Oracle - Passit4sure.1z0 821.v2015!04!08.by - Reuben 2

Passit4sure.1z0-821.
259 questions
Number: 1z0-821
Passing Score: 800
Time Limit: 120 min
File Version: 9.5
Oracle 1z0-821
Oracle Solaris 11 System Administration
Excellent Questions, I pass with 90% with these questions. Guys just read this only.
These are the most accurate study questions. Just focus on these and sit in your exam.
I have changed answers of Q2, Q11, Q31, Q44, Q59 and Q87.
Modified few questions, fixed few spelling mistakes and types.
100% Valid in US, UK, Australia, India and Emirates. All my friends in group have these same questions.
www.vceplus.com - Website designed to help IT pros advance their careers - Born to Learn
Exam A
QUESTION 1
zone1 is a non-global zone that has been configured and installed.
zone1 was taken down for maintenance, and the following command was run:
zoneadm -z zone1 mark incomplete
The following information is displayed when listing the zones on your system:
Which task needs to be performed before you can boot zone1?
A. The zone needs to be installed.

B. The zone needs to be brought to the ready state.
C. The zone needs to be uninstalled and reinstalled.
D. The zone needs to be brought to the complete state.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
If administrative changes on the system have rendered a zone unusable or inconsistent, it is possible to change the state of an installed zone to
incomplete. Marking a zone incomplete is irreversible. The only action that can be taken on a zone marked incomplete is to uninstall the zone and return
it to the configured state.
QUESTION 2
You need to make sure that all of the software packages on your server are up to date. Without installing any updates, which two commands would
display .my software updates that are available in the default Oracle repository?
A. pkg list -u
B. pkg verify u `*'
C. pkg search u
D. pkg info r `*'
E. pkg install nv
F. pkg update nv `*'
Correct Answer: AD
Section: (none)
Explanation
Explanation:
A: the pgk list command display a list of packages in the current image, including state and other information. By default, package variants for a different
architecture or zone type are excluded.
D: pkginfo displays information about software packages that are installed on the system (with the first synopsis, with -l) or that reside on a particular
device or directory (with the second synopsis, with -r).
Without options, pkginfo lists the primary category, package instance, and the names of all completely installed and partially installed packages. It
displays one line for each package selected.
With -r, retrieve the data from the repositories of the image's configured publishers. Note that you must specify one or more package patterns in this
case.
QUESTION 3
You are troubleshooting a newly installed desktop Oracle Solaris 11 system with a single network interface. From this system, you can connect to other
systems within the company intranet, but cannot access any external services (such as websites and email), even when using IP addresses.
Examining the routing table confirms that the default route to 192.168.1.1 is missing. DHCP is not used at this site. Which two commands will
temporarily mid permanently configure the default route?
A. ipadm set-gateway 192.168.1.1

B. route add default 192.168.1.1
C. ipadm set-default 192.168.1.1
D. dladm route-add d 192.168.1.1
E. echo 192.168.1.1 >/etc/gateway
F. echo 192.168.1.1 >/etc/defaultrouter
Correct Answer: BF
Section: (none)
Explanation
Explanation:
B: Setting the default route on Solaris is easy. If you are trying to just set the route temporarily you can use the route command:
Route add default <ipaddress>
Example:
Route add default 192.168.1.1
Note: Route command manipulates the kernel routing tables. Routing is the process of forwarding a packet from one computer to another. It is based on
the IP address in the IP packet header and netmask.
F: If you want the route to be persisted when you reboot the system, you will need to set the route in the /etc/defaultrouter file.
/etc/defaultrouter
Example:
Echo 192.168.1.1 > /etc/defaultrouter
QUESTION 4
You want the system to generate an email notification each time one of the services has changed its state. Which option would send an email message
to the system administrator whenever a service changes to the maintenance state?
A. Use the setsc command in ALOM to enable the mail alerts to be sent to a specified email address whenever the fault management facility detects a
service change to the maintenance state.
B. Make an entry in the /etc/syslog.conf file to instruct syslogd to send an email alert when it receives a message from the SMF facility that a service
has changed to the maintenance state.
C. Use the svccfg setnotify command to create a notification and send an email when a service enters the maintenance state.
D. Use the scvadm command to enable the notification service. Set the g maintenance option on the netnotify service to send an email when a service
enters the maintenance state.
Correct Answer: C
Section: (none)
Explanation
Explanation:
This procedure causes the system to generate an email notification each time one of the services or a selected service has a change in state. You can
choose to use either SMTP or SNMP. Normally, you would only select SNMP if you already have SNMP configured for some other reason.
By default, SNMP traps are sent on maintenance transitions. If you use SNMP for monitoring, you can configure additional traps for other state
transitions.
1. Become an administrator or assume a role that includes the Service Management rights profile.
2. Set notification parameters.
Example:
The following command creates a notification that sends email when transactions go into the maintenance state
# /usr/sbin/svccfg setnotify -g maintenance mailto:sysadmins@example.com
QUESTION 5
How are operating system updates distributed in the Oracle Solaris 11 environment?
A. Updates are only available to customers with an active support contract. The updates are distributed through the My Oracle Support web portal and
installed in a central location. All software packages are then updated manually from the command line using the smpatch command.
B. Patches are download from http: //support.oracle.com either automatically or manually. All software packages are then updated manually from the
command line using the smpatch or patchadd commands.
C. Software updates are published as packages to a repository. All software packages are then updated manually from the command line using the pkg
command.
D. Software updates, published as packages to an OS image. All software packages are then updated manually from the command line using the pkg
command.
Correct Answer: C
Section: (none)
Explanation
Explanation:
* Updating all of the packages on your installed system To update all of the packages on your system that have available updates, use the pkg update
command, as follows:
# pkg update
Running this command updates packages that you might not otherwise consider updating, for example, kernel components and other low-level system
packages.
* Adding or updating individual packages To add individual software packages, use the pkg install command. Any dependent packages are also
updated at the same time.
* install package updates that deliver fixes A pkg update operation might include bug fixes, so the operation is similar to applying a specific patch or
patches in previous Oracle Solaris releases.
Note: The IPS interfaces first check for updates for currently installed packages before retrieving them via the network. By default, interfaces check
repository catalogs in the following locations:
* The default installation repository at pkg.oracle.com/solaris/release.
* The support repository in My Oracle Support. This repository is restricted to users with Oracle Solaris 11 Express support contracts, and it contains
packages with the latest bug fixes. For this reason, a support contract must be purchased for production deployments.
QUESTION 6
User jack, whose account is configured to use the korn shell, logs in and examines the value of his PATH environment variable:
jack@solaris: echo $PATH
/usr/gnu/bin:/usr/bin:/usr/sbin:/sbin
There is a shell script in jack's home directory called useradd:
-r-xr-xr-x 2 jack other 1239 2012-01-05 11:42 useradd
While in his home directory, jack attempts to run the script:
jack@solaris: useradd
What will happen, and why?
A. He will get a "file not found" error, because the current directory is not in his seaech path.
B. He will get a "file not found" error, because his home directory is not in his search path.
C. The useradd script will execute, because jack is in the same directory that the script is located in.
D. The command /user/sbin/useradd will execute, because it is the last match in the search path.
E. The command /user/sbin/useradd will execute, because it is the first match in the search path.
Correct Answer: D
Section: (none)
Explanation
Explanation:
QUESTION 7
User jack on host solaris attempts to use ssh to log in to host oracle and receives this message:
jack@solaris:~$ ssh oracle
ssh: connect to host oracle port 22: connection refused
What is the problem?
A. Host oracle does not have a valid host public key.
B. Host oracle does not have a valid host private key.
C. Host solaris does not have a valid host public key.
D. Host does not have a valid host private key.
E. Host solaris is not configured for host-based authentication.
F. Host oracle is not configured for host-based authentication.
G. Host oracle is not running the ssh service.
H. Host solaris is not running the ssh service.
Correct Answer: G
Section: (none)
Explanation
Explanation:
The host he is trying to connect to (oracle) is not running the required service (ssh).
QUESTION 8
When speaking in an Oracle Support Engineer, you are asked to verify the version of the Solaris 11 build currently running on your system.
Which command would display the Solaris 11 build version currently running on your system?
A. pkg info all

B. cat /etc/release
C. cat /etc/update
D. prtconf | grep i update
E. pkg info entire
Correct Answer: B
Section: (none)
Explanation
Explanation:
Which Solaris release you are running on your system can be determined using the following command:
cat /etc/release
This will tell you which release you are running and when it was released. The more recent your system, the more info is contained in this file.
Example:
# cat /etc/release
Oracle Solaris 10 8/11 s10s_u10wos_17b SPARC
Copyright (c) 1983, 2011, Oracle and/or its affiliates. All rights reserved.
Assembled 23 August 2011
QUESTION 9
You need to configure an ISCSI target device on your x86 based Oracle Solaris II system. While configuring the iSCSI device, the following error is
displayed:
bash: stmfadm: command not found
Which option describes the solution to the problem?
A. The COMSTAR feature is not supported on the x86 platform. The feature is supported only on the SPARC platform.
B. Use the iscsitadm command on the x86 platform when configuring an iSCSI target.
C. Install the storage-server group package on this system.
D. Start the iSCSI target daemon on this system.
Correct Answer: C
Section: (none)
Explanation
Explanation:
STMF Manages transactions, such as context and resources for Small Computer System Interface (SCSI) command execution, and tracking logical
unit and port providers. STMF also handles logical unit mappings, allocating memory, recovering failed operations, enumeration, and other necessary
functions of an I/O stack.
STMF is controlled by stmfadm, and stmfadm is the majority of the commands you will be using to administer COMSTAR (COmmon Multiprotocl Scsi
TARget).
Install the packages you need for COMSTAR with iSCSI and reboot:
# pfexec pkg install storage-server

# pfexec pkg install SUNWiscsit
# shutdown -y -i6 -g0
Note: You can set up and configure a COMSTAR Internet SCSI (iSCSI) target and make it available over the network. The iSCSI features can work over
a normal Internet connection (such as Ethernet) using the standard iSCSI protocol. The iSCSI protocol also provides naming and discovery services,
authentication services using CHAP and RADIUS, and centralized management through iSNS.
The COMSTAR target mode framework runs as the stmf service. By default, the service is disabled. You must enable the service to use COMSTAR
functionality. You can identify the service with the svcs command. If you have not rebooted the server since installing the group/feature/storage-server
package, the service might not be enabled correctly.
QUESTION 10
Your SPARC server will not boot into multi user-server milestones and you need to troubleshoot to out why. You need to start the server with minimal
services running so that you can go through each milestone manually to troubleshoot the issue.
Select the option that boots the server with the fewest services running.
A. boot -s
B. boot milestone none
C. boot -m milestone=single-user
D. boot -m milestone=none
E. boot -m none
Correct Answer: D
Section: (none)
Explanation
Explanation:
The command boot -m milestone=none is useful in repairing a system that have problems booting early.
Boot Troubleshooting:
To step through the SMF portion of the boot process, start with:
boot -m milestone=none
Then step through the milestones for the different boot levels:
svcadm milestone svc:/milestone/single-user:default
svcadm milestone svc:/milestone/multi-user:default
svcadm milestone svc:/milestone/multi-user-server:default
QUESTION 11
User1 is attempting to assist user2 with terminating user2's process 1234.
User1 entered the following: kill -9 1234
Why does the process continue to run?
A. You can kill a process only if you are root.

B. You can kill only a process that you own.
C. You can kill the process only with the pkill command.
D. You need to kill the process with a stronger kill signal.
Correct Answer: B
Section: (none)
Explanation
Explanation:
Kill -9
Kill (terminates without cleanup)
Only works if issued by process owner or super user (root) The program cannot respond to this signal; it must terminate
Note: Unix provides security mechanisms to prevent unauthorized users from killing other processes. Essentially, for a process to send a signal to
another, the owner of the signaling process must be the same as the owner of the receiving process or be the superuser.
QUESTION 12
Your server has one zone named dbzone (hat has been configured, but not yet installed). Which command would you use to view all the options that
were used to configure this zone?
A. zoneadm list icv dbzone

B. zones tat c summary dbzone
C. zonecfg z dbzone info
D. zonecfg icv dbzone info
Correct Answer: C
Section: (none)
Explanation
Explanation:
zonecfg info
Display information about the current configuration. If resource-type is specified, displays only information about resources of the relevant type. If any
property-name value pairs are specified, displays only information about resources meeting the given criteria. In the resource scope, any arguments are
ignored, and info displays information about the resource which is currently being added or modified.
Note:
zonecfg z
zonename. Specify the name of a zone. Zone names are case sensitive. Zone names must begin with an alphanumeric character and can contain
alphanumeric characters, the underscore (_) the hyphen (-), and the dot (.). The name global and all names beginning with SUNW are reserved and
cannot be used.
Incorrect answer:
A: The zoneadm utility is used to administer system zones. A zone is an application container that is maintained by the operating system runtime.
list option:
Display the name of the current zones, or the specified zone if indicated.
B: No such command.
D: no such options zonecfg icv
QUESTION 13
Your users are experiencing delay issues while using their main application that requires connections to remote hosts. You run the command uptime
and get the flowing output:
1:07am up 346 day(s), 12:03, 4 users, load average: 0.02, 0.02, 0.01
Which command will be useful in your next step of troubleshooting?
A. ipadm
B. traceroute
C. dladm
D. snoop
E. arp
Correct Answer: B
Section: (none)
Explanation
Explanation:
Test the remote connection with traceroute.
The Internet is a large and complex aggregation of network hardware, connected together by gateways. Tracking the route one's packets follow (or
finding the miscreant gateway that's discarding your packets) can be difficult. traceroute utilizes the IP protocol `time to live' field and attempts to elicit an
ICMP TIME_EXCEEDED response from each gateway along the path to some host.
This program attempts to trace the route an IP packet would follow to some internet host by launching UDP probe packets with a small ttl (time to live)
then listening for an ICMP "time exceeded" reply from a gateway.
QUESTION 14
When upgrading an existing system from Solaris 11 Express to Oracle Solaris 11, what happens to the datalink names?
A. They follow the default naming convention for the newly installed version.
B. They maintain their names.
C. They are called eth#.
D. They are called el00g#.
E. They are left unnamed, to avoid conflicts, and need to be renamed after the installation process is complete.
Correct Answer: A
Section: (none)
Explanation
Explanation:
Network configuration in Oracle Solaris 11 includes
* Generic datalink name assignment Generic names are automatically assigned to datalinks using the net0, net1, netN naming convention, depending
on the total number of network devices that are on the system
Note: There is no upgrade path from Oracle Solaris 10 to Oracle Solaris 11. You must perform a fresh installation.
QUESTION 15
You have installed software updates to a new boot environment (BE) and have activated that the booting to the new BE, you notice system errors. You
want to boot to the last known good configuration.
Which option would you use on a SPARC system to boot to the currentBE boot environment?
A. boot L currentBE
B. boot Z rpool/ROOT/currentBE
C. boot a Enter the currentBE dataset name when prompted.
D. boot rpool/ROOT/currentBE
E. boot m currentBE
F. beadm activate currentBE
Correct Answer: F
Section: (none)
Explanation
Explanation:
You can change an inactive boot environment into an active boot environment. Only one boot environment can be active at a time. The newly activated
boot environment becomes the default environment upon reboot.
How to Activate an Existing Boot Environment

1. Use the following command to activate an existing, inactive boot environment:
beadm activate beName
beName is a variable for the name of the boot environment to be activated.
Note the following specifications.
beadm activate beName activates a boot environment by setting the bootable pool property, bootfs, to the value of the ROOT dataset of the boot
environment that is being activated.
beadm activate sets the newly activated boot environment as the default in the menu.lst file.
2. Reboot.
The newly activated boot environment is now the default on the x86 GRUB menu or SPARC boot menu.
QUESTION 16
Oracle Solaris 11 limits access to the system with usernames and passwords
The usernames are held in ___________, and the passwords are held in ___________.
Select the correct pair.
A. /etc/security/policy.conf /etc/passwd
B. /etc/passwd /etc/shadow
C. /etc/security /etc/passwd
D. /etc/shadow /etc/passwd
Correct Answer: B
Section: (none)
Explanation
Explanation:
The /etc/passwd file contains basic user attributes. This is an ASCII file that contains an entry for each user. Each entry defines the basic attributes
applied to a user.
/etc/shadow file stores actual password in encrypted format for user's account with additional properties related to user password i.e. it stores secure
user account information. All fields are separated by a colon (:) symbol. It contains one entry per line for each user listed in /etc/passwd file.
QUESTION 17
_________ serves as the interface between the SMF repository and the user to ensure that a consistent, picture of the repository is presented to the
user.
A. repository.db
B. service manifest
C. svc.startd
D. svc.configd
Correct Answer: D
Section: (none)
Explanation
Explanation:
SVC.CONFIGD is the repository daemon responsible for maintaining /etc/svc/repository.db. The repository.db must come clean during this integrity
check otherwise it is a "no go" for usual boot sequence to run level 3. The repository may get corrupted due to various hardware issues, software bugs,
disk write failures, etc.
Note: When svc.configd(1M), the Solaris Repository Daemon, is started, it does an integrity check of the smf(5) repository, stored in /etc/svc/
repository.db. This integrity check can fail due to a disk failure, the database file being corrupted either due to a hardware bug, a software bug, or an
accidental overwrite. If the integrity check fails, svc.configd will write a message to the console.
QUESTION 18
You are attempting to edit your crontab file in the bash shell. Instead of getting your usual vi interface, you are presented with an unfamiliar interface. In
order to have your editor of choice-vi- what command must you type after exiting the unfamiliar editor?
A. EDITOR=vi
B. crontab=vi
C. crontab e vi
D. env
Correct Answer: A
Section: (none)
Explanation
Explanation:
Set the EDITOR variable to vi.
Commands like `crontab -e` will use ed per default. If you'd like to use some better editor (like vi) you can use the environment variable EDITOR:
# EDITOR=vi; crontab e will open the users crontab in vi. Of course you can set this variable permanently.
Incorrect answers
C: -e Edits a copy of the current user's crontab file, or creates an empty file to edit if crontab does not exist. When editing is complete, the file is installed
as the user's crontab file. If a username is given, the specified user's crontab file is edited, rather than the current user's crontab file; this can only be
done by a user with the solaris.jobs.admin authorization. The environment variable EDITOR determines which editor is invoked with the -e option. The
default editor is ed(1). All crontab jobs should be submitted using crontab. Do not add jobs by just editing the crontab file, because cron is not aware of
changes made this way.
QUESTION 19
You want to display the IP address assignments of the network interfaces. Which command should you use?
A. ipadm show-if
B. ipadm show-addr
C. ipadm show-prop
D. ipadm show-addrprop
Correct Answer: B
Section: (none)
Explanation
Explanation:
'ipadm show-addr' displays all the configured addresses on the system.
Example:
# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
lo0/v6 static ok ::1/128
QUESTION 20
The following image properties are displayed on your system:
Which two options describe the boot environment policy property that is currently set for this image?
A. All package operations are performed in a new BE set as active on the next boot.
B. Do not create a new BE. The install, update, uninstall, or revert operation is not performed if a new BE is required.
C. If a BE is created, do not set it as the active BE on the next boot
D. A reboot is required for all package operations
E. A reboot is not required after a package operation.
F. For package operations that require a reboot, this policy creates a new BE set as active on the next boot.
Correct Answer: DF
Section: (none)
Explanation
Explanation:
Image properties described below.
* be-policy
Specifies when a boot environment is created during packaging operations. The following values are allowed:
/ default
Apply the default BE creation policy: create-backup.
/ always-new (D, F)
Require a reboot for all package operations (D) by performing them in a new BE set as active on the next boot (F). A backup BE is not created unless
explicitly requested.
This policy is the safest, but is more strict than most sites need since no packages can be added without a reboot.
QUESTION 21
dbzone is currently running on your server.
Which two methods would you use to safely and cleanly shut down dbzone and all of its applications?
A. zlogin z dbzone halt

B. zoneadm z dbzone shutdown i0
C. zoneadm z dbzone shutdown
D. zoneadm z dbzone halt
E. zlogin dbzone shutdown i0
Correct Answer: DE
Section: (none)
Explanation
Explanation:
D: zoneadm halt command halts the specified zones. halt bypasses running the shutdown scripts inside the zone. It also removes run time resources of
the zone.
E: Use: zlogin zone shutdown
to cleanly shutdown the zone by running the shutdown scripts.
Use this procedure to cleanly shut down a zone.

1. Become superuser, or assume the Primary Administrator role.
2. Log in to the zone to be shut down, for example, my-zone, and specify shutdown as the name of the utility and init 0 as the state global# zlogin my-
zone shutdown -y -g0 -i 0
QUESTION 22
View the Exhibit to see the information taken from the installation log file.
Based on the information presented in the Exhibit, which two options describe the state of the system when the server is booted for the first time after
the installation is complete?
A. NWAM will be used to configure the network interface.
B. The network/physical service is offline.
C. You cannot log in from the console as root. You must first log in as a user and then su to root account.
D. The root user can log in from the console login.
E. You will be prompted to configure the network interface after the initial login.
Correct Answer: BD
Section: (none)
Explanation
best answer.
QUESTION 23
In order to display the IP addresses of network interfaces, what command would you use?
A. dladm
B. ipconfig
C. sves
D. ipadm
E. ipaddr
Correct Answer: D
Section: (none)
Explanation
Explanation:
Example:
# ipadm show-addr
lo0/v4 static ok 127.0.0.1/8
QUESTION 24
The su command by default makes an entry into the log file for every su command attempt. The following is a single line from the file:
SU 12/18 23:20 + pts/1 user1-root
What does the + sign represent?
A. unsuccessful attempt
B. successful attempt
C. The attempt was from a pseudo terminal, and not the console.
D. The attempt was from a user that is in the adm group, same as root.
E. Time zone is not set.
Correct Answer: B
Section: (none)
Explanation
Explanation:
The sulog file, /var/adm/sulog, is a log containing all attempts (whether successful or not) of the su command. An entry is added to the sulog file every
time the su command is executed. The fields in sulog are: date, time, successful (+) or unsuccessful (-), port, user executing the su command, and user
being switched to. In the preceding example, all su attempts were successful, except for the attempt on 2/23 at 20:51, when user pete unsuccessfully
attempted to su to user root.
Look for entries where an unauthorized user has used the command inappropriately. The following entry shows a successful (indicated by +) su from
user userid to root.
SU 03/31 12:52 + pts/0 <userid>-root
QUESTION 25
A user brian is configured to use the bash shell. His home directory is /export/home/brian, and contains a .profile and a .bashrc file.
In the -profile, there are these lines:
genius =ritchie
export genius
In the .bashrc us this line:
genius=kernighan
In /etc/profile are these lines:
genius=thompson
export genius
When brian logs in and asks for the value of genius, what will he find, and why?
A. genius will be ritchie, because that was the value exported in .profile.
B. genius will be kernighan, because .bashrc executes after .profile.
C. genius will be ritchie because variable settings in .profile take precedence over variable settings in .bashrc.
D. genius will be ritchie because .profile executes after .bashrc.
E. genius will be thompson because /etc/profile system settings always override local settings.
Correct Answer: C
Section: (none)
Explanation
Explanation:
QUESTION 26
Consider the following commands:
What is displayed when this sequence of commands is executed using the bash shell?
A. Hello, world
B. cat: cannot open file1: No such file or directory Hello, world
C. cat: cannot open file1: No such file or directory
D. bash: syntax error near unexpected token '| |'
E. bash: syntax error broker pipe
Correct Answer: B
Section: (none)
Explanation
reliable answer.
QUESTION 27
You are logged in as root to a newly installed Solaris 11 system. You issue the command useradd -d, and then examine the /usr/sadm/defadduser file.
This file includes the entry defshell=/bin/sh. Which shell will now be the default for the next account created?
A. bash shell
B. C shell
C. korn shod
D. bourne shell
Correct Answer: A
Section: (none)
Explanation
Explanation:
Oracle Solaris 11 introduces user environment and command-line argument changes that include the following:
* Shell changes - The default shell, /bin/sh, is now linked to ksh93. The default user shell is the Bourne-again (bash) shell.
* The legacy Bourne shell is available as /usr/sunos/bin/sh.
* The legacy ksh88 is available as /usr/sunos/bin/ksh from the shell/ksh88 package.
* Korn shell compatibility information is available in /usr/share/doc/ksh/COMPATIBILITY.
QUESTION 28
You want to display network interface information. Which command should you use?
A. ipadm show-if
B. ipadm show-addr
C. ipadm show-prop
D. ipadm show-addrprop
Correct Answer: A
Section: (none)
Explanation
genuine answer.
QUESTION 29
Which two options accurately describe the network characteristics of a zone?
A. DHCP address assignment cannot be configured in a shared IP zone.

B. Shared IP is the default type of network configuration.
C. Exclusive IP is the default type of network configuration.
D. By default, all IP addresses, netmasks, and routes are set by the global zone and cannot be altered in a non global zone.
E. IPMP cannot be managed within the non-global zone.
F. Commands such as snoop and dladm cannot be used on datalinks that are in use by a running zone.
Correct Answer: AB
Section: (none)
Explanation
Explanation:
A: Non-global zones can not utilize DHCP (neither client nor server). B (not C): By default, non-global zones will be configured with a shared IP
functionality. What this means is that IP layer configuration and state is shared between the zone you're creating and the global zone. This usually
implies both zones being on the same IP subnet for each given NIC.
Note: A zone is a virtual operating system abstraction that provides a protected environment in which applications run. The applications are protected
from each other to provide software fault isolation. To ease the labor of managing multiple applications and their environments, they co- exist within one
operating system instance, and are usually managed as one entity.
The original operating environment, before any zones are created, is also called the "global zone" to distinguish it from non-global zones, The global
zone is the operating system instance.
Incorrect answer:
E: Exclusive-IP zones can use IPMP. IPMP is configured the same way in an exclusive-IP zone as it is on a system not using zones.
For shared-IP zones, IPMP can be configured in the global zone.
F: Full IP-level functionality is available in an exclusive-IP zone.
An exclusive-IP zone has its own IP-related state.
An exclusive-IP zone is assigned its own set of data-links using the zonecfg command. The zone is given a data-link name such as xge0, e1000g1, or
bge32001, using the physical property of the net resource. The address property of the net resource is not set.
Note that the assigned data-link enables the snoop command to be used.
The dladm command can be used with the show-linkprop subcommand to show the assignment of data-links to running exclusive-IP zones.
QUESTION 30
To assist in examining and debugging running processes, Solaris 11 has a utility that returns pro arguments and the names and values of environment
variables.
What is the name of this utility?
A. ppgsz
B. pargs
C. pmap
D. pgrep
Correct Answer: B
Section: (none)
Explanation
Explanation:
The pargs utility examines a target process or process core file and prints arguments, environment variables and values, or the process auxiliary vector.
QUESTION 31
Identify the correct description of an IPS image.
A. an ISO image of the Solaris media DVD

B. an IPS repository
C. a depot location or source where Solaris packages can be installed from
D. a location where packages can be installed, for example, your Solaris instance
Correct Answer: D
Section: (none)
Explanation
Explanation:
An image is a location where packages can be installed.
An image can be one of three types:
* Full images are capable of providing a complete system.
* Partial images are linked to a full image (the parent image), but do not provide a complete system on their own.
* User images contain only relocatable packages.
QUESTION 32
You need to know the IP address configured on interface net3, and that the interface is up. Which command confirms these?
A. ipadm show-if
B. ipadm up-addr
C. ipadm show-addr
D. ipadm enable-if
E. ipadm refresh-addr
F. ipadm show-addrprop
Correct Answer: C
Section: (none)
Explanation
Explanation:
Show address information, either for the given addrobj or all the address objects configured on the specified interface, including the address objects that
are only in the persistent configuration.
State can be: disabled, down, duplicate, inaccessible, ok, tentative
Example:
# ipadm show-addr
lo0/v4 static ok 127.0.0.1/8
QUESTION 33
You start to execute a program by using the following command:
~/bigscript &
You then determine that the process is not behaving as expected, and decide that you need to terminate the process. Based on the information shown
below, what is the process number you should terminate?
A. 15163
B. 15156
C. 15166
D. 15165
Correct Answer: A
Section: (none)
Explanation
Explanation:
From the output exhibit we can deduce that the shell has id 15156.
It has spawned three subprocesses:
grep: id 15166
ps aef 15165
The remaining 15163 must be the subshell (see note below). This is the id of the process which should be terminated.
QUESTION 34
You have installed the SMF notification framework to monitor services. Which command is used to set up the notifications for a particular service?
A. svccfg
B. svcadm
C. setnotify
D. smtp-notify
Correct Answer: A
Section: (none)
Explanation
Explanation:
How to Set Up Email Notification of SMF Transition Events This procedure causes the system to generate an email notification each time one of the
services or a selected service has a change in state. You can choose to use either SMTP or SNMP. Normally, you would only select SNMP if you
already have SNMP configured for some other reason.
By default, SNMP traps are sent on maintenance transitions. If you use SNMP for monitoring, you can configure additional traps for other state
transitions.
1. Become an administrator or assume a role that includes the Service Management rights profile.'
2. Set notification parameters.
Example 1:
The following command creates a notification that sends email when transactions go into the maintenance state.
# /usr/sbin/svccfg setnotify -g maintenance mailto:sysadmins@example.com
Example 2:
The following command creates a notification that sends email when the switch service goes into the online state.
# /usr/sbin/svccfg -s svc:/system/name-service/switch:default setnotify to-online \ mailto:sysadmins@example.com
Note: The svccfg command manipulates data in the service configuration repository. svccfg can be invoked interactively, with an individual
subcommand, or by specifying a command file that contains a series of subcommands.
Changes made to an existing service in the repository typically do not take effect for that service until the next time the service instance is refreshed.
QUESTION 35
User jack logs in to host Solaris and executes the following command sequence:
Which three statements are correct?
A. User jack can edit testfile because he has read and write permissions at the group level.
B. User jack can use cat to output the contents of testfile because he has read permission as the file owner.
C. User jill can change the permissions of testfile because she has write permission for the file at the group level.
D. User jill can edit testfile because she has read and write permission at the group level.
E. User jack can change permissions for testfile because he is the owner of the file.
F. User jack can change permissions for testfile because he has execute permission for the file.
Correct Answer: DEF

Section: (none)
Explanation
Explanation:
QUESTION 36
The OpenBoot firmware controls the operation of the system before the operating system is loaded.
Which four tasks are directly controlled by the OpenBoot firmware?
A. Provides a list of boot entries from which to choose

B. Allows hardware to identify itself and load its own plug-in device driver
C. Loads the boot loader from the configured boot device
D. Performs basic hardware testing
E. Installs the console
F. Reads and executes the boot archive
G. Extract and executes the kernel image
Correct Answer: ABCD

Section: (none)
Explanation
Explanation:
OpenBoot firmware is executed immediately after you turn on your system. The primary tasks of OpenBoot firmware are to:
* Test and initialize the system hardware (D)
* Determine the hardware configuration (D)
*Boot the operating system from either a mass storage device or from a network *Provide interactive debugging facilities for testing hardware and
software
Some notable features of OpenBoot firmware.

* Plug-in Device Drivers (B)
Most common tasks that you perform using OpenBoot
* Booting Your System
The most important function of OpenBoot firmware is to boot the system. Note: If auto-boot? is true, the system will boot from either the default boot
device or from the diagnostic boot device depending on whether OpenBoot is in diagnostic mode. (C)
QUESTION 37
Which two options are accurate regarding the non-global zone console?
A. Access the non-global zone console by using the zlogin c command.

B. Access the non-global zone console by using the zlogin 1 command.
C. Disconnect from the non-global zone console by using the ~. keys.
D. Disconnect from the non-global zone console by using the #. keys.
Correct Answer: AC
Section: (none)
Explanation
Explanation:
A: How to Log In to the Zone Console Use the zlogin command with the -C option and the name of the zone, for example, my-zone.
global# zlogin -C my-zone
C: To disconnect from a non-global zone, use one of the following methods.
* To exit the zone non-virtual console:
zonename# exit
* To disconnect from a zone virtual console, use the tilde (~) character and a period:
zonename# ~.
QUESTION 38
The default publisher on your system is:
You want to update the Oracle Solaris 11 environment on your system, but you are not able to connect this system to the Internet to access the default
Oracle repository. A repository has been created on your local network and is named http://server1.example.com.
Which command would you choose to connect your system to the local repository?
A. pkg publisher to specify the new publisher

B. pkg set-publisher to set the stickiness on the http://server1.example.com publisher and unset stickiness for http://pkg.oracle.com/solaris/release
C. pkg add-publisher to add the new publisher
D. pkg set-publisher to set the origin for the publisher
Correct Answer: D
Section: (none)
Explanation
Explanation:
Solaris 11 Express makes it pretty easy to set up a local copy of the repository. A common reason folks need access to a local repository is because
their system is not connected to the Internet.
Tthe pkg set-publisher command can be used to for example add a publisher or to enable or disable a publisher.
Note: Example Adding a Publisher

Use the -g option to specify the publisher origin URI.
# pkg set-publisher -g http://pkg.example.com/release example.com
Example Specifying the Preferred Publisher

Use the -P option to specify a publisher as the preferred publisher. The specified publisher moves to the top of the search order. You can specify the -P
option when you add a publisher or you can modify an existing publisher.
# pkg set-publisher -P example.com
Example Enabling or Disabling a Publisher
Use the -d option to disable a publisher. The preferred publisher cannot be disabled. A disabled publisher is not used in package operations such as list
and install. You can modify the properties of a disabled publishers.
Use the -e option to enable a publisher.
# pkg set-publisher -d example2.com
QUESTION 39
Your server has a ZFS storage pool that is configured as follows:
The following partition scheme is used for every disk drive in pool1:
Which two are true regarding the ZFS storage pool?
A. The data on c3t3d0 is duplicated on c3t4do.

B. The data is striped across disks c3t3d0 and c3t4do and mirrored across vdevs mirror-0 and mirror-1.
C. The storage pool is 146 GB total size (rounded to the nearest GB).
D. The storage pool is 584 G8 total size (rounded to the nearest GB).
E. The storage pool is 292 GB total size (rounded to the nearest GB).
Correct Answer: AE
Section: (none)
Explanation
Explanation:
QUESTION 40
You enter dladm show-phys, which provides the following output:
You then enter:
ipadm create-ip net3
What is the output?
A. ipadm: cannot; create interface net3: Operation failed.

B. ipadm: cannot create interface net3: Interface already exists.
C. ipadm: cannot create interface net3: IP address object not specified.
D. No_response, The command was successful.
Correct Answer: B
Section: (none)
Explanation
Explanation:
According to the exhibit the interface already exists. The command ipadm create-ip net3 is supposed to create a new interface net3.
QUESTION 41
Choose three options that describe the features associated with a Live Media installation.
A. does not allow the root user to log in to the system directly from the console (or any terminal)
B. provides a "hands free" installation
C. installs the desktop based packages
D. can be used to install only x86 platforms
E. installs the server-based set of packages only
F. allows both automatic and manual configuration of the network
G. installs both the server-based and desktop-based package
Correct Answer: BCD

Section: (none)
Explanation
Explanation:
The graphical installer is officially known as the "Live Media." This means that Oracle Solaris can be booted into RAM, causing zero impact on your
existing operating system. After it is loaded, you are free to experiment with Oracle Solaris to determine whether it is something you would like to install
to your system.
You can download Oracle Solaris 11 Live Media for x86, which is an approximately 800 MB image file, and use a DVD burner to create the disk, or you
can use the ISO image directly in a virtual machine or through the Oracle Integrated Lights Out Manager (ILOM) Remote Console.
The Live Media is not intended for long-term use. For example, any changes that you make to the system are lost when the system is shut down.
Therefore, the next logical step is to install Oracle Solaris on the system, which the Live Media makes easy by placing an Install Oracle Solaris icon right
on the desktop. But before we head down that road, let's step back a bit and consider the installation options.
Note: The Live Media provides administrators with an opportunity to explore the Oracle Solaris 11 environment without installing it on a system. The
system boots off the media directly allowing administrators to start the installer should they choose to install it to a system.
QUESTION 42
In a fresh installation of Oracle Solaris 11, default datalinks are named with a genetic naming convention, and they increment as you add interfaces.
What is the default name?
A. eth#
B. net#
C. el000g#
D. lo#
E. nic#
Correct Answer: B
Section: (none)
Explanation
Explanation:
When you install this Oracle Solaris release on a system for the first time, Oracle Solaris automatically provides generic link names for all the system's
physical network devices. This name assignment uses the net# naming convention, where the # is the instance number. This instance number
increments for each device, for example, net0, net1, net2, and so on.
Note:
Network configuration in Oracle Solaris 11 includes
* Generic datalink name assignment Generic names are automatically assigned to datalinks using the net0, net1, netN naming convention, depending
on the total number of network devices that are on the system.
QUESTION 43
Which three options accurately describe Oracle Solaris 11 zones?
A. can be NFS servers

B. are whole root type only
C. cannot have their own time zone setting
D. can execute z£s and zpool commands (from a non-global zone)
E. are virtualized operating system environments, each with its own dedicated OS and kernel
F. are virtualized operating system environments, created with a single instance of the OS shared kernel
Correct Answer: ADF

Section: (none)
Explanation
Explanation:
A: Zones can use Oracle Solaris 11 products and features such as the following:
Oracle Solaris ZFS encryption
Network virtualization and QoS
CIFS and NFS
C: Non-global zones cannot modify the system clock by default, but each zone can have a separate time zone setting.
F (not E): The Oracle Solaris Zones partitioning technology is used to virtualize operating system services and provide an isolated and secure
environment for running applications. A zone is a virtualized operating system environment created within a single instance of the Oracle Solaris
operating system.
QUESTION 44
View the Exhibit and review the disk configuration.
The following command is executed on the disk:
zpool create pool1 c3t3d0s0
What is the result of executing this command?
A. A zpool create error is generated.

B. A 1-GB ZFS file system named /pool1 is created.
C. A 15.97-GB storage pool named pool1 is created.
D. The disk will contain an EFI disk label.
Correct Answer: B
Section: (none)
Explanation
Explanation:
The s0 part of c3t3d0 is 1 GB in size according to the exhibit.
QUESTION 45
You log in to the system as user1, then switch user to root by using the su - command. After entering the correct password, yon enter the following
commands:
whoami;who am i;id
Which option correctly represents the output?
A. uid-0(root) gid=0(root)user1 console Dec 30 20:20root

B. rootuser1 console Dec 30 20:20uid=0(root) gid=0(root)
C. user1 console Dec 30 20:20rootuid=0(root) gid=0(root)
D. uid=0(root) gid=0(root)rootuser1 console Dec 30 20:20
Correct Answer: B
Section: (none)
Explanation
Explanation:
* The whoami utility displays your effective user ID as a name.
Here this would be root.
* who am i
The command who shows who is logged on.
Here this would be:
user1 console Dec 30 20:20
* The id utility displays the user and group names and numeric IDs, of the calling process, to the standard output. If the real and effective IDs are
different, both are displayed, otherwise only the real ID is displayed.
Here this would be:
uid=0(root) gid=0(root)
Note:
Each UNIX proces has 3 UIDs associated to it. Superuser privilege is UID=0.
Real UID
--------
This is the UID of the user/process that created THIS process. It can be changed only if the running process has EUID=0.
Effective UID
-------------
This UID is used to evaluate privileges of the process to perform a particular action. EUID can be change either to RUID, or SUID if EUID!=0. If EUID=0,
it can be changed to anything.
Saved UID
---------
If the binary image file, that was launched has a Set-UID bit on, SUID will be the UID of the owner of the file. Otherwise, SUID will be the RUID.
QUESTION 46
The server has two spare 146-GB disk drives: c3t5d0 c3t6d0
You need to add more space to the pool1 storage pool. Which command would add more mirrored storage to the pool1 storage pool?
A. zpool add pool1 mirror c3t5d0 c3t6d0

B. zpool attach pool1 mirror c3t5d0 c3t6d0
C. zpool attach pool1 c3r3d0 c3r5d0; zpool attach pool1 c3r4d0 c3r6d0
D. zpool add pool1 c3r3d0 c3r5d0; zpool add pool1 c3r4d0 c3r6d0
Correct Answer: A
Section: (none)
Explanation
Explanation:
QUESTION 47
You attempted to reboot a system via the init command, however the system did not perform boot sequence into the Oracle Solaris Operating
Environment. You are presented with a prompt from the OpenBoot PROM. Which command would you enter, to boot the system from the default
device?
A. boot -net install

B. boot
C. boot default
D. boot s0
Correct Answer: B
Section: (none)
Explanation
Explanation:
boot
With this form, boot loads and executes the program specified by the default boot arguments from the default boot device
Note: boot has the following general format:

boot [device-specifier] [arguments]
where device-specifier and arguments are optional.
QUESTION 48
You have a ZFS file system named /dbase/oral and you want to guarantee that 10 GB of storage space is available to that dataset for all data,
snapshots, and clones.
Which option would you choose?
A. zfs set refreservation=10g dbase/oral

B. zfs set quota=10g dbase/oral
C. zfs set refquota=10g dbase/oral
D. zfs set reservation=10g dbase/oral
Correct Answer: D
Section: (none)
Explanation
Explanation:
A ZFS reservation is an allocation of disk space from the pool that is guaranteed to be available to a dataset. As such, you cannot reserve disk space for
a dataset if that space is not currently available in the pool. The total amount of all outstanding, unconsumed reservations cannot exceed the amount of
unused disk space in the pool. ZFS reservations can be set and displayed by using the zfs set and zfs get commands. For example:
# zfs set reservation=5G tank/home/bill

# zfs get reservation tank/home/bill
NAME PROPERTY VALUE SOURCE

tank/home/bill reservation 5G local
QUESTION 49
View the Exhibit.
Which is true regarding the disk drive?
A. This disk configuration could be used as a ZFS root disk.

B. This disk contains an SMI disk label.
C. Slice 7 represents the entire disk and cannot be used as a slice for a file system
D. The disk contains an EFI disk label.
Correct Answer: A
Section: (none)
Explanation
Explanation:
Installing a ZFS Root Pool
The installer searches for a disk based on a recommended size of approximately 13 GB.
QUESTION 50
User jack logs in to host solaris and then attempts to log in to host oracle using ssh. He receives the following error message:
The authenticity of host oracle (192.168.1.22) can't be established. RSA key fingerprint is
3B:23:a5:6d:ad:a5:76:83:9c:c3:c4:55:a5:18:98:a6
Are you sure you want to continue connecting (yes/no)?
Which two are true?
A. The public host key supplied by solaria is not known to the host oracle.
B. The error would not occur if the RSA key fingerprint shown in the error message was added to the /etc/ssh/known_hosts file on solaris.
C. The private host key supplied by oracle is not known to solaris.
D. If jack answers yes, the RSA public key for the host oracle will be added to the known_hosts file for the user jack.
E. The public host key supplied by oracle is not known to the host solaris.
Correct Answer: BD
Section: (none)
Explanation
Explanation:
The fingerprints are used to guard against man in the middle attacks. Since ssh logins usually work over the internet (an insecure connection), someone
could hijack your connection. When you try to log into yourmachine.com, he could get "in the middle" and return your challenge as if he was
yourmachine.com. That way, he could get hold of your login password.
To make this attack harder, ssh stores the fingerprint of the server's public key on the first connection attempt. You will see a prompt like:
The authenticity of host 'eisen (137.43.366.64)' can't be established. RSA key fingerprint is cf:55:30:31:7f:f0:c4:a0:9a:02:1d:1c:41:cf:63:cf.
Are you sure you want to continue connecting (yes/no)
When you enter yes, ssh will add the fingerprint to your known_hosts file. you will see
Code:
Warning: Permanently added 'eisen, 137.43.366.64' (RSA) to the list of known hosts.
The next time you login, ssh will check whether the host key has changed. A changing host key usually indicates a man in the middle attack, and ssh
refuses to connect.
QUESTION 51
To help with your troubleshooting, you need to determine the version of the OBP. Which two commands will provide you with this information?
A. printenv
B. banner
C. .version
D. set-env
E. show-devs
F. value version
Correct Answer: BC
Section: (none)
Explanation
Explanation:
B: banner
Displays power-on banner.
The PROM displays the system banner. The following example shows a SPARCstation 2 banner. The banner for your SPARC system may be different.
SPARCstation 2, Type 4 Keyboard

ROM Rev. 2.0, 16MB memory installed, Serial # 289
Ethernet address 8:0:20:d:e2:7b, Host ID: 55000121
C: .version
Displays version and date of the boot PROM.
Note: OBP-OpenBootProm is a firmware which is placed on the sun machine's prom chip.
It is a os independent user interface to deal with the sun machine's hardware components. The user interface provides one or more commands to
display system information.
QUESTION 52
Examine the following command sequence:
Which three are true?
A. User jill, a member of the group other, can do a long listing (is 1) of user jack's home directory.
B. User oracle, not a member of the group other, cannot execute the shell script.
C. User jill, a member of the group other, can make a copy of testfile in dira.
D. User jill, a member of the group other, can edit the data content of testfile.
E. User jill, a member of the group other, cannot delete testfile.
F. User oracle, not a member of the group other, can do a short listing (1s) of dirb.
Correct Answer: CDE

Section: (none)
Explanation
Explanation:
QUESTION 53
The /usr/bin/p7zip file that is part of the p7zip package has been overwritten. This server is critical to production and cannot be rebooted. Identify the
command that would restore the file without requiring a reboot.
A. pkg verify p7zip

B. pkg fix p7sip
C. pkg rebuild-index p7zip
D. pkg revert p7zip
E. pkg uninstsll p7zip
F. pkg install p7zip
G. pkg install --no-backup-be p7sip
H. pkg refresh p7zip
Correct Answer: D
Section: (none)
Explanation
Explanation:
Use the pkg revert command to restore files to their as-delivered condition.
QUESTION 54
Given:
file1 and file2 are text files.
dir1 and dir2 are directories.
Which two commands will be successful?
A. cp dir1 dir1
B. cp dir1 file1
C. cp file? dir1
D. cp file. dir1
E. cp file% dir2
F. cp file1 file2 dir1
Correct Answer: CF
Section: (none)
Explanation
Explanation:
C: Here the wildcard character ? is used (Matches any single character).
file1 and file2 will be copied into dir1
F: the two files file1 and file2 are copied into directoy dir1.
Note: cp - copy files and directories
Copy SOURCE to DEST, or multiple SOURCE(s) to DIRECTORY.
Cp has three principal modes of operation. These modes are inferred from the type and count of arguments presented to the program upon invocation.
* When the program has two arguments of path names to files, the program copies the contents of the first file to the second file, creating the second file
if necessary.
* When the program has one or more arguments of path names of files and following those an argument of a path to a directory, then the program
copies each source file to the destination directory, creating any files not already existing.
* When the program's arguments are the path names to two directories, cp copies all files in the source directory to the destination directory, creating
any files or directories needed. This mode of operation requires an additional option flag, typically r, to indicate the recursive copying of directories. If the
destination directory already exists, the source is copied into the destination, while a new directory is created if the destination does not exist.
QUESTION 55
You want to delete the IPv4 address on the interface net3. Which command should you use?
A. ipadm delete-ip net3/v4

B. ipadm down-addr net3/v4
C. ipadm disable-if net3/v4
D. ipadm delete-vni net3/v4
E. ipadm delete-addr net3/v4
F. ipadm deiete-ipv4 ner3/v4
Correct Answer: E
Section: (none)
Explanation
Explanation:
The ipadm delete-addr subcommand removes addresses from interfaces.
To remove an address from the IPMP group, type the following command:
# ipadm delete-addr addrobj

The addrobj uses the naming convention inder-interface/user-string.
QUESTION 56
Select two correct statements about the authentication services available in Oracle Solaris 11.
A. Pluggable Authentication Modules (PAM) is used to control the operation of services such console logins and ftp.
B. The Secure Shell can be configured to allow logins across a network to remote servers without transmitting passwords across the network.
C. Secure Remote Procedure Calls (Secure RPC) provides a mechanism to encrypt data on any IP Socket connection.
D. Pluggable Authentication Modules (PAM) is used to implement the Secure Shell in Oracle Solaris 11.
E. Simple Authentication and Security Layer (SASL) provides a mechanism to authenticate and encrypt access to local file system data.
Correct Answer: AE
Section: (none)
Explanation
Explanation:
A: Pluggable Authentication Modules (PAM) are an integral part of the authentication mechanism for the Solaris. PAM provides system administrators
with the ability and flexibility to choose any authentication service available on a system to perform end-user authentication.
By using PAM, applications can perform authentication regardless of what authentication method is defined by the system administrator for the given
client.
PAM enables system administrators to deploy the appropriate authentication mechanism for each service throughout the network. System
administrators can also select one or multiple authentication technologies without modifying applications or utilities. PAM insulates application
developers from evolutionary improvements to authentication technologies, while at the same time allowing deployed applications to use those
improvements.
PAM employs run-time pluggable modules to provide authentication for system entry services.
E: The Simple Authentication and Security Layer (SASL) is a method for adding authentication support to connection-based protocols. Simple
Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols. It decouples authentication
mechanisms from application protocols, in theory allowing any authentication mechanism supported by SASL to be used in any application protocol that
uses SASL. Authentication mechanisms can also support proxy authorization, a facility allowing one user to assume the identity of another. They can
also provide a data security layer offering data integrity and data confidentiality services. DIGEST-MD5 provides an example of mechanisms which can
provide a data-security layer. Application protocols that support SASL typically also support Transport Layer Security (TLS) to complement the services
offered by SASL.
QUESTION 57
User brian changes the permissions for db_data this command:
chmod 4755 db_data
What is true?
A. db_data now has permissions rwsr-xr-x and can be deleted only by user brian.
B. db_data now has permissions rwsr-xr-x and, if executed, will inn with the permissions of user brian.
C. db_data now has permissions rwxr-sr-x and can be deleted only by members of the group owning it.
D. The permissions for db_data cannot be determined, because the permissions prior to the change have not been specified.
E. db_data must be an ordinary file, because special permissions cannot be set on a directory.
Correct Answer: C
Section: (none)
Explanation
Explanation:
Use the chmod command to change permissions for a file or directory. You must be the owner of a file or directory, or have root access, to change its
permissions.
Here we do not know if brian owns db_data.
Note:
Permission
7 full
6 read and write
5 read and execute
4 read only
3 write and execute
2 write only
1 execute only
0 none
0 --- no permission
1 --x execute
2 -w- write
3 -wx write and execute
4 r-- read
5 r-x read and execute
6 rw- read and write
7 rwx read, write and execut
Solaris: Solaris Advanced User's Guide
QUESTION 58
Which three of the components would degrade performance if used in a ZFS storage pool, and are not recommended configurations?
A. a file on a UFS file system

B. a Veritas Volume Manager (VxVM) volume
C. a LUN in a hardware RAID array
D. a disk slice from an SMI labeled disk
E. a Solaris Volume Manager (SVM) volume
F. an EDI disk
Correct Answer: ABE
Section: (none)
Explanation
Explanation:
A: ZFS also allows you to use UFS files as virtual devices in your storage pool. This feature is aimed primarily at testing and enabling simple
experimentation, not for production use. The reason is that any use of files relies on the underlying file system for consistency. If you create a ZFS pool
backed by files on a UFS file system, then you are implicitly relying on UFS to guarantee correctness and synchronous semantics.
However, files can be quite useful when you are first trying out ZFS or experimenting with more complicated layouts when not enough physical devices
are present. All files must be specified as complete paths and must be at least 64 Mbytes in size.
B, E: You can construct logical devices for ZFS using volumes presented by software-based volume managers, such as Solaris Volume Manager (SVM)
or Veritas Volume Manager (VxVM). However, these configurations are not recommended. While ZFS functions properly on such devices, less-than-
optimal performance might be the result.
QUESTION 59
View the Exhibit and review the file system information displayed from a remote server.
You are configuring a new server. This new server has the following storage pool configured:
This new server also has the following file systems configured:
When you are finished building this new server, the pool1/data dataset must be an exact duplicate of note server. What is the correct procedure to
create the pool1/data dataset on this new server?
A. zfs create o mountpoint=/data o refquota=1g pool1/data

B. zfs set mountpoint=none pool1zfs create pool1/data
C. zfs set mountpoint=none pool1zfs create o mountpoint=/data o quota=1g pool1/data
D. zfs create quota=1g pool1/data
E. zfs create mountpoint=/data pool1/data
F. zfs set quota=1g pool1/data
Correct Answer: A
Section: (none)
Explanation
Explanation:
QUESTION 60
You have installed an update to the gzip package and need to "undo" .ho update and return the package to its "as-delivered" condition. Which command
would you use?
A. pkg undo
B. pkg revert
C. pkg fix
D. pkg uninstall
Correct Answer: B
Section: (none)
Explanation
Explanation:
Use the pkg revert command to restore files to their as-delivered condition.
QUESTION 61
To confirm the IP address and netmask have been correctly configured on the network interfaces which command should you use?
A. ipdilm show-if
B. ipadm show-nic
C. ipadm show-addr
D. ipadm show-ifconfig
E. ipadm show-addripadm show-mask
Correct Answer: C
Section: (none)
Explanation
Explanation:
State can be: disabled, down, duplicate, inaccessible, ok, tentative
Example:
# ipadm show-addr
lo0/v4 static ok 127.0.0.1/8
QUESTION 62
You are the administrator of a system that a large number of developers work on. These developers crash the system, and their applications, on a
regular basis.
What command would you use to configure where the core files are saved?
A. savecore
B. dumpadm
C. svcadm
D. proc
E. coreadm
Correct Answer: E
Section: (none)
Explanation
Explanation:
The coreadm command is used to specify the name and location of core files produced by abnormally-terminating processes.
QUESTION 63
Which option displays the result of running the zfs list command?
A. Option A
B. Option B
C. Option C
D. Option D
Correct Answer: B
Section: (none)
Explanation
Explanation:
The zfs list command provides an extensible mechanism for viewing and querying dataset information.
You can list basic dataset information by using the zfs list command with no options. This command displays the names of all datasets on the system
and the values of their used, available, referenced, and mountpoint properties. For more information about these properties, see Introducing ZFS
Properties.
For example:
# zfs list
NAME USED AVAIL REFER MOUNTPOINT
pool 476K 16.5G 21K /pool
pool/clone 18K 16.5G 18K /pool/clone
pool/home 296K 16.5G 19K /pool/home
pool/home/marks 277K 16.5G 277K /pool/home/marks
pool/home/marks@snap 0 - 277K -
pool/test 18K 16.5G 18K /test
QUESTION 64
Which network protocol provides connectionless, packet-oriented communication between applications?
A. TCP
B. UDP
C. IP
D. ICMP
E. NFS
F. IPSec
Correct Answer: B
Section: (none)
Explanation
Explanation:
The User Datagram Protocol (UDP) is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With
UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol (IP) network without
requiring prior communications to set up special transmission channels or data paths.
Compared to TCP, UDP is a simpler message-based connectionless protocol.
QUESTION 65
A datalink can best be described as______.
A. a driver for a Network Interface Card

B. the software connecting the Internet Layer and the Physical Layer
C. a device that provides Classless Inter-Domain Routing
D. a logical object used for IP Multipathing
Correct Answer: D
Section: (none)
Explanation
Explanation:
The command dladm is used to configure data-link interfaces in Sun Solaris. A configured datalink is represented in the system as interface that can
be used for TCP/IP. Each data-link relies on either a single network device or an link aggregation device to send & recieve packets.
Network interfaces provide the connection between the system and the network. These interfaces are configured over data links, which in turn
correspond to instances of hardware devices in the system.
In the current model of the network stack, interfaces and links on the software layer build on the devices in the hardware layer. More specifically, a
hardware device instance in the hardware layer has a corresponding link on the data-link layer and a configured interface on the interface layer. This
one-to-one relationship among the network device, its data link, and the IP interface is illustrated in the figure that follows.
Network Stack Showing Network Devices, Links, and Interfaces:
QUESTION 66
View the exhibit to inspect the file system configuration on your server.
Your department's backup policy is to perform a full backup to a remote system disk on Saturday. On Sunday through Friday, you are to perform an
incremental backup to the same remote system disk.
· Each incremental backup will contain only data that has been modified since the previous Saturday backup.
· The server file systems must remain available at all times and can never be taken offline,
· The backup must not only provide for the recovery of the most recent version of a file, but must also allow recovery of previous versions of a file
created since Saturday's full backup.
Following your company policy, which option describes a valid procedure for backing up the /data file system to a remote disk named /remote/backup?
A. On Saturday:zfs create snapshot pool1/data@sat.zfs send pool1/data@sat > /remote/backup/fullOn each weekday:Remove the previous daily
snapshot.zfs snapshot pool1/data@dailyzfs send i pool1/data@sat pool1/data@daily > /remote/backup/full
B. On Saturday:zfs create snapshot pool1/data@sat.zfs send pool1/data@sat | zfs recv remote/backup/'date '+%m%d%Y' 'On each weekday:Remove
the previous daily snapshot.zfs create pool1/data@dailyzfs send i pool1/data@sat pool1/data@daily | zfs recv remote/backupd%y' '
C. On Saturday:zfs snapshot pool1/data@satzfs send pool1/data@sat > /remote/backup/fullOn each weekday:Remove the previous daily snapshot.zfs
snapshot pool1/data@dailyzfs send i pool1/data@sat pool1/data@daily > /remote/backup/daily
D. On Saturday:zfs create snapshot pool1/data@satzfs send pool1/data@sat | zfs recv remote/backupOn each weekday:Remove the previous daily
snapshot.zfs create i pool1/data@sat pool1/data@dailyzfs send pool1/data@daily | zfs recv remote/backup
E. On Saturday:zfs snapshot pool1/data@satzfs pool1/data@sat > /remote/backup/fullOn each weekday:Remove the previous daily snapshot.zfs
snapshot pool1/data@dailyzfs send i pool1/data@sat pool1/data@daily > /remote/backup/full
Correct Answer: C
Section: (none)
Explanation
Explanation:
QUESTION 67
A user account must be a member of a primary group, and may also be a member of one or more secondary groups. What is the maximum total
number of groups that one user can concurrently belong to?
A. 15
B. 16
C. 17
D. 63
E. 64
F. 65
G. The number of groups one user can concurrently belong to is unlimited in Solaris 11.
Correct Answer: B
Section: (none)
Explanation
Explanation:
Each user belongs to a group that is referred to as the user's primary group. The GID number, located in the user's account entry within the /etc/passwd
file, specifies the user's primary group.
Each user can also belong to up to 15 additional groups, known as secondary groups. In the /etc/group file, you can add users to group entries, thus
establishing the user's secondary group affiliations.
Note (4 PSARC/2009/542):
his project proposes changing the maximum value for NGROUPS_MAX from 32 to 1024 by changing the definition of NGROUPS_UMAX from 32 to
1024.
The use for a larger number of groups is described in CR 4088757, particular in the case of Samba servers and ADS clients; the Samba servers map
every SID to a Unix group. Users with more than 32 groups SIDs are common. We've seen reports varying from "64 is enough", "128 is absolutely
enough" and "we've users with more 190 group SIDS).
NGROUPS_MAX as defined by different Unix versions are as follows (http://www.j3e.de/ngroups.html):
Linux Kernel >= 2.6.3 65536

Linux Kernel < 2.6.3 32
Tru64 / OSF/1 32
IBM AIX 5.2 64
IBM AIX 5.3 ... 6.1 128
OpenBSD, NetBSD, FreeBSD, Darwin (Mac OS X) 16
Sun Solaris 7, 8, 9, 10 16 (can vary from 0-32)
HP-UX 20
IRIX 16 (can vary from 0-32)
Plan 9 from Bell Labs 32
Minix 3 0 (Minix-vmd: 16)
QNX 6.4 8
QUESTION 68
Identify three differences between the shutdown and init commands.
A. init shuts a system down faster than the shutdown command.

B. Only shutdown broadcasts a final shutdown warning to all fogged in users.
C. init does not terminate all services normally. The shutdown command performs a t shutdown of all services.
D. The shutdown command can only bring the system to the single-user milestone. The command must be used to shut the system down to run level 0.
E. The shutdown sends a shutdown message to any systems that are mounting resource-tern that is being shut down.
F. The shutdown command will shut the system down and turn off power; init will only shut system down.
Correct Answer: ABE

Section: (none)
Explanation
Explanation:
Note shutdown:
Shutdown is executed by the super user to change the state of the machine. In most cases, it is used to change from the multi-user state (state 2) to
another state.
By default, shutdown brings the system to a state where only the console has access to the operating system. This state is called single-user.
Before starting to shut down daemons and killing processes, shutdown sends a warning message and, by default, a final message asking for
confirmation. message is a string that is sent out following the standard warning message "The system will be shut down in ..." If the string contains
more than one word, it should be contained within single (') or double (") quotation marks.
Note init:
If a 0 through 6 is entered, init enters the corresponding run level. Run levels 0, 5, and 6 are reserved states for shutting the system down. Run levels 2,
3, and 4 are available as multi-user operating states.
OPTIONS
0 Go into firmware.
5 Shut the machine down so that it is safe to remove the power. Have the machine remove power, if possible.
6 Stop the operating system and reboot to the state defined by the initdefault entry in /etc/inittab.
QUESTION 69
View the exhibit.
The configuration information in the exhibit is displayed on your system immediately after installing the OS. Choose the option that describes the
selection made during the Installation of the OS to obtain this configuration.
A. The automatic network configuration option was chosen during the installation of the OS.
B. The manual network configuration option was chosen during the installation of the OS.
C. The network was not configured during the installation of the OS.
D. The DHCP network configuration option was chosen during the Installation of the OS.
Correct Answer: A
Section: (none)
Explanation
Explanation:
There are two ways to configure the network configuration: automatic or manual. In the exhibit we see that DHCP has been used used. This indicates an
automatic network configuration.
QUESTION 70
Which two capabilities are provided by the OpenBoot PROM?
A. a command to safely shut down the system
B. hardware testing and initialization
C. booting from a disk or network
D. starting the GRUB loader
Correct Answer: BC
Section: (none)
Explanation
Explanation:
OpenBoot firmware is executed immediately after you turn on your system. The primary tasks of OpenBoot firmware are to:
* Test and initialize the system hardware (B)
* Determine the hardware configuration
*Boot the operating system from either a mass storage device or from a network (C) *Provide interactive debugging facilities for testing hardware and
software
QUESTION 71
On which is the open boot prom available?
A. x86 only
B. x86 64-Bit only
C. SPARC only
D. both x86 and x86 64-Bit
E. x86, x86 64-Bit and SPARC
Correct Answer: C
Section: (none)
Explanation
Explanation:
No OpenBoot Environment on the Intel Platform. The Intel environment has no OpenBoot PROM or NVRAM. On Intel systems, before the kernel is
started, the system is controlled by the basic input/output system (BIOS), the firmware interface on a PC. Therefore, many features provided by
OpenBoot are not available on Intel systems.
Note: The Open Boot PROM (OBP) bootloader only exists within SPARC. Before Solaris 10 01/06, the bootloader for Solaris x86 was a Sun customized
bootstrap software. After Solaris 10 01/06, it uses GRUB, a well known bootloader that's commonly used in the Linux world.
With GRUB, it's much easier to make the system dual-boot Linux and Solaris. GRUB extends the capabilities of the bootloader that was not available
previously such as the ability to boot from a USB DVD drive. Those who have used Linux will be quite familiar with GRUB and its options.
QUESTION 72
Review the storage pool information:
Which statement describes the status of this storage pool?
A. It is a RAIDZ storage pool and can withstand a single disk failure; data will be striped at: disk components.
B. It is a double-parity RAIDZ storage pool and can withstand two disk failures; data will be striped across four disk components.
C. It is an improperly configured RAIDZ storage pool; data will be striped across four disk components, but only three drives are protected with
redundancy.
D. It is an improperly configured RAIDZ storage pool; data will be striped across three disk components, but only three drives are protected with
redundancy.
Correct Answer: D
Section: (none)
Explanation
Explanation:
Device c3t6d0 is not included in the RAIDZ storage pool. The other three devices are included in the raidz pool. The data on these devices are
protected.
Note: In addition to a mirrored storage pool configuration, ZFS provides a RAID-Z configuration with either single, double, or triple parity fault tolerance.
Single-parity RAID-Z (raidz or raidz1) is similar to RAID-5. Double-parity RAID-Z (raidz2) is similar to RAID-6.
QUESTION 73
Which two statements describe the COMSTAR framework available in Oracle Solaris 11?
A. It converts an Oracle Solaris 11 host into a SCSI target device that can be accessed over a storage network by Linux, Mac OS, or Windows client
systems.
B. iSCSI targets cannot be configured as dump devices.
C. It provides support for iSCSI devices that use SLP.
D. It is used to connect to Fibre Channel or iSCSI Storage Area Network (SAN) environments.
E. It provides an upgrade and update path to convert your iSCSI LUNs from Solaris 10 systems.
Correct Answer: AB
Section: (none)
Explanation
Explanation:
A: You can configure Common Multiprotocol SCSI TARget, or COMSTAR, a software framework that enables you to convert any Oracle Solaris 11 host
into a SCSI target device that can be accessed over a storage network by initiator hosts.
This means you can make storage devices on a system available to Linux, Mac OS, or Windows client systems as if they were local storage devices.
Supported storage protocols are iSCSI, FC, iSER, and SRP.
B: iSCSI targets cannot be configured as dump devices.
QUESTION 74
Review the non-global zone configuration displayed below:
The global zone has 1024 MB of physical memory. You need to limit the non-global zone so that it uses no more than 500 MB of the global zone's
physical memory. Which option would you choose?
A. Option A
B. Option B
C. Option C
D. Option D
E. Option E
Correct Answer: C
Section: (none)
Explanation
Explanation:
Add a memory cap.
zonecfg:my-zone> add capped-memory
Set the memory cap.

zonecfg:my-zone:capped-memory> set physical=50m
End the memory cap specification.

zonecfg:my-zone:capped-memory> end
QUESTION 75
You are troubleshooting interface net3 and you enter the following sequence of commands:
Your next command should be:
A. ipadm up-addr net3/v4

B. ipadm enable-if -T net3
C. <ipadm create-vnic -a 192.168.1.25/24 net3/v4
D. ipadm create-ip -T static -a 192.168.1.25/24 -n net3
E. ipadm create-addr -T static -a 192.168.1.25/24 net3
Correct Answer: E
Section: (none)
Explanation
Explanation:
If you are assigning a static IP address, use the following syntax:
# ipadm create-addr -T static -a address addrobj

where addrobj uses the naming format interface/user-defined-string, such as e1000g0/v4globalz.
Note:
create-addr [-t] -T static [-d] -a {local | remote}=addr[/prefixlen], ... addrobj Creates a static IPv4 or IPv6 address on the interface specified in addrobj. If
the interface on which the address is created is not plumbed, this subcommand will implicitly plumb the interface. The created static address will be
identified by addrobj. By default, a configured address will be marked up, so that it can be used as a source or destination of or for outbound and
inbound packets.
QUESTION 76
The storage pool configuration on your server is:
You back up the /pool1/data file system, creating a snapshot and copying that snapshot to tape
(/dev/rmt/0). You perform a full backup on Sunday night and Incremental backups on Monday through Saturday night at 11:00 pm. Each incremental
backup will copy only the data that has been modified since the Sunday backup was started.
On Thursday, at 10:00 am, you had a disk failure. You replaced the disk drive (c4t0d0). You created pool (pool1) on that disk.
Which option would you select to restore the data in the /pool1/data file system?
A. zfs create pool1/dataLoad the Monday tape and enter:zfs recv pool1/data < /dev/rmt/0Load the Wednesday tape and enter:zfs recv F pool1/data < /
dev/rmt/0
B. Load the Sunday tape and restore the Sunday snapshot:zfs recv pooll/data < /dev/rmt/0zfs rollback pool1/data@monLoad the Wednesday tape and
restore the Wednesday snapshot:zfs recv i pooll/data < /dev/rmt/0zfs rollback pool1/data@wed
C. zfs create pooll/dataLoad the Wednesday tape and enter:zfs recv -F pool1/data < /dev/rmt/0
D. Load the Sunday tape and enter:zfs recv pool1/data < /dev/rmt/0Load the Wednesday tape and enter:* commands missing*
Correct Answer: D
Section: (none)
Explanation
Explanation:
First the full backup must be restored. This would be the Sunday backup. Then the last incremental backup must be restored. This would be the
Wednesday backup. Before restoring the Wednesday incremental file system snapshot, the most recent snapshot must first be rolled back.
By exclusion D) would be best answer even though it is incomplete.
QUESTION 77
In Oracle Solaris 11, where is the Oracle default repository located?
A. /var/spool/pkg
B. http://localhost/solaris
C. http://pkg.oracle.com/solaris/release
D. http://www.oracle.com/Solaris/download
E. /cdrom/cdrom0
Correct Answer: C
Section: (none)
Explanation
Explanation:
REPOSITORY DESCRIPTION
* http://pkg.oracle.com/solaris/release
The default repository for new Oracle Solaris 11 users. This repository receives updates for each new release of Oracle Solaris. Significant bug fixes,
security updates, and new software may be provided at any time for users to install at Oracle's discretion.
*https://pkg.oracle.com/solaris/support
Provides bug fixes and updates. Accessible with a current support contract from Oracle.
* https://pkg.oracle.com/solaris/dev Provides the latest development updates. Accessible to users enrolled in the Oracle Solaris 11 Platinum Customer
Program and approved Oracle Partners.
QUESTION 78
Which two are implemented using the Internet Control Message Protocol (ICMP)?
A. ping
B. DHCP
C. HTTP
D. telnet
E. syslog
F. traceroute
Correct Answer: AF
Section: (none)
Explanation
Explanation:
The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet Protocol Suite.
ICMP differs from transport protocols such as TCP and UDP in that it is not typically used to exchange data between systems, nor is it regularly
employed by end-user network applications (with the exception of some diagnostic tools like ping and traceroute).
QUESTION 79
Review the information taken from your server:
Which option describes the command used to create these snapshots of the root file system?
A. zfs snapshot r rpool@BEI

B. beadm create n BE1
C. zfs snapshot r BE1 rpool
D. zfs snapshot rpool BEI
E. zfs snapshot rpool@BEl rpool/ROOT@BEl rpool/ROOT/solaris@BEl \rpool/ROOT/dump@BEI rpocl/ROOT/export@BEl \rpool/ROOT/export/
home@BEl rpaol/ROOT/swap@BEI:
Correct Answer: A
Section: (none)
Explanation
Explanation:
zfs snapshot [-r] [-o property=value] ... filesystem@snapname|volume@snapname Creates a snapshot with the given name. All previous modifications
by successful system calls to the file system are part of the snapshot. See the "Snapshots" section for details.
-r
Recursively create snapshots of all descendent datasets. Snapshots are taken atomically, so that all recursive snapshots correspond to the same
moment in time.
QUESTION 80
You notice that the /var/.dm/messages file has become very large. Typically, this is managed by a crontab entry. Which entry should be in the root's
crontab file?
A. 10 3 * * * /usr/adm/messages
B. 10 3 * * * /usr/sbin/logadm
C. 10 3 * * * /usr/sbin/syslogrotate
D. 10 3 * * * /usi/sbin/logrotate
E. 10 3 * * * /usr/sbin/messages
Correct Answer: B
Section: (none)
Explanation
Explanation:
This example shows how to display the default root crontab file.
$ suPassword:
# crontab -l
#ident "@(#)root 1.19 98/07/06 SMI" /* SVr4.0 1.1.3.1 */ #
# The root crontab should be used to perform accounting data collection.
#
#
10 3 * * * /usr/sbin/logadm
15 3 * * 0 /usr/lib/fs/nfs/nfsfind
30 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/gsscred_clean #10 3 * * * /usr/lib/krb5/kprop_script ___slave_kdcs___
QUESTION 81
User1 is attempting to run the following command:
cp bigfile verybig
The system displays the following errer:
cp: cannot create verybig: Disc quota exceeded
Your initial troubleshooting shows that the df -h command indicates the account is at 100% capacity. What command would you use to determine how
much disk space the user has available?
A. zfs get quota rpool/export/home/user1

B. zfs userused@user1
C. zfs quota=1M /rpool/export/home/user1
D. df h | grep user1
Correct Answer: A
Section: (none)
Explanation
Explanation:
ZFS quotas can be set and displayed by using the zfs set and zfs get commands. In the following example, a quota of 10 Gbytes is set on tank/home/
bonwick.
# zfs set quota=10G tank/home/bonwick

# zfs get quota tank/home/bonwick
NAME PROPERTY VALUE SOURCE
tank/home/bonwick quota 10.0G local
QUESTION 82
Select the packet type that identifies members of the group and sends information to all the network interfaces in that group.
A. Unicast
B. Multicast
C. Broadcast
D. Bayesian
E. Quality of Service Priority
Correct Answer: B
Section: (none)
Explanation
Explanation:
IPv6 defines three address types:
unicast
Identifies an interface of an individual node.
multicast
Identifies a group of interfaces, usually on different nodes. Packets that are sent to the multicast address go to all members of the multicast group.
anycast
Identifies a group of interfaces, usually on different nodes. Packets that are sent to the anycast address go to the anycast group member node that is
physically closest to the sender.
QUESTION 83
The current ZFS configuration on your server is:
pool1 124K 3.91G 32K /pool1
pool1/data 31K 3.91G 31K /data
You need to create a new file system named /data2. /data2 will be a copy of the /data file system.
You need to conserve disk space on this server whenever possible.
Which option should you choose to create /data2, which will be a read writeable copy of the /data file system, while minimizing the amount of total disk
space used in pool1?
A. zfs set mountpoint=/data2 compression=on pool1/data2

B. zfs snapshot pool1/data@nowzfs set mountpoint=/data2, comptession=on pool1/data@now
C. zfs create snapshot pool1/data@nowzfs send pool1/data@now | zfs recv pool1/data2
D. zfs create snapshot pool1/data@nowzfs clone -o mountpoint=/data2 pool1/data@now pool1/data2
E. zfs snapshot pool1/data@nowzfs clone -o mountpoint=/data2 -ocompression=on pool1/data@now pool1/data2
F. zfs snapshot pool1/data@nowzfs clone -o mountpoint=/data2 pool1/data@now pool1/data2
Correct Answer: E
Section: (none)
Explanation
Explanation:
zfs snapshot [-r] [-o property=value] ... filesystem@snapname|volume@snapname Creates a snapshot with the given name. All previous modifications
by successful system calls to the file system are part of the snapshot
zfs clone [-p] [-o property=value] ... snapshot filesystem|volume Creates a clone of the given snapshot.
Note:
Because snapshots are fast and low overhead, they can be used extensively without great concern for system performance or disk use .
With ZFS you can not only create snapshot but create a clone of a snapshot. A clone is a writable volume or file system whose initial contents are the
same as the dataset from which it was created. As with snapshots, creating a clone is nearly instantaneous, and initially consumes no additional disk
space. In addition, you can snapshot a clone.
A clone is a writable volume or file system whose initial contents are the same as the original dataset. As with snapshots, creating a clone is nearly
instantaneous, and initially consumes no additional space.
Clones can only be created from a snapshot. When a snapshot is cloned, it creates an implicit dependency between the parent and child.
QUESTION 84
You wish to troubleshoot some issues that you are having on the system. You want to monitor the /var/adm/messages file in real time. Which command
would you use to do this?
A. head
B. tail
C. cat
D. file
E. test
Correct Answer: B
Section: (none)
Explanation
Explanation:
tail is a program on Unix and Unix-like systems used to display the last few lines of a text file or piped data.
By default, tail will print the last 10 lines of its input to the standard output. With command line options the number of lines printed and the printing units
(lines, blocks or bytes) may be changed. The following example shows the last 20 lines of filename:
tail -n 20 filename
QUESTION 85
Which two options describe how to override the default boot behavior of an Oracle Solaris 11 SPARC system to boot the system to the single-user
milestone?
A. from the ok prompt, issue this command:boot -m milestone=single-user

B. From the ok prompt, issue this command:boot -m milestone/single-user
C. From the ok prompt, issue this command: boot -milestone=single-user
D. From the ok prompt. issue this command:boot -s
E. From from the ok prompt, issue this command:boot -m milestone=s
Correct Answer: AD
Section: (none)
Explanation
Explanation:
By default, Solaris will boot to the pseudo milestone "all" and start all services. This behaviour can be changed at boot time using either "-s" to reach
single-user, or the new SMF option "-m milestone=XXX" (see kernel(1M) for a list of the bootable milestones) to select an explicit milestone.
Note: boot -s is the same as: boot -m milestone=single-user
with the difference being that the former is a lot less to type and is what most SysAdmins will be familiar with.
QUESTION 86
User jack logs in to host solar in and issues the following command:
jack@solaris:-$ ls .ssh
id_dsa id_dsa.pub id_rsa id_rsa.pub known_hosts authorized_keys
Which two are true?
A. The id_rsa file contains the private key for rhosts-based host authentication.
B. The id_dsa.pub file contains the Digital Signature Algorithm public key for the user jack.
C. The id_rsa.pub file contains the Rivest Shamir Adelman public key for the host solaris.
D. The authorized_keys file contains the private keys of remote users authorized to access jack's account on solaris.
E. The known_hosts file contains the verified public keys of remote hosts known to be trusted.
Correct Answer: AE
Section: (none)
Explanation
Explanation:
A: You will see two files starting with id_rsa. id_rsa is the private key and id_rsa.pub is public key.
E: The .ssh/known_hosts file
In order to use public-key secure connection with other hosts (ssh, scp, sftp) there is a special directory, ~/.ssh/, where passphrases and public keys are
stored. Normally you wouldn't need to know the gory details, but from time to time a host will change its public key and then you have difficulty using ssh
or scp with that host, and have to edit a file named known_hosts. If you try to ssh to another computer, but get an error message that warns about a
changed or incorrect public key, then it is probably just a case of that host changing its public key. (It is possible, though usually not the case, that
malicious hacking is involved.) Unless you actually suspect hacker involvement, you can edit the file ~/.ssh/known_hosts using your usual text editor (vi,
emacs, nedit, or pico) and delete any line with the name of that host.
Then when you try to ssh that host again, it will be like the first time ever; ssh will ask you if you want to accept a new public key, you type the whole
word yes, and everything will proceed normally from there.
Here is what a typical ~/.ssh/known_hosts file might contain. Note that newton is represented on two different lines:
newton 1024 35
153438062610297067329638677441205712613292203533062535600064224677647442245028
855505387934431717435134842994423656065076260604296084868001730665553662299156
116414854701274715680961503198280525759778667306417179500370189017139564144825
610347509023078143132936185076849630461827976942220442313116255293297021841 ucsub 1024 37
132170811640421742212085598383135714069016332111955003414250071326834884018721
183646445780180633494496866895830879394309011412231102757022090299732775466435
482517698989962531081214859205054227533597152962802400251809883548442498002326
460312850336779152617243800769119880843882425555806081435017335194477605333 simpson 1024 41
840896920592494584403453622735282634536002054701576247765078766974814128393752
943151071629834843909016027026612791643752972116459602750267266908365259665072
736159491719667576217171370458928680504368847255632477925660234893185547218857
65548457461907512536847079297627580626353420887972219277539015703446529603 newton, 128.138.249.8 ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEA0d7Aoure0toNJ+YMYi61QP2ka8m5x5ZQlT7obP8CK3eropf qsMPPY6uiyIh9vpiFX2r1LHcbx139+vG6HOtVvuS8
+IfMDtawm3WQvRuOopz3vVy5GtMwtaOgehs XoT930Ryev1bH5myPtWKlipITsOd2sX9k3tvjrmme4KCGGss=
QUESTION 87
You have completed configuring a zone named dbzone on your Solaris 11 server. The configuration is as following:
The global zone displays the following network information:
The zone has never been booted. Which three options correctly describe this zone?
A. It is a sparse root zone.

B. It is a whole root zone.
C. It is an immutable zone.
D. It is a native zone.
E. The zone shares the network interface with the host.
F. The zone uses a virtual network interface.
G. The hostid is the same as the global zone.
H. The IP address of the zone is 10.0.2.18.
Correct Answer: CEG

Section: (none)
Explanation
Explanation:
C: Immutable Zones provide read-only file system profiles for solaris non-global zones.
Note that ip-type: exclusive:

Starting with OpenSolaris build 37 and Oracle Solaris 10 8/07, a default zone can be configured as an "exclusive-IP zone" which gives it exclusive
access to the NIC(s) that the zone has been assigned. Applications in such a zone can communicate directly with the NIC(s) available to the zone.
Note on zones:
After installing Oracle Solaris on a system, but before creating any zones, all processes run in the global zone. After you create a zone, it has processes
that are associated with that zone and no other zone. Any process created by a process in a non-global zone is also associated with that non-global
zone.
Any zone which is not the global zone is called a non-global zone. Most people call non-global zones simply "zones." Some people call them "local
zones" but this is discouraged.
The default native zone file system model on Oracle Solaris 10 is called "sparse-root." This model emphasizes efficiency and security at the cost of
some configuration flexibility. Sparse-root zones optimize physical memory and disk space usage by sharing some directories, like /usr and /lib. Sparse-
root zones have their own private file areas for directories like /etc and /var. Whole-root zones increase configuration flexibility but increase resource
usage. They do not use shared file systems for /usr, /lib, and a few others.
There is no supported way to convert an existing sparse-root zone to a whole-root zone. Creating a new zone is required.
QUESTION 88
You have been asked to terminate a process that appears to be hung and will not terminate. The process table is shown below:
root 15163 15156 0 12:51:15 pts/3 0:00 hungscript
What command will terminate the process?
A. kill -9 15163
B. kill -1 15163
C. kill -15 15163
D. kill -2 15163
Correct Answer: A
Section: (none)
Explanation
Explanation:
Here we should use SIGTERM to terminate the process.
Note:
When no signal is included in the kill command-line syntax, the default signal that is used is 15 (SIGKILL). Using the 9 signal (SIGTERM) with the kill
command ensures that the process terminates promptly. However, the 9 signal should not be used to kill certain processes, such as a database
process, or an LDAP server process. The result is that data might be lost.
Tip - When using the kill command to stop a process, first try using the command by itself, without including a signal option. Wait a few minutes to see if
the process terminates before using the kill command with the -9 signal.
QUESTION 89
The global zone has 8 CPUS. YOU suspect that one of your non global /ones, dbzone, is consuming all of the CPU resources.
Which command would you use to view the CPU utilization for all of the zones to confirm this?
A. Run from the global zone:prstat -Z

B. Run from each zonezlogin <zonename> mpstat
C. Run from the global zone:zonestar -r summary
D. Run from the global zone:rctladm -1
E. Run from the global zone:prctl -i
Correct Answer: A
Section: (none)
Explanation
Explanation:
If you're logged on to the system, you can run prstat -Z to generate a summary of cpu/memory utilization by zone.
QUESTION 90
You are executing this command in the default shell:
sleep 5000 &
The system displays a number. This value is______.
A. the priority of the /usr/bin/sleep process

B. the process ID of the /usr/bin/sleep process
C. the process ID of the shell spawned to execute /usr/bin/sleep
D. the process group ID that includes the /usr/bin/sleep process
E. the amount of memory allocated to the /usr/bin/sleep process
F. the current number of instances of the /usr/bin/sleep process
Correct Answer: C
Section: (none)
Explanation
Explanation:
If a command is terminated by the control operator `&', the shell executes the command asynchronously in a subshell. This is known as executing the
command in the background. The shell does not wait for the command to finish, and the return status is 0 (true).
QUESTION 91
You are installing the Solaris 11 Operation System by using the Text Installer. A panel prompts you to create a root password and a user account.
Which four describe your options for completing this panel of the Installation?
A. Creating a user account is optional.

B. The root password must be set and cannot be blank.
C. The root password can be left blank.
D. If you provide a username, that user is assigned the root role.
E. If you provide a username, that user is given root privileges.
F. If you provide a username, root is an account rather than a role and is set to expire immediately.
G. If you do not provide a username, root is an account rather than a role and is set to expire immediately.
Correct Answer: ABDG
Section: (none)
Explanation
Explanation:
A: You are not required to create a user account.
B: You must create a root password.
D: If you create a user account in this panel, you need to provide both the user's password and a root password.
In this case, root will be a role assigned to the user.
G: If you do not create a user account, you still need to provide a root password.
In this case, root will be a regular user.
QUESTION 92
Which option would you choose to display the kernel revision level for your operating system?
A. cat. /etc/release
B. uname -a
C. pkg info kernel
D. banner (issued from the OpenBoot Prom)
E. cat /etc/motd
Correct Answer: B
Section: (none)
Explanation
Explanation:
QUESTION 93
After installing the OS, the following network configuration information is displayed from the system:
Which option describes the state of this server?
A. The automatic network configuration option was chosen during the installation of the OS.
B. The manual network configuration option was chosen during the installation of the OS.
C. The network was not configured during the installation of the OS.
D. The network interface is configured with a static IP address.
Correct Answer: C
Section: (none)
Explanation
Explanation:
Only the loopback addresses are configured. No IP address is configured.
QUESTION 94
The /etc/hosts file can be best described as______.
A. a local database of host names for rlogin, rsh, and rep

B. the configuration file for the host name of the system
C. a local database of information for the uname command
D. the configuration file for the Domain Name Service (DNS)
E. a local database of host names and their associated IP addresses
Correct Answer: E
Section: (none)
Explanation
Explanation:
As your machine gets started, it will need to know the mapping of some hostnames to IP addresses before DNS can be referenced. This mapping is
kept in the /etc/hosts file. In the absence of a name server, any network program on your system consults this file to determine the IP address that
corresponds to a host name.
QUESTION 95
Review the boot environment information displayed on your system:
Which two options accurately describe the newBE boot environment?
A. It cannot be destroyed.
B. It cannot be activated.
C. It cannot be renamed.
D. You can create a snapshot of it.
E. It is activated but unbootable.
F. It has been deleted and will be removed at the next reboot.
Correct Answer: BC
Section: (none)
Explanation
Explanation:
If the boot environment is unbootable, it is marked with an exclamation point (!) in the Active column in the beadm list output.
The beadm command restricts actions on unbootable boot environments as follows:
You cannot activate an unbootable boot environment. (B)
You cannot destroy a boot environment that is both unbootable and marked as active on reboot.
You cannot create a snapshot of an unbootable boot environment.
You cannot use an unbootable boot environment or boot environment snapshot with the -e option of beadm create.
You cannot rename an unbootable boot environment. (C)
QUESTION 96
You are attempting to troubleshoot an event that should have made an entry into the messages log. This event happened about two weeks ago. Which
file should you look at first?
A. /var/adm/messages
B. /var/adm/messages.0
C. /var /adm/messagas.1
D. /var/adm/messages.2
E. /var/adm/messages.3
Correct Answer: A
Section: (none)
Explanation
Explanation:
The /var/adm/messages is the file to which all the messages printed on the console are logged to
by the Operating System. This helps to track back check the console messages to troubleshoot any issues on the system.
Syslog daemon also writes to this /var/adm/messages file.
The /var/adm/messages file monitored and managed by newsyslog and its configuration file is /usr/lib/newsyslog.
This script runs as the roots cron job everyday, checks the /var/adm/messages file and copies/moves it to /var/adm/messages.0, 1, 2, 3, 4, 5, 6, 7. In
other words, it does the Log Rotation for the /var/adm/messages.
In an event the /var file system is running out of space, these files needs to checked and can be removed (not the actual /var/adm/messages itself) to
free up space on the file system. However, care has to be taken, if you decide to empty the /var/adm/messages itself for any reason. This process is
called Truncation.
References: SOLARIS SYSTEM ADMIN TIPS, /var/adm/messages
QUESTION 97
User jack makes use of the bash shell; his home directory is/export/home/jack.
What is the correct setting of umask, and where should it be set, to allow jack to create a shell script using the vi editor, that is executable by default?
A. It is not possible to make a script executable without using the chmod command.
B. umask value of 0002 set in /etc/profile
C. umask value of 0002 set in /export/home/jack/.bashrc
D. umask value of 0722 set in /etc/profile
E. umask value of 0722 set In /export/home/jack/.bashrc
Correct Answer: B
Section: (none)
Explanation
Explanation:
The user file-creation mode mask (umask) is use to determine the file permission for newly created files. It can be used to control the default file
permission for new files. It is a four-digit octal number.
You can setup umask in /etc/bashrc or /etc/profile file for all users. By default most Unix distro set it to 0022 (022) or 0002 (002).
1. The default umask 002 used for normal user. With this mask default directory permissions are 775 and default file permissions are 664.
2. The default umask for the root user is 022 result into default directory permissions are 755 and default file permissions are 644.
3. For directories, the base permissions are (rwxrwxrwx) 0777 and for files they are 0666 (rw-rw- rw).
In short,
1. A umask of 022 allows only you to write data, but anyone can read data.
2. A umask of 077 is good for a completely private system. No other user can read or write your data if umask is set to 077.
3. A umask of 002 is good when you share data with other users in the same group. Members of your group can create and modify data files; those
outside your group can read data file, but cannot modify it. Set your umask to 007 to completely exclude users who are not group members.
QUESTION 98
You want to deploy Oracle Solaris 11 with the Automated Installer (AI). You need to make sure that your server and network meet the requirements for
using AI.
Choose the three options that describe the requirements for using AI.
A. You can create only one manifest per install service. If you need more than one manifest create multiple install services.
B. If two client machines have different architectures and need to be installed with the same version of the Oracle Solaris 11 OS, then create two AI
manifests and a single install service.
C. You need a separate install service for each different client architecture that you plan to install, and for each different version of the Oracle Solaris 11
OS that you plan to install on client systems.
D. If two client machines have different architectures and need to be installed with different versions of the Oracle Solaris 11 OS, then create two AI
manifests and two install services.
E. The install server needs to be able to access an Oracle Solaris Image Packaging System (IPS) software package repository; the clients do not.
F. The install server can be either an x86 machine or a SPARC machine.
Correct Answer: BEF

Section: (none)
Explanation
Explanation:
B (not A, not D, Not C): If two client machines need to be installed with the same version of the Oracle Solaris 11 OS but
need to be installed differently in other ways, then create two AI manifests for the AI install service. The different AI manifests can specify different
packages to install or a different slice as the install target, for example.
Note: An AI manifest provides installation instructions. The AI manifest specifies one or more IPS package repositories where the client retrieves the
packages needed to complete the installation. The AI manifest also includes the names of additional packages to install and information such as target
installation device and partition information.
F: The install server can be either an x86 machine or a SPARC machine.
QUESTION 99
You have been tasked with creating a dedicated virtual network between two local zones within a single system, in order to isolate the network traffic
from other zones on that system.
To accomplish this, you will create_____.
A. an ether stub
B. virtual router
C. a virtual bridge
D. a virtual network interface
E. nothing, because a virtual switch is automatically created when the virtual network interfaces are created
Correct Answer: D
Section: (none)
Explanation
Explanation:
First create a virtual switch, then create a virtual network interface.
QUESTION 100
You want to deploy Oracle Solaris 11 with the Automated Installer (AI). You need to make sure that your server and network meet the requirements for
using AI.
Identify two requirements for using AI.
A. You should set up DHCP. The DHCP server and AI install server can be the same machine or two different machines.
B. You can create only one manifest per install service. If you need more than one manifest, you should create multiple install services.
C. The minimum requirement to operate as an AI install server is 1 GB of memory.
D. If two client machines have different architectures and need to be installed with the same version of the Oracle Solaris 11 OS, then you should create
two AI manifests and a single install service.
Correct Answer: AD
Section: (none)
Explanation
Explanation:
A: An automated installation of a client over the network consists of the following high-level steps:
Step 1. The client system boots over the network and gets its network configuration and the location of the install server from the DHCP server.
Step 2: The install server provides a boot image to the client.
Etc.
D: If two client machines need to be installed with the same version of the Oracle Solaris 11 OS but
need to be installed differently in other ways, then create two AI manifests for the AI install service. The different AI manifests can specify different
packages to install or a different slice as the install target, for example.
QUESTION 101
Which network protocol is responsible for routing packets from one network to another?
A. TCP
B. UDP
C. IP
D. ICMP
E. Ethernet
Correct Answer: C
Section: (none)
Explanation
Explanation:
The Internet Protocol (IP) is the principal communications protocol in the Internet protocol suite for relaying datagrams across network boundaries. Its
routing function enables internetworking, and essentially establishes the Internet.
QUESTION 102
You display the IP interface information with ipmpstat -i.
Which two characteristics are indicated by characters that may be included in the FLAGS column?
A. default route
B. IP forwarding enabled IS
C. allocated to global zone
D. unusable due to being inactive
E. nominated to send/receive IPv4 multicast for its IPMP group
Correct Answer: DE
Section: (none)
Explanation
Explanation:
FLAGS
Indicates the status of each underlying interface, which can be one or any combination of the following:
(D) d indicates that the interface is down and therefore unusable.
(E) M indicates that the interface is designated by the system to send and receive IPv6 multicast traffic for the IPMP group.
Note:
i indicates that the INACTIVE flag is set for the interface. Therefore, the interface is not used to send or receive data traffic.
s indicates that the interface is configured to be a standby interface.
m indicates that the interface is designated by the system to send and receive IPv4 multicast traffic for the IPMP group.
b indicates that the interface is designated by the system to receive broadcast traffic for the IPMP group.
h indicates that the interface shares a duplicate physical hardware address with another interface and has been taken offline. The h flag indicates that
the interface is unusable.
QUESTION 103
To inspect network interface net3, you enter the following commands:
What problem do you suspect? Assume the user is authorized and provided the correct password.
A. The net3 interface hasn't been enabled yet.

B. The net3 vnic hasn't been created.
C. The net3/v4 ip object hasn't been configured.
D. The net3 interface is not attached to a NIC or etherstub.
Correct Answer: C
Section: (none)
Explanation
Explanation:
The following command marks the address object net1/v4a up that was previously marked down.
# ipadm up-addr net1/v4a
QUESTION 104
Which three files must be edited in order to set up logging of all failed login attempts?
A. /var/adm/authlog
B. /etc/syslog.conf
C. /etc/default/login
D. /var/adm/loginlog
Correct Answer: ABC

Section: (none)
Explanation
Explanation:
How to Monitor All Failed Login Attempts
This procedure captures in a syslog file all failed login attempts.
Assume the Primary Administrator role, or become superuser.
1. Assume the Primary Administrator role, or become superuser.

2. (C) Set up the /etc/default/login file with the desired values for SYSLOG and SYSLOG_FAILED_LOGINS
3. (A) Create a file with the correct permissions to hold the logging information.
Create the authlog file in the /var/adm directory.
4. (B) Edit the syslog.conf file to log failed password attempts.
QUESTION 105
View the Exhibit.
The file came from your Automated Installer (AI) install server.
The file is ____________.
A. An AI SC profile for non-global zones

B. The default AI conf ig file for non-global zones
C. The default AI manifest for non-global zones
D. A custom AI manifest
Correct Answer: D
Section: (none)
Explanation
Explanation:
ai_manifest
- Automated installation manifest file format
Synopsis
/usr/share/install/ai.dtd.1
Some customizations have been made, such as the selection of specific locales.
QUESTION 106
Which two options are valid methods of installing a solaris10 branded zone on a system running Oracle Solaris 11?
A. Use the V2V process to migrate an existing Solaris 8 or 9 non-global zone from a Solaris 10 system to a solaris10 branded zone.
B. Use the V2V process to migrate an existing Solaris 10 non-global whole root zone from a Solaris 10 system to a solaris10 branded whole root zone.
C. Install a solaris10 branded zone directly from the Oracle Solaris 10 media.
D. Migrate an existing 64-bit Solaris 10 system to a solaris10 branded non-global zone using the P2V process.
E. Use the V2V process to migrate an existing Solaris 10 non-global sparse root zone from a Solaris 10 system to a solaris10 branded sparse root
zone.
Correct Answer: BC
Section: (none)
Explanation
Explanation:
B: How to Migrate an Existing native Non-Global Zone
Use the V2V process to migrate an existing zone on your Solaris 10 system to a solaris10 brand zone on a system running the Oracle Solaris 11
release.
C: How to Install the solaris10 Branded Zone
A configured solaris10 branded zone is installed by using the zoneadm command with the install subcommand.
QUESTION 107
Which modification needs to be made to the Service Management Facility before you publish a new package to the IPS repository?
A. The pkg.depotd must be disabled.

B. The pkg/readonly property for the application/pkg/server service must be set to false.
C. The Pkg/writabie_root property for the application/Pkg/server service must be set to true.
D. The pkg/image.root property for the application/pkg/server service must be set to the location of the repository.
Correct Answer: D
Section: (none)
Explanation
Explanation:
pkg/image_root
(astring) The path to the image whose file information will be used as a cache for file data.
QUESTION 108
Given the following output of the zpool status command:
Identify the correct statement regarding pool1's configuration.
A. Data written to pool1 will be stripped across four disk components.

B. The rsdz1-0 and c3t640 components are submirrors of pool1.
C. Data will only be stripped across the three disks in rsidz configuration.
D. The configuration is a bug in Solaris 11; it cannot be created by an administrator.
Correct Answer: B
Section: (none)
Explanation
Explanation:
The mirror pool1 (top device) contains the submirrors (sub devices) raidz1-0 and c3t6d0.
QUESTION 109
Before booting testzone, a non-global zone, you want to connect to the zone's console so that you can watch the boot process.
Choose the command used xo connect to testzone's console.
A. zoneadm C testzone
B. zoneadm console testzone
C. zlogin z testzone console
D. zlogin z testzone C
E. zlogin C testzone
F. zoneadm z testzone C
Correct Answer: E
Section: (none)
Explanation
Explanation:
QUESTION 110
Identify the two security features incorporated in the Oracle Solaris 11 Cryptographic Framework.
A. Layer 5 IP address encryptions

B. Internet protocol security
C. Diffie-Kerberos coaxial key encryption
D. Signed cryptographic plugins (providers)
E. Kernel support for signed antivirus plugins
Correct Answer: DE
Section: (none)
Explanation
Explanation:
The framework enables providers of cryptographic services to have their services used by many consumers in the Oracle Solaris operating system.
Another name for providers is plugins. The framework allows three types of plugins:
* User-level plugins - Shared objects that provide services by using PKCS #11 libraries, such as pkcs11_softtoken.so.1.
* Kernel-level plugins - Kernel modules that provide implementations of cryptographic algorithms in software, such as AES.
Many of the algorithms in the framework are optimized for x86 with the SSE2 instruction set and for SPARC hardware.
* Hardware plugins - Device drivers and their associated hardware accelerators. The Niagara chips, the ncp and n2cp device drivers, are one example.
A hardware accelerator offloads expensive cryptographic functions from the operating system. The Sun Crypto Accelerator 6000 board is one example.
QUESTION 111
Review the ZFS dataset output that is displayed on your system:
Which four correctly describe the output?
A. /data/file4 has been added.

B. The link /data/file3 has been added.
C. /data/file3 has been renamed to /data/file13.
D. /data/file4 has been modified and is now larger.
E. /data/file1 has been deleted.
F. /data/file1 has been modified and is now smaller.
G. /data/file5 has been modified.
H. /data/file3 (a link) has been removed.
Correct Answer: ACEG

Section: (none)
Explanation
Explanation:
A: + Indicates the file/directory was added in the later dataset
C: R Indicates the file/directory was renamed in the later dataset
E: - Indicates the file/directory was removed in the later dataset
G: M Indicates the file/directory was modified in the later dataset
Note: Identifying ZFS Snapshot Differences (zfs diff)

You can determine ZFS snapshot differences by using the zfs diff command.
The following table summarizes the file or directory changes that are identified by the zfs diff command.
File or Directory Change Identifier

* File or directory is modified or file or directory link changed M
* File or directory is present in the older snapshot but not in the newer snapshot --
* File or directory is present in the newer snapshot but not in the older snapshot +
* File or directory is renamed

R
QUESTION 112
Which five statements describe options available for installing the Oracle Solaris 11operating system using the installation media?
A. You can perform a text or LiveCD installation locally or over the network.
B. The text Installer does not install the GNOME desktop. The GNOME desktop package must he added after you have installed the operating system.
C. The LiveCD Installation cannot be used to install multiple instances of Oracle Solaris.
D. The LiveCD installer cannot be used if you need to preserve a specific Solaris Volume Table of Contents (VTOC) slice in your current operating
system.
E. The LiveCD Installer is for x86 platforms only.
F. The GUI installer cannot be used to upgrade your operating system from Solaris 10.
G. If you are installing Oracle Solaris 11 on an x86-based system that will have more than one operating system installed in it, you cannot partition your
disk during the installation process.
H. The LiveCD installer can be used for SPARC or x86 platforms.
Correct Answer: ABDFH

Section: (none)
Explanation
Explanation:
A: If the network is setup to perform automated installations, you can perform a text installation over the network by setting up an install service on the
network and selecting a text installation when the client system boots.
B: After a fresh install of Solaris 11 express, only the console mode is activated.
To add Gnome, simply do :
$ sudo pkg install slim_install
This will install additional packages that are not installed by default.
D: The text installer advantages over the GUI installer include:

* In addition to modifying partitions, the text installer enables you to create and modify VTOC slices within the Solaris partition.
F: How do I upgrade my Solaris 10 or lower systems to Solaris 11?
Unfortunately, you CAN'T. There is no direct upgrade installer or other tool that will allow you to upgrade from earlier releases of Solaris to Solaris 11.
This is primarily due to the vast changes in the packaging mechanism in Solaris 10.
QUESTION 113
When setting up Automated Installer (AI) clients, an interactive tool can be used to generate a custom system configuration profile. The profile will
specify the time zone, data and time, user and root accounts, and name services used for an AI client installation. This interactive tool will prompt you to
enter the client information and an SC profile (XML) will be created.
Which interactive tool can be used to generate this question configuration?
A. sys-unconfig
B. installadm set-criteria
C. sysconfig create-profile
D. installadm create-profile
Correct Answer: B
Section: (none)
Explanation
Explanation:
Use the installadm set-criteria command to update the client criteria associated with an AI manifest that you already added to a service using installadm
add-manifest.
Use the installadm add-manifest command to add a custom AI manifest to an install service.
The value of manifest is a full path and file name with .xml extension. The manifest file contains an AI manifest (installation instructions). The manifest
file can also reference or embed an SC manifest (system configuration instructions).
QUESTION 114
Review the zonestat command:
zonestate - q physical - memory -R high -z -p -p "zones" 10 24h 60m
Select the option that correctly describes the information that is displayed by this command.
A. It is a sample of dbzone's physical memory usage taken every hour over a 24-hour period.Only the top 10 samplings of peak memory usage are
displayed. All other utilization data is eliminated.
B. It is a sample of dbzone's CPU, virtual memory, and networking utilization.Physical memory is executed from the report.The sampling is taken every
10 minutes over a 24-hour period and peak utilization id displayed each hour.
C. It is a sample of dbzone's CPU, virtual memory, and networking utilization.Physical memory is executed from the report.The sampling is taken every
10 minutes over a 24-hour period and displayed each hour.
D. It is a sample of dbzone's physical memory usage taken every 10 seconds and 24-hour period.Only peak virtual memory usage and CPU utilization
are displayed each hour.All other Utilization data is eliminated.
E. It is a sample of dbzone's physical memory usage taken every 10 seconds and 24-hour period.Only peak memory usage is displayed each hour.All
other utilization data is eliminated.
Correct Answer: D
Section: (none)
Explanation
Explanation:
* (Not A, B, C): interval (here 10 seconds): Specifies the length in seconds to pause between each interval report.
* duration (here 24 h)
* -R report[,report] (here high)

Print a summary report.
High Print a summary report detailing the highest usage of each resource and zone during any interval of the zonestat utility invocation.
Note: The zonestat utility reports on the cpu, memory, and resource control utilization of the currently running zones. Each zone's utilization is reported
both as a percentage of system resources and the zone's configured limits.
The zonestat utility prints a series of interval reports at the specified interval. It optionally also prints one or more summary reports at a specified interval.
The default output is a summary of cpu, physical, and virtual memory utilization. The -r option can be used to choose detailed output for specific
resources.
QUESTION 115
You are configuring NFS on a server. Select the two statements that are true.
A. Resources listed in /etc/dfs/dfstab are automatically shared on boot up.

B. A directory cannot be shared if a subdirectory below it is already shared.
C. Renaming a share created with the zfs set share command is not supported.
D. NFS and SMB protocols cannot be used simultaneously to share the same directory.
Correct Answer: AC
Section: (none)
Explanation
Explanation:
A: ZFS can automatically share file systems by setting the sharenfs property. Using this property, you do not have to modify the /etc/dfs/dfstab file when
a new file system is shared. The sharenfs property is a comma-separated list of options to pass to the share command. The value on is an alias for the
default share options, which provides read/write permissions to anyone. The value off indicates that the file system is not managed by ZFS and can be
shared through traditional means, such as the /etc/dfs/dfstab file. All file systems whose sharenfs property is not off are shared during boot.
QUESTION 116
You have already generated a 256-bit AES raw key and named the keystore file /mykey. You need to use the key to create an encrypted file system.
Which command should you use to create a ZFS encrypted file system named pool1/encrypt using the /mykey keystore?
A. zfs create - o encryption = /mykey pool1/encrypt

B. zfs create - o encryption = 256-ccm - o keysource = raw, file : ///my key pool1/encrypt
C. zfs create - o encryption = AES keysource = /mykey pool1/encrypt
D. zfs create - o encryption = on keystore = /mykey pool1/encrypt
Correct Answer: B
Section: (none)
Explanation
Explanation:
Example: Encrypting a ZFS File System by Using a Raw Key
In the following example, an aes-256-ccm encryption key is generated by using the pktool command and is written to a file, /cindykey.file.
# pktool genkey keystore=file outkey=/cindykey.file keytype=aes keylen=256 Then, the /cindykey.file is specified when the tank/home/cindy file system is
created.
# zfs create -o encryption=aes-256-ccm -o keysource=raw,file:///cindykey.file tank/home/cindys
QUESTION 117
You need to set up an Oracle Solaris 11 host as an iSCSI target so that the host's disk can be accessed over a storage network. The disk device is
c3t4d0.
Which six options describe the steps that need to be taken on this host to enable an iSCSI target?
A. Create a ZFS file system named iscsi/target.

B. Create a zpool named iscsi with disk device c3t4d0
C. Create zfs volume named iscsi/target.
D. Use the stmfadm command to create a LUN using /dev/zvol/rdsk/iscsi/target.
E. Use the stmfadm command to create a LUN using iscsi/target.
F. Use the stmfadm command to make the LUN viewable.
G. Use the stmfadm command to make the volume viewable.
H. Enable the svc:/network/iscsi/target:default Service.
I. Use the itadm command to create the iSCSI target.
Correct Answer: BCDFHI
Section: (none)
Explanation
Explanation:
How to Create an iSCSI LUN

The following steps are completed on the system that is providing the storage device. Example: target# zpool create sanpool mirror c2t3d0 c2t4d0 (C)2.
Create a ZFS volume to be used as a SCSI LUN.
(D)3. Create a LUN for the ZFS volume.
Example:
target# stmfadm create-lu /dev/zvol/rdsk/sanpool/vol1
Logical unit created: 600144F0B5418B0000004DDAC7C10001
4. Confirm that the LUN has been created.

Example
target# stmfadm list-lu
LU Name: 600144F0B5418B0000004DDAC7C10001
(F) 5. Add the LUN view.

This command makes the LUN accessible to all systems.
target# stmfadm add-view 600144F0B5418B0000004DDAC7C10001
How to Create the iSCSI Target
This procedure assumes that you are logged in to the local system will contains the iSCSI target. Note: The stmfadm command manages SCSI LUNs.
Rather than setting a special iSCSI property on the ZFS volume, create the volume and use stmfadm to create the LUN.
(H) 1. Enable the iSCSI target service.

target# svcadm enable -r svc:/network/iscsi/target:default
(I) 2. Create the iSCSI target.

target# itadm create-target
QUESTION 118
Identify the Automated Installer's (AI) equivalent to jumpStart's finish scripts and sysidcfg files.
A. Manifest files
B. SMF system configuration profile files
C. Installadm create - client
D. IPS software package repository
E. installadm create-service
F. svccfg - s application/pkg/server setprop sysidcfg
Correct Answer: B
Section: (none)
Explanation
Explanation:
Comparing sysidcfg File Keywords to System Configuration Profile Directives The following table compares sysidcfg file keywords with example AI
system configuration profile specifications.
sysidcfg File Keyword

System Configuration Profile Directives
Etc.
QUESTION 119
You need to update an OS image on a client. The pkg publishers command displays the wrong publisher with the wrong update:
PUBLISHERTYPESTATUSURI
Solaris origin onlinehttp://pkg.oracle.com/solaris/release
The update is available on the updated publisher:
Solaris originonlinehttp://sysA.example.com
Select the option that describes the procedure used to update the OS image on the system from the updated publisher.
A. Copy the repository from the ISO image onto the local client.Configure the repository on the client by using the svccfg - s command so that the
Solaris publisher is connected to the new repository.Refresh the application/pkg/server service.Issue the pkgrepo refresh command to refresh the
repository catalog
B. Configure the publisher on the client using the svcfg - s command so that the Solaris publisher is connected to the repository at http://
sysA.example.comRefresh the application/pkg/server service.Issue the pkgrepo refresh command to repository catalog
C. Use the pkg set-publisher command to change the URL of the publisher Solaris to http://sysA.example.com.Issue the pkg update command to
update the OS image.
D. Add the new publisher http://sysA.example.com SolarisUse the pkg set-publisher command to set the publisher search order and place http://
sysA.example.com of http://pkg.oracle.com/solaris/releaseIssue the pkg publisher command to view the publishers.Set the new publisher to
sticky.Issue the pkg update command to update the OS image.
Correct Answer: C
Section: (none)
Explanation
Explanation:
You can use the pkg set-publisher command to change a publisher URI.
Changing a Publisher Origin URI
To change the origin URI for a publisher, add the new URI and remove the old URI. Use the -g option to add a new origin URI. Use the -G option to
remove the old origin URI.
# pkg set-publisher -g http://pkg.example.com/support \ -G http://pkg.example.com/release example.com
Note: You can use either the install or update subcommand to update a package. The install subcommand installs the package if the package is not
already installed in the image. If you want to be sure to update only packages that are already installed, and not install any new packages, then use the
update subcommand.
QUESTION 120
alice is a user account used by Alice on a Solaris 11 system.
sadmin is a role account on the same system.
Your task is to add the command /usr/sbin/cryptoadm to the Network management profile, so that Alice can execute it, while assuming the sadmin role.
Select the three activities necessary to accomplish this.
A. To the file /etc/security/prof_attr, add the line: Network Management:

solaris:cmd:RO::/usr/sbin/cryptoadm:euid=0
B. To the file /etc/security/auth_attr, add the line:Network Management:
C. To the file /etc/security/exec_attr.d/local-entriies, add the line:Network Management:
D. Run the roles alice to ensure that alice may assume the role sadmin.
E. Run the command profiles sadmin to ensure that the role sadmin includes the network Management profile.
F. Run the command profiles alice to ensure that the Alice has permissions to access the Network management profile.
G. Run the command profiles "Network management" to ensure that the Network management profile includes the sadmin role.
Correct Answer: CDG
Section: (none)
Explanation
Explanation:
C: /etc/security/exec_attr is a local database that specifies the execution attributes associated with profiles. The exec_attr file can be used with other
sources for execution profiles, including the exec_attr NIS map and NIS+ table.
A profile is a logical grouping of authorizations and commands that is interpreted by a profile shell to form a secure execution environment.
QUESTION 121
Select the two statements that correctly describe the operation of NWAM.
A. If a location is explicitly enabled, it remains active until explicitly changed.

B. Wireless security keys can be configured by using the nwammgr command.
C. NWAM stores profile information in /etc/ipadm/ipadm.conf and /etc/dladm/datalink.conf.
D. Multiple locations may be automatically activated in systems with multiple network interface cards.
E. Interface NCU Properties "float" and are automatically attached to the highest priority Link NCU Property.
F. If the DefaultFixed NCP is enabled, persistent configuration, stored in /etc/ipadm.conf and /etc/dladm/datalink.conf is used.
Correct Answer: AD
Section: (none)
Explanation
Explanation:
A: Conditional and system locations can be manually activated, which means that the location remains active until explicitly disabled.
D: A location comprises certain elements of a network configuration, for example a name service and firewall settings, that are applied together, when
required. You can create multiple locations for various uses. For example, one location can be used when you are connected at the office by using the
company intranet. Another location can be used at home when you are connected to the public Internet by using a wireless access point. Locations can
be activated manually or automatically, according to environmental conditions, such as the IP address that is obtained by a network connection.
QUESTION 122
On server A, you enter the following command to add a static route to serverA route -p add -host 192.168.1.101 192.168.1.101 -static
What is the purpose of this command?
A. to temporarily bypass IP Filter rules

B. to specify an IPMP target IP address to in.mpathd
C. to specify routing to an adjacent network when in.rdisc is not used
D. to specify routing to an adjacent network when in.routed is not used
E. to ensure the IP address for serverB is not flushed from the ARP cache
F. to optimize link aggregation using a direct connection between two systems
Correct Answer: B
Section: (none)
Explanation
Explanation:
Note: # route -p add -host destination-IP gateway-IP -static where destination-IP and gateway-IP are IPv4 addresses of the host to be used as a target.
For example, you would type the following to specify the target system 192.168.10.137, which is on the same subnet as the interfaces in IPMP group
itops0:
$ route -p add -host 192.168.10.137 192.168.10.137 -static This new route will be automatically configured every time the system is restarted. If you
want to define only a temporary route to a target system for probe-based failure detection, then do not use the -p option.
QUESTION 123
Before booting test zone a non-global zone, you want to connect to the zone's console so that you can watch the boot process.
Choose the command used to connect to testzone's console.
A. zoneadm -C testzone
B. zoneadm -console testzone
C. zlogin - z testzone console
D. zlogin - z testzone - C
E. zlogin -C testzone
F. zoneadm - testzone - c
Correct Answer: E
Section: (none)
Explanation
Explanation:
The following options are supported:
-C
Connects to the zone console. Connects to the zone console.
Note:
After you install a zone, you must log in to the zone to complete its application environment. You might log in to the zone to perform administrative tasks
as well. Unless the -C option is used to connect to the zone console, logging in to a zone using zlogin starts a new task. A task cannot span two zones
QUESTION 124
Consider the following rule file for use with the Basic Audit Reporting Tool (BART).
CHECK all
IGNORE dirmtime
/etc/security
/etc/notices
IGNORE contents
/export/home
IGNORE mtime size contents
/var
CHECK
You are using BART to detect inappropriate changes to the file system.
Identify the two correct statements describing the attributes recorded.
A. /var/dhcp Attribute: size uid gid mode acl

B. /etc/hosts Attributes: size uid gid mode acl intime dest
C. /var/spool/mqueue Attribute: size uid gid mode acl dirmtime
D. /etc/security/exec_attr Attribute: size uid mode acl mtime devnode
E. /export/home/kate/.profile Attributes: uid gid mode acl dirmtime
F. /export/home/rick/.profile Attributes: size uid gid mode acl mtime contents
Correct Answer: DF
Section: (none)
Explanation
Explanation:
D: According to line /etc/security
F: According to line /export/home
Not E: According to line IGNORE dirmtime
Note: In default mode, the bart compare command, as shown in the following example, checks all the files installed on the system, with the exception of
modified directory timestamps (dirmtime):
CHECK all
IGNORE dirmtime
Note 2: The Basic Audit Reporting Tool (BART) feature of Oracle Solaris enables you to comprehensively validate systems by performing file-level
checks of a system over time. By creating BART manifests, you can easily and reliably gather information about the components of the software stack
that is installed on deployed systems.
BART is a useful tool for integrity management on one system or on a network of systems.
QUESTION 125
The ZFS configuration on your server is:
Pool1 6.67G31K/pool
Pool1/data31K31K/data
Select the three commands that you would use to 1. Create, 2. List, and 3. Delete a snapshot of the /data file system.
A. zfs snapshot pool1/data@now

B. zfs create snapshot pool1/data@now
C. zfs list -t snapshot
D. zfs list -t snapshot pool1/data
E. zfs destroy pool1/data@now
F. zfs destroy snapshot pool1/data@now
Correct Answer: ADE

Section: (none)
Explanation
Explanation:
A: Snapshots are created by using the zfs snapshot command, which takes as its only argument the name of the snapshot to create.
D: You can list snapshots as follows:
# zfs list -t snapshot
E: Snapshots are destroyed by using the zfs destroy command. For example:
# zfs destroy tank/home/ahrens@now
QUESTION 126
Which three Installation option allow for a "hands free" and "unattended'" Installation of the Solaris 11 environment?
A. Jumpstart
B. LiveCD
C. A text Installation over the network
D. An Automated Installation performed on an x86 client
E. An Automated Installation using media from a local DVD or USB drive
F. An Automated Installation using a networked repository
Correct Answer: DEF
Section: (none)
Explanation
Explanation:
Oracle Solaris 11 uses Automated Installer (AI) for unattended installations.
Unattended installations are possible by placing the contents of the AI Image media (or ISO image contents from a download) on an AI server.
QUESTION 127
You have been tasked with creating a dedicated virtual network between two local zones within a single system. In order to isolate the network traffic
To accomplish this, you will create__________.
A. An ether stub
B. A virtual router
C. A virtual switch
D. A virtual bridge.
E. A virtual network interface
F. Nothing because a virtual switch is automatically created then the virtual network interfaces are created.
Correct Answer: A
Section: (none)
Explanation
Explanation:
Etherstubs are pseudo ethernet NICs which are managed by the system administrator. You can create VNICs over etherstubs instead of over physical
links. VNICs over an etherstub become independent of the physical NICs in the system. With etherstubs, you can construct a private virtual network that
is isolated both from the other virtual networks in the system and from the external network. For example, you want to create a network environment
whose access is limited only to your company developers than to the network at large. Etherstubs can be used to create such an environment.
Note: Oracle Solaris 11 introduces a new and powerful network stack architecture which includes:
* Networking virtualization with virtual network interface cards (VNICs) and virtual switching (etherstubs)
* Tight integration with zones
* Network resource management - efficient and easy to manage integrated quality of service (QoS) to enforce bandwidth limit on VNICs and traffic flows
We will be examini
QUESTION 128
Which three options describe the purpose of the zonep2vchk command?
A. Used on a Solaris 10 global zone to access the system for problems before migrating that system to a Solaris 10 branded zone.
B. Used to access a Solaris 10 global zone for problems before migrating that zone to a Solaris 11 global zone
C. Used to create zonecfg template for a Solaris 10 global zone that that will be migrated to a solaris10 branded zone.
D. Used to migrate an Oracle Solaris 11 global zone to a non-global zone.
E. Used to migrate a Solaris 10 global zone to a non-global zone on the same server; the non- global zone can then be migrated to a Solaris 11 server
as a Solaris10 branded zone.
Correct Answer: CDE

Section: (none)
Explanation
Explanation:
zonep2vchk
- check a global zone's configuration for physical to virtual migration into non-global zone
The zonep2vchk utility is used to evaluate a global zone's configuration before the process of physical-to-virtual (p2v) migration into a non-global zone.
The p2v process involves archiving a global zone (source), and then installing a non-global zone (target) using that archive
Zonep2vchk serves two functions. First, it can be used to report issues on the source which might prevent a successful p2v migration. Second, it can
output a template zonecfg, which can be used to assist in configuring the non-global zone target.
Zonep2vchk can be executed on a Solaris 10 or later global zone. To execute on Solaris 10, copy the zonep2vchkutility to the Solaris 10 source global
zone. When run on Solaris 10, a target release of S11 can be specified, which will check for p2v into a Solaris 10 Branded zone.
QUESTION 129
Your are troubleshooting network throughput on your server.
To confirm that the load balancing among aggregated links is functioning properly, you want to examine the traffic statistics on the links comprising the
aggregation.
The correct command is ___________.
A. dlstat - aggr
B. dlstat show-aggr
C. dlstat show-link -r
D. dlstat show-link -aggr
E. dlstat show-phys -aggr
Correct Answer: B
Section: (none)
Explanation
Explanation:
dlstat show-aggr [-r | -t] [-i interval] [-p] [ -o field[,...]] [-u R|K|M|G|T|P] [link] Display per-port statistics for an aggregation.
QUESTION 130
You have set up the task.max-lwps resource control on your Solaris 11 system.
Which option describes how to configure the system so that syslogd notifies you when the resources control threshold value for the task.max-lwps
resource has been exceeded?
A. Use the rctladm command to enable the global action on the task.max-lwpa resource control.
B. Modify the /etc/syslog.conf file to activate system logging of all violations of task.max-lwps and then refresh then svc: /system/system-log:default
service.
C. Activate system logging of all violations of task.max-lwpp in the /etc/rctldm.conf file and then execute the rctladm-u command.
D. Use the prct1 command to set the logging of all resource control violations at the time the task.max-lwps resource control is being setup.
E. Use the setrct1 command to set the logging of all resource control violations for the task.max- lwps resource control.
Correct Answer: A
Section: (none)
Explanation
Explanation:
rctladm - display and/or modify global state of system resource controls
The following command activates system logging of all violations of task.max-lwps.
# rctladm -e syslog task.max-lwps

#
QUESTION 131
You are troubleshooting the failure of a computer to mount an NFS file system hosted by a server (hostname mars) in the local area network.
Select the three commands that will enable you to identify the problem.
A. ping - s mars
B. cat /etc/vfstab
C. cat /etc/dfs/dfstab
D. sharemgr show -v
E. showmount -e mars
F. rpcinfo -s mars | egrep `nfs|mountd'
Correct Answer: BEF

Section: (none)
Explanation
Explanation:
B: The mount point Error. The following message appears during the boot process or in response toan explicit mount request and indicates a non-
existent mount point.
Mount: mount-point /DS9 does not exist.
To solve the mount point error condition, check that the mount point exists on the client. Check the spelling of the mount point on the command line or in
the /etc/vfstab file (B) on the client, or comment outthe entry and reboot the system.
Note: The /etc/vfstab file lists all the file systems to be automatically mounted at system boot time, with the exception of the /etc/mnttab and /var/run file
systems.
E: showmount
This command displays all clients that have remotely mounted file systems that are shared from an NFS server, or only the file systems that are
mounted by clients, or the shared file systems with the client access information. The command syntax is:
showmount [ -ade ] [ hostname ]
where -a prints a list of all the remote mounts (each entry includes the client name and the directory), -d prints a list of the directories that are remotely
mounted by clients, -e prints a list of the files shared (or exported), and hostname selects the NFS server to gather the information from. If hostname is
not specified the local host is queried.
F: * mountd Daemon
This daemon handles file-system mount requests from remote systems and provides access control. The mountd daemon checks /etc/dfs/sharetab to
determine which file systems are available for remote mounting and which systems are allowed to do the remote mounting.
* Commands for Troubleshooting NFS Problems

These commands can be useful when troubleshooting NFS problems.
rpcinfo Command
This command generates information about the RPC service that is running on a system.
QUESTION 132
You have been asked to troubleshoot the initial configuration of a virtual network connecting two local zones with the outside world.
View the exhibit.
The command
dladm create-vnic -1 vswitch192.168.1 vnic1
fails with the error
dladm: invalid link name `vswitch192.168.1'
What is the reason for this error?
A. The name vswitch192.168.1 is not legal.
B. The zone must be specified withdladm create-vnic -z zone3 vnic1.
C. The virtual interface must be specified withdladm create-vnic -z zone3 vnic1.
D. The virtual interface must be created withipadm create-vnic -1 switch192.168.1.
E. The virtual switch must be created first withdladm create -etherstub vswitch192.168.1.
Correct Answer: E
Section: (none)
Explanation
Explanation:
There is no data-link named vswitch192.168.
We need to create an etherstub first.
See Note and example below for details.
Note: Create a VNIC in the system's global zone.
# dladm create-vnic -l data-link vnic-name

data-link is the name of the interface where the VNIC is to be configured.
-l link, --link=link
link can be a physical link or an etherstub.
vnic-name is the name that you want to give the VNIC.
For example, to create a VNIC named vnic0 on interface e1000g0, you would type the following:
# dladm create-vnic -l e1000g0 vnic0
Example: Creating a Virtual Network Without a Physical NIC
First, create an etherstub with name stub1:
# dladm create-etherstub stub1
Create two VNICs with names hello0 and test1 on the etherstub. This operation implicitly creates a virtual switch connecting hello0 and test1.
# dladm create-vnic -l stub1 hello0

# dladm create-vnic -l stub1 test1
QUESTION 133
Which command should you choose to display the current parameters for the FSS scheduler?
A. dispadmin - c FSS
B. prionctl -c FSS
C. dispadmin -c FSS -g
D. priocntl -c FSS -g
Correct Answer: C
Section: (none)
Explanation
Explanation:
The dispadmin command displays or changes process scheduler parameters while the system is running.
-c class
Specifies the class whose parameters are to be displayed or changed. Valid class values are: RT for the real-time class, TS for the time-sharing class,
IA for the inter-active class, FSS for the fair- share class, and FX for the fixed-priority class. The time-sharing and inter-active classes share the same
scheduler, so changes to the scheduling parameters of one will change those of the other.
-g
Gets the parameters for the specified class and writes them to the standard output.
QUESTION 134
This iron is displayed on the desktop of a laptop computer, which is running Oracle Solaris 11.
Which two statements describe the Information conveyed by this Icon?
A. NWAM is disabled.
B. NWAM is automatically configuring the network.
C. The wireless network card is manually configured and operational.
D. The wireless network card is manually configured but not operational.
E. The wireless network card is automatically configured and operational.
F. The wireless network card is automatically configured but not operational.
Correct Answer: BC
Section: (none)
Explanation
Explanation:
B: The Network Status notification icon is only displayed on the desktop if you are using NWAM to automatically configure your network.
C: All online (Wireless)
Indicates all manually enabled connections in the enabled network profile are online and that the required number of connections in the enabled profile
group (if such a group exists) are online. The required number is the same as those described for the All online (Wired) status.
Note that at least one online connection is wireless.
QUESTION 135
A local repository is available on this system and you need to enable clients to access this repository via HTTP. The repository information is:
solarisoriginonlinehttp://sysA.example.com
Identify two of the steps that are required to make the local repository on this server available to the client via HTTP.
A. On the server: set the pkg/inst_root and pkg/readonly properties for the svc:/application/pkg/server:default service and enabled the service
B. On the server: set the sharefs property on the ZFS file system containing the IPS repository.
C. On the client: reset the origin for the solaris publisher.
D. On the client: set the pkg/inst_root and pkg/readonly properties for the svc:/application/server:default service enable the service.
E. On the client: start the pkg.depotd process.
Correct Answer: AE
Section: (none)
Explanation
Explanation:
A: Configure the Repository Server Service
To enable clients to access the local repository via HTTP, enable the application/pkg/server Service Management Facility (SMF) service.
# svccfg -s application/pkg/server setprop pkg/inst_root=/export/repoSolaris11 # svccfg -s application/pkg/server setprop pkg/readonly=true
E: Use pkg.depotd to serve the repository to clients.

Start the Repository Service
Restart the pkg.depotd repository service.
# svcadm refresh application/pkg/server
# svcadm enable application/pkg/server

To check whether the repository server is working, open a browser window on the localhost location.
QUESTION 136
In an effort to reduce storage space on your server, you would like to eliminate duplicate copies of data in your server's ZFS file systems.
How do you specify that pool1/data should not contain duplicate data blocks (redundant data) on write operations?
A. zfs create - o compression=on pool1/data

B. zpool create -o deduplication =on pool1; zfs create pool1/data
C. zfs create - o deduplication=on pool1; zfs create pool1/data
D. zfs create - o dedupratio=2 pool1/data
E. zfs create - o dedup=on pool1/data
Correct Answer: E
Section: (none)
Explanation
Explanation:
ZFS Deduplication Property
Solaris Express Community Edition, build 129: In this Solaris release, you can use the deduplication property to remove redundant data from your ZFS
file systems. If a file system has the dedup property enabled, duplicate data blocks are removed synchronously. The result is that only unique data is
stored and common components are shared between files.
You can enable this property as follows:
# zfs set dedup=on tank/home
QUESTION 137
When you issue the "gzip: zommand not found" message is displayed. You need to install the gzip utility on your system.
Which command would you use to check if the gzip utility is available from the default publisher for installation?
A. pkg info|grep gzip

B. pkg list SUNWgzip
C. pkg contents gzip
D. pkg search gzip
Correct Answer: D
Section: (none)
Explanation
Explanation:
Searching for Packages
Use the pkg search command to search for packages whose data matches the specified pattern.
Like the pkg contents command, the pkg search command examines the contents of packages. While the pkg contents command returns the contents,
the pkg search command returns the names of packages that match the query.
pkg search
search [-HIaflpr] [-o attribute ...] [-s repo_uri] query Search for matches to the query, and display the results. Which tokens are indexed are action-
dependent, but may include content hashes and pathnames.
Note: pkg is the retrieval client for the image packaging system. With a valid configuration, pkg can be invoked to create locations for packages to be
installed, called 'images', and install packages into those images. Packages are published by publishers, who may make their packages available at one
or more repositories. pkg, then, retrieves packages from a publisher's repository and installs them into an image.
QUESTION 138
The following information is displayed about the compress/zjp software package, which Is currently installed on this system:
NAME (PUBLISHER)VERSIONIFO
Compress/zip3.1.2-0.175.0.0.0.0.537if-
NAMEVERSIONDATECOMMENT
Compress/zip3.109 Dec 2011 04:50:38 ESTNone
Which statement describes the information that is displayed tor the compress/zip software package?
A. This package cannot be removed.
B. This package can be updated to a new version when the new version of the package becomes available.
C. This package cannot be updated.
D. This package can be updated to version 3.1.3 but not 3.2.
E. This package cannot be downgraded to version 3.1.1.
Correct Answer: B
Section: (none)
Explanation
Explanation:
An "f" in the F column indicates the package is frozen. If a package is frozen, you can only install or update to packages that match the frozen version.
Note: The "i" in the I column indicates that these packages are installed in this image.
References: Adding and Updating Oracle Solaris 11 Software Packages, Showing Package Install State Information
QUESTION 139
The crash dump notification on your server is:
Documentation states that there should be two core files for each crash dump in the /var/crash directory named vmdump.0
Which command should you choose to display theses two files?
A. savecore -f vmdump.0
B. dumpadm uncompressed
C. gunzip vmdump.0
D. dumpadm -z off
Correct Answer: A
Section: (none)
Explanation
Explanation:
Decompress using savecore -f vmdump.0
savecore - save a crash dump of the operating system
-f dumpfile Attempt to save a crash dump from the specified file instead of from the system's
current dump device. This option may be use-
ful if the information stored on the dump
device has been copied to an on-disk file by
means of the dd(1M) command.
QUESTION 140
After installing the OS, you boot the system and notice that the syslogd daemon is not accepting messages from remote systems.
Which two options should you select to modify the syslogd daemon configuration so that it accepts messages from remote systems?
A. svccfg -s svc:/system/system -log setprop start/exec= "syslogd -t"Restart the syslogd daemon.
B. Set the following parameter in the /etc/syslogd.conf file: LOG_FROM_REMOTE= YESRestart the syslogd daemon.
C. svcadm enable svc:/system/system -log/config/log_from_remoteRestart the syslogd daemon.
D. svccfg -s svc:/system/system-log setprop config/log_from_remote=trueRestart the syslogd daemon.
E. Set the following parameter in the /etc/default/syslogd file: LOG_FROM_REMOTE=YESRestart the syslogd daemon.
Correct Answer: BD
Section: (none)
Explanation
Explanation:
B: The /etc/default/syslogd file contains the following default parameter settings. See FILES.
LOG_FROM_REMOTE
Specifies whether remote messages are logged. LOG_FROM_REMOTE=NO is equivalent to the - t command-line option. The default value for
LOG_FROM_REMOTE is YES.
QUESTION 141
You need to migrate a UFS file system named /production_ufs to a ZFS file system named /production_ufs. The /production_ufs file system cannot be
taken down or be out of production during the migration, and the current /production_ufs file system must remain active until the /ptoduction_zfs file
system is copied and ready.
Which method allows you to meet both requirements?
1. Copy live data from /production_ufs to /production_zfs while /production_ufs is in use.
2. When the copy is complete, /production_zfs will contain an up-to date copy of /production_ufs
A. Create a snapshot of the UFS file system. Create the new ZFS file system. Use cpio to copy data from the snapshot to the new ZFS file system.
B. Create a new Boot Environment. Create the ZFS file system. Use lucreate -m to copy data from the Current UFS file system to the new ZFS file
system.
C. Mirror the existing UFS file system by using SVM.After both submissions are in sync, migrate one of the submissions to a ZFS file System by using
Live Upgrade.
D. Create the new ZFS file system by using zfs create import to import data from the existing UFS file system into the new ZFS file system
E. Create the new zfs file system by using the zfs create -o shadow.
Correct Answer: E
Section: (none)
Explanation
Explanation:
Migrating Data With ZFS Shadow Migration
ZFS shadow migration is a tool you can use to migrate data from an existing file system to a new file system. A shadow file system is created that pulls
data from the original source as necessary.
You can use the shadow migration feature to migrate file systems as follows:
* A local or remote ZFS file system to a target ZFS file system
* A local or remote UFS file system to a target ZFS file system
Shadow migration is a process that pulls the data to be migrated:

* Create an empty ZFS file system.
* Set the shadow property on an empty ZFS file system, which is the target (or shadow) file system, to point to the file system to be migrated.
For example:
# zfs create -o shadow=nfs://system/export/home/ufsdata users/home/shadow2
* Data from file system to be migrated is copied over to the shadow file system.
QUESTION 142
Select the five tasks that need to be performed on the Automated Installer (AI) install server before setting up the client.
A. Create a local IPS repository on the AI Install server and start the repository server service, the publisher origin to the repository file.
B. Set up a IP address on the AI install server.
C. The DHCP server must be enabled on the install server and must provide the DHCP service for the clients.
D. DHCP must be available on the network for the Install server and the clients, but the install server does not need to be the DHCP server.
E. Download the AI boot image. The image must be the same version as the Oracle Solaris OS that you plan to install on the client.
F. Download the text install image into the IPS repository.
G. Install the AI installation tools.
H. Create the AI install service. Specify the path to the AI network boot image ISO file and the path where the AI net image ISO file should be unpacked.
I. Create the AI install service. Specify the path to the AI network boot image ISO file and the path to the IPS repository.
Correct Answer: BDFGI

Section: (none)
Explanation
Explanation:
B: Configure the AI install server to use a static IP address and default route.
D: The create-service command can set up DHCP on the AI install server. If you want to set up a separate DHCP server or configure an existing DHCP
server for use with AI. The DHCP server must be able to provide DNS information to the systems to be installed.
E: An automated installation of a client over the network consists of the following high-level steps:
1. The client system boots over the network and gets its network configuration and the location of the install server from the DHCP server.
2. The install server provides a boot image to the client.
3. Characteristics of the client determine which installation instructions and which system configuration instructions are used to install the client.
4. The Oracle Solaris 11 OS is installed on the client, pulling packages from the package repository specified by the installation instructions in the AI
install service.
G: Install the AI tool set.

Use the installadm create-service command to create an AI install service. Give the service a meaningful name, and specify the path where you want
the service created. Specify the source of the network boot image (net image) package or ISO file.
installadm create-service [-n svcname]

[-s FMRI_or_ISO] [-d imagepath]
-d imagepath
The imagepath is the location of the new install service. The install-image/solaris-auto- install package is installed to this location, or the specified ISO
file is expanded at this location.
QUESTION 143
ServerA contains two ISO images of a package repository named so1.repo.iso-a and so1.repo.iso- b respectively. You need to create a single local
package repository on server that clients can connect to. The package repository will be stored on the /export/IPS file system and named repo. The
preferred publisher will be named solaris and the publisher URL will be http://serverA.example.com.
Which is the correct procedure to perform on ServerA to create the local Package repository?
A. cat so1.repo.iso-a sol.repo.iso-b > so1.full.isoMount the ISO image and use the rsync command to extract the contents of the ISO file to the /export/
IPS file system.Set the pkg/inst_root property to /export/IPS/repo and the pkg/readonly property to true.Set the preferred publisher by using pkg set-
publisher -Ghttp://pkg.oracle.com/solaris/release/ \-g http"//serverA.example.com/ solaris
B. cat so1.repo.iso-a so1.repo.iso-b > /export/IPS/repoSet the pkg/inst_root property to true and the pkg/readonly property to /export/IPSSet the
preferred publisher by using pkg set-publisher -G http://serverA.example.com/ \-g http://pkg/oracle.com/solaris/rekease/solaris
C. cat so1.repo.iso-a so1.repo.iso-b > so1.full.isoMount the ISO image and use the rsync command to extract the contents of the ISO file to /export/IPS/
repoSet the pkg/inst_root property to /export/IPS/repo and the pkg/readonly property to trueSet the preferred publisher by using pkg set-publisher
solaris \-g http://pkg.oracle.com/
D. cat so1.repo,iso-a so1.repo.iso-b > /export/IPS/repo.isoMount the ISO image and copy the repo directory from the ISO image to /export/IPS/reposet
the pkg/inst_root property and the pkg/readonly property to /export/IPS/reposet the preferred pkg/inst_root property by using pkg set- publisher - G
http://serverA.example.com/ \- g http://pkg.oracle.com/solaris.com/release/- p solaris
Correct Answer: D
Section: (none)
Explanation
Explanation:
Concatenate the files into one file using the cat command. Make the contents of the repository .iso file available using the mount command. To increase
the performance of repository accesses and to avoid the need to remount the .iso image each time the system restarts, copy the repository files from /
mnt/repo/to a ZFS file system. You can do this copy with rsync or with tar.
QUESTION 144
You want to configure an iSCSI target device on your system.
Select the group package required to install this functionality on your system.
A. storage-server
B. solaris-small-server
C. storage-avs
D. storage-nas
Correct Answer: A
Section: (none)
Explanation
Explanation:
How to Create an iSCSI LUN
The disk volume provided by the server is referred to as the target. When the LUN is associated with an iSCSI target, it can be accessed by an iSCSI
initiator. The following tasks are completed on the system that is providing the storage device.
1. Install the COMSTAR storage server software.
target# pkg install storage-server
Etc.
QUESTION 145
The core dump configuration in your non global zone is
A user is running a process in a non-global zone (testzone) and the process crashes. The process information is:
user126632618017:46:42pts/20:00/usr/bin/bash
When the user's process crashes in testzone, a non-global zone, where will the core dump be saved?
A. The file will be stored in the non-global zone's directory: /var/core/pprocess/core.hash.2663.

B. The file will be saved in the global zone's directory: /var/core/core.bash.2663.
C. A core file cannot be generated in a non-global zone because it shares the kernel with the global zone.
D. The file will be stored in the global zone's directory: /var/core/pprocess/core.bash.2663.
E. The file will be saved in non-global zone's directory: /var/core/core.bash.2663
Correct Answer: E
Section: (none)
Explanation
Explanation:
The line
init core file pattern: /var/core/core.%f.%p
will be used for the non-global process to determine the destination of the dump file.
Note: When a process is dumping core, up to three core files can be produced: one in the per- process location, one in the system-wide global location,
and, if the process was running in a local(non-global) zone, one in the global location for the zone in which that process was running.
QUESTION 146
You create a flash archive of the Solaris 10 global zone on the serves named sysA. The archive name is s10-system.flar, and it is stored on a remote
server named backup_server.
On sysA, you create a Solaris 10 branded zone named s10-zone.
You want to use the flash archive, located On" /net/bactup_servers/10-system.flar, to install the Operating system in the s10-zone zone.
Which command do you choose to install the s10-system.flar archive in the Solaris 10 branded zone (s10-zone)?
A. zoneadm -z s10 -zone install - a /net/backup_server/s10-system.flar -u

B. zonecfg -z s10 -zone install - a /net/backup_server/s10-system.flar -u
C. zoneadm - z s10 -zone clone - s /net/backup_server/s10-system.flar
D. zone cfg - a s10-zone create - t SUNWsolaris10\</net/backup_server/s10-system.flar
E. zonecfg -z s10-zone install -f /net/backup/backup_server/s10-system.flar
Correct Answer: A
Section: (none)
Explanation
Explanation:
The zoneadm command is the primary tool used to install and administer non-global zones. Operations using the zoneadm command must be run from
the global zone on the target system.
How to Install the solaris10 Branded Zone
A configured solaris10 branded zone is installed by using the zoneadm command with the install subcommand.
Example: global# zoneadm -z s10-zone install -a /net/machine_name/s10-system.flar u
QUESTION 147
How should you permanently restrict the non-global zone testzone so that it does not use more than 20 CPU shares while it is running?
A. While configuring the zone, add this entry:add rct1set name = capped.cpu-sharesadd value (priv = privileged, limit = 20, action = none)endexit
B. While configuring the zone, add this entry: add rct1set name= zone.cpu-sharesadd value (priv=privileged, limit=20, action=none)endexitfrom
command line, enter: # dispadmin - d FSS
C. From the command line enter: #prct1 -n zone.cpu-shares - r - v 20 - i zone testzone
D. From the command line, enter:#prct1 - n zone.cpu-shares - v 80 - r - i zone global
Correct Answer: C
Section: (none)
Explanation
Explanation:
The prctl utility allows the examination and modification of the resource controls associated with an active process, task, or project on the system. It
allows access to the basic and privileged limits and the current usage on the specified entity.
How to Change the zone.cpu-shares Value in a Zone Dynamically This procedure can be used in the global zone or in a non-global zone. For more
information about roles, see Configuring and Using RBAC (Task Map) in System Administration Guide: Security Services.
# prctl -n zone.cpu-shares -r -v value -i zone zonename idtype is either the zonename or the zoneid. value is the new value.
Note: project.cpu-shares
Number of CPU shares granted to a project for use with the fair share scheduler
QUESTION 148
You are going to use the- Automated installer (AI) to install a non global zone named zone1. You have created a custom manifest for the non-global
zone and named it zone1manifest
Which command will you use to add this custom manifest to the s11-sparc install service and associate this custom manifest with the non-global zone?
A. installadm create-profile -n s11-sparc -f /tmp/zone1manifest.xml - c

B. installadm create-manifest -n s11-sparc -f /tmp/zone1manifest.xml -m
C. installadm create-client -n s11-sparc -f /tmp/zone1manifest.xml -m zone1manifest -c zonename= "zone1"
D. installadm create-service - n s11-sparc -f /tmp/zone1manifest.xml -m zone1manifest - c zonename="zone1"
Correct Answer: B
Section: (none)
Explanation
Explanation:
installadm add-manifest
Associates manifests with a specific install

service, thus making the manifests available on
the network, independently from creating a
service. When publishing a non-default manifest,
it is required to associate criteria either via
criteria entered on the command line (-c) or
via a criteria XML file (-C).
QUESTION 149
Identify the correctly matching pair of equivalent functionality of JumpStart and Automated installer (AI).
A. JumpStart: begin script AI: package repository

B. JumpStart: setup_serverAI: installadm create-service
C. JumpStart: add_Install_clientAI: SMF system configuration profile files
D. JumpStart: finish scripts and sysidsfg filesAI: manifest files
Correct Answer: B
Section: (none)
Explanation
Explanation:
JumpStart: Use the setup_install_server(1M) command.
AI: Use the installadm create-service command.
QUESTION 150
You are setting up an automated installer (AI) install server and issue the following command:
installadm create-service -n prod_ai -s /repo/prod_ai.iso \
-i 192.168.1.100 -c 5 -d /export/repo
Which four options describe the install server that you have configured?
A. The service name is prod_ai.

B. DHCP base IP address is 192.168.1.100
C. The initial IP address for the install clients will be 192.168.1.100. This IP address is temporary.
After the client is booted, it will use IP addresses in the following range: 192.168.1.101-105.
D. Five IP addresses are allocated for DHCP clients, starting with 192.168.1.100.
E. The Install server will support up to five clients.
F. The AI net image ISO file is located in /repo/prod and the net image ISO will be unpacked in /export/repo.
G. The AI net image ISO file is located in /repo/repo and is named /repo/prod/_ai.iso.
Correct Answer: ABDF

Section: (none)
Explanation
Explanation:
A: -n <svcname>
Uses this install service name instead of default
service name.
B: -i <dhcp_ip_start>
Sets up a new DHCP server. The IP addresses,
starting from dhcp_address_start, are set up.
D: -c <count_of_ipaddr>
Sets up a total number of IP addresses in the
DHCP table equal to the value of the
count_of_ipaddr. The first IP address is the
value of dhcp_ip_start that is provided by the
-i option.
F: -s <srcimage>
Specifies location of AI ISO image to use for
setting up the install service.
<targetdir>
Required: Specifies location to set up net image.
QUESTION 151
Your mentor suggests using the dladm rename-link command to rename the network datalinks.
What are the two advantages of following this advice?
A. It can clarify which network interface has what purpose.

B. It can simplify specifying the network interface with the dladm modify-aggr command.
C. It can simplify specifying the network interface with the dladm modify-bridge command.
D. It can simplify IP filter rule changes if the network interface is replaced with a different type.
E. It can prevent accidental deletion of the network interface with the dladm delete-phys command.
F. It can prevent accidental deletion of the network interface configuration with the ipadm delete- addr command.
Correct Answer: AE
Section: (none)
Explanation
Explanation:
A: To rename the bge0 link to mgmt0, enter the following command:
# dladm rename-link bge0 mgmt0
E: Consider that the bge0 device, whose link was named mgmt0 as shown in the previous example, needs to be replaced with a ce0 device because of
a hardware failure. The bge0 NIC is physically removed, and replaced with a new ce0 NIC. To associate the newly added ce0 device with the mgmt0
configuration previously associated with bge0, enter the following command:
# dladm rename-link ce0 mgmt0
Note: How to Rename a Datalink
Use this procedure if you want to change a datalink name to a customized name. For example, some of the datalinks in upgraded system might have
retained legacy hardware-based names and you want to change these names to generic ones.
Note: dladm rename-link [-R root-dir] link new-link

Rename link to new-link. This is used to give a link a meaningful name, or to associate existing link configuration such as link properties of a removed
device with a new device.
QUESTION 152
You are asked to troubleshoot networking issues on an unfamiliar system.
Select the correct command to display what network devices are installed.
A. ifconfig -a
B. dladm show-dev
C. dladm show-phys
D. dladm show-ether
E. netadm show-dev
F. netadm show-ether
Correct Answer: B
Section: (none)
Explanation
Explanation:
dladm show-dev
Shows information for all devices or the specified device.
QUESTION 153
The core dump configuration for your system is:
A user is running a process in the global zone and the process crashes. The process information
is:
User1 2663 2618 0 17:46:42 pts/2 0:00 /usr/bin/bash
The server host name is: zeus
What will the per-process core file be named?
A. core.bash.2663.global
B. core.bash.2663.zeus
C. /var/core/core.bash.2663
D. /var/core/core.bash.2663.global
Correct Answer: C
Section: (none)
Explanation
Explanation:
Note the first line:
global core file pattern: /globalcore/core.%f.%p
The program name is bash

The runtime process ID is 2663
Note: By default, the global core dump is disabled. You need to use the coreadm command with the -e global option to enable it. The -g option causes
the command to append the program name(%f) and the runtime process ID (%p) to the core file name.
QUESTION 154
Select two statements that correctly describe the capabilities of the Distribution Constructor.
A. ISO images for use with the Automated Installer (AI) can be created.
B. Bootable USB images can be created for SPARC and x86 architectures.
C. A single installation server can be used to create ISO images for SPARC and x86 architectures.
D. Checkpoints can be used to pause the build, allowing scripts to run that modify the resulting ISO Image.
E. A single Installation server can be used to create ISO images for Solaris 10 and Solaris11 operating systems.
Correct Answer: AD
Section: (none)
Explanation
Explanation:
A: You can use the distribution constructor to create the following types of Oracle Solaris images:
* (A) x86 or SPARC ISO Image for Automated Installations
* Oracle Solaris x86 live CD image
* x86 or SPARC Oracle Solaris text installer image
* x86 Oracle Solaris Virtual Machine
Note: You can use the distribution constructor to build custom Oracle Solaris images. Then, you can use the images to install the Oracle Solaris
software on individual systems or multiple systems. You can, also, use the distribution constructor to create Virtual Machine (VM) images that run the
Oracle Solaris operating system.
D: Checkpointing Options
You can use the options provided in the distro_const command to stop and restart the build process at various stages in the image-generation process,
in order to check and debug the image that is being built. This process of stopping and restarting during the build process is called checkpointing.
QUESTION 155
Which three statements accurately describe the Automated Installation (AI) client?
A. If the AI client does not match any criteria to use a custom manifest or script, the default manifest is used.
B. If the AI client does not match any criteria to use a custom manifest or script, the automated installation aborts.
C. Any manifest or script in a service can be designated to be the default for that service.
D. Only the default.xml file is used as the default AT client manifest.
E. If a client system does not use any SC profile, then an interactive tool opens on that client at first boot after that client installation to complete the
configuration of that client.
F. If a client system does not use any SC profile, then the install server will use the default SC profile.
Correct Answer: ADE

Section: (none)
Explanation
Explanation:
A: Each client uses one and only one AI manifest to complete its installation. The AI manifest is selected for a client according to the following algorithm:
* If no custom AI manifests are defined for this install service, the default AI manifest is used. The default AI manifest is not associated with any client
criteria etc.
D: When you create a new install service,

install_service_image_path/auto_install/manifest/default.xml is the initial default AI manifest for that install service.
E: Each client can use any number of system configuration profiles. If a client system does not use any configuration profile, then an interactive tool
opens on that client at first boot after that client installation to complete the configuration of that client.
QUESTION 156
You are going to create live zones on you server. Disk space is critical on this server so you need to reduce the amount of disk space required for these
zones. Much of the data required for each of these zones is identical, so you want to eliminate the duplicate copies of data and store only data that is
unique to each zone.
Which two options provide a solution for eliminating the duplicate copies of data that is common between all of these zones?
A. Create the zones by using sparse root zones.

B. Set the dedup property to on and the dedupratio to at least 1.5 for the zpool.Create a separate ZFS file system for each zone in the zpool.
C. Put all of the zones in the same ZFS file system and set the dedupratio property for the ZFS file system to at least 1.5.
D. Put all of the zones in the same ZFS file system and set the dedup property for the file system to on.
E. Put each zone in a separate ZFS file system within the same zpool. Set the dedup property to on for each ZFS file system.
Correct Answer: DE
Section: (none)
Explanation
Explanation:
n Oracle Solaris 11, you can use the deduplication (dedup) property to remove redundant data from your ZFS file systems. If a file system has the dedup
property enabled, duplicate data blocks are removed synchronously. The result is that only unique data is stored, and common components are shared
between files.
QUESTION 157
Solaris 11 includes a redesigned software packaging model: the Image Packaging system.
Which three describe advantages of the Image Packaging System over the previous Solaris 10 SVR4 packaging model?
A. Eliminates patching of the software package

B. Makes the patching process more efficient with less downtime
C. Eliminates OS version upgrade
D. Allows for the installation of the OS without a local DVD or installation server
E. Allows the use of a repository mirror to speed up package operation
F. Allows users to publish their own software package in a software repository
Correct Answer: ADF

Section: (none)
Explanation
Explanation:
A: In contrast to the SVR4 packaging model used in earlier Oracle Solaris releases, IPS eliminates the need for patching.
QUESTION 158
You have Solaris 11 system with a host name of sysA and it uses LDAP as a naming service.
You have created a flash archive of sysA and you want to migrate this system to an Oracle Solaris11 server, Solaris10 branded zone.
The zone Status on the Oracle Solaris 11 server is:
- zone10 incomplete/zone/zone1solaris10exc1
Select the option that will force the non-global zone to prompt you for a host name and name service the first time it is booted.
A. Use zonecfg to change the zonename before booting the system for the first time
B. Use the - u option with the zoneadm - z zone10 attach command.
C. Use the -u option with the zoneadn -z zone10 install command.
D. Remove the sysidcfg file from the <zonepath>/root directory before booting the non-global zone.
Correct Answer: C
Section: (none)
Explanation
Explanation:
Oracle Solaris 10 branded zones Oracle Solaris 10 Zones provide an Oracle Solaris 10 environment on Oracle Solaris 11. You can migrate an Oracle
Solaris 10 system or zone to a solaris10 zone on an Oracle Solaris 11 system in the following ways:
* Create a zone archive and use the archive to create an s10zone on the Oracle Solaris 11 system.
This option applies in the current scenario.

Example of command to Install the Oracle Solaris 10 non-global zone. s11sysB# zoneadm -z s10zone install -u -a /pond/s10archive/s10.flar
* Detach the zone from the Oracle Solaris 10 system and attach the zone on the Oracle Solaris 11 zone. The zone is halted and detached from its
current host. The zonepath is moved to the target host, where it is attached.
Note:
install [-x nodataset] [brand-specific options]
A subcommand of the zoneadm.
Install the specified zone on the system. This subcommand automatically attempts to verify first. It refuses to install if the verify step fails.
-u uuid-match
Unique identifier for a zone, as assigned by libuuid(3LIB). If this option is present and the argument is a non-empty string, then the zone matching the
UUID is selected instead of the one named by the -z option, if such a zone is present.
QUESTION 159
You upgraded your server to Oracle Solaris 11 and you imported zpool (pool1) that was created in Solaris 10. You need to create an encrypted ZFS file
system in pool1, but first you need to make sure that your server supports ZFS encryption.
Which four statements are true for support of ZFS encryption?
A. The encrypted file system must have been created in Oracle Solaris11. To encrypt a ZFS file system from a previous version of Solaris, upgrade the
zpool and create a new encrypted ZFS file system into the encrypted ZFS file system.
B. If you plan to create an encrypted file system in an existing zpool, the zpool must be upgraded to ZFS version 30.
C. ZFS encryption is integrated with the ZFS command set and no additional packages need to be installed.
D. ZFS encryption requires that the ZFS Dataset Encryption package be installed.
E. If you plan to create an encrypted file system in an existing zpool, the pool must be upgraded to ZFS version 21, minimum.
F. Encryption is supported at the pool or dataset (file system) level.
G. Encryption is supported at the pool level only for every file system in the pool will be encrypted.
H. You cannot create an encrypted file system in a zpool that was created prior to oracle Solaris11. Create a new zpool in Solaris11, create an
encrypted ZFS file system in the new zpool, and move or copy the data from the existing file system into the new encrypted file system.
Correct Answer: ABCF

Section: (none)
Explanation
Explanation:
A (not H): You can use your existing storage pools as long as they are upgraded. You have the flexibility of encrypting specific file systems.
B(not E): Can I enable encryption on an existing pool? Yes, the pool must be upgraded to pool version 30 to allow encrypted ZFS file systems and
volumes.
C(not D): ZFS encryption is integrated with the ZFS command set. Like other ZFS operations, encryption operations such as key changes and rekey are
performed online. F (not G): Encryption is the process in which data is encoded for privacy and a key is needed by the data owner to access the
encoded data. You can set an encryption policy when a ZFS dataset is created, but the policy cannot be changed.
QUESTION 160
Identify three options that describe the new Oracle Solaris 11 zone features.
A. There are boot environments for zones.

B. Administrators can delegate common administration tasks by using RBAC.
C. Oracle Solaris 11 supports Solaris 8, 9, and 10 branded zones.
D. You can migrate a physical Solaris 10 system and its non-global zones to a solaris10 branded zone running on an Oracle Solaris 11 system.
E. It is possible to change the host ID of a zone.
Correct Answer: ABD
Section: (none)
Explanation
Explanation:
A: The beadm utility includes support for creating and administering non-global zone boot environments.
Note: A boot environment is a bootable instance of the Oracle Solaris operating system image plus any other application software packages installed
into that image. System administrators can maintain multiple boot environments on their systems, and each boot environment can have different
software versions installed.
B: Role-based access control (RBAC) is a security feature for controlling user access to tasks that would normally be restricted to the root role. By
applying security attributes to processes and to users, RBAC can divide up superuser capabilities among several administrators.
QUESTION 161
You run the command dlstat show-link -r.
Select the two correct statements regarding the information displayed in the INTRS column.
A. No value is listed for virtual network interfaces.

B. A value of 0 is listed for virtual interfaces and ether stubs.
C. The number of Interrupts is listed, which indicates network efficiency.
D. A number equal to the number of transmitted Ethernet frames is listed for physical links.
E. The number of packets that were interrupted by a collision is listed, which may indicate hardware problems.
Correct Answer: CE
Section: (none)
Explanation
Explanation:
In this output, the statistics for interrupt (INTRS) are significant. Low interrupt numbers indicate greater efficiency in performance. If the interrupt
numbers are high, then you might need to add more resources to the specific link.
Example:
# dlstat -r -i 1
LINK IPKTS RBYTES INTRS POLLS CH<10 CH10-50 CH>50
e1000g0 101.91K 32.86M 87.56K 14.35K 3.70K 205 5
nxge1 9.61M 14.47G 5.79M 3.82M 379.98K 85.66K 1.64K
vnic1 8 336 0 0 0 0 0
e1000g0 0 0 0 0 0 0 0
nxge1 82.13K 123.69M 50.00K 32.13K 3.17K 724 24
vnic1 0 0 0 0 0 0 0
Note: dlstat show-link [-r [-F] | -t] [-i interval] [-a] [-p] [ -o field[,...]] [-u R|K|M|G|T|P] [link] Display statistics for a link.
-r
Display receive-side statistics only. Includes bytes and packets received, hardware and software drops, and so forth.
List of supported RX fields:
link
iusedby
ibytes
ipkts
intrs
polls
hdrops: hardware drops
sdrops: software drops (owing to bandwidth enforcement) ch<10: number of packet chains of length < 10
ch10-50: number of packet chains of length between 10 and 50 ch>50: number of packet chains of length > 50
QUESTION 162
You need to set up a local package repository to serve 75 client systems. Multiple clients will being the package repository concurrently and you need to
ensure that the local repository performs very well under this heavy load, especially during package intensive operations.
Which option would ensure the best performance of the repository during package-intensive rations by multiple clients?
A. Set up multipathing on the package repository server to distribute the network load multiple network interfaces.
B. Deploy a second instance of the package repository server to run as a read writable mirror.
C. Deploy a second instance of the package repository server to run as a read-only mirror.
D. Deploy a second instance of the package repository server to run as a clone of the primary repository server.
E. Deploy a package repository locally on each client.
Correct Answer: A
Section: (none)
Explanation
Explanation:
QUESTION 163
View the Exhibit and review the zpool and ZFS configuration information from your system.
Identify the correct procedure for breaking the /prod_data mirror, removing c4t0d0 and c4t2d0, and making the data on c4t0d0and c4t2d0 accessible
under the dev_data mount point.
A. zpool split pool1 pool2 c4t0d0 c4t2d0zpool import pool2zfs set mountpoint = /dev_data pool2/prod_data
B. zpool detach pool1 pool2zpool attach pool2zfs set mountpoint=/dev_data pool2/prod_data
C. zpool split pool1/prod_data -n pool2/dev_datazfs set mountpoint = /dev_data pool2/prod_data
D. zpool split pool1 pool2 c4t0d0 c4t2d0zpool import pool2
Correct Answer: D
Section: (none)
Explanation
Explanation:
In this Solaris release, you can use the zpool split command to split a mirrored storage pool, which detaches a disk or disks in the original mirrored pool
to create another identical pool.
After the split operation, import the new pool.
QUESTION 164
United States of America export laws include restrictions on cryptography.
Identify the two methods with which these restrictions are accommodated in the Oracle Solaris 11 Cryptographic Framework.
A. Corporations must utilize signed X.509 v3 certificates.

B. A third-party provider object must be signed with a certificate issued by Oracle.
C. Loadable kernel software modules must register using the Cryptographic Framework SPI.
D. Third-party providers must utilize X.509 v3 certificates signed by trusted Root Certification Authorities.
E. Systems destined for embargoed countries utilize loadable kernel software modules that restrict encryption to 64 bit keys.
Correct Answer: BC
Section: (none)
Explanation
Explanation:
B: Binary Signatures for Third-Party Software

The elfsign command provides a means to sign providers to be used with the Oracle Solaris Cryptographic Framework. Typically, this command is run
by the developer of a provider.
The elfsign command has subcommands to request a certificate from Sun and to sign binaries. Another subcommand verifies the signature. Unsigned
binaries cannot be used by the Oracle Solaris Cryptographic Framework. To sign one or more providers requires the certificate from Sun and the private
key that was used to request the certificate.
C: Export law in the United States requires that the use of open cryptographic interfaces be restricted. The Oracle Solaris Cryptographic Framework
satisfies the current law by requiring that kernel cryptographic providers and PKCS #11 cryptographic providers be signed.
QUESTION 165
You are setting up a local IPS package repository on your Oracle Solaris11 server:
solaris.example.com.
You want to point the existing local IPS publisher to the new local IPS repository located in /repo.
These are the stops that you have followed:
1. Download and rsync the contents of the Oracle Solaris11 repository ISO image to the /repo directory.
2. Configure the repository server service properties. The svcprop command display, the IPS related properties:
pkg/inst_root astring/repo
pkg/readonly Boolean true
The 1s command displays the contents of the /repo directory:
#ls/repo
Pkg5.repository publisher
The svcs publisher command shows the svc: /application/pkg/server: default service is online.
The pkg publisher command shows the svc: /application/pkg/server: default service is online.
The pkg publisher command still displays:
solarisoriginonlinehttp://pkg.oracle.com/solaris/release/
Which steps needs to be performed to set the local IPS publisher to the local IPS repository/repo?
A. Issue the pkgrepo refresh -s command to refresh the repository.

B. Restart the svc:/application/pkg/server:default service.
C. pkg set-publisher command to set the new repository location.
D. Issue the pkgrepo rebuild command to rebuild the repository.
E. Issue the pkgrepo set command to set the new repository location.
Correct Answer: C
Section: (none)
Explanation
Explanation:
Set the Publisher Origin To the File Repository URI
To enable client systems to get packages from your local file repository, you need to reset the origin for the solaris publisher. Execute the following
command on each client:
Example:
# pkg set-publisher -G '*' -M '*' -g /net/host1/export/repoSolaris11/ solaris
QUESTION 166
New features wore added to ZFS in Oracle Solaris11. Your justification to upgrade from Solaris10 to oracle Solaris11 is that it will be possible to take
advantage of the enhancements that were made to ZFS.
Identify the three ZFS functions and features that are included in Oracle Solaris 11, but not in Solaris 10.
A. Encrypted ZFS datasets

B. Ability for ZFS to detect and remove redundant data from the tile system
C. Shadow Data Migration
D. Ability to split a mirrored ZFS storage pool
E. Ability to use ZFS on the boot drive and boot to a ZFS root file system.
F. elimination of the swap file system when using ZFS on the root disk
Correct Answer: ABE

Section: (none)
Explanation
Explanation:
A: ZFS encryption was introduced in ZFS Pool Version Number 30, Solaris Nevada b149.
Filesystem encryption since Solaris 11 Express
B: Deduplication was introduced in ZFS Pool Version Number 21, Solaris Nevada b128.
E: Booting From a ZFS Root File System
Both SPARC based and x86 based systems use the new style of booting with a boot archive, which is a file system image that contains the files required
for booting. When a system is booted from a ZFS root file system, the path names of both the boot archive and the kernel file are resolved in the root file
system that is selected for booting.
QUESTION 167
You are troubleshooting the Oracle Solaris11 Automated Installer (AI), which is not connecting with the IPS software repository.
Which three steps will help determine the cause of DNS name resolution failure?
A. Verify the contents of /etc/resolve.conf.

B. Run netstat -nr to verify the routing to the DNS server.
C. Ping the IP address of the IPS server to verify connectivity.
D. On the installation server, verify that the menu.1st file for the client points to a valid boot arc hive.
E. Run df -k to verify that the boot directory containing the boot archive is loopback mounted under /etc/netboot.
F. Run the command /sbin/dhcpinfo DNSserv to ensure that the DHCP server providing the DNS server information.
Correct Answer: ABF

Section: (none)
Explanation
Explanation:
Check DNS
* (A) Check whether DNS is configured on your client by verifying that a non-empty /etc/resolv.conf file exists.
* (F) If /etc/resolv.conf does not exist or is empty, check that your DHCP server is providing DNS server information to the client:
# /sbin/dhcpinfo DNSserv
If this command returns nothing, the DHCP server is not set up to provide DNS server information to the client. Contact your DHCP administrator to
correct this problem.
* (B) If an /etc/resolv.conf file exists and is properly configured, check for the following possible problems and contact your system administrator for
resolution:
** The DNS server might not be resolving your IPS repository server name.
** No default route to reach the DNS server exists.
QUESTION 168
You created a new zpool. Now you need to migrate the existing ZFS file system from pool1/prod to pool2/prod.
You have these requirements:
1. Users must have access to the data during the migration, so you cannot shutdown the file system while the migration takes place.
2. Because you want to copy the data as quickly as possible, you need to increase the server resources devoted to the ZFS migration.
Which method would you use to modify the ZFS shadow migration daemon defaults to increase the concurrency and overall speed of migration?
A. Svccfg - s filesystem/shadowd:defaultsetprop config_params/shadow_threads=integer:

16endsvcadm refresh filesystem/shadowd: default
B. Specify the -b <blocksize> option with the zfs create command and increase the value of <blocksize>
C. Use the -o -volblocksize=<blocksize>option with the zfs create command and increase the value of the default <blocksize>.
D. Svccfg -s filesystem/zfs: defaultsetprop config_params/shadow_threads = integer:
16endsvcadm refresh filesystem/zfs:default
Correct Answer: A
Section: (none)
Explanation
Explanation:
shadowd is a daemon that provides background worker threads to migrate data for a shadow migration. A shadow migration gradually moves data from
a source file system into a new "shadow" file system. Users can access and change their data within the shadow file system while migration is occurring.
The shadowd service is managed by the service management facility, smf(5). Administrative actions on this service, such as enabling, disabling, or
requesting restart, can be performed using svcadm(1M). The service's status can be queried using the svcs(1) command.
The svccfg(1M) command can be used to manage the following parameter related to shadowd:
config_params/shadow_threads
Note: Oracle Solaris 11: In this release, you can migrate data from an old file system to a new file system while simultaneously allowing access and
modification of the new file system during the migration process.
Setting the shadow property on a new ZFS file system triggers the migration of the older data. The shadow property can be set to migrate data from the
local system or a remote system with either of the following values:
file:///path
nfs://host:path
QUESTION 169
The current ZFS configuration on server is:
You need to backup the /data file system while the file system is active.
Select the option that creates a full backup of the /data file system and stores the backup on server in the pool named backup.
A. Mount -F nfs system: /backup / mntzfs snapshot pool/data@monday>/mnt/Monday

B. Mount -F nfs systemB: /backup/mntzfs snapshot pool1/data@Mondayzfs clone pool1/data@monday/mnt/Monday
C. Zfs send pool1/data@Monday | ssh system zfs recv backup/monday
D. Zfs snapshot pool1/data@Monday | ssh system zfs recv backup/monday
Correct Answer: D
Section: (none)
Explanation
Explanation:
Example (assuming there exists a snapshot `tank/test@1).
Full backup
Now let's do a full initial backup from the `tank/test@1 snapshot:
# zfs send tank/test@1 | zfs receive tank/testback
QUESTION 170
You are creating a non-global zone on your system.
Which option assigns a zpool to a non-global zone, and gives the zone administrator permission to create zfs file system in that zpool?
A. While creating the non-global zone, make the following entry: add deviceset match=/dev/rdsk/c4t0d0endBoot the zone and log in the zone as root.
Create the zpool: zpool create pool2 c4t0d0In the non-global zone, root can now create ZFS file system in the pool2 zpool
B. In the global zone, create the zpool: global# zpool create pool2 c4t1d0While creating the no- global zone, make the following entry: add datasetset
name=pool2endadd fsset dir=pool1set special=pool1set type=zfspool1endBoot the zone, log in the zone as root, and create the zfs file system in the
pool2 zpool.
C. In the global zone, create the zpool:global#zpool create pool2 c4t1d0While creating the global zone, make the following entry: add datasetset
name=pool2endBoot the zone, log in to the zone as root and create the zfs file systems in the pool2 zpool.
D. In the global zone, create the zpool and the ZFS file systems that you want to use in the non- global zone: global#zpool create pool2
c4t1d0global#zfs create pool2/dataWhile creating the non- global zone, make the following entry for each ZFS file system that you want to make
available in the zone: add fsset dir=/dataset special=pool2/dataset type=zfsend
E. Create the zpool in the global zone: global#zpool create pool2 c4t1d0Boot the non-global zone, log in to the zone as root, and issue this command to
delegate ZFS permissions to root: non- global zone# zfs allow root create , destroy, mount pool2Log in to the non-global zone create ZFS file
systems in the pool2 zpool.
Correct Answer: D
Section: (none)
Explanation
Explanation:
You can add a ZFS file system to a non-global zone by using the zonecfg command's add fs subcommand.
In the following example, a ZFS file system is added to a non-global zone by a global zone administrator from the global zone:
# zonecfg -z zion
zonecfg:zion> add fs
zonecfg:zion:fs> set type=zfs
zonecfg:zion:fs> set special=tank/zone/zion
zonecfg:zion:fs> set dir=/export/shared
zonecfg:zion:fs> end
QUESTION 171
A change in your company's security policy now requires an audit trial of all administrators assuming the sysadm role, capturing:
There are two command necessary to accomplish this change. One is a rolemod command. What is the other?
A. auditconfig set policy=argv

B. auditconfig -setpolicy +argv
C. auditconfig -setflags lo, ex sysadm
D. auditconfig set flags=lo, ex sysadm
Correct Answer: B
Section: (none)
Explanation
Explanation:
Audit Significant Events in Addition to Login/Logout (see step 2 below) Use this procedure to audit administrative commands, attempts to invade the
system, and other significant events as specified by your site security policy.
For all users and roles, add the AUE_PFEXEC audit event to their preselection mask.
# usermod -K audit_flags=lo,ps:no username

# rolemod -K audit_flags=lo,ps:no rolename
# auditconfig -setpolicy +argv
3- Record the environment in which audited commands are executed.
# auditconfig -setpolicy +arge
Note: [-t] -setpolicy [+|-]policy_flag[,policy_flag ...] Set the kernel audit policy. A policy policy_flag is literal strings that denotes an audit policy. A prefix of
+ adds the policies specified to the current audit policies. A prefix of - removes the policies specified from the current audit policies. No policies can be
set from a local zone unless the perzone policy is first set from the global zone.
QUESTION 172
Your task is to convert a JumpStart sysidcfg file to an Automated Installer (AI) sc_profile.xml file, using js2ai.
Select two unsupported items that will require changes.
A. terminal = zterms
B. name_service-NTS+
C. timezone=US/pacific
D. system_locale=en_US
E. network_interface=PRIMARY
F. root_password=rJmvLUXM10cU
Correct Answer: AD
Section: (none)
Explanation
Explanation:
A: terminal
The js2ai tool does not perform any translation. Make sure the terminal type speciied in the sysidcfg ile is supported in Oracle Solaris 11.
D: system_locale
The js2ai tool does not perform any translation. Make sure the locale specified in the sysidcfg ile is supported in Oracle Solaris 11.
QUESTION 173
The COMSTAR framework provides support for the iSCSI protocol.
Select three options that correctly describe the COMSTAR framework.
A. iSCSI devices can be used as dump devices.

B. SCSI commands are carried over IP networks and enable you to mount disk devices from across the network onto your local system.
C. Large amounts of data can be transferred over an IP network with very little network degradation.
D. COMSTAR allows you to convert any Solaris11 host into a SCSI target device that can be accessed over a storage network.
E. One IP port can handle multiple ISCSI target devices.
Correct Answer: BDE

Section: (none)
Explanation
Explanation:
B: By carrying SCSI commands over IP networks, the iSCSI protocol enables you to access block devices from across the network as if they were
connected to the local system. COMSTAR provides an easier way to manage these iSCSI target devices.
D: Common Multiprotocol SCSI TARget, or COMSTAR, a software framework that enables you to convert any Oracle Solaris 11 host into a SCSI target
device that can be accessed over a storage network by initiator hosts.
E: One IP port can handle multiple iSCSI target devices.
QUESTION 174
View the Exhibit to inspect the boot environment Information displayed within a non global zone on your system.
Which two options describe the solaris-1 boot environment?
A. The solaris-1 boot environment is not bootable.

B. The solaris-1 boot environment is incomplete.
C. The solaris-1 boot environment was created automatically when the non global zone was created.
D. The solaris-1 boot environment was created in the non-global zone using the beadm create command.
E. The solaris-1 boot environment is associated with a non active global zone boot environment.
Correct Answer: AD
Section: (none)
Explanation
Explanation:
A: The of the Active Column indicates that this boot environment is inactive, and hence not bootable.
Note: The values for the Active column are as follows:
R Active on reboot.
N Active now.
NR Active now and active on reboot.
"-" Inactive.
"!" Unbootable boot environments in a non-global zone are represented by an exclamation point.
D: beadm create
Creates a new boot environment name, beName.
Note: beadm list

Lists information about the existing boot environment, which is be Name, or lists information for all boot environments if be Name is not provided.
Note: Using beadm Utility (Tasks)
You can use the beadm utility to create and manage snapshots and clones of your boot environments.
Note the following distinctions relevant to boot environment administration:
* A snapshot is a read-only image of a dataset or boot environment at a given point in time. A snapshot is not bootable.
* A boot environment is a bootable Oracle Solaris environment, consisting of a root dataset and, optionally, other datasets mounted underneath it.
Exactly one boot environment can be active at a time.
* A clone of a boot environment is created by copying another boot environment. A clone is bootable.
QUESTION 175
You are using AI to install a new system. You have added to following information to the AI manifest:
<configuration type= "zone" name= "dbzone"
source = "http://sysA.example.com/zone_cfg/zone.cfg"/>
Which statement is true with regard to the zone.cfg?
A. The zone.cfg file is text file in a zonecfg export format.

B. The zone.cfg file is an AI manifest that specifies how the zone is to be installed.
C. The zone.cfg file is an xml file in a form suitable for use as a command file for the zonecfg command.
D. The zone.cfg file is an SC profile with keywords that are specific for configuring a as part of the installation process.
E. It is am xml configuration file from the /etc/zone directory. It will be used as a profile for the zone. It specifies the zonename, zonepath, and other
zonecfg parameters.
Correct Answer: B
Section: (none)
Explanation
Explanation:
The configuration element supports non-global zone configurations. When installing a global zone system, the zone configurations specified in the AI
manifest are used to install non-global zones onto the system after the global zone has been installed
The configuration element has the following attributes:
type
The type of configuration to install. The only type supported by AI is zone.
name
A name given to the configuration. This name must be unique across all configuration elements in an AI manifest. For configurations of type zone, this
name is also used as the zonename for he zone.
Source
The location from which AI downloads the configuration file for this configuration element. The value can be an HTTP or FILE URI specification. For
configurations of type zone, this value should point to a zone configuration file as produced from the zonecfg export command.
QUESTION 176
You need to make sure that all of the software packages on your server are up to date. Without installing any updates, which two commands would
display .my software updates that are available in the default Oracle repository?
A. pkg list -u
B. pkg verify u `*'
C. pkg search u
D. pkg info r `*'
E. pkg install nv
F. pkg update nv `*'
Correct Answer: AD
Section: (none)
Explanation
Explanation:
A: the pgk list command display a list of packages in the current image, including state and other information. By default, package variants for a different
architecture or zone type are excluded.
D: pkginfo displays information about software packages that are installed on the system (with the first synopsis, with -l) or that reside on a particular
device or directory (with the second synopsis, with -r).
Without options, pkginfo lists the primary category, package instance, and the names of all completely installed and partially installed packages. It
displays one line for each package selected.
case.
QUESTION 177
You have a ticket from a new user on the system, indicating that he cannot log in to his account. The information in the ticket gives you both the
username and password. The ticket also shows that the account was set up three days ago.
As root, you switch users to this account with the following command:
su newuser
You do not get an error message.
You then run 1s -1a and see the following files:
local1.cshrc local1.login local1.profile .bash_history .bashrc .profile
As root, you grep the /etc/passwd file and the /etc/shadow file for this username, with these results:
/etc/passwd contains newuser:x:60012:10:/home/newuser:/usr/bin/bash
/etc/shadow contains newuser:UP: : : : :10: :
As root, what is your next logical step?
A. Usermod f 0
B. passwd newuser
C. mkdir /home/newuser
D. useradd D
Correct Answer: B
Section: (none)
Explanation
Explanation:
The content of the /etc/shadow document indicates that the newuser account has no password.
We need to add a password.
The passwd utility is used to update user's authentication token(s).
D: Here the user account already exist. There is no need to create it.
When invoked without the -D option, the useradd command creates a new user account using the values specified on the command line plus the default
values from the system. Depending on command line options, the useradd command will update system files and may also create the new user's home
directory and copy initial files.
QUESTION 178
You are having an issue with the shutdown command. You wish to determine if the file is a script or an executable program. Which command would you
use to determine this?
A. od shutdown
B. file shutdown
C. test shutdown
D. cksum shutdown
E. attrib shutdown
Correct Answer: B
Section: (none)
Explanation
Explanation:
The file command determines the file type file tests each argument in an attempt to classify it. There are three sets of tests, performed in this order:
filesystem tests, magic tests, and language tests. The first test that succeeds causes the file type to be printed.
QUESTION 179
You are troubleshooting a newly installed desktop Oracle Solaris 11 system with a single network interface. From this system, you can connect to other
systems within the company intranet, but cannot access any external services (such as websites and email), even when using IP addresses.
Examining the routing table confirms that the default route to 192.168.1.1 is missing. DHCP is not used at this site. Which two commands will
temporarily mid permanently configure the default route?
A. ipadm set-gateway 192.168.1.1

B. route add default 192.168.1.1
C. ipadm set-default 192.168.1.1
D. dladm route-add d 192.168.1.1
E. echo 192.168.1.1 >/etc/gateway
F. echo 192.168.1.1 >/etc/defaultrouter
Correct Answer: BF
Section: (none)
Explanation
Explanation:
B: Setting the default route on Solaris is easy. If you are trying to just set the route temporarily you can use the route command:
Route add default <ipaddress>
Example:
Route add default 192.168.1.1
Note: Route command manipulates the kernel routing tables. Routing is the process of forwarding a packet from one computer to another. It is based on
the IP address in the IP packet header and netmask.
F: If you want the route to be persisted when you reboot the system, you will need to set the route in the /etc/defaultrouter file.
/etc/defaultrouter
Example:
Echo 192.168.1.1 > /etc/defaultrouter
QUESTION 180
User jack on host solaris attempts to use ssh to log in to host oracle and receives this message:
jack@solaris:~$ ssh oracle
ssh: connect to host oracle port 22: connection refused
What is the problem?
A. Host oracle does not have a valid host public key.

B. Host oracle does not have a valid host private key.
C. Host solaris does not have a valid host public key.
D. Host does not have a valid host private key.
E. Host solaris is not configured for host-based authentication.
F. Host oracle is not configured for host-based authentication.
G. Host oracle is not running the ssh service.
H. Host solaris is not running the ssh service.
Correct Answer: G
Section: (none)
Explanation
Explanation:
The host he is trying to connect to (oracle) is not running the required service (ssh).
QUESTION 181
In order to display the IP addresses of network interfaces, what command would you use?
A. dladm
B. ipconfig
C. sves
D. ipadm
E. ipaddr
Correct Answer: D
Section: (none)
Explanation
Explanation:
Example:
# ipadm show-addr
lo0/v4 static ok 127.0.0.1/8
QUESTION 182
You are logged in as root to a newly installed Solaris 11 system. You issue the command useradd -d, and then examine the /usr/sadm/defadduser file.
This file includes the entry defshell=/bin/sh. Which shell will now be the default for the next account created?
A. bash shell
B. C shell
C. korn shod
D. bourne shell
Correct Answer: A
Section: (none)
Explanation
Explanation:
Oracle Solaris 11 introduces user environment and command-line argument changes that include the following:
* Shell changes - The default shell, /bin/sh, is now linked to ksh93. The default user shell is the Bourne-again (bash) shell.
* The legacy Bourne shell is available as /usr/sunos/bin/sh.
* The legacy ksh88 is available as /usr/sunos/bin/ksh from the shell/ksh88 package.
* Korn shell compatibility information is available in /usr/share/doc/ksh/COMPATIBILITY.
QUESTION 183
Identify the correct description of an IPS image.
A. an ISO image of the Solaris media DVD

B. an IPS repository
C. a depot location or source where Solaris packages can be installed from
D. a location where packages can be installed, for example, your Solaris instance
Correct Answer: D
Section: (none)
Explanation
Explanation:
An image is a location where packages can be installed.
An image can be one of three types:
* Full images are capable of providing a complete system.
* Partial images are linked to a full image (the parent image), but do not provide a complete system on their own.
* User images contain only relocatable packages.
QUESTION 184
Which files must be edited in order to set up logging of all failed login attempts?
A. /etc/default/login, /var/adm/loginlog, /etc/syslog.conf

B. /etc/default/login, /var/adm/authlog, /etc/syslog.conf
C. /var/adm/loginlog, /var/adm/authlog, /etc/syslog.conf
D. /etc/default/login, /var/adm/authlog, /var/adm/loginlog
Correct Answer: B
Section: (none)
Explanation
Explanation:
1. Set up the /etc/default/login file with the desired values for SYSLOG and SYSLOG_FAILED_LOGINS
Edit the /etc/default/login file to change the entry. Make sure that SYSLOG=YES is uncommented.
2. Create a file with the correct permissions to hold the logging information.
3. Edit the syslog.conf file to log failed password attempts.

Send the failures to the authlog file.
QUESTION 185
Your system is assigned an IP address object 192.168.0.222/24. However, the net mask--expressed as four octets--is required. Which is the correct
netmask?
A. 255.0.0.0
B. 255.255.0.0
C. 255.255.255.0
D. 255.255.255.24
E. 255.255.255.255
Correct Answer: C
Section: (none)
Explanation
Explanation:
A 24-bit network mask is expressed as 255.255.255.0.
QUESTION 186
A user jack, using a bash shell, requests a directory listing as follows:
jack@solaris: ~ $ 1s
dira dirb dirc diraa dirabc
A. The pattern dir? will expand to dira dirb dirc.

B. The pattern dir*a will expand to diraa.
C. The pattern dir*a will expand to dira diraa.
D. The pattern dir*b? will expand to dirabc.
E. The pattern dir*b? will expand to dirb dirabc.
Correct Answer: ACD

Section: (none)
Explanation
Explanation:
A: dir followed by a single letter.
C: dir followed by any characters ending with a.
D: dir followed by any characters, then character b, then one single character.
only dirabc matches
QUESTION 187
You are logged in to a Solaris 11 system as user jack. You issue the following sequence of commands:
Identify two correct statements.
A. You have the effective privilege of the account root.

B. Your GID is 10.
C. Your home directory is /root.
D. You are running the shell specified for the account root.
E. Your UID is 1.
Correct Answer: AB
Section: (none)
Explanation
Explanation:
Oracle Solaris provides predefined rights profiles. These profiles, listed in the /etc/security/prof_attr, can be assigned by the root role to any account. The
root role is assigned all privileges and all authorizations, so can perform all tasks, just as root can when root is a user.
To perform administrative functions, you open a terminal and switch the user to root. In that terminal, you can then perform all administrative functions.
$ su - root
Password: Type root password
#
When you exit the shell, root capabilities are no longer in effect.
QUESTION 188
Which two statements describe the COMSTAR framework available in Oracle Solaris 11?
A. It converts an Oracle Solaris 11 host into a SCSI target device that can be accessed over a storage network by Linux, Mac OS, or Windows client
systems.
B. iSCSI targets cannot be configured as dump devices.
C. It provides support for iSCSI devices that use SLP.
D. It is used to connect to Fibre Channel or iSCSI Storage Area Network (SAN) environments.
E. It provides an upgrade and update path to convert your iSCSI LUNs from Solaris 10 systems.
Correct Answer: AB
Section: (none)
Explanation
Explanation:
A: You can configure Common Multiprotocol SCSI TARget, or COMSTAR, a software framework that enables you to convert any Oracle Solaris 11 host
into a SCSI target device that can be accessed over a storage network by initiator hosts.
This means you can make storage devices on a system available to Linux, Mac OS, or Windows client systems as if they were local storage devices.
Supported storage protocols are iSCSI, FC, iSER, and SRP.
B: iSCSI targets cannot be configured as dump devices.
QUESTION 189
In Oracle Solaris 11, where is the Oracle default repository located?
A. /var/spool/pkg
B. http://localhost/solaris
C. http://pkg.oracle.com/solaris/release
D. http://www.oracle.com/Solaris/download
E. /cdrom/cdrom0
Correct Answer: C
Section: (none)
Explanation
Explanation:
REPOSITORY DESCRIPTION
* http://pkg.oracle.com/solaris/release
The default repository for new Oracle Solaris 11 users. This repository receives updates for each new release of Oracle Solaris. Significant bug fixes,
security updates, and new software may be provided at any time for users to install at Oracle's discretion.
*https://pkg.oracle.com/solaris/support
Provides bug fixes and updates. Accessible with a current support contract from Oracle.
* https://pkg.oracle.com/solaris/dev Provides the latest development updates. Accessible to users enrolled in the Oracle Solaris 11 Platinum Customer
Program and approved Oracle Partners.
QUESTION 190
In a default standalone installation of Oracle Solaris 11, what is the default minimum length in characters of a user password, and where is the minimum
password length defined?
A. Default minimum length is 8, and is defined in /etc/default/password.

B. Default minimum length is 6, and is defined in /etc/default/password.
C. Default minimum length is 8, and is defined in /etc/shadow.
D. Default minimum length is 6, and is defined in /etc/shadow.
E. Default minimum length is 8, and is defined in /usr/sadm/defadduser.
F. Default minimum length is 6, and is defined in /usr/sadm/defadduser.
Correct Answer: B
Section: (none)
Explanation
Explanation:
By default, the passwd command assumes a minimum length of six characters. You can use the PASSLENGTH default in the /etc/defaults/passwd files
to change that by setting the minimum number of characters that a user's password must contain to some other number.
QUESTION 191
You need to install the gzip software package on your system. Which command would you use to find the software package in the configured
repository?
A. pkg search gzip

B. pkg info gzip
D. pkginfo gzip
E. yum list gzip
Correct Answer: A
Section: (none)
Explanation
Explanation:
Use the pkg search command to search for packages whose data matches the specified pattern. Like the pkg contents command, the pkg search
command examines the contents of packages. While the pkg contents command returns the contents, the pkg search command returns the names of
packages that match the query.
QUESTION 192
You have a process called bigscript, and you need to know the PID number for this process.
Which command will provide that information?
A. pkill bigscript
B. ps bigscript
C. pgrep bigscript
D. prstat bigscript
Correct Answer: C
Section: (none)
Explanation
Explanation:
Pgrep takes a process name and return a PID.
Note: pgrep looks through the currently running processes and lists the process IDs which matches the selection criteria to stdout. All the criteria have to
match. For example, pgrep -u root sshd
will only list the processes called sshd AND owned by root.
Incorrec answers:
ps bigscript: You can't pass a name to ps, it interprets it as arguments.
QUESTION 193
Which three files must be edited in order to set up logging of all failed login attempts?
A. /var/adm/authlog
B. /etc/syslog.conf
C. /etc/default/login
D. /var/adm/loginlog
Correct Answer: ABC

Section: (none)
Explanation
Explanation:
How to Monitor All Failed Login Attempts
Assume the Primary Administrator role, or become superuser.
1. Assume the Primary Administrator role, or become superuser.

2. (C) Set up the /etc/default/login file with the desired values for SYSLOG and SYSLOG_FAILED_LOGINS
3. (A) Create a file with the correct permissions to hold the logging information.
4. (B) Edit the syslog.conf file to log failed password attempts.
QUESTION 194
Identify the two security features incorporated in the Oracle Solaris 11 Cryptographic Framework.
A. Layer 5 IP address encryptions

B. Internet protocol security
C. Diffie-Kerberos coaxial key encryption
D. Signed cryptographic plugins (providers)
E. Kernel support for signed antivirus plugins
Correct Answer: DE
Section: (none)
Explanation
Explanation:
The framework enables providers of cryptographic services to have their services used by many consumers in the Oracle Solaris operating system.
Another name for providers is plugins. The framework allows three types of plugins:
* User-level plugins - Shared objects that provide services by using PKCS #11 libraries, such as pkcs11_softtoken.so.1.
* Kernel-level plugins - Kernel modules that provide implementations of cryptographic algorithms in software, such as AES.
Many of the algorithms in the framework are optimized for x86 with the SSE2 instruction set and for SPARC hardware.
* Hardware plugins - Device drivers and their associated hardware accelerators. The Niagara chips, the ncp and n2cp device drivers, are one example.
A hardware accelerator offloads expensive cryptographic functions from the operating system. The Sun Crypto Accelerator 6000 board is one example.
QUESTION 195
Review the zonestat command:
zonestate - q physical - memory -R high -z -p -p "zones" 10 24h 60m
Select the option that correctly describes the information that is displayed by this command.
A. It is a sample of dbzone's physical memory usage taken every hour over a 24-hour period.Only the top 10 samplings of peak memory usage are
displayed. All other utilization data is eliminated.
B. It is a sample of dbzone's CPU, virtual memory, and networking utilization.Physical memory is executed from the report.The sampling is taken every
10 minutes over a 24-hour period and peak utilization id displayed each hour.
C. It is a sample of dbzone's CPU, virtual memory, and networking utilization.Physical memory is executed from the report.The sampling is taken every
10 minutes over a 24-hour period and displayed each hour.
D. It is a sample of dbzone's physical memory usage taken every 10 seconds and 24-hour period.Only peak virtual memory usage and CPU utilization
are displayed each hour.All other Utilization data is eliminated.
E. It is a sample of dbzone's physical memory usage taken every 10 seconds and 24-hour period.Only peak memory usage is displayed each hour.All
other utilization data is eliminated.
Correct Answer: D
Section: (none)
Explanation
Explanation:
* (Not A, B, C): interval (here 10 seconds): Specifies the length in seconds to pause between each interval report.
* duration (here 24 h)
* -R report[,report] (here high)
Print a summary report.
High Print a summary report detailing the highest usage of each resource and zone during any interval of the zonestat utility invocation.
The default output is a summary of cpu, physical, and virtual memory utilization. The -r option can be used to choose detailed output for specific
resources.
QUESTION 196
You have been tasked with creating a dedicated virtual network between two local zones within a single system. In order to isolate the network traffic
To accomplish this, you will create__________.
A. An ether stub
B. A virtual router
C. A virtual switch
D. A virtual bridge.
E. A virtual network interface
F. Nothing because a virtual switch is automatically created then the virtual network interfaces are created.
Correct Answer: A
Section: (none)
Explanation
Explanation:
Etherstubs are pseudo ethernet NICs which are managed by the system administrator. You can create VNICs over etherstubs instead of over physical
links. VNICs over an etherstub become independent of the physical NICs in the system. With etherstubs, you can construct a private virtual network that
is isolated both from the other virtual networks in the system and from the external network. For example, you want to create a network environment
whose access is limited only to your company developers than to the network at large. Etherstubs can be used to create such an environment.
Note: Oracle Solaris 11 introduces a new and powerful network stack architecture which includes:
* Networking virtualization with virtual network interface cards (VNICs) and virtual switching (etherstubs)
* Tight integration with zones
* Network resource management - efficient and easy to manage integrated quality of service (QoS) to enforce bandwidth limit on VNICs and traffic flows
We will be examini
QUESTION 197
Which command should you choose to display the current parameters for the FSS scheduler?
A. dispadmin - c FSS
B. prionctl -c FSS
C. dispadmin -c FSS -g
D. priocntl -c FSS -g
Correct Answer: C
Section: (none)
Explanation
Explanation:
The dispadmin command displays or changes process scheduler parameters while the system is running.
-c class
Specifies the class whose parameters are to be displayed or changed. Valid class values are: RT for the real-time class, TS for the time-sharing class,
IA for the inter-active class, FSS for the fair- share class, and FX for the fixed-priority class. The time-sharing and inter-active classes share the same
scheduler, so changes to the scheduling parameters of one will change those of the other.
-g
Gets the parameters for the specified class and writes them to the standard output.
QUESTION 198
You are setting up a local IPS package repository on your Oracle Solaris11 server:
solaris.example.com.
You want to point the existing local IPS publisher to the new local IPS repository located in /repo.
These are the stops that you have followed:
1. Download and rsync the contents of the Oracle Solaris11 repository ISO image to the /repo directory.
2. Configure the repository server service properties. The svcprop command display, the IPS related properties:
pkg/inst_root astring/repo
pkg/readonly Boolean true
The 1s command displays the contents of the /repo directory:
#ls/repo
Pkg5.repository publisher
The svcs publisher command shows the svc: /application/pkg/server: default service is online.
The pkg publisher command shows the svc: /application/pkg/server: default service is online.
The pkg publisher command still displays:
solarisoriginonlinehttp://pkg.oracle.com/solaris/release/
Which steps needs to be performed to set the local IPS publisher to the local IPS repository/repo?
A. Issue the pkgrepo refresh -s command to refresh the repository.

B. Restart the svc:/application/pkg/server:default service.
C. pkg set-publisher command to set the new repository location.
D. Issue the pkgrepo rebuild command to rebuild the repository.
E. Issue the pkgrepo set command to set the new repository location.
Correct Answer: C
Section: (none)
Explanation
Explanation:
Set the Publisher Origin To the File Repository URI
To enable client systems to get packages from your local file repository, you need to reset the origin for the solaris publisher. Execute the following
command on each client:
Example:
# pkg set-publisher -G '*' -M '*' -g /net/host1/export/repoSolaris11/ solaris
QUESTION 199
A change in your company's security policy now requires an audit trial of all administrators assuming the sysadm role, capturing:
There are two command necessary to accomplish this change. One is a rolemod command. What is the other?
A. auditconfig set policy=argv

B. auditconfig -setpolicy +argv
C. auditconfig -setflags lo, ex sysadm
D. auditconfig set flags=lo, ex sysadm
Correct Answer: B
Section: (none)
Explanation
Explanation:
Audit Significant Events in Addition to Login/Logout (see step 2 below) Use this procedure to audit administrative commands, attempts to invade the
system, and other significant events as specified by your site security policy.
For all users and roles, add the AUE_PFEXEC audit event to their preselection mask.
# usermod -K audit_flags=lo,ps:no username

# rolemod -K audit_flags=lo,ps:no rolename
# auditconfig -setpolicy +argv
3- Record the environment in which audited commands are executed.
# auditconfig -setpolicy +arge
Note: [-t] -setpolicy [+|-]policy_flag[,policy_flag ...] Set the kernel audit policy. A policy policy_flag is literal strings that denotes an audit policy. A prefix of
+ adds the policies specified to the current audit policies. A prefix of - removes the policies specified from the current audit policies. No policies can be
set from a local zone unless the perzone policy is first set from the global zone.
QUESTION 200
View the Exhibit to inspect the boot environment Information displayed within a non global zone on your system.
Which two options describe the solaris-1 boot environment?
A. The solaris-1 boot environment is not bootable.

B. The solaris-1 boot environment is incomplete.
C. The solaris-1 boot environment was created automatically when the non global zone was created.
D. The solaris-1 boot environment was created in the non-global zone using the beadm create command.
E. The solaris-1 boot environment is associated with a non active global zone boot environment.
Correct Answer: AD
Section: (none)
Explanation
Explanation:
A: The of the Active Column indicates that this boot environment is inactive, and hence not bootable.
Note: The values for the Active column are as follows:
R Active on reboot.
N Active now.
NR Active now and active on reboot.
"-" Inactive.
"!" Unbootable boot environments in a non-global zone are represented by an exclamation point.
D: beadm create
Creates a new boot environment name, beName.
Note: beadm list

Lists information about the existing boot environment, which is be Name, or lists information for all boot environments if be Name is not provided.
Note: Using beadm Utility (Tasks)
You can use the beadm utility to create and manage snapshots and clones of your boot environments.
Note the following distinctions relevant to boot environment administration:
* A snapshot is a read-only image of a dataset or boot environment at a given point in time. A snapshot is not bootable.
* A boot environment is a bootable Oracle Solaris environment, consisting of a root dataset and, optionally, other datasets mounted underneath it.
Exactly one boot environment can be active at a time.
* A clone of a boot environment is created by copying another boot environment. A clone is bootable.
QUESTION 201
Which best describes the svc:/system/boot-config service?
A. It is used to change the milestone on a system.

B. It is used to set the default run level of the system.
C. It provides the parameters used to set the system to automatically perform a fast or slow reboot.
D. When the service is enabled, the system performs a fast reboot by default; when it is disable the system performs a slow reboot by default.
Correct Answer: C
Section: (none)
Explanation
Explanation:
Starting with the Oracle Solaris 11 Express release, Fast Reboot is supported on the SPARC platform, as well as the x86 platform. On both platforms,
this feature is controlled by the SMF and implemented through a boot configuration service, svc:/system/boot-config. The boot-config service provides a
means for setting or changing the default boot configuration parameters.
The fastreboot_default property of the boot-config service enables an automatic fast reboot of the system when either the reboot or the init 6 command
is used. When the config/fastreboot_default property is set to true the system automatically performs a fast reboot, without the need to use the reboot -f
command. By default, this property's value is set to false on the SPARC platform and to true on the x86 platform.
QUESTION 202
A user jack, using a korn shell, requests a directory listing as follows:
jack@solaris:/export/home/jack $ 1s
File filea Filea fileb Fileb filec Filec
Which two statements are correct?
A. The pattern [?i]*a will expand to filea Filea.

B. The pattern [fF]*a? will expand to [fF] *a?.
C. The pattern [gfe] * will expand to file filea fileb filec.
D. The pattern [g-e] * will expand to file filea fileb filec.
E. The pattern [fF] [a-zA-z] i*e will expand to file.
Correct Answer: AC
Section: (none)
Explanation
Explanation:
A: starting with one single character, second character must be letter i, any characters, ending with letter a.
C: starting with letter e, f, or g, followed by anything.
QUESTION 203
You created an IP address for interface not.3 with the following command, which executed successfully:
ipadm create-addr T static a 192.168.0.100/24 net3/v4
You then ran:
ipadm showif
The result indicated that the interface was down.
You then ran:
ipadm delete-addr net3/v4
ipadm create-addr T static a 192.168.0.101/24 net3/v4
ipadm show-if
The last command indicated that the interface was up.
Why did it work with the second address specified, but not the first?
A. The 192.168.0.100 address is reserved for broadcast messages.

B. Another device exists on the network, using the 192.168.0.100 address.
C. The network interface card does not support the address 192.168.0.100.
D. The address 192.168.0.100 is at a boundary and may not be configured in Oracle Solaris 11.
E. 192.168.0.100 is a DHCP address and may not be statically configured in Oracle Solaris 11.
Correct Answer: B
Section: (none)
Explanation
Explanation:
The first IP address is already in use.
QUESTION 204
You have a ticket from a new user on the system, indicating that he cannot log in to his account. The information in the ticket gives you both the
username and password. The ticket also shows that the account was set up three days ago.
As root, you switch users to this account with the following command:
su newuser
You do not get an error message.
You then run 1s -1a and see the following files:
local1.cshrc local1.login local1.profile .bash_history .bashrc .profile
As root, you grep the /etc/passwd file and the /etc/shadow file for this username, with these results:
/etc/passwd contains newuser:x:60012:10:/home/newuser:/usr/bin/bash
/etc/shadow contains newuser:UP: : : : :10: :
As root, what is your next logical step?
A. Usermod f 0
B. passwd newuser
C. mkdir /home/newuser
D. useradd D
Correct Answer: B
Section: (none)
Explanation
Explanation:
The content of the /etc/shadow document indicates that the newuser account has no password.
We need to add a password.
The passwd utility is used to update user's authentication token(s).
D: Here the user account already exist. There is no need to create it.
When invoked without the -D option, the useradd command creates a new user account using the values specified on the command line plus the default
values from the system. Depending on command line options, the useradd command will update system files and may also create the new user's home
directory and copy initial files.
QUESTION 205
You have a user that needs to use the cron tool to schedule some repetitive tasks. When the user enters the crontab e command in a terminal window,
the following error appears:
crontab: you are not authorized to use cron. Sorry
In order to troubleshoot this issue, in what directory would you start your invest
A. /etc/cron.d
B. /var/spool/cron
C. /var/spool/cron/crontable
D. /var/spool/cron/atjobs
Correct Answer: A
Section: (none)
Explanation
Explanation:
crontab: you are not authorized to use cron. Sorry.
This message means that either the user is not listed in the cron.allow file (if the file exists), or the user is listed in the cron.deny file.
You can control access to the crontab command by using two files in the /etc/cron.d directory:
cron.deny and cron.allow. These files permit only specified users to perform crontab command tasks such as creating, editing, displaying, or removing
their own crontab files.
The cron.deny and cron.allow files consist of a list of user names, one user name per line.
QUESTION 206
You are having an issue with the shutdown command. You wish to determine if the file is a script or an executable program. Which command would you
use to determine this?
A. od shutdown
B. file shutdown
C. test shutdown
D. cksum shutdown
E. attrib shutdown
Correct Answer: B
Section: (none)
Explanation
Explanation:
The file command determines the file type file tests each argument in an attempt to classify it. There are three sets of tests, performed in this order:
filesystem tests, magic tests, and language tests. The first test that succeeds causes the file type to be printed.
QUESTION 207
What determines which bits in an IP address represent the subnet, and which represent the host?
A. Subnet
B. unicast
C. netmask
D. multicast
E. broadcast
Correct Answer: C
Section: (none)
Explanation
Explanation:
A subnetwork, or subnet, is a logically visible subdivision of an IP network. The practice of dividing a network into two or more networks is called
subnetting. The routing prefix of an address is written in a form identical to that of the address itself. This is called the network mask, or netmask, of the
address. For example, a specification of the most- significant 18 bits of an IPv4 address, 11111111.11111111.11000000.00000000, is written as
255.255.192.0.
QUESTION 208
Which two accurately identify features of a Solaris 10 branded zone?
A. executes in a Solaris 10 global zone

B. is created by importing a Solaris 10 flash archive
C. enables Linux binary applications to run unmodified
D. provides a complete runtime environment for Solaris 9 applications
E. allows a Solaris 10 global zone to be migrated into a Solaris 10 non-global zone on a Solaris 11 system
Correct Answer: BE
Section: (none)
Explanation
Explanation:
B: It can be created by importing a Solaris 10 flash archive. You can use the Oracle Solaris Flash archiving tools to create an image of an installed
system that can be migrated into a zone.
The system can be fully configured with all of the software that will be run in the zone before the image is created. This image is then used by the
installer when the zone is installed.
Note: You can use alternate methods for creating the archive. The installer can accept the following archive formats:
* cpio archives
* gzip compressed cpio archives
* bzip2 compressed cpio archives
* pax archives created with the -x xustar (XUSTAR) format Ä ufsdump level zero (full) backups
Note:
Branded zones that run an environment different that the OS release on the system
* The lx branded zone introduced in the Solaris 10 8/07 release provides a Linux environment for your applications and runs on x86 and x64 machines
on the Oracle Solaris 10 OS.
* The solaris8 and solaris9 branded zones enable you to migrate an Oracle Solaris 8 or Oracle Solaris 9 system to an Oracle Solaris 8 or Oracle Solaris
9 Container on a host running the Oracle Solaris 10 8/07 Operating System or later Oracle Solaris 10 release.
* The Oracle Solaris 10 Container brand is available in OpenSolaris build 127. These branded zones host Oracle Solaris 10 user environments.
Note: One of the powerful features of Solaris 11 is the ability to run a Solaris 10 environment in a zone. Solaris 10 allows you to run Solaris 8 and 9
environments in zones, but only on SPARC.
QUESTION 209
Which files must be edited in order to set up logging of all failed login attempts?
A. /etc/default/login, /var/adm/loginlog, /etc/syslog.conf

B. /etc/default/login, /var/adm/authlog, /etc/syslog.conf
C. /var/adm/loginlog, /var/adm/authlog, /etc/syslog.conf
D. /etc/default/login, /var/adm/authlog, /var/adm/loginlog
Correct Answer: B
Section: (none)
Explanation
Explanation:
1. Set up the /etc/default/login file with the desired values for SYSLOG and SYSLOG_FAILED_LOGINS
Edit the /etc/default/login file to change the entry. Make sure that SYSLOG=YES is uncommented.
2. Create a file with the correct permissions to hold the logging information.
3. Edit the syslog.conf file to log failed password attempts.

Send the failures to the authlog file.
QUESTION 210
Which command would you use from the bash shell to determine the total amount of physical memory installed in your Solaris system (x86 and
SPARC)?
A. uname a
B. prtconf | grep i memory
C. sysdef | grep i memory
D. vmstat
E. prtdiag | grep i memory
Correct Answer: B
Section: (none)
Explanation
Explanation:
The prtconf command prints the system configuration information. The output includes the total amount of memory, and the configuration of system
peripherals formatted as a device tree.
If a device path is specified on the command line for those command options that can take a device path, prtconf will only display information for that
device node.
QUESTION 211
Which two options are characteristics of a fast reboot?
A. A fast reboot bypasses grub.

B. A fast reboot cannot be used after a system panic on the x86 platform.
C. A fast reboot can only be executed on the SPARC platform when the config/fastreboot_default property for the svc:/system/boot-config:default
service is set to true.
D. A fast reboot uses an in-kernel boot loader to load the kernel into memory.
E. A fast reboot is the default on all platforms.
Correct Answer: CD
Section: (none)
Explanation
Explanation:
C: To change the default behavior of the Fast Reboot feature on the SPARC platform, so that a fast reboot is automatically performed when the system
reboots, see below.
The following example shows how to set the property's value to true on the SPARC platform, so that a fast reboot is initiated by default:
# svccfg -s "system/boot-config:default" setprop config/fastreboot_default=true # svcadm refresh svc:/system/boot-config:default
D: Fast Reboot implements an in-kernel boot loader that loads the kernel into memory and then switches to that kernel.
The firmware and boot loader processes are bypassed, which enables the system to reboot within seconds.
The Fast Reboot feature is managed by SMF and implemented through a boot configuration service, svc:/system/boot-config. The boot-config service
provides a means for setting or changing the default boot configuration parameters. When the config/fastreboot_default property is set to true, the
system performs a fast reboot automatically, without the need to use the reboot -f command. This property's value is set to true on the x86 platform. For
task-related information, including how to change the default behavior of Fast Reboot on the SPARC platform, see Accelerating the Reboot Process on
an x86 Based System.
Note: One new feature, called Fast Reboot, will allow the system to boot up without doing the routine set of hardware checks, a move that can make
system boot times up to two-and-a-half times faster, Oracle claimed. This feature can be handy in that an administrator applying a patch or software
update across thousands of Solaris deployments can reboot them all the more quickly.
QUESTION 212
You are installing the Solaris 11 OE by using the Interactive Text Installer. You have selected the option to automatically configure the primary network
controller. Which three items will automatically be configured as a result of this selection?
A. The IP address.
B. The name service.
C. The time zone.
D. A default user account.
E. The terminal type.
F. The root password.
G. The host name.
Correct Answer: ABC

Section: (none)
Explanation
Explanation:
IP address and name service (such as a DNS server) are provided by the DHCP server.
QUESTION 213
Which two SMF milestones can be specified at boot time?
A. none
B. network
C. all
D. config
E. unconfig
F. devices
Correct Answer: AC
Section: (none)
Explanation
Explanation:
The milestones that can be specified at boot time are
none
single-user
multi-user
multi-user-server
all
QUESTION 214
Your system is assigned an IP address object 192.168.0.222/24. However, the net mask--expressed as four octets--is required. Which is the correct
netmask?
A. 255.0.0.0
B. 255.255.0.0
C. 255.255.255.0
D. 255.255.255.24
E. 255.255.255.255
Correct Answer: C
Section: (none)
Explanation
Explanation:
A 24-bit network mask is expressed as 255.255.255.0.
QUESTION 215
View the following information for a software package:
Which command would you use to display this information for a software package that is not currently installed on your system?
A. pkg list gzip
B. pkg info -r gzip
C. pkg search 1 gzip
D. pkg verify v gzip
E. pkg contents gzip
Correct Answer: B
Section: (none)
Explanation
Explanation:
By default, the pkg info command only lists information about installed packages on the system; however, we can use a similar command to look up
information about uninstalled packages, as shown in here:
Example:
Listing Information About an Uninstalled Package
# pkg info -r php-52
Name: web/php-52
Summary: PHP Server 5.2
Description: PHP Server 5.2
Category: Development/PHP
State: Not Installed
Publisher: solaris
Version: 5.2.17
Build Release: 5.11
Branch: 0.175.0.0.0.1.530
Packaging Date: Wed Oct 12 14:01:41 2011
Size: 44.47 MB
FMRI: pkg://solaris/web/php-52@5.2.17, 5.11-0.175.0.0.0.1.530:20111012T140141Z
Note: pkg info command displays information about packages in a human-readable form. Multiple FMRI patterns may be specified; with no patterns,
display information on all installed packages in the image.
With -l, use the data available from locally installed packages.
This is the default.
case.
QUESTION 216
user1 has a disk quota of 0.5 MB. The user attempts to run the following command on a file called .bigfile that is 495 KB in size:
cp bigfile /tmp
Will the command execute successfully?
A. Yes. Quotas do not include any of the system files such as /tmp /swap.
B. Yes. The quota is set at the directory level, not the user level.
C. No. The command will fail because it will cause him to exceed his user quota.
D. No. A user cannot place files into the /tmp directory.
Correct Answer: A
Section: (none)
Explanation
Explanation:
UFS quotas enable system administrators to control the size of file systems. Quotas limit the amount of disk space and the number of inodes, which
roughly corresponds to the number of files, that individual users can acquire. For this reason, quotas are especially useful on the file systems where user
home directories reside. As a rule, the public and /tmp file systems usually do not benefit significantly by establishing quotas.
Note: The cp command copies files and directories.
QUESTION 217
Review the storage pool information:
Choose the correct procedure to repair this storage pool.
A. Shut the system down, replace disk c3t3d0, and boot the system. When the system is booted, execute the zpool clear pool1 command.
B. Shut the system down, replace disk c3t3d0, and boot the system. When the system is booted execute the zpool online pool1 command.
C. Shut the system down, replace disk c3t3d0, and boot the system. When the system is booted, execute the zpool replace pool1 c3t3d0 command.
D. Shut the system down, replace disk c3t3d0, and boot the system. When the system is booted, execute the zpool replace pool1 c3t3d0 c3t3d0
command.
Correct Answer: C
Section: (none)
Explanation
Explanation:
You might need to replace a disk in the root pool for the following reasons:
The root pool is too small and you want to replace it with a larger disk
The root pool disk is failing. In a non-redundant pool, if the disk is failing so that the system won't boot, you'll need to boot from an alternate media, such
as a CD or the network, before you replace the root pool disk.
In a mirrored root pool configuration, you might be able to attempt a disk replacement without having to boot from alternate media. You can replace a
failed disk by using the zpool replace command.
Some hardware requires that you offline and unconfigure a disk before attempting the zpool replace operation to replace a failed disk.
For example:
# zpool offline rpool c1t0d0s0
# cfgadm -c unconfigure c1::dsk/c1t0d0
<Physically remove failed disk c1t0d0>
<Physically insert replacement disk c1t0d0>
# cfgadm -c configure c1::dsk/c1t0d0
# zpool replace rpool c1t0d0s0
# zpool online rpool c1t0d0s0
# zpool status rpool
<Let disk resilver before installing the boot blocks>
SPARC# installboot -F zfs /usr/platform/`uname -i`/lib/fs/zfs/bootblk /dev/rdsk/c1t0d0s0 x86# installgrub /boot/grub/stage1 /boot/grub/stage2 /dev/rdsk/
c1t9d0s0
QUESTION 218
You are currently working in both your home directory and the system directory /tmp. You are switch back and forth with full path names. Which pair of
cd commands will provide you with a shortcut to switch between these two locations?
A. cd ~ and cd
B. cd and cd .
C. cd ~ and cd
D. cd * and cd . .
Correct Answer: A
Section: (none)
Explanation
Explanation:
In the Bourne Again, C, Korn, TC, and Z shells, the tilde (~) is used as a shortcut for specifying your home directory.
cd
It's the command-line equivalent of the back button (takes you to the previous directory you were in).
Note:
To make certain that you are in your home directory, type the cd (change directory) command. This command moves you to your home (default)
directory.
QUESTION 219
Review the boot environments displayed on your system:
Which option describes the solaris-1 BE?
A. It is active on the next reboot.

B. It is active now.
C. It is inactive.
D. It is unbootable.
E. It is active now and on reboot.
F. It has been removed and will no longer be available after the next reboot.
Correct Answer: E
Section: (none)
Explanation
Explanation:
In the below output, NR (now running) means the BE is active now and will be the active BE on reboot.
Example:
Display your existing BE information.
# beadm list
BE Active Mountpoint Space Policy Created
-- ------ ---------- ----- ------ -------
solaris NR / 12.24G static 2011-10-04 09:42
QUESTION 220
On localSYS, your SPARC based server, you back up the root file system with recursive snapshots of the root pool. The snapshots are stored on a
remote NTS file system.
This information describes the remote system where the snapshots are stored:
Remote system name: backupSYS
File system whore the snapshots are stored: /backups/localSYS
Mounted file system on localSYS: /rpool/snaps
Most recent backup name: rpool-1202
Disk c0t0d0 has failed in your root pool and has been replaced. The disk has already been part< and labeled and now you need to restore the root file
system. Which procedure would you follow to restore the ZFS root file system on localSYS?
A. boot cdrom -smount -f nfs backup_server:/rpool/snaps /rmtzpool create rpool c0t0d0s0cat /mnt/rpool.1202 | zfs receive -Fdu rpoolzpool set
bootfs=rpool/ROOT/solaris rpoolRecreate swap and dump devices.Reinstall the bootblock on c0t0d0.
B. boot cdrom -smount -f nfs backup_server:/rpool/snaps /mntzpool create rpool c0t0d0s0zfs create -o mountpoint=/ rpool/ROOTcat /mnt/rpool.1011 |
zfs receive -Fdu rpoolzpool set bootfs=rpool/ROOT/solaris rpoolRecreate swap and dump devices.Reinstall the bootblock on c0t0d0.
C. boot cdrom -smount -F nfs backup_server:/rpool/snaps /mntcat /mnt/rpool.1011 | zfs receive - Fdu rpoolzpool set bootfs=rpool/ROOT/solaris rpool
c0t0d0s0Reinstall the bootblock on c0t0d0s0
D. boot cdrom -smount -f nfs backup_server:/rpool/snaps /rmtzpool create rpool c0t0d0s0zfs receive -Fdu /mnt/rpool.1011zpool set bootfs=rpool/
ROOT/solaris rpoolReinstall the bootblock on c0t0d0.
Correct Answer: A
Section: (none)
Explanation
Explanation:
How to Recreate a ZFS Root Pool and Restore Root Pool Snapshots In this scenario, assume the following conditions:
* ZFS root pool cannot be recovered
* ZFS root pool snapshots are stored on a remote system and are shared over NFS
* The system is booted from an equivalent Solaris release to the root pool version so that the Solaris release and the pool version match. Otherwise, you
will need to add the -o version=version-number property option and value when you recreate the root pool in step 4 below.
All steps below are performed on the local system.
1.
Boot from CD/DVD or the network.
On a SPARC based system, select one of the following boot methods:
ok boot net -s
ok boot cdrom -s
If you don't use -s option, you'll need to exit the installation program.
2.
Mount the remote snapshot dataset.
For example:
# mount -F nfs remote-system:/rpool/snaps /mnt
3.
Recreate the root pool.
For example:
# zpool create -f -o failmode=continue -R /a -m legacy -o cachefile=/etc/zfs/zpool.cache rpool c1t0d0s0
4.
Restore the root pool snapshots.
This step might take some time. For example:
# cat /mnt/rpool.0311 | zfs receive -Fdu rpool
Using the -u option means that the restored archive is not mounted when the zfs receive operation completes.
5.
Set the bootfs property on the root pool BE.
For example:
# zpool set bootfs=rpool/ROOT/osolBE rpool
6.
Install the boot blocks on the new disk.
On a SPARC based system:
# installboot -F zfs /usr/platform/`uname -i`/lib/fs/zfs/bootblk /dev/rdsk/c1t0d0s0
QUESTION 221
You have edited /etc/profile to include the lines:
dennis_says=hello
export dennie_says
You have also edited /etc/skel/local.profile to include the line:
dennis_says=world
You now create a new user account brian, and specify use of the bash shell. When brian logs in and enters
Echo $dennis_says
What will he see, and why?
A. world, because the local.profile entry will be executed last

B. hello, because the global /etc/profile entry overrides the local.profile entry
C. hello, because the local.profile entry is not automatically sourced on login
D. hello, because the value specified in local.profile was not exported
E. nothing, because the variable was not exported in local.profile
Correct Answer: A
Section: (none)
Explanation
Explanation:
The $HOME/.profile file is an initialization file that is executed after the /etc/profile when logging in to the Bourne or Korn shell. The file contains user
preferences for variable settings. If the ENV variable is set to .kshrc, the .kshrc file executes every time a new shell begins execution. The $HOME/
.profile is copied from the /etc/skel/local.profile file by the Administration Tool when creating a new account.
Note: /etc/skel/local.profile
Per-system configuration file for
sh/ksh/ksh93/bash login sessions,
installed for new users
QUESTION 222
You want to install the openldap software package to a now boot environment for testing before introducing the now software package to the production
environment. What option describes the correct procedure to:
1) create a new BE named nowBE
2) install the software to that new BE only
A. pkg install --newBE openldap

B. pkg install --be-nama newBE openldap
C. beadm create newBEbeadm mount newBE /mntpkg -R /mnt update openldap
D. beadm create newBEbeadm activate newBEpkg install openldap
Correct Answer: D
Section: (none)
Explanation
Explanation:
If you want to create a backup of an existing boot environment, for example, prior to modifying the original boot environment, you can use the beadm
command to create and mount a new boot environment that is a clone of your active boot environment. This clone is listed as an alternate boot
environment in the GRUB menu for x86 systems or in the boot menu for SPARC systems.
When you clone a boot environment by using the beadm create command, all supported zones in that boot environment are copied into the new boot
environment.
How to Create a Boot Environment
1. Become the root role.

2. Create the boot environment.
# beadm create BeName
BeName is a variable for the name of the new boot environment. This new boot environment is inactive.
3. (Optional) Use the beadm mount command to mount the new boot environment.
# beadm mount BeName mount-point
Note: If the directory for the mount point does not exist, the beadm utility creates the directory, then mounts the boot environment on that directory.
If the boot environment is already mounted, the beadm mount command fails and does not remount the boot environment at the newly specified
location.
4. (Optional) Activate the boot environment.

# beadm activate BeName
BeName is a variable for the name of the boot environment to be activated.
On reboot, the newly active boot environment is displayed as the default selection in the x86 GRUB menu or the SPARC boot menu.
QUESTION 223
You arc Installing the Oracle Solaris 11 Operating System by using the Text Installer. Which three options describe the features associated with the Text
Installer?
A. It can be used to install only SPARC systems.

B. It installs gnome as the default user environment on a system capable of displaying a environment.
C. You can choose whether root is a role or user account.
D. You can configure the network manually.
E. You can do both automatic and manual configuration of the network.
F. You can select how to configure the remaining network interfaces.
Correct Answer: CDE

Section: (none)
Explanation
Explanation:
C: You are not required to create a user account. But, you must create a root password.
If you create a user account in this panel, you need to provide both the user's password and a root password.
In this case, root will be a role assigned to the user.
To create a user account, type a username and password. The name must begin with a letter and can contain only letters and numbers.
If you do not create a user account, you still need to provide a root password.
In this case, root will be a regular user.
Networking Configuration With Text Installer

The networking panel in the text installer provide users with the following options.
Automatically Configures target system with automatic NCP, similar to the LiveCD installer's method.
Manually Selects "DefaultFixed" NCP and provides for static IPv4 configuration of one network interface (NIC). IPv4 default route and IPv6
autoconfiguration are enabled for that chosen NIC. This option also provides for manual configuration of DNS, NIS and LDAP naming services.
None Selects "DefaultFixed" NCP and configures loopback interfaces only.
QUESTION 224
The interface net3 should be operating, but is not.
Command:
ipadm show-addr | grep net3
Response:
net3/v4 static down 192.168.0.200/24
Which command should you enter next?
A. ipadm create-ip
B. ipadm enable-if
C. ipadm show-if
D. ipadm up-addr
Correct Answer: B
Section: (none)
Explanation
Explanation:
enable-if -t interface
Enables the given interface by reading the configuration from the persistent store. All the persistent interface properties, if any, are applied and all the
persistent addresses, if any, on the given interface will be enabled.
-t, --temporary
Specifies that the enable is temporary and changes apply only to the active configuration.
QUESTION 225
When issuing the zonestat 2 1h is command, the following information is displayed:
Which two options accurately describe the statistics contained in the output?
A. dbzone is using 0.21% of the total CPU resource available in the zone's processor set.
B. dbzone is using 0.21% of the global zone's total CPU.
C. dbzone is using 5.48% of the total physical memory that has been allocated to the zone.
D. dbzone is using 2.37% of the global zone's total virtual memory.
E. The network is being utilized 100% with no physical bandwidth remaining.
Correct Answer: AC
Section: (none)
Explanation
Explanation:
A: %PART
The amount of cpu used as a percentage of the total cpu in a processor-set to which the zone is bound. A zone can only have processes bound to
multiple processor sets if it is the global zone, or if psrset(1m) psets are used. If multiple binding are found for a zone, it's %PART is the fraction used of
all bound psets. For [total] and [system], %PART is the percent used of all cpus on the system.
QUESTION 226
The advantage of core tiles is that they allow you an opportunity to examine the cause of problems, so that they can be resolved.
However, core files must be managed because they_____.
A. take up large amounts of disk space
B. make numerous entries into the /var/adm/wtmpx file
C. steal resources from the processor, slowing down system performance
D. fill up swap space; this will begin to slow the system due to swaps
E. fill up swap space; this will begin to slow the system due to paging
Correct Answer: A
Section: (none)
Explanation
Explanation:
Part of the job of cleaning up heavily loaded file systems involves locating and removing files that have not been used recently. You can locate unused
files by using the ls or find commands.
Other ways to conserve disk space include emptying temporary directories such as the directories located in /var/tmp or /var/spool, and deleting core
and crash dump files.
Note: Core files are generated when a process or application terminates abnormally. Core files are managed with the coreadm command.
For example, you can use the coreadm command to configure a system so that all process core files are placed in a single system directory. This
means it is easier to track problems by examining the core files in a specific directory whenever a process or daemon terminates abnormally.
QUESTION 227
The line
set noexec_user_stack= l
should be added to the /etc/system file to prevent an executable stack while executing user programs. What is the purpose of this?
A. help prevent core dumps on program errors

B. help programs to execute more quickly by keeping to their own memory space
C. log any messages into the stack log
D. help make buffer-overflow attacks more difficult
Correct Answer: D
Section: (none)
Explanation
Explanation:
How to Disable Programs From Using Executable Stacks
Purpose: Prevent executable stack from overflowing.
You must be in the root role.
Edit the /etc/system file, and add the following line:

set noexec_user_stack=1
Reboot the system.
# reboot
QUESTION 228
You are planning group names for a new system. You decide to use a numbering convention that includes the year and month the project began, to form
the group number and name for work associated with that project.
So, for example, a project targeted to begin in January, 2013 would have the number (name):
201301(Pr20l301)
What are the two problems with your plan?
A. Group names may not contain a numeric character

B. Group names may be no longer than 7 characters.
C. Group numbers should not be larger than 60000.
D. Group names should be all lowercase.
Correct Answer: CD
Section: (none)
Explanation
Explanation:
C: The Group ID (GID) field contains the group's numerical ID. GIDs can be assigned whole numbers between 100 and 60000.
D: Group names contain only lowercase characters and numbers.
QUESTION 229
The following line is from /etc/shadow in a default Solaris 11 Installation:
jack: $5$9JFrt54$7JdwmO.F11Zt/ jFeeOhDmnw93LG7Gwd3Nd/cwCcNWFFg:0:15:30:3:::
Which two are true?
A. Passwords for account jack must be a minimum of 15 characters long.

B. The password for account jack has expired.
C. The password for account jack has 5 characters.
D. A history of 3 prior passwords for the account jack is kept to inhibit password reuse.
E. The minimum lifetime for a password for account jack is 15 days.
Correct Answer: BE
Section: (none)
Explanation
Explanation:
From the content of the /etc/shadow file we get:
* username: jack
* encrypted password: $5$9JFrt54$7JdwmO.F11Zt/ jFeeOhDmnw93LG7Gwd3Nd/cwCcNWFFg
* Last password change (lastchanged): Days since Jan 1, 1970 that password was last changed: 0
* Minimum: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her
password: 15 Maximum: The maximum number of days the password is valid (after that user is forced to change his/her password): 30 Warn : The
number of days before password is to expire that user is warned that his/her password must be changed: 3
* Inactive : The number of days after password expires that account is disabled
* Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used
QUESTION 230
You are asked to determine user jack's default login directory. Which command would provide you with useful information?
A. cat /etc/passwd | grep jack

B. cat /etc/group | grep jack
C. cat /etc/shadow | grep jack
D. cat /etc/default/passwd | grep jack
Correct Answer: A
Section: (none)
Explanation
Explanation:
The /etc/passwd contains one entry per line for each user (or user account) of the system. All fields are separated by a colon (:) symbol. Total seven
fields as follows.
1. Username: It is used when user logs in. It should be between 1 and 32 characters in length.
2. Password: An x character indicates that encrypted password is stored in /etc/shadow file.
3. User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and UIDs 1-99 are reserved for other predefined
accounts. Further UID 100-999 are reserved by system for administrative and system accounts/groups.
4. Group ID (GID): The primary group ID (stored in /etc/group file)
5. User ID Info: The comment field. It allow you to add extra information about the users such as user's full name, phone number etc. This field use by
finger command.
6. Home directory: The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes /
7. Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell.
Please note that it does not have to be a shell.
QUESTION 231
You need to install the solaris-desktop group package. Which command would you use to list the set of packages included in that software group?
A. pkg search
B. pkg info
C. pkg list
D. pkginfo
E. pkg contents
Correct Answer: A
Section: (none)
Explanation
Explanation:
QUESTION 232
A user jack, using a bash shell, requests a directory listing as follows:
jack@solaris: ~ $ 1s
dira dirb dirc diraa dirabc
A. The pattern dir? will expand to dira dirb dirc.

B. The pattern dir*a will expand to diraa.
C. The pattern dir*a will expand to dira diraa.
D. The pattern dir*b? will expand to dirabc.
E. The pattern dir*b? will expand to dirb dirabc.
Correct Answer: ACD
Section: (none)
Explanation
Explanation:
A: dir followed by a single letter.
C: dir followed by any characters ending with a.
D: dir followed by any characters, then character b, then one single character.
only dirabc matches
QUESTION 233
Which two are true about accounts, groups, and roles in the Solaris user database?
A. All Solaris user accounts must have a unique UID number.

B. A Solaris account name may be any alphanumeric string, and can have a maximum length of 8 characters.
C. Account UID numbers 0-09 are system-reserved.
D. The GID for an account determines the default group ownership of new files created by that account.
E. The groups that an account is a member of are determined by the entries in the /etc/group file.
Correct Answer: AB
Section: (none)
Explanation
Explanation:
A: Solaris uses a UID (User ID) to identify each user account. The UID is a unique number assigned to each user. It is usually assigned by the operating
system when the account is created.
B: In Solaris the account name can include any alphanumeric string (and . _ -). The maximum length is 8 characters.
QUESTION 234
Consider the following commands:
What is displayed when this sequence of commands is executed using the bash shell?
A. Hello, world
B. cat: cannot open file1
C. cat: cannot open file1Hello, world
D. cat: cannot open file1 Hello, World
E. bash: syntax error near unexpected token '&&'
Correct Answer: B
Section: (none)
Explanation
Explanation:
First line (rm file1) deletes/removes file1.
Second line captures the text into file2.
The first part of line 3 (cat file1) fails as the file1 does not exist. The && (AND) operator will ensure that the third line fails. The result of line 3 will be the
result of first part of line 3 (cat file1).
Note: cat - concatenate files and print on the standard output
Note #1: A list is a sequence of one or more pipelines separated by one of the operators `;', `&', `&&', or `||', and optionally terminated by one of `;', `&', or
a newline.
Of these list operators, `&&' and `||' have equal precedence, followed by `;' and `&', which have equal precedence.
AND and OR lists are sequences of one or more pipelines separated by the control operators `&&' and `||', respectively. AND and OR lists are executed
with left associativity.
An AND list has the form
command1 && command2

command2 is executed if, and only if, command1 returns an exit status of zero.
An OR list has the form
command1 || command2
command2 is executed if, and only if, command1 returns a non-zero exit status.
The return status of AND and OR lists is the exit status of the last command executed in the list.
Note #2 (on exit status): Zero means command executed successfully, if exit status returns non- zero value then your command failed to execute.
QUESTION 235
To confirm the IP addresses and netmasks have been correctly configured on the network interfaces, which command(s) should you use?
A. ipadm show-if
B. ipadm show-nic
C. ipadm show-addr
D. ipadm show-addripadm show-mask
E. ipadm show-ipipadm show-mask
F. ipadm show-config
Correct Answer: C
Section: (none)
Explanation
Explanation:
Example:
# ipadm show-addr
lo0/v4 static ok 127.0.0.1/8
QUESTION 236
Subnets are created by using________.
A. subnet
B. netmask
C. unicast
D. broadcast
Correct Answer: B
Section: (none)
Explanation
Explanation:
The process of subnetting involves the separation of the network and subnet portion of an address from the host identifier. This is performed by a
bitwise AND operation between the IP address and the (sub)network prefix. The result yields the network address or prefix, and the remainder is the
host identifier.
The routing prefix of an address is written in a form identical to that of the address itself. This is called the network mask, or netmask, of the address.
For example, a specification of the most- significant 18 bits of an IPv4 address, 11111111.11111111.11000000.00000000, is written as 255.255.192.0.
QUESTION 237
Which command would you use to determine which package group is installed on your system?
A. pkg list group/system/\*
B. pkg info
C. uname a
D. cat /var/sadm/system/admin/CLUSTEP
Correct Answer: B
Section: (none)
Explanation
Explanation:
The pkg info command provides detailed information about a particular IPS package.
Note: The pkginfo command does the same for any SVR4 packages you may have installed on the same system.
pkg info example:

$ pkg info p7zip
Name: compress/p7zip
Summary: The p7zip compression and archiving utility
Description: P7zip is a unix port of the 7-Zip utility. It has support for numerous compression algorithms, including LZMA and LZMA2, as well as for
various archive and compression file formats, including 7z, xz, bzip2, gzip, tar, zip (read-write) and cab, cpio, deb, lzh, rar, and rpm (read-only).
Category: System/Core
State: Installed
Publisher: solaris
Version: 9.20.1
Build Release: 5.11
Branch: 0.175.0.0.0.2.537
Packaging Date: Wed Oct 19 09:13:22 2011
Size: 6.73 MB
FMRI: pkg://solaris/compress/p7zip@9.20.1, 5.11-0.175.0.0.0.2.537:20111019T091322Z
QUESTION 238
Oracle Solaris 11 kernel encounters a fatal error, and it results in a system panic. What type of file does this generate?
A. a.out
B. objdump
C. core dump
D. tape dump
E. crash dump
Correct Answer: C
Section: (none)
Explanation
Explanation:
A kernel panic is a type of error that occurs when the core (kernel) of an operating system receives an instruction in an unexpected format or when it
fails to handle properly. A kernel panic can also follow when the operating system can't recover from a different type of error. A kernel panic can be
caused by damaged or incompatible software or, more rarely, damaged or incompatible hardware.
When a server kernel panics it abruptly halts all normal system operations. Usually, a kernel process named panic() outputs an error message to the
console and stores debugging information in nonvolitile memory to be written to a crash log file upon restarting the computer. Saving the memory
contents of the core and associated debugging information is called a "core dump."
QUESTION 239
The following information is displayed for the svc:/network/ssh service:
Which describes the minimum set of commands to be executed to bring the svc: /network/ssh:
default service back online?
A. svcadm refresh svc:/network/ssh:default

B. svcadm restart svc:/network/ssh:default
C. svcadm enable svc:/system/cryptosvc
D. svcadm enable svc:/system/cryptosvcsvcadm enable svc:/network/ipfilter:defaultsvcadm enable svc:/network/ssh:default
E. svcadm enable svc:/system/cryptosvcsvcadm enable svc:/network/ipfilter:defaultsvcadm refresh svc:/network/ssh:default
F. svcadm restart svc:/system/cryptosvcsvcadm restart svc:/network/ipfilter:defaultsvcadm restart svc:/network/ssh:default
G. svcadm enable svc:/system/ssh:default
Correct Answer: C
Section: (none)
Explanation
Explanation:
QUESTION 240
You are the administrator for a group of shell script developers. They use vi, and have asked you to make their scripts automatically executable when
they save their files.
How can this be accomplished?
A. Enter set o vi on the command line, or include it in each user's startup script.
B. Enter umask s on the command line, or include it in each user's startup script.
C. Enter umask 000 on the command line, or include it in each user's startup script.
D. Enter umask 777 on the command line, or include it in each user's startup script.
E. It is not possible to automatically set the execute bit on with the umask setting, or vi option.
F. Enter umask 766 the command line, or include it in the global startup script for the default shell.
Correct Answer: E
Section: (none)
Explanation
Explanation:
Unlike DOS, which uses the file extension to determine if a file is executable or not, UNIX relies on file permissions.
The value assigned by umask is subtracted from the default. User's file creation mask. umask sets an environment variable which automatically sets file
permissions on newly created files. i.e. it will set the shell process's file creation mask to mode.
umask 000 would grant full permissions.
Note: 777 full permissions
QUESTION 241
You have connected a new printer at a fixed IP address.
It appears to work correctly most of the time, but at other times does not respond
You suspect that the assigned address may not be unique within the network.
What command will be useful to confirm this?
A. arp
B. netstat
C. ipadm show-if
D. dladm show-addr
E. ipadm show-addr
Correct Answer: E
Section: (none)
Explanation
Explanation:
Example:
# ipadm show-addr
lo0/v4 static ok 127.0.0.1/8
QUESTION 242
The server has two spate 140-GB disk drives: c3t5d0 c3t6d0
Which command would add redundancy to the pool1 storage pool?
A. zpool attach pool1 c3t5d0 c3t6d0

B. zpool attach pool1 c3t3d0 c3c5d0; zpoo1 attach pool1 c3t4d0 c3t6d0
C. zpool mirror pool1 c3t5d0 c3t6d0
D. zpool add pool1 mirror c3t5d0 c3t6d0
E. zpool add raidz pool1 c3t5d0 c3t6d0
Correct Answer: A
Section: (none)
Explanation
Explanation:
You can convert a non-redundant storage pool into a redundant storage pool by using the zpool attach command.
Note: zpool attach [-f] pool device new_device
Attaches new_device to an existing zpool device. The existing device cannot be part of a raidz configuration. If device is not currently part of a mirrored
configuration, device automatically transforms into a two-way mirror of device and new_device. If device is part of a two-way mirror, attaching
new_device creates a three-way mirror, and so on. In either case, new_device begins to resilver immediately.
QUESTION 243
A user on the system has started a process, but it needs to be terminated.
The process ID was determined as follows:
pgrep userprogram
l5317
The user attempted to terminate the program as follows:
pkill 15317
This command runs without an error message, and the process continues to run.
What is the issue?
A. You need to run the pkill command with the process name.
B. You need to switch to super user to kill the process.
C. You need to run the ps command to get more information.
D. You need to run the prstat command to get more information.
Correct Answer: B
Section: (none)
Explanation
Explanation:
You can use the pgrep and pkill commands to identify and stop command processes that you no longer want to run. These commands are useful when
you mistakenly start a process that takes a long time to run.
To terminate a process:
Type pgrep to find out the PID(s) for the process(es).
Type pkill followed by the PID(s).
You can kill any process that you own. Superuser can kill any process in the system except for those processes with process IDs of 0, 1, 2, 3, and 4.
Killing these processes most likely will crash the system.
QUESTION 244
You are logged in to a Solaris 11 system as user jack. You issue the following sequence of commands:
Identify two correct statements.
A. You have the effective privilege of the account root.

B. Your GID is 10.
C. Your home directory is /root.
D. You are running the shell specified for the account root.
E. Your UID is 1.
Correct Answer: AB
Section: (none)
Explanation
Explanation:
Oracle Solaris provides predefined rights profiles. These profiles, listed in the /etc/security/prof_attr, can be assigned by the root role to any account. The
root role is assigned all privileges and all authorizations, so can perform all tasks, just as root can when root is a user.
To perform administrative functions, you open a terminal and switch the user to root. In that terminal, you can then perform all administrative functions.
$ su - root
Password: Type root password
#
When you exit the shell, root capabilities are no longer in effect.
QUESTION 245
Which two are user definable OpenBoot parameters that can be set in the OpenBoot PROM?
A. IP address for the system console

B. Host ID
C. System date and time
D. Default boot device
E. Verbose hardware diagnostics
F. Powering off the hardware
Correct Answer: DE
Section: (none)
Explanation
Explanation:
The NVRAM chip stores user-definable system parameters, also referred to as NVRAM variables or EEPROM parameters. The parameters allow
administrators to control variables such as the default boot device and boot command. The NVRAM also contains writeable areas for user- controlled
diagnostics, macros, and device aliases. NVRAM is where the system identification information is stored, such as the host ID, Ethernet address, and
time-of-day (TOD) clock.
Examples of NVRAM variables:
Variable Default Description boot-device disk or net
The device from which to start up.
diag-device net The diagnostic startup source device.
diag-file Empty string Arguments passed to the startup program in diagnostic mode.
diag-switch? false Whether to run in diagnostic mode
QUESTION 246
In a default standalone installation of Oracle Solaris 11, what is the default minimum length in characters of a user password, and where is the minimum
password length defined?
A. Default minimum length is 8, and is defined in /etc/default/password.

B. Default minimum length is 6, and is defined in /etc/default/password.
C. Default minimum length is 8, and is defined in /etc/shadow.
D. Default minimum length is 6, and is defined in /etc/shadow.
E. Default minimum length is 8, and is defined in /usr/sadm/defadduser.
F. Default minimum length is 6, and is defined in /usr/sadm/defadduser.
Correct Answer: B
Section: (none)
Explanation
Explanation:
By default, the passwd command assumes a minimum length of six characters. You can use the PASSLENGTH default in the /etc/defaults/passwd files
to change that by setting the minimum number of characters that a user's password must contain to some other number.
QUESTION 247
Which four can the SMF notification framework be configured to monitor and report?
A. all service transition states

B. service dependencies that have stopped or faulted
C. service configuration modifications
D. legacy services that have not started
E. services that have been disabled
F. service fault management events
G. processes that have been killed
Correct Answer: AEFG
Section: (none)
Explanation
Explanation:
Note 1: State Transition Sets are defined as:
to<state>
Set of all transitions that have <state> as the final state of the transition.
form-<state>
Set of all transitions that have <state> as the initial state of the transition.
<state>
Set of all transitions that have <state> as the initial state of the transitional.
Set of all transitions. (A)
Valid values of state are maintenance, offline (G), disabled (E), online and degraded. An example of a transitions set definition: maintenance, from-
online, to-degraded.
F: In this context, events is a comma separated list of SMF state transition sets or a comma separated list of FMA (Fault Management Architecture)
event classes. events cannot have a mix of SMF state transition sets and FMA event classes. For convenience, the tags problem- {diagnosed, updated,
repaired, resolved} describe the lifecycle of a problem diagnosed by the
FMA subsystem - from initial diagnosis to interim updates and finally problem closure.
Note 2:
SMF allows notification by using SNMP or SMTP of state transitions. It publishes Information Events for state transitions which are consumed by
notification daemons like snmp-notify(1M) and smtp-notify(1M). SMF state transitions of disabled services do not generate notifications unless the final
state for the transition is disabled and there exist notification parameters for that transition. Notification is not be generated for transitions that have the
same initial and final state.
QUESTION 248
You have been asked to do an orderly shutdown on a process with a PID of 1234, with the kill command. Which command is best?
A. kill -2 1234
B. kill -15 1234
C. kill -9 1234
D. kill -1 1234
Correct Answer: B
Section: (none)
Explanation
Explanation:
On POSIX-compliant platforms, SIGTERM is the signal sent to a process to request its termination. The symbolic constant for SIGTERM is defined in
the header file signal.h. Symbolic signal names are used because signal numbers can vary across platforms, however on the vast majority of systems,
SIGTERM is signal #15.
SIGTERM is the default signal sent to a process by the kill or killall commands. It causes the termination of a process, but unlike the SIGKILL signal, it
can be caught and interpreted (or ignored) by the process. Therefore, SIGTERM is akin to asking a process to terminate nicely, allowing cleanup and
closure of files. For this reason, on many Unix systems during shutdown, init issues SIGTERM to all processes that are not essential to powering off,
waits a few seconds, and then issues SIGKILL to forcibly terminate any such processes that remain.
QUESTION 249
user1, while in his home directory, is attempting to run the following command in his home directory: cp bigfile verybig
The system displays the following error:
cp: cannot create verybig: Disc quota exceeded
Your initial troubleshooting shows that the df -h command indicates he is at 100% capacity. What command would you use to increase the disk space
available to the user?
A. zfs get quota rpool/export/home/user1

B. zfs userused@user1
C. zfs quota=none /rpool/export/home/user1
D. df -h | grep user1
E. zfs set quota=none /rpool/export/home/user1
Correct Answer: E
Section: (none)
Explanation
Explanation:
ZFS quotas can be set and displayed by using the zfs set and zfs get commands. We can remove the quota restriction by setting to quota to none.
QUESTION 250
You need to install the gzip software package on your system. Which command would you use to find the software package in the configured
repository?
A. pkg search gzip
B. pkg info gzip
D. pkginfo gzip
E. yum list gzip
Correct Answer: A
Section: (none)
Explanation
Explanation:
QUESTION 251
What is the result of executing the following command?
svcs -d svc:/network/ssh:default
A. disables the svc:/network/ssh:default service

B. displays the services that svc: /network/ssh:default is dependent on
C. displays the services that are dependent on the svc: /network/ssh:default service
D. deletes the svc: /network/ssh:default service
Correct Answer: B
Section: (none)
Explanation
Explanation:
The svcs command displays information about service instances as recorded in the service configuration repository.
-d Lists the services or service instances upon which the given service instances depend.
QUESTION 252
Which two accurately describe the Solaris IPS repository?
A. It contains a collection of operating system patches.
B. It contains a collection of software packages.
C. All packages within an IPS package repository reside in a catalog.
D. It is an ISO image of the Solaris installation media.
E. The packages in a catalog are associated with a specific publisher.
Correct Answer: BE
Section: (none)
Explanation
Explanation:
Image Packaging System (IPS) is a new network based package management system included in Oracle Solaris 11. It provides a framework for
complete software lifecycle management such as installation, upgrade and removal of software packages. IPS also enables you to create your own
software packages, create and manage package repositories, and mirror existing package repositories.
Oracle Solaris software is distributed in IPS packages. IPS packages are stored in IPS package repositories, which are populated by IPS publishers.
E: The following command displays property information about the local repository.
$ pkgrepo get -s /export/repoSolaris11

SECTION PROPERTY VALUE publisher prefix solaris repository description This\ repository\ serves\ a\ copy\ of\ the\ Oracle\ Solaris\ 11\ Build\ 175b\
Package\ Repository. repository name Oracle\ Solaris\ 11\ Build\ 175b\ Package\ Repository repository version 4
The value of the publisher prefix specifies that solaris is to be used in the following cases:
When more than one publisher's packages are present and no publisher is specified in the package name in the pkg command
When packages are published to the repository and no publisher is specified.
QUESTION 253
Which operation will fail if the DNS configuration is incorrect?
A. domainname
B. ping localhost.
C. ping 192.168.1.1
D. ping 23.45.82.174
E. ping www.oracle.com.
F. cat /etc/resolv.conf
Correct Answer: E
Section: (none)
Explanation
Explanation:
www.oracle.com would have to be resolved to an IP name by the domain name service.
QUESTION 254
You have a process called bigscript, and you need to know the PID number for this process.
Which command will provide that information?
A. pkill bigscript
B. ps bigscript
C. pgrep bigscript
D. prstat bigscript
Correct Answer: C
Section: (none)
Explanation
Explanation:
Pgrep takes a process name and return a PID.
Note: pgrep looks through the currently running processes and lists the process IDs which matches the selection criteria to stdout. All the criteria have to
match. For example, pgrep -u root sshd
will only list the processes called sshd AND owned by root.
Incorrec answers:
ps bigscript: You can't pass a name to ps, it interprets it as arguments.
QUESTION 255
Server A, Server B, and Server C are connected to the same network switch and are on the sari Each server has a single network interface, net0.
You received a tech support call that Server B has lost network connectivity. Your troubleshooting has discovered:
Server A can ping Server C, but not Server B.
Server B can ping localhost, but not Server A or C.
Server C can ping Server A, but not Server B.
On Server F3, you enter the following command:
dladm show-phys | grep net0
Response:
net0/v4 Ethernet down 0 unknown el00gl
What is the next logical troubleshooting action?
A. Run arp -a on all servers.

B. Confirm that the router is working.
C. Confirm that the power light of the network switch is on.
D. Confirm that the physical network connections are intact.
E. On Server A and C, run tranceroute n server.
F. On Server B, run tranceroute n servera and tranceroute n serverc.
Correct Answer: D
Section: (none)
Explanation
Explanation:
Check the physical connection.
QUESTION 256
View the Exhibit.
After Installing the OS, you need to verify the network interface information. Which command was used to display the network interface information in
the exhibit?
A. ifconfiq a
B. ipadm show-addr
C. svcs 1 network/physical
D. netstat a
Correct Answer: B
Section: (none)
Explanation
Explanation:
Example:
# ipadm show-addr
lo0/v4 static ok 127.0.0.1/8

QUESTION 257
You suspect a problem with the oponldap package and want to make sure that the files have not be modified or otherwise tampered with. Which
command would validate all of the files contained in the openldap package and report any problems?
A. pkgchk openldap
B. pkginfo openldap
C. pkg contents openldap
D. pkg verify openldap
E. pkg set-property signature-policy verify
Correct Answer: A
Section: (none)
Explanation
Explanation:
pkgchk checks the accuracy of installed files or, by using the -l option, displays information about package files. pkgchk checks the integrity of directory
structures and files. Discrepancies are written to standard error along with a detailed explanation of the problem.
QUESTION 258
You wish to edit your crontab file that is located in /var/spool/cron/crontab. What command must you enter to edit this file?
A. crontab e
B. crontab e /var/spool/cron/crontab
C. crontab r
D. crontab e /etc/default/cron
Correct Answer: A
Section: (none)
Explanation
Explanation:
The main tool for setting up cron jobs is the crontab command, though this is not available on every Unix variant. Typically under Solaris or Linux one
would create a new crontab or edit an
existing one, using the command;

crontab -e
Use the ls -l command to verify the contents of the/var/spool/cron/crontabs file.
QUESTION 259
What is the output of the following command, if executed using the default shell for the root role account of a standard Live CD Install of Oracle Solaris
11?
echo '$SHELL'
A. /usr/bin/bash
B. /usr/bin/ksh
C. $SHELL
D. the PID for the current shell
Correct Answer: C
Section: (none)
Explanation
Explanation:
Single quotes are most strict. They prevent even variable expansion. Double quotes prevent wildcard expansion but allow variable expansion. For
example:
#!/bin/sh
echo $SHELL
echo "$SHELL"
echo '$SHELL'
This will print:
/usr/bin/bash
/usr/bin/bash
$SHELL

Oracle - Passit4sure.1z0 821.v2015!04!08.by - Reuben 2

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Oracle - Passit4sure.1z0 821.v2015!04!08.by - Reuben 2

Uploaded by

Copyright:

Available Formats

Passit4sure.1z0-821.

Oracle Solaris 11 System Administration

Modified few questions, fixed few spelling mistakes and types.

zoneadm -z zone1 mark incomplete

Which task needs to be performed before you can boot zone1?

A. The zone needs to be installed.

A. ipadm set-gateway 192.168.1.1

Route add default <ipaddress>

Route add default 192.168.1.1

Echo 192.168.1.1 > /etc/defaultrouter

# /usr/sbin/svccfg setnotify -g maintenance mailto:sysadmins@example.com

jack@solaris: echo $PATH

There is a shell script in jack's home directory called useradd:

-r-xr-xr-x 2 jack other 1239 2012-01-05 11:42 useradd

While in his home directory, jack attempts to run the script:

What will happen, and why?

jack@solaris:~$ ssh oracle

ssh: connect to host oracle port 22: connection refused

What is the problem?

A. pkg info all

bash: stmfadm: command not found

Which option describes the solution to the problem?

# pfexec pkg install storage-server

User1 entered the following: kill -9 1234

Why does the process continue to run?

A. You can kill a process only if you are root.

A. zoneadm list icv dbzone

Which command will be useful in your next step of troubleshooting?

How to Activate an Existing Boot Environment

beName is a variable for the name of the boot environment to be activated.

Select the correct pair.

A. zlogin z dbzone halt

Use this procedure to cleanly shut down a zone.

SU 12/18 23:20 + pts/1 user1-root

What does the + sign represent?

SU 03/31 12:52 + pts/0 <userid>-root

In the -profile, there are these lines:

In the .bashrc us this line:

In /etc/profile are these lines:

A. DHCP address assignment cannot be configured in a shared IP zone.

What is the name of this utility?

A. an ISO image of the Solaris media DVD

State can be: disabled, down, duplicate, inaccessible, ok, tentative

# /usr/sbin/svccfg -s svc:/system/name-service/switch:default setnotify to-online \ mailto:sysadmins@example.com

Which three statements are correct?

Correct Answer: DEF

Which four tasks are directly controlled by the OpenBoot firmware?

A. Provides a list of boot entries from which to choose

Correct Answer: ABCD

Some notable features of OpenBoot firmware.

Most common tasks that you perform using OpenBoot

A. Access the non-global zone console by using the zlogin c command.

A. pkg publisher to specify the new publisher

Note: Example Adding a Publisher

# pkg set-publisher -g http://pkg.example.com/release example.com

Example Specifying the Preferred Publisher

Example Enabling or Disabling a Publisher

Which two are true regarding the ZFS storage pool?

A. The data on c3t3d0 is duplicated on c3t4do.

You then enter:

ipadm create-ip net3

What is the output?

A. ipadm: cannot; create interface net3: Operation failed.