Practice Free XK0-005 Exam Online Questions
Question #81
A Linux administrator is configuring network traffic forwarding. Despite having proper iptables rules, the traffic forwarding is not working.
Which of the following commands will allow Linux to pass network traffic between different interfaces?
- A . nmcli allow-forwarding eth0
- B . echo ‘net.ipv4.ip_forward=1’ >> /etc/sysctl.conf; sysctl -p
- C . ip route forward allow –all-interfaces; systemctl restart network
- D . modprobe ip_forward
Correct Answer: B
B
Explanation:
To enable IP forwarding, the kernel parameter net.ipv4.ip_forward must be set to 1. This is done by appending net.ipv4.ip_forward=1 to /etc/sysctl.conf and applying the changes using sysctl -p. This command ensures that the system can forward packets between different network interfaces.
B
Explanation:
To enable IP forwarding, the kernel parameter net.ipv4.ip_forward must be set to 1. This is done by appending net.ipv4.ip_forward=1 to /etc/sysctl.conf and applying the changes using sysctl -p. This command ensures that the system can forward packets between different network interfaces.
Question #82
After listing the properties of a system account, a systems administrator wants to remove the expiration date of a user account.
Which of the following commands will accomplish this task?
- A . chgrp system accountname
- B . passwd Cs accountname
- C . chmod -G system account name
- D . chage -E -1 accountname
Correct Answer: D
D
Explanation:
The command chage -E -1 accountname will accomplish the task of removing the expiration date of a user account. The chage command is a tool for changing user password aging information on Linux systems. The -E option sets the expiration date of the user account, and the -1 value means that the account will never expire. The command chage -E -1 accountname will remove the expiration date of the user account named accountname. This is the correct command to use to accomplish the task. The other options are incorrect because they either do not affect the expiration date (chgrp, passwd, or chmod) or do not exist (chmod -G).
Reference: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 15: Managing Users and Groups, page 467.
D
Explanation:
The command chage -E -1 accountname will accomplish the task of removing the expiration date of a user account. The chage command is a tool for changing user password aging information on Linux systems. The -E option sets the expiration date of the user account, and the -1 value means that the account will never expire. The command chage -E -1 accountname will remove the expiration date of the user account named accountname. This is the correct command to use to accomplish the task. The other options are incorrect because they either do not affect the expiration date (chgrp, passwd, or chmod) or do not exist (chmod -G).
Reference: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 15: Managing Users and Groups, page 467.
Question #83
A systems administrator creates a public key for authentication.
Which of the following tools is most suitable to use when uploading the key to the remote servers?
- A . scp
- B . ssh-copy-id
- C . ssh-agent
- D . ssh-keyscan
Correct Answer: B
B
Explanation:
The best tool to use when uploading the public key to the remote servers is B. ssh-copy-id. This tool will copy the public key from the local computer to the remote server and append it to the authorized_keys file, which is used for public key authentication. This tool will also create the necessary directories and files on the remote server if they do not exist. The other tools are either not suitable or not relevant for this task.
For example:
B
Explanation:
The best tool to use when uploading the public key to the remote servers is B. ssh-copy-id. This tool will copy the public key from the local computer to the remote server and append it to the authorized_keys file, which is used for public key authentication. This tool will also create the necessary directories and files on the remote server if they do not exist. The other tools are either not suitable or not relevant for this task.
For example:
Question #84
A Linux administrator is testing a web application on a laboratory service and needs to temporarily allow DNS and HTTP/HTTPS traffic from the internal network.
Which of the following commands will accomplish this task?
- A . firewalld — add-service=dns, http,https — zone=internal
- B . iptables — enable-service=’dns|http|https’ — zone=internal
- C . firewall-cmd –add-service={dns, http, https} –zone=internal
- D . systemctl mask firewalld –for={dns, http, https} –zone=internal
Correct Answer: C
Question #85
A Linux administrator is providing a new Nginx image from the registry to local cache.
Which of the following commands would allow this to happen?
- A . docker pull nginx
- B . docker attach nginx
- C . docker commit nginx
- D . docker import nginx
Correct Answer: A
A
Explanation:
The command that would allow this to happen is docker pull nginx. Docker is a software platform that allows the administrator to create, run, and manage containers on Linux systems. Containers are isolated and lightweight environments that can run applications and services without affecting the host system. Docker uses images to create containers, which are files that contain the code, libraries, dependencies, and configuration of the applications and services. Docker uses a registry to store and distribute images, which is a service that hosts and serves images. Docker Hub is the default public registry that provides a large number of official and community images. Nginx is a popular web server and reverse proxy that can run as a container. The command docker pull nginx will download the latest version of the Nginx image from the Docker Hub registry to the local cache, which is the storage location for the images on the host system. This will allow the administrator to provide a new Nginx image from the registry to the local cache. This is the correct command to use to accomplish the task. The other options are incorrect because they either do not download an image from the registry (docker attach nginx or docker commit nginx) or do not exist (docker import nginx). CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 19: Managing Cloud and Virtualization Technologies, page 571.
A
Explanation:
The command that would allow this to happen is docker pull nginx. Docker is a software platform that allows the administrator to create, run, and manage containers on Linux systems. Containers are isolated and lightweight environments that can run applications and services without affecting the host system. Docker uses images to create containers, which are files that contain the code, libraries, dependencies, and configuration of the applications and services. Docker uses a registry to store and distribute images, which is a service that hosts and serves images. Docker Hub is the default public registry that provides a large number of official and community images. Nginx is a popular web server and reverse proxy that can run as a container. The command docker pull nginx will download the latest version of the Nginx image from the Docker Hub registry to the local cache, which is the storage location for the images on the host system. This will allow the administrator to provide a new Nginx image from the registry to the local cache. This is the correct command to use to accomplish the task. The other options are incorrect because they either do not download an image from the registry (docker attach nginx or docker commit nginx) or do not exist (docker import nginx). CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 19: Managing Cloud and Virtualization Technologies, page 571.
Question #86
A Linux administrator needs to connect securely to a remote server in order to install application software.
Which of the following commands would allow this connection?
- A . scp "ABC-key.pem" [email protected]
- B . sftp rooteiO.0.0.1
- C . telnet 10.0.0.1 80
- D . ssh -i "ABC-key.pem" [email protected]
- E . sftp "ABC-key.pem" [email protected]
Correct Answer: D
D
Explanation:
The command ssh -i "ABC-key.pem" [email protected] would allow the administrator to connect securely to the remote server in order to install application software. The ssh command is a tool for establishing secure and encrypted connections between remote systems. The -i option specifies the identity file that contains the private key for key-based authentication. The "ABC-key.pem" is the name of the identity file that contains the private key. The [email protected] is the username and the IP address of the remote server. The command ssh -i "ABC-key.pem" [email protected] will connect to the remote server using the private key and allow the administrator to install application software. This is the correct command to use to connect securely to the remote server. The other options are incorrect because they either do not use key-based authentication (sftp [email protected] or telnet 10.0.0.1 80) or do not use the correct syntax for the command (scp "ABC-key.pem" [email protected] instead of scp -i "ABC-key.pem" [email protected] or sftp "ABC-key.pem" [email protected] instead of sftp -i "ABC-key.pem" [email protected]). CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 17: Implementing Basic Security, page 513.
D
Explanation:
The command ssh -i "ABC-key.pem" [email protected] would allow the administrator to connect securely to the remote server in order to install application software. The ssh command is a tool for establishing secure and encrypted connections between remote systems. The -i option specifies the identity file that contains the private key for key-based authentication. The "ABC-key.pem" is the name of the identity file that contains the private key. The [email protected] is the username and the IP address of the remote server. The command ssh -i "ABC-key.pem" [email protected] will connect to the remote server using the private key and allow the administrator to install application software. This is the correct command to use to connect securely to the remote server. The other options are incorrect because they either do not use key-based authentication (sftp [email protected] or telnet 10.0.0.1 80) or do not use the correct syntax for the command (scp "ABC-key.pem" [email protected] instead of scp -i "ABC-key.pem" [email protected] or sftp "ABC-key.pem" [email protected] instead of sftp -i "ABC-key.pem" [email protected]). CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 17: Implementing Basic Security, page 513.
Question #87
The systemd logs are disappearing after a restart, even though the free disk space is adequate.
Which of the following is the cause of this behavior?
- A . The option Storage=volatile is set in the journald configuration
- B . The journald size limit has been exceeded
- C . The service systemd-journald is disabled and masked
- D . The directory /tmp does not have enough tree space
Correct Answer: A
A
Explanation:
A is correct: When Storage=volatile is set in /etc/systemd/journald.conf, logs are kept in RAM and
lost on reboot.
Incorrect Options:
B: Would cause rotation or truncation, not full loss after reboot.
C: Would stop logging entirely, not just reset after boot.
D: Journals are not stored in /tmp.
Reference: CompTIA Linux+ XK0-005 Study Guide, Chapter 10
man journald.conf
A
Explanation:
A is correct: When Storage=volatile is set in /etc/systemd/journald.conf, logs are kept in RAM and
lost on reboot.
Incorrect Options:
B: Would cause rotation or truncation, not full loss after reboot.
C: Would stop logging entirely, not just reset after boot.
D: Journals are not stored in /tmp.
Reference: CompTIA Linux+ XK0-005 Study Guide, Chapter 10
man journald.conf
Question #88
An administrator is trying to terminate a process that is not responding.
Which of the following
commands should the administrator use in order to force the termination of the process?
- A . kill PID
- B . kill -1 PID
- C . kill -9 PID
- D . kill -15 PID
Correct Answer: C
Question #89
NO: 55:
An administrator made a change to a system’s network configuration.
Which of the following best represents what the administrator should do to have the new configuration take effect?
- A . systemctl restart networkd
- B . systemctl enable networkd
- C . systemctl status networkd
- D . systemctl isolate networkd
Correct Answer: A
A
Explanation:
Step-by-Step Comprehensive Detailed
Command
systemctl restart networkd restarts the network service to apply changes. The networkd service is responsible for managing network configurations in systems using systemd-networkd.
Why Other Options are Incorrect:
B: Enables the service to start on boot but does not apply immediate changes.
C: Displays the status but does not apply changes.
D: isolate changes the target (runlevel) and does not directly affect network configurations.
CompTIA Linux+ Study Guide, Chapter on Networking Services man systemctl
A
Explanation:
Step-by-Step Comprehensive Detailed
Command
systemctl restart networkd restarts the network service to apply changes. The networkd service is responsible for managing network configurations in systems using systemd-networkd.
Why Other Options are Incorrect:
B: Enables the service to start on boot but does not apply immediate changes.
C: Displays the status but does not apply changes.
D: isolate changes the target (runlevel) and does not directly affect network configurations.
CompTIA Linux+ Study Guide, Chapter on Networking Services man systemctl
Question #90
A systems administrator needs to disable root login for SSH.
Which of the following commands should the administrator use?
- A . touch /etc/ssh/sshd_config | awk ‘s/PermitRootLoginX yes/PermitRootLoginX no/’
- B . sed -i ‘s/PermitRootLogin yes/PermitRootLogin no/’ /etc/ssh/sshd_config
- C . touch /etc/ssh/sshd_config | print* 1PermitRootLogin/PermitRootLogin no/’
- D . cat /etc/ssh/sshd_config | grep ‘s/PermitRootLogin yes/PermitRootLogin no/’
Correct Answer: B
B
Explanation:
To disable root login over SSH, modify the /etc/ssh/sshd_config file using:
bash
sed -i ‘s/PermitRootLogin yes/PermitRootLogin no/’ /etc/ssh/sshd_config
Then restart the SSH service:
bash
systemctl restart sshd
Options A, C, and D are invalid or syntactically incorrect. Only B makes a valid and permanent configuration change.
Reference: CompTIA Linux+ XK0-005 Official Study Guide, Domain 3.2 C Implement authentication and authorization
“To harden SSH, edit /etc/ssh/sshd_config and set PermitRootLogin no.”
B
Explanation:
To disable root login over SSH, modify the /etc/ssh/sshd_config file using:
bash
sed -i ‘s/PermitRootLogin yes/PermitRootLogin no/’ /etc/ssh/sshd_config
Then restart the SSH service:
bash
systemctl restart sshd
Options A, C, and D are invalid or syntactically incorrect. Only B makes a valid and permanent configuration change.
Reference: CompTIA Linux+ XK0-005 Official Study Guide, Domain 3.2 C Implement authentication and authorization
“To harden SSH, edit /etc/ssh/sshd_config and set PermitRootLogin no.”