img img
Practice Exams:
View All
  • Home
  • XK0-005 CompTIA Linux+  Exam  Dumps and Practice Test Questions Set 7 Q 121- 140

XK0-005 CompTIA Linux+  Exam  Dumps and Practice Test Questions Set 7 Q 121- 140

Visit here for our full CompTIA XK0-005 exam dumps and practice test questions.

Question 121

Which command is used to modify the group ownership of a file or directory in Linux?

A) chgrp
 B) chmod
 C) chown
 D) umask

Answer A) chgrp

Explanation

A) chgrp: chgrp is specifically used to change the group ownership of a file or directory. For example, chgrp developers /var/www/html changes the group ownership of the directory to the developers group. Administrators use chgrp to manage access control, ensuring that members of specific groups have appropriate permissions to files or directories. It is essential in environments where collaborative access is controlled through group memberships. Proper use of chgrp allows administrators to maintain security, enforce group-based policies, and prevent unauthorized access without altering file permissions or ownership. Understanding chgrp is critical for implementing least-privilege principles, especially in multi-user environments or systems with shared resources.

B) chmod: chmod changes file or directory permissions (read, write, execute) but does not modify ownership. While it affects access, it is separate from group ownership management.

C) chown: chown changes both user and group ownership. While it can modify group ownership, chgrp is more focused and simpler for modifying only the group without affecting the user.

D) umask: umask sets default permissions for newly created files and directories. It does not modify existing file or directory ownership or permissions directly.

chgrp is correct because it directly changes the group ownership of files and directories. chmod controls permissions, chown changes both user and group ownership, and umask sets defaults for new files. Mastery of chgrp allows administrators to efficiently manage group access, enforce collaboration policies, and maintain secure file system structures.

Question 122

Which command is used to display and modify disk quotas for users on a filesystem in Linux?

A) quota
 B) df -h
 C) du -sh
 D) ls -l

Answer A) quota

Explanation

A) quota: quota displays and manages disk space and inode usage for users on a filesystem. For example, quota -u john shows the disk usage and limits for user john. Administrators use quota to prevent users from exceeding allocated storage, which can protect system stability, prevent data loss, and enforce fair usage policies. Quotas can be set at the user or group level and can include soft and hard limits, grace periods, and notifications. Proper management of disk quotas is crucial in multi-user environments, hosting services, or shared servers to avoid storage exhaustion and maintain optimal performance. Understanding quota commands enables administrators to monitor usage, enforce limits, and ensure equitable resource distribution.

B) df -h: df displays available and used space on mounted filesystems but does not provide per-user quota information. It is useful for monitoring overall disk usage but not user-specific limits.

C) du -sh: du shows the disk usage of files and directories but does not provide user-level quota management. It is useful for identifying space consumption but not for enforcing limits.

D) ls -l: ls -l lists file details, including permissions and ownership, but provides no information on disk quotas or usage limits.

quota is correct because it provides both display and management of user and group disk usage limits. df -h monitors overall disk space, du -sh analyzes directory size, and ls -l shows file details. Mastery of quota is essential for Linux administrators to manage storage effectively, prevent abuse, and maintain system stability in multi-user or resource-constrained environments.

Question 123

Which command is used to change the priority (nice value) of a running process in Linux?

A) renice
 B) nice
 C) top
 D) ps

Answer A) renice

Explanation

A) renice: renice changes the priority (nice value) of an already running process. For example, renice -n 10 -p 1234 increases the nice value, lowering the process priority. Administrators use renice to dynamically adjust system resources, ensuring critical processes receive adequate CPU while reducing priority for less important tasks. This is essential for optimizing performance, preventing resource contention, and maintaining system responsiveness. renice allows fine-grained control over process scheduling without terminating or restarting processes, making it invaluable for real-time system management and performance tuning.

B) nice: nice sets the initial priority for a process at the time of its launch. For example, nice -n 5 command starts a process with a lower priority. While related to renice, it cannot modify the priority of an already running process.

C) top: top can interactively adjust the nice value of a process, but it is an interface tool rather than a dedicated command. It is less precise and not script-friendly for automated adjustments.

D) ps: ps displays process information such as PID, CPU, and memory usage but does not modify priority. It is informational only.

renice is correct because it directly changes the priority of running processes. nice sets initial priority, top provides an interactive interface, and ps is informational. Mastery of renice allows Linux administrators to optimize CPU allocation, manage resource-intensive applications, and ensure critical tasks maintain performance without restarting services.

Question 124

Which command is used to display or modify SELinux security contexts on files in Linux?

A) chcon
 B) chmod
 C) setfacl
 D) getenforce

Answer A) chcon

Explanation

A) chcon: chcon modifies the SELinux security context of files and directories. For example, chcon -t httpd_sys_content_t /var/www/html/index.html sets the type for web server content. Administrators use chcon to enforce SELinux policies, ensuring files are accessible only to authorized processes while preventing unauthorized access. SELinux contexts include user, role, type, and level, and proper configuration is crucial for system security. Misconfigured contexts can lead to service failures or security breaches, making chcon an essential tool for Linux administrators managing SELinux-enabled systems. Understanding chcon allows administrators to maintain compliance, troubleshoot access issues, and enforce mandatory access control effectively.

B) chmod: chmod changes traditional Linux permissions (read, write, execute) but does not affect SELinux contexts. It manages discretionary access, not mandatory access control.

C) setfacl: setfacl modifies Access Control Lists (ACLs) for files and directories, providing fine-grained permission control, but it is unrelated to SELinux security contexts.

D) getenforce: getenforce displays the current SELinux mode (enforcing, permissive, or disabled) but does not modify file contexts.

chcon is correct because it allows direct modification of SELinux file contexts. chmod changes standard permissions, setfacl adjusts ACLs, and getenforce displays mode. Mastery of chcon is essential for administrators securing SELinux-enabled systems, managing policy enforcement, and troubleshooting access denials while maintaining system integrity.

Question 125

Which command is used to schedule a one-time job for future execution in Linux?

A) at
 B) crontab -e
 C) batch
 D) systemctl timer

Answer A) at

Explanation

A) at: at schedules a command or script to execute once at a specified future time. For example, echo “/usr/local/bin/backup.sh” | at 02:00 schedules a one-time backup at 2 AM. Administrators use at for ad hoc task automation, system maintenance, or running commands at off-peak hours. It is ideal for tasks that do not require recurring execution and provides a straightforward method for deferred execution. Proper use of at helps prevent human error, ensures timely execution, and facilitates system administration in dynamic environments. Understanding at enables administrators to automate specific tasks efficiently without modifying recurring schedules.

B) crontab -e: crontab schedules recurring jobs, not one-time tasks. It is unsuitable for ad hoc execution and is used for periodic automation.

C) batch: batch schedules jobs to run when system load is low. It does not allow precise one-time scheduling at a specific time.

D) systemctl timer: systemctl timers can schedule tasks, including one-time execution, but require creating systemd units and are more complex than using at for simple jobs.

at is correct because it provides a straightforward method to schedule one-time future jobs. crontab -e is recurring-focused, batch is load-sensitive, and systemctl timer is systemd-specific and more complex. Mastery of at allows Linux administrators to efficiently automate one-off tasks, reduce manual intervention, and ensure timely execution of administrative commands or scripts.

Question 126

Which command is used to display detailed TCP and UDP network statistics in Linux, including packet counts, errors, and interface-specific information?

A) netstat -s
 B) ss -s
 C) ifconfig
 D) ip addr

Answer A) netstat -s

Explanation

A) netstat -s: netstat -s provides detailed network statistics for TCP, UDP, ICMP, and other protocols. It displays the number of packets transmitted and received, errors, retransmissions, and per-protocol statistics. Administrators use netstat -s to monitor network health, troubleshoot connectivity issues, identify packet loss, and detect abnormal network activity. It offers insights into protocol-level performance and network reliability. While considered legacy on modern Linux systems, netstat -s remains widely used for network diagnostics, especially in environments without systemd or iproute2 utilities. Understanding netstat -s output allows administrators to evaluate the state of network protocols, identify congestion or errors, and take corrective actions such as tuning kernel parameters or adjusting firewall rules.

B) ss -s: ss -s displays summary statistics for sockets, including TCP, UDP, and UNIX sockets, but is more focused on socket-level information rather than detailed per-protocol statistics. It is faster than netstat but less comprehensive for packet counts and protocol-specific errors.

C) ifconfig: ifconfig displays network interface configurations and statistics such as bytes sent and received, errors, and collisions. While useful for basic interface monitoring, it does not provide detailed protocol-specific statistics for TCP or UDP traffic.

D) ip addr: ip addr shows IP addresses and interface configurations. It does not provide traffic statistics, packet counts, or protocol-level information.

netstat -s is correct because it provides comprehensive, per-protocol network statistics, including packet counts and errors. ss -s provides socket summaries, ifconfig provides interface stats, and ip addr provides address information only. Mastery of netstat -s is essential for Linux administrators to analyze network performance, detect errors, and troubleshoot protocol-level issues effectively.

Question 127

Which command is used to create a compressed archive of multiple files and directories using tar and gzip in Linux?

A) tar -czf
 B) tar -xzf
 C) zip
 D) gzip

Answer A) tar -czf

Explanation

A) tar -czf: tar -czf creates a compressed archive (tarball) using gzip compression. For example, tar -czf archive.tar.gz /home/user/docs packages the docs directory into a gzipped tarball. Administrators use tar -czf for backup, archiving, file transfer, and storage optimization. It preserves directory structure, permissions, symbolic links, and ownership, making it suitable for system backups and distribution of large datasets. Understanding tar syntax, including c (create), z (gzip compression), and f (file output), is crucial for Linux administrators to efficiently manage files, reduce storage space, and maintain data integrity.

B) tar -xzf: tar -xzf extracts files from a gzipped tarball. It is used for decompression and extraction, not creation.

C) zip: zip creates compressed archives in .zip format. While effective, it does not preserve Linux file permissions and ownership as accurately as tar.

D) gzip: gzip compresses individual files but does not create multi-file archives. It is used for single-file compression only.

tar -czf is correct because it combines multiple files into a single archive with gzip compression while preserving attributes. tar -xzf extracts, zip is cross-platform but less Linux-aware, and gzip is single-file focused. Mastery of tar -czf allows Linux administrators to create reliable backups, distribute software packages, and manage system archives efficiently.

Question 128

Which command is used to monitor real-time disk I/O usage per device in Linux?

A) iostat -x 1
 B) df -h
 C) du -sh
 D) lsblk

Answer A) iostat -x 1

Explanation

A) iostat -x 1: iostat -x provides extended disk I/O statistics for all devices, including utilization, read/write rates, average wait times, and queue lengths. The 1 indicates that statistics are refreshed every second. Administrators use iostat -x 1 to monitor storage performance in real-time, identify I/O bottlenecks, optimize disk usage, and troubleshoot performance issues. It is critical for environments with high I/O workloads such as databases, virtualization, or heavy logging. Understanding iostat metrics such as %util, await, r/s, and w/s allows administrators to pinpoint device-level performance problems, plan capacity, and ensure consistent system responsiveness.

B) df -h: df displays available disk space in human-readable format but does not provide I/O performance or real-time statistics.

C) du -sh: du shows directory sizes for space usage analysis but does not provide per-device I/O metrics.

D) lsblk: lsblk lists block devices and their hierarchy but provides no performance data.

iostat -x 1 is correct because it monitors real-time disk I/O performance for each device. df -h shows space usage, du -sh shows directory sizes, and lsblk displays device hierarchy. Mastery of iostat -x 1 enables Linux administrators to optimize storage performance, detect I/O bottlenecks, and maintain system efficiency in high-demand environments.

Question 129

Which command is used to display and manage active firewall rules using the nftables framework in Linux?

A) nft list ruleset
 B) iptables -L
 C) ufw status
 D) firewall-cmd –list-all

Answer A) nft list ruleset

Explanation

A) nft list ruleset: nft list ruleset displays the active ruleset configured with the nftables framework. nftables is the modern replacement for iptables, offering enhanced performance, flexibility, and more readable syntax. Administrators use nft list ruleset to audit firewall policies, verify network security, and troubleshoot connectivity issues. Understanding nftables structures such as tables, chains, and rules is critical for implementing secure and efficient firewalls. Proper mastery of nft list ruleset allows administrators to maintain effective network protection, monitor rule application, and ensure compliance with security policies.

B) iptables -L: iptables -L lists firewall rules for the older iptables framework. While still used on legacy systems, it is gradually being replaced by nftables and does not reflect nftables configurations.

C) ufw status: ufw is a user-friendly frontend for firewall management, primarily on Ubuntu-based systems. It simplifies firewall management but is limited in features and control compared to nftables.

D) firewall-cmd –list-all: firewall-cmd is a frontend for firewalld, which may use nftables under the hood. It provides abstraction and simplifies rule management but is less direct than nft list ruleset.

nft list ruleset is correct because it directly shows the complete active nftables ruleset. iptables -L is legacy, ufw is frontend-specific, and firewall-cmd is firewalld-specific. Mastery of nft list ruleset enables Linux administrators to implement, audit, and troubleshoot advanced firewall configurations effectively.

Question 130

Which command is used to display the currently mounted filesystems and their mount points in Linux?

A) mount
 B) df -h
 C) lsblk
 D) blkid

Answer A) mount

Explanation

A) mount: mount displays all currently mounted filesystems along with their mount points, filesystem type, and mount options. For example, running mount without arguments lists all active mounts, helping administrators verify filesystem availability and troubleshoot mounting issues. mount is critical for system monitoring, identifying misconfigured mounts, ensuring proper access to storage resources, and confirming filesystem attributes. Understanding mount output allows administrators to check filesystem status, verify mount options like read-only or noexec, and ensure that critical partitions are available and accessible.

B) df -h: df displays disk usage for mounted filesystems but is primarily focused on space utilization rather than providing detailed mount attributes or options.

C) lsblk: lsblk lists block devices and their hierarchy with mount points, but does not display filesystem options or type. It is useful for visualizing storage structure but not for verifying mount attributes.

D) blkid: blkid shows block device identifiers, filesystem type, and UUIDs, but it does not display active mount points or mount options. It is useful for system configuration and fstab entries but not for live mount verification.

mount is correct because it displays all mounted filesystems with their attributes and options. df -h focuses on space usage, lsblk shows hierarchy, and blkid shows device metadata. Mastery of mount allows Linux administrators to verify active mounts, troubleshoot access issues, and ensure filesystem integrity and availability.

Question 131

Which command is used to display detailed information about a specific package, including version, dependencies, and installation status, on a Debian-based Linux system?

A) apt show
 B) dpkg -l
 C) rpm -qi
 D) yum info

Answer A) apt show

Explanation

A) apt show: apt show displays detailed information about a specific package in Debian-based distributions, such as Ubuntu. It provides package name, version, architecture, dependencies, description, and installation status. Administrators use apt show to verify package details before installation, ensure compatibility with other packages, and plan upgrades or removals. For example, apt show vim provides all relevant information about the vim package, including its dependencies and description. This information is critical for system management, troubleshooting, and ensuring package integrity. Understanding apt show allows administrators to make informed decisions about package installation, dependency resolution, and system stability.

B) dpkg -l: dpkg -l lists installed packages on the system but does not provide detailed information for a specific package unless combined with other commands like dpkg -s. While useful for inventory, it is less comprehensive than apt show.

C) rpm -qi: rpm -qi displays detailed information about a package on RPM-based distributions like Red Hat or Fedora. It is not applicable for Debian-based systems.

D) yum info: yum info provides package information on RPM-based systems but is not available on Debian-based distributions.

apt show is correct because it provides detailed package information, including version, dependencies, and description on Debian-based systems. dpkg -l lists installed packages, rpm -qi is for RPM systems, and yum info is also RPM-specific. Mastery of apt show allows Linux administrators to manage packages effectively, prevent dependency conflicts, and maintain system stability in Debian-based environments.

Question 132

Which command is used to permanently set a default target (runlevel) for booting in systemd-based Linux systems?

A) systemctl set-default
 B) init 3
 C) telinit 5
 D) runlevel

Answer A) systemctl set-default

Explanation

A) systemctl set-default: systemctl set-default sets the default target (equivalent to the old runlevel) that systemd uses at boot. For example, systemctl set-default graphical.target configures the system to boot into the graphical interface. Administrators use this command to define the desired operational mode of the system, such as multi-user, graphical, or rescue mode. Proper use ensures that servers or workstations start in the appropriate environment for their intended function. Understanding systemctl targets allows administrators to maintain consistency, enforce security policies, and avoid boot issues related to incorrect runlevel settings.

B) init 3: init 3 changes the runlevel temporarily to multi-user mode without a graphical interface. It does not permanently set the default boot target.

C) telinit 5: telinit 5 changes the runlevel temporarily to graphical mode but does not persist across reboots.

D) runlevel: runlevel displays the current and previous runlevel of the system. It provides information but cannot modify boot targets.

systemctl set-default is correct because it permanently defines the boot target in systemd-based systems. init 3 and telinit 5 are temporary changes, and runlevel is informational. Mastery of systemctl set-default allows Linux administrators to control the system’s boot behavior, ensure proper service startup, and maintain operational consistency across reboots.

Question 133

Which command is used to display all active systemd services and their current status in Linux?

A) systemctl list-units –type=service
 B) service –status-all
 C) ps aux | grep systemd
 D) journalctl -u

Answer A) systemctl list-units –type=service

Explanation

A) systemctl list-units –type=service: This command lists all active systemd services along with their status, including loaded, active, and running states. Administrators use it to monitor services, verify startup status, and troubleshoot failed units. The output includes the service name, description, load state, active state, and substate, providing a comprehensive view of the system’s operational services. Understanding the status of services is crucial for system reliability, identifying failed dependencies, and ensuring critical processes are running as expected. Systemctl also allows administrators to interact with individual units for starting, stopping, or restarting services as needed.

B) service –status-all: service –status-all lists services and their status, primarily for SysV init systems. While still functional on some distributions, it is less informative and does not provide the granularity of systemctl for systemd-managed services.

C) ps aux | grep systemd: This command searches for systemd processes but does not provide service-level status or loaded units. It is primarily for process inspection, not service management.

D) journalctl -u: journalctl -u displays logs for a specific service unit. While useful for debugging, it does not provide a summary of all active services.

systemctl list-units –type=service is correct because it displays all active services and their status comprehensively. service –status-all is legacy, ps aux | grep systemd shows processes, and journalctl -u displays logs. Mastery of systemctl list-units enables Linux administrators to monitor system services, ensure operational integrity, and troubleshoot service-related issues effectively.

Question 134

Which command is used to view and manipulate Access Control Lists (ACLs) on files and directories in Linux?

A) getfacl and setfacl
 B) chmod
 C) chown
 D) ls -l

Answer A) getfacl and setfacl

Explanation

A) getfacl and setfacl: getfacl displays the ACLs of files and directories, including permissions for users and groups beyond traditional ownership. setfacl sets or modifies ACL entries, allowing fine-grained access control. For example, setfacl -m u:john:rwx /var/www/html grants user john full access. Administrators use ACLs to implement detailed permission policies in multi-user environments where standard Unix permissions are insufficient. Mastery of getfacl and setfacl ensures precise control over file access, prevents unauthorized modifications, and enables collaboration while maintaining security. ACLs are critical in complex environments, allowing granular permission assignments without altering existing ownership or group structures.

B) chmod: chmod modifies traditional read, write, and execute permissions but cannot manage extended ACLs for multiple users or groups.

C) chown: chown changes file ownership but does not manage individual ACL entries.

D) ls -l: ls -l displays standard permissions and ownership but does not show detailed ACL information.

getfacl and setfacl are correct because they allow viewing and modifying detailed ACLs. chmod, chown, and ls -l manage standard permissions only. Mastery of ACL commands allows Linux administrators to enforce sophisticated access policies, maintain security compliance, and manage multi-user systems effectively.

Question 135

Which command is used to display the current routing table and network paths in Linux?

A) ip route show
 B) netstat -r
 C) route -n
 D) traceroute

Answer A) ip route show

Explanation

A) ip route show: ip route show displays the kernel routing table, including destination networks, gateways, interfaces, and routing metrics. For example, ip route show outputs entries like default via 192.168.1.1 dev eth0, indicating the default gateway. Administrators use it to verify network routing, troubleshoot connectivity issues, and ensure traffic is correctly directed. The command provides up-to-date information about active routes and integrates with other iproute2 commands for advanced network management, including policy routing and traffic shaping. Understanding ip route output is crucial for diagnosing network failures, configuring multi-homed systems, and optimizing network performance.

B) netstat -r: netstat -r displays the routing table but is considered legacy and lacks support for advanced features like policy routing.

C) route -n: route -n displays the routing table numerically, avoiding hostname resolution. While functional, it is deprecated and less flexible than ip route show.

D) traceroute: traceroute maps the path packets take to reach a remote host. It is diagnostic for connectivity but does not display the local routing table.

ip route show is correct because it provides a modern, detailed view of the routing table. netstat -r and route -n are legacy commands, and traceroute is a diagnostic tool. Mastery of ip route show enables Linux administrators to manage routing, troubleshoot network issues, and ensure optimal traffic flow and connectivity.

Question 136

Which command is used to display currently loaded kernel modules in Linux?

A) lsmod
 B) modinfo
 C) insmod
 D) rmmod

Answer A) lsmod

Explanation

A) lsmod: lsmod lists all currently loaded kernel modules in the Linux system. Each line of output displays the module name, size, and usage count, providing administrators with insight into the kernel components in use. Understanding which modules are loaded is critical for troubleshooting hardware detection issues, verifying driver installations, and ensuring system stability. For example, if a USB device is not working, checking lsmod allows an administrator to confirm whether the required kernel module is active. lsmod is read-only and does not modify the kernel state, making it safe for diagnostics and monitoring. Mastery of lsmod enables administrators to maintain visibility into kernel-level operations and quickly identify missing or conflicting modules that could affect system functionality.

B) modinfo: modinfo provides detailed information about a specific module, such as version, dependencies, and parameters, but does not display all loaded modules.

C) insmod: insmod inserts a module into the kernel but does not display the currently loaded modules. It is used for module installation only.

D) rmmod: rmmod removes a module from the kernel but does not list currently loaded modules. It is used for module removal and can impact running processes.

lsmod is correct because it provides a comprehensive listing of all loaded kernel modules. modinfo gives details for a single module, insmod loads modules, and rmmod removes modules. Mastery of lsmod allows Linux administrators to verify driver status, monitor kernel behavior, and troubleshoot hardware or module-related issues efficiently.

Question 137

Which command is used to permanently enable or disable a service at boot in systemd-based Linux systems?

A) systemctl enable/disable
 B) chkconfig
 C) update-rc.d
 D) service start/stop

Answer A) systemctl enable/disable

Explanation

A) systemctl enable/disable: systemctl enable sets a service to start automatically at boot, while disable prevents it from starting. For example, systemctl enable sshd ensures the SSH service starts on boot. Administrators use these commands to manage system services, enforce security policies, and optimize boot processes. Properly enabling and disabling services ensures that only necessary services consume system resources, reducing attack surface and improving performance. Understanding enable/disable allows administrators to implement consistent service management, maintain operational reliability, and prevent accidental misconfigurations.

B) chkconfig: chkconfig manages SysV init scripts for boot-time service control. While effective on legacy systems, it is not the standard in systemd-based distributions.

C) update-rc.d: update-rc.d also manages SysV init scripts on Debian-based systems, providing boot-time configuration but not applicable to native systemd service management.

D) service start/stop: service start/stop temporarily starts or stops services but does not affect boot-time behavior.

systemctl enable/disable is correct because it permanently sets the service state for boot in systemd environments. chkconfig and update-rc.d are legacy SysV tools, and service start/stop is temporary. Mastery of systemctl enable/disable allows Linux administrators to maintain service consistency, enforce security policies, and optimize boot behavior effectively.

 

Question 138

Which command is used to monitor real-time CPU usage per process in Linux?

A) top
 B) htop
 C) ps aux
 D) vmstat

Answer A) top

Explanation

A) top: top displays real-time system statistics, including CPU, memory, and swap usage per process. It updates continuously, allowing administrators to monitor resource consumption dynamically. top shows PID, user, CPU and memory percentage, command name, and process state, which is essential for identifying resource-intensive applications or troubleshooting performance issues. Mastery of top allows administrators to detect bottlenecks, terminate problematic processes, and optimize system performance. It also supports interactive commands to sort by CPU, memory, or runtime, providing flexibility in monitoring high-demand systems.

B) htop: htop is an enhanced version of top with a more user-friendly interface, interactive features, and color-coded displays. While powerful, it may not be installed by default on all distributions and serves as an alternative rather than the standard tool.

C) ps aux: ps aux provides a snapshot of process information but is not real-time. It is useful for scripting or single-time inspections but lacks continuous monitoring.

D) vmstat: vmstat provides overall system resource statistics, including CPU, memory, and I/O, but does not break down usage per individual process.

top is correct because it provides real-time per-process monitoring of CPU usage. htop is an alternative, ps aux is static, and vmstat is aggregate-focused. Mastery of top allows Linux administrators to proactively monitor system performance, identify high-load processes, and maintain operational efficiency.

Question 139

Which command is used to check disk health and S.M.A.R.T. status in Linux?

A) smartctl
 B) fsck
 C) badblocks
 D) blkid

Answer A) smartctl

Explanation

A) smartctl: smartctl is part of the smartmontools package and provides detailed information about disk health, including S.M.A.R.T. attributes, error logs, and self-test results. For example, smartctl -a /dev/sda displays all available S.M.A.R.T. data for the disk. Administrators use smartctl to proactively monitor storage devices, predict hardware failures, and schedule maintenance before data loss occurs. Understanding S.M.A.R.T. attributes such as Reallocated_Sector_Ct, Power_On_Hours, and Temperature_Celsius allows administrators to assess disk reliability, detect failing sectors, and plan replacement strategies. Mastery of smartctl is critical in enterprise environments to ensure data integrity, maintain uptime, and prevent unplanned downtime.

B) fsck: fsck checks and repairs filesystem consistency but does not provide S.M.A.R.T. or physical disk health information. It operates at the filesystem level rather than hardware diagnostics.

C) badblocks: badblocks scans for bad sectors on a disk but does not provide detailed S.M.A.R.T. metrics or ongoing health monitoring.

D) blkid: blkid displays filesystem type and UUID information but provides no health or diagnostic information.

smartctl is correct because it monitors S.M.A.R.T. attributes and disk health. fsck repairs filesystem issues, badblocks identifies bad sectors, and blkid displays device metadata. Mastery of smartctl allows Linux administrators to proactively manage disk reliability, avoid data loss, and maintain system stability.

Question 140

Which command is used to display the current SELinux mode (enforcing, permissive, or disabled) in Linux?

A) getenforce
 B) sestatus
 C) setenforce
 D) seinfo

Answer A) getenforce

Explanation

A) getenforce: getenforce displays the current SELinux mode, indicating whether SELinux is enforcing policies, permissive, or disabled. For example, getenforce outputs Enforcing if SELinux actively enforces policies. Administrators use getenforce to quickly assess system security posture, troubleshoot access denials, and ensure compliance with mandatory access controls. Understanding SELinux modes is critical for maintaining security without unintentionally disrupting applications or services. getenforce provides a fast and concise way to verify system security enforcement, making it an essential diagnostic tool for administrators managing SELinux-enabled systems.

B) sestatus: sestatus provides more detailed SELinux information, including mode, policy loaded, and boolean settings. It is informative but not as concise as getenforce for mode verification.

C) setenforce: setenforce changes the SELinux mode temporarily but does not display the current status by itself. It is used for policy management, not verification.

D) seinfo: seinfo displays SELinux policy details and information about types, roles, and permissions. It is useful for auditing but does not indicate the current enforcement mode.

getenforce is correct because it provides a quick and accurate view of the current SELinux enforcement mode. sestatus is detailed, setenforce changes mode, and seinfo provides policy information. Mastery of getenforce allows Linux administrators to assess and maintain SELinux enforcement, troubleshoot access issues, and ensure system security compliance effectively.

Related posts:

  1. 10 Must-Have Resources to Pass CompTIA A+ on Your First Attempt
  2. 10-Week CompTIA Security+ Exam Study Plan for Success
  3. Cloud Essentials+ Demystified: Study Smarter, Certify Faster
  4. CompTIA 220-1202 A+ Certification Exam: Core 2 Dumps and Practice Test Questions Set 8 Q141-160
  5. CompTIA CAS-005 SecurityX  Exam Dumps and Practice Test Questions Set 7 Q121-140
  6. CompTIA Cloud+ Exam: How Tough Is It Really?
  7. CompTIA SY0-701 Security+  Exam Dumps and Practice Test Questions Set5 Q81-100
  8. SAA-C03 Simplified: Your No-Fluff Guide to AWS Certification Success
  9. Unlocking the Linux+ XK0-005 Certification – A Smart Start to a Career in Open Source
  10. Unlocking the Power of Preparation for the 220-1101 Exam — A Smarter Way to Study

Popular posts

Top Vendors On The IT Certification Market

Case Study Hillary’s HillRaisers raising cash for Obama inauguration

What are Azure Blueprints and How Do They Help with Compliance?

What is MCSA? An In-Depth Overview of Microsoft Certified Solutions Associate

Top 5 Agile Certifications You Should Pursue in 2020

Retired Microsoft Certifications: What You Need to Know

Microsoft’s New Security Certifications: SC-200, SC-300, SC-400, and SC-900 – Everything You Need to Know

Job Opportunities For MCSE Certification

Your Best Career Path With EC-Council Certification

2025 CCNA v1.1 Exam Changes: A Complete Guide to Preparing for the 200-301 Certification

Recent Posts

img