Sun 310-303 Sun Certified Security Administrator for the Solaris 10 OS

About Exam

Exam number/code: 310-303
Exam name: Sun Certified Security Administrator for the Solaris 10 OS
Exam no. of questions: 59 Questions
Duration: 105 minutes
Passing score: 52%
Question types: Multiple choice questions (MCQ's), Multiple choice single answer, Multiple choice multiple answer, Drag and drop & Simulations (optional)

The Sun Certified Security Administrator for the Solaris 10 Operating System exam is for test candidates with extensive job-role experience administering security in a Solaris Operating System (Solaris 10 or OpenSolaris) environment. Sun Certification recommends that candidates attend the course: SC-301-S10: Personalizing Security on the Solaris 10 Operating System, and previous Solaris OS system and network administration certification is strongly recommended. This exam presumes the test candidate has an in-depth knowledge of UNIX and Solaris OS features. The exam includes multiple-choice, scenario-based questions and drag-and-drop questions and requires extensive knowledge of Solaris OS security administration topics including: general security principles and features, hardening and minimization, principles of least privilege, cryptographic features, Kerberos, user account and password security, network security, auditing and zone security.

• Section 1: General Security Principles and Features
• Section 2: Installing Systems Securely
• Section 3: Principles of Least Privilege
• Section 4: Cryptographic Features
• Section 5: Application and Network Security
• Section 6: Auditing and Zone Security

Exam Objectives

Section 1: General Security Principles and Features

# 1. Describe basic security principles including the need for a security policy, process, education and the need to audit, patch and securely configure systems.

# 2. Describe the purpose, features, and functions of the Solaris 10 security features as they relate to:

• Device Policy
• Kerberos enabled applications, LDAP and Inter operability enhancements
• Process Rights Management
• Solaris Containers
• User Rights Management

# 3. Describe the purpose, features, and functions of the Solaris 10 security features as they relate to:

• Password Strength, Syntax Checking, History and Aging Improvements
• Basic Audit and Report Tool for File Integrity
• IPfilter Stateful Packet Filtering Firewall
• Solaris Secure Shell
• IPsec/IKE Performance Enhancements

# 4. Describe the purpose, features, and functions of the Solaris 10 security features as they relate to:

• Solaris Auditing
• Trusted Extensions
• PAM Improvements
• Encryption and Message Digest Functions Built into the Solaris OS

Section 2: Installing Systems Securely

# 5. Describe minimization including minimal installation, software installation clusters, loose versus strict minimization, and providing consistent, known configuration for installations.

# 6. Manage patches including describing the Update Manager, describing signed patches, verifying signatures, and specifying a Web Proxy.

# 7. Perform hardening including implementing the Solaris Security Toolkit (SST).

Section 3: Principles of Least Privilege

# 8. Implement Process Rights Management including describing PRM, process privileges, determining rights required by process, profiling privileges used by processes, and assigning minimum rights to a process.

# 9. Implement User Rights Management including using Access Control, using RBAC, and implementing password strength, syntax checking, and history and aging improvements.

Section 4: Cryptographic Features

# 10. Utilize the Solaris Cryptographic framework including describing the Solaris Cryptographic Framework, using the basic administration tools for Solaris, using the SCF User-Level Commands, describing Framework Management, and using Solaris Cryptographic Framework with a Web server, with a Java-based application and with a Sun Crypto Accelerator.

# 11. Manage file system security, including using signed ELF objects, implementing BART for file integrity, and using the Solaris Fingerprint Database.

Section 5: Application and Network Security

# 12. Use the Service Management Facility (SMF) including describing using the SMF, describing the concept of Least Privilege and SMF, describing Authorizations, describing Limit Service Privileges, determining a current service's privileges and configuring a service to reduce privileges.

# 13. Secure networks including using Access Control, using TCP Wrappers, implementing the IPfitler Stateful Packet Filtering Firewall, describing Kerberos, implementing Solaris Secure Shell (SSH), and describing NFSv4.

# 14.Implement IPsec including describing IPsec, configuration IPsec, configuring IKE, and troubleshooting IPsec con