XK0-005  CompTIA Linux+  Exam  Dumps and Practice Test Questions Set 9 Q 161- 180

Visit here for our full CompTIA XK0-005 exam dumps and practice test questions.

Question 161

Which command is used to configure and display kernel modules in Linux?

A) lsmod
B) modprobe
C) insmod
D) rmmod

Answer B) modprobe

Explanation

A) lsmod: lsmod lists all currently loaded kernel modules, providing module names, sizes, and usage counts. It is a diagnostic tool used to check which modules are active in the kernel at any given time. While it provides visibility into the kernel, it does not load or remove modules, making it unsuitable for configuration purposes. Administrators use lsmod primarily for troubleshooting, verifying driver loads, or confirming that dependencies are active. Understanding lsmod output is crucial for managing kernel dependencies and preventing conflicts, but it is passive in terms of module management.

B) modprobe: modprobe loads or removes kernel modules while automatically resolving dependencies. For example, modprobe e1000 loads the Intel network driver and all associated dependencies, whereas modprobe -r e1000 removes it. modprobe is essential for dynamically managing hardware drivers, filesystem modules, or kernel extensions. Mastery of modprobe enables administrators to add or remove functionality without rebooting, maintain system stability, and ensure proper hardware support. It is superior to insmod because it handles dependency resolution automatically and provides robust error handling. Proper use of modprobe allows for real-time hardware management, troubleshooting driver issues, and customizing the kernel environment for specific applications.

C) insmod: insmod inserts a kernel module directly but does not resolve dependencies automatically. It requires the administrator to manually load all required modules, which increases the risk of errors or missing dependencies. insmod is generally used in testing or controlled environments rather than regular system administration.

D) rmmod: rmmod removes a loaded module from the kernel. It does not handle dependencies, which means removing a module that is required by others may fail or destabilize the system. It is primarily used to unload a module rather than configure or load new ones.

modprobe is correct because it manages kernel modules dynamically and resolves dependencies automatically. lsmod only displays modules, insmod inserts without resolving dependencies, and rmmod removes modules. Mastery of modprobe allows Linux administrators to maintain kernel functionality, dynamically manage drivers and extensions, and troubleshoot hardware and software integration issues efficiently while minimizing the risk of system instability.

Question 162

Which command is used to analyze disk usage per directory in a human-readable format in Linux?

A) du -h
B) df -h
C) ls -lh
D) ncdu

Answer A) du -h

Explanation

A) du -h: du (disk usage) summarizes the disk usage of directories and files. The -h flag displays output in a human-readable format, such as KB, MB, or GB. For example, du -h /var/log shows the size of /var/log and all subdirectories. Administrators use du to identify large directories, manage storage quotas, and perform cleanup operations. Mastery of du enables efficient storage planning, prevention of disk exhaustion, and optimization of filesystem usage. du supports additional flags such as –max-depth to limit recursion, allowing administrators to focus on specific directory levels. Proper use of du is crucial for capacity planning, performance optimization, and identifying sources of excessive disk consumption that could impact system stability.

B) df -h: df reports overall disk space usage per filesystem, not per directory. It is valuable for monitoring global storage availability but does not provide directory-specific insights.

C) ls -lh: ls -lh lists files in a directory with sizes in human-readable format but does not summarize subdirectories or provide aggregated data, making it less effective for storage analysis.

D) ncdu: ncdu (NCurses Disk Usage) is an interactive tool for analyzing disk usage. While powerful, it may not be installed by default and requires additional learning, unlike the standard du command. It is a graphical alternative for detailed exploration.

du -h is correct because it provides human-readable, recursive disk usage summaries per directory. df -h focuses on filesystems, ls -lh lists files, and ncdu is optional and interactive. Mastery of du -h enables Linux administrators to manage disk space proactively, identify storage bottlenecks, and maintain filesystem efficiency, ensuring uninterrupted system operation and effective resource allocation.

Question 163

Which command is used to check the health of a filesystem and repair errors in Linux?

A) fsck
B) e2fsck
C) tune2fs
D) dumpe2fs

Answer A) fsck

Explanation

A) fsck: fsck (filesystem check) is a utility used to examine and repair filesystem inconsistencies. For example, fsck /dev/sda1 scans the specified partition for errors and can attempt automatic repair. Administrators use fsck for routine maintenance, troubleshooting filesystem corruption, and recovering from unexpected shutdowns or hardware failures. Mastery of fsck ensures the integrity of file systems, prevents data loss, and maintains system reliability. It supports various filesystem types through specialized implementations, such as e2fsck for ext2/ext3/ext4, allowing targeted error handling. Proper use of fsck involves unmounting the filesystem before checking to avoid data corruption. Understanding error messages and repair options allows administrators to address critical issues safely and maintain operational continuity.

B) e2fsck: e2fsck is specifically for ext2/ext3/ext4 filesystems. It provides similar functionality to fsck for these types but is invoked directly rather than using the general fsck wrapper.

C) tune2fs: tune2fs modifies filesystem parameters, such as reserved block count, check intervals, and label. It does not repair errors but configures filesystem attributes for performance and maintenance policies.

D) dumpe2fs: dumpe2fs displays detailed information about ext2/ext3/ext4 filesystems, including superblock and block group data. It is a diagnostic tool, not a repair utility.

fsck is correct because it checks and repairs filesystems. e2fsck is specialized for ext filesystems, tune2fs modifies settings, and dumpe2fs inspects metadata. Mastery of fsck allows Linux administrators to maintain filesystem integrity, recover from corruption, and ensure data reliability, which is critical for preventing downtime, data loss, and operational disruptions. It is fundamental for disaster recovery planning and routine maintenance strategies.

Question 164

Which command is used to change the priority (niceness) of a running process in Linux?

A) renice
B) nice
C) top
D) ps

Answer A) renice

Explanation

A) renice: renice changes the scheduling priority of an already running process. For example, renice +10 -p 1234 increases the niceness value of process 1234, lowering its CPU priority. Administrators use renice to manage system resources, ensuring critical processes receive appropriate CPU time while less important tasks run at lower priority. Mastery of renice allows for dynamic adjustment of process priorities to optimize performance, prevent resource starvation, and maintain system responsiveness. It is crucial in multi-user environments or on servers with heavy workloads, enabling fine-tuned resource allocation without restarting processes. Understanding how niceness values affect scheduling allows administrators to balance system performance and ensure critical services remain responsive under load.

B) nice: nice sets the priority of a process at launch. While related, it does not change the priority of processes that are already running. It is used for initial resource management rather than dynamic adjustment.

C) top: top displays real-time process information, including CPU and memory usage. It can adjust priority interactively in some implementations, but renice is the standard command for permanent priority adjustment.

D) ps: ps lists processes and their details, such as PID, memory, and CPU usage. It is informational only and does not modify process priority.

renice is correct because it adjusts the priority of running processes dynamically. nice sets priority at launch, top is primarily monitoring, and ps only lists processes. Mastery of renice enables Linux administrators to manage system performance proactively, prevent CPU bottlenecks, and maintain responsiveness for critical workloads, ensuring efficient system operation and stability.

Question 165

Which command is used to identify which package provides a specific file on an RPM-based Linux system?

A) rpm -qf /path/to/file
B) yum list installed | grep filename
C) dpkg -S /path/to/file
D) rpm -qi package_name

Answer A) rpm -qf /path/to/file

Explanation

A) rpm -qf /path/to/file: rpm -qf identifies the package that owns a particular file in RPM-based systems. For example, rpm -qf /usr/bin/vi reveals which package installed the vi executable. This command is crucial for troubleshooting, auditing, and understanding system dependencies. Administrators use it to determine the source of files, verify installations, and plan package updates or removals without breaking dependencies. Mastery of rpm -qf allows precise tracking of software, ensuring system integrity, and avoiding accidental removal of critical files. It is essential in enterprise environments where multiple packages and dependencies exist, helping administrators maintain control and accountability over software installations.

B) yum list installed | grep filename: This searches installed packages by name but does not directly link a specific file to its package. It is less precise and may produce false positives.

C) dpkg -S /path/to/file: dpkg -S performs a similar function on Debian-based systems. It is not applicable for RPM-based distributions, making it irrelevant for the context.

D) rpm -qi package_name: rpm -qi provides detailed information about a specific package but does not identify which package owns a particular file. It is informative but not diagnostic in this context.

rpm -qf /path/to/file is correct because it directly identifies the package owning a file on RPM-based systems. yum list installed is indirect, dpkg -S is for Debian systems, and rpm -qi is descriptive. Mastery of rpm -qf enables Linux administrators to manage packages accurately, troubleshoot missing files, verify installations, and maintain system stability and compliance. It is a key tool for package management, dependency tracking, and maintaining operational integrity on enterprise Linux servers.

Question 166

Which command is used to display currently mounted filesystems along with their mount points and options in Linux?

A) mount
B) df -h
C) lsblk
D) findmnt

Answer D) findmnt

Explanation

A) mount: mount can display currently mounted filesystems without any arguments. It provides a basic overview of devices, mount points, and options. While useful, its output is not always structured and can be difficult to parse in automated scripts. mount is more traditionally used to attach filesystems, and viewing mounts is a secondary capability. Understanding mount output is essential for verifying that filesystems are correctly mounted and that options such as read-only or noexec are applied correctly. However, it lacks the hierarchy and filtering capabilities that modern administrators often require.

B) df -h: df -h shows disk space usage per filesystem in a human-readable format. It includes the filesystem, size, used space, available space, and mount point. It does not show detailed mount options, hierarchy, or device relationships, limiting its usefulness for thorough mount analysis. df -h is primarily a monitoring tool for available space rather than a configuration or diagnostic utility.

C) lsblk: lsblk provides a tree-like view of block devices and their partitions, including mount points. It gives a clear hierarchical structure but does not display all mount options. While useful for visualizing device relationships and planning storage allocation, lsblk is less suited for auditing current mount options and configurations.

D) findmnt: findmnt is the modern utility designed specifically to display mounted filesystems in a structured, hierarchical, and filterable manner. It shows the source device, target mount point, filesystem type, and mount options. Administrators use findmnt to analyze mount configurations, verify system integrity, and troubleshoot issues related to device mounting. Mastery of findmnt allows efficient examination of complex storage setups, including nested mounts, bind mounts, and network filesystems. Its filtering capabilities enable administrators to focus on specific mount points or devices, improving clarity and operational efficiency. findmnt integrates well with automation scripts, allowing dynamic queries and real-time monitoring of mount configurations.

findmnt is correct because it provides a detailed, structured view of currently mounted filesystems, including options. mount shows mounts but is less structured, df -h focuses on usage, and lsblk visualizes devices but lacks full mount details. Mastery of findmnt allows Linux administrators to audit storage configurations, verify proper mounting, and troubleshoot mount-related issues systematically.

Question 167

Which command is used to create and manage logical volumes in an LVM setup?

A) lvcreate
B) vgcreate
C) pvcreate
D) lvextend

Answer A) lvcreate

Explanation

A) lvcreate: lvcreate is used to create logical volumes within a volume group in Linux LVM (Logical Volume Manager). For example, lvcreate -L 20G -n lv_data vg1 creates a 20GB logical volume named lv_data within the volume group vg1. Logical volumes function as flexible, resizable block devices that can host filesystems, swap, or databases. Administrators use lvcreate to allocate storage dynamically, optimize disk usage, and manage growing or shrinking workloads. Mastery of lvcreate enables precise planning of storage layout, efficient utilization of physical volumes, and flexible scaling for applications. It supports additional parameters such as snapshots, which provide backups without downtime, and striping across multiple physical volumes to improve performance. Understanding lvcreate is essential for ensuring storage reliability, optimizing performance, and supporting disaster recovery strategies.

B) vgcreate: vgcreate initializes a volume group using one or more physical volumes. It is a prerequisite step in LVM but does not create individual logical volumes. vgcreate defines the container in which logical volumes can reside.

C) pvcreate: pvcreate initializes a physical volume for use in LVM. It prepares raw storage devices for inclusion in volume groups but does not create logical volumes.

D) lvextend: lvextend increases the size of an existing logical volume. It is a management tool for resizing but cannot create a new volume from scratch.

lvcreate is correct because it creates new logical volumes within existing volume groups. vgcreate defines groups, pvcreate prepares physical devices, and lvextend modifies existing volumes. Mastery of lvcreate allows Linux administrators to implement flexible, scalable storage solutions, optimize disk space utilization, and support dynamic application requirements effectively.

Question 168

Which command is used to schedule recurring tasks for a specific user in Linux?

A) crontab -e
B) at
C) systemctl enable
D) batch

Answer A) crontab -e

Explanation

A) crontab -e: crontab allows users to schedule recurring tasks in Linux. Using crontab -e opens the user’s crontab file for editing. Each line in the file specifies a schedule (minute, hour, day, month, weekday) and the command to run. Administrators use crontab to automate maintenance tasks, backups, updates, and monitoring scripts. Mastery of crontab -e involves understanding cron syntax, including wildcards, ranges, and lists. Proper configuration ensures reliable task execution, prevents overlaps or missed jobs, and maintains system stability. crontab supports per-user schedules, making it ideal for multi-user systems where different scripts must run independently. Understanding crontab also involves logging and error handling to ensure task success and traceability.

B) at: at schedules one-time tasks at a specified time. It is not suitable for recurring tasks. at is useful for immediate or delayed execution but lacks the recurring scheduling capabilities of cron.

C) systemctl enable: systemctl enable configures systemd services to start automatically at boot. It does not schedule arbitrary commands for recurring execution at user-defined intervals.

D) batch: batch schedules tasks to run when system load is low. Like at, it is for one-time execution based on system conditions rather than regular, recurring schedules.

crontab -e is correct because it schedules recurring tasks for specific users. at is for one-time execution, systemctl enables services at boot, and batch executes under load conditions. Mastery of crontab -e allows Linux administrators to automate routine maintenance, improve operational efficiency, and ensure consistent execution of critical tasks across systems.

Question 169

Which command is used to display the current runlevel or systemd target in Linux?

A) runlevel
B) systemctl get-default
C) who -r
D) init 0

Answer B) systemctl get-default

Explanation

A) runlevel: runlevel displays the previous and current SysV runlevel on systems using the older init system. It shows numeric levels such as 3 for multi-user mode or 5 for graphical mode. While still available on some modern systems, runlevel is largely replaced by systemd targets.

B) systemctl get-default: systemctl get-default shows the default systemd target that determines the startup behavior, such as graphical.target or multi-user.target. Administrators use this command to verify system boot configuration, troubleshoot incorrect startup behavior, and plan service management. Mastery of systemctl get-default allows administrators to align system targets with operational requirements, ensure proper service initialization, and maintain predictable boot states. systemd targets are more flexible than traditional runlevels, supporting dependencies, ordering, and specialized configurations.

C) who -r: who -r displays the current runlevel on systems using SysV init, similar to runlevel. It provides information about the previous and current state but does not integrate with systemd targets.

D) init 0: init 0 shuts down the system, changing the runlevel to 0. It does not display current runlevel or targets.

systemctl get-default is correct because it shows the active systemd target and default boot target. runlevel and who -r display legacy runlevels, and init 0 shuts down the system. Mastery of systemctl get-default enables Linux administrators to manage startup behavior, troubleshoot boot issues, and maintain consistent system operation. It is essential for aligning system targets with service requirements and operational policies.

Question 170

Which command is used to display memory usage and system statistics in Linux?

A) free -h
B) top
C) vmstat
D) sar

Answer A) free -h

Explanation

A) free -h: free displays memory usage, including total, used, free, shared, buffers/cache, and available memory. The -h flag presents the information in human-readable format (KB, MB, GB). Administrators use free -h to monitor system memory, identify resource bottlenecks, and troubleshoot performance issues. Mastery of free involves interpreting memory metrics, including how buffers and cache impact available memory. Proper use ensures informed decisions for performance tuning, capacity planning, and resource allocation. It is vital for diagnosing memory exhaustion, optimizing application performance, and maintaining system stability under varying workloads.

B) top: top provides a dynamic, real-time view of CPU and memory usage for processes. While it displays memory statistics, it focuses more on per-process resource consumption rather than a concise system summary.

C) vmstat: vmstat reports system performance metrics, including CPU, memory, swap, and I/O statistics over intervals. It is more suitable for performance monitoring rather than a quick memory summary.

D) sar: sar collects and reports historical system performance metrics, including CPU, memory, and I/O. It requires configuration and is used for long-term monitoring rather than immediate memory inspection.

free -h is correct because it provides a concise, human-readable summary of memory usage. top is real-time and per-process focused, vmstat gives interval performance data, and sar provides historical metrics. Mastery of free -h allows Linux administrators to quickly assess memory availability, plan for resource-intensive workloads, and ensure system performance and reliability. It is fundamental for system monitoring, troubleshooting, and optimization.

Question 171

Which command is used to change the group ownership of a file in Linux?

A) chgrp
B) chmod
C) chown
D) groups

Answer A) chgrp

Explanation

A) chgrp: chgrp changes the group ownership of a file or directory. For example, chgrp developers /home/project/file.txt assigns the file to the “developers” group. Administrators use chgrp to manage group-based access control, ensuring that users within a group can access shared resources according to security policies. Mastery of chgrp is essential for managing multi-user environments, maintaining proper permissions, and implementing collaborative workflows without compromising system security. chgrp can be combined with recursive options (-R) to change group ownership for entire directories, which is crucial for enforcing consistent access controls across multiple files and subdirectories. Understanding how group ownership interacts with file permissions allows administrators to prevent unauthorized access while enabling collaboration efficiently.

B) chmod: chmod modifies file permissions (read, write, execute) but does not change ownership. It is used to define what actions users or groups can perform but cannot assign ownership to different users or groups.

C) chown: chown changes the owner and optionally the group of a file. While chown can be used to modify group ownership, chgrp is specifically designed for group changes and is often preferred for clarity and administrative best practices.

D) groups: groups displays the groups to which a user belongs. It provides informational output only and does not modify ownership or permissions.

chgrp is correct because it directly changes group ownership. chmod changes permissions, chown changes ownership (including group optionally), and groups displays group memberships. Mastery of chgrp allows Linux administrators to implement proper access control, maintain collaboration policies, and ensure security compliance across shared files and directories, which is crucial in enterprise environments.

Question 172

Which command is used to monitor real-time CPU usage and processes in Linux?

A) top
B) ps
C) htop
D) uptime

Answer A) top

Explanation

A) top: top provides a real-time, interactive display of CPU usage, memory consumption, and running processes. Administrators use top to identify resource-intensive processes, monitor system performance, and troubleshoot performance bottlenecks. top displays process IDs, priority, CPU usage percentages, and memory utilization, enabling administrators to make informed decisions about process management. Mastery of top involves using sorting, filtering, and interactive commands (such as killing processes or changing priorities) to manage system load dynamically. It is critical for performance tuning, ensuring critical services remain responsive, and avoiding resource starvation in multi-user or high-load environments. top also provides insights into load averages, helping administrators gauge overall system stress over time.

B) ps: ps lists active processes with associated details, but it provides a snapshot rather than continuous monitoring. While useful for scripting or single-time inspections, it lacks real-time interactive monitoring capabilities.

C) htop: htop is a more user-friendly, interactive alternative to top. It provides visual enhancements and easier navigation but may not be installed by default. top remains the standard command universally available on Linux systems.

D) uptime: uptime shows how long the system has been running, the number of logged-in users, and load averages. It provides high-level performance metrics but does not display detailed per-process CPU usage.

top is correct because it provides real-time monitoring of CPU usage and processes. ps is a snapshot, htop is optional and interactive, and uptime is high-level only. Mastery of top allows Linux administrators to monitor resource utilization, troubleshoot performance issues, and maintain system responsiveness, ensuring operational stability in dynamic environments.

Question 173

Which command is used to display network interface configuration and IP addresses in Linux?

A) ip addr show
B) ifconfig
C) nmcli device show
D) netstat -i

Answer A) ip addr show

Explanation

A) ip addr show: ip addr show displays detailed information about network interfaces, including IP addresses, MAC addresses, and interface status. Administrators use this command to verify network configurations, troubleshoot connectivity issues, and manage interface addresses. Mastery of ip addr show allows for comprehensive analysis of interface properties, IP assignments, and link statuses, which is essential for ensuring network reliability and proper routing in Linux systems. It replaces the older ifconfig utility, providing more extensive functionality and integration with modern Linux networking features such as namespaces and virtual interfaces.

B) ifconfig: ifconfig is a legacy command for displaying interface configurations and assigning IP addresses. While it works on many systems, it is deprecated in favor of ip commands, which provide broader functionality and better support for modern network features.

C) nmcli device show: nmcli is the command-line tool for NetworkManager, providing detailed interface configuration. It is useful on systems using NetworkManager but is not universally available or applicable for all Linux distributions, especially servers that do not run NetworkManager.

D) netstat -i: netstat -i displays interface statistics, such as packet counts and errors. It provides network metrics but does not show detailed IP configurations. It is primarily a monitoring tool rather than a configuration utility.

ip addr show is correct because it provides detailed, real-time information about network interfaces and IP addresses. ifconfig is deprecated, nmcli is specific to NetworkManager-managed interfaces, and netstat -i shows statistics only. Mastery of ip addr show allows Linux administrators to configure, troubleshoot, and maintain network connectivity, ensuring system and application availability in enterprise environments.

Question 174

Which command is used to search for files based on their name, type, or other attributes in Linux?

A) find
B) locate
C) grep
D) which

Answer A) find

Explanation

A) find: find searches for files and directories based on criteria such as name, type, size, modification time, or permissions. For example, find /home -name “*.log” locates all log files in /home. Administrators use find to locate files for troubleshooting, backups, or maintenance tasks. Mastery of find involves understanding expressions, operators, and predicates to perform complex searches efficiently. It is highly versatile, supporting recursive searches, execution of commands on matching files, and integration with scripts. find is crucial for system management, enabling administrators to quickly locate files, automate cleanup tasks, and enforce security policies.

B) locate: locate uses a pre-built database to search for files by name. While faster than find, it may not reflect real-time filesystem changes. It is suitable for quick searches but lacks the fine-grained search capabilities of find.

C) grep: grep searches for text patterns within files. It is powerful for content-based searches but does not locate files by name or attributes. It complements find for combined file and content searches.

D) which: which identifies the path of executables in the PATH environment variable. It is limited to command resolution and cannot search general files.

find is correct because it can search for files based on various attributes in real time. locate is fast but relies on a database, grep searches content, and which finds executables. Mastery of find enables Linux administrators to locate files, troubleshoot issues, automate maintenance, and ensure proper file management across complex filesystems. It is an indispensable tool for system administration, scripting, and security auditing.

Question 175

Which command is used to monitor real-time disk I/O statistics in Linux?

A) iostat -x 1
B) df -h
C) du -sh
D) lsblk

Answer A) iostat -x 1

Explanation

A) iostat -x 1: iostat reports detailed I/O statistics for disks, including throughput, utilization, and latency. The -x flag provides extended statistics, and 1 refreshes output every second. Administrators use iostat -x 1 to monitor disk performance in real time, identify bottlenecks, and optimize storage I/O for critical applications. Mastery of iostat involves understanding metrics such as tps (transactions per second), await (average wait time), and %util (disk utilization percentage). Proper interpretation allows administrators to detect underperforming disks, tune I/O-intensive applications, and plan capacity upgrades. iostat is particularly valuable for database servers, virtualization hosts, and high-traffic storage systems. Real-time monitoring with iostat helps prevent performance degradation, optimize throughput, and maintain system responsiveness.

B) df -h: df -h shows disk usage per filesystem but does not provide real-time I/O statistics. It is more suitable for monitoring storage capacity than performance.

C) du -sh: du -sh provides a summary of directory sizes in human-readable format. It does not provide performance metrics or I/O monitoring.

D) lsblk: lsblk shows block devices and their partitions but does not monitor real-time I/O statistics. It is primarily used for structural visualization of storage devices.

iostat -x 1 is correct because it provides real-time, extended disk I/O metrics. df -h reports capacity, du -sh reports directory sizes, and lsblk displays block device structure. Mastery of iostat -x 1 allows Linux administrators to monitor, diagnose, and optimize disk performance, ensuring high throughput and system reliability, particularly in environments with heavy storage I/O demands. It is an essential tool for performance tuning, troubleshooting, and planning storage infrastructure.

Question 176

Which command is used to display all open files and the processes using them in Linux?

A) lsof
B) fuser
C) stat
D) strace

Answer A) lsof

Explanation

A) lsof: lsof (list open files) displays information about all files currently opened by processes, including regular files, directories, sockets, and pipes. For example, lsof /var/log/syslog lists all processes that have that log file open. Administrators use lsof to identify file locks, troubleshoot resource contention, and manage system resources. Mastery of lsof involves understanding its output fields, such as PID, user, file descriptor, type, and device. lsof is essential for diagnosing performance issues, detecting processes preventing file unmounts, and auditing system activity. It can also be used in combination with other commands or scripts to automate resource monitoring, enforce file usage policies, and enhance security auditing by identifying suspicious processes accessing critical files.

B) fuser: fuser shows which processes are using a specified file or filesystem. It is focused on a single target rather than all open files system-wide. While useful for terminating processes blocking a file or unmount, it is less comprehensive than lsof.

C) stat: stat displays detailed metadata about a single file, such as permissions, ownership, and timestamps. It does not display which processes are using the file.

D) strace: strace traces system calls and signals for a specific process. While it can reveal file usage by a process, it is used for debugging rather than general monitoring of all open files.

lsof is correct because it provides a comprehensive list of all open files and associated processes. fuser targets specific files, stat provides metadata only, and strace traces system calls. Mastery of lsof allows Linux administrators to monitor file usage, resolve locking issues, troubleshoot performance bottlenecks, and maintain system security and stability, especially in multi-user or high-transaction environments.

Question 177

Which command is used to view the routing table and network path in Linux?

A) route
B) ip route show
C) traceroute
D) netstat -r

Answer B) ip route show

Explanation

A) route: route displays the network routing table, showing destination networks, gateways, and interfaces. While functional, route is considered legacy and is being replaced by the ip command suite. It provides basic routing information but lacks modern features and formatting available in ip commands.

B) ip route show: ip route show displays the current routing table in a detailed and structured manner. It is part of the ip suite, which is the modern standard for Linux network management. Administrators use ip route show to verify routing configurations, troubleshoot connectivity issues, and analyze network paths for efficiency and security. Mastery of ip route show includes understanding default routes, network prefixes, gateway addresses, interface metrics, and route priorities. It is critical for ensuring proper packet delivery, diagnosing misconfigured routes, and supporting complex network topologies in enterprise environments. This command also integrates with scripting and automation tools, allowing real-time monitoring of routing changes and proactive resolution of network issues.

C) traceroute: traceroute displays the path packets take to reach a specific destination, including intermediate hops and latency. It is diagnostic for path analysis but does not show the complete routing table or configuration.

D) netstat -r: netstat -r displays the routing table similar to route but is also considered legacy. It provides routing information but lacks some advanced features and modern syntax compared to ip route show.

ip route show is correct because it displays the routing table in a modern, structured, and detailed way. route and netstat -r are legacy tools, and traceroute is for path diagnostics. Mastery of ip route show allows Linux administrators to monitor and manage routing effectively, troubleshoot connectivity issues, and maintain network stability in enterprise environments.

Question 178

Which command is used to set or display SELinux mode in Linux?

A) getenforce
B) setenforce
C) sestatus
D) semanage

Answer B) setenforce

Explanation

A) getenforce: getenforce displays the current SELinux mode, such as Enforcing, Permissive, or Disabled. It provides informational output but does not change the mode. Administrators use it to verify the current operational state of SELinux before applying changes or troubleshooting security-related issues.

B) setenforce: setenforce changes the SELinux mode temporarily without rebooting. For example, setenforce 0 switches SELinux to Permissive mode, while setenforce 1 sets it to Enforcing. Administrators use setenforce to adjust SELinux behavior dynamically, for testing, troubleshooting, or temporarily relaxing security policies. Mastery of setenforce includes understanding the difference between temporary runtime changes and permanent configuration in /etc/selinux/config. Proper use of setenforce ensures security policies can be tested or adjusted without compromising system integrity, allowing administrators to maintain compliance and minimize disruption.

C) sestatus: sestatus provides detailed information about the SELinux configuration, including mode, policy type, and booleans. It is diagnostic and informational, not used to change the mode.

D) semanage: semanage is used to manage SELinux policy settings, such as port labels, user mappings, and file contexts. It does not change the global enforcement mode directly.

setenforce is correct because it changes the SELinux mode at runtime. getenforce displays the mode, sestatus shows detailed configuration, and semanage manages policies. Mastery of setenforce allows Linux administrators to control SELinux enforcement dynamically, test policies, and maintain system security while adjusting to operational requirements without rebooting.

Question 179

Which command is used to compress files using gzip in Linux?

A) gzip file.txt
B) tar -czf archive.tar.gz file.txt
C) bzip2 file.txt
D) zip file.zip file.txt

Answer A) gzip file.txt

Explanation

A) gzip file.txt: gzip compresses a file using the DEFLATE algorithm, reducing its size while replacing the original file with a .gz file. For example, gzip file.txt creates file.txt.gz. Administrators use gzip to save storage space, prepare files for transfer, and manage archives efficiently. Mastery of gzip includes understanding compression levels, handling multiple files with wildcard patterns, and combining gzip with other tools like tar for multi-file compression. Proper use of gzip optimizes storage, reduces network transfer time, and supports backup and archival strategies. gzip is fast, widely supported, and compatible across Linux distributions, making it a standard tool for file compression.

B) tar -czf archive.tar.gz file.txt: tar with -czf combines archiving and gzip compression. While it uses gzip internally, tar handles multiple files as a single archive. It is not strictly a gzip command, but a combination of archiving and compression.

C) bzip2 file.txt: bzip2 compresses a file using the Burrows-Wheeler algorithm. It achieves higher compression ratios than gzip but is slower. It is an alternative, not the standard gzip command.

D) zip file.zip file.txt: zip compresses files into a .zip archive. It is widely used but follows a different format and algorithm from gzip. It is more common in cross-platform scenarios.

gzip file.txt is correct because it directly compresses files using the gzip algorithm. tar -czf archives files with gzip, bzip2 uses a different compression, and zip creates zip archives. Mastery of gzip allows Linux administrators to efficiently reduce file size, optimize storage, and streamline file transfer, making it an essential tool for system management and automation.

Question 180

Which command is used to change a user’s password in Linux?

A) passwd
B) chpasswd
C) usermod -p
D) su

Answer A) passwd

Explanation

A) passwd: passwd changes a user’s password interactively. For example, passwd username prompts for the new password and updates the system securely. Administrators use passwd to enforce password policies, manage access, and ensure account security. Mastery of passwd involves understanding password aging, complexity requirements, and account locking. Proper use of passwd ensures compliance with organizational security standards and prevents unauthorized access. passwd updates the system securely, interacts with PAM modules, and integrates with authentication mechanisms, ensuring consistent password enforcement.

B) chpasswd: chpasswd allows batch updating of passwords from a file. It is useful for mass password changes but not interactive for single-user updates.

C) usermod -p: usermod -p sets the password hash directly. It is rarely used interactively because it requires pre-hashed passwords and can bypass security mechanisms.

D) su: su switches to another user account. While it may require a password, it does not change passwords.

passwd is correct because it securely changes a user’s password interactively. chpasswd updates in batch, usermod -p sets hashes directly, and su switches users. Mastery of passwd allows Linux administrators to maintain account security, enforce policies, and manage user access effectively across systems.