Oracle Exam 1Z0-820 Topic 4 Question 5 Discussion

Actual exam question for Oracle's 1Z0-820 exam

Question #: 5
Topic #: 4

[All 1Z0-820 Questions]

Consider the following rule file for use with the Basic Audit Reporting Tool (BART).

CHECK all

IGNORE dirmtime

/etc/security

/etc/notices

IGNORE contents

/export/home

IGNORE mtime size contents

/var

CHECK

You are using BART to detect inappropriate changes to the file system.

Identify the two correct statements describing the attributes recorded.

A/var/dhcp Attribute: size uid gid mode acl

B/etc/hosts Attributes: size uid gid mode acl intime dest

C/var/spool/mqueue Attribute: size uid gid mode acl dirmtime

D/etc/security/exec_attr Attribute: size uid mode acl mtime devnode

E/export/home/kate/.profile Attributes: uid gid mode acl dirmtime

F/export/home/rick/.profile Attributes: size uid gid mode acl mtime contents

Show Suggested Answer

Suggested Answer: D, F

D: According to line /etc/security

F: According to line /export/home

Not E: According to line IGNORE dirmtime

Note: In default mode, the bart compare command, as shown in the following example, checks all the files installed on the system, with the exception of modified directory timestamps (dirmtime):

CHECK all

IGNORE dirmtime

Note 2: The Basic Audit Reporting Tool (BART) feature of Oracle Solaris enables you to comprehensively validate systems by performing file-level checks of a system over time. By creating BART manifests, you can easily and reliably gather information about the components of the software stack that is installed on deployed systems.

BART is a useful tool for integrity management on one system or on a network of systems.

by Lenna at May 04, 2022, 11:59 PM

Limited Time Offer

25%

Off

Get Premium 1Z0-820 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!