• Home
• CompTIA Exams
• XK0-005 - CompTIA Linux+

XK0-005 CompTIA Practice Test Questions and Exam Dumps

Question No 1:

An administrator accidentally deleted the /boot/vmlinuz file and must resolve the issue before the server is rebooted. Which of the following commands should the administrator use to identify the correct version of this file?

A. rpm -qa | grep kernel; uname -a
B. yum -y update; shutdown -r now
C. cat /etc/centos-release; rpm -Uvh --nodeps
D. telinit 1; restorecon -Rv /boot

Correct answer: A

Explanation:

The /boot/vmlinuz file is a critical kernel image file, and it is needed to successfully boot the system. If this file is deleted, it is essential to identify the correct version of the kernel and restore the missing file. The administrator will need to find out the installed kernel version to take the necessary corrective steps, which could include reinstalling the kernel package.

Let’s break down the options:

A. rpm -qa | grep kernel; uname -a:
This is the correct answer.

rpm -qa | grep kernel lists all the installed kernel packages on the system. The rpm -qa command queries all installed packages, and the grep kernel filter will show the specific kernel versions that are installed.

uname -a provides information about the currently running kernel version, which can help to confirm which version of the kernel the system is using.
By using these two commands, the administrator can identify the correct version of the kernel and restore the appropriate kernel image file (/boot/vmlinuz).

B. yum -y update; shutdown -r now:
This command will update the system with yum and then reboot the server. However, this option does not directly help in identifying the correct version of the missing /boot/vmlinuz file. It could help to reinstall or update the kernel, but it doesn't provide the immediate necessary information to identify the correct kernel version before rebooting. Therefore, this is not the best choice.

C. cat /etc/centos-release; rpm -Uvh --nodeps:

cat /etc/centos-release will provide information about the CentOS version, but it does not directly help in identifying the correct kernel version.

rpm -Uvh --nodeps is used to install a package without checking for dependencies, which is not recommended as a first step in solving the issue. This command might also cause issues if packages are not properly installed or updated in the right sequence. Hence, this is not an ideal solution.

D. telinit 1; restorecon -Rv /boot:

telinit 1 changes the runlevel to single-user mode, which is not necessary to resolve the issue of the missing /boot/vmlinuz file.

restorecon -Rv /boot restores security context labels for files in the /boot directory (relevant for SELinux policies), but it won’t recover the deleted kernel image. This is not directly related to identifying or resolving the missing /boot/vmlinuz file.

Conclusion: The most appropriate action is to identify the installed kernel versions using rpm -qa | grep kernel and verify the current kernel with uname -a, as these commands will provide the necessary information to recover the correct kernel image.

Question No 2:

A cloud engineer needs to change the secure remote login port from 22 to 49000. Which of the following files should the engineer modify to change the port number to the desired value?

A. /etc/host.conf
B. /etc/hostname
C. /etc/services
D. /etc/ssh/sshd_config

Correct answer: D

Explanation:

When configuring SSH (Secure Shell) for remote login on Linux or UNIX-based systems, the default port for SSH connections is port 22. If a cloud engineer wants to change the secure remote login port to a custom port like 49000, the engineer needs to modify the configuration file related to SSH itself. Let’s examine each of the options:

Option A: /etc/host.conf
The /etc/host.conf file is used to configure hostname resolution behavior on a system, including settings like hostname lookup order and DNS resolution. This file does not deal with SSH settings or ports. Thus, it is not related to changing the SSH port.

Option B: /etc/hostname
The /etc/hostname file stores the system’s hostname, which is the name that identifies the machine on a network. It does not contain settings related to remote login or SSH. Changing this file would not impact the port configuration for SSH, so it is not the correct choice.

Option C: /etc/services
The /etc/services file is used to map service names to port numbers for various protocols (e.g., HTTP to port 80, FTP to port 21). While this file provides information about port assignments, it does not configure services like SSH. The system uses this file for informational purposes, but SSH itself is configured in a different file. Therefore, modifying /etc/services does not change the actual port that SSH listens on.

Option D: /etc/ssh/sshd_config
The /etc/ssh/sshd_config file is the configuration file for the SSH daemon (the service that handles SSH connections). This file contains various settings for the SSH service, including the port number on which SSH listens for incoming connections. To change the default port from 22 to 49000, the engineer should modify this file. The specific setting that needs to be modified is the Port directive. For example, the line would look like this:

After making this change, the engineer would need to restart the SSH service for the change to take effect. Therefore, /etc/ssh/sshd_config is the correct file to modify.

In conclusion, the correct file to modify to change the SSH port is /etc/ssh/sshd_config, making the correct answer D.

Question No 3:

A new file was added to a main Git repository. An administrator wants to synchronize a local copy with the contents of the main repository. Which of the following commands should the administrator use for this task?

A. git reflog
B. git pull
C. git status
D. git push

Correct Answer: B

Explanation:

When the administrator wants to synchronize a local copy of a Git repository with the contents of the main repository, the correct command is git pull. Here's why:

B. git pull:

• git pull is used to fetch changes from the remote repository (in this case, the main repository) and automatically merge those changes into the local working directory.

• It essentially combines two Git operations: git fetch (which retrieves the latest changes from the remote repository) and git merge (which integrates those changes into the local branch).

• Since a new file has been added to the main repository, git pull will synchronize the local repository with the latest changes, including the new file, from the main repository.

Other Options:

• A. git reflog:

git reflog is used to show the history of reference logs (i.e., the history of changes to the local branch references). It helps in recovering lost commits or finding changes that were recently discarded, but it is not used for synchronizing repositories.

• C. git status:

git status shows the current status of the local repository, including untracked, modified, and staged files. It does not synchronize the local repository with a remote repository; it only shows the state of the working directory and staging area.

• D. git push:

git push is used to send changes from the local repository to the remote repository, not the other way around. Since the administrator wants to sync with the main repository, not push changes to it, git push is not the right choice.

To synchronize the local repository with the latest content from the main repository, including any newly added files, the administrator should use git pull. Therefore, the correct answer is B.

Question No 4:

A Linux administrator needs to redirect all HTTP traffic temporarily to the new proxy server 192.0.2.25 on port 3128. Which of the following commands will accomplish this task?

A. iptables -t nat -D PREROUTING -p tcp --sport 80 -j DNAT --to-destination 192.0.2.25:3128
B. iptables -t nat -A PREROUTING -p tcp --dport 81 -j DNAT --to-destination 192.0.2.25:3129
C. iptables -t nat -I PREROUTING -p tcp --sport 80 -j DNAT --to-destination 192.0.2.25:3129
D. iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.0.2.25:3128

Correct Answer: D

Explanation:

To redirect HTTP traffic (which uses port 80) to a new proxy server (IP address 192.0.2.25 on port 3128), the iptables command with the DNAT (Destination NAT) target is used to change the destination address of incoming traffic. Specifically, the PREROUTING chain in the nat table is used to modify the destination address for incoming packets before they reach the system's routing decisions.

Analyzing the options:

A. iptables -t nat -D PREROUTING -p tcp --sport 80 -j DNAT --to-destination 192.0.2.25:3128

This option uses the -D flag, which is for deleting a rule from the PREROUTING chain. However, we are trying to add a new rule to redirect traffic, not delete an existing one. So, this is incorrect for our goal.

B. iptables -t nat -A PREROUTING -p tcp --dport 81 -j DNAT --to-destination 192.0.2.25:3129

This command is setting up redirection for port 81, not port 80 (HTTP traffic). Since we want to redirect HTTP traffic (port 80), this is incorrect.

C. iptables -t nat -I PREROUTING -p tcp --sport 80 -j DNAT --to-destination 192.0.2.25:3129

This option is using --sport 80, which refers to the source port of the packets. For HTTP traffic, the destination port (80) is what we need to target for redirection, not the source port. Additionally, this command is redirecting traffic to port 3129, not port 3128 as required. Therefore, this is incorrect.

D. iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.0.2.25:3128

This is the correct command. It adds a rule in the PREROUTING chain of the nat table to redirect TCP traffic destined for port 80 (HTTP) to the new proxy server at 192.0.2.25 on port 3128. The -A flag appends this rule to the chain, and --dport 80 specifies that we are targeting HTTP traffic.

The correct command to redirect all HTTP traffic to the new proxy server at 192.0.2.25 on port 3128 is D.

Question No 5:

Developers have requested implementation of a persistent, static route on the application server. Packets sent over the interface eth0 to 10.0.213.5/32 should be routed via 10.0.5.1. 

Which of the following commands should the administrator run to achieve this goal?

A. route -i eth0 -p add 10.0.213.5 10.0.5.1
B. route modify eth0 +ipv4.routes "10.0.213.5/32 10.0.5.1"
C. echo "10.0.213.5 10.0.5.1 eth0" > /proc/net/route
D. ip route add 10.0.213.5/32 via 10.0.5.1 dev eth0

Correct Answer: D

Explanation:

To add a static route on a Linux-based system, the most appropriate and modern command is to use ip route. The correct command to add a persistent, static route is:

ip route add 10.0.213.5/32 via 10.0.5.1 dev eth0

This command specifies that any traffic destined for 10.0.213.5/32 should be routed via 10.0.5.1 on interface eth0. Here's a breakdown of the command:

• ip route add: Adds a new route.

• 10.0.213.5/32: Defines the destination network and subnet (in this case, a single host).

• via 10.0.5.1: Specifies the next-hop gateway.

• dev eth0: Specifies the network interface used for routing the traffic.

Now, let's review the other options:

Option A (route -i eth0 -p add 10.0.213.5 10.0.5.1): This command is incorrectly formatted and uses the route command, which is older and not typically used for adding persistent routes anymore. The -i flag is not a valid option for the route command, and the -p option is used in Windows for persistent routes, not in Linux.

Option B (route modify eth0 +ipv4.routes "10.0.213.5/32 10.0.5.1"): This command is also incorrect. The route command does not support this syntax in Linux. Additionally, this is not a standard method for adding or modifying routes.

Option C (echo "10.0.213.5 10.0.5.1 eth0" > /proc/net/route): This approach is incorrect and potentially dangerous. While it may seem like it could add a route by directly writing to the /proc/net/route file, this method is not a recommended or reliable way to configure routing in modern Linux systems. It can cause issues and is not persistent across reboots.

Therefore, the correct answer is D, which uses the ip route command to properly configure the static route in a modern and reliable way. If persistence is required across reboots, the route should be added to the appropriate network configuration file (e.g., /etc/network/interfaces or /etc/netplan/ depending on the Linux distribution).

Question No 6:

Which of the following commands should replace the <CONDITIONAL> string to verify whether a file exists?

A. if [ -f "$filename" ]; then
B. if [ -d "$filename" ]; then
C. if [ -f "$filename" ] then
D. if [ -f "$filename" ]; while

Correct Answer: A

Explanation:

When verifying if a file exists in a script, particularly in Unix-based systems (such as Linux or macOS), the conditional expression used is based on certain test operators. These operators are evaluated inside square brackets ([ ]). Let's go through each of the options:

Option A: if [ -f "$filename" ]; then

This is the correct choice. The -f operator checks if the given file exists and is a regular file (not a directory, symbolic link, etc.). This is exactly what is needed when the goal is to check if a file exists. The correct syntax for this command is:

This syntax ensures that if the file specified by $filename exists as a regular file, the script will enter the then block.

Option B: if [ -d "$filename" ]; then

This option uses the -d test operator, which checks whether the specified path is a directory. Since the question is asking about verifying whether a file exists (not a directory), this option is not correct. If you wanted to check for a directory instead of a file, then -d would be appropriate. Therefore, B is incorrect.

Option C: if [ -f "$filename" ] then

This option is incorrect because the syntax is missing the semicolon (;) or the newline after the ] before the then statement. The correct syntax requires a semicolon to separate the condition and the then clause, or a newline (though a semicolon is more commonly used in single-line scripts). For example:

Thus, C is syntactically incorrect due to the missing semicolon.

Option D: if [ -f "$filename" ]; while

This option is incorrect because it introduces the while statement unnecessarily. A while loop is not needed here for verifying whether the file exists. The correct approach is to use the if statement to conditionally execute code based on whether the file exists, not to use while. Therefore, D is incorrect.

In conclusion, the correct command to verify whether a file exists is:

A. if [ -f "$filename" ]; then

Question No 7:

Which technology is the systems administrator using to deploy three identical, cloud-based servers based on the code provided?

A. Ansible
B. Puppet
C. Chef
D. Terraform

Correct Answer: D

Explanation:

To identify the technology used by the administrator to deploy cloud-based servers, let's examine the nature of each tool mentioned:

Option A: Ansible
Ansible is an open-source automation tool primarily used for configuration management and application deployment. It uses YAML-based playbooks to define automation tasks. While Ansible is often used for server provisioning, the specific scenario of deploying cloud-based servers in an automated fashion typically involves infrastructure as code, which is more aligned with Terraform. Therefore, A is not the best option for this specific task.

Option B: Puppet
Puppet is another configuration management tool that automates the setup, maintenance, and management of servers. It uses Puppet code (DSL) to describe how systems should be configured. Although it can be used for cloud automation, it is primarily focused on system configuration rather than cloud infrastructure provisioning. Thus, B is not the most likely answer for deploying cloud infrastructure directly.

Option C: Chef
Chef is similar to Puppet and Ansible in that it is a configuration management tool, and it uses Chef recipes to define how systems should be configured. While Chef can interact with cloud environments, like Puppet, it focuses more on managing configurations after servers are provisioned rather than the provisioning itself. Therefore, C is incorrect in this case.

Option D: Terraform
Terraform is an infrastructure-as-code (IaC) tool used to provision and manage cloud infrastructure. It uses HCL (HashiCorp Configuration Language) to define infrastructure resources and automate the creation and management of cloud environments, such as provisioning cloud-based servers. Terraform is highly suited for deploying identical cloud-based servers because it ensures consistent and repeatable deployments by defining resources declaratively. Terraform can directly provision resources in various cloud providers, including AWS, Azure, and Google Cloud, making it the correct tool for this task.

Given that the task is to deploy identical, cloud-based servers, and considering the capabilities of the tools mentioned, Terraform is the most appropriate tool, as it is designed specifically for cloud infrastructure provisioning.

Question No 8:

Which of the following technologies can be used as a central repository of Linux users and groups?

A. LDAP
B. MFA
C. SSO
D. PAM

Answer: A

Explanation:

The correct answer is LDAP (Lightweight Directory Access Protocol). LDAP is a protocol used to access and maintain distributed directory information services, which often serve as a central repository for storing user information, including Linux users and groups. LDAP directories can store a variety of information about users and groups, making it an ideal solution for managing authentication and authorization across multiple systems in a centralized manner. It’s commonly used in environments where managing a large number of users and groups across multiple systems is necessary, and it allows for consistent user management and authentication.

Now, let’s explore why the other options are incorrect:

Option B – MFA (Multi-factor Authentication):
MFA is a security mechanism used to add an additional layer of protection by requiring users to provide multiple forms of authentication (e.g., a password and a biometric scan or a one-time passcode). While MFA is an important technology for securing user accounts, it is not used as a central repository for Linux users and groups. Instead, it is used to enhance authentication security once users are identified.

Option C – SSO (Single Sign-On):
SSO is a mechanism that allows users to authenticate once and gain access to multiple systems without needing to log in again for each one. While SSO simplifies user access and is often integrated with identity management systems, it does not function as a central repository for Linux users and groups. Instead, SSO relies on external directory services (like LDAP or Active Directory) to manage user information.

Option D – PAM (Pluggable Authentication Modules):
PAM is a framework used to integrate different authentication mechanisms into Linux systems. It provides a way to manage authentication policies for various services (e.g., login, SSH, sudo). However, PAM itself does not serve as a central repository for users and groups. It interacts with various databases, including LDAP or local system files (such as /etc/passwd), to manage user authentication, but it is not responsible for storing user information.

In conclusion, LDAP (Option A) is the correct technology for managing a central repository of Linux users and groups, enabling centralized authentication and user management across multiple Linux systems.

Question No 9:

A systems administrator is troubleshooting connectivity issues and trying to find out why a Linux server is not able to reach other servers on the same subnet it is connected to. When listing link parameters, the following is presented:

Based on the output above, which of following is the MOST probable cause of the issue?

A. The address ac:00:11:22:33:cd is not a valid Ethernet address.
B. The Ethernet broadcast address should be ac:00:11:22:33:ff instead.
C. The network interface eth0 is using an old kernel module.
D. The network interface cable is not connected to a switch.

Correct answer: D

Explanation:

To troubleshoot connectivity issues in a Linux server, especially in cases where the server cannot reach other servers on the same subnet, it’s essential to verify physical and network settings. Based on the given choices, here’s why D is the most probable cause of the issue:

1. The network interface cable is not connected to a switch (D):

If the network interface cable is not properly connected to a switch, it will prevent the server from communicating with other devices on the network, even if the server’s IP configuration is correct. This would result in the server being unable to reach other servers on the same subnet, as there would be no physical network connectivity. The fact that no other server can be reached strongly suggests that the physical connection itself is the issue. This is the most likely cause of the problem.

2. The address ac:00:11:22:33:cd is not a valid Ethernet address (A):

This choice suggests an issue with the MAC address. However, ac:00:11:22:33:cd is a valid MAC address format, as MAC addresses are 6 bytes long, and this address fits the required pattern. There is no inherent issue with this address, so this is not the cause of the problem.

3. The Ethernet broadcast address should be ac:00:11:22:33:ff instead (B):

The broadcast address is typically the last address in the range of an IP subnet and is used for communication with all devices on the subnet. However, this is not directly related to the issue of reaching other servers on the same subnet. The broadcast address of the subnet is typically used for broadcasting packets, but it’s not essential for direct communication between servers. The MAC address at the network interface level is unrelated to the broadcast address specified here. Thus, this is not the probable cause.

4. The network interface eth0 is using an old kernel module (C):

While it is possible for an outdated or incompatible kernel module to cause networking issues, this would typically result in more severe connectivity problems, such as complete failure of the network interface to function, rather than the scenario where the server simply cannot reach other servers on the same subnet. It is less likely to be the root cause compared to a physical connection problem, as an old kernel module would usually result in the interface being down or completely non-functional, which is not the issue described here.

In conclusion, the most probable cause of the issue, given the symptoms and the provided options, is D: The network interface cable is not connected to a switch, meaning there is likely no physical connectivity, preventing the server from reaching other servers on the same subnet.