Chapter 1: Hardware and System Configuration
modprobe
command loads the module and its dependencies, if applicable. The lsmod
command is used to list currently loaded modules, making answer B incorrect. The insmod
command will load a given module but not its dependencies. Answer D, rmmod
, is used to remove a module from memory.single
given on the Linux kernel command line will boot the system into single-user mode. The other options are not valid.dmesg
command displays the contents of the kernel ring buffer. On many Linux distributions, this log is also saved to /var/log/dmesg
. The other options shown for this question are not valid commands.lsmod
command is used to list currently loaded kernel modules, thereby making answer D correct for this question. The insmod
command (answer A) is used to load modules. Answer C is a valid command but not a valid option for that command, and answer B does not exist./boot/efi
. Files with an efi
extension, like linux.efi
, might be found in dual-boot scenarios, but the .efi
extension is not technically required.mount
command is used to mount drives in Linux. The source and destination mount point are expected as arguments. Drive partitions begin at number 1, making the first partition number 1.lsmod
, it typically means the kernel has a driver already loaded by virtue of being compiled into the kernel itself rather than loaded through a module. The use of systemd
(answer A) or initramfs
(answer B) would have no effect.-w
option causes the module to wait until it’s no longer needed prior to unloading. The other options are not valid for rmmod
.update-grub
command sends its output to STDOUT
. Therefore, you must redirect using >
and send that output to the correct file. The other options are not valid for this purpose. Answers C and D are not valid commands, while answer B contains invalid options and an invalid location for the destination file./etc/default/grub
file can be used for this purpose. You may also edit /boot/grub/grub.cfg
, but this was not an option given for this question.-o
option can be used to specify a destination file to which output will be sent instead of STDOUT
. The other options listed in this question do not exist./boot
partition will typically be much less than 500 MB but should not be undersized. The used space within /boot
will increase as more kernels are added, such as during an upgrade process.pvcreate
command initializes a physical partition for future use as a logical volume with LVM.grub2-install
command is used to install GRUB onto a disk. The second SATA disk would be /dev/sdb
, therefore making answer D the correct option.lvcreate
command is used to create logical volumes with LVM. The pvcreate
command initializes physical volumes prior to creating logical volumes. The commands in the other two options for this question do not exist.grub-mkconfig
command should be run after making a change to the /etc/default/grub
file so that a new configuration file can be created with the changed option(s).lvmdiskscan
command looks for physical volumes that have been initialized for use with LVM.0,0
the first partition on the first disk. Answers A and C are not the first disk on the system, and answer B contains a nonexistent partition.grub-install
, and the first SATA drive is /dev/sda
. A device listed as hda
is typically a PATA drive, thereby making those options incorrect.-y
option will attempt to repair automatically, essentially answering ’y’
or yes instead of prompting. Of the other options, only -V
is valid and will produce verbose output.fdisk
to create one or more partitions. Then format the partitions, and then mount the partitions for use. Various filesystem types can be created with mkfs
and its subcommands. These filesystem types include ext3
, ext4
, xfs
, and ntfs
.tune2fs
command can be used for this purpose but should be used with care because it can result in data corruption.ext3
increased filesystem reliability and performance./srv
hierarchy is used for data for server programs. The /etc
hierarchy is configuration information, while /var
is also data files but variable files such as mail files. The /tmp
directory is for temporary files. Because each path begins with a /
, it is considered an absolute path.-a
option mounts all filesystems in /etc/fstab
that are currently available. Of the other options listed, only the -f
option is available, and it is a shortcut to the “fake” option, which does not do anything except perform a dry run of the mount.tune2fs
command displays a lot of information about filesystems including the number of times the filesystem has been mounted.-g
option displays progress of the dump. The other options listed do not exist.du
command will report on disk usage in a recursive manner, unlike the other commands shown here./etc/fstab
file is used to store information about the filesystems to mount within the system./media
mount point is used for removable media. See https://refspecs .linuxfoundation.org/FHS_3.0/fhs/index.html for more information on the FHS./etc/mtab
file contains currently mounted filesystems. Note that /etc/fstab
contains filesystem information but not about which filesystems are currently mounted.-r
option causes umount
to attempt to remount in read-only mode. The -v
option is verbose mode, and the -f
option forces the operation. The -o
option does not exist.fsck
settings.blkid
command will show partition UUIDs. You can also get this information with the lsblk -no UUID <partition>
command. The other commands shown in this question do not accomplish the required task.xfs_info
command is equivalent to xfs_growfs -n
.mkfs.btrfs
command is used to create btrfs
filesystems and does not require the drive to be partitioned.tune2fs
command is used for this purpose, and the -c
option sets the mount count for the specified partition. The dumpe2fs
command is used to print the superblock and block group information.parted
command can be used to resize partitions in such a way. The mkfs
command is not used for this purpose, and the other two options do not exist.vfat
to the mount
command, and the other elements of the mount
command are standard.c
option in gdisk
is used to change the partition name. The n
option creates a new partition, the v
option verifies the disk, and the b
option creates a backup of GPT data to a file.-b
option prints known bad blocks. The -f
option is used to force the display of information, and the other options don’t exist.-A
option checks all filesystems in /etc/fstab
, while the -M
option excludes the root filesystem.fsck
option, which is represented as a number in the /etc/fstab
file, sets the order that the device is checked at boot time./etc/timezone
is used to indicate the local time zone. The other files listed as options do not exist./usr/share/zoneinfo
hierarchy, you will find information on the various regions and time zones available. The files within this hierarchy can be symlinked to /etc/localtime
.dominfo
command within virsh
displays information regarding the domain. The other commands are not valid.LC_TIME
environment variable is used to control the display and behavior of the date and time and can be changed to a different locale in order to achieve the desired display and behavior of date and time formatting. The other options shown for this question do not exist.timedatectl
command includes a list-timezones
subcommand to show known time zones. The tzsel
command does not exist; but there is a similar command called tzselect
that will, by default, display a step-by-step menu to select a time zone. The eventual output will include a region/time-zone line, such as America/Chicago, as output.TZ
environment variable is used for this purpose and the general format is as shown, thus making option D the correct answer.LANG=C
is an alias for POSIX compatibility and will cause programs to bypass locale translations. The other options shown for LANG
are not valid.LC_ALL
variable can be used to set environment variables such as the locale and will override others. This can be used when there is a need for a temporary change. The other variables listed here are not used for this purpose and are not created by default.ln
command is used for this purpose, and the -s
option creates a symbolic link, while -f
forces or overwrites the destination. The other options and order of commands are not valid.LC_MONETARY
variable is used by certain programs to determine the localization for currency.hwclock
command is used to both query and set the hardware clock, such as the one maintained by the system firmware or BIOS. The ntpdate
command is used to set the local system time but is not related to the hardware clock. The other commands are not valid.-s
option sets the date and time as specified within the command. If there is another means to automatically set the date, it may override the change. For example, if ntpd
is running, that process may alter the date even after it has been set with date -s
.-w
option sets the hardware clock to the current system time. The -s
option does the opposite, setting the system time to the hardware clock. There is no -a
or -m
function for hwclock.
--systohc
will set the hardware clock according to the current system time. The use of --utc
is required in order to ensure that the time is set to UTC. If --utc
is omitted, the time will default to whatever was used last time the command was run, which could be UTC but might be local time instead. Therefore, the best option is A.netstat
command can be used for this purpose, and the -r
option displays the current routes. The addition of -n
prevents DNS lookups, which can help with performance.route
command is used for this purpose, and adding a route is done with the add
option. The default gateway is added using the default gw
keywords followed by the IP of the gateway and the adapter.host
command enables changing of the query type with the -t
option. Using ns
as the type will query for the name servers for a given domain. There is no all
type, and the other options are also invalid.-I
option enables the choice of interface. A lowercase -i
option sets the interval, while -a
indicates an audible ping. Finally, -t
enables a TTL-based ping only.host
or dig
command can be used for this purpose by setting the type to mx
. The mx
type will query for the mail exchanger for the given domain. There is no smtp
type.::1
. Addresses shown like 127 represent the IPv4 localhost range but are not written properly for IPv4 or IPv6.ip
command with the monitor
option/subcommand will display netlink messages as they arrive. There is no netlink
subcommand for ip
, and the route
command will not work for this purpose.database: databasename
with additional database names separated by spaces, as shown in the correct option for this question.@
symbol is used to indicate a server to which the query will be sent directly. This can be quite useful for troubleshooting resolution problems by sending the query directly to an authoritative name server for the domain. Of the other options, -t
sets the type, and the other options are not valid.getent
command is used for working with NSS databases, and getent hosts
will display the available hosts using the databases configured in /etc/nsswitch.conf
.nameserver
, and the value for the option is the IP address of the desired name server. Several options affect how name resolution is performed, such as the number of attempts and timeout. See resolv.conf(5)
for more information.route
command can be used for this purpose, and the syntax includes the network range, denoted with the -net
option, followed by the word netmask
and the masked bits, followed by the letters gw
and the IP of the gateway. The other options shown are invalid for a variety of reasons including missing keywords and options and order.netstat
command is used for this purpose, and the -a
option displays all sockets, listening and non-listening. Note that it’s frequently helpful to add the -n
option, or combine options as in netstat –an
, in order to prevent name lookup. Doing so can significantly improve performance of the command./etc/hosts
to override DNS lookups, which can be useful to prevent those names from resolving or to provide a different resolution.ip route
command can be used for this purpose, and its syntax uses a change
command and the via
keyword. The same operation could be completed with the route
command but would require deleting the existing gateway first and then re-adding a new default gateway.soa
type is used to query for Start of Authority records for a domain. Note that in many cases, dig
will attempt to look up the domain within a given command and may not appear to have had an error. For example, when running option D (dig -t auth example.com
), you will receive information about example.com
, and there will be a line in the output saying that dig
has ignored the invalid type of auth
.search
option is used for this purpose and can be provided with multiple domain names, each separated by a space or tab. The domain
option is valid within /etc/resolv.conf
but does not allow for multiple domain names.route
command can be used for this purpose, and in the scenario described, a reject
destination is used for the route. The other options shown are invalid because they use invalid options to the route
command.-c
option provides the count of the number of pings to send. The -n
option specifies numeric output only, while -p
specifies the pattern to use for the packet content. Finally, the -t
option sets the TTL./etc/hosts
. Doing so will always cause DNS queries to resolve to 127.0.0.1. The other options are not as robust because they rely on www.example.com
always having the same IP address, or the solutions require additional maintenance to constantly add new IP addresses if www.example.com
’s
IP address changes.ip route flush cache
command should be executed after changing the routes. The other commands shown for this question are not valid.txt
record type in DNS, thereby making -t txt
the correct option for this. Of the other answers, only -t mx
is valid; it returns the mail exchangers for the given domain.G
signifies a gateway within the route table.axfr
type is a zone transfer, and the @
symbol signifies the server to which the query will be sent. There is no xfer
type, and option B is just a normal query for the domain sent to the specified server.-p
option to iostat
displays information on devices and partitions. The -c
option shows CPU utilization, and -d
shows device utilization. There is no -a
option.df
command displays information on disk usage and can help with planning disk utilization over time. For example, if you note that disk utilization is increasing significantly, preparations can be made to bring more disks online or even to change the log rotation schedule such that logs are rotated faster, thereby freeing up space.mkinitrd
command is used on older systems to create the initial RAM disk. The initial RAM disk is used to load (some might say preload) essential modules for things like disks and other vital components needed for booting.lsmod
command is used to display currently loaded modules. This is useful for scenarios where you are migrating from the stock or distribution-provided kernel to a custom kernel and need to know which modules to compile into the new kernel.depmod
command is used to create a list of modules. The list is kept in a file called modules.dep
, the location of which is dependent on the distribution of Linux in use.-a
option displays all values and their current settings for sysctl
. The -b
option is binary and displays values without any newlines. The -d
option is an alias for -h
, which is help display. There is no -c
option. The sysctl
options can also be found in /etc/sysctl.conf
.modprobe
command examines dependencies for a given module and loads both the dependencies and the requested module.modinfo
command provides information on a given kernel module. You can use modinfo
to find out the parameters needed for a given module and the modules on which it depends, among other information. The modprobe
command is used to load a module. There is no tracemod
or modlist
command.insmod
command inserts a module into the running kernel. It does not, however, attempt to resolve dependencies but rather outputs an error if there are dependent modules or kernel symbols that are not available.-r
option removes the named kernel modules and attempts to remove any modules on which the named module depends, where possible. The -d
option sets the root directory for modules, while -v
is verbose and -f
forces the module to load./etc/modprobe
.d directory is used for storing configuration information related to modules such as that used for blacklisting purposes, and also for other configuration information such as udev
and module options.dracut
command is used to create the initial RAM disk for newer systems and has replaced the legacy mkinitrd
command used for the same purpose./etc/sysctl.conf
will take effect on boot. The other files listed are not valid.--show-depends
option displays the dependencies for a given module. The other options are not valid for the modprobe
command.mount
command is [partition] [target]
, thereby making option C correct. The other options are not valid because the arguments are in the wrong order.-n
option changes the boot order for the next boot only and boots from the specified partition. The -b
along with -B
modifies and then deletes the option. The -o
option sets the boot order. The -c
option creates a boot number.shim.efi
can be used as an initial bootloader for this purpose.bcfg
command within the UEFI shell is used to configure bootloaders on a UEFI-based system. The command can accept various parameters to configure how the bootloader and kernel will load on boot. Of the other commands shown, grub-install
is valid but not within the UEFI shell.pxelinux.0
must exist within /tftpboot
on the TFTP server in order for a system to use PXELINUX for booting. The other files are not valid or necessary for PXELINUX. Once booted, PXE boot can boot using an NFS-mounted filesystem where the filesystem is physically hosted on a different computer.--boot-directory
option enables you to specify an alternate location for GRUB images rather than the default /boot
. The other options shown for this question are not valid.shim.efi
bootloader loads another bootloader, which is grubx64.efi
by default. The other options are not valid filenames for the purpose described.-t
option sets the filesystem type as ext2
, ext3
, or ext4
. The mke2fs
command is typically symlinked from /sbin/mkfs.ext2
, /sbin/mkfs.ext3
, and /sbin/mkfs.ext4
. The -f
option forces mke2fs
to create a filesystem. The -a
and -e options do not exist./etc/crypttab
file contains the filesystems and devices that are encrypted. The other file locations do not exist by default and are not related to this question.-b
option. The -f
option forces dumpe2fs
to perform the requested operation, and the other command options do not exist.-f
option specifies that xfs_check
should check the contents of the named file for consistency. The -v
option sets verbosity, and there are no -d
or -a
options.-b
option, thus making option A correct. The other options are not valid for xfsrestore
.defaults
for its mount options will be mounted read-write (rw
), suid
, with the ability to have executables (exec
). The filesystem will be auto-mounted (auto
), but users will not be able to mount it (nouser
). Character and block special devices will be interpreted (dev
), and operations on the disk will be performed in an asynchronous manner (async
).-z
option sets the maximum size for files to be included in the dump. The -b
option sets the block size but is not related to what is being asked for in this scenario. The -s
option sets the path for inclusion in the dump, and -p
sets the interval for progress indicators.fdisk
. The other options shown are not valid partition types./dev/disk/by-id
directory contains symbolic links to /dev/sd
, such as /dev/sda
. Because WWIDs can be used to identify a device across systems, they are often used within the context of SANs. The other directories listed as options do not exist.pvdisplay
command shows information about a given physical volume. You can use pvdisplay
to view the device on which the PV is built along with the extent size of the PV. The other commands shown are not valid.fc
are those found through Fibre Channel. Therein lies the difference between options B and C, where option C contains the letters scsi
, which would usually represent a local disk. The other options are not valid.multipath
command is used for administration of devices such as LUNs and can be used for finding the path to LUNs for a server, such as in a SAN configuration. The other commands are not valid, with the exception of ls
: it is valid, but the option shown is related not to LUNs but rather is a combination of various flags to the ls
command.fstrim
command is used to remove blocks that are not in use. The fstrim
command is frequently used in a SAN configuration to give back unused storage to the SAN. The fstrim
command can also be used with solid-state drives for the same purpose. The other commands shown are not valid.-E
option signals that an extended option follows, such as stripe_width
. The -f
option forces an operation but should not be necessary for this solution, and the -e
option sets the behavior on error. There is no -extend
option.--create
option enables creation of a RAID array that will use md
. The typical argument is the /dev/mdN
device. The other options listed are not valid for mdadm
./dev/mapper
directory contains information about multipath devices such as logical volumes. The other directories are not valid.--monitor
option is used to actively watch an array for issues such as disk failure. The monitoring can be done as a daemon and run in the background, thereby alerting when there is an issue.MAILADDR
option sets the destination address for mail about RAID events that are noted by mdadm
when in monitor mode.ip
command defaults to the inet
family if not otherwise specified with the -f
option. The command will attempt to guess the correct family and fall back to inet
. The other families listed as options for this command are not valid for use with the ip
command.iwconfig
command, which is similar to the ifconfig
command, works with an individual wireless interface to set and display parameters. Of the other commands, the ifconfig
command is valid but not used for wireless. The other commands are not valid.ss
command provides many of the same functions as netstat
but can show some extended information, such as memory allocation for a given socket. The free
command shows memory usage but not by socket, and the other two commands do not exist.-p
option shows the process IDs associated with a given socket within the ss
output. The -a
option is all sockets, while -l
is listening sockets. The -f
option is used to specify the protocol family./etc/network
directory contains information on network interfaces and contains directories that then further contain scripts to be executed when interfaces are brought up or down. The other directories listed do not exist./etc/hosts
./etc/resolv.conf
are preceded with the options
keyword followed by one or more options such as debug
.-f
option will force the umount
to occur. The --fake
option is essentially a dry run in that it won’t actually unmount a filesystem. The other two options do not exist.--output
option configures the location for output of the command instead of STDOUT
.lpxelinux.0
contains the necessary code to support booting from HTTP and FTP./etc/grub2.cfg
is usually a symbolic link to /boot/grub2/grub.cfg
.vmlinuz
file has been compressed and therefore consumes less disk space than vmlinux
. Both contain the Linux kernel in binary format./usr/lib/modules/{kernel-version}
./var/log/kern.log
contains kernel messages and can be used to troubleshoot a kernel panic.localectl
command is used to view and configure settings such as the keyboard layout for a given locale. The other commands listed do not exist./etc/sysconfig/network-scripts
contains files related to network configuration. It is not preferable to edit these files directly any longer but rather to use commands such as nmcli
and nmtui
through the Network Manager. The other paths do not exist by default.e2label
command changes the filesystem label. The other commands do not exist./etc/modprobe.conf
, which is a legacy file and may be removed in a later version of Linux, contains information on the configuration of modules on the system. The other files do not exist.active-backup
is used for creating an active-passive
configuration where if one adapter goes down, the other takes over. The other options are not valid.kernel-install
command uses the files found in the /usr/lib/kernel
directory to install a kernel and related files into /boot
. The other commands listed here are not valid./
whereas an absolute path always begins with a /
, indicating the root of the filesystem. The other options, virtual and symbolic, are not valid names used to describe paths.time
command includes timing information such as sys time, user time, and real time. The other commands are not valid.ext3
and ext4
filesystems can be resized using resize2fs
. Both NFS and CIFS are network filesystems and therefore are not relevant to this question.connect
subcommand connects to the hypervisor. The other options are not valid subcommands for virsh
.--list
option shows the available character sets on the system. Character sets such as ASCII, UTF-8, and UNICODE are displayed if they are supported on the system. The other options given for this question do not exist./dev/
filesystem is used to store information about connected devices. The /etc/
filesystem is used for configuration files, and there are no proscribed directories for development or kernel device lists./proc/mounts
file shows the currently mounted filesystems. The file /etc/fstab
is used for mounting filesystems but is not kept up to date with filesystem mounts as they change. The other files listed do not exist.cloud-init
. XML and the other formats listed are not used for cloud-init
.-g
option clears the cache to remove devices that do not exist. The -p
option bypasses the cache. There are no -a
or -m
options for blkid
./dev/disk/by-uuid
file shows the UUID of the disks on a system. The other locations do not exist./etc/sysconfig/network
file is created by default but is no longer populated on systems like RHEL7. It can be used in place of Network Manager for environments that rely on this location. The other options given for this question do not exist.virt-install
command is used to create a virtual machine. The other answers given do not exist.-R
option skips the root filesystem when the -A
option is used. The -M
option does not check mounted filesystems. There is no -S
option./proc/partitions
file contains a list of partitions on the system along with their major and minor numbers and the number of blocks. The /dev/disk/
option is a directory and not a file and so is not correct for this question. The other options shown do not exist./sys/block/sda/stat
contains information about the sda
device. The /sys/block
hierarchy contains information about block devices on the system./etc/netplan
, which are used for network configuration on newer Ubuntu systems, should be formatted with YAML and named with a .yaml
extension.-s
option summarizes the output by directory, while the -h
option presents the output in a more human-friendly manner.balance-rr
mode is used to provide round-robin load balancing. The other options given are not valid modes.-D
option tells dmesg
to stop displaying messages to the console. The -F
option is valid but is used to read from a file, so it is not relevant for this question. There are no -o
or -Q
options.-f
option forces unload of the module. The other options are not valid for rmmod
.-A
option examines modules.dep
for newer modules rather than regenerating the file automatically if there are no changes. The -C
option changes the configuration file location. The other options are not valid for depmod
.lsblk
command shows device information in a treelike structure and shows the other information specified along with major and minor information and whether the partition is read-only. Of the other options given, fsck
is the only command, and it is not used for the purpose described.-m
option displays output in a machine-readable format. The -v
option prints the version of parted. There is no -p
or -S
option.brctl
command is used to create ethernet bridges and is also used to manage bridges once created. The other options shown are not valid./etc/dhcpd.conf
is used for configuration of DHCP. It is worth noting that the location of this file varies between distributions and can sometimes be found at /etc/dhcp/dhcpd.conf
as well. The other options given for this question are not valid file locations.ethtool
command will be used for this purpose, and the -i
option displays the driver in use. The other commands are not valid for this purpose.server
command changes the destination for queries sent from nslookup
during that session. The other options shown are not valid.Chapter 2: System Operations and Maintenance
/proc/interrupts
. Therefore, viewing the contents of the file with a command such as cat
will work. There is no view
command, thus making answer A incorrect. Likewise, there is no /dev/irq
file, thereby making answers C and D incorrect./etc/udev
and the related /etc/udev/rules.d
, which makes answer D correct. The other options do not exist.lsusb
command is used to obtain a basic list of USB devices on a system. The other commands are not valid. In the case of answer D, the ls
command is valid, but there is no --usb
option./etc/init.d
on a system using SysVinit. You may sometimes find these linked from /etc/rc.d/init.d
as well. The other options are not valid for this question.init
command can be used to access different runlevels. Runlevel 6 is used for rebooting the system. Answer B will shut down the system entirely, not reboot it. Answer C will place the system into single-user mode. Answer D is not a valid option.--list
option will show all services on a system along with their status for each runlevel. The on
and off
options enable and disable a service, respectively.ExecStart
option indicates the command to be executed on startup of a systemd
service.systemctl get-default
command will show the default target. The other commands and options are not valid.enable
option configures the service to start on boot. The start
option, answer D, is used to start a service immediately. The other options are not valid for this command./proc
filesystem contains information about currently running processes and additional information about the kernel and current boot of the system.ldconfig
command updates the current shared library cache and list. ldconfig
reads /etc/ld.so.conf
and incorporates any changes found within it. The other commands listed as options for this question do not exist.upgrade
option for apt-get
will upgrade the system to the latest version of software for packages already installed. The apt-update
command does not exist, nor does the -U
option to dpkg
. The apt-cache
command is used to work with the package cache.yum install
command will install a given package. The update
option will update a package. The other options listed do not exist.rpm2cpio
sends its output to STDOUT
by default, and therefore that output needs to be redirected to a file in most cases.ldd
command will list the libraries on which the command’s argument depends.-t
option to lsusb
will print output in a treelike format so that you can see which devices are connected to which bus. The other arguments to lsusb
are not valid, and the usblist
command is not real.systemctl status
command and option are the most appropriate. The telinit
and sysctl
commands are not used for this purpose. Likewise, the --ls
option is not valid for systemctl
.isolate
option is used to move the system into the target specified, thereby making option B the correct one. The other options do not exist.telinit
command can be used to refresh the system after changes have been made to /etc/inittab
. Notably, answer B will reboot the system, but that was not an option given the question asked. Answers A and D are not valid commands.runlevel
command displays the current runlevel for a system. Answer B is not a valid option to the init
command, while adding sudo
in front of the init
command makes no difference. Answer A is not a valid command./lib/systemd/system
. The other directory options for this question are not relevant or do not exist by default.ln
command located in the current directory, linked to .configs/fetchmail/.fetchmailrc
. The file is owned by the root user and root group and was created on July, 8, 2014.systemctl
command is used to work with services and targets. The list-units
command is used to list targets. The other commands are not used for this purpose or do not exist with the required option.-nn
option displays both numbers and device names, thus making answer C correct. The -n
option (answer B) displays only numbers. The other two options do not exist./proc/bus/usb
directory contains information about USB devices. The other directories are not valid for this purpose. With udev
-based kernels, /proc/bus/usb
may not exist by default. The path is part of the legacy usbfs
./dev/sdX
, just like a SCSI disk. /dev/hdX
is a traditional ATA disk. The other options do not exist./var
should be the largest for a mail server because mail spools are stored within this hierarchy. The /etc/
hierarchy is usually small, as is /usr/bin
. The /mail
directory does not exist by default.deplist
option displays the dependencies for the given package. The list
option displays information about a specific package, while the other two options are not valid.-ivh
options will install a file using rpm
, displaying both verbose output and hash marks for progress. The other options presented do not exist or do not accomplish the specified task.apt-cache
command is used to work with the package cache, and the search
option is used to search the cache for the supplied argument, in this case zsh
. The apt-get
command is used to work with packages themselves, while the apt-search
command does not exist.yum
are located in /etc/yum.repos.d
. Of the other options, /etc/yum.conf
is a file and not a directory, and the other directories do not exist.-V
or --verify
option will check the files in a given package against versions (or checksums) in the package database. If no files have been altered, then no output is produced. Note that output may be produced for files that are changed during installation or for other reasons. Note also the use of an uppercase V
for this option, as opposed to the lowercase v
for verbose./etc/lib
directory is not typically associated with library files and does not typically exist on a Linux system unless manually created. The other options either contain system libraries or can be used for that purpose.apt-get update
command will cause the package cache to be updated by retrieving the latest package list from the package sources. There is no cache-update
option or update
option to apt-cache
. The upgrade
option is used to update the system’s packages, not the cache.sources.list
located in /etc/apt
contains the list of repositories for Debian packages. The other file locations do not exist by default.dpkg-reconfigure
program will cause an already-installed package to be reconfigured or changed. The -r
option for dpkg
removes a package, thus making answer B incorrect. There is no reconf
option for dpkg
or reinstall
option for apt-get
.search
option performs a search of various fields such as the package name and description.rpm -q kernel
command will show the kernel version. You can also use uname -r
for the same purpose.exclude
option can be used to exclude certain packages. The argument accepts wildcards, and therefore excluding all kernel*
updates will create the desired behavior.-s
option to dpkg
searches for the given package and provides information about its current status on the system. The apt-cache
command is not used for this purpose, and the -i
option for dpkg
installs a package. The apt-info
command does not exist.-i
option to dpkg
will install a previously downloaded .deb
Debian package. The other commands don’t exist, and the -U
option for dpkg
does not exist..tgz
file typically indicates a zipped (compressed) tar file. The -z
option is used to indicate that the file should be decompressed, and -x
that the file should be unarchived. The -v
option is not required but provides verbose output. Finally, the -f
option indicates the file to use. If the file is not zipped, likely noted by having a .tar
file extension, then the -z
option can be omitted.info
option displays information about a given package on a system that uses the zypper
tool.search
option looks for packages by the name given on the command line. The other options are not valid for the dnf
command.g
option, also known as global
or greedy
, will apply the matched operation to the entire line rather than just the first instance of the match. The other options apply as they would for a Perl-Compatible Regular Expression.-l
option provides the number of lines given as input. For example, wc -l /etc/passwd
would print the number of lines in the /etc/passwd
file. The other options given in this question are not valid for the wc
command.head
and tail
print 10 lines of output by default.-rf
options to rm
will recursively remove contents of a directory, including other directories. The -f
option alone will not work in this case because of the additional directories. The other options given for rmdir
do not exist.-type
option causes find
to limit its search to directories only, while the -name
option limits the names of returned elements. Note the use of the wildcard due to the phrasing of the question. Also note the use of ./
to denote beginning the search in the current directory.cat
command will display the contents of the file /etc/passwd
and then pipe that output to the awk
command. The awk
command then parses its input, splitting along the specified separator for /etc/passwd
, which is a colon (:
). The output is then printed and piped to the sort
command. The sort
command in option B will not work because the cut
command requires an argument. Likewise, the echo
command in option C will only echo /etc/passwd
to STDOUT
.-l
option for ls
produces long or listed output, and -t
sorts by timestamp. The -r
option reverses the order, and -a
is needed to include hidden (dot) files, thus making answer C correct.touch
is run on a file that already exists.-i
option will cause both cp
and mv
to be interactive; that is, prompt before overwriting. The -f
option will force the command to run, while -r
is recursive.tee
command will send output to both STDOUT
and to the specified file, thus making answer C correct. Option A will redirect output to the correct file but not to STDOUT
simultaneously. The other answers will not work for this question.-p
option will cause mkdir
to create additional levels of directories without error. Running mkdir
without options will not work in this case. The -r
and -f
options to mkdir
do not exist.-R
option will copy directories recursively. Note that if the -i
option is not enabled, the recursive copy will overwrite files in the destination. The -v
option adds verbosity but does not cause any recursion, while the -Z
option does not exist.cut
command uses Tab as its default delimiter. This can be changed with the -d
option.fg
command will bring a command to the foreground if it has been backgrounded with either &
or the bg
command.:w
. The addition of q
will also quit. Note that you could use ZZ
to write and quit as well. The dd
command in Vi deletes a line, while x
deletes a single character.-n
option changes the number of lines of output for both head
and tail
to the number specified. The other options listed in this question are not valid for head
, and the -f
option follows a file with tail
as the file grows.-9
option invokes SIGKILL
, which will force the process to end. The 15
signal is the default. The -f
and -stop
options do not exist.STDOUT
and 2 represents STDERR
. Redirecting both means combining them in the manner shown in option C.*
represents 0 or more characters, and in this case the problem doesn’t care whether a person is using /bin/bash
or /usr/bin/zsh
. Likewise, .
matches a single character. But in the case of bash and zsh, you need to look at both the first and optionally a second character: thus the ?
, which makes the second .
optional. Finally, $
anchors the pattern at the end of the string and is key for this regular expression.o
command opens a new line below the current cursor location. The a
command begins an insert-mode session at the character after the cursor, not the line. The i
command begins an insert-mode session at the current cursor location.-HUP
as part of the kill
command will restart a process. Of the other answers, -9
will kill the process completely. The other two answers do not exist as valid means to kill a process.find
command beginning with the path and then the -name
argument will locate all files called .bash_history
. The output from the find
command should be piped to xargs
, which can then build further commands from standard input. Note that this question and solution assume that all users use the bash shell and are keeping history.-type f
to the find
command will limit the search to only files, and the -mtime
option will limit to modification time in day format.mv
command is used to move files, and *.txt
will look for all files with a .txt
extension. Note the fully qualified destination with a /
preceding the name tmp
.uniq
will display the unique zip codes, and the -c
option provides a count.less
. The / is used for searching forward. The H key displays help, and there is no function mapped to the X key.which
command returns the full path to the given command and is useful for determining both whether a given command is available and the location from which the command will run.ls
won’t show this information, the stat
command will show that it is a link and also show the inode to which the file is linked.-i
option to ls
shows the inode index number of files in the directory. The other options do not exist.-s
option to ln
creates a symbolic link or symlink.whereis
command displays pertinent information about the command given as its argument. For example, entering whereis apache2
on a Debian system will show the binary location, configuration file location, and other relevant details.quotacheck
command is used to update the quota file for the given filesystem. The quota -u
command will display the current quota for a given user. The other commands do not exist.l
within the listing indicates a symlink. There is no way to tell if a file or directory is temporary. A directory will display a d
instead of an l
.repquota
command is used for this purpose, and the -a
option will display information for all filesystems. If the command is given a -g
option, group quota information is shown.updatedb
command will update the database used by the locate
command.www-data
and change the permissions such that the group can write into the directory. Option B should never be used because it enables world-writing to the directory. The other options will not allow the web server group to write into the directory.-inum
option searches for files by their inode number. This can be useful when searching for the files involved in hard links..bash_profile
, .bash_login
, and .profile
. Only the first file found is executed; the others are ignored. The file /etc/profile
is a system-wide bash profile./etc/skel
directory contains files to be copied to the user’s home directory. The other directories listed for this question do not exist by default.--norc
option causes bash to execute without reading the /etc/bash.bashrc
(Debian derivatives) or /etc/bashrc
(Red Hat derivatives) file or the local ~/.bashrc
file. The other options listed do not exist as options for bash..bash_profile
file, if it exists in your home directory, will be executed on login. Note that placing the function in /etc/profile
would technically work, but then the function would be available to all users, which is not what the question asked for.Screen
section of xorg.conf
is used to logically bind a given graphics card and monitor each of which would be defined in its own respective section in the configuration file. The other options shown for this question do not exist.DISPLAY
variable can be used to remotely send the windows of an X session to another computer when using protocols like SSH. There is no XTERMINAL
or XDISP
environment variable, and XTERM
is typically a terminal window and not an environment variable.Welcome
option sets the message to be displayed to users within the display manager when they log in. For users that are remote, the RemoteWelcome
message can be used for the same purpose.screen
command is valid but is not used for this purpose.kmag
program magnifies items on a desktop and is used as an assistive technology. In general, kmag
can be used with other window managers as well.X11Forwarding
option must be enabled in order for X connections or windows generated from the X server to be sent over an SSH connection./etc/passwd
file contains various information about users on a system such as username and real name, along with user id (UID) and login shell. The file is world-readable.cron
is [minute hour day-of-month month-of-year day-of-week], thereby making option B the correct option for this question./etc/cron.allow
file is a list of users who have permission to create and remove their own cron
jobs. The /etc/crontab
file is used to store cron
jobs. The other files do not exist.at
command is used to run a series of commands that you enter. Unlike cron
, you can schedule commands from the command line to be executed in the same order entered rather than having to create a specific script for the commands. The syntax shown in option B sets the time to be one hour from now.userdel
command is used for this purpose, and the -r
option (lowercase) deletes both the home directory and mail spool files. The -R
(uppercase) option informs the userdel
command to use a chroot
directory.groupmod
command is used for this purpose, and the -n
option is used to change the group name. The other commands listed do not exist./var/spool/cron/crontabs
directory contains a file for each user that currently has one or more cron
jobs or entries. Note that the other files listed here are not valid for this purpose.atrm
command removes jobs given their ID. The ID can be obtained with the atq
command. The atq
and at -l
commands shown will list jobs but not delete them. The rmat
command is not valid./etc/crontab
file is a plain-text file that is treated as a system-wide cron
file. As such, the file is generally not associated with any single user, and it’s not necessary to run a special command after editing this file./etc/cron.daily
directory contains files such as scripts that are executed daily. There are corresponding cron.hourly
, cron.weekly
, and cron.monthly
directories that run on their respective schedules as indicated by the name of the directory.-m
option causes the user’s home
directory to be created. By default, if this option isn’t specified and CREATE_HOME
has not been set, the home
directory won’t be created. The -h
option displays help text, and the other options shown are not valid.usermod -L
command locks an account by placing an !
in the encrypted password. If the user has another means to log in, such as with an SSH key, using usermod -L
will not prevent their login.passwd
command will be used for this purpose. The -a
option displays all users but requires the use of -S
to indicate status. The -S
option alone will not produce a report for all users, and the --a
ll option is an alias for -a
./etc/shadow
file contains usernames, UIDs, and encrypted passwords and is not readable by any non-root user on the system due to the sensitive nature of the encrypted passwords. The /etc/passwd
file contains usernames and UIDs but not encrypted passwords. The other two files listed for this question do not exist.usermod
command is used for this purpose. The -d
option changes the home directory, while -m
moves the contents. The other commands shown for this question are not valid.-G
option is a list of supplemental groups to which the user will be added. A lowercase -g
option provides the primary GID. The -l
option causes the user to not be added to the lastlog
and faillog
databases. There is no -x
option.chage
command is used for this purpose. The -d
option sets the days since the last password change and is measured in days since January 1, 1970. The -W
option is the days of warning for changing a password, and the -l
option displays a list of the various settings related to the account.crontab
command can be used for this purpose, and the -l
option is used to list the crontab
entries. The -u
option is needed to specify a user other than the current user.-r
option creates a system user, which will typically entail no expiration, no home directory, and a UID below 1000. The -s
option defines the shell and is not typically used for this purpose. The -a
and -S
options do not exist./etc/gshadow
file contains secure information such as an encrypted password for groups, where applicable. The /etc/group
file contains general information on groups. The other two files listed as options do not exist.groupdel
command cannot delete groups unless there are no users who have the given group as their primary GID. Therefore, option B best fits the scenario. There is no -f
or -r
option, making options A and D incorrect.id
command shows the username, UID, primary group and GID, along with supplemental groups. The passwd
and chage
commands are not used for this purpose. There is no getid
command.-c
option changes the comment field in /etc/passwd
. The comment field is typically associated with the real name of the account. The -R
option indicates a chroot
directory, while -d
indicates a change of home directory. There is no -n
option.find
command will be used for this purpose. The correct syntax is shown in option D. The group
command will merely look in the specified files for the number 1501; and the -u
option to grep
includes byte offsets, which is not applicable for this question.127.0.0.1
will use the localhost interface. Other local NTP clients would contact this server by its normal IP address.newaliases
command re-creates the aliases database on servers running Postfix, Sendmail, and qmail. There is no need to restart the mail server after running newaliases
. The alias
command shown in option C will create an alias for the command shell but is not related to Postfix./etc/cups
. However, it is also common to manage CUPS through its web interface. The other directories listed are not valid./var/qmail
by default. The queue directory is /var/qmail/queue
. The other directories are not valid on a default configuration of Qmail.info
severity level provides information messages for a given facility. Of the options given, emerg
is used for emergency messages and not normally used by applications, while debug
is the highest or most verbose level of logging available through syslog
.ntpq
command provides an interactive, menu-like interface into the NTP server. You can use ntpq
to check statistics on peers, for example. The ntpdate
command shown as option B is used as a command-line means to set the time. The ntpd
command shown as option A would execute the NTP daemon itself.lpr
command places a file (or standard input) into the print queue for lpd
to work with. The lpq
command prints the current queue. There is no lpx
command.which_jobs
and a value of completed
. The other URLs shown are not valid.postqueue -f
command is used to flush the queue. The command will process all emails that are awaiting delivery. The other commands are not valid for this purpose.local0
through local7
) facilities is appropriate.usermod
command with the -aG
option is used to append a group onto the user’s list of groups. In this case, the user needs to be a member of the lpadmin
group.mailstats
command is used for the purpose described. Of the other options, the mailq
command will display the current mail queue but not statistics on mail that has been processed. The other two options are not valid commands.systemctl
command is used for controlling services. In this case, restart
should be sent to the CUPS service as denoted by the name cups.service
.-f
option. Doing so facilitates exactly the scenario described: being able to examine logins from old log files. The -a
option controls the location of the display for the host, while -t
controls the display to show the logins as of the specified date and time. There is no -e
option.w
command shows currently logged-in users along with information such as uptime and load average. The fuser
command is used to show open files, and the -u
option to ls
controls the display for file listings. There is no listuser
command.YYYY-MM-DD
for the usermod
command.systemctl
command will be used for this purpose, and the subcommand is disable
. There is a stop
subcommand, but it will only stop the given service rather than prevent it from starting on boot. The other options are invalid for various reasons, including that they use systemd
as the command name rather than systemctl
.shadow
entry. The expiration date would be the eighth field, as separated by colons.make oldconfig
command will integrate the existing configuration file into the new configuration for the kernel. Care still needs to be taken for items that have moved or changed within the new kernel, to ensure that the configuration is correct.udevadm
command is used to work with the udev
interface into the kernel, and the monitor subcommand displays kernel uevent
s and other udev
events in real-time.systemctl
command will be used for this purpose, with the daemon-reload
subcommand. The reboot
option would work to reload the systemd
configuration but is not correct because it requires the entire server to reboot, which is not what was asked for in this question./etc/inittab
file contains the various runlevels and what to run at the given runlevel. For example, runlevel 1 is single user, runlevel 6 is reboot, and so on. The other files listed do not exist./etc/rc.d
hierarchy contains symbolic links to files found within /etc/init.d
. These symlinks are then used for executing the scripts at the appropriate runlevel. For example, on boot, the system will execute the scripts found in the runlevel
directory for each runlevel executed at boot time./etc/auto.master
contains the configuration for autofs
. The other files listed as options are not valid for this scenario./dev/nvme*
. No special drivers are needed other than those found in the native kernel on a modern system. The other answers do not exist as paths by default./sys/class/fc_host
contains other directories based on the Fibre Channel connections available. Within those host directories will be found the WWN (World Wide Name) in a file called port_name
. The other directory hierarchies are not valid./dev/mapper
directory contains information about multipath devices such as logical volumes. The other directories are not valid.iw
command will be used for this purpose. When using iw
with a specific device, the dev
keyword appears next, followed by the device name, followed by the command to execute on that device. In this case, the link
command is used.grep
command should be used, and the -i
option should be used in order to make the grep
case insensitive. When used with -v
, grep
will exclude the argument, thus doing the opposite of what’s needed here. The kernel ring buffer probably will not contain information about DHCP, therefore making dmesg
not the correct option.-c
option clears the kernel ring buffer after first read. The -C
option clears it immediately. The -e
option displays relative time and local time. There is no -a
option.-a
option provides archive mode, which is a substitute for several other options. The -r
option is recursive, the -o
option indicates that ownership should be preserved, and the -f
option enables a filter.man(1)
page for the make
command, the name Makefile
, with an uppercase M
, is the recommended name for the file. The name makefile
is valid as a default but is not the recommended option. The other files are not valid as default names.gunzip
command is used to uncompress files that have been compressed using gzip compression.install
target installs the final compiled files in their appropriate location and makes them executable, if applicable. Of the other options, distclean
is sometimes included as a target to return source files to their pristine state. The other targets listed are not valid.baseurl
option is used to set the URL and must be fully qualified, meaning it must include the protocol such as http://
or file://
./boot
directory almost certainly exists but has not been partitioned into its own space. The /boot
partition would not be hidden from lsblk
if it was indeed a separate partition.grep
command will be used for this purpose. Note the difference between grep -r
and grep -ri
. The question did not ask for case insensitivity, and therefore the use of -i
in option B makes it incorrect.-f
option will force the unmount to occur. The --fake
option is essentially a dry run in that it won’t actually unmount a filesystem. The other two options do not exist.<<<
character combination reads input from STDIN
or Standard Input and uses it as the body of the message for the mail
command.who
command displays who is currently logged in and the date and time they logged in. The whois
command displays information about domains. The other commands are not valid.named.conf
, located in /etc/
or /etc/bind/
, is the default configuration file for the BIND server. The file typically loads or includes other configuration files for specific configurations.openssl
command will be used for this purpose, with the genrsa
option. An output file is specified with -out
. The other commands containing openssl
all contain an invalid option. The final command is openssh
and is not used for this scenario.acl
configuration directive creates an access control list. Access control lists are powerful features of a Squid proxy setup and can include networks, MAC addresses, ports, browsers, and much more.http_access
directive is combined with ACL directives to define access to use the Squid proxy. The other directives are not valid for use in Squid.nmbd
daemon is responsible for NetBIOS name service request handling. The smbd
daemon is responsible for file and print sharing, and winbindd
provides user and group information. There is no daemon called samba
.PermitRootLogin
directive, set to yes
or no
, determines whether the root user can log in directly. The other options shown are not valid.push
directive is used to send a route to clients on connection. In this case, the network and netmask are sent, with 255.255.255.0
being appropriate for a /24
. The other options are not valid.WAYLAND_DISPLAY
environment variable is set if you are using Wayland. You can see it by running echo $WAYLAND_DISPLAY
. If there is output, then you are using Wayland.lsdev
command can be used to view information such as interrupts and DMA addresses. In the case of option B, there is no -interrupts
option to the ls
command. The other commands shown are not valid.control
subcommand is used for this purpose. When given the uppercase -R
option, it will cause udev
to reload the rules.service
command will be used for this purpose and requires the name of the service, which was given as part of the question, and the operation to perform. In this case, a restart of the service was required by the scenario.DisplayBase
configuration option is used to configure the local port on which NX will listen. This option is added to 11000. For example, the default value is 1001, making the port 11000 + 1001 = 12001.systemd-analyze blame
command can be used to troubleshoot boot times. The output from the command shows the time that it took various service units to start. Of the other options, only the time
command is valid, but it is not used for this purpose.-R
option creates a port forward and enables remote clients to connect. The -L
option also creates a port forward but does not allow remote clients to connect. The -P
and -E
options are not valid for this scenario.-o
option logs output to the file specified. The -k
option converts links, and the -r
option indicates recursive. There is no -b
option.service status
command is equivalent to systemctl status
on systemd
-enabled computers. The other commands do not exist with the specified option.diff
command is used to compare two (or more) files. Of the other options shown, only tar
is a valid command, and it is not used for this purpose.<VirtualHost>
directive begins a stanza that facilitates serving websites using virtual servers. The other directives are not valid for Apache.req
option begins the CSR generation process, typically also requiring -new
as an additional option. The other subcommands are not valid.-1
or -HUP
signal reloads the given process. The -15
signal is the default terminate signal, while -2
is an interrupt signal. The -9
signal is kill
and is considered bad practice except in emergencies when the process doesn’t respond to normal signals.>>
character combination is used to append output to a file. Because it is being appended, the output will not overwrite an existing file. The other character combinations shown are not valid for this purpose.stop
command, when used with the service
command, causes a given service to shut down. The service can be started again with the service start
command. The other options shown are not valid commands to use with the service
command.abrt
, uses /var/tmp/abrt
on CentOS 7. In CentOS 6, /var/spool/abrt
was used.trigger
command is used to replay or trigger events. The other options shown are not valid for use with udevadm
.set-chassis
command configures the type of machine on which the hostnamectl
command is running. This can be useful for certain types of applications. The other commands shown are not valid./etc/rc.local
can be used for this purpose. Commands within /etc/rc.local
will be executed after the computer has gone into multiuser mode. The other options shown are not valid files for this purpose.rndc
command is used to control a BIND server, including over a remote connection. The other commands shown are not valid.<video>
stanza is used to add a video device when configuring Spice. The other options shown are not valid for use with Spice.<<
operator is used for this purpose and will read from STDIN
until the specified character or characters are encountered. This is sometimes called a Here Document or HEREDOC. Among the other options for this, only >
is valid and causes STDOUT
to be redirected.--level
option enables the setting of specific runlevels. The other options given are not valid for use with chkconfig
.-o
option sets the local filename. The -O
option preserves the remote filename. The -f
option causes curl
to fail silently, and the -l
option is used with FTP to cause a name-only listing.groupadd
command is used to add a group to the system. The other options shown are not valid.whoami
command shows the username of your current effective user ID. Of the other commands shown, only the w
command is valid, and it shows who is logged in but not a user-ID-to-username association./etc/profile.d
directory can be used to store files and scripts that are then executed on login. Of the other answers, /etc/profile
does exist, but it is a file and not a directory. The other answers are not valid directories./etc/rcS.d
directory contains a script to configure udev
at boot on Debian. The other directories are not used for the scenario described.systemctl stop <service>
. This is different from the service
command, which would be service <service> stop
. The other commands are not valid for the scenario described.Monitor
section is where configuration for a specific monitor goes within an X11 configuration. The other options shown are not valid for this scenario./dev/null
location will accept input and not consume additional disk space when output is redirected to it. The /dev/random
device exists but is not valid for this scenario. Likewise, redirecting to a network interface or regular file does not meet the criteria for this scenario.-d
option sets the delimiter for use with paste
. The other options shown are not valid for the paste
command.reload
target or command, used as part of a service
command, causes the daemon to reload or re-read its configuration files.Environment
key is used to configure environment parameters or variables for use with a systemd
unit file.<
operator redirects input from a file into a command in order for that command to read from a file. The >
operator redirects STDOUT
, and the other operators are not valid for this scenario.NAME
parameter sets the name for the device. The other options shown are not valid udev
parameters./etc/X11
directory is typically used for configuration of the X Window system including the main configuration file for Xorg, xorg.conf
. The other paths are not valid.alsamixer
command shows an ncurses-based interface that looks like a mixer in order to set volumes for various audio devices. None of the other options are valid for this purpose.xrdp
package is an open source implementation of the Remote Desktop Protocol (RDP). The other options shown for this question are not valid packages for the scenario.dmesg
command will view kernel messages such as those for video card detection. When piped to grep
with -i
(case insensitive), you can easily search for a detected VGA card.SSLCertificateKeyFile
directive points to the location of the private key for an SSL configuration. The other options shown are not valid directives.iwconfig
command, which is similar to the ifconfig
command, works with an individual wireless interface to set and display parameters. Of the other commands, the ifconfig
command is valid but not used for wireless. The other commands are not valid.tr
command can be used for the purpose described. The tr
command is quite powerful for text conversion. The other commands shown do not exist.nc
command is not used for text editing, and there is no ShellRedirect text editor.mask
command links the unit file to /dev/null
, thereby ensuring that the service cannot run. The disable
command deletes the symlink between /etc/systemd
and /lib/systemd
, but the service could still run. The other options shown are not valid.more
command provides simple paging capabilities. Unlike the less
command, which needs to be installed on many systems, more
is usually available even on base installs. The grep
command is not a pager, and the other commands are not valid.&>
operator is used to redirect STDOUT
and STDERR
. The >
operator redirects STDOUT
, and the other options shown are not valid for this scenario./dev/tty
device is a special file on a Linux system and is the terminal for the current process. The other locations are not valid.printf
command can be used to add special formatting to strings for printing. The echo
command can be used somewhat for this purpose but is not as powerful at special-formatting capabilities as the printf
command is. The other commands are not valid for this purpose.unlink
command can be used to remove files and is sometimes faster than rm
for simple uses. The other options are not valid.scp
command copies or transfers a file over SSH. The ncftp
command cannot be used for this purpose. The other commands are not valid.nohup
command causes the SIGHUP
signal to be ignored, thereby enacting the scenario required for this question. The other commands are not valid.lsusb
command shows USB devices. When combined with grep -i
(case insensitive), you can search for Bluetooth devices. The other options shown are not valid.Chapter 3: Security
dd
command is used to create disk images, among other things. In this case, the input file is /dev/sda1
and the output file is output.img
. It’s also common to add the blocksize
option by using the bs
argument, such as bs=1M
.tail
command provides the end portion of the file given as an argument. Adding the -f
option will cause the output to update as new lines are added to the file being tailed.xz
command can compress and decompress files in a variety of formats, one of which is LZMA.chgrp
command can be used to change group ownership of a file. The order is chgrp <groupname> <target>
.-S
option displays output in a format such as u=rwx,g=rx,o=rx
. The other options listed do not exist./srv
hierarchy is used for data for server programs. The /etc
hierarchy is configuration information, while /var
is also data files but variable files such as mail spool files. The /tmp
directory is for temporary files. Keeping data on a separate partition can be helpful to maximize system availability in the event of a problem with an operating system partition.chmod
command is used for this purpose, and the u+s
option sets the sticky bit for the user on the specified target.umask
will translate into 644 permissions on a new non-executable file.-R
option will perform the change ownership in a recursive manner.-R
option sets the recursive option, which means chgrp
will traverse the given directory and perform the group ownership change operation throughout the specified hierarchy.suid
bit enables the program to run as the user who owns the file, regardless of who executes the program. Using SUID typically is not recommended for security reasons. The other permissions allow read (r
) and write (w
) for the owner of the file. The group and “other” permissions include read (r
) and execute (x
) but not write.chmod 400
will correctly set the permissions. Any chmod
that gives additional permissions is not necessary. When permissions are granted using octal notation, the number 4 is read, 2 is write, and 1 is execute. There are three permissions: user (owner), group, and other or world. Therefore, chmod 400
grants “read” privileges to the owner and no permissions to group and other/world.chage
command will be used for this purpose, specifically with the -E
option. When provided with a date, chage
will expire the account on that date. When provided with -1
, the expiration will be removed, thus removing the user lockout.getent
command is used to display entries based on the /etc/nsswitch.conf
file. One use case for getent
is when integrating with Microsoft Active Directory or another LDAP service, to check whether the connection can be made to the LDAP server. The usermod
command is valid but is not used for this purpose, and the other commands shown for this question are not valid./etc
/cron.deny
file contains a list of users that cannot create cron
scheduled tasks. The file /etc
/cron.allow
is used to provide a list of users who are allowed to create cron
jobs. The other two files do not exist by default.kern
facility receives messages from the kernel for logging purposes. Of the other options, syslog
is used for logging messages about syslog
itself. The other two options shown are not valid syslog
facilities. Kernel messages are sometimes placed in a separate log called /var/log/kern.log
.journalctl
command is used to work with the systemd
journal. On systemd
-based systems, journalctl
is a central command for debugging and troubleshooting.systemd
is called systemd
-journald
. You use journalctl
to view logged entries rather than the standard Linux toolset.mail
option will send the log to the specified email address on completion of the logrotate
process. The other options shown do not exist as options in /etc/logrotate.conf
.$UDPServerRun
option is used for the purpose described. The port on which the server should listen is then provided as the value for this option. The other options shown are not valid configuration items for rsyslogd
.SystemMaxFileSize
option controls the size of the journal log file to ensure that a log does not cause problems related to disk usage. The SystemMaxUse
option controls overall size of journal files, and the default for SystemMaxFileSize
is one-eighth of the SystemMaxUse
setting to allow for rotation of files.nocompress
option is used to prevent the log file from being compressed or zipped as part of the rotation process. This might be needed on systems where compression negatively affects performance or where additional processing is necessary.udp/53
is used for DNS queries, but with a primary and secondary server, it is assumed that zone transfers may occur. DNS zone transfers typically take place over tcp/53
./etc/services
file contains standard port-to-protocol information based on the well-known and assigned ports from IANA. If you’d like to provide a custom name for the service, you can do so by editing this file. There is no /etc/ports
or /etc/p2p
file by default, and /etc/ppp
is usually a directory for the point-to-point protocol daemon and related services.chage
command is used for working with account aging information such as expiration date, password change, days between password changes, and so on. The -l
command lists information for the given account. The usermod
command is used to make changes to an account, and the other two commands are not valid.ssh-keygen
command is used to create a key pair for use with SSH instead of a password. Of the other options, the ssh
command does exist, but the -k
option is used to disable GSSAPI credential forwarding and not for the purpose described.authorized_keys
, stored in the .ssh
directory in your home
directory, contains public keys that are authorized to login to the server using their corresponding private key.-u
option is correct for this purpose. An uppercase -U
option sets the user context for listing privileges. The -s
option sets the shell, and the -H
option sets the home directory.NOPASSWD
option causes sudo
to not prompt for a password for a given sudo
command. This is useful for scripted scenarios where a password prompt would cause problems.ulimit
command shows such limits, and the -a
option shows all limits for the currently logged-in user. The other commands are not valid.ALL
keyword followed by the address or network to which the policy will apply. This is important because you may notice attacks coming from certain IP blocks, and blocking with TCP wrappers provides a fast method for effective blocking.id_rsa
by default, and the public key is named id_rsa.pub
. For DSA keys, the names are id_dsa
and id_dsa.pub
.-c
option executes a single command but does so without an interactive session. The -s
option specifies the shell to be used. There is no -u
or -e
option for the su
command.send-key
option followed by the name of the key sends the key to the key server specified by the keyserver
option. This is a typical scenario for sending a locally generated public key to a public server for others to use. The other options shown as potential answers do not exist.visudo
command to edit /etc
/sudoers
. Using visudo
enables syntax checking, which will help prevent issues with an invalid configuration causing problems for those who rely on sudo
.ssh_known_hosts
, usually kept in either /etc
/ or /etc/ssh/
, is used for the purpose described. Note that on some systems, this file and other SSH-related configurations may be found in /etc/sshd/
. The answers that indicated ~
or within /root
are incorrect because the question specified a server-wide list. A known_hosts
file found within ~/.ssh
would indicate the user’s home
directory.X11Forwarding
and must be set to yes
in order for the destination server to forward X-based windows to the local client computer. The other options shown are not valid. Note that on some distributions, the configuration files are found in /etc/sshd/
, while on other distributions, the configuration files are found in /etc/ssh/
.--gen-key
subcommand is used for the purpose described and will generate a self-signed private and public key pair in a PKI scenario. The other options shown do not exist./etc/inetd.conf
with a pound sign or hash mark (#
). After making changes to /etc/inetd.conf
, the service should be restarted.pubring.gpg
, found in ~/.gnupg
, contains the public keyring.-
option is the typical option passed to su
for login. There is no -u
or -U
option, and the -login
option does not exist. There is a --login
option with two dashes, but that is not what’s shown.cryptsetup
command is used to set up and help configure dm-crypt
volumes. The other commands shown for this question are not valid.PARANOID
wildcard specifies that the hostname and IP must match. The ALL
keyword is also a valid wildcard in TCP wrappers for use in both /etc/hosts.allow
and /etc/hosts.deny
.-c
option indicates the creation of a tar
file. The -d
option is used for diffing between two tar
files, the -b
option provides the block size, and -f
specifies the file for use with tar
.--remove-files
option removes files from the filesystem after adding them to the archive. The -r
option appends files to the end of an archive. The -d
option provides a diff between the filesystem and an archive, and the -f
option specifies the file./etc/issue
file is used to provide a message to users, such as a login banner, prior to local login. The other files shown are not valid for the purpose described.--delete
option removes files that no longer exist on the host system when syncing with archive mode in rsync
. The other options shown are not valid for rsync
.--exclude
option excludes files matching a pattern from the archive. This option can greatly reduce the size of an archive by excluding unnecessary files from the archive. The -x
option is the only other valid option that extracts files from an archive.motd
, an abbreviation for Message of the Day, are displayed when a user logs in successfully. Among the other options, the contents of /etc/issue
are displayed prior to local login. The other filenames are not valid for this purpose.-z
option will uncompress a tar
file that has been compressed with gzip
. The -x
option extracts, while -c
creates a tar
file. Finally, -f
specifies the tar
file to work with./etc/issue.net
is used to provide a message for remote logins such as telnet. The other files listed are not valid for the purpose described. It is worth noting that insecure protocols like telnet are typically disabled, or should be, in favor of secure protocols like SSH.--modify-window
option modifies the behavior of how file synchronization is determined. The default behavior is to match to the nearest second. This option is useful for synchronizing between filesystem types, such as Microsoft FAT, which don’t have the precision of Linux-based filesystems.-c
option sends output to STDOUT
. The -d
option decompresses, while -f
forces an operation. Finally, -s
reduces the memory footprint for bzip2
.-q
option suppresses all warnings. The -v
option is verbose, while -L
displays the license. The -r
option is recursive.-e
option, also available as --rsh=ssh
, uses SSH as the means for transport, thereby ensuring an encrypted tunnel over which the synchronization process will occur. The other options shown are not valid.home
directory should be set in /etc/passwd
and should be set to the chroot
directory. The other files listed are not valid.rndc
is hmac-md5
, and the key can be generated with dnssec-keygen
. The other options shown are encryption or hashing algorithms but are not used for the scenario described.SSLEngine
option needs to be set to On
for SSL to be enabled for a given site or server. The other options are not valid. Enabling SSL is important in order to provide a level of security such that the actual data within an HTTP transaction cannot be viewed.-k
option enables Kerberos authentication for the net
command. The -a
option indicates that non-interactive mode should be used, and -l
sets the log directory. There is no -b
option./etc/pam.d
stores configuration files for individual PAM-aware services. Each service typically has its own file, which is managed for that service according to its usage of PAM. Of the other options, none of the directories are the default directories used for PAM.slapd
listens for connections. Port 3389 is RDP, while 3306 is MySQL. Finally, 110 is POP3.pam_nologin.so
module facilitates a scenario whereby non-root logins are prevented when /etc/nologin
exists. This module must be specified within a configuration file for a given service. For example, within the sshd PAM configuration file, the following line creates this configuration for SSH: account required pam_nologin.so
.pam_unix.so
module is used for standard login. The manpage for pam_unix.so
indicates that it is for “traditional password authentication.” The other modules listed are not standard PAM modules, although there is a similar pam_auth
or squid_pam_auth
module for Squid.pam_cracklib.so
module enforces password strength options. The other files listed are not valid PAM modules.PREROUTING
chain, part of the nat table, contains rules that are applied as packets arrive. A common use for this chain is to apply redirect rules. Among the other answers, REDIRECT
may appear valid but is in fact a target and not a chain. The other options shown are not valid.iptables-save
command sends the current iptables
rules to STDOUT
. The output can be saved to a file and then applied the next time the server is restarted. The other commands shown are not valid.iptables -n
option causes iptables
to not resolve host names or port names. The -L
option lists current rules. There is no -a
option./etc/fail2ban
directory contains configuration files related to fail2ban
. The other directories shown are not valid. Other similar software such as DenyHosts may also be used but has been largely replaced by Fail2ban in many environments.PermitEmptyPasswords
directive specifies whether empty passwords can be used for authentication. Enabling empty passwords would be a specialized use case and generally is not recommended. The other options shown are not valid.-P
option sets the policy for a given chain in iptables
. In this case, the chain is INPUT
and the policy necessary is DROP
.DROP
target silently discards packets that match the rule. An ICMP unreachable message is sent back for REJECT
. In general, DROP
is preferred in order to reduce the chances of denial of service (DoS) or other information-gathering issues.-m
match limit, along with the configuration options shown including the LOG
target, creates the scenario described. There will be three log entries per minute. This can be useful to prevent denial of service caused by filling up log files or overwhelming the server I/O while another attack is underway.INPUT
chain will be used. When used with the -A
option, it will append a rule to the chain. The -p
option specifies the protocol, ICMP in this case; and the -j
option specifies the target, ACCEPT
in this case. The -P
option specifies a policy and will not be used for this scenario.INPUT
chain will be used, and a rule needs to be appended with -A
. The ALL
option, when specifying a protocol, means all protocols will be included in the rule. The -s
option specifies the source, which in this case is a single IP. Finally, the DROP
target silently discards packets. There is no BLOCK
or DISCARD
target, and the ACCEPT
target will not block but will accept all traffic.INPUT
chain with -A
. In this case, the protocol should be specified with -p
TCP and a destination port of 2222. The source address indicated, 0/0
, applies the rule to all hosts. The ACCEPT
target will be used.1
to the /proc/sys/net/ipv4/ip_forward
file enables forwarding of IP packets. This is necessary in order to utilize NAT and for other uses. There is a similar file for IPv6 at /proc/sys/net/ipv6/ip_forward
. There is no /proc/sys/net/ipv4/nat
file.logpath
directive determines the log file that will be monitored for failures by fail2ban
. This file is used as part of a larger configuration for a given jail. The other directives are not valid for fail2ban
.ssh-copy-id
command sends an identity to a remote server that can then be used for key-based authentication. The other commands shown are not valid.mailto
configuration option sets the destination for emails related to sudo
. The other options listed are not valid for sudo
.-a
, is equivalent to several other options with rsync
, such as recursive, preservation of groups and ownership, and others. This option is frequently used when creating backups./etc/ssl
(or a subdirectory therein) or in the /etc/pki
hierarchy. There is no /etc/private
or /usr/share/ssl
directory.AllowUsers
directive is used to specify users who will be allowed to log in to the server. The other options shown are not valid.--log-prefix
option specifies the string that will be prepended when a log entry is created by iptables
. The other options shown are not valid for use with iptables
.SELINUXTYPE
option can be set to targeted or strict. With targeted, only specific network daemons are protected.Permissive
is returned, SELinux is not enforcing rules but is using DAC rules. Other return outputs are Enforcing
and Disabled
.sshd.conf
file is used for server configuration. On some distributions, this file is called sshd_config
. The ssh.conf
file is used for client configuration at the system level.requisite
option should be used instead of required
./etc/inittab
file contains a line similar to ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
. Commenting out this line with a pound sign (#
) will disable this key combination after restarting the system./usr/lib/firewalld/zones/
contains predefined zones for use with firewalld
. The files are copied to /etc
/firewalld/zones/
when modified.password
configuration option is set in /boot/grub/grub.conf
. The other options shown for this question are not valid for the scenario.setenforce
command is used for this purpose and can be given an argument of the number 1
or the word Enforcing
to enable Enforcing
mode. This can be verified with the sestatus
command.ssh-add
command is used for this purpose. The other commands shown do not exist.getfacl
command is used to display access control list information for a file. The setfacl
command is used to set this information. The other commands shown are not valid Linux commands./etc/securetty
with an empty echo
command, root will not be able to log in at the console directly. Of the other potential answers, option C removes /etc/securetty
, the effect of which is to allow root to log in from anywhere.~/.ssh/config
is the appropriate location for this type of configuration information. Of the other answers, only ~/.ssh/known_hosts
exists and contains public key information for hosts to which you have connected.-R
option is used to indicate recursive behavior. Of the other options, only -v
is valid and provides verbose output.gdisk
command can be used to view GUIDs for a given partition. The other commands shown are not valid.-P
option makes the values persistent across reboots. The other options are not valid with setsebool
./etc/apparmor.d/
is the location in which profiles are located.lastb
command looks at /var/log/btmp
to note bad or failed logins. The other commands shown are not valid.klist
command shows the current tickets when using Kerberos authentication. Of the other answers, the kinit command is used to retrieve the initial ticket-granting ticket. The remaining answers are not valid commands.ps
command can be used to help troubleshoot this. Of the other commands, the uptime
command is valid but will only report broad-level CPU usage information.-l
option provides a long or detailed listing of files and directories, including ownership and permissions. The -m
, -b
, and -f
options are not related to the scenario described.-a
option returns all booleans. The other options are not valid with getsebool
.aa-unconfined
command displays processes that are offering network ports but do not have an AppArmor profile. The other commands are not valid.wheel
group can be used to restrict access to the su
command to those accounts that are members of the group. The other groups do not exist by default.chcon
command is used to change the security context.fprint
package is available to provide biometric authentication such as fingerprint authentication. Of the other answers, there is a finger
command, but it should normally be disabled because it can provide information about accounts on the system.-n
option to restorecon
shows current contexts without changing them. Of the other options that are valid, -r
changes recursively, and -p
shows progress.sudoedit
command allows a user to choose the editor of choice for editing the file. Among the other answers, vim
and nano
are both valid editors, but allowing them through sudo
may have additional security ramifications. The visudo
program is used to edit the /etc
/sudoers
file itself, which was not specified in this scenario.ps
command shows processes. When given the -Z
option, SELinux contexts are shown.pam_tally2
module keeps track of failed logins and can be used to lock out an account after a certain number of failed attempts. Note that pam_faillock
provides similar functionality./dev/pty
in Linux. Standard terminals are /dev/tty
, and the serial console begins with /dev/ttyS
.aa-complain
is used to place profiles into complain mode. Profiles are located in /etc/apparmor.d/
, and thus the command shown places all profiles into complain mode./var/log/secure
log file shows information about authentication and authorization. Of the other options, both /var/log/messages
and /var/log/kern.log
exist but do not typically contain authentication or authorization information.PermitRootLogin
option is used to determine whether root can log in directly using SSH. It’s typically a best practice to disable root login via SSH.--runtime-to-permanent
option sets the current runtime configuration to become permanent and available on next boot.ufw allow
command is used to add rules, and SSH operates on TCP port 22.auditd
daemon can be used to monitor the system for things like access or changes to files. This information is then logged for later analysis.iptables
. Notably, later versions are called nftables
, but iptables
is still found on most systems in use today.cpio
utility can work with various archive formats, one of which is HPUX-created archives. The gzip
or bzip2
command likely would not be able to open or extract from the file; those are typically used for compression and not archival purposes.scp
utility uses SSH as transport and therefore requires TCP port 22. TCP ports 20 and 21 are used for legacy FTP, while UDP/53 is used for DNS queries.-a
option shows files and directories that begin with a dot. The other options shown are not related to this scenario.dd
is a good idea in order to preserve any evidence of the break-in. Creating a backup using tar
is a less preferred option. Examining the partition with fdisk
would not reveal any relevant information, and reformatting the partition usually should not be done until the extent of the attack is understood.-i
option specifies the identity file to use for the connection. The other options shown are valid for SSH but do not fulfill the requirements of this scenario.sha1sum
utility can be used to create and verify checksums of files in order to ensure that the file contents have not changed. SHA1 is preferred over MD5 due to concerns over collisions and other security issues with MD5.-r
option tells the zip
command to traverse directories when creating the archive. The other options are not valid for this purpose.ps
command, when given with arguments such as auwx
, will show all processes and the owner of those processes. Combining with the grep
command reveals the processes with the word apache in them. On other systems, this might be called httpd
instead of apache
, but the question specified a Debian system.chown
command changes ownership of a file or directory, and the www-data
user was specified in the question, thus making this option the only correct option for this scenario.sudo
is triggered with the -n
option. The other options are not valid for this scenario.aa-disable
command is used to turn off profiles used with AppArmor. The other commands shown are not valid.-Z
option to ls
is used to view the SELinux security context. The file
command is a valid command but does not have a -Z
option.gpg
command. The other answers shown are not valid./etc/apparmor.d/tunables
contains parameters and configurations that are commonly changed./etc
/ufw
typically contains configuration information for UFW
. On many systems, /etc/default/ufw
will also contain commonly changed default configuration items.ipset
project and software facilitates more effective rule management by helping to create sets of IP addresses to which common rules can be applied.~/.ssh/authorized_keys
, authentication will be allowed from anyone presenting the corresponding private key./etc/rsyslog.conf
contains configuration information for system logging. The file may be called rsyslogd.conf
on some systems. You’ll find things like which log items go to /var/log/messages
and other logs on the system.-v
option shows contexts of files listed in /etc
/sestatus.conf
. The other options are not valid for use with sestatus
.-M
option sets the maximum days for password validity, while -m
sets the minimum days between password changes. The other options are not relevant to this scenario.KerberosAuthentication
is the option within the SSH server configuration that controls whether users can authenticate using Kerberos.-t
option, along with the table name, limits output to just the specified table rather than all. The other options are not valid for use with iptables-save
./etc
/logrotate.d
. This directory is included from the primary configuration file /etc/logrotate.conf
.tail -f
command will continuously update the display as new content is added, so too does the -f
option display new entries for journalctl
. The -t
option shows messages for the given syslog
identifier. There is no -tail
or -l
option.pam_limits.so
module is responsible for enforcement of limits such as those mentioned in the question as well as several others like the maximum size of files, memory usage, and so on. The other modules listed are not valid.slapd
, including by keyword, by integer, or, as shown in the question, by hex. All the values shown are valid for loglevel
. No debugging is 0, trace is 1, stats logging is 256 or 512 depending on type, and packets sent and received is integer 16 or hex 0x10.pam_listfiles.so
module is used to create scenarios whereby you can create files that control authentication and authorization through the PAM system. The other files are not valid for the scenario described.-t
option sets the key type for ssh-keygen
. The other options do not set the key type, but may be valid for other purposes.Chapter 4: Linux Troubleshooting and Diagnostics
/dev/sdX
, just like a SCSI disk. /dev/hdX
is a traditional ATA disk. The other options do not exist.lsusb
command is used to obtain a basic list of USB devices on a system. The other commands are not valid. In the case of answer D, the ls
command is valid, but there is no --usb
option.single
given on the Linux kernel command line will boot the system into single user mode. The other options are not valid.disk-detect
command does not exist.ls
command from within the grub >
prompt will show the available partitions in a format such as (hd0,1)
.dmesg
is a common way to find out the location to which the kernel has assigned the drive. Rebooting the system is not a good option, although it would work. There is no such thing as /var/log/usb.log
; and the location of the drive may change regardless of port, depending on how the drive may be detected in the system.ldconfig
command updates the current shared library cache and list. ldconfig
reads /etc/ld.so.conf
and incorporates any changes found within it. The other commands listed as options for this question do not exist.upgrade
option for apt-get
will upgrade the system to the latest version of software for packages already installed. The apt-update
command does not exist, nor does the -U
option to dpkg
. The apt-cache
command is used to work with the package cache.yum install
command will install a given package. The update
option will update a package. The other options listed do not exist.export
command is used to set environment variables in bash. The other commands are not valid for this purpose./etc/yum .repos.d
. Of the other options, /etc/yum.conf
is a file and not a directory, and the other directories do not exist.ldd
command will list the libraries on which the command’s argument depends and can be helpful for solving GCC compatibility issues./etc/lib
directory is not typically associated with library files and does not typically exist on a Linux system unless manually created. The other options either contain system libraries or can be used for that purpose.apt-get update
command will cause the package cache to be updated by retrieving the latest package list from the package sources. There is no cache-update
option or update
option to apt-cache
. The upgrade
option is used to update the system’s packages and not the cache.sources.list
located in /etc/apt
contains the list of repositories for Debian packages. The other file locations do not exist by default.pvcreate
command initializes a physical partition for future use as a logical volume with LVM.lvcreate
command is used to create logical volumes with LVM. The pvcreate
command initializes physical volumes prior to creating logical volumes. The commands in the other two options for this question do not exist.search
option performs a search of various fields such as the package name and description.rpm -q kernel
command will show the kernel version. You can also use uname -r
for the same purpose.exclude
option can be used to exclude certain packages. The argument accepts wildcards, and therefore excluding all kernel*
updates will create the desired behavior.-s
option to dpkg
searches for the given package and provides information about its current status on the system. The apt-cache
command is not used for this purpose, and the -i
option for dpkg
installs a package. The apt-info
command does not exist.lvmdiskscan
command looks for physical volumes that have been initialized for use with LVM.-i
option to dpkg
will install a previously downloaded package. The other commands don’t exist, and the -U
option for dpkg
does not exist.env
command will print the current environment variables from Bash. The printenv
command will also perform the same operation. The other commands listed in this question do not exist.ps auwx
command combined with grep
will provide information on the running Apache instances, it will provide much more information than is required or useful for this problem. The pgrep
command provides only the process IDs and therefore meets the criteria presented in the question.free
command displays overall memory usage for both RAM and swap and can be used to determine when additional memory might be needed.uptime
command shows basic information such as that described along with the number of users logged into the system and the current time. The bash
command is a shell environment, and the ls
command will not display the required information.screen
command starts a new terminal that can be disconnected and reconnected as needed. Processes running from within the screen
session do not know that they are running in a screen
session and therefore meet the criteria needed to satisfy this question. The fg
and bg
commands will not meet the criteria, and the kill
command will stop a process.nice
command, when run without arguments, will output the priority for the currently logged in user, which is normally 0. The renice
command can be used to change the priority of running processes. The other two commands shown as options for this question do not exist.jobs
built-in command shows the list of jobs running in the background. Its output includes a job number and the status of the job.killall
command is used to terminate processes using their name.-i
option to df
produces information on inodes across all filesystems. The ls -i
option will produce inode listings but only for the current directory. The -i
option is invalid for du
, and dm
does not exist as a command.-y
option will attempt to repair automatically, essentially answering y
or yes
instead of prompting. Of the other options, only -V
is valid and will produce verbose output.tune2fs
command can be used for this purpose but should be used with care because it can result in data corruption.mkswap
command formats a swap partition. The fdisk
command is used to create the partition but not format it. The other two options do not exist.du
command will report on disk usage in a recursive manner, unlike the other commands shown here.usrquota
option will enable user-level quotas on the given mount point. This is typically set within /etc/fstab
.-c
option creates the files for the first time. The -f
option is used to force checking, -u
is used for user quotas, and -m
is used to not attempt remounting read-only.-r
test determines whether a given file exists and can be read by the current user. The -e
test only checks to see if
the file exists, while -s
determines if
the file exists and has a size greater than zero. There is no -a
file test.allow-guest
option changes the behavior of guest login for LightDM. And disallowing guest login would generally make the computer somewhat more secure, although if someone has physical access to the device, they might be able to get access in other ways.xhost
command is used to control access to the X server. A host is added with the +
sign and removed by preceding it with the -
sign./bin/false
will prevent them from logging in interactively to the system, such as with SSH. The other options shown for this question are all valid shells and would allow an interactive login.journalctl
command is used for this purpose; and the --disk-usage
option displays the disk space used by journal log files, which are typically stored in /var/log/journal
.ifconfig
command will be used for this purpose and requires the addition of the -a
option because the adapter is currently down. The ifup
command can be used to bring up an interface but does not display information by default. The netstat
command displays information about the network but not with the -n
option.route
command is used for this purpose, and adding a route is done with the add
option. The default gateway is added using the default gw
keywords followed by the IP of the gateway and the adapter.-I
option enables the choice of interface. A lowercase -i
option sets the interval, while -a
indicates an audible ping. Finally, -t
enables a TTL-based ping
only.host
or dig
command can be used for this purpose by setting the type to mx
. The mx
type will query for the mail exchanger for the given domain. There is no smtp
type.-T
option causes traceroute
to use TCP packets. This option, which requires root privileges, can be helpful for situations where a firewall may be blocking traceroute
traffic. The -i
option chooses the interface, while -s
chooses the source address. A lowercase -t
option sets the Type of Service (ToS) flag.ip
command with the monitor
option/subcommand will display netlink messages as they arrive. There is no netlink
subcommand for ip
, and the route
command will not work for this purpose.@
symbol is used to indicate a server to which the query will be sent directly. This can be quite useful for troubleshooting resolution problems by sending the query directly to an authoritative name server for the domain. Of the other options, -t
sets the type, and the remaining options are not valid.getent
command is used for working with NSS databases, and getent hosts
will display the available hosts using the databases configured in /etc/nsswitch.conf
.nameserver
, and the value for the option is the IP address of the desired nameserver. There are several options that affect how name resolution is performed, such as the number of attempts and timeout. See resolv.conf(5)
for more information.route
command can be used for this purpose; the syntax includes the network range, denoted with the -net
option, followed by the word netmask
and the masked bits, followed by the word gw
and the IP of the gateway. The other options shown are invalid for a variety of reasons including missing keywords and options and order.netstat
command is used for this purpose, and the -a
option displays all sockets, listening and non-listening. Note that it’s frequently helpful to add the -n
option, or combine them as in netstat –an
, in order to prevent name lookup. Doing so can significantly improve performance of the command./etc/hosts
to override DNS lookups, which can be useful to prevent those names from resolving or to provide a different resolution.ifconfig
command for configuring interfaces begins with the device followed by the IP address, which is then followed by the netmask keyword and the netmask to add. Because this is a /24, the netmask is 255.255.255.0.ip route
command can be used for this purpose, and its syntax uses a change
command and the via
keyword. The same operation could be completed with the route
command but would require deleting the existing gateway first and then re-adding a new default gateway.nc
command is used to start netcat
, and the -l
option causes it to listen. The -p
option is used to specify the port on which netcat
will listen. The -s
option specifies the local source address and is not used for this scenario.soa
type is used to query for Start of Authority records for a domain. Note that in many cases, dig
will attempt to look up the domain within a given command and may not appear to have had an error. For example, when running option D (dig -t auth example.com
), you will receive information about example.com
, and there will be a line in the output that dig
has ignored the invalid type auth
.search
option is used for this purpose and can be provided with multiple domain names, each separated by a space or tab. The domain
option is valid within /etc/resolv.conf
but does not allow for multiple domain names.route
command can be used for this purpose; and in the scenario described, a reject
destination is used for the route. The other options shown are invalid because they use invalid options to the route
command.tracepath
command provides the Maximum Transmission Unit (MTU) of the hops, where possible. Both traceroute
and tracepath
can be used internally or externally, and both provide IPv6 capabilities. Certain options with the traceroute
command can require root privileges, but not enough information was given in the question for that to have been the correct option.-c
option provides the count of the number of pings to send. The -n
option specifies numeric output only, while -p
specifies the pattern to use for the packet content. Finally, the -t
option sets the TTL.ip route flush cache
command should be executed after changing the routes. The other commands shown for this question are not valid.txt
record type in DNS, thereby making -t txt
the correct option for this. Of the other answers, only -t mx
is valid and returns the mail exchangers for the given domain.G
signifies a gateway within the route table.axfr
type is a zone transfer, and the @
symbol signifies the server to which the query will be sent. There is no xfer
type. Option B is just a normal query for the domain sent to the specified server./etc/nologin
exists, users will be prevented from logging in to the system. The root user can still log in, assuming that root logins are enabled within the SSH configuration.find
command will be used for this purpose, and the permission can be described as 4000
to indicate the presence of the setuid
bit. The -type
option can be used for changing the type of object to be returned but is not relevant for the scenario described.nmap
command is used to scan for open ports. It will scan for open TCP ports to the address or addresses specified. The other commands shown do not scan for open ports to external (off-host) IP addresses.lsof
command can be used for this purpose; with the -i
option, it will display the network ports along with their process. The netstat
command will display network ports but not the process with the -a
option. The ps
command is used for processes but not network ports. Finally, there is no netlist
command.-P0
will cause no ping requests to precede the scan and is useful for the scenario described. There is a -s
option, but it is not used for this purpose. The other options are not valid.maxlogins
parameter is used to control the number of simultaneous logins for a given account.-s
option sets the type of scan and, when followed by an uppercase S
, sets the option to SYN
. The T
option is a Connect()
scan. There is no Y
option or -type
option for nmap
.find
command will be used for this purpose, and the -p
erm option is needed, specifically as the 2000
permission to indicate setgid
. Note the use of /
to indicate that the entire server will be searched. The grep
command shown cannot be used for this purpose because it looks for the presence of the string setgid
within files located in the current directory only.-p
option to iostat
displays information on devices and partitions. The -c
option shows CPU utilization, and -d
shows device utilization. There is no -a
option.vmstat
command is used to display extended information about performance including blocks in and out. The iptraf
command is used to provide network-level monitoring, and the other two commands listed are not valid.w
command shows various useful information including load average, logged-in users, and other uptime information. The uptime
command does not show who is currently logged in. There is no swap
or sysinfo
command.top
enables you to choose which columns display as well as the sort order for the columns. In the scenario described, you can view the processes using the highest amount of memory.pstree
command is used to show a treelike structure of processes.-e
option causes swapon
to skip those partitions that do not exist. The other options are not valid for this scenario.-f
option forces fsck
to run on an otherwise clean filesystem. This can be helpful for times when you suspect there is an error on the filesystem and need to verify as part of the troubleshooting process. This can also be helpful to prepare the filesystem for conversion, such as might be the case with a tool like btrfs-convert
.swapoff
command deactivates swap space, thereby making it unavailable as virtual memory on the system. The other commands shown as options are not valid.--show
option displays information about the swap spaces on the computer, including how much swap is currently being used. The -a
option activates all swap spaces. There is no --list
option, and -h
displays help.pvdisplay
command shows information about a given physical volume. You can use pvdisplay
to view the device on which the PV is built along with the extent size of the PV. The other commands shown are not valid.vgscan
command looks for both physical volumes and volume groups related to an LVM configuration. The vgscan
command is run at system startup but can also be run manually. The other commands are not valid.pvscan
command displays a list of physical volumes on a given server. The PVs displayed are those that have been initialized with pvcreate
for use with LVM.ip
command defaults to the inet
family if not otherwise specified with the -f
option. The command will attempt to guess the correct family and fall back to inet
. The other families listed as options for this command are not valid for use with the ip
command.-n
option causes route
to use numeric values only, performing no name resolution. This option is useful for the scenario described. The -e
option causes the output to be in netstat
format. There is no -d
or -f
option for the route
command.arp
command will be used. The -d
option removes or deletes an ARP entry, which would be appropriate here so that the MAC address resolution occurs again. The netstat
command will not be used for this purpose. The hostname
and dig
commands work with name resolution but not for MAC addresses or the ARP table.-o
option removes newlines from the output, thereby making the output more suitable for the grep
command. The -l
option specifies the number of loops for the ip addr flush
command. The -f
option specifies the protocol family. There is no -n
option.-s
option creates an ARP table entry. The -d
option removes an entry. The -c
and --a
dd options do not exist.-D
option lists the interfaces on a given computer. The -d
option dumps compiled matching code, and -i
selects an interface. There is no -a
option.-R
option requires an attempt at name resolution be performed. The -n
option does the opposite: it disables name resolution. There is no -b
or -a
option.mtr
command provides a unique way to view real-time information about each hop in a route between hosts. Both the traceroute
and route
commands are valid, but the options shown for each are not. There is no liveroute
command.--delay
option sets the interval between checks of array health. The argument value is in seconds. The other options shown are not valid.!H
sequence indicates host unreachable. Network unreachable is !N
.-m
option specifies how the packet should be marked or tagged. The -a
option is an audible ping, and -p
enables specification of custom padding. There is no -k
option.-r
option displays a report including CPU time and exit status about the just-completed fsck
operation. The -f
option forces whatever operation is being requested, -s
serializes fsck
operations, and -l
creates an exclusive flock./proc/meminfo
provides a wealth of information about memory usage and utilization. Much of this information is displayed by various commands, but the canonical source for those commands is usually found in this file. Of the other options, only /proc/cpuinfo
is valid, and that file provides information on the CPU(s) for the computer.-sX
mode of nmap
. The -sT
mode is a TCP connect, and -sS
is TCP SYN. There is no -sP
option.-s
option sets the snapshot length, or snaplen, of the capture instead of its default of 65,535 bytes. The -l
option provides line buffering, -c
stops after the indicated count of packets are received, and -d
dumps compiled packet-matching code into a format that is readable.-B
option changes the format, and T
sets the scale to terabytes. The other options do not exist.-c
option checks for bad blocks. The -b
option sets the block size. There is no -a
or -d
option.-U
option shows latency. Of the other options, -d
is used for debugging, -L
suppresses multicast loopback packets, and -i
sets the interval between packets.iperf
command can be used to measure throughput and can be used for troubleshooting latency issues. The other options are not valid commands.itop
command displays information about interrupt usage in real time, with a display that is somewhat like the top
command. The other options shown for this question are not valid commands.ibstat
command shows information about Infiniband devices. The other commands are not valid.renice
command is used to change priorities. The lower the number, the higher the priority. The correct syntax is shown in option A. Option B will set the priority lower. Options C and D are invalid syntax.-n
option is used with netstat
to prevent hostname lookups, which can slow the output. The other options do not perform the required task.pidof
command shows all of the processes associated with the given argument. In this case, option B shows the correct syntax. The ps
command shown in other options is a valid command but not with the syntax shown.SIGHUP
, is the signal that sends a hangup to the process. The other options shown are valid signals but not for the purpose described.sysctl
command can be used for changing parameters within the running kernel. The changes are not saved between reboots, though, and need to be reapplied if the system is restarted. The other commands shown are not valid.-i
option sets the byte-to-inode ratio. The -b
option sets the block size, -r
sets the filesystem revision, and there is no -u
option for mke2fs
./sys/class/fc_host
directory contains information on HBA adapter ports on the system. The other options are not valid directories.account
module interface is where access verification occurs. Among the other options, the auth
and password
interfaces are used for different purposes, and there is no policy
interface.deny
. A deny-by-default policy discards packets. It’s notable that a reject policy might also be used, which would send a reject back to the sender. The other options are not appropriate for the task described.-l
option displays ownership information including user and group owners of a file or directory. The -o
option only shows the user but does not display the group. The other options shown are not valid for this purpose.buffers
column shows the amount of RAM allocated to kernel buffers. Cache
indicates page cache usage, and shared
usually indicates tmpfs
usage.nmcli
command provides a command-line interface into NetworkManager. The other options shown are not valid commands.iftop
command is used to display real-time network usage through an interface that is reminiscent of the top
command. The other options given are not valid commands.iptraf
command shows cumulative network usage in real time for a given interface. The other options shown are not valid.cfq
scheduler is the default for Linux systems. Of the other options shown, deadline
and noop
are valid but are not the default. There is no iqueue
I/O scheduler.ipset
command can be used for the purpose described. It’s worth noting that you could create a separate iptables
rule for each IP and rule, but doing so would be less efficient than using an ipset
group and having a single rule applied to that group.tcptraceroute
command should be used for this purpose. This command attempts to connect to the destination on the TCP port specified. This method is preferred over a simple ping because ICMP may be filtered, thus giving an inaccurate diagnosis. The other commands would not be used for this purpose.tshark
command enables capture of network traffic into a file. The other commands shown are not valid.whois
command is used for lookups of domains and IP addresses, among other things, and would be used for this purpose. The other commands are not valid for this purpose.ioping
command sends requests to a given disk and records the time taken for the request. Of the other commands, fdisk
is valid but would not be used to determine performance-related issues. The other commands are not valid.partprobe
command causes a partition update for the kernel. The other options are not valid commands.sar
command can be used to display a wide variety of performance-related information, including that captured over time. The other commands are not valid.-a
option shows all available parameters. The other options shown are not valid with sysctl
.D
means uninterruptible sleep. There is no state for debug or dead processes, and interruptible sleep has a state of S
./etc/default/keyboard
contains information for keyboard mapping. The other options shown are not valid.-R
option changes ownership in a recursive manner. The other options are not valid for this purpose. The -f
option exists for chown
but changes the output to be silent.ausearch
command can be used to find recent violations of an SELinux policy. The other commands are not valid.dmesg
command shows the kernel ring buffer and is a primary tool to determine whether the system has detected a new piece of hardware. The other options are not valid.-
) as shown in option A. The other options are not valid for the purpose required in the question.ioping
is 4 KB./sys/block/<device>/queue/scheduler
. The other options are not valid locations for this scenario.-n
option prevents hostname lookups from occurring with iftop
. This is helpful for reducing the amount of noise or unnecessary information displayed within the iftop
output. The other options do not accomplish the task required.server
command, when run within the nslookup
interface, will set the server to which the query will be sent. The other options shown are not valid for this purpose.ulimit
command shows the various limits that apply to a given user, including file size limitations. The other options are not valid.chattr
command is used to change file attributes including making them immutable. The other commands are not valid.groups
command is used to retrieve a list of groups. The other commands are not valid.swapon
command activates the swap space for use. The other commands are not valid.-s
option for ioping
. The other options shown are not valid with ioping
.ausearch
command can reveal information about policy violations. It’s typical to also include USER_AVC
within the query. The other options shown are not valid.dmidecode
command shows extended information about hardware within a Linux system. The other options shown are not valid commands.fail
option to mdadm
indicates that the disk has failed. The other options shown are not valid.-H
option suppresses the legal disclaimer when possible. The other options do not complete the task described in this scenario.-i
option sets the interface for iftop
. The other options shown are not valid for the required task./sys/class/scsi_host/hostN/scan
is used for this purpose, where N
is the adapter number. The other paths are not valid for the purpose described in this scenario./etc/shadow
file stores encrypted passwords. The /etc/passwd
file does not store encrypted passwords, and the other options are not valid.lsattr
command can be used to show extended attribute information about a file, such as whether the file is immutable. The other options shown are not valid.size
and rss
columns within ps
output are helpful for determining memory usage for a given process. The other options are not valid for process-level troubleshooting.SIGKILL
corresponds with signal number 9. The other numbers shown are valid signal numbers but are not SIGKILL
.IN
class, or Internet class, is the default type of class queried with the host
command. This can be changed by using the -c
option for the host
command.-r
option. The other options do not display the routing table.-s
option displays summary output for the arguments given. The other options shown do not accomplish the required task.ps
command lists processes, and using grep
for the state of Z
will show zombie processes. Of the other options, there is a -Z
option for ps
but it is not used for the purpose described.lshw
command shows all hardware within a system, giving detailed information about many aspects of that hardware. The other commands shown are not valid.-c
option sets the number of requests to send with ioping
. The other options given are not valid for use with ioping
.R
state indicates a process is running. The other options do not indicate a running state.Chapter 5: Automation and Scripting
echo
command is used to send output from a Bash script. The other options are not valid commands.env
command executes a command and enables a custom environment for that command execution. The set
command changes environment variables but does not change variables for the single command execution, as specified in the scenario. The other options are not valid commands.pull
command in git fetches the changes and incorporates them into the current working copy. The fetch
command only retrieves but does not incorporate the changes. The other options are not valid git
subcommands.chmod
command will be used for this solution. The answer granting 700 enables execute privileges for the owner. The other options have incorrect syntax or inappropriate permissions for the scenario described.source
command adds functions found in the file argument to the current shell. The source
command is frequently used for software installs to ensure that the environment is set up properly prior to execution of the install scripts.#!/bin/bash
invokes the commands that follow as a Bash script.git init --bare
. The other commands will not create an empty git repository.#
) is used to indicate that what follows is a comment and will not be executed for the remainder of the line. The other options are valid comment styles in other languages but not for a Bash script..sh
shown as an option is a common extension that you will see for shell scripts of any variety, but the extension isn’t required.merge
command incorporates changes to a previously cloned git repository. The push
command is valid but not used for this purpose. The other commands are not valid.local
command can be used to create a local variable in a Bash script.clone
command retrieves a copy of the repository for local use. The checkout
and co
commands are used with Subversion and not with git.$0
parameter contains the name of the script being called. The other answers do not fulfill the requirements of this scenario.printenv
command can be used to print the contents of the current shell environment such as environment variables. The other options shown are not valid commands.-ne
is valid but is used when comparing integers. The string eq would be an operator if preceded by a single dash, as in -eq
. In that case, -eq
is used for integer comparison.while
loop that evaluates boolean true
will accomplish the task described. The other options given are syntactically incorrect in various ways.git checkout
command switches the working copy to the specified branch and points the HEAD
toward that branch. The other commands shown as options are not valid with git.export
command adds a variable to the current environment and is frequently used for the scenario described. The other options are not valid commands.PATH
variable, or any other shell environment variable, can be displayed using the echo
command. Variables in Bash use a $
as part of the identifier. Therefore, any option without the $
would not work.$()
sequence executes a command within a subshell, which is helpful for ensuring that global variables in a Bash script cannot be modified. The other sequences shown are not valid for the scenario described.-u
option or --unset
will remove a variable from the environment. The other options are not valid with the env
command..gitignore
file is used to store files that will not be versioned.for
loop should be used for this purpose because it iterates through a list. An until
loop would require additional code, thus making it a less-preferable construct for the purpose described. There is no do
loop or foreach
loop in Bash, thus making those options incorrect.$()
. These two methods are substantially but not completely equivalent.git log
command is used to show a commit history. The other commands shown are not valid with git
.-m
option enables a message to be included in the commit, thereby alleviating the need to go into an editor to create the commit message. The other options shown do not accomplish the required task.customers.sql
and send those contents into the mysql
command. It’s also likely that the mysql
command would have things like -u
for the username and -p
to prompt for the password, but those were not relevant to the scenario and are not required in all circumstances. The other options shown are not valid for the purpose described. Options B and C take output from the mysql
command, while option D is an invalid character sequence.git push
to send the code to the server. Of the other options, you do not need to send commit IDs to teammates and there is nothing to indicate that you have been having problems committing the code itself.-R
option performs a recursive change to the targets identified by the chmod
command. The other options do not perform recursive changes for chmod
.fi
, which is the if
statement backward, indicates the end of an if
conditional within a Bash script. The other sequences shown as options may be used in other languages.master
branch is the branch created by default within a git repository. The other names shown can be used but are not the default.git status
command is used to show the current state of the working copy, displaying things like untracked files, files staged for commit, and so on. The other options shown are not valid for the scenario.-n
option suppresses the trailing newline character from the echo
command and is quite useful in scripting scenarios. The other options are not valid for the command.2>
. The plain greater-than sign redirects STDOUT. The other character sequences shown as options are not valid for the purpose described.git config
command will be used for this purpose, and the parameter is user.email
.readonly
command displays the list of read-only variables that have been declared in the current session. The other commands listed for this question do not exist.set
command can be used for a variety of purposes to change how the shell environment works. One such option is –C
, which prevents output redirection such as that done with >
from overwriting a file if the file already exists.file
command can be used to determine which type of file is being used. This can be particularly helpful for files without extensions, where you are unsure if you should view the contents of the file. Option A, grep
, is used to look within files but would not be helpful in this case. The telnet
and export
commands are not used for this purpose.history
command will display your command history, including commands from the current session. You can specify how many lines of history to display, as shown in the answer for this question. Note that .bash_history
will not show the current session’s history.!
will search history and execute the specified command. For example, !vi
will start your last vi session.type
built-in command returns the location that the shell will use in order to run the given command. The find
command cannot be used for this purpose, and the other commands do not exist.source
command is used to execute commands from a file. A typical use case is to create functions or variables that are then available for use within the current session. The other commands listed do not exist..bash_logout
, the file exists in their home directory and therefore can be edited by the user. Therefore, to ensure that the required command is executed at logout, the file /etc/bash.bash_logout
must be used.env -u
command will unset an environment variable for the current session. The unset
command can also be used for this purpose.env
command, when used as #!/usr/bin/env bash
, will determine the location of the bash interpreter automatically. This makes the resulting script more portable for systems where bash may not be located in /bin/
.PS1
variable usually has its default set in /etc/profile
and is used as the shell prompt. Users can customize the prompt to include hostname, working directory, and other elements.$1
variable is automatically available within bash scripts and represents the first command-line argument. The $0
variable is the script itself. The other variables listed in this question do not exist by default.seq
command is used to print a sequence of numbers in a variety of formats. The answer for this question provides a starting point (0), an increment (1), and the final number (5), thus resulting in six numbers being displayed as output.exec
command executes the command given as its argument and will then exit the shell. The source
command does not exit the shell.read
command awaits user input and places that input into the specified variable. The exec
command is used to execute commands, and the other options are not valid for the purpose described.myFunction()
. The parentheses are optional but are then followed by curly braces containing the commands to be executed when the function is called.esac
, which is case
spelled backward, is used to indicate that a case
statement has ended. Of the other options, the done
statement is used for termination of certain loops in Bash.-p
option displays declare
statements in a way that the commands are fully qualified and could then be used as input for another command, through either piping or redirection to a script.while
loop in a shell script. Other languages generally use parentheses for this purpose.test
built-in will return true and can be used to test for the value existence of a variable not being null. Note that the behavior of the test
built-in differs depending on the number of arguments.HOME
environment variable, set automatically to the user’s home directory, is consulted when the command cd ~
is entered. The other paths beginning with HOME
do not exist by default, and the MAILPATH
environment variable shown contains a list of locations where mail is checked when using the shell interactively.git log
command will be used for this purpose, with an option of --follow
and the filename/path to follow through history.-eq
is used for comparing integers within Bash scripts. The other answers are not valid for Bash script comparison.a
escape sequence, when used with the echo
command, sounds an alert or bell. The option is a backspace. The
c
option indicates that echo
should not produce any additional output. There is no d
option for echo
.+%s
formatting on the date, which then formats the output as seconds since the epoch, as specified in the question. Option C will provide the date within the DATE
variable but will not format it as specified.do
keyword and end at the done
keyword. Other languages generally use either curly braces or tabs.-r
option to declare
will create or mark the variable as read-only. The -p
option prints output in a format that can be reused. The -x
option declares the variable for export.LC_TIME
environment variable is used to control the display and behavior of the date and time and can be changed to a different locale in order to achieve the desired display and behavior of date and time formatting. The other options shown for this question do not exist.-i
option shows interface information in a table-like format. Information such as transmit and receive bytes as well as the MTU for the interface and other information are shown. The -r
option shows routes, while -l
shows listening sockets. There is no -t
option.PATH
separates the new path with a colon, as shown in the correct option. A primary difference between the correct and incorrect options for this question was in how the actual specified path was shown.--abort
option attempts to roll back a problematic merge. The other options shown do not exist as options to the git merge
command.GIT_DIR
environment variable can be used to change the default location away from the ./.git
directory in which a new repository would normally be created. The other options are not used by git as environment variables.
escape sequence adds a horizontal tab. The other characters may have different meaning and so are not valid for this question. For example, a
is alert or bell.git remote
command will be used for this purpose; and, when given the show
option and the remote name (origin
, in this case), additional information about that remote will be displayed. The command is useful for displaying information about the destination for pushed code.$#
character sequence contains the number of command-line arguments that were passed to a shell script. The other options shown are not predefined by Bash.TMOUT
variable can be set in a given user’s shell, and they will be logged out after the value given (in seconds) of inactivity. The other environment variables listed here do not exist.NUM
variable. The comment occurs after the command on the line, and only code after the #
appears is ignored.--origin
or -o
option enables the name to be changed instead of the default of origin
. The other choices are not options with git clone
.steal
column shows the percentage of time that was spent waiting due to the hypervisor stealing cycles for another virtual processor and can be used with infrastructure automation to indicate that additional CPU resources need to be deployed.LC_ALL
variable can be used to set environment variables for the locale and will override others. This can be used when there is a need for a temporary change. The other variables listed here are not used for this purpose and are not created by default.unalias
command is used to remove a previously defined alias. The rm
command will remove regular files but not aliases. The other commands do not exist.-e
option checks to ensure that a file exists and is typically used in the context of a conditional within a shell script. The other options may work within shell scripts but are not tests for file existence.LANG=C
is an alias for POSIX compatibility and will cause programs to bypass locale translations. The other options shown for LANG
are not valid.--list
option shows the current configuration parameters for git. The other options do not exist as options for the git config
command..yml
extension usually contains YAML. The question also gave a hint of infrastructure as code, where many tools use YAML for configuration and procedures.cut
command. The cut
command will separate the contents of the file line-by-line using a colon as a delimiter. The first field will be sent to STDOUT and placed into a file called users.txt
.shift
command moves positional parameters down by one. This can be helpful for complex scenarios with several command-line arguments, each containing an option.--no-commit
option should be added to git pull
to prevent the merge from being automatically committed.for
loop, the commands within an until
loop are delineated with do
and done
../configure
pattern is typically used to invoke a configure script. Option A might work, but the build
directory is typically not in the path.-a
option, when added to git commit
, automatically commits previously known files. The -c
option invokes the editor for the commit, and the other options do not exist.LC_MONETARY
variable is used by certain programs to determine the localization for currency.TZ
environment variable is used for this purpose, and the general format is as shown, thus making option D the correct answer.ARRAY[0] = "val1"
.-lt
operator is used to test for "less than" conditions within a script. The other operators are not valid for use in a shell script.for
loop construct in this case will require the variable name LIST
to be preceded with a dollar sign ($
), thus making option C correct. The other options will not work for the purpose described.elif
keyword is used to create an alternative execution path within a shell script. The other constructs, such as else if
and elsif
, are used in other languages..git
directory is used for storage of metadata for the repository.git checkout
command switches the location to which HEAD
is pointing. By adding the -b
option, the branch is also created.while
and until
loops execute until a condition changes. The while
loop stops when the condition is no longer true, and an until
loop executes until the condition is true.-gt
, -eq
, and so on. Option B is incorrect because the >
operator is used in square brackets. There is no -gta
operator or gt
operator, making both option C and option D incorrect.${ }
wrapped around the parameter name.Chapter 6: Practice Exam
/proc/interrupts
. Therefore, viewing the contents of the file with a command such as cat
will work. There is no view
command, thus making answer A incorrect. Likewise, there is no /dev/irq
file, making answers C and D incorrect./etc/udev
, which makes answer D correct. The other options do not exist.modprobe
command loads the module and its dependencies, if applicable. The lsmod
command is used to list currently loaded modules, making answer B incorrect. The insmod
command will load a given module but not its dependencies. Answer D, rmmod
, is used to remove a module from memory.dmesg
command displays the contents of the kernel ring buffer. On many Linux distributions, this log is also saved to /var/log/dmesg
. The other options shown for this question are not valid commands..configs/fetchmail/.fetchmailrc
. The file is owned by the root user and root group and was created on July, 8, 2014.systemctl
command is used to work with services and targets. The list-units
command is used to list targets. The other commands are not used for this purpose or do not exist with the required option.-nn
option displays both numbers and device names, thus making answer C correct. The -n
option (answer B) displays only numbers. The other two options do not exist.systemctl
status command and option are the most appropriate. The telinit
and sysctl
commands are not used for this purpose. Likewise, the --ls
option is not valid for systemctl
./var
should be the largest for a mail server because mail spools are stored within this hierarchy. The /etc/
hierarchy is usually small, as is /usr/bin
. The /mail
directory does not exist by default.deplist
option displays the dependencies for the given package. The list
option displays information about a specific package, while the other two options are not valid.-ivh
options will install a file using rpm
, displaying both verbose output and hash marks for progress. The other options presented do not exist or do not accomplish the specified task.apt-cache
command is used to work with the package cache, and the search
option is used to search the cache for the supplied argument, in this case zsh
. The apt-get
command is used to work with packages themselves, while the apt-search
command does not exist.-V
or --verify
option will check the files in a given package against versions (or checksums) in the package database. If no files have been altered, then no output is produced. Note that output may be produced for files that are changed during installation or for other reasons. Note also the use of an uppercase V
for this option as opposed to the lowercase v
for verbose
.top
command is used to continuously monitor things like CPU and memory usage, and the -p
option monitors a single process. By using the runquotes with the pidof
command, the process ID is provided as input to the -p
option. It’s worth noting that this only works if there’s a single instance of the process.-g
option displays the progress of the dump. The other options listed do not exist.debugfs
command can be used for this purpose. When the filesystem is opened with –c
, it opens in catastrophic mode, meaning that it will be read-only and will not read inodes when opening.xwininfo
command displays information about a given window within an X session. The other commands listed for this answer are not valid./etc/localtime
, which can be an actual file or a symbolic link, is used to indicate the local time zone. The other files listed as options do not exist./usr/share/zoneinfo
hierarchy, you will find information on the various regions and time zones available. The files within this hierarchy can be symlinked to /etc/localtime
./etc/skel
directory contains files that are automatically copied to a user’s home directory when that user is created. The other directories listed for this question do not exist by default.atq
command shows a list of jobs that have been scheduled with the at
command. The other commands don’t exist, with the exception of option D, which shows the at
command but with an invalid option (--jobs
).chage
command can be used for this purpose, and the -E
option accepts days since 1/1/1970. There is no -e
option to passwd
, and -l
for usermod
will not perform the action described. There is no chguser
command.-i
option for SSH is followed by the private key to use for authentication. Doing so implies that the public key is in the authorized_keys file on the remote host. The -k
option disables the sending of GSSAPI credentials, while -f
is used to request backgrounding of SSH. There is no --key
option.-n
option facilitates the scenario described and will exit non-zero rather than prompting. The -i
option sets the login name and is not valid for this scenario. The -q
and --noprompt
options do not exist.free
command shows current memory usage for both RAM and swap space, including total available, current amount used, and current amount free. The other commands shown as options do not exist.df
command displays information on disk usage and can help with planning disk utilization over time. For example, if you note that the disk utilization is increasing significantly, preparations can be made to bring more disk online or even to change the log-rotation schedule such that logs are rotated faster, thereby freeing up space.sar
command can be used for this purpose and when provided with numbers in the format displayed, will update every X seconds for Y executions.-m
option causes the disk-related statistics to use megabytes as the scale rather than the default kilobytes.mkinitrd
command is used on older systems to create the initial RAM disk. The initial RAM disk is used to load, some might say preload, essential modules for things like disks and other vital components needed for booting.-r
option repairs the filesystem, while the -y
option causes fsck
to assume Yes instead of prompting. The -v
option is verbosity. There is no -m
or -x
option for fsck
.default.target
is the default target unit that is activated by systemd
on boot. The default target then starts other services based on the dependencies.mkswap
command is used to format a swap partition. The other commands are not valid.defaults
for its mount options will be mounted read-write (rw
), suid
, with the ability to have executables (exec
). The filesystem will be auto-mounted (auto
), but users will not be able to mount it (nouser
). Character and block special devices will be interpreted (dev
), and operations on the disk will be performed in an asynchronous manner (async
).fstrim
command is used to remove blocks that are not in use. The fstrim
command is frequently used in a SAN configuration to give back unused storage to the SAN. The fstrim
command can also be used with solid-state drives for the same purpose. The other commands shown are not valid.--create
option enables creation of a RAID array that will use md
. The typical argument is the /dev/mdN
device. The other options listed are not valid for mdadm
.lvcreate
command is used to create a logical volume from previously created physical devices and volume groups. Using lvcreate
is the final of three steps in the process for using LVM prior to actually using the logical volume.ss
command provides many of the same functions as netstat
but can show some extended information, such as memory allocation for a given socket. The free
command shows memory usage but not by socket, and the other two commands do not exist.-f
option is a flood ping. This will effectively cause the interface to send and receive large amounts of traffic, usually making it easier to find on a switch. The -a
option is an audible ping, emitting a sound on ping
. The -c
option sends a certain count of pings, and there is no -e
option.bs
option is used to specify block size. Various suffixes are possible, such as M
, which is equivalent to megabytes, and K
, which is equivalent to kilobytes.--size-only
option examines whether the files being synchronized are the same size. This can be helpful for situations where there may be significant time skew or other issues preventing the normal differencing mechanisms from working properly. The other options shown are not valid for rsync
.axfr
type can be used with dig
to request a zone transfer. The client from which you request the zone transfer will need to be authorized to initiate a transfer./etc/exports
contains definitions of filesystems to be shared using NFS. The other files are not valid for use with NFS.max-lease-time
directive, followed by the number of seconds, specifies the amount of time that a given host can have a lease before it is purged. The other options shown are not valid in a dhcpd.conf
configuration file.nsswitch.conf
, the passwd
line contains information about authentication. The format is as shown in the correct answer. Local authentication is accomplished using the files
keyword for the normal passwd
file. There is typically a similar line called shadow
, assuming that the server is using shadow passwords. The shadow
line follows a similar format.ssh-keygen
command generates a public and private key pair that can be used for user authentication between a client and server. The other commands shown are not valid.authorized_keys
contains keys that can then be used for authentication when the corresponding private key is sent by the client. The other files are not valid.export
command is used for this purpose and accepts a name=value
pair, as shown in the answer. The other commands are not valid, with the exception of the echo
command, which will simply echo the argument to the console.HISTFILESIZE
option configures the number of commands to keep in the history file. The other variables are not valid within bash.awk
command shown can be used for this purpose. The -F
option sets the field separator, and the OFS
option sets the output field separator.git clone
command will clone into a different directory if that directory is passed on the command line, as shown in option B. The other options shown are not valid git clone syntax.export
command is necessary so that any variables that are manually defined in your current session become available to child processes. The source
command executes the file and can be used for the purpose described but requires an additional argument. The let
and def
commands are not valid.source
command is the functional equivalent of a single dot (.
). The set
command exists but is not used for this purpose. The other commands are not valid.-f
option sets the days between expiration and disabled for an account. The -g
option is used to set the group ID, while -e
is used to set the overall expiration date.-r
option to the crontab
command removes all cron entries for a given user. The -l
option lists cron jobs, while the -e
edits the crontab
. There is no -d
option.journalctl
command is used to view and parse log file entries on systemd
-based systems that maintain logs in a special format. The logger
command can be used to create log entries, and the other commands shown do not exist.lpr
syslog facility sends messages from the lp
subsystem to syslog. The auth
facility is used for security-related messages. The other listed options are not syslog facilities.-p
option to set the port or use a colon to separate the host from the port.-p
option preserves permissions. The -x
option extracts while -z
unzips with gzip. The -v
option is verbose
.-i
option tells patch
to ignore whitespace. This might be necessary when the patch file doesn’t match exactly what’s needed. The -p
option sets the level of directory for the patch, while -e
informs patch
to interpret as an ed script. There is no -w
option for patch
.dm-crypt
command. Other modes include plain, loopaes, and tcrypt.-r
option reverses the journal, displaying the newest entries first. The -n
option shows the most recent N events, -f
is follow
, and -b
tells journalctl
to show a message from a specific boot ID.emergency
target can be used in situations where rescue mode cannot recover the system. The other targets are not valid.-g
and -o
are needed. The other options are not valid, although you can remove individual options from an archive process with --no-g
and --no-o
, which would be equivalent to removing the -g
and -o
options from the command.-r
option bypasses the routing tables and enables sending packets directly using an interface. The -A
option is adaptive ping
, while -b
enables sending pings to a broadcast address. The -q
option is quiet output.-b
option makes a copy of the original file before patching. This can be particularly useful in a scripted scenario where several files are patched in succession. The -d
option causes a change directory prior to patching, while -c
tells patch
to interpret the patch file as a normal diff file. The -s
option causes patch
to work in silent mode.
escape sequence is a carriage return, and
is newline. The c
sequence invokes a control character and is not related to this question.-f
file test checks to see if the file exists and is useful in a scripting scenario as described.ls-files
command will be used for this purpose, and -i
or --ignored
will be used, along with a required exclusion pattern, thus making option A correct. Option B is missing the required exclusion pattern.script.sh
and sends it to file.txt
. Option C tries to use file.txt
as input but without any way to send the contents to STDOUT
. Option D executes script.sh
and sends the contents to file.txt
, which is opposite of the scenario.-c
option sets the maximum mount count. The -C
option sets the current number of mounts. The -b
and -a
options do not exist.-f
option, also known as fake
, is helpful for situations where you need to debug the mount process or when you need to add an entry to /etc/mtab
for a previously mounted filesystem. The -l
option shows labels, and -v
is verbose
. There is no -q
option.netstat
command can be used for this purpose, and the -r
option displays the current routes. The addition of -n
prevents DNS lookups, which can help with performance.ps
command provides information on processor and memory usage for individual processes. You can use this information to predict capacity.wa
statistic shows time spent waiting for I/O and can be used to measure or find a bottleneck related to disk. The us
statistic is time spent on userspace processes, while sy
is time spent on kernel processes. There is no statistic called io
within vmstat
.uptime
command is displayed in 1-, 5-, and 15-minute increments.-a
option displays all values and their current settings for sysctl
. The -b
option is binary
and displays values without any newlines. The -d
option is an alias for –h
, which displays help. There is no -c
option.SIGTERM
signal is the default signal sent with the systemctl kill
command.ldconfig
command is used to work with the library cache, and the -p
option prints the directories and libraries in the cache. The -C
option informs ldconfig
to use a different cache. The ldd
command prints the library dependencies for a given command, but the options given don’t exist for ldd
.
18.225.35.81