Lunix+ Practice Test
A systems administrator has set up third-party log aggregation agents across several cloud instances. The systems administrator wants to create a dashboard of failed SSH attempts and the usernames used. Which of the following files should be watched by the agents? /var/log/audit/audit.log /var/log/kern.log /var/log/monitor /etc/rsyslog.conf
/var/log/audit/audit.log
A Linux administrator needs to schedule a cron job to run at 1:15 p.m. every Friday to report the amount of free disk space on the system and to send the output to a file named "freespace". Which of the following would meet this requirement? 13 15 * * 5 df > /freespace 15 13 * * 5 df > /freespace 15 1 * * 6 df > /freespace 15 13 6 * * df > /freespace
15 13 * * 5 df > /freespace
Which of the following BEST describes build automation? Automating the creation of software and related processes Automatically categorizing servers in the infrastructure Managing and provisioning servers via automatic templates Bringing systems in line with the desired automated configuration
Automating the creation of software and related processes
Which of the following server roles would assign a host IP address? DHCP NTP DNS SSH
DHCP
A Linux administrator wants to configure log messages of critical or higher severity levels from the cron utility to be logged to the console. Which of the following will accomplish this objective? Edit the /etc/logrotate.d/cron file to include the line cron.emerg.* /dev/console Edit the /etc/rsyslog.conf file to include the line cron.emerg.* /dev/console Edit the /etc/logrotate.conf file to include the line cron.emerg.* /dev/console Edit the /etc/rsyslog.d/conf file to include the line cron.emerg.* /dev/console
Edit the /etc/rsyslog.conf file to include the line cron.emerg.* /dev/console
A junior Linux administrator is optimizing a system in which an application needs to take priority 0 when running the process. The administrator runs the ps command and receives the following output: Given this scenario, which of the following steps will address this issue? Issue the command renice -n 0 -p 8481 Issue the command renice -p 8481 Issue the command renice -p 0 -n 8481 Issue the command renice -n 8481
Issue the command renice -n 0 -p 8481
In which of the following Linux GUI environments would the Konsole application MOST likely be found? Gnome KDE Cinnamon Unity MATE
KDE
Which of the following are Linux desktop managers? (Choose two.) KDE GNOME GUI VNC X11 SPICE
KDE GNOME
An organization wants to consolidate its entire user information in centralized storage using an X.500-based protocol. Which of the following protocols should be used for this implementation? RADIUS LDAP DNS DHCP
LDAP
A junior administrator is migrating a virtual machine from a Type 1 hypervisor to a Type 2 hypervisor. To ensure portability, which of the following formats should the administrator export from the Type 1 hypervisor to ensure compatibility? OWASP VDI VMDK OVA
OVA/OVF Open Virtual Appliance/application Open Virtualization Format
Which of the following boot methods can a Linux administrator use to boot a Linux server remotely via a network interface card instead of a local disk? NTP PXE NFS Kickstart
PXE
A four-drive Linux NAS has been improperly configured. Each drive has a capacity of 6TB, for a total storage capacity of 24TB. To reconfigure this unit to be not pluggable for drive replacement and provide total storage of 11TB to 12TB, which of the following would be the correct RAID configuration? RAID 01 RAID 03 RAID 10 RAID 50
RAID 10
Linux administrator needs to switch from text mode to GUI. Which of the following runlevels will start the GUI by default? Runlevel 3 Runlevel 4 Runlevel 5 Runlevel 6
Runlevel 5 Run Levels: 0 - System halt; no activity, the system can be safely powered down. 1 - Single user; rarely used. 2 - Multiple users, no NFS (network filesystem); also used rarely. 3 - Multiple users, command line (i.e., all-text mode) interface; the standard runlevel for most Linux-based server hardware. 4 - User-definable 5 - Multiple users, GUI (graphical user interface); the standard runlevel for most Linux-based desktop systems. 6 - Reboot; used when restarting the system.
A storage administrator in a virtualized environment has been told by a user that there is no space left on the volume to which the user can write. However, a check reveals that there is 20GB of unused space. Which of the following explains the discrepancy? The drive is not formatted The drive is thin provisioned The drive is thick provision eager zeroed The drive space is overallocated Reveal Solution
The drive is thin provisioned
A technical support engineer receives a ticket from a user who is trying to create a 1KB file in the /tmp directory and is getting the following error: No space left on device. The support engineer checks the /tmp directory, and it has 20GB of free space.Which of the following BEST describes a possible cause for this error? The /tmp directory is not mounted. The filesystem is formatted with a 4MB block size. The filesystem ran out of inodes. The /tmp directory has been set with an immutable attribute.
The filesystem ran out of inodes.
An administrator has written the following Bash script: [SEE IMAGE] All necessary files exist in the correct locations. However, when the administrator executes /home/user/test.sh the following error is received: No such file or directory -Which of the following is the MOST likely cause of the error? The shebang points to the wrong path. The script is not executable. The formatting of the file is incorrect. Nslookup is not installed.
The shebang points to the wrong path.
Which of the following is the purpose of the monitoring server role? To aggregate web traffic to watch which websites employees are visiting To collect status and performance information about the servers in an environment To provide user authentication services to a network To provide real-time analysis of potential threats to the organization
To collect status and performance information about the servers in an environment
Which of the following is a difference between YAML and JSON? Users can comment in YAML but not in JSON JSON only uses curly brackets, while YAML only uses square brackets JSON is used in web development, while YAML is used solely in back-end systems. YAML has been deprecated for JSON.
Users can comment in YAML but not in JSON
Which of the following BEST describes the purpose of the X11 system? X11 provides graphical display capabilities X11 provides command line capabilities X11 provides networking capabilities X11 provides telephony capabilities.
X11 provides graphical display capabilities
A user wants to use terminal services from a Windows workstation to manage a Linux server. Which of the following should be installed on the Linux server to enable this functionality? VNC rdesktop SPICE XRDP
XRDP
A systems administrator needs to retrieve specific fields from a CSV file. Which of the following tools would accomplish this task? awk sort print echo
awk
A Linux administrator wants to fetch a Git repository from a remote Git server. Which of the following is the BEST command to perform this task? git checkout git clone git merge git config
git clone
A Linux administrator looks at the /etc/timezone file and determines the need to change the time zone from California to New York temporarily. Which of the following commands will accomplish this? sed -f TZ=America/New_York cat TZ=America/New_York export TZ=America/New_York printf TZ=America/New_York
export TZ=America/New_York
Which of the following is modified to reconfigure the boot environment? grub-mkconfig grub.cfg update-grub grub2-mkconfig
grub.cfg
A Linux administrator opens a ticket to have an external hard drive mounted. As a security policy, external storage kernel modules are disabled.Which of the following is the BEST command for adding the proper kernel module to enable external storage modules? rmmod /lib/modules/3.6.12-100-generic/kernel/drivers/usb/storage/usb-storage.ko modinfo /lib/modules/3.6.12-100-generic/kernel/drivers/usb/storage/usb-storage.ko depmod /lib/modules/3.6.12-100-generic/kernel/drivers/usb/storage/usb-storage.ko insmod /lib/modules/3.6.12-100-generic/kernel/drivers/usb/storage/usb-storage.ko
insmod /lib/modules/3.6.12-100-generic/kernel/drivers/usb/storage/usb-storage.ko
An administrator needs to look at a log for an application on a systemd-based system. There is no log for this application in /var/log. Which of the following is another way to view the application log on this system? tail -f /var/log/secure journalctl -u application systemctl application.service watch /var/lib/application/
journalctl -u application
An administrator has modified the configuration file for a service. The service is still running but is not using the new configured values. Which of the following will BEST remediate this issue? kill -HUP init 0 service start renice -10
kill -HUP
Which of the following commands would show the default printer on a Linux system? lpr lpq lpstat lspci
lpq
A user attempts to use the mount -a command but gets the following error: mount: mount point /mnt/test does not existWhich of the following commands best describes the action the Linux administrator should take NEXT? mount -a /mnt/test mkdir -p /mnt/test mdadm -p /mnt/test mkfs /mnt/test touch /mnt/test
mkdir -p /mnt/test
A junior administrator needs to unload an older video kernel module. Which of the following commands would BEST accomplish this task? modprobe insmod rmmod chmod depmod
modprobe
An administrator is analyzing a Linux server which was recently hacked. Which of the following will the administrator use to find all unsuccessful login attempts? nsswitch faillock pam_tally2 passwd
pam_tally2
A Linux administrator is helping the security team troubleshoot an SELinux policy violation incident. Which of the following would be the BEST utility command to display SELinux violation and AVC denial messages? journalctl | grep sealert sealert -a /var/log/audit/audit.log aureport | grep AVC cat /var/log/messages | grep selinux
sealert -a /var/log/audit/audit.log
A Linux administrator attempts to install the package newprogram.x86_64.rpm using a package manager. The administrator receives a warning indicating the command that was run was using a deprecated package manager. Which of the following commands should the administrator use to avoid the warning and install the newprogram.x86_64.rpm program? # dnf install newprogram.x86_64.rpm # rpm -e newprogram.x86_64.rpm # dpkg -i newprogram.x86_64.rpm # apt-get install newprogram.x86_64.rpm
# dnf install newprogram.x86_64.rpm rpm -e = erase package
A user wants to list the lines of a log, adding a correlative number at the beginning of each line separated by a set of dashes from the actual message. Which of the following scripts will complete this task? #! /bin/bash LOG='/var/log/auth.log' nrlines=0 while read LINE do nrlines=$ ((nrlines + 1)) echo $nrlines --- ${LINE} done < ${LOG} #! /bin/bash LOG='/var/log/auth.log' nrlines=0 while read LINE do NRLINES=`$nrlines ++ 1` echo $nrlines --- ${LINES} done #! /bin/bash LOG='/var/log/auth.log' nrlines=0 while read LINE do nrlines=`expr nrlines + 1` echo $nrlines --- ${LINE} done < ${LOG} #! /bin/bash LOG='/var/log/auth.log' nrlines=0 while read LINE do nrlines=$ (nrlines + 1) echo $nrlines --- ${LINE} done < ${LOG}
#! /bin/bash LOG='/var/log/auth.log' nrlines=0 while read LINE do nrlines=$ ((nrlines + 1)) echo $nrlines --- ${LINE} done < ${LOG}
In which of the following directories is the vmlinuz file located? /boot /etc /bin /proc
/boot
On a UEFI-based system, which of the following invokes GRUB2 from the EFI command prompt? boot//EFI/grub2.efi EFI/grub2.efi /boot/EFI/grub2.efi /grub2.efi
/boot/EFI/grub2.efi
A systems administrator received a request to change the hostname to a new name. Which of the following file configurations should be changed to fix the hostname in the server? /etc/sysconfig/network /etc/hosts /etc/resolv.conf /etc/sysconfig/nsswitch.conf
/etc/hosts
A security administrator wants to display a warning banner before a user logs in. Which of the following files must be edited to make this happen? /etc/services /etc/issue /etc/hosts /etc/motd
/etc/issue
An administrator needs to change the DNS domain search order of a single Linux host to localize it better. Which of the following files should the administrator edit? /etc/resolv.conf /etc/hosts /etc/nsswitch.conf /etc/dhcpd.conf
/etc/nsswitch.conf
A Linux administrator tries to ping a hostname in a network but receives the message: hostname not found. The administrator is sure the name exists on the network and wants to verify if the DNS server is correctly configured on the client. Which of the following files should the administrator use to verify this information? /etc/named.conf /etc/resolv.conf /etc/nsswitch.conf /etc/network
/etc/resolv.conf
A corporate server security policy states, "Ensure password hashes are not readable by non-administrative users." The administrator should check the permissions on which of the following files to ensure the server satisfies this policy? /etc/shadow /etc/passwd /etc/group /etc/security/limits.conf
/etc/shadow
A new user has been added to a Linux machine. Which of the following directories would contain the user's default files? /etc/login.defs /etc/passwd /etc/skel /etc/inittab
/etc/skel
An administrator needs to see the type of CPU that a server is running. Which of the following files contains this information? /proc/cpuinfo /etc/devices/info.conf /dev/proc/cpu /sys/dev/cpuinfo
/proc/cpuinfo
A junior systems administrator is creating a cron job. The cron job requirements are as follows: ✑ Run the hello.sh script every hour (24 times in one day). ✑ Run it on Monday only. Given this scenario, which of the following crontab options should be configured to meet these requirements? 0 *** 1 hello.sh 0 24 ** Monday hello.sh 24 *** Monday hello.sh 1 *** 0 hello.sh
0 *** 1 hello.sh Just as it hits 0 minutes in the day, cron job runs the task. For example, 00:00, 01:00, 02:00 and so on. If it hits 0 minute 24 times, that takes care of every hour in the day. (If not every hour then it would have been *) The 1 in 5th position represent Monday. You can use 1 or mon but not Monday.
SCENARIO DRAG DROP: You have been asked to parse a log file of logins to determine various information about who is logging in and when. INSTRUCTIONS: Open and inspect the Login log file.Drag and drop the correct commands onto the output that was generated from that command. Tokens can be used only once and not all will be used. [SEE IMAGE]
1) grep "Mar 13" lastlog 4) tr "[A-Z]" "[a-z]" < lastlog | grep -i "mar 12" 5) awk '{print $1}' lastlog | sort | uniq
A systems administrator is implementing disk quotas on /home. During the process, the administrator receives the following error:Cannot find filesystem to check or filesystem not mounted with user quota option.Which of the following is the correct order of steps the administrator should follow to resolve this error? 1. Verify if /home has quotas enabled in /etc/fstab and, if not, enable it. 2. Remount /home. 3. Create the quota database files and generate the disk usage table. 4. Assign user quota policies. 1. Create the quota database files and generate the disk usage table. 2. Verify if /home has quotas enabled in /etc/fstab and, if not, enable it. 3. Remount /home. 4. Assign user quota policies. 1. Verify if /home has quotas enabled in /etc/fstab and, if not, enable it. 2. Create the quota database files and generate the disk usage table. 3. Remount /home. 4. Assign user quota policies. 1. Assign user quota policies. 2. Verify if /home has quotas enabled in /etc/fstab and, if not, enable it. 3. Create the quota database files and generate the disk usage table. 4. Remount /home.
1. Verify if /home has quotas enabled in /etc/fstab and, if not, enable it. 2. Remount /home. 3. Create the quota database files and generate the disk usage table. 4. Assign user quota policies.
Using which of the following control mode commands is the correct way to substitute all occurrences of /dev/sdc with /dev/sdd while editing a file in vi? :s//dev/sdc//dev/sdd :s/\/dev\/sdc/\/dev\/sdd/g :s/\/dev\/sdc/\/dev\/sdd :%s/\/dev\/sdc/\/dev\/sdd
:%s/\/dev\/sdc/\/dev\/sdd
A systems administrator wants to disable the Linux Kernel WatchDog Timer Driver for security purposes. Which of the following will accomplish this task? Add blacklist watchdog to the /etc/modprobe.d/blacklist file. Rename the /etc/modprobe.d/watchdog file to watchdog.off instead. Remove the watchdog=1 from the /usr/modules/watchdog.conf file. Add watchdog=0 to the /etc/modprobe.conf file.
Add blacklist watchdog to the /etc/modprobe.d/blacklist file.
A Linux administrator has installed a web application firewall in front of a web server running on HTTP port 8080 and successfully started the HTTP server. However, after opening the application URL in an Internet browser, the administrator discovered that the application does not work. The administrator performed the following diagnostic steps: Output of sysctl -a command: [SEE IMAGE] Output of iptables -L: ChainINPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:wecache Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere dpt:wecache Chain OUTPUT (policy ACCEPT) target prot opt source destination Output of netstat -n | top | grep "8080": tcp 0.0.0.0:8080 0.0.0.0* Listen 12801/httpd Which of the following is the NEXT step the administrator should perform to permanently fix the issue at the kernel level? sysctl -w net.ipv4.ip_forward=1 then run sysctl -w /etc/sysctl.conf to enable the change Edit /etc/sysctl.conf file and add net.ipv4.ip_forward = 1 then run sysctl -p /etc/sysctl.conf to enable the change Add iptables rule iptables -A INPUT -m state --state NEW -p tcp --dport 8080 -j then restart httpd daemon Add iptables rule iptables -A FORWARD-m state --state NEW -p tcp --dport 8080 ""j ACCEPT then restart httpd daemon
Add iptables rule iptables -A FORWARD-m state --state NEW -p tcp --dport 8080 ""j ACCEPT then restart httpd daemon
A junior systems administrator has generated a PKI certificate for SSH sessions. The administrator would like to configure authentication without passwords to remote systems. Which of the following should the administrator perform? Add the content of id_rsa.pub file to the remote system ~/.ssh/authorized_keys location. Add the content of id_rsa file to the remote system ~/.ssh/authorized_keys location. Add the content of id_rsa file to the remote system ~/.ssh/known_hosts location. Add the content of id_rsa.pub file to the remote system ~/.ssh/known_hosts location.
Add the content of id_rsa.pub file to the remote system ~/.ssh/authorized_keys location.
All users are reporting that they cannot connect to the SFTP server. The administrator runs a scan: [SEE IMAGE] Which of the following would allow the administrator to fix the problem? Allow SFTP connections on port 22 using /etc/sysconfig/iptables. Allow SFTP connections on port 20 and 21 using /etc/sysconfig/iptables. Allow SFTP connections on port 25 using /etc/sysconfig/iptables. Allow SFTP connections on port 1456 using /etc/sysconfig/iptables.
Allow SFTP connections on port 22 using /etc/sysconfig/iptables.
Users are unable to connect to a server using HTTPS. The administrator runs the following command on the remote system: [SEE IMAGE] Then, the administrator runs the following command from a local workstation: $ nmap PORT STATE 80 open 443 closed 22 open Which of the following steps should the administrator take to address the issue? Start the application to run on port 443 Configure the application to run on an active port Allow port 443 through the firewall Update the self-signed certificate
Allow port 443 through the firewall
An administrator is installing a Linux VM on a personal hypervisor. The administrator wants to have the VM's IP address on the same network as the hypervisor host so the VM has the same network properties as the physical interface of the host. To which of the following should the administrator set the network properties? Host-only network NAT network Bridge network Overlay network
Bridge network
A company wants to provide internal identity verification services for networked devices. Which of the following servers should be installed? SSH VPN CA DHCP DNS
CA
A junior systems administrator created a new filesystem /dev/sda1 with mountpoint /data and added it to the /etc/fstab for auto-mounting. When the systems administrator tries to mount the file system, the system refuses. Given the output below: [SEE IMAGE] Which of the following steps is necessary? Change the filesystem from /dev/sda1 to /dev/sda2 and reboot. Change the options to auto,dev,sync,rw,nosuid and run the mount -a command. Change the mount point to data and reboot. Change the dump column to 1 and run the mount -a command.
Change the options to auto,dev,sync,rw,nosuid and run the mount -a command.
Ann, a user, has created a new directory and noticed that permissions on the new directory are as follows: drwx------. 1 ann ann 0 Jun 11 08:20 workWhich of the following should the administrator do to restore default permissions for newly created directories? Change umask value in /etc/profile. Run chmod command to update permissions. Modify directory ownership to ann:ann with chown. Execute chattr command to restore default access.
Change umask value in /etc/profile.
A Linux systems administrator is implementing Source Code Management for the web application server configuration files located in /etc/httpd/. Which of the following steps should the administrator perform FIRST? Clone the remote repository using "˜git clone' Create a new repository using "˜git init' Retrieve the remote changes using "˜git commit' Configure the directory for git using "˜git config'
Create a new repository using "˜git init'
During the final step of staging new Linux hardware, GRUB2 is installed to the system drive. Which of the following BEST describes the role of GRUB2 in a newLinux installation? It provides a menu for creating administrator task shortcuts. It provides a menu for running special shell scripts. It provides a method to partition a hard drive. It provides a method to pass parameters to the Linux kernel on startup.
It provides a method to pass parameters to the Linux kernel on startup.
An administrator needs to deploy 100 identical CentOS workstations via PXE boot. Which of the following should the administrator use to minimize the amount of interaction with the consoles needed? Kickstart script Ghost image on a distribution server Hard disk duplicator Hard disk duplicator Ubiquity script
Kickstart script
A junior administrator is configuring local name lookups for fully qualified domain names in an isolated environment. The administrator is given a checklist and must accomplish the following tasks: ✑ Add localhost with loopback address. ✑ Add 192.168.192.12/24 to resolve to database01.comptia.org Given this scenario, which of the following steps should the administrator perform to accomplish these tasks? Open the /etc/nsswitch.conf file with a file editor and add the following lines: 127.0.0.1 localhost 192.168.192.12 database01.comptia.org Open the /etc/dhcpd.conf file with a file editor and add the following lines: 127.0.0.1 localhost 192.168.192.12 database01.comptia.org Open the /etc/hosts file with a file editor and add the following lines: 127.0.0.1 localhost 192.168.192.12 database01.comptia.org Open the /etc/network file with a file editor and add the following lines: 127.0.0.1 localhost 192.168.192.12 database01.comptia.org
Open the /etc/hosts file with a file editor and add the following lines: 127.0.0.1 localhost 192.168.192.12 database01.comptia.org
A Linux administrator is adding a static IP address to a network interface on a Linux system. The administrator modifies the ifcfg- eth0 configuration file with the following settings: [SEE IMAGE] After the administrator restarts the Linux server, the system is not connected to the network. Which of the following configuration settings needs to be changed? Set BOOTPROTO to BOOTP and USERCTL to yes. Set BOOTPROTO to NONE and ONBOOT to yes. Set USERCTL to yes and ONBOOT to no. Set NETMASK to 255.255.0.0 and ONBOOT to yes.
Set BOOTPROTO to NONE and ONBOOT to yes.
An analyst is trying to determine which public IP addresses are managed by Company A, but the script is not working correctly. [SEE IMAGE] Which of the following explains what is wrong with the script? $(cat ip-list.txt) should be changed to `cat ip-list.txt` in the for statement. The for should be changed to while in the loop. The > should be changed to 2> in the do statement. The -ne flag should be changed to -eq in the if statement.
The -ne flag should be changed to -eq in the if statement.
SCENARIO HOTSPOT: After installing a new web server, you are unable to browse to the default web page. INSTRUCTIONS: Review all the command output and select the command needed to remediate the issue. [SEE IMAGE]
systemctl restarg nginx
An administrator is troubleshooting an application that has failed to start after the server was rebooted. Noticing the data volume is not mounted, the administrator attempts to mount it and receives this error: [root@localhost comptia]# mount /dev/datavg/datalv /data mount: special device /dev/datavg/datalv does not exist Upon checking the logical volume status, the administrator receives this information: [SEE IMAGE] Which of the following can be said about the data logical volume, and how can this problem be resolved? The logical volume is not active. The administrator should make it active with lvchange -ay /dev/datavg/datalv and then mount it. The logical volume file system has become corrupted. The administrator should repair it with xfs_repair /dev/datavg/datalv and then mount it. The logical volume is OK but the /dev special files are missing. The administrator should recreate them by running /dev/MAKEDEV. The file system is read-only. The administrator should remount it as read-write with the command mount -o remount.rw /data.
The logical volume is not active. The administrator should make it active with lvchange -ay /dev/datavg/datalv and then mount it.
The development team has automated their software build process so each time a change is submitted to the source code repository, a new software build is compiled. They are requesting that the Linux operations team look into automating the deployment of the software build into the test environment. Which of the following is the benefit to the development team for implementing deployment automation? To ensure the build commits are also deployed to the test environment To enable notifications when builds are deployed to the test environment To ensure software builds in test are not accidentally deployed to production To streamline the deployment process for deploying builds into test environments
To streamline the deployment process for deploying builds into test environments
Which of the following is true about Type 2 hypervisors? Type 2 hypervisors run on top of another general purpose OS. Type 2 hypervisors are often called bare-metal or native hypervisors. Type 2 hypervisors offer a performance increase to the guests in comparison to a Type 1 hypervisor. Only Type 2 hypervisors allow direct access to CPU virtualization features.
Type 2 hypervisors run on top of another general purpose OS.
A Linux systems administrator is setting up SSH access with PKI for several using their newly created RSA keys. Which of the following MOST securely achieves this task? Use curl to copy each user's public key file to the respective system Use cp to copy each user's public key file to the respective system Use ssh-copy-id to copy each user's public key file to the respective system Use ssh-copy-id to copy each user's private key file to the respective system
Use ssh-copy-id to copy each user's public key file to the respective system
A system ran out of storage space on a particular mount and will not allow anything to be written to disk. The df command shows there are 6GB free on the mount, and there is no inode exhaustion. This issue has happened before due to a known large log file that was not being rotated. The administrator remembers the file name but cannot remember the location of the log file or which process is writing to it. Which of the following would be the BEST solution to correct this issue while maintaining availability? Use the lsof command to find where the large log file is located and truncate it Use the locate command to find where the large log file is located and delete it Use the du command to find where the large log file is located and delete it Use the ps command to find which process is writing to the log file, and then kill and restart the process
Use the ps command to find which process is writing to the log file, and then kill and restart the process
A junior systems administrator is tasked with providing the network_administrators group the ability to perform sudo without prompting for a password.Which of the following steps should the administrator perform to accomplish this task? (Choose two.) Use visudo to edit the /etc/sudoers file and add network_administrators to the "wheel" group Use vi to edit the /etc/sudo file and add network_administrators to the "wheel" group Provide all network_administrators with the "root" account password Add the network_administrators ALL=(ALL) NOPASSWD: ALL directive to the /etc/sudoers file Add the network_administrators =(ALL) NOEXEC: ALL directive to the /etc/sudoers file
Use visudo to edit the /etc/sudoers file and add network_administrators to the "wheel" group Add the network_administrators ALL=(ALL) NOPASSWD: ALL directive to the /etc/sudoers file
Which of the following would allow remote users to access a corporate server? (Choose two.) VPN server SMTP server NTP server SSH server DHCP server File server
VPN server SSH server
A systems administrator has scheduled a system update for a server. The update includes a resynchronization of the package database and updates to the current packages and the system distribution packages. Which of the following commands contains the proper order of this update? apt-get upgrade, apt-get dist-upgrade, apt-get update apt-get update, apt-get upgrade, apt-get dist-upgrade apt-get dist-upgrade, apt-get upgrade, apt-get update apt-get update, apt-get dist-upgrade, apt-get upgrade
apt-get update, apt-get upgrade, apt-get dist-upgrade
An administrator wants to know the amount of memory installed on a Linux server. Which of the following commands can be used to accomplish this task? cat /sys/proc/meminfo cat /proc/meminfo cat /proc/sys/meminfo cat /sys/meminfo
cat /proc/meminfo
A systems administrator installs a simple package, but the Linux system returns the following error: rpmdb open fails. To verify if there is a problem in theRPM database, the systems administrator runs the following command: [SEE IMAGE] Which of the following commands should the systems administrator run NEXT to resolve this issue? cd/var/lib/rpm; rpm --rebuilddb ; rm -f _db*; yum clean all cd/var/lib/rpm; rpm -qd; rpm --rebuilddb; yum clean all cd/var/lib/rpm; rpm -qa; rm -f _db*; yum clean all cd/var/lib/rpm; rm -f _db*; rpm --rebuilddb; yum clean all
cd/var/lib/rpm; rm -f _db*; rpm --rebuilddb; yum clean all
Ann, a Linux administrator, wants to edit a configuration management file. When she opens the file to edit, her text editor reports that the file has been opened in read-only mode. She then tries to edit the file as root by elevating via sudo and is still unable to save any changes. The error message in her text editor says that the read-only option is set on the file. Ann checks the permissions on the file and sees the following: -rw-rw-r-- 1 root wheel 30 Jun 13 15:38 infrastructure.yml Which of the following commands is the BEST option to allow her to successfully modify the file? chmod 600 infrastructure.yml chown root: infrastructure.yml chattr -i infrastructure.yml chmod o+w infrastructure.yml
chattr -i infrastructure.yml
A Linux administrator installed a new network adapter and temporarily disabled the network service from starting on boot. The partial output of chkconfig is as follows: network 0:off 1:off 2:off 3:off 4:off 5:off 6:off Which of the following commands BEST describes how the administrator should re-enable the network service? chkconfig --level 0 network on chkconfig --level 0-6 network on chkconfig --level 6 network on chkconfig --level 12 network on chkconfig --level 345 network on
chkconfig --level 345 network on 345 - runlevels that the service will be enabled for by default.
A junior Linux administrator needs to ensure a service will start on system boot. Which of the following commands should be used to accomplish this task? chkconfig <service> on systemctl <service> bootup service <service> enable crontab install <service>
chkconfig <service> on
SCENARIO SIMULATION -After installing a new web server, you are unable to browse to the default web page. INSTRUCTIONS -Review all the command output and select the command needed to remediate the issue. [SEE IMAGE]
systemctl restart nginx
A Linux user wants to give read-only permissions to a directory and its contents. Which of the following commands will allow the user to accomplish this task? chmod -R 400 /new_directory/ chmod -R 600 /new_directory/ chmod 400 /new_directory/ chmod 600 /new_directory/
chmod -R 400 /new_directory/
An administrator notices a directory on a web server named /var/www/html/old_reports that should no longer be accessible on the web. Which of the following commands will accomplish this task? chmod 000 /var/www/html/old_reports chgrp root /var/www/html/old_reports chown apache /var/www/html/old_reports setenforce apache /var/www/html/old_reports
chmod 000 /var/www/html/old_reportsg
Joe, a member of the accounting group on a Linux system, is unable to write a file called "taxes" in the accounting shared directory. The ownership and permissions on the directory and file are as follows: accounting drwxrw-r-- user = ann, group = accounting taxes -rw-r--r-- , user = ann, group = accountingWhich of the following commands would allow Joe to write to the file? (Choose two.) chmod g+x accounting chmod 777 taxes chgrp taxes accounting chgrp accounting taxes chmod 774 accounting chmod u+x accounting
chmod 777 taxes chmod 774 accounting
A member of the production group issues the following command: echo "Monday through Friday" > /production_docs/daysThe command fails to execute, so the user obtains the following output: drwxr--r-- root production 0 Jun 16 2018 production-rw-r--r-- production production 4096 Jun 14 2018 daysWhich of the following commands should the user execute to BEST fix the issue? chmod g+w production to change the permissions of the days file chgrp root production_docs/days to change the group ownership of the production_docs/days file chmod g+S production to set the GUID on the production_docs directory chown production to change the ownership of the production_docs directory
chown production to change the ownership of the production_docs directory The production group member is not allowed to modify the file because the owner of the directory is root and for group production is missing execute permission which is allowing to see inside directory and reach to file: -rw-r--r-- . Solution: change the directory owner from root to production or add execute permission to production group.
A raw VM image is being compressed with bzip2 and copied to a flash drive at /dev/hdb for off-site use by the marketing department. Which of the following command lines accomplishes this task? mv /vm/mkgt.img | bzip2 /dev/hdb/mkgt.img.bz2 bzip2 -c /vm/mktg.img | dd of=/dev/hdb cp /vm/mktg.img | bzip2 /dev/hdb/mktg.img.bz2 cp -a -r /vm/mktg.img bzip2 /dev/hdb/mktg.img.zip
cp /vm/mktg.img | bzip2 /dev/hdb/mktg.img.bz2
A systems administrator wants to download a package from a remote server. Which of the following are the BEST commands to use for this task? (Choose two.) curl wget make tar zip nc
curl wget
An administrator needs a bootable USB for installing a new Linux machine. The administrator downloaded the image file and named it as Linux_OS.iso in the / tmp directory. Which of the following commands will accomplish that task? dd input=/tmp/Linux_OS.iso of=/dev/sda bs=512 dd in=/tmp/Linux_OS.iso out=/dev/sdb bs=512 dd if=/tmp/Linux_OS.iso of=/dev/sda bs=512 dd if=/tmp/Linux_OS.iso out=/dev/sdb1 bs=512
dd if=/tmp/Linux_OS.iso of=/dev/sda bs=512
Joe, a user, reports that he is no longer able to write files to his home directory. Upon inspection, the Linux administrator discovers that attempting to create a new file gives the following error: No space left on device. However, the disk and partition are not full. Which of the following commands would be BEST for the administrator to use to continue troubleshooting this problem? rm -Rf ~/.* fsck -y /dev/sda1 df -i fdisk /dev/sda
df -i
An administrator is logged into a server remotely and wants to determine if the system is a VM. Which of the following commands would assist with this? dmesg ps top vmstat
dmesg sudo dmesg | grep -i hypervisor
A user issues the following command: ls -l /var/log | egrep -e "˜^d[rwx]{3}.*[rw-]{3}.*' The list of files in the system is shown below: [SEE IMAGE] Which of the following results matches the command issued? drwxr-x--- 2 root adm 4096 Apr 25 14:41 unattended-upgrades drwxr-x--- 2 root adm 4096 Apr 25 15:41 attended-upgrades drwxr-xr-x 2 root root 4096 Apr 24 08:36 apt drwxr-xr-x 2 root root 4096 Apr 9 14:25 dist-upgrade drwxr-x--- 2 root adm 4096 Apr 25 14:41 unattended-upgrades drwxr-xr-x 2 root root 4096 Apr 24 08:36 apt drwxr-xr-x 2 root root 4096 Apr 9 14:25 dist-upgrade drwxr-x--- 2 root adm 4096 Apr 25 15:41 attended-upgrades -rw-r--r-- 1 root root 2877 Apr 24 14:14 alternatives.log -rw-r--r-- 1 syslog adm 246139 Jun 12 15:21 cloud-init.log -rw-r--r-- 1 root root 8872 Jun 12 15:21 cloud-init-output.log
drwxr-x--- 2 root adm 4096 Apr 25 14:41 unattended-upgrades drwxr-x--- 2 root adm 4096 Apr 25 15:41 attended-upgrades
A Linux systems administrator is troubleshooting an issue with the /home directory running out of space. The administrator needs to determine which /home directories are using the most space. Which of the following commands should be used? du lvs df fsck
du
A Linux engineer is troubleshooting a newly added SCSI device for a Linux server that needed more disk space without rebooting. The engineer discovers that the new device is not visible by the Linux kernel in fdisk -l output. Which of the following commands should be used to rescan the entire SCSI bus? echo "- - -" > /sys/class/scsi_host/host0/scan echo ' ' > /sys/class/scsi_host/host0/scan echo "- - -" > /sys/scsi/scsi_host/host0/scan echo "scan" > /sys/class/scsi_host/host0/scan
echo "- - -" > /sys/class/scsi_host/host0/scan
An administrator is reviewing updates in the master online Git repository and notices a file named .htaccess. The file contains passwords and should only be in the administrator's local repository, not the online one. Which of the following would prevent this file from appearing online in the future? git commit -m "File Update" -x .htaccess sed -i 's/#Preserve Hidden=True/Preserve Hidden=True/g' .git/config chown nobody:nodoby .htaccess echo ".htaccess" >> .gitignore
echo ".htaccess" >> .gitignore
Users in the payroll department are not configured to use DNS due to security concerns. The users ask the junior Linux administrator to configure their workstations to access the payroll server at 192.168.204.11 by the name "Payroll". Which of the following commands should the administrator issue to meet this request? echo "nameserver 192.168.204.11 #Payroll" >> /etc/resolv.conf echo "net.ipv4.ip_dynaddr=192.168.204.11 Payroll" >> /etc/sysctl.conf echo "192.168.204.11 Payroll" >> /etc/hosts echo "˜IPADDR="192.168.204.11" #Payroll' >> /etc/network/interface
echo "192.168.204.11 Payroll" >> /etc/hosts
SIMULATION: Find the file named core and remove it from the system. INSTRUCTIONS: Type "help" to display a list of available commands.If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Linux Shell -
find / -type f -name core -exec rm -f core {} \;
SCENARIO DRAG DROP: As a Systems Administrator, to reduce disk space, you were tasked to create a shell script that does the following: Add relevant content to /tmp/script.sh, so that it finds and compresses rotated files in /var/log without recursion. INSTRUCTIONS: Fill the blanks to build a script that performs the actual compression of rotated log files. [SEE IMAGE]
find /var/log -type 1 | grep "$1" > /tmp/tempfile for filename in $(cat /tmp/tempfile) do gzip $filename done
A user has been locked out of an account due to too many failed password attempts. Which of the following commands will unlock the user's account? pam_tally2 --user=user --reset passwd -u user -G root usermod -u user -G root chage -1 user=user --reset
pam_tally2 --user=user --reset
A systems administrator needs to allow the Linux server to receive HTTP connections from Internet hosts. By default, the port for HTTP connections is blocked.Which of the following rules should be added in the firewall to allow this type of connection? firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --zone=internal --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=internal --add-port=443/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent
An administrator has a CSV file named hosts.csv. The contents of hosts.csv include the following: 192.168.2.57,lnx1prd.example.com,Linux,Production 192.168.2.58,lnx2prd.example.com,Linux,Production 192.168.1.4,server15.example.com,Windows,Development The administrator needs to create a second comma-separated list of only the Linux server IP addresses. Which of the following commands would achieve this need? for ip in $(grep "Linux" hosts.csv | cut -d"," -f1); do echo -n "$ip,"; done for ip in $( cut -d"," -f1 hosts.csv | grep "Linux"); do echo -n "$ip,"; done for ip in $(grep "Linux" hosts.csv | sed "/$1//'); do echo -n "$ip,"; done for ip in $(awk -F, "˜{print $1}' hosts.csv | grep "Linux"); do echo ""n "$ip,"; done
for ip in $(grep "Linux" hosts.csv | cut -d"," -f1); do echo -n "$ip,"; done
An issue was discovered on a testing branch of a Git repository. A file was inadvertently modified and needs to be reverted to the master branch version. Which of the following is the BEST option to resolve the issue? git branch -b master file git merge master testing git stash branch master git checkout master -- file
git checkout master -- file
A junior Linux administrator is performing version control on a Git repository. The administrator is given a list of tasks to complete: ✑ List the currently installed Git release. ✑ Show the status reporting of the clone. Which of the following commands would allow the administrator to complete these tasks? (Choose two.) git clone --progress git clone --recursive git --help git clone --dissociate git --version git clone --shared
git clone --progress git --version
An engineer is working on a production application deployment that requires changing a web application property file called server.property that is managed by the Git version control system. A cloned copy of the remote repository in which the server.property file exists is on the local desktop computer. The engineer makes appropriate changes to the files, saves it as server.property, and executes git commit -m "changed the property file" server.property. Which of the following commands did the engineer fail to perform? git init server.property git merge server.property git add server.property git push server.property
git push server.property
A Linux administrator is restoring the SELinux contexts on an entire system. Which of the following commands is the BEST option to complete this task? setenforce 0 && reboot setfacl -bR / && reboot touch /.autorelabel && reboot restorecon / && reboot
restorecon / && reboot
A Linux administrator needs to configure a new firewall without an existing ACL to allow incoming web traffic. The firewall must log the allowed network traffic. Which of the following command sequences would accomplish this task when they are executed in order? iptables -A INPUT -p tcp --dport 80 -J LOG iptables -A INPUT -p tcp --dport 443 -J LOG iptables -I INPUT -p tcp --dport 80 -J ACCEPT iptables -I INPUT -p tcp --dport 443 -J ACCEPT iptables -I INPUT -m multiport -p tcp --dports 80,443 -J LOG iptables -I INPUT -m multiport -p tcp --dports 80,443 -J ACCEPT iptables -A INPUT -m multiport -p tcp --dports 80,443 -J LOG iptables -A INPUT -m multiport -p tcp --dports 80,443 -J ACCEPT iptables -A INPUT -p tcp --dport 80 -J ACCEPT iptables -A INPUT -p tcp --dport 443 -J ACCEPT iptables -A INPUT -p tcp --dport 80 -J LOG iptables -A INPUT -p tcp --dport 443 -J LOG
iptables -A INPUT -p tcp --dport 80 -J LOG iptables -A INPUT -p tcp --dport 443 -J LOG iptables -I INPUT -p tcp --dport 80 -J ACCEPT iptables -I INPUT -p tcp --dport 443 -J ACCEPT
A Linux administrator is updating iptables rules and is given the following tasks:✑ Output a list of iptables rules.✑ Remove all iptables rules.Which of the following actions should be performed from the terminal console to accomplish these tasks? (Choose two.) iptables -F iptables -L iptables -I iptables -C iptables -A iptables -N
iptables -F iptables -L -F = Flush, delete all rules in a chail -L = list, list the rules in a chain -I = insert, insert in chain -C = check, check for existence of a rule -A = append, append to chain -N = new, create a new user-defined chain
An administrator is reviewing suspicious activity on a server and needs to determine which users logged into the system within the past 24 hours. Which of the following commands should the administrator run to determine this? last who id usermod
last
A Linux administrator retrieved a repository of files from a Git server using git clone. The administrator wants to see if a configuration file was added to the repository. Which of the following Git arguments should be used to see the recent modifications? fetch log init pull
log
A server, which is used to collect data about the network and datacenter environment via SNMP, is running out of space. Which of the following should the server administrator implement to reduce disk utilization? journald Snapshots logrotate tar -cvf
logrotate
A junior administrator is installing kernel modules. The administrator is given a checklist that outlines the following tasks to be completed:✑ Display currently installed module version.✑ Display which modules loaded at startup.Which of the following commands would be used to accomplish these tasks? (Choose two.) cat /etc/issue insmod lsmod rmmod depmod dmesg
lsmod dmesg
Linux administrator needs to remove a USB drive from a system. The unmount command fails, stating the device is busy. Which of the following commands will show the reason for this error? lsusb | grep /mnt/usb mount | grep /mnt/usb ps aux | grep /mnt/usb lsof | grep /mnt/usb
lsof | grep /mnt/usb
Which of the following commands will let a Linux user know the PCI devices that are installed in the system? cat /proc/devices/pci lspci lsdev cat /proc/sys/dev
lspci
A junior administrator needs to unload an older video kernel module. Which of the following commands would BEST accomplish this task? modprobe insmod rmmod chmod
modprobe
A systems administrator notices a large number of autoloaded device modules are no longer needed and decides to do a cleanup of them. Which of the following commands will accomplish this task? rmmod -c depmod -r insmod -c modprobe -r
modprobe -r
A systems administrator wants to install a new application that requires the newmod kernel module. Which of the following commands should the systems administrator use? lsof newmod modinfo newmod lsmod newmod modprobe newmod
modprobe newmod
A systems administrator wants to mount an ISO to access its content. Using /mnt as a mount point, which of the following is the correct syntax? mount -o iso9660 /dev/sr0 /mnt mount -o loop -t iso /mnt mount -o loop /tmp/image.iso /mnt mount -o loop /dev/kvm /mnt
mount -o loop /tmp/image.iso /mnt
An administrator needs to generate a list of services that are listening on TCP and/or UDP ports. Which of the following tools should the administrator use? ethtool route netstat portmap
netstat
A systems administrator is troubleshooting an intermittent network connection at the IP address 192.168.1.23. The administrator wishes to monitor the connection at five-minute intervals for one hour. Which of the following commands will accomplish this task? ping -i 5 192.168.1.23 ping -c 12 192.168.1.23 ping -c 12 -i 300 192.168.1.23 ping -c 60 -i 100 192.168.1.23
ping -c 12 -i 300 192.168.1.23 -c 12 for number of pings sent, -i 300 for seconds to wait until next ping(interval)
An administrator notices the HISTSIZE variable is 50, using the commands below:HISTSIZE=50 -export HISTSIZEThe administrator rechecks the HISTSIZE value using echo HISTSIZE but gets no value. Which of the following commands should the administrator use to retrieve its value? printenv | grep $HISTSIZE echo HISTSIZE printf HISTSIZE grep $HISTSIZE
printenv | grep $HISTSIZE
An administrator needs to kill the oldest Bash shell running in the system. Which of the following commands should be issued to accomplish this task? ps axjf | grep bash to obtain PID kill -9 PID ps -eo pid,etime,cmd | grep bash (to obtain PID) kill -9 PID ps -eo pid,etime | grep bash (to obtain PID) killall -9 PID killall -15 -o bash
ps -eo pid,etime,cmd | grep bash (to obtain PID) kill -9 PID
A site reliability engineer updated the latest configuration management scripts and committed them to a workstream called either test or patch. A Linux administrator wants to ensure these latest workstreams are able to be retrieved to the server. Which of the following is the BEST Git attribute to use? branch fetch log pull
pull
A systems administrator suspects a process with a PID of 2864 is consuming resources at an alarming rate. The administrator uses the command renice -n -5 -p2864, but it does not solve the issue. Which of the following commands should the administrator execute to correct the issue? nice -n 5 -p 2864 nice -n -5 -p 2864 renice -n 10 -p 2864 renice -n -10 -p 2864
renice -n 10 -p 2864
A systems administrator is unable to reach other devices on the network and the Internet. The server is configured with the IP address 192.169.1.50/24 on eth0. The server's router is 192.168.1.1. The administrator reviews the output of route -n: [SEE IMAGE] Which of the following commands should the administrator run to correct the issue? route del default gw 192.168.2.1 eth0; route add default gw 192.168.1.1 eth0 route add ""net 192.168.10.0 netmask 255.255.255.0 gw 192.168.2.1 eth0 route add 192.168.1.1 default 192.168.1.50 eth0 route host gw 192.168.1.1 eth0
route del default gw 192.168.2.1 eth0; route add default gw 192.168.1.1 eth0
A file server is sharing a directory called /share between team members inside a company. The fileshare needs to be moved from serverA to /newshare located on serverB with all permissions and attributes preserved. Which of the following commands would BEST achieve this task? rsync -aHAX /share/* serverB:/newshare dd if=/share/* of=serverB:/newshare tar -cvf /share/* serverB:/newshare mirrorlv /share/* serverB:/newshare
rsync -aHAX /share/* serverB:/newshare -H --> preserve hard links -A --> preserve permissions -X --> preserve extended attributes
A Linux systems administrator installed a new web server, which failed while attempting to start. The administrator suspects that SELinux is causing an issue and wants to temporarily put the system into permissive mode. Which of the following would allow the administrator to accomplish this? echo SELINUX=PERMISSIVE >> /etc/sysconfig/selinux setenforce 0 sestatus 0 chcon httpd_sys_content_t /var/
setenforce 0
Due to security policies, a restriction was implemented that forbids direct access to the database server. The junior administrator needs to connect using SSH tunneling. Which of the following commands allows the junior administrator to connect from a desktop? ssh -L dbserver.local:5432:localhost:95432 [email protected] ssh -L 5432:localhost dbserver.local:5432 postgres ssh 95432:localhost [email protected] ssh -L 9432:localhost:5432 [email protected]
ssh -L 9432:localhost:5432 [email protected]
An administrator receives the following message on a remote server: Cannot open display. Which of the following should the administrator have used to log in to the server? xrdp -h server.company.com ssh -X server.company.com xvnc server.company.com rdesktop server.company.com
ssh -X server.company.com
A systems administrator downloads an application's source files, compiles the application, and installs it per the application's installation instructions. When trying to run the application, the system states: $ occmd bash: occmd: command not found"¦ Running the locate command shows it does exist in the following location: /opt/occmd/bin/occmd Which of the following should the administrator do to allow the command to run properly? (Choose two.) sudo ln ""s /opt/occmd/bin/occmd /usr/local/bin/occmd echo "export PATH=$PATH:/opt/occmd/bin" >> ~/.bashrc mv /opt/occmd ~/ && ln -s ~/occmd/bin/occmd ./occmd echo "#!/bin/bash \n ${which occmd}" > /usr/bin/occmd.sh sudo mv /opt/occmd/bin/occmd /etc/bin/ cd /opt/occmd/bin && chmod +x ./occmd && restorecon -rv *
sudo ln ""s /opt/occmd/bin/occmd /usr/local/bin/occmd echo "export PATH=$PATH:/opt/occmd/bin" >> ~/.bashrc
A systems administrator receives a report that the web server is not running after a planned system reboot. After starting the web server manually, which of the following commands should the administrator issue to ensure the web server starts at boot time? systemctl service on systemctl enable <name>.service systemctl service enable systemctl on <name>.service
systemctl enable <name>.service
A configuration management tool running every minute is enforcing the service HTTPd to be started. To perform maintenance, which of the following series of commands can be used to prevent the service from being started? systemctl stop httpd && systemctl mask httpd systemctl disable httpd && systemctl mask httpd systemctl stop httpd && systemctl hide httpd systemctl disable httpd && systemctl hide httpd
systemctl stop httpd && systemctl mask httpd A masked service is one whose unit file is a symlink to /dev/null . This makes it "impossible" to load the service, even if it is required by another, enabled service. When you mask a service, a symlink is created from /etc/systemd/system to /dev/null , leaving the original unit file elsewhere untouched.
Topic 1 A junior systems administrator is scanning archive.tar files with an antivirus scanner. The administrator is given the following tasks: ✑ List all files that are in the archive.tar files. ✑ Extract all files from the archive.tar files. Which of the following actions should be performed to meet these requirements? (Choose two.) tar -tvf archive.tar tar -xf archive.tar tar -A archive.tar tar -av archive.tar tar -r archive.tar tar -uvz archive.tar
tar -tvf archive.tar tar -xf archive.tar
A technician wants to secure a sensitive workstation by ensuring network traffic is kept within the local subnet. To accomplish this task, the technician executes the following command: echo 0 > /proc/sys/net/ipv4/ip_default_ttl Which of the following commands can the technician use to confirm the expected results? (Choose two.) tcpdump traceroute route iperf E. ip arp
tcpdump traceroute
A technician wants to secure a sensitive workstation by ensuring network traffic is kept within the local subnet. To accomplish this task, the technician executes the following command: echo 0 > /proc/sys/net/ipv4/ip_default_ttl Which of the following commands can the technician use to confirm the expected results? (Choose two.) tcpdump traceroute route iperf ip arp
tcpdump traceroute
A junior Linux administrator needs to create 16 empty files quickly that will contain sales information for each quarter for the past four years. Which of the following commands will meet this requirement? touch {2015,2016,2017,2018}.{q1,q2,q3,q4} touch [2015,2016,2017,2018].[q1,q2,q3,q4] touch "˜2015,2016,2017,2018"˜."˜q1,q2,q3,q4"˜ touch {2015.2016.2017.2018}.{q1.q2.q3.q4}
touch {2015,2016,2017,2018}.{q1,q2,q3,q4}
An administrator needs to create a file named hello in the home directory that contains the following text: it's me! Which of the following commands would accomplish this goal? mkdir ~/hello touch ~/"it's me!" touch ~/hello echo "it's me!" > ~/hello mv ~/hello cp "it's me!" > ~/hello type ~/hello print "it's me!"
touch ~/hello echo "it's me!" > ~/hello
A user requested a USB serial device to be added to a desktop computer. The device has built-in kernel driver support. The administrator tested the device installation and access, but the user cannot access the serial port. Each time the user attempts to access the device, an error log is created that shows the user does not have permission to use the serial port. Which of the following will add a user to the group that has serial port capabilities? usermod -a -G serialport $USER usermod -a -G modem $USER usermod -a -G dialout $USER usermod -a -G root $USER
usermod ""a ""G dialout $USER
An administrator is uncomfortable allowing users to log in as root. Which of the following ensures that root logins are disallowed? usermod -L root usermod -G root usermod -B root usermod -U root
usermod -L root =c- = We can add comment field for the useraccount. -d = To modify the directory for any existing user account. -e = Using this option we can make the account expiry in specific period. -g = Change the primary group for a User. -G = To add a supplementary groups. -a = To add anyone of the group to a secondary group. -l = To change the login name from tecmint to tecmint_admin. -L = To lock the user account. This will lock the password so we can't use the account. -m = moving the contents of the home directory from existing home dir to new dir. -p = To Use un-encrypted password for the new password. (NOT Secured). -s = Create a Specified shell for new accounts. -u = Used to Assigned UID for the user account between 0 to 999. -U = To unlock the user accounts. This will remove the password lock and allow us to use the user account.
A user, jsmith, needs access to database files located on a server. Which of the following will add jsmith to the "dba" group and preserve existing group memberships? usermod -a -G dba jsmith usermod -g dba jsmith useradd -g dba jsmith groupmod dba -u jsmith
usermod -a -G dba jsmith
Joe, a user, is unable to log in to the server and contracts the systems administrator to look into the issue. The administrator examines the /etc/passwd file and discovers the following entry: joe:x:505:505::/home/joe:/bin/false Which of the following commands should the administrator execute to resolve the problem? usermod -s /bin/bash joe passwd -u joe useradd -s /bin/bash joe chage -E -1 joe
usermod -s /bin/bash joe
SIMULATION: A junior system administrator had trouble installing and running an Apache web server on a Linux server. You have been tasked with installing the Apache web server on the Linux server and resolving the issue that prevented the junior administrator from running Apache. INSTRUCTIONS: Install Apache and start the service. Verify that the Apache service is running with the defaults.Typing "help" in the terminal will show a list of relevant commands.If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
yum install httpd systemctl start httpd systemctl enable httpd systemctl status httpd
A junior Linux administrator needs to access production servers using a secure SSH protocol. Which of the following files should contain the public key to gain remote access to the server? ~/ssh/authorized-keys /etc/authorized_keys /etc/sshd/ssh.conf ~/.ssh/authorized_keys
~/.ssh/authorized_keys
A Linux administrator is setting up a testing environment and needs to connect to a separate testing server using the production server name. The administrator needs to override the hostname that the DNS is returning in order to use the test environment. Which of the following commands should be run on each of the testing systems to BEST meet this goal? # hostnamectl set-hostname "192.168.1.100 production.company.com" # grep ""i IP "${ip addr show} production.company.com" > /etc/resolv.conf # ip addr add 192.168.1.100/24 dev eth0 && rndc reload production.company.com # echo "192.168.1.100 production.company.com" >> /etc/hosts
# echo "192.168.1.100 production.company.com" >> /etc/hosts
A Linux administrator needs the "tech" account to have the option to run elevated commands as root. Which of the following commands would BEST meet this goal? $ su "" tech -c "/bin/bash" # usermod -aG wheel tech # sudo -i tech # groupadd -u tech -g root
# usermod -aG wheel tech The users of the wheel group are able to su to root. This usually consists of a group named "wheel" and a set of users that are permitted to use the utility 'su' in order to change to root.
A Linux administrator wants to obtain a list of files and subdirectories in the /etc directory that contain the word "services". Once the files and subdirectories are discovered, they should be listed alphabetically in the /var/tmp/foundservices file. Which of the following shell scripts will accomplish this task? #/bin/bash find /etc -name services | sort > /var/tmp/foundservices #/bin/bash locate /etc -sort -name services > /var/tmp/foundservices #/bin/bash find -name services -sort </var/tmp/foundservices #/bin/bash find /etc -name services -sort > /var/tmp/foundservices
#/bin/bash find /etc -name services | sort > /var/tmp/foundservices
A systems administrator must clean up all application files in the directory /var/log/app. However, the company's security policy requires the files to be kept on the backup server for one year. The Linux server has only the tar and bzip2 packages installed. Which of the following commands will package and compress the files? tar -zcvf applicationfiles.tar.bz2 /var/log/app/* tar -jcvf applicationfiles.tar.bz2 /var/log/app/* tar -cvf applicationfiles.tar.bz2 /var/log/app/* tar -xvf applicationfiles.tar.bz2 /var/log/app/*
-jcvf applicationfiles.tar.bz2 /var/log/app/* the -j switch compresses
Which of the following is the template for the grub.cfg file? /etc/default/grub /etc/grub2.cfg /etc/sysct1.conf /boot/efi
/etc/default/grub
Which of the following configuration files should be modified to disable Ctrl+Alt+Del in Linux? /etc/inittab ~/.bash_profile /etc/securetty /etc/security/limits.conf
/etc/inittab
An administrator needs to see a list of the system user's encrypted passwords. Which of the following Linux files does the administrator need to read? /etc/shadow /etc/skel /etc/passwd /etc/pw
/etc/shadow
In order to comply with new security policies, an administrator needs to prevent the SSH server from using insecure algorithms. Which of the following files should be edited to accomplish this? /etc/ssh/sshd_config /etc/ssh/ssh_config ~/.ssh/ssh_config /etc/ssh/known_hosts
/etc/ssh/sshd_config
A systems administrator has deployed a Linux server based on an Anaconda process with all packages and custom configurations necessary to install a web server role. Which of the following could be used to install more Linux servers with the same characteristics? /etc/sysconfig/anaconda.cfg /root/anaconda.auto /root/anaconda-ks.cfg /etc/sysconfig/installation.cfg
/root/anaconda-ks.cfg ks = kickstart The Red Hat Enterprise Linux installation process automatically writes a Kickstart file that contains the settings for the installed system. This file is always saved as /root/anaconda-ks.cfg. You may use this file to repeat the installation with identical settings, or modify copies to specify settings for other systems.
After starting a long-running script, a systems administrator needs to verify the frequency of what is filling up the /var partition and kill it because it is consuming too much space. Which of the following is the correct sequence given only a terminal is available? 1. CTRL-C 2. bg 3. watch df /var 4. CTRL-C 5. fg 6. CTRL-Z 1. CTRL-C 2. fg 3. watch df /var 4. CTRL-Z 5. bg 6. CTRL-Z 1. CTRL-Z 2. bg 3. watch df /var 4. CTRL-C 5. fg 6. CTRL-C 1. CTRL-Z 2. bg 3. watch df /var 4. CTRL-Z 5. fg 6. CTRL-C
1. CTRL-Z 2. bg 3. watch df /var 4. CTRL-Z 5. fg 6. CTRL-C
Which of the following configuration management tools is considered agentless? Puppet Salt Ansible Chef
Ansible
A Linux server needs to be accessed, but the root password is not available. Which of the following would BEST allow an administrator to regain access and set a new known password at the same time? Boot into single-user mode and reset the password via the passwd command. Boot into single-user mode and reset the password by editing the /etc/passwd file. Boot into single-user mode and reset the password by editing the /etc/shadow file. Boot into single-user mode and reset the password via the chage command.
Boot into single-user mode and reset the password via the passwd command.
A systems administrator wants to deploy several applications to the same server quickly. Each application should be abstracted from the host with its own dependencies and libraries and utilize a minimal footprint. Which of the following would be BEST in this scenario? Virtual machines Type 2 hypervisor Chroot jails Containers
Containers
Which of the following BEST describes containers running on a Linux system? Containers only need the namespaces functionality to run on a Linux system available since kernel 2.6. Containers need a hypervisor to run on a Linux system. Cgroups namespaces are functionalities used for the kernel but not for running containers. Containers only need the cgroups functionality for running on a Linux system. Namespaces is not a Linux kernel functionality needed for creating and managing containers. Containers use the cgroups and namespaces functionalities to isolate processes and assign hardware resources to each of those isolated processes.
Containers use the cgroups and namespaces functionalities to isolate processes and assign hardware resources to each of those isolated processes.
Which of the following is the BEST reason for not storing database files in the /var directory? The /var filesystem is not fast enough for database files. The number of files in /var is limited by the available inodes. Files in /var do not have strict file permissions. If log files fill up /var, it might corrupt the database
If log files fill up /var, it might corrupt the database
A Linux administrator is using a public cloud provider to host servers for a company's website. Using the provider's tools, the administrator wrote a JSON file to define how to deploy the servers. Which of the following techniques did the administrator use? Infrastructure as code Build automation Platform as a service Automated configuration
Infrastructure as code
A systems administration team has decided to treat their systems as immutable instances. They keep the desired state of each of their systems in version control and apply automation whenever they provision a new instance. If there is an issue with one of their servers, instead of troubleshooting the issue they terminate the instance and rebuild it using automation. Which of the following is this an example of? Inventory Orchestration Infrastructure as code Agentless deployment
Infrastructure as code KEY: using automation (AKA scripts / code)
Which of the following statements BEST represents what the term "agentless" means regarding orchestration? Installation of a tool is not required on the remote system to perform orchestration tasks It facilitates version control when using infrastructure as code during orchestration It automatically removes malware from the remote system during orchestration A tool can only be accessed remotely to perform orchestration tasks
Installation of a tool is not required on the remote system to perform orchestration tasks
A systems administrator has finished building a new feature for the monitoring software in a separate Git branch. Which of the following is the BEST method for adding the new feature to the software's master branch? Merge the changes from the feature branch to the master branch. Save the changes to the master branch automatically with each Git commit. Clone the feature branch into the master branch. Pull the changes from the feature branch into the master branch.
Merge the changes from the feature branch to the master branch.
A junior Linux administrator is updating local name resolution to support IPv6. The administrator issues the command cat /etc/hosts and receives the following output:127.0.0.1 localhost Which of the following actions should the administrator perform to accomplish this task? Modify the /etc/hosts file, and add the ipv6 localhost entry to the file. Modify the /etc/hosts file, and add the ::1 localhost entry to the file. Modify the /etc/hosts file, and add the ipv4 localhost entry to the file. Modify the /etc/hosts file, and add the 0.0.0.0 localhost entry to the file.
Modify the /etc/hosts file, and add the ::1 localhost entry to the file.
A junior Linux administrator is installing a new application with CPU architecture requirements that have the following specifications: ✑ x64 bit ✑ 3.0GHz speed ✑ Minimum quad core The administrator wants to leverage existing equipment but is unsure whether the requirements of these systems are adequate. The administrator issues the following command cat /proc/cpuinfo. The output of the command is as follows: [SEE PICTURE] Which of the following is the recommended course of action the administrator should take based on this output? Install the application, as the system meets the application requirements Procure new equipment that matches the recommended specifications Recompile the Linux kernel to support the installation. Reconfigure lib modules to support the new application.
Procure new equipment that matches the recommended specifications
Given that a company's policy states that users cannot install third-party tools on Window servers, which of the following protocols will allow a Linux GUI to connect to a Windows server? VNC NX RDP X11
RDP
A Linux administrator implemented a new HTTP server using the default configuration. None of the users on the network can access the server. If there is no problem on the network or with the users' workstations, which of the following steps will BEST analyze and resolve the issue? Run netstat to ensure the port is correctly bound, and configure the firewall to allow access on ports 80 and 443 Run route to ensure the port is correctly bound, and configure the firewall to allow access on ports 80 and 443 Run netcat to ensure the port is correctly bound, and configure a static route to the web to allow access on ports 80 and 443 Run route to ensure the port is correctly bound, and configure SELinux to allow access on ports 80 and 443
Run netstat to ensure the port is correctly bound, and configure the firewall to allow access on ports 80 and 443
While creating a file on a volume, the Linux administrator receives the following message: No space left on device. Running the df -m command, the administrator notes there is still 50% of usage left. Which of the following is the NEXT step the administrator should take to analyze the issue without losing data? Run the df -i command and notice the inode exhaustion Run the df -h command and notice the space exhaustion Run the df -B command and notice the block size Run the df -k command and notice the storage exhaustion
Run the df -i command and notice the inode exhaustion
A networked has been crashing intermittently. A Linux administrator would like to write a shell script that will attempt to ping the server and email an alert if the server fails to respond. The script will later be scheduled via cron job. Which of the following scripts would BEST accomplish this task? SERVER="192.168.1.50" RESULT='ping -C 2 $SERVER' if [ !RESULT ]; then echo "Server is down" | mail -s "Server down" admin@email_address.com fi SERVER="192.168.1.50" ping -c 2 $SERVER >/dev/null 2>/dev/null if [ $? -ge 1 ]; then echo "Server is down" | mail -s "Server down" admin@email_address SERVER="192.168.50" RESULT='ping -c 2 $SERVER >/dev/null 2>/dev/null' while [ $RESULT != 1]; do echo "Server is down" | mail -s "Server down" admin@email_address done SERVER="192.168.1.50" ping -c 2 $SERVER >/dev/null 2>/tmp/fail.log if [ -f /tmp/fail/log ]; then echo "Server is down" | mail -s "Server down" admin@email_address fi
SERVER="192.168.1.50" ping -c 2 $SERVER >/dev/null 2>/dev/null if [ $? -ge 1 ]; then echo "Server is down" | mail -s "Server down" admin@email_address
A Linux systems administrator needs to provision multiple web servers into separate regional datacenters. The systems architect has instructed the administrator to define the server infrastructure using a specific tool that consumes a text-based file. Which of the following is the BEST reason to do this? To document the infrastructure so it can be included in the system security plan To ensure the administrator follows the planning phase of the systems development life cycle To define the infrastructure so it can be provisioned consistently with minimal manual tasks To validate user requirements have been met within each regional datacenter for compliance
To define the infrastructure so it can be provisioned consistently with minimal manual tasks
Which of the following is the purpose of the vmlinux file on a Linux system? To prevent a Linux kernel panic To start a Linux virtual machine To provide the executable kernel for the system To enable resource access to the network
To provide the executable kernel for the system On Linux systems, vmlinux is a statically linked executable file that contains the Linux kernel in one of the object file formats supported by Linux, which includes ELF, COFF and a.out. The vmlinux file might be required for kernel debugging, symbol table generation or other operations, but must be made bootable before being used as an operating system kernel by adding a multiboot header, bootsector and setup routines.
Which of the following can be used to boot a DVD from a remote device to initialize a Linux system setup on bare metal hardware as if it is a local DVD? UEFI PXE NFS GRUB
UEFI
A junior Linux administrator is setting up system-wide configuration settings. The goal is to ensure the PATH environment variable includes the following locations for all users who log into a Linux system: /usr/local/bin /usr/local/sbin The administrator issues the following commands at the terminal: echo $PATH cat /etc/profile Respectively, the output of these commands is as follows: /usr/bin:/usr/sbin:/sbin:/bin # /etc/profile: system-wide .profile file for the bourne shell (sh(1)) # and Bourne compatible shells (bash(1), ksh(1), ash(1), ...) if [ `id' -u' -eq 0 ]; then PATH="usr/bin:/user/sbin:/sbin:/bin" else PATH="/usr/local/games" fi export PATH Given this output, which of the following would be the BEST action for the administrator to perform to address this issue? Update the /etc/profile.d file using a text editor, navigate to the PATH element, add the missing locations, and run the bash_completion.sh script to update the changes. Update the /etc/profile file using a text editor, navigate to the PATH element, add the missing locations and run the . /etc/profile command to update the changes. Update the /etc/profile.d file using a text editor, navigate to the PATH element, add the missing locations, and reboot to update the changes Update the /etc/profile file using a text editor navigate to the PATH element, add the missing locations, and restart the bash process to update the changes.
Update the /etc/profile file using a text editor, navigate to the PATH element, add the missing locations and run the . /etc/profile command to update the changes.
Which of the following would be the BEST solution for a systems administrator to access the graphical user environment of a Linux machine remotely? VNC KDE X11 RPC
VNC
An administrator reviews the following configuration file provided by a DevOps engineer: [SEE IMAGE] Which of the following would the application parsing this file MOST likely have to support? YAML AJAX JSON SOAP
YAML
A systems administrator is configuring options on a newly installed Linux VM that will be deployed to the Pacific time zone. Which of the following sets of commands should the administrator execute to accurately configure the correct time settings? cd /etc ln -s /usr/share/zoneinfo/US/Pacific localtime cd /usr/local ln -s /usr/share/zoneinfo/US/Pacific zoneinfo cd /etc/local ln -s /usr/share/zoneinfo/US/Pacific localtime cd /usr/share/local ln -s /usr/share/zoneinfo/US/Pacific localectl
cd /etc ln -s /usr/share/zoneinfo/US/Pacific localtime
Ann, a junior systems administrator, is required to add a line to the /etc/yum.conf file. However, she receives the following error message when she tries to add the line: root@comptia:~# echo "line" > /etc/yum.conf -su: /etc/yum.conf: Operation not permitted Ann performs some diagnostics to attempt to find the root cause: [SEE IMAGE] Which of the following commands should Ann execute to write content to /etc/yum? chmod 755 /etc/yum.conf setfacl -m m:rw /etc/yum.conf chattr -i /etc/yum.conf setenforce 0
chattr -i /etc/yum.conf change the immutable attribute using the chattr -i command
A Linux administrator needs to set permissions on an application with the following parameters: ✑ The owner of the application should be able to read, write, and execute the application. ✑ Members of the group should be able to read and execute the application. ✑ Everyone else should not have access to the application. Which of the following commands would BEST accomplish these tasks? chmod 710 <application name> chmod 730 <application name> chmod 750 <application name> chmod 760 <application name>
chmod 750 <application name>
A Linux administrator needs every new file created on a directory to maintain the group permissions of the same directory. Which of the following commands would satisfy this requirement? chmod o+s <directory> chmod u+s <directory> chmod +s <directory> chmod g+s <directory>
chmod g+s <directory>
A Linux administrator needs to remotely update the contents of the www.comptia.org/contacts URL.Which of the following commands would allow the administrator to download the current contents of the URL before updating? curl www.comptia.org/contacts dig www.comptia.org/contacts apt-get www.comptia.org/contacts yum list www.comptia.org/contacts
curl www.comptia.org/contacts
A Linux administrator must identify a user with high disk usage. The administrator runs the # du ""s /home/* command and gets the following output: 43 /home/User1 2701 /home/User2 133089 /home/User3 3611 /home/User4 Based on the output, User3 has the largest amount of disk space used. To clean up the file space, the administrator needs to find out more information about the specific files that are using the most disk space. Which of the following commands will accomplish this task? df -k /home/User3/files.txt du -a /home/User3/* du -sh /home/User/ find . -name" /home/User3 -print
du -a /home/User3/*
A Linux administrator has configured a Linux system to be used as a router. The administrator confirms that two network adapters are properly installed and functioning correctly. In addition, the output of the iptables -L command appears to contain a complete firewall configuration. Which of the following commands does the administrator need to issue for the router to be fully functional? echo "1" > /proc/sys/net/ipv4/ip_forward echo "0" > /proc/sys/net/ipv4/tcp_abort_on_overflow echo "0" > /proc/sys/net/ipv4/max_connections echo "1" > /proc/sys/net/ipv4/ip_default_ttl
echo "1" > /proc/sys/net/ipv4/ip_forward
A Linux administrator is using a Linux system as a router. During the tests, the administrator discovers that IP packets are not being sent between the configured interfaces. Which of the following commands enables this feature for IPv4 networks? cat /proc/sys/net/ipv4/ip_route > 1 echo "1" > /proc/sys/net/ipv4/ip_forward echo "1" > /proc/sys/net/ipv4/ip_route echo "1" > /proc/sys/net/ipv4/ip_net
echo "1" > /proc/sys/net/ipv4/ip_forward
A new corporate policy states that Bluetooth should be disabled on all company laptops. Which of the following commands would disable the use of Bluetooth? echo "blacklist bluetooth" > /etc/modprobe.d/blacklist-bluetooth echo "kill bluetooth" > /etc/modprobe.d/kill-bluetooth echo "modprobe bluetooth" > /etc/modprobe.d/modporbe-bluetooth echo "rmmod bluetooth" > /etc/modprobe.d/rmmod-bluetooth
echo "blacklist bluetooth" > /etc/modprobe.d/blacklist-bluetooth
A junior systems administrator is configuring localization option environment variables. The administrator is given a checklist of tasks with the following requirements: ✑ View current settings of the LC_ALL environment variable only. ✑ Modify the LANG environment variable to US English Unicode. Given this scenario, which of the following should be performed to meet these requirements? (Choose two.) echo $LC_ALL locale cat $LC_ALL export LANG = en_US.UTF-8 export $LANG = en_US.UTF stty
echo $LC_ALL export LANG = en_US.UTF-8
A server is almost out of free memory and is becoming unresponsive. Which of the following sets of commands will BEST mitigate the issue? free, fack, partprobe lsof, lvcreate, mdadm df, du, rmmod fdisk, mkswap, swapon -a
fdisk, mkswap, swapon -a
A Linux administrator is testing a new web application on a local laptop and consistently shows the following 403 errors in the laptop's logs: The web server starts properly, but an error is generated in the audit log. Which of the following settings should be enabled to prevent this audit message? httpd_can_network_connect = 1 httpd_enable_scripting = 1 httpd_enable_homedirs = 1 httpd_enable_cgi = 1
httpd_can_network_connect = 1
A user has connected a Bluetooth mouse to a computer, but it is not working properly. Which of the following commands should the systems administrator use to fix the issue? lsmod -i bluetooth insmod bluetooth modprobe -r bluetooth depmod -i bluetooth
insmod bluetooth
An administrator is attempting to block SSH connections to 192.168.10.24 using the Linux firewall. After implementing a rule, a connection refused error is displayed when attempting to SSH to 192.168.10.24. Which of the following rules was MOST likely implemented? iptables -A -p tcp -d 192.168.10.24 --dport 22 -j REJECT iptables -A -p tcp -d 192.168.10.24 --dport 22 -j DROP iptables -A -p tcp -d 192.168.10.24 --dport 22 -j FORWARD iptables -A -p tcp -d 192.168.10.24 --dport 22 -j REFUSE
iptables -A -p tcp -d 192.168.10.24 --dport 22 -j REJECT KEY WORDS: connection refused error
A new HTTPS web service is being deployed on a server. Which of the following commands should the Linux administrator use to ensure traffic is able to flow through the system firewall to the new service? iptables -I OUTPUT -p tcp --sport 443 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables -I INPUT --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
A Linux administrator built a GitLab server. Later that day, a software engineer tried to access the server to upload the repository during the final step of installation. The software engineer could not access the website. Which of the following firewall rules would allow access to this site? iptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack -cstate NEW, ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack -cstate ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack -cstate RELATED, ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack -cstate NEW, ESTABLISHED -j REJECT
iptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack -cstate NEW, ESTABLISHED -j ACCEPT
A Linux system is running normally when the systems administrator receives an alert that one application spawned many processes. The application is consuming a lot of memory, and it will soon cause the machine to become unresponsive. Which of the following commands will stop each application process? kill `pidof application` killall application kill -9 `ps -aux | grep application` pkill -9 application
killall application
An operator finds a user is having issues with opening certain files. Which of the following commands would allow the security administrator to list and check the SELinux context? ls -D ls -a ls -Z ls -1
ls -Z
A systems administrator needs to append output of ls ""lha /opt command to the contents of a test.txt file. Which of the following commands will accomplish this? ls -lha /opt > test.txt ls -lha /opt < test.txt ls -lha /opt >> test.txt ls -lha /opt << test.txt
ls -lha /opt >> test.txt
Which of the following will provide a list of all flash, external, internal, and SSD drives? lspci lsmod lsblk lsusb
lsblk
An administrator receives a warning about a filesystem filling up, and then identifies a large file located at /tmp/largelogfile. The administrator deletes the file, but no space is recovered on the filesystem. Which of the following commands would BEST assists the administrator in identifying the problem? lsof | grep largelogfile pkill /tmp/largelogfile pgrep largelogfile ps ""ef | grep largelogfile
lsof | grep largelogfile On Linux or Unix systems, deleting a file via rm or through a file manager application will unlink the file from the file system's directory structure; however, if the file is still open (in use by a running process) it will still be accessible to this process and will continue to occupy space on disk. Therefore such processes may need to be restarted before that file's space will be cleared up on the filesystem.
A Linux administrator needs to take stock of USB devices attached to the system. Which of the following commands would be BEST to complete this task? lspci lsusb cat /proc/USB modprobe -""usb
lsusb
An administrator is tasked with increasing the size of the volume /dev/vg/lv to 20GB. Which of the following BEST illustrates the steps the administrator should take? vgextend ""L20G /dev/vg/lv; resizelv /dev/vg/lv parted ""L20G /dev/vg/lv; remount /dev/vg/lv mkfs ""L20G /dev/vg/lv; tune2fs /dev/vg/lv lvextend ""L20G /dev/vg/lv; resize2fs /dev/vg/lv
lvextend ""L20G /dev/vg/lv; resize2fs /dev/vg/lv To extend the existing data2 LV by 50GB and resize the existing filesystem on it accordingly, you could use the lvextend -L +50GB -r /dev/vg00/data2 command.
An administrator needs to mount the shared NFS file system testhost:/testvolume to mount point /mnt/testvol and make the mount persistent after reboot. Which of the following BEST demonstrates the commands necessary to accomplish this task? mkdir -p /mnt/testvol echo "testhost:/testvolume /mnt/testvol nfs defaults 0 0" >> /etc/fstab mount -a mkdir /mnt/testvol mount testhost:/testvolume /mnt/testvol mkdir testhost:/testvolume at mnt/testvol mount -a mkdir /mnt/testvol echo "testhost:/testvolume /mnt/testvol" >> /mnt/mnttab mount -a
mkdir -p /mnt/testvol echo "testhost:/testvolume /mnt/testvol nfs defaults 0 0" >> /etc/fstab mount -a permanent mount
A junior administrator of a physical server receives log messages indicating the out-of-memory killer has been active. All memory slots are in use on the motherboard, but additional disk space is available. Space has been allocated for a swap file. Which of the following should the administrator use to reduce the output of memory messages? free : swapoff / swapfile ; swapon -a mkswap /swapfile; swapon -a fallocate -l 2G /swapfile && swapon -a echo "1" > /proc/meninfo ; swapon / swapfile
mkswap /swapfile; swapon -a
A systems administrator configured a new kernel module, but it stopped working after reboot. Which of the following will allow the systems administrator to check for module problems during server startup? lsmod modprobe modinfo dmesg
modinfo or dmesg
A systems administrator needs to install a new piece of hardware that requires a new driver. The driver should be manually installed. Which of the following describes the order of commands required to obtain module information, install the module, and check the log for any errors during module installation? lsmod, modprobe, modinfo modinfo, insmod, modprobe modinfo, insmod, dmesg lsmod, insmod, dmesg
modinfo, insmod, dmesg lsmod----> show the status of modules in the Linux Kernel modinfo ---> show information about a Linux Kernel module insmod ----> simple program to insert a module into the Linux Kernel modprobe ----> add and remove modules from the Linux Kernel modinfo - extracts information from the Linux Kernel modules given on the command line. If the module name is not a filename, then the /lib/modules/version directory is searched, insmod - install module dmesg - kernel log messages
A systems administrator observes high latency values when reaching a remote web server. Which of the following commands will help determine and isolate issues on the network side? mtr dig netstat route
mtr
A systems administrator has received reports of intermittent network connectivity to a particular website. Which of the following is the BEST command to use to characterize the location and type of failure over the course of several minutes? mtr www.comptia.org tracert www.comptia.org ping www.comptia.org netstat www.comptia.org
mtr www.comptia.org
A Linux server has multiple IPs. A Linux administrator needs to verify if the HTTP server port is bound to the correct IP. Which of the following commands would BEST accomplish this task? route host nslookup netstat ip
netstat
An administrator needs to change the IP address on a server remotely. After updating the configuration files, a network restart is needed. However, the administrator fears that when the network connection drops, the network restart script will be killed before the new IP address has been set. Which of the following commands would prevent the script from being killed? nohup service network restart service network restart & echo "service network restart" | at now bg service network restart
nohup service network restart nohup - "Used to execute a child process without parent association."
A junior Linux administrator is trying to verify connectivity to the remote host host1 and display round-trip statistics for ten ICMP requests. Which of the following commands should the administrator execute? ping -c 10 host1 traceroute -c 10 host1 netstat host1 pathping -c 10 host1
ping -c 10 host1
A Linux administrator is testing connectivity to a remote host on a shared terminal. The administrator wants to allow other users to access the terminal while the command is executing. Which of the following commands should the administrator use? bg ping remotehost fg ping remotehost ping remotehost < results ping remotehost &
ping remotehost &
A junior Linux administrator is installing patches using YUM. The administrator issues the following command: yum list installed The output of the command is as follows: [SEE IMAGE] Given this scenario and the output, which of the following should the administrator do to address this issue? renice ""n 9 ""p 5180 killall yum ps -ef | grep yum top | grep yum
ps -ef | grep yum
A Linux storage administrator wants to create a logical volume group. Which of the following commands is required to start the process? pvcreate vgcreate lvcreate mkfs.xfs
pvcreate creating logical volume process flow: pvcreate --> vgcreate --> lvcreate
DRAG DROP: The lead Linux admin has added a disk, /dev/sdd, to a VM that is running out of disk space. Place the following steps in the correct order from first (1) to last (4) to add the disk to the existing LVM.Select and Place: lvextend -L +10GB /dev/mapper/vgdata-data pvcreate /dev/sdd resize2fs /dev/mapper/vgdata-data vgextend vgdata /dev/sdd
pvcreate /dev/sdd vgextend vgdata /dev/sdd lvextend -L +10GB /dev/mapper/vgdata-data resize2fs /dev/mapper/vgdata-data
A systems administrator is enabling quotas on the /home directory of a Linux server. The administrator makes the appropriate edits to the /etc/fstab file and attempts to issue the commands to enable quotas on the desired directory. However, the administrator receives an error message stating the filesystem does not support quotas. Which of the following commands should the administrator perform to proceed? mount -o remount /home quotacheck -cg edquota /home quotaon /home
quotaon /home
An administrator notices that a long-running script, /home/user/script.sh, is taking up a large number of system resources. The administrator does not know the script's function. Which of the following commands should the administrator use to minimize the script's impact on system resources? renice kill bg nohup
renice
An administrator needs to create a shared directory in which all users are able to read, write, and execute its content but none of the regular users are able to delete any content. Which of the following permissions should be applied to this shared directory? rwxrwxrwt rwxrwxrws rwxrwxrwx rwxrwxrw*
rwxrwxrwt Sticky Bit is mainly used on folders in order to avoid deletion of a folder and it's content by other users though they having write permissions on the folder contents. If Sticky bit is enabled on a folder, the folder contents are deleted by only owner who created them and the root user. No one else can delete other users data in this folder(Where sticky bit is set)
A Linux systems administrator needs to copy the contents of a directory named "working" on the local working system to a folder /var/www/html on a server named "corporate-web". Which of the following commands will allow the administrator to copy all the contents to the web server? scp ""r working/* webuser@corporate-web:/var/www/html tar working/* webuser@corporate-web:/var/www/html cp ""r working/* webuser@corporate-web:/var/www/html mv working webuser@corporate-web:/var/www/html
scp ""r working/* webuser@corporate-web:/var/www/html
Ann, a junior Linux administrator, needs to copy software from her local machine to assist in developing a software application on a remote machine with the IP address 192.168.3.22. The file needs to be placed on the /tmp directory. After downloading the RPM to the local machine, which of the following commands would be BEST to use to copy the software? scp ~/software.rpm [email protected]:/tmp scp ~/software.rpm [email protected]: /tmp wget [email protected]:/tmp -f ~/software.rpm scp [email protected] ~/software.rpm :/tmp
scp ~/software.rpm [email protected]:/tmp to transfer the /root/sample file on a remote computer called appserver to the /var directory on the local computer, you could run the following scp command: [root@server1 ~]# scp root@appserver:/root/sample /var" "Similarly, to copy the /root/sample file to the /var directory on appserver, you could use the following scp command: [root@server1 ~]# scp /root/sample root@appserver:/va
Two specific users need access to a directory owned by root where backups are located. Which of the following commands would BEST ensure the specified users can access the backup files? umask chcon chmod setfacl
setfacl
A systems administrator wants to know the current status of a series of dd jobs that were started in the background three hours ago. Which of the following commands will achieve this task? sudo killall ""HUP dd sudo killall dd sudo killall ""TERM dd sudo killall -USR1 dd
sudo killall -USR1 dd You can monitor the progress of dd without halting it by using the kill command. To see the progress of dd once it's running, open another terminal and enter: sudo kill -USR1 $(pgrep ^dd) This will display dd progress in the dd terminal window without halting the process.
A Linux administrator needs to back up the folder /usr/domain, and the output must be a gzip compressed tar. Which of the following commands should be used? tar -cv domain.tar.gz /usr/domain tar -cvf /usr/domain domain.tar.gz tar -czvf domain.tar.gz /usr/domain tar -cxzv /usr/domain domain.tar.gz
tar -czvf domain.tar.gz /usr/domain
A company wants to ensure that all newly created files can be modified only by their owners and that all new directory content can be changed only by the creator of the directory. Which of the following commands will help achieve this task? umask 0022 umask 0012 chmod -R 0644 / chmod -R 0755 /
umask 0022
Given the output below: drwxr-xr-x 4096 user1 user1 Documents drwxr-xr-x 4096 user1 user1 Music lrwxrwxrwx 1 root root MyPhoto.jpg -> /Pictures/photo.jpg drwxr-xr-x 4096 user1 user1 Pictures -rw-r--r-- 256 user1 user1 text.text -rw-r--r-- 35 user1 user1 tmp.tmp Which of the following commands can be used to remove MyPhoto.jpg from the current directory? unlink ./MyPhoto.jpg del Pictures/photo.jpg rm -rf ./Pictures rm -f MyPhoto.jpg ln -rm ./Pictures/photo.jpg
unlink ./MyPhoto.jpg
A junior systems administrator is upgrading a package that was installed on a Red Hat-based system. The administrator is tasked with the following: ✑ Update and install the new package. ✑ Verify the new package version is installed. Which of the following should be done to BEST accomplish these task? (Choose two.) yum install <package name> yum upgrade rpm ""e <package name> rpm ""qa apt-get <package name> apt-get upgrade
yum install <package name> rpm -qa
A Linux systems administrator wants the ability to access systems remotely over SSH using RSA authentication. To which of the following files should the RSA token be added to allow this access? authorized_keys ~/.ssh/ssh_config id_rsa.pub known_hosts
~/.ssh/ssh_config