Linux Practice Exam #3
Karl, a system administrator at Dion Training, received a warning that a Linux server is low on storage space. He wants to list out the recognized Linux partitions and review their storage block information. Which of the following should be used to accomplish this? A. /proc/partitions B. /etc/lvm C. /configs/lvm D. /dev/sda
A. /proc/partitions The /proc/partitions file displays a Linux system's partitions and storage block information. The /dev/sda folder is a special device file that isn't displayed in human-readable text and only contains partitions for the first storage device. The /etc/lvm and /configs/lvm are not used in most Linux distributions by default.
Kerry, a system administrator at Dion Training, wants to configure a Linux server to perform a full disk backup every Sunday at 05:04 in the morning. Which of the following cron schedule expressions should be used to accomplish this? A. 4 5 * * 0 B. 5 4 * * 6 C. 0 5 4 * * D. * * 4 5 0
A. 4 5 * * 0 The cron scheduler uses an expression to define when a task will be run. The format is <minute> <hour> <day of month> <month> <day of week>. Therefore, "At 05:04 on Sunday" would be written as "4 5 * * 0" or "4 5 * * sun" using this standard format.
Beryl, a system administrator at Dion Training, enters the vmstat command to begin troubleshooting a Linux server that is performing slowly. Which of the following BEST describes the purpose of the vmstat command? A. Displays the amount of virtual memory used B. Displays the CPU load average for each user C. Generates a report of device I/O latency in real time D. Displays bandwidth utilization for the network adapters
A. Displays the amount of virtual memory used The vmstat command is sued to display the amount of virtual memory used by a Linux system. Virtual memory is a file or partition on a system that is used when the system runs out of physical memory. The top command dynamically displays the processes consuming the most system resources, including the average amount of CPU load for each user. The ioping command is used to generate a report of a device's input/output (I/O) latency in real-time. The iperf command is used to test the maximum throughput an interface will support.
Jemma, a cybersecurity analyst at Dion Training, wants to be able to uniquely identify files on a Linux server by creating a digital fingerprint for each file to ensure the integrity of the files remains intact at all times. Which of the following should be used to accomplish this? A. Hashing B. Symmetric encryption C. Asymmetric encryption D. PKI
A. Hashing Hashing is a one-way cryptographic function that takes a variable length input and produces a hash digest value of a fixed length as its output. For example, an SHA-256 hashing function will always produce a 256-bit hash digest, regardless of the length of the input the function receives. This hash value acts as a digital fingerprint to uniquely identify a file and ensure its integrity remains intact. Symmetric encryption is a type of encryption where a secret key is used to both encrypt and decrypt data. The output of a symmetric encryption function has a variable length output based on the length of the input received by the function. Asymmetric encryption is a type of encryption where a key pair, containing both a public and private key, is used to encrypt and decrypt data. The output of an asymmetric encryption function has a variable length output based on the length of the input received by the function. Public key infrastructure (PKI) is a system of processes, technologies, and policies used to encrypt and digitally sign data using asymmetric encryption functions.
Paul, a cybersecurity analyst at Dion Training, wants to encrypt a message that he is sending to Kathryn. Paul wants to ensure that only Kathryn can read the contents of the encrypted message. Which of the following keys should he use to encrypt his message before transmission? A. Kathryn's public key B. Certificate authority C. Kathryn's private key D. Wildcard certificate
A. Kathryn's public key The public key refers to one-half of a user's key pair in a Public Key Infrastructure (PKI) system. The public key is available to any user who wants to encrypt a message to a specific individual, but only the recipient's matching private key can be used to decrypt the message. A certificate authority (CA) is a server that issues digital certificates for entities and maintains the associated private/public key pair. Internal CAs issue self-signed certificates—certificates that are owned by the same entity that signs them. In other words, the certificate does not recognize any authority and is essentially certifying itself. Self-signed certificates require the client to trust the entity directly. Private keys are maintained securely by an individual or device and are used to decrypt messages that are encrypted with their public key. Private keys are also used to create digital signatures by encrypting a hash of the sent data. Wildcard certificates support multiple subdomains of a single parent domain, such as www.diontraining.com, mail.diontraining.com, and ftp.diontraining.com.
Marilyn, a system administrator at Dion Training, is troubleshooting a script that should be run every time the system starts up. Unfortunately, the script is not executing during the boot process. She needs to edit the .timer file with the correct time expressions to ensure the script executes during the system's boot process. Which of the following time expressions should be used to accomplish this? A. OnBootSec B. OnCalendar C. Wants D. Requires
A. OnBootSec The .timer file is used by systemd to manage time-based events on a Linux system. The timer unit file supports OnBootSec and OnCalendar as valid time expressions. The OnBootSec time expression is monotonic and is used for time spanning from a specific event, such as system startup. The OnCalendar time expression is real-time and is used for time referencing against the system's clock. The Requires and Wants are directives and not time expressions.
Which of the following types of PKI components require the system to trust the entity directly? A. Self-signed certificate B. Certificate authority C. Certificate signing request D. LDAP
A. Self-signed certificate A self-signed certificate is owned by the same entity that signs it, therefore the system is required to trust the entity directly to verify the certificate's authenticity. A certificate authority (CA) is a server that issues digital certificates for entities and maintains the associated private/public key pair. Certificate authorities act as a trusted third party by signing digital certificates for entities. This allows clients to validate the authenticity of certificates for entities through the certificate authority. A certificate signing request (CSR) is a message sent to a certificate authority (CA) so that an entity can apply for a certificate. A certificate signing request typically includes information that should is entered into the entity's certificate, such as its public key, digital signature, and other identifying information. Lightweight Directory Access Protocol (LDAP) is a directory service protocol that allows clients to authenticate to the LDAP service, and the service's schema defines the tasks that clients can and cannot perform while accessing a directory database
Herbert, a cybersecurity analyst at Dion Training, wants to enforce the principle of least privilege. Which of the following security hardening best practices should be used to accomplish this? A. Setting a strong default umask B. Securing servcie accounts C. Tune kernel parameters D. Managing file access
A. Setting a strong default umask The setting strong default umask best practice is used to configure an appropriate set of default permissions via umask to enforce the principle of least privilege. The audit service accounts are stored in /etc/ passwd to ensure they do not have shell privileges that would permit privilege escalation. The block shell access best practice is enabled by placing / sbin/nologin in the account's shell field of the /etc/passwd file. The managing file access best practice involves carefully configuring permissions and ACLs according to the principle of least privilege and by utilizing SELinux. The tune kernel parameters best practice matches the server's role, installed services, network capabilities, performance requirements, and service levels to the given Linux server.
What is another name for a symbolic link in the Linux operating system? A. Soft links B. Broken links C. Hard links D. Dead links
A. Soft links A soft link or symbolic link is a pointer to the file name and does not access the data available in the original file. A hard link acts as a mirrored copy of the selected file and can be used to access the data available in the original file. A broken link is a link to a webpage or URL that no longer works. A dead link is a hypertext link that points to a webpage or website that is permanently unavailable.
Edwin, a system administrator at Dion Training, wants to assign subjects and objects to run in an unconfined environment. Which of the following SELinux policies should be used to accomplish this? A. Targeted B. Strict C. Minimum D. None
A. Targeted Targeted policy subjects and objects run in an unconfined environment. The untargeted subjects and objects will operate on the DAC method, and the targeted daemons will operate on the MAC method. A strict policy is a policy where every subject and object of the system is enforced to operate on the Mandatory Access Control (MAC) method. The minimum policy is similar to the targeted policy in that subjects and objects run in an unconfined environment but load less configuration into memory. This policy category is appropriate for small devices, such as phones, and experimentation with SELinux
Blanche, a system administrator at Dion Training, wants to manage the system's mount points using systemd. Which of the following sections under the [Mount] section of the .mount file is used to identify the absolute path to a storage device? A. What B. Where C. Type D. Options
A. What The .mount file is used to configure mount points on a file system for use with systemd. There are four options used in a .mount unit file: what, where, type, and options. The 'What' option identifies the absolute path to the storage device that will be mounted. The 'Where' option identifies the absolute path to the mount point's directory. The 'Type' option defines the filesystem type (optional). The 'Options' option specifies any additional required options for the mount action.
Heather, a system administrator at Dion Training, wants to access the graphical user interface of a system remotely. Which of the following should be used to accomplish this? A. X11 forwarding B. Port forwarding C. Dynamic forwarding D. Multifactor authentication
A. X11 forwarding X11 forwarding provides the graphical interface capabilities for Linux using the X11 Windows System (X11). Dynamic port forwarding creates a proxy that is then used by other applications for connectivity. Multifactor authentication (MFA) is the practice of requiring the user to present at least two different factors before the system authenticates them. Port forwarding, also referred to as SSH port forwarding, is a process that allows for tunneling applications through the SSH protocol from the client machine to the server machine over designated ports to add encryption for legacy applications, move through firewalls, and open backdoors into the internal network from an external client machine.
Abbie, a system administrator at Dion Training, needs to determine the associated MAC address for a given IP address she discovered while creating a packet capture using tcpdump. Which of the following commands should be used to accomplish this? A. arp B. ping C. iostat D. ls
A. arp The arp command is used to discover information about known MAC addresses and IP bindings. The ping (Packet Internet Groper) command is used to check the network connectivity between a client and a server. The iostat command is used to generate a report on CPU and device utilization. The iostat command does not provide latency in real-time but can provide some statistics concerning the input/output requests for a storage device and the percentage of time that the CPU was idle while the system had outstanding disk input/output requests. The ls command is used to list all the files and directories contained within a given directory.
Mitchell, a system administrator at Dion Training, wants to reset the contexts throughout the filesystem on a Linux server. Which of the following SELinux features could be used to accomplish this? A. autorelabel B. system booleans C. strict policy D. targeted policy
A. autorelabel The autorelabel feature of SELinux allows sysadmins to cause contexts to be reset throughout the filesystem. System Boolean values enable you to change policy configurations at runtime without actually writing the policy directly. A strict policy is a policy where every subject and object of the system is enforced to operate on the Mandatory Access Control (MAC) method. Targeted policy subjects and objects run in an unconfined environment. When using a targeted policy, the untargeted subjects and objects will operate on the DAC method and the targeted daemons will operate on the MAC method. SELinux was created by National Security Agency to enforce mandatory access control (MAC) in Linux environments. SELinux provides additional file system and network security so that unauthorized processes cannot access or tamper with data, bypass security mechanisms, violate security policies, or execute untrustworthy programs.
While writing a script, you identify the need to check and download packages to update various systems. Which of the following commands can be written into scripts and automate the process of downloading package files? (Select TWO) A. curl B. wget C. netstat D. tcpdump
A. curl B. wget The curl command is used to transfer data to or from a server using any of the supported protocols (HTTP, FTP, IMAP, POP3, SCP, SFTP, SMTP, TFTP, TELNET, LDAP, or FILE). The wget command is used to download files from web servers or file servers using the HTTP, HTTPS, and FTP protocols. The netstat (network statistics) command gathers information about TCP connections to the system. Netstat can be used to display existing connections, listening ports on the server, and network adapter information. The tcpdump command is used to conduct packet captures and analysis in Linux.
John, a system administrator at Dion Training, has been evaluating different package managers that could be used on his Linux server. Which of the following package managers is considered the most modern and up-to-date package manager for Red Hat-based distributions? A. dnf B. yum C. rpm D. zypp
A. dnf The DNF package manager is a modern package manager used on Red Hat-based distributions. The DNF package manager is an updated and evolved version of the YUM and RPM package managers used in Red Hat-based distributions. The ZYpp package manager is a modern package manager used by SUSE-based distributions.
Rachel, a system administrator at Dion Training, needs to present a report to her manager about a specific container running on the server. Which of the following commands should be used to determine which containers are currently running on the server? A. docker ls B. docker stop C. docker restart D. docker logs
A. docker ls The docker ls command is used to list the existing containers on a system. The docker logs command is used to display the log files for the specific container image specified when invoking the command. The docker stop command is used to stop a running container. The docker restart command is used to restart a stopped container.
David and Jason are working on the software code for Dion Training's website using ReactJS. David has just pushed the code to the company's GitHub repository. Jason wants to review it and make some modifications. Which of the following commands should Jason use to obtain and modify David's code? A. get checkout B. git push C. gitignore D. git add
A. get checkout The checkout subcommand in git is used to switch between different versions or branches of the code in the git repository. If Jason needs to review the code and make modifications to it, he should check out the code from the repository using the checkout subcommand. The push subcommand in git is used to upload local repository content to a remote central repository. The add subcommand in git is used to add changes to the working directory, but changes are not formally made until the commit command is run. There is no formal gitignore command and files to be ignored by git are annotated in the .gitignore file.
Zoe, a system administrator at Dion Training, wants to view the current access controls for a given directory. Which of the following commands should be used to accomplish this? A. getfacl B. chown C. chage D. chmod
A. getfacl The getfacl command is used to retrieve the ACLs of files and directories. The getfacl command shows metadata about the object including its owner, its group, any SUID/SGID/sticky bit flags set, the standard permissions associated with the object, and the individual permission entries for users and groups. The chmod (change modification) command is used to modify the permissions of a file or directory, but only the file or directory's owner or a system administrator can change the permissions for an object. The chage (change age) command is used to control password expiration, expiration warnings, inactive days, and other information for existing user accounts. The chown (change ownership) command is used to change the owner, the group, or both the owner and the group for a given file or directory.
Judith, a software developer at Dion Training, needs to copy a working repository to her local directory. Which of the following commands should be used to accomplish this? A. git clone B. git add C. git init D. git pull
A. git clone The git clone command is used to create a working copy of the existing repository. The git init command is used to create a Git repository or reinitialize an existing repository. The git add command is used to add changes to the working directory, but changes are not formally made until the commit command is run. The git pull command is used to download content from a remote repository that updates the local repository to mirror the contents locally.
Sofia, a system administrator, is trying to display information about a Linux server's network interface card. She used to use the ifconfig command but recently learned that it is now deprecated. Which of the following commands should be used to display information about a network interface card on a modern Linux distribution? A. ip B. ss C. lsof D. ssh
A. ip The ip (internet protocol) command is a suite of tools used for configuring network interfaces and displaying information about those interfaces. The ss (socket state) command is a network utility used to provide information about established TCP connections or which ports the system may be listening on for inbound connections. The ssh (secure shell) command provides a secure encrypted connection between two hosts over an insecure network. The lsof command displays a list of the open files and the processes that opened them.
Mavis, a system administrator at Dion Training, wants to upgrade the system's memory to improve the performance of a Linux server. Before the upgrade, Mavis wants to display statistics and details about the server's currently installed memory. Which of the following commands should be used to accomplish this? A. lsmem B. lscpu C. lsusb D. vmstat
A. lsmem The lsmem command lists the ranges of available memory with their online status. The listed memory blocks correspond to the memory block representation in sysfs. The lsmem command also shows the memory block size and the amount of memory in an online and offline state. The vmstat command is sued to display the amount of virtual memory used by a Linux system. Virtual memory is a file or partition on a system that is used when the system runs out of physical memory. The lscpu command is used to gather CPU architecture information from sysfs, /proc/cpuinfo and any applicable architecture-specific libraries). The lscpu command output includes information about the number of CPUs, threads, cores, sockets, Non-Uniform Memory Access (NUMA) nodes, and more. The lsusb command is used to display information about devices connected to a Linux system's USB ports.
Elliott, a system administrator at Dion Training, received a request to open a port in the software firewall to support a recently installed application on a Linux server. After he creates the port exception in the firewall's configuration, which of the following commands should he execute so that SysVinit can reread the service's configuration files while the firewall service continues to run? A. reload B. start C. restart D. stop
A. reload The SysVinit service reload command is used to reread a service's configuration files while the service remains running on the Linux server. The SysVinit service start command is used to activate a service immediately. The SysVinit service stop command is used to deactivate a service immediately. The SysVinit service restart command is used to restart a service immediately. Using either start, stop, or restart would cause the service to stop running while rereading the service's configuration files.
Consider the output from the command line interface above. Which of the following commands would be used to create the above output? A. stat B. file C. awk D. netcat
A. stat The stat command would use be to create the output shown in the screenshot. The stat command displays file metadata in a user-friendly structure containing the file's size, access information, and storage data. The nc (netcat) command is used to test connectivity and send data across a network connection. The nc command is also used by penetration testers and system administrators to conduct a banner grab of the web server. The awk command is a pattern-matching tool that is used to search a file for the specified information and can then perform specified actions once the string is found. The file command displays the file type of a specified file.
Kevin, a software developer at Dion Training, wants to increase the CPU priority of some custom software that is running on the company's Linux server. Which of the following commands should be used to accomplish this? A. sudo renice -{VALUE} ./dataAg.exe B. sudo ps dataAg.exe nice={VALUE} C. sudo ps dataAg.exe renice={ PRIORITY} D. systemctl {PID} --renice={ PRIORITY}
A. sudo renice -{VALUE} ./dataAg.exe The sudo renice -{VALUE} ./dataAg.exe is the correct syntax to adjust a process's nice value. The remaining options are not valid Linux commands. A nice value is associated with every running process with higher nice numbers being given a higher priority by the CPU for processing. The default nice value assigned to an application is 0. The highest nice value is -19. The lowest nice value is 20.
Ian, a system administrator at Dion Training, needs to remove a user from a Linux server. Which of the following commands should be used to accomplish this? A. userdel B. useradd C. usermod D. groupadd
A. userdel The userdel command is used to delete or remove an existing user account on a system. The useradd command is used to create user accounts and configure the default settings for a new user. The usermod command is used to modify the system account files to reflect changes for a given user account. The groupadd command is used to create a new group.
Which of the following commands is used to download software packages from web servers and file servers, but only supports the HTTP, HTTPS, FTP, and FTPS protocols? A. wget B. curl C. mtr D. netstat
A. wget The wget command is used to download files from web servers or file servers using the HTTP, HTTPS, and FTP protocols. The curl command is used to transfer data to or from a server using any of the supported protocols (HTTP, FTP, IMAP, POP3, SCP, SFTP, SMTP, TFTP, TELNET, LDAP, or FILE). The mtr command is a combination of the ping and traceroute tools that includes additional improvements to enable testing of the quality of a network connection. The netstat (network statistics) command gathers information about TCP connections to the system. Netstat can be used to display existing connections, listening ports on the server, and network adapter information.
Andrew, a system administrator at Dion Training, wants to take the output from one command and use it as the input to a second command. Which of the following redirectors should be used to accomplish this? A. | B. >> C. > D. <<
A. | The pipe operator (|) is used to combine the standard I/O streams of two or more commands. The pipe operator takes the standard output of one command and redirects it as the standard input for another command. The (<) reads the input from a file rather than from the keyboard or mouse. The (>>) operator appends the standard output to the end of the destination file. The (>) operator redirects the standard output to a file
Bradley, a system administrator at Dion Training, wants to run a script on a Linux server. The script is expected to output a lot of information onto the screen and he fears the command prompt could be unusable due to the amount of information being processed by the script. To prevent this, he wants to run the script in the background. Which of the following operators should be used to accomplish this? A. | B. & C. || D. &&
B. & The (&) operator is used to run a process in the background. The (&&) operator represents the logical AND condition. The (||) operator represents the logical OR condition. The pipe operator (|) is used to combine the standard I/O streams of two or more commands. The pipe operator takes the standard output of one command and redirects it as the standard input for another command.
Luke, a system administrator at Dion Training, wants to modify the installation priorities of the APT command to first use the system's local area repositories. Which of the following files should be modified to achieve this? A. /etc/yum.conf B. /etc/apt.conf C. /etc/dnf/dnf.conf D. /etc/apt/sources.list.d
B. /etc/apt.conf The /etc/apt.conf configuration file is used for managing the configuration of the APT tool suite. The /etc/yum.conf file is used to manage global settings for the YUM package manager and contains items such as repository configuration files, log file locations, and cache information. The /etc/dnf/dnf.conf contains global settings for the DNF package manager. The file /etc/apt/sources.list.d contains a list of configured APT (Advanced Package Tool) data sources to fetch packages from the Internet or local repository on a Debian-based system, but this list is not used to prioritize which repository is accessed first.
Derrick, a system administrator at Dion Training, wants to configure his Linux server's system time to synchronize with another server's time. Which of the following files does he need to configure to accomplish this? A. /etc/ntp.repo B. /etc/ntp.conf C. /etc/chrony.configuration D. ~/.ssh
B. /etc/ntp.conf The Network Time Protocol daemon (ntpd) synchronizes system time across one or more specified time servers using port 123. The time server to be used for the synchronization can be set by editing the /etc/ntp.conf file. The ~/.ssh store ssh configuration information. Both /etc/chrony.configuration and /etc/ntp.repo are not recognized default configuration files on a Linux system.
Jane, a system administrator at Dion Training, is reviewing the /etc/rsyslog.conf file and notices that the configuration file is missing the default port number used by the rsyslog service. Which of the following default ports and protocols should be used by rsyslog on a Linux system? A. 80/TCP B. 514/UDP C. 22/TCP D. 443/TCP
B. 514/UDP The rsyslog and syslog both use port 514 with UDP by default. The Hypertext Transmission Protocol (HTTP) uses port 80 with TCP by default. The Hypertext Transmission Protocol Secure (HTTPS) uses port 443 with TCP by default. The Secure Shell (SSH) uses port 22 with TCP by default.
Which of the following metacharacters is used during globbing to represent a single character? A. * B. ? C. [ ] D. &
B. ? The question mark (?) metacharacter is used to represent exactly one (1) character when matching patterns during globbing. The asterisk (*) metacharacter is used to represent 1 or more characters during pattern matching. The square bracket [ ] metacharacters are used to match any of the characters listed within the brackets. The ampersand (&) metacharacter is used to denote that a script or command should be run in the background. While the * and [ ] metacharacters could be used to represent a single character, they can also be used to represent multiple characters so they are not the correct answer to this question.
Nova, a system administrator at Dion Training, is updating the Samba software on several Linux servers. Nova uses the yum package manager to update the application and noticed that a new file called .rpmnew is in the current directory. What is the purpose of the .rpmnew file? A. A copy of the modified configuration file for the application B. A file that contains the new configuration settings suggested by the vendor C. A file containing the open-source licensing information D. A log file containing any errors encountered during the installation
B. A file that contains the new configuration settings suggested by the vendor The .rpmnew file is a file that contains the new configuration settings suggested by the vendor. The .rpnnew file is produced so that users can compare a software package's updated configuration defaults to their own modified configuration files. Then, the user can then apply changes made in the .rpmnew file, as needed.
Leigh, a system administrator at Dion Training, is experiencing performance issues when running an application over the LAN. She ran the ioping command on the server hosting the application and determined that there is high latency being experienced when reading and writing to the server's hard disk. Which of the following is MOST likely the cause of the high latency being experienced? A. A time synchronization error occurred B. A storage hardware failure occurred C. A network failure occurred D. A privilege revocation occurred
B. A storage hardware failure occurred Storage hardware failure is a common cause of high latency in a Linux system. A time synchronization issue would not directly impact storage access at a low level. A network issue is unlikely since the application is being run over the network. If a network issue was at fault, then the application would fail to load. If a privilege revocation occurred, this would cause the application to fail to load instead of simply performing slowly.
Hannah, a system administrator at Dion Training, is assigning permissions to different folders on the share drive. The 'Artificial Intelligence' folder exists in the root of the file system and needs to provide one set of permissions for the Developers group and the second set of permissions for the Cybersecurity group. Which of the following Linux features would allow the administrator to assign varying degrees of access to multiple groups for a folder or directory? A. Default object permissions B. ACLs C. firewall D. systemctl
B. ACLs ACLs allow for granular permission access for multiple users or groups on a file or directory. An access control list (ACL) is a list of permissions attached to an object. ACLs can be used for situations where the traditional file permissions are not sufficient to configure the proper permissions for an object. The default object permissions do not allow for multiple group permission sets. Firewalls are not used to modify file permissions. Systemctl is used to manage the systemd suite.
Alex, a cybersecurity analyst at Dion Training, has configured system logging on all of the company's Linux servers. Which of the AAA security principles does this enforce? A. Authorization B. Auditing C. Authentication D. None
B. Auditing Auditing is a security principle which ensures the proper security controls are in place on a system. Logging allows the tracking of activities which can be used to detect breach or gaps in security. Authorization is a security principle which limits user and system access to only objects and actions that are essential. Authentication is the process of properly identifying yourself to a system
Alison, a system administrator at Dion Training, is working on an openSUSE server. Which of the following tasks will be performed if the command "zypper in" is executed on this system? A. Updating a software package B. Installing a software package C. Removing a software package D. Upgrading the operating system
B. Installing a software package The zypper in or install command is used to install a Zypper package. The zypper up or update command is used to update a Zypper package.The zypper rm or remove command is used to remove a Zypper package. Zypper is used to install, remove, or upgrade Zypper packages, not the entire openSUSE operating system
Louisa, an IT auditor at Dion Training, recommends that the company upgrade its ext2 filesystems to a more modern filesystem to increase storage device stability. Which of the following features of a modern filesystem would provide additional stability over using the ext2 filesystem? A. Maximum file size of 16 GB B. Modern file systems use journaling C. Maximum filename length of 255 characters D. Maximum filesystem size of 2 TB
B. Modern file systems use journaling The ext2 filesystem is a non-journaled filesystem that has been used in Linux distributions since 1993. the ext2 filesystem is still often used with flash storage media in Linux distributions. Journaling is a feature included in most modern filesystems. Journaling creates a log of the changes that have not yet been committed to the file system's main part by recording the goal of such changes in a circular log or data structure known as a journal. This journal can be used to rapidly reconstruct corruptions that may occur due to events such as a system crash or power outage. The journal is an on-disk log containing data about the filesystem and it is kept up-to-date as the filesystem changes. The maximum file size is 16 GB, the maximum filename length is 255 characters, and the maximum filesystem size is 2 TB in an ext2 filesystem.
Agnes, a system administrator at Dion Training, is currently working in her home directory. She enters 'cd Documents' in the shell to move into the Documents directory. Which of the following types of path traversals was just performed? A. Absolute B. Relative C. Parent D. Same
B. Relative A relative path defines the directories to traverse based on the user's current location in the filesystem. An absolute path defines the directories to traverse by starting from the root of the filesystem. A traversal to a parent directory occurs when the user enters the 'cd ..' command. A traversal to the same directory occurs when the user enters the 'cd .' command.
Gary, a system administrator at Dion Training, entered the "su -" command at the shell prompt. Which of the following user accounts do you expect the system administrator to now be operating as in the shell? A. An anonymous account on the server B. The root account on the server C. The last logged in user on the server D. The system administrator's own account
B. The root account on the server The su (switch user) command is used to switch user accounts. If the su command is executed without specifying a user (su - ), then the system will try to switch to the root user. If the su command is executed with a user specified (su jasondion), then the system will try to switch to the specified user's account.
Alma, a system administrator at Dion Training, runs the top command on a Linux server and sees a high value for the %wa metric. Which of the following BEST describes what this metric is used for? A. This metric represents the amount of time a virtual CPU is waiting for access to the physical CPU B. This metric represents the amount of time the CPU is waiting for I/O access C. This metric represents the amount of time the CPU is idle D. This metric represents the amount of time the CPU spent running user processes
B. This metric represents the amount of time the CPU is waiting for I/O access The top command dynamically displays the processes consuming the most system resources. The %wa metric displays the I/O wait time. If the %wa is high, this indicates that the run queue is too high. The %id displays CPU idle time and if this is too high then this indicates that the CPU is working too hard. The %us displays CPU time spent running user processes. The %st displays steal which indicates how often a virtual CPU is waiting for access to the physical CPU. The %s displays the CPU time spent running the Linux kernel.
Which modern type of firmware is run when the computer powers on and enables the initial testing of various hardware components? A. BIOS B. UEFI C. initrd.img D. GRUB2
B. UEFI The Unified Extensible Firmware Interface (UEFI) is newer firmware technology that has replaced the BIOS in most modern computers. UEFI runs faster than BIOS, can operate within a greater amount of memory, access larger storage drives, access more hardware types, and improves the security of the computer. The Basic Input/Output System (BIOS) is a standard for firmware interfaces stored on a motherboard's ROM chip. The BIOS firmware is run when the computer powers on, enables it to test the various hardware components in the computer, and runs the boot loader to start up the operating system. The Linux initrd image is an archive file containing all the essential files required for booting the operating system. GRUB2 is a popular Linux bootloader.
Derek, a system administrator at Dion Training, wants to generate a digital certificate that can be used across multiple subdomains. For example, the certificate should be valid for use with www.diontraining.com, mail.diontraining.com, and ftp.diontraining.com. Which of the following certificates should be generated to accomplish this? A. Public key certificate B. Wildcard certificate C. Private key certificate D. Self-signed certificate
B. Wildcard certificate Wildcard certificates support multiple subdomains of a single parent domain, such as www.diontraining.com, mail.diontraining.com, and ftp.diontraining.com using a single digital certificate. Private keys are maintained securely by an individual or device and used to decrypt messages that are encrypted by their public key. Private keys are also used to create digital signatures by encrypting a hash of the sent data. The public key refers to one-half of a user key pair under the Public Key Infrastructure (PKI). This key is available to any user who wants to encrypt a message to a specific individual. The message can only be decrypted by the recipient's private key. A certificate authority (CA) is a server that issues digital certificates for entities and maintains the associated private/public key pair. Internal CAs issue self-signed certificates—certificates that are owned by the same entity that signs them. In other words, the certificate does not recognize any authority and is essentially certifying itself. Self-signed certificates require the client to trust the entity directly.
Which of the following languages is a superset of JSON and is used exclusively to write Ansible playbooks? A. Bash B. YAML C. Ansible D. Python
B. YAML YAML is a superset of JSON and is used exclusively to write Ansible playbooks. YAML Ain't Markup Language (YAML) files are written as a human-readable data-serialization language. Bash is the default shell in Linux. Ansible is an orchestration tool that is commonly used for Red Hat Enterprise Linux deployments, is agentless, and relies on the Python programming language. Python is a high-level, general-purpose programming language whose design philosophy emphasizes code readability with the use of significant indentation.
Which of the following commands displays information about devices attached to the system regardless of which bus they are connected to? A. lspci B. dmidecode C. lsusb D. make
B. dmidecode The dmidecode command displays system information for current devices. The dmidecode command can also indicate upgrade possibilities by showing maximum processor and memory upgrades. The lspci command displays information about devices attached to the Peripheral Component Interconnect (PCI) bus. The lsusb command displays information about devices attached to the USB bus of the system. The make command assists in maintaining a set of programs by building up-to-date versions of programs. The make command automatically looks for the makefile in the current directory.
Lucy, a system administrator at Dion Training, wants to stop the container that is running SonarQube on the company's server. Which of the following commands should be used to accomplish this? A. docker start B. docker stop C. docker ls D. docker logs
B. docker stop The docker stop command is used to stop a running container. The docker start command is used to start a stopped container. The docker ls command is used to list the existing containers on a system. The docker logs command is used to display the log files for the specific container image specified when invoking the command.
Hudson, a system administrator at Dion Training, wants to install the tcp_lc module during runtime. He has already verified that all of the dependencies are running, so he doesn't need to insert any dependencies into the running kernel. Which of the following commands should he use to accomplish this? A. rmmod B. insmod C. modinfo D. lsmod
B. insmod The insmod command installs a module into the currently running kernel by inserting only the specified module without inserting any dependent modules. The lsmod command displays the currently loaded kernel modules, their sizes, usage details, and their dependent modules. The rmmod command removes a module from the currently running kernel. The modinfo command displays information about a particular kernel module, such as the file name of the module, license, description, author's name, module version number, dependent modules, and other parameters or attributes.
Nicole, a cybersecurity analyst at Dion Training, wants to conduct packet analysis using a command-line utility in Linux. Which of the following commands should be used to accomplish this? A. traceroute B. tshark C. iperf D. iostat
B. tshark The tshark command is a network protocol analyzer that can be used to capture packet data from a live network, read packets from a previously saved capture file, or write packets to a file. The iperf command is used to test the maximum throughput an interface will support. The iostat command is used to generate a report on CPU and device utilization. The traceroute command is used to display the network path between a client and a server, including any routers or firewalls used between the two systems.
Sophia, a system administrator at Dion Training, has identified that 60 TB of storage space has been allocated by the logical volume manager (LVM) for the storage of Quizzes (20 TB), Tests (20 TB), and Instructor Documentation (20 TB). Unfortunately, there are lots of test questions and this is causing the Tests volume to receive low storage availability warnings. The Instructor Documentation volume currently only has 1.2 TB of data stored on it, so Sophia wants to increase the Tests volume to 35 TB and decrease the Instructor Documentation volume to 5 TB. Which of the following commands should be used to resize the logical volumes for Tests and Instructor Documentation? A. lvscan B. lvresize C. pvcreate D. vgcreate
B. lvresize The lvresize command resizes logical volumes on a Linux server. The pvcreate command initializes a drive or partition to use as a physical volume on a Linux server. The vgcreate command creates volume groups on a Linux server. The lvscan command scans all physical devices for logical volumes on a Linux server.
Conor, a system administrator at Dion Training, wants to delete a container image from the current list of available containers on a Linux server. Which of the following commands should be used to accomplish this? A. podman ps -a B. podman rmi {ID} C. podman push D. podman images
B. podman rmi {ID} The podman rmi {image ID} command is used to remove or delete a container image from the list of currently available containers on a Linux server. The podman ps -a is used to list all of the running containers on a Linux server. The podman push command is used to push or upload a container image to a specified destination, such as a container management service (Docker or Kubernetes). The podman images command is used to list out all of the container images available on a local Linux server.
Which of the following processes would allow an application to be tunnelled through the SSH protocol to encrypt the data during transmission? A. rsync B. port forwarding C. ping D. iostat
B. port forwarding Port forwarding, also referred to as SSH port forwarding, is a process that allows for tunneling applications through the SSH protocol from the client machine to the server machine over designated ports to add encryption for legacy applications, move through firewalls, and open backdoors into the internal network from an external client machine. The rsync command is a data transfer tool that only transfers changed files and avoids copying duplicate information that already exists at the remote destination to drastically reduce network traffic. The ping (Packet Internet Groper) command is used to check the network connectivity between a client and a server. The iostat command is used to generate a report on CPU and device utilization.
Which of the following commands functions similarly to the echo command, but can also provide additional formatting options? A. nano B. printf C. awk D. lsusb
B. printf The printf command displays and outputs formatted data. The lsusb command displays information about devices attached to the USB bus of the system. Nano is an easy-to-use command line text editor in Linux that is used to edit text and configuration files. The awk command is a pattern-matching tool that is used to search a file for the specified information and can then perform specified actions once the string is found.
Asher, a system administrator at Dion Training, wants to copy files from a backup file server to a production server over the company's internal network. Which of the following commands would create an encrypted tunnel between the client and the server to securely copy files over the network? A. tcpdump B. scp C. netstat D. resolvectl
B. scp The scp (secure copy) command is used to copy data to/from a remote host using SSH. The netstat (network statistics) command gathers information about TCP connections to the system. Netstat can be used to display existing connections, listening ports on the server, and network adapter information. The resolvectl command allows an administrator to manually query the name resolution services to confirm that the names and IP addresses returned are accurate. The tcpdump command is used to conduct packet captures and analysis in Linux.
Joe, a system administrator at Dion Training, wants to display the resources currently in use. The output of the command should be ordered based on the amount of memory consumed by each process. Which of the following commands should be used to accomplish this? A. ps {PID} kill B. top with M option C. sudo pkill -15 {PID} D. iostat
B. top with M option The top command with the M option is used to display memory consumption would display the resources being used and will display them in order of their memory consumption. The iostat command is used to generate a report on CPU and device utilization. The sudo pkill -15 {PID} command sends the SIGTERM signal to the application which results in a graceful shutdown of the process. The p- {PID} command displays processes associated with a given PID.
Brian, a system administrator at Dion Training, wants to modify the sudoers file to give specific privileged access to designated users. Which of the following commands should be used to safely accomplish this? A. su B. visudo C. sudo D. pkexec
B. visudo Visudo edits the sudoers file in a protected and safer manner. Visudo locks the sudoers file against multiple simultaneous edits, provides basic syntax checking, and also checks for parsing errors to ensure the sudoers file doesn't get corrupted during editing. The su (switch user) command is used to switch user accounts. The sudo command allows a user to run only specific, delegated commands that normally require administrative privileges. The pkexec command is a part of the polkit toolset that allows a user to execute an action they are authorized to perform. Polkit is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged ones.
Riley, a system administrator at Dion Training, needs to modify the global settings for the DNF application, including where to find the repository configuration files, log file locations, and cache information. Which of the following files/directories contain DNF's global settings? A. /etc/yum.conf B. /etc/apt.conf C. /etc/dnf/dnf.conf D. /etc/yum.repo.d
C. /etc/dnf/dnf.conf The /etc/dnf/dnf.conf contains global settings for the DNF package manager. The /etc/yum.repos.d directory contains reference files for both the YUM and DNF package managers. The /etc/apt.conf configuration file is used for managing the configuration of the APT tool suite. The /etc/yum.conf file is used to manage global settings for the YUM package manager and contains items such as repository configuration files, log file locations, and cache information.
Richard, a system administrator at Dion Training, wants to assign subjects and objects to run in an unconfined environment without having to load all of the configurations into memory. Which of the following SELinux policies should be used to accomplish this? A. Targeted B. Strict C. Minimum D. None
C. Minimum The minimum policy is similar to the targeted policy in that subjects and objects run in an unconfined environment but load less configuration into memory. This policy category is appropriate for small devices, such as phones, and experimentation with SELinux. Targeted policy subjects and objects run in an unconfined environment. The untargeted subjects and objects will operate on the DAC method, and the targeted daemons will operate on the MAC method. A strict policy is a policy where every subject and object of the system is enforced to operate on the Mandatory Access Control (MAC) method.
Ruby, a system administrator at Dion Training, created a new file for members of the Student Support department to utilize, but the other members of the department cannot modify the file. Which of the following is MOST likely the cause of this issue? A. The sticky bit is set on the file B. The file doesn't have the proper read/write permissions set C. The group owner of the file needs to be set to the Student Support department D. The file ownership needs to be set to the root group
C. The group owner of the file needs to be set to the Student Support department When a file is initially created, the owner and group are set to the user account that created that file by default. Therefore, the group owner must be manually modified to provide the rest of the department access to the file by setting the Student Support department as the group owner of the file
Mohammad, a system administrator at Dion Training, wants to delete a log file that is past its retention date. He is unable to delete the file using the su command and the root user's privileges. Which of the following is MOST likely preventing the deletion of this file? A. The file has execution privileges set for the user/group/other fields B. The file's owner is set to the root user C. The immutable flag is set on the file D. The file is configured to be automatically compressed after saving
C. The immutable flag is set on the file The immutable flag is an attribute of a file or directory that prevents it from being modified, even by the root user. When the immutable flag is set, only the owner can delete, rename, or write to the file. Since the system administrator could not delete the file as the root user, the file is not owned by the root user. Automatic file compression after saving would not impact the file's ability to be deleted. If the file has execute permissions assigned, this would allow the file to be run (such as a script) and would not affect the file's ability to be deleted.
Jayne, a system administrator at Dion Training, is troubleshooting some virtual machines hosted on a Linux server. The virtual machines are experiencing slow performance, so Jayne runs the top command and sees a high value for the %st metric. Which of the following BEST describes what this metric is used for? A. This metric represents the amount of time the CPU spent running user processes B. This metric represents the amount of time the CPU is idle C. This metric represents the amount of time a virtual CPU is waiting for access to the physical CPU D. This metric represents the amount of time the CPU is waiting for I/O access
C. This metric represents the amount of time a virtual CPU is waiting for access to the physical CPU The top command dynamically displays the processes consuming the most system resources. The %st displays steal which indicates how often a virtual CPU is waiting for access to the physical CPU. The %wa metric displays the I/O wait time. If the %wa is high, this indicates that the run queue is too high. The %id displays CPU idle time and if this is too high then this indicates that the CPU is working too hard. The %us displays CPU time spent running user processes. The %s displays the CPU time spent running the Linux kernel.
Ryan, a system administrator at Dion Training, wants to manage the system's mount points using systemd. Which of the following sections under the [Mount] section of the .mount file is used to identify the filesystem type? A. What B. Where C. Type D. Options
C. Type The .mount file is used to configure mount points on a file system for use with systemd. There are four options used in a .mount unit file: type, what, where, and options. The 'Type' option defines the filesystem type (optional). The 'What' option identifies the absolute path to the storage device that will be mounted. The 'Where' option identifies the absolute path to the mount point's directory. The 'Options' option specifies any additional required options for the mount action.
Jamario, a system administrator, wants to search a log file for any instances where a specific IP address appears so that he can conduct further analysis. Which of the following commands is used to perform a pattern-based search within a specified file? A. nano B. printf C. awk D. lsusb
C. awk The awk command is a pattern-matching tool that is used to search a file for the specified information and can then perform specified actions once the string is found. The printf command displays and outputs formatted data. The lsusb command displays information about devices attached to the USB bus of the system. Nano is an easy-to-use command line text editor in Linux that is used to edit text and configuration files.
Steven, a system administrator at Dion Training, wants to display a list of all of the valid user and service accounts on a Linux server. Which of the following commands should be used to accomplish this? A. cat /etc/user B. cat /etc/accounts C. cat /etc/passwd D. cat /usr/bin
C. cat /etc/passwd The /etc/passwd file is a text-based database of information about users that may log into the system or other operating system user identities that own running processes. The /usr/bin includes executable programs that can be executed by all users. The /etc/user and /etc/accounts are not valid default Linux files.
Jason, the Lead Instructor at Dion Training, is reviewing an archive of the company's student reviews. Which command should he use to copy data in and out of the local backup storage device? A. dd B. xz C. cpio D. awk
C. cpio The cpio (copy in out) tool copies files to and from archives. The xz command is a data compression utility that reduces the size of selected files and manages files in the .xz file format. The awk command is a pattern-matching tool that is used to search a file for the specified information and can then perform specified actions once the string is found. The dd command copies and converts files to enable them to be transferred from one media type to another.
Which of the following directories in Linux contains the software drivers used by the system to interact with connected devices? A. proc B. sys C. dev D. etc
C. dev The dev directory in Linux contains software drivers that allow the system to interact with connected devices. The dev directory contains the special device files for all the devices and is created during installation. The etc directory contains the system configuration files for a Linux system. The proc directory is a virtual file system (VFS) that provides significant information about the kernel's running process. The proc directory is a virtual file system (VFS) that provides significant information about the kernel's running process. Under this directory, there are other files such as the cpuinfo, cmdline, filesystems, meminfo, and modules files that provide detailed information from the Linux kernel on a given system. The sys directory is a virtual filesystem that stores and allows modification of the devices connected to the system.
Gail, a system administrator at Dion Training, is trying to configure a Linux server's firewall to allow connections to an external log server using SSH. She wants to display the current list of allowed ports for the server's firewall. Which of the following commands should be used to accomplish this? A. firewall-cmd --zone=dmz --change-interface=<device ID> B. firewall-cmd --zone=dmz --get-zones C. firewall-cmd --zone=dmz --list-all D. firewall-cmd --reload
C. firewall-cmd --zone=dmz --list-all The firewall-cmd --zone=dmz --list-all command list all ports available to reached in the dmz zone. The firewall-cmd --zone=dmz --change-interface=<device ID> command is used to the change the interface associated with a specific firewall zone. The firewall-cmd --reload reloads the specified zone's configuration. The firewall-cmd --zone=dmz --get-zones is not a proper command.
Vanessa, a junior system administrator, is attempting to remove FTP remote access to the servers by modifying the configuration of the Linux firewall. Which of the following commands should she use to remove FTP access to the server? A. firewall-cmd --zone=dmz --add-port=22/tcp B. firewall-cmd --zone=dmz --remove-service=http C. firewall-cmd --zone=dmz --remove-port=21/tcp D. firewall-cmd --get-zones
C. firewall-cmd --zone=dmz --remove-port=21/tcp The firewall-cmd --zone=dmz -remove-port=21/tcp is used to remove or block port 21 (FTP) in the firewall's configuration. The firewall-cmd --zone=dmz --remove-port=22/tcp is used to remove or block port 22 (SSH) in the firewall's configuration. The firewall-cmd --remove-service=http will remove or block port 80 (HTTP) in the firewall's configuration. The firewall-cmd --get-zones will list out all of the firewall zones, but it will not modify the firewall's current settings
Kate, a system administrator at Dion Training, is writing a script in Bash that will perform a calculation if the value of X is greater than zero or equal to zero. Which of the following logical conditions should be used to test this condition? A. if [ "$X" -gt "0"] && ["$X" -eq "0"] B. if [ "$X" -gt "0"] && ["$X" -ne "0"] C. if [ "$X" -gt "0"] || ["$X" -eq "0"] D. if [ "$X" -gt "0"] || ["$X" -ne "0"]
C. if [ "$X" -gt "0"] || ["$X" -eq "0"] To create a conditional statement in Bash, you need to use the if/then/else/fi construct. The logical condition of this is created after the keyword if. Since the question states that either of the two conditions must be true, you need to use the or (||) condition. The right answer tests if [ "$X" -gt "0" ] is true OR if [ "$X" -eq "0"]. This means is the number stored in the variable X greater than 0 or is the number stored in the variable X equal to 0. The other options have logical fallacies that would cause an incorrect response to occur during the execution of the script.
Rhiannon, a system administrator at Dion Training, is troubleshooting an issue with an application that is preventing it from displaying the user's data. She wants to generate a live report of the I/O latency for the hard disk drive to aid in her troubleshooting efforts. Which of the following commands should be used to accomplish this? A. iostat B. traceroute C. ioping D. ping
C. ioping The ioping command is used to generate a report of a device's input/output (I/O) latency in real-time. The ioping command is commonly used to determine the speed of storage device, such as a hard disk drive, in terms of input/output speed and access time latency. The iostat command is used to generate a report on CPU and device utilization. The iostat command does not provide latency in real-time but can provide some statistics concerning the input/output requests for a storage device and the percentage of time that the CPU was idle while the system had outstanding disk input/output requests. The traceroute command is used to display the network path between a client and a server, including any routers or firewalls used between the two systems. The vgdisplay command lists attributes of volume groups.
Frances, a system administrator at Dion Training, received an error that one or more files are currently in use and cannot be backed up. Frances wants to display a list of all the files which are currently opened by active processes to troubleshoot the backup. Which of the following commands should be used to accomplish this? A. nice B. htop C. lsof D. ps
C. lsof The lsof command displays a list of the open files and the processes that opened them. The nice command allows users to start new processes at a specified priority level. A nice value is associated with every running process with higher nice numbers being given a higher priority by the CPU for processing. The ps command is used to display the process table that summarizes the currently running processes on a system. The htop command is a user-friendly color-coded display that shows CPU and memory utilization.
Chloe, a network administrator, is troubleshooting domain name resolution on a Linux server. Which of the following commands is used to quickly resolve IP addresses to domain names and domain names to IP addresses during troubleshooting? A. hostnamectl B. arp C. resolvectl D. ifcfg
C. resolvectl The resolvectl command allows an administrator to manually query the name resolution services to confirm that the names and IP addresses returned are accurate. The arp command is used to discover information about known MAC addresses and IP bindings. The ifcfg command is an alternative to ifconfig or the ip command for managing IP addressing. The hostnamectl command is used to view the system's hostname, to display the version of the Linux kernel being used, and display other information about the system's hardware. The systemd hostnamectl set-hostname command can be used to configure or change the hostname of the current Linux server.
Dora, a network administrator at Dion Training, needs to remotely access the company's router using a secure connection over a public network. Which of the following commands should she use to create a secure and encrypted connection between two hosts over an insecure public network, such as the internet? A. udevadm B. systemd C. ssh D. telnet
C. ssh The ssh (secure shell) command provides a secure encrypted connection between two hosts over an insecure network. The telnet command provides an insecure network connection to virtually access a computer over a network using the telnet protocol. Telnet communications occur in plaintext and are unencrypted, making it unsafe to use over a public network, such as the internet. The udevadm command is a device management tool that is used to manage all the device events and to control the udevd daemon. The systemd software suite provides an init method for initializing a Linux system and provides tools for managing services on the system that derives from the init daemon.
Callum, a system administrator at Dion Training, wants to prevent the telnet daemon service from being started by any other service on a given Linux server. Which of the following commands should be used to accomplish this? A. systemctl start B. systemctl stop C. systemctl mask D. systemctl status
C. systemctl mask The systemctl command is used to control the systemd init daemon. The systemctl command is used to view running services, manage (enable/disable) services to run during boot or within the current session, determine the status of these services, and manage the system target. The systemctl mask command prevents a service from being started by any other service. The systemctl start command activates a service immediately. The systemctl stop command is used to stop a service or daemon, but it is not persistent and the service will restart once the system reboots. The systemctl status command is used to check the status of the ssh daemon. This command will then return the status of the daemon or service, such as active (running), active (exited), active (waiting), inactive, enabled, or disabled.
James is currently working on a hard disk formatted with the xfs file system. James has decided to use custom UUID labels for the partitions. Which of the following xfs utilities is used to create these custom labels? A. xfs_repair B. xfs_metadump C. xfs_admin D. xfs_info
C. xfs_admin The xfs_admin command changes the parameters of an XFS file system, including its label and UUID. The xfs_repair command repairs and recovers a corrupt XFS file system. The xfs_metadump command copies the superblock metadata of the XFS file system to a file. The xfs_info command displays details about the XFS file system and its block information
Marlene, a cybersecurity analyst at Dion Training, identified a potential security breach on the company's network. She suspects that a malicious user gained access to a Linux workstation and then used it as a pivot point to remotely connect to other SSH servers located in the company's intranet. She wants to review files on the workstation to determine which remote systems it may have connected to. Which of the following files is used to store the public keys of any remote systems that a Linux workstation has previously connected to? A. ~/.ssh/authorized_keys B. /etc/ssh/sshd_config C. ~/.ssh/known_hosts D. /etc/ssh/ssh_config
C. ~/.ssh/known_hosts The ~/.ssh/known_hosts file stores the public keys of any remote systems that the client has connected to. The ~/.ssh/authorized_keys file stores the keys on the remote SSH servers that the client machine connects to and allows key-based authentication to occur. The /etc/ssh/ssh_config file is used to define the SSH client settings and is not usually customized. The /etc/ssh/sshd_config file must be edited to configure who is allowed to remotely connect to the server, what level of remote access they will have when connecting, and to present a warning or instructional message to the user when connecting.
Jordan, a system administrator at Dion Training, wants to define the SSH client settings on a Linux workstation. Which of the following files should be modified to accomplish this? A. ~/.ssh/authorized_keys B. /etc/ssh/sshd_config C. ~/.ssh/known_hosts D. /etc/ssh/ssh_config
D. /etc/ssh/ssh_config The /etc/ssh/ssh_config file is used to define the SSH client settings. The /etc/ssh/sshd_config file must be edited to configure who is allowed to remotely connect to the server, what level of remote access they will have when connecting, and to present a warning or instructional message to the user when connecting. The ~/.ssh/known_hosts file stores the public keys of any remote systems that the client has connected to. The ~/.ssh/authorized_keys file stores the keys on the remote SSH servers that the client machine connects to and allows key-based authentication to occur.
Katherine, a system administrator at Dion Training, just executed the command 'tail log.txt' from the command line. How many lines of text should she expect to be displayed on the terminal? A. 1 B. 2 C. 5 D. 10
D. 10 The tail command displays the last ten lines of the specified file.
Philip, a system administrator at Dion Training, wants to automate the configuration of cloud-based virtual machines using bootstrapping. Which of the following should be used to accomplish this? A. Orchestration B. Infrastructure as Code (IaC) C. Continuous Integration/Continuous Deployment (CI/CD) D. Cloud-init
D. Cloud-init Cloud-init scripts are used for automating tasks and bootstrapping cloud-based virtual machines to place each VM in a repeatable, well-known baseline state. Infrastructure as Code (IaC) refers to the idea of centrally managing configuration files with strict version control to automate the deployment of configuration file changes. Continuous Integration/Continuous Deployment (CI/CD) is a process for managing the software-development life cycle that automates feature integration and testing.
Vincent, a system administrator at Dion Training, wants to quickly identify the time zone on a Debian-based server. Which of the following commands should be used to accomplish this? A. cat /currenttimezone B. cat /timezones C. cat /usr/share/zoneinfo D. cat /etc/timezone
D. cat /etc/timezone The cat /etc/timezone command can be used to view the time zone of the Linux server. The /usr/share/zoneinfo/ directory is a container for all of the regional time zones that you can configure the system to use. The /timezones and /currenttimezone are not considered default Linux files or directories.
Archibald, a system administrator at Dion Training, wants to remove a few obsolete container images from the host node. Which of the following commands should be used to accomplish this? A. docker build B. docker inspect C. docker port D. docker rmi
D. docker rmi The docker rmi command is used to remove images from the docker repository. The docker inspect command is used to display detailed information about a container. The docker build command is used to build an image from a Dockerfile. The docker port command is used to list the port mappings for the specified container.
Toni, a software developer at Dion Training, wants to create a separate pointer to a specific repository snapshot after some changes have been committed. Which of the following commands should be used to accomplish this? A. git checkout B. git rebase C. git tag D. git branch
D. git branch The git branch command allows the user to manage branches or pointers to specific repository snapshots after the changes are committed. The git tag command is used to add a label to a repository's history to annotate versions or releases. The git checkout command is used to switch between different versions or branches of the code in the git repository. The git rebase command is used to move or combine sequences of commits to a new base commit.
Raymond, a software developer at Dion Training, needs to retrieve the changes that Lilian recently made to the company's mobile application code. Which of the following commands should be used to accomplish this? A. git clone B. git add C. git init D. git pull
D. git pull The git pull command is used to download content from a remote repository that updates the local repository to mirror the contents locally. The git clone command is used to create a working copy of the existing repository. The git init command is used to create a Git repository or reinitialize an existing repository. The git add command is used to add changes to the working directory, but changes are not formally made until the commit command is run.
Robyn, a cybersecurity analyst at Dion Training, wants to search a log file for a simple regular expression that represents the public IP addresses used by the company's servers. Which of the following commands should be used to accomplish this? A. which B. tee C. wc D. grep
D. grep The grep command is used to perform pattern matching to display a specified string or search term in its output. The which command displays where a command executable file is stored. The tr (translate) command is used to translate a string of characters from the input. Usually, the tr command is used to change the capitalization of letters within a filename. The word count (wc) command is used to count the number of lines, words, and characters in a text file.
Which of the following commands is NOT used to resolve IP addresses to domain names in Linux? A. nslookup B. dig C. resolvectl D. ifcfg
D. ifcfg The ifcfg command is an alternative to ifconfig or the ip command for managing IP addressing. The ifcfg command is not used to conduct domain name resolution. The nslookup command is sued to gather name resolution information and to test the name resolution process on a Linux system using either interactive or non-interactive modes. The resolvectl command allows an administrator to manually query the name resolution services to confirm that the names and IP addresses returned are accurate. The dig command is used to gather information and test name resolution by displaying the question and answer sections in its output.
Cecil, a system administrator at Dion Training, wants to upgrade a Linux server's CPU to increase its performance. Before he does, he needs to gather some information about the current CPU. Which of the following commands should be used to accomplish this? A. vmstat B. lsmem C. lsusb D. lscpu
D. lscpu The lscpu command is used to gather CPU architecture information from sysfs, /proc/cpuinfo and any applicable architecture-specific libraries). The lscpu command output includes information about the number of CPUs, threads, cores, sockets, Non-Uniform Memory Access (NUMA) nodes, and more. The lsusb command is used to display information about devices connected to a Linux system's USB ports. The lsmem command lists the ranges of available memory with their online status. The listed memory blocks correspond to the memory block representation in sysfs. The lsmem command also shows the memory block size and the amount of memory in an online and offline state. The vmstat command is sued to display the amount of virtual memory used by a Linux system. Virtual memory is a file or partition on a system that is used when the system runs out of physical memory.
Gloria, a system administrator at Dion Training, wants to allow an authorized user to execute an action. Which of the following commands should be used to accomplish this? A. pkaction B. pkcheck C. pkttyagent D. pkexec
D. pkexec The pkexec command is a part of the polkit toolset that allows a user to execute an action they are authorized to perform. Polkit is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged ones. The pkaction command displays details about an action. The pkcheck command displays whether a process is authorized. The pkttyagent command provides a text-based authentication agent.
Michael, a data analyst, wants to run a specialized script to gather information and create a weekly report. The task to create the report is already running, but he wants to increase its priority since the report is time sensitive. Which of the following commands should be utilized to reprioritize the currently running task? A. nice B. kill C. lsof D. renice
D. renice The renice command is used to reprioritize running processes. The kill command is used to pass kill signals to processes. The nice command allows users to start new processes at a specified priority level. The lsof command displays a list of the open files and the processes that opened them.
Jacqueline, a system administrator at Dion Training, wants to allow users to change the on and off status for the SELinux boolean values. Which of the following commands should be used to accomplish this? A. semanage B. sestatus C. getsebool D. setsebool
D. setsebool The setsebool command changes the on/off status of an SELinux boolean value. These boolean values enable a user to change policy configurations at runtime without writing the policy directly. The getsebool command displays the on/off status of SELinux boolean values. The semanage command configures SELinux policies. The sestatus command gets the status of SELinux, including its current mode, policy type, and mount point.
Alice, a software developer at Dion Training, wants to identify what is causing a slowdown of a Linux server when her new software is run. She has determined that her software is running as process ID 423 and has reached a runaway status. Which of the following commands should be used to forcefully terminate the process? A. kill -15 {PID} B. sudo kill {PID} C. pkill -15 {PID} D. sudo kill -9 {PID}
D. sudo kill -9 {PID} The sudo kill -9 {PID} command sends the SIGKILL signal to the application which results in an immediate shutdown or termination of the process. The SIGKILL (signal -9) process is used when an application refuses to exist gracefully using the SIGTERM signal. The sudo kill {PID}, sudo kill -15 {PID}, and pkill -15 {PID} commands would perform a graceful shutdown.