ExamTopics Logo
Mail Us[email protected]
Menu
Oracle Discussions
exam questions

Exam 1z0-580 All Questions

View all questions & answers for the 1z0-580 exam
Go to Exam

Exam 1z0-580 topic 1 question 20 discussion

Actual exam question from Oracle's 1z0-580
Question #: 20
Topic #: 1
[All 1z0-580 Questions]

After installing and customizing an Oracle Solaris 11 non-global (solaris brand) zone, you execute commands:
# zonecfg z myzone set file-mac-profile=fixed-configuration'
# zoneadm z myzone reboot
What is the impact of making this specific change?

  • A. This change prevents MAC address spoofing by requiring outbound network packets to have a predefined value.
  • B. This enables support within the zone for Mac OS X extended file attributes for the zone root file system.
  • C. This change restricts user access to objects in the zone based upon their Oracle Solaris Trusted Extension labels.
  • D. This change prevents the zone from being able to mount any remote file systems once the zone has boon booted.
  • E. This change forces the zone root file system into a read-only state where only parts of /var are writable.
Show Suggested Answer Hide Answer
Suggested Answer: E 🗳️
Through the zonecfg utility, the file-mac-profile can be set to one of the following values (see note below). All of the profiles except none will cause the /var/pkg directory and its contents to be read-only from inside the zone.
* none
Standard, read-write, non-global zone, with no additional protection beyond the existing zones boundaries. Setting the value to none is equivalent to not setting file-mac-profile property.
* strict
* fixed-configuration
Permits updates to /var/* directories, with the exception of directories that contain system configuration components.
IPS packages, including new packages, cannot be installed.
Persistently enabled SMF services are fixed.
SMF manifests cannot be added from the default locations.
Logging and auditing configuration files can be local. syslog and audit configuration are fixed.
* flexible-configuration
Note:
zonecfg file-mac-profile Property
By default, the zonecfg file-mac-profile property is not set in a non-global zone. A zone is configured to have a writable root dataset.
In a solaris read-only zone, the file-mac-profile property is used to configure a read-only zone root. A readonly root restricts access to the runtime environment from inside the zone.
Reference: Oracle Solaris Administration: Oracle Solaris Zones, Oracle Solaris 10 Zones, and Resource Management
by [deleted] at April 4, 2025, 10:35 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel