101-2

Question 1

What is true regarding public and private SSH keys? (Choose two.)
A. For each user account, there is exactly one key pair that can be used to log into that account.
B. The private key must never be revealed to anyone.
C. Several different public keys may be generated for the same private key.
D. To maintain the private key’s confidentiality, the SSH key pair must be created by its owner.
E. To allow remote logins, the user’s private key must be copied to the remote server.

Answer 1

B. The private key must never be revealed to anyone.

D. To maintain the private key’s confidentiality, the SSH key pair must be created by its owner.

Question 2

Which of the following commands finds all files owned by root that have the SetUID bit set?
A. find / -user root -perm -4000
B. find / -user 0 -mode +s
C. find / -owner root -setuid
D. find / -owner 0 -permbits 0x100000000
E. find / –filter uid=1 –filter pers=u+s

Answer 2

A. find / -user root -perm -4000

Question 3

What command is used to add OpenSSH private keys to a running ssh-agent instance?

Answer 3

ssh-add

Question 4

Which directory holds configuration files for xinetd services? (full path to the directory.)

Answer 4

/etc/xinetd.d/

Question 5

Which mechanism does ssh use to interact with the SSH agent?
A. Connecting to port 2222 which is used by the system-wide SSH agent.
B. Using the fixed socket .ssh-agent/ipc.
C. Creating an alias replacing ssh with calls to ssh-agent.
D. Starting ssh-agent as a child process for each ssh invocation.
E. Evaluating environment variables such as SSH_AUTH_SOCK.

Answer 5

E. Evaluating environment variables such as SSH_AUTH_SOCK.

Question 6

Which parameter of the ssh command specifies the location of the private key used for login attempts?
(Specify only the option name without any values or parameters.)

Answer 6

-i

Question 7

Which of the following is true about IPv6?
A. IPv6 no longer supports broadcast addresses.
B. With IPv6, the TCP port numbers of most services have changed.
C. IPv4 addresses can be used without any change with IPv6.
D. IPv6 no longer supports multicast addresses.
E. For IPv6, UDP and TCP have been replaced by the Rapid Transmission Protocol RTP.

Answer 7

A. IPv6 no longer supports broadcast addresses.

Question 8

What is true about the following command?
nmcli device wifi connect WIFIoI
A. NetworkManager opens a new public hotspot with the SSID WIFIoI.
B. NetworkManager creates an unconfigured new virtual network interface named WIFIoI.
C. NetworkManager creates a new wifi connection WIFIoI and activates it.
D. NetworkManager returns an error in case the connection WIFIoI does not exist.
E. NetworkManager returns an error because WIFIoI is an invalid wifi device.

Answer 8

C. NetworkManager creates a new wifi connection WIFIoI and activates it.

Question 9

Which of the commands below might have produced the following output?
;; global options: +cmd
;; Got answer:
;; -»HEADER«- opcode: QUERY, status: NOERROR, id: 14368
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QuESTION SECTION:
;www.example.org. IN NS

;; AUTHORITY SECTION:
example.org. 3600 IN SOA ns.icann.org. noc.dns.icann.org. 2019121418 7200 3600 1209600 3600

;; Query time: 96 msec
;; SERVER: 172.21.0.9#53(172.21.0.9)
;; WHEN: Di Jun 23 13:57:34 CEST 2020
;; MSG SIZE rcvd: 97

A. dig -t mx www.example.org
B. dig www.example.org
C. dig -t ns www.example.org
D. dig -t a www.example.org
E. dig -t soa www.example.org

Answer 9

C. dig -t ns www.example.org

Question 10

Which parameter is missing in the command
ip link set ____ dev eth0
to activate the previously inactive network interface eth0? (Specify the parameter only without any
command, path or additional options.)

Answer 10

up

Question 11

Which of the following states can NetworkManager show regarding the system’s network connectivity? (Choose two.)
A. up
B. portal
C. full
D. login-required
E. firewalled

Answer 11

B. portal
C. full

Question 12

Which of the following are valid host addresses for the subnet 203.0.113.64/28? (Choose two.)
A. 203.0.113.64
B. 203.0.113.78
C. 203.0.113.65
D. 203.0.113.80
E. 203.0.113.81

Answer 12

B. 203.0.113.78
C. 203.0.113.65

Question 13

Which of the following keywords can be used in the file /etc/resolv.conf? (Choose two.)
A. substitute
B. lookup
C. search
D. nameserver
E. method

Answer 13

C. search
D. nameserver

Question 14

How does the ping command work by default?
A. Is sends an ICMP Echo Request to a remote host and waits to receive an ICMP Echo Response in return.
B. It sends an ARP request to a remote host and waits to receive an ARP response in return.
C. It sends a TCP SYN packet to a remote host and waits to receive an TCP ACK response in return.
D. Is sends a broadcast packet to all hosts on the net and waits to receive, among others, a response from the target system.
E. It sends a UDP packet to port 0 of the remote host and waits to receive a UDP error response in return.

Answer 14

A. Is sends an ICMP Echo Request to a remote host and waits to receive an ICMP Echo Response in return.

Question 15

Which of the following commands displays the number of bytes transmitted and received via the eth0 network interface? (Choose two.)
A. route -v via eth0
B. ip stats show dev eth0
C. netstat -s -i eth0
D. ifconfig eth0
E. ip -s link show eth0

Answer 15

D. ifconfig eth0
E. ip -s link show eth0

Question 16

Given the following routing table:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.178.1 0.0.0.0 UG 0 0 0 wlan0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.2.0 192.168.1.1 255.255.255.0 U 0 0 0 eth0
192.168.178.0 0.0.0.0 255.255.255.0 U 9 0 0 wlan0

How would an outgoing packet to the destination 192.168.2.150 be handled?
A. It would be passed to the default router 192.168.178.1 on wlan0.
B. It would be directly transmitted on the device eth0.
C. It would be passed to the default router 255.255.255.0 on eth0.
D. It would be passed to the router 192.168.1.1 on eth0.
E. It would be directly transmitted on the device wlan0.

Answer 16

D. It would be passed to the router 192.168.1.1 on eth0.

Question 17

Which of the following commands will delete the default gateway from the system’s IP routing table?
(Choose two.)
A. ifconfig unset default
B. route del default
C. ip route del default
D. netstat -r default
E. sysctl ipv4.default_gw=0

Answer 17

B. route del default
C. ip route del default

Question 18

What command enables a network interface according to distribution-specific configuration, such as
/etc/network/interfaces
or
/etc/sysconfig/network-scripts/ifcfg-eth0?

Answer 18

ifup

Question 19

What is true about NetworkManager on a Linux system that uses its distribution’s mechanisms to configure network interfaces? (Choose two.)

A. NetworkManager reconfigures all network interfaces to use DHCP unless they are specifically managed by NetworkManager.
B. NetworkManager must be explicitly enabled for each interface it should manage.
C. NetworkManager by default does not change interfaces which are already configured.
D. NetworkManager disables all interfaces which were not configured by NetworkManager.
E. NetworkManager can be configured to use the distribution’s network interface configuration.

Answer 19

C. NetworkManager by default does not change interfaces which are already configured.

E. NetworkManager can be configured to use the distribution’s network interface configuration.

Question 20

Which standardized TCP port is used by HTTPS services?
A. 25
B. 80
C. 8080
D. 443
E. 636

Answer 20

D. 443

Question 21

Which of the following environment variables can be defined in locale.conf? (Choose two.)
A. LC_ALL
B. LC_USERNAME
C. LC_UTF8
D. LC_GEOGRAPHY
E. LC_TIME

Answer 21

A. LC_ALL

E. LC_TIME

Question 22

Which of the following commands sets the system’s time zone to the Canadian Eastern Time?
A. localegen -t -f /usr/share/zoneinfo/Canada/Eastern > /etc/locate.tz
B. tzconf /etc/localtime
C. sysctl -w clock.tz=’Canada/Eastern’
D. modprobe tz_ca_est
E. ln -sf /usr/share/zoneinfo/Canada/Eastern /etc/localtime

Answer 22

E. ln -sf /usr/share/zoneinfo/Canada/Eastern /etc/localtime

Question 23

What option to useradd creates a new user’s home directory and provisions it with a set of standard files?
(Specify only the option name without any values or parameters.)

Answer 23

-m

Question 24

How can a specific user be prevented from scheduling tasks with at?
A. By adding the specific user to the /etc/at.allow file.
B. By adding the specific user to the [deny] section in the /etc/atd.conf file.
C. By adding the specific user to the nojobs group.
D. By adding the specific user to the /etc/at.deny file.
E. By executing the atd –deny [user] command.

Answer 24

D. By adding the specific user to the /etc/at.deny file.

Question 25

Which file contains the data of the last change of a user’s password?
A. /etc/gshadow
B. /etc/passwd
C. /etc/pwdlog
D. /var/log/shadow
E. /etc/shadow

Answer 25

E. /etc/shadow

Question 26

Which of the following fields can be found in the /etc/group file? (Choose two.)
A. The home directory of the group.
B. The list of users that belong to the group.
C. The name of the group.
D. The default group ACL.
E. The description of the group.

Answer 26

B. The list of users that belong to the group.
C. The name of the group.

Question 27

Which of the following sections exists in a systemd timer unit?
A. [Events]
B. [Timer]
C. [cron]
D. [Schedule]
E. [Trigger]

Answer 27

B. [Timer]

Question 28

Which of the following getent invocations lists all existing users?
A. getent homes
B. getent uids
C. getent passwd
D. getent users
E. getent logins

Answer 28

C. getent passwd

Question 29

Given the following user’s crontab entry:
15 14 * * 1-5 /usr/local/bin/example.sh
When will the script /usr/local/bin/example.sh be executed?
A. At 14:15 local time, January till May.
B. At 15:14 local time, 1st to 5th day of month.
C. At 14:15 local time, February till June.
D. At 14:15 local time, 1st to 5th day of month.
E. At 14:15 local time, Monday to Friday

Answer 29

E. At 14:15 local time, Monday to Friday

Question 30

If neither cron.allow nor cron.deny exist in /etc/, which of the following is true?
A. Without additional configuration, all users may create user specific crontabs.
B. Without additional configuration, only root may create user specific crontabs.
C. The cron daemon will refuse to start and report missing files in the system’s logfile.
D. When a user creates a user specific crontab the system administrator must approve it explicitly.
E. The default settings of /etc/crond.conf define whether or not user specific crontabs are generally allowed or not.

Answer 30

B. Without additional configuration, only root may create user specific crontabs.

Question 31

What is the purpose of the iconv command?
A. It converts bitmap images from one format to another such as PNG to JPEG.
B. It verifies that the root directory tree compiles to all conventions from the Filesystem Hierarchy Standard (FHS).
C. It converts files from one character set to an other.
D. It changes the mode of an inode in the ext4 filesystem.
E. It displays additional meta information from icon files ending in .ico.

Answer 31

C. It converts files from one character set to an other.

Question 32

Which character in the password field of /etc/passwd is used to indicate that the encrypted password is stored in /etc/shadow?
A. *
B. !
C. s
D. #
E. x

Answer 32

E. x

Question 33

What does the term Braille Display refer to?
A. A standardized high contract graphical theme for desktop applications?
B. A Linux desktop environment similar to KDE and GNOME.
C. A legacy display technology superseded by LCD.
D. A physical representation of characters using small dots.
E. A standard file format for data exchange, similar to XML.

Answer 33

D. A physical representation of characters using small dots.

Question 34

Which environment variable is used by an X11 client to determine the X Server to connect to? (Specify only the variable name)

Answer 34

DISPLAY

Question 35

Which of the following tasks are handled by a display manager like XDM or KDM? (Choose two.)
A. Configure additional devices like new monitors or projectors when they are attached.
B. Start and prepare the desktop environment for the user.
C. Create an X11 configuration file for the current graphic devices and monitors.
D. Lock the screen when the user was inactive for a configurable amount of time.
E. Handle the login of a user.

Answer 35

B. Start and prepare the desktop environment for the user.

E. Handle the login of a user.

Question 36

Which of the following protocols is designed to access the video card output of a virtual machine?
A. KDE
B. X11
C. Xfce
D. SPICE
E. XDMCP

Answer 36

D. SPICE

Question 37

Which command is used to set the hostname of the local system? (Specify only the command without anypath or parameters.)

Answer 37

hostname

Question 38

QUESTION 2:
Which of the following is a valid IPv6 address?
A. 2001:db8:0g21::1
B. 2001::db8:4581::1
C. 2001:db8:3241::1
D. 2001%db8%9990%%1
E. 2001.db8.819f..1

Answer 38

Answer: C

Question 39

What command, depending on its options, can display the open TCP connections, the routing tables, aswell as network interface statistics?

Answer 39

netstat

Question 40

Which command included in NetworkManager is a curses application which provides easy acces to the NetworkManager on the command line?

Answer 40

nmtui

Question 41

Which of the following tools, used for DNS debugging, reports not only the response from the name
sever but also details about the query?
A. dnsq
B. hostname
C. dig
D. dnslookup
E. zoneinfo

Answer 41

Answer: C

Question 42

Which of the following statements is valid in the file /etc/nsswitch.conf?
A. multi on
B. 192.168.168.4 dns-server
C. namespaces: net mount procs
D. include /etc/nsswitch.d/
E. hosts: files dns

Answer 42

Answer: E

Question 43

Which of the following connection types, as seen in nmcli connection show, may exist in
NetworkManager? (Choose three.)
A. tcp
B. ethernet
C. wifi
D. ipv6
E. bridge

Answer 43

B. ethernet
C. wifi
E. bridge

Question 44

On a Linux workstation, the route command takes a long time before printing out the routing table.
Which of the following errors does that indicate?
A. The local routing information may be corrupted and must be re-validated using a routing protocol.
B. One of the routers in the routing table is not available which causes the automatic router failure detection mechanism (ARF-D) to wait for a timeout.
C. There may accidentally be more than one default router in which case a default router election has to be done on the network in order to choose one router as the default.
D. The Linux Kernel Routing Daemon (LKRD) is not running and should be started using its init script or systemd unit.
E. DNS resolution may not be working as route by default tries to resolve names of routers and destinations and may run into a timeout.

Answer 44

E. DNS resolution may not be working as route by default tries to resolve names of routers and destinations and may run into a timeout.

Question 45

What is true about the Hop Limit field in the IPv6 header?
A. The field is not changed during the transport of a package.
B. The field is transmitted within a hop-by-hop extension header.
C. Each router forwarding the packet increases the field’s value.
D. Each router forwarding the packet decreases the field’s value.
E. For multicast packages, the field’s value is always 1.

Answer 45

D. Each router forwarding the packet decreases the field’s value.

Question 46

Which of the following nmcli subcommands exist? (Choose two.)
A. nmcli ethernet
B. nmcli device
C. nmcli wifi
D. nmcli address
E. nmcli connection

Answer 46

B. nmcli device

E. nmcli connection

Question 47

Which of the following statements is true if the UID of a regular user is identical to the GID of a group?
A. UID have precedence over GIDs, therefore the user is available while the group doesn’t.
B. The user as well as the group are not available to avoid ambiguity due to the ID conflict.
C. UIDs and GIDs are independent of each other, therefore the user as well as the group are still available.
D. The user is the only member of the group, even if the group configuration contains other members.
E. GIDs have precedence over UIDs, therefore the group is available while the user isn’t.

Answer 47

C. UIDs and GIDs are independent of each other, therefore the user as well as the group are still available.

Question 48

Which of the following information is stored in /etc/shadow for each user?
A. The timestamp of the user’s last login
B. The user’s private SSH keys
C. The hashed password of the user
D. The numerical user ID (UID)
E. The path to the user’s home directory

Answer 48

C. The hashed password of the user

Question 49

Which of the following commands shows all active systemd timers?
A. systemctl-timer show
B. timectl list
C. systemctl -t
D. systemctl list-timers
E. timeq

Answer 49

D. systemctl list-timers

Question 50

Which of the following tasks can the date command accomplish? (Choose two.)
A. Set the system’s date and time.
B. Set the system’s date but not the time.
C. Calculate the time span between two dates.
D. Print a calendar for a month or a year.
E. Display time in a specific format.

Answer 50

A. Set the system’s date and time.

E. Display time in a specific format.

Question 51

Which file, if present, must contain all users that are allowed to use the cron scheduling system? (Specify the full name of the file, including path.)

Answer 51

/etc/cron.allow

Question 52

What can be specified with useradd? (Choose two.)
A. Commands the user can run using sudo.
B. The absolute path to the user’s home directory.
C. Which printers are available for the new user.
D. The SSH keys used to login to the new account.
E. The numeric user ID (UID) of the user.

Answer 52

Answer: BE

Question 53

What is true about the file /etc/localtime?
A. It is a plain text file containing a string such as Europe/Berlin
B. It is created and maintained by the NTP service based on the location of the system’s IP address.
C. It is a symlink to /sys/device/clock/ltime and always contains the current local time.
D. After changing this file, newtzconfighas to be run to make the changes effective.
E. It is either a symlink to or a copy of a timezone information file such as /usr/share/zoneinfo/Europe/Berlin.

Answer 53

E. It is either a symlink to or a copy of a timezone information file such as /usr/share/zoneinfo/Europe/Berlin.

Question 54

What is true about the file /etc/localtime?
A. It is a plain text file containing a string such as Europe/Berlin
B. It is created and maintained by the NTP service based on the location of the system’s IP address.
C. It is a symlink to /sys/device/clock/ltime and always contains the current local time.
D. After changing this file, newtzconfighas to be run to make the changes effective.
E. It is either a symlink to or a copy of a timezone information file such as /usr/share/zoneinfo/Europe/Berlin.

Answer 54

E. It is either a symlink to or a copy of a timezone information file such as /usr/share/zoneinfo/Europe/Berlin.

Question 55

Which of the following statements is true regarding systemd timer units?
A. Timer units can only be defined within a service unit’s file.
B. The command executed by the timer is specified in the timer unit’s [Cmd] section.
C. A dedicated system service, systemd-cron, handles the execution of timer units.
D. Timer units only exist in the system scope and are not available for users.
E. Each systemd timer unit controls a specific systemd service unit.

Answer 55

E. Each systemd timer unit controls a specific systemd service unit.

Question 56

Which of the following fields are available in the standard format of both the global /etc/crontab file as
well as in user-specific crontab files? (Choose two.)
A. Year
B. Minute
C. Username
D. Effective group ID
E. Command

Answer 56

B. Minute

E. Command

Question 57

Which of the following commands should be executed when starting a login shell in order to change
the language of messages for an internationalized program to Portuguese (pt)?
A. export LANGUAGE=“pt”
B. export LC_MESSAGES=“pt”
C. export UI_MESSAGES=“pt”
D. export MESSAGE=“pt”
E. export ALL_MESSAGES=“pt”

Answer 57

B. export LC_MESSAGES=“pt”

Question 58

Which of the following files assigns a user to its primary group?
A. /etc/pgroup
B. /etc/shadow
C. /etc/passwd
D. /etc/group
E. /etc/gshadow

Answer 58

C. /etc/passwd

Question 59

Which of the following steps prevents a user from obtaining an interactive login session?
A. Setting the UID for the user to 0.
B. Running the command chsh -s /bin/false with the user name.
C. Removing the user from the group staff.
D. Adding the user to /etc/noaccess.
E. Creating a .nologin file in the user’s home directory.

Answer 59

B. Running the command chsh -s /bin/false with the user name.

Question 60

Which command included in systemd supports selecting messages from the systemd journal by criteria
such as time or unit name? (Specify only the command without any path or parameters.)

Answer 60

journalctl

Question 61

Which of the following statements about systemd-journald are true? (Choose three.)
A. It is incompatible with syslog and cannot be installed on a system using regular syslog.
B. It only processes messages of systemd and not messages of any other tools.
C. It can pass log messages to syslog for further processing.
D. It maintains metadata such as _UID or _PID for each message.
E. It supports syslog facilities such as kern, user, and auth.

Answer 61

C. It can pass log messages to syslog for further processing.
D. It maintains metadata such as _UID or _PID for each message.
E. It supports syslog facilities such as kern, user, and auth.

Question 62

Which command must be run after adding a new email alias to the configuration in order to make this
change effective? (Specify the command without any path but including all required parameters.)

Answer 62

newaliases

Question 63

Which option in the chrony configuration file changes the initial interval of polls to a NTP server in order
to speed up the initial synchronization?
A. iburst
B. quickstart
C. fast
D. fsync
E. flood

Answer 63

A. iburst

Question 64

Which of the following commands is used to rotate, compress, and mail system logs?
A. logrotate
B. striplog
C. syslogd –rotate
D. rotatelog
E. logger

Answer 64

A. logrotate

Question 65

Why is the correct configuration of a system’s time zone important?
A. Because the timezone is included in checksum calculations and timezone changes invalidate existing checksums.
B. Because the time zone is saved as part of the modification times of files and cannot be changed after a file is created.
C. Because the environment variables LANG and LC_MESSAGES are, by default, set according to the time zone.
D. Because NTP chooses servers nearby based on the configured time zone.
E. Because the conversion of Unix timestamps to local time relies on the time zone configuration.

Answer 65

E. Because the conversion of Unix timestamps to local time relies on the time zone configuration.

Question 66

Which command, available with all sendmail-compatible MTAs, is used to list the contents of the MTA’s
mail queue? (Specify only the command without any path or parameters.)

Answer 66

mailq

Question 67

What is the top-level directory which contains the configuration files for CUPS? (Specify the full path to the directory.)

Answer 67

/etc/cups

Question 68

Which of the following commands lists all queued print jobs?
A. lpd
B. lpr
C. lp
D. lsq
E. lpq

Answer 68

E. lpq

Question 69

Which of the following entries in /etc/syslog.conf writes all mail related events to the file /var/log/maillog
and sends all critical events to the remote server logger.example.com?
A. mail.* /var/log/maillog \n mail,crit @logger.example.org
B. mail.* /var/log/maillog \n mail.crit syslog://logger.example.org
C. mail /var/log/maillog \n mail.crit @logger.example.org
D. mail.* /var/log/maillog \n mail.crit @logger.example.org
E. mail * /var/log/maillog \n mail crit @logger.example.org

Answer 69

D. mail.* /var/log/maillog \n mail.crit @logger.example.org

Question 70

Which option in the /etc/ntp.conf file specifies an external NTP source to be queried for time information?
(Specify only the option without any values or parameters.)

Answer 70

server

Question 71

Which of the following protocols is related to the term open relay?
A. SMTP
B. POP3
C. NTP
D. IMAP
E. LDAP

Answer 71

A. SMTP

Question 72

Which of the following commands displays all environment and shell variables?
A. getargs
B. lsenv
C. ls
D. env
E. lsshell

Answer 72

D. env

Question 73

Which of the following comparison operators for test work on elements in the file system? (Choose
two.)
A. -z
B. -eq
C. -d
D. -f
E. -lt

Answer 73

C. -d
D. -f

Question 74

What information is provided by the echo $$ command?
A. The process ID of the current shell.
B. The process ID for the following command.
C. The process ID of the last command executed.
D. The process ID of the last command which has been placed in the background.
E. The process ID of the echo command.

Answer 74

A. The process ID of the current shell.

Question 75

Which command makes the shell variable named VARIABLE visible to subshells?
A. export $VARIABLE
B. env VARIABLE
C. set $VARIABLE
D. set VARIABLE
E. export VARIABLE

Answer 75

E. export VARIABLE

Question 76

What output is produced by the following command sequence?
echo ‘1 2 3 4 5 6’ | while read a b c; do
echo result: $c $b $a; done
A. result: 6 5 4
B. result: 1 2 3 4 5 6
C. result: 3 4 5 6 2 1
D. result: 6 5 4 3 2 1
E. result: 3 2 1

Answer 76

C. result: 3 4 5 6 2 1

Question 77

Which of the following configuration files should be modified to globally set shell variables for all
users?
A. /etc/profile
B. /etc/bashrc
C. ~/.bash_profile
D. /etc/.bashrc
E. /etc/shellenv

Answer 77

A. /etc/profile

Question 78

What output does the command seq 10 produce?
A. A continuous stream of numbers increasing in increments of 10 until the command is stopped.
B. It creates no output because a second parameter is missing.
C. The number 0 through 9 with one number per line.
D. The number 10 to standard output.
E. The numbers 1 through 10 with one number per line.

Answer 78

E. The numbers 1 through 10 with one number per line.

Question 79

What command list the aliases defined in the current Bash shell? (Specify only the command without any
path or parameters.)

Answer 79

alias

Question 80

Which of the following commands can be used to limit the amount of memory a user may use?
A. umask
B. usermod
C. passwd
D. ulimit
E. chage

Answer 80

D. ulimit

Question 81

What is a purpose of an SSH host key?
A. It must be sent by any SSH client in addition to a user key in order to identify the client’s host.
B. It is root key by which all user SSH keys must be signed.
C. It provides the server’s identity information to connecting SSH clients.
D. It authenticates any user that logs into a remote machine from the key’s host.
E. It is used by system services like cron, syslog or a backup job to automatically connect to remote hosts.

Answer 81

C. It provides the server’s identity information to connecting SSH clients.

Question 82

What is the purpose of TCP wrapper?
A. Manage and adjust bandwidth used by TCP services.
B. Bind a network service to a TCP port.
C. Encapsulate TCP messages in IP packets.
D. Add SSL support to plain text TCP services.
E. Limit access to a network service.

Answer 82

E. Limit access to a network service.

Question 83

Given the following excerpt of the sudo configuration:
Jane ANY=NOPASSWD: /bin/kill, /bin/id, PASSWD: /sbin/fdisk
Which of the following statements are true? (Choose three.)
A. Jane can run /bin/id only after specifying her password.
B. Jane can run /sbin/fdisk after specifying root’s password.
C. Jane can run /sbin/fdisk after specifying her password.
D. Jane can run /bin/kill without specifying a password.
E. Jane can run /bin/id without specifying her password.

Answer 83

C. Jane can run /sbin/fdisk after specifying her password.
D. Jane can run /bin/kill without specifying a password.
E. Jane can run /bin/id without specifying her password.

Question 84

Which configuration file contains the default options for SSH clients?
A. /etc/ssh/sshd_config
B. /etc/ssh/ssh
C. /etc/ssh/ssh_config
D. /etc/ssh/client
E. /etc/ssh/ssh_client

Answer 84

C. /etc/ssh/ssh_config

Question 85

Depending on a system’s configuration, which of the following files can be used to enable and disable network services running on this host?
A. /etc/profile
B. /etc/xinetd.conf
C. /etc/ports
D. /etc/services
E. /etc/host.conf

Answer 85

B. /etc/xinetd.conf

Question 86

Which of the following commands can identify the PID or a process which opened a TCP port?
A. ptrace
B. strace
C. debug
D. lsof
E. nessus

Answer 86

D. lsof

Question 87

When using X11 forwarding in SSH, what environment variable is automatically set in the remote shell in
order to help applications to connect to the correct X11 server?

Answer 87

DISPLAY

Question 88

The presence of what file will temporarily prevent all users except root from logging into a system?
(Specify the full name of the file, including path.)

Answer 88

/etc/nologin

Question 89

Which of the following commands preloads and manages existing SSH keys that are used for
automatic authentication while logging in to other machines using SSH?
A. sshd
B. ssh-keyring
C. ssh-keygen
D. ssh-pki
E. ssh-agent

Answer 89

E. ssh-agent

Question 90

On a machine running several X servers, how do programs identify the different instances of the X11
server?
A. By a fixed UUID that is defined in the X11 configuration file.
B. By a display name like :1 .
C. By the name of the user that runs the X server like x11: bob.
D. By a device name like /dev/X11/xservers/1.
E. By a unique IPv6 address from the fe80::/64subnet.

Answer 90

B. By a display name like :1 .

Question 91

What is the purpose of a screen reader?
A. It manages virtual keyboards on touch screen displays.
B. It reads the parameters of the attached monitors and creates an appropriate X11 configuration.
C. It displays lines and markers to help people use speed reading techniques.
D. It manages and displays files that contain e-books.
E. It reads displayed text to accommodate the needs of blind or visually impaired people.

Answer 91

E. It reads displayed text to accommodate the needs of blind or visually impaired people.

Question 92

The X11 configuration file xorg.conf is grouped into sections.
How is the content of the section SectionName represented?
A. It is placed in curly brackets as in Section SectionName {…}.
B. It is placed between the tags <Section name=“SectionName”> and </Section>.
C. It is placed between a line containing Section “SectionName” and a line containing EndSection.
D. It is placed after the row [SectionName].
E. It is placed after an initial unindented Section “SectionName” and must be indented by exactly one tab character.

Answer 92

C. It is placed between a line containing Section “SectionName” and a line containing EndSection.

Question 93

Which of the following features are provided by SPICE? (Choose two.)
A. Connecting local USB devices to remote applications.
B. Accessing graphical applications on a remote host.
C. Replacing Xorg as local X11 server.
D. Downloading and locally installing applications from a remote machine.
E. Uploading and running a binary program on a remote machine.

Answer 93

A. Connecting local USB devices to remote applications.
B. Accessing graphical applications on a remote host.

Question 94

Where is the systemd journal stored?
A. /var/jlog/and /var/jlogd/
B. /proc/log/and /proc/klog/
C. /run/log/journal/ or /var/log/journal/
D. /var/log/syslog.binor /var/log/syslog.jrn
E. /etc/systemd/journal/or /usr/lib/systemd/journal/

Answer 94

C. /run/log/journal/ or /var/log/journal/

Question 95

Which of the following is true regarding the command sendmail?
A. With any MTA, the sendmail command must be run periodically by the cron daemon.
B. When using systemd, sendmail is an alias to relayctl.
C. The sendmail command prints the MTA’s queue history of which mails have been sent successfully.
D. It is only available when the sendmail MTA is installed.
E. All common MTAs, including Postfix and Exim, provide a sendmail command.

Answer 95

E. All common MTAs, including Postfix and Exim, provide a sendmail command.

Question 96

Which file inside the CUPS configuration directory contains the settings of the printers?
A. cups-devices.conf
B. snmp.conf
C. printers.conf
D. printcap.conf
E. cupsd.conf

Answer 96

C. printers.conf

Question 97

Which file is processed by newaliases? (Specify the full name of the file, including path.)

Answer 97

/etc/aliases

Question 98

Which of the following are syslog facilities? (Choose two.)
A. local5
B. accounting
C. mail
D. postmaster
E. remote

Answer 98

A. local5

C. mail

Question 99

Which of the following parameters are used for journalctl to limit the time frame of the output? (Choose
two.)
A. –since=
B. –from=
C. –until=
D. –upto=
E. –date=

Answer 99

A. –since=

C. –until=

Question 100

What is true regarding the file ~/.forward?
A. When configured correctly ~/.forward can be used to forward each incoming mail to one or more other recipients.
B. After editing ~/.forward the user must run newaliases to make the mail server aware of the changes.
C. Using ~/.forward, root may configure any email address whereas all other users may configure only their own addresses.
D. As ~/.forward is owned by the MTA and not writable by the user, it must be edited using the editaliases command.
E. By default, only ~/.forward files of users in the group mailq are processed while all other user’s ~/.forward files are ignored.

Answer 100

A. When configured correctly ~/.forward can be used to forward each incoming mail to one or more other recipients.

Question 101

Which of the following commands display a list of jobs in the print queue? (Choose two.)
A. cups –list
B. lprm -l
C. lpstat
D. lpr -q
E. lpq

Answer 101

C. lpstat

E. lpq

Question 102

On a system using systemd-journald, which of the following commands add the message Howdy to
the system log? (Choose two.)
A. append Howdy
B. logger Howdy
C. systemd-cat echo Howdy
D. echo Howdy > /dev/journal
E. journalctl add Howdy

Answer 102

B. logger Howdy
C. systemd-cat echo Howdy

Question 103

Which of the following options in the chrony configuration file define remote time sources? (Choose
two.)
A. source
B. clock
C. remote
D. pool
E. server

Answer 103

D. pool
E. server

Question 104

Which command is used to sync the hardware clock to the system clock? (Specify only the command
without any path or parameters.)

Answer 104

hwclock

Question 105

Which of the following situations is observed and corrected by an NTP client?
A. The skew in time between the system clock and the computer’s hardware clock.
B. The physical location and the time zone configuration.
C. Changes in the time zone of the current computer’s location.
D. Adjustment needed to support Daylight Saving Time.
E. The skew in time between the system clock and the reference clock.

Answer 105

E. The skew in time between the system clock and the reference clock.

Question 106

If an alias ls exists, which of the following commands updates the alias to point to the command ls -l
instead of the alias’s current target?
A. set ls=’ls -l’
B. alias ls=’ls -l’
C. alias –force ls=’ls -l’
D. alias –update ls ls=’ls -l’
E. realias ls=’ls -l’

Answer 106

B. alias ls=’ls -l’

Question 107

Which of the following commands puts the output of the command date into the shell variable mydate?
A. mydate=”date”
B. mydate=”exec date”
C. mydate=”$((date))”
D. mydate=”$(date)”
E. mydate=”${date}”

Answer 107

D. mydate=”$(date)”

Question 108

Which of the following commands puts the output of the command date into the shell variable mydate?
A. mydate=”date”
B. mydate=”exec date”
C. mydate=”$((date))”
D. mydate=”$(date)”
E. mydate=”${date}”

Answer 108

D. mydate=”$(date)”

Question 109

Which of the following files is not read directly by a Bash login shell?
A. ~/.bashrc
B. ~/.bash_profile
C. ~/.bash_login
D. ~/.profile
E. /etc/profile

Answer 109

A. ~/.bashrc

Question 110

What is true about the file .profile in a user’s home directory?
A. It must be executable.
B. It must call the binary of the login shell.
C. It must use a valid shell script syntax.
D. It must start with a shebang.
E. It must be readable for its owner only.

Answer 110

C. It must use a valid shell script syntax.

Question 111

What is true regarding the statement beginning with
#!
that is found in the first line of script? (Choose two.)
A. It prevents the scripts from being executed until the ! is removed.
B. It triggers the installation of the script’s interpreter.
C. It specifies the path and the arguments of the interpreter used to run the script.
D. It defines the character encoding of the script.
E. It is a comment that is ignored by the script interpreter.

Answer 111

C. It specifies the path and the arguments of the interpreter used to run the script.

E. It is a comment that is ignored by the script interpreter.

Question 112

What output does the command seq 1 5 20 produce?
A. 1 5 10 15
B. 1 6 11 16
C. 1 2 3 4
D. 2 3 4 5
E. 5 10 15 20

Answer 112

B. 1 6 11 16

Question 113

Which of the following commands lists all defines variables and functions within Bash?
A. env
B. export
C. env -a
D. set
E. echo $ENV

Answer 113

D. set

Question 114

What information related to a user account is modified using the chage command?
A. Default ownership for new files
B. Group membership
C. Set of commands available to the user
D. Password expiry information
E. Default permissions for new files

Answer 114

D. Password expiry information

Question 115

Which command is used to set restrictions on the size of a core file that is created for a user when a
program crashes?
A. core
B. edquota
C. quota
D. ulimit
E. ktrace

Answer 115

D. ulimit

Question 116

How do shadow passwords improve the password security in comparison to standard no-shadow
password?
A. Regular users do not have access to the password hashes of shadow passwords.
B. Every shadow password is valid for 45 days and must be changed afterwards.
C. The system’s host key is used to encrypt all shadow passwords.
D. Shadow passwords are always combined with a public key that has to match the user’s private key.
E. Shadow passwords are stored in plain text and can be checked for weak passwords.

Answer 116

A. Regular users do not have access to the password hashes of shadow passwords.

Question 117

After editing the TCP wrapper configuration to grant specific hosts access to a service, when do these
changes become effective?
A. The new configuration becomes effective after restarting the respective service.
B. The new configuration becomes effective at the next system reboot.
C. The new configuration becomes effective when the last established connection to the service is closed.
D. The new configuration becomes effective after restarting the tcpd service.
E. The new configuration becomes effective immediately for all new connections.

Answer 117

E. The new configuration becomes effective immediately for all new connections.