Study Guide - Practice Test Flashcards

Question

24- What command displays features and parameters for network cards * ethtool * iwconfig * iwlist * netstat * route

Answer 1

**ethtool** The ethtool program displays hardware information about network interface cards, making option A correct. The iwconfig and iwlist programs display information about wireless networks, not the network cards, making options B and C incorrect. The netstat and route programs display information about the network statistics, not the network cards, so options D and E are both incorrect.

Answer 2

a command-line utility for displaying and configuring Ethernet network interface settings like speed, duplex mode, auto-negotiation, and hardware statistics - used for wired network troubleshooting with commands like ethtool eth0

Answer 3

the wireless equivalent of ifconfig, used to configure and display wireless network interface parameters like SSID, frequency, encryption keys, and signal strength for WiFi adapters

Answer 4

scans and displays detailed information about available wireless networks, access points, and their capabilities - commonly used as iwlist scan to show nearby WiFi networks with their SSIDs, signal strength, and security settings

Answer 5

**socket statistics** is the modern replacement for netstat, providing faster and more detailed information about network connections, listening ports, and socket statistics with better filtering capabilities

Answer 6

the IPv6 version of the ping command, used to test network connectivity and measure round-trip time to IPv6 addresses or hostnames - essential for troubleshooting IPv6 network issues with syntax like ping6 ::1 or ping6 ipv6.google.com

Answer 7

* GNOME is an open source project. * GNOME uses Files as its default file manager. * GNOME uses the Dash as its favorites bar. GNOME is an open source project supported by the GNOME Foundation. Therefore option A is a correct choice. Files is the default file manager for the GNOME desktop, so option C is correct. The Dash is the default favorites bar for the GNOME desktop, making option E also correct. GNOME uses the GNOME Display Manager (GDM) for its display manager, not SDDM, so option B is incorrect. MATE is a fork from GNOME version 2, and GNOME is not a fork of MATE, so option E is also an incorrect choice.

Answer 8

* **Input Device** * **Monitor** * **Screen** The Input Device, Monitor, and Screen sections are all sections you would find in the /etc/X11/xorg.conf file. Therefore, options B, D, and E are correct choices. You would also find the Modes, Device, Module, Files, Server Flags, and Server Layout sections. The Service and Desktop sections are made up, and therefore options A and C are incorrect choices.

Answer 9

**The XDMCP is used for the user authentication interface.** The X Display Manager Control Protocol (XDMCP) can be employed as a very basic display manager. A display manager controls the login screen provided to the user for authentication. Therefore, option E is the correct answer. XDMCP is not used by X11 to provide a basic desktop environment, so option A is a wrong answer. XDMCP’s use does not indicate the Wayland display server is being used, and therefore, option B is also an incorrect answer. If you were having problems with the display manager, then the correct file to review would be the /etc/X11/xdm/xdm-config file, and not the /etc/X11/xdm-config file. Thus option C is a wrong choice. XDMCP is not a compositor, so option D is also an incorrect answer.

Answer 10

* -N * -f * -R You need to indicate to the OpenSSH server that no terminal is required, because you are only establishing a tunnel. Therefore, the -N switch is needed and option A is a correct answer. The -f switch will send the OpenSSH tunnel into the background, freeing up his command‐line interface so the user can type in remote desktop commands. Thus, option C is a correct answer as well. The -R switch is used for remote mode SSH port forwarding and will allow them to specify the local system as well as the local and remote ports to be used. Therefore, option D is also a correct choice. The -Y switch is not used in SSH port forwarding, so option B is a wrong answer. The -L switch is used for local mode of the ssh command. Therefore, option E is also an incorrect answer.

Answer 11

**UTF‐8** The UTF‐8 character set uses all 8 bits, or 1 byte, to store characters; thus, option B is correct. The ASCII character set uses only 7 bits, so option A is incorrect. The UTF‐16 character set uses 2 bytes, Unicode uses 3 bytes, and UTF‐32 uses 4 bytes, so options C, D, and E are all incorrect.

Answer 12

* ASCII: 7 bits * UTF‐8: 8 bits, 1 byte * UTF‐16: 16 bits, 2 bytes * Unicode: 24 bits, 3 bytes * UTF‐32: 32 bits, 4 bytes

Answer 13

**localectl** The localectl command is available on systemd systems to set the character sets, making option C correct. The timedatectl command sets the time and date on systemd systems, but not the localization, so option A is incorrect. The time, date, and locale commands are legacy Linux commands and not used on systemd systems, so options B, D, and E are all incorrect.

Answer 14

**timedatectl** On Linux systems that utilize the systemd system, the timedatectl command is available to retrieve the time from the workstation or server hardware, so option A is correct. The localectl command is a systemd command, but it’s used to set localization, not retrieve time, so option E is incorrect. The date, time, and locale commands are part of the legacy Linux system and not used on systemd systems, so options B, C, and D are all incorrect.

Answer 15

**date** The date command allows you to specify a template to define the format of the time and date as output, so option E is correct. The time command only displays the time and not the date, so option A is incorrect. The timedatectl command displays the time and date but doesn’t allow you to format the output, so option B is incorrect. The hwclock command displays the current time as set on the workstation or server hardware and doesn’t allow you to format the output, so option C is incorrect. The localectl command displays localization settings on systemd systems, not the time and date, so option D is incorrect.

Answer 16

* The usermod -L command * The passwd -l command The usermod -L and passwd -l commands will both work to lock the employee out of the system without deleting the user account. Therefore, options A and C are the correct answers. The usermod -U command unlocks a locked account, so option B is a wrong answer. The passwd -L command is a made‐up command, so option D is also an incorrect answer. The userdel -r command would delete the user account and all its $HOME directory files. This is not what the company wants, and therefore, option E is also an incorrect choice.

Answer 17

**-d** The -d switch on the useradd command will allow you to create the home in an alternative location and not the one specified by the HOME directive. Therefore, option B is the correct answer. Both the -m and the --create-home switches will create a directory if the CREATE_HOME directive is either not set or set to no. However, they do not allow you to specify the location. Therefore, options A and C are wrong answers. The switches in options D and E only allow you to display the directives within the /etc/default/useradd account creation configuration file. Thus, options D and E are incorrect choices.

Answer 18

**The user’s (UID 1138) current group’s name** If you issue the command id -gn 1138 at the command line and the user exists, you will see the user’s current group’s name displayed. Therefore, option D is the correct answer. To see the user’s (UID 1138) current group’s GID, the command is id -g 1138. Thus, option A is a wrong answer. To see the user (UID 1138) group membership GIDs, the command is id -G 1138. Thus, option B is also an incorrect answer. To view the user (UID 1138) username, the command is id -un 1138. Therefore, option C is a wrong choice. To see the user (UID 1138) group membership names, the command is id -Gn 1138. Thus, option E is also an incorrect choice.

Answer 19

**Neither block nor inode soft quotas have been configured for this user.** The edquota -u JKirk command would display zeros (0) under all the soft columns if neither block nor inode soft quotas have been configured for this user. Therefore, option A is the correct answer. If neither block nor inode hard quotas have been configured for this user, you would see zeros displayed under the hard columns. Thus, option B is a wrong answer. If the user is currently experiencing a grace period, you would see numbers in the grace column of the quota -u JKirk command. Therefore, option C is an incorrect answer. If the user is currently not experiencing a grace period, you would see nothing in the grace column of the quota -u JKirk command. Thus, option D is also a wrong choice. Whether or not the user is logged into the system does not affect information displayed by the edquota -u JKirk command. Therefore, option E is an incorrect choice.

Answer 20

* **gdisk** * **fdisk** * **parted** The common command‐line tools for partitioning hard drives in Linux are gdisk, fdisk, and parted, making options A, C, and D all correct. The gparted tool is a graphical tool for partitioning hard drives, not a command‐line tool, so option B is incorrect. The fsck command‐line tool allows you to repair partitions but not create them, so option E is incorrect.

Answer 21

* **gdisk** * **gparted** The gdisk and gparted tools allow you to partition both standard and GPT indexed hard drives, so option C is correct. The parted and fdisk partition tools don’t work on GPT indexed hard drives, so options A and B are both incorrect. The fsck program fixes corrupted partitions, but it can’t create or partition a GPT indexed hard drive, so option E is incorrect.

Answer 22

**The zip utility** The Windows operating system can use the zip archive file format. Therefore, the zip utility is the best one to use and option B is the correct answer. The tar, rsync, and dd utilities are not good choices due to incompatibility issues. Therefore, options A, C, and D are wrong choices. The gzip utility does not create archives, so option E is an incorrect answer.

Answer 23

**The xz utility** When a .txz file extension is used on a tarball, it implies that xz compression was used. Therefore, option A is the correct answer. The gzip and bzip2 utilities can be employed by the tar utility. However, the file extensions that imply their use are different than the one used by the system admin. Therefore, options B and C are wrong choices. The zip utility and zlib library are not used with the tar utility, so options D and E are incorrect choices.

Answer 24

* **Both can be used to check a transferred file’s integrity.** * **The SHA‐based utilities produce longer hash values than the MD5‐based utility.** Both the MD5‐ and SHA‐based utilities can be used to check a transferred file’s integrity. Also, the SHA‐based utilities produce longer hash values than the MD5‐based utility. Therefore, options B and D are correct answers. The MD5‐based utility, md5sum, is no longer considered safe to use in cryptographic functions. Therefore, option A is a wrong answer. The tar command does not have the ability to employ these utilities via command‐line switches, so option C is also an incorrect answer. Option E is also an incorrect choice because the opposite is true.

Answer 25

**-zcvf** To create a compressed tarball, you need to use the -z option to compress it, the -c option to create it, the -v option for verbose mode, and the -f option to specify the output file, so option B is correct. The -Uvh options aren’t tar command options but are for the rpm package file, so option A is incorrect. The -zxvf combination of options extracts a compressed tarball file but does not create one, so option C is incorrect. The -xvf combination of options extracts an uncompressed tarball file but doesn’t create a compressed tarball, so option D is incorrect. The -cvf combination of options creates a new tarball file but doesn’t compress it, so option E is incorrect.

Answer 26

* **rpm** * **yum** * **dnf** The rpm, yum, and dnf package tools all work with Red Hat–based distribution packages, so options B, C, and D are all correct. The dpkg tool only works with Debian‐based packages, so option A is incorrect. The tar command is used to create and extract tarball files, not Red Hat packages, so option E is incorrect.

Answer 27

**.ko** Kernel module files have a .ko file extension. Therefore, option D is the correct answer. The .dep file extension is used for the module’s dependency file. Thus, option A is a wrong answer. The .conf file extension is often used by configuration files, and therefore, option B is an incorrect answer. The .sh file extension is used by shell scripts. Thus, option C is a wrong choice. The .lib file extension is often used by library files. Therefore, option E is also an incorrect choice.

Answer 28

**A /lib/modules/ subdirectory** Kernel modules are stored in a /lib/modules/ subdirectory. Thus, option A is the correct answer. Options B, C, D, and E are all potential locations of kernel module configuration files and not kernel modules. Thus, those options are incorrect choices.

Answer 29

**The modules.dep file** The modules.dep file, which resides in the /lib/modules/Kernel-Version/ directory, is used by the modprobe utility to determine module dependencies and updated by the depmod utility. Therefore, option E is the correct answer. The /etc/modules.conf file is a module configuration file used on older Linux distributions, thus option A is a wrong answer. The /proc/modules file has the same information that the lsmod utility displays, but it is not used by the depmod utility, so option B is a wrong choice. The /etc/group file is used for user groups but not kernel modules. Therefore, option C is an incorrect choice. The /etc/modprobe.d file is actually a directory, which stores some of the module configuration files. Thus, option D is an incorrect choice.

Answer 30

* **rmmod** * **modprobe** Both the rmmod and the modprobe utilities can be used to unload (remove) kernel modules. You do have to use the -r switch with the modprobe command to remove a kernel module. Therefore, options B and D are correct answers. The rm command is used for removing files and not kernel modules, so option A is a wrong answer. The insmod utility is used to load a kernel module. Thus, option C is an incorrect answer. The modinfo command provides detailed information concerning a particular kernel module. Therefore, option E is also an incorrect choice.

Answer 31

removes (unloads) kernel modules from memory, but only if they're not currently in use - syntax is rmmod module_name and it doesn't handle dependencies automatically

Answer 32

loads kernel modules into memory from a specific file path, requiring you to specify the full .ko file path and manually handle any dependencies - basic syntax: insmod /path/to/module.ko

Answer 33

is the intelligent module management tool that automatically handles dependencies when loading/unloading modules, can load by module name (searches standard locations), and uses -r to remove - preferred over insmod/rmmod for most tasks

Answer 34

displays detailed information about kernel modules including description, parameters, dependencies, and version without loading the module - useful for examining modules with modinfo module_name

Answer 35

**ls -Z** The SELinux advanced security system uses the standard ls command with the -Z option to display SELinux security context assigned to files, so option A is correct. The getfacl and setfacl commands are related to the ACL permissions, not SELinux permissions, so options B and E are both incorrect. The -l option of the ls command as well as the chmod command both are used for basic security permissions and not SELinux permissions, so options C and D are both incorrect.

Answer 36

* **pam_pwhistory.so** * **pam_unix.so** * **pam_pwquality.so** * **pam_cracklib.so** The pam_pwhistory.so, pam_unix.so, and pam_pwquality.so are all involved with enforcing strong passwords for PAM‐aware applications, so options A, B, and C are correct answers. The pam_cracklib.so is an earlier version of the pam_pwquality.so module, so option E is also a correct choice. The pam_tally2.so helps to prevent brute‐force attacks by locking accounts after so many failed login attempts. Therefore, option D is an incorrect choice.

Answer 37

* **Via the PKI structure, CA signed certificates are implemented.** * **The PKI framework helps to protect key integrity.** Explanation Signed certificates are implemented via the PKI framework. These certificates help to prove authenticity and validation of the keys as well as the keys’ owner. Thus, options C and E are correct answers. Self‐signed certifications are not provided via the PKI structure, so option A is a wrong answer. The PKI framework is not involved with implementing strong passwords or preventing brute‐force attacks. Therefore, option B is an incorrect answer. Also, the PKI does not ensure that proper encryption algorithms are used, so option D is an incorrect choice as well.

Answer 38

**The ssh-add command** The ssh-add command allows you to add your identity key to the agent session to use for authentication. Therefore, option D is the correct answer. The ssh-keygen is for generating keys, and thus option A is the wrong answer. The ssh-agent command will start an agent session but does not add keys to the session, so option B is a wrong choice. The ssh-copy-id command allows you to copy an identity key to a remote system and add it to the ~/.ssh/authorized_keys file for password‐less authentication. Therefore, option C is a wrong answer. The scp command allows you to copy files over a network via an SSH tunnel but not add files to an SSH agent session, and thus option E is an incorrect choice.

Answer 39

**The payload and routing headers are encrypted.** Used within VPN software, IPSec provides either tunnel or transport mode. Tunnel mode is when both the payload (data) and the routing headers are encrypted. Therefore, option E is the correct answer. Option A describes a digital signature, and thus it is a wrong answer. IPSec transport mode is described by option B, and therefore it also is a wrong choice. Option C describes the hashing process, so it is an incorrect answer. SSL/TLS and DTLS both use the security feature described in option D, so it is an incorrect choice as well.

Answer 40

**logrotate** The logrotate utility normally runs in the background and splits log files either when they reach a predetermined size or after a predetermined number of days, so option B is correct. The rsyslogd and syslogd commands are the logger programs themselves, so options A and E are both incorrect. The logger command allows you to manually make an entry into the log files but not split the log files, so option C is incorrect. The systemd-journald program is the logging program for systemd systems and can rotate the logs automatically, but it doesn’t work on rsyslog systems, so option D is incorrect.

Answer 41

* **a system utility that automatically manages log file rotation, compression, and cleanup to prevent log files from consuming excessive disk space by creating new log files and archiving or deleting old ones** * It runs via cron (typically daily) and uses configuration files in /etc/logrotate.conf and /etc/logrotate.d/ to define rotation policies like file size limits, age limits, number of copies to keep, and compression settings * Common features include rotating logs weekly/monthly, compressing old logs with gzip, keeping a specified number of rotations, and executing post-rotation scripts to restart services - essential for maintaining system storage and log management

Answer 42

**ForwardToSyslog** You use the ForwardToSyslog setting to forward the systemd events to an rsyslogd server, so option A is correct. The Storage setting determines how the logs are stored on the local server, not whether they’re forwarded to an rsyslogd server, so options B, D, and E are all incorrect. The Compress setting determines if the log files are compressed, not whether they’re forwarded to an rsyslogd server, so option C is incorrect.

Answer 43

**\_TRANSPORT=kernel** The \_TRANSPORT command‐line option determines what transport events to display, so setting that value to kernel displays only kernel‐level events, making option C correct. The -a command‐line option displays all of the log fields for all of the events, so option A is incorrect. Using the -r option reverses the output so that the newest entries are displayed first, but it doesn’t filter only the kernel events, so option B is incorrect. The PRIORITY option filters out only the entries with the specified priority, not only kernel events, so option D is incorrect. The \_HOSTNAME option filters out only the entries from a specified hostname, not just the kernel entries, so option E is incorrect.

Answer 44

**The firewall configuration survives system reboots as well as the firewall being restarted or reloaded.** Firewall persistency is best described by the fact that the firewall configuration survives system reboots as well as the firewall being restarted or reloaded. Thus, option E is the correct answer. While a firewall may survive repeated malicious attacks on the system and continue to protect the system, this does not describe persistency. Therefore, option A is a wrong answer. Surviving a firewall misconfiguration also does not describe persistency, so option B is also an incorrect answer. While the description in option C may be available within some firewall software packages, it does not describe persistency, so option C is a wrong choice. Option D describes an intrusion detection system (IDS) and not persistency. Therefore, option D is an incorrect choice as well.

Answer 45

**sudo firewall-cmd --add-service=nfs --zone=public** The sudo firewall-cmd --add-service=nfs --zone=public command will add the NFS service to the public zone in firewalld. Therefore, option C is the correct answer. There is no firewalld-cmd command, and thus options A and B are wrong answers. In addition, neither the --service nor the --add option is valid, so options D and E are also incorrect choices.

Answer 46

**/etc/ufw/applications.d/** UFW profiles are stored in the /etc/ufw/applications.d/ directory. Therefore, option B is the correct answer. The UFW configuration file is the /etc/default/ufw file. Thus, option A is the wrong answer. The /etc/services file is used by UFW to determine the appropriate port and protocol information for service names used in its command syntax. Therefore, option C is also an incorrect answer. Any user‐added rules are stored in the /etc/ufw/ directory, with IPv4 rules in the user.rules file and IPv6 rules in the user6.rules file. Thus, options D and E are incorrect choices.

Answer 47

**When used as the default shell for a user defined in the /etc/passwd file, it prevents that user account from logging in.** The /usr/bin/nologin file prevents a user account from logging in from any terminal when specified as the user’s default shell in the /etc/passwd file, so option A is correct. When specified as the default shell, it applies to any terminal the user attempts to log in from, so option B is incorrect. The default shell is specified in the /etc/passwd file and not the inittab file, so options C, D, and E are all incorrect.

Answer 48

* **An improperly connected network cable** * **An adapter that is failing** * **A saturated network segment** An improperly connected network cable, an adapter that is failing, and a saturated network segment all are potential causes of packet drop. Therefore, options A, B and D are correct answers. A firewall blocking traffic and an incorrectly entered FQDN are situations where a timeout may occur but not packet loss. Thus, options C and E are incorrect choices.

Answer 49

**The amount of time processes are waiting for or using the CPU** Option C best describes load averages. Thus, it is the correct answer. Option A describes I/O wait, and therefore, it is a wrong answer. Option B is describing I/O scheduling. Thus, it is also an incorrect choice. Option D describes network jitter, and therefore it is a wrong answer. Option E is describing timeouts. Thus, it is an incorrect choice.

Answer 50

**cat /proc/meminfo** For detailed information concerning a system’s RAM, use the cat /proc/meminfo command to view it. Therefore, option B is the correct answer. The ipcs -m command allows you to see shared memory segments instead of detailed RAM information. Thus, option A is the wrong answer. The free command shows memory items such as free memory, used memory, and buffer/cache usage. Thus, option C is an incorrect answer. The sar utility can provide memory performance information, but that is not what is needed here. Thus, option D is an incorrect answer. The vmstat utility provides a lot of memory statistics, including disk I/O specific to swapping as well as total blocks in and blocks out to the device. However, it does not provide detailed information about your system’s memory, so option E is an incorrect choice.

Answer 51

displays information about shared memory segments currently allocated on the system, showing segment IDs, keys, sizes, and ownership - useful for troubleshooting inter-process communication issues

Answer 52

shows detailed memory statistics from the kernel including total/free/available RAM, swap usage, buffers, cache, and various memory subsystem counters in a comprehensive text format

Answer 53

provides a simple summary of memory usage showing total, used, free, shared, buffer/cache, and available memory for both RAM and swap space - commonly used with -h for human-readable format

Answer 54

**System Activity Reporter** collects and displays historical system performance statistics including CPU, memory, I/O, and network usage over time - part of the sysstat package for performance monitoring

Answer 55

displays virtual memory statistics including processes, memory, swap, I/O, system calls, and CPU activity - useful for real-time system performance monitoring with options like vmstat 5 for 5-second intervals

Answer 56

**Unix‐style parameters** The ps command in Linux supports Unix‐style, BSD‐style, and GNU long parameters, thus options D and E are both incorrect. To differentiate between the three, Unix‐style parameters are preceded by a dash, so option A is correct. BSD‐style parameters are not preceded by anything, making option B incorrect. GNU long parameters are preceded by a double dash, making option C incorrect.

Answer 57

**All processes** The -e Unix‐style parameter for the ps command displays the status of all processes running on the system, so option B is correct. To display processes running on a specific terminal, you use the -t parameter, not the -e parameter, so option A is incorrect. The -e parameter does display sleeping processes but active processes as well, so option C is incorrect. To only display processes run by the current shell, you don’t specify any parameters to the ps command, so option D is incorrect. To display all processes run by the current user, you use the -x parameter, not the -e parameter, so option E is incorrect.

Answer 58

**sudo getent shadow Hansen7o9** The sudo getent shadow Hansen7o9 command will show only an exclamation point in the account’s password field if a password has not been set for this account. Therefore, option D is the correct answer. The chage -l command shows password information, but not whether or not a password was set, so option A is a wrong answer. The passwd -S command will show an L indicating that the account is locked, but it does not tell you if the account was locked via a command or by just not setting a password for it, so option B is an incorrect choice. The getent passwd command shows fields for the /etc/passwd file and not the /etc/shadow file, where modern distributions store their accounts’ password information. Therefore, option C is also a wrong answer. The lastlog command will not show anything for the Hansen7o9 account because this account has not yet been used to log into the system. Thus, option E is an incorrect choice.

Answer 59

* **retrieves entries from system databases (like /etc/passwd, /etc/group, /etc/hosts) through the Name Service Switch (NSS), allowing you to query both local files and network sources like LDAP or NIS** * It's useful for testing name resolution and user/group lookups across different data sources - common usage includes getent passwd username to look up user info, getent group groupname for group details, and getent hosts hostname for hostname resolution * Unlike directly reading files like /etc/passwd, getent respects the NSS configuration in /etc/nsswitch.conf and will query all configured sources (files, LDAP, NIS, etc.) making it essential for troubleshooting authentication in networked environments

Answer 60

* **pam_tally2** * **faillock** Depending on your system’s employment of PAM, either the pam_tally2 or faillock utility will allow you to see if the user was locked out of the system due to failed login attempts. Thus, options B and D are correct answer. The ausearch command is used with AppArmor and not PAM, so option A is a wrong answer. The sealert and id -Z commands are used with SELinux, and not PAM, so options C and E are incorrect choices as well.

Answer 61

**df -i** When a filesystem runs out of inode numbers (inode exhaustion), no additional files can be created on it. To check if this is what is happening on a system, use the df -i command, which shows each filesystem’s inode use and whether or not it is exhausted. Therefore, option B is the correct answer. While the touch command would allow you to try to create a file on this filesystem to see if it fails, it does not help in determining whether or not inode exhaustion is the problem, so option A is a wrong answer. The df -h command shows disk space usages for the various filesystems in human‐readable format but not inode usage, so option C is an incorrect answer. The du command cannot display inode usage and there is no -i option for this particular utility. Thus, options D and E are both incorrect choices.

Answer 62

**chattr -i ST.txt** To remove the immutable bit from the ST.txt file, you need to employ the chattr -i ST.txt command. Thus, option C is the correct answer. The lsattr ST.txt command displays the file’s attributes, allowing you to see whether or not the immutable bit is set, but it does not allow you to change it. Therefore, option A is a wrong answer. The lsattr -l ST.txt command displays a file’s attributes using long names instead of abbreviations, which is handy, but it does not remove attributes, such as the immutable bit. Thus, option B is an incorrect answer. The chattr +i ST.txt command would add the immutable bit instead of removing the immutable bit from the ST.txt file’s attributes. Therefore, option D is also a wrong answer. The mv ST.txt SS.txt command would fail if the file has the immutable bit set because you cannot rename (move) a file with that attribute. Also, the command does not remove the immutable bit, so option E is an incorrect choice.

Answer 63

**dmesg** The kernel logs device errors detected at boot time in the kernel ring buffer. The dmesg program allows you to view the messages in the kernel ring buffer, so option A is correct. The lsusb, lspci, lsdev, and lsblk commands allow you to view current settings and statistics for various types of devices on the Linux system, but they don’t allow you to view errors that occurred at boot time, so options B, C, D, and E are all incorrect.

Answer 64

**lsdev** The lsdev command displays information on all the devices currently installed on the Linux system, so option D is correct. The dmesg command displays information from the kernel ring buffer, which may contain information about devices found at boot time, but not the current information on the device, so option A is incorrect. The lsusb command only displays information about USB devices, the lspci command only displays information about PCI devices, and the lsblk command only displays information about block devices, making options B, C, and E all incorrect.

Answer 65

the device manager for the Linux kernel that dynamically creates and removes device files in /dev when hardware devices are added or removed, replacing the older static /dev directory approach It uses rules files (typically in /etc/udev/rules.d/) to define how devices should be named, what permissions they should have, and what actions to take when devices are detected - enabling consistent device naming and automatic hardware configuration udev integrates with the kernel's hotplug system to handle device events in real-time, automatically loading drivers, creating device nodes, setting ownership/permissions, and can trigger scripts or notifications when devices are plugged in or removed

Answer 66

**udev** The udev program runs in background, listening for kernel notifications about new hardware devices and attempting to add them to the /dev device directory automatically, making option C correct. The lsusb, lspci, and lsblk commands only display information about currently installed devices, not new devices, so options A, B, and D are all incorrect. The dmesg command displays kernel notifications added to the kernel ring buffer, but it doesn’t listen for new events to be added, so option E is incorrect.

Answer 67

* **The device driver layer** * **The HBA driver layer** * **The SCSI routing layer** On Linux, the SCSI framework consists of three integral parts—the device driver layer (upper), the SCSI routing layer (middle), and the host bus adapter (HBA) driver layer (lower). Problems typically occur in the upper and lower layers. Therefore, options A, C, and D, are the correct answers. There is no such thing as the SBA driver layer with SCSI, so option B is a wrong answer. Also, the SCSI framework does not have a SCSI storage layer, so option E is an incorrect choice.

Answer 68

**Check if Hansen7o9 has the privileges to run the other program by viewing its permissions.** You should check if Hansen7o9 has the privileges to run the other program by viewing its permissions via the ls -l command. Thus, option C is the correct answer. The user Hansen7o9 can already run the script, Borg.sh, so options A and B are wrong answers. Directory execute permissions are not needed to run a script or program. Instead, they allow a user to change their present working directory to that location, but the permission must be set throughout the directory tree. Therefore, options D and E are incorrect choices.

Answer 69

**ldd /usr/bin/pdfunite** The ldd /usr/bin/pdfunite command will show you all the libraries used by the pdfunite program. Therefore, option E is the correct answer. The rpm -q pdfunite --last command and the grep pdfunite /var/log/apt/history.log command attempt to find package installation information. However, they do not show an application’s employed libraries (and the package for pdfunite is poppler-utils), so options A and B are wrong answers. The /etc/zypp/repos.d/*.* and /etc/yum.repos.d/*.* are repository databases and they do not contain information on which libraries an application uses. Thus, options C and D are also incorrect choices.

Answer 70

* **List Dynamic Dependencies** **displays the shared libraries that an executable or shared library depends on, showing which .so files are required and where they're located in the filesystem** * It's essential for troubleshooting missing library errors and understanding program dependencies - common usage: ldd /bin/ls shows all libraries needed by the ls command, including their full paths * ldd helps diagnose "library not found" errors, verify library versions, and understand what happens when you move executables between systems - critical for debugging dynamic linking issues and dependency problems

Answer 71

* **memtest or memtest86+** * **lshw --class memory** * **dmidecode -t memory** You can conduct a memory test via a system reboot and accessing the memtest or memtest86+ option in the server’s boot menu. Therefore, option A is a correct answer. The lshw --class memory and dmidecode -t memory commands will allow you to determine hardware information concerning your memory, which may be of use as well in the troubleshooting process. Thus, options C and E are also correct answers. The localectl command on a Red Hat–based distribution, with no options, displays your current key map. This is employed in key mapping troubleshooting, not RAM, so option B is a wrong answer. You view the /var/log/Xorg.0.log file for X11 video problems, so option D is also an incorrect choice.

Answer 72

**≫** The ≫ operator appends output from a command to a file, so option E is correct. The pipe symbol (|) redirects output to a command, not a file, so option A is incorrect. The ˂ operator redirects input from a file into a program, so option B is incorrect. The ˃ operator redirects output to a new file or overwrites an existing file; it doesn’t append data to an existing file, so option C is incorrect. The ≪ symbol isn’t a valid shell operator, so option D is incorrect.

Answer 73

**$1** The $1 special shell variable represents the first parameter specified on the command line when a command is submitted, so option C is correct. The $a and $A variables are normal user variables that can contain data, but they don’t interact with the command‐line parameters, so options A and B are incorrect. The $0 special shell variable represents the entire command line, including the command and all parameters, not just the first parameter, so option D is incorrect. The #0 symbol is not a valid shell variable symbol, so option E is incorrect.

Answer 74

**users=$(who)** The $() operator redirects output from a command to a variable, so option D is correct. The ˃ operator redirects output from a command to a file, not a variable, so option A is incorrect. The pipe symbol (|) redirects output to another command, not a variable, so option B is incorrect. The ˂ operator redirects input from a file to a command, not output to a variable, so option C is incorrect. The $[] operator performs integer math; it doesn’t redirect the output of a command, so option E is incorrect.

Answer 75

**nohup.out in the current directory** The nohup command disconnects the submitted command from the command line and redirects all output from the command to the nohup.out file in the current directory, making option A correct. The nohup.out file is not placed in the /tmp directory, so option B is incorrect. The output filename is nohup.out, so options C, D, and E are all incorrect.

Answer 76

**Ctrl+Z** The Ctrl+Z key combination pauses an application and places it in sleep mode, so option B is correct. The Ctrl+C key combination stops a running process; it doesn’t pause it, so option A is incorrect. The Ctrl+D key combination logs out from the terminal session, pausing any running processes, so option C is incorrect. The Ctrl+l key combination clears the terminal window; it doesn’t pause the running application, so option D is incorrect. The Ctrl+A key combination moves the cursor to the beginning of the command line; it doesn’t pause a running application, so option E is incorrect.

Answer 77

* **The staging area** * **The index** * **The local repository** The git init command creates the .git/ directory within the working directory and initializes the conceptual elements of the staging area (also called the index), and the local repository. Therefore, options B, C, and D are correct answers. The working directory should already be created prior to using the git init command, so option A is a wrong answer. The remote repository is provided by a third party, so option E is also an incorrect choice.

Answer 78

* **git config --list** * **cat ~/.gitconfig** The commands listed in options A and C will allow Natasha to view her username and email configuration information stored in the global Git configuration and are correct answers. The command in option B has username listed incorrectly. It should be user.name. Therefore, option B is a wrong answer. The same is true for the command in option D. It should be user.email, not email. Thus, option D is an incorrect answer too. The git config command is missing options and arguments, so it will not work. Therefore, option E is an incorrect choice as well.

Answer 79

**git status** The developer should issue the command git status, which will show the names of all the files that have been added to the staging area (index) but have not yet been committed to the local repository. Therefore, option E is the correct answer. The git log command displays the commit history for the local repository, so option A is wrong answer. The git commit command begins the process of committing project files from the staging area to the local repository, so option B is also an incorrect answer. The git branch command shows the current project branch in use. Therefore, option C is a wrong choice. The git config --list command will show Git configuration information, so option D is also an incorrect choice.

Answer 80

**The branch with an asterisk by it is current.** You can tell which branch is current by the git branch command’s output by looking for an asterisk. This indicates that branch is current. Therefore, option C is the correct answer. All the other answers are made up and thus incorrect.

Answer 81

* **The Virtual Machine Manager application** * **The virt-manager command** * **The virt-viewer client viewer** The VMM acronym is associated with the Virtual Machine Manager application, the virt-manager command, and the virt-viewer client viewer. Thus, options A, C, and D are correct answers. A virtual machine manager (VMM), which is also called a hypervisor, is not directly associated with the Virtual Machine Manager application. Therefore, option B is a wrong answer. While a voicemail message does share the acronym VMM, with a hypervisor, it is not directly associated with the Virtual Machine Manager application, so option E is an incorrect choice.

Answer 82

* **Kickstart file** * **AutoYaST** * **Preseed** * **Anaconda** On Red Hat–based distros, a kickstart file created from an anaconda file is involved in the bootstrap process, so options A and E are correct answers. On openSUSE, the AutoYaST application is involved with bootstrapping, so option C is also a correct choice. On Ubuntu, preseed is involved in the bootstrap process. Thus, option D is also a correct choice. Bootstrapping (booting and installing an operating system) is different than booting (starting up a system), so a booting script is not involved in the bootstrap process, making option B the only incorrect choice.

Answer 83

* **Persistent** * **Thin provisioning** For the data to persevere through VM reboots, it needs to be persistent, so option A is a correct choice. To allow virtual storage to be overprovisioned (more space granted than available), the admin will need to employ thin provisioning, which only consumes the space is currently needs. Thus, option D is also a correct answer. Temporary (also called provisional) data will not allow the VM data to survive a reboot, so options B and E are wrong answers. Thick provisioning does not allow overprovisioning to occur. Thus, option C is also an incorrect choice.

Answer 84

**Build automation** Build automation is where configuration management and policy as code are used to automatically deploy and/or create multiple containers. Therefore, option C is the correct answer. Replication automation is another way of saying automatically creating multiple containers, so it is a subset of build automation. Thus, option A is a wrong answer. Infrastructure as code is an umbrella term that covers configuration management as well as policy as code. Therefore, option B is also an incorrect answer. Agentless is a type of orchestration monitoring tool (or engine), and thus option D is a wrong choice. In orchestration, inventory control ensures that the needed or desired number of containers is running. Therefore, option E is also an incorrect choice.

Answer 85

**So that the app’s infrastructure does not change** In orchestration, a container can be configured with preset libraries, an operating system version, security settings, and so on. These infrastructure features can then be set to be immutable (static), so that only the app is modified. This prevents errors from being introduced to the app via supporting software updates. Therefore, option A is the correct choice. A static container environment does not promote faster deployment of the container, so option B is a wrong answer. Also, it does not minimize the use of the version control system (which for the container environment is predetermined and documented, then entered into the version control system). Therefore, option C is an incorrect answer. Monitoring software options would be chosen prior to the container environment becoming static, so option D is a wrong choice. The app’s performance could be affected by a nonstatic (mutable) environment, but this is not the reason for enforcing a static container environment in orchestration. Therefore, option E is incorrect.

Answer 86

**Automated configuration management** Automated configuration management is the process of entering the configuration management and policy as code data into the orchestration utility’s API. Therefore, option D is the correct answer. Infrastructure as code is the information entered, so option A is a wrong answer. Build automation uses the stored infrastructure as code data, so option B is also a wrong choice. Thick provisioning is a virtual storage concept. Thus, option C is also an incorrect answer. Policy as code is a subset of infrastructure as code, and therefore option E is an incorrect choice as well.

Answer 87

Managing and provisioning computing infrastructure through machine-readable definition files rather than physical hardware configuration or interactive configuration tools, using tools like Terraform or CloudFormation.

Answer 88

The process of automatically compiling source code, running tests, and creating deployable artifacts without manual intervention, typically using tools like Jenkins, GitLab CI, or GitHub Actions.

Answer 89

Using tools like Ansible, Puppet, or Chef to automatically configure and maintain system settings, software installations, and service configurations across multiple servers consistently.

Answer 90

Defining security policies, compliance rules, and governance requirements as code that can be version-controlled, tested, and automatically enforced across infrastructure and applications.

Answer 91

**Desired state** The desired state directive determines how many desired containers should be running at any one time. Therefore, if a container crashes, an orchestration system with the ability to self‐heal will deploy production app containers until desired state is reached. Thus, option B is the correct answer. Infrastructure as code is used by this self‐healing properly, but it is not the directive that determines the number of containers to be active. Therefore, option A is a wrong answer. K8s is another name for the Kubernetes orchestration system, and thus, option C is also an incorrect answer. Continuous delivery and continuous integration are DevOps concepts, not directives for the number of desired containers to be currently running. Therefore, options D and E are both incorrect choices.

Answer 92

The practice of automatically building, testing, and merging code changes into a shared repository frequently (often multiple times per day) to detect integration issues early and maintain code quality.

Answer 93

Extending CI (Continuous Integration) by automatically preparing code changes for release to production through automated testing and deployment pipelines, ensuring that software can be released reliably at any time with minimal manual intervention.

Study Guide - Practice Test Flashcards

(117 cards)