Practice Free XK0-006 Exam Online Questions
Question #41
Which of the following commands would a Linux administrator use to determine the temperature of
a motherboard?
- A . ipmitool
- B . dmidecode
- C . lspci
- D . lm_sensors
Correct Answer: D
D
Explanation:
The correct answer is D. lm_sensors because it is the standard Linux utility used to monitor hardware sensor data, including motherboard temperature, CPU temperature, fan speeds, and voltage levels. The lm_sensors package provides tools such as the sensors command, which reads data from hardware monitoring chips embedded on the motherboard and displays real-time environmental and thermal information.
In Linux system management, monitoring hardware health is critical for maintaining system stability and preventing overheating issues. After installing and configuring lm_sensors (typically using the sensors-detect command), administrators can run sensors to view temperature readings for various components, including the motherboard chipset.
Option A (ipmitool) is partially related but incorrect in this context. While ipmitool can retrieve hardware monitoring data (including temperature) via IPMI interfaces, it requires compatible server hardware with IPMI support. It is not universally applicable across all Linux systems and is more specialized for enterprise server environments.
Option B (dmidecode) is incorrect because it retrieves hardware information from the system BIOS/firmware, such as manufacturer details, serial numbers, and hardware specifications. It does not provide real-time sensor data like temperature readings.
Option C (lspci) is also incorrect because it lists PCI devices and provides information about connected hardware components, but it does not include environmental or thermal data.
From a Linux+ perspective, lm_sensors is the most appropriate and commonly used tool for monitoring system temperatures and other hardware metrics, making it essential for proactive system management and troubleshooting.
D
Explanation:
The correct answer is D. lm_sensors because it is the standard Linux utility used to monitor hardware sensor data, including motherboard temperature, CPU temperature, fan speeds, and voltage levels. The lm_sensors package provides tools such as the sensors command, which reads data from hardware monitoring chips embedded on the motherboard and displays real-time environmental and thermal information.
In Linux system management, monitoring hardware health is critical for maintaining system stability and preventing overheating issues. After installing and configuring lm_sensors (typically using the sensors-detect command), administrators can run sensors to view temperature readings for various components, including the motherboard chipset.
Option A (ipmitool) is partially related but incorrect in this context. While ipmitool can retrieve hardware monitoring data (including temperature) via IPMI interfaces, it requires compatible server hardware with IPMI support. It is not universally applicable across all Linux systems and is more specialized for enterprise server environments.
Option B (dmidecode) is incorrect because it retrieves hardware information from the system BIOS/firmware, such as manufacturer details, serial numbers, and hardware specifications. It does not provide real-time sensor data like temperature readings.
Option C (lspci) is also incorrect because it lists PCI devices and provides information about connected hardware components, but it does not include environmental or thermal data.
From a Linux+ perspective, lm_sensors is the most appropriate and commonly used tool for monitoring system temperatures and other hardware metrics, making it essential for proactive system management and troubleshooting.
Question #42
A systems administrator needs to restore a backup to the /usr/app/data directory.
Which of the following commands should the administrator use for this task?
- A . tar -xvzf /tmp/backup.tar.gz -C /usr/app/data
- B . tar -xvf /tmp/backup.tar.gz /usr/app/data
- C . tar -xvzf /usr/app/data /tmp/backup.tar.gz
- D . tar -xvzf /tmp/backup.tar.gz > /usr/app/data
Correct Answer: A
A
Explanation:
The tar (tape archive) utility is the standard tool for archiving and compressing files in Linux. According to CompTIA Linux+ V8 objectives, administrators must be proficient in extracting data into specific target locations. The command tar -xvzf /tmp/backup.tar.gz -C /usr/app/data is the correct syntax for this operation.
The flags used in the command provide the following functionality:
-x: Instructs tar to extract the contents of the archive.
-v: Enables verbose output, showing the files as they are being extracted.
-z: Tells tar to filter the archive through gzip for decompression (required for .tar.gz files).
-f: Specifies the filename of the archive to be processed (/tmp/backup.tar.gz).
-C: Changes the directory to the specified path (/usr/app/data) before performing the extraction.
Using the -C flag is the most efficient and recommended way to restore a backup to a directory other than the current working directory. Without this flag, tar would extract the files into the current directory, which might not be the intended destination and could clutter the filesystem.
The other options are incorrect.
Option B lacks the -z flag for decompression and incorrectly places the destination path after the archive filename without the -C flag, which tar would interpret as a request to extract only a specific file named /usr/app/data from inside the archive.
Option C has the argument order reversed.
Option D attempts to use shell redirection (>), which is used for text output and is not compatible with the tar extraction process for writing files to a directory.
Therefore, Option A is the verified correct command for restoring a compressed backup to a specific directory.
A
Explanation:
The tar (tape archive) utility is the standard tool for archiving and compressing files in Linux. According to CompTIA Linux+ V8 objectives, administrators must be proficient in extracting data into specific target locations. The command tar -xvzf /tmp/backup.tar.gz -C /usr/app/data is the correct syntax for this operation.
The flags used in the command provide the following functionality:
-x: Instructs tar to extract the contents of the archive.
-v: Enables verbose output, showing the files as they are being extracted.
-z: Tells tar to filter the archive through gzip for decompression (required for .tar.gz files).
-f: Specifies the filename of the archive to be processed (/tmp/backup.tar.gz).
-C: Changes the directory to the specified path (/usr/app/data) before performing the extraction.
Using the -C flag is the most efficient and recommended way to restore a backup to a directory other than the current working directory. Without this flag, tar would extract the files into the current directory, which might not be the intended destination and could clutter the filesystem.
The other options are incorrect.
Option B lacks the -z flag for decompression and incorrectly places the destination path after the archive filename without the -C flag, which tar would interpret as a request to extract only a specific file named /usr/app/data from inside the archive.
Option C has the argument order reversed.
Option D attempts to use shell redirection (>), which is used for text output and is not compatible with the tar extraction process for writing files to a directory.
Therefore, Option A is the verified correct command for restoring a compressed backup to a specific directory.
Question #43
Which of the following filesystems contains non-persistent or volatile data?
- A . /boot
- B . /usr
- C . /proc
- D . /var
Correct Answer: C
C
Explanation:
Understanding Linux filesystems and their purposes is a fundamental system management skill outlined in the Linux+ V8 objectives. Among the listed options, /proc is the filesystem that contains non-persistent, volatile data.
The /proc filesystem is a virtual filesystem that exists entirely in memory and is dynamically generated by the Linux kernel. It does not store data on disk and does not persist across system reboots. Instead, /proc provides real-time information about running processes, kernel parameters, system memory, CPU statistics, and hardware state. Files within /proc represent kernel data structures and change constantly as the system operates.
The other filesystems contain persistent data stored on disk. /boot stores bootloader files and kernel
images, which are critical for system startup. /usr contains user applications, libraries, and documentation, all of which are persistent. /var holds variable data such as logs, spool files, and caches, which may change frequently but are still stored persistently on disk.
Linux+ V8 documentation emphasizes that /proc is used primarily for system monitoring and tuning. Administrators often interact with /proc to inspect process details or modify kernel parameters using tools like sysctl. Because its contents are generated at runtime and cleared on reboot, /proc is classified as non-persistent or volatile.
Therefore, the correct answer is C. /proc.
C
Explanation:
Understanding Linux filesystems and their purposes is a fundamental system management skill outlined in the Linux+ V8 objectives. Among the listed options, /proc is the filesystem that contains non-persistent, volatile data.
The /proc filesystem is a virtual filesystem that exists entirely in memory and is dynamically generated by the Linux kernel. It does not store data on disk and does not persist across system reboots. Instead, /proc provides real-time information about running processes, kernel parameters, system memory, CPU statistics, and hardware state. Files within /proc represent kernel data structures and change constantly as the system operates.
The other filesystems contain persistent data stored on disk. /boot stores bootloader files and kernel
images, which are critical for system startup. /usr contains user applications, libraries, and documentation, all of which are persistent. /var holds variable data such as logs, spool files, and caches, which may change frequently but are still stored persistently on disk.
Linux+ V8 documentation emphasizes that /proc is used primarily for system monitoring and tuning. Administrators often interact with /proc to inspect process details or modify kernel parameters using tools like sysctl. Because its contents are generated at runtime and cleared on reboot, /proc is classified as non-persistent or volatile.
Therefore, the correct answer is C. /proc.
Question #44
Which of the following can be implemented with PAM to detect and block dictionary attacks?
- A . pam_tally2
- B . pam_limits
- C . pam_unix
- D . pam_ldap
Correct Answer: A
A
Explanation:
Pluggable Authentication Modules (PAM) provide a flexible, centralized mechanism for managing authentication across various services in a Linux system. According to the CompTIA Linux+ V8 security domain, protecting against "dictionary attacks" and "brute-force" attempts is a critical hardening step. A dictionary attack involves an automated script attempting thousands of common passwords against a user account.
To mitigate this, administrators use pam_tally2 (or the newer pam_faillock on some systems). The pam_tally2 module is specifically designed to keep track of failed login attempts for each user. It can be configured in the PAM stack (such as /etc/pam.d/common-auth or /etc/pam.d/password-auth) to lock an account after a specified number of consecutive failed attempts (e.g., deny=5). Once the threshold is reached, the user is blocked from further attempts for a set period or until an administrator manually resets the counter. This effectively stops automated dictionary attacks from continuing indefinitely.
The other options serve different purposes. pam_limits (Option B) is used to set resource limits (like CPU time or number of open files) for users once they are already logged in. pam_unix (Option C) is the standard module for traditional /etc/passwd and /etc/shadow authentication. pam_ldap (Option D) allows the system to authenticate against a remote LDAP directory.
While these modules are part of the PAM ecosystem, only pam_tally2 is designed for tracking and acting upon failed login counts to block attacks.
A
Explanation:
Pluggable Authentication Modules (PAM) provide a flexible, centralized mechanism for managing authentication across various services in a Linux system. According to the CompTIA Linux+ V8 security domain, protecting against "dictionary attacks" and "brute-force" attempts is a critical hardening step. A dictionary attack involves an automated script attempting thousands of common passwords against a user account.
To mitigate this, administrators use pam_tally2 (or the newer pam_faillock on some systems). The pam_tally2 module is specifically designed to keep track of failed login attempts for each user. It can be configured in the PAM stack (such as /etc/pam.d/common-auth or /etc/pam.d/password-auth) to lock an account after a specified number of consecutive failed attempts (e.g., deny=5). Once the threshold is reached, the user is blocked from further attempts for a set period or until an administrator manually resets the counter. This effectively stops automated dictionary attacks from continuing indefinitely.
The other options serve different purposes. pam_limits (Option B) is used to set resource limits (like CPU time or number of open files) for users once they are already logged in. pam_unix (Option C) is the standard module for traditional /etc/passwd and /etc/shadow authentication. pam_ldap (Option D) allows the system to authenticate against a remote LDAP directory.
While these modules are part of the PAM ecosystem, only pam_tally2 is designed for tracking and acting upon failed login counts to block attacks.
Question #45
A systems administrator receives reports about connection issues to a secure web server.
Given the following firewall and web server outputs:
Firewall output:
Status: active
To Action From
443/tcp DENY Anywhere
443/tcp (v6) DENY Anywhere (v6)
Web server output:
tcp LISTEN 0 4096 *:443 :
Which of the following commands best resolves this issue?
- A . ufw disable
- B . ufw allow 80/tcp
- C . ufw delete deny https/tcp
- D . ufw allow 4096/tcp
Correct Answer: C
C
Explanation:
This scenario involves firewall configuration and service accessibility, which falls under the Security domain of the CompTIA Linux+ V8 objectives. The key to resolving this issue is interpreting both the firewall output and the web server status correctly.
The web server output shows that the service is actively listening on TCP port 443, which is the standard port for HTTPS (secure web traffic). The line tcp LISTEN 0 4096 *:443 *:* confirms that the web server is running properly and is ready to accept incoming connections on port 443 from any interface. This indicates that the problem is not with the web server configuration itself.
However, the firewall output clearly shows that incoming connections to port 443 are being blocked. The rules 443/tcp DENY Anywhere and 443/tcp (v6) DENY Anywhere (v6) indicate that the Uncomplicated Firewall (UFW) is explicitly denying HTTPS traffic for both IPv4 and IPv6. As a result, external clients cannot establish a secure connection to the server, even though the service is running correctly.
To resolve this issue securely and correctly, the administrator must remove the firewall rule that denies HTTPS traffic.
Option C, ufw delete deny https/tcp, directly removes the blocking rule while preserving the rest of the firewall configuration. This aligns with Linux+ best practices, which emphasize making precise firewall changes rather than disabling security controls entirely.
The other options are incorrect.
Option A, ufw disable, would completely turn off the firewall, creating a significant security risk.
Option B, ufw allow 80/tcp, only opens HTTP traffic on port 80 and does not resolve HTTPS connectivity issues.
Option D, ufw allow 4096/tcp, incorrectly attempts to open an internal socket backlog value rather than a valid service port.
Therefore, the correct and most secure solution is C.
C
Explanation:
This scenario involves firewall configuration and service accessibility, which falls under the Security domain of the CompTIA Linux+ V8 objectives. The key to resolving this issue is interpreting both the firewall output and the web server status correctly.
The web server output shows that the service is actively listening on TCP port 443, which is the standard port for HTTPS (secure web traffic). The line tcp LISTEN 0 4096 *:443 *:* confirms that the web server is running properly and is ready to accept incoming connections on port 443 from any interface. This indicates that the problem is not with the web server configuration itself.
However, the firewall output clearly shows that incoming connections to port 443 are being blocked. The rules 443/tcp DENY Anywhere and 443/tcp (v6) DENY Anywhere (v6) indicate that the Uncomplicated Firewall (UFW) is explicitly denying HTTPS traffic for both IPv4 and IPv6. As a result, external clients cannot establish a secure connection to the server, even though the service is running correctly.
To resolve this issue securely and correctly, the administrator must remove the firewall rule that denies HTTPS traffic.
Option C, ufw delete deny https/tcp, directly removes the blocking rule while preserving the rest of the firewall configuration. This aligns with Linux+ best practices, which emphasize making precise firewall changes rather than disabling security controls entirely.
The other options are incorrect.
Option A, ufw disable, would completely turn off the firewall, creating a significant security risk.
Option B, ufw allow 80/tcp, only opens HTTP traffic on port 80 and does not resolve HTTPS connectivity issues.
Option D, ufw allow 4096/tcp, incorrectly attempts to open an internal socket backlog value rather than a valid service port.
Therefore, the correct and most secure solution is C.
Question #46
A Linux administrator needs to compare two files and provide the output in the following format:
2,3d1
< Line 2
< Line 3 4a3 Line 5
Which of the following commands should the administrator use to perform the task?
- A . comm
- B . awk
- C . file
- D . diff
Correct Answer: D
D
Explanation:
The correct answer is D. diff because the output format shown in the question is the standard output generated by the diff command in Linux. The diff utility is specifically designed to compare two files line by line and display the differences between them in a structured format. The notation such as 2,3d1 and 4a3 represents changes required to transform one file into another.
In this format, d indicates deletion, a indicates addition, and the numbers refer to line positions in each file. For example, 2,3d1 means lines 2 through 3 in the first file should be deleted to match the second file. The < symbol shows lines present in the first file, while the > symbol shows lines from the second file. This structured comparison output is essential for troubleshooting differences between configuration files, scripts, or logs.
Option A (comm) is incorrect because comm compares two sorted files and produces three-column output indicating unique and common lines, but it does not produce the detailed edit-style output shown in the question.
Option B (awk) is incorrect because awk is a powerful text-processing tool used for pattern scanning and processing, not for direct file comparison in this format.
Option C (file) is incorrect because it identifies the type of a file rather than comparing file contents.
Within Linux+ objectives, using diff is a fundamental troubleshooting skill, especially when identifying configuration drift, verifying file integrity, or analyzing differences between system states. It is commonly used by administrators to quickly pinpoint discrepancies and resolve issues efficiently.
D
Explanation:
The correct answer is D. diff because the output format shown in the question is the standard output generated by the diff command in Linux. The diff utility is specifically designed to compare two files line by line and display the differences between them in a structured format. The notation such as 2,3d1 and 4a3 represents changes required to transform one file into another.
In this format, d indicates deletion, a indicates addition, and the numbers refer to line positions in each file. For example, 2,3d1 means lines 2 through 3 in the first file should be deleted to match the second file. The < symbol shows lines present in the first file, while the > symbol shows lines from the second file. This structured comparison output is essential for troubleshooting differences between configuration files, scripts, or logs.
Option A (comm) is incorrect because comm compares two sorted files and produces three-column output indicating unique and common lines, but it does not produce the detailed edit-style output shown in the question.
Option B (awk) is incorrect because awk is a powerful text-processing tool used for pattern scanning and processing, not for direct file comparison in this format.
Option C (file) is incorrect because it identifies the type of a file rather than comparing file contents.
Within Linux+ objectives, using diff is a fundamental troubleshooting skill, especially when identifying configuration drift, verifying file integrity, or analyzing differences between system states. It is commonly used by administrators to quickly pinpoint discrepancies and resolve issues efficiently.