XK0-005  CompTIA Linux+ Exam Dumps and Practice Test Questions Set 4 Q 61- 80

Visit here for our full CompTIA XK0-005 exam dumps and practice test questions.

Question 61

Which command is used to display the disk usage of files and directories recursively in Linux?

A) du -h
B) df -h
C) ls -lh
D) stat

Answer A) du -h

Explanation

A) du -h: The du (disk usage) command reports the disk space used by files and directories. When combined with the -h (human-readable) flag, it displays sizes in KB, MB, or GB for easier interpretation. For example, du -h /home/user recursively lists the sizes of all directories and files under /home/user. du is invaluable for administrators when analyzing storage consumption, identifying large directories, and managing quotas. It provides insight into how space is allocated on a filesystem and helps plan storage optimization, backup strategies, and cleanup tasks. The recursive option allows administrators to see not only total directory usage but also detailed breakdowns of subdirectories, helping to pinpoint specific areas consuming excessive space.

B) df -h: df reports disk space usage for mounted filesystems, showing total, used, and available space in human-readable format. While useful for overall filesystem monitoring, it does not show per-directory or per-file disk usage. Administrators use df to understand general storage capacity but cannot identify which directories are consuming the most space.

C) ls -lh: ls -lh lists files with detailed attributes including size in human-readable format. However, it only displays files in the current directory and does not provide recursive totals or cumulative sizes for directories. It is useful for inspecting individual files but not for understanding overall disk usage patterns.

D) stat: stat provides detailed information about a specific file or directory, including inode, size, timestamps, and permissions. While it can be used to check file size, it does not aggregate disk usage across multiple files or directories and is not recursive.

du -h is correct because it provides a detailed, recursive view of disk usage for directories and files, offering both individual and cumulative size insights. df -h focuses on filesystems, ls -lh shows only current directory contents, and stat is file-specific. Understanding du is crucial for Linux administrators managing storage, performing audits, and ensuring efficient use of disk resources.

Question 62

Which command is used to view and modify user group memberships on Linux?

A) usermod
B) groupadd
C) groups
D) id

Answer A) usermod

Explanation

A) usermod: The usermod command modifies existing user accounts, including adding or removing a user from groups. For example, usermod -aG sudo username adds the user to the sudo group without removing them from other groups. The -a (append) and -G (groups) flags are essential to prevent overwriting existing group memberships. usermod is a low-level utility that directly interacts with /etc/passwd and /etc/group, making it a critical tool for system administrators managing access control. Using usermod, administrators can ensure users have appropriate privileges and permissions without manually editing configuration files, reducing the risk of errors that could compromise system security.

B) groupadd: groupadd creates new groups but does not modify existing user memberships. While essential for setting up new roles or departments, it cannot assign users to groups directly.

C) groups: groups displays the groups a user belongs to. For example, groups username shows the group memberships but does not modify them. It is informational rather than functional.

D) id: id displays a user’s UID, GID, and all groups they belong to. While useful for verification, it does not allow modification of group memberships.

usermod is correct because it allows both viewing and modifying user group memberships effectively. groupadd only creates groups, and groups and id are informational. Mastery of usermod is essential for Linux administrators to manage access control, permissions, and security policies efficiently.

Question 63

Which command is used to display the routing table on a Linux system?

A) ip route
B) route -n
C) netstat -r
D) traceroute

Answer A) ip route

Explanation

A) ip route: ip route displays the kernel routing table, showing destination networks, gateways, and associated interfaces. For example, ip route show provides output such as default via 192.168.1.1 dev eth0, indicating the default gateway and outgoing interface. ip route is part of the modern iproute2 suite and is the preferred method for inspecting, adding, or modifying routes. Administrators rely on ip route for network troubleshooting, configuring static routes, and verifying traffic paths. It offers clear, concise, and actionable information about the system’s network topology and routing decisions.

B) route -n: route -n also displays the routing table with numeric IP addresses to avoid DNS resolution. While functionally similar to ip route, it is considered deprecated and lacks advanced features and flexibility found in iproute2 commands.

C) netstat -r: netstat -r displays the routing table along with interface statistics. While informative, netstat is older and slower than iproute2 commands and may not show advanced metrics or integrate with modern network namespaces.

D) traceroute: traceroute maps the path packets take to a destination host, showing intermediate hops. It is useful for diagnosing network connectivity issues but does not display the local system routing table itself.

ip route is correct because it is the modern, comprehensive command for viewing and managing routing tables. route -n and netstat -r are older utilities, and traceroute analyzes paths rather than routing tables. Proficiency with ip route is essential for network troubleshooting, route configuration, and ensuring proper packet delivery in Linux environments.

Question 64

Which command is used to display detailed information about a mounted filesystem, including type, options, and usage statistics in Linux?

A) df -T
B) mount
C) lsblk -f
D) tune2fs -l

Answer A) df -T

Explanation

A) df -T: The df command with the -T flag displays mounted filesystems along with filesystem type, size, used space, available space, percentage usage, and mount points. For example, df -T shows output like Filesystem Type Size Used Avail Use% Mounted on /dev/sda1 ext4 50G 20G 28G 42% /. This provides both statistical and structural insights into storage utilization and filesystem types, helping administrators monitor disk space, plan capacity, and ensure efficient resource allocation. df -T is essential for both operational monitoring and strategic storage management.

B) mount: mount displays mounted filesystems along with device, mount point, type, and options, but it does not provide detailed usage statistics, which limits its utility when analyzing space consumption.

C) lsblk -f: lsblk -f shows filesystem types, labels, UUIDs, and mount points but focuses on block device structure rather than usage statistics. It is useful for understanding disk topology but not for monitoring free or used space.

D) tune2fs -l: tune2fs -l displays detailed information about ext2/ext3/ext4 filesystems, including inode counts, mount counts, block sizes, and features. While comprehensive, it is filesystem-specific and not suitable for general space usage monitoring across multiple filesystem types.

df -T is correct because it provides a clear, concise summary of filesystem type, usage, and mount points, combining both operational and structural information. mount focuses on options, lsblk -f on devices, and tune2fs -l is filesystem-specific. Understanding df -T is critical for Linux administrators to monitor storage utilization, plan capacity, and prevent filesystem exhaustion.

Question 65

Which command is used to display all currently listening TCP and UDP sockets on a Linux system?

A) ss -tuln
B) netstat -tuln
C) lsof -i
D) nmap

Answer A) ss -tuln

Explanation

A) ss -tuln: ss (socket statistics) displays detailed information about all open sockets on a system. The flags -tuln show TCP (-t) and UDP (-u) listening (-l) sockets in numeric form (-n). For example, ss -tuln provides output showing local addresses, ports, and socket states. It is the modern replacement for netstat, providing faster performance, better filtering, and more accurate reporting on large systems. Administrators use ss -tuln to audit services, troubleshoot connectivity, and ensure that only intended services are listening, which is critical for security and performance.

B) netstat -tuln: netstat displays TCP/UDP listening sockets and routing information. While functionally similar to ss -tuln, it is slower, considered deprecated, and less efficient for modern Linux systems with numerous connections.

C) lsof -i: lsof -i lists processes using network sockets, including TCP and UDP ports. While useful for mapping processes to ports, it is more process-focused and less optimized for fast inspection of all listening sockets.

D) nmap: nmap is a network scanning tool used to detect open ports and services on remote or local systems. It does not query the kernel’s socket table directly and is used primarily for external auditing rather than internal socket inspection.

ss -tuln is correct because it efficiently and accurately lists all listening TCP and UDP sockets in numeric form. netstat -tuln is deprecated, lsof -i is process-focused, and nmap is a scanning tool. Mastery of ss -tuln is essential for network security auditing, service monitoring, and connectivity troubleshooting in Linux environments.

Question 66

Which command is used to change the ownership of a file or directory in Linux?

A) chown
B) chmod
C) chgrp
D) ls -l

Answer A) chown

Explanation

A) chown: The chown command changes the ownership of files and directories. It allows specifying both the user and group owner. For example, chown user:group file.txt assigns ownership to the specified user and group. chown is fundamental in Linux administration because ownership determines access control and security. Proper use ensures that only authorized users can read, write, or execute files according to permissions. chown can also recursively change ownership of directories using the -R flag, which is particularly useful for managing large directories or moving files between users. Administrators rely on chown to maintain proper access control, prevent unauthorized access, and align files with organizational ownership policies.

B) chmod: chmod changes the permission bits of a file or directory, controlling read, write, and execute access. While related to access control, it does not change the owner or group, so it cannot assign files to new users or modify administrative ownership.

C) chgrp: chgrp changes only the group ownership of a file or directory. While useful for adjusting group-based access, it cannot modify the primary user owner of a file, limiting its utility compared to chown.

D) ls -l: ls -l displays the owner, group, permissions, size, and timestamps of files. It is informational only and cannot modify ownership.

chown is correct because it allows complete control over file ownership, affecting both user and group. chmod controls permissions, chgrp modifies group only, and ls -l only shows information. Mastery of chown is critical for Linux system security, user management, and maintaining proper file access control.

Question 67

Which command is used to view the environment variables of a Linux session?

A) printenv
B) env
C) set
D) export

Answer A) printenv

Explanation

A) printenv: printenv displays the values of environment variables for the current session. For example, printenv PATH shows the directories searched for executables. It is simple, direct, and commonly used to verify environment configurations, script dependencies, or shell behavior. printenv outputs only environment variables, excluding shell functions or local variables, which makes it precise for troubleshooting path issues, library locations, and configuration variables. Administrators use it to verify session settings, ensure scripts run with the correct environment, and debug issues caused by missing or incorrect environment variables.

B) env: env displays environment variables similarly to printenv and can also be used to run a command in a modified environment. For example, env VAR=value command runs a command with VAR temporarily set. While versatile, it includes both display and execution functionality, making printenv more focused for simply viewing variables.

C) set: set displays all shell variables, including environment variables, local variables, and shell functions. While comprehensive, it can be overwhelming and includes more information than typically needed when checking environment variables alone.

D) export: export marks variables to be passed to child processes, allowing scripts and programs to inherit environment variables. It does not display the current environment but modifies or creates variables.

printenv is correct because it provides a direct and focused method for viewing environment variables. env can also display them but includes additional functionality, set is verbose with extra shell information, and export is for modifying variables. Understanding printenv is essential for Linux administrators to troubleshoot scripts, configure sessions, and ensure proper environment setup.

Question 68

Which command is used to create a new directory with parent directories in Linux?

A) mkdir -p
B) mkdir
C) rmdir
D) touch

Answer A) mkdir -p

Explanation

A) mkdir -p: The mkdir command with the -p flag creates a directory along with any necessary parent directories that do not already exist. For example, mkdir -p /home/user/docs/project creates the entire path if any segment is missing. This is particularly useful for automation, scripting, or when creating nested directory structures. The -p flag ensures that errors are avoided if intermediate directories already exist, making scripts more robust and reducing manual intervention. Administrators rely on mkdir -p to simplify directory creation, organize file systems efficiently, and maintain consistent directory structures for applications, logs, or user environments.

B) mkdir: mkdir without the -p flag can only create a single directory at a time and will fail if parent directories do not exist. For example, mkdir /home/user/docs/project will fail if /home/user/docs does not exist. While basic mkdir is useful for simple tasks, it is less versatile for scripting and automation.

C) rmdir: rmdir removes empty directories. While useful for cleanup, it does not create directories and is therefore unrelated to directory creation.

D) touch: touch creates empty files or updates the access and modification timestamps of existing files. It does not create directories, making it irrelevant for this purpose.

mkdir -p is correct because it allows creation of nested directories in one command, automatically handling missing parent directories. mkdir alone cannot handle missing parents, rmdir deletes directories, and touch creates files. Mastery of mkdir -p is crucial for Linux administrators to automate directory creation, manage structured storage, and streamline application deployments.

Question 69

Which command is used to display all loaded kernel modules in Linux?

A) lsmod
B) modprobe -l
C) insmod -l
D) dmesg

Answer A) lsmod

Explanation

A) lsmod: lsmod lists all currently loaded kernel modules, displaying module names, sizes, and usage counts. For example, lsmod may show nvidia 123456 3, indicating the nvidia module is loaded with three dependent instances. lsmod is essential for diagnosing hardware, checking driver dependencies, and verifying module loading. Administrators can determine which modules are active, monitor resource usage, and troubleshoot kernel module conflicts. It provides a concise and readable table of modules, making it an indispensable tool for system diagnostics, hardware support, and performance tuning.

B) modprobe -l: modprobe -l lists all available modules in the module directory, not necessarily the ones currently loaded. While useful for checking potential modules to load, it does not provide the current active module state.

C) insmod -l: insmod is used to insert a module into the kernel. There is no standard -l flag to list modules, making this choice invalid for displaying loaded modules.

D) dmesg: dmesg shows kernel messages, which may include module loading events. While useful for troubleshooting module load issues, it does not provide a clear, structured list of all currently loaded modules.

lsmod is correct because it directly displays all loaded kernel modules with usage and dependency information. modprobe -l lists available modules, insmod inserts modules, and dmesg shows messages but is unstructured for listing. Understanding lsmod is critical for Linux administrators to manage hardware, monitor drivers, and troubleshoot kernel module issues.

Question 70

Which command is used to display the processes running as a specific user in Linux?

A) ps -u username
B) top -U username
C) pgrep -u username
D) who

Answer A) ps -u username

Explanation

A) ps -u username: The ps command with the -u flag lists processes belonging to a specific user. For example, ps -u root shows all processes currently owned by the root user. This command is crucial for system monitoring, debugging, and resource management, allowing administrators to see which processes are consuming CPU, memory, and other resources per user. The output includes PID, terminal, CPU, memory usage, start time, and command executed. ps -u provides precise user-based filtering without affecting system performance and is commonly used in scripts and automated monitoring.

B) top -U username: top can filter processes by user interactively with the -U flag. While effective for real-time monitoring, it is interactive and less convenient for scripting or logging compared to ps -u.

C) pgrep -u username: pgrep lists PIDs of processes belonging to a user but does not provide detailed process information such as CPU, memory usage, or command executed. It is more limited in scope and primarily useful for scripting where only PID identification is required.

D) who: who displays currently logged-in users and their terminals. It does not provide process-level details and is not relevant for monitoring user-specific processes.

ps -u username is correct because it provides detailed, non-interactive process information filtered by user. top -U is interactive, pgrep -u only shows PIDs, and who only shows logged-in users. Mastery of ps -u is essential for Linux administrators to monitor user activity, allocate resources, and troubleshoot system performance efficiently.

Question 71

Which command is used to monitor real-time disk I/O usage on a Linux system?

A) iostat
B) df -h
C) du -h
D) free -m

Answer A) iostat

Explanation

A) iostat: The iostat command provides statistics on CPU utilization and input/output statistics for devices and partitions. With options like iostat -x 1, administrators can monitor real-time disk activity including read/write rates, IOPS, and utilization percentages. iostat is crucial for identifying bottlenecks in storage subsystems, monitoring performance of SSDs, HDDs, and network storage, and planning for capacity upgrades. It offers detailed metrics such as device utilization (util%), average request size, and service time, which are essential for performance tuning. By observing trends in iostat outputs, administrators can detect overloaded disks, optimize I/O scheduling, and maintain system responsiveness. iostat is also valuable for debugging performance issues in database servers, virtual machines, and high-throughput applications.

B) df -h: df shows disk usage for mounted filesystems but does not provide real-time I/O statistics. It is useful for checking storage availability but is static and does not reveal performance metrics.

C) du -h: du provides disk usage of files and directories recursively. While useful for identifying space consumption, it does not give information about read/write operations or disk I/O performance.

D) free -m: free reports memory usage, including total, used, free, and cached memory. It does not provide disk I/O information.

iostat is correct because it directly monitors real-time disk input/output performance with detailed metrics. df -h and du -h focus on space usage, and free -m focuses on memory. Mastery of iostat is critical for Linux administrators to ensure storage systems are operating efficiently and to troubleshoot disk performance issues.

Question 72

Which command is used to display system uptime and load averages in Linux?

A) uptime
B) top
C) w
D) who

Answer A) uptime

Explanation

A) uptime: The uptime command displays the current time, how long the system has been running, the number of logged-in users, and the system load averages for the past 1, 5, and 15 minutes. For example, uptime might show 12:30:01 up 5 days, 2:10, 3 users, load average: 0.15, 0.22, 0.35. This is essential for administrators to quickly assess system health, determine workload trends, and correlate load averages with system performance issues. Uptime is simple, non-interactive, and can be included in scripts for automated monitoring or reporting. Load averages indicate the number of processes waiting for CPU or I/O resources, helping administrators decide whether additional resources or tuning are required.

B) top: top provides real-time process monitoring including CPU, memory usage, and system load averages. While comprehensive, it is interactive and more detailed than necessary for quick uptime and load checks.

C) w: w displays logged-in users, their activity, and system load averages. While it includes load averages, it primarily focuses on user activity, making uptime a more focused command for system runtime and load monitoring.

D) who: who lists logged-in users and their terminals but does not display system load averages or uptime. It is informational for user sessions only.

uptime is correct because it provides a concise, non-interactive view of system runtime and load averages. top is interactive and detailed, w focuses on users, and who only shows login sessions. Mastery of uptime is essential for Linux administrators to quickly evaluate system load and uptime for performance analysis and capacity planning.

Question 73

Which command is used to display the shared libraries required by a binary in Linux?

A) ldd
B) nm
C) objdump
D) strace

Answer A) ldd

Explanation

A) ldd: ldd displays the dynamic libraries required by an executable or shared object. For example, ldd /usr/bin/ls lists all shared libraries needed to run ls along with their resolved paths and memory addresses. This command is essential for troubleshooting library dependencies, ensuring that required versions are installed, and diagnosing missing or incompatible shared libraries that could prevent programs from running. Administrators use ldd to verify library availability, confirm dynamic linking paths, and prepare software for deployment in multi-user or multi-distribution environments. ldd is also critical when analyzing software compatibility during system upgrades or migrations.

B) nm: nm lists symbols from object files or binaries, such as functions and variables. While useful for debugging or reverse engineering, it does not directly display shared library dependencies.

C) objdump: objdump provides detailed information about object files and executables, including headers, sections, disassembly, and symbols. While it can reveal linking information, it is more complex and verbose than ldd, making it less suitable for quickly checking shared library dependencies.

D) strace: strace traces system calls and signals of a running process. While it can reveal library calls indirectly, it is intended for runtime debugging rather than static library dependency inspection.

ldd is correct because it directly displays all shared library dependencies of a binary in a clear, readable format. nm and objdump are more detailed or symbolic inspection tools, and strace is runtime-focused. Understanding ldd is critical for Linux administrators to resolve library issues, ensure binary compatibility, and maintain software stability.

Question 74

Which command is used to schedule recurring tasks at specific intervals in Linux?

A) cron
B) at
C) systemctl start
D) batch

Answer A) cron

Explanation

A) cron: cron schedules recurring tasks in Linux based on time intervals specified in crontab files. Administrators use cron to automate routine system maintenance, backups, log rotation, and periodic monitoring tasks. For example, crontab -e opens the user-specific crontab, where tasks like 0 2 * * * /usr/local/bin/backup.sh can run daily at 2 AM. cron supports minute, hour, day, month, and weekday scheduling, offering flexibility for complex task timing. By automating repetitive operations, cron ensures consistency, reduces human error, and improves operational efficiency. Cron jobs can be user-specific or system-wide, and proper management is essential to avoid conflicts or overloading system resources.

B) at: at schedules one-time tasks at a specified future time. While useful for ad hoc tasks, it is not intended for recurring execution.

C) systemctl start: systemctl start launches systemd services but does not schedule recurring tasks. Timers in systemd can provide scheduling functionality, but systemctl start alone only initiates immediate execution.

D) batch: batch schedules tasks to run when system load is low, which may be delayed and is not interval-based. It is useful for deferred execution but not for recurring schedules.

cron is correct because it provides a precise, flexible, and reliable mechanism for scheduling recurring tasks. at handles one-time execution, systemctl start launches services immediately, and batch executes tasks during low load. Mastery of cron is essential for Linux administrators to automate tasks, maintain system consistency, and optimize resource utilization.

Question 75

Which command is used to display the active network connections and listening ports on a Linux system?

A) netstat -tulnp
B) ss -tuln
C) lsof -i
D) ifconfig

Answer A) netstat -tulnp

Explanation

A) netstat -tulnp: netstat displays active TCP/UDP connections, listening ports, and associated process IDs. The flags -tulnp specify TCP/UDP (-t/-u), listening sockets (-l), numeric addresses (-n), and process information (-p). For example, netstat -tulnp outputs columns for Proto, Local Address, Foreign Address, State, and PID/Program name. This command is essential for security auditing, verifying service availability, and troubleshooting network issues. Administrators can identify unauthorized services, ensure required services are listening on correct ports, and diagnose connectivity problems. It provides a comprehensive snapshot of current network activity and the processes associated with each connection.

B) ss -tuln: ss is a modern replacement for netstat, displaying TCP/UDP listening sockets in numeric form. While faster and more efficient, netstat -tulnp includes process IDs, which are crucial for mapping connections to applications.

C) lsof -i: lsof -i lists network connections by processes, showing ports and sockets in use. While detailed, it is more process-focused and less convenient for quick overview of all active connections and listening ports.

D) ifconfig: ifconfig displays network interface configuration, IP addresses, and status. It does not show active connections or listening ports, making it irrelevant for this purpose.

netstat -tulnp is correct because it provides a detailed, process-aware view of active network connections and listening ports. ss -tuln is faster but may lack PID info, lsof -i focuses on process-level connections, and ifconfig only shows interface configuration. Mastery of netstat -tulnp is critical for network troubleshooting, service verification, and security monitoring in Linux environments.

Question 76

Which command is used to check the current firewall rules and their status on a Linux system using iptables?

A) iptables -L
B) firewall-cmd –list-all
C) ufw status
D) netstat -r

Answer A) iptables -L

Explanation

A) iptables -L: The iptables command with the -L flag lists all current firewall rules in a human-readable format. It shows chain names (INPUT, OUTPUT, FORWARD), default policies, rules, protocols, source and destination addresses, and target actions (ACCEPT, DROP, REJECT). For example, iptables -L -v -n displays packet and byte counts, numeric addresses, and detailed chain information. Administrators rely on iptables -L to audit firewall configurations, troubleshoot connectivity issues, and verify that security policies are correctly applied. Understanding the output helps identify misconfigured rules that could either block legitimate traffic or allow unauthorized access. iptables operates at the kernel level, meaning it enforces policies in real-time, and any changes reflected with -L immediately represent the effective firewall state.

B) firewall-cmd –list-all: firewall-cmd is a frontend for firewalld, commonly used in modern distributions like RHEL and Fedora. It provides a user-friendly view of active zones and rules but depends on firewalld being installed and running. iptables -L, in contrast, directly interfaces with the kernel and works independently of firewalld.

C) ufw status: ufw (Uncomplicated Firewall) is a Debian-based firewall frontend. It provides simplified rules management, but the command shows only ufw-managed rules and may not reflect all kernel-level iptables rules.

D) netstat -r: netstat -r displays the routing table and does not provide firewall rules or status. While useful for understanding network routes, it is unrelated to firewall inspection.

iptables -L is correct because it provides a direct, kernel-level view of all active firewall rules. firewall-cmd and ufw status are frontends with distribution-specific applicability, and netstat -r is unrelated. Mastery of iptables -L is crucial for Linux administrators to secure systems, audit network traffic, and ensure proper firewall configuration.

Question 77

Which command is used to display the list of open files and the processes using them in Linux?

A) lsof
B) fuser
C) ps aux
D) top

Answer A) lsof

Explanation

A) lsof: lsof (list open files) provides detailed information about all open files, including regular files, directories, sockets, pipes, and devices. For example, lsof /var/log/syslog shows all processes accessing the syslog file. Each entry includes the command, PID, user, file descriptor, type, and access mode. Linux treats everything as a file, so monitoring open files is critical for troubleshooting resource contention, debugging file locks, analyzing network sockets, and auditing system activity. lsof is highly versatile, supporting filtering by PID, user, network ports, or file types, making it an essential tool for administrators managing complex systems.

B) fuser: fuser identifies processes using a specific file, filesystem, or socket. While useful for terminating or investigating file usage, it provides limited details compared to lsof and does not display all open files comprehensively.

C) ps aux: ps aux lists all processes and their attributes, including CPU and memory usage, but does not show which files each process has opened. It is process-centric rather than file-centric.

D) top: top displays real-time resource usage for processes, including CPU and memory, but does not provide information about open files or file descriptors.

lsof is correct because it provides a comprehensive view of open files and the processes using them. fuser is limited to specific files, ps aux focuses on processes, and top monitors performance. Mastery of lsof is crucial for Linux administrators for resource management, system monitoring, and troubleshooting file access issues.

Question 78

Which command is used to change the default runlevel or target in a Linux system using systemd?

A) systemctl set-default
B) runlevel
C) telinit
D) init 3

Answer A) systemctl set-default

Explanation

A) systemctl set-default: In systemd-based systems, systemctl set-default changes the default target (runlevel equivalent) that the system enters at boot. For example, systemctl set-default graphical.target configures the system to boot into the graphical interface. Targets represent system states such as multi-user, graphical, rescue, and emergency. Using systemctl set-default is critical for defining system behavior, especially in server environments where headless operation or minimal services may be preferred. Administrators can also switch targets temporarily with systemctl isolate <target> without changing the default. This command ensures consistent system startup behavior and aligns with modern Linux initialization practices.

B) runlevel: runlevel displays the previous and current SysV init runlevel. While informative for legacy systems, it does not change the default target in systemd systems.

C) telinit: telinit changes the current runlevel on SysV init systems. It is largely replaced by systemctl in modern distributions.

D) init 3: init 3 manually switches the system to runlevel 3 (multi-user text mode) on SysV systems. It is immediate and does not change the default boot target for future startups.

systemctl set-default is correct because it modifies the default target in systemd systems, ensuring persistent boot behavior. runlevel and telinit are legacy commands, and init 3 only changes the current state temporarily. Mastery of systemctl set-default is essential for Linux administrators managing system startup and operational targets.

Question 79

Which command is used to test network connectivity to a host and measure packet loss and latency in Linux?

A) ping
B) traceroute
C) netstat
D) nslookup

Answer A) ping

Explanation

A) ping: The ping command sends ICMP Echo Request packets to a target host and reports ICMP Echo Reply responses. It measures round-trip time, packet loss, and network latency. For example, ping google.com continuously sends packets and displays statistics such as transmitted packets, received packets, loss percentage, and average latency. ping is the primary diagnostic tool for verifying basic connectivity, determining network reachability, and assessing network performance. Administrators use it for troubleshooting connectivity issues, checking DNS resolution, and validating network configurations. Its simplicity, reliability, and immediate feedback make ping indispensable for network diagnostics.

B) traceroute: traceroute shows the path packets take to reach a host by listing intermediate hops and their response times. While useful for diagnosing routing problems, it is not a continuous connectivity test.

C) netstat: netstat shows active network connections, listening ports, and routing information. It does not test connectivity to remote hosts.

D) nslookup: nslookup queries DNS to resolve hostnames to IP addresses. It tests name resolution but not connectivity or latency.

ping is correct because it provides a direct, continuous measure of connectivity, latency, and packet loss. traceroute analyzes routes, netstat shows connections, and nslookup tests DNS resolution. Mastery of ping is essential for Linux administrators to diagnose connectivity issues, monitor network performance, and validate system access to external hosts.

Question 80

Which command is used to view real-time system logs using the journal in systemd-based Linux distributions?

A) journalctl -f
B) tail -f /var/log/syslog
C) dmesg
D) less /var/log/messages

Answer A) journalctl -f

Explanation

A) journalctl -f: The journalctl command with the -f flag follows logs in real-time, similar to tail -f but for the systemd journal. For example, journalctl -f continuously displays new log entries as they are generated, including system messages, service logs, and kernel events. This is crucial for monitoring system behavior, diagnosing failures, and tracking service activity. The journal integrates logs from all services managed by systemd, providing a centralized, structured logging system with filtering capabilities by unit, priority, or time. Administrators rely on journalctl -f for live troubleshooting, auditing, and ensuring system reliability.

B) tail -f /var/log/syslog: tail -f monitors traditional syslog files. While effective for non-systemd distributions or legacy logging, it does not capture all messages from systemd services or kernel logs comprehensively.

C) dmesg: dmesg displays kernel ring buffer messages, useful for boot or hardware diagnostics. It is not a full system logging solution and cannot follow logs in real-time from all services.

D) less /var/log/messages: less is a pager for viewing logs but does not provide real-time following or structured systemd journal integration. It is static and does not allow live monitoring.

journalctl -f is correct because it provides live, comprehensive access to all systemd-managed logs. tail -f is limited to specific files, dmesg shows kernel messages only, and less is static. Mastery of journalctl -f is essential for Linux administrators to monitor system behavior, troubleshoot issues, and ensure operational reliability in systemd-based systems.