XK0-005 CompTIA Linux+  Exam  Dumps and Practice Test Questions Set 8 Q 141- 160

Visit here for our full CompTIA XK0-005 exam dumps and practice test questions.

Question 141

Which command is used to configure network interfaces and assign IP addresses on modern Linux systems using iproute2?

A) ip addr add
B) ifconfig
C) route add
D) netstat -i

Answer A) ip addr add

Explanation

A) ip addr add: ip addr add is used to assign an IP address to a network interface in Linux systems using the iproute2 suite. For example, ip addr add 192.168.1.10/24 dev eth0 assigns the IP address to the eth0 interface. Administrators use this command to configure network interfaces dynamically without restarting the system, set secondary IPs, or manage multiple interfaces. Proper understanding allows network troubleshooting, static IP assignment, and advanced network configuration. ip addr add also supports IPv6 configuration, making it versatile in modern network environments. Mastery of ip addr add is essential for Linux administrators to ensure network connectivity, enforce correct addressing, and manage interface configurations effectively.

B) ifconfig: ifconfig is an older tool for configuring interfaces, now largely deprecated. While it can assign IPs, it lacks support for modern features like IPv6 and policy routing, making it less suitable for current systems.

C) route add: route add adds routes to the kernel routing table but does not directly assign IP addresses to interfaces. It manages path selection rather than interface configuration.

D) netstat -i: netstat -i displays network interface statistics but does not modify configurations or assign IP addresses. It is used for monitoring, not configuration.

ip addr add is correct because it directly assigns IP addresses to interfaces using modern iproute2 commands. ifconfig is legacy, route add manages routing, and netstat -i monitors interfaces. Mastery of ip addr add ensures administrators can manage interface configurations accurately and maintain network reliability.

Question 142

Which command is used to change the password expiration policy for a user in Linux?

A) chage
B) passwd
C) usermod -e
D) sudo

Answer A) chage

Explanation

A) chage: chage allows administrators to view and modify a user’s password aging and expiration policy. For example, chage -M 90 john sets the maximum password age to 90 days for user john. chage provides options for minimum age, warning days before expiration, and inactivity periods, enabling enforcement of security policies and compliance with organizational standards. Proper use of chage ensures that passwords are updated regularly, reducing risk of compromise while maintaining operational flexibility. Administrators can audit and modify user password policies efficiently, supporting overall system security and regulatory compliance.

B) passwd: passwd changes a user’s current password but does not directly modify expiration policies or aging settings. It is for password updates rather than policy management.

C) usermod -e: usermod -e sets an account expiration date, which disables the account at a specific date, but it does not manage regular password expiration policies. It is focused on account lifecycle, not password aging.

D) sudo: sudo allows users to execute commands with elevated privileges but is unrelated to password expiration or aging management.

chage is correct because it directly manages password expiration and aging policies. passwd updates passwords, usermod -e sets account expiry, and sudo provides privilege escalation. Mastery of chage allows Linux administrators to enforce strong security policies, comply with best practices, and maintain secure user authentication.

Question 143

Which command is used to display system resource usage and load averages over a period in Linux?

A) uptime
B) free -h
C) top
D) vmstat

Answer D) vmstat

Explanation

A) uptime: uptime shows the current system time, how long the system has been running, the number of users, and load averages over 1, 5, and 15 minutes. It is informative but provides limited details on CPU, memory, and I/O usage.

B) free -h: free -h displays memory usage in a human-readable format but does not show CPU, I/O, or load average trends.

C) top: top provides real-time monitoring of processes, CPU, and memory usage, but it does not summarize historical data or trends over a period without continuous observation.

D) vmstat: vmstat displays system resource usage, including CPU, memory, swap, I/O, and system processes, in real-time or at set intervals. For example, vmstat 5 10 displays statistics every 5 seconds for 10 iterations. Administrators use vmstat to identify performance bottlenecks, analyze trends in resource utilization, and troubleshoot high load situations. It provides a comprehensive overview of system health and is particularly useful for capacity planning and performance tuning. Understanding vmstat metrics such as r, b, swpd, free, si, so, bi, bo, in, cs, us, sy, id, and wa allows administrators to make informed decisions about system optimization and resource allocation.

vmstat is correct because it provides detailed and interval-based system resource usage, including CPU, memory, and I/O. uptime shows load averages only, free -h focuses on memory, and top provides real-time per-process data. Mastery of vmstat allows Linux administrators to analyze performance trends, detect resource bottlenecks, and maintain system efficiency proactively.

Question 144

Which command is used to list open files and the processes that opened them in Linux?

A) lsof
B) fuser
C) stat
D) ls -l

Answer A) lsof

Explanation

A) lsof: lsof lists all open files and the processes that have them open. For example, lsof /var/log/syslog displays all processes accessing the syslog file. Administrators use lsof to troubleshoot file locks, diagnose file access conflicts, monitor resource usage, and detect unauthorized access. Since everything in Linux is treated as a file, including sockets and devices, lsof is a versatile tool for system auditing and debugging. Understanding lsof output, including PID, command, file descriptor, and file type, enables administrators to resolve issues related to file contention, deleted files still in use, and network socket usage. Proper use of lsof is critical in multi-user environments and for maintaining system stability.

B) fuser: fuser identifies processes using a specific file or filesystem and can terminate them, but it does not provide a comprehensive listing of all open files.

C) stat: stat displays detailed file attributes such as permissions, size, and timestamps, but does not show which processes have opened the file.

D) ls -l: ls -l lists files with permissions, ownership, and size, but does not show file usage or processes accessing them.

lsof is correct because it lists open files and the associated processes. fuser is more limited, stat provides file metadata, and ls -l lists directory contents. Mastery of lsof allows Linux administrators to identify resource usage, detect locked files, and troubleshoot system issues effectively.

Question 145

Which command is used to analyze and troubleshoot network connectivity by sending ICMP echo requests in Linux?

A) ping
B) traceroute
C) mtr
D) netstat

Answer A) ping

Explanation

A) ping: ping sends ICMP echo request packets to a target host and reports round-trip time, packet loss, and connectivity status. For example, ping 8.8.8.8 checks if the host is reachable and measures latency. Administrators use ping to verify network connectivity, diagnose packet loss, and determine network responsiveness. Understanding ping output is essential for troubleshooting network failures, verifying DNS resolution, and isolating routing problems. ping provides immediate feedback about network reachability and performance, making it one of the fundamental tools for network diagnostics in Linux.

B) traceroute: traceroute maps the route packets take to reach a host by displaying intermediate hops. While useful for path analysis, it does not measure simple connectivity or packet loss directly.

C) mtr: mtr combines ping and traceroute functionality to provide continuous monitoring of route performance and packet loss. While more detailed, it is not always installed by default and serves as an advanced alternative to ping.

D) netstat: netstat displays active network connections and listening ports but does not actively test connectivity or measure round-trip times.

ping is correct because it directly tests connectivity and measures network performance using ICMP echo requests. traceroute analyzes path, mtr provides combined metrics, and netstat shows connection states. Mastery of ping allows Linux administrators to quickly verify network availability, troubleshoot latency issues, and maintain operational network health.

Question 146

Which command is used to create, modify, and manage logical volumes in Linux using LVM?

A) lvcreate
B) lvextend
C) lvdisplay
D) vgcreate

Answer A) lvcreate

Explanation

A) lvcreate: lvcreate is used to create logical volumes (LVs) in Linux using the Logical Volume Manager (LVM). LVM allows administrators to abstract physical storage into flexible, resizable logical volumes. When using lvcreate, you specify the volume group, the size of the new logical volume, and optionally a name. For example, lvcreate -L 20G -n data_lv vg1 creates a 20 GB logical volume named data_lv in volume group vg1. Logical volumes are then formatted with filesystems and mounted like traditional partitions.

lvcreate is a critical tool because it enables administrators to manage storage dynamically. Unlike static partitioning, LVM allows resizing, snapshots, and combining multiple physical volumes into one logical group. This flexibility is essential in enterprise environments where storage requirements change frequently, such as databases, virtual machines, or file servers. Using lvcreate, administrators can optimize disk usage, distribute storage evenly across physical devices, and plan for future expansion without downtime.

B) lvextend: lvextend is used to increase the size of an existing logical volume. While powerful for dynamic storage management, it cannot create new logical volumes. It works in conjunction with lvcreate but addresses scaling rather than initial creation.

C) lvdisplay: lvdisplay provides detailed information about existing logical volumes, including size, UUID, and attributes. It is a diagnostic and monitoring tool, not a creation tool. Administrators use it to verify configurations, but it does not manage storage actively.

D) vgcreate: vgcreate is used to create volume groups from physical volumes. While necessary before creating logical volumes, it does not directly create or manage individual LVs. It is the higher-level step in LVM hierarchy, whereas lvcreate directly allocates space to logical volumes.

lvcreate is correct because it performs the essential task of creating new logical volumes. lvextend modifies existing volumes, lvdisplay displays information, and vgcreate sets up the volume group foundation. Mastery of lvcreate allows Linux administrators to design and manage flexible, scalable storage environments, ensure optimal resource allocation, and maintain high availability for applications and users. It is the starting point for implementing LVM-based storage strategies and integrating advanced features like snapshots, thin provisioning, and mirrored volumes.

Question 147

Which command is used to temporarily change the SELinux enforcement mode in Linux?

A) setenforce
B) getenforce
C) sestatus
D) semanage

Answer A) setenforce

Explanation

A) setenforce: setenforce temporarily changes the SELinux mode between enforcing and permissive without requiring a reboot. For example, setenforce 0 sets SELinux to permissive mode, allowing policy violations to be logged without enforcement, while setenforce 1 re-enables enforcement. Administrators use setenforce to troubleshoot access control issues, test policy changes, or temporarily disable enforcement during maintenance. Understanding setenforce is critical for safely managing security policies in production environments while maintaining system integrity.

SELinux operates in three modes: enforcing, permissive, and disabled. setenforce only switches between enforcing and permissive modes at runtime. It does not affect the permanent configuration in /etc/selinux/config, so changes revert after a reboot. Mastery of setenforce allows administrators to respond to application issues, debug policy violations, and ensure that security measures do not impede operational functionality.

B) getenforce: getenforce displays the current SELinux enforcement mode but does not modify it. It is useful for quick status checks but not for policy management.

C) sestatus: sestatus provides comprehensive information about SELinux status, including mode, policy loaded, and boolean settings. It is diagnostic rather than a control tool.

D) semanage: semanage is used to manage SELinux policy configurations, such as file contexts, port assignments, and boolean values. It is not used for runtime enforcement mode changes.

setenforce is correct because it allows temporary mode changes for SELinux, providing administrators with flexibility to troubleshoot and adjust security settings without rebooting. getenforce reports status, sestatus provides detailed diagnostics, and semanage configures policies. Mastery of setenforce ensures Linux administrators can maintain security enforcement while addressing operational challenges safely and efficiently.

Question 148

Which command is used to schedule periodic jobs in Linux using cron?

A) crontab -e
B) at
C) systemd-timers
D) batch

Answer A) crontab -e

Explanation

A) crontab -e: crontab -e opens the cron table for editing, allowing administrators to schedule recurring jobs with precise timing. For example, 0 2 * * * /usr/bin/backup.sh runs a backup script daily at 2 AM. Cron is a time-based job scheduler that is essential for system maintenance, automated tasks, monitoring, and reporting. Understanding crontab syntax (minute, hour, day of month, month, day of week, and command) is critical for ensuring tasks run as intended. Proper use of crontab allows administrators to automate repetitive tasks, maintain consistency, and reduce manual intervention.

B) at: at schedules one-time tasks to run at a specific time but does not handle recurring jobs. It is suitable for immediate or delayed execution rather than periodic scheduling.

C) systemd-timers: systemd-timers provide a modern alternative to cron in systemd-based distributions. While powerful and integrated with systemd, cron remains widely used and is standard across distributions. systemd-timers require understanding of units and timers, which may be more complex than simple cron expressions.

D) batch: batch schedules jobs for execution when system load is low. It is used for deferred processing, not precise recurring scheduling.

crontab -e is correct because it provides a simple, flexible way to schedule periodic tasks. at handles one-time jobs, systemd-timers are an alternative method, and batch schedules low-load tasks. Mastery of crontab -e allows Linux administrators to automate system maintenance, schedule backups, and perform repetitive tasks reliably, ensuring operational efficiency and reduced administrative overhead. Proper cron management also reduces human error and supports proactive system management practices.

Question 149

Which command is used to display the current inode usage and free inodes on a filesystem in Linux?

A) df -i
B) df -h
C) du -i
D) ls -i

Answer A) df -i

Explanation

A) df -i: df -i displays inode usage and availability for each mounted filesystem. Inodes store metadata for files and directories, including permissions, ownership, and pointers to data blocks. For example, df -i shows total inodes, used inodes, free inodes, and the percentage used. Administrators use df -i to monitor inode exhaustion, which can prevent new files from being created even when disk space is available. Understanding inode usage is critical in environments with large numbers of small files, such as mail servers, web servers, or log-intensive applications. Monitoring df -i allows proactive filesystem management, preventing operational disruptions due to inode depletion.

B) df -h: df -h displays disk space usage in a human-readable format but does not provide inode statistics. It is useful for monitoring storage capacity but does not reveal inode exhaustion risks.

C) du -i: du does not exist as a standard command for inodes. du displays disk usage per file or directory but does not report inode counts.

D) ls -i: ls -i displays the inode number for individual files but does not summarize inode usage for the entire filesystem. It is useful for specific file inspection but not for global monitoring.

df -i is correct because it shows comprehensive inode usage for mounted filesystems. df -h focuses on disk space, du reports directory size, and ls -i shows individual inode numbers. Mastery of df -i allows Linux administrators to prevent inode exhaustion, plan storage allocation, and maintain reliable filesystem operations. It is especially critical for systems with high file creation rates, ensuring long-term stability and uninterrupted service availability.

Question 150

Which command is used to permanently set environment variables for all users in a Linux system?

A) /etc/environment
B) export
C) set
D) /etc/profile

Answer A) /etc/environment

Explanation

A) /etc/environment: /etc/environment is a system-wide configuration file used to define environment variables for all users. Variables set here are loaded at login and applied globally, ensuring consistent behavior across sessions and services. For example, adding PATH=”/usr/local/bin:/usr/bin:/bin” to /etc/environment sets a global PATH. Administrators use this file to enforce standardized environment settings, such as language, locale, and application paths, across all users. Proper configuration ensures predictable application behavior, reduces configuration errors, and simplifies administration. Understanding the difference between shell-specific variables and global environment variables is critical for maintaining consistent system operation and avoiding conflicts between users or applications.

B) export: export sets environment variables for the current session or shell. It does not persist across logins or affect other users.

C) set: set displays or sets shell variables within a session. Like export, it is temporary and shell-specific.

D) /etc/profile: /etc/profile sets environment variables for all users in login shells, but it is processed by specific shells and may not apply universally to non-login shells or system services. /etc/environment is more universal for all login types and services.

/etc/environment is correct because it defines environment variables globally and permanently. export and set are session-specific, and /etc/profile is shell-specific. Mastery of /etc/environment allows Linux administrators to enforce consistent system-wide environment settings, ensure predictable application behavior, and maintain a stable configuration across all users and services. It is essential for environments with multiple users or applications requiring standardized paths, locale, or variables for proper operation.

Question 151

Which command is used to display detailed information about block devices and their partitions in Linux?

A) lsblk
B) fdisk -l
C) blkid
D) df -h

Answer A) lsblk

Explanation

A) lsblk: lsblk is used to display information about all block devices, including hard drives, SSDs, and their associated partitions in a tree-like format. For example, running lsblk lists devices with their names, sizes, types, and mount points, helping administrators visualize the disk layout. This command is critical for managing storage devices, planning partitioning, and troubleshooting disk-related issues. lsblk provides both hierarchical and detailed views, showing relationships between physical devices, logical volumes, and mounted partitions. Administrators rely on this information to ensure accurate filesystem management, prevent data loss during partitioning, and maintain system integrity. Additionally, lsblk can show information about swap devices and LVM volumes, making it versatile for complex storage environments. Understanding how to read the output of lsblk, including device names, sizes, types, and mount points, allows administrators to effectively plan storage allocation and manage available resources.

B) fdisk -l: fdisk -l lists partition tables on block devices and is traditionally used to create or modify partitions. While it provides low-level information, it is less user-friendly and lacks the hierarchical view of lsblk. fdisk -l is more suitable for manual partitioning rather than routine monitoring of device relationships.

C) blkid: blkid displays filesystem UUIDs and types for block devices. It is valuable for identifying devices, especially in /etc/fstab configuration, but does not show hierarchy, sizes, or mount points in the tree format provided by lsblk.

D) df -h: df -h displays disk usage statistics for mounted filesystems but provides no information about underlying block devices, partitions, or hierarchy. It is primarily used for monitoring available disk space.

lsblk is correct because it displays a comprehensive, hierarchical view of block devices and partitions. fdisk -l shows partition tables, blkid shows UUIDs and types, and df -h shows usage statistics. Mastery of lsblk enables Linux administrators to accurately visualize storage devices, troubleshoot mount issues, plan disk allocation, and maintain overall system reliability. It is particularly useful for servers with multiple disks, complex LVM configurations, or RAID arrays.

Question 152

Which command is used to create a new filesystem on a disk or partition in Linux?

A) mkfs
B) fsck
C) mount
D) blkid

Answer A) mkfs

Explanation

A) mkfs: mkfs (make filesystem) is used to create a new filesystem on a storage device, such as a hard disk, SSD, or partition. For example, mkfs.ext4 /dev/sdb1 formats the partition /dev/sdb1 with the ext4 filesystem. Administrators use mkfs when deploying new storage, reformatting existing volumes, or preparing disks for use in servers and workstations. Understanding mkfs is critical because creating a filesystem is a destructive process—it erases existing data—so careful planning is required. mkfs supports various filesystem types, including ext4, xfs, btrfs, and vfat, allowing administrators to select the most appropriate filesystem for performance, scalability, and compatibility needs. Proper use of mkfs ensures that storage devices are correctly prepared, compatible with the operating system, and optimized for performance and reliability.

B) fsck: fsck checks and repairs existing filesystems but does not create new ones. It is used for maintenance and troubleshooting rather than initial setup.

C) mount: mount attaches an existing filesystem to the directory tree, making it accessible to the system. It does not create filesystems, only makes them usable.

D) blkid: blkid identifies block devices and displays filesystem types and UUIDs. It does not create filesystems; it is used for identification and configuration purposes.

mkfs is correct because it is the standard tool for creating filesystems. fsck repairs filesystems, mount attaches them, and blkid identifies them. Mastery of mkfs allows Linux administrators to safely and effectively prepare storage devices for operational use, choose appropriate filesystem types, and ensure system stability and performance in production environments.

Question 153

Which command is used to monitor and analyze real-time network traffic and packet statistics in Linux?

A) tcpdump
B) netstat
C) ifconfig
D) ip addr

Answer A) tcpdump

Explanation

A) tcpdump: tcpdump captures and displays network packets transmitted or received by a system. For example, tcpdump -i eth0 captures packets on the eth0 interface, allowing administrators to analyze traffic, diagnose network issues, and monitor communication between hosts. tcpdump supports filtering by protocol, port, or IP address, enabling precise and detailed network analysis. Mastery of tcpdump is crucial for troubleshooting network connectivity issues, detecting security incidents, and optimizing network performance. Understanding the various fields in packet headers, such as source and destination IPs, protocol types, flags, and payload data, allows administrators to interpret traffic patterns, identify anomalies, and take corrective action. tcpdump is widely used in enterprise and security environments due to its versatility, precision, and real-time analysis capabilities.

B) netstat: netstat provides a summary of active network connections, listening ports, and routing tables. It does not capture packet-level traffic and is more suited for monitoring connection states rather than detailed analysis.

C) ifconfig: ifconfig displays and configures network interfaces but does not monitor traffic at the packet level. It is useful for interface management and basic diagnostics.

D) ip addr: ip addr shows interface IP addresses and configuration details but does not provide network traffic capture or analysis. It is focused on configuration rather than monitoring.

tcpdump is correct because it captures and analyzes real-time network traffic. netstat shows connections, ifconfig manages interfaces, and ip addr displays configuration. Mastery of tcpdump allows Linux administrators to diagnose network problems, detect unauthorized activity, and ensure secure and efficient network operation. It is indispensable for in-depth network troubleshooting and security auditing.

Question 154

Which command is used to configure a static IP address permanently on a Red Hat-based Linux system?

A) nmcli connection modify
B) ifconfig
C) ip addr add
D) systemctl restart network

Answer A) nmcli connection modify

Explanation

A) nmcli connection modify: nmcli is a command-line interface for NetworkManager. nmcli connection modify <connection_name> ipv4.addresses <IP>/<prefix> ipv4.gateway <gateway> ipv4.dns <dns> ipv4.method manual permanently sets a static IP. Administrators use nmcli to configure interfaces persistently, ensuring settings survive reboots. It integrates with NetworkManager, allowing management of multiple connections, bonding, and VLANs. Understanding nmcli syntax, including connection names and parameters, ensures proper network configuration without conflicts. Mastery of nmcli enables administrators to automate network setup, enforce corporate IP policies, and maintain consistent connectivity across systems.

B) ifconfig: ifconfig can set an IP address temporarily but is not persistent across reboots. It is considered deprecated on modern systems.

C) ip addr add: ip addr add configures IP addresses temporarily. It is powerful but does not modify persistent network settings.

D) systemctl restart network: restarting the network service reloads configurations but does not itself configure IP addresses. It applies settings already defined.

nmcli connection modify is correct because it permanently configures static IPs in a managed and persistent manner. ifconfig and ip addr add are temporary, and systemctl restart network only applies existing configurations. Mastery of nmcli allows Linux administrators to ensure consistent, reliable network settings in enterprise environments.

Question 155

Which command is used to display open TCP and UDP ports along with associated processes in Linux?

A) ss -tulnp
B) netstat -an
C) lsof -i
D) fuser -n tcp

Answer A) ss -tulnp

Explanation

A) ss -tulnp: ss displays socket statistics, including open TCP and UDP ports and associated processes. The flags -t (TCP), -u (UDP), -l (listening), -n (numeric addresses), and -p (process info) provide comprehensive details. For example, ss -tulnp lists all listening sockets with PID and program name, enabling administrators to identify services and troubleshoot network connectivity issues. ss is a modern replacement for netstat, offering faster performance and more detailed output. Understanding ss output allows administrators to secure services, detect unexpected open ports, and monitor server activity. Mastery of ss is critical for network diagnostics, auditing, and security enforcement in modern Linux environments.

B) netstat -an: netstat -an lists open ports and addresses numerically but does not provide process information by default and is slower than ss. It is largely considered legacy.

C) lsof -i: lsof -i lists open network files and associated processes. It provides similar information but may be slower and less integrated with socket statistics compared to ss.

D) fuser -n tcp: fuser identifies processes using a specific TCP port but is limited to targeted ports rather than listing all sockets. It is useful for killing processes but not for comprehensive monitoring.

ss -tulnp is correct because it provides a complete, fast, and process-aware view of open TCP and UDP ports. netstat -an is legacy, lsof -i is slower, and fuser -n tcp is limited to specific ports. Mastery of ss -tulnp allows Linux administrators to monitor network activity, secure services, and troubleshoot connectivity efficiently in modern systems.

Question 156

Which command is used to view real-time journal logs managed by systemd on a Linux system?

A) journalctl -f
B) tail -f /var/log/messages
C) dmesg
D) logger

Answer A) journalctl -f

Explanation

A) journalctl -f: journalctl is a systemd utility for viewing logs stored in the systemd journal. The -f flag follows logs in real time, similar to tail -f. Administrators use it to monitor ongoing system events, diagnose failures, and troubleshoot services in a live environment. It integrates seamlessly with systemd services, capturing logs from kernel messages, applications, and system units. By filtering logs using options like -u <unit>, -p <priority>, or –since and –until, administrators can focus on specific services or time frames. Mastery of journalctl -f enables proactive troubleshooting, real-time monitoring, and deep understanding of system behavior. This command is essential for identifying performance bottlenecks, security incidents, or service failures as they occur.

B) tail -f /var/log/messages: tail -f monitors log files in real time, but it only works with traditional log files. It does not capture all systemd-managed logs or structured journal entries. While useful, it lacks integration with systemd features.

C) dmesg: dmesg displays kernel ring buffer messages. It is valuable for hardware and driver diagnostics but does not capture logs from user-space services or full systemd-managed logs.

D) logger: logger sends messages to the system log. It is used to manually log events, not for viewing or monitoring logs in real time.

journalctl -f is correct because it provides a comprehensive, real-time view of systemd-managed logs. tail -f is limited to specific files, dmesg focuses on kernel messages, and logger writes logs rather than viewing them. Mastery of journalctl -f allows administrators to efficiently monitor system health, respond to issues immediately, and maintain high system availability and reliability. It is an indispensable tool for modern Linux system administration.

Question 157

Which command is used to create a compressed archive using the tar utility in Linux?

A) tar -czvf archive.tar.gz /path/to/files
B) zip archive.zip /path/to/files
C) gzip /path/to/file
D) bzip2 /path/to/file

Answer A) tar -czvf archive.tar.gz /path/to/files

Explanation

A) tar -czvf archive.tar.gz /path/to/files: tar is a widely used utility for creating archives in Linux. The -c flag creates a new archive, -z compresses it using gzip, -v provides verbose output, and -f specifies the filename. This command is essential for backup, file distribution, and data transfer. Administrators rely on tar to combine multiple files or directories into a single archive, reducing complexity and improving manageability. tar also supports incremental backups, preserving file metadata, permissions, and directory structures, which is crucial for disaster recovery. Understanding tar syntax allows administrators to efficiently compress data, maintain organized archives, and transfer files between systems without losing metadata or access control information. Mastery of tar is fundamental for routine system administration, backup strategies, and archival operations.

B) zip archive.zip /path/to/files: zip compresses files into a .zip archive, commonly used in cross-platform environments. While effective, it does not preserve all Linux-specific metadata, such as permissions and symbolic links, as reliably as tar.

C) gzip /path/to/file: gzip compresses a single file but does not create a multi-file archive. It is useful for compression but lacks the archival capability of tar.

D) bzip2 /path/to/file: bzip2 compresses a single file with a higher compression ratio than gzip, but like gzip, it does not create multi-file archives. It is primarily used for compression rather than archival purposes.

tar -czvf archive.tar.gz /path/to/files is correct because it creates a compressed archive while preserving metadata and directory structure. zip is cross-platform but less Linux-friendly, gzip compresses single files, and bzip2 compresses single files with higher efficiency. Mastery of tar ensures Linux administrators can efficiently back up data, distribute files, and maintain proper file permissions and structure across systems.

Question 158

Which command is used to set up a RAID 1 (mirroring) array using mdadm in Linux?

A) mdadm –create –verbose /dev/md0 –level=1 –raid-devices=2 /dev/sdb /dev/sdc
B) mkfs.ext4 /dev/md0
C) lvcreate -L 20G -n raid_lv vg1
D) mdadm –assemble /dev/md0 /dev/sdb /dev/sdc

Answer A) mdadm –create –verbose /dev/md0 –level=1 –raid-devices=2 /dev/sdb /dev/sdc

Explanation

A) mdadm –create –verbose /dev/md0 –level=1 –raid-devices=2 /dev/sdb /dev/sdc: This command creates a new RAID 1 array named /dev/md0 with two devices, /dev/sdb and /dev/sdc. RAID 1 provides mirroring, ensuring data redundancy by writing identical data to both disks. Administrators use mdadm to configure software RAID arrays for data protection, high availability, and fault tolerance. The –verbose flag provides detailed output during creation, and specifying the RAID level ensures the desired redundancy. Mastery of mdadm allows administrators to plan storage strategies, implement redundancy, and prevent data loss in case of disk failures. Understanding RAID 1 behavior is critical, as read operations can be distributed across disks, and write operations are duplicated, providing both performance and reliability benefits.

B) mkfs.ext4 /dev/md0: mkfs formats a device with a filesystem but does not create a RAID array. It is used after RAID creation to make the array usable by the operating system.

C) lvcreate -L 20G -n raid_lv vg1: lvcreate is used to create logical volumes in LVM, not to configure RAID. RAID and LVM are separate storage management techniques.

D) mdadm –assemble /dev/md0 /dev/sdb /dev/sdc: mdadm –assemble is used to assemble an existing RAID array from component disks. It does not create a new RAID array.

mdadm –create –verbose /dev/md0 –level=1 –raid-devices=2 /dev/sdb /dev/sdc is correct because it sets up a new RAID 1 array. mkfs formats, lvcreate manages LVM, and mdadm –assemble reconstructs existing arrays. Mastery of mdadm ensures Linux administrators can configure redundant storage, maintain data integrity, and provide high availability for critical applications and services.

Question 159

Which command is used to view the current kernel version and system architecture in Linux?

A) uname -r
B) cat /proc/version
C) hostnamectl
D) lscpu

Answer A) uname -r

Explanation

A) uname -r: uname displays system information, with -r specifically showing the kernel release version. For example, uname -r outputs something like 5.15.0-60-generic. Administrators use uname to verify kernel versions for compatibility, patching, or troubleshooting. Combined with other flags, uname can display architecture (-m), kernel name (-s), and more. Mastery of uname ensures administrators can identify kernel-specific issues, validate system compatibility for software, and confirm updates have been applied. It is essential for both operational and security management, as kernel version affects driver support, security patches, and feature availability.

B) cat /proc/version: Displays detailed kernel and GCC version information, but it is less concise than uname -r and harder to parse for quick verification.

C) hostnamectl: Shows system hostname and related metadata, including operating system and architecture, but does not focus solely on kernel release details.

D) lscpu: Displays CPU architecture details, such as cores, threads, and instruction set, but does not show kernel version.

uname -r is correct because it provides the current kernel version directly and concisely. cat /proc/version is more verbose, hostnamectl includes metadata, and lscpu focuses on CPU architecture. Mastery of uname -r allows Linux administrators to verify kernel versions, plan updates, and ensure compatibility with software, drivers, and security patches.

Question 160

Which command is used to manage firewall rules and services using firewalld in Linux?

A) firewall-cmd
B) iptables
C) ufw
D) netstat -tuln

Answer A) firewall-cmd

Explanation

A) firewall-cmd: firewall-cmd is the command-line interface for firewalld, which manages dynamic firewall rules. For example, firewall-cmd –add-service=http –permanent allows HTTP traffic permanently, and firewall-cmd –reload applies changes. Administrators use firewall-cmd to define zones, manage ports, and control access, enhancing system security. firewalld supports runtime and permanent configurations, making it flexible for temporary adjustments and persistent policies. Mastery of firewall-cmd allows administrators to enforce network security, prevent unauthorized access, and maintain a reliable firewall strategy that aligns with organizational policies. Its integration with systemd ensures rules persist across reboots and services.

B) iptables: iptables is a legacy firewall management tool that directly manipulates netfilter rules. It is powerful but less user-friendly and does not integrate dynamically like firewalld.

C) ufw: ufw is an uncomplicated firewall utility used primarily on Ubuntu-based systems. It is simpler than firewall-cmd but not native to all distributions.

D) netstat -tuln: netstat displays open TCP and UDP ports but does not manage firewall rules or access policies.

firewall-cmd is correct because it is the standard tool for managing firewalld rules. iptables is legacy, ufw is distribution-specific, and netstat only monitors connections. Mastery of firewall-cmd ensures Linux administrators can enforce dynamic, persistent firewall policies, secure services, and maintain control over network traffic effectively. It is essential for protecting servers, preventing attacks, and ensuring compliant network configurations.