Exam Title

: HP HP0-766 : Nonstop Security

Version : R6.1

www.Prepking.com

Prepking - King of Computer Certification Important Information, Please Read Carefully

Other Prepking products A) Offline Testing engine Use the offline Testing engine product to practice the questions in an exam environment. B) Study Guide (not available for all exams) Build a foundation of knowledge which will be useful also after passing the exam. Latest Version We are constantly reviewing our products. New material is added and old material is updated. Free updates are available for 90 days after the purchase. You should check your member zone at Prepking and update 3-4 days before the scheduled exam date. Here is the procedure to get the latest version: 1.Go towww.Prepking.com 2.Click on Member zone/Log in (right side) 3. Then click My Account 4.The latest versions of all purchased products are downloadable from here. Just click the links. For most updates,it is enough just to print the new questions at the end of the new version, not the whole document. Feedback If you spot a possible improvement then please let us know. We always interested in improving product quality. Feedback should be send to feedback@Prepking.com. You should include the following: Exam number, version, page number, question number, and your login ID. Our experts will answer your mail promptly. Copyright Each PDF file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular PDF file is being distributed by you, Prepking reserves the right to take legal action against you according to the International Copyright Laws. Explanations This product does not include explanations at the moment. If you are interested in providing explanations for this exam, please contact feedback@Prepking.com.

www.Prepking.com

 1. NonStop Kernel system users fall into a number of classes, indicated by the Userid. What is true for Group managers? A. The Userid is 255,254. B. The Userid is m,255 where m in an integer from 1 to 254. C. The Userid is 255,n where n is an integer from 1 to 254. D. The Userid is m,n where m and n are integers from 1 to 254. Answer: B 2. Which statement is true if the global SAFEGUARD setting PASSWORD-REQUIRED = ON? A. A password is required to log on as a Super ID. B. A password is required for all users to log on to the system. C. A password is required for a super ID or group manager ID to log on as another user. D. A password is required to log on only if PASSWORD-MINIMUM-LENGTH is set greater than zero. Answer: C 3. What does an Alias inherit from the linked Userid? Select TWO. A. the local access capabilities of the Userid B. the remote access authority of the Userid C. the same CAID/PAID as the Userid D. the ability to change the owner of the Userid E. the ability to remove the Userid from any ACL Answer: AC 4. Which statement is true about an Alias if the Userid it is linked to is frozen? A. The Alias is automatically frozen. B. It is still possible to logon as the Alias. C. The Alias is automatically frozen at the next logon. D. The alias can thaw the frozen Userid to which it is linked. Answer: B 5. Which Safeguard configuration attribute forces privileged Userids to always use a password when they authenticate as another user? A. LOGON-PASSWORD-MANDATORY B. PASSWORD-REQUIRED C. AUTHENTICATE-PASSWORD-MANDATORY D. AUTHENTICATE-PASSWORD-REQUIRED Answer: B 6. What is the name of the iTP Secure WebServer utility used for password administration? A. wsadmin

www.Prepking.com

 B. webadmin C. secadmin D. useradm Answer: D 7. A user is added with the following specified in the User configuration record: PASSWORD-MUST-CHANGE EVERY 30 DAYS PASSWORD-EXPIRY-GRACE 29 DAYS When is the user allowed to change the password? A. today only B. within 29 days C. within 30 days D. within 59 days Answer: D 8. Which Safeguard configuration attribute is used to hide passwords during logon? A. LOGON-PASSWORD-HIDDEN B. LOGON-PASSWORD-BLIND C. AUTHENTICATE-PASSWORD-HIDDEN D. BLINDLOGON Answer: D 9. Which statement about the FTP server is true when a user name appears in the

$SYSTEM.ZTCPIP.FTPUSERS file? A. It allows access to the configured FTP services. B. It rejects access without authenticating the user definition. C. It allows access without authenticating the user definition. D. It rejects access if the user does not have execute permission. Answer: B 10. If an OBJECTTYPE USER record exists, which criteria must the person executing an ADD ALIAS command meet to complete the task successfully? Select TWO. A. be a super-group user B. be the SECURITY-ADMINISTRATOR C. be the owner of the underlying Userid D. be a group member of the underlying Userid E. have CREATE authority on the OBJECTTYPE USER access control list Answer: CE 11. When does Safeguard calculate a new PASSWORD-EXPIRES date? Select TWO.

www.Prepking.com

 A. each time the password is changed B. when the PASSWORD-MUST-CHANGE attribute is added or changed

C. when a Userid is frozen D. each time Safeguard is started Answer: AB 12. Which disk file security vector is available within OSS? A. Safeguard Access Control Lists (ACLs) B. Read/Write/Execute/Purge (RWEP) C. Read/Write/Execute/Read/Write/Execute/Read/Write/Execute (rwxrwxrwx) D. Linux Access Control Lists (ACLs) Answer: C 13. Which Guardian security vector will allow any local user on the system to execute a program? A. RWPE B. NONO C. RWXD. NOAO E. NUUN Answer: D 14. What is the function of the 'Diver' program? A. It starts a diving game that takes up substantial system resources. B. It crashes the CPU that it is started in and primes it for reloading. C. It exercises the ServerNet connection of the CPU that it is started in. D. It creates a simulated load on the system for application testing purposes. Answer: B 15. Which conditions must be met before a non-owner of an OSS file is allowed to remove it? Select TWO. A. write permission to the file B. file is not in use C. execute permission to the directory D. sticky bit is turned on for the directory Answer: AC 16. Which function does SNOOP allow? A. to monitor system performance B. to monitor logon attempts C. to examine and alter TMF audit trails D. to view security errors

www.Prepking.com

 E. to view TCP/IP traffic Answer: C 17. Which parameter is used to allow non-privileged users access to privileged or callable procedures? A. LICENSE B. PROGID C. SECURE D. REVOKE Answer: A 18. Which actions cause a message to be sent to $CMON? Select TWO. A. authenticating through TACL B. authenticating through FTP C. calling 'NEWPROCESS' directly to run a program D. running a program from the OSS Shell (OSH) E. issuing the ALTPRI command through TACL Answer: AE 19. Which security attribute settings for a PATHWAY object owned by 66,1 allow it to be run by local user 200,1? Select TWO. A. A B. X C. N D. NONO E. AOAO Answer: AC 20. Which factors are part of the data protection provided by the protection view? Select THREE. A. CHECK option B. SECURE option C. security string of the underlying table D. the number of the underlying tables used in the view E. view columns F. table rows Answer: ABE 21. What can a SYSTEM-OPERATOR security group member do? Select TWO. A. alter the Audit Service B. alter Safeguard global settings C. add an audit pool

www.Prepking.com

 D. add a Safeguard terminal E. release an audit trail file Answer: CE 22. Which access authorities are valid for a disk file ACL? A. **** B. NUNU C. RXPWCO D. RWEPCO E. RWEPGO Answer: D 23. Which Safeguard global parameters should be set for a secure system? Select THREE. A. SAFEGUARD-SECURITY ON B. PASSWORD-REQUIRED ON

C. GUARDIAN-SECURITY OFF D. PASSWORD-MINIMUM-LENGTH [value] E. PASSWORD-ENCRYPT ON F. REMOTE-PASSWORD-REQUIRED Answer: BDE 24. What is the security risk if a privileged process calls DEBUG? A. None, the process halts to prevent user access to privileged code. B. None, a non-privileged user that has access to the HOMETERM of the process only can resume the process. C. Anyone who has access to the HOMETERM of the process can read and alter possibly sensitive data. D. Anyone who has access to the HOMETERM of the process becomes a privileged user while in DEBUG. Answer: C 25. Which statement describes OSS security? A. It has its own file system, provides a second set of interfaces to the NonStop OS, and supports some Safeguard functionality. B. It is a second operating system that sits on top of Guardian and is subject to all Guardian security controls. C. It has its own file system, provides a second set of interfaces to the NonStop OS, and is subject to all Safeguard security controls. D. OSS is a second operating system that sits on top of Guardian and requires Safeguard. Answer: A 26. How is the default DSM/SCM Userid changed? ON

www.Prepking.com

 A. FUP GIVE all files on the DSM/SCM subvol to the new DSM/SCM Userid. B. Create the Safeguard ACLs for the new DSM/SCM Userid. C. Use INITENV with the change option. D. Only the Superid can be the DSM/SCM Userid. Answer: C 27. Safeguard is running on the DSM/SCM target system. What is required to protect the files in the new configuration with Guardian security instead of Safeguard? A. Stop Safeguard; FUP SECURE the files; Restart Safeguard. B. Do a FUP SECURE with the ignore-safeguard option. C. Make sure no disk files are protected with PERSISTENT ON; Then do: > PATHCOM $YPHI = ALTER ta-001, PARAM "ignore-safeguard-protection" D. Use INITENV with the change option. Answer: C 28. When installing a new copy of the OS with DSM/SCM, existing system files are secured in which manner? A. NCNC B. the default security settings for SUPER.SUPER C. to the settings that HP supplied with each product D. according to existing versions of the files Answer: D 29. Which protocols are designed to encrypt network traffic between two end points? Select THREE. A. TLA B. TLS C. SSL D. FTP E. SSH F. HTTP G. Telnet H. Kerberos Answer: BCE 30. Giving the TACL run command as shown in the following syntax:

www.Prepking.com

 TACL> run LISTNER [/tandem run-options/] < backupcpu> LOG_GOTCONN What does the LOG_GOTCONN run option do? A. generates Safeguard audit events from the LISTENER process B. enables the logging of the "got connection" EMS messages C. produces a log message on $0 when the GOTCONN service is requested D. generates an event when the LISTNER process is started Answer: B 31. What is the effect of creating an ACL with auditing flags but no access list? A. No object access is possible because of the ACL. B. The owner of the ACL is granted access and audited. C. All users can access the object and are audited accordingly. D. Object access is decided at the higher level but audit is produced. Answer: A 32. Given a situation where the current audit files are full and there is no room in $SYSTEM.SAFE, what will happen when Recovery mode is set to DENY GRANTS? A. Any action that generates an audit will fail. B. The current audit file will extend its size by denying file extensions of other disk files. C. Audit capture will no longer be granted. D. SUPER.SUPER is always allowed to logon. Answer: A 33. How is the global SAFEGUARD audit configuration defined? A. using the SET AUDIT command in SAFECOM B. using the AUDIT ON startup parameter for $ZSMP C. using the ALTER SAFEGUARD command in SAFECOM D. using the =SET_AUDIT define from TACL before starting SAFEGUARD Answer: C 34. What can be used to audit TACL logon activity on a system without Safeguard configured? A. TMF audit trail B. TACLSEGF to record logons C. a user written $CMON process to process logon attempts D. an EMS collector to capture logon activity Answer: C 35. Which statement is true if SAFEGUARD is set to run in system level warning mode? A. Access is not allowed to processes that have a protection record and a warning message is sent to EMS. B. Access is allowed to processes that have a protection record and a message is sent to EMS.

www.Prepking.com

 C. Access is not allowed to processes that have a protection record if the protection record does not grant access. D. Access is allowed to processes that have a protection record even if the protection record does not grant access. Answer: D 36. Which statements regarding monitoring network traffic on NonStop servers are true? Select TWO. A. The SUPER.SUPER user can use the ECHO program to monitor ongoing Telnet sessions of other users. B. The LISTNER process can be configured to create EMS events for every new incoming connection. C. The TELSERV process can be configured to write the commands of a remote Telnet user to a log file. D. The TRACE command in SCF can be used to log all TCP/IP traffic for a given TCP/IP process. Answer: BD 37. Which events are unconditionally audited by SAFEGUARD? Select THREE. A. altering or adding an audit pool B. STOP SAFEGUARD command C. reading a SAFEGUARD audit trail file D. altering SAFEGUARD global settings E. altering Userid file security Answer: ABD 38. Without the security manager knowing, an alias has been created to SUPER.SUPER. Which actions should the security manager take? Select THREE. A. That alias should be frozen. B. The password file should be set to unencrypted and the alias password found. C. All logon attempts to the alias should be audited and examined. D. The SUPER.SUPER Userid should be frozen. E. The security breach should be reported. F. The system should be restarted to ensure integrity. Answer: ACE 39. Which statements about using FTP to transfer files to and from a NonStop system are true? Select TWO. A. Each file transfer with FTP is handled over a single TCP/IP socket connection. B. Using the standard NonStop implementation of FTP, user names, passwords and the file contents used are sent over the network without encryption. C. An entry-sequenced file can not be downloaded from a NonStop system using FTP. D. Safeguard contains configuration options to specifically protect FTP usage. E. If OSS is present, FTP clients can send a command to switch between the OSS and Guardian file

www.Prepking.com

100% Pass Guaranteed or Full Refund Word to Word Real Exam Questions from Real Test Buy full version of exam from this link below http://www.prepking.com/HP0-766.htm