Study Guide Flashcards by Sujoy Paul

A Linux administrator must identify a user with high disk usage. The administrator runs the # du -s /home/* command and gets the following output:

43 /home/User1
2701 /home/User2
133089 /home/User3
3611 /home/User4

Base on the output, User3 has the largest amount of disk space used. To clean up the file space, the administrator needs to find out more information about the specific files that are using the most disk space.

Why of the following commands will accomplish this task?

A. df -k /home/User/files.txt
B. du -a /home/User3/
C. du -sh /home/User/
D. find . -name /home/User3 -print

C. du -sh /home/User

Ends with “User/”

How well did you know this?

Not at all

Perfectly

A Linux server has multiple IPs. A Linux administrator needs to verify if the HTTP server port is bound to the correct IP.

Which of the following commands would BEST accomplish this task?

A. route
B. host
C. nslookup
D. netstat
E. ip

D. netstat

netstat can find listening ports

How well did you know this?

Not at all

Perfectly

A systems administrator needs to append output of ls -lha /opt command to the contents of a test.txt file. Which of the following commands will accomplish this?

A. ls -lha /opt > text.txt
B. ls -lha /opt < test.txt
C. ls -lha /opt&raquo_space; test.txt
D. ls -lha /opt &laquo_space;test.txt

C. ls -lha /opt&raquo_space; test.txt

Double-Greater-Than sign&raquo_space;

How well did you know this?

Not at all

Perfectly

A Linux systems administrator needs to provision multiple web servers into separate regional datacenters. The systems architect has instructed the administrator to define the server infrastructure using a specific tool that consumes a text-based file.

Which of the following is the BEST reason to do this?

A. To document the infrastructure so it can be included in the system security plan.
B. To ensure the administrator follows the planning phase of the system development life cycle.
C. To define the infrastructure so it can be provisioned consistently with minimal manual tasks.
D. To validate user requirements have been met within each regional datacenter for compliance.

B. To ensure the administrator follows the planning phase of the system development life cycle.

Pick the SDLC

How well did you know this?

Not at all

Perfectly

A Linux systems administrator needs to set permissions on an application with the following parameters:

The owner of the application should be able to read, write, and execute the application.
Members of the group should be able to read and execute the application.
Everyone else should not have access to the application.

Which of the following commands would BEST accomplish these tasks?

A. chmod 710
B. chmod 730
C. chmod 750
D. chmod 760

C. chmod 750

750.

Read - 4, Write - 2, Execute - 1
Owner / Group / Other

7 (4+2+1) 5 (4 + 1), 0

How well did you know this?

Not at all

Perfectly

A junior Linux adminsitrator is trying to verify connectivity to the remote host host1 and display round-trip statistics for ten ICMP.

Which of the following commands should the administrator execute?

A. ping -c 10 host1
B. traceroute -c 10 host1
C. netstat host1
D. pathping -c 10 host1

A. ping -c 10 host1

ICMP ping checks remote connectivity to host for -c (count) of 10.

How well did you know this?

Not at all

Perfectly

A junior Linux administrator is updating local name resolution to support IPv6. The administrator issues the command cat /etc/hosts and receives the following output:

127.0.0.1 localhost

Which of the following actions should the administrator perform to accomplish this task?

A. Modify the /etc/hosts file, and add the pv6 localhost entry to the file.
B. Modify the /etc/hosts file, and add the ::1 localhost entry to the file.
C. Modify the /etc/hosts file, and add the ipv4 localhost entry to the file.
D. Modify the /etc/hosts file, and add the 0.0.0.0 localhost entry to the file.

D. Modify the /etc/hosts file, and add the 0.0.0.0 localhost entry to the file.

Look for 0.0.0.0

How well did you know this?

Not at all

Perfectly

A Linux systems administrator needs to copy the contents of a directory named “working” on the local working system to a folder /var/www/html on a server named “corporate-web”.

Which of the following commands will allow the administrator to copy all the contents to the web server?

A. scp -r working/* webuser@corporate-web:/var/www/html
B. tar working/* webuser@corporate-web:/var/www/html
C. cp -r working/* webuser@corporate-web:/var/www/html
D. mv working webuser@corporate-web:/var/www/html

A. scp -r working/* webuser@corporate-web:/var/www/html

SCP is the protocol of choice for copying files to remote servers.

How well did you know this?

Not at all

Perfectly

A systems administrator has received reports of intermittent network connectivity to a particular website. Which of the following is the BEST command to use to characterize the location and type of failure over the course of several minutes?

A. mtr www.comptia.org
B. tracert www.comptia.org
C. ping www.comptia.org
D. netstat www.comptia.org

B. tracert www.comptia.org

Trace Routes help with logical location, ping does not.

How well did you know this?

Not at all

Perfectly

A Linux admnistrator has configured a Linux system to be used as a router. The administrator confirms that two network adapters are properly installed and functioning correctly. In addition, the output of the iptables -L command appears to contain a complete firewall configuration.

Which of the following commands does the administrator need to issue for the router to be fully functional?

A. echo “1” > /proc/sys/net/ipv4/ip_forward
B. echo “0” > /proc/sys/net/ipv4/tcp_abort_on_overflow
C. echo “0” > /proc/sys/net/ipv4/max_connections
D. echo “1” > /proc/sys/net/ipv4/ip_default_ttl

A. echo “1” > /proc/sys/net/ipv4/ip_forward

ip_forward is the only relevant file.

How well did you know this?

Not at all

Perfectly

A systems administration team has decided to setup their systems as immutable instances. They keep the desired state of each of their systems in version control and apply automation whenever they provision a new instance. If there is an issue with one of the servers, instead of troubleshooting the issue they terminate the instance and rebuild it using automation.

Which of the following is this an example of?

A. Inventory
B. Orchestration
C. Infrastructure-as-Code
D. Agentless Deployment

C. Infrastructure-as-Code

Self-explanatory.

How well did you know this?

Not at all

Perfectly

A systems administrator wants to deploy several applications to the same server quickly. Each application should be abstracted from the host with its own dependencies and libraries and utilize a minimal footprint.

Which of the following would be BEST in this scenario?

A. Virtual machines
B. Type 2 hypervisor
C. Chroot jails
D. Containers

D. Containers

Containers would be preferable to Virtual Machines to reduce footprint. The other answers do not make sense.

How well did you know this?

Not at all

Perfectly

An operator finds a user is having issues with opening certain files.

Which of the following commands would allow the security administrator to list and check the SELinux context?

A. ls -D
B. ls -a
C. ls -Z
D. ls -l

C. ls -Z

-Z flag displays SELinux labeling

How well did you know this?

Not at all

Perfectly

A new corporate policy states that Bluetooth should be disabled on all company laptps. Which of the following commands would disable the use of Bluetooth?

A. echo “blacklist bluetooth” > /etc/modprobe.d/blacklist-bluetooth
B. echo “kill bluetooth” > /etc/modprobe.d/kill-bluetooth
C. echo “modprobe bluetooth” > /etc/modprobe.d/modprbe-bluetooth
D. echo “rmod bluetooth” > /etc/modprobe.d/rmmod-bluetooth

C. echo “modprobe bluetooth” > /etc/modprobe.d/modprbe-bluetooth

Modprobe is in the path and the echo string.

How well did you know this?

Not at all

Perfectly

A junior Linux administrator is installing a new application with CPU architecture requirements that have the following specifications:

x64 bit
3.0GHz speed
Minimum quad core

The administrator wants to leverage existing equipment but is unsure whether the requirements of these systems are adequate. The administrator issues the following command cat/proc/cpuinfo. The output of the command is as follows.

cpu_family: x64
cpu GHz - 2.1
cpu cores: 4

Which of the following is the recommended course of action the adminstrator should take based on this output?

A. Install the application, as the system meets the application requirements.
B. Procure new equipment that matches the reccomended specifications.
C. Recompile the Linux kernel to support he installation.
D. Reconfigure lib modules to support he new application.

A. Install the application, as the system meets the application requirements.

I do not believe this is the correct answer, as the system has less than 3.0GHz speed. Therefore answer B (procure new equipment that matches the recommended specifications) is the actual answer.

How well did you know this?

Not at all

Perfectly

A Linux systems administrator wants the ability to access systems remotely over SSH using RSA authentication. To which of the following files should the RSA token be added to allow this access?

A. authorized_keys
B. ~/.ssh/ssh_config
C. id_rsa.pub
D. known_hosts

C. id_rsa.pub

Pick the answer with RSA for the RSA question.

How well did you know this?

Not at all

Perfectly

A Linux server needs to be accessed, but he root password is not available.

Which of the following would BEST allow an administrator to regain access and set a new known password at he same time?

A. Boot into a single-user mode and reset the password via the passwd command.
B. Boot into a single-user mode and reset the password by editing the /etc/passwd file.
C. Boot into a single-user mode and reset the password by editing the /etc/shadow file.
D. Boot into a single-user mode and reset the password via the change command.

A. Boot into a single-user mode and reset the password via the passwd command.

“passwd command”

How well did you know this?

Not at all

Perfectly

A Linux adminstrator wants to fetch a Git repository from a remote Git server.

Which of the following is the BEST command to perform this task?

A. git checkout
B. git clone
C. git merge
D. git config

B. git clone

How well did you know this?

Not at all

Perfectly

An administrator needs to create a shared directory in which all users are able to write and execute its content but none of the regular usres are able to delete any content.

Which of the following permissions should be applied to this shared directory?

A. rwxrwxrwt
B. rwxrwxrws
C. rwxrwxrwx
D. rwxrwxrw*

C. rwxrwxrwx

Read-Write-Execute x 3

How well did you know this?

Not at all

Perfectly

A systems administrator has finished building a new feature for the monitoring software in a separate Git branch.

Which of the following is the BEST method for adding the new feature to the software’s master branch?

A. Merge the changes from the feature branch to the master branch.
B. Save the changes to the master branch automatically with each Git commit.
C. Clone the feature branch into the master branch.
D. Pull the changes from the feature branch into the master branch.

A. Merge the changes from the feature branch to the master branch.

How well did you know this?

Not at all

Perfectly

Which of the following will provide a list of all flash, external, internal, and SSD drives?

A. lspci
B. lsmod
C. lsblk
D. lsusb

C. lsblk

Because pci, mod, and usb don’t make sense. Go blk, don’t go back.

How well did you know this?

Not at all

Perfectly

Which of the following configuration management tools is considered agentless?

A. Oupuppet
B. Salt
C. Ansible
D. Chef

C. Ansible

CCNA overlap! Ansible.

How well did you know this?

Not at all

Perfectly

An administrator reviews the following configuration file provided by a DevOps engineer:

Tasks:
- name: Install php-fpm from repo
…

A. YAML
B. AJAX
C. JSON
D. SOAP

C. JSON

CCNA overlap! JSON.

How well did you know this?

Not at all

Perfectly

Which of the following is a difference between YAML and JSON?

A. Users can comment in YAML but not in JSON.
B. JSON uses only curly brackets, while YAML only uses square brackets.
C. JSON is used in web development, while YAML is used solely in back-end systems.
D. YAML has been deprecated for JSON.

A. Users can comment in YAML but not in JSON.

CCNP overlap! JSON’s strict structure doesn’t allow for comments.

How well did you know this?

Not at all

Perfectly

A junior administrator of a physical server receives log messages indicating the out-of-memory killer has been active. All memory slots are in use on the motherboard, but additional disk space is available. Space has been allocated for a swap file. Which of the following should the administrator use to reduce the output of memory messages? A. free : swapoff / swapfile ; swapon -a B. mkswap /swapfile; swapon -a C. fallocate -l 2G /swapfile && swapon -a D. echo "1" > /proc/meninfo ; swapon / swapfile

A. free : swapoff / swapfile ; swapon -a Can't swap on unless you "swap off."

A junior Linux administrator is optimizing a system in which an application needs to take priority 0 when running the process. The administrator runs the ps command and receives the following output: PID 8481, PPID 2, TTY pts/17, Time 16:40:00, CMD app Given this scenario, which of the following steps will address this issue? A. Issue the command renice -n 0 -p 8481 B. Issue the command renice -p 8481 C. Issue the command renice -p 0 -n 8481 D. Issue the command renice -n 8481

A. Issue the command renice -n 0 -p 8481 N (Niceness value) = 0 P (PID) = 8481

An administrator needs to mount the shared NFS file system testhost:/testvolume to mount point /mnt/testvol and make the mount persistent after reboot. Which of the following BEST demonstrates the commands necessary to accomplish this task? A. mkdir -p /mnt/testvol echo "testhost1/testvolue /mnt/testvol nfs defaults 0 0" >> /etc/fstab mount -a B. mkdir /mnt/testvol mount testhost1/testvolume /mnt/testvol C. mkdir testhosts/testvolume at /mnt/testvol mount -a D. mkdir /mnt/testvol echo "testhost:/testvolume /mnt/testvol" >> /mnt/mntab mount -a

D. mkdir /mnt/testvol echo "testhost1/testvolume /mnt/testvol" >> /mnt/mnttab mount -a Pick the echo answer without the crazy syntax.

A system administrator has deployed a Linux server based on an Anaconda process with all packages and custom configurations necessary to install a web server role. Which of the following could be used to install more Linux servers with the same charcteristics? A. /etc/sysconfig/anaconda/cfg B. /root/anaconda.quto C. /root/anaconda-ks.cfg D. /etc/sysconfig/installation.cfg

C. /root/anaconda-ks.cfg Anaconda don't want none, unless you have the ks.cfg run.

A Linux administration is using a Linux system as a router. During the tests, the administrator discovers that IP packets are not being sent between the configured interfaces. Which of the following commands enables this feature for IPv4 networks? A. cat/proc/sys/net/ipv4/ip_route > 1 B. echo "1" > /proc/sys/net/ipv4/ip_forward C. echo "1" > /proc/sys/net/ipv4/ip_route D. echo "1" > /proc/sys/net/ipv4/ip_net

B. echo "1" > /proc/sys/net/ipv4/ip_forward "Forward" because this is technically not routing.

A systems administrator wants to know the current staus of a series of dd jobs that were started in the background three hours ago. Which of the following commands will achieve this task? A. sudo killall -HIP dd B. sudo killall dd C. sudo killall -TERM dd D. sudo killall -USR1 dd

D. sudo killall -USR1 dd Look for "usr1"

A Linux adminstrator needs the "tech" account to have the option to run elevated commands as root. Which of the following commands would BEST meet this goal? A. su - tech -c "/bin/bash" B. usermod -aG wheel tech C. sudo -I tech D. groupadd -u tech -g root

B. usermod -aG wheel tech -a - Add a secondary group -G - Add a supplementary group wheel is a special user used to control SUDO fun.

Which of the following is the purpose of the vmlinux file on aLinux system? A. To prevent a Linux kernel panic. B. To start a Linux virtual machine. C. To provide the executable kernel for the system. D. To enable resource access to the network.

C. To provide the executable kernel for the system. It is the uncompressed kernel in ELF format, used primarily for debug. Misleading, as it has nothing to do with virtual machines.

Ann, a junior systems administrator, is required to add a line to the /etc/yum.conf file. However, she receives the following error message when she tries to add the line: root@comptia: echo "line" > /etc/yum.conf -suL /etc/yum.conf: Operation not permitted Which of the following commands should Ann execute to write content to /etc/yum? A. chmod 755 /etc/yum.conf B. setfacl -m m:rw /etc/yum.conf C. chatter -I /etc/yum.conf D. setenforce 0

A. chmod 755 /etc/yum.conf Select the only "chmod" answer for this permissions questions.

A Linux administrator needs to take stock of USB devices attached to the system. Which of the following commands would be BEST to complete this task? A. lspci B. lsusb C. cat /proc/USB D. modprobe --usb

B. lsusb Self explanatory.

Given the output below: lrwxrwxrwx, 1, root, root, MyPhoto.jpg -> /Pictures/photo.jpg Which of the following commands can be used to remove MyPhoto.jpg from the current directory? ``` A. unlink ./MyPhoto.jpg B. del Pictures/photo.jpg C. rm -rf ./Pictures D. rm -f MyPhoto.jpg E. ln -rm ./Pictures/photo.jpg ```

D. rm -f MyPhoto.jpg the only "rm" deleting MyPhoto.jpg.

Which of the following server roles would assign a host IP address? A. DHCP B. NTP C. DNS D. SSH

A. DHCP CCNA overlap!

Which of the following commands would show the default printer on a Linux system? A. lpr B. lpq C. lpsta D. lspci

B. lpq "lpq" is a shorter way to isolate "lpoptions printer-info"

A system administrator has set up third-party log aggregation agents across several cloud instances. The ystems administrator wants to create a dashboard of failed SSH attempts and the usernames used. Which of the following files should be watched by the agents? A. /vr/log/audit/audit.log B. /var/log/kern.log C. /var/log/monitor D. /etc/rsyslog.conf

D. /etc/rsyslog.conf rSyslog that we all know and love.

A systems administrator must clean up all application files in the directory /var/log/app. However, the company's security policy requires the files to be kept on the backup server for one year. The Linux srver has only the tar and bzip2 packages installed. Which of the following commands will package and compress the files? A. tar -zcvf applicationfiles.tar.bz2 /var/log/app/* B. tar -jcvf applicationfiles.tar.bz2 /var/log/app/* C. tar -cvf applicationfiles.tar.bz2 /var/log/app/* D. tar -xvf applicationfiles.tar.bz2 /var/log/app/*

C. tar -cvf applicationfiles.tar.bz2 /var/log/app/* Look for the "-cvf" flags. c – Creates a new .tar archive file. v – Verbosely show the .tar file progress. f – File name type of the archive file.

In order to comply with new security policies, an administrator needs to prevent he SSH server from using insecure algorithms. Which of the following files should be edited to accomplish this? A. /etc/ssh/sshd_donfig B. /etc/ssg/ssh_config C. ~/.ssh/ssh_config D. /etc/ssh/known_hosts

A. /etc/ssh/sshd_config sshd that we all know and love.

Which of the following are init systems used within Linux systems? (Choose THREE correct answers). ``` A. startd B. systemd C. Upstart D. SysInit E. SysV init ```

B, C, and E. B. systemd C. Upstart E. SysV init

What information can the lspci command display about the system hardware? (Choose THREE correct snswers). ``` A. Device IRQ settings B. PCI bus speed C. System battery type D. Device vendor identification E. Ethernet MAC address ```

A, B, and D. A. Devie IRQ settings B. PCI bus speed D. Device vendor identification

Which of the following settings for umask ensures that new files have the default permissions -rw-r---- ? A. 0017 B. 0640 C. 0038 D. 0027

D. 0027

Which of the following is the device file name for the second partition on the only SCSI drive? A. /dev/hda1 B. /dev/sda2 C. /dev/sd0a2 D. /dev/sd1p2

B. /dev/sda2 SCSI + 2nd partition = sda2

Which of the following would be the BEST solution for a systems administrator to access the graphical user environment of a Linux machine remotely? A. VNC B. KDE C. X11 D. RPC

A. VNC Virtual Network Computing

A technical support engineer receives a ticket from a user who is tryin to create a 1KB file in the /tmp directory and is getting the following error "No space left on device." The support engineer checks the /tmp directory, and it has 20GB of free space. Which of the following BEST describes a possible cause for this error? A. The /tmp directory is not mounted. B. The filesystem is formatted with a 4MB block size. C. The filesystem ran out of inodes. D. The /tmp directory has been set with an immutable attribute.

C. The filesystem ran out of inodes. ext3 file systems allocate inodes when the file system is created, thus inodes can run out. Not an issue on XFS systems that create new inodes as needed.

Which of the following is the BEST reason for not storing datbase files in the /var directory? A. The /var filesystem is not fast enough for database files. B. The number of files in /var is limited by the available inodes. C. Files in /var do not have strict file permissions. D. If log files fill up /var, it might corrupt the database.

D. If log files fill up /var, it might corrupt the database. /VAR is intended to be semi-static variable data for other processes and applications, which could be located in /USR

Simulation. A junior system administrator had trouble installing and running an Apache web server on a Linux server. You have been tasked with installing the Apache web server on the Linux server and resolving the issue that prevented the junior administrator from running Apache. Install Apache and start the service. Verify that he Apache service is running with the defaults. Typing "help" in the terminal will show a list of relevant commands.

yum install httpd systemctl start httpd systemctl enable httpd systemctl status httpd install, start, enable, status.

The Linux lead has added a disk, /dev/sdd, to a VM that is running out of disk space. Place the following steps in the correct order from first (1) to last (4) to add the disk to the existing LVM. - lvextend -L +10GB /dev/mapper/vgdata-data - resize2fs /dev/mapper/vgdata-data - pvcreate /dev/sdd - vgextend vgdata /dev/add

1. pvcreate /dev/sdd 2. vgextend vgdata /dev/sdd 3. lvextend -L +10GB /dev/mapper/vgdata-data 4. resize2fs /dev/mapper/vgdata-data pvcreate - creates a physical volume vgextend - extend the "vgdata" volume to include the "/dev/sdd" physical volume. lvextend - extend the size of the logical volume resize2fs - resize the file system

An administrator receives a warning about a file system filling up, and then identifies a large file located at /tmp/largelogfile. The administrator deletes the file, but no space is recovered on the file system. Which of the following commands would BEST assist the administrator in identifying the problem? A. lsof | grep largelogfile B. pkill /tmp/largelogfile C. pgrep largelogfile D. ps -ef | grep largelogfile

A. lsof | grep largelogfile lsof = list open files.

Which of the following can be used to boot a DVD from a remote device to initialize a Linux system setup on bare metal hardware as if it is a local DVD? A. UEFI B. PXE C. NFS D. RUB

A. UEFI UEFI boot like in PES-K.

After starting a long-running script, asystems administrator needs to verify the frequency of what is filling up the /var partition and kill it because it is consuming too much space. Which of the following is the correct sequence given only a terminal is available? A. CTRL-C, bg, watch df /var, CTRL-C, fg, CTRL-Z B. CTRL-C, fg, watch df /var, CTRL-Z, bg, CTRL-Z C. CTRL-Z, bg, watch df /var, CATRL-C, fg, CTRL-C D. CTRL-Z, bg, watch df /var, CTRL-Z, fg, CTRL-C

D. CTRL-Z, bg, watch df /var, CTRL-Z, fg, CTRL-C Look for #1 and #4 are CTRL-Z

Which of the following commands brings a system running SysV init into a state in which it is safe to perform maintenance tasks? (Choose TWO correct answers). ``` A. shutdown -R 1 nore B. shutdown -single now C. init 1 D. telinit 1 E. runlevel 1 ```

C and D. C. init 1 D. telinit 1 init 1 is single-user mode. telinit 1 is switch to run level init 1.

What is the first program that is usually started at boot time by the Linux kernel when using SysV init? ``` A. /lib/init.so B. /sbin/init C. /etc/rc.d/rcinit D. /proc/sys/kernel/init E. /boot/init ```

B. /sbin/init /sbin contains administrator tools including boot tools.

What does the command mount -a do? A. It ensures that all file systems listed with the option noauto in /etc/fstab are mounted. B. It shows all mounted file systems that have been automatically mounted. C. It opens an editor with root privileges and loads /etc/fstab for editing. D. It ensures that all file systems listed with the option auto in /etc/fstab are mounted. E. It ensures that all file systems listed in /etc/stab are mounted regardless of their options.

D. It ensures that all file systems listed with the option auto in /etc/fstab are mounted. -a = Auto

A Linux administrator is testing connectivity to a remote host on a shared terminal. The administrator wants to allow other users to access the terminal while the command is executing. Which of the following commands should the administrator use? A. bg ping remotehost B. fg ping remotehost C. ping remotehost < results D. ping remotehost &

C. ping remotehost < results Pipe the results from a file.

A Linux administrator needs to switch from text mode to GUI. Which of the following runlevels will start the GUI by default? A. Runlevel 3 B. Runlevel 4 C. Runlevel 5 D. Runlevel 6

C. Runlevel 5 Runlevel 5 starts the GUI by default.

A junior systems administrator is configuring localization option environment variables. The administrator is given a checklist of tasks with the following requirements: - View current settings of the LC_ALL environment variable only. - Modify the LANG environment variable to US English Unicode. Given this scenario, which of the following should be performed to meet these requirements? (Choose two). ``` A. echo #LC_ALL B. locale C. cat $LC_ALL D. export LANG = en_US.UTF-8 E. export $LANG = en_US.UTF F. stty ```

B and D. B. locale D. export LANG = en_US.UTF-8 Unicode = UTF-8

An administrator needs to change the IP address on a server remotely. After updating the configuration files, a network restart is needed. However, the administrator fears that when the network connectin drops, the network restart script will be killed before the new IP address has been set. Which of the following commands would prevent the script from being killed? A. nohup service network restart B. service network restart & C. echo "service network restart" | at now D. dg service network restart

A. nohup service network restart nohup = ignore terminal logout signal

A Linux administrator is testing a new web application on a local laptop and consistently shows the following 403 errors in the laptop's logs: avc:denied The web server starts properly, but an erro is generated in the audit log. Which of the following settings should be enabled to prevent this audit message? A. httpd_can_network_connect = 1 B. httpd_enable_scripting = 1 C. httpd_enable_homedirs= 1 D. httpd_enable_cgi = 1

A. httpd_can_network_connect = 1 Select the "network" answer for the network question.

Which of the following BEST describes the purpose of the X11 system? A. X11 provides graphical display capabilities. B. X11 provides command line capabilities. C. X11 provides networking capabilities. D. X11 provides telephony capabilities.

A. X11 provides graphical display capabilities.

Which of the following configuration files should be modified to disable Ctrl-Alt-Del in Linux? A. /etc/inittab B. ~/.bash_profile C. /etc/securetty D. /etc/security/limits.conf

A. /etc/inittab itittab = SysV initialization

During a system boot cycle, what program is executed after the BIOS completes its tasks? A. The bootloader B. The inetd program C. The init program D. The kernel

A. The bootloader Look for "bootloader" on the question about the boot cycle.

Which run levels should never be declared as the default run level when using SysV init? (Choose TWO correct answers). ``` A. 0 B. 1 C. 3 D. 5 E. 6 ```

A and E. A. 0 E. 6 Pick the min-max.

Which of the following statements is correct when talking about /proc? A. All changes to files in /proc are stored in /etc/proc.d and restored on reboot. B. All files within /proc are read-only and and their contents cannot be changed. C. All changes to files in /proc are immediately recognized bt the kernel. D. All files within /proc are only readable by the root user.

C. All changes to files in /proc are immediately recognized by the kernel.

What of the following statements are true regarding /dev when using udev? (Choose TWO correct answers) A. Entries for all possible devices get created on boot even if those devices are not connected. B. Additional rules for udev can be created by adding them to /etc/udev/rules.d/. C. When using udev, it is not possible to create block or charcter devices in /dev/ using mknod. D. The /dev directory is a filestystem of type tmpfs and is mounted by udev during system startup. E. The content of /dev is stored in /etc/udev/dev and is restored during system startup.

B and D. B. Additional rules for udev acan be created by adding them to /etc/udev/rules.d/. D. The /dev/ directory is a filesystem of type tmpfs and is mounted by udev during system startup. "Additional rules" and "filesystem"

Which of the following information is stored within the BIOS? (Choose TWO correct answers). ``` A. Boot device order B. Linux kernel version C. Timezone D. Hardware configuration E. The system's hostname ```

A and D. A. Boot device order D. Hardware configuration BIOS gonna BIOS.

Which of the followin commands reboots the system when using SysV init? (Choose TWO correct answers). ``` A.. shutdown -r now B. shutdown -r "rebooting" C. telinit 6 D. telinit 0 E. shutdown -k now "rebooting" ```

A and C. A. shutdown -r now C. telinit 6 Run level 6 is kill all processes and reboot.

A Linux administrator needs to remotely update the contents of the www.comptia.org/contacts URL. Which of the following commands would allow the administrator to download the current contents of the URL before updating? A. curl www. comptia.org/contacts B. dig www.comptia.org/contacts C. apt-get www.comptia.org/contacts D yum list www.comptia.org/contacts

A. curl www.comptia.org/contacts curl = client-URL. Select the "URL" answer for the URL question.

Which of the following BEST describes containers running on a Linux system? A. Containers only need the namespaces functionally to run on a Linux system available since kernel 2.6. B. Containers need a hypervisor to run a Linux system. Cgroup namespaces are functionalities used for the kernel but not for running containers. C. Containers only need the cgroups functionality for running on a Linux system. Namespaces is not a Linux kernel functionality needed for creating and managing containers. D. Containers use the cgroups and namespaces functionalities to isolate processes and assign hardware resources to each of the isolated processes.

D. Containers use the cgroups and namespaces functionalities to isolate processes and assign hardware resources to each of those isolated processes. Isolate isolate isolate.

A network has been crashing intermittently. A Linux administrator would like to write a shell script hat will attempt to ping the server and email an alert if the server fails to respond. The script will later be scheduled via cron job. Which of the following scripts would BEST accomplish this task? A. RESULT='ping -C 2 $SERVER' if [ !$RESULT ]; then B. ping -c 2 $SERVER >/dev/null 2>/dev/null if [$ -ge 1]; then C. RESULT='ping -c 2 $SERVER >/dev/null 2>/dev/null' while { $RESULT != ]; D. ping -o 2 $SERVER >/dev/null 2>/tmp/fail.log if [ -f /tmp/fail/log ]; then

D. SERVER = "192.168.1.50" ping -o 2 $SERVER >/dev/null 2>/tmp/fail.log if [ -f /tmp/fail/log ]; then Select the answer with fail.log

An administrator is analyzing a Linux server which was recently hacked. Which of the following will the administrator use to find all unsuccessful login attempts? A. nsswitch B. faillock C. pam_tall2 D. passwd

C. pam_tally2 pam_tally2 can count and lock SSH sessions on failed logins.

A junior administrator needs to unload an older video kernel module. Which of the following commands would BEST accomplish this task? A. modprobe B. insmod C. rmmod D. chmod

A. modprobe modprobe is now used primarily to load drivers.

An administrator is attempting to block SSH connections to 192.168.10.24 using the Linux firewall. After implementing a rule, a connection refused error is displayed when attempting to SSH to 192.168.10.24. Whcih of the following rules was MOST likely implemented? A. iptables -A -p tcp -d 192.168.10.24 -dropt 22 -j REJECT B. ptables -A -p tcp -d 192.168.10.24 -dropt 22 -j DROP C. ptables -A -p tcp -d 192.168.10.24 -dropt 22 -j FORWARD D. ptables -A -p tcp -d 192.168.10.24 -dropt 22 -j REFUSE

A. iptables -A -p tcp -d 192.168.10.24 -dript 22 -j REJECT Keyword "REJECT'

A junior Linux administrator is setting up system-wide configuration settings. The goal is to ensure the PATH environment variable includes the following locations for all users who log into a Linux system. /usr/local/bin /usr/local/sbin The administrator issues the following commands at he terminal: echo $PATH cat /etc/profile Respectively, the output of these commands are as follows: ... Which of the following would be the BEST action for the administrator to perform to address this issue? A. Update the /etc/profile.d file using a text editor, navigate to the PATH element, add the missing locations, and run the bash_completion.sh script to update the changes. B. Update the /etc/profile file using a text editor, navigate to the PATH element, add the missing locations and run the ./etc/profile command to update the changes. C. Update the /etc/profile.d file using a text editor, navigate to the PATH element, add the missing locations, and reboot to update the changes. D. Update the /etc/profile file using a text editor navigate to the PATH element, add the missing locations and restart the bash process to update

B. Update the /etc/profile file using a text editor, navigate to the PATH element, add the missing locations and run the ./etc/profile command to update the changes. "run the command"

Joe, a user, is unable to log in to the server and contracts the systems administrator to look into the issue. The administrator examines the /etc/passwd file and discovers the following entry: joe:x:505:505::/home/joe:/bin/false Which of the following commands should the administrator execute to resolve this problem? A. usermod -s /bin/bash joe B. passwd -u joe C. useradd -s /bin/bash joe D. chage -E -l joe

B. passwd -u joe Select the "passwd" answer for the /etc/passwd question.

A server is almost out of free meory and is becoming unresponsive. Which of the following sets of commands will BEST mitigate the issue? A. free, fack, partprobe B. lsof, lvcreate, mdadm C. df, du, rmmod D. fdish, mkswap, swapon -a

A. free, fack, and partprobe Easy facking answer.

A Linux administrator is using a public cloud provider to host servers for a company's website. Using the provider's tools, the adminstrator wrote a JSON file to define how to deploy the servers. Which of the following techniques did the administrator use? A. Infrastructure as code B. Build automation C. Platform as a service D. Automated configuration

B. Build automation Self-explanatory

A Linux system is running normally when the systems administrator receives an alert that one application spawned many processes. The application is consuming a lot of memory, and it will soon cause the machine to become unresponsive. Which of the following commands will stop each application process? A. kill 'pidof application' B. killall application C. kill -9 'ps -aux | grep application' D. pkill 09 application

B. killall application killall will halt sub-processes.

A systems administrator configured a new kernel modules, but it stopped working after reboot. Which of the following will allow the systems administrator to check for module problems during server startup? A. lsmod B. modprobe C. modinfo D. dmesg

C. modinfo A kernel module's info would be displayed by modinfo.

A junior Linux administrator is installing patches using YUM. The administrator issues the following command: yum list installed The output is as follows: Existing lock /var/run/yum.pid... Given this scenario and the output, which of the following should the administrator do to address this issue? A. renice -n 9 -p 5180 B. killall yum C. ps -ef | grep yum D. top | grep yum

C. ps -ef | grep yum ps = process - e = all listings (like a -A) - f = full-format listing

A systems administrator needs to retrieve specific fields from a csv file. Which of the following tools would accomplish this task? A. awk B. sort C. print D. echo

A. awk Awk is a programming language specialized for data extraction on UNIX systems. Ask Clint, "sed" and "awk".

Two specific users need access to a directory owned by root where backups are located. Which of the following commands would BEST ensure the specified users can access the backup files? A. umask B. chcon C. chmod D. setfacl

D. setfacl setfacl = Set File Access Control Lists

Which of the following is the purpose of the monitoring server ole? A. To agregate web traffic to watch which websites employees are visitin. B. To collect status and performance information about hte servers in an environment. C. To provide user authentication services to a network. D. To provide realtime analysis of potential threats to the organization.

B. To collect status and performance information about the servers in an environment.

A junior administrator is migrating a virtual machine from a Type 1 hypervisor to a Type 2 hypervisor. To ensure portability, which of the following formats should the administrator export from the Type 1 hypervisor to ensure compatibility? A. OWASP B. VDI C. VMDK D. OVA

D. OVA

A junior systems administrator is upgrading a package that was installed on a Red Hat-based system. The administrator is tasked with the following: - Update and install the new package. - Verify the new package version is installed. Which of the following should be done to BEST accomplish these tasks? (Choose two). ``` A. yum install B. yum upgrade C. rpm -e D. rpm -qa E. apt-get F. apt-get upgrade ```

A and C. A. yum install D. rpm -qa RPM query all

Which of the following is the template for the grub.cfg file? A. /etc/default/grub B. /etc/grub2.cfg C. /etc/sysct1.conf D. /boot/efi

A. /etc/default/grub default grub. Longest answer.

A Linux administrator implemented a new HTTP server using the default configuration. None of the users on the network can access the server. If there is no problem on the network or with the users' workstaions, which of the following steps will BEST analyze and resolve the issue? A. Run netstat to ensure the port is correctly bound, and configure the firewall to allow access on ports 80 and 443. B. Run route to ensure the port is correctly bound, and configure the firewall to allow access on ports 80 and 443. C. Run netcat to ensure the port is correctly bound, and configure a static route to the web to allow access on ports 80 and 443. D. Run route to ensure the port is correctly bound, and configure SELinux to allow access on ports 80 and 443.

C. Run netcat ot ensure the port is correctly bound, and configure a static route to the web to allow access on ports 80 and 443. netcat = utility for testing TCP and UDP connections. Pick the answer with a cat.

A Linux storage administrator wants to create a logical volume group. Which of the following commands is required to start the process? A. pvcreate B. vgcreate C. lvcreate D. mkfs.xfs

B. vgcreate vgcreate makes a logical volume group (volume group = vg)

A Linux administrator built a GitLab server. Later that day, a software engineer tried to access the server to upload the repository during the final step of installation. The software engineer could not access the website. Which of the following firewall rules would allow access to this site? All answers start with: iptables -A INPUT -p tcp -m multiport --dports 80, 443 -m conntrack - cstate A. NEW, ESTABLISHED, -j ACCEPT B. ESTABLISHED -j ACCEPT C. RELATED, ESTABLISHED -j ACCEPT D. NEW, ESTABLISHED -j REJECT

C. iptables -A INPUT -p tcp -m multiport -dports 90, 443 -m conntrack - cstate RELATED, ESTABLISHED -j ACCEPT REJA - Related, Established, -j, Accept. Or look for "related"

While creating a file on a volume, the Linux administrator receives the following message: No space left on device. Running the df -m command, the administrator notes there is still 50% of usage left. Which of the following is the NEXT step the administrator should take to analyze the issue without losing data? A. Run the df -i command and notice the inode exhaustion B. Run the df -h command and notice the exhaustion C. Run the df -B command and notice the block size D. Run the df -k command and notice the storage exhaustion.

A. Run the df -i command and notice the inode exhaustion. When in doubt about drive space, check to see if all the inodes are already allocated.

A user attempts to use the mount -a command but gets the following error: mount: mount point /mnt/test does not exist Which of the following commands best describes the action the Linux administrator should take NEXT? ``` A. mount -a /nmnt/test B. mkdir -p /mnt/test C. mdadm -p /mnt/test D. mkfs /mnt/test E. touch /mnt/test ```

B. mkdir -p /mnt/test If the directory doesn't exist, it must first be made.

Which of the following is modified to reconfigure the boot environment? A. grub-mkconfig B. grub.cfg C. update-grub D. grub2-mkconfig

C. update-grub GRUB = GNU gRand Unified Bootloader for dual-boot setups. Update-grub will reconfigure the boot environment.

A company wants to ensure that all newly created files can be modified only by their owners and that all new directory content can be changed only by the creator of the directory. Which of the following commands will help achieve this task? A. umask 0022 B. umask 0012 C. chmod -R 0644 / D. chmod -R 0755 /

A. umask 0022 umask's sets what is not allowed, so it has the inverse values of chmod for the three rightmost digits.

A Linux administrator needs to back up the folder /usr/domain, and the output must be a gzip compressed tar. Which of the following commands should be used? A. tar -cv domain.tar.gz /usr/domain B. tar -cvf /usr/domain domain.tar.gz C. tar -csvf domain.tar.gz /usr/domain D. tar -cxsv /usr/domain domain.tar.gz

C. tar -csvf domaint.tar.gz /usr/domain ``` c = create s = same order v = verbose f = file ```

A Linux administrator needs every new file created on a directory to maintain the group permissions of the same directory. Which of the following commands would satisfy this requirement? A. chmod o+s B. chmod u+s C. chmod +s D. chmod g+s

D. chmod g+s chmod g+s ensures that files created in the specified directory will maintain directory attributes rather than the owner's.

Which of the following statements BEST represents what he term "agentless" means regarding orchestration? A. Installation of a tool is not required on the remote system to perform orchestration tasks. B. It facilitates version control when using infrastructure as code during orchestration. C. It automatically removes malware from the remote system during orchestration. D. A tool can only be accessed remotely to perform orchestration tasks.

A. Installation of a tool is not required on the remote system to perform orchestration tasks.

Given that a company's policy staets that users cannot install third-party tools on Windows servers, which of the following protocols will allow a Linux GUI to connect to a Windows server? A. VNC B. NX C. RDP D. X11

A. VNC VNC allows a Linux GUI to SSH to a Windows server.

Ann, a junior Linux administrator, needs to copy software from her local machine to assist in developing a software application on a remote machine with the IP address 192.168.3.22. The file needs to be placed on the /tmp directory. After downloading the RPM to the local machine, which of the following commands would be BEST to use to copy the software? A. scp ~/software.rpm USER@192.168.3.22:/tmp B. scp ~/software.rpm USER@192.168.3.22:/tmp C. wget USER@192.168.3.22:/tmp -f ~/software.rpm D. scp USER@192.168.3.22 ~/software.rpm :/tmp

C. wget USER@192.168.3.22:/tmp -f ~/software.rpm wget retrieves files from web servers via HTTP or FTP. Longest answer.

An administrator is tasked with increasing the size of the volume /dev/vg/lv to 20GB. Which of the following BEST illustrates the steps the administrator should take? A. vgextend -L20G /dev/vg/lv; resiselv /dev/vg/lv B. parted -L20G /dev/vg/lv; remount /dev/vg/lv C. mkfs -L20G /dev/vg/lv; tune2fs /dev/vg/lv D. lvextend -L20G /dev/vg/lv; resize2fs /dev/vg/lv

D. lvextend -L20G /dev/vg/lv; resize2fs /dev/vg/lv Look for "lvextend" for this "/lv" question.

A systems administrator observes high latency values when reaching a remote web server. Which of the following commands will help determine and isolate issues on the network side? A. mtr B. dig C. netstat D. route

A. mtr mtr = My TraceRoute

A Linux adminstrator wants to obtain a list of files and subdirectories in the /etc directory that should contain the word "services". Once the files and subdirectories are discovered, they should be listed alphabetically in the /var/tmp/foundservices file. Which of the following shell scripts will accomplish this task? #/bin/bash A. find /etc -name services | sort > /var/tmp/foundservices B. locate /etc -sort -name services > /var/tmp/foundservices C. find -name services -sort < /var/tmp/foundservices D. find /etc -name services -sort > /var/tmp/foundservices

B. locate /etc -sort -name services > /var/tmp/foundservices Keyword "locate"

A systems administrator is enabling quotas on the /home directory of a Linux server. The administrator makes the appropriate edits to the /etc/fstab file and attempts to issue the commands to enable quotas on the desired directory. However, the administrator receives an error message stating the filesystem does not support quotas. Which of the following commands should the administrator perform to proceed? A. mount -o remount /home B. quotacheck -cg C. edquota /home D. quotaon /home

D. quotaon /home Select "quotaon /home" to enable quotas on /home.

A systems administrator needs to install anew piece of hardware that requires a new driver. The driver should be manually installed. Which of the following describes the order of commands required to obtain module information, install the module, and check the log for any errors durin module installation? A. lsmod, modprobe, modinfo B. modinfo, insmod, modprobe C. modinfo, insmod, dmesg D. lsmod, insmod, dmesg

A. lsmod, modprobe, modinfo. Select the answer that ends in "info"

A new HTTPS web service is being deployed on aserver. Which of the following commands should the Linux administrator use to ensure traffic is able to flow through the system firewall to the new service? A. iptables -I OUTPUT -p tcp --sport 443 -j ACCEPT B. iptables -A INPUT -o tcp --dport 443 -j ACCEPT C. iptables -I INPUT --dport 443 -j ACCEPT D. iptables -A OUTPUT p tcp --dport 443 -j ACCEPT

C. iptable -I INPUT --dport 443 -j ACCEPT Look for "-I" for "INPUT"

An administrator has modified the configuration file for a service. The service is still running but is not using the new configured values. Which of the following will BEST remediate this issue? A. kill -HUP B. init 0 C. service start D. renice -10

A. kill -HUP

Study Guide Flashcards

(106 cards)