175.0.0.0.1.530:20111012T140141Z Note: pkg info
command displays information about packages in a human-readable form.
Multiple FMRI patterns may be specified; with no patterns, display information on all installed
packages in the image.
With -l, use the data available from locally installed packages.
This is the default.
With -r, retrieve the data from the repositories of the image's configured publishers. Note that you
must specify one or more package patterns in this case.
NO.173 User jack makes use of the bash shell; his home directory is/export/home/jack.
92
IT Certification Guaranteed, The Easy Way!
What is the correct setting of umask, and where should it be set, to allow jack to create a shell script
using the vi editor, that is executable by default?
A. It is not possible to make a script executable without using the chmod command.
B. umask value of 0002 set in /etc/profile
C. umask value of 0002 set in /export/home/jack/.bashrc
D. umask value of 0722 set in /etc/profile
E. umask value of 0722 set In /export/home/jack/.bashrc
Answer: B
Explanation:
The user file-creation mode mask (umask) is use to determine the file permission for newly created
files. It can be used to control the default file permission for new files. It is a four- digit octal number.
You can setup umask in /etc/bashrc or /etc/profile file for all users. By default most Unix distro set it
to 0022 (022) or 0002 (002).
1. The default umask 002 used for normal user. With this mask default directory permissions are 775
and default file permissions are 664.
2 . The default umask for the root user is 022 result into default directory permissions are
7 55 and default file permissions are 644.
3 . For directories, the base permissions are (rwxrwxrwx) 0777 and for files they are 0666 (rw-rw-rw).
In short,
1. A umask of 022 allows only you to write data, but anyone can read data.
2. A umask of 077 is good for a completely private system. No other user can read or write your data
if umask is set to 077.
3 . A umask of 002 is good when you share data with other users in the same group.
Members of your group can create and modify data files; those outside your group can read data file,
but cannot modify it. Set your umask to 007 to completely exclude users who are not group
members.
NO.174 When you issue the "gzip: zommand not found" message is displayed. You need to install
the gzip utility on your system.
Which command would you use to check if the gzip utility is available from the default publisher for
installation?
A. pkg info|grep gzip
B. pkg list SUNWgzip
C. pkg contents gzip
D. pkg search gzip
Answer: D
Explanation:
Searching for Packages
Use the pkg search command to search for packages whose data matches the specified pattern.
Like the pkg contents command, the pkg search command examines the contents of packages. While
the pkg contents command returns the contents, the pkg search command returns the names of
packages that match the query.
pkg search
search [-HIaflpr] [-o attribute ...] [-s repo_uri] query
Search for matches to the query, and display the results.
93
IT Certification Guaranteed, The Easy Way!
Which tokens are indexed are action-dependent, but may include content hashes and pathnames.
Note: pkg is the retrieval client for the image packaging system. With a valid configuration, pkg can
be invoked to create locations for packages to be installed, called 'images', and install packages into
those images. Packages are published by publishers, who may make their packages available at one
or more repositories. pkg, then, retrieves packages from a publisher's repository and installs them
into an image.
NO.175 View the Exhibit and review the zpool and ZFS configuration information from your system.
Identify the correct procedure for breaking the /prod_data mirror, removing c4t0d0 and c4t2d0, and
making the data on c4t0d0and c4t2d0 accessible under the dev_data mount point.
A. zpool split pool1 pool2 c4t0d0 c4t2d0zpool import pool2zfs set mountpoint = /dev_data
pool2/prod_data
B. zpool detach pool1 pool2zpool attach pool2zfs set mountpoint=/dev_data pool2/prod_data
C. zpool split pool1/prod_data -n pool2/dev_datazfs set mountpoint = /dev_data pool2/prod_data
D. zpool split pool1 pool2 c4t0d0 c4t2d0zpool import pool2
Answer: D
Explanation:
In this Solaris release, you can use the zpool split command to split a mirrored storage pool, which
detaches a disk or disks in the original mirrored pool to create another identical pool.
94
IT Certification Guaranteed, The Easy Way!
After the split operation, import the new pool.
NO.176 You have been tasked with creating a dedicated virtual network between two local zones
within a single system. In order to isolate the network traffic from other zones on that system.
To accomplish this, you will create__________.
A. An ether stub
B. A virtual router
C. A virtual switch
D. A virtual bridge.
E. A virtual network interface
F. Nothing because a virtual switch is automatically created then the virtual network interfaces are
created.
Answer: A
Explanation:
Etherstubs are pseudo ethernet NICs which are managed by the system administrator. You can create
VNICs over etherstubs instead of over physical links. VNICs over an etherstub become independent of
the physical NICs in the system. With etherstubs, you can construct a private virtual network that is
isolated both from the other virtual networks in the system and from the external network. For
example, you want to create a network environment whose access is limited only to your company
developers than to the network at large. Etherstubs can be used to create such an environment.
Note: Oracle Solaris 11 introduces a new and powerful network stack architecture which includes:
* Networking virtualization with virtual network interface cards (VNICs) and virtual switching
(etherstubs)
* Tight integration with zones
* Network resource management - efficient and easy to manage integrated quality of service (QoS) to
enforce bandwidth limit on VNICs and traffic flows
NO.177 You need to configure an ISCSI target device on your x86 based Oracle Solaris II system.
While configuring the iSCSI device, the following error is displayed:
bash: stmfadm: command not found
Which option describes the solution to the problem?
A. The COMSTAR feature is not supported on the x86 platform. The feature is supported only on the
SPARC platform.
B. Use the iscsitadm command on the x86 platform when configuring an iSCSI target.
C. Install the storage-server group package on this system.
D. Start the iSCSI target daemon on this system.
Answer: C
Explanation:
STMF - Manages transactions, such as context and resources for Small Computer System Interface
(SCSI) command execution, and tracking logical unit and port providers. STMF also handles logical
unit mappings, allocating memory, recovering failed operations, enumeration, and other necessary
functions of an I/O stack.
STMF is controlled by stmfadm, and stmfadm is the majority of the commands you will be using to
administer COMSTAR (COmmon Multiprotocl Scsi TARget).
Install the packages you need for COMSTAR with iSCSI and reboot:
95
IT Certification Guaranteed, The Easy Way!
# pfexec pkg install storage-server
# pfexec pkg install SUNWiscsit
# shutdown -y -i6 -g0
Note: You can set up and configure a COMSTAR Internet SCSI (iSCSI) target and make it available over
the network. The iSCSI features can work over a normal Internet connection (such as Ethernet) using
the standard iSCSI protocol. The iSCSI protocol also provides naming and discovery services,
authentication services using CHAP and RADIUS, and centralized management through iSNS.
The COMSTAR target mode framework runs as the stmf service. By default, the service is disabled.
You must enable the service to use COMSTAR functionality. You can identify the service with the svcs
command. If you have not rebooted the server since installing the group/feature/storage-server
package, the service might not be enabled correctly.
NO.178 You want the system to generate an email notification each time one of the services has
changed its state. Which option would send an email message to the system administrator whenever
a service changes to the maintenance state?
A. Use the setsc command in ALOM to enable the mail alerts to be sent to a specified email address
whenever the fault management facility detects a service change to the maintenance state.
B. Make an entry in the /etc/syslog.conf file to instruct syslogd to send an email alert when it
receives a message from the SMF facility that a service has changed to the maintenance state.
C. Use the svccfg setnotify command to create a notification and send an email when a service enters
the maintenance state.
D. Use the scvadm command to enable the notification service. Set the -g maintenance option on the
netnotify service to send an email when a service enters the maintenance state.
Answer: C
Explanation:
This procedure causes the system to generate an email notification each time one of the services or a
selected service has a change in state. You can choose to use either SMTP or SNMP. Normally, you
would only select SNMP if you already have SNMP configured for some other reason.
By default, SNMP traps are sent on maintenance transitions. If you use SNMP for monitoring, you can
configure additional traps for other state transitions.
1. Become an administrator or assume a role that includes the Service Management rights profile.
2. Set notification parameters.
Example:
The following command creates a notification that sends email when transactions go into the
maintenance state
# /usr/sbin/svccfg setnotify -g maintenance mailto:sysadmins@example.com
NO.179 You wish to troubleshoot some issues that you are having on the system. You want to
monitor the /var/adm/messages file in real time. Which command would you use to do this?
A. head
B. tail
C. cat
D. file
E. test
Answer: B
96
IT Certification Guaranteed, The Easy Way!
Explanation:
tail is a program on Unix and Unix-like systems used to display the last few lines of a text file or piped
data.
By default, tail will print the last 10 lines of its input to the standard output. With command line
options the number of lines printed and the printing units (lines, blocks or bytes) may be changed.
The following example shows the last 20 lines of filename:
tail -n 20 filename
NO.180 You are logged in as root to a newly installed Solaris 11 system. You issue the command
useradd -d, and then examine the /usr/sadm/defadduser file. This file includes the entry
defshell=/bin/sh. Which shell will now be the default for the next account created?
A. bash shell
B. C shell
C. korn shod
D. bourne shell
Answer: A
Explanation:
Oracle Solaris 11 introduces user environment and command-line argument changes that include the
following:
* Shell changes - The default shell, /bin/sh, is now linked to ksh93. The default user shell is the
Bourne-again (bash) shell.
* The legacy Bourne shell is available as /usr/sunos/bin/sh.
* The legacy ksh88 is available as /usr/sunos/bin/ksh from the shell/ksh88 package.
* Korn shell compatibility information is available in /usr/share/doc/ksh/COMPATIBILITY.
NO.181 The /usr/bin/p7zip file that is part of the p7zip package has been overwritten. This server is
critical to production and cannot be rebooted. Identify the command that would restore the file
without requiring a reboot.
A. pkg verify p7zip
B. pkg fix p7sip
C. pkg rebuild-index p7zip
D. pkg revert p7zip
E. pkg uninstsll p7zip
F. pkg install p7zip
G. pkg install --no-backup-be p7sip
H. pkg refresh p7zip
Answer: D
Explanation:
Use the pkg revert command to restore files to their as-delivered condition.
NO.182 You need to install the gzip software package on your system. Which command would you
use to find the software package in the configured repository?
A. pkg search gzip
B. pkg info gzip
97
IT Certification Guaranteed, The Easy Way!
C. pkg contents gzip
D. pkginfo gzip
E. yum list gzip
Answer: A
Explanation:
Use the pkg search command to search for packages whose data matches the specified pattern.
Like the pkg contents command, the pkg search command examines the contents of packages. While
the pkg contents command returns the contents, the pkg search command returns the names of
packages that match the query.
NO.183 Your SPARC server will not boot into multi user-server milestones and you need to
troubleshoot to out why. You need to start the server with minimal services running so that you can
go through each milestone manually to troubleshoot the issue.
Select the option that boots the server with the fewest services running.
A. boot -s
B. boot milestone none
C. boot -m milestone=single-user
D. boot -m milestone=none
E. boot -m none
Answer: D
Explanation:
The command boot -m milestone=none is useful in repairing a system that have problems booting
early.
Boot Troubleshooting:
To step through the SMF portion of the boot process, start with:
boot -m milestone=none
Then step through the milestones for the different boot levels:
svcadm milestone svc:/milestone/single-user:default
svcadm milestone svc:/milestone/multi-user:default
svcadm milestone svc:/milestone/multi-user-server:default
NO.184 You are setting up an automated installer (AI) install server and issue the following
command:
installadm create-service -n prod_ai -s /repo/prod_ai.iso \
-i 192.168.1.100 -c 5 -d /export/repo
Which four options describe the install server that you have configured?
A. The service name is prod_ai.
B. DHCP base IP address is 192.168.1.100
C. The initial IP address for the install clients will be 192.168.1.100. This IP address is temporary.
After the client is booted, it will use IP addresses in the following range:
192.168.1.101-105.
D. Five IP addresses are allocated for DHCP clients, starting with 192.168.1.100.
E. The Install server will support up to five clients.
F. The AI net image ISO file is located in /repo/prod and the net image ISO will be unpacked in
98
IT Certification Guaranteed, The Easy Way!
/export/repo.
G. The AI net image ISO file is located in /repo/repo and is named /repo/prod/_ai.iso.
Answer: A,B,D,F
Explanation:
A: -n <svcname>
Uses this install service name instead of default service name.
B: -i <dhcp_ip_start>
Sets up a new DHCP server. The IP addresses, starting from dhcp_address_start, are set up.
D: -c <count_of_ipaddr>
Sets up a total number of IP addresses in the DHCP table equal to the value of the count_of_ipaddr.
The first IP address is the value of dhcp_ip_start that is provided by the -i option.
F: -s <srcimage>
Specifies location of AI ISO image to use for setting up the install service.
< targetdir>
Required: Specifies location to set up net image.
NO.185 Identify the Automated Installer's (AI) equivalent to jumpStart's finish scripts and sysidcfg
files.
A. Manifest files
B. SMF system configuration profile files
C. Installadm create - client
D. IPS software package repository
E. installadm create-service
F. svccfg - s application/pkg/server setprop sysidcfg
Answer: B
Explanation:
Comparing sysidcfg File Keywords to System Configuration Profile Directives The following table
compares sysidcfg file keywords with example AI system configuration profile specifications.
sysidcfg File Keyword
System Configuration Profile Directives
Etc.
NO.186 Examine this command and its output:
# zoneadm list
Global
zone2
Which two outcomes can be deduced from this output?
A. There is exactly one nonglobal zone installed.
B. There is one nonglobal zone running.
C. There is at least one oneglobal zone configured.
D. There is one nonglobal zone that is not configured.
E. There is one nonglobal zone that is not running.
F. The is one nonglobal zone that is not installed.
G. There is exactly one nonglobal zone configured.
99
IT Certification Guaranteed, The Easy Way!
Answer: B,C
NO.187 Your server has a ZFS storage pool that is configured as follows:
The following partition scheme is used for every disk drive in pool1:
Which two are true regarding the ZFS storage pool?
A. The data on c3t3d0 is duplicated on c3t4do.
B. The data is striped across disks c3t3d0 and c3t4do and mirrored across vdevs mirror-0 and mirror1.
C. The storage pool is 146 GB total size (rounded to the nearest GB).
D. The storage pool is 584 G8 total size (rounded to the nearest GB).
E. The storage pool is 292 GB total size (rounded to the nearest GB).
Answer: A,E
NO.188 The following information is displayed for the svc:/network/ssh service:
100
IT Certification Guaranteed, The Easy Way!
Which describes the minimum set of commands to be executed to bring the svc:
/network/ssh: default service back online?
A. Option A
B. Option B
C. Option C
D. Option D
E. Option E
F. Option F
G. Option G
Answer: C
101
IT Certification Guaranteed, The Easy Way!
NO.189 Review the zonestat command:
zonestate - q physical - memory -R high -z -p -p "zones" 10 24h 60m
Select the option that correctly describes the information that is displayed by this command.
A. It is a sample of dbzone's physical memory usage taken every hour over a 24-hour period.Only the
top 10 samplings of peak memory usage are displayed. All other utilization data is eliminated.
B. It is a sample of dbzone's CPU, virtual memory, and networking utilization.Physical memory is
executed from the report.The sampling is taken every 10 minutes over a 24- hour period and peak
utilization id displayed each hour.
C. It is a sample of dbzone's CPU, virtual memory, and networking utilization.Physical memory is
executed from the report.The sampling is taken every 10 minutes over a 24- hour period and
displayed each hour.
D. It is a sample of dbzone's physical memory usage taken every 10 seconds and 24-hour period.Only
peak virtual memory usage and CPU utilization are displayed each hour.All other Utilization data is
eliminated.
E. It is a sample of dbzone's physical memory usage taken every 10 seconds and 24-hour period.Only
peak memory usage is displayed each hour.All other utilization data is eliminated.
Answer: D
Explanation:
* (Not A, B, C): interval (here 10 seconds): Specifies the length in seconds to pause between each
interval report.
* duration (here 24 h)
* -R report[, report] (here high)
Print a summary report.
High Print a summary report detailing the highest usage of each resource and zone during any
interval of the zonestat utility invocation.
Note: The zonestat utility reports on the cpu, memory, and resource control utilization of the
currently running zones. Each zone's utilization is reported both as a percentage of system resources
and the zone's configured limits.
The zonestat utility prints a series of interval reports at the specified interval. It optionally also prints
one or more summary reports at a specified interval.
The default output is a summary of cpu, physical, and virtual memory utilization. The -r option can be
used to choose detailed output for specific resources.
NO.190 You are the administrator for a group of shell script developers. They use vi, and have asked
you to make their scripts automatically executable when they save their files.
How can this be accomplished?
A. Enter set -o vi on the command line, or include it in each user's startup script.
B. Enter umask -s on the command line, or include it in each user's startup script.
C. Enter umask 000 on the command line, or include it in each user's startup script.
D. Enter umask 777 on the command line, or include it in each user's startup script.
E. It is not possible to automatically set the execute bit on with the umask setting, or vi option.
F. Enter umask 766 the command line, or include it in the global startup script for the default shell.
Answer: E
Explanation:
102
IT Certification Guaranteed, The Easy Way!
Unlike DOS, which uses the file extension to determine if a file is executable or not, UNIX relies on file
permissions.
The value assigned by umask is subtracted from the default.
User's file creation mask. umask sets an environment variable which automatically sets file
permissions on newly created files. i.e. it will set the shell process's file creation mask to mode.
umask 000 would grant full permissions.
Note: 777 full permissions
NO.191 Which files must be edited in order to set up logging of all failed login attempts?
A. /etc/default/login, /var/adm/loginlog, /etc/syslog.conf
B. /etc/default/login, /var/adm/authlog, /etc/syslog.conf
C. /var/adm/loginlog, /var/adm/authlog, /etc/syslog.conf
D. /etc/default/login, /var/adm/authlog, /var/adm/loginlog
Answer: B
Explanation:
This procedure captures in a syslog file all failed login attempts.
1. Set up the /etc/default/login file with the desired values for SYSLOG and SYSLOG_FAILED_LOGINS
Edit the /etc/default/login file to change the entry. Make sure that SYSLOG=YES is uncommented.
2. Create a file with the correct permissions to hold the logging information.
Create the authlog file in the /var/adm directory.
3. Edit the syslog.conf file to log failed password attempts.
Send the failures to the authlog file.
NO.192 You display the IP interface information with ipmpstat -i.
Which two characteristics are indicated by characters that may be included in the FLAGS column?
A. default route
B. IP forwarding enabled IS
C. allocated to global zone
D. unusable due to being inactive
E. nominated to send/receive IPv4 multicast for its IPMP group
Answer: D,E
Explanation:
FLAGS
Indicates the status of each underlying interface, which can be one or any combination of the
following:
(D) d indicates that the interface is down and therefore unusable.
(E) M indicates that the interface is designated by the system to send and receive IPv6 multicast
traffic for the IPMP group.
Note:
i indicates that the INACTIVE flag is set for the interface. Therefore, the interface is not used to send
or receive data traffic.
s indicates that the interface is configured to be a standby interface.
m indicates that the interface is designated by the system to send and receive IPv4 multicast traffic
for the IPMP group.
b indicates that the interface is designated by the system to receive broadcast traffic for the IPMP
103
IT Certification Guaranteed, The Easy Way!
group.
h indicates that the interface shares a duplicate physical hardware address with another interface
and has been taken offline. The h flag indicates that the interface is unusable.
NO.193 Identify three differences between the shutdown and init commands.
A. Only shutdown broadcasts a final shutdown warning to all logged-in users.
B. init does not terminate all services normally. The shutdown command performs a cleaner
shutdown of all services.
C. The shutdown command can only bring the system to the single-user milestone. The init command
must be used to shut the system down to run level 0.
D. Only shutdown sends a shutdown message to any systems that are mounting resources from the
system that is being shut down.
E. The shutdown command will shut the system down and turn off power; init will only shut the
system down.
Answer: A,B,E
NO.194 You have connected a new printer at a fixed IP address.
It appears to work correctly most of the time, but at other times does not respond.
You suspect that the assigned address may not be unique within the network.
What command will be useful to confirm this?
A. arp
B. netstat
C. ipadm show-if
D. dladm show-addr
E. ipadm show-addr
Answer: E
Explanation:
'ipadm show-addr' displays all the configured addresses on the system.
Example:
# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
lo0/v6 static ok ::1/128
NO.195 Which three options accurately describe Oracle Solaris 11 zones?
A. can be NFS servers
B. are whole root type only
C. cannot have their own time zone setting
D. can execute zfs and zpool commands (from a non-global zone)
E. are virtualized operating system environments, each with its own dedicated OS and kernel
F. are virtualized operating system environments, created with a single instance of the OS shared
kernel
Answer: A,D,F
Explanation:
104
IT Certification Guaranteed, The Easy Way!
A: Zones can use Oracle Solaris 11 products and features such as the following:
Oracle Solaris ZFS encryption
Network virtualization and QoS
CIFS and NFS
C: Non-global zones cannot modify the system clock by default, but each zone can have a separate
time zone setting.
F (not E): The Oracle Solaris Zones partitioning technology is used to virtualize operating system
services and provide an isolated and secure environment for running applications.
A zone is a virtualized operating system environment created within a single instance of the Oracle
Solaris operating system.
NO.196 Oracle Solaris 11 limits access to the system with usernames and passwords.
The usernames are held in ___________, and the passwords are held in ___________.
Select the correct pair.
A. /etc/security/policy.conf /etc/passwd
B. /etc/passwd /etc/shadow
C. /etc/security /etc/passwd
D. /etc/shadow /etc/passwd
Answer: B
Explanation:
The /etc/passwd file contains basic user attributes. This is an ASCII file that contains an entry for each
user. Each entry defines the basic attributes applied to a user.
/etc/shadow file stores actual password in encrypted format for user's account with additional
properties related to user password i.e. it stores secure user account information.
All fields are separated by a colon (:) symbol. It contains one entry per line for each user listed in
/etc/passwd file.
NO.197 Choose three options that describe the features associated with a Live Media installation.
A. does not allow the root user to log in to the system directly from the console (or any terminal)
B. provides a "hands free" installation
C. installs the desktop based packages
D. can be used to install only x86 platforms
E. installs the server-based set of packages only
F. allows both automatic and manual configuration of the network
G. installs both the server-based and desktop-based package
Answer: B,C,D
Explanation:
The graphical installer is officially known as the "Live Media." This means that Oracle Solaris can be
booted into RAM, causing zero impact on your existing operating system.
After it is loaded, you are free to experiment with Oracle Solaris to determine whether it is something
you would like to install to your system.
You can download Oracle Solaris 11 Live Media for x86, which is an approximately 800 MB image file,
and use a DVD burner to create the disk, or you can use the ISO image directly in a virtual machine or
through the Oracle Integrated Lights Out Manager (ILOM) Remote Console.
The Live Media is not intended for long-term use. For example, any changes that you make to the
105
IT Certification Guaranteed, The Easy Way!
system are lost when the system is shut down. Therefore, the next logical step is to install Oracle
Solaris on the system, which the Live Media makes easy by placing an Install Oracle Solaris icon right
on the desktop. But before we head down that road, let's step back a bit and consider the installation
options.
Note: The Live Media provides administrators with an opportunity to explore the Oracle Solaris 11
environment without installing it on a system. The system boots off the media directly allowing
administrators to start the installer should they choose to install it to a system.
NO.198 This iron is displayed on the desktop of a laptop computer, which is running Oracle Solaris
11.
Which two statements describe the Information conveyed by this Icon?
A. NWAM is disabled.
B. NWAM is automatically configuring the network.
C. The wireless network card is manually configured and operational.
D. The wireless network card is manually configured but not operational.
E. The wireless network card is automatically configured and operational.
F. The wireless network card is automatically configured but not operational.
Answer: B,C
Explanation:
B: The Network Status notification icon is only displayed on the desktop if you are using NWAM to
automatically configure your network.
C: All online (Wireless)
Indicates all manually enabled connections in the enabled network profile are online and that the
required number of connections in the enabled profile group (if such a group exists) are online. The
required number is the same as those described for the All online (Wired) status.
Note that at least one online connection is wireless.
NO.199 You have a user that needs to use the cron tool to schedule some repetitive tasks. When the
user enters the crontab -e command in a terminal window, the following error appears:
crontab: you are not authorized to use cron. Sorry
In order to troubleshoot this issue, in what directory would you start your invest
A. /etc/cron.d
B. /var/spool/cron
C. /var/spool/cron/crontable
D. /var/spool/cron/atjobs
106
IT Certification Guaranteed, The Easy Way!
Answer: A
Explanation:
crontab: you are not authorized to use cron. Sorry.
This message means that either the user is not listed in the cron.allow file (if the file exists), or the
user is listed in the cron.deny file.
You can control access to the crontab command by using two files in the /etc/cron.d directory:
cron.deny and cron.allow. These files permit only specified users to perform crontab command tasks
such as creating, editing, displaying, or removing their own crontab files.
The cron.deny and cron.allow files consist of a list of user names, one user name per line.
NO.200 You have already generated a 256-bit AES raw key and named the keystore file /mykey.
You need to use the key to create an encrypted file system.
Which command should you use to create a ZFS encrypted file system named pool1/encrypt using
the /mykey keystore?
A. zfs create - o encryption = /mykey pool1/encrypt
B. zfs create - o encryption = 256-ccm - o keysource = raw, file : ///my key pool1/encrypt
C. zfs create - o encryption = AES keysource = /mykey pool1/encrypt
D. zfs create - o encryption = on keystore = /mykey pool1/encrypt
Answer: B
Explanation:
Example: Encrypting a ZFS File System by Using a Raw Key
In the following example, an aes-256-ccm encryption key is generated by using the pktool command
and is written to a file, /cindykey.file.
# pktool genkey keystore=file outkey=/cindykey.file keytype=aes keylen=256 Then, the /cindykey.file
is specified when the tank/home/cindy file system is created.
# zfs create -o encryption=aes-256-ccm -o keysource=raw, file:///cindykey.file tank/home/cindys
NO.201 The interface net3 should be operating, but is not.
Command:
Which command should you enter next?
A. ipadm create-ip
B. ipadm enable-if
C. ipadm show-if
D. ipadm up-addr
Answer: B
Explanation:
Enable-if -t interface
Enables the given interface by reading the configuration from the persistent store. All the persistent
interface properties, if any, are applied and all the persistent addresses, if any, on the given interface
will be enabled.
-t, --temporary
Specifies that the enable is temporary and changes apply only to the active configuration.
107
IT Certification Guaranteed, The Easy Way!
NO.202 You are installing Oracle Solaris 11 on a SPARC-based system by using the Test Installer.
Which three statements are true?
A. The ROOT user will always be configured as a role.
B. The root filesystem will always be deployed on ZFS.
C. The root filesystem will always be located on a local disk.
D. The network can be configured using DHCP.
E. The set of packages that will be installed are server based.
F. You must always create one regular user when installing the system.
Answer: B,D,E
NO.203 You want to configure an iSCSI target device on your system.
Select the group package required to install this functionality on your system.
A. storage-server
B. solaris-small-server
C. storage-avs
D. storage-nas
Answer: A
Explanation:
How to Create an iSCSI LUN
The disk volume provided by the server is referred to as the target. When the LUN is associated with
an iSCSI target, it can be accessed by an iSCSI initiator.
The following tasks are completed on the system that is providing the storage device.
1. Install the COMSTAR storage server software.
target# pkg install storage-server
Etc.
NO.204 After installing the OS, you boot the system and notice that the syslogd daemon is not
accepting messages from remote systems.
Which two options should you select to modify the syslogd daemon configuration so that it accepts
messages from remote systems?
A. svccfg -s svc:/system/system -log setprop start/exec= "syslogd -t"Restart the syslogd daemon.
B. Set the following parameter in the /etc/syslogd.conf file: LOG_FROM_REMOTE= YESRestart the
syslogd daemon.
C. svcadm enable svc:/system/system -log/config/log_from_remoteRestart the syslogd daemon.
D. svccfg -s svc:/system/system-log setprop config/log_from_remote=trueRestart the syslogd
daemon.
E. Set the following parameter in the /etc/default/syslogd file:
LOG_FROM_REMOTE=YESRestart the syslogd daemon.
Answer: B,D
Explanation:
B: The /etc/default/syslogd file contains the following default parameter settings. See FILES.
LOG_FROM_REMOTE
Specifies whether remote messages are logged. LOG_FROM_REMOTE=NO is equivalent to the -t
command-line option. The default value for LOG_FROM_REMOTE is YES.
108
IT Certification Guaranteed, The Easy Way!
NO.205 ServerA contains two ISO images of a package repository named so1.repo.iso-a and
so1.repo.iso-b respectively. You need to create a single local package repository on server that clients
can connect to. The package repository will be stored on the /export/IPS file system and named repo.
The preferred publisher will be named solaris and the publisher URL will be
http://serverA.example.com.
Which is the correct procedure to perform on ServerA to create the local Package repository?
A. cat so1.repo.iso-a sol.repo.iso-b > so1.full.isoMount the ISO image and use the rsync command to
extract the contents of the ISO file to the /export/IPS file system.Set the pkg/inst_root property to
/export/IPS/repo and the pkg/readonly property to true.Set the preferred publisher by using pkg setpublisher -Ghttp://pkg.oracle.com/solaris/release/ \-g
http"//serverA.example.com/ solaris
B. cat so1.repo.iso-a so1.repo.iso-b > /export/IPS/repoSet the pkg/inst_root property to true and the
pkg/readonly property to /export/IPSSet the preferred publisher by using pkg set-publisher -G
http://serverA.example.com/ \-g
http://pkg/oracle.com/solaris/rekease/solaris
C. cat so1.repo.iso-a so1.repo.iso-b > so1.full.isoMount the ISO image and use the rsync command to
extract the contents of the ISO file to /export/IPS/repoSet the pkg/inst_root property to
/export/IPS/repo and the pkg/readonly property to trueSet the preferred publisher by using pkg setpublisher solaris \-g http://pkg.oracle.com/
D. cat so1.repo, iso-a so1.repo.iso-b > /export/IPS/repo.isoMount the ISO image and copy the repo
directory from the ISO image to /export/IPS/reposet the pkg/inst_root property and the
pkg/readonly property to /export/IPS/reposet the preferred pkg/inst_root property by using pkg setpublisher - G http://serverA.example.com/ \- g
http://pkg.oracle.com/solaris.com/release/- p solaris
Answer: A
NO.206 A user jack, using a korn shell, requests a directory listing as follows:
jack@solaris:/export/home/jack $ 1s
File filea Filea fileb Fileb filec Filec
Which two statements are correct?
A. The pattern [?i]*a will expand to filea Filea.
B. The pattern [fF]*a? will expand to [fF] *a?.
C. The pattern [gfe] * will expand to file filea fileb filec.
D. The pattern [g-e] * will expand to file filea fileb filec.
E. The pattern [fF] [a-zA-z] i*e will expand to file.
Answer: A,C
Explanation:
A: starting with one single character, second character must be letter i, any characters, ending with
letter a.
C: starting with letter e, f, or g, followed by anything.
NO.207 Server A, Server B, and Server C are connected to the same network switch and are on the
sari Each server has a single network interface, net0.
You received a tech support call that Server B has lost network connectivity. Your troubleshooting has
109
IT Certification Guaranteed, The Easy Way!
discovered:
Server A can ping Server C, but not Server B.
Server B can ping localhost, but not Server A or C.
Server C can ping Server A, but not Server B.
On Server F3, you enter the following command:
dladm show-phys | grep net0
Response:
net0/v4 Ethernet down 0 unknown el00gl
What is the next logical troubleshooting action?
A. Run arp -a on all servers.
B. Confirm that the router is working.
C. Confirm that the power light of the network switch is on.
D. Confirm that the physical network connections are intact.
E. On Server A and C, run tranceroute -n server.
F. On Server B, run tranceroute -n servera and tranceroute -n serverc.
Answer: D
Explanation:
Check the physical connection.
NO.208 You have installed software updates to a new boot environment (BE) and have activated
that the booting to the new BE, you notice system errors. You want to boot to the last known good
configuration.
Which option would you use on a SPARC system to boot to the currentBE boot environment?
A. boot -L currentBE
B. boot -Z rpool/ROOT/currentBE
C. boot -a Enter the currentBE dataset name when prompted.
D. boot rpool/ROOT/currentBE
E. boot -m currentBE
F. beadm activate currentBE
Answer: F
Explanation:
You can change an inactive boot environment into an active boot environment. Only one boot
environment can be active at a time. The newly activated boot environment becomes the default
environment upon reboot.
How to Activate an Existing Boot Environment
1. Use the following command to activate an existing, inactive boot environment:
beadm activate beName
beName is a variable for the name of the boot environment to be activated.
Note the following specifications.
beadm activate beName activates a boot environment by setting the bootable pool property, bootfs,
to the value of the ROOT dataset of the boot environment that is being activated.
beadm activate sets the newly activated boot environment as the default in the menu.lst file.
2. Reboot.
The newly activated boot environment is now the default on the x86 GRUB menu or SPARC boot
menu.
110
IT Certification Guaranteed, The Easy Way!
NO.209 In a default standalone installation of Oracle Solaris 11, what is the default minimum length
in characters of a user password, and where is the minimum password length defined?
A. Default minimum length is 8, and is defined in /etc/default/password.
B. Default minimum length is 6, and is defined in /etc/default/password.
C. Default minimum length is 8, and is defined in /etc/shadow.
D. Default minimum length is 6, and is defined in /etc/shadow.
E. Default minimum length is 8, and is defined in /usr/sadm/defadduser.
F. Default minimum length is 6, and is defined in /usr/sadm/defadduser.
Answer: B
Explanation:
By default, the passwd command assumes a minimum length of six characters. You can use the
PASSLENGTH default in the /etc/defaults/passwd files to change that by setting the minimum
number of characters that a user's password must contain to some other number.
NO.210 Which modification needs to be made to the Service Management Facility before you
publish a new package to the IPS repository?
A. The pkg.depotd must be disabled.
B. The pkg/readonly property for the application/pkg/server service must be set to false.
C. The Pkg/writabie_root property for the application/Pkg/server service must be set to true.
D. The pkg/image.root property for the application/pkg/server service must be set to the location of
the repository.
Answer: D
Explanation:
pkg/image_root
(astring) The path to the image whose file information will be used as a cache for file data.
NO.211 You want to install the openldap software package to a now boot environment for testing
before introducing the now software package to the production environment. What option describes
the correct procedure to:
1) create a new BE named nowBE
2) install the software to that new BE only
A. pkg install --newBE openldap
B. pkg install --be-nama newBE openldap
C. beadm create newBEbeadm mount newBE /mntpkg -R /mnt update openldap
D. beadm create newBEbeadm activate newBEpkg install openldap
Answer: D
Explanation:
If you want to create a backup of an existing boot environment, for example, prior to modifying the
original boot environment, you can use the beadm command to create and mount a new boot
environment that is a clone of your active boot environment. This clone is listed as an alternate boot
environment in the GRUB menu for x86 systems or in the boot menu for SPARC systems.
When you clone a boot environment by using the beadm create command, all supported zones in
that boot environment are copied into the new boot environment.
111
IT Certification Guaranteed, The Easy Way!
How to Create a Boot Environment
1 . Become the root role.
2 . Create the boot environment.
# beadm create BeName
BeName is a variable for the name of the new boot environment. This new boot environment is
inactive.
3 . (Optional) Use the beadm mount command to mount the new boot environment.
# beadm mount BeName mount-point
Note: If the directory for the mount point does not exist, the beadm utility creates the directory, then
mounts the boot environment on that directory.
If the boot environment is already mounted, the beadm mount command fails and does not remount
the boot environment at the newly specified location.
4 . (Optional) Activate the boot environment.
# beadm activate BeName
BeName is a variable for the name of the boot environment to be activated.
On reboot, the newly active boot environment is displayed as the default selection in the x86 GRUB
menu or the SPARC boot menu.
NO.212 Review the storage pool information:
Which statement describes the status of this storage pool?
A. It is a RAIDZ storage pool and can withstand a single disk failure; data will be striped at:
disk components.
B. It is a double-parity RAIDZ storage pool and can withstand two disk failures; data will be striped
across four disk components.
C. It is an improperly configured RAIDZ storage pool; data will be striped across four disk
components, but only three drives are protected with redundancy.
D. It is an improperly configured RAIDZ storage pool; data will be striped across three disk
components, but only three drives are protected with redundancy.
Answer: D
Explanation:
Device c3t6d0 is not included in the RAIDZ storage pool. The other three devices are included in the
raidz pool. The data on these devices are protected.
Note: In addition to a mirrored storage pool configuration, ZFS provides a RAID-Z configuration with
either single, double, or triple parity fault tolerance. Single-parity RAID-Z (raidz or raidz1) is similar to
RAID-5. Double-parity RAID-Z (raidz2) is similar to RAID-6.
112
IT Certification Guaranteed, The Easy Way!
NO.213 Your system is assigned an IP address object 192.168.0.222/24. However, the net mask expressed as four octets - is required. Which is the correct netmask?
A. 255.0.0.0
B. 255.255.0.0
C. 255.255.255.0
D. 255.255.255.24
E. 255.255.255.255
Answer: C
Explanation:
A 24-bit network mask is expressed as 255.255.255.0.
NO.214 The following information is displayed about the compress/zjp software package, which Is
currently installed on this system:
NAME (PUBLISHER)VERSIONIFO
Compress/zip3.1.2-0.175.0.0.0.0.537ifNAMEVERSIONDATECOMMENT
Compress/zip3.109 Dec 2011 04:50:38 ESTNone
Which statement describes the information that is displayed tor the compress/zip software package?
A. This package cannot be removed.
B. This package can be updated to a new version when the new version of the package becomes
available.
C. This package cannot be updated.
D. This package can be updated to version 3.1.3 but not 3.2.
E. This package cannot be downgraded to version 3.1.1.
Answer: B
Explanation:
An "f" in the F column indicates the package is frozen. If a package is frozen, you can only install or
update to packages that match the frozen version.
Note: The "i" in the I column indicates that these packages are installed in this image.
Adding and Updating Oracle Solaris 11 Software Packages, Showing Package Install State Information
NO.215 Which two statements are true concerning the creation of user accounts by using the
useradd command?
A. By default, it will create the user's home directory.
B. New user accounts are unlocked but must change their password at their first login.
C. New user accounts are in a pending activation state until a password is assigned to them.
D. By default, a new group will be added for each new user account.
E. By default, the UID of a new user account will be the next available number above the highest
number currently assigned.
F. By default, the UID of a new user account with be the lowest available unused number for
nonsystem accounts.
Answer: C,E
NO.216 Which three statements are true concerning Image Packaging System (IPS) incorporation
113
IT Certification Guaranteed, The Easy Way!
package?
A. Installing an incorporation package does not install any other packages.
B. Every feature or tool has a separate IPS incorporation.
C. They constrain the versions of packages they incorporate.
D. They are a content management tool and not a version management tool.
E. Their dependencies are always of TYPE-REQUIRE.
F. They are defined by their manifest
Answer: A,C,E
NO.217 Which two statements are true when updating Solaris 11 from one Support Respository
Update (SRU) to another SRU by using the pkg update command?
A. By default, the pkg update command automatically creates a backup Boot Environment whenever
the kernel is affected by the update.
B. By default, the pkg update command automatically creates a new Boot Environment whenever
the kernel is affected by the update.
C. The pkg update command can only be used to update to a newer SRU.
D. The pkg update command can be used to update to a newer or older SRU.
E. By default, the pkg update command always updates Solaris 11 to the first SRU that was released
after the Current SRU.
F. The pkg update command can only be performed while running in the single-user milestone.
Answer: B,C
NO.218 The COMSTAR framework provides support for the iSCSI protocol.
Select three options that correctly describe the COMSTAR framework.
A. iSCSI devices can be used as dump devices.
B. SCSI commands are carried over IP networks and enable you to mount disk devices from across
the network onto your local system.
C. Large amounts of data can be transferred over an IP network with very little network degradation.
D. COMSTAR allows you to convert any Solaris11 host into a SCSI target device that can be accessed
over a storage network.
E. One IP port can handle multiple ISCSI target devices.
Answer: B,D,E
Explanation:
B: By carrying SCSI commands over IP networks, the iSCSI protocol enables you to access block
devices from across the network as if they were connected to the local system. COMSTAR provides an
easier way to manage these iSCSI target devices.
D: Common Multiprotocol SCSI TARget, or COMSTAR, a software framework that enables you to
convert any Oracle Solaris 11 host into a SCSI target device that can be accessed over a storage
network by initiator hosts.
E: One IP port can handle multiple iSCSI target devices.
NO.219 Given the following output of the zpool status command:
114
IT Certification Guaranteed, The Easy Way!
Identify the correct statement regarding pool1's configuration.
A. Data written to pool1 will be stripped across four disk components.
B. The rsdz1-0 and c3t640 components are submirrors of pool1.
C. Data will only be stripped across the three disks in rsidz configuration.
D. The configuration is a bug in Solaris 11; it cannot be created by an administrator.
Answer: B
NO.220 To assist in examining and debugging running processes, Solaris 11 has a utility that returns
pro arguments and the names and values of environment variables.
What is the name of this utility?
A. ppgsz
B. pargs
C. pmap
D. pgrep
Answer: B
Explanation:
The pargs utility examines a target process or process core file and prints arguments, environment
variables and values, or the process auxiliary vector.
NO.221 Identify the correctly matching pair of equivalent functionality of JumpStart and Automated
installer (AI).
A. JumpStart: begin script AI: package repository
B. JumpStart: setup_serverAI: installadm create-service
C. JumpStart: add_Install_clientAI: SMF system configuration profile files
D. JumpStart: finish scripts and sysidsfg filesAI: manifest files
Answer: B
Explanation:
JumpStart: Use the setup_install_server(1M) command.
AI: Use the installadm create-service command.
NO.222 Your task is to convert a JumpStart sysidcfg file to an Automated Installer (AI) sc_profile.xml
file, using js2ai.
Select two unsupported items that will require changes.
A. terminal = zterms
B. name_service-NTS+
C. timezone=US/pacific
115
IT Certification Guaranteed, The Easy Way!
D. system_locale=en_US
E. network_interface=PRIMARY
F. root_password=rJmvLUXM10cU
Answer: A,D
Explanation:
A: terminal
The js2ai tool does not perform any translation. Make sure the terminal type speciied in the sysidcfg
ile is supported in Oracle Solaris 11.
D: system_locale
The js2ai tool does not perform any translation. Make sure the locale specified in the sysidcfg ile is
supported in Oracle Solaris 11.
NO.223 You want to delete the IPv4 address on the interface net3. Which command should you
use?
A. ipadm delete-ip net3/v4
B. ipadm down-addr net3/v4
C. ipadm disable-if net3/v4
D. ipadm delete-vni net3/v4
E. ipadm delete-addr net3/v4
F. ipadm deiete-ipv4 ner3/v4
Answer: E
Explanation:
The ipadm delete-addr subcommand removes addresses from interfaces.
To remove an address from the IPMP group, type the following command:
# ipadm delete-addr addrobj
The addrobj uses the naming convention inder-interface/user-string.
NO.224 User brian changes the permissions for db_data this command:
chmod 4755 db_data
What is true?
A. db_data now has permissions rwsr-xr-x and can be deleted only by user brian.
B. db_data now has permissions rwsr-xr-x and, if executed, will inn with the permissions of user
brian.
C. db_data now has permissions rwxr-sr-x and can be deleted only by members of the group owning
it.
D. The permissions for db_data cannot be determined, because the permissions prior to the change
have not been specified.
E. db_data must be an ordinary file, because special permissions cannot be set on a directory.
Answer: C
Explanation:
Use the chmod command to change permissions for a file or directory. You must be the owner of a
file or directory, or have root access, to change its permissions.
Here we do not know if brian owns db_data.
Note:
116
IT Certification Guaranteed, The Easy Way!
Permission
7 full
6 read and write
5 read and execute
4 read only
3 write and execute
2 write only
1 execute only
0 none
0 --- no permission
1 --x execute
2 -w- write
3 -wx write and execute
4 r-- read
5 r-x read and execute
6 rw- read and write
7 rwx read, write and execut
Solaris: Solaris Advanced User's Guide
NO.225 The ZFS configuration on your server is:
Pool1 6.67G31K/pool
Pool1/data31K31K/data
Select the three commands that you would use to 1. Create, 2. List, and 3. Delete a snapshot of the
/data file system.
A. zfs snapshot pool1/data@now
B. zfs create snapshot pool1/data@now
C. zfs list -t snapshot
D. zfs list -t snapshot pool1/data
E. zfs destroy pool1/data@now
F. zfs destroy snapshot pool1/data@now
Answer: A,D,E
Explanation:
A: Snapshots are created by using the zfs snapshot command, which takes as its only argument the
name of the snapshot to create.
D: You can list snapshots as follows:
# zfs list -t snapshot
E: Snapshots are destroyed by using the zfs destroy command. For example:
# zfs destroy tank/home/ahrens@now
NO.226 Select two statements that correctly describe the capabilities of the Distribution
Constructor.
A. ISO images for use with the Automated Installer (AI) can be created.
B. Bootable USB images can be created for SPARC and x86 architectures.
C. A single installation server can be used to create ISO images for SPARC and x86 architectures.
D. Checkpoints can be used to pause the build, allowing scripts to run that modify the resulting ISO
117
IT Certification Guaranteed, The Easy Way!
Image.
E. A single Installation server can be used to create ISO images for Solaris 10 and Solaris11 operating
systems.
Answer: A,D
Explanation:
A: You can use the distribution constructor to create the following types of Oracle Solaris images:
* (A) x86 or SPARC ISO Image for Automated Installations
* Oracle Solaris x86 live CD image
* x86 or SPARC Oracle Solaris text installer image
* x86 Oracle Solaris Virtual Machine
Note: You can use the distribution constructor to build custom Oracle Solaris images. Then, you can
use the images to install the Oracle Solaris software on individual systems or multiple systems. You
can, also, use the distribution constructor to create Virtual Machine (VM) images that run the Oracle
Solaris operating system.
D: Checkpointing Options
You can use the options provided in the distro_const command to stop and restart the build process
at various stages in the image-generation process, in order to check and debug the image that is
being built. This process of stopping and restarting during the build process is called checkpointing.
NO.227 You want to deploy Oracle Solaris 11 with the Automated Installer (AI). You need to make
sure that your server and network meet the requirements for using AI.
Identify two requirements for using AI.
A. You should set up DHCP. The DHCP server and AI install server can be the same machine or two
different machines.
B. You can create only one manifest per install service. If you need more than one manifest, you
should create multiple install services.
C. The minimum requirement to operate as an AI install server is 1 GB of memory.
D. If two client machines have different architectures and need to be installed with the same version
of the Oracle Solaris 11 OS, then you should create two AI manifests and a single install service.
Answer: A,D
Explanation:
A: An automated installation of a client over the network consists of the following high-level steps:
Step 1. The client system boots over the network and gets its network configuration and the location
of the install server from the DHCP server.
Step 2: The install server provides a boot image to the client.
Etc.
D: If two client machines need to be installed with the same version of the Oracle Solaris
11 OS but need to be installed differently in other ways, then create two AI manifests for the AI install
service. The different AI manifests can specify different packages to install or a different slice as the
install target, for example.
NO.228 You are the administrator of a system that a large number of developers work on. These
developers crash the system, and their applications, on a regular basis.
What command would you use to configure where the core files are saved?
A. savecore
118
IT Certification Guaranteed, The Easy Way!
B. dumpadm
C. svcadm
D. proc
E. coreadm
Answer: E
Explanation:
The coreadm command is used to specify the name and location of core files produced by
abnormally-terminating processes.
NO.229 You are configuring NFS on a server. Select the two statements that are true.
A. Resources listed in /etc/dfs/dfstab are automatically shared on boot up.
B. A directory cannot be shared if a subdirectory below it is already shared.
C. Renaming a share created with the zfs set share command is not supported.
D. NFS and SMB protocols cannot be used simultaneously to share the same directory.
Answer: A,C
Explanation:
A: ZFS can automatically share file systems by setting the sharenfs property. Using this property, you
do not have to modify the /etc/dfs/dfstab file when a new file system is shared. The sharenfs
property is a comma-separated list of options to pass to the share command. The value on is an alias
for the default share options, which provides read/write permissions to anyone. The value off
indicates that the file system is not managed by ZFS and can be shared through traditional means,
such as the /etc/dfs/dfstab file. All file systems whose sharenfs property is not off are shared during
boot.
NO.230 How are operating system updates distributed in the Oracle Solaris 11 environment?
A. Updates are only available to customers with an active support contract. The updates are
distributed through the My Oracle Support web portal and installed in a central location.
All software packages are then updated manually from the command line using the smpatch
command.
B. Patches are download from http: //support.oracle.com either automatically or manually.
All software packages are then updated manually from the command line using the smpatch or
patchadd commands.
C. Software updates are published as packages to a repository. All software packages are then
updated manually from the command line using the pkg command.
D. Software updates, published as packages to an OS image. All software packages are then updated
manually from the command line using the pkg command.
Answer: C
Explanation:
* Updating all of the packages on your installed system - To update all of the packages on your system
that have available updates, use the pkg update command, as follows:
# pkg update
Running this command updates packages that you might not otherwise consider updating, for
example, kernel components and other low-level system packages.
* Adding or updating individual packages - To add individual software packages, use the pkg install
119
IT Certification Guaranteed, The Easy Way!
command. Any dependent packages are also updated at the same time.
* install package updates that deliver fixes- A pkg update operation might include bug fixes, so the
operation is similar to applying a specific patch or patches in previous Oracle Solaris releases.
Note: The IPS interfaces first check for updates for currently installed packages before retrieving
them via the network. By default, interfaces check repository catalogs in the following locations:
* The default installation repository at pkg.oracle.com/solaris/release.
* The support repository in My Oracle Support. This repository is restricted to users with Oracle
Solaris 11 Express support contracts, and it contains packages with the latest bug fixes. For this
reason, a support contract must be purchased for production deployments.
NO.231 Which three of the components could be used in a ZFS storage pool, but are not
recommended configurations?
A. A file on a UFS file system
B. A Veritas Volume Manager (VxVM) volume
C. A LUN In a hardware RAID array
D. A disk slice from an SMI labeled disk
E. A Solaris Volume Manager (SVM) volume
F. An EFI labeled disk
Answer: A,B,E
Explanation:
A: ZFS also allows you to use UFS files as virtual devices in your storage pool. This feature is aimed
primarily at testing and enabling simple experimentation, not for production use.
The reason is that any use of files relies on the underlying file system for consistency. If you create a
ZFS pool backed by files on a UFS file system, then you are implicitly relying on UFS to guarantee
correctness and synchronous semantics.
However, files can be quite useful when you are first trying out ZFS or experimenting with more
complicated layouts when not enough physical devices are present. All files must be specified as
complete paths and must be at least 64 Mbytes in size.
B, E: You can construct logical devices for ZFS using volumes presented by software- based volume
managers, such as Solaris Volume Manager (SVM) or Veritas Volume Manager (VxVM). However,
these configurations are not recommended. While ZFS functions properly on such devices, less-thanoptimal performance might be the result.
NO.232 You need to know the IP address configured on interface net3, and that the interface is up.
Which command confirms these?
A. ipadm show-if
B. ipadm up-addr
C. ipadm show-addr
D. ipadm enable-if
E. ipadm refresh-addr
F. ipadm show-addrprop
Answer: C
Explanation:
Show address information, either for the given addrobj or all the address objects configured on the
specified interface, including the address objects that are only in the persistent configuration.
120
IT Certification Guaranteed, The Easy Way!
State can be: disabled, down, duplicate, inaccessible, ok, tentative
Example:
# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
lo0/v6 static ok ::1/128
NO.233 A user account must be a member of a primary group, and may also be a member of one or
more secondary groups. What is the maximum total number of groups that one user can
concurrently belong to?
A. 15
B. 16
C. 17
D. 63
E. 64
F. 65
G. The number of groups one user can concurrently belong to is unlimited in Solaris 11.
Answer: B
Explanation:
Each user belongs to a group that is referred to as the user's primary group. The GID number, located
in the user's account entry within the /etc/passwd file, specifies the user's primary group.
Each user can also belong to up to 15 additional groups, known as secondary groups. In the
/etc/group file, you can add users to group entries, thus establishing the user's secondary group
affiliations.
Note (4 PSARC/2009/542):
his project proposes changing the maximum value for NGROUPS_MAX from 32 to 1024 by changing
the definition of NGROUPS_UMAX from 32 to 1024.
The use for a larger number of groups is described in CR 4088757, particular in the case of Samba
servers and ADS clients; the Samba servers map every SID to a Unix group. Users with more than 32
groups SIDs are common. We've seen reports varying from "64 is enough", "128 is absolutely
enough" and "we've users with more 190 group SIDS).
NGROUPS_MAX as defined by different Unix versions are as follows
(http://www.j3e.de/ngroups.html):
Linux Kernel >= 2.6.3 65536
Linux Kernel < 2.6.3 32
Tru64 / OSF/1 32
IBM AIX 5.2 64
IBM AIX 5.3 ... 6.1 128
OpenBSD, NetBSD, FreeBSD, Darwin (Mac OS X) 16
Sun Solaris 7, 8, 9, 10 16 (can vary from 0-32)
HP-UX 20
IRIX 16 (can vary from 0-32)
Plan 9 from Bell Labs 32
Minix 3 0 (Minix-vmd: 16)
QNX 6.4 8
121
IT Certification Guaranteed, The Easy Way!
NO.234 Consider the following rule file for use with the Basic Audit Reporting Tool (BART).
CHECK all
IGNORE dirmtime
/etc/security
/etc/notices
IGNORE contents
/export/home
IGNORE mtime size contents
/var
CHECK
You are using BART to detect inappropriate changes to the file system.
Identify the two correct statements describing the attributes recorded.
A. /var/dhcp Attribute: size uid gid mode acl
B. /etc/hosts Attributes: size uid gid mode acl intime dest
C. /var/spool/mqueue Attribute: size uid gid mode acl dirmtime
D. /etc/security/exec_attr Attribute: size uid mode acl mtime devnode
E. /export/home/kate/.profile Attributes: uid gid mode acl dirmtime
F. /export/home/rick/.profile Attributes: size uid gid mode acl mtime contents
Answer: D,F
Explanation:
D: According to line /etc/security
F: According to line /export/home
Not E: According to line IGNORE dirmtime
Note: In default mode, the bart compare command, as shown in the following example, checks all the
files installed on the system, with the exception of modified directory timestamps (dirmtime):
CHECK all
IGNORE dirmtime
Note 2: The Basic Audit Reporting Tool (BART) feature of Oracle Solaris enables you to
comprehensively validate systems by performing file-level checks of a system over time. By creating
BART manifests, you can easily and reliably gather information about the components of the
software stack that is installed on deployed systems.
BART is a useful tool for integrity management on one system or on a network of systems.
NO.235 You are executing this command in the default shell:
sleep 5000 &
The system displays a number. This value is______.
A. the priority of the /usr/bin/sleep process
B. the process ID of the /usr/bin/sleep process
C. the process ID of the shell spawned to execute /usr/bin/sleep
D. the process group ID that includes the /usr/bin/sleep process
E. the amount of memory allocated to the /usr/bin/sleep process
F. the current number of instances of the /usr/bin/sleep process
Answer: C
Explanation:
122
IT Certification Guaranteed, The Easy Way!
If a command is terminated by the control operator '&', the shell executes the command
asynchronously in a subshell. This is known as executing the command in the background.
The shell does not wait for the command to finish, and the return status is 0 (true).
NO.236 You wish to edit your crontab file that is located in /var/spool/cron/crontab. What
command must you enter to edit this file?
A. crontab -e
B. crontab -e /var/spool/cron/crontab
C. crontab -r
D. crontab -e /etc/default/cron
Answer: A
Explanation:
The main tool for setting up cron jobs is the crontab command, though this is not available on every
Unix variant. Typically under Solaris or Linux one would create a new crontab or edit an existing one,
using the command; crontab -e Use the ls -l command to verify the contents of
the/var/spool/cron/crontabs file.
NO.237 You notice that the /var/.dm/messages file has become very large. Typically, this is managed
by a crontab entry. Which entry should be in the root's crontab file?
A. 10 3 * * * /usr/adm/messages
B. 10 3 * * * /usr/sbin/logadm
C. 10 3 * * * /usr/sbin/syslogrotate
D. 10 3 * * * /usi/sbin/logrotate
E. 10 3 * * * /usr/sbin/messages
Answer: B
Explanation:
This example shows how to display the default root crontab file.
$ suPassword:
# crontab -l
# ident "@(#)root 1.19 98/07/06 SMI" /* SVr4.0 1.1.3.1 */
#
# The root crontab should be used to perform accounting data collection.
#
#
1 0 3 * * * /usr/sbin/logadm
1 5 3 * * 0 /usr/lib/fs/nfs/nfsfind
3 0 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/gsscred_clean
# 10 3 * * * /usr/lib/krb5/kprop_script ___slave_kdcs___
NO.238 Review the boot environments displayed on your system:
123
IT Certification Guaranteed, The Easy Way!
Which option describes the solaris-1 BE?
A. It is active on the next reboot.
B. It is active now.
C. It is inactive.
D. It is unbootable.
E. It is active now and on reboot.
F. It has been removed and will no longer be available after the next reboot.
Answer: E
Explanation:
In the below output, NR (now running) means the BE is active now and will be the active BE on
reboot.
Example:
Display your existing BE information.
# beadm list
BE Active Mountpoint Space Policy Created
-- ------ ---------- ----- ------ ------solaris NR / 12.24G static 2011-10-04 09:42
NO.239 The current ZFS configuration on your server is:
pool1 124K 3.91G 32K /pool1
pool1/data 31K 3.91G 31K /data
You need to create a new file system named /data2. /data2 will be a copy of the /data file system.
You need to conserve disk space on this server whenever possible.
Which option should you choose to create /data2, which will be a read writeable copy of the
/data file system, while minimizing the amount of total disk space used in pool1?
A. zfs set mountpoint=/data2 compression=on pool1/data2
B. zfs snapshot pool1/data@nowzfs set mountpoint=/data2, comptession=on pool1/data@now
C. zfs create snapshot pool1/data@nowzfs send pool1/data@now | zfs recv pool1/data2
D. zfs create snapshot pool1/data@nowzfs clone -o mountpoint=/data2 pool1/data@now
pool1/data2
E. zfs snapshot pool1/data@nowzfs clone -o mountpoint=/data2 -ocompression=on
pool1/data@now pool1/data2
F. zfs snapshot pool1/data@nowzfs clone -o mountpoint=/data2 pool1/data@now pool1/data2
Answer: E
Explanation:
zfs snapshot [-r] [-o property=value] ... filesystem@snapname|volume@snapname Creates a
snapshot with the given name. All previous modifications by successful system calls to the file system
are part of the snapshot zfs clone [-p] [-o property=value] ... snapshot filesystem|volume Creates a
clone of the given snapshot.
Note:
Because snapshots are fast and low overhead, they can be used extensively without great concern for
system performance or disk use .
With ZFS you can not only create snapshot but create a clone of a snapshot.
A clone is a writable volume or file system whose initial contents are the same as the dataset from
which it was created. As with snapshots, creating a clone is nearly instantaneous, and initially
124
IT Certification Guaranteed, The Easy Way!
consumes no additional disk space. In addition, you can snapshot a clone.
A clone is a writable volume or file system whose initial contents are the same as the original dataset.
As with snapshots, creating a clone is nearly instantaneous, and initially consumes no additional
space.
Clones can only be created from a snapshot. When a snapshot is cloned, it creates an implicit
dependency between the parent and child.
NO.240 Which network protocol is responsible for routing packets from one network to another?
A. TCP
B. UDP
C. IP
D. ICMP
E. Ethernet
Answer: C
Explanation:
The Internet Protocol (IP) is the principal communications protocol in the Internet protocol suite for
relaying datagrams across network boundaries. Its routing function enables internetworking, and
essentially establishes the Internet.
NO.241 You attempted to reboot a system via the init command, however the system did not
perform boot sequence into the Oracle Solaris Operating Environment. You are presented with a
prompt from the OpenBoot PROM. Which command would you enter, to boot the system from the
default device?
A. boot -net install
B. boot
C. boot -default
D. boot -s0
Answer: B
Explanation:
Boot
With this form, boot loads and executes the program specified by the default boot arguments from
the default boot device Note: boot has the following general format:
boot [device-specifier] [arguments]
where device-specifier and arguments are optional.
NO.242 Your server has one zone named dbzone (hat has been configured, but not yet installed).
Which command would you use to view all the options that were used to configure this zone?
A. zoneadm list -icv dbzone
B. zones tat -c summary dbzone
C. zonecfg -z dbzone info
D. zonecfg -icv dbzone info
Answer: C
Explanation:
zonecfg info
125
IT Certification Guaranteed, The Easy Way!
Display information about the current configuration. If resource-type is specified, displays only
information about resources of the relevant type. If any property-name value pairs are specified,
displays only information about resources meeting the given criteria. In the resource scope, any
arguments are ignored, and info displays information about the resource which is currently being
added or modified.
Note:
zonecfg -z
zonename. Specify the name of a zone. Zone names are case sensitive. Zone names must begin with
an alphanumeric character and can contain alphanumeric characters, the underscore (_) the hyphen
(-), and the dot (.). The name global and all names beginning with SUNW are reserved and cannot be
used.
Incorrect answer:
A: The zoneadm utility is used to administer system zones. A zone is an application container that is
maintained by the operating system runtime.
list option:
Display the name of the current zones, or the specified zone if indicated.
B: No such command.
D: no such options zonecfg -icv
NO.243 Which two accurately identify features of a Solaris 10 branded zone?
A. executes in a Solaris 10 global zone
B. is created by importing a Solaris 10 flash archive
C. enables Linux binary applications to run unmodified
D. provides a complete runtime environment for Solaris 9 applications
E. allows a Solaris 10 global zone to be migrated into a Solaris 10 non-global zone on a Solaris 11
system
Answer: B,E
Explanation:
B: It can be created by importing a Solaris 10 flash archive.
You can use the Oracle Solaris Flash archiving tools to create an image of an installed system that can
be migrated into a zone.
The system can be fully configured with all of the software that will be run in the zone before the
image is created. This image is then used by the installer when the zone is installed.
Note: You can use alternate methods for creating the archive. The installer can accept the following
archive formats:
* cpio archives
* gzip compressed cpio archives
* bzip2 compressed cpio archives
* pax archives created with the -x xustar (XUSTAR) format
A ufsdump level zero (full) backups
Note:
Branded zones that run an environment different that the OS release on the system
* The lx branded zone introduced in the Solaris 10 8/07 release provides a Linux environment for
your applications and runs on x86 and x64 machines on the Oracle Solaris
10 OS.
* The solaris8 and solaris9 branded zones enable you to migrate an Oracle Solaris 8 or Oracle Solaris
126
IT Certification Guaranteed, The Easy Way!
9 system to an Oracle Solaris 8 or Oracle Solaris 9 Container on a host running the Oracle Solaris 10
8/07 Operating System or later Oracle Solaris 10 release.
* The Oracle Solaris 10 Container brand is available in OpenSolaris build 127. These branded zones
host Oracle Solaris 10 user environments.
Note: One of the powerful features of Solaris 11 is the ability to run a Solaris 10 environment in a
zone. Solaris 10 allows you to run Solaris 8 and 9 environments in zones, but only on SPARC.
NO.244 A change in your company's security policy now requires an audit trial of all administrators
assuming the sysadm role, capturing:
There are two command necessary to accomplish this change. One is a rolemod command. What is
the other?
A. auditconfig -setpolicy +argv
B. auditconfig -setflags lo, ex sysadm
C. auditconfig set policy=argv
D. auditconfig set flags=lo, ex sysadm
Answer: A
NO.245 Which statement is correct about shudown and init commands?
A. The shutdown command brings the system to the single-user milestone by default. The init
command must be used to shut the system down to run level 0.
B. The shutdown command performs a clean shutdown of all services whereas init does not.
C. The shutdown command accepts SMF milestones, init stages, or run levels as arguments whereas
init accepts only init stages or run levels as arguments.
D. shutdown broadcasts one or more periodic shutdown warning messages to all logged-in users
whereas init issues none.
Answer: D
127