CompTIA XK0-005 Online Practice Questions and Exam Preparation

CompTIA XK0-005 Online Questions & Answers

• Question 361:

  A systems administrator detected corruption in the /data filesystem. Given the following output:

  

  Which of the following commands can the administrator use to best address this issue?

  A. umount /data mkfs . xfs /dev/sclcl mount /data
  B. umount /data xfs repair /dev/ sdcl mount /data
  C. umount /data fsck /dev/ sdcl mount / data
  D. umount /data pvs /dev/sdcl mount /data
  B. umount /data xfs repair /dev/ sdcl mount /data

  ---

  Explanation

  The xfs repair command is used to check and repair an XFS filesystem, which is the type of filesystem used for the /data partition, as shown in the output. The administrator needs to unmount the /data partition before running the xfs repair command on it, and then mount it back after the repair is done. For example: umount /data; xfs_repair /dev/sdcl; mount /data. The mkfs.xfs command is used to create a new XFS filesystem, which would erase all the data on the partition. The fsck command is used to check and repair other types of filesystems, such as ext4, but not XFS. The pvs command is used to display information about physical volumes in a logical volume manager (LVM) setup, which is not relevant for this issue.

• Question 362:

  Following the migration from a disaster recovery site, a systems administrator wants a server to require a user to change credentials at initial login. Which of the following commands should be used to ensure the aging attribute?

  A. chage -d 2 user
  B. chage -d 0 user
  C. chage -E 0 user
  D. chage -d 1 user
  B. chage -d 0 user

  ---

  Explanation

  The chage command can be used to change the user password expiry information. The -d or --lastday option sets the last password change date. If the value is 0, the user will be forced to change the password at the next login. See chage command in Linux with examples and 10 chage command examples in Linux.

• Question 363:

  A Linux administrator discovers that a configured schedule is not running properly and needs to re-create the schedule. The task should run every Monday at 13:30 but only during the months of February, May, August, and November. Which of the following options should the administrator use?

  A. OnCalendar=Mon *-2,5,8,11 13:30:00
  B. OnCalendar=Mon *-Feb,*-May,*-Aug,*-Nov 13:30:00
  C. OnCalendar=*-2,5,8,11 Mon 13:30:00
  D. OnCalendar=Mon *-Feb *-May *-Aug *-Nov 13:30:00
  C. OnCalendar=*-2,5,8,11 Mon 13:30:00

  ---

  Explanation

• Question 364:

  Which of the following data structures is written in JSON?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  C. Option C

  ---

  Explanation

  Option C is the only data structure that is written in JSON format. JSON stands for JavaScript Object Notation, and it is a lightweight and human-readable data interchange format. JSON uses curly braces to enclose objects, which consist of key-value pairs separated by commas. JSON uses square brackets to enclose arrays, which consist of values separated by commas. JSON supports six data types: strings, numbers, booleans, null, objects, and arrays. Option C follows these rules and syntax of JSON, while the other options do not. Option A is written in XML format, which uses tags to enclose elements and attributes. Option B is written in YAML format, which uses indentation and colons to define key-value pairs. Option D is written in INI format, which uses sections and equal signs to define key-value pairs.

  References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 21: Automating Tasks with Ansible, page 591.

• Question 365:

  A junior Linux administrator is tasked with installing an application. The installation guide states the application should only be installed in a run level 5 environment.

  

  Which of the following commands would ensure the server is set to runlevel 5?

  A. systemct1 isolate multi-user.target
  B. systemct1 isolate graphical.target
  C. systemct1 isolate network.target
  D. systemct1 isolate basic.target
  B. systemct1 isolate graphical.target

  ---

  Explanation

  The command that would ensure the server is set to runlevel 5 is systemct1 isolate graphical.target. This command will change the current target (or runlevel) of systemd to graphical.target, which is equivalent to runlevel 5 in SysV init systems. Graphical.target means that the system will start with a graphical user interface (GUI) and all services required for it. The other options are not correct commands for setting the server to runlevel 5. The systemct1 isolate multiuser.target command will change the current target to multi- user.target, which is equivalent to runlevel 3 in SysV init systems. Multi- user.target means that the system will start with multiple user logins and networking, but without a GUI. The systemct1 isolate network.target command will change the current target to network.target, which is not a real runlevel but a synchronization point for network-related services. Network.target means that network functionality should be available, but does not specify whether it should be started before or after it. The systemct1 isolate basic.target command will change the current target to basic.target, which is also not a real runlevel but a synchronization point for basic system services. Basic.target means that all essential services should be started, but does not specify whether it should be started before or after it.

  References: systemd System and Service Manager; systemd.special(7) - Linux manual page

• Question 366:

  A Linux engineer finds multiple failed login entries in the security log file for application users. The Linux engineer performs a security audit and discovers a security issue. Given the following:

  # grep -iE '*www*|db' /etc/passwd

  www-data:x:502:502:www-data:/var/www:/bin/bash

  db:x: 505:505:db: /opt/db:/bin/bash

  Which of the following commands would resolve the security issue?

  A. usermod -d /srv/www-data www-data andand usermod -d /var/lib/db db
  B. passwd -u www-data andand passwd -u db
  C. renice -n 1002 -u 502 andand renice -n 1005 -u 505
  D. chsh -s /bin/false www-data andand chsh -s /bin/false db
  D. chsh -s /bin/false www-data andand chsh -s /bin/false db

  ---

  Explanation

  This command will use the chsh tool to change the login shell of the users www-data and db to /bin/false, which means they will not be able to log in to the system1. This will prevent unauthorized access attempts and improve security.

  References: 1: Replacing /bin/bash with /bin/false in /etc/passwd file

• Question 367:

  A developer is unable to access a Linux server via SSH. Given the following output:

  SSH server configuration (/etc/ssh/sshd_config):

  PermitRootLogin no

  PubkeyAuthentication yes

  PasswordAuthentication yes

  GSSAPIAuthentication yes

  X11Forwarding no

  User Information (/etc/passwd):

  developer:x:1000:1000:comptia:/home/developer:/bin/bash

  User Shadow File (/etc/shadow):

  developer:!!::0:99999:7:::

  Which of the following explains why the developer is unable to log in to the server?

  A. The developer's private key has been deleted from the server.
  B. The developer's account has been locked out.
  C. The developer's public key is in the wrong location.
  D. SSH has been disabled for user log-in.
  B. The developer's account has been locked out.

  ---

  Explanation

  The reason the developer cannot log in is because their account is locked. This is indicated by the "!!" in the /etc/shadow file: developer:!!::0:99999:7:::

  The "!!" in the password field means the account is locked, and the user cannot authenticate using a password.

  To unlock the account, the administrator must reset the password:

  passwd developer

  OR, if SSH key authentication is used, the administrator can remove the lock without setting a password: usermod -U developer

  References:CompTIA Linux+ Official Documentation

• Question 368:

  Developers have requested implementation of a persistent, static route on the application server. Packets sent over the interface eth0 to 10.0.213.5/32 should be routed via 10.0.5.1. Which of the following commands should the administrator run to achieve this goal?

  A. route -i etho -p add 10.0.213.5 10.0.5.1
  B. route modify eth0 +ipv4.routes "10.0.213.5/32 10.0.5.1"
  C. echo "10.0.213.5 10.0.5.1 eth0" > /proc/net/route
  D. ip route add 10.0.213.5/32 via 10.0.5.1 dev eth0
  D. ip route add 10.0.213.5/32 via 10.0.5.1 dev eth0

  ---

  Explanation

  The command ip route add 10.0.213.5/32 via 10.0.5.1 dev eth0 adds a static route to the routing table that sends packets destined for 10.0.213.5/32 (a single host) through the gateway 10.0.5.1 on the interface eth0. This is the correct way to achieve the goal. The other options are incorrect because they either use the wrong syntax (route -i etho -p add), the wrong command (route modify), or the wrong file (/proc/net/route).

  References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 12: Managing Network Connections, page 379.

• Question 369:

  A Linux administrator needs to expose port 9000 for a container to listen during runtime. The Linux administrator creates a Dockerfile with the following entries:

  sql

  FROM node:9-alpine

  WORKDIR /usr/src/app

  COPY package.json ./

  RUN npm install

  COPY . . EXPOSE 9000

  CMD ["npm", "start"]

  Which of the following commands should the administrator use to accomplish this task? (Select two).

  A. docker build -t Test-Container
  B. docker tag Test-Container
  C. docker inspect Test-Container
  D. docker run -p 5000:80 Test-Container
  E. docker push Test-Container
  F. docker run -p 80:9000 Test-Container
  A. docker build -t Test-Container
  F. docker run -p 80:9000 Test-Container

  ---

  Explanation

  First, the administrator should build the container image using the command docker build -t Test-Container, which creates a Docker image with the specified configuration. To run the container and expose port 9000, the correct command is docker run -p 80:9000 Test-Container, which maps the container's port 9000 to port 80 on the host machine, making the service accessible externally on port 80.

• Question 370:

  The applications team is reporting issues when trying to access the web service hosted in a Linux system. The Linux systems administrator is reviewing the following outputs: Output 1:

  * httpd.service = The Apache HTTPD Server

  Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)

  Active: inactive (dead)

  Docs: man:httpd(8) man:apachectl(8)

  Output 2:

  16:51:16

  up 28 min, 1 user, load average: 0.00, 0.00, 0.07

  Which of the following statements best describe the root cause? (Select two).

  A. The httpd service is currently started.
  B. The httpd service is enabled to auto start at boot time, but it failed to start.
  C. The httpd service was manually stopped.
  D. The httpd service is not enabled to auto start at boot time.
  E. The httpd service runs without problems.
  F. The httpd service did not start during the last server reboot.
  C. The httpd service was manually stopped.
  D. The httpd service is not enabled to auto start at boot time.

  ---

  Explanation

  The httpd.service is the Apache HTTPD Server, which is a web service that runs on Linux systems. The output 1 shows that the httpd.service is inactive (dead), which means that it is not running. The output 1 also shows that the httpd.service is disabled, which means that it is not enabled to auto start at boot time. Therefore, the statements C and D best describe the root cause of the issue. The statements A, B, E, and F are incorrect because they do not match the output 1.

  References: [How to Manage Systemd Services on a Linux System]