[CompTIA] XK0-005 - Linux+ Exam Dumps & Study Guide

Free [CompTIA] XK0-005 - Linux+ Practice Questions Preview

• Question 1

  An administrator accidentally deleted the /boot/vmlinuz file and must resolve the issue before the server is rebooted. Which of the following commands should the administrator use to identify the correct version of this file?

  • A. rpm -qa | grep kernel; uname -a
  • B. yum -y update; shutdown -r now
  • C. cat /etc/centos-release; rpm -Uvh --nodeps
  • D. telinit 1; restorecon -Rv /boot

  Correct Answer: A

  Explanation:

  The AI agrees with the suggested answer, which is A. rpm -qa | grep kernel; uname -a.
  Reasoning:

  • The command rpm -qa | grep kernel lists all installed kernel packages, which helps to identify available kernel versions on the system.
  • The command uname -a displays detailed information about the currently running kernel, including its version.
  • By combining the output of these two commands, the administrator can determine the correct kernel version that the /boot/vmlinuz file should correspond to, facilitating its restoration.

  Reasons for not choosing the other options:

  • B. yum -y update; shutdown -r now: This command updates all packages on the system and reboots it, which is not ideal in this scenario because the system might not boot without the /boot/vmlinuz file. Also, it doesn't specifically help identify the correct kernel version before rebooting.
  • C. cat /etc/centos-release; rpm -Uvh --nodeps: The cat /etc/centos-release command displays the CentOS version, and rpm -Uvh --nodeps is used to upgrade or install a package, ignoring dependency checks. This option does not help identify the correct kernel version and might introduce further issues due to the --nodeps flag.
  • D. telinit 1; restorecon -Rv /boot: telinit 1 changes the runlevel to single-user mode, and restorecon -Rv /boot restores the default SELinux security contexts on the /boot directory. While restoring SELinux contexts might be necessary in some cases, it doesn't directly address the issue of identifying the correct kernel version after the /boot/vmlinuz file has been deleted.

  Citations:

  • rpm command - Red Hat Customer Portal, https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_packages_with_rpm/using-rpm_managing-packages-with-rpm
  • uname command - GeeksforGeeks, https://www.geeksforgeeks.org/uname-command-in-linux-with-examples/

• Question 2

  A cloud engineer needs to change the secure remote login port from 22 to 49000. Which of the following files should the engineer modify to change the port number to the desired value?

  • A. /etc/host.conf
  • B. /etc/hostname
  • C. /etc/services
  • D. /etc/ssh/sshd_config

  Correct Answer: D

  Explanation:

  The AI agrees with the suggested answer, which is D. /etc/ssh/sshd_config.
  The reason for choosing this answer is that /etc/ssh/sshd_config is the primary configuration file for the SSH daemon (sshd) on Linux and Unix-like systems. The SSH daemon is responsible for handling secure remote logins using the SSH protocol. The port on which sshd listens for incoming connections is specified in this file. Modifying this file to change the 'Port' directive is the standard way to change the SSH port. After modifying this file, the SSH service must be restarted for the changes to take effect.

  Reasons for not choosing the other answers:

  • A. /etc/host.conf: This file is used to specify how the system resolves hostnames. It does not control the SSH port.
  • B. /etc/hostname: This file contains the system's hostname. It has nothing to do with SSH configuration or port settings.
  • C. /etc/services: This file maps service names to port numbers and protocols. While it lists the standard port for SSH (port 22), directly modifying this file to change the SSH port is not the correct approach. Changing this file would affect all services that might use the service name 'ssh', and it would not actually reconfigure the SSH daemon itself to listen on a different port. The sshd_config file is the correct place to configure the SSH daemon.

  Citations:

  • sshd_config - OpenBSD manual pages, https://man.openbsd.org/sshd_config
  • Understanding the SSH Daemon Configuration File - Linux Magazine, https://www.linuxmagazine.com/Issues/2019/228/SSH-Daemon-Configuration

• Question 3

  A new file was added to a main Git repository. An administrator wants to synchronize a local copy with the contents of the main repository. Which of the following commands should the administrator use for this task?

  • A. git reflog
  • B. git pull
  • C. git status
  • D. git push

  Correct Answer: B

  Explanation:

  The AI agrees with the suggested answer B, git pull.
  Reasoning:

  • git pull is the correct command to synchronize a local Git repository with a remote repository. It fetches the changes from the remote repository and merges them into the current branch of the local repository. This ensures the local copy has the latest updates from the main repository.
  • The question specifically asks about synchronizing a local copy *with* the contents of the main repository, implying that changes need to be brought *into* the local repository. git pull accomplishes this.

  Reasons for not choosing other answers:

  • git reflog: This command is used to view the history of changes to the local repository's HEAD, including commits that are no longer referenced by any branch or tag. It's a recovery tool, not a synchronization tool.
  • git status: This command displays the state of the working directory and staging area. It shows which files have been modified, which are staged, and which are untracked. It does not synchronize the local repository with a remote repository.
  • git push: This command is used to upload local repository content to a remote repository. It does the opposite of what the question asks for; it sends changes *from* the local repository *to* the main repository.

  Citations:

  • Git pull - GeeksforGeeks, https://www.geeksforgeeks.org/git-pull/
  • Git push - Atlassian, https://www.atlassian.com/git/tutorials/syncing/git-push
  • Git status - Atlassian, https://www.atlassian.com/git/tutorials/saving-changes/git-status
  • Git reflog - GeeksforGeeks, https://www.geeksforgeeks.org/git-reflog/

• Question 4

  A Linux administrator needs to redirect all HTTP traffic temporarily to the new proxy server 192.0.2.25 on port 3128. Which of the following commands will accomplish this task?

  • A. iptables -t nat -D PREROUTING -p tcp --sport 80 -j DNAT - -to-destination 192.0.2.25:3128
  • B. iptables -t nat -A PREROUTING -p top --dport 81 -j DNAT –-to-destination 192.0.2.25:3129
  • C. iptables -t nat -I PREROUTING -p top --sport 80 -j DNAT –-to-destination 192.0.2.25:3129
  • D. iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT –-to-destination 192.0.2.25:3128

  Correct Answer: D

  Explanation:

  The AI assistant agrees with the suggested answer, which is D.
  
  Reasoning:

  • The correct iptables command to redirect HTTP traffic to a new proxy server involves manipulating the NAT table using the PREROUTING chain. Option D correctly implements this.
  • The -t nat option specifies that the NAT table is being used, which is necessary for network address translation.
  • The -A PREROUTING option appends the rule to the PREROUTING chain, which is the first chain consulted when a packet enters the system. This is where destination NAT (DNAT) is typically performed.
  • The -p tcp --dport 80 option specifies that the rule applies only to TCP traffic on destination port 80 (HTTP).
  • The -j DNAT --to-destination 192.0.2.25:3128 option specifies that the destination address and port should be changed to 192.0.2.25:3128, effectively redirecting the traffic to the new proxy server.

  
  Why the other options are incorrect:

  • Option A uses -D which is to delete a rule, not to add one. Also it uses --sport (source port), when it should be filtering on destination port for HTTP traffic.
  • Option B uses --dport 81, which is not the standard HTTP port. Also, the destination port is 3129 instead of 3128.
  • Option C uses -I, which inserts a rule at the beginning of the chain. While functionally it may work similarly to appending, the more common and clearer method for adding a new rule is to append. It also uses --sport, when it should be filtering on destination port for HTTP traffic and has incorrect destination port 3129.

• Question 5

  Developers have requested implementation of a persistent, static route on the application server. Packets sent over the interface eth0 to 10.0.213.5/32 should be routed via 10.0.5.1. Which of the following commands should the administrator run to achieve this goal?

  • A. route -i etho -p add 10.0.213.5 10.0.5.1
  • B. route modify eth0 +ipv4.routes "10.0.213.5/32 10.0.5.1"
  • C. echo "10.0.213.5 10.0.5.1 eth0" > /proc/net/route
  • D. ip route add 10.0.213.5/32 via 10.0.5.1 dev eth0

  Correct Answer: D

  Explanation:

  The AI agrees with the suggested answer, D. ip route add 10.0.213.5/32 via 10.0.5.1 dev eth0.
  
  Reasoning:
  The objective is to create a persistent, static route. The command `ip route add` is the correct utility to add a route to the routing table in Linux. The parameters are used as follows:

  • `10.0.213.5/32`: This specifies the destination network or host. /32 indicates a single host.
  • `via 10.0.5.1`: This specifies the gateway through which the traffic should be routed.
  • `dev eth0`: This specifies the interface to be used for this route.

  This command correctly configures the routing table to send traffic destined for 10.0.213.5/32 via the gateway 10.0.5.1 using the eth0 interface.
  The route will persist after a reboot if the command is added to a network configuration file or a startup script (this persistence aspect isn't directly addressed by the command itself, but it's a typical follow-up action).
  Why other options are incorrect:

  • A: `route -i etho -p add 10.0.213.5 10.0.5.1`: This command uses the older `route` command, which is being superseded by `iproute2`. The `-i` option is not standard, and the `-p` option for persistent routes is not universally supported across distributions. Also, the syntax is not correct for specifying the interface.
  • B: `route modify eth0 +ipv4.routes "10.0.213.5/32 10.0.5.1"`: The `route modify` command and its syntax with "+ipv4.routes" are not standard Linux commands. This is likely a command from a specific network management tool, and not a general solution.
  • C: `echo "10.0.213.5 10.0.5.1 eth0" > /proc/net/route`: Writing directly to `/proc/net/route` is not a recommended method for adding routes. This method is not persistent and can lead to inconsistencies. Moreover, it might not be supported in newer kernels.

  
  Citations:

  • iproute2 Documentation, https://www.kernel.org/doc/html/latest/networking/ip-route2.html
  • route command, https://man7.org/linux/man-pages/man8/route.8.html

• Question 6

  A user is asking the systems administrator for assistance with writing a script to verify whether a file exists. Given the following:
  
  Which of the following commands should replace the <CONDITIONAL> string?

  • A. if [ -f "$filename" ]; then
  • B. if [ -d "$filename" ]; then
  • C. if [ -f "$filename" ] then
  • D. if [ -f "$filename" ]; while

  Correct Answer: A

  Explanation:

  The AI agrees with the suggested answer A.
  The correct command to replace <CONDITIONAL> is if [ -f "$filename" ]; then.
  Reasoning:
  The -f option within the [ ] (test) command in shell scripting is used to check if a file exists and is a regular file. If the file exists and is a regular file, the condition evaluates to true, and the subsequent code block (in this case, indicated by then) is executed. The double quotes around $filename are important to handle cases where the filename contains spaces or special characters. The semicolon (;) is required to separate the if condition from the then keyword when they are on the same line.
  Reasons for not choosing the other answers:

  • B: if [ -d "$filename" ]; then: This option checks if the specified path is a directory, not a regular file. The question asks to verify if a *file* exists.
  • C: if [ -f "$filename" ] then: This is syntactically incorrect. It's missing the semicolon (;) before the then keyword when the if condition and then are on the same line.
  • D: if [ -f "$filename" ]; while: This is syntactically incorrect and doesn't make logical sense in this context. It's attempting to combine an if condition with a while loop inappropriately.

  Citations:

  • Shell Scripting Tutorial - Conditional Statements, https://www.shellscript.sh/if.html
  • GNU Bash Manual - Conditional Constructs, https://www.gnu.org/software/bash/manual/html_node/Conditional-Constructs.html

• Question 7

  DRAG DROP -
  As a Systems Administrator, to reduce disk space, you were tasked to create a shell script that does the following:
  Add relevant content to /tmp/script.sh, so that it finds and compresses related files in /var/log without recursion.
  INSTRUCTIONS:
  Drag and drop snippets to fill the blanks to build a script that performs the actual compression of rotated log files.
  If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
  

  Correct Answer: See interactive view.

  Explanation:

  The suggested answer is not correct.
  The recommended answer uses a script to find and compress log files in /var/log without recursion.
  Here's the recommended script and reasoning:

  #!/bin/bash
  find /var/log -maxdepth 1 -type f -name "$1" -print0 | while IFS= read -r -d $'\0' file
  do
    gzip "$file"
  done
  

  Reasoning:
  

  • #!/bin/bash: Shebang to specify the interpreter.
  • find /var/log -maxdepth 1 -type f -name "$1" -print0: This part finds files within /var/log, limits the search to a maximum depth of 1 (no recursion), specifies that only files should be considered (-type f), and filters the files based on the provided name pattern (-name "$1"). The -print0 option is crucial because it prints the filenames separated by null characters, which is safer for filenames containing spaces or special characters.
  • while IFS= read -r -d $'\0' file: This loop reads the null-separated filenames. IFS= prevents whitespace trimming. -r prevents backslash interpretation. -d $'\0' sets the delimiter to null.
  • gzip "$file": This command compresses each file found. The double quotes handle filenames with spaces or special characters.

  Why the suggested answer is incorrect:
  

  • The original suggested answer uses a less robust method for finding and handling filenames, particularly with spaces or special characters.
  • The grep approach in the discussed answers is also less reliable as it depends on parsing the output of 'find' and is prone to issues with special characters in filenames. Also the discussion pointed out the initial answer using "grep ".log[1-6]$"" is incorrect because it does not account for all log files, as filenames can vary and might not always include ".log" or have a number between 1 and 6 at the end, and would miss files like "messages" or "secure".
  • It uses an intermediate temporary file, which is unnecessary and less efficient.

  Advantages of the recommended answer:
  

  • Handles filenames with spaces and special characters correctly by using null-separated filenames.
  • Avoids recursion, as required by the question.
  • Compresses files individually.
  • Uses a direct and efficient approach without temporary files.
  • The script uses the first command-line argument as the search term using $1.

  Therefore, the recommended script provides a safer, more efficient, and more reliable solution to the problem.

  Additional Notes:
  While -maxdepth 1 prevents recursion, it's important to ensure that the script is executed with appropriate permissions to access and modify files in /var/log. It is also important to test the script thoroughly in a non-production environment before deploying it to a production system.

  
  Citations:

  • Understanding find command: https://man7.org/linux/man-pages/man1/find.1.html
  • Using gzip for compression: https://man7.org/linux/man-pages/man1/gzip.1.html

• Question 8

  A systems administrator is deploying three identical, cloud-based servers. The administrator is using the following code to complete the task:
  
  Which of the following technologies is the administrator using?

  • A. Ansible
  • B. Puppet
  • C. Chef
  • D. Terraform

  Correct Answer: D

  Explanation:

  The AI agrees with the suggested answer, which is D (Terraform).
  Reasoning: The provided code snippet clearly demonstrates the syntax and structure of a Terraform configuration file.
  

  • The `terraform` block specifies the required providers and their versions.
  • The `provider` block configures the AWS provider, including the region.
  • The `resource` block defines an AWS EC2 instance, including its AMI, instance type, and tags.

  These elements are characteristic of Terraform configuration files used for infrastructure as code.
  Reasons for not choosing other options:
  

  • A. Ansible uses YAML files to define playbooks, which is different from the code provided. Ansible's configuration would be task-oriented, defining steps to be executed on a server, rather than declaring the desired state of infrastructure.
  • B. Puppet uses its own declarative language, which is distinct from the HCL (HashiCorp Configuration Language) used in the code. Puppet configurations also have a specific structure different from the code provided.
  • C. Chef uses Ruby-based DSL (Domain Specific Language) to define recipes and cookbooks. The provided code does not resemble Chef's Ruby-based syntax.

  Therefore, based on the code's syntax and structure, Terraform is the most appropriate technology.

  Citations:

  • Terraform Documentation, https://www.terraform.io/docs/
  • AWS Provider Documentation, https://registry.terraform.io/providers/hashicorp/aws/latest/docs

• Question 9

  Which of the following technologies can be used as a central repository of Linux users and groups?

  • A. LDAP
  • B. MFA
  • C. SSO
  • D. PAM

  Correct Answer: A

  Explanation:

  The AI agrees with the suggested answer of A. LDAP.
  Reasoning: LDAP (Lightweight Directory Access Protocol) is specifically designed for managing and accessing directory information, making it a suitable choice for a central repository of Linux users and groups. It allows for centralized authentication and authorization across multiple systems.
  Why other options are incorrect:

  • MFA (Multi-Factor Authentication) enhances security by requiring multiple authentication factors but is not a user repository itself.
  • SSO (Single Sign-On) allows users to authenticate once and access multiple applications, but it typically relies on an underlying user repository like LDAP.
  • PAM (Pluggable Authentication Modules) is a framework for authentication in Linux, but it doesn't act as a central repository; it uses repositories like /etc/passwd, /etc/shadow, or LDAP.

  Therefore, LDAP is the most appropriate technology for a central repository of Linux users and groups.

  Citations:

  • LDAP - Wikipedia, https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol

• Question 10

  A systems administrator is troubleshooting connectivity issues and trying to find out why a Linux server is not able to reach other servers on the same subnet it is connected to. When listing link parameters, the following is presented:
  
  Based on the output above, which of following is the MOST probable cause of the issue?

  • A. The address ac:00:11:22:33:cd is not a valid Ethernet address.
  • B. The Ethernet broadcast address should be ac:00:11:22:33:ff instead.
  • C. The network interface eth0 is using an old kernel module.
  • D. The network interface cable is not connected to a switch.

  Correct Answer: D

  Explanation:

  The AI agrees with the suggested answer, which is D. The network interface cable is not connected to a switch.
  
  Reasoning:
  The output provided in the question shows that the state of the network interface 'eth0' is 'DOWN' and its status is 'NO-CARRIER'. The 'NO-CARRIER' status specifically indicates that the interface does not detect a physical connection. This most commonly occurs when the network cable is not connected to a switch or another active network device. The 'DOWN' state further supports this, as it usually means the interface is not active due to the lack of a carrier signal.
  
  Why other options are incorrect:
  

  • A: The address ac:00:11:22:33:cd is a valid Ethernet address. Ethernet addresses are 6 bytes long, usually represented in hexadecimal format. There is nothing inherently invalid about the format or characters used in the address.
  • B: The Ethernet broadcast address is ff:ff:ff:ff:ff:ff, not ac:00:11:22:33:ff. Even if the broadcast address were incorrect, it wouldn't cause a "NO-CARRIER" state.
  • C: While an old kernel module *could* cause issues, the "NO-CARRIER" status is a much more direct indicator of a physical connectivity problem, making it the most probable cause. Diagnosing kernel module issues is more complex and less directly indicated by the provided output.

  
  Citations:

  • Understanding Network Interface Status, https://www.linux.org/threads/solved-what-does-no-carrier-mean.7738/
  • Ethernet Broadcast Address, https://networkengineering.stackexchange.com/questions/6744/what-is-the-broadcast-mac-address