Answers and Explanations

Chapter 1: Hardware and System Configuration

  1. A. The modprobe command loads the module and its dependencies, if applicable. The lsmod command is used to list currently loaded modules, making answer B incorrect. The insmod command will load a given module but not its dependencies. Answer D, rmmod, is used to remove a module from memory.
  2. C. The keyword single given on the Linux kernel command line will boot the system into single-user mode. The other options are not valid.
  3. A. The Shift key, if pressed when control has first been handed to GRUB, will cause the GRUB menu to be displayed.
  4. D. The dmesg command displays the contents of the kernel ring buffer. On many Linux distributions, this log is also saved to /var/log/dmesg. The other options shown for this question are not valid commands.
  5. D. The lsmod command is used to list currently loaded kernel modules, thereby making answer D correct for this question. The insmod command (answer A) is used to load modules. Answer C is a valid command but not a valid option for that command, and answer B does not exist.
  6. D. The ESP is typically mounted at /boot/efi. Files with an efi extension, like linux.efi, might be found in dual-boot scenarios, but the .efi extension is not technically required.
  7. A. The mount command is used to mount drives in Linux. The source and destination mount point are expected as arguments. Drive partitions begin at number 1, making the first partition number 1.
  8. D. If a working device does not appear in lsmod, it typically means the kernel has a driver already loaded by virtue of being compiled into the kernel itself rather than loaded through a module. The use of systemd (answer A) or initramfs (answer B) would have no effect.
  9. C. The -w option causes the module to wait until it’s no longer needed prior to unloading. The other options are not valid for rmmod.
  10. A. The update-grub command sends its output to STDOUT. Therefore, you must redirect using > and send that output to the correct file. The other options are not valid for this purpose. Answers C and D are not valid commands, while answer B contains invalid options and an invalid location for the destination file.
  11. B. MBR-based disks can be partitioned with up to four primary partitions, one of which can be further partitioned or extended into logical partitions.
  12. B. 0x82 is Linux swap, while 0x83 is Linux. NTFS is 0x07, and FAT is 0.0c.
  13. A. The /etc/default/grub file can be used for this purpose. You may also edit /boot/grub/grub.cfg, but this was not an option given for this question.
  14. C. The -o option can be used to specify a destination file to which output will be sent instead of STDOUT. The other options listed in this question do not exist.
  15. A. The /boot partition will typically be much less than 500 MB but should not be undersized. The used space within /boot will increase as more kernels are added, such as during an upgrade process.
  16. B. The pvcreate command initializes a physical partition for future use as a logical volume with LVM.
  17. D. The grub2-install command is used to install GRUB onto a disk. The second SATA disk would be /dev/sdb, therefore making answer D the correct option.
  18. C. The lvcreate command is used to create logical volumes with LVM. The pvcreate command initializes physical volumes prior to creating logical volumes. The commands in the other two options for this question do not exist.
  19. A. Physical volumes are initialized first, followed by volume group creation, and then logical volume creation.
  20. B. The grub-mkconfig command should be run after making a change to the /etc/default/grub file so that a new configuration file can be created with the changed option(s).
  21. C. The lvmdiskscan command looks for physical volumes that have been initialized for use with LVM.
  22. D. GRUB Legacy begins counting at 0 and separates the disk letter and partition with a comma, therefore making 0,0 the first partition on the first disk. Answers A and C are not the first disk on the system, and answer B contains a nonexistent partition.
  23. B. The command to install GRUB is grub-install, and the first SATA drive is /dev/sda. A device listed as hda is typically a PATA drive, thereby making those options incorrect.
  24. C. The -y option will attempt to repair automatically, essentially answering ’y’ or yes instead of prompting. Of the other options, only -V is valid and will produce verbose output.
  25. D. The first step is to use fdisk to create one or more partitions. Then format the partitions, and then mount the partitions for use. Various filesystem types can be created with mkfs and its subcommands. These filesystem types include ext3, ext4, xfs, and ntfs.
  26. B. The tune2fs command can be used for this purpose but should be used with care because it can result in data corruption.
  27. B. The addition of journaling in ext3 increased filesystem reliability and performance.
  28. D. The /srv hierarchy is used for data for server programs. The /etc hierarchy is configuration information, while /var is also data files but variable files such as mail files. The /tmp directory is for temporary files. Because each path begins with a /, it is considered an absolute path.
  29. C. The -a option mounts all filesystems in /etc/fstab that are currently available. Of the other options listed, only the -f option is available, and it is a shortcut to the “fake” option, which does not do anything except perform a dry run of the mount.
  30. A. The tune2fs command displays a lot of information about filesystems including the number of times the filesystem has been mounted.
  31. A. The -g option displays progress of the dump. The other options listed do not exist.
  32. A. The du command will report on disk usage in a recursive manner, unlike the other commands shown here.
  33. C. The /etc/fstab file is used to store information about the filesystems to mount within the system.
  34. D. The /media mount point is used for removable media. See https://refspecs .linuxfoundation.org/FHS_3.0/fhs/index.html for more information on the FHS.
  35. A. The /etc/mtab file contains currently mounted filesystems. Note that /etc/fstab contains filesystem information but not about which filesystems are currently mounted.
  36. B. The -r option causes umount to attempt to remount in read-only mode. The -v option is verbose mode, and the -f option forces the operation. The -o option does not exist.
  37. D. The proper order is the device (UUID or partition) followed by the directory to mount that device, followed by its type and options, and then the dump and fsck settings.
  38. A. The blkid command will show partition UUIDs. You can also get this information with the lsblk -no UUID <partition> command. The other commands shown in this question do not accomplish the required task.
  39. D. The xfs_info command is equivalent to xfs_growfs -n.
  40. B. The mkfs.btrfs command is used to create btrfs filesystems and does not require the drive to be partitioned.
  41. A. The tune2fs command is used for this purpose, and the -c option sets the mount count for the specified partition. The dumpe2fs command is used to print the superblock and block group information.
  42. B. The parted command can be used to resize partitions in such a way. The mkfs command is not used for this purpose, and the other two options do not exist.
  43. C. The VFAT filesystem is known as vfat to the mount command, and the other elements of the mount command are standard.
  44. D. The c option in gdisk is used to change the partition name. The n option creates a new partition, the v option verifies the disk, and the b option creates a backup of GPT data to a file.
  45. C. The -b option prints known bad blocks. The -f option is used to force the display of information, and the other options don’t exist.
  46. B. The -A option checks all filesystems in /etc/fstab, while the -M option excludes the root filesystem.
  47. C. The fsck option, which is represented as a number in the /etc/fstab file, sets the order that the device is checked at boot time.
  48. C. The file /etc/timezone is used to indicate the local time zone. The other files listed as options do not exist.
  49. D. Within the /usr/share/zoneinfo hierarchy, you will find information on the various regions and time zones available. The files within this hierarchy can be symlinked to /etc/localtime.
  50. B. The dominfo command within virsh displays information regarding the domain. The other commands are not valid.
  51. C. The LC_TIME environment variable is used to control the display and behavior of the date and time and can be changed to a different locale in order to achieve the desired display and behavior of date and time formatting. The other options shown for this question do not exist.
  52. B. UTF-8 provides multibyte character encoding and is generally accepted as the standard for encoding moving forward. ISO-8859 is single-byte encoded. The other answers are not valid.
  53. C. The timedatectl command includes a list-timezones subcommand to show known time zones. The tzsel command does not exist; but there is a similar command called tzselect that will, by default, display a step-by-step menu to select a time zone. The eventual output will include a region/time-zone line, such as America/Chicago, as output.
  54. D. The TZ environment variable is used for this purpose and the general format is as shown, thus making option D the correct answer.
  55. C. Setting LANG=C is an alias for POSIX compatibility and will cause programs to bypass locale translations. The other options shown for LANG are not valid.
  56. C. The LC_ALL variable can be used to set environment variables such as the locale and will override others. This can be used when there is a need for a temporary change. The other variables listed here are not used for this purpose and are not created by default.
  57. A. The ln command is used for this purpose, and the -s option creates a symbolic link, while -f forces or overwrites the destination. The other options and order of commands are not valid.
  58. C. The LC_MONETARY variable is used by certain programs to determine the localization for currency.
  59. D. The hwclock command is used to both query and set the hardware clock, such as the one maintained by the system firmware or BIOS. The ntpdate command is used to set the local system time but is not related to the hardware clock. The other commands are not valid.
  60. D. The -s option sets the date and time as specified within the command. If there is another means to automatically set the date, it may override the change. For example, if ntpd is running, that process may alter the date even after it has been set with date -s.
  61. A. The -w option sets the hardware clock to the current system time. The -s option does the opposite, setting the system time to the hardware clock. There is no -a or -m function for hwclock.
  62. A. --systohc will set the hardware clock according to the current system time. The use of --utc is required in order to ensure that the time is set to UTC. If --utc is omitted, the time will default to whatever was used last time the command was run, which could be UTC but might be local time instead. Therefore, the best option is A.
  63. A. The netstat command can be used for this purpose, and the -r option displays the current routes. The addition of -n prevents DNS lookups, which can help with performance.
  64. D. Private IP addresses are found within the 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 ranges, thus making an address in the 143 range a public IP.
  65. C. The route command is used for this purpose, and adding a route is done with the add option. The default gateway is added using the default gw keywords followed by the IP of the gateway and the adapter.
  66. A. The host command enables changing of the query type with the -t option. Using ns as the type will query for the name servers for a given domain. There is no all type, and the other options are also invalid.
  67. B. The -I option enables the choice of interface. A lowercase -i option sets the interval, while -a indicates an audible ping. Finally, -t enables a TTL-based ping only.
  68. A. The host or dig command can be used for this purpose by setting the type to mx. The mx type will query for the mail exchanger for the given domain. There is no smtp type.
  69. B. The localhost address for IPv6 can be written as ::1. Addresses shown like 127 represent the IPv4 localhost range but are not written properly for IPv4 or IPv6.
  70. A. The ip command with the monitor option/subcommand will display netlink messages as they arrive. There is no netlink subcommand for ip, and the route command will not work for this purpose.
  71. A. The syntax is database: databasename with additional database names separated by spaces, as shown in the correct option for this question.
  72. A. The @ symbol is used to indicate a server to which the query will be sent directly. This can be quite useful for troubleshooting resolution problems by sending the query directly to an authoritative name server for the domain. Of the other options, -t sets the type, and the other options are not valid.
  73. A. The getent command is used for working with NSS databases, and getent hosts will display the available hosts using the databases configured in /etc/nsswitch.conf.
  74. C. The configuration option is nameserver, and the value for the option is the IP address of the desired name server. Several options affect how name resolution is performed, such as the number of attempts and timeout. See resolv.conf(5) for more information.
  75. A. The route command can be used for this purpose, and the syntax includes the network range, denoted with the -net option, followed by the word netmask and the masked bits, followed by the letters gw and the IP of the gateway. The other options shown are invalid for a variety of reasons including missing keywords and options and order.
  76. A. The netstat command is used for this purpose, and the -a option displays all sockets, listening and non-listening. Note that it’s frequently helpful to add the -n option, or combine options as in netstat –an, in order to prevent name lookup. Doing so can significantly improve performance of the command.
  77. A. The correct format is IP address followed by canonical hostname followed by any aliases for the host. You can use entries in /etc/hosts to override DNS lookups, which can be useful to prevent those names from resolving or to provide a different resolution.
  78. B. The ip route command can be used for this purpose, and its syntax uses a change command and the via keyword. The same operation could be completed with the route command but would require deleting the existing gateway first and then re-adding a new default gateway.
  79. A. The soa type is used to query for Start of Authority records for a domain. Note that in many cases, dig will attempt to look up the domain within a given command and may not appear to have had an error. For example, when running option D (dig -t auth example.com), you will receive information about example.com, and there will be a line in the output saying that dig has ignored the invalid type of auth.
  80. A. The search option is used for this purpose and can be provided with multiple domain names, each separated by a space or tab. The domain option is valid within /etc/resolv.conf but does not allow for multiple domain names.
  81. A. The route command can be used for this purpose, and in the scenario described, a reject destination is used for the route. The other options shown are invalid because they use invalid options to the route command.
  82. D. The -c option provides the count of the number of pings to send. The -n option specifies numeric output only, while -p specifies the pattern to use for the packet content. Finally, the -t option sets the TTL.
  83. D. The best option for this question is to add an entry for the host in /etc/hosts. Doing so will always cause DNS queries to resolve to 127.0.0.1. The other options are not as robust because they rely on www.example.com always having the same IP address, or the solutions require additional maintenance to constantly add new IP addresses if www.example.coms IP address changes.
  84. A. The ip route flush cache command should be executed after changing the routes. The other commands shown for this question are not valid.
  85. A. SPF records are stored in the txt record type in DNS, thereby making -t txt the correct option for this. Of the other answers, only -t mx is valid; it returns the mail exchangers for the given domain.
  86. C. The G signifies a gateway within the route table.
  87. A. The axfr type is a zone transfer, and the @ symbol signifies the server to which the query will be sent. There is no xfer type, and option B is just a normal query for the domain sent to the specified server.
  88. D. The -p option to iostat displays information on devices and partitions. The -c option shows CPU utilization, and -d shows device utilization. There is no -a option.
  89. A. The df command displays information on disk usage and can help with planning disk utilization over time. For example, if you note that disk utilization is increasing significantly, preparations can be made to bring more disks online or even to change the log rotation schedule such that logs are rotated faster, thereby freeing up space.
  90. A. The mkinitrd command is used on older systems to create the initial RAM disk. The initial RAM disk is used to load (some might say preload) essential modules for things like disks and other vital components needed for booting.
  91. B. The lsmod command is used to display currently loaded modules. This is useful for scenarios where you are migrating from the stock or distribution-provided kernel to a custom kernel and need to know which modules to compile into the new kernel.
  92. B. The depmod command is used to create a list of modules. The list is kept in a file called modules.dep, the location of which is dependent on the distribution of Linux in use.
  93. A. The -a option displays all values and their current settings for sysctl. The -b option is binary and displays values without any newlines. The -d option is an alias for -h, which is help display. There is no -c option. The sysctl options can also be found in /etc/sysctl.conf.
  94. B. The modprobe command examines dependencies for a given module and loads both the dependencies and the requested module.
  95. A. The modinfo command provides information on a given kernel module. You can use modinfo to find out the parameters needed for a given module and the modules on which it depends, among other information. The modprobe command is used to load a module. There is no tracemod or modlist command.
  96. C. The insmod command inserts a module into the running kernel. It does not, however, attempt to resolve dependencies but rather outputs an error if there are dependent modules or kernel symbols that are not available.
  97. B. The -r option removes the named kernel modules and attempts to remove any modules on which the named module depends, where possible. The -d option sets the root directory for modules, while -v is verbose and -f forces the module to load.
  98. B. The /etc/modprobe.d directory is used for storing configuration information related to modules such as that used for blacklisting purposes, and also for other configuration information such as udev and module options.
  99. B. The dracut command is used to create the initial RAM disk for newer systems and has replaced the legacy mkinitrd command used for the same purpose.
  100. B. Variables and values placed in /etc/sysctl.conf will take effect on boot. The other files listed are not valid.
  101. B. The --show-depends option displays the dependencies for a given module. The other options are not valid for the modprobe command.
  102. C. The format for the mount command is [partition] [target], thereby making option C correct. The other options are not valid because the arguments are in the wrong order.
  103. D. The -n option changes the boot order for the next boot only and boots from the specified partition. The -b along with -B modifies and then deletes the option. The -o option sets the boot order. The -c option creates a boot number.
  104. A. ISOLINUX provides a means by which CD-ROMs formatted as ISO 9660 can be booted. It’s very common to have live CDs or rescue/recovery CDs that use ISOLINUX for boot. The other bootloaders are not valid for this purpose or don’t exist.
  105. B. Due to the decidedly insecure decisions made with the design of Microsoft’s UEFI, a shim is often needed to enable Linux to boot on a system with UEFI. The file shim.efi can be used as an initial bootloader for this purpose.
  106. B. The bcfg command within the UEFI shell is used to configure bootloaders on a UEFI-based system. The command can accept various parameters to configure how the bootloader and kernel will load on boot. Of the other commands shown, grub-install is valid but not within the UEFI shell.
  107. B. The Master Boot Record, or MBR, is the first sector on a disk and contains information about the structure of the disk. If the MBR becomes corrupt, all data on the disk may be lost. The other options shown for this question are not valid.
  108. D. The file pxelinux.0 must exist within /tftpboot on the TFTP server in order for a system to use PXELINUX for booting. The other files are not valid or necessary for PXELINUX. Once booted, PXE boot can boot using an NFS-mounted filesystem where the filesystem is physically hosted on a different computer.
  109. D. The --boot-directory option enables you to specify an alternate location for GRUB images rather than the default /boot. The other options shown for this question are not valid.
  110. C. The shim.efi bootloader loads another bootloader, which is grubx64.efi by default. The other options are not valid filenames for the purpose described.
  111. C. The -t option sets the filesystem type as ext2, ext3, or ext4. The mke2fs command is typically symlinked from /sbin/mkfs.ext2, /sbin/mkfs.ext3, and /sbin/mkfs.ext4. The -f option forces mke2fs to create a filesystem. The -a and -e options do not exist.
  112. B. The /etc/crypttab file contains the filesystems and devices that are encrypted. The other file locations do not exist by default and are not related to this question.
  113. C. Bad blocks are shown with the -b option. The -f option forces dumpe2fs to perform the requested operation, and the other command options do not exist.
  114. C. The -f option specifies that xfs_check should check the contents of the named file for consistency. The -v option sets verbosity, and there are no -d or -a options.
  115. A. The block size for import or restore must match the block size used on export or dump. Block size is specified with the -b option, thus making option A correct. The other options are not valid for xfsrestore.
  116. B. A filesystem with the word defaults for its mount options will be mounted read-write (rw), suid, with the ability to have executables (exec). The filesystem will be auto-mounted (auto), but users will not be able to mount it (nouser). Character and block special devices will be interpreted (dev), and operations on the disk will be performed in an asynchronous manner (async).
  117. C. The -z option sets the maximum size for files to be included in the dump. The -b option sets the block size but is not related to what is being asked for in this scenario. The -s option sets the path for inclusion in the dump, and -p sets the interval for progress indicators.
  118. D. A partition type of 0xFD is used for software RAID arrays. This can be set or viewed using a tool such as fdisk. The other options shown are not valid partition types.
  119. C. The /dev/disk/by-id directory contains symbolic links to /dev/sd, such as /dev/sda. Because WWIDs can be used to identify a device across systems, they are often used within the context of SANs. The other directories listed as options do not exist.
  120. C. The pvdisplay command shows information about a given physical volume. You can use pvdisplay to view the device on which the PV is built along with the extent size of the PV. The other commands shown are not valid.
  121. B. Logical Unit Numbers (LUNs) that contain the characters fc are those found through Fibre Channel. Therein lies the difference between options B and C, where option C contains the letters scsi, which would usually represent a local disk. The other options are not valid.
  122. C. The multipath command is used for administration of devices such as LUNs and can be used for finding the path to LUNs for a server, such as in a SAN configuration. The other commands are not valid, with the exception of ls: it is valid, but the option shown is related not to LUNs but rather is a combination of various flags to the ls command.
  123. C. The fstrim command is used to remove blocks that are not in use. The fstrim command is frequently used in a SAN configuration to give back unused storage to the SAN. The fstrim command can also be used with solid-state drives for the same purpose. The other commands shown are not valid.
  124. B. The -E option signals that an extended option follows, such as stripe_width. The -f option forces an operation but should not be necessary for this solution, and the -e option sets the behavior on error. There is no -extend option.
  125. A. The --create option enables creation of a RAID array that will use md. The typical argument is the /dev/mdN device. The other options listed are not valid for mdadm.
  126. C. The /dev/mapper directory contains information about multipath devices such as logical volumes. The other directories are not valid.
  127. C. The --monitor option is used to actively watch an array for issues such as disk failure. The monitoring can be done as a daemon and run in the background, thereby alerting when there is an issue.
  128. B. The MAILADDR option sets the destination address for mail about RAID events that are noted by mdadm when in monitor mode.
  129. C. The ip command defaults to the inet family if not otherwise specified with the -f option. The command will attempt to guess the correct family and fall back to inet. The other families listed as options for this command are not valid for use with the ip command.
  130. B. The iwconfig command, which is similar to the ifconfig command, works with an individual wireless interface to set and display parameters. Of the other commands, the ifconfig command is valid but not used for wireless. The other commands are not valid.
  131. A. The ss command provides many of the same functions as netstat but can show some extended information, such as memory allocation for a given socket. The free command shows memory usage but not by socket, and the other two commands do not exist.
  132. C. The -p option shows the process IDs associated with a given socket within the ss output. The -a option is all sockets, while -l is listening sockets. The -f option is used to specify the protocol family.
  133. D. The /etc/network directory contains information on network interfaces and contains directories that then further contain scripts to be executed when interfaces are brought up or down. The other directories listed do not exist.
  134. B. Only alphanumerics, a minus sign (or dash), and dot are valid for hosts in /etc/hosts.
  135. B. Options within /etc/resolv.conf are preceded with the options keyword followed by one or more options such as debug.
  136. C. The -f option will force the umount to occur. The --fake option is essentially a dry run in that it won’t actually unmount a filesystem. The other two options do not exist.
  137. A. The --output option configures the location for output of the command instead of STDOUT.
  138. A. The file lpxelinux.0 contains the necessary code to support booting from HTTP and FTP.
  139. B. The file /etc/grub2.cfg is usually a symbolic link to /boot/grub2/grub.cfg.
  140. C. The vmlinuz file has been compressed and therefore consumes less disk space than vmlinux. Both contain the Linux kernel in binary format.
  141. C. Modules are stored in /usr/lib/modules/{kernel-version}.
  142. C. The file /var/log/kern.log contains kernel messages and can be used to troubleshoot a kernel panic.
  143. B. JSON-formatted files are JavaScript Object Notation. These files, along with YAML files, are frequently used to provide templates and configuration information because both formats are lightweight and descriptive. When working with a VM template or automation, you may encounter these formats.
  144. D. A persistent volume keeps data between deployments of the virtualized environment. A container image is used for the original boot.
  145. B. A dual-homed networking configuration is one that has two network interfaces. Bridged networking refers to using the host adapter in a virtualization scenario. An overlay network is one that is built on top of another network. Forwarding is not related to this solution.
  146. C. The localectl command is used to view and configure settings such as the keyboard layout for a given locale. The other commands listed do not exist.
  147. D. The directory /etc/sysconfig/network-scripts contains files related to network configuration. It is not preferable to edit these files directly any longer but rather to use commands such as nmcli and nmtui through the Network Manager. The other paths do not exist by default.
  148. A. The e2label command changes the filesystem label. The other commands do not exist.
  149. B. OVF is formatted in XML. There is a file extension frequently seen as YML that typically contains YAML-formatted data, but that is not related to this question. HTML is a valid document standard but not for OVF files. There is no OVFMeta document standard.
  150. A. Network Address Translation (NAT) effectively hides the virtual machine behind the host IP address. Bridging enables the virtual machine to get its own IP and thus have external clients access it as well.
  151. B. The file /etc/modprobe.conf, which is a legacy file and may be removed in a later version of Linux, contains information on the configuration of modules on the system. The other files do not exist.
  152. C. The mode active-backup is used for creating an active-passive configuration where if one adapter goes down, the other takes over. The other options are not valid.
  153. D. The kernel-install command uses the files found in the /usr/lib/kernel directory to install a kernel and related files into /boot. The other commands listed here are not valid.
  154. C. A relative path begins with something other than a / whereas an absolute path always begins with a /, indicating the root of the filesystem. The other options, virtual and symbolic, are not valid names used to describe paths.
  155. C. A raw device is one that has not been partitioned. Raw devices are sometimes used for virtualization and also database scenarios, where the higher-layer software manages the disk. The other options shown are not relevant to this answer. Highly available would only typically refer to a redundant disk or network scenario.
  156. A. The value of 1 enables debug logging. The value 2 is info, 3 is warn, and 4 is error.
  157. B. Anaconda is the name for the installer for Red Hat and CentOS systems. Kickstart can be used to script and automate the installation process.
  158. A. The time command includes timing information such as sys time, user time, and real time. The other commands are not valid.
  159. D. Blob, or Binary Large Object, is a storage format frequently associated with cloud environments. Blob storage enables a single object to be stored as an individual object. The other formats are valid, but none of the other options is the most appropriate mechanism for this scenario.
  160. A. The virtual filesystem (VFS) provides a layer of abstraction between the real filesystem and upper-layer applications. The other answers are not relevant to this question.
  161. C. The ext3 and ext4 filesystems can be resized using resize2fs. Both NFS and CIFS are network filesystems and therefore are not relevant to this question.
  162. D. The connect subcommand connects to the hypervisor. The other options are not valid subcommands for virsh.
  163. C. The --list option shows the available character sets on the system. Character sets such as ASCII, UTF-8, and UNICODE are displayed if they are supported on the system. The other options given for this question do not exist.
  164. A. The /dev/ filesystem is used to store information about connected devices. The /etc/ filesystem is used for configuration files, and there are no proscribed directories for development or kernel device lists.
  165. B. The /proc/mounts file shows the currently mounted filesystems. The file /etc/fstab is used for mounting filesystems but is not kept up to date with filesystem mounts as they change. The other files listed do not exist.
  166. B. CIFS is the Common Internet File System and is now considered a legacy filesystem, having been superseded by SMB3. CIFS is an implementation of SMB typically used by older versions of Microsoft Windows.
  167. B. The YAML format is used for configuration files that will be used with cloud-init. XML and the other formats listed are not used for cloud-init.
  168. C. The -g option clears the cache to remove devices that do not exist. The -p option bypasses the cache. There are no -a or -m options for blkid.
  169. D. The /dev/disk/by-uuid file shows the UUID of the disks on a system. The other locations do not exist.
  170. C. The /etc/sysconfig/network file is created by default but is no longer populated on systems like RHEL7. It can be used in place of Network Manager for environments that rely on this location. The other options given for this question do not exist.
  171. B. The switch should support LACP for aggregation to work correctly. The 802.11 protocol is for wireless, and there is no LinkAG or 802.3ag protocol specification.
  172. A. The virt-install command is used to create a virtual machine. The other answers given do not exist.
  173. C. The -R option skips the root filesystem when the -A option is used. The -M option does not check mounted filesystems. There is no -S option.
  174. A. A Type 1 hypervisor is also known as a bare-metal hypervisor and can be installed without a host operating system. A hosted hypervisor is sometimes called a Type 2. The other options listed are neither Type 1 or Type 2.
  175. D. The /proc/partitions file contains a list of partitions on the system along with their major and minor numbers and the number of blocks. The /dev/disk/ option is a directory and not a file and so is not correct for this question. The other options shown do not exist.
  176. C. The file /sys/block/sda/stat contains information about the sda device. The /sys/block hierarchy contains information about block devices on the system.
  177. A. The OVA file is an appliance file, meaning it contains information and an image that can be executed as an appliance, needing little or no configuration by the end user. The other options given for this question are not used or do not describe the OVA file.
  178. B. Files in /etc/netplan, which are used for network configuration on newer Ubuntu systems, should be formatted with YAML and named with a .yaml extension.
  179. D. The -s option summarizes the output by directory, while the -h option presents the output in a more human-friendly manner.
  180. B. The WWID, or Worldwide Identifier, is globally unique. UUID and GUID are not valid acronyms for multipath devices. UUID is typically found for plain block devices, and GUID is a term sometimes used in applications. There is no DISKID name relevant as a potential answer for this question.
  181. D. SFTP cannot be used with kickstart. The other options, as well as FTP and local drive (not listed), are valid for use with kickstart.
  182. C. The balance-rr mode is used to provide round-robin load balancing. The other options given are not valid modes.
  183. B. The -D option tells dmesg to stop displaying messages to the console. The -F option is valid but is used to read from a file, so it is not relevant for this question. There are no -o or -Q options.
  184. A. The -f option forces unload of the module. The other options are not valid for rmmod.
  185. A. The -A option examines modules.dep for newer modules rather than regenerating the file automatically if there are no changes. The -C option changes the configuration file location. The other options are not valid for depmod.
  186. B. The lsblk command shows device information in a treelike structure and shows the other information specified along with major and minor information and whether the partition is read-only. Of the other options given, fsck is the only command, and it is not used for the purpose described.
  187. C. The -m option displays output in a machine-readable format. The -v option prints the version of parted. There is no -p or -S option.
  188. B. The brctl command is used to create ethernet bridges and is also used to manage bridges once created. The other options shown are not valid.
  189. A. The file /etc/dhcpd.conf is used for configuration of DHCP. It is worth noting that the location of this file varies between distributions and can sometimes be found at /etc/dhcp/dhcpd.conf as well. The other options given for this question are not valid file locations.
  190. C. The ethtool command will be used for this purpose, and the -i option displays the driver in use. The other commands are not valid for this purpose.
  191. B. The server command changes the destination for queries sent from nslookup during that session. The other options shown are not valid.

Chapter 2: System Operations and Maintenance

  1. B. Current interrupt (IRQ) assignments are contained in the file /proc/interrupts. Therefore, viewing the contents of the file with a command such as cat will work. There is no view command, thus making answer A incorrect. Likewise, there is no /dev/irq file, thereby making answers C and D incorrect.
  2. D. Configuration files for udev are found in /etc/udev and the related /etc/udev/rules.d, which makes answer D correct. The other options do not exist.
  3. B. The lsusb command is used to obtain a basic list of USB devices on a system. The other commands are not valid. In the case of answer D, the ls command is valid, but there is no --usb option.
  4. C. Runlevel 1, sometimes displayed as runlevel s or S, is single-user mode, in which many services are not started. Runlevels 5 and 6 are used for other purposes, and runlevel SU is not a valid option.
  5. D. Scripts are stored in /etc/init.d on a system using SysVinit. You may sometimes find these linked from /etc/rc.d/init.d as well. The other options are not valid for this question.
  6. A. The init command can be used to access different runlevels. Runlevel 6 is used for rebooting the system. Answer B will shut down the system entirely, not reboot it. Answer C will place the system into single-user mode. Answer D is not a valid option.
  7. B. The --list option will show all services on a system along with their status for each runlevel. The on and off options enable and disable a service, respectively.
  8. C. USB devices are generally considered to be hotplug devices. Hotplug devices can be inserted and removed while the system is “hot” or powered on, whereas coldplug devices are those that must be inserted and removed when the system is powered off.
  9. C. The ExecStart option indicates the command to be executed on startup of a systemd service.
  10. D. The systemctl get-default command will show the default target. The other commands and options are not valid.
  11. A. The enable option configures the service to start on boot. The start option, answer D, is used to start a service immediately. The other options are not valid for this command.
  12. C. The /proc filesystem contains information about currently running processes and additional information about the kernel and current boot of the system.
  13. D. The ldconfig command updates the current shared library cache and list. ldconfig reads /etc/ld.so.conf and incorporates any changes found within it. The other commands listed as options for this question do not exist.
  14. B. The upgrade option for apt-get will upgrade the system to the latest version of software for packages already installed. The apt-update command does not exist, nor does the -U option to dpkg. The apt-cache command is used to work with the package cache.
  15. C. The yum install command will install a given package. The update option will update a package. The other options listed do not exist.
  16. A. rpm2cpio sends its output to STDOUT by default, and therefore that output needs to be redirected to a file in most cases.
  17. D. The ldd command will list the libraries on which the command’s argument depends.
  18. C. The -t option to lsusb will print output in a treelike format so that you can see which devices are connected to which bus. The other arguments to lsusb are not valid, and the usblist command is not real.
  19. A. SCSI supports 7 to 15 devices per bus, depending on the type of SCSI.
  20. C. Out of the options given, the systemctl status command and option are the most appropriate. The telinit and sysctl commands are not used for this purpose. Likewise, the --ls option is not valid for systemctl.
  21. B. The isolate option is used to move the system into the target specified, thereby making option B the correct one. The other options do not exist.
  22. C. The telinit command can be used to refresh the system after changes have been made to /etc/inittab. Notably, answer B will reboot the system, but that was not an option given the question asked. Answers A and D are not valid commands.
  23. D. The runlevel command displays the current runlevel for a system. Answer B is not a valid option to the init command, while adding sudo in front of the init command makes no difference. Answer A is not a valid command.
  24. C. Unit configuration files are stored in /lib/systemd/system. The other directory options for this question are not relevant or do not exist by default.
  25. A. The listing shows a symbolic linked file created with the ln command located in the current directory, linked to .configs/fetchmail/.fetchmailrc. The file is owned by the root user and root group and was created on July, 8, 2014.
  26. B. The systemctl command is used to work with services and targets. The list-units command is used to list targets. The other commands are not used for this purpose or do not exist with the required option.
  27. C. The -nn option displays both numbers and device names, thus making answer C correct. The -n option (answer B) displays only numbers. The other two options do not exist.
  28. D. The /proc/bus/usb directory contains information about USB devices. The other directories are not valid for this purpose. With udev-based kernels, /proc/bus/usb may not exist by default. The path is part of the legacy usbfs.
  29. C. SATA disks are addressed as /dev/sdX, just like a SCSI disk. /dev/hdX is a traditional ATA disk. The other options do not exist.
  30. D. The partition containing /var should be the largest for a mail server because mail spools are stored within this hierarchy. The /etc/ hierarchy is usually small, as is /usr/bin. The /mail directory does not exist by default.
  31. B. The deplist option displays the dependencies for the given package. The list option displays information about a specific package, while the other two options are not valid.
  32. A. The -ivh options will install a file using rpm, displaying both verbose output and hash marks for progress. The other options presented do not exist or do not accomplish the specified task.
  33. A. The apt-cache command is used to work with the package cache, and the search option is used to search the cache for the supplied argument, in this case zsh. The apt-get command is used to work with packages themselves, while the apt-search command does not exist.
  34. D. Configuration files related to the repositories for yum are located in /etc/yum.repos.d. Of the other options, /etc/yum.conf is a file and not a directory, and the other directories do not exist.
  35. A. The -V or --verify option will check the files in a given package against versions (or checksums) in the package database. If no files have been altered, then no output is produced. Note that output may be produced for files that are changed during installation or for other reasons. Note also the use of an uppercase V for this option, as opposed to the lowercase v for verbose.
  36. B. The /etc/lib directory is not typically associated with library files and does not typically exist on a Linux system unless manually created. The other options either contain system libraries or can be used for that purpose.
  37. C. The apt-get update command will cause the package cache to be updated by retrieving the latest package list from the package sources. There is no cache-update option or update option to apt-cache. The upgrade option is used to update the system’s packages, not the cache.
  38. C. The file sources.list located in /etc/apt contains the list of repositories for Debian packages. The other file locations do not exist by default.
  39. A. The dpkg-reconfigure program will cause an already-installed package to be reconfigured or changed. The -r option for dpkg removes a package, thus making answer B incorrect. There is no reconf option for dpkg or reinstall option for apt-get.
  40. D. The search option performs a search of various fields such as the package name and description.
  41. B. The rpm -q kernel command will show the kernel version. You can also use uname -r for the same purpose.
  42. A. The exclude option can be used to exclude certain packages. The argument accepts wildcards, and therefore excluding all kernel* updates will create the desired behavior.
  43. B. The -s option to dpkg searches for the given package and provides information about its current status on the system. The apt-cache command is not used for this purpose, and the -i option for dpkg installs a package. The apt-info command does not exist.
  44. A. The -i option to dpkg will install a previously downloaded .deb Debian package. The other commands don’t exist, and the -U option for dpkg does not exist.
  45. C. A .tgz file typically indicates a zipped (compressed) tar file. The -z option is used to indicate that the file should be decompressed, and -x that the file should be unarchived. The -v option is not required but provides verbose output. Finally, the -f option indicates the file to use. If the file is not zipped, likely noted by having a .tar file extension, then the -z option can be omitted.
  46. C. The info option displays information about a given package on a system that uses the zypper tool.
  47. A. The search option looks for packages by the name given on the command line. The other options are not valid for the dnf command.
  48. A. The g option, also known as global or greedy, will apply the matched operation to the entire line rather than just the first instance of the match. The other options apply as they would for a Perl-Compatible Regular Expression.
  49. C. The -l option provides the number of lines given as input. For example, wc -l /etc/passwd would print the number of lines in the /etc/passwd file. The other options given in this question are not valid for the wc command.
  50. C. Both head and tail print 10 lines of output by default.
  51. B. The -rf options to rm will recursively remove contents of a directory, including other directories. The -f option alone will not work in this case because of the additional directories. The other options given for rmdir do not exist.
  52. D. The -type option causes find to limit its search to directories only, while the -name option limits the names of returned elements. Note the use of the wildcard due to the phrasing of the question. Also note the use of ./ to denote beginning the search in the current directory.
  53. A. The cat command will display the contents of the file /etc/passwd and then pipe that output to the awk command. The awk command then parses its input, splitting along the specified separator for /etc/passwd, which is a colon (:). The output is then printed and piped to the sort command. The sort command in option B will not work because the cut command requires an argument. Likewise, the echo command in option C will only echo /etc/passwd to STDOUT.
  54. C. The -l option for ls produces long or listed output, and -t sorts by timestamp. The -r option reverses the order, and -a is needed to include hidden (dot) files, thus making answer C correct.
  55. A. The timestamp of the file will change when touch is run on a file that already exists.
  56. D. The -i option will cause both cp and mv to be interactive; that is, prompt before overwriting. The -f option will force the command to run, while -r is recursive.
  57. C. The tee command will send output to both STDOUT and to the specified file, thus making answer C correct. Option A will redirect output to the correct file but not to STDOUT simultaneously. The other answers will not work for this question.
  58. A. The -p option will cause mkdir to create additional levels of directories without error. Running mkdir without options will not work in this case. The -r and -f options to mkdir do not exist.
  59. B. The -R option will copy directories recursively. Note that if the -i option is not enabled, the recursive copy will overwrite files in the destination. The -v option adds verbosity but does not cause any recursion, while the -Z option does not exist.
  60. B. The cut command uses Tab as its default delimiter. This can be changed with the -d option.
  61. D. The fg command will bring a command to the foreground if it has been backgrounded with either & or the bg command.
  62. A. You need to write the changes to the file, so you’ll need :w. The addition of q will also quit. Note that you could use ZZ to write and quit as well. The dd command in Vi deletes a line, while x deletes a single character.
  63. D. The -n option changes the number of lines of output for both head and tail to the number specified. The other options listed in this question are not valid for head, and the -f option follows a file with tail as the file grows.
  64. C. The -9 option invokes SIGKILL, which will force the process to end. The 15 signal is the default. The -f and -stop options do not exist.
  65. C. Within bash, the number 1 represents STDOUT and 2 represents STDERR. Redirecting both means combining them in the manner shown in option C.
  66. D. Within a regular expression, * represents 0 or more characters, and in this case the problem doesn’t care whether a person is using /bin/bash or /usr/bin/zsh. Likewise, . matches a single character. But in the case of bash and zsh, you need to look at both the first and optionally a second character: thus the ?, which makes the second . optional. Finally, $ anchors the pattern at the end of the string and is key for this regular expression.
  67. C. The o command opens a new line below the current cursor location. The a command begins an insert-mode session at the character after the cursor, not the line. The i command begins an insert-mode session at the current cursor location.
  68. A. Sending -HUP as part of the kill command will restart a process. Of the other answers, -9 will kill the process completely. The other two answers do not exist as valid means to kill a process.
  69. B. The find command beginning with the path and then the -name argument will locate all files called .bash_history. The output from the find command should be piped to xargs, which can then build further commands from standard input. Note that this question and solution assume that all users use the bash shell and are keeping history.
  70. A. Adding -type f to the find command will limit the search to only files, and the -mtime option will limit to modification time in day format.
  71. C. The mv command is used to move files, and *.txt will look for all files with a .txt extension. Note the fully qualified destination with a / preceding the name tmp.
  72. A. The file needs to first be sorted to group common zip codes together. After that, piping the output to uniq will display the unique zip codes, and the -c option provides a count.
  73. C. The ? will search backward in a file within less. The / is used for searching forward. The H key displays help, and there is no function mapped to the X key.
  74. A. The which command returns the full path to the given command and is useful for determining both whether a given command is available and the location from which the command will run.
  75. C. The file is almost certainly a hard link to the original script. While ls won’t show this information, the stat command will show that it is a link and also show the inode to which the file is linked.
  76. C. The -i option to ls shows the inode index number of files in the directory. The other options do not exist.
  77. B. The -s option to ln creates a symbolic link or symlink.
  78. C. The whereis command displays pertinent information about the command given as its argument. For example, entering whereis apache2 on a Debian system will show the binary location, configuration file location, and other relevant details.
  79. D. The quotacheck command is used to update the quota file for the given filesystem. The quota -u command will display the current quota for a given user. The other commands do not exist.
  80. B. The l within the listing indicates a symlink. There is no way to tell if a file or directory is temporary. A directory will display a d instead of an l.
  81. B. The repquota command is used for this purpose, and the -a option will display information for all filesystems. If the command is given a -g option, group quota information is shown.
  82. C. The updatedb command will update the database used by the locate command.
  83. A. The best option among these choices is to change the group to www-data and change the permissions such that the group can write into the directory. Option B should never be used because it enables world-writing to the directory. The other options will not allow the web server group to write into the directory.
  84. D. The -inum option searches for files by their inode number. This can be useful when searching for the files involved in hard links.
  85. B. User-based configuration files are located in the order .bash_profile, .bash_login, and .profile. Only the first file found is executed; the others are ignored. The file /etc/profile is a system-wide bash profile.
  86. C. The /etc/skel directory contains files to be copied to the user’s home directory. The other directories listed for this question do not exist by default.
  87. C. The --norc option causes bash to execute without reading the /etc/bash.bashrc (Debian derivatives) or /etc/bashrc (Red Hat derivatives) file or the local ~/.bashrc file. The other options listed do not exist as options for bash.
  88. A. The .bash_profile file, if it exists in your home directory, will be executed on login. Note that placing the function in /etc/profile would technically work, but then the function would be available to all users, which is not what the question asked for.
  89. B. The Screen section of xorg.conf is used to logically bind a given graphics card and monitor each of which would be defined in its own respective section in the configuration file. The other options shown for this question do not exist.
  90. A. The DISPLAY variable can be used to remotely send the windows of an X session to another computer when using protocols like SSH. There is no XTERMINAL or XDISP environment variable, and XTERM is typically a terminal window and not an environment variable.
  91. D. The Welcome option sets the message to be displayed to users within the display manager when they log in. For users that are remote, the RemoteWelcome message can be used for the same purpose.
  92. C. The Shift key can be used to enable and disable sticky keys within Gnome and other graphical interfaces for accessibility purposes.
  93. A. The Orca project provides assistive screen-reading capabilities within Gnome. Of the other options given, the screen command is valid but is not used for this purpose.
  94. D. The kmag program magnifies items on a desktop and is used as an assistive technology. In general, kmag can be used with other window managers as well.
  95. B. The X11Forwarding option must be enabled in order for X connections or windows generated from the X server to be sent over an SSH connection.
  96. C. The /etc/passwd file contains various information about users on a system such as username and real name, along with user id (UID) and login shell. The file is world-readable.
  97. B. The format for cron is [minute hour day-of-month month-of-year day-of-week], thereby making option B the correct option for this question.
  98. B. The /etc/cron.allow file is a list of users who have permission to create and remove their own cron jobs. The /etc/crontab file is used to store cron jobs. The other files do not exist.
  99. B. The at command is used to run a series of commands that you enter. Unlike cron, you can schedule commands from the command line to be executed in the same order entered rather than having to create a specific script for the commands. The syntax shown in option B sets the time to be one hour from now.
  100. B. The userdel command is used for this purpose, and the -r option (lowercase) deletes both the home directory and mail spool files. The -R (uppercase) option informs the userdel command to use a chroot directory.
  101. A. The groupmod command is used for this purpose, and the -n option is used to change the group name. The other commands listed do not exist.
  102. A. The /var/spool/cron/crontabs directory contains a file for each user that currently has one or more cron jobs or entries. Note that the other files listed here are not valid for this purpose.
  103. C. The atrm command removes jobs given their ID. The ID can be obtained with the atq command. The atq and at -l commands shown will list jobs but not delete them. The rmat command is not valid.
  104. C. The /etc/crontab file is a plain-text file that is treated as a system-wide cron file. As such, the file is generally not associated with any single user, and it’s not necessary to run a special command after editing this file.
  105. A. The /etc/cron.daily directory contains files such as scripts that are executed daily. There are corresponding cron.hourly, cron.weekly, and cron.monthly directories that run on their respective schedules as indicated by the name of the directory.
  106. B. The -m option causes the user’s home directory to be created. By default, if this option isn’t specified and CREATE_HOME has not been set, the home directory won’t be created. The -h option displays help text, and the other options shown are not valid.
  107. A. The usermod -L command locks an account by placing an ! in the encrypted password. If the user has another means to log in, such as with an SSH key, using usermod -L will not prevent their login.
  108. A. The format when adding a username places the username between the schedule and the command to run, thereby making option A correct. The other options shown for this question are invalid. In the case of option B, there is no schedule. In the case of options C and D, the schedule is incorrectly formatted.
  109. C. The passwd command will be used for this purpose. The -a option displays all users but requires the use of -S to indicate status. The -S option alone will not produce a report for all users, and the --all option is an alias for -a.
  110. B. The /etc/shadow file contains usernames, UIDs, and encrypted passwords and is not readable by any non-root user on the system due to the sensitive nature of the encrypted passwords. The /etc/passwd file contains usernames and UIDs but not encrypted passwords. The other two files listed for this question do not exist.
  111. D. There is no direct relationship between the UIDs and GIDs on a system. UIDs represent users, while GIDs represent group IDs. On some systems, the UID and GID numbers will match for regular users, but this is not a requirement and is more of a coincidence.
  112. A. The usermod command is used for this purpose. The -d option changes the home directory, while -m moves the contents. The other commands shown for this question are not valid.
  113. D. The -G option is a list of supplemental groups to which the user will be added. A lowercase -g option provides the primary GID. The -l option causes the user to not be added to the lastlog and faillog databases. There is no -x option.
  114. D. The chage command is used for this purpose. The -d option sets the days since the last password change and is measured in days since January 1, 1970. The -W option is the days of warning for changing a password, and the -l option displays a list of the various settings related to the account.
  115. A. The crontab command can be used for this purpose, and the -l option is used to list the crontab entries. The -u option is needed to specify a user other than the current user.
  116. A. The -r option creates a system user, which will typically entail no expiration, no home directory, and a UID below 1000. The -s option defines the shell and is not typically used for this purpose. The -a and -S options do not exist.
  117. B. The /etc/gshadow file contains secure information such as an encrypted password for groups, where applicable. The /etc/group file contains general information on groups. The other two files listed as options do not exist.
  118. B. The groupdel command cannot delete groups unless there are no users who have the given group as their primary GID. Therefore, option B best fits the scenario. There is no -f or -r option, making options A and D incorrect.
  119. A. The id command shows the username, UID, primary group and GID, along with supplemental groups. The passwd and chage commands are not used for this purpose. There is no getid command.
  120. D. The -c option changes the comment field in /etc/passwd. The comment field is typically associated with the real name of the account. The -R option indicates a chroot directory, while -d indicates a change of home directory. There is no -n option.
  121. D. The find command will be used for this purpose. The correct syntax is shown in option D. The group command will merely look in the specified files for the number 1501; and the -u option to grep includes byte offsets, which is not applicable for this question.
  122. A. Setting your address to 127.0.0.1 will use the localhost interface. Other local NTP clients would contact this server by its normal IP address.
  123. B. The newaliases command re-creates the aliases database on servers running Postfix, Sendmail, and qmail. There is no need to restart the mail server after running newaliases. The alias command shown in option C will create an alias for the command shell but is not related to Postfix.
  124. D. Configuration files for CUPS are found in /etc/cups. However, it is also common to manage CUPS through its web interface. The other directories listed are not valid.
  125. B. Qmail directories are contained within /var/qmail by default. The queue directory is /var/qmail/queue. The other directories are not valid on a default configuration of Qmail.
  126. D. The info severity level provides information messages for a given facility. Of the options given, emerg is used for emergency messages and not normally used by applications, while debug is the highest or most verbose level of logging available through syslog.
  127. C. The ntpq command provides an interactive, menu-like interface into the NTP server. You can use ntpq to check statistics on peers, for example. The ntpdate command shown as option B is used as a command-line means to set the time. The ntpd command shown as option A would execute the NTP daemon itself.
  128. A. The lpr command places a file (or standard input) into the print queue for lpd to work with. The lpq command prints the current queue. There is no lpx command.
  129. D. TCP port 631 is used as the administrative interface into CUPS. Visiting an active CUPS server on that port will show the administration website for working with print queues and other configuration items related to CUPS.
  130. A. The URL shown will display the jobs area of the local CUPS server with a query string name of which_jobs and a value of completed. The other URLs shown are not valid.
  131. A. The postqueue -f command is used to flush the queue. The command will process all emails that are awaiting delivery. The other commands are not valid for this purpose.
  132. C. The application could theoretically use any of the logging facilities, depending on the type of application being developed. However, the requirement to log to a custom log file means the logs will have a different name and possibly a different location than the standard logs. Therefore, logging to any of the standard or system-level facilities is not appropriate for this scenario, so one of the local (local0 through local7) facilities is appropriate.
  133. B. The usermod command with the -aG option is used to append a group onto the user’s list of groups. In this case, the user needs to be a member of the lpadmin group.
  134. B. The mailstats command is used for the purpose described. Of the other options, the mailq command will display the current mail queue but not statistics on mail that has been processed. The other two options are not valid commands.
  135. A. The systemctl command is used for controlling services. In this case, restart should be sent to the CUPS service as denoted by the name cups.service.
  136. D. SNMP traffic takes place on ports 161 and 162. Although the traffic is usually on UDP, the TCP ports are also reserved for SNMP. Ports 110 and 143 are used for POP3 and IMAP, respectively, while 23 and 25 are telnet and SMTP. Finally, ports 80 and 443 are HTTP and HTTPS.
  137. D. Loading of alternate files is accomplished using the -f option. Doing so facilitates exactly the scenario described: being able to examine logins from old log files. The -a option controls the location of the display for the host, while -t controls the display to show the logins as of the specified date and time. There is no -e option.
  138. D. The w command shows currently logged-in users along with information such as uptime and load average. The fuser command is used to show open files, and the -u option to ls controls the display for file listings. There is no listuser command.
  139. A. The correct format is YYYY-MM-DD for the usermod command.
  140. A. The systemctl command will be used for this purpose, and the subcommand is disable. There is a stop subcommand, but it will only stop the given service rather than prevent it from starting on boot. The other options are invalid for various reasons, including that they use systemd as the command name rather than systemctl.
  141. C. The date of the last password change, as measured in days since January 1, 1970, is contained in the third field of a shadow entry. The expiration date would be the eighth field, as separated by colons.
  142. D. Nagios provides advanced monitoring capabilities appropriate for the scenario described. Nagios works using various plugins that monitor numerous aspects of devices and systems. Ntop and mrtg both provide graphical statistics but do not have the alerting capabilities specified.
  143. B. The make oldconfig command will integrate the existing configuration file into the new configuration for the kernel. Care still needs to be taken for items that have moved or changed within the new kernel, to ensure that the configuration is correct.
  144. D. The udevadm command is used to work with the udev interface into the kernel, and the monitor subcommand displays kernel uevents and other udev events in real-time.
  145. C. The systemctl command will be used for this purpose, with the daemon-reload subcommand. The reboot option would work to reload the systemd configuration but is not correct because it requires the entire server to reboot, which is not what was asked for in this question.
  146. B. The /etc/inittab file contains the various runlevels and what to run at the given runlevel. For example, runlevel 1 is single user, runlevel 6 is reboot, and so on. The other files listed do not exist.
  147. D. The /etc/rc.d hierarchy contains symbolic links to files found within /etc/init.d. These symlinks are then used for executing the scripts at the appropriate runlevel. For example, on boot, the system will execute the scripts found in the runlevel directory for each runlevel executed at boot time.
  148. B. The file /etc/auto.master contains the configuration for autofs. The other files listed as options are not valid for this scenario.
  149. B. NVMe-capable drives are named as /dev/nvme*. No special drivers are needed other than those found in the native kernel on a modern system. The other answers do not exist as paths by default.
  150. B. The directory /sys/class/fc_host contains other directories based on the Fibre Channel connections available. Within those host directories will be found the WWN (World Wide Name) in a file called port_name. The other directory hierarchies are not valid.
  151. C. The /dev/mapper directory contains information about multipath devices such as logical volumes. The other directories are not valid.
  152. A. The iw command will be used for this purpose. When using iw with a specific device, the dev keyword appears next, followed by the device name, followed by the command to execute on that device. In this case, the link command is used.
  153. A. The grep command should be used, and the -i option should be used in order to make the grep case insensitive. When used with -v, grep will exclude the argument, thus doing the opposite of what’s needed here. The kernel ring buffer probably will not contain information about DHCP, therefore making dmesg not the correct option.
  154. B. The -c option clears the kernel ring buffer after first read. The -C option clears it immediately. The -e option displays relative time and local time. There is no -a option.
  155. C. The -a option provides archive mode, which is a substitute for several other options. The -r option is recursive, the -o option indicates that ownership should be preserved, and the -f option enables a filter.
  156. A. According to the man(1) page for the make command, the name Makefile, with an uppercase M, is the recommended name for the file. The name makefile is valid as a default but is not the recommended option. The other files are not valid as default names.
  157. B. The gunzip command is used to uncompress files that have been compressed using gzip compression.
  158. D. The install target installs the final compiled files in their appropriate location and makes them executable, if applicable. Of the other options, distclean is sometimes included as a target to return source files to their pristine state. The other targets listed are not valid.
  159. D. The baseurl option is used to set the URL and must be fully qualified, meaning it must include the protocol such as http:// or file://.
  160. A. The /boot directory almost certainly exists but has not been partitioned into its own space. The /boot partition would not be hidden from lsblk if it was indeed a separate partition.
  161. A. The grep command will be used for this purpose. Note the difference between grep -r and grep -ri. The question did not ask for case insensitivity, and therefore the use of -i in option B makes it incorrect.
  162. C. The -f option will force the unmount to occur. The --fake option is essentially a dry run in that it won’t actually unmount a filesystem. The other two options do not exist.
  163. C. The <<< character combination reads input from STDIN or Standard Input and uses it as the body of the message for the mail command.
  164. B. The who command displays who is currently logged in and the date and time they logged in. The whois command displays information about domains. The other commands are not valid.
  165. A. The file named.conf, located in /etc/ or /etc/bind/, is the default configuration file for the BIND server. The file typically loads or includes other configuration files for specific configurations.
  166. A. The openssl command will be used for this purpose, with the genrsa option. An output file is specified with -out. The other commands containing openssl all contain an invalid option. The final command is openssh and is not used for this scenario.
  167. B. The acl configuration directive creates an access control list. Access control lists are powerful features of a Squid proxy setup and can include networks, MAC addresses, ports, browsers, and much more.
  168. B. The http_access directive is combined with ACL directives to define access to use the Squid proxy. The other directives are not valid for use in Squid.
  169. B. The nmbd daemon is responsible for NetBIOS name service request handling. The smbd daemon is responsible for file and print sharing, and winbindd provides user and group information. There is no daemon called samba.
  170. A. The PermitRootLogin directive, set to yes or no, determines whether the root user can log in directly. The other options shown are not valid.
  171. B. The push directive is used to send a route to clients on connection. In this case, the network and netmask are sent, with 255.255.255.0 being appropriate for a /24. The other options are not valid.
  172. A. The WAYLAND_DISPLAY environment variable is set if you are using Wayland. You can see it by running echo $WAYLAND_DISPLAY. If there is output, then you are using Wayland.
  173. C. The lsdev command can be used to view information such as interrupts and DMA addresses. In the case of option B, there is no -interrupts option to the ls command. The other commands shown are not valid.
  174. A. The control subcommand is used for this purpose. When given the uppercase -R option, it will cause udev to reload the rules.
  175. C. Containers, expressed through several types of underlying technologies, describes the virtualization used in Linux. For example, Docker operates with the concept of containers, and Red Hat also deploys a technology simply called Linux Containers.
  176. C. The service command will be used for this purpose and requires the name of the service, which was given as part of the question, and the operation to perform. In this case, a restart of the service was required by the scenario.
  177. B. The DisplayBase configuration option is used to configure the local port on which NX will listen. This option is added to 11000. For example, the default value is 1001, making the port 11000 + 1001 = 12001.
  178. D. Software Rendering disables 3D acceleration and can be used if there are problems with the video driver.
  179. C. GPIO (General Purpose Input/Output) is the interface used on a Raspberry Pi for working with external electronics such as LEDs. While it might be possible to use a USB interface for this purpose, it would not normally be used in this scenario. An HBA is a Host Bus Adapter and is used for disk communication. There is no SNP interface.
  180. D. The systemd-analyze blame command can be used to troubleshoot boot times. The output from the command shows the time that it took various service units to start. Of the other options, only the time command is valid, but it is not used for this purpose.
  181. A. A 400 response means something was wrong with the request, such as an invalid format or the request was too large. An unauthorized request will also typically receive a response in the 400-level, but not a 400.
  182. B. The name of the file manager or file explorer tool in MATE is caja. The other answers do not exist as file managers.
  183. B. The -R option creates a port forward and enables remote clients to connect. The -L option also creates a port forward but does not allow remote clients to connect. The -P and -E options are not valid for this scenario.
  184. B. The -o option logs output to the file specified. The -k option converts links, and the -r option indicates recursive. There is no -b option.
  185. D. The service status command is equivalent to systemctl status on systemd-enabled computers. The other commands do not exist with the specified option.
  186. C. The diff command is used to compare two (or more) files. Of the other options shown, only tar is a valid command, and it is not used for this purpose.
  187. B. The <VirtualHost> directive begins a stanza that facilitates serving websites using virtual servers. The other directives are not valid for Apache.
  188. A. The req option begins the CSR generation process, typically also requiring -new as an additional option. The other subcommands are not valid.
  189. B. The -1 or -HUP signal reloads the given process. The -15 signal is the default terminate signal, while -2 is an interrupt signal. The -9 signal is kill and is considered bad practice except in emergencies when the process doesn’t respond to normal signals.
  190. C. The Ctrl+C key combination terminates or kills a process in a scenario such as the one described here.
  191. D. The >> character combination is used to append output to a file. Because it is being appended, the output will not overwrite an existing file. The other character combinations shown are not valid for this purpose.
  192. B. The stop command, when used with the service command, causes a given service to shut down. The service can be started again with the service start command. The other options shown are not valid commands to use with the service command.
  193. C. Port 5900 is the default port number for VNC. The port is added to the display such that the first display is accessed at port 5901, the second at 5902, and so on. The other ports are not used with VNC.
  194. C. The automatic bug-reporting tool, abrt, uses /var/tmp/abrt on CentOS 7. In CentOS 6, /var/spool/abrt was used.
  195. B. The trigger command is used to replay or trigger events. The other options shown are not valid for use with udevadm.
  196. D. The set-chassis command configures the type of machine on which the hostnamectl command is running. This can be useful for certain types of applications. The other commands shown are not valid.
  197. C. The file /etc/rc.local can be used for this purpose. Commands within /etc/rc.local will be executed after the computer has gone into multiuser mode. The other options shown are not valid files for this purpose.
  198. C. The rndc command is used to control a BIND server, including over a remote connection. The other commands shown are not valid.
  199. B. Global FileSystem (GFS), specifically GFS2, will likely be used as the clustered or shared filesystem in this scenario. The ext2 filesystem would not be used for this purpose. It may be possible to use CIFS for this purpose, but GFS2 is the Red Hat clustered filesystem of choice. The FAT filesystem would not be used for this purpose.
  200. B. The <video> stanza is used to add a video device when configuring Spice. The other options shown are not valid for use with Spice.
  201. B. The << operator is used for this purpose and will read from STDIN until the specified character or characters are encountered. This is sometimes called a Here Document or HEREDOC. Among the other options for this, only > is valid and causes STDOUT to be redirected.
  202. A. The --level option enables the setting of specific runlevels. The other options given are not valid for use with chkconfig.
  203. B. The -o option sets the local filename. The -O option preserves the remote filename. The -f option causes curl to fail silently, and the -l option is used with FTP to cause a name-only listing.
  204. A. The groupadd command is used to add a group to the system. The other options shown are not valid.
  205. C. The whoami command shows the username of your current effective user ID. Of the other commands shown, only the w command is valid, and it shows who is logged in but not a user-ID-to-username association.
  206. D. The /etc/profile.d directory can be used to store files and scripts that are then executed on login. Of the other answers, /etc/profile does exist, but it is a file and not a directory. The other answers are not valid directories.
  207. A. The Unity desktop is most closely associated with Ubuntu. The other distributions use different desktop managers.
  208. B. The /etc/rcS.d directory contains a script to configure udev at boot on Debian. The other directories are not used for the scenario described.
  209. B. The correct command and order is systemctl stop <service>. This is different from the service command, which would be service <service> stop. The other commands are not valid for the scenario described.
  210. C. The Monitor section is where configuration for a specific monitor goes within an X11 configuration. The other options shown are not valid for this scenario.
  211. B. The /dev/null location will accept input and not consume additional disk space when output is redirected to it. The /dev/random device exists but is not valid for this scenario. Likewise, redirecting to a network interface or regular file does not meet the criteria for this scenario.
  212. B. The -d option sets the delimiter for use with paste. The other options shown are not valid for the paste command.
  213. D. The reload target or command, used as part of a service command, causes the daemon to reload or re-read its configuration files.
  214. B. The Environment key is used to configure environment parameters or variables for use with a systemd unit file.
  215. B. The < operator redirects input from a file into a command in order for that command to read from a file. The > operator redirects STDOUT, and the other operators are not valid for this scenario.
  216. B. The NAME parameter sets the name for the device. The other options shown are not valid udev parameters.
  217. D. The /etc/X11 directory is typically used for configuration of the X Window system including the main configuration file for Xorg, xorg.conf. The other paths are not valid.
  218. C. The alsamixer command shows an ncurses-based interface that looks like a mixer in order to set volumes for various audio devices. None of the other options are valid for this purpose.
  219. B. The xrdp package is an open source implementation of the Remote Desktop Protocol (RDP). The other options shown for this question are not valid packages for the scenario.
  220. D. Port 3306 is the default port for MySQL. Of the other options, 25 is SMTP, and 389 is typically used with LDAP.
  221. A. The dmesg command will view kernel messages such as those for video card detection. When piped to grep with -i (case insensitive), you can easily search for a detected VGA card.
  222. C. The Ctrl+Z key combination will suspend a process. The other options are not valid for this purpose. The Ctrl+C key combination kills the process.
  223. C. The SSLCertificateKeyFile directive points to the location of the private key for an SSL configuration. The other options shown are not valid directives.
  224. B. The iwconfig command, which is similar to the ifconfig command, works with an individual wireless interface to set and display parameters. Of the other commands, the ifconfig command is valid but not used for wireless. The other commands are not valid.
  225. D. The tr command can be used for the purpose described. The tr command is quite powerful for text conversion. The other commands shown do not exist.
  226. B. The Nano editor is appropriate for this scenario. While Vi is indeed a text editor, beginners typically struggle with it. The nc command is not used for text editing, and there is no ShellRedirect text editor.
  227. C. The mask command links the unit file to /dev/null, thereby ensuring that the service cannot run. The disable command deletes the symlink between /etc/systemd and /lib/systemd, but the service could still run. The other options shown are not valid.
  228. A. The more command provides simple paging capabilities. Unlike the less command, which needs to be installed on many systems, more is usually available even on base installs. The grep command is not a pager, and the other commands are not valid.
  229. A. The &> operator is used to redirect STDOUT and STDERR. The > operator redirects STDOUT, and the other options shown are not valid for this scenario.
  230. C. The /dev/tty device is a special file on a Linux system and is the terminal for the current process. The other locations are not valid.
  231. A. The printf command can be used to add special formatting to strings for printing. The echo command can be used somewhat for this purpose but is not as powerful at special-formatting capabilities as the printf command is. The other commands are not valid for this purpose.
  232. C. The unlink command can be used to remove files and is sometimes faster than rm for simple uses. The other options are not valid.
  233. A. The scp command copies or transfers a file over SSH. The ncftp command cannot be used for this purpose. The other commands are not valid.
  234. A. A “405, Method not allowed” response will be sent when TraceEnable is off. A 100 code is continue, while 302 is redirect and 200 is OK.
  235. C. The nohup command causes the SIGHUP signal to be ignored, thereby enacting the scenario required for this question. The other commands are not valid.
  236. D. The lsusb command shows USB devices. When combined with grep -i (case insensitive), you can search for Bluetooth devices. The other options shown are not valid.

Chapter 3: Security

  1. C. The dd command is used to create disk images, among other things. In this case, the input file is /dev/sda1 and the output file is output.img. It’s also common to add the blocksize option by using the bs argument, such as bs=1M.
  2. C. The tail command provides the end portion of the file given as an argument. Adding the -f option will cause the output to update as new lines are added to the file being tailed.
  3. A. The xz command can compress and decompress files in a variety of formats, one of which is LZMA.
  4. A. The chgrp command can be used to change group ownership of a file. The order is chgrp <groupname> <target>.
  5. C. The -S option displays output in a format such as u=rwx,g=rx,o=rx. The other options listed do not exist.
  6. D. The /srv hierarchy is used for data for server programs. The /etc hierarchy is configuration information, while /var is also data files but variable files such as mail spool files. The /tmp directory is for temporary files. Keeping data on a separate partition can be helpful to maximize system availability in the event of a problem with an operating system partition.
  7. C. The chmod command is used for this purpose, and the u+s option sets the sticky bit for the user on the specified target.
  8. C. The 022 umask will translate into 644 permissions on a new non-executable file.
  9. C. The -R option will perform the change ownership in a recursive manner.
  10. C. The -R option sets the recursive option, which means chgrp will traverse the given directory and perform the group ownership change operation throughout the specified hierarchy.
  11. A. The suid bit enables the program to run as the user who owns the file, regardless of who executes the program. Using SUID typically is not recommended for security reasons. The other permissions allow read (r) and write (w) for the owner of the file. The group and “other” permissions include read (r) and execute (x) but not write.
  12. D. You minimally need to be able to read the file being sourced, therefore chmod 400 will correctly set the permissions. Any chmod that gives additional permissions is not necessary. When permissions are granted using octal notation, the number 4 is read, 2 is write, and 1 is execute. There are three permissions: user (owner), group, and other or world. Therefore, chmod 400 grants “read” privileges to the owner and no permissions to group and other/world.
  13. B. The chage command will be used for this purpose, specifically with the -E option. When provided with a date, chage will expire the account on that date. When provided with -1, the expiration will be removed, thus removing the user lockout.
  14. B. The getent command is used to display entries based on the /etc/nsswitch.conf file. One use case for getent is when integrating with Microsoft Active Directory or another LDAP service, to check whether the connection can be made to the LDAP server. The usermod command is valid but is not used for this purpose, and the other commands shown for this question are not valid.
  15. B. The /etc/cron.deny file contains a list of users that cannot create cron scheduled tasks. The file /etc/cron.allow is used to provide a list of users who are allowed to create cron jobs. The other two files do not exist by default.
  16. C. The kern facility receives messages from the kernel for logging purposes. Of the other options, syslog is used for logging messages about syslog itself. The other two options shown are not valid syslog facilities. Kernel messages are sometimes placed in a separate log called /var/log/kern.log.
  17. C. The journalctl command is used to work with the systemd journal. On systemd-based systems, journalctl is a central command for debugging and troubleshooting.
  18. A. The service used for logging on a computer managed by systemd is called systemd-journald. You use journalctl to view logged entries rather than the standard Linux toolset.
  19. A. The mail option will send the log to the specified email address on completion of the logrotate process. The other options shown do not exist as options in /etc/logrotate.conf.
  20. B. The $UDPServerRun option is used for the purpose described. The port on which the server should listen is then provided as the value for this option. The other options shown are not valid configuration items for rsyslogd.
  21. A. The SystemMaxFileSize option controls the size of the journal log file to ensure that a log does not cause problems related to disk usage. The SystemMaxUse option controls overall size of journal files, and the default for SystemMaxFileSize is one-eighth of the SystemMaxUse setting to allow for rotation of files.
  22. B. SMTP operates on TCP port 25, and if other servers are contacting your SMTP server, you’ll need to listen on this port and allow traffic to it as well. Port 23 is used for telnet, port 110 is POP3, and port 143 is IMAP, none of which are necessary for SMTP traffic.
  23. D. The nocompress option is used to prevent the log file from being compressed or zipped as part of the rotation process. This might be needed on systems where compression negatively affects performance or where additional processing is necessary.
  24. B. Traditionally, udp/53 is used for DNS queries, but with a primary and secondary server, it is assumed that zone transfers may occur. DNS zone transfers typically take place over tcp/53.
  25. D. The /etc/services file contains standard port-to-protocol information based on the well-known and assigned ports from IANA. If you’d like to provide a custom name for the service, you can do so by editing this file. There is no /etc/ports or /etc/p2p file by default, and /etc/ppp is usually a directory for the point-to-point protocol daemon and related services.
  26. D. ICMP is a layer 3 protocol, meaning it does not use ports for communication. TCP/43 is used for whois, while port 111 is used for sunrpc. UDP/69 is used for the TFTP protocol.
  27. B. TCP is a connection-oriented protocol that uses a three-way handshake to establish a connection and provides a stateful protocol. ICMP does not use ports for communication, while UDP is connectionless or stateless. IP is the core Internet Protocol and does not use a handshake.
  28. D. The chage command is used for working with account aging information such as expiration date, password change, days between password changes, and so on. The -l command lists information for the given account. The usermod command is used to make changes to an account, and the other two commands are not valid.
  29. B. The ssh-keygen command is used to create a key pair for use with SSH instead of a password. Of the other options, the ssh command does exist, but the -k option is used to disable GSSAPI credential forwarding and not for the purpose described.
  30. A. The file authorized_keys, stored in the .ssh directory in your home directory, contains public keys that are authorized to login to the server using their corresponding private key.
  31. A. The -u option is correct for this purpose. An uppercase -U option sets the user context for listing privileges. The -s option sets the shell, and the -H option sets the home directory.
  32. B. The NOPASSWD option causes sudo to not prompt for a password for a given sudo command. This is useful for scripted scenarios where a password prompt would cause problems.
  33. C. The ulimit command shows such limits, and the -a option shows all limits for the currently logged-in user. The other commands are not valid.
  34. C. The syntax to block access to every service uses the ALL keyword followed by the address or network to which the policy will apply. This is important because you may notice attacks coming from certain IP blocks, and blocking with TCP wrappers provides a fast method for effective blocking.
  35. A. The file is named id_rsa by default, and the public key is named id_rsa.pub. For DSA keys, the names are id_dsa and id_dsa.pub.
  36. C. The -c option executes a single command but does so without an interactive session. The -s option specifies the shell to be used. There is no -u or -e option for the su command.
  37. C. The send-key option followed by the name of the key sends the key to the key server specified by the keyserver option. This is a typical scenario for sending a locally generated public key to a public server for others to use. The other options shown as potential answers do not exist.
  38. C. While any text editor can be used, it is highly recommended to use the visudo command to edit /etc/sudoers. Using visudo enables syntax checking, which will help prevent issues with an invalid configuration causing problems for those who rely on sudo.
  39. B. The file ssh_known_hosts, usually kept in either /etc/ or /etc/ssh/, is used for the purpose described. Note that on some systems, this file and other SSH-related configurations may be found in /etc/sshd/. The answers that indicated ~ or within /root are incorrect because the question specified a server-wide list. A known_hosts file found within ~/.ssh would indicate the user’s home directory.
  40. C. The option is called X11Forwarding and must be set to yes in order for the destination server to forward X-based windows to the local client computer. The other options shown are not valid. Note that on some distributions, the configuration files are found in /etc/sshd/, while on other distributions, the configuration files are found in /etc/ssh/.
  41. A. The --gen-key subcommand is used for the purpose described and will generate a self-signed private and public key pair in a PKI scenario. The other options shown do not exist.
  42. B. Lines can be commented out of /etc/inetd.conf with a pound sign or hash mark (#). After making changes to /etc/inetd.conf, the service should be restarted.
  43. B. The file pubring.gpg, found in ~/.gnupg, contains the public keyring.
  44. C. The - option is the typical option passed to su for login. There is no -u or -U option, and the -login option does not exist. There is a --login option with two dashes, but that is not what’s shown.
  45. A. Password-Based Key Derivation Function 2 (PBKDF2) is used for key derivation for the password-based cryptography used with LUKS. SSL is Secure Sockets Layer, and it is typically used for encryption of HTTP traffic. Both RSA and DSA are encryption algorithms but not related to this question.
  46. A. The cryptsetup command is used to set up and help configure dm-crypt volumes. The other commands shown for this question are not valid.
  47. C. The PARANOID wildcard specifies that the hostname and IP must match. The ALL keyword is also a valid wildcard in TCP wrappers for use in both /etc/hosts.allow and /etc/hosts.deny.
  48. A. The -c option indicates the creation of a tar file. The -d option is used for diffing between two tar files, the -b option provides the block size, and -f specifies the file for use with tar.
  49. C. The --remove-files option removes files from the filesystem after adding them to the archive. The -r option appends files to the end of an archive. The -d option provides a diff between the filesystem and an archive, and the -f option specifies the file.
  50. C. The /etc/issue file is used to provide a message to users, such as a login banner, prior to local login. The other files shown are not valid for the purpose described.
  51. A. The --delete option removes files that no longer exist on the host system when syncing with archive mode in rsync. The other options shown are not valid for rsync.
  52. B. The --exclude option excludes files matching a pattern from the archive. This option can greatly reduce the size of an archive by excluding unnecessary files from the archive. The -x option is the only other valid option that extracts files from an archive.
  53. C. The contents of the file motd, an abbreviation for Message of the Day, are displayed when a user logs in successfully. Among the other options, the contents of /etc/issue are displayed prior to local login. The other filenames are not valid for this purpose.
  54. A. The -z option will uncompress a tar file that has been compressed with gzip. The -x option extracts, while -c creates a tar file. Finally, -f specifies the tar file to work with.
  55. B. The file /etc/issue.net is used to provide a message for remote logins such as telnet. The other files listed are not valid for the purpose described. It is worth noting that insecure protocols like telnet are typically disabled, or should be, in favor of secure protocols like SSH.
  56. D. The --modify-window option modifies the behavior of how file synchronization is determined. The default behavior is to match to the nearest second. This option is useful for synchronizing between filesystem types, such as Microsoft FAT, which don’t have the precision of Linux-based filesystems.
  57. B. The -c option sends output to STDOUT. The -d option decompresses, while -f forces an operation. Finally, -s reduces the memory footprint for bzip2.
  58. B. The -q option suppresses all warnings. The -v option is verbose, while -L displays the license. The -r option is recursive.
  59. C. The -e option, also available as --rsh=ssh, uses SSH as the means for transport, thereby ensuring an encrypted tunnel over which the synchronization process will occur. The other options shown are not valid.
  60. C. The home directory should be set in /etc/passwd and should be set to the chroot directory. The other files listed are not valid.
  61. D. The only available algorithm for rndc is hmac-md5, and the key can be generated with dnssec-keygen. The other options shown are encryption or hashing algorithms but are not used for the scenario described.
  62. A. The SSLEngine option needs to be set to On for SSL to be enabled for a given site or server. The other options are not valid. Enabling SSL is important in order to provide a level of security such that the actual data within an HTTP transaction cannot be viewed.
  63. B. Squid listens on port 3128 by default. The other ports listed are valid but are not the default port for Squid. Squid proxies have sometimes been a target for attack or unauthorized use due to misconfiguration. Therefore, it’s common to change the default port to something other than 3128.
  64. B. The -k option enables Kerberos authentication for the net command. The -a option indicates that non-interactive mode should be used, and -l sets the log directory. There is no -b option.
  65. C. The directory /etc/pam.d stores configuration files for individual PAM-aware services. Each service typically has its own file, which is managed for that service according to its usage of PAM. Of the other options, none of the directories are the default directories used for PAM.
  66. A. The standard port for LDAP is 389, and that is the port on which slapd listens for connections. Port 3389 is RDP, while 3306 is MySQL. Finally, 110 is POP3.
  67. C. The pam_nologin.so module facilitates a scenario whereby non-root logins are prevented when /etc/nologin exists. This module must be specified within a configuration file for a given service. For example, within the sshd PAM configuration file, the following line creates this configuration for SSH: account required pam_nologin.so.
  68. C. The pam_unix.so module is used for standard login. The manpage for pam_unix.so indicates that it is for “traditional password authentication.” The other modules listed are not standard PAM modules, although there is a similar pam_auth or squid_pam_auth module for Squid.
  69. B. The pam_cracklib.so module enforces password strength options. The other files listed are not valid PAM modules.
  70. B. PEM format is used for public and private keys with a Postfix TLS configuration. The other methods listed are valid cryptographic algorithms or systems but not for the scenario described. As with Sendmail, system administrators should take steps to secure mail servers so that the servers are not used for sending unsolicited email. For many scenarios, a full mail server like Postfix or Sendmail is not required in order to simply relay mail from a server.
  71. B. The PREROUTING chain, part of the nat table, contains rules that are applied as packets arrive. A common use for this chain is to apply redirect rules. Among the other answers, REDIRECT may appear valid but is in fact a target and not a chain. The other options shown are not valid.
  72. C. The iptables-save command sends the current iptables rules to STDOUT. The output can be saved to a file and then applied the next time the server is restarted. The other commands shown are not valid.
  73. D. The iptables -n option causes iptables to not resolve host names or port names. The -L option lists current rules. There is no -a option.
  74. D. The /etc/fail2ban directory contains configuration files related to fail2ban. The other directories shown are not valid. Other similar software such as DenyHosts may also be used but has been largely replaced by Fail2ban in many environments.
  75. B. The PermitEmptyPasswords directive specifies whether empty passwords can be used for authentication. Enabling empty passwords would be a specialized use case and generally is not recommended. The other options shown are not valid.
  76. C. The -P option sets the policy for a given chain in iptables. In this case, the chain is INPUT and the policy necessary is DROP.
  77. B. OpenVPN listens on UDP port 1194 by default. The other combinations are not the valid OpenVPN configuration.
  78. B. The DROP target silently discards packets that match the rule. An ICMP unreachable message is sent back for REJECT. In general, DROP is preferred in order to reduce the chances of denial of service (DoS) or other information-gathering issues.
  79. B. The -m match limit, along with the configuration options shown including the LOG target, creates the scenario described. There will be three log entries per minute. This can be useful to prevent denial of service caused by filling up log files or overwhelming the server I/O while another attack is underway.
  80. A. The INPUT chain will be used. When used with the -A option, it will append a rule to the chain. The -p option specifies the protocol, ICMP in this case; and the -j option specifies the target, ACCEPT in this case. The -P option specifies a policy and will not be used for this scenario.
  81. B. The INPUT chain will be used, and a rule needs to be appended with -A. The ALL option, when specifying a protocol, means all protocols will be included in the rule. The -s option specifies the source, which in this case is a single IP. Finally, the DROP target silently discards packets. There is no BLOCK or DISCARD target, and the ACCEPT target will not block but will accept all traffic.
  82. A. A rule will be appended to the INPUT chain with -A. In this case, the protocol should be specified with -p TCP and a destination port of 2222. The source address indicated, 0/0, applies the rule to all hosts. The ACCEPT target will be used.
  83. B. Echoing a 1 to the /proc/sys/net/ipv4/ip_forward file enables forwarding of IP packets. This is necessary in order to utilize NAT and for other uses. There is a similar file for IPv6 at /proc/sys/net/ipv6/ip_forward. There is no /proc/sys/net/ipv4/nat file.
  84. A. The logpath directive determines the log file that will be monitored for failures by fail2ban. This file is used as part of a larger configuration for a given jail. The other directives are not valid for fail2ban.
  85. D. The ssh-copy-id command sends an identity to a remote server that can then be used for key-based authentication. The other commands shown are not valid.
  86. B. The mailto configuration option sets the destination for emails related to sudo. The other options listed are not valid for sudo.
  87. C. Port 123 is used for NTP communication by default. Port 161 is SNMP, while 139 is NetBIOS, and 194 is IRC.
  88. D. The archive option, invoked with -a, is equivalent to several other options with rsync, such as recursive, preservation of groups and ownership, and others. This option is frequently used when creating backups.
  89. C. Files related to SSL are typically stored in either /etc/ssl (or a subdirectory therein) or in the /etc/pki hierarchy. There is no /etc/private or /usr/share/ssl directory.
  90. A. The AllowUsers directive is used to specify users who will be allowed to log in to the server. The other options shown are not valid.
  91. A. The --log-prefix option specifies the string that will be prepended when a log entry is created by iptables. The other options shown are not valid for use with iptables.
  92. B. The SELINUXTYPE option can be set to targeted or strict. With targeted, only specific network daemons are protected.
  93. A. When Permissive is returned, SELinux is not enforcing rules but is using DAC rules. Other return outputs are Enforcing and Disabled.
  94. B. The sshd.conf file is used for server configuration. On some distributions, this file is called sshd_config. The ssh.conf file is used for client configuration at the system level.
  95. D. When a required module returns a failure, other modules continue to process, but the authentication ultimately fails. This is done so that logging will occur and other modules have had a chance to handle the authentication attempt. If a failure should be immediate without processing other modules, then the requisite option should be used instead of required.
  96. B. The root account has UID 0 on a Linux system. Typically, service accounts have UIDs below 1000, many times below 100. Normal user accounts usually begin at UID 1000.
  97. B. Although a hardware token may be available, the default option is software-based. Note also that OTP-solutions to generate a one-time passcode are similar in functionality to provide multifactor authentication.
  98. D. The /etc/inittab file contains a line similar to ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now. Commenting out this line with a pound sign (#) will disable this key combination after restarting the system.
  99. B. The directory /usr/lib/firewalld/zones/ contains predefined zones for use with firewalld. The files are copied to /etc/firewalld/zones/ when modified.
  100. D. The password configuration option is set in /boot/grub/grub.conf. The other options shown for this question are not valid for the scenario.
  101. B. The setenforce command is used for this purpose and can be given an argument of the number 1 or the word Enforcing to enable Enforcing mode. This can be verified with the sestatus command.
  102. C. The ssh-add command is used for this purpose. The other commands shown do not exist.
  103. A. The getfacl command is used to display access control list information for a file. The setfacl command is used to set this information. The other commands shown are not valid Linux commands.
  104. A. By overwriting /etc/securetty with an empty echo command, root will not be able to log in at the console directly. Of the other potential answers, option C removes /etc/securetty, the effect of which is to allow root to log in from anywhere.
  105. C. The file ~/.ssh/config is the appropriate location for this type of configuration information. Of the other answers, only ~/.ssh/known_hosts exists and contains public key information for hosts to which you have connected.
  106. A. The -R option is used to indicate recursive behavior. Of the other options, only -v is valid and provides verbose output.
  107. C. The gdisk command can be used to view GUIDs for a given partition. The other commands shown are not valid.
  108. B. The -P option makes the values persistent across reboots. The other options are not valid with setsebool.
  109. B. The directory /etc/apparmor.d/ is the location in which profiles are located.
  110. C. DTLS, or Datagram Transport Layer Security, is used for datagram traffic. The other protocols listed are not valid.
  111. B. The lastb command looks at /var/log/btmp to note bad or failed logins. The other commands shown are not valid.
  112. D. The klist command shows the current tickets when using Kerberos authentication. Of the other answers, the kinit command is used to retrieve the initial ticket-granting ticket. The remaining answers are not valid commands.
  113. A. The ps command can be used to help troubleshoot this. Of the other commands, the uptime command is valid but will only report broad-level CPU usage information.
  114. B. The -l option provides a long or detailed listing of files and directories, including ownership and permissions. The -m, -b, and -f options are not related to the scenario described.
  115. A. The -a option returns all booleans. The other options are not valid with getsebool.
  116. C. The aa-unconfined command displays processes that are offering network ports but do not have an AppArmor profile. The other commands are not valid.
  117. C. The wheel group can be used to restrict access to the su command to those accounts that are members of the group. The other groups do not exist by default.
  118. C. The chcon command is used to change the security context.
  119. A. An SSL VPN can sometimes work around firewalls that otherwise block VPN traffic. SSL-based VPNs are not typically the default in Linux.
  120. A. When RSA is chosen as the key type, SHA256withRSA is the default option. Other options include SHA1withRSA, SHA512withRSA, MD5withRSA, and MD2withRSA, with MD5 and MD2 providing message digest formats. The other answers shown are not valid hashing algorithms with RSA. Notably, SHA1withEC is available as an option when ECC is selected as they key type.
  121. C. An incremental backup captures only those changes since the last backup and can be used to preserve space. The other answers are all commonly used backup types. A full backup creates a backup of all files. An image typically refers to a lower-level bit-by-bit copy of a disk partition. Finally, a snapshot clone takes an image of a disk and places it in a safe location by cloning or copying the snapshot. It is also notable that an incremental backup is sometimes called a differential backup.
  122. C. Of the available answers, the fact that the account is shared means it is violating a shared ID best practice. Neither integrity nor availability would normally be affected by this, and the password policy refers to things like the length and expiration of passwords.
  123. B. A password set in the BIOS can be used to prevent the system from booting or handing off the boot process to a bootloader. Neither GRUB nor a root password will help with this scenario because physical access is available.
  124. B. The fprint package is available to provide biometric authentication such as fingerprint authentication. Of the other answers, there is a finger command, but it should normally be disabled because it can provide information about accounts on the system.
  125. A. The -n option to restorecon shows current contexts without changing them. Of the other options that are valid, -r changes recursively, and -p shows progress.
  126. C. The sudoedit command allows a user to choose the editor of choice for editing the file. Among the other answers, vim and nano are both valid editors, but allowing them through sudo may have additional security ramifications. The visudo program is used to edit the /etc/sudoers file itself, which was not specified in this scenario.
  127. D. The ps command shows processes. When given the -Z option, SELinux contexts are shown.
  128. B. The pam_tally2 module keeps track of failed logins and can be used to lock out an account after a certain number of failed attempts. Note that pam_faillock provides similar functionality.
  129. B. Although Tunnel mode can be used for client traffic, it is most often used for site-to-site traffic, thus making Transport the correct answer for this question. Both Tunnel and Transport modes use IPSec for encapsulation.
  130. C. Pseudo-terminals begin with /dev/pty in Linux. Standard terminals are /dev/tty, and the serial console begins with /dev/ttyS.
  131. A. The command aa-complain is used to place profiles into complain mode. Profiles are located in /etc/apparmor.d/, and thus the command shown places all profiles into complain mode.
  132. D. The /var/log/secure log file shows information about authentication and authorization. Of the other options, both /var/log/messages and /var/log/kern.log exist but do not typically contain authentication or authorization information.
  133. B. The PermitRootLogin option is used to determine whether root can log in directly using SSH. It’s typically a best practice to disable root login via SSH.
  134. D. The AAA being referred to commonly for RADIUS is Authentication, Authorization, and Accounting, where Accounting is logging of dial-in attempts and other events related to the RADIUS system.
  135. C. The --runtime-to-permanent option sets the current runtime configuration to become permanent and available on next boot.
  136. D. SFTP would be the preferred option because it provides additional security over legacy FTP. In general terms, FTP usually should be disabled because credentials and other traffic are not encrypted. Among the other options, email (SMTP) such as that provided by Sendmail and Postfix provides no encryption and should be disabled if not in use. SSL by itself does not transfer files. Because the scenario did not include details of whether the transfer was over a long distance, it is difficult to tell whether USB would be appropriate. However, the use of USB devices is frequently discouraged on servers because it can be another attack vector.
  137. B. Monitoring directly at the CVE website and the mailing list and other options ensures that you have the latest CVE information. While monitoring news sites and vendor sites may also reveal the CVEs, that information typically is not updated as quickly as the direct CVE site.
  138. A. The ufw allow command is used to add rules, and SSH operates on TCP port 22.
  139. C. The auditd daemon can be used to monitor the system for things like access or changes to files. This information is then logged for later analysis.
  140. C. TACACS+ is commonly used by networking devices as a means for centralized authentication rather than storing credentials on each device or sharing credentials. Among the other answers, none provide authentication services for remote devices as specified in the scenario.
  141. A. The software used to create firewalls found on most systems is iptables. Notably, later versions are called nftables, but iptables is still found on most systems in use today.
  142. C. The cpio utility can work with various archive formats, one of which is HPUX-created archives. The gzip or bzip2 command likely would not be able to open or extract from the file; those are typically used for compression and not archival purposes.
  143. B. The scp utility uses SSH as transport and therefore requires TCP port 22. TCP ports 20 and 21 are used for legacy FTP, while UDP/53 is used for DNS queries.
  144. A. The -a option shows files and directories that begin with a dot. The other options shown are not related to this scenario.
  145. A. Making a bit-level image of the partition with dd is a good idea in order to preserve any evidence of the break-in. Creating a backup using tar is a less preferred option. Examining the partition with fdisk would not reveal any relevant information, and reformatting the partition usually should not be done until the extent of the attack is understood.
  146. B. The -i option specifies the identity file to use for the connection. The other options shown are valid for SSH but do not fulfill the requirements of this scenario.
  147. A. The sha1sum utility can be used to create and verify checksums of files in order to ensure that the file contents have not changed. SHA1 is preferred over MD5 due to concerns over collisions and other security issues with MD5.
  148. C. The -r option tells the zip command to traverse directories when creating the archive. The other options are not valid for this purpose.
  149. A. The ps command, when given with arguments such as auwx, will show all processes and the owner of those processes. Combining with the grep command reveals the processes with the word apache in them. On other systems, this might be called httpd instead of apache, but the question specified a Debian system.
  150. A. The chown command changes ownership of a file or directory, and the www-data user was specified in the question, thus making this option the only correct option for this scenario.
  151. C. Non-interactive mode for sudo is triggered with the -n option. The other options are not valid for this scenario.
  152. D. Telnet operates on TCP port 23. Telnet should be disabled in almost all environments because it offers no security for passwords or other traffic within the telnet session. If a legacy application requires telnet, then firewalling would be the next best option, and limiting connections only from the application itself.
  153. A. The aa-disable command is used to turn off profiles used with AppArmor. The other commands shown are not valid.
  154. C. The -Z option to ls is used to view the SELinux security context. The file command is a valid command but does not have a -Z option.
  155. B. GnuPG can be used to provide digital signatures through its gpg command. The other answers shown are not valid.
  156. D. The directory /etc/apparmor.d/tunables contains parameters and configurations that are commonly changed.
  157. C. The directory /etc/ufw typically contains configuration information for UFW. On many systems, /etc/default/ufw will also contain commonly changed default configuration items.
  158. B. The ipset project and software facilitates more effective rule management by helping to create sets of IP addresses to which common rules can be applied.
  159. A. The public key should be copied to the remote host. When it is copied and the contents placed into ~/.ssh/authorized_keys, authentication will be allowed from anyone presenting the corresponding private key.
  160. C. When using octal notation, the number 4 is read, 2 is write, and 1 is execute. User, group, and other permissions appear in that order with octal notation. Therefore, 7 grants the user read-write-execute, and 5 grants read-execute for group and other.
  161. C. The file /etc/rsyslog.conf contains configuration information for system logging. The file may be called rsyslogd.conf on some systems. You’ll find things like which log items go to /var/log/messages and other logs on the system.
  162. B. The -v option shows contexts of files listed in /etc/sestatus.conf. The other options are not valid for use with sestatus.
  163. C. The -M option sets the maximum days for password validity, while -m sets the minimum days between password changes. The other options are not relevant to this scenario.
  164. B. KerberosAuthentication is the option within the SSH server configuration that controls whether users can authenticate using Kerberos.
  165. A. The -t option, along with the table name, limits output to just the specified table rather than all. The other options are not valid for use with iptables-save.
  166. C. Sometimes called privileged ports, well-known ports are considered to be those ports under 1024. These ports are usually made available by system daemons and system-level services.
  167. C. Individual configuration files for various log file rotation policies are found in /etc/logrotate.d. This directory is included from the primary configuration file /etc/logrotate.conf.
  168. C. Just as the tail -f command will continuously update the display as new content is added, so too does the -f option display new entries for journalctl. The -t option shows messages for the given syslog identifier. There is no -tail or -l option.
  169. D. The pam_limits.so module is responsible for enforcement of limits such as those mentioned in the question as well as several others like the maximum size of files, memory usage, and so on. The other modules listed are not valid.
  170. D. There are multiple ways to specify log levels and debugging for slapd, including by keyword, by integer, or, as shown in the question, by hex. All the values shown are valid for loglevel. No debugging is 0, trace is 1, stats logging is 256 or 512 depending on type, and packets sent and received is integer 16 or hex 0x10.
  171. C. The port for LDAPS or LDAP over SSL is 636. Port 389 is standard, non-SSL, LDAP. Port 443 is used for HTTPS, and 3128 is used for Squid proxies.
  172. B. The pam_listfiles.so module is used to create scenarios whereby you can create files that control authentication and authorization through the PAM system. The other files are not valid for the scenario described.
  173. B. The -t option sets the key type for ssh-keygen. The other options do not set the key type, but may be valid for other purposes.

Chapter 4: Linux Troubleshooting and Diagnostics

  1. C. SATA disks are addressed as /dev/sdX, just like a SCSI disk. /dev/hdX is a traditional ATA disk. The other options do not exist.
  2. B. The lsusb command is used to obtain a basic list of USB devices on a system. The other commands are not valid. In the case of answer D, the ls command is valid, but there is no --usb option.
  3. C. The keyword single given on the Linux kernel command line will boot the system into single user mode. The other options are not valid.
  4. B. Checking to ensure that the disk is detected in the BIOS is a good first step in troubleshooting. Answer A, unplugging the disk, won’t help it to be detected. Restarting the web server won’t help detect the disk, and the disk-detect command does not exist.
  5. A. The ls command from within the grub > prompt will show the available partitions in a format such as (hd0,1).
  6. A. With cable select, ATA drives will be detected in the order in which they are plugged in on the cable from the motherboard. It’s likely that the drives need to be swapped physically on the cable.
  7. D. Of the options presented, running dmesg is a common way to find out the location to which the kernel has assigned the drive. Rebooting the system is not a good option, although it would work. There is no such thing as /var/log/usb.log; and the location of the drive may change regardless of port, depending on how the drive may be detected in the system.
  8. A. SCSI supports 7 to 15 devices per bus, depending on the type of SCSI.
  9. D. The ldconfig command updates the current shared library cache and list. ldconfig reads /etc/ld.so.conf and incorporates any changes found within it. The other commands listed as options for this question do not exist.
  10. B. The upgrade option for apt-get will upgrade the system to the latest version of software for packages already installed. The apt-update command does not exist, nor does the -U option to dpkg. The apt-cache command is used to work with the package cache.
  11. C. The yum install command will install a given package. The update option will update a package. The other options listed do not exist.
  12. B. The export command is used to set environment variables in bash. The other commands are not valid for this purpose.
  13. C. Configuration files related to the repositories for Yum are located in /etc/yum .repos.d. Of the other options, /etc/yum.conf is a file and not a directory, and the other directories do not exist.
  14. D. The ldd command will list the libraries on which the command’s argument depends and can be helpful for solving GCC compatibility issues.
  15. B. Swap space is used when there is insufficient RAM memory on a system.
  16. B. The /etc/lib directory is not typically associated with library files and does not typically exist on a Linux system unless manually created. The other options either contain system libraries or can be used for that purpose.
  17. C. The apt-get update command will cause the package cache to be updated by retrieving the latest package list from the package sources. There is no cache-update option or update option to apt-cache. The upgrade option is used to update the system’s packages and not the cache.
  18. C. The file sources.list located in /etc/apt contains the list of repositories for Debian packages. The other file locations do not exist by default.
  19. B. The pvcreate command initializes a physical partition for future use as a logical volume with LVM.
  20. C. The lvcreate command is used to create logical volumes with LVM. The pvcreate command initializes physical volumes prior to creating logical volumes. The commands in the other two options for this question do not exist.
  21. A. Physical volumes are initialized first, followed by volume group creation, and then logical volume creation.
  22. D. The search option performs a search of various fields such as the package name and description.
  23. B. The rpm -q kernel command will show the kernel version. You can also use uname -r for the same purpose.
  24. A. The exclude option can be used to exclude certain packages. The argument accepts wildcards, and therefore excluding all kernel* updates will create the desired behavior.
  25. B. The partition type 0x83 should be created for a normal Linux partition. Type 82 is used for swap, while 84 is an OS/2 partition. There is no L type.
  26. B. The -s option to dpkg searches for the given package and provides information about its current status on the system. The apt-cache command is not used for this purpose, and the -i option for dpkg installs a package. The apt-info command does not exist.
  27. C. The lvmdiskscan command looks for physical volumes that have been initialized for use with LVM.
  28. A. The -i option to dpkg will install a previously downloaded package. The other commands don’t exist, and the -U option for dpkg does not exist.
  29. B. The env command will print the current environment variables from Bash. The printenv command will also perform the same operation. The other commands listed in this question do not exist.
  30. B. While the ps auwx command combined with grep will provide information on the running Apache instances, it will provide much more information than is required or useful for this problem. The pgrep command provides only the process IDs and therefore meets the criteria presented in the question.
  31. D. The free command displays overall memory usage for both RAM and swap and can be used to determine when additional memory might be needed.
  32. A. The uptime command shows basic information such as that described along with the number of users logged into the system and the current time. The bash command is a shell environment, and the ls command will not display the required information.
  33. D. The screen command starts a new terminal that can be disconnected and reconnected as needed. Processes running from within the screen session do not know that they are running in a screen session and therefore meet the criteria needed to satisfy this question. The fg and bg commands will not meet the criteria, and the kill command will stop a process.
  34. B. The nice command, when run without arguments, will output the priority for the currently logged in user, which is normally 0. The renice command can be used to change the priority of running processes. The other two commands shown as options for this question do not exist.
  35. C. The jobs built-in command shows the list of jobs running in the background. Its output includes a job number and the status of the job.
  36. C. The killall command is used to terminate processes using their name.
  37. A. The -i option to df produces information on inodes across all filesystems. The ls -i option will produce inode listings but only for the current directory. The -i option is invalid for du, and dm does not exist as a command.
  38. C. The -y option will attempt to repair automatically, essentially answering y or yes instead of prompting. Of the other options, only -V is valid and will produce verbose output.
  39. B. The tune2fs command can be used for this purpose but should be used with care because it can result in data corruption.
  40. B. The mkswap command formats a swap partition. The fdisk command is used to create the partition but not format it. The other two options do not exist.
  41. A. The du command will report on disk usage in a recursive manner, unlike the other commands shown here.
  42. C. The usrquota option will enable user-level quotas on the given mount point. This is typically set within /etc/fstab.
  43. D. The -c option creates the files for the first time. The -f option is used to force checking, -u is used for user quotas, and -m is used to not attempt remounting read-only.
  44. D. The -r test determines whether a given file exists and can be read by the current user. The -e test only checks to see if the file exists, while -s determines if the file exists and has a size greater than zero. There is no -a file test.
  45. D. The allow-guest option changes the behavior of guest login for LightDM. And disallowing guest login would generally make the computer somewhat more secure, although if someone has physical access to the device, they might be able to get access in other ways.
  46. C. The xhost command is used to control access to the X server. A host is added with the + sign and removed by preceding it with the - sign.
  47. D. Setting a user’s shell to /bin/false will prevent them from logging in interactively to the system, such as with SSH. The other options shown for this question are all valid shells and would allow an interactive login.
  48. C. The journalctl command is used for this purpose; and the --disk-usage option displays the disk space used by journal log files, which are typically stored in /var/log/journal.
  49. A. The ifconfig command will be used for this purpose and requires the addition of the -a option because the adapter is currently down. The ifup command can be used to bring up an interface but does not display information by default. The netstat command displays information about the network but not with the -n option.
  50. D. Private IP addresses are found within the 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 ranges, thus making an address in the 143 range a public IP.
  51. C. The route command is used for this purpose, and adding a route is done with the add option. The default gateway is added using the default gw keywords followed by the IP of the gateway and the adapter.
  52. A. The host command enables changing of the query type with the -t option. Using ns as the type will query for the nameservers for a given domain. There is no all type, and the other options are also invalid.
  53. B. The -I option enables the choice of interface. A lowercase -i option sets the interval, while -a indicates an audible ping. Finally, -t enables a TTL-based ping only.
  54. A. The host or dig command can be used for this purpose by setting the type to mx. The mx type will query for the mail exchanger for the given domain. There is no smtp type.
  55. A. The -T option causes traceroute to use TCP packets. This option, which requires root privileges, can be helpful for situations where a firewall may be blocking traceroute traffic. The -i option chooses the interface, while -s chooses the source address. A lowercase -t option sets the Type of Service (ToS) flag.
  56. A. The ip command with the monitor option/subcommand will display netlink messages as they arrive. There is no netlink subcommand for ip, and the route command will not work for this purpose.
  57. A. The @ symbol is used to indicate a server to which the query will be sent directly. This can be quite useful for troubleshooting resolution problems by sending the query directly to an authoritative name server for the domain. Of the other options, -t sets the type, and the remaining options are not valid.
  58. A. The getent command is used for working with NSS databases, and getent hosts will display the available hosts using the databases configured in /etc/nsswitch.conf.
  59. C. The configuration option is called nameserver, and the value for the option is the IP address of the desired nameserver. There are several options that affect how name resolution is performed, such as the number of attempts and timeout. See resolv.conf(5) for more information.
  60. A. The route command can be used for this purpose; the syntax includes the network range, denoted with the -net option, followed by the word netmask and the masked bits, followed by the word gw and the IP of the gateway. The other options shown are invalid for a variety of reasons including missing keywords and options and order.
  61. A. The netstat command is used for this purpose, and the -a option displays all sockets, listening and non-listening. Note that it’s frequently helpful to add the -n option, or combine them as in netstat –an, in order to prevent name lookup. Doing so can significantly improve performance of the command.
  62. A. The correct format is IP address followed by canonical hostname followed by any aliases for the host. You can use entries in /etc/hosts to override DNS lookups, which can be useful to prevent those names from resolving or to provide a different resolution.
  63. C. The ifconfig command for configuring interfaces begins with the device followed by the IP address, which is then followed by the netmask keyword and the netmask to add. Because this is a /24, the netmask is 255.255.255.0.
  64. B. The ip route command can be used for this purpose, and its syntax uses a change command and the via keyword. The same operation could be completed with the route command but would require deleting the existing gateway first and then re-adding a new default gateway.
  65. C. Secure Shell, or SSH, operates on TCP port 22 by default. TCP/23 is used for telnet, TCP/25 is SMTP, and TCP/2200 is not associated with a well-known service.
  66. B. The nc command is used to start netcat, and the -l option causes it to listen. The -p option is used to specify the port on which netcat will listen. The -s option specifies the local source address and is not used for this scenario.
  67. A. The soa type is used to query for Start of Authority records for a domain. Note that in many cases, dig will attempt to look up the domain within a given command and may not appear to have had an error. For example, when running option D (dig -t auth example.com), you will receive information about example.com, and there will be a line in the output that dig has ignored the invalid type auth.
  68. A. The search option is used for this purpose and can be provided with multiple domain names, each separated by a space or tab. The domain option is valid within /etc/resolv.conf but does not allow for multiple domain names.
  69. A. The route command can be used for this purpose; and in the scenario described, a reject destination is used for the route. The other options shown are invalid because they use invalid options to the route command.
  70. B. The tracepath command provides the Maximum Transmission Unit (MTU) of the hops, where possible. Both traceroute and tracepath can be used internally or externally, and both provide IPv6 capabilities. Certain options with the traceroute command can require root privileges, but not enough information was given in the question for that to have been the correct option.
  71. D. The -c option provides the count of the number of pings to send. The -n option specifies numeric output only, while -p specifies the pattern to use for the packet content. Finally, the -t option sets the TTL.
  72. B. NXDOMAIN is the status for a nonexistent domain or host: basically, the host for which the query was sent does not exist. A normal status when there has not been an error is “NOERROR.”
  73. A. The ip route flush cache command should be executed after changing the routes. The other commands shown for this question are not valid.
  74. A. SPF records are stored in the txt record type in DNS, thereby making -t txt the correct option for this. Of the other answers, only -t mx is valid and returns the mail exchangers for the given domain.
  75. C. The only viable possibility of those listed is that ICMP traffic is blocked. TCP traffic is obviously passing because of the ability to get there using HTTP, and DNS must also be working.
  76. C. The G signifies a gateway within the route table.
  77. A. The axfr type is a zone transfer, and the @ symbol signifies the server to which the query will be sent. There is no xfer type. Option B is just a normal query for the domain sent to the specified server.
  78. A. If /etc/nologin exists, users will be prevented from logging in to the system. The root user can still log in, assuming that root logins are enabled within the SSH configuration.
  79. B. The find command will be used for this purpose, and the permission can be described as 4000 to indicate the presence of the setuid bit. The -type option can be used for changing the type of object to be returned but is not relevant for the scenario described.
  80. A. The nmap command is used to scan for open ports. It will scan for open TCP ports to the address or addresses specified. The other commands shown do not scan for open ports to external (off-host) IP addresses.
  81. B. The format is username (or other specifier) followed by hard or soft, depending on the limit type, and then the keyword followed by the value for that given keyword.
  82. B. The lsof command can be used for this purpose; with the -i option, it will display the network ports along with their process. The netstat command will display network ports but not the process with the -a option. The ps command is used for processes but not network ports. Finally, there is no netlist command.
  83. A. Setting -P0 will cause no ping requests to precede the scan and is useful for the scenario described. There is a -s option, but it is not used for this purpose. The other options are not valid.
  84. C. The maxlogins parameter is used to control the number of simultaneous logins for a given account.
  85. A. The -s option sets the type of scan and, when followed by an uppercase S, sets the option to SYN. The T option is a Connect() scan. There is no Y option or -type option for nmap.
  86. D. The find command will be used for this purpose, and the -perm option is needed, specifically as the 2000 permission to indicate setgid. Note the use of / to indicate that the entire server will be searched. The grep command shown cannot be used for this purpose because it looks for the presence of the string setgid within files located in the current directory only.
  87. D. The -p option to iostat displays information on devices and partitions. The -c option shows CPU utilization, and -d shows device utilization. There is no -a option.
  88. D. The vmstat command is used to display extended information about performance including blocks in and out. The iptraf command is used to provide network-level monitoring, and the other two commands listed are not valid.
  89. B. The w command shows various useful information including load average, logged-in users, and other uptime information. The uptime command does not show who is currently logged in. There is no swap or sysinfo command.
  90. B. Pressing Shift+F within top enables you to choose which columns display as well as the sort order for the columns. In the scenario described, you can view the processes using the highest amount of memory.
  91. C. Cacti is a graphing tool that uses scripts for gathering performance data as well as SNMP. The graphs can help to visualize performance of networks and systems alike. The pstree command is used to show a treelike structure of processes.
  92. B. The -e option causes swapon to skip those partitions that do not exist. The other options are not valid for this scenario.
  93. A. The -f option forces fsck to run on an otherwise clean filesystem. This can be helpful for times when you suspect there is an error on the filesystem and need to verify as part of the troubleshooting process. This can also be helpful to prepare the filesystem for conversion, such as might be the case with a tool like btrfs-convert.
  94. A. The swapoff command deactivates swap space, thereby making it unavailable as virtual memory on the system. The other commands shown as options are not valid.
  95. C. The --show option displays information about the swap spaces on the computer, including how much swap is currently being used. The -a option activates all swap spaces. There is no --list option, and -h displays help.
  96. C. The pvdisplay command shows information about a given physical volume. You can use pvdisplay to view the device on which the PV is built along with the extent size of the PV. The other commands shown are not valid.
  97. A. The vgscan command looks for both physical volumes and volume groups related to an LVM configuration. The vgscan command is run at system startup but can also be run manually. The other commands are not valid.
  98. C. The pvscan command displays a list of physical volumes on a given server. The PVs displayed are those that have been initialized with pvcreate for use with LVM.
  99. C. The ip command defaults to the inet family if not otherwise specified with the -f option. The command will attempt to guess the correct family and fall back to inet. The other families listed as options for this command are not valid for use with the ip command.
  100. D. The -n option causes route to use numeric values only, performing no name resolution. This option is useful for the scenario described. The -e option causes the output to be in netstat format. There is no -d or -f option for the route command.
  101. A. Because you’re working with MAC addresses, the arp command will be used. The -d option removes or deletes an ARP entry, which would be appropriate here so that the MAC address resolution occurs again. The netstat command will not be used for this purpose. The hostname and dig commands work with name resolution but not for MAC addresses or the ARP table.
  102. B. The -o option removes newlines from the output, thereby making the output more suitable for the grep command. The -l option specifies the number of loops for the ip addr flush command. The -f option specifies the protocol family. There is no -n option.
  103. A. The -s option creates an ARP table entry. The -d option removes an entry. The -c and --add options do not exist.
  104. C. The -D option lists the interfaces on a given computer. The -d option dumps compiled matching code, and -i selects an interface. There is no -a option.
  105. B. The -R option requires an attempt at name resolution be performed. The -n option does the opposite: it disables name resolution. There is no -b or -a option.
  106. B. The mtr command provides a unique way to view real-time information about each hop in a route between hosts. Both the traceroute and route commands are valid, but the options shown for each are not. There is no liveroute command.
  107. A. The --delay option sets the interval between checks of array health. The argument value is in seconds. The other options shown are not valid.
  108. C. The !H sequence indicates host unreachable. Network unreachable is !N.
  109. A. The -m option specifies how the packet should be marked or tagged. The -a option is an audible ping, and -p enables specification of custom padding. There is no -k option.
  110. B. The -r option displays a report including CPU time and exit status about the just-completed fsck operation. The -f option forces whatever operation is being requested, -s serializes fsck operations, and -l creates an exclusive flock.
  111. D. The file /proc/meminfo provides a wealth of information about memory usage and utilization. Much of this information is displayed by various commands, but the canonical source for those commands is usually found in this file. Of the other options, only /proc/cpuinfo is valid, and that file provides information on the CPU(s) for the computer.
  112. D. An Xmas scan is available using the -sX mode of nmap. The -sT mode is a TCP connect, and -sS is TCP SYN. There is no -sP option.
  113. A. The -s option sets the snapshot length, or snaplen, of the capture instead of its default of 65,535 bytes. The -l option provides line buffering, -c stops after the indicated count of packets are received, and -d dumps compiled packet-matching code into a format that is readable.
  114. D. There is no port for ICMP. The protocol does not use ports.
  115. B. The -B option changes the format, and T sets the scale to terabytes. The other options do not exist.
  116. C. The -c option checks for bad blocks. The -b option sets the block size. There is no -a or -d option.
  117. C. The -U option shows latency. Of the other options, -d is used for debugging, -L suppresses multicast loopback packets, and -i sets the interval between packets.
  118. B. The iperf command can be used to measure throughput and can be used for troubleshooting latency issues. The other options are not valid commands.
  119. C. The itop command displays information about interrupt usage in real time, with a display that is somewhat like the top command. The other options shown for this question are not valid commands.
  120. B. The ibstat command shows information about Infiniband devices. The other commands are not valid.
  121. A. The renice command is used to change priorities. The lower the number, the higher the priority. The correct syntax is shown in option A. Option B will set the priority lower. Options C and D are invalid syntax.
  122. D. The -n option is used with netstat to prevent hostname lookups, which can slow the output. The other options do not perform the required task.
  123. B. The pidof command shows all of the processes associated with the given argument. In this case, option B shows the correct syntax. The ps command shown in other options is a valid command but not with the syntax shown.
  124. A. The number 1, or SIGHUP, is the signal that sends a hangup to the process. The other options shown are valid signals but not for the purpose described.
  125. D. The sysctl command can be used for changing parameters within the running kernel. The changes are not saved between reboots, though, and need to be reapplied if the system is restarted. The other commands shown are not valid.
  126. C. The -i option sets the byte-to-inode ratio. The -b option sets the block size, -r sets the filesystem revision, and there is no -u option for mke2fs.
  127. C. The /sys/class/fc_host directory contains information on HBA adapter ports on the system. The other options are not valid directories.
  128. B. The account module interface is where access verification occurs. Among the other options, the auth and password interfaces are used for different purposes, and there is no policy interface.
  129. A. The default policy should be deny. A deny-by-default policy discards packets. It’s notable that a reject policy might also be used, which would send a reject back to the sender. The other options are not appropriate for the task described.
  130. C. The -l option displays ownership information including user and group owners of a file or directory. The -o option only shows the user but does not display the group. The other options shown are not valid for this purpose.
  131. B. The program should be created to use local sockets for communication. Socket-based programs do not need to incorporate network or protocol information, thus making them preferred over a network-based program for the purpose described. If the program needed network connectivity, then option A would be appropriate. The other options are not appropriate for this scenario.
  132. C. The buffers column shows the amount of RAM allocated to kernel buffers. Cache indicates page cache usage, and shared usually indicates tmpfs usage.
  133. C. The nmcli command provides a command-line interface into NetworkManager. The other options shown are not valid commands.
  134. A. The iftop command is used to display real-time network usage through an interface that is reminiscent of the top command. The other options given are not valid commands.
  135. C. The iptraf command shows cumulative network usage in real time for a given interface. The other options shown are not valid.
  136. C. The cfq scheduler is the default for Linux systems. Of the other options shown, deadline and noop are valid but are not the default. There is no iqueue I/O scheduler.
  137. D. The ipset command can be used for the purpose described. It’s worth noting that you could create a separate iptables rule for each IP and rule, but doing so would be less efficient than using an ipset group and having a single rule applied to that group.
  138. A. The tcptraceroute command should be used for this purpose. This command attempts to connect to the destination on the TCP port specified. This method is preferred over a simple ping because ICMP may be filtered, thus giving an inaccurate diagnosis. The other commands would not be used for this purpose.
  139. C. The tshark command enables capture of network traffic into a file. The other commands shown are not valid.
  140. C. The whois command is used for lookups of domains and IP addresses, among other things, and would be used for this purpose. The other commands are not valid for this purpose.
  141. D. The ioping command sends requests to a given disk and records the time taken for the request. Of the other commands, fdisk is valid but would not be used to determine performance-related issues. The other commands are not valid.
  142. C. The partprobe command causes a partition update for the kernel. The other options are not valid commands.
  143. A. The sar command can be used to display a wide variety of performance-related information, including that captured over time. The other commands are not valid.
  144. A. The -a option shows all available parameters. The other options shown are not valid with sysctl.
  145. C. A state of D means uninterruptible sleep. There is no state for debug or dead processes, and interruptible sleep has a state of S.
  146. B. The file /etc/default/keyboard contains information for keyboard mapping. The other options shown are not valid.
  147. C. The default port is 631. The other ports listed for options are not used for CUPS.
  148. B. The -R option changes ownership in a recursive manner. The other options are not valid for this purpose. The -f option exists for chown but changes the output to be silent.
  149. D. The ausearch command can be used to find recent violations of an SELinux policy. The other commands are not valid.
  150. C. The dmesg command shows the kernel ring buffer and is a primary tool to determine whether the system has detected a new piece of hardware. The other options are not valid.
  151. A. The signal number or symbolic name can be used and is prefaced with a single dash (-) as shown in option A. The other options are not valid for the purpose required in the question.
  152. A. Execute permissions for directories inherit, so the top-level directory must not allow the “other” permission to execute, which is needed for a directory listing within a subdirectory.
  153. B. The default size for ioping is 4 KB.
  154. A. The I/O scheduler in use is found in /sys/block/<device>/queue/scheduler. The other options are not valid locations for this scenario.
  155. D. The -n option prevents hostname lookups from occurring with iftop. This is helpful for reducing the amount of noise or unnecessary information displayed within the iftop output. The other options do not accomplish the task required.
  156. B. The server command, when run within the nslookup interface, will set the server to which the query will be sent. The other options shown are not valid for this purpose.
  157. D. A user would need write and execute permissions in order to write into a directory for which they are not the owner and do not have group ownership.
  158. C. LDAP can be used for external authentication scenarios with Linux and is frequently used to provide authentication in an integrated environment with Microsoft Windows and Active Directory. Of the other options, neither SSL nor SSH provides the external authentication, although SSH may be able to integrate with other authentication means.
  159. B. The ulimit command shows the various limits that apply to a given user, including file size limitations. The other options are not valid.
  160. A. The permissions should be 755 in order for a user to execute the script. The other options won’t work for the purpose described or are too permissive.
  161. C. The chattr command is used to change file attributes including making them immutable. The other commands are not valid.
  162. A. UIDs less than 1,000, not including 0, are typically used by service accounts. This is not required, but is done by convention.
  163. B. The groups command is used to retrieve a list of groups. The other commands are not valid.
  164. A. The swapon command activates the swap space for use. The other commands are not valid.
  165. D. The size of the request can be set using the -s option for ioping. The other options shown are not valid with ioping.
  166. C. Looking for access vector cache (AVC) messages within the ausearch command can reveal information about policy violations. It’s typical to also include USER_AVC within the query. The other options shown are not valid.
  167. C. The dmidecode command shows extended information about hardware within a Linux system. The other options shown are not valid commands.
  168. B. The fail option to mdadm indicates that the disk has failed. The other options shown are not valid.
  169. C. The -H option suppresses the legal disclaimer when possible. The other options do not complete the task described in this scenario.
  170. B. The -i option sets the interface for iftop. The other options shown are not valid for the required task.
  171. B. The file /sys/class/scsi_host/hostN/scan is used for this purpose, where N is the adapter number. The other paths are not valid for the purpose described in this scenario.
  172. B. The /etc/shadow file stores encrypted passwords. The /etc/passwd file does not store encrypted passwords, and the other options are not valid.
  173. B. The lsattr command can be used to show extended attribute information about a file, such as whether the file is immutable. The other options shown are not valid.
  174. A. The size and rss columns within ps output are helpful for determining memory usage for a given process. The other options are not valid for process-level troubleshooting.
  175. C. SIGKILL corresponds with signal number 9. The other numbers shown are valid signal numbers but are not SIGKILL.
  176. D. The IN class, or Internet class, is the default type of class queried with the host command. This can be changed by using the -c option for the host command.
  177. A. The routing table is displayed with the -r option. The other options do not display the routing table.
  178. C. The -s option displays summary output for the arguments given. The other options shown do not accomplish the required task.
  179. B. The ps command lists processes, and using grep for the state of Z will show zombie processes. Of the other options, there is a -Z option for ps but it is not used for the purpose described.
  180. A. The lshw command shows all hardware within a system, giving detailed information about many aspects of that hardware. The other commands shown are not valid.
  181. B. The -c option sets the number of requests to send with ioping. The other options given are not valid for use with ioping.
  182. B. The R state indicates a process is running. The other options do not indicate a running state.

Chapter 5: Automation and Scripting

  1. A. The echo command is used to send output from a Bash script. The other options are not valid commands.
  2. A. Ansible is agentless, using SSH and Python for orchestration. Puppet does have an agentless mode but typically uses agents for orchestration. The others are not valid orchestration packages.
  3. B. The env command executes a command and enables a custom environment for that command execution. The set command changes environment variables but does not change variables for the single command execution, as specified in the scenario. The other options are not valid commands.
  4. B. The pull command in git fetches the changes and incorporates them into the current working copy. The fetch command only retrieves but does not incorporate the changes. The other options are not valid git subcommands.
  5. B. Infrastructure as code typically means managing infrastructure components using some of the same tools that developers would use, such as source code management along with programs or scripts and automation for deployments and configuration changes.
  6. A. The chmod command will be used for this solution. The answer granting 700 enables execute privileges for the owner. The other options have incorrect syntax or inappropriate permissions for the scenario described.
  7. A. The source command adds functions found in the file argument to the current shell. The source command is frequently used for software installs to ensure that the environment is set up properly prior to execution of the install scripts.
  8. D. The character sequence #!/bin/bash invokes the commands that follow as a Bash script.
  9. C. The greater-than sign is used to redirect output to a file and will overwrite the file if it already exists. The other characters do not fulfill the requirements of this scenario.
  10. A. Creating a git repository requires creating the directory, changing the current working directory to the new directory, and then running git init --bare. The other commands will not create an empty git repository.
  11. B. The term inventory is most often used in orchestration to refer to the collection of devices under management.
  12. D. A backslash is used to escape characters such as a single quote in a Bash script. The other characters will not achieve the desired result.
  13. A. An exit code of 0 indicates that the script did not encounter an error. This exit code is generally associated with a successful execution of a program in Linux.
  14. A. Shell expansion, or, more accurately, brace expansion, can be used to create the output shown. The other options will not produce output as shown.
  15. C. The pound sign (#) is used to indicate that what follows is a comment and will not be executed for the remainder of the line. The other options are valid comment styles in other languages but not for a Bash script.
  16. D. No special extension is necessary for a Bash script to be executed. The extension .sh shown as an option is a common extension that you will see for shell scripts of any variety, but the extension isn’t required.
  17. C. The merge command incorporates changes to a previously cloned git repository. The push command is valid but not used for this purpose. The other commands are not valid.
  18. A. An agent is software that runs on clients and listens for commands from the server in an orchestration architecture.
  19. C. Infrastructure automation is the term most closely associated with adding (and removing) servers in response to load and demand.
  20. C. When executed as part of a function, the local command can be used to create a local variable in a Bash script.
  21. A. The clone command retrieves a copy of the repository for local use. The checkout and co commands are used with Subversion and not with git.
  22. D. The $0 parameter contains the name of the script being called. The other answers do not fulfill the requirements of this scenario.
  23. B. The printenv command can be used to print the contents of the current shell environment such as environment variables. The other options shown are not valid commands.
  24. B. A single equal sign is used for string comparison in a Bash script. Of the other answers, -ne is valid but is used when comparing integers. The string eq would be an operator if preceded by a single dash, as in -eq. In that case, -eq is used for integer comparison.
  25. B. A while loop that evaluates boolean true will accomplish the task described. The other options given are syntactically incorrect in various ways.
  26. B. The git checkout command switches the working copy to the specified branch and points the HEAD toward that branch. The other commands shown as options are not valid with git.
  27. C. The export command adds a variable to the current environment and is frequently used for the scenario described. The other options are not valid commands.
  28. B. The current contents of the PATH variable, or any other shell environment variable, can be displayed using the echo command. Variables in Bash use a $ as part of the identifier. Therefore, any option without the $ would not work.
  29. A. The $() sequence executes a command within a subshell, which is helpful for ensuring that global variables in a Bash script cannot be modified. The other sequences shown are not valid for the scenario described.
  30. B. Managing configuration with orchestration is described in this scenario, so option B is the closest response.
  31. B. The -u option or --unset will remove a variable from the environment. The other options are not valid with the env command.
  32. C. The double-ampersand metacharacter executes the right-hand command only if the first command exits with a successful exit code. A single ampersand sends the command into the background, thus making option B incorrect. A pipe character executes the second command but does so regardless of the success or failure of the first command, thus making option D incorrect.
  33. B. Two greater-than signs append output to the specified destination. Option A includes only one greater-than sign, which overwrites rather than appends output. The pipe character in option C does not send output to a file, and option D does not work for the purpose described.
  34. D. File globbing is the process of expansion of special characters, which is required for this scenario. In this case, the negation character is the caret, thus making option D correct.
  35. B. The .gitignore file is used to store files that will not be versioned.
  36. C. The for loop should be used for this purpose because it iterates through a list. An until loop would require additional code, thus making it a less-preferable construct for the purpose described. There is no do loop or foreach loop in Bash, thus making those options incorrect.
  37. C. Command substitution can be accomplished using backquotes or $(). These two methods are substantially but not completely equivalent.
  38. C. The git log command is used to show a commit history. The other commands shown are not valid with git.
  39. A. The -m option enables a message to be included in the commit, thereby alleviating the need to go into an editor to create the commit message. The other options shown do not accomplish the required task.
  40. B. Build automation is the most appropriate name for kicking off the compilation of software on commit.
  41. A. In this scenario, STDIN redirection is accomplished with a less-than sign to take the contents of customers.sql and send those contents into the mysql command. It’s also likely that the mysql command would have things like -u for the username and -p to prompt for the password, but those were not relevant to the scenario and are not required in all circumstances. The other options shown are not valid for the purpose described. Options B and C take output from the mysql command, while option D is an invalid character sequence.
  42. C. More than likely you have not executed git push to send the code to the server. Of the other options, you do not need to send commit IDs to teammates and there is nothing to indicate that you have been having problems committing the code itself.
  43. B. The -R option performs a recursive change to the targets identified by the chmod command. The other options do not perform recursive changes for chmod.
  44. D. The closing parenthesis is used to denote a case; when preceded by an asterisk, the default case is indicated.
  45. B. The character sequence fi, which is the if statement backward, indicates the end of an if conditional within a Bash script. The other sequences shown as options may be used in other languages.
  46. D. The master branch is the branch created by default within a git repository. The other names shown can be used but are not the default.
  47. B. The pipe character sends, or pipes, the output from one command into another and is commonly used in a Linux environment for creating complex command sequences, whether through scripting or directly on the command line. The other options shown are not used for the purpose described in the scenario.
  48. B. The git status command is used to show the current state of the working copy, displaying things like untracked files, files staged for commit, and so on. The other options shown are not valid for the scenario.
  49. B. The -n option suppresses the trailing newline character from the echo command and is quite useful in scripting scenarios. The other options are not valid for the command.
  50. A. The inventory of an infrastructure contains things like the version of software installed on clients.
  51. C. Redirecting STDERR is accomplished with the character sequence 2>. The plain greater-than sign redirects STDOUT. The other character sequences shown as options are not valid for the purpose described.
  52. A. The git config command will be used for this purpose, and the parameter is user.email.
  53. B. The readonly command displays the list of read-only variables that have been declared in the current session. The other commands listed for this question do not exist.
  54. D. The set command can be used for a variety of purposes to change how the shell environment works. One such option is –C, which prevents output redirection such as that done with > from overwriting a file if the file already exists.
  55. C. The file command can be used to determine which type of file is being used. This can be particularly helpful for files without extensions, where you are unsure if you should view the contents of the file. Option A, grep, is used to look within files but would not be helpful in this case. The telnet and export commands are not used for this purpose.
  56. B. The history command will display your command history, including commands from the current session. You can specify how many lines of history to display, as shown in the answer for this question. Note that .bash_history will not show the current session’s history.
  57. A. Preceding the command with a ! will search history and execute the specified command. For example, !vi will start your last vi session.
  58. A. The type built-in command returns the location that the shell will use in order to run the given command. The find command cannot be used for this purpose, and the other commands do not exist.
  59. C. The source command is used to execute commands from a file. A typical use case is to create functions or variables that are then available for use within the current session. The other commands listed do not exist.
  60. B. While it’s true that every user has a .bash_logout, the file exists in their home directory and therefore can be edited by the user. Therefore, to ensure that the required command is executed at logout, the file /etc/bash.bash_logout must be used.
  61. B. The env -u command will unset an environment variable for the current session. The unset command can also be used for this purpose.
  62. A. The env command, when used as #!/usr/bin/env bash, will determine the location of the bash interpreter automatically. This makes the resulting script more portable for systems where bash may not be located in /bin/.
  63. B. The PS1 variable usually has its default set in /etc/profile and is used as the shell prompt. Users can customize the prompt to include hostname, working directory, and other elements.
  64. C. The $1 variable is automatically available within bash scripts and represents the first command-line argument. The $0 variable is the script itself. The other variables listed in this question do not exist by default.
  65. B. The seq command is used to print a sequence of numbers in a variety of formats. The answer for this question provides a starting point (0), an increment (1), and the final number (5), thus resulting in six numbers being displayed as output.
  66. D. The exec command executes the command given as its argument and will then exit the shell. The source command does not exit the shell.
  67. C. The read command awaits user input and places that input into the specified variable. The exec command is used to execute commands, and the other options are not valid for the purpose described.
  68. A. Parentheses are used to denote a function, such as myFunction(). The parentheses are optional but are then followed by curly braces containing the commands to be executed when the function is called.
  69. C. The sequence esac, which is case spelled backward, is used to indicate that a case statement has ended. Of the other options, the done statement is used for termination of certain loops in Bash.
  70. C. The -p option displays declare statements in a way that the commands are fully qualified and could then be used as input for another command, through either piping or redirection to a script.
  71. C. Square brackets are used to denote the beginning and end of the test portion of a while loop in a shell script. Other languages generally use parentheses for this purpose.
  72. B. The test built-in will return true and can be used to test for the value existence of a variable not being null. Note that the behavior of the test built-in differs depending on the number of arguments.
  73. C. The HOME environment variable, set automatically to the user’s home directory, is consulted when the command cd ~ is entered. The other paths beginning with HOME do not exist by default, and the MAILPATH environment variable shown contains a list of locations where mail is checked when using the shell interactively.
  74. B. The git log command will be used for this purpose, with an option of --follow and the filename/path to follow through history.
  75. A. Parameters and other facts about the clients are also called attributes in an orchestration.
  76. C. The integer comparison -eq is used for comparing integers within Bash scripts. The other answers are not valid for Bash script comparison.
  77. C. The semicolon metacharacter chains multiple commands together but does not use the output from one command as input to the next. If the output needs to be sent into the next command, the pipe character (option D) is used. A single ampersand places a task in the background, thus making option A incorrect; and a greater-than sign redirects standard output, making option B incorrect as well.
  78. A. The a escape sequence, when used with the echo command, sounds an alert or bell. The  option is a backspace. The c option indicates that echo should not produce any additional output. There is no d option for echo.
  79. D. It is important to note that there cannot be any spaces between the variable name and the equal sign. Likewise, there cannot be any spaces between the equal sign and the contents of the variable. This makes answer D the only correct option.
  80. A. The provided answer performs command substitution and places the value from the resulting command into a variable. Note the use of +%s formatting on the date, which then formats the output as seconds since the epoch, as specified in the question. Option C will provide the date within the DATE variable but will not format it as specified.
  81. B. In shell scripts, the commands to execute begin at the do keyword and end at the done keyword. Other languages generally use either curly braces or tabs.
  82. A. The -r option to declare will create or mark the variable as read-only. The -p option prints output in a format that can be reused. The -x option declares the variable for export.
  83. C. The LC_TIME environment variable is used to control the display and behavior of the date and time and can be changed to a different locale in order to achieve the desired display and behavior of date and time formatting. The other options shown for this question do not exist.
  84. A. The -i option shows interface information in a table-like format. Information such as transmit and receive bytes as well as the MTU for the interface and other information are shown. The -r option shows routes, while -l shows listening sockets. There is no -t option.
  85. C. The Ctrl+C key combination kills a shell script that you are running interactively. The other key combinations may have an effect but not within this context or for the desired behavior.
  86. C. Shell scripting syntax uses the format shown, with square brackets around the condition to the tested and double equal signs for a string test. Variables are preceded by a dollar sign as shown.
  87. A. The syntax for setting the PATH separates the new path with a colon, as shown in the correct option. A primary difference between the correct and incorrect options for this question was in how the actual specified path was shown.
  88. B. The --abort option attempts to roll back a problematic merge. The other options shown do not exist as options to the git merge command.
  89. A. The GIT_DIR environment variable can be used to change the default location away from the ./.git directory in which a new repository would normally be created. The other options are not used by git as environment variables.
  90. B. The escape sequence adds a horizontal tab. The other characters may have different meaning and so are not valid for this question. For example, a is alert or bell.
  91. C. The double-asterisk sequence has special meaning and indicates that the file will be ignored in all directories.
  92. A. The scenario requires alternation. Therefore, square brackets will be used to indicate the beginning of the sequence. After the brackets, a single asterisk indicates a wildcard. The other options will not work for the scenario described.
  93. B. The git remote command will be used for this purpose; and, when given the show option and the remote name (origin, in this case), additional information about that remote will be displayed. The command is useful for displaying information about the destination for pushed code.
  94. D. The $# character sequence contains the number of command-line arguments that were passed to a shell script. The other options shown are not predefined by Bash.
  95. B. The TMOUT variable can be set in a given user’s shell, and they will be logged out after the value given (in seconds) of inactivity. The other environment variables listed here do not exist.
  96. C. The line will output the contents of the NUM variable. The comment occurs after the command on the line, and only code after the # appears is ignored.
  97. A. Using the --origin or -o option enables the name to be changed instead of the default of origin. The other choices are not options with git clone.
  98. D. The steal column shows the percentage of time that was spent waiting due to the hypervisor stealing cycles for another virtual processor and can be used with infrastructure automation to indicate that additional CPU resources need to be deployed.
  99. C. The LC_ALL variable can be used to set environment variables for the locale and will override others. This can be used when there is a need for a temporary change. The other variables listed here are not used for this purpose and are not created by default.
  100. A. A procedure is one or more commands that are executed on a client node as part of infrastructure automation.
  101. C. Double semicolons are used to indicate the end of an individual clause within a Bash script. The other sequences shown do not accomplish the task described.
  102. C. The unalias command is used to remove a previously defined alias. The rm command will remove regular files but not aliases. The other commands do not exist.
  103. B. The -e option checks to ensure that a file exists and is typically used in the context of a conditional within a shell script. The other options may work within shell scripts but are not tests for file existence.
  104. C. Setting LANG=C is an alias for POSIX compatibility and will cause programs to bypass locale translations. The other options shown for LANG are not valid.
  105. A. The --list option shows the current configuration parameters for git. The other options do not exist as options for the git config command.
  106. B. The number 2 indicates STDERR redirection, and double greater-than signs indicate that the output will be appended rather than overwriting.
  107. A. A file with a .yml extension usually contains YAML. The question also gave a hint of infrastructure as code, where many tools use YAML for configuration and procedures.
  108. A. The passwd file will be sent to STDOUT, where it will be captured and sent into the cut command. The cut command will separate the contents of the file line-by-line using a colon as a delimiter. The first field will be sent to STDOUT and placed into a file called users.txt.
  109. C. The shift command moves positional parameters down by one. This can be helpful for complex scenarios with several command-line arguments, each containing an option.
  110. D. The --no-commit option should be added to git pull to prevent the merge from being automatically committed.
  111. A. Like the for loop, the commands within an until loop are delineated with do and done.
  112. B. An exit code of 1 indicates a general error. The exit code of 0 indicates success, and 255 is out of range. There is no -1 exit code for Bash.
  113. B. The ./configure pattern is typically used to invoke a configure script. Option A might work, but the build directory is typically not in the path.
  114. A. The -a option, when added to git commit, automatically commits previously known files. The -c option invokes the editor for the commit, and the other options do not exist.
  115. C. The LC_MONETARY variable is used by certain programs to determine the localization for currency.
  116. D. The TZ environment variable is used for this purpose, and the general format is as shown, thus making option D the correct answer.
  117. A. Array creation in a shell script involves parentheses when used in this manner. You can also use square brackets to define individual elements, as in ARRAY[0] = "val1".
  118. C. The -lt operator is used to test for "less than" conditions within a script. The other operators are not valid for use in a shell script.
  119. C. The for loop construct in this case will require the variable name LIST to be preceded with a dollar sign ($), thus making option C correct. The other options will not work for the purpose described.
  120. C. The elif keyword is used to create an alternative execution path within a shell script. The other constructs, such as else if and elsif, are used in other languages.
  121. C. The .git directory is used for storage of metadata for the repository.
  122. B. The character sequence shown in option B is the correct sequence to redirect both STDERR and STDOUT. Of the other options shown, option A will redirect only STDERR. The other options shown are not valid.
  123. D. The double-pipe metacharacter executes the right-hand command only if the first command fails. A single ampersand sends the command into the background, thus making option B incorrect. The double-ampersand metacharacter executes the second command, but only if the first command succeeds, thus making option C incorrect.
  124. C. The git checkout command switches the location to which HEAD is pointing. By adding the -b option, the branch is also created.
  125. D. Both while and until loops execute until a condition changes. The while loop stops when the condition is no longer true, and an until loop executes until the condition is true.
  126. A. Comparing integers is typically accomplished using the binary comparison operators like -gt, -eq, and so on. Option B is incorrect because the > operator is used in square brackets. There is no -gta operator or gt operator, making both option C and option D incorrect.
  127. C. SSH is typically used for communication between nodes in an agentless orchestration. Less common would be a protocol such as HTTPS. The other protocols shown as options would not be used for agentless orchestration.
  128. C. Variable or parameter expansion is accomplished using ${ } wrapped around the parameter name.

Chapter 6: Practice Exam

  1. B. Current interrupt (IRQ) assignments are contained in the file /proc/interrupts. Therefore, viewing the contents of the file with a command such as cat will work. There is no view command, thus making answer A incorrect. Likewise, there is no /dev/irq file, making answers C and D incorrect.
  2. D. Configuration files for udev are found in /etc/udev, which makes answer D correct. The other options do not exist.
  3. A. The modprobe command loads the module and its dependencies, if applicable. The lsmod command is used to list currently loaded modules, making answer B incorrect. The insmod command will load a given module but not its dependencies. Answer D, rmmod, is used to remove a module from memory.
  4. A. The Shift key, if pressed when control has first been handed to GRUB, will cause the GRUB menu to be displayed.
  5. D. The dmesg command displays the contents of the kernel ring buffer. On many Linux distributions, this log is also saved to /var/log/dmesg. The other options shown for this question are not valid commands.
  6. A. The listing shows a symbolic linked file located in the current directory, linked to .configs/fetchmail/.fetchmailrc. The file is owned by the root user and root group and was created on July, 8, 2014.
  7. B. The systemctl command is used to work with services and targets. The list-units command is used to list targets. The other commands are not used for this purpose or do not exist with the required option.
  8. C. The -nn option displays both numbers and device names, thus making answer C correct. The -n option (answer B) displays only numbers. The other two options do not exist.
  9. C. Out of the options given, the systemctl status command and option are the most appropriate. The telinit and sysctl commands are not used for this purpose. Likewise, the --ls option is not valid for systemctl.
  10. D. The partition containing /var should be the largest for a mail server because mail spools are stored within this hierarchy. The /etc/ hierarchy is usually small, as is /usr/bin. The /mail directory does not exist by default.
  11. B. The deplist option displays the dependencies for the given package. The list option displays information about a specific package, while the other two options are not valid.
  12. A. The -ivh options will install a file using rpm, displaying both verbose output and hash marks for progress. The other options presented do not exist or do not accomplish the specified task.
  13. A. The apt-cache command is used to work with the package cache, and the search option is used to search the cache for the supplied argument, in this case zsh. The apt-get command is used to work with packages themselves, while the apt-search command does not exist.
  14. A. The -V or --verify option will check the files in a given package against versions (or checksums) in the package database. If no files have been altered, then no output is produced. Note that output may be produced for files that are changed during installation or for other reasons. Note also the use of an uppercase V for this option as opposed to the lowercase v for verbose.
  15. D. The top command is used to continuously monitor things like CPU and memory usage, and the -p option monitors a single process. By using the runquotes with the pidof command, the process ID is provided as input to the -p option. It’s worth noting that this only works if there’s a single instance of the process.
  16. A. The -g option displays the progress of the dump. The other options listed do not exist.
  17. C. The debugfs command can be used for this purpose. When the filesystem is opened with –c, it opens in catastrophic mode, meaning that it will be read-only and will not read inodes when opening.
  18. C. The xwininfo command displays information about a given window within an X session. The other commands listed for this answer are not valid.
  19. C. The file /etc/localtime, which can be an actual file or a symbolic link, is used to indicate the local time zone. The other files listed as options do not exist.
  20. D. Within the /usr/share/zoneinfo hierarchy, you will find information on the various regions and time zones available. The files within this hierarchy can be symlinked to /etc/localtime.
  21. A. The /etc/skel directory contains files that are automatically copied to a user’s home directory when that user is created. The other directories listed for this question do not exist by default.
  22. B. The atq command shows a list of jobs that have been scheduled with the at command. The other commands don’t exist, with the exception of option D, which shows the at command but with an invalid option (--jobs).
  23. B. UTF-8 provides multibyte character encoding and is generally accepted as the standard for encoding moving forward. ISO-8859 is single-byte encoded. The other answers are not valid.
  24. C. LDAP over SSL (LDAPS) operates on port 636. Port 53 is used for DNS; port 389 is used for normal, non-SSL LDAP; and port 443 is used for HTTP over SSL.
  25. B. The chage command can be used for this purpose, and the -E option accepts days since 1/1/1970. There is no -e option to passwd, and -l for usermod will not perform the action described. There is no chguser command.
  26. A. The -i option for SSH is followed by the private key to use for authentication. Doing so implies that the public key is in the authorized_keys file on the remote host. The -k option disables the sending of GSSAPI credentials, while -f is used to request backgrounding of SSH. There is no --key option.
  27. A. The -n option facilitates the scenario described and will exit non-zero rather than prompting. The -i option sets the login name and is not valid for this scenario. The -q and --noprompt options do not exist.
  28. A. Single-user mode is typically runlevel 1. In runlevel 1, no network services are started. Runlevel 2 has networking but typically not services. Runlevel 5 is full multiuser with networking, and runlevel 6 is reboot.
  29. B. The free command shows current memory usage for both RAM and swap space, including total available, current amount used, and current amount free. The other commands shown as options do not exist.
  30. A. The df command displays information on disk usage and can help with planning disk utilization over time. For example, if you note that the disk utilization is increasing significantly, preparations can be made to bring more disk online or even to change the log-rotation schedule such that logs are rotated faster, thereby freeing up space.
  31. A. The sar command can be used for this purpose and when provided with numbers in the format displayed, will update every X seconds for Y executions.
  32. C. The -m option causes the disk-related statistics to use megabytes as the scale rather than the default kilobytes.
  33. A. The mkinitrd command is used on older systems to create the initial RAM disk. The initial RAM disk is used to load, some might say preload, essential modules for things like disks and other vital components needed for booting.
  34. D. A bzImage can mean that bzip was used to compress the image but can also mean simply “Big zImage” and compressed with gzip. bzImage is typically used for kernel images that can go above the 512 K limit that normally applies to a zImage.
  35. A. The -r option repairs the filesystem, while the -y option causes fsck to assume Yes instead of prompting. The -v option is verbosity. There is no -m or -x option for fsck.
  36. A. The default.target is the default target unit that is activated by systemd on boot. The default target then starts other services based on the dependencies.
  37. B. The mkswap command is used to format a swap partition. The other commands are not valid.
  38. B. A filesystem with the word defaults for its mount options will be mounted read-write (rw), suid, with the ability to have executables (exec). The filesystem will be auto-mounted (auto), but users will not be able to mount it (nouser). Character and block special devices will be interpreted (dev), and operations on the disk will be performed in an asynchronous manner (async).
  39. C. The fstrim command is used to remove blocks that are not in use. The fstrim command is frequently used in a SAN configuration to give back unused storage to the SAN. The fstrim command can also be used with solid-state drives for the same purpose. The other commands shown are not valid.
  40. A. The --create option enables creation of a RAID array that will use md. The typical argument is the /dev/mdN device. The other options listed are not valid for mdadm.
  41. B. The lvcreate command is used to create a logical volume from previously created physical devices and volume groups. Using lvcreate is the final of three steps in the process for using LVM prior to actually using the logical volume.
  42. A. The ss command provides many of the same functions as netstat but can show some extended information, such as memory allocation for a given socket. The free command shows memory usage but not by socket, and the other two commands do not exist.
  43. D. The -f option is a flood ping. This will effectively cause the interface to send and receive large amounts of traffic, usually making it easier to find on a switch. The -a option is an audible ping, emitting a sound on ping. The -c option sends a certain count of pings, and there is no -e option.
  44. C. The bs option is used to specify block size. Various suffixes are possible, such as M, which is equivalent to megabytes, and K, which is equivalent to kilobytes.
  45. B. The --size-only option examines whether the files being synchronized are the same size. This can be helpful for situations where there may be significant time skew or other issues preventing the normal differencing mechanisms from working properly. The other options shown are not valid for rsync.
  46. A. The lowest-priority number wins for MX records, thereby making 0 the highest-priority MX record for the domain.
  47. D. DNS typically uses UDP port 53 except for zone transfers, in which case TCP port 53 is used due to the size of the request for most zones.
  48. D. The axfr type can be used with dig to request a zone transfer. The client from which you request the zone transfer will need to be authorized to initiate a transfer.
  49. D. The file /etc/exports contains definitions of filesystems to be shared using NFS. The other files are not valid for use with NFS.
  50. B. The max-lease-time directive, followed by the number of seconds, specifies the amount of time that a given host can have a lease before it is purged. The other options shown are not valid in a dhcpd.conf configuration file.
  51. A. Within nsswitch.conf, the passwd line contains information about authentication. The format is as shown in the correct answer. Local authentication is accomplished using the files keyword for the normal passwd file. There is typically a similar line called shadow, assuming that the server is using shadow passwords. The shadow line follows a similar format.
  52. D. The ssh-keygen command generates a public and private key pair that can be used for user authentication between a client and server. The other commands shown are not valid.
  53. D. The file authorized_keys contains keys that can then be used for authentication when the corresponding private key is sent by the client. The other files are not valid.
  54. D. A logical location to begin troubleshooting is within the system BIOS or firmware to ensure that the drive is being detected by the computer.
  55. B. The export command is used for this purpose and accepts a name=value pair, as shown in the answer. The other commands are not valid, with the exception of the echo command, which will simply echo the argument to the console.
  56. C. The HISTFILESIZE option configures the number of commands to keep in the history file. The other variables are not valid within bash.
  57. C. The awk command shown can be used for this purpose. The -F option sets the field separator, and the OFS option sets the output field separator.
  58. B. The git clone command will clone into a different directory if that directory is passed on the command line, as shown in option B. The other options shown are not valid git clone syntax.
  59. A. The export command is necessary so that any variables that are manually defined in your current session become available to child processes. The source command executes the file and can be used for the purpose described but requires an additional argument. The let and def commands are not valid.
  60. C. The source command is the functional equivalent of a single dot (.). The set command exists but is not used for this purpose. The other commands are not valid.
  61. A. The correct syntax is as shown. Note that a semicolon is required when the commands are included on one line, as shown in the answer.
  62. B. The -f option sets the days between expiration and disabled for an account. The -g option is used to set the group ID, while -e is used to set the overall expiration date.
  63. C. The -r option to the crontab command removes all cron entries for a given user. The -l option lists cron jobs, while the -e edits the crontab. There is no -d option.
  64. D. The journalctl command is used to view and parse log file entries on systemd-based systems that maintain logs in a special format. The logger command can be used to create log entries, and the other commands shown do not exist.
  65. C. The lpr syslog facility sends messages from the lp subsystem to syslog. The auth facility is used for security-related messages. The other listed options are not syslog facilities.
  66. D. Standard LDAP traffic is TCP port 389 on the server. TCP port 25 is SMTP, 443 is HTTPS, and 143 is IMAP.
  67. C. When connecting to an alternate port, you can use the -p option to set the port or use a colon to separate the host from the port.
  68. D. The -p option preserves permissions. The -x option extracts while -z unzips with gzip. The -v option is verbose.
  69. B. The -i option tells patch to ignore whitespace. This might be necessary when the patch file doesn’t match exactly what’s needed. The -p option sets the level of directory for the patch, while -e informs patch to interpret as an ed script. There is no -w option for patch.
  70. C. LUKS encryption is the default mode for the dm-crypt command. Other modes include plain, loopaes, and tcrypt.
  71. B. The -r option reverses the journal, displaying the newest entries first. The -n option shows the most recent N events, -f is follow, and -b tells journalctl to show a message from a specific boot ID.
  72. D. The emergency target can be used in situations where rescue mode cannot recover the system. The other targets are not valid.
  73. A. As specified in the question, you need to remove both group and user ownership, therefore both -g and -o are needed. The other options are not valid, although you can remove individual options from an archive process with --no-g and --no-o, which would be equivalent to removing the -g and -o options from the command.
  74. B. The -r option bypasses the routing tables and enables sending packets directly using an interface. The -A option is adaptive ping, while -b enables sending pings to a broadcast address. The -q option is quiet output.
  75. B. The -b option makes a copy of the original file before patching. This can be particularly useful in a scripted scenario where several files are patched in succession. The -d option causes a change directory prior to patching, while -c tells patch to interpret the patch file as a normal diff file. The -s option causes patch to work in silent mode.
  76. C. Orchestration software can use an agent, which is described as part of the question, or the orchestration software could also be agentless, not requiring special software to be installed on each client machine.
  77. B. The escape sequence is a carriage return, and is newline. The c sequence invokes a control character and is not related to this question.
  78. A. The -f file test checks to see if the file exists and is useful in a scripting scenario as described.
  79. C. By invoking a shell specifically for the commands in the script, you can execute the contents of the script. Option A requires the execute bit to be set. The other options won’t work.
  80. A. The ls-files command will be used for this purpose, and -i or --ignored will be used, along with a required exclusion pattern, thus making option A correct. Option B is missing the required exclusion pattern.
  81. A. Redirecting input from a file uses the less-than sign. Option B takes the output from script.sh and sends it to file.txt. Option C tries to use file.txt as input but without any way to send the contents to STDOUT. Option D executes script.sh and sends the contents to file.txt, which is opposite of the scenario.
  82. B. The -c option sets the maximum mount count. The -C option sets the current number of mounts. The -b and -a options do not exist.
  83. D. The -f option, also known as fake, is helpful for situations where you need to debug the mount process or when you need to add an entry to /etc/mtab for a previously mounted filesystem. The -l option shows labels, and -v is verbose. There is no -q option.
  84. A. The netstat command can be used for this purpose, and the -r option displays the current routes. The addition of -n prevents DNS lookups, which can help with performance.
  85. A. The ps command provides information on processor and memory usage for individual processes. You can use this information to predict capacity.
  86. C. The wa statistic shows time spent waiting for I/O and can be used to measure or find a bottleneck related to disk. The us statistic is time spent on userspace processes, while sy is time spent on kernel processes. There is no statistic called io within vmstat.
  87. A. Load average with the uptime command is displayed in 1-, 5-, and 15-minute increments.
  88. A. The -a option displays all values and their current settings for sysctl. The -b option is binary and displays values without any newlines. The -d option is an alias for –h, which displays help. There is no -c option.
  89. B. The SIGTERM signal is the default signal sent with the systemctl kill command.
  90. C. The ldconfig command is used to work with the library cache, and the -p option prints the directories and libraries in the cache. The -C option informs ldconfig to use a different cache. The ldd command prints the library dependencies for a given command, but the options given don’t exist for ldd.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.225.35.81