Which two statements are true regarding the audit_remote plugin and the audit service?

Which two statements are true regarding the audit_remote plugin and the audit service?

Which two statements are true regarding the audit_remote plugin and the audit service?

A.
audit_remote is not loaded by default.

B.
The standard service port defined by IANA is 16162.

C.
Audit records are sent to all configured remote hosts.

D.
The required GSS_API mechanism is kerberos_v5.

E.
The maximum number of audit records queued before sending is 100.

Explanation:
A: The audit_remote plugin is loaded by auditd if the plugin is configured as an
active via auditconfig. Use the auditconfig -setplugin option to change all the plugin related
configuration parameters
B: The solaris-audit service port assigned by IANA is 16162.
Incorrect:
Not D: audit_remote authenticates itself to the remote audit service by way of GSS-API
(libgss(3LIB)). Default gss credentials are used as provided by the gss implementation
mechanism, such as Kerberos.
Note: audit_remote
– send Solaris audit logs to a remote server

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

Pal

Pal

AD

Reply

Bednario

Bednario

Correct is A + B

— NOT D — “The mech part of a p_host entry is the GSS-API mechanism name (mech(4)). If not specified, the local host’s default mechanism is used. The recommended mechanism is kerberos_v5”

Reply

dupek

dupek

A and B
root@s11exam:~# grep 16162 /etc/services
solaris-audit 16162/tcp # Secure remote audit logging

Reply