[Newest Version] Easily Pass DBS-C01 Exam with Updated Real DBS-C01 Exam Materials

[Newest Version] Easily Pass DBS-C01 Exam with Updated Real DBS-C01 Exam Materials

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your AWS Certified Specialty DBS-C01 AWS Certified Database – Specialty (DBS-C01) exam. We will assist you clear the DBS-C01 exam with AWS Certified Specialty DBS-C01 exam questions. We DBS-C01 braindumps are the most comprehensive ones.

Visit our site to get more DBS-C01 Q and As:https://www.itcertbible.com/aws-certified-database-specialty.html (234 QAs Dumps)
Question 1:

A company has deployed an e-commerce web application in a new AWS account. An Amazon RDS for MySQL Multi-AZ DB instance is part of this deployment with a database-1.xxxxxxxxxxxx.us-east1.rds.amazonaws.com endpoint listening on port 3306. The company\’s Database Specialist is able to log in to MySQL and run queries from the bastion host using these details.

When users try to utilize the application hosted in the AWS account, they are presented with a generic error message. The application servers are logging a “could not connect to server: Connection times out” error message to Amazon CloudWatch Logs.

What is the cause of this error?

A. The user name and password the application is using are incorrect.

B. The security group assigned to the application servers does not have the necessary rules to allow inbound connections from the DB instance.

C. The security group assigned to the DB instance does not have the necessary rules to allow inbound connections from the application servers.

D. The user name and password are correct, but the user is not authorized to use the DB instance.

Correct Answer: C

Reference: https://forums.aws.amazon.com/thread.jspa?threadID=129700


Question 2:

An AWS CloudFormation stack that included an Amazon RDS DB instance was accidentally deleted and recent data was lost. A Database Specialist needs to add RDS settings to the CloudFormation template to reduce the chance of accidental instance data loss in the future.

Which settings will meet this requirement? (Choose three.)

A. Set DeletionProtection to True

B. Set MultiAZ to True

C. Set TerminationProtection to True

D. Set DeleteAutomatedBackups to False

E. Set DeletionPolicy to Delete

F. Set DeletionPolicy to Retain

Correct Answer: ACF

Reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attributedeletionpolicy.html https://aws.amazon.com/premiumsupport/knowledge-center/cloudformation-accidental-updates/


Question 3:

A Database Specialist is troubleshooting an application connection failure on an Amazon Aurora DB cluster with multiple Aurora Replicas that had been running with no issues for the past 2 months. The connection failure lasted for 5 minutes and corrected itself after that. The Database Specialist reviewed the Amazon RDS events and determined a failover event occurred at that time. The failover process took around 15 seconds to complete.

What is the MOST likely cause of the 5-minute connection outage?

A. After a database crash, Aurora needed to replay the redo log from the last database checkpoint

B. The client-side application is caching the DNS data and its TTL is set too high

C. After failover, the Aurora DB cluster needs time to warm up before accepting client connections

D. There were no active Aurora Replicas in the Aurora DB cluster

Correct Answer: C


Question 4:

A company is deploying a solution in Amazon Aurora by migrating from an on-premises system. The IT department has established an AWS Direct Connect link from the company\’s data center. The company\’s Database Specialist has selected the option to require SSL/TLS for connectivity to prevent plaintext data from being set over the network. The migration appears to be working successfully, and the data can be queried from a desktop machine.

Two Data Analysts have been asked to query and validate the data in the new Aurora DB cluster. Both Analysts are unable to connect to Aurora. Their user names and passwords have been verified as valid and the Database Specialist can connect to the DB cluster using their accounts. The Database Specialist also verified that the security group configuration allows network from all corporate IP addresses.

What should the Database Specialist do to correct the Data Analysts’ inability to connect?

A. Restart the DB cluster to apply the SSL change.

B. Instruct the Data Analysts to download the root certificate and use the SSL certificate on the connection string to connect.

C. Add explicit mappings between the Data Analysts’ IP addresses and the instance in the security group assigned to the DB cluster.

D. Modify the Data Analysts’ local client firewall to allow network traffic to AWS.

Correct Answer: D


Question 5:

A company is concerned about the cost of a large-scale, transactional application using Amazon DynamoDB that only needs to store data for 2 days before it is deleted. In looking at the tables, a Database Specialist notices that much of the data is months old, and goes back to when the application was first deployed.

What can the Database Specialist do to reduce the overall cost?

A. Create a new attribute in each table to track the expiration time and create an AWS Glue transformation to delete entries more than 2 days old.

B. Create a new attribute in each table to track the expiration time and enable DynamoDB Streams on each table.

C. Create a new attribute in each table to track the expiration time and enable time to live (TTL) on each table.

D. Create an Amazon CloudWatch Events event to export the data to Amazon S3 daily using AWS Data Pipeline and then truncate the Amazon DynamoDB table.

Correct Answer: A


Question 6:

A company has an on-premises system that tracks various database operations that occur over the lifetime of a database, including database shutdown, deletion, creation, and backup.

The company recently moved two databases to Amazon RDS and is looking at a solution that would satisfy these requirements. The data could be used by other systems within the company.

Which solution will meet these requirements with minimal effort?

A. Create an Amazon Cloudwatch Events rule with the operations that need to be tracked on Amazon RDS. Create an AWS Lambda function to act on these rules and write the output to the tracking systems.

B. Create an AWS Lambda function to trigger on AWS CloudTrail API calls. Filter on specific RDS API calls and write the output to the tracking systems.

C. Create RDS event subscriptions. Have the tracking systems subscribe to specific RDS event system notifications.

D. Write RDS logs to Amazon Kinesis Data Firehose. Create an AWS Lambda function to act on these rules and write the output to the tracking systems.

Correct Answer: C


Question 7:

A clothing company uses a custom ecommerce application and a PostgreSQL database to sell clothes to thousands of users from multiple countries. The company is migrating its application and database from its on-premises data center to the AWS Cloud. The company has selected Amazon EC2 for the application and Amazon RDS for PostgreSQL for the database. The company requires database passwords to be changed every 60 days. A Database Specialist needs to ensure that the credentials used by the web application to connect to the database are managed securely.

Which approach should the Database Specialist take to securely manage the database credentials?

A. Store the credentials in a text file in an Amazon S3 bucket. Restrict permissions on the bucket to the IAM role associated with the instance profile only. Modify the application to download the text file and retrieve the credentials on start up. Update the text file every 60 days.

B. Configure IAM database authentication for the application to connect to the database. Create an IAM user and map it to a separate database user for each ecommerce user. Require users to update their passwords every 60 days.

C. Store the credentials in AWS Secrets Manager. Restrict permissions on the secret to only the IAM role associated with the instance profile. Modify the application to retrieve the credentials from Secrets Manager on start up. Configure the rotation interval to 60 days.

D. Store the credentials in an encrypted text file in the application AMI. Use AWS KMS to store the key for decrypting the text file. Modify the application to decrypt the text file and retrieve the credentials on start up. Update the text file and publish a new AMI every 60 days.

Correct Answer: B


Question 8:

A financial services company is developing a shared data service that supports different applications from throughout the company. A Database Specialist designed a solution to leverage Amazon ElastiCache for Redis with cluster mode enabled to enhance performance and scalability. The cluster is configured to listen on port 6379.

Which combination of steps should the Database Specialist take to secure the cache data and protect it from unauthorized access? (Choose three.)

A. Enable in-transit and at-rest encryption on the ElastiCache cluster.

B. Ensure that Amazon CloudWatch metrics are configured in the ElastiCache cluster.

C. Ensure the security group for the ElastiCache cluster allows all inbound traffic from itself and inbound traffic on TCP port 6379 from trusted clients only.

D. Create an IAM policy to allow the application service roles to access all ElastiCache API actions.

E. Ensure the security group for the ElastiCache clients authorize inbound TCP port 6379 and port 22 traffic from the trusted ElastiCache cluster\’s security group.

F. Ensure the cluster is created with the auth-token parameter and that the parameter is used in all subsequent commands.

Correct Answer: ABE

Reference: https://aws.amazon.com/getting-started/tutorials/setting-up-a-redis-cluster-with-amazonelasticache/


Question 9:

A company is running an Amazon RDS for PostgeSQL DB instance and wants to migrate it to an Amazon Aurora PostgreSQL DB cluster. The current database is 1 TB in size. The migration needs to have minimal downtime.

What is the FASTEST way to accomplish this?

A. Create an Aurora PostgreSQL DB cluster. Set up replication from the source RDS for PostgreSQL DB instance using AWS DMS to the target DB cluster.

B. Use the pg_dump and pg_restore utilities to extract and restore the RDS for PostgreSQL DB instance to the Aurora PostgreSQL DB cluster.

C. Create a database snapshot of the RDS for PostgreSQL DB instance and use this snapshot to create the Aurora PostgreSQL DB cluster.

D. Migrate data from the RDS for PostgreSQL DB instance to an Aurora PostgreSQL DB cluster using an Aurora Replica. Promote the replica during the cutover.

Correct Answer: C


Question 10:

A Database Specialist is migrating a 2 TB Amazon RDS for Oracle DB instance to an RDS for PostgreSQL DB instance using AWS DMS. The source RDS Oracle DB instance is in a VPC in the us-east-1 Region. The target RDS for PostgreSQL DB instance is in a VPC in the use-west-2 Region.

Where should the AWS DMS replication instance be placed for the MOST optimal performance?

A. In the same Region and VPC of the source DB instance

B. In the same Region and VPC as the target DB instance

C. In the same VPC and Availability Zone as the target DB instance

D. In the same VPC and Availability Zone as the source DB instance

Correct Answer: D


Question 11:

The Development team recently executed a database script containing several data definition language (DDL) and data manipulation language (DML) statements on an Amazon Aurora MySQL DB cluster. The release accidentally deleted thousands of rows from an important table and broke some application functionality. This was discovered 4 hours after the release. Upon investigation, a Database Specialist tracked the issue to a DELETE command in the script with an incorrect WHERE clause filtering the wrong set of rows. The Aurora DB cluster has Backtrack enabled with an 8-hour backtrack window. The Database Administrator also took a manual snapshot of the DB cluster before the release started. The database needs to be returned to the correct state as quickly as possible to resume full application functionality. Data loss must be minimal. How can the Database Specialist accomplish this?

A. Quickly rewind the DB cluster to a point in time before the release using Backtrack.

B. Perform a point-in-time recovery (PITR) of the DB cluster to a time before the release and copy the deleted rows from the restored database to the original database.

C. Restore the DB cluster using the manual backup snapshot created before the release and change the application configuration settings to point to the new DB cluster.

D. Create a clone of the DB cluster with Backtrack enabled. Rewind the cloned cluster to a point in time before the release. Copy deleted rows from the clone to the original database.

Correct Answer: D


Question 12:

A company is load testing its three-tier production web application deployed with an AWS CloudFormation template on AWS. The Application team is making changes to deploy additional Amazon EC2 and AWS Lambda resources to expand the load testing capacity. A Database Specialist wants to ensure that the changes made by the Application team will not change the Amazon RDS database resources already deployed. Which combination of steps would allow the Database Specialist to accomplish this? (Choose two.)

A. Review the stack drift before modifying the template

B. Create and review a change set before applying it

C. Export the database resources as stack outputs

D. Define the database resources in a nested stack

E. Set a stack policy for the database resources

Correct Answer: AD


Question 13:

A manufacturing company\’s website uses an Amazon Aurora PostgreSQL DB cluster.

Which configurations will result in the LEAST application downtime during a failover? (Choose three.)

A. Use the provided read and write Aurora endpoints to establish a connection to the Aurora DB cluster.

B. Create an Amazon CloudWatch alert triggering a restore in another Availability Zone when the primary Aurora DB cluster is unreachable.

C. Edit and enable Aurora DB cluster cache management in parameter groups.

D. Set TCP keepalive parameters to a high value.

E. Set JDBC connection string timeout variables to a low value.

F. Set Java DNS caching timeouts to a high value.

Correct Answer: ABC


Question 14:

A company is hosting critical business data in an Amazon Redshift cluster. Due to the sensitive nature of the data, the cluster is encrypted at rest using AWS KMS. As a part of disaster recovery requirements, the company needs to copy the Amazon Redshift snapshots to another Region.

Which steps should be taken in the AWS Management Console to meet the disaster recovery requirements?

A. Create a new KMS customer master key in the source Region. Switch to the destination Region, enable Amazon Redshift cross-Region snapshots, and use the KMS key of the source Region.

B. Create a new IAM role with access to the KMS key. Enable Amazon Redshift cross-Region replication using the new IAM role, and use the KMS key of the source Region.

C. Enable Amazon Redshift cross-Region snapshots in the source Region, and create a snapshot copy grant and use a KMS key in the destination Region.

D. Create a new KMS customer master key in the destination Region and create a new IAM role with access to the new KMS key. Enable Amazon Redshift cross-Region replication in the source Region and use the KMS key of the destination Region.

Correct Answer: A

Reference: https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-snapshots.html


Question 15:

A company has a production Amazon Aurora Db cluster that serves both online transaction processing (OLTP) transactions and compute-intensive reports. The reports run for 10% of the total cluster uptime while the OLTP transactions run all the time. The company has benchmarked its workload and determined that a six-node Aurora DB cluster is appropriate for the peak workload. The company is now looking at cutting costs for this DB cluster, but needs to have a sufficient number of nodes in the cluster to support the workload at different times. The workload has not changed since the previous benchmarking exercise. How can a Database Specialist address these requirements with minimal user involvement?

A. Split up the DB cluster into two different clusters: one for OLTP and the other for reporting. Monitor and set up replication between the two clusters to keep data consistent.

B. Review all evaluate the peak combined workload. Ensure that utilization of the DB cluster node is at an acceptable level. Adjust the number of instances, if necessary.

C. Use the stop cluster functionality to stop all the nodes of the DB cluster during times of minimal workload. The cluster can be restarted again depending on the workload at the time.

D. Set up automatic scaling on the DB cluster. This will allow the number of reader nodes to adjust automatically to the reporting workload, when needed.

Correct Answer: D


Visit our site to get more DBS-C01 Q and As:https://www.itcertbible.com/aws-certified-database-specialty.html (234 QAs Dumps)

[PDF and VCE] Free 1D0-571 PDF Real Exam Questions and Answers Free Download

[PDF and VCE] Free 1D0-571 PDF Real Exam Questions and Answers Free Download

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your CIW Other Certification 1D0-571 CIW v5 Security Essentials exam. We will assist you clear the 1D0-571 exam with CIW Other Certification latest 1D0-571 dumps. We 1D0-571 exam questions are the most comprehensive ones.

Visit our site to get more 1D0-571 Q and As:https://www.pass1day.com/1D0-571.html (62 QAs Dumps)
Question 1:

Which of the following is a typical target of a trojan on a Linux system?

A. Kernel modules

B. Shared libraries

C. Boot sector files

D. System32 DLL files

Correct Answer: A


Visit our site to get more 1D0-571 Q and As:https://www.pass1day.com/1D0-571.html (62 QAs Dumps)

[PDF and VCE] Free Share CAT-340 PDF Exam Preparation Materials with Real Exam Questions

[PDF and VCE] Free Share CAT-340 PDF Exam Preparation Materials with Real Exam Questions

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your Professional CAT-340 CA IdentityMinder r12.x Professional Exam exam. We will assist you clear the CAT-340 exam with Professional CAT-340 new questions. We CAT-340 vce are the most comprehensive ones.

Visit our site to get more CAT-340 Q and As:https://www.itcertbible.com/CAT-340.html (50 QAs Dumps)
Question 1:

Which step do you need to perform to configure email server settings for the JBoss application server?

A. Create a new XML file.

B. Modify the mail-service.xml file.

C. Change a property in the console.

D. Modify the Mail Transport Host field for the mail session.

Correct Answer: B


Question 2:

You are installing CA Identity Minder on a Windows Server 2008 R2 64-bit system. You have encountered a number of errors and need to quickly find the information you need to address problems. Which action should you take?

A. Run run_idm.sh.

B. Check caiamsuite.log.

C. Run BIConfig and examine the output.

D. Check im-installer.properties for Connector errors.

Correct Answer: B


Question 3:

Which two components communicate using a Connector?

A. Provisioning Server and endpoint

B. Policy Server and Report Server

C. User Store and Provisioning directory D. Report Server and Snapshot Database

Correct Answer: A


Question 4:

To help ensure role granularity, when you create provisioning roles, which guideline should you follow?

A. Every role should have at least one user.

B. Account templates should be assigned to individual users rather than to roles.

C. Depending on the size of an organization, a role should have between 50 and 200 users.

D. For most organizations, 50 percent of user access is from permanent roles and 50percent is from temporary roles.

Correct Answer: A


Question 5:

You want to configure password synchronization with UNIX systems. Which component enables CA Identity Minder to authenticate passwords against external security systems?

A. Credential Provider

B. Pluggable Authentication Module (PAM)

C. Graphical Identification and Authorization (GINA)

D. Java Authentication and Authorization Service (JAAS) Agent

Correct Answer: B


Question 6:

In CA IdentityMinder r12.6, the basic access request feature:

A. is fully integrated with CA GovernanceMinder.

B. includes granular filtering and search capabilities.

C. enables bulk definition ofaccess request services objects.

D. can use workflow approval and email notification functionality.

Correct Answer: D


Question 7:

You are deploying CA IdentityMinder on a 64-bit Windows system. Before you configure Active Directory password synchronization, you want to make sure that you meet the twin goals of maximizing security and minimizing synchronization issues. Which guideline should you follow?

A. Configure CA IdentityMinder to check the history of recent changes to passwords.

B. Enable CA SiteMinder rules to override rules in other accounts by configuring eta_pwdsync.conf.

C. Make sure that the CA IdentityMinder password policy is stricter than the password policy of the endpoints.

D. Use the 32-bit Password Synchronization Agent on 64-bit systems that require Federal Information Processing Standards (FEPS).

Correct Answer: C


Question 8:

Which statement about installing the Report Server is TRUE?

A. The root account mustbe used for UNIX installations.

B. The mergeconnection_3.0.reg script must be run for 64-bit systems.

C. If a report-installation checklist is used, the installation shouldtake no longer than 15 minutes.

D. If JBoss is already installed on the computer on which you are installing the Report Server, port conflicts can occur.

Correct Answer: D


Question 9:

You have deployed CA IdentityMinder with a CA SiteMinder Policy Server. During the second day of testing your installation, you receive a “Not Loaded” error message when you attempt to log in. You check that the User Store is running. Which other action should you take to investigate this issue?

A. Check the application server log.

B. Verify that theWeb Agent is running correctly.

C. Verify that CA SiteMinder can connect to the User Store.

D. Set the Internet browser option “Show friendly error message”to off to view the status page.

Correct Answer: C


Question 10:

For workflow installation, many steps that were previously manual are now performed automatically by the installer. Nonetheless, you still need to use the Management Console to:

A. create the workflow database.

B. populate the database with sample workflows.

C. enable workflow for your CA IdentityMinder environment.

D. create a JDBC data source and connection file for the application server

Correct Answer: C


Visit our site to get more CAT-340 Q and As:https://www.itcertbible.com/CAT-340.html (50 QAs Dumps)

Most Up to Date Version of MS-500 Exam Dumps for Free

Most Up to Date Version of MS-500 Exam Dumps for Free

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your Role-based MS-500 Microsoft 365 Security Administration exam. We will assist you clear the MS-500 exam with Role-based MS-500 dumps. We MS-500 actual tests are the most comprehensive ones.

Visit our site to get more MS-500 Q and As:https://www.itcertbible.com/ms-500.html (292 QAs Dumps)
Question 1:

HOTSPOT

You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

You create and enforce an Azure AD Identity Protection user risk policy that has the following settings:

1.

Assignments: Include Group1, Exclude Group2

2.

Conditions: Sign in risk of Low and above

3.

Access: Allow access, Require password change

You need to identify how the policy affects User1 and User2.

What occurs when User1 and User2 sign in from an unfamiliar location? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:


Question 2:

You configure Microsoft Azure Active Directory (Azure AD) Connect as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-device-writeback


Question 3:

You have a Microsoft 365 subscription that uses a default domain name of contoso.com.

The multi-factor authentication (MFA) service settings are configured as shown in the exhibit. (Clock the Exhibit tab.)

In contoso.com, you create the users shown in the following table.

What is the effect of the configuration? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:


Question 4:

You have a Microsoft 365 subscription that uses a default domain name of contoso.com. Microsoft Azure Active Directory (Azure AD) contains the users shown in the following table.

Microsoft Intune has two devices enrolled as shown in the following table:

Both devices have three apps named App1, App2, and App3 installed. You create an app protection policy named ProtectionPolicy1 that has the following settings: Protected apps: App1 Exempt apps: App2 Windows Information Protection mode: Block

You apply ProtectionPolicy1 to Group1 and Group3. You exclude Group2 from ProtectionPolicy1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point. Hot Area:

Correct Answer:


Question 5:

Your network contains an Active Directory domain named contoso.com. The domain contains a VPN server named VPN1 that runs Windows Server 2016 and has the Remote Access server role installed.

You have a Microsoft Azure subscription.

You are deploying Azure Advanced Threat Protection (ATP)

You install an Azure ATP standalone sensor on a server named Server1 that runs Windows Server 2016.

You need to integrate the VPN and Azure ATP.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:

Reference: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step6-vpn


Question 6:

You have a Microsoft 365 E5 subscription.

From Microsoft Azure Active Directory (Azure AD), you create a security group named Group1. You add 10 users to Group1.

You need to apply app enforced restrictions to the members of Group1 when they connect to Microsoft Exchange Online from non-compliant devices, regardless of their location.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-based-conditional-access


Question 7:

You have a Microsoft 365 subscription.

1.

You identify the following data loss prevention (DLP) requirements:

2.

Send notifications to users if they attempt to send attachments that contain EU social security numbers

3.

Prevent any email messages that contain credit card numbers from being sent outside your organization

4.

Block the external sharing of Microsoft OneDrive content that contains EU passport numbers

5.

Send administrators email alerts if any rule matches occur.

What is the minimum number of DLP policies and rules you must create to meet the requirements? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:


Question 8:

You have the Microsoft conditions shown in the following table.

You have the Azure Information Protection labels shown in the following table. You have the Azure Information Protection policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Hot Area:

Correct Answer:


Question 9:

You have a Microsoft 365 subscription. From the Security and Compliance admin center, you create the retention policies shown in the following table.

Policy1 if configured as showing in the following exhibit.

Policy2 is configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Hot Area:

Correct Answer:

Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/retention-policies?redirectSourcePath=%2fen-us%2farticle%2fOverview-of-retention-policies-5e377752-700d-4870-9b6d-12bfc12d2423#the-principles-of-retention-orwhat-takes-precedence


Question 10:

You have a Microsoft 365 subscription.

You are creating a retention policy named Retention1 as shown in the following exhibit.

You apply Retention1 to SharePoint sites and OneDrive accounts.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:


Question 11:

HOTSPOT

You have a Microsoft 365 subscription that uses a default name of litwareinc.com.

You configure the Sharing settings in Microsoft OneDrive as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:

References: https://docs.microsoft.com/en-us/onedrive/manage-sharing


Question 12:

HOTSPOT

You have a Microsoft 365 subscription.

You create a retention label named Label1 as shown in the following exhibit.

You publish Label1 to SharePoint sites.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:

References: https://docs.microsoft.com/en-us/office365/securitycompliance/labels


Question 13:

HOTSPOT

You have a Microsoft 365 subscription that include three users named User1, User2, and User3.

A file named File1.docx is stored in Microsoft OneDrive. An automated process updates File1.docx every minute.

You create an alert policy named Policy1 as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:

References: https://docs.microsoft.com/en-us/office365/securitycompliance/alert-policies


Question 14:

HOTSPOT

You have a Microsoft 365 subscription. Auditing is enabled.

A user named User1 is a member of a dynamic security group named Group1.

You discover that User1 is no longer a member of Group1.

You need to search the audit log to identify why User1 was removed from Group1.

Which two actions should you use in the search? To answer, select the appropriate activities in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:

References: https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance


Question 15:

DRAG DROP

You have a Microsoft 365 E5 subscription.

All computers run Windows 10 and are onboarded to Windows Defender Advanced Threat Protection (Windows Defender ATP).

You create a Windows Defender machine group named MachineGroup1.

You need to enable delegation for the security settings of the computers in MachineGroup1.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Select and Place:

Correct Answer:


Visit our site to get more MS-500 Q and As:https://www.itcertbible.com/ms-500.html (292 QAs Dumps)

[Latest Version] Free CAS-003 PDF Download with 100% Pass Guarantee

[Latest Version] Free CAS-003 PDF Download with 100% Pass Guarantee

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your CompTIA Advanced Security Practitioner CAS-003 CompTIA Advanced Security Practitioner (CASP ) exam. We will assist you clear the CAS-003 exam with CompTIA Advanced Security Practitioner CAS-003 vce. We CAS-003 new questions are the most comprehensive ones.

Visit our site to get more CAS-003 Q and As:https://www.dumps4sure.com/cas-003.html (791 QAs Dumps)
Question 1:

A security manager looked at various logs while investigating a recent security breach in the data center from an external source. Each log below was collected from various security devices compiled from a report through the company\’s

security information and event management server.

Logs:

Log 1:

Feb 5 23:55:37.743: %SEC-6-IPACCESSLOGS: list 10 denied 10.2.5.81 3 packets Log 2:

HTTP://www.company.com/index.php?user=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Log 3:

Security Error Alert

Event ID 50: The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client

Log 4:

Encoder oe = new OracleEncoder ();

String query = “Select user_id FROM user_data WHERE user_name = ` ”

oe.encode ( req.getParameter(“userID”) ) ” ` and user_password = ` ”

oe.encode ( req.getParameter(“pwd”) ) ” ` “;

Vulnerabilities

Buffer overflow

SQL injection

ACL

XSS

Which of the following logs and vulnerabilities would MOST likely be related to the security breach? (Select TWO).

A. Log 1

B. Log 2

C. Log 3

D. Log 4

E. Buffer overflow

F. ACL

G. XSS

H. SQL injection

Correct Answer: BE

Log 2 indicates that the security breach originated from an external source. And the vulnerability that can be associated with this security breach is a buffer overflow that happened when the amount of data written into the buffer exceeded the limit of that particular buffer.


Question 2:

After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker\’s position?

A. Least privilege

B. Job rotation

C. Mandatory vacation

D. Separation of duties

Correct Answer: B

Job rotation can reduce fraud or misuse by preventing an individual from having too much control over an area.


Question 3:

A government agency considers confidentiality to be of utmost importance and availability issues to be of least importance. Knowing this, which of the following correctly orders various vulnerabilities in the order of MOST important to LEAST important?

A. Insecure direct object references, CSRF, Smurf

B. Privilege escalation, Application DoS, Buffer overflow

C. SQL injection, Resource exhaustion, Privilege escalation

D. CSRF, Fault injection, Memory leaks

Correct Answer: A

Insecure direct object references are used to access data. CSRF attacks the functions of a web site which could access data. A Smurf attack is used to take down a system.

A direct object reference is likely to occur when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key without any validation mechanism which will allow attackers to manipulate these references to access unauthorized data.

Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious Web site, email, blog, instant message, or program causes a user\’s Web browser to perform an unwanted action on a trusted site for which the user is currently authenticated. The impact of a successful cross-site request forgery attack is limited to the capabilities exposed by the vulnerable application. For example, this attack could result in a transfer of funds, changing a password, or purchasing an item in the user\’s context. In effect, CSRF attacks are used by an attacker to make a target system perform a function (funds Transfer, form submission etc.) via the target\’s browser without knowledge of the target user, at least until the unauthorized function has been committed.

A smurf attack is a type of network security breach in which a network connected to the Internet is swamped with replies to ICMP echo (PING) requests. A smurf attacker sends PING requests to an Internet broadcast address. These are special addresses that broadcast all received messages to the hosts connected to the subnet. Each broadcast address can support up to 255 hosts, so a single PING request can be multiplied 255 times. The return address of the request itself is spoofed to be the address of the attacker\’s victim. All the hosts receiving the PING request reply to this victim\’s address instead of the real sender\’s address. A single attacker sending hundreds or thousands of these PING messages per second can fill the victim\’s T-1 (or even T-3) line with ping replies, bring the entire Internet service to its knees.

Smurfing falls under the general category of Denial of Service attacks — security attacks that don\’t try to steal information, but instead attempt to disable a computer or network.


Question 4:

An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow?

A. File system information, swap files, network processes, system processes and raw disk blocks.

B. Raw disk blocks, network processes, system processes, swap files and file system information.

C. System processes, network processes, file system information, swap files and raw disk blocks.

D. Raw disk blocks, swap files, network processes, system processes, and file system information.

Correct Answer: C

The order in which you should collect evidence is referred to as the Order of volatility. Generally, evidence should be collected from the most volatile to the least volatile. The order of volatility from most volatile to least volatile is as follows: Data in RAM, including CPU cache and recently used data and applications Data in RAM, including system and network processes Swap files (also known as paging files) stored on local disk drives Data stored on local disk drives Logs stored on remote systems Archive media


Question 5:

A security engineer is responsible for monitoring company applications for known vulnerabilities. Which of the following is a way to stay current on exploits and information security news?

A. Update company policies and procedures

B. Subscribe to security mailing lists

C. Implement security awareness training

D. Ensure that the organization vulnerability management plan is up-to-date

Correct Answer: B

Subscribing to bug and vulnerability, security mailing lists is a good way of staying abreast and keeping up to date with the latest in those fields.


Question 6:

An analyst connects to a company web conference hosted on www.webconference.com/meetingID#01234 and observes that numerous guests have been allowed to join, without providing identifying information. The topics covered during the web conference are considered proprietary to the company. Which of the following security concerns does the analyst present to management?

A. Guest users could present a risk to the integrity of the company\’s information.

B. Authenticated users could sponsor guest access that was previously approved by management.

C. Unauthenticated users could present a risk to the confidentiality of the company\’s information.

D. Meeting owners could sponsor guest access if they have passed a background check.

Correct Answer: C

The issue at stake in this question is confidentiality of information. Topics covered during the web conference are considered proprietary and should remain confidential, which means it should not be shared with unauthorized users.


Question 7:

A pentester must attempt to crack passwords on a windows domain that enforces strong complex passwords. Which of the following would crack the MOST passwords in the shortest time period?

A. Online password testing

B. Rainbow tables attack

C. Dictionary attack

D. Brute force attack

Correct Answer: B

The passwords in a Windows (Active Directory) domain are encrypted.

When a password is “tried” against a system it is “hashed” using encryption so that the actual password is never sent in clear text across the communications line. This prevents eavesdroppers from intercepting the password. The hash of a password usually looks like a bunch of garbage and is typically a different length than the original password. Your password might be “shitzu” but the hash of your password would look something like “7378347eedbfdd761619451949225ec1”.

To verify a user, a system takes the hash value created by the password hashing function on the client computer and compares it to the hash value stored in a table on the server. If the hashes match, then the user is authenticated and granted access.

Password cracking programs work in a similar way to the login process. The cracking program starts by taking plaintext passwords, running them through a hash algorithm, such as MD5, and then compares the hash output with the hashes in the stolen password file. If it finds a match then the program has cracked the password.

Rainbow Tables are basically huge sets of precomputed tables filled with hash values that are pre-matched to possible plaintext passwords. The Rainbow Tables essentially allow hackers to reverse the hashing function to determine what the plaintext password might be.

The use of Rainbow Tables allow for passwords to be cracked in a very short amount of time compared with brute-force methods, however, the trade-off is that it takes a lot of storage (sometimes Terabytes) to hold the Rainbow Tables themselves.


Question 8:

A new piece of ransomware got installed on a company\’s backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the deduplication data hard drives. During the incident response, the company finds that all backup tapes for this server are also corrupt. Which of the following is the PRIMARY concern?

A. Determining how to install HIPS across all server platforms to prevent future incidents

B. Preventing the ransomware from re-infecting the server upon restore

C. Validating the integrity of the deduplicated data

D. Restoring the data will be difficult without the application configuration

Correct Answer: D

Ransomware is a type of malware that restricts access to a computer system that it infects in some way, and demands that the user pay a ransom to the operators of the malware to remove the restriction.

Since the backup application configuration is not accessible, it will require more effort to recover the data.

Eradication and Recovery is the fourth step of the incident response. It occurs before preventing future problems.


Question 9:

An administrator wants to enable policy based flexible mandatory access controls on an open source OS to prevent abnormal application modifications or executions. Which of the following would BEST accomplish this?

A. Access control lists

B. SELinux

C. IPtables firewall

D. HIPS

Correct Answer: B

The most common open source operating system is LINUX.

Security-Enhanced Linux (SELinux) was created by the United States National Security Agency (NSA) and is a Linux kernel security module that provides a mechanism for supporting access control security policies, including United States Department of Defensetyle mandatory access controls (MAC).

NSA Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control (MAC) architecture into the major subsystems of the kernel. It provides an enhanced mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications.


Question 10:

An insurance company has an online quoting system for insurance premiums. It allows potential customers to fill in certain details about their car and obtain a quote. During an investigation, the following patterns were detected:

Pattern 1 -Analysis of the logs identifies that insurance premium forms are being filled in but only single fields are incrementally being updated.

Pattern 2 -For every quote completed, a new customer number is created; due to legacy systems, customer numbers are running out.

Which of the following is the attack type the system is susceptible to, and what is the BEST way to defend against it? (Select TWO).

A. Apply a hidden field that triggers a SIEM alert

B. Cross site scripting attack

C. Resource exhaustion attack

D. Input a blacklist of all known BOT malware IPs into the firewall

E. SQL injection

F. Implement an inline WAF and integrate into SIEM

G. Distributed denial of service

H. Implement firewall rules to block the attacking IP addresses

Correct Answer: CF

A resource exhaustion attack involves tying up predetermined resources on a system, thereby making the resources unavailable to others.

Implementing an inline WAF would allow for protection from attacks, as well as log and alert admins to what\’s going on. Integrating in into SIEM allows for logs and other security-related documentation to be collected for analysis.


Question 11:

The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missing OS level patches. Upon further investigation, a technician notices that there are a few unidentified processes running on a number of the servers. What would be a key FIRST step for the data security team to undertake at this point?

A. Capture process ID data and submit to anti-virus vendor for review.

B. Reboot the Linux servers, check running processes, and install needed patches.

C. Remove a single Linux server from production and place in quarantine.

D. Notify upper management of a security breach.

E. Conduct a bit level image, including RAM, of one or more of the Linux servers.

Correct Answer: E

Incident management (IM) is a necessary part of a security program. When effective, it mitigates business impact, identifies weaknesses in controls, and helps fine-tune response processes.

In this question, an attack has been identified and confirmed. When a server is compromised or used to commit a crime, it is often necessary to seize it for forensics analysis. Security teams often face two challenges when trying to remove a physical server from service: retention of potential evidence in volatile storage or removal of a device from a critical business process.

Evidence retention is a problem when the investigator wants to retain RAM content. For example, removing power from a server starts the process of mitigating business impact, but it also denies forensic analysis of data, processes, keys, and possible footprints left by an attacker.

A full a bit level image, including RAM should be taken of one or more of the Linux servers. In many cases, if your environment has been deliberately attacked, you may want to take legal action against the perpetrators. In order to preserve this option, you should gather evidence that can be used against them, even if a decision is ultimately made not to pursue such action. It is extremely important to back up the compromised systems as soon as possible. Back up the systems prior to performing any actions that could affect data integrity on the original media.


Question 12:

An attacker attempts to create a DoS event against the VoIP system of a company. The attacker uses a tool to flood the network with a large number of SIP INVITE traffic. Which of the following would be LEAST likely to thwart such an attack?

A. Install IDS/IPS systems on the network

B. Force all SIP communication to be encrypted

C. Create separate VLANs for voice and data traffic

D. Implement QoS parameters on the switches

Correct Answer: D

Quality of service (QoS) is a mechanism that is designed to give priority to different applications, users, or data to provide a specific level of performance. It is often used in networks to prioritize certain types of network traffic. It is not designed to block traffic, per se, but to give certain types of traffic a lower or higher priority than others. This is least likely to counter a denial of service (DoS) attack.


Question 13:

There have been some failures of the company\’s internal facing website. A security engineer has found the WAF to be the root cause of the failures. System logs show that the WAF has been unavailable for 14 hours over the past month, in four separate situations. One of these situations was a two hour scheduled maintenance time, aimed at improving the stability of the WAF. Using the MTTR based on the last month\’s performance figures, which of the following calculations is the percentage of uptime assuming there were 722 hours in the month?

A. 92.24 percent

B. 98.06 percent

C. 98.34 percent

D. 99.72 percent

Correct Answer: B

A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing

the rules to your application, many attacks can be identified and blocked.

14h of down time in a period of 772 supposed uptime = 14/772 x 100 = 1.939 %

Thus the % of uptime = 100% – 1.939% = 98.06%

References:

Gregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley and Sons, Indianapolis, 2012, pp. 43, 116


Question 14:

An administrator is tasked with securing several website domains on a web server. The administrator elects to secure www.example.com, mail.example.org, archive.example.com, and www.example.org with the same certificate. Which of the following would allow the administrator to secure those domains with a single issued certificate?

A. Intermediate Root Certificate

B. Wildcard Certificate

C. EV x509 Certificate

D. Subject Alternative Names Certificate

Correct Answer: D

Subject Alternative Names let you protect multiple host names with a single SSL certificate. Subject Alternative Names allow you to specify a list of host names to be protected by a single SSL certificate. When you order the certificate, you will specify one fully qualified domain name in the common name field. You can then add other names in the Subject Alternative Names field.


Question 15:

An application present on the majority of an organization\’s 1,000 systems is vulnerable to a buffer overflow attack. Which of the following is the MOST comprehensive way to resolve the issue?

A. Deploy custom HIPS signatures to detect and block the attacks.

B. Validate and deploy the appropriate patch.

C. Run the application in terminal services to reduce the threat landscape.

D. Deploy custom NIPS signatures to detect and block the attacks.

Correct Answer: B

If an application has a known issue (such as susceptibility to buffer overflow attacks) and a patch is released to resolve the specific issue, then the best solution is always to deploy the patch. A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user\’s files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.


Visit our site to get more CAS-003 Q and As:https://www.dumps4sure.com/cas-003.html (791 QAs Dumps)

New Updated 1Z0-1023 Exam Dumps Free Download

New Updated 1Z0-1023 Exam Dumps Free Download

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your Oracle Cloud 1Z0-1023 Oracle Inventory Management and Enterprise Structures Cloud 2018 Implementation Essentials exam. We will assist you clear the 1Z0-1023 exam with Oracle Cloud 1Z0-1023 braindumps. We 1Z0-1023 pdf are the most comprehensive ones.

Visit our site to get more 1Z0-1023 Q and As:https://www.thriamdigitomation.com/1z0-1023.html (75 QAs Dumps)
Question 1:

You face a supply request exception due to some reason. You realize that you need to make some changes to the Manage Supply Request Exceptions page. Which action will you perform?

A. The supply request cannot be updated. The only way is to resolve the error in the source application and resubmit the request.

B. Update the supply request and submit it. The errors will be resolved automatically.

C. Update the supply request and make sure errors are resolved before resubmitting it.

D. The Supply request can be updated using a third-party application only.

Correct Answer: A

https://docs.oracle.com/en/cloud/saas/supply-chain-management/r13-update18a/fauco/manage-supply-request-exceptions.html#FAUCO2039523


Question 2:

The physical inventory process is Carried out for and particular inventory organization with the following parameter:

*

Negative Quantity Tolerance Percentage is set to 10%

*

Approval Type = \’Always\’

The system says that there are 100 on hand, but you only counted 95. What will happen?

A.

An approval will be required before posting.

B.

The system will ask a user to recount before posting.

C.

Because the 95 is within the 10% tolerance, it will post without approval.

D.

The setup is invalid; it will give an error message.

Correct Answer: D


Question 3:

In Supply Chain Orchestration, Automated Change Management performs which two functions?

A. changing the ship method on a sales order

B. change to need by dates of a purchase order

C. splitting of a sales order

D. change to item attributes

E. changing the supplier on a purchase order

Correct Answer: BC


Question 4:

Which three applications originate a buy request that is received by supply chain orchestration?

A. Inventory

B. Accounts Payable

C. Order Management

D. Purchasing

E. Planning

F. Self Service Procurement

Correct Answer: ACE


Question 5:

Which statement is false about generating an Internal Material Transfer for expense destination Transfer Order?

A. Cost Management will pick up the delivery transaction directly from Receiving and process the expense accounting from that transaction.

B. Expense destination transfers are expensed upon delivery hitting an expense account Instead of an inventory asset account as would be the case for inventory destination transfers.

C. If the receipt is required, then accounting of the receipt delivery transaction will happen Only in Receipt Accounting because there will not be a delivery transaction in inventory.

D. Costs for Lot and serial numbers are tracked at put away time when the items are recorded in a destination inventory location.

Correct Answer: A


Question 6:

In the Back-to-Back (B2B) Order to Cash flow, ordered items are purchased from a supplier. The Sourcing Rules have been defined for the item and the buy flow has been initiated. The sales order line is shown as Awaiting Shipping and the supply line status is “In Purchasing” with the supply order generated but the purchase requisition not generating.

What is the reason?

A. Supply order is generated with exceptions.

B. Preparer is not valid.

C. The Sourcing rule is incorrect.

D. No Blanket Purchase Agreement (BPA) exists for this supplier-item combination.

E. Buy requests originate from Order Management.

Correct Answer: D


Question 7:

What three Key Performance Indicators are available in the Warehouse Operations Dashboard?

A. Inventory Value

B. Cycle Count

C. Shipment Value

D. Exact Matches Rate

E. Distributed Value

F. Hit or Miss Accuracy

Correct Answer: ADF

https://docs.oracle.com/cloud/farel12/scmcs_gs/FAMML/FAMML1153520.htm#FAMML1153513

Warehouse Operations Key Performance Indicators: Explained

Key performance indicators (KPIs) measure how well an organization or individual performs an operational, tactical, or strategic activity that is critical for the current and future success of the organization.

The Warehouse Operations Dashboard contains the following KPIs:

Inventory Value Hit or Miss Accuracy Exact Matches Rate

Inventory Value

The Inventory Value KPI shows the total value of inventory owned by your organization. The KPI indicates whether the material is physically available in the warehouse or if the material is in transit. The KPI report enables you to compare the inventory value for a selected time period with the prior year\’s inventory value for that same time period. You can also compare inventory value by inventory categories. Hit or Miss Accuracy The Hit or Miss Accuracy KPI shows the percentage of the cycle count that falls within the hit and miss tolerances of a total cycle count. This KPI provides the rate of hits during the cycle counting process. The KPI report enables you to

compare the hit or miss accuracy for a selected time period with the prior year\’s hit or miss accuracy for that same time period. Exact Matches Rate The Exact Matches Rate KPI shows the exact match entries as a percentage of the total cycle count entries. An exact match entry is an entry where the counted quantity entered is the same as the system quantity. The rate of exact match

entries obtained during the cycle count is called Exact Matches Rate. The KPI report enables you to compare the exact matches rate for a selected time period with the prior year\’s exact matches rate for that same time period.


Question 8:

The Applications Development Framework Desktop Integration (ADFdi) user interface is supported in Oracle Fusion Receiving, Inventory Management, and Shipping products. Identify four ADFdi user interfaces that are supported.

A. Manage Shipment Message Interface

B. Manage Lot/Serial Interface

C. Manage Inventory Transaction Correction in Spreadsheet

D. Review Count Interface Records

E. Review Receipts Interface

F. Upload ASN or ASBN

Correct Answer: ABDE


Question 9:

Your organization is planning for a periodic counting of individual items automatically throughout the course of the year. As part of this activity, the user has loaded items to the cycle count but some of the Items are not being considered when count schedules and count sequences are not generated.

Identify two reasons that explain why the items are not being considered.

A. The Cycle Count Enabled flag is not selected for the item.

B. The approval controls are not set up.

C. The Include in Schedule option is not selected to include the item for auto-scheduling.

D. The Cycle Count Enabled flag is not selected for the inventory organization.

E. The ABC assignment group is not defined.

Correct Answer: CE


Question 10:

Identity two statements that are true about the cost-organization relationship.

A. Only inventory organizations belonging to different item Master Organizations can be part of a cost organization.

B. The inventory organizations that are assigned to a cost organization must all belong to the same legal entity.

C. Costing Item Validation Organization can only be item Master Organization of the underlying inventory organizations.

D. Costing Item Validation Organization is used to default the Unit of Measure for costing calculations.

Correct Answer: BD

https://docs.oracle.com/cloud/r13_update17c/scmcs_gs/FAIMS/FAIMS1921448.htm#FAIMS1921448


Question 11:

Your organization is using min-max planning to replenish stock and the planning parameters are set at item organization level with a default subinventory:

Item: A, Min Qty: 25, Max Qty: 150 and Current Level: 20

The item above is purchased from a supplier. Althrough there is subinventory on hand, the subinventory in below the minimum required level. This should trigger a Min-Max report entry, but the requisition in not generated. Why?

A. Fixed lot multiplier is not set.

B. Min-max planning Can be performed at the Organisation level.

C. Rounding the Reorder Quantity is disabled.

D. No value has been set for the “Min-Max Replenishment Reorder Approval” profile.

E. Item is not defined in Manage item Subinventories.

Correct Answer: E


Question 12:

You need to load on-hand balances for go live. Which template should be used for this?

A. InventoryMiscellaneousTrxTemplate.xlsm

B. InventoryTransactionImportTemplate.xlsm

C. InventoryBalanceImportTTemplate.xlsm

D. InventoryReservationImportTemplate.xlsm

E. InventoryOnHandBalanceTemplate.xlam

Correct Answer: B


Question 13:

Your company has multiple inventory organizations where goods are transferred internally. A user has created a new organization but the new organization is unavailable when creating an interorganization transfer.

What is the missing setup?

A. The source and destination organization doesn\’t belong to the same legal entity.

B. Inventory organization data access for users is not set up.

C. The destination organization transfer type is In Transit.

D. Interorganization Parameters are not set up between the organizations.

Correct Answer: D

https://docs.oracle.com/cd/A60725_05/html/comnls/us/inv/iorgtrns.htm


Question 14:

Identify the availability type that is applicable for the item quantities maintained in a unit of measure different from the primary unit of measure and is available for various transactions.

A. On Hand

B. Secondary On-hand Quantity

C. available

D. Reserved

E. Secondary Available Quantity

Correct Answer: A


Question 15:

Your organization performs a restock via a transfer order between inventory organizations, using the following parameters tor processing:

Transfer Type: In-transit transfer type

Receipt Routing: Standard

Transfer Order Required: Yes

During the process, the receiving organization wants to make a change to the transfer order line.

After which fulfillment stage will they no longer be able to change the transfer order?

A. Ship Confirm

B. Awaiting Receiving

C. Awaiting Fulfillment

D. Closed

E. Awaiting Billing

Correct Answer: A


Visit our site to get more 1Z0-1023 Q and As:https://www.thriamdigitomation.com/1z0-1023.html (75 QAs Dumps)

Free Providing 1Z0-820 VCE Exam Study Guides With New Update Exam Questions

Free Providing 1Z0-820 VCE Exam Study Guides With New Update Exam Questions

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your Oracle Partner Network 1Z0-820 Upgrade to Oracle Solaris 11 System Administrator exam. We will assist you clear the 1Z0-820 exam with Oracle Partner Network 1Z0-820 braindumps. We latest 1Z0-820 dumps are the most comprehensive ones.

Visit our site to get more 1Z0-820 Q and As:https://www.geekcert.com/1Z0-820.html (133 QAs Dumps)
Question 1:

Which three events trigger the automated NWAM configuration? (Choose three.)

A. a DHCP lease is acquired.

B. a WLAN card is disconnected.

C. The DefaultFixed NCP is enabled.

D. An Ethernet cable is disconnected.

E. A failed interface card assigned to an IPMP group is replaced.

F. The dladm create-vnic command is executed to create a virtual network interface.

Correct Answer: ABD


Question 2:

alice is a user account used by Alice on a Solaris 11 system.

sadmin is a role account on the same system.

Your task is to add the command /usr/sbin/cryptoadm to the Network management profile, so that Alice can execute it, while assuming the sadmin role.

Select the three activities necessary to accomplish this.

A. To the file /etc/security/prof_attr, add the line: Network Management: solaris:cmd:RO::/usr/sbin/cryptoadm:euid=0

B. To the file /etc/security/auth_attr, add the line: Network Management: solaris:cmd:RO::/usr/sbin/cryptoadm:euid=0

C. To the file /etc/security/exec_attr.d/local-entriies, add the line: Network Management: solaris:cmd:RO::/usr/sbin/cryptoadm:euid=0

D. Run the roles alice to ensure that alice may assume the role sadmin.

E. Run the command profiles sadmin to ensure that the role sadmin includes the network Management profile.

F. Run the command profiles alice to ensure that the Alice has permissions to access the Network management profile.

G. Run the command profiles “Network management” to ensure that the Network management profile includes the sadmin role.

Correct Answer: CDG

Explanation: C: /etc/security/exec_attr is a local database that specifies the execution attributes associated with profiles. The exec_attr file can be used with other sources for execution profiles, including the exec_attr NIS map and NIS table.

A profile is a logical grouping of authorizations and com- mands that is interpreted by a profile shell to form a secure execution environment.

Reference: man exec_attr


Question 3:

Solaris 11 includes a redesigned software packaging model: the Image Packaging System.

Which three describe advantages of the Image Packaging System over the previous Solaris 10 SVR4 packaging model? (Choose three.)

A. eliminates patching of the software package

B. makes the patching process more efficient with less downtime

C. eliminates OS version upgrade

D. allows for the installation of the OS without a local DVD or installation server

E. allows the use of a repository mirror to speed up package operation

F. allows users to publish their own software package in a software repository

Correct Answer: AEF


Question 4:

You are troubleshooting the failure of a computer to mount an NFS file system hosted by a server (hostname mars) in the local area network.

Select the three commands that will enable you to identify the problem.

A. ping – s mars

B. cat /etc/vfstab

C. cat /etc/dfs/dfstab

D. sharemgr show -v

E. showmount -e mars

F. rpcinfo -s mars | egrep `nfs|mountd\’

Correct Answer: AEF

mount: mount-point /DS9 does not exist.

To solve the mount point error condition, check that the mount point exists on the client. Check the spelling of the mount point on the command line or in the /etc/vfstab file (B) on the client, or comment outthe entry and reboot the system.

Note: The /etc/vfstab file lists all the file systems to be automatically mounted at system boot time, with the exception of the /etc/mnttab and /var/run file systems.

E: showmount This command displays all clients that have remotely mounted file systems that are shared from an NFS server, or only the file systems that are mounted by clients, or the shared file systems with the client access information. The command syntax is:

showmount [ -ade ] [ hostname ]

where -a prints a list of all the remote mounts (each entry includes the client name and the directory), -d prints a list of the directories that are remotely mounted by clients, -e prints a list of the files shared (or exported), and hostname selects the NFS server to gather the information from. If hostname is not specified the local host is queried.

F: * mountd Daemon

This daemon handles file-system mount requests from remote systems and provides access control. The mountd daemon checks /etc/dfs/sharetab to determine which file systems are available for remote mounting and which systems are

allowed to do the remote mounting.

* Commands for Troubleshooting NFS Problems

These commands can be useful when troubleshooting NFS problems.

rpcinfo Command

This command generates information about the RPC service that is running on a system.

Reference: man showmount


Question 5:

Review the output from a ZFS file system:

NAMEPROPERTYVALUESOURCE

pool1/encryptencryptionaes-256-ccmlocal pool1/encryptkeysourceraw,file///mykeylocal

You need to recreate the pooM/encrypt file system exactly as it is listed above Which two commands can you use to recreate the pooM/encrypt file system?

(Choose two.)

A. pktool genkey keystone=file outkey=/mykey keytype=aes keylen=256

B. genkey pktool keystore=file outkey=/mykey keytype=aes keylen=256

C. zfs create -o encryption=aes-256-ccm -o keysource=raw,file://mykey pooll/encrypt

D. zfs create -o encryption=aes-256-ccm -o keysource=raw,file:///mykey pooM/encrypt

E. zfs create -o encryption=aes-256-ccm -o keysource=raw,file:///mykey source=local pooll/encrypt

Correct Answer: BC


Visit our site to get more 1Z0-820 Q and As:https://www.geekcert.com/1Z0-820.html (133 QAs Dumps)

Pass 5V0-11.21 Exam By Practicing Latest 5V0-11.21 VCE and PDF Braindumps

Pass 5V0-11.21 Exam By Practicing Latest 5V0-11.21 VCE and PDF Braindumps

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your Vmware Certification 5V0-11.21 VMware Cloud on AWS Master Specialist exam. We will assist you clear the 5V0-11.21 exam with Vmware Certification 5V0-11.21 actual tests. We 5V0-11.21 vce are the most comprehensive ones.

Visit our site to get more 5V0-11.21 Q and As:https://www.pass4king.com/5v0-11-21.html (65 QAs Dumps)
Question 1:

An environment is running a VMware Cloud on AWS software-defined data center (SDDC) with six i3.metal hosts. Storage space usage has increased and the administrator is required to add storage capacity. Which two approaches can the administrator take to add storage capacity? (Choose two.)

A. Deploy Amazon Elastic File System (EFS) file shares from the AWS console and attach them to the i3.metal hosts. Use VMware Storage vMotion to migrate the storage-bound virtual machines to the Amazon EFS data stores.

B. Deploy Amazon Elastic Block Store (EBS) storage volumes (GP2) from the AWS console and attach them to the i3.metal hosts. Allow VMware vSAN extend the storage capacity automatically.

C. Deploy an additional cluster based on i3en.metal hosts and migrate the storage-bound virtual machines to the i3en.metal hosts.

D. Add additional i3.metal hosts to increase the total vSAN storage space.

E. Add additional i3en.metal hosts and migrate the storage-bound virtual machines to the i3en.metal hosts.

Correct Answer: BD


Question 2:

Which API endpoint serves as the authentication point for VMware Cloud on AWS?

A. Cloud Services Platform API

B. NSX-T Data Center API

C. Deployed SDDC API

D. VMware Cloud on AWS API

Correct Answer: A


Question 3:

An environment is running a cluster with six i3.metal hosts in the VMware Cloud on AWS software-defined data center (SDDC). If one host fails, what happens after a new host is automatically added to the cluster?

A. The SDDC and NVMe drives backing VMware vSAN capacity are unmounted from the failed host and attached to the new host. There is no VMware vSAN rebuild required.

B. The VMware vSAN rebuild starts in the background. Performance might be degraded during rebuild and the failures to tolerate (FTT) is lowered to 0.

C. The VMware vSAN rebuild starts in the background. Performance might be degraded during rebuild and the failures to tolerate (FTT) is lowered to 1.

D. A notification is received from VMware Support to start the VMware vSAN rebuild. Performance might be degraded during rebuild.

Correct Answer: C


Question 4:

An administrator deploys a virtual machine and configures it to perform backups to an AWS Simple Storage Service (S3) bucket. After the first month of use, the administrator receives a bill from AWS indicating egress charges were applied to the backup traffic leaving the software-defined data center (SDCC), destined for the AWS S3 bucket. What can the administrator do to ensure backup traffic travels to the linked Amazon Virtual Private Cloud (VPC) through the Elastic Network Interface?

A. Configure the S3 bucket with a public endpoint accessible over the Internet through HTTPS.

B. Configure Direct Connect to a private virtual interface for access to AWS services.

C. Create a gateway endpoint in the linked AWS VPC and configure it for use with the S3 bucket.

D. Configure a route-based virtual private network (VPN) for the SDDC to the VPC.

Correct Answer: D


Question 5:

A customer wants to ensure that VMware Cloud on AWS maintenance operations are performed during their maintenance window. Which option would allow the customer to achieve this outcome?

A. Schedule a maintenance preference in the software-defined data center (SDDC) console.

B. Schedule a call with VMware Cloud on AWS Support and schedule a maintenance window.

C. Schedule a call with AWS Support and schedule a maintenance window.

D. Schedule a maintenance window through an online support request.

Correct Answer: A


Question 6:

An administrator runs an analysis on all workloads using Live Optics and confirms there are a variety of applications, including Microsoft SQL server and Oracle databases. The Microsoft SQL workloads are averaging 4,000 IOPS per virtual machine, approximately 50% writes. The Oracle workloads are averaging 3,000 IOPS per virtual machine, and approximately 80% writes. Which method should be used to input the data into the VMware Cloud on AWS Sizer for the most accurate results?

A. Use the Advanced Sizer in \’database\’ mode. Create workload profiles for the analyzed virtual machines, including profiles for Microsoft SQL and Oracle. Set the values for vCPU, vRAM, utilized storage, IOPS and I/O profile manually.

B. Use the Quick Sizer. Set the values for vCPU, vRAM, utilized storage, IOPS and I/O profile manually.

C. Use the Advanced Sizer in \’import\’ mode. Import the Live Optics data and let the Advanced Sizer set the values for vCPU, vRAM, utilized storage, IOPS and I/O automatically.

D. Use the Advanced Sizer in \’manual\’ mode. Create workload profiles for the analyzed virtual machines, including profiles for Microsoft SQL and Oracle. Use the default values for the SQL and Oracle workload profiles.

Correct Answer: D


Question 7:

An administrator has deployed VMware Cloud on AWS and requires a single broadcast domain for a set of

virtual machines that reside both in the data center and in the software-defined data center (SDDC) over a

DirectConnect connection.

How can the administrator accomplish this without adding additional components in the cloud?

A. Duplicate the IP space in both locations and manually move the virtual machines.

B. Deploy a Layer 2 Virtual Private Network (L2VPN).

C. Use a third-party networking tool to extend the broadcast domain.

D. Deploy VMware HCX and a Service Mesh with a Network Extension appliance.

Correct Answer: B


Question 8:

What are two benefits of completing a full data center evacuation to VMware Cloud on AWS? (Choose two.)

A. Reduce the risk of migrating applications to the cloud by removing the need for application transformation.

B. Maintain existing investment in skills and toolsets.

C. Provide a hybrid cloud management solution.

D. Provide a seamless way to expand the on-premises software-defined data center (SDDC) into the cloud.

E. Diversify the risk associated with migrating applications to the cloud by automatically deploying workloads to multiple regions.

Correct Answer: AD


Question 9:

A new VMware Cloud on AWS customer has previously deployed a VMware Horizon-based VDI solution into their data centerto support their remote developer workforce. Due to unforeseen growth, the company needs to quickly expand their remote workforce. The growth will consume any forecast capacity in the VDI solution and, therefore, additional capacity is now required. The VDI solution service owner would like the solution to support the ability to quickly scale in/out to provide additional capacity based on demand. Which three steps should the administrator take to scale out the VDI solution? (Choose three.)

A. Deploy a new VMware Horizon pod on VMware Cloud on AWS.

B. Deploy a new VMware Horizon pod on-premises.

C. Configure network connectivity and firewall rules to allow communications between the two on-premises connection servers.

D. Configure network connectivity and firewall rules to allow communications between on-premises and VMware Cloud on AWS connection servers.

E. Connect the two VMware Horizon pods together using the security servers.

F. Connect the two VMware Horizon pods together using a Horizon Cloud Pod Architecture (CPA).

Correct Answer: BDF


Question 10:

An administrator is trying to identify how many hosts will be required to evacuate a cluster from an existing data center and relocate those workloads into VMware Cloud on AWS. The cluster runs a variety of workloads for the corporate customer relationship management system. Which three profiles could the administrator create in the VMware Cloud on AWS Sizer? (Choose three.)

A. Databases ?Oracle

B. Databases ?Microsoft SQL Server

C. General Purpose (Application VMs)

D. VDI ?Instant Clone

E. VDI ?Full Clone

F. General Purpose (General VMs)

Correct Answer: BEF


Question 11:

An administrator deploys a VMware Cloud on AWS environment and configures an IPsec virtual private network (VPN) tunnel to their data center. Hybrid Linked Mode connectivity, however, does NOT appear to be working. Before contacting VMware Support, what could the administrator do to narrow down the possible issue?

A. Fill in the relevant IP information for the on-premises infrastructure and run the desired troubleshooting connectivity test.

B. Download and review the Tier-0 (TO) gateway firewall logs.

C. Configure a packet capture device in the on-premises data center to capture packets from the VMware Cloud on AWS software-defined data center (SDDC) to determine which packets are being dropped.

D. Configure a packet capture appliance on a local segment within VMware Cloud on AWS to capture and analyze traffic across a specific NSX-T gateway interface.

Correct Answer: A


Question 12:

When deploying a VMware Cloud on AWS software-defined data center (SDDC), which components are deployed automatically?

A. VMware ESXi, vCenter, vSAN, NSX, Hybrid Linked Mode

B. VMware ESXi, vCenter, vSAN, NSX in active/passive mode

C. VMware ESXi, vCenter, vSAN, NSX, HCX

D. VMware ESXi, vCenter, vSAN, NSX in active/active mode

Correct Answer: C


Question 13:

Refer to the exhibit.

An administrator completes an assessment of its local data center for potential migration into VMware Cloud on AWS. After reviewing and analyzing the data and taking into account the company\’s business and IT priorities and budget constraints, connectivity between its on-premises and VMware Cloud on AWS environment will NOT require any high speed low latency connections. All new networks should be added to the software-defined data center (SDDC) routing table automatically when created. Which connection supports these requirements?

A. Layer 2 VPN (L2VPN)

B. AWS Direct Connect

C. Route-based VPN

D. Policy-based VPN

Correct Answer: D


Question 14:

An administrator deploys a virtual machine to its software-defined data center (SDDC) and configures it to perform backups of the other virtual machines in the SDDC. The administrator also creates an AWS Simple Storage Service (S3) bucket in the linked Amazon Virtual Private Cloud (VPC) and is attempting to use the S3 bucket as a repository for their backups. The administrator confirms that the backup software is capable of using AWS S3 storage as a backup repository, and that the AWS S3 bucket is configured to use an endpoint in the linked VPC. What else should the administrator do to ensure connectivity between SDDC virtual machines and the AWS S3 repository in the linked VPC through the Elastic Network Interface?

A. Configure Direct Connect to a Private Virtual Interface for access to AWS services.

B. Configure a route-based VPN for the SDDC to the VPC.

C. Configure Direct Connect to a Public Virtual Interface for access to AWS services.

D. Ensure Service Access for S3 is enabled in Networking and Security for the SDDC.

Correct Answer: A


Question 15:

Refer to the exhibit.

An administrator builds a software-defined data center (SDDC) group to enable connectivity to native Amazon Virtual Private Clouds (VPCs). Which connectivity option is needed to enable connectivity across environments?

A. Tier-0 (T0) Router

B. Transit Gateway

C. Virtual Private Network

D. The Default Storage Scale-Out policy storage threshold is set 5% higher than the other Elastic DRS storage policies.

Correct Answer: A


Visit our site to get more 5V0-11.21 Q and As:https://www.pass4king.com/5v0-11-21.html (65 QAs Dumps)

New Released Free Update of c7010-013 Exam Practice Materials

New Released Free Update of c7010-013 Exam Practice Materials

We ensures to provide the most update c7010-013 pdf with the most accurate answers. We IBM Certified Associate Business Process Analyst c7010-013 braindumps are the most complete and authoritative latest c7010-013 dumps with which one can pass the IBM Certified Associate Business Process Analyst c7010-013 exam in an easy way. Preparing for IBM Certified Associate Business Process Analyst c7010-013 IBM Cúram V6.0.5, Business Analysis and Design exam is really a tough task to accomplish. But We will simplified the process.

Visit our site to get more c7010-013 Q and As:https://www.pass4king.com/c7010-013.html (50 QAs Dumps)
Question 1:

Which component of the user interface appears on the screen when an action, such as New, Edit, or Delete, is initiated?

A. Pod

B. Action menu

C. Home page

D. Modal dialog

Correct Answer: D


Question 2:

Which three of the following are components of an application tab in the IBM Cúram user interface?

A. Application sections

B. Modal dialog

C. Navigation bar

D. Page group navigation bar

E. Shortcuts panel

F. Context panel

Correct Answer: CDF


Question 3:

Which three of the following are components of the IBM Cúram Social Program Management Platform?

A. Administration Suite

B. Evidence Management

C. Cúram Child Welfare

D. Cúram Appeals

E. Cúram Universal Access

F. Participant Management

Correct Answer: AB


Question 4:

Which three of the following are components of the IBM Cúram Social Program Management Platform?

A. Cúram Social Enterprise Collaboration

B. Cúram Universal Access

C. Cúram Outcome Management

D. Cúram Provider Management

Correct Answer: A


Question 5:

Which two of the following statements about the IBM Cúram Express Rules (CER) Editor are true?

A. Users of the CER Editor must have a basic knowledge of XML

B. To access the CER Editor, the user logs in to Cúram as a caseworker

C. The CER Editor uses various palettes to enable the user to create rules

D. The CER Editor is a separately licensed Cúram Solution

E. The CER Editor is designed for both business and technical users

Correct Answer: CE


Question 6:

Which three of the following are types of IBM Cúram Express Rules (CER)?

A. Workflow

B. Task

C. Validation

D. Financial

E. Advisor

F. Determination

Correct Answer: CDF


Question 7:

Which three of the following are terms dealing with IBM Cúram Express Rules (CER)?

A. Rule attribute

B. Rule session

C. Rule object

D. Rule repeat

E. Rule flow

F. Rule list group

Correct Answer: ABC


Question 8:

Which three of the following actions are available to system administrators when they are working with a single workflow process instance?

A. Reserve

B. Abort

C. Resume

D. Clone

E. Suspend

F. Defer

Correct Answer: BCE


Question 9:

Which of the following performs runtime execution of a workflow process?

A. Workflow Data Objects

B. Workflow Engine

C. User Inbox

D. Process Definition Tool

E. Workflow Administration

Correct Answer: B


Question 10:

Which three of the following items are workflow activity types?

A. Automatic

B. Route

C. Event

D. Loop

E. Transition

F. Notification

Correct Answer: ABD


Question 11:

Which three of the following statements about locations are true?

A. Locations represent the work places of the users

B. Each location must have a unique address

C. Locations are organized within a hierarchy

D. Locations are elements within the organization structure

E. Each location can have its own holiday schedule

F. Each location has its own lead position

Correct Answer: ACD


Question 12:

Which two of the following handle communications in IBM Cúram?

A. XSL

B. UML

C. UIM

D. Microsoft Word

E. PDF

Correct Answer: AB


Question 13:

Which template type should the caseworker use?

A. Microsoft Word

B. PDF

C. XSL

D. OpenOffice

E. Attachment

Correct Answer: C


Question 14:

Which three of the following statements about rate tables are true?

A. They have effective dates

B. They store values for drop-down lists

C. They store application properties

D. They can be cloned

E. They cannot be used by rule sets

F. They store values that can vary over time

Correct Answer: ADF


Question 15:

Which three of the following elements of a user\’s profile can be used to prevent them from successfully logging into IBM Cúram?

A. Account expiration date

B. Location

C. Number of log-ins per hour

D. Organization unit

E. Days of the week

F. Time of day

Correct Answer: BEF


Visit our site to get more c7010-013 Q and As:https://www.pass4king.com/c7010-013.html (50 QAs Dumps)

[PDF and VCE] Free 300-100 VCE and PDF, Exam Materials Instant Download

[PDF and VCE] Free 300-100 VCE and PDF, Exam Materials Instant Download

Attention please! Here is the shortcut to pass your 300-100 exam! Get yourself well prepared for the LPIC Level 3 300-100 LPIC-3 Exam 300 Mixed Environments version 1.0 exam is really a hard job. But don’t worry! We We, provides the most update latest 300-100 dumps. With We latest 300-100 pdf, you’ll pass the LPIC Level 3 300-100 LPIC-3 Exam 300 Mixed Environments version 1.0 exam in an easy way

Visit our site to get more 300-100 Q and As:https://www.geekcert.com/300-100.html (145 QAs Dumps)
Question 1:

Which option must be specified in smb.conf in order to make Samba create machine accounts automatically when a client joins the domain?

A. kerberos

Correct Answer: A


Question 2:

Which of the following Samba variables must be used to pass the machine name to the script specified in add machine script within a Samba configuration file?

A. %m

B. %w

C. %p

D. %q

E. %u

Correct Answer: E


Question 3:

What command checks the Samba configuration file for syntactical correctness? (Specify ONLY the command without any path or parameters.)

A. TESTPARM

Correct Answer: A


Question 4:

Which of the following ports are open by default on a Samba 4 Active Directory Domain Controller? (Choose three.)

A. 443/TCP

B. 138/TCP

C. 389/TCP

D. 445/TCP

E. 53/TCP

Correct Answer: BCD


Question 5:

It is found that changes made to an OpenLDAP directory are no longer being replicated to the slave server at 192.168.0.3. Tests prove that the slave server is listening on the correct port and changes are being recorded properly to the replication log file.

In which file would you find the replication errors?

A. replication.err

B. replication.rej

C. 192.168.0.3: 389.rej

D. 192.168.0.3: 389.err

Correct Answer: C


Question 6:

Below is an ACL entry from a slapd.conf file. Fill in the access control level setting to prevent users from retrieving passwords. access to attrs=lmPassword,ntPassword by dn=”cn=smbadmin,dc=samplenet” write by * _______

A. none

Correct Answer: A


Question 7:

Which of the following procedures will test the TLS configuration of an OpenLDAP server?

A. Run the ldapsearch command with the -ZZ option, while watching network traffic with a packet analyzer.

B. Run the ldapsearch command with the -x option, while watching network traffic with a packet analyzer.

C. Run the slapcat command, while watching network traffic with a packet analyzer.

D. Verify the TLS negotiation process in the /var/log/ldap_auth.log file.

E. Verify the TLS negotiation process in the /var/log/auth.log file.

Correct Answer: A


Question 8:

In slapd.conf, what keyword will instruct slapd to not ask the client for a certificatE. TLSVerifyClient = ________

A. never

B. nocert

C. none

D. unverified

Correct Answer: A


Question 9:

After modifying the indexes for a database in slapd.conf and running slapindex, the slapd daemon refuses to start when its init script is called. What is the most likely cause of this?

A. The indexes are not compatible with the init script.

B. The init script cannot be run after executing slapindex, without first signing the indexes with slapsign.

C. The init script has identified one or more invalid indexes.

D. The init script is starting slapd as an ordinary user, and the index files are owned by root.

Correct Answer: D


Question 10:

Which of the following parameters can be used in the file DB_CONFIG? (Select TWO correct answers.)

A. set_cachesize

B. set_cachepath

C. set_db_type

D. set_db_path

E. set_lg_max

Correct Answer: AE


Question 11:

When configuring an OpenLDAP system for integration with PAM and NSS the /etc/nsswitch.conf file needs to be modified. Which of the following parameters completes this line from the /etc/nsswitch.conf file? passwD. files _________

A. pam

B. ldap

C. pam_nss

D. pam_ldap

E. none

Correct Answer: B


Question 12:

By configuring Pluggable Authentication Module (PAM) and Name Service Switch (NSS) technologies to use OpenLDAP, what authentication service can be replaced?

A. Microsoft NT Domain

B. Samba

C. Network Information Service (NIS)

D. Active Directory (AD)

Correct Answer: C


Question 13:

When configuring an OpenLDAP server to act as a proxy to a Microsoft Active Directory server, what is the correct database type for this stanza of the slapd.conf file? database _________

suffix “cn=users,dc=testcorp,dc=com”

subordinate

rebind-as-user

uri “ldap: //dc1.testcorp.com/”

chase-referrals yes

A. ldap

Correct Answer: A


Question 14:

Which port in TCP/IP communication is used for Kerberos v5?

A. 888

B. 86

C. 88

D. 90

Correct Answer: C


Question 15:

Which of the following are true for CIFS? (Choose TWO correct answers.)

A. Filenames can be in any character set.

B. Filenames can have a maximum length of 127 characters.

C. Unlike SMB, CIFS is not optimized for slow network connections.

D. Opportunistic Locks are supported.

Correct Answer: AD


Visit our site to get more 300-100 Q and As:https://www.geekcert.com/300-100.html (145 QAs Dumps)