Professional Documents
Culture Documents
F O R P R O G R A M M E R S , D E V E L O P E R S & A R C H I T E C T S
A guide to
Sun Solaris Certification
A guide to Sun Solaris Certification
Sun Solaris
Certification Guide
Certification in key operating environments, such as Solaris™ OS,
benefits both IT professionals and the businesses that employ them.
This guide explains the advantages that Sun Solaris OS certification
delivers, describes how Sun Solaris OS certification works, and
provides resources that will help IT professionals to achieve their
certification goals.
c u r i t y
se
a s s w d
/ e t c / p r : / b
u s e r 1 " s hu t t e
u t t e r | h o m e / / k
p " s h p o r t / : / b i n
# egre :9999:10::/ex /home/user1
h u t t e r:x : / e x p o r t
s h a d o w
s 5 5 5 : 1 0 : / e t c /
e r 1 : x : 5 | u s e r 1" : : : :
us h u t t e r 1 1 26 8 : :
e p " s Jg 4 z Y :
# egr q t R 7 X t S
8 : : : : : :
t t e r : e U k : 1 1 2 6
shu D 9 l V U j u W
r 1 : a w U
use Page 1 | Section 3
A guide to Sun Solaris Certification
d i r g
• Increasing employee satisfaction and commitment to the business – and the likelihood that they will remain in
m s . o r g_ their jobs
tpara
• Increasing the credibility of your staff, and your business as a whole
d i r . l o g
. o r g _ h e - v
sword / n is s h o w c ac
/ l i b / n i s
# / u s r
e r
otmast directory:
S t a r t
old . c o m .
e : d o c
am
: N I S
Type e r v e r :
. c o m .
s t e r S t e r . d o c b i t s )
M a o t m a s a n ( 1 9 2
e : r o - H e llm
N m ff i
Page 2 | Section 1
A guide to Sun Solaris Certification
‘Sun Certified System Administrator for Solaris’ was voted one of the ‘Top Ten Hottest Certifications for 2003’ by
CertCities.com. The 2002 CRN Salary Survey also reported that Sun certification ranks in the top three – compared
with all other IT certifications – for its affect on salary.
And participants in Certification Magazine’s Salary Survey for December 2002 rated Sun – in relation to technical
certifications – as Best Vendor for virtual labs, vendor boot camps and overall quality of educational experience.
Businesses can rely on Sun to deliver a complete package for infrastructure technology, training and certification,
with one purchase order – and one payment.
r a t i o n
co n f i g u ge m e n t
P A M m a n a
# t i c a t i on
A u t hen
# / l i b /s
d / u s r
#
r e q u i r e
/ l i b / s
t h us r
login au r e q u i r e d /
s r /
u t h t / u
login a h su f f i c i e n
r / l ib
a u t / u s
rlogin h re q u i r e d
r /
n a u t d / u s
rlogi t h r e q u i re
i n a u
dtlog
Page 3 | Section 2
A guide to Sun Solaris Certification
SA-239
SA-299
ADMINISTRATION TAKE ADMINISTRATION TAKE
FEATURING THE CERTIFICATION SUN CERTIFIED
SOLARIS 9 OPERATING FOR THE SOLARIS 9 CERTIFICATION FOR THE SOLARIS 9
EXAM NETWORK
ENVIRONMENT OPERATING EXAM OPERATING ADMINISTRATOR
ENVIRONMENT ENVIRONMENT
NETWORK BECOME A
SA-399
ADMINISTRATION TAKE SUN CERTIFIED
FOR THE SOLARIS 9 CERTIFICATION SYSTEMS
OPERATING EXAM ADMINISTRATOR
ENVIRONMENT
ADMINISTRATING BECOME A
SC-300
TAKE
SECURITY ON THE CERTIFICATION
SUN CERTIFIED
SOLARIS OPERATING EXAM
SECURITY
ENVIRONMENT ADMINISTRATOR
Sun operates its certification programme on the premise that candidates need only be certified once and their skills
will be recognised everywhere. Consequently, Sun offers certification based on a version of technology, rather than
requiring candidates to re-certify after a set period. However, to get the maximum value from certification,
candidates should ensure that they are, and continue to be, certified on the most current version of the technology.
When technology is updated, candidates wishing to keep their certification up to date may need to take the new
certification exam, although upgrade exams are available for some certification titles.
Current Solaris OS certification is for the Solaris 9 OS, however, Sun also offers System Administrator and Network
Administrator certification for the Solaris 7 and the Solaris 8 OS.
Please visit http://suned.sun.com/us/certification/solaris/index.html for more information
Page 4 | Section 3
A guide to Sun Solaris Certification
Certification requirements
Sun currently offers system administrator certification Part II
for the Solaris 7, Solaris 8, and Solaris 9 OS. For each The Sun Certified System Administrator for Solaris 9
type of OS certification, candidates must pass both part I Operating System, Part II exam is geared toward those
and part II exams. candidates with one or more years’ experience working
as a system administrator. This exam will test the
If you are already certified as a system administrator for a candidate on the new features of the Solaris 9 OS and on
previous version of the Solaris OS, you can take the Solaris more advanced system-administration skills.
8 Operating System upgrade exam (CX-310-013) or the
Solaris 9 Operating System upgrade exam (CX-310-016). The Part II exam details are as follows:
To become a Sun Certified System Administrator for the Sun Certified System Administrator for Solaris 9
Solaris 9 Operating System, you must successfully Operating System
complete the Part I and Part II exams. For information Part II exam
on certification concerning any other version of the
• Available at: Authorised Worldwide Prometric
Solaris OS, please see your local Sun Web site.
testing centres
• Exam number: 310-015
Part I • Prerequisites: Part I (CX-310-014)
The Part I exam is geared towards those candidates with • Number of questions: 58
a minimum of six to twelve months experience working • Exam type: Multiple choice, free response, and drag
as a system administrator. This exam presumes the test and drop
candidate has an in-depth knowledge of basic UNIX and • Pass score: 65%
Solaris OS commands, such as those commands covered
• Time limit: 105 minutes
in the SA-239 courseware. The Part I exam is a
prerequisite to the Sun Certified System Administrator • Cost: Locally priced
for Solaris 9 Operating System, Part II exam.
Page 5 | Section 3
A guide to Sun Solaris Certification
In addition, the test candidate’s Solaris™ OS certification RECOMMENDED TRAINING – COURSE DESCRIPTIONS:
must have been in the complete Solaris certification
For the Part I exam:
track (for example, the student must have passed the
Intermediate System Administration
Solaris 7 OS System Administration I and the Solaris 7 for the Solaris 9 Operating System
Operating System System Administration II exams). Those Course Number: SA-239
test candidates with a ‘mix-and-match’ certification do Duration: 5 days
not qualify. Delivery: Instructor-led
Learning path
Sun offers a number of courses to help you prepare for your system administrator certification exams. The following
diagram illustrates the Solaris 9 certification learning path. After achieving Solaris 9 system administrator
certification, you may choose to become a Sun Certified Network Administrator.
SA-239
SA-299
NETWORK BECOME A
SA-399
ADMINISTRATING BECOME A
SC-300
TAKE
SECURITY ON THE CERTIFICATION
SUN CERTIFIED
SOLARIS OPERATING EXAM
SECURITY
ENVIRONMENT ADMINISTRATOR
Page 6 | Section 3
A guide to Sun Solaris Certification
In addition, Sun recommends supporting courses for • Explain the purpose of the
each exam level. For more information, please visit your /var/sadm/install/contents file, and how to
local Sun Web site. administer packages (how to display, add, check, and
remove a package, and add a package into the spool
directory) using the command-line interface.
Exam objectives • Explain how to obtain, install, and remove patches
The objectives for the System Administrator for Solaris™ 9 and patch clusters, using either the command-line
certification exams are as follows: interface or the Solaris Management Console.
For Part I, you will need to be able to demonstrate the Perform system boot procedures
ability to:
• Explain how to execute boot PROM commands to:
> Identify the system’s boot PROM version
Manage file systems
> Boot the system; access detailed information
• Describe the purpose, features and functions of root
> List, change and restore default NVRAM parameters
subdirectories, file components, file types, and hard
> Display devices connected to the bus
links in the Solaris OS directory hierarchy.
> Identify the system’s boot device
• Explain how to create and remove hard links in a
> Create and remove custom device aliases
Solaris OS directory.
> View and change NVRAM parameters from the shell
• Describe the basic architecture of a local disk and the > Interrupt a hung system
naming conventions for disk devices as used in the
> Given a scenario involving a hung system, troubleshoot
Solaris OS. problems and deduce resolutions.
• Explain when and how to list devices, reconfigure • Explain how to perform a system boot, control boot
devices, perform disk partitioning, and re-label a disk processes, and complete a system shutdown, using
in a Solaris OS, using the appropriate files, associated directories, scripts and commands.
commands, options, and menus or tables, or both.
• Describe the purpose, features and functions of disk- Perform user and security administration
based, distributed, and pseudo file systems in a
• Identify the main components of a user account,
Solaris OS, and explain the differences among these
identify the system files that store account
file system types.
information, and explain what information is stored in
• Explain when and how to create a new ufs file system each file.
using the newfs command, check the file system using
• Explain how to manage user accounts, and describe
fsck, resolve file system inconsistencies, and monitor
system-wide initialisation files.
file system usage using associated commands.
• Identify the procedures and commands, variables, or
• Explain the purpose and function of the vfstab file in
permissions to monitor and control system access,
mounting ufs file systems, and the function of the
switch users on a system, and restrict access to data
mnttab file in tracking current mounts.
in files.
• Explain how to perform mounts and unmounts, and
either access or restrict access to mounted diskettes
Manage network printers and system processes
and CD-ROMs.
• Describe the purpose, features and functionality of
printer fundamentals, including print-management
Install software
tools, printer configuration types, Solaris LP print
• Explain how to install the Solaris OS from CD/DVD, service, LP print service directory structure, and the
including installation and upgrade options, hardware Solaris OS printing process.
requirements, Solaris OS software components
(software packages, clusters and groups).
Page 7 | Section 3
A guide to Sun Solaris Certification
• Explain how to configure printer classes, set the • Given a problem scenario and resulting NFS error
default printer, change the default printer class, message, infer causes and select an appropriate course
remove a printer’s configuration, start the LP print of action to resolve the problem.
service, and stop the LP print service using the • Explain how to configure AutoFS using
appropriate commands. automount maps.
• Given a scenario, identify the appropriate commands
to specify a destination printer, accept and reject print Manage storage volumes
jobs, enable and disable printers, and move print jobs.
• Explain the purpose, features and functionalities of
• Explain how to view system processes; clear hung RAID, and identify the guidelines to follow when using
processes; and schedule an automatic one-time RAID 0, RAID 1, and RAID 5, including hardware
execution of a command, and the automatic recurring considerations.
execution of a command.
• Define key SVM concepts, including volumes and
state databases.
Perform system backups and restores
• Given a backup requirement, develop a backup Control access and configure system messaging
strategy that includes scheduled backups, number
• Explain how to display and set Access Control Lists
of tapes required, naming conventions, command
(ACLs) using the command line and create default
protocols, and backup frequency/levels.
ACLs.
• Explain how to perform incremental, full, and remote
• Explain fundamental concepts of Role-Based Access
backups to tape for an unmounted file system using
Control (RBAC), including rights, roles, profiles,
the ufsdump command, or explain how to backup a
authorisations, administrator profile shells, and RBAC
mounted file system using ufs snapshot.
databases.
• Explain how to perform ufs file system restores and
• Explain how to build user accounts, rights profiles,
special case recoveries.
and their role when managing RBAC.
• Describe the fundamentals of the syslog function
For Part II, you will need to be able to demonstrate the
including the etc/syslog.conf file and the relationship
ability to:
between syslogd and m4 macro processor.
Page 8 | Section 3
A guide to Sun Solaris Certification
Page 9 | Section 3
A guide to Sun Solaris Certification
The Sun Certified Network Administrator for the Solaris 9 • Exam type: Multiple choice, free response, and drag
Operating System exam is geared toward those and drop
candidates with three or more years’ experience working • Number of questions: 64
in a network capacity. A test candidate must already be a • Pass score: 70%
Sun Certified System Administrator for Solaris OS to
• Time limit: 105 minutes
qualify to take this examination. Information on Network
Administrator certification for previous versions of the • Cost: Locally priced
Solaris OS can be found on your local Sun Web site.
Learning path
Sun offers a number of courses to help you prepare for your Network Administrator certification exam. The following
diagram illustrates the Solaris 9 certification learning path. After achieving Solaris 9 Network Administrator
certification, you may choose to become a Sun Certified Security Administrator.
SA-239
SA-299
NETWORK BECOME A
SA-399
ADMINISTRATING BECOME A
SC-300
TAKE
SECURITY ON THE CERTIFICATION
SUN CERTIFIED
SOLARIS OPERATING EXAM
SECURITY
ENVIRONMENT ADMINISTRATOR
Page 10 | Section 3
A guide to Sun Solaris Certification
RECOMMENDED TRAINING – COURSE DESCRIPTION: • Explain the purpose and usage of routing types
(direct and indirect), routing schemes (static and
Network Administration for the Solaris™ 9 Operating System
dynamic), and routing protocol types (autonomous
Course Number: SA-399
Duration: 5 days systems, interior routing protocols, and exterior
Delivery: Instructor-led routing protocols).
• Given a routing table example, describe table entries,
In addition, Sun recommends supporting courses. For more
information, please visit your local Sun Web site.
identify the routing table search order, and associate a
network name with a network number.
• Explain how to configure static and dynamic routing,
Exam objectives and the configuration of routing at boot time.
For the Network Administrator exam for Solaris 9, you • Describe the operation of CIDR.
will need to demonstrate your ability to: • Given a routing scenario problem, troubleshoot the
router configuration or network names, or both, and
Configure the Network Interface Layer select a resolution.
• Describe the advantages of using a layered network • Identify the purpose, features, and functionalities for
model and describe the functions of the network different types of unicast, multicast, and anycast
interface, Internet, transport, and application layers addressing and autoconfiguration, as they relate to
of the TCP/IP model. IPv6 addressing.
• Describe basic peer-to-peer communication and • Explain how to configure IPv6 on a router and
related TCP/IP protocols. non router, and troubleshoot configuration and
• Describe the features and functions of LAN interface problems.
components, including network topologies, media, • Explain how to configure IPv6 over IPv4 tunnels and
and network devices. IPv6 multipathing.
• Describe Ethernet concepts and statistics, including • Distinguish among protocol characteristics of the
the major Ethernet elements and the CSMA/CD transport layer, and explain the fundamentals of TCP
access method. and UDP.
• Describe the components of an Ethernet frame.
• Explain how to use snoop, netstat, and ndd on an Configure and manage network applications
Ethernet interface. (application layer)
• Describe the function and management of the ARP • Explain the purpose of DNS in a network System.
and RARP. • Explain how to configure a primary and secondary
DNS server and a DNS client.
Configure the network (Internet and transport layers) • Given DNS server output for a problem scenario,
• Describe the purpose, features and functionality of identify strategies to resolve the problem.
internet layer protocols, IP datagram, IP address • Describe the purpose and features of DHCP client and
types, subnetting and VLSM, and interface server functions.
configuration files, as used in an IP configuration. • Describe how to configure a DHCP server and use
• Explain how to configure and unconfigure logical associated utilities.
interfaces in IP. • Given DHCP debug output, deduce resolution strategies.
• Explain the purpose, benefits, and limitations of • Explain how to configure and manage a DHCP client
multipathing, and explain how to configure to either request a dynamic host name, or to use its
multipathing, using configuration files and the own host name.
command-line.
• Explain how to configure a DHCP server to support the
• Describe the purpose and limitations of trunking, and JumpStart clients.
explain how the four supported trunking policies
impact how trunking is implemented.
Page 11 | Section 3
A guide to Sun Solaris Certification
m i n p
# lpad
r a t i o n
c o n f i g u e m e n t
P A M n m a n ag
# t i c a t io am
u t h e n r i t y / p
#A /l i b / s e c u
a m
d / u s r u r i t y / p
#
r e q u i r e
/ li b / s e c
y /
a u t h / u s r e c u r i t
login re q u i r e d
sr / l i b / s
p
i n a u t h i e n t / u u r i t y /
log s u f f ic / l i b / s ec
g i n a u th d / u s r c u r i t y /
rlo r e q u i re r / l i b / s e
i n a u t h e d / u s
rlog th r e q u i r
g i n a u
dtlo
Page 12 | Section 3
A guide to Sun Solaris Certification
Learning path
Sun offers a number of courses to help you prepare for your Security Administrator certification exam. The following
diagram illustrates the Solaris 9 certification learning path.
SA-239
SA-299
NETWORK BECOME A
SA-399
ADMINISTRATING BECOME A
SC-300
TAKE
SECURITY ON THE CERTIFICATION
SUN CERTIFIED
SOLARIS OPERATING EXAM
SECURITY
ENVIRONMENT ADMINISTRATOR
Page 13 | Section 3
A guide to Sun Solaris Certification
RECOMMENDED TRAINING – COURSE DESCRIPTION: • Configure Solaris BSM auditing, including setting
audit control flags and customising audit events.
Administering Security on the Solaris™ Operating System
Course number: SC-300 • Given a security scenario, generate an audit trail and
Duration: 5 days analyse the audit data using the auditreduce, praudit,
Delivery: Instructor-led and audit commands.
• Explain the device management components,
Sun also offers supporting courses and Web-based
including device_maps and device_allocate file,
practice exams, details of which can be found on your
device-clean scripts, and authorisations using the
local Sun Web site.
auth_attr database, and describe how to configure
these device management components.
Exam objectives
Security attacks
For the Security Administrator exam, you must be able
• Differentiate between the different types of host-based
to demonstrate knowledge of:
Denial of Service (DoS) attacks, establish courses of
action to prevent DoS attacks, and understand how
General security concepts
DoS attacks are executed.
• Explain fundamental concepts concerning information
• Demonstrate privilege escalation by identifying Trojan
security, and explain what good security architectures
horses and buffer overflow attacks; explain backdoors,
include (people, process, technology, defence in depth).
rootkits, and loadable kernel modules, and
• Identify the security life cycle (prevent, detect, react,
understand the limitations of these techniques.
and deter) and describe security awareness, security
• Given a security scenario, detect Trojan horse and
policies and procedures, physical security, platform
back door attacks using the find command, checklists,
security, network security, application security, and
file digests, checksums, and the Solaris Fingerprint
security operations and management.
Database; explain trust with respect to the kernel and
• Describe concepts of unsecure systems, user trust,
the OpenBoot PROM and understand the limitations
threat, and risk.
of these techniques.
• Explain attackers, motives, and methods.
• Describe accountability, authentication, File and system resources protection
authorisations, privacy, confidentiality, integrity, and
• Given a security scenario: a) manage the security of user
non-repudiation.
accounts by setting account expiration, and restricting
• Describe the benefit of evaluation standards and root logins; b) manage dormant accounts through
explain actions that can invalidate certification. protection and deletion; and c) check user security by
• Describe how the attackers gain information about the configuring the /etc/default/su file, or classifying and
targets and describe methods to reduce disclosure of restricting non-login accounts and shells.
revealing information. • Describe the implementation of defensive password
policies and understand the limitations of password
Detection and device management authentication.
• Given a scenario, identify and monitor successful and • Describe the function of a Pluggable Authentication
unsuccessful logins and system log messages, and Module (PAM), including the deployment of PAM in a
explain how to configure centralised logging and production environment, and explain the features and
customise the system-logging facility to use multiple limitations of Sun Kerberos.
log files. • Describe the benefits and capabilities of Role-Based
• Describe the benefits and potential limitations of Access Control (RBAC), and explain how to configure
process accounting. profiles and executions, including creating, assigning,
and testing RBAC roles.
Page 14 | Section 3
A guide to Sun Solaris Certification
u i s i t o r p / i n qu
-n i n q r t / s w a
= / ex p o
w a p
-x s re e d o w n
p / d e v t
v a r / t m e v t r e e
o u c h / t m p / d
#t 0 / v ar / v a r/
od 6 0 n - v /
# c h m r e e d o w
in - p t
# l p a d m
on
Page 15 | Section 3
A guide to Sun Solaris Certification
SECTION 4
ak p s . d o c . c o
c .c o m . /
/ s a l e l e s . d o
akup u p s _ d i r . s a
1 0 2 - e
p / g ro . 2 0 . 2 7 .
ba k u - i 17 2 / e
d d - - x r o o t =
kl e s s a _ 2 . 7 -
s m d i s o l a r i s - x t z
/ b i n / u n 4 u . S i z e = 6 4
d m s p a r c .s s w a p s
x o s = i t o r - x
or - i n q u i s
/ s w a p /
exp o r t
e d o w n
d e v t r e w n
t m p / r e e d o e d o w n
/var/ / tm p / d e v t
m p / d e v t r e
/ v a r /v a r / t
600 d o w n - v
r e e
n -p t
Page 16 | Section 4
Sun Microsystems, Ltd. Guillemont Park, Minley Road, Blackwater, Camberley, Surrey GU17 9QG Tel: +44 (0) 1252 420000 Fax: +44 (0) 1252 420001 Web: sun.com
ARGENTINA: +5411-4317-5600 • AUSTRALIA: +61-2-9844-5000 • AUSTRIA: +43-1-60563-0 • BELGIUM: +32-2-704-8000 • BRAZIL: +55-11-5187-2100 • CANADA: +905-477-6745 • CHILE: +56-2-3724500 • COLOMBIA: +571-629-2323 • COMMONWEALTH OF INDEPENDENT
STATES: +7-502-935-8411 • CZECH REPUBLIC: +420-2-3300-9311 • DENMARK: +45 4556 5000 • EGYPT: +202-570-9442 • ESTONIA: +372-6-308-900 • FINLAND: +358-9-525-561 • FRANCE: +33-134-03-00-00 • GERMANY: +49-89-46008-0 • GREECE: +30-210-6188111
HUNGARY: +36-1-489-8900 • ICELAND: +354-563-3010 • INDIA: BANGALORE: +91-80-2298989/2295454; NEW DELHI: +91-11-6106000; MUMBAI: +91-22-697-8111 • IRELAND: +353-1-8055-666 • ISRAEL: +972-9-9710500 • ITALY: +39-02-641511 JAPAN: +81-3-5717-5000
KAZAKHSTAN: +732-725-81810• KOREA: +822-2193-5114 • LATVIA: +371-750-3700 • LITHUANIA: +370-729-8468 • LUXEMBOURG: +352-49 11 33 1 • MALAYSIA: +603-21161888 • MEXICO: +52-5-258-6100 • THE NETHERLANDS: +00-31-33-45-15-000 NEW ZEALAND: AUCKLAND:
+64-9-976-6800; WELLINGTON: +64-4-462-0780 • NORWAY: +47 23 36 96 00 • PEOPLE’S REPUBLIC OF CHINA: BEIJING: +86-10-6803-5588; CHENGDU: +86-28-619-9333; GUANGZHOU: +86-20-8755-5900; SHANGHAI: +86-21-6466-1228 • HONG KONG: +852-2202-6688
POLAND: +48-22-8747800 • PORTUGAL: +351-21-4134000 • RUSSIA: +7-502-935-8411 • SAUDI ARABIA: +9661 273 4567 • SINGAPORE: +65-6438-1888 • SLOVAK REPUBLIC: +421-2-4342-94-85 • SOUTH AFRICA: +27 11 256-6300 • SPAIN: +34-91-596-9900 • SWEDEN:
+46-8-631-10-00 • SWITZERLAND: GERMAN: 41-1-908-90-00; FRENCH: 41-22-999-0444 • TAIWAN: +886-2-8732-9933 • THAILAND: +662-344-6888 • TURKEY: +90-212-335-22-00 • UNITED ARAB EMIRATES: +9714-3366333 • UNITED KINGDOM: +44-1-276-20444 • UNITED STATES:
+1-800-555-9SUN OR +1-650-960-1300 • VENEZUELA: +58-2-905-3800 • OR ONLINE AT SUN.COM/STORE
©2003 Sun Microsystems, Inc. All rights reserved. Sun, Sun Microsystems, We make the net work, Your infrastructure, our business and the Sun logo are trademarks or registered trademarks of Sun Microsystems, Inc.
in the United States and other countries. All other product or service names mentioned herein are trademarks or registered trademarks of their respective owners.
solaris/education/11_03/v1