You can definitely find that its beneficial for you to get familiar with a lot of 1Z0-821 qualification products in addition to cost-free Oracle 1Z0-821 qualification assets, as this could make you more valuable being an staff member. With the full Oracle 1Z0-821 qualification coaching package deal, you are going to reduce the 1Z0-821 qualification price tag and also be in a position to complete the Oracle 1Z0-821 qualification assessments, 100% Money Back Guarantee incorporated!

2021 Dec 1Z0-821 exam guide

Q91. - (Topic 2) 

Identify three options that describe the new Oracle Solaris 11 zone features. 

A. There are boot environments for zones. 

B. Administrators can delegate common administration tasks by using RBAC. 

C. Oracle Solaris 11 supports Solaris 8,9,and 10 branded zones. 

D. You can migrate a physical Solaris 10 system and its non-global zones to a solaris10 branded zone running on an Oracle Solaris 11 system. 

E. It is possible to change the host ID of a zone. 

Answer: A,B,D 


A: The beadm utility includes support for creating and administering non-global zone boot environments. Note: A boot environment is a bootable instance of the Oracle Solaris operating system image plus any other application software packages installed into that image. System administrators can maintain multiple boot environments on their systems,and each boot environment can have different software versions installed. 

B: Role-based access control (RBAC) is a security feature for controlling user access to tasks that would normally be restricted to the root role. By applying security attributes to processes and to users,RBAC can divide up superuser capabilities among several administrators. 

Q92. - (Topic 2) 

Identify the two security features incorporated in the Oracle Solaris 11 Cryptographic Framework. 

A. Layer 5 IP address encryptions 

B. Internet protocol security 

C. Diffie-Kerberos coaxial key encryption 

D. Signed cryptographic plugins (providers) 

E. Kernel support for signed antivirus plugins 

Answer: D,E 


The framework enables providers of cryptographic services to have their services used by many consumers in the Oracle Solaris operating system. Another name for providers is plugins. The framework allows three types of plugins: 


 User-level plugins - Shared objects that provide services by using PKCS #11 libraries,such as 


 Kernel-level plugins - Kernel modules that provide implementations of cryptographic algorithms in software,such as AES. 

Many of the algorithms in the framework are optimized for x86 with the SSE2 instruction set and for SPARC hardware. 


 Hardware plugins - Device drivers and their associated hardware accelerators. The Niagara chips,the ncp and n2cp device drivers,are one example. A hardware accelerator offloads expensive cryptographic functions from the operating system. The Sun Crypto Accelerator 6000 board is one example. 

Q93. - (Topic 2) 

You are using AI to install a new system. You have added to following information to the AI manifest: 

<configuration type= “zone” name= “dbzone” 

source = “”/> 

Which statement is true with regard to the zone.cfg? 

A. The zone.cfg file is text file in a zonecfg export format. 

B. The zone.cfg file is an AI manifest that specifies how the zone is to be installed. 

C. The zone.cfg file is an xml file in a form suitable for use as a command file for the zonecfg command. 

D. The zone.cfg file is an SC profile with keywords that are specific for configuring a as part of the installation process. 

E. It is am xml configuration file from the /etc/zone directory. It will be used as a profile for the zone. It specifies the zonename,zonepath,and other zonecfg parameters. 

Answer: B Explanation: 

The configuration element supports non-global zone configurations. When installing a 

global zone system,the zone configurations specified in the AI manifest are used to install 

non-global zones onto the system after the global zone has been installed 

The configuration element has the following attributes: 


The type of configuration to install. The only type supported by AI is zone. 


A name given to the configuration. This name must be unique across all configuration 

elements in an AI manifest. For configurations of type zone,this name is also used as the 

zonename for he zone. 


The location from which AI downloads the configuration file for this configuration element. 

The value can be an HTTP or FILE URI specification. For configurations of type zone,this 

value should point to a zone configuration file as produced from the zonecfg export 


Q94. - (Topic 2) 

Identify the correctly matching pair of equivalent functionality of JumpStart and Automated installer (AI). 

A. JumpStart: begin script AI: package repository 

B. JumpStart: setup_serverAI: installadm create-service 

C. JumpStart: add_Install_clientAI: SMF system configuration profile files 

D. JumpStart: finish scripts and sysidsfg filesAI: manifest files 

Answer: B Explanation: 

JumpStart: Use the.setup_install_server(1M) command. AI: Use the.installadm create-service.command. 

Q95. - (Topic 2) 

What is the result of executing the following command? 

svcs -d svc:/network/ssh:default 

A. disables the svc:/network/ssh:default service 

B. displays the services that svc: /network/ssh:default is dependent on 

C. displays the services that are dependent on the svc: /network/ssh:default service 

D. deletes the svc: /network/ssh:default service 



The svcs command displays information about service instances as recorded in the service configuration repository. 

-d Lists the services or service instances upon which the given service instances depend. 

Renew 1Z0-821 exam cram:

Q96. - (Topic 2) 

You have been asked to troubleshoot the initial configuration of a virtual network connecting two local zones with the outside world. 

View the exhibit. 

The command 

dladm create-vnic -1 vswitch192.168.1 vnic1 

fails with the error 

dladm: invalid link name ‘vswitch192.168.1’ 

What is the reason for this error? 

A. The name vswitch192.168.1 is not legal. 

B. The zone must be specified withdladm create-vnic -z zone3 vnic1. 

C. The virtual interface must be specified withdladm create-vnic -z zone3 vnic1. 

D. The virtual interface must be created withipadm create-vnic -1 switch192.168.1. 

E. The virtual switch must be created first withdladm create -etherstub vswitch192.168.1. 



There is no data-link named vswitch192.168. 

We need to create an etherstub first. 

See Note and example below for details. 

Note: Create a VNIC in the system's global zone. 

# dladm create-vnic -l data-link vnic-name data-link is the name of the interface where the VNIC is to be configured. -l link,--link=link 

link can be a physical link or an etherstub. 

vnic-name is the name that you want to give the VNIC. 

For example,to create a VNIC named vnic0 on interface e1000g0,you would type the 

following: # dladm create-vnic -l e1000g0 vnic0 Example: Creating a Virtual Network Without a Physical NIC First,create an etherstub with name stub1: # dladm create-etherstub stub1 Create two VNICs with names hello0 and test1 on the etherstub. This 

operation implicitly creates a virtual switch connecting hello0 and 

test1. # dladm create-vnic -l stub1 hello0 # dladm create-vnic -l stub1 test1 

Q97. - (Topic 2) 

You have already generated a 256-bit AES raw key and named the keystore file /mykey. You need to use the key to create an encrypted file system. 

Which command should you use to create a ZFS encrypted file system named pool1/encrypt using the /mykey keystore? 

A. zfs create - o encryption = /mykey pool1/encrypt 

B. zfs create - o encryption = 256-ccm - o keysource = raw,file : ///my key pool1/encrypt 

C. zfs create - o encryption = AES keysource = /mykey pool1/encrypt 

D. zfs create - o encryption = on keystore = /mykey pool1/encrypt 

Answer: B Explanation: 

Example: Encrypting a ZFS File System by Using a Raw Key 

In the following example,an aes-256-ccm encryption key is generated by using the pktool command and is written to a file,/cindykey.file. 

# pktool genkey keystore=file outkey=/cindykey.file keytype=aes keylen=256 Then,the /cindykey.file is specified when the tank/home/cindy file system is created. 

# zfs create -o encryption=aes-256-ccm -o keysource=raw,file:///cindykey.file tank/home/cindys 

Q98. - (Topic 1) 

Which two options are characteristics of a fast reboot? 

A. A fast reboot bypasses grub. 

B. A fast reboot cannot be used after a system panic on the x86 platform. 

C. A fast reboot can only be executed on the SPARC platform when the config/fastreboot_default property for the svc:/system/boot-config:default service is set to true. 

D. A fast reboot uses an in-kernel boot loader to load the kernel into memory. 

E. A fast reboot is the default on all platforms. 

Answer: C,D 


C: To change the default behavior of the Fast Reboot feature on the SPARC platform,so that a fast reboot is automatically performed when the system reboots,see below. 

The following example shows how to set the property's value to true on the SPARC platform,so that a fast reboot is initiated by default: 

# svccfg -s "system/boot-config:default" setprop config/fastreboot_default=true # svcadm refresh svc:/system/boot-config:default 

D: Fast Reboot implements an in-kernel boot loader that loads the kernel into memory and 

then switches to that kernel. 

The firmware and boot loader processes are bypassed,which enables the system to reboot 

within seconds. 

The Fast Reboot feature is managed by SMF and implemented through a boot configuration service,svc:/system/boot-config. The boot-config service provides a means for setting or changing the default boot configuration parameters. When the config/fastreboot_default property is set to true,the system performs a fast reboot automatically,without the need to use the reboot -f command. This property's value is set to true on the x86 platform. For task-related information,including how to change the default behavior of Fast Reboot on the SPARC platform,see Accelerating the Reboot Process on an x86 Based System. 

Note: One new feature,called Fast Reboot,will allow the system to boot up without doing the routine set of hardware checks,a move that can make system boot times up to two-and-a-half times faster,Oracle claimed. This feature can be handy in that an administrator applying a patch or software update across thousands of Solaris deployments can reboot them all the more quickly. 

Q99. - (Topic 1) 

Which files must be edited in order to set up logging of all failed login attempts? 

A. /etc/default/login,/var/adm/loginlog,/etc/syslog.conf 

B. /etc/default/login,/var/adm/authlog,/etc/syslog.conf 

C. /var/adm/loginlog,/var/adm/authlog,/etc/syslog.conf 

D. /etc/default/login,/var/adm/authlog,/var/adm/loginlog 



This procedure captures in a syslog file all failed login attempts. 


 Set up the /etc/default/login file with the desired values for SYSLOG and SYSLOG_FAILED_LOGINS Edit the /etc/default/login file to change the entry. Make sure that SYSLOG=YES is uncommented. 


 Create a file with the correct permissions to hold the logging information. Create the authlog file in the /var/adm directory. 


 Edit the syslog.conf file to log failed password attempts. Send the failures to the authlog file. 

Q100. - (Topic 2) 

ServerA contains two ISO images of a package repository named so1.repo.iso-a and so1.repo.iso-b respectively. You need to create a single local package repository on server that clients can connect to. The package repository will be stored on the /export/IPS file system and named repo. The preferred publisher will be named solaris and the publisher URL will be 

Which is the correct procedure to perform on ServerA to create the local Package repository? 

A. cat so1.repo.iso-a sol.repo.iso-b > so1.full.isoMount the ISO image and use the rsync command to extract the contents of the ISO file to the /export/IPS file system.Set the pkg/inst_root property to /export/IPS/repo and the pkg/readonly property to true.Set the preferred publisher by using pkg set-publisher -G -g http”// solaris 

B. cat so1.repo.iso-a so1.repo.iso-b > /export/IPS/repoSet the pkg/inst_root property to true and the pkg/readonly property to /export/IPSSet the preferred publisher by using pkg set-publisher -G -g http://pkg/ 

C. cat so1.repo.iso-a so1.repo.iso-b > so1.full.isoMount the ISO image and use the rsync command to extract the contents of the ISO file to /export/IPS/repoSet the pkg/inst_root property to /export/IPS/repo and the pkg/readonly property to trueSet the preferred publisher by using pkg set-publisher solaris -g 

D. cat so1.repo,iso-a so1.repo.iso-b > /export/IPS/repo.isoMount the ISO image and copy the repo directory from the ISO image to /export/IPS/reposet the pkg/inst_root property and the pkg/readonly property to /export/IPS/reposet the preferred pkg/inst_root property by using pkg set-publisher - G - g p solaris 



Concatenate the files into one file using the cat command. 

Make the contents of the repository .iso file available using the mount command. 

To increase the performance of repository accesses and to avoid the need to remount 

the..iso.image each time the system restarts,copy the repository files from./mnt/repo/to a 

ZFS file system. You can do this copy with.rsync.or with.tar.