Appendix
Answers to the Review Questions

Chapter 2: Introduction to Services

  1. B. The Apache web server has gained popularity as being combined with the Linux OS, the MySQL database server, and the PHP programming server, making the LAMP stack. The nginX server is a newer web server that is gaining in popularity but is not part of the LAMP stack. The Lighthttpd web server has a small memory and CPU footprint, making it ideal for embedded systems but not for large-scale LAMP applications. The PostgreSQL package is a database server and not a web server.
  2. A. A daemon is a single application that runs in background listening for client connection requests, so option A is the correct answer. A super-server listens for more than one application, so option B doesn't apply. The shell doesn't listen for network connections; it launches applications interactively, so option C is incorrect. The graphical desktop also allows you to launch applications, but it doesn't listen for client connection requests, so option D is incorrect.
  3. C. When first released, the MySQL database server focused on speed, making it a popular choice for high-volume Internet web applications, so option C is correct. The MongoDB database server provides object-oriented database features but doesn't focus on performance, so option A is incorrect. The PostgreSQL database focused on implementing fancy database features instead of speed, so option B is incorrect. NoSQL is a database storage method that incorporates object-oriented data records and is not a database server package itself, so option D is incorrect.
  4. B. Linux services listen on well-known ports for requests from clients, so option B is correct. A server normally has a single IP address to support multiple applications, so option A is incorrect. The server also normally has only a single Ethernet address, so option C is incorrect. The clients can't launch individual services on the server, so option D is incorrect.
  5. A. The nginX web server can serve as a load balancer and send client requests to multiple backend web servers, so option A is correct. The Apache and lighthttpd web servers don't support this feature, so options B and D are incorrect. The PostgreSQL server is a database and not a web server, so option C is incorrect.
  6. C. The MongoDB database server uses the JSON format for storing data records. The relational database is a type of database system and not a method for storing data, so option A is incorrect. YaML is a plaintext method for creating configuration files, but it is not used in MongoDB for storing data, so option B is incorrect. The MongoDB data is not normally encrypted, so option D is also incorrect.
  7. B. The MTA package is responsible for connecting with remote mail hosts to deliver email messages, so option B is correct. The MUA allows clients to connect to the email server to read their messages, so option A is incorrect. The MDA allows you to create rules for processing mail locally, not to remote servers, so option C is incorrect. Evolution is an email MUA client application, not a server MTA package. The Evolution package is a graphical email client, so option D is incorrect.
  8. C. The MDA allows you to create filters to match email messages to redirect to other folders, so option C is correct. The MUA is the user interface and doesn't control how incoming mail is delivered by the server, so option A is incorrect. The MTA delivers email to remote hosts and accepts mail from remote hosts, so option B is incorrect. The Evolution package is a graphical MUA package for clients and does not allow you to create filters to deliver email messages, so option D is incorrect.
  9. D. The NFS protocol is used to share folder areas on the network with clients, so option D is correct. SNMP is a network protocol used for managing remote devices, so option A is incorrect. NTP is a network protocol used for setting the time on servers, so option B is incorrect. DHCP is a network program used for assigning IP addresses to network devices, so option C is incorrect.
  10. B. The Samba software package allows a Linux server to communicate with Windows servers and clients using the SMB protocol, so option B is correct. The ntpd daemon listens for requests from a remote time server, so option A is incorrect. The DHCPd package provides DHCP services on the Linux server to assign network IP addresses; it doesn't allow workstations to map folders on the Linux server, so option C is incorrect. The Evolution package is a graphical desktop program used to access email in the mail folder and is not a server service, so option D is incorrect.
  11. A, B. The rsyslogd program is used by SysV init systems to log events, and the journald program is used by Systemd systems to log events, so options A and B are the correct answers. The ntpd program provides time services and not logging services, so option C is incorrect. The DHCPd program is used for assigning IP addresses on a local network and not for logging services, so option D is incorrect.
  12. C. The ntpd service uses NTP to synchronize the server time with a remote system, so option C is correct. The DHCPd program assigns IP addresses to devices on the local network but not time, so option A is incorrect. The BIND program provides hostname resolution services but not time services, so option B is incorrect. The Samba package allows a Linux server to interact with Windows clients and servers, but it doesn't provide time services, so option D is incorrect.
  13. D. The CUPS application provides printer drivers and services that allow Linux systems to connect with local and remote printers, so option D is correct. The DHCPd program assigns IP addresses to devices on the local network but doesn't connect to remote printers, so option A is incorrect. The BIND application provides hostname resolution services but can't connect to printers, so option B is incorrect. The ntpd program allows you to synchronize the server time with a remote time clock but doesn't connect to network printers, so option C is incorrect.
  14. B. The named program is part of the BIND application, which provides hostname resolution services, so option B is correct. The ntpd program is what provides network time, so option A is incorrect. The DHCPd program provides dynamic IP address allocation on a local network, so option C is incorrect. The CUPS application provides printing services on a Linux system, so option D is incorrect.
  15. C. The NIS package was formerly called Yellow Pages (YP), but the name had to be changed due to trademark issues, so option C is correct. The Samba package, which provides Windows client and server services in Linux, refers to a popular Latin dance, not the Yellow Pages, so option A is incorrect. The Kerberos package, which does provide authentication services in Linux, refers to the three-headed hound that guards Hades, not the Yellow Pages, so option B is incorrect. The BIND application refers to binding a name to an IP address, which is a similar function to the Yellow Pages, but it wasn't formerly called Yellow Pages, so option D is incorrect.
  16. A. The DHCPd program provides DHCP server services on a local network, so option A is correct. The BIND package provides hostname resolution services; it doesn't assign IP addresses, so option B is incorrect. The ntpd package provides network time services but not address services, so option C is incorrect. Evolution is a client MUA package for reading email; it doesn't provide IP addresses to clients, so option D is incorrect.
  17. C. The OpenSSH package allows you to use certificates to establish a secure connection between two devices on the network, so option C is correct. The BIND package provides hostname resolution, not secure connections, so option A is incorrect. The ntpd package provides time services on the network, not secure connections, so option B is incorrect. The OpenSSL package allows you to create certificates used for encrypted communication but doesn't perform the communication itself, so option D is incorrect.
  18. C. A web proxy server allows you to intercept client web requests and block any requests based on rules you define, so option C is correct. A DHCP server assigns IP addresses to devices on the local network; it doesn't intercept web requests, so option A is incorrect. A web server hosts websites but doesn't intercept requests made by local clients, so option B is incorrect. A container allows developers to easily deploy web applications in different environments but doesn't intercept web requests from local clients, so option D is incorrect.
  19. A. A load balancer sends client requests to one server within a cluster of servers to balance traffic among the servers, so option A is correct. A web proxy server intercepts web requests from clients but can only filter or pass the request to the destination host, so option B is incorrect. A DHCP server assigns IP addresses to devices on a local network but doesn't help increase performance of network applications, so option C is incorrect. A container allows a developer to easily deploy web applications to different environments but can't control what traffic goes to which server, so option D is incorrect.
  20. C. A container allows developers to develop applications in a controlled environment that can easily be deployed to other servers, so option C is correct. A web proxy intercepts web requests from clients but doesn't control how applications are deployed, so option A is incorrect. A DHCP server assigns IP addresses to devices on the local network but doesn't control how applications are deployed, so option B is incorrect. A cluster can help with application performance by spreading the load among multiple servers but doesn't control how developers deploy the application to the servers, so option D is incorrect.

Chapter 3: Managing Files, Directories, and  Text

  1. C. Option C will append an indicator code of / to every directory name, so therefore it is the best choice. The mkdir -v command creates a directory and lets you know whether or not it was successful, but it does not indicate directories, so option A is a wrong answer. The ls command only displays file and directory names, so option B is also a wrong answer. The ls -i command will display filenames along with their inode number, but it does not indicate directories, so option D is incorrect. While option E will work on some distributions to produce a long listing that can indicate directories, this command is not aliased to ls -l on every distribution, so therefore it is not the best command to use.
  2. B. The -d switch on the ls command will allow you to view a directory file's metadata instead of seeing metadata for the files managed by that directory. Therefore, option B is the correct choice. Option A is a wrong answer because the -a switch forces the ls command to display hidden files, which are files starting with a dot (.). The -F switch will append an indicator code to each file but not allow you to view a directory's metadata, so option C is a wrong choice. The -l option is already being employed because you are viewing metadata, so it does not need to be added. Therefore, option D is an incorrect answer. The -R switch allows you to view file information recursively through a directory tree, and thus option E is also a wrong choice.
  3. A. The mkdir -v command creates a directory and lets you know whether or not it was successful, so option A is the correct answer. The touch command creates blank and empty files, so option B is incorrect. The cp -R command will recursively copy an entire directory full of files to another directory. Since you do not know if the directory TheDir is empty or not, you most likely did not use this command, so option C is a wrong answer. The mv -r command will rename a directory to a new directory name. Again, you do not know if the directory TheDir is empty or not, so you most likely did not use this command, and thus, option D is also a wrong answer. Option E is an incorrect answer because the rmdir command deletes empty directories.
  4. E. The rsync utility allows you to perform fast local copies, so for a big file it is the best utility to use in this case. Therefore, option E is the correct answer. The readlink -f command finds the file being pointed to via a series of soft links, so option A is an incorrect answer. The mv command will rename a file instead of creating a backup copy, so option B is incorrect. The cp command does create a file copy. However, it is not as fast as the rsync utility and therefore is not the best choice, making option C a wrong answer. The scp command also creates a file copy; however, it also is not as fast as the rsync utility and therefore is not the best choice, making option D a wrong answer.
  5. E. The rm -rI command will recursively delete the files in the /home/Zoe directory tree, and it will ask before it starts, so you know you are deleting the correct tree. Therefore, option E is the best answer. Option A is incorrect because the cp command simply copies files; it does not remove them. Option B is incorrect because not only is part of the directory name using the wrong case, but there is no verification the correct directory is being moved to the black hole device, /dev/null/. The rm -Rf command would work, but it is not the best command to use because it does not ask before it starts, so you do not know if you are deleting the correct tree. In fact, the -f option suppresses error messages, so option C is wrong. Option D would also work, but it is not the best answer because it employs the -i option. If Zoe has years of files in her home directory, you may be sitting there for a long time deleting files due to the fact that you must confirm each file before it is deleted. Therefore, option D is an incorrect answer.
  6. B, C, E. When renaming a directory, you only need to employ the mv command. However, it is wise to use the -i option, so if the new directory name already exists, the utility will stop and ask permission prior to proceeding. Even better is to use the -n option; that way, if the new name you select is already being used, the mv command does not allow you to overwrite it. Also, the -v option is worthwhile, so the mv command operates in verbose mode, telling you what is going on. Therefore, options B, C, and E are all correct choices. The -f option is not a wise choice because it forces the directory's renaming, even if a directory already exists that has that name. Therefore, option A is a wrong answer. Also, there is no -r switch, because renaming a directory using the mv command does not require any recursive action. Thus, option D is an incorrect choice.
  7. B. Option B is the correct answer because the hard links will prevent the three other command-line interface users from accidentally deleting the data. If they delete their link's name, they will not delete the data. Option A is an incorrect choice because hard-linked files must reside on the same filesystem together. Option C is also an incorrect choice because if you do not provide the symbolic links to the other three data users, they will have to access the data file directly and could delete it. While creating symbolic links will protect the data by letting it reside on a different filesystem, if it is mission-critical data, the filesystem employed should be rigorous enough to protect the data, and therefore your only threat would be human. Thus, option D is an incorrect answer. Symbolic linked files do not share an inode number. Therefore, option E is an incorrect choice.
  8. A. The cat -v command will show any nonprinting characters that may have gotten embedded in the control file causing it to be corrupted, and therefore option A is the correct answer. The -z option only lets you see end-of-line characters if they are NULL, and thus, option B is a wrong choice. The -n option only numbers the text lines in output, so option C is also a wrong answer. The cat -s command will display multiple blank lines in the file as one blank line. This will not help in the investigation, so option D is an incorrect answer. The -E option displays a $ whenever a newline linefeed is encountered, and while possibly helpful, it is not the best option to use in this case. Therefore, option E is a wrong answer.
  9. D. Option D is the correct answer because the best command to use is the pr -mtl 20 command. This will display the files side by side, remove any file headers or trailers, and set the page length to 20 lines so the files do not scroll off your screen. Of course, you may need to adjust the line length depending on your screen's resolution. Option A is incorrect because, while it will display the files side by side, the display may scroll off your screen. Option B is also incorrect, because the command will not display your files side by side. Option C is a wrong answer choice because the cat command will not display the files side by side. Option E's command may work for you, but it is not the best choice because file headers or trailers will not be removed. Therefore, option E is an incorrect answer.
  10. C. The head command can use either the -n 15 switch or the -15 switch to display a file's first 15 lines. Therefore, option C is the correct answer. To display all but the last 15 lines of the file, you would need to employ the -n -15 switch, so option A is incorrect. To display all but the first 15 lines, you need to use the tail command instead of the head command, so option B is a wrong answer. Also, you need to use tail to display the last 15 lines of the file, so option D is also an incorrect answer. Option E is a wrong choice because the command will not generate an error message in this case.
  11. E. It is possible that the account name Hal is listed in the generated text file as hal. Therefore, your best next step is to employ the -i option on the grep command. This will quickly search the text file for the word Hal while ignoring case. Thus, option E is the correct answer. Option A is a wrong choice because the tail command will not allow you to search the file. Option B is also an incorrect answer, because the cat command will just display the entire text file to the screen and is not an efficient method for finding a few text lines. While you may end up having to regenerate the text file, prior to doing so you should check for Hal, ignoring case. If you find the records, then you have saved yourself some time. Thus, option C is also a wrong choice. Finally, the -d skip option on the grep command allows the search to skip any directory files. This option is useless in this situation, and therefore option D is an incorrect answer.
  12. B. A pager utility allows you to view one text page at a time and move through the text at your own pace. Therefore, option B is the correct answer. A utility that only allows you to view the first few lines of a file would not be useful in this case, and these utilities are not called pagers. Therefore, option A is a wrong answer. While the less utility is a pager and will allow you to search through the text file, the coworker mentioned pagers, which includes the more utility. With the more utility you cannot search through text, so option C is an incorrect choice. You do not need to filter out text in the file, and filter utilities are not called pagers, so option D is a wrong answer. A utility that only allows you to view the last few lines of a file would not be useful in this case, and these utilities are not called pagers. Therefore, option E is an incorrect choice.
  13. E. You need to use the q key to exit from the less pager utility; therefore, only option E does not describe less and is the correct answer. Option A is a wrong answer because less does not read the entire file prior to displaying the file's first page. You can also employ the up and down arrow keys to traverse the file as well as the spacebar to move forward a page and the Esc+V key combination to move backward a page, so options B, C, and D are incorrect answers.
  14. B. The -q (or --brief) option used with the diff command will allow you to quickly determine if two text files are different from each other. Thus, option B is the correct answer. The -e switch allows you to create an ed script to use later on, so option A is an incorrect choice. The -s option does allow you to see if the files are the same and shows a simple message stating this fact. However, it is focused on file differences, so it is not the best switch to use. Therefore, option C is also a wrong answer. The diff command's -W option allows you to set a display width, and thus, option D is an incorrect choice. The -y switch displays the two files in two columns, so option E is also a wrong selection.
  15. C. Option C is the correct answer because the which command will allow you to quickly see the location of the program you provide as an argument. If you see no response, you can go on to the next troubleshooting step of determining if the program is not installed. Option A is not correct because these actions will simply recall the original diff command and try it again. Logging out and then back in again may reset some variables you accidentally created, but it is not a good first step in this troubleshooting process. Therefore, option B is a wrong answer. Entering the whereis diff command will provide additional information concerning the diff command, such as program location and source code file locations as well as man page locations. This additional information is not needed, so option D is an incorrect choice. Rebooting a server just because a command does not work is not a good first troubleshooting step. Therefore, option E is also a wrong answer.
  16. E. By default, the locate command uses file globbing, which adds wildcards to the pattern you enter. Thus, conf is turned into *conf*. Therefore, option E best explains the results and is the correct answer. The locate command will search for both file and directory names for specified patterns unless options are provided to modify this behavior. Therefore, option A is an incorrect answer. The locate command does not use the -d skip switch (the grep command does use it, though), and thus, option B is a wrong answer. Because the command operated normally, there is not a problem with the locate database, so option C is an incorrect choice. Also, a regular expression switch was not used in the locate command, so option D is also a wrong choice.
  17. A. The locate utility searches the mlocate.db database, which is typically only updated one time per day via a cron job. Therefore, for this newly created file, the first thing you should do is update mlocate.db via the updatedb command, using super user privileges. Thus, option A is the correct answer. After you have updated the database, any of the commands in option B, C, or E should work fairly well, with option B's command being the best choice. However, for the first step, options B, C, and E are wrong answers. Downloading the file again is tedious and time-consuming and can possibly consume disk space unnecessarily. Therefore, option D is an incorrect choice.
  18. D. When using the locate command, the path argument is listed first, which is a starting point directory. The find utility will search through that directory and all its subdirectories (recursively) for the file or files you seek. Also, the -name switch allows you to search for a file by name, so option D is the correct answer. Option A is incorrect because there is no -r switch, and no need for one. Option B is not the best command to use in this case because the starting directory is /, which is the root of the virtual directory structure. It is much better to start at the /etc directory, since the file is most likely located somewhere in that directory tree. Using the -maxdepth switch may hamper the search because it sets the subdirectory level to stop the search. Therefore, option C is a wrong answer. Option E is an incorrect choice, because the path and filename are flip-flopped and the -name switch is missing.
  19. E. The find / -nouser command will search through the entire virtual directory structure looking for any files that do not have a username associated with them. Since Michael's account and home directory were deleted, any files he owned out in the virtual directory structure will not have a username associated with them, only a user ID (UID). Thus, option E is the best answer. Option A is incorrect because the -name switch is for file names, not usernames. Option B is also an incorrect answer, because the -user switch is used to search for files owned by a particular account. Since Michael's account was deleted, his username would no longer be associated with any files. Option C is a wrong answer because you do not know when his files may have experienced data changes, as indicated by the -mmin switch, and thus this is a bad method for trying to identify them. Option D is an incorrect choice because the find command is starting the search process in the user's home directory instead of the root (/) of the virtual directory structure.
  20. C. The grep utility will allow you to search file contents quickly and effectively. Therefore, option C is the correct answer. The which utility can help you locate a program's location by its name, but it does not search its contents, so option A is an incorrect choice. The whereis command will search for a file's program location, source code files, and man pages, but it cannot search a file's contents, so option B is also a wrong choice. The locate utility will search for a file's location using its name, but it cannot search a file's contents, so option D is an incorrect answer. The find command can find files using a file's metadata, but it does not search inside a file, so option E is a wrong choice.

Chapter 4: Searching and Analyzing Text

  1. C. A text file record is considered to be a single file line that ends in a newline linefeed that is the ASCII character LF. You can see if your text file uses this end-of-line character by issuing the cat -E command. Therefore, option C is the correct answer. The text file may have been corrupted, but this command does not indicate it, so option A is an incorrect choice. The text file records end in the ASCII character LF and not NUL or $. Therefore, options B and D are incorrect. The text file records may very well contain a $ at their end, but you cannot tell by the situation description, so option E is a wrong answer.
  2. E. To properly use some of the cut command options, fields must exist within each text file record. These fields are data that is separated by a delimiter, which is one or more characters that create a boundary between different data items within a record. Therefore, option E best describes a delimiter and is the correct answer. Option A is made up and is a wrong answer. Option B describes an end-of-line character, such as the ASCII LF. Option C is made up and is a wrong answer. While a single space and a colon can be used as a delimiter, option D is not the best answer and is therefore a wrong choice.
  3. C, D. Recall that many utilities that process text do not change the text within a file unless redirection is employed to do so. The only utilities in this list that will allow you to modify text are the text editors vim and nano. Therefore, options C and D are the correct answers. The cut, sort, and sed utilities gather the data from a designated text file(s), modify it according to the options used, and display the modified text to standard output. The text in the file is not modified. Therefore, options A, B, and E are incorrect choices.
  4. A. The cut command gathers data from the text file, listed as its last argument, and displays it according to the options used. To define field delimiters as a comma and display each data center monitor's monitor ID, serial number, and location, the options to use are -d "," -f 1,3,4. Also, since the text file's records end with an ASCII LF character, no special options, such as the -z option, are needed to process these records. Therefore, option A is the correct choice. Option B uses the unneeded -z option and is therefore a wrong answer. Option C is an incorrect choice because it reverses the -f and -d options. Options D and E are wrong answers because they put the filename before the command switches.
  5. D. Option D is the best answer because a regular expression is a pattern template you define for a utility, such as grep, which uses the pattern to filter text. While you may use a series of characters in a grep PATTERN, they are not called regular expressions, so option A is a wrong answer. Option B is describing end-of-line characters, and not regular expression characters, so it also is an incorrect answer. While the ? is used in basic regular expressions, the * is not (however, .* is used). Therefore, option C is a wrong choice. Quotation marks may be employed around a PATTERN, but they are not considered regular expression characters, and therefore option E is an incorrect answer.
  6. B. Option B is the best command because this grep command employs the correct syntax. It uses the quotation marks around the pattern to avoid unexpected results and uses the .* regular expression characters to indicate that anything can be between May 30 and the IPv4 address. No additional switches are necessary. Option A is not the best grep command because it uses the wrong regular expression of ?, which only allows one character to exist between May 30 and the IPv4 address. Options C and D are not the best grep commands because they employ the -i switch to ignore case, which is not needed in this case. The grep command in option E is an incorrect choice, because it uses the -v switch, which will display text records that do not match the PATTERN.
  7. A, B, C, E. A BRE is a basic regular expression that describes certain patterns you can use with the grep command. An ERE is an extended regular expression and it requires the use of grep -e or the egrep command. Options A, B, C, and E are all BRE patterns that can be used with the grep command, so they are correct choices. The only ERE is in option D, and therefore, it is an incorrect choice.
  8. E. To meet the search requirements, option E is the ERE to use with the egrep command. Therefore, option E is the correct answer. Option A will return either a record that ends with Luke or a record that ends with Laura. Thus, option A is the wrong answer. Option B is an incorrect choice because it will return either a record that begins with Luke or a record that begins with Laura and has one character between Laura and the Father is phrase. Option C has the Luke and Laura portion of the ERE correct, but it only allows one character between the names and the Father is phrase, which will not meet the search requirements. Thus, option C is a wrong choice. Option D will try to return either a record that ends with Luke or a record that ends with Laura and contains the Father is phrase, so the egrep command will display nothing. Thus, option D is an incorrect choice.
  9. A, B. To sort the data.txt file numerically and save its output to the new file, newdata.txt, you can either use the -o switch to save the file or employ standard output redirection with the > symbol. In both cases, however, you need to use the -n switch to properly enact a numerical sort. Therefore, both options A and B are correct. Option C is a wrong answer because the command has the newdata.txt and data.txt flipped in the command's syntax. Options D and E do not employ the -n switch, so they are incorrect answers as well.
  10. C, E. The commands in both options C and E will display the data.txt and datatoo.txt files' content one after the other to STDOUT. The cat -n command will also append line numbers to it, but it will still concatenate the files' content to standard output. Therefore, options C and E are correct. Option A will just display the files' names to STDOUT, so it is a wrong answer. Option B will numerically sort the data.txt, wipe out the datatoo.txt file's contents, and replace it with the numerically sorted contents from the data.txt file. Therefore, option B is an incorrect answer. Option D will show the two files' metadata to STDOUT instead of their contents, so it also is a wrong choice.
  11. C. The pr command's primary purpose in life is to specially format a text file for printing, and it can accomplish the required task fairly quickly. Therefore, option C is the best choice. While the pr utility can handle formatting entire text files, the printf command is geared toward formatting the output of a single text line. While you could write a shell script to read and format each text file's line via the printf command, it would not be the quickest method to employ. Therefore, option A is a wrong answer. Option B's wc command will perform counts on a text file and does not format text file contents, so it is also an incorrect answer. The paste command will “sloppily” put together two or more text files side by side. Thus, option D is a wrong answer. Option E is an incorrect choice because the nano text editor would force you to manually format the text file, which is not the desired action.
  12. E. The printf FORMAT "%.2f " will produce the desired result of 42.78, and therefore option E is the correct answer. The FORMAT in option A will simply output 42.777, so it is an incorrect choice. The FORMAT in option B will output 42 and therefore is a wrong answer. The printf FORMAT setting in option C will produce an error, and therefore, it is an incorrect choice. Option D's printf FORMAT "%.2c " will display 42 and thus is also an incorrect answer.
  13. A, C. The first item output by the wc utility is the number of lines within a designated text file. Therefore, option A is correct. Option C is also correct, because the second item output by the wc utility is the number of words within a designated text file. Option B is a wrong answer because the file contains 2,020 lines and not characters. Option D is an incorrect choice because you do not know whether or not the Unicode subset of ASCII is used for the text file's encoding. You should always assume the last number is the number of bytes within the file. Use the -m or --chars switch on the wc command to get a character count. Therefore, the file could have 11,328 bytes in it instead of characters. Option E is also a wrong choice because the file has 2,020 lines in it.
  14. B. A file descriptor is a number that represents a process's open files. Therefore, option B is the correct answer. A file type code is a letter that represents the file's type, displayed as the first item in the ls -l output line. Therefore, option A is a wrong answer. Option C is also wrong, because it is a made-up answer. Option D is incorrect because it describes only STDOUT, which has a file descriptor number of 1 and is only one of several file descriptors. A file indicator code is a symbol that indicates the file's classification, and it is generated by the ls -F command. Therefore, option E is also a wrong choice.
  15. D. By default, STDOUT goes to your current terminal, which is represented by the /dev/tty file. Therefore, option D is the correct answer. The /dev/ttyn file, such as /dev/tty2, may be your current terminal at a particular point in time, but /dev/tty always represents your current terminal, so option A is a wrong answer. Option C is incorrect because it is the symbol used at the command line to redirect STDOUT away from its default behavior. The pwd command displays your present working directory, so option E is a wrong choice.
  16. A. The command in option A will display the SpaceOpera.txt file to output as well as save a copy of it to the SciFi.txt file. Therefore, option A is the correct answer. Option B is a wrong answer because it will only put a copy of SpaceOpera.txt into the SciFi.txt file. Option C is an incorrect choice because this will display the SpaceOpera.txt file to output and put any error messages into the SciFi.txt file. The cp command will only copy one text file to another. It will not display the original file to output, so option D is a wrong answer. Option E is a wrong choice because it will put a copy of SpaceOpera.txt into the SciFi.txt file and include any error messages that are generated.
  17. D. The /dev/null file is also called the black hole, because anything you put into it cannot be retrieved. If you do not wish to see any error messages while issuing a command, you can redirect STDERR into it. Thus, option D is the correct answer. Options A, B, and C are wrong answers because they perform redirection to a file called BlackHole instead of /dev/null. Option E is also incorrect, because it redirects STDOUT to the /dev/null file, and any error messages will be displayed.
  18. C. To find records within the Problems.txt file that contain the word error at least one time, the grep command is employed. The correct syntax is grep error Problems.txt. To count the records, the grep command's STDOUT is piped as STDIN into the wc utility. The correct syntax to count the records is wc -l. Therefore, option C is the correct answer. The command in option A is incorrect because its wc command is counting the number of bytes within each input record. Option B is a wrong answer, because its wc command is counting the number of words within each input record. The command in option D has two problems. First, its grep command syntax has the item for which to search and the file to search backward. Also, its wc command is counting the number of words within each input record. Therefore, option D is a wrong choice. Option E is an incorrect answer because its grep command syntax has the item for which to search and the file to search backward.
  19. B, C, E. The xargs command, $() method, backticks (`), and brace expansion all allow you to build a command-line command on the fly. In this case, only options B, C, and E are using the correct command syntax to find any file named 42.tmp, which exists somewhere in your current directory's tree structure and display its contents to STDOUT. Therefore, options B, C, and E are correct answers. Option A is using the wrong syntax for the xargs command, and this command will generate an error message. Therefore, option A is a wrong answer. Option D is using the wrong syntax for brace expansion, and thus, it is an incorrect choice as well.
  20. A, C, D, E. The three modes of the vim editor are command (also called normal mode), insert (also called edit or entry mode), and ex (sometimes called colon commands) mode. Therefore, options A, C, D, and E are correct answers. The only incorrect choice for this question is option B.

Chapter 5: Explaining the Boot Process

  1. A. The workstation firmware looks for the bootloader program to load an operating system. The fsck program (option B) is used to check and repair damage to hard drives, so it isn't useful until after the Linux system has started. The Windows operating system only starts after a Windows bootloader program can run, so option C is incorrect. The mount program is a Linux tool for attaching a partition to the virtual directory, which isn't available until after the Linux system starts, so option D is also incorrect. The mkinitrd program is used to create an initrd RAM disk used for booting, but it isn't run when the workstation starts up, so option E is incorrect.
  2. B. The workstation firmware looks at the first sector of the first hard drive to load the bootloader program. This is called the Master Boot Record, so option A is correct. The bootloader program itself can use the chainloader feature to look for another bootloader in a boot partition, but the firmware can't do that, so option D is incorrect. Option A specifies the configuration folder used to store the GRUB configuration file and the kernel image file, but the actual GRUB bootloader program can't be stored there. Option C specifies the common log file folder, but that doesn't contain the GRUB bootloader program. Option E also specifies a common Linux configuration file directory, but it's not used to store the GRUB bootloader program that the firmware can access.
  3. D. The kernel ring buffer, which you can view by typing dmesg, contains messages from the boot messages from the kernel; thus, option D is correct. The fsck program (option A) fixes corrupted partitions, and the mount program (option C) is used to attach partitions to the virtual directory, so neither of those is correct. Option B, the init program, is used to start programs from the kernel, not display boot messages, so it also is incorrect. Option E, the mkinitrd program, is used to create a new initrd RAM disk and is not related to the boot messages, so it too is incorrect.
  4. C. Most Linux distributions store boot log files in the /var/log folder. The /etc folder is most often used for storing system and application configuration files, not boot logs, so option A is incorrect. Some Unix systems use the /var/messages folder for storing log files, but Linux has not adopted this standard, so option B is also incorrect. The /boot folder contains the GRUB configuration files along with the image files necessary to boot the system, but it's not where Linux stores boot logs and is thus incorrect. The /proc folder is unique in that the Linux kernel dynamically stores information about the system there, but it doesn't store boot log information there.
  5. A, B, C, D, E. The BIOS firmware can look in multiple locations for a bootloader program. Most commonly it looks at the internal hard drive installed on the system; however, if none is found, it can search other places. Most workstations allow you to boot from an external hard drive or from a DVD drive. Modern workstations now also provide the option to boot from a USB memory stick inserted into a USB port on the workstation. Finally, many workstations provide the PXE boot option, which allows the workstation to boot remotely from a network server.
  6. A. The Master Boot Record (MBR) is only located in one place: on the first sector of the first hard drive on the workstation; thus, option A is the only correct answer. The boot partition in any hard drive may contain a bootloader, but it is not the Master Boot Record, which is run first by the firmware; thus, option B is incorrect. The other locations are not valid locations for the Master Boot Record, so options C, D, and E are all incorrect.
  7. D. The ESP is stored in the /boot/efi directory on Linux systems. The UEFI firmware always looks for the /boot/efi directory for bootloader programs, so option D is correct. The /etc directory is used to store application and system configuration files, not bootloader programs, so option B is incorrect. The /var folder is used to store variable files such as log files, not bootable files, so option C is incorrect. Option E, the /boot/grub file, is used in GRUB Legacy and GRUB2 to store the bootloader configuration files, as well as the kernel image files. However, it is not used to store the bootloader files themselves, so option E is incorrect.
  8. E. The UEFI specification doesn't require a specific extension for UEFI bootloader files, but it has become somewhat common in Linux to use the .efi file extension to identify them; thus, option E is correct. Option A and option D specify file extensions used to identify GRUB2 (option A) and GRUB Legacy (option D) configuration files, not UEFI bootloader files, so they are both incorrect. Option C specifies the .lst file extension, which is also used for GRUB Legacy configuration files, so it too is incorrect. The .uefi file extension is not used in Linux, so option B is incorrect.
  9. B. The Linux Loader (LILO) bootloader program was the first bootloader used in Linux, so option B is correct. The GRUB Legacy bootloader, despite its name, wasn't the first bootloader, but the second bootloader commonly used in Linux. The GRUB2 bootloader was a later improvement over the GRUB Legacy bootloader, so options A and C are incorrect. Option D, the SYSLINUX bootloader, provides features for use with Microsoft FAT partitions, so that you can boot Linux from a floppy drive or USB memory stick, but it is a later creation and not the first Linux bootloader. Option E, ISOLINUX, is also a later bootloader that allows us to boot Linux from a CD or DVD drive.
  10. A. The GRUB Legacy configuration files are stored in the /boot/grub directory, so option A is correct. Option B, the /boot/efi directory, is used to store UEFI bootloader programs, not GRUB configuration files, so it is incorrect. Option C, the /etc directory, stores many application and system configuration files, but not the GRUB Legacy configuration files. The /var directory stores variable files such as log files but not configuration files, so option D is incorrect. Likewise, Linux uses the /proc directory to provide dynamic kernel runtime data and not configuration files.
  11. B, C. The GRUB2 bootloader stores configuration files in both the /boot/grub directory and the /etc/grub.d directory, so options B and C are correct. Linux uses the /proc directory to provide dynamic kernel runtime data and not configuration files, so option A is incorrect. Option D, /boot/efi, stores UEFI bootloader program files, not GRUB2 configuration files, so it is also incorrect. Option E, /var, is used to store variable files, such as log files, and not configuration files, so it is incorrect.
  12. C. The grub-mkconfig command combines the configurations defined in the /etc/default/grub file and all of the files in the /etc/grub.d folder into a single grub.cfg configuration file. The mkinitrd command (option A) is used to create a new initrd RAM disk image file, so it is incorrect. Likewise, the mkinitramfs command (option B) is also used to create initrd image files on Debian systems, so it too is incorrect. The grub-install program is used by the GRUB Legacy bootloader to install the bootloader in the MBR or a boot partition, but isn't used to generate the GRUB2 configuration files, and is thus incorrect. Option E is the fsck program, which checks and repairs hard drive partitions, and is an incorrect answer for this question.
  13. D. The grub-install command installs any configuration changes into the GRUB MBR, so option D is correct. The mkinitrd command creates a new initrd RAM disk image file, so option A is incorrect. Likewise, the mkinitramfs command (option B) is also used to create initrd image files on Debian systems, so it too is incorrect. The grub-mkconfig command is used in GRUB2 systems to create an updated configuration file but not in GRUB Legacy systems, so option C is incorrect. The fsck program checks and repairs hard drive partitions, so option E is incorrect.
  14. B. The UEFI firmware method has replaced the BIOS in most IBM-compatible computers, so option B is correct. FTP, PXE, NFS, and HTTPS are not firmware methods, but methods for loading the Linux bootloader, so options A, C, D, and E are all incorrect.
  15. E. The kernel ring buffer is an area in memory reserved for storing output messages as the Linux system boots, so option E is correct. Option A, BIOS, is firmware on the workstation, not an area in memory, so it is incorrect. The GRUB bootloader, option B, is a program that starts the Linux system and is not in memory, so it is also incorrect. The MBR is a location on the hard drive to store the Linux bootloader, so option C is incorrect. The initrd RAM disk is an area in memory that stores modules required for the boot process, but it doesn't store the boot messages as the system starts, so option D is incorrect.
  16. A. The single command parameter instructs the Linux system to start in single-user mode after booting, so option A is correct. The fsck command checks and repairs hard drive partitions, so option B is incorrect. Both the mkinitrd and mkinitramfs commands create initrd RAM disk files, so options C and D are incorrect. The dmesg command displays the boot messages from the kernel ring buffer, so option E is incorrect.
  17. A. A kernel panic occurs when a Linux system halts unexpectedly due to a system error, so option A is the correct term. The kernel ring buffer stores boot messages at boot time, so option B is incorrect. The initrd RAM disk is an area in memory that stores module files required to boot the system, so option C is incorrect. The bootloader and firmware are part of the Linux boot process and don't refer to when the system halts, so options D and E are both incorrect.
  18. B. The grub-mkconfig command processes GRUB2 directives stored in the /etc/grub.d folder to create the /etc/grub2.cfg configuration file, so option B is correct. The mkinitrd and mkinitramfs commands are used to create an initrd RAM disk to store module files, so options A and D are incorrect. The grub-install command is used in GRUB Legacy to install the GRUB configuration file in the correct location but isn't used in GRUB2, so option C is incorrect. The dmesg command displays the system boot messages and isn't part of the GRUB2 bootloader, so option E is incorrect.
  19. C. The fsck program can perform a filesystem check and repair multiple types of filesystems on partitions. You should use it on any partition that can't be mounted due to errors. The mount program (option A) is used to append a partition to a virtual directory; it can't correct a partition that contains errors (and will usually refuse to mount them). The umount command (option B) is also incorrect. It is used to remove a mounted partition from the virtual directory. Option D (the dmesg command) displays boot messages, and option E (the mkinitrd command) crates an initrd RAM disk, so both are incorrect.
  20. A. The mount command allows you to specify both the partition and the location in the virtual directory where to append the partition files and folders. The files and folders contained in the partition then appear at that location in the virtual directory. The umount command (option B) is used to remove a mounted partition. Option C, the fsck command, is used to fix a hard drive that is corrupted and can't be mounted; it doesn't actually mount the drive itself. The dmesg command in option D is used to view boot messages for the system, which may tell you where a hard drive is appended to the virtual directory, but it doesn't actually do the appending. Option E, the kninitramfs command, creates an initrd RAM disk and doesn't directly handle mounting hard drives to the virtual directory.

Chapter 6: Maintaining System Startup and Services

  1. B, C, E. The init program may exist in the /etc/, /sbin/, or /bin/ directory, depending on your distribution and its version, so therefore options B, C, and E are correct. The /etc/rc.d/ directory is used in SysVint systems and is not a location for the init program, so option A is a wrong answer. The /etc/lib/systemd/ directory is the location of the systemd program, and thus option D is also an incorrect choice.
  2. A, B, C, D, E. This is a tricky question, because all of these statements are true concerning systemd service units. It makes you realize that systemd-managed systems are very flexible.
  3. A. There is no runlevel7.target. The legitimate systemd targets, which provide backward SysV init compatibility, go from runlevel0.target through runlevel6.target. Therefore, option A is the correct answer. The emergency.target is a special systemd target unit used to enter emergency mode. When your system goes into emergency mode, the system only mounts the root filesystem and mounts it as read-only. Therefore, option B is a systemd target unit and not a correct answer. The graphical.target is a legitimate systemd target, which provides multiple users access to the system via local terminals and/or through the network and offers a GUI. Thus, option C is an incorrect choice. The multi-user.target is also a legitimate systemd target, just like the graphical.target, except that it does not offer a GUI. Therefore, option D is also a wrong answer. The rescue.target is like emergency.target, but it mounts the root filesystem for reading and writing. Therefore, option E is an incorrect choice.
  4. C. Any modified systemd service unit configuration file should be stored in the /etc/systemd/system/ directory. This will prevent any package upgrades from overwriting it and keep the directory precedence from using the unmodified service unit copy, which may reside in the /usr/lib/systemd/system/ directory. The directories in options A and B are made up. The /usr/lib/systemd/system/ directory should only store unmodified unit files, which are provided by default, and thus option D is an incorrect answer. The /run/system/systemd/ directory is also made up.
  5. E. For starting Service-B immediately before starting Service-A, the Service-A unit configuration file will need to employ the After directive, set to something like After=Service-B.unit. Therefore, option E is the correct answer. The Conflicts directive sets the unit to not start with the designated units. If any of the designated units start, this unit is not started. Therefore, option A is a wrong answer. The Wants directive sets the unit to start together with the designated units. If any of the designated units do not start, this unit is still started. Therefore, option B is also an incorrect answer. The Requires directive sets the unit to start together with the designated units. If any of the designated units do not start, this unit is not started. Thus, option C is a wrong choice. The Before directive sets this unit to start before the designated units. While this should be set in Service-B's unit configuration file, it does not apply, in this case, to Service-A's configuration file. Therefore, option D is also an incorrect answer.
  6. B, D. Linux systems use environment variables to store information about the shell session and working environment. If you need to ensure that a particular environment variable is set properly for your service, you need to use the Environment directive and/or the EnvironmentFile directive for setting environment parameters. Therefore, options B and D are correct answers. The Type directive sets the unit startup type, which can be, for example, forking. Thus, option A is a wrong answer. The EnvironmentParam is a made-up directive. PATH is an environment variable, which you may modify for your unit's environmental parameters. However, it is not a directive.
  7. D. If a target unit file has the AllowIsolate=no setting, the target cannot be used with the systemctl isolate command. Therefore, option D is the correct answer. Option A's static is an enablement state displayed for a unit file via the systemctl --list-unit-files command. Thus, option A is a wrong answer. The AllowIsolate=yes directive permits the target to be used with the systemctl isolate command. Therefore, option B is also an incorrect choice. The Type=oneshot is a service unit directive, and you would not find it in a target unit file. Thus, option C is a wrong answer. Option E's disabled is also an enablement state, like static, making option E a wrong choice as well.
  8. A. The best command to make the modified file take immediate effect for the OpenSSH service is systemctl reload. This command will load the service configuration file of the running designated service without stopping the service. Therefore, option A is the best answer. A daemon-reload will load the unit configuration file and not the service configuration file. The restart command will stop and immediately restart the service. While this will load the modified service configuration file, it will also disrupt the service for current service users. The mask command prevents a particular service from starting; the unmask command undoes the mask command's effects.
  9. E. To set a particular service unit to start at boot time, you need to use the systemctl enable command followed by the service unit name. Therefore, option E is the correct answer. The restart command will stop and immediately restart the service but does not control whether or not a service unit is started at system boot. The start command will start the service but does not control whether or not a service unit is started at system boot. The isolate command is used with systemd target units, not service units. Option D's disable command will set a particular service unit to not start at boot time (disable it from starting).
  10. B. To change the system's default target, you need to employ the systemctl set-default command, passing the target name as an argument and using super user privileges. The get-default command will show you the system's current default target. The isolate command is used to jump to new targets and not to set default targets. The is-enabled command displays enabled for any service that is configured to start at system boot and disabled for any service that is not configured to start at system boot. It only deals with services, and therefore option D is a wrong choice. The is-active command also only deals with services.
  11. D. The blame command displays the amount of time each running unit took to initialize, and the units and their times are listed starting from the slowest to the fastest. That way, you can start investigating the units at the list's top. The time command displays the amount of time system initialization spent for the kernel, and the initial RAM filesystem, as well as the time it took for normal system user space to initialize. However, it does not help you determine which unit configurations may be to blame for the slow boot. The dump command displays data concerning all the units and the data is not in a format that lets you easily track down what unit takes the most time to initialize at boot. Therefore, option B is an incorrect choice. Option C's failure is a service state, indicating that the service has failed. The verify command is handy in that it scans unit files and displays warning messages if any errors are found. However, it does not provide configuration information that can assist you in uncovering the reason a system is slow to boot.
  12. C, E. Debian-based Linux distributions that use SysV init only use runlevels from 0 through 2. The runlevel command shows the previous runlevel, or N for newly booted. Therefore, the only options that this runlevel command would show on an older Debian-based Linux distribution system, which uses SysV init, are C and E. Option A is incorrect, because it shows 5 as the current runlevel, and Debian-based distros don't use that runlevel. Option B is also incorrect, because it also shows 5 as the current runlevel. Option D is incorrect because it shows 3 as the current runlevel, and the Debian-based distros do not use that runlevel either.
  13. A. For SysV init systems, the default runlevel is stored within the /etc/inittab file within the initdefault record. Therefore, option A is the correct answer. The /etc/rc.d is a directory and not a file. Thus, option B is a wrong answer. The rc file is a script that can reside in either the /etc/init.d/ or the /etc/rc.d/ directory. It runs the scripts that start the various system services when jumping runlevels or booting the system. However, this script does not contain any information concerning the default runlevel. Therefore, options C and D are incorrect choices. The /etc/rc.local file allows you to issue certain commands or run any scripts as soon as system initialization is completed. However, this script also does not contain any information concerning the default runlevel.
  14. C. The directory that stores the service startup scripts for an old (and a new) SysV init system is the /etc/init.d/ directory. Therefore, option C is the correct answer. The /etc/rc.d/rcn.d/ directories are used on a SysV init system, but they contain symbolic links to the scripts within the /etc/init.d/ directory. Thus, option B is an incorrect answer. Options A, D, and E are all systemd directories. Therefore, they are incorrect choices.
  15. A, B, D, E. Runlevel 1 is also called single-user mode. You can employ either the init or the telinit command to jump to that runlevel and pass them one of the three following arguments: 1, s, or S. Therefore, options A, B, D, and E are correct answers. You cannot use the one argument to reach runlevel 1, and therefore option C is the only wrong choice.
  16. B. The best command to use is the service status command, passing the service name to it as an argument. This will display the service's current status and allow you to start the troubleshooting process quickly. Therefore, option B is the correct answer. The service start command will start the designated service, but you do not know whether or not this service was stopped. Thus it is not the best command to use, and option A is an incorrect choice. The service --status-all command is not the best command to use because it shows the status of all the various services. Thus, option C is a wrong answer. The service stop command will stop the designated service and provide a FAILED status if it was already stopped. However, this is not the best way to check a service's status on a SysV init system. The service reload command will load the designated service's configuration file and provide a FAILED status if the service is stopped. Yet again, this is not the proper way to check a service's status.
  17. D. To enable the DHCP service on your Red Hat–based SysV init system for runlevels 3 and 5, the correct command to use is the chkconfig --levels 35 dhcp on command. Therefore, option D is the correct answer. Options A and E are incorrect, because you cannot use the service command to enable SysV init services. Option B is a wrong answer because you cannot use a delimiter, such as a comma, to separate the runlevel list. Option C is an incorrect choice because this command has its service name and the on argument flip-flopped.
  18. E. To enable the DHCP service on your Debian-based SysV init system for default runlevels, the correct command to use is update-rc.d dhcp defaults. Therefore, option E is the correct answer. Option A is incorrect because the last command argument should be defaults and not default. Option B is a wrong answer because you cannot use the chckconfig command on a Debian-based distribution. Option C is an incorrect choice because this command has the service name and the default argument flip-flopped. Also, it is using the wrong argument—the argument should be defaults. The command used in option D is incorrect because this command has the service name and the defaults argument flip-flopped.
  19. C. The mount unit filenames are created by having the absolute directory reference's preceding forward slash (/) removed, subsequent forward slashes are converted to dashes (–), and trailing forward slashes are removed. Mount unit filenames also have a .mount extension. Therefore, the mount unit file for the /var/log/ mount point would be var-log.mount. Thus, option C is the correct answer. The /var/log.mount unit filename is incorrect because the forward slashes were not removed or replaced. The /var/log.unit base name is incorrect because the forward slashes were not removed or replaced. Also, the wrong file extension is used. The var-log.unit base name is incorrect because the wrong file extension is used. The var/log.mount unit filename is incorrect because the middle forward slash was not replaced by a dash.
  20. A, C, D. For systemd automount unit files, the only directives that can be included in the [Automount] file section are Where, DirectoryMode, and TimeOutIdleSec. Thus, options A, C, and D are correct answers. The Options and What directives are ones you would see in a mount unit file's [Mount] section. Therefore, options B and E are incorrect choices.

Chapter 7: Configuring Network Connections

  1. C, D. The nmtui command provides an interactive text menu for selecting a network interface and setting the network parameters, and the ip command provides a command-line tool for setting network parameters, so both options C and D are correct. The netstat command displays information about network connections, but it doesn't set the network parameters, so option A is incorrect. The ping command can send ICMP packets to a remote host but doesn't set the local network parameters, so option B is incorrect. The route command sets the routing network parameters, but not the IP address or subnet mask, so option E is incorrect.
  2. B. Starting with version 17.04, Ubuntu has switched to using the Netplan tool to set network address information, so option B is the correct answer. The netstat command doesn't set network information, but instead displays active network connections, so option A is incorrect. The iwconfig command sets wireless network parameters, but not network address information, so option C is incorrect. The route command sets default router information, but not network address information, so option D is incorrect. The ifconfig command does set network address information, but it isn't used by the newer versions of Ubuntu, so option E is incorrect.
  3. A. The ethtool command displays features and parameters for network cards, so option A is the correct answer. The netstat command displays network statistics and connections, so option B is incorrect. The iwconfig and iwlist commands are used to set wireless network parameters and not Ethernet card settings, so options C and D are incorrect. The route command sets or displays routing information and not Ethernet card settings, so option E is incorrect.
  4. E. The ss command displays a list of the open ports on a Linux system, along with the processes associated with each port, so option E is correct. The iwconfig command sets wireless network information, not open ports, so option A is incorrect. The ip command displays or sets network information on a network interface but doesn't display open ports, so option B is incorrect. The ping command sends ICMP messages to a remote host but doesn't display any open ports, so option C is incorrect. The nmtui command allows you to configure network parameters for a network interface but doesn't display the open ports on the system, so option D is incorrect.
  5. A, C. The nmcli and the ip commands both allow you to set and change network settings from the command line, so options A and C are both correct. The iwconfig command only sets wireless network information, so option B is incorrect. The netstat command displays open ports but doesn't change any network settings, so option D is incorrect. The ping command sends ICMP packets to remote hosts for testing, but it also doesn't set any network settings, so option E is incorrect.
  6. A. The default router is used to send packets from the local network to remote networks, so to communicate with a remote host you need to define the default router address, making option A correct. The netmask only defines the local network; it doesn't define what to do with packets for remote hosts, so option B is incorrect. The hostname and IP address only define features of the local host, so options C and D are incorrect. The DNS server defines how to retrieve the IP address of a host based on its domain name, so option E is incorrect.
  7. E. The DNS server maps the hostname to an IP address, so you must have a DNS server defined in your network configuration to be able to use hostnames in your applications. Thus, option E is correct. The default router only defines how to send packets to remote hosts; it doesn't map the host name to the IP address, so option A is incorrect. The netmask value defines the local network, but not how to map hostnames to IP addresses, so option B is incorrect. The hostname and IP address define features of the local host, so options C and D are incorrect.
  8. B. The Dynamic Host Configuration Protocol (DHCP) is used to assign dynamic IP addresses to client workstations on a network, so option B is correct. The default router can't assign addresses to devices, so option B is incorrect. The ARP table maps the hardware address of the network card to IP addresses but doesn't assign the IP addresses, so option C is incorrect. The netmask value determines the network address but not the IP address of the host, so option D is incorrect. The ifconfig command can set the static IP address of the host but doesn't automatically assign the IP address, so option E is incorrect.
  9. B. The loopback address is a special address assigned to the loopback interface that allows local applications to communicate with each other, making option B the correct answer. Dynamic and static IP addresses are assigned to network interfaces, which interact with remote systems, not local applications, so options A and C are incorrect. The hostname identifies the local host for remote connections, not for local applications, so option D is incorrect. The MAC address identifies the network card hardware address but isn't used by local applications, so option E is incorrect.
  10. A. The dig command can display individual host records for a domain, which you can use to find the MX mail host for the domain, so option A is correct. The host command only displays host IP address information; it can't determine the server type from the DNS records, so option D is incorrect. The netstat and ss commands display active network connections, but not the remote host types, so options B and E are both incorrect. The ping6 command sends IPv6 ICMP packets to test remote hosts but can't tell if the remote host is a mail server, so option C is incorrect.
  11. B. The ss command can display both open ports and the applications that own them, so option B is correct. The ip and ifconfig commands just display or set network settings, so options A and E are incorrect. The host and dig commands only display hostname information, so options C and D are also incorrect.
  12. A. Red Hat–based systems use separate files to store the IP address and router information. Those files are stored in the /etc/sysconfig/network-scripts folder, making option A correct. Option B is where Debian-based systems store the interfaces file, which contains the network configuration settings. The ifcfg-eth0 is a file used to store the configuration, not a folder, so option C is incorrect. The ifconfig and iwconfig are commands and not folders, so options D and E are incorrect.
  13. B. The Debian system uses the iface setting to set features for an interface, and you must specify the dhcp option to dynamically obtain an IP address, making option B correct. Options C and E are incorrect since they don't use the iface setting. Option A sets a static IP address for the interface and not a dynamic address, so it's incorrect. Option D sets a link local IPv6 address and not a dynamic IP address, so it's incorrect.
  14. B. The DNS servers are listed in the /etc/resolv.conf configuration file using the nameserver setting, so option B is correct. The /etc/dhcpd.conf file defines configuration settings for a DHCP server, so option A is incorrect. The /etc/nsswitch.conf file defines the order in which the system searches for a hostname, not the list of DNS servers used, so option C is incorrect. The /etc/network/interfaces file defines the network interfaces for a Debian-based system, not the list of DNS servers, so option D is also incorrect. The /etc/sysctl.conf file defines kernel network parameters and not a list of DNS servers, so option E is incorrect.
  15. A. The ifconfig command must specify the network interface, the IP address, then the netmask option before the netmask address. You can use the up or down option to place the network card in an active or inactive state by default, but it's not required. Option A is the only option that uses the correct values in the correct order. Option C is close but fails to specify the network interface. Option B is not in the correct format, and options D and E fail to list the necessary configuration settings.
  16. A. The iwlist command displays the available wireless network access points detected by the wireless network card, so option A is correct. The iwconfig command configures the network card to connect to a specific access point but doesn't list all of the detected access points, making option B incorrect. Option C specifies the ifconfig command, which is used to assign an IP address to a wireless network card but doesn't list the access points. The ip command specified in option D likewise can be used to set the IP address of the card but doesn't list the access points. Option E, the arp command, maps hardware addresses to IP addresses so that you can find duplicate IP addresses on your network, but it doesn't list the wireless access points.
  17. D. The SSID value defines the access point name, and it is set using the essid option in the iwconfig command, making option D the correct answer. The key option specifies the encryption key required to connect to the access point but not the access point name, making option A incorrect. The netmask and address values aren't set by the iwconfig command, so options B and C are incorrect. The channel option defines the radio frequency the access point uses, not the access point name, so option E is also incorrect.
  18. E. The ip command allows you to both display and set the IP address, netmask, and default router values for a network interface, so option E is correct. The ifconfig command can set the IP address and netmask values, but not the default router. The iwconfig command is used to set the wireless access point settings, and the router command is used to set the default router but not the IP address or netmask values. The ifup command only activates the network interface; it can't set the address values.
  19. C. The ping command sends ICMP packets to a specified remote host and waits for a response, making option C the correct answer. The netstat command displays statistics about the network interface, so it's incorrect. The ifconfig command displays or sets network information but doesn't send ICMP packets, making option B incorrect. The iwconfig command displays or sets wireless network information, but it doesn't handle ICMP packets, making option D incorrect. The ss command displays information about open connections and ports on the system, so option E is also incorrect.
  20. B. The tcpdump command displays network packets that traverse the system network interface, so you can use that for monitoring application packets on the network, making option B the correct answer. The nc command allows you to manually send packets on the network, but it doesn't allow you to monitor application packets, so option A is incorrect. The ping and traceroute commands only send ICMP packets to remote servers; they don't monitor packets, so options C and D are incorrect. The mtr command can display the connectivity status to a remote server, but it doesn't allow you to view application packets going to the server, so option E is incorrect.

Chapter 8: Comparing GUIs

  1. C. A desktop environment is a series of components that work together to provide the graphical setting for the user interface. Therefore, option C is the correct answer. A graphical user interface (GUI) is a set of programs that allow a user to interact with the system via icons, windows, and various other visual elements. Thus, option A is a wrong answer. A display manager operates the screen where you choose a username and enter a password to gain system access. Therefore, option B is an incorrect choice. A file manager is the program that allows you to perform file maintenance activities graphically. Thus, option D is also a wrong choice. A window manager is a set of programs that determine how the windows are presented on the desktop. Therefore, option E is also an incorrect choice.
  2. A, B, C, E. A favorites bar, file manager, icons, and a system tray are all part of a graphical UI. Therefore, options A, B, C, and E are correct choices. A command line is a location to enter text-based commands, and while you can reach it from the GUI using a terminal emulator, it is not considered to be part of the graphical UI. Therefore, option D is the only incorrect choice.
  3. A. SDDM (Simple Desktop Display Manager) is the default display manager for the KDE Plasma desktop environment. Therefore, option A is the correct answer. Files, also called GNOME files, is the file manager within the GNOME Shell desktop environment. Therefore, option B is a wrong answer. Mutter is the GNOME shell window manager, and thus option C is an incorrect answer. GDM stands for the GNOME Display Manager. Therefore, option D is a wrong choice. Dock is another name for the GNOME Shell Dash, which is the favorites bar within GNOME Shell. Thus, option E is also an incorrect choice.
  4. C. The KDE Plasma's file manager is named Dolphin. Therefore, option C is the correct answer. Nautilus is the file manager on the Unity desktop environment, and therefore, option A is a wrong answer. Plasmoid is another name for a KDE Plasma widget. Thus, option B is an incorrect answer. Kwin is the KDE Plasma's window manager, and therefore option D is a wrong choice. Nemo is the default file manager on the Cinnamon desktop environment. Thus, option E is an incorrect choice.
  5. C, D. MATE's display manager is LightDM, and its file manager is Caja. Therefore, options C and D are correct answers. MATE was a fork of the GNOME 2 desktop environment and not GNOME Shell, so option A is a wrong answer. MATE uses a fork of Metacity, called Marco, as its window manager, so option B is also a wrong choice. At the time this book was being written, MATE was being actively developed, so option E is an incorrect choice.
  6. A. The sound keys accessibility setting provides beeps whenever the Caps Lock or Num Lock key is turned on or off. Therefore, option A is the correct answer. A program that reads the GUI aloud, such as Orca, is a screen reader. Thus, option B is a wrong answer. The cursor blinking setting modifies the cursor blink rate to make it easier to locate the cursor on the screen. Therefore, option C is also an incorrect answer. Output to a refreshable braille display is provided by the Orca screen reader, which is a screen reader. Thus, option D is a wrong choice. Zoom settings allow the screen or a screen portion to be amplified to different magnification levels. Therefore, option E is also an incorrect choice.
  7. D. The braille display device would be using the brltty service. The proper systemctl command to restart the services is in option D. Options A, B, and C all use incorrect names for the braille service. The command in option E would reload any modified brltty configuration files but not restart the service. Therefore, option E is also an incorrect choice.
  8. A. Slow keys are a keyboard option that modifies how long a key must be pressed down to acknowledge the key. Therefore, option A is the correct answer. Sticky keys are a keyboard option that sets keyboard modifier keys, such as Ctrl and Shift, to maintain their pressed status until a subsequent key is pressed. Thus, option B is a wrong answer. Repeat keys are a keyboard option that modifies how long a key must be pressed down and that defines a delay to acknowledge the key repeat. Therefore, option C is also a wrong choice. Simulated secondary click is actually a mouse option, and it sets a primary key to be pressed along with a mouse click to emulate secondary mouse clicks. Thus, option D is an incorrect answer. A screen keyboard is a keyboard option that displays a visual keyboard on the UI that can be manipulated by a mouse or other pointing device to emulate keystrokes. Therefore, option E is also an incorrect choice.
  9. E. The display server uses a communication protocol to transmit the desires of the UI to the operating system, and vice versa. Therefore, option E is the correct answer. A window manager is a program that communicates with the display server on behalf of the UI. Thus, option A is a wrong answer. A display manager controls the desktop environment's login screen, where you choose a username and enter a password to gain system access. Therefore, option B is also a wrong choice. A desktop environment is a user environment that provides a predetermined look and feel to a GUI, but it does not transmit the desires of the UI to the operating system, so option C is a wrong answer. A window server is another name for a window manager, and thus, option D is also an incorrect answer.
  10. A, C, D, E. A compositor arranges various display elements within a window to create a screen image. Therefore, option A is a correct answer. Both Mutter and Kwin, even though their primary duty is as a window manager, also contain compositors. Thus, options C and D are correct answers too. Weston is a compositor for the Wayland display server, so option E is also a correct choice. Wayland is a display server and not a compositor. Thus, option B is the only wrong answer.
  11. B, D. Wayland does use the $WAYLAND_DISPLAY environment variable, so option B is a correct answer. Also, XWayland supports legacy X11 programs. Therefore, option D is an additional correct answer. Wayland is a replacement for the X11 display server, and it is designed to be more secure. Thus, option A is a wrong answer. Wayland's compositor is swappable and there are several other compositors besides Weston available for use with Wayland. Therefore, option C is a wrong choice. In order to disable Wayland in GNOME Shell, you edit the /etc/gdm3/custom.conf file and set WaylandEnable to false. Thus, option E is also an incorrect answer.
  12. C. The loginctl command will help you determine your current GUI session number. You can then use the loginctl command again along with your session number to determine if your GUI session is Wayland or X11. Thus, option C is the correct answer. While you can issue the command echo $WAYLAND_DISPLAY to help determine if your GUI session is Wayland or X11, $WAYLAND_DISPLAY by itself does nothing. Therefore, option A is a wrong answer. AccessX is a program that originally provided many universal access settings. There is no environment variable used by Wayland or X11 called $AccessX, and thus, option B is an incorrect answer. The $X11 environment variable is made up, so option D is a wrong choice. The runlevel command allows you to determine your system's current run level and is not used in determining display servers. Therefore, option E is also an incorrect choice.
  13. C. When your display server is Wayland, some commands, such as gnome-shell --replace, do not work in your GUI session. Therefore, option C is the correct answer. The scenario does not indicate that the X11 display server is hung. So please don't reboot your server and know that option A is a wrong answer. The error message does not indicate that the -R option should be used instead. Thus, option B is an incorrect answer. If XWayland was being used, you would not receive an error message. Therefore, option D is also a wrong choice. If Wayland was disabled for the session, the command would not generate an error message. Thus, option E is an incorrect choice.
  14. B, C, E. The X.Org foundation does develop an X server, called X11. The X server is being replaced by Wayland. X is short for X Window System, which is a display server. So options B, C, and E are correct. XFree86 was the dominant server implementing X until 2004. Now the dominant server is the X.Org foundation's X11 server, so option A is a wrong answer. The X.Org's server implements the X Window System version 11, and that is why it is sometimes called X11. It is not due to the number of graphical sessions a particular user can have. Therefore, option D is also an incorrect choice.
  15. A, D. The xwininfo and xdpyinfo commands provide information about the X server, including the different screen types available, the default communication parameter values, and protocol extension information as well as individual window information. These two utilities would be the best ones to start diagnosing the problem. Therefore, options A and D are correct answers. Xorg -configure creates a new X11 configuration file for your perusal, which may be useful later on in the troubleshooting process. However, this is not the best command to start diagnosis. Therefore, option B is a wrong answer. The xcpyinfo command is made up, making option C an incorrect answer. The loginctl command can help you determine whether or not the user is using X11 or Wayland, but since you already know that the X display server is running, issuing this command will not help. Thus, option E is an incorrect answer as well.
  16. A, B, C, D. SPICE, NX, Xrdp, and VNC are all remote desktops. Therefore, options A, B, C, and D are correct answers. Caja is the file manager in the MATE desktop environment and not a remote desktop. Thus, option E is the only incorrect answer.
  17. A, D. SPICE and VNC are the remote desktops, which are typically used with virtual machines. By default, VNC is used with KVM virtual machines. However, you can replace VNC with SPICE. Thus, options A and D are the correct answers. NX and Xrdp are not typically used with virtual machines, and thus, options B, C, and E are not correct answers.
  18. E. The Xrdp remote desktop software uses the Remote Desktop Protocol (RDP). Thus, option E is the correct answer. The Remote Frame Buffer (RFB) protocol is used by VNC. Thus, option A is a wrong answer. The Wayland protocol is used by the Wayland display server. Therefore, option B is also a wrong choice. Option C is also an incorrect answer, because the NX technology protocol is used by the NX remote desktop. The Simple protocol for ICEs, or Simple Protocol for Independent Computing Environments (SPICE), is used by the Spice remote desktop. Thus, option D is also an incorrect choice.
  19. A, C, E. You need to indicate to the openSSH server that no terminal is required because you are only establishing a tunnel. Therefore, the -N switch is needed. The -f switch will send the openSSH tunnel into the background, freeing up your command-line interface so that you can type remote desktop commands. The local mode of the ssh command requires that you use the -L switch to specify the local system as well as the local and remote ports to be used. Therefore, options A, C, and E are correct. The -X switch is not used in SSH port forwarding, so option B is a wrong answer. The -R switch is used for remote mode SSH port forwarding. Therefore, option D is also an incorrect choice.
  20. B. You need to employ X11 forwarding. To properly and securely access the remote Linux system and run an X11-based application, the command in option B is the best choice. The command in option A uses the trusted X11 via the -Y switch, which is not secure. Therefore, option A is a wrong answer. The command in option C also uses the -Y switch, so option C is also an incorrect answer. The command in option D uses the correct command switch but sends the connection to the laptop instead of the rack-mounted Linux server. Thus, option D is a wrong answer. The command in option E is using the -L switch, which is for local SSH port forwarding, and it uses the wrong syntax for that switch and attempts to send the connection to the laptop. Thus, option E is a very incorrect answer.

Chapter 9: Adjusting Localization Options

  1. C. The ASCII character set uses a 7-bit code to store English language characters, so option C is correct. The UTF-8 character set uses 1 byte (8 bits) to store characters, so option A is incorrect. The UTF-16 character set uses 2 bytes (16 bits) to store characters, so option B is incorrect. The Unicode character set uses 3 bytes (24 bits) to store characters, so option D is incorrect, and the UTF-32 character set uses 4 bytes (32 bits) to store characters, so option E is incorrect.
  2. A, B. The UTF-8 and UTF-16 character sets use a transformation process to reduce the Unicode character set into 1 byte (UTF-8) or 2 byte (UTF-16) values, so options A and B are correct. The ASCII character set doesn't transform any characters, so option C is incorrect. The Unicode character set also doesn't transform characters, so option D is incorrect. locale is a Linux command and not a character set, so option E is incorrect.
  3. E. The Unicode character set uses 3 bytes to store characters, which provides enough space to represent all the characters in the known world languages, so option E is correct. The ASCII character set only supports English language characters, so option A is incorrect. The LC_ALL environment variable defines a character set to use for the Linux system but isn't a character set in itself, so option B is incorrect. Both the UTF-8 and UTF-16 character sets are a subset of the Unicode character set, so they can't represent all the language characters in use in the world, so options C and D are incorrect.
  4. E. The locale command displays all of the LC_ environment variables and their values, so option E is correct. The date command only displays the time and date, not the localization information, so option A is incorrect. The time command displays the amount of time an application uses on the system, not the localization information, so option B is incorrect. The hwclock command displays the hardware clock time, not the localization information, so option C is incorrect. The LANG environment variable allows you to set all the LC_ environment variables in one place, but it doesn't display all their settings, so option D is incorrect.
  5. C, E. The LANG and LC_ALL environment variables control all the localization environment variable settings, so options C and E are correct. The LC_MONETARY, LC_NUMBERIC, and LC_CTYPE environment variables each control a single category of localization environment variables, but not all of the localization environment variables, so options A, B, and D are all incorrect.
  6. B. Localization is the process of adapting a Linux system's character set to use a local language, so option B is correct. The locale command allows you to view the character sets, but it doesn't adapt the Linux system to the locale environment, so option A is incorrect. The character set is used to specify language characters, but it doesn't adapt the Linux system to a specific language, so option C is incorrect. Unicode and ASCII are two types of character sets, and they don't adapt the Linux system to a specific language, so options D and E are incorrect.
  7. D. The localectl command is part of the Systemd package and allows you to display and change the localization settings for your Linux system, so option D is correct. The timedatectl command is also part of the Systemd package, but it only applies to time and date changes and not the localization changes, so option A is incorrect. The time, date, and locale programs are legacy programs and not part of the Systemd package, so options B, C, and E are incorrect.
  8. B. The export command sets the value associated with an environment variable, so option B is correct. The time command displays the amount of time an application used on the system, not the values of an environment variable, so option A is incorrect. The locale command displays the values of the localization environment variables but doesn't allow you to change them, so option C is incorrect. The date command displays and sets the time and date values but not the localization environment variables, so option D is incorrect. The hwclock command displays and sets the hardware clock but not the localization environment variables, so option E is incorrect.
  9. B. The LC_MONETARY environment variable determines the character set used for displaying monetary values, so option B is correct. The LC_NUMERIC environment variable determines how Linux displays numeric values, so option A is incorrect. The LC_CTYPE environment variable determines the default character set used by programs but not necessarily only for monetary values, so option C is incorrect. The LC_TIME environment variable determines how the Linux system displays time, not monetary values, so option D is incorrect. The LC_COLLATE environment variable determines how Linux sorts alpha characters, not how it displays monetary values, so option E is incorrect.
  10. A. Each time zone determines the offset from UTC that applies to a specific location, so option A is correct. The localization determines the character set used to display language characters but not the time, so option B is incorrect. The character set determines how to display the language characters but not the time, so option C is incorrect. The locale determines how Linux displays the time but not the actual time setting, so option D is incorrect. The hardware clock is the time the physical workstation or server is set to in BIOS or UEFI; it doesn't necessarily represent the time relative to UTC and can even be stored as a UTC value, so option E is incorrect.
  11. B, E. Both the hwclock and timedatectl commands retrieve the time and date from the physical workstation or server, so options B and E are correct. The date command displays the system time and date, not the time and date set on the physical hardware, so option A is incorrect. The time command displays the amount of time a program uses on the system, not the physical hardware time and date on the workstation or server, so option C is incorrect. The locale command displays the localization environment variables and their values, not the hardware time and date, so option D is incorrect.
  12. A. Red Hat–based systems use the /etc/localtime file to store the appropriate time zone file for the location where the system is running, so option A is correct. The /etc/timezone file is normally used by Debian-based systems, so option B is incorrect. The /usr/share/zoneinfo folder stores time zone files that you must copy to the /etc/localtime file, so option C is incorrect. The /usr/share/timezone and /usr/share/localtime folders are incorrect folder names, so options D and E and incorrect.
  13. B. The /usr/share/zoneinfo folder contains template files for each of the time zones supported in Linux, so option B is correct. The /etc/localtime and /etc/timezone files are the locations where you copy or link the appropriate time zone file to, but neither of them is the template folder, so options A and C are incorrect. The $HOME folder contains the user environment settings and user files but not the time zone template files, so option D is incorrect. The /usr/share/timezone folder is an incorrect folder name, so option E is incorrect.
  14. B. The timedatectl command from the Systemd package displays the current date, the Linux system time, the hardware clock time, and the time zone, so option B is correct. The date command displays the current system time, date, and time zone but not the hardware time, so option A is incorrect. The time command displays the amount of time an application uses on the CPU, not the current date and time, so option C is incorrect. The hwclock command displays the current hardware time but not the system time, date, or time zone, so option D is incorrect. The localectl command displays the localization settings for the system but not the time, date, hardware time, or time zone, so option E is incorrect.
  15. A. The date command allows you to specify a format for displaying the time and date, so option A is correct. The time command displays the amount of CPU time an application consumes, not the current time and date, so option B is incorrect. The timedatectl command displays the current time and date but doesn't allow you to format the output, so option C is incorrect. The localectl command displays the localization settings for the system, but not the current time and date, so option D is incorrect. The hwclock command displays the current hardware time but doesn't allow you to specify the format, so option E is incorrect.
  16. A, D. The hwclock and timedatectl commands allow you to synchronize the Linux system time to the workstation BIOS time, so options A and D are correct. The date command allows you to change the date and time, but it doesn't allow you to synchronize it with the workstation BIOS time, so option B is incorrect. The time command allows you to display the amount of CPU time an application consumes, but it doesn't allow you to synchronize the system time with the workstation BIOS time, so option C is incorrect. The localectl command is used for localization, not for setting the time, so option E is incorrect.
  17. B. Red Hat–based Linux systems utilize the chrony software package for connecting to network time servers. The ntpd package is a legacy software package and not often used, so option A is incorrect. The localectl command isn't used for setting time, so option C is incorrect. While you can set the local time using the timedatectl command, you can't use it to set the time using a network time server, so option D is incorrect. Although Red Hat–based systems utilize the Systemd utilities, they don't use the timesyncd program for network time, so option E is incorrect.
  18. E. The TZ environment variable overrides the default system time zone for session applications, so option E is correct. The LANG and LC_ALL environment variables set the entire system time zone, not just the programming environment, so options A and D are incorrect. The LC_MONETARY and LC_NUMERIC environment variables set the localization for money values and numeric values, but they don't change the time zone setting, so options B and C are incorrect.
  19. C. The UTF-8 character set duplicates the ASCII character set, and it's the default used in most U.S. Linux installations, so option C is correct. The Unicode, UTF-16, and UTF-32 character sets use more than 1 byte to represent characters, so they are not often used for English language characters, making options A, B, and D incorrect. The locale command displays the localization environment variables and their values—it is not a character set code, so option E is incorrect.
  20. B. The localectl command uses the list-locales option to display all the localizations installed on the Linux system, so option B is correct. The timedatectl command displays the local time and date, but it doesn't provide information on which localization files are installed, so option A is incorrect. The locale command displays the localization environment variable settings but doesn't list which localizations are installed, so option C is incorrect. The LANG and LC_ALL environment variables set the current localization but can't display which ones are installed on the system, so options D and E are incorrect.

Chapter 10: Administering Users and Groups

  1. A, B, E. The user account's username, password (though it typically only contains an x), and UID are all legitimate fields in an /etc/passwd file record. Therefore, options A, B, and E are correct answers. The password change date and special flag are fields in the /etc/shadow file. Thus, options C and D are incorrect choices.
  2. A, B, C. The password expiration date, account expiration date, and password are all legitimate fields in a /etc/shadow file record. Therefore, options A, B, and C are correct answers. The comment and default shell are fields in the /etc/passwd file. Thus, options D and E are incorrect choices.
  3. E. The user account's username is the only field within an /etc/passwd and an /etc/shadow record that contains the same data. Therefore, option E is the correct answer. While both files have a password field, they do not contain the same data. The password can only exist in one of the two files, preferably the /etc/shadow file. Thus, option A is a wrong answer. The account expiration date only exists in the /etc/shadow file, so option B is also a wrong choice. The UID and GID fields only exist in the /etc/passwd file, so options C and D are also incorrect answers.
  4. B, D, E. Though not very efficient, the cat /etc/passwd command would allow you to view the NUhura account's record within the /etc/passwd file. The grep NUhura /etc/passwd and getent passwd NUhura commands also would allow you to see the NUhura record. So options B, D, and E are correct choices. The getent command in option A has got the username and filename flip-flopped, so it is an incorrect choice. Also, the passwd NUhura command attempts to change the account's password instead of display its file record, so option C is also an incorrect answer.
  5. E. The useradd -D command allows you to view the account creation configuration directives in the /etc/default/useradd file. Therefore, option E is the correct answer. The /etc/passwd, /etc/shadow, and /etc/group files do not contain account creation configuration directives, so options A, B, and C are wrong answers. While the /etc/login.defs file does contain account creation configuration directives, you cannot display it with the useradd -D command. Therefore, option D is also an incorrect choice.
  6. C. If the CREATE_HOME directive is not set or it is set to no, when a user account is created no home directory will be created by default. Most likely this caused the problem, so option C is the correct answer. The HOME directive determines what base directory name is used when creating home directories for new accounts, so option A is a wrong answer. If you did not employ super user privileges, you would not have been able to even create the account, so option B is a wrong choice. The INACTIVE directive pertains to when an account will be considered inactive, so option D is also an incorrect answer. The EXPIRE directive is involved with account expiration and not home directory creation. Therefore, option E is also an incorrect choice.
  7. D. To immediately remove the KSingh account and all his home directory files, using super user privileges you would use the userdel -r KSingh command. Therefore, option D is the correct answer. There is no -r option for the usermod command, so option A is a wrong answer. The rm -r /home/KSingh command would only remove the account's home directory files and not delete the user account. Therefore, option B is an incorrect answer. The userdel command without any options would only delete the account and not remove any of its home directory files, so option C is a wrong choice. The -d option on the usermod command is for changing an account's home directory. Therefore, option E is also an incorrect choice.
  8. A, B, C, E. The passwd, usermod, userdel, and chage commands can all manipulate (or remove) an account's /etc/shadow file record data in some way. Therefore, options A, B, C, and E are all correct. While the getent command will allow you to display selected records from the /etc/shadow file, it will not allow you to manipulate data records within the file. Therefore, option D is the only incorrect choice.
  9. B. The newgrp command will let you switch temporarily from your account's default group to another group with whom you have membership. Therefore, option B is the correct answer. The usermod command could make that switch, but it is not best for temporary situations, so it is an incorrect choice. The groups command allows you to display group information, but not change groups, so it also is a wrong answer. The groupadd and groupmod commands deal with group management, but not temporarily switching an account's default group. Therefore, options D and E are also incorrect choices.
  10. C. The usermod -aG NCC-1701 JKirk command would add JKirk to the NCC-1701 group as a member and not remove any of the account's previous group memberships. Therefore, option C is the correct answer. The usermod -g NCC-1701 JKirk command would change the JKirk account's primary group membership, so option A is a wrong answer. The command in option B would add the JKirk account as a member to the NCC-1701 group, but it would remove any of the account's previous group memberships. Thus, option B is an incorrect answer. The groupadd NCC-1701 command would only add the NCC-1701 group. Therefore, option D is a wrong answer as well. The groupmod command is for modifying groups, and so the command in option E would have undesirable results. Thus, option E is an incorrect choice.
  11. B, D. The getent group NCC-1701 and grep NCC-1701 /etc/group commands would both allow you to see the various NCC-1701 group members. Therefore, options B and D are correct answers. The groups command is for viewing an account's various group memberships. Therefore, option A is a wrong answer. It is always tempting to add an s to the /etc/group filename, because of the groups command. However, it is the group file and not the groups file. Thus, options C and E are incorrect choices.
  12. A. The skeleton directory, /etc/skel, typically contains the user environment files that are copied to the account's home directory when it is created. Therefore, option A is the correct answer. Options B, C, and D all contain references to home (or potential home) directories. That is where the user environment files end up, but not where they come from. Thus options B, C, and D are wrong answers. The /etc/ directory is where the global environment files reside. Therefore, option E is also an incorrect choice.
  13. E. The .bash_profile user environment file is run first if it is found in the user account's home directory. Therefore, option E is the right answer. The .bash_login and .profile user environment files would be ignored if they existed alongside the .bash_profile file within the user's home directory. Thus, options A and C are wrong answers. The .bashrc file is typically called to execute from one of the other user environment files for an interactive login session. Thus, option B is also an incorrect answer. The .bash.bashrc file, though similar in name to a global environment file, does not exist. Therefore, option D is an incorrect choice.
  14. B, C, D, E. Depending on the Linux distribution currently in use, the files (and directory) in options B, C, D, and E may be involved in setting up the global environment. The directory in option A, while similar to a user environment filename, is made up. Therefore, option A is the only incorrect choice.
  15. A, B, E. The whoami, who am i, and id commands will all display information about the current account that is issuing the commands. Therefore, options A, B, and E are correct answers. While the cat commands may display user environment files in the account's home directory, they do not display information concerning the account. Thus, options C and D are incorrect choices.
  16. D. The w command displays CPU load information for the last 1, 5, and 15 minutes as well as data about users who are currently accessing the system. Therefore, option D is the correct answer. The who command will display information concerning users who are currently logged into the system, but not CPU load data. Thus, option A is a wrong answer. The id command displays user account information, not CPU load data or active user info. Therefore, option B is also a wrong choice. The whoami command only displays the username of the current user issuing the command. Thus, option C is an incorrect answer. The last command displays past and present system access information for user accounts but nothing concerning CPU load data. Thus, option E is an incorrect choice.
  17. B. The last command by default pulls its data from the /var/log/wtmp file. Therefore, option B is the correct answer. The w command uses data from the /var/run/utmp file, so option A is a wrong choice. The last command can pull information from an older saved wtmp file, such as /var/log/wtmp.1, but it does not do so by default. Thus, option C is a wrong choice. The /etc/shadow and /etc/passwd files do not contain any data that can be used with the last command. Therefore, options D and E are incorrect answers.
  18. A, C. The usrquota and grpquota options are /etc/fstab settings used to enable user and group quotas for a filesystem. Therefore, options A and C are correct answers. Options B and D contain commands that are used with managing filesystem quotas. Thus, options B and D are wrong answers. The aquota.user is a file that is created when the quotacheck -cu command is employed. Therefore, option E is an incorrect choice.
  19. B. To quickly remove quota limits on all filesystems, you would use the quotaoff -a command. Therefore, option B is the correct answer. Editing the /etc/fstab would take too long because you would have to remove the quota options and then unmount and remount all the filesystems. Thus, option A is a wrong answer. The quotacheck utility creates either the aquota.group file, if the -cg options are used, or the aquota.user file, if the -cu switches are used, or both files if -cug is employed. However, it does nothing for quickly turning off filesystems' quotas. Thus, options C and D are incorrect answers. The umount command will not turn off filesystems' quotas, and therefore option E is also an incorrect choice.
  20. C. The edquota -t command will edit quota grace periods. Therefore, option C is the right answer. The edquota -u command edits a designated user's quota limits. Thus, option A is a wrong answer. The edquota -g command edits a designated group's quota limits. Therefore, option B is also an incorrect answer. The edquota -G command and edquota --grace command are made up. Thus, both options D and E are incorrect choices.

Chapter 11: Handling Storage

  1. A. The solid-state drive (SSD) storage device uses an integrated circuit to store data, so option A is correct. SATA, SCSI, and PATA are drive connection types and not storage device types, so options B, C, and E are all incorrect. The hard disk drive (HDD) storage devices use disk platters and a read/write head to store data, not an integrated circuit, so option D is incorrect.
  2. B. Linux creates files named sdx in the /dev folder for SCSI devices. For the second SCSI device, Linux would create the file /dev/sdb, so option B is correct. The /dev/hdb file would represent the second HDD drive connected to the system, so option A is incorrect, and /dev/sda would represent the first SCSI device connected to the system, so option E is incorrect. Options C and D both represent partitions and not entire drives, so they are both incorrect.
  3. E. The udev program runs in the background on Linux systems and detects and mounts storage devices as they're connected to the system, so option E is correct. The mkfs program creates a filesystem on partitions; it doesn't mount them, so option A is incorrect. The fsck program repairs filesystems but doesn't mount them, so option B is incorrect. The umount program unmounts filesystems, not mounts them, so option C is incorrect. The mount program manually mounts filesystems but doesn't run in the background and automatically detect them, so option D is incorrect.
  4. C. The udev program creates files in the /dev/disk/by-id folder that are linked to the raw device files for storage devices. These files are identified by manufacturer information, including the serial number assigned to the device, so option C is correct. The /dev/disk/by-path folder links files based on the drive's connection to the system, so option A is incorrect. The /dev/sdb file represents the raw device file assigned to the device, not a permanent link file, so option B is incorrect. The /dev/disk/by-uuid folder contains permanent link files based on the device UUID value, not the serial number, so option D is incorrect. The /dev/mapper folder contains files for virtual drives for LVM and multipath systems, not permanent links to raw device files, so option E is incorrect.
  5. B. The GNU gparted program provides a graphical window for managing device partitions, so option B is correct. The gdisk, fdisk, and parted programs are all command-line partitioning tools, so options A, C, and D are all incorrect. The fsck program is a tool to repair filesystems, not create or modify partitions, so option E is incorrect.
  6. A. Linux uses mount points to insert a filesystem on a storage device to the virtual directory, so option A is correct. Unlike Windows, Linux doesn't assign drive letters to storage devices, so option B is incorrect. The /dev files are used as raw devices for storage devices; they don't access the filesystem, so option C is incorrect. The /proc and /sys folders are used by the kernel to display and change storage device information, not add the filesystem to the virtual directory, so options D and E are incorrect.
  7. D. The ext filesystem was the original filesystem used in Linux, and ext4 is the latest version of it, so option D is correct and option C is incorrect. The reiserFS and btrfs filesystems are specialty filesystems created separately from the ext filesystem, so options A and B are also incorrect. The nfs filesystem was created to allow sharing files and folders across networks and wasn't the original Linux filesystem, so option E is incorrect.
  8. B. The mkfs program allows you to create a new filesystem on a partition, so option B is correct. The fdisk, gdisk, and parted programs are used to create or modify partitions but not to work with the filesystem installed on them, so options A, D, and E are all incorrect. The fsck program repairs filesystems but can't create them, so option C is incorrect.
  9. B. The mount program allows you to insert the filesystem on a partition into the virtual directory, so option B is correct. The fsck program repairs filesystems but doesn't insert them into the virtual directory, so option A is incorrect. The umount program removes filesystems from the virtual directory, as opposed to inserting them, so option C is incorrect. The fdisk program partitions devices but doesn't create filesystems or insert them into the virtual directory, so option D is incorrect. The mkfs program creates filesystems but doesn't insert them into the virtual directory, so option E is also incorrect.
  10. A. The fsck program repairs corrupted filesystems, so option A is correct. The mount program inserts filesystems into the virtual directory, but it can't repair them, so option B is incorrect. The umount program removes filesystems from the virtual directory but can't repair them, so option C is also incorrect. The fdisk program creates and modifies partitions but doesn't work with filesystems, so option D is incorrect. The mkfs program creates filesystems but doesn't repair them, so option E is incorrect.

Chapter 12: Protecting Files

  1. E. Scheduling a full archive weekly and implementing a differential backup daily (which backs up all the data that is new or modified since the last full archive) will meet the requirements. Therefore, option E is the correct answer. Since you only want to create a full backup one time per week, option A is a wrong answer. Doing an incremental every day without a periodic full archive would result in a long time period to restore data. So option B does not match the requirements and is an incorrect choice. Doing a differential archive daily also does not fully match the requirements, because you are not conducting a full archive weekly. Thus, option C is a wrong answer. Option D is not as time efficient for a data restore as option E, because you would have to apply each incremental to restore data instead of one differential archive. Therefore, option D is also an incorrect choice.
  2. B. The gzip utility compresses data files and gives them the .gz file extension. Therefore, option B is the correct answer. The xz, bzip2, and zip compression utilities compress a data file and give it a different file extension, so options A, C, and D are wrong answers. The dd utility is not a compression program. Therefore, option E is also a wrong choice.
  3. D. To quickly create an archive of disparate files around the virtual directory structure, the best utility to use is the cpio program. This is because you can employ the find command to locate the files and then pipe the results into the cpio utility. Therefore, option D is the correct answer. While the tar utility uses SNAR files, it is not the most efficient program to use in this scenario, and thus, option A is a wrong answer. The dd utility is used for entire disks or partitions, and therefore, option B is an incorrect answer. The rsync and zip programs are not the most efficient utilities to use in this scenario, so options C and E are also incorrect choices.
  4. E. The tar options -cJvf will create a tarball using the highest compression utility, xz, and allow the administrator to view the files via the verbose option while they are being copied into the compressed archive. Thus, option E is the correct answer. The switches in options A and B perform extracts (-x) and do not create, so they are wrong answers. The only thing wrong with option C is that it employs gzip compression via the -z switch, so it is an incorrect choice. Option D leaves out the verbose switch, so it too is an incorrect choice.
  5. A. The dd command in option A will accomplish the job correctly and is the correct answer. The dd commands in options B through D have the input and output files flip-flopped, so they would destroy the data on the /dev/sdc drive. Therefore, options B, C, and D are wrong answers. The dd command in option E would wipe the /dev/sdc drive using zeros. Therefore, option E is also an incorrect choice.
  6. C. The -a switch allows you to recursively back up a directory tree and preserves all the file metadata. It is equivalent to using the -rlptgoD switches. Therefore, option C is the correct answer. The -r switch only allows recursive operations but does not preserve metadata, such as file ownership. Therefore, option A is a wrong answer. The -z switch employs compression and nothing else, so option B is a wrong choice. The -e and --rsh switches are used to designate a remote program to use when sending files to a remote system. Thus, options D and E are also incorrect choices.
  7. E. When you use the -z switch in conjunction with the rsync utility, you are employing compression from the zlib library. Therefore, option E is correct. And thus, options A, B, C, and D are incorrect choices.
  8. A, B, E. Options A, B, and E are all true statements regarding the scp utility and therefore are correct answers. The scp program is not an interactive utility, and so option C is a wrong answer. Also, the scp utility cannot be interrupted without ill effects (you have to start all over), so option D is also an incorrect choice.
  9. E. The reput command will resume your interrupted operation of uploading a local backup to a remote system. Therefore, option E is the correct answer. The progress command toggles on and off the progress display, so option A is a wrong answer. The get command and the reget command involve downloading a file from a remote system to a local system. Thus, options B and C are wrong choices. Though the put command was probably used prior to the operation's start, it will not resume an upload, so option D is also an incorrect choice.
  10. B. In this scenario, the most likely cause is that the archive got corrupted when it was transferred to the remote system. Therefore, option B is correct. If the local archive was corrupted when it was created, transferring would either corrupt it more or leave it the same. Therefore, option A is a wrong answer. Using incorrect commands within the sftp utility or wrong switches on the md5sum program will not typically cause corruption. Therefore, options C and E are wrong choices. The numbers only match if corruption has not occurred, and thus, option D is also an incorrect choice.

Chapter 13: Governing Software

  1. A, B. When developers distribute their applications as source code tarballs using the tar and gzip utilities, you often need to download the file from a website. The wget and cURL programs allow you to download files from the command line, so options A and B are correct. The dpkg tool is used for installing DEB package files, not tarballs, so option C is incorrect. The rpm and yum tools are used for installing RPM package files, so options D and E are incorrect.
  2. D. The make script runs the necessary compiler steps to compile all of the source code and library files necessary to build the application executable file, so option D is correct. The dpkg tool installs DEB package files, not source code files, so option A is incorrect. The rpm and yum tools are used to install RPM package files, so options B and C are incorrect. The wget program is used to download source code bundles, but not build them, so option E is incorrect.
  3. C. The configure tool assesses your Linux system to ensure that any dependencies are met and that the proper compiler tools are installed and then builds the make script, so option C is correct. The make script along with the install option runs the make script but doesn't create it, so options A and B are incorrect. The gcc program compiles the source code and library files but doesn't create the make script, so option D is incorrect. The dpkg installs DEB package files but doesn't create a make script, so option E is incorrect.
  4. A. The GNU Compiler Collection (gcc) is the most popular compiler used in Linux, so option A is correct. The make utility runs make scripts to help build applications using gcc, but it doesn't compile the source code directly, so option B is incorrect. The configure utility helps build the make script based on the location of the compiler program, but it doesn't compile the source code, so option C is incorrect. The dpkg and rpm programs are package tools for installing DEB and RPM package files, respectively, and aren't used to compile source code files, so options D and E are both incorrect.
  5. E. The tape archive, or tar, application is often used for bundling source code projects into a single distributable file, so option E is correct. The dpkg, rpm, yum, and apt-get programs all work with package management files, and are not for archiving source code files, so options A, B, C, and D are all incorrect.
  6. B. The -zxvf command-line options for the tar program are commonly used to decompress and extract files from a tarball file, so option B is correct. The -Uvh option group is commonly used for the rpm program to install packages, but it's not valid for the tar program, so option A is incorrect. The -xvf command-line option combination extracts files from a tarball but doesn't decompress them, so option C is incorrect. The -zcvf option group will create a new tarball and compress it, not extract and decompress the files, so option D is incorrect. The -cvf option group creates a new tarball file, but it doesn't extract files from an existing file, so option E is incorrect.
  7. B. The Rocky Linux distribution uses the Red Hat package management system, which uses RPM files, so option B is correct. The .deb filename extension is used to identify Debian-based package management files, so option A is incorrect. The .tgz filename extension is used to identify compressed tar archive files, so option C is incorrect. The .tar filename extension is used to identify tar archive files, so option D is incorrect, and the .gz filename extension is used to identify files compressed with the gzip utility, so option E is incorrect.
  8. D. The dpkg program is used to install DEB package files on Debian-based systems, so option D is correct. The rpm, yum, and dnf programs are all tools used for Red Hat–based package management systems, not Debian-based systems, so options A, B, and C are all incorrect. The tar program is used for creating and extracting tarball archive files, not DEB files, so option E is incorrect.
  9. C, E. The yum and dnf programs are used to install RPM packages from Red Hat–based repositories, so options C and E are correct. The dpkg and apt-get programs are used for installing DEB files on Debian-based package management systems, so options A and D are incorrect. The tar program is used for creating and extracting archive files, so option B is incorrect.
  10. A. Red Hat–based Linux distributions use the flatpak application container format to install containers, making option A correct. The snap application container format is used in Ubuntu, but not Red Hat, so option D is incorrect. The rpm and dpkg formats are used in package management, not application containers, so options B and C are incorrect. The gcc program is used for compiling source code into executable programs, so option E is incorrect.

Chapter 14: Tending Kernel Modules

  1. A, C, D, E. A kernel module is a self-contained driver library file, which is not precompiled into the Linux kernel. It can be loaded and unloaded as needed, which provides additional functionality when required. These kernel modules keep the Linux kernel lighter and more agile. Therefore, options A, C, D, and E are all correct answers. The only incorrect answer is option B, and it is wrong because kernel modules are not compiled into the kernel.
  2. B, D. Kernel module files, depending on the distribution, can be stored in a subdirectory of /lib/modules/KernelVersion/ or /usr/lib/modules/KernelVersion/. If the /usr/lib/modules/KernelVersion/ directory is used, it is typically hard-linked to the /lib/modules/KernelVersion/ directory. Therefore, options B and D are correct answers. The other directory names are made up. Thus, options A, C, and E are incorrect choices.
  3. A, B, D, E. Older Linux distributions store module configuration information in a single configuration file, /etc/modules.conf. On more modern distributions, configuration information is stored in *.conf files within the /etc/modprobe.d/, /lib/modprobe.d/, /usr/lib/modprobe.d/, and run/modprobe.d/ directories. Therefore, options A, B, D, and E are all correct answers. The /etc/modules.d/ directory is made up, and thus option C is an incorrect choice.
  4. E. The modinfo utility will allow you to view detailed information concerning a module passed as a command argument. This detailed information includes any dependencies. Therefore, option E is the correct answer. The dmesg command is helpful for viewing any kernel messages concerning module failures but does not display module dependency information. Thus, option A is a wrong answer. The insmod utility is used for loading modules dynamically, and therefore, option B is a wrong choice. The lsmod command displays currently loaded modules. While it does show other modules that are currently using the module, because it does not list dependencies or show information for unloaded modules, it is not the best choice. Thus, option C is also an incorrect answer. The modprobe utility is used for loading and unloading kernel modules, and therefore, it is not the best choice either. Thus, option D is an incorrect choice.
  5. C. The modprobe utility will dynamically load the xyz utility, if you pass it as an argument to the command, and also load any of its needed dependencies. Therefore, option C is the correct answer. The insmod utility is used for loading modules dynamically. However, it will not load any of the module's dependencies, and therefore, option A is an incorrect choice. The modinfo utility allows you to view detailed information concerning a module passed as a command argument, but it does not load modules. Therefore, option B is a wrong answer. The lsmod command displays currently loaded modules, and thus option D is an incorrect answer. The depmod command is used for scanning through the system in order to update the modules.dep file. Therefore, option E is also an incorrect choice.
  6. D. The Linux system typically will automatically detect new hardware and load any needed modules. The depmod command will scan through the system looking for any hardware that was not automatically detected. It determines any needed modules, reviews the modules' dependencies, and updates the appropriate file. Therefore, option D is the correct answer. The lsmod command displays currently loaded modules, and thus option A is an incorrect answer. The modinfo utility allows you to view detailed information concerning a module passed as a command argument. However, if you don't know the device's associated module, this utility is of little use. Therefore, option B is a wrong choice. The dmesg command is helpful for viewing any kernel messages concerning module failures, so if it is a module failure issue, you can view it using this command. However, since the device was not detected, it is not the best command to start the troubleshooting process. Therefore, option C is a wrong answer. The insmod utility is used for loading modules dynamically, and therefore, option E is an incorrect choice.
  7. A. The modprobe utility uses the modules.dep file to determine any module dependencies. Therefore, option A is the correct answer. The other options contain directories involved in the kernel module management, and thus options B, C, D, and E are wrong choices.
  8. E. The insmod utility will allow you to quickly insert a module, whose name is passed as an argument to the command, into the Linux kernel. Therefore, option E is the correct answer. The lsmod command displays currently loaded modules, and thus option A is an incorrect answer. The modinfo utility allows you to view detailed information concerning a module passed as a command argument, but it does not load modules. Therefore, option B is a wrong answer. The dmesg utility displays the kernel's ring buffer but does not allow you to insert modules into it. Thus, option C is also a wrong choice. The depmod command is used for scanning through the system in order to update the modules.dep file. Therefore, option D is also an incorrect choice.
  9. C. The rmmod command will quickly unload a module, but none of its dependencies, from the Linux kernel. Since the abc module does not have any dependencies, option C is the best answer. The insmod utility is used for loading (inserting) a module and not unloading one. Therefore, option A is a wrong answer. The unload command is made up, and thus option B is also an incorrect answer. The modprobe command used without any switches is for loading (inserting) modules, not unloading them. Thus, option D is a wrong choice. The rm -f command is used in removing files, not unloading modules. Therefore, option E is an incorrect answer.
  10. B. The modprobe -r command will remove the module whose name is passed to it as an argument and any of its dependent modules. Therefore, option B is the best answer. The dmesg command is helpful for viewing kernel messages related to module failures but not for unloading modules. Thus, option A is a wrong answer. The lsmod utility shows brief module information for loaded modules but is not involved in the unlinking process. Therefore, option C is also an incorrect answer. The paste command allows you to sloppily put together two files side by side to STDOUT. However, it is not involved with kernel modules, so option D is also a wrong choice. The groupdel utility is used for removing user groups, and it also is not used with kernel modules. Therefore, option E is an incorrect choice.

Chapter 15: Applying Ownership and Permissions

  1. A, B, E. The basic Linux security permissions that you can set are read, write, and execute access, so options A, B, and E are correct. To delete a file a user must have write access because there is no delete access permission, so option C is incorrect. To modify a file a user must also have write access because there is no specific modify access permissions, so option D is incorrect.
  2. B, C, D. The three categories Linux uses for assigning permissions are the owner, the group, and all others on the system; thus answers B, C, and D are correct. The root user account already has full permissions on all files and folders, so it's not specified as a separate category, so option A is incorrect. Linux doesn't use a department category because departments must be defined as groups, so option E is also incorrect.
  3. B. The Set User ID bit (SUID) allows all users to run applications as the root user account, so option B is correct. The sticky bit prevents users from deleting files for which they have group permissions but don't own. It doesn't allow users to run the file with root privileges, so option A is incorrect. The GUID bit directs Linux to set all files in a directory with the directory's group assignment and not that of the user account creating the file. However, it doesn't allow users to run files as the root user account, so option C is incorrect. The execute and write bits set those permissions for the standard category of users, groups, or others. They don't allow users to run files as the root user account, so both options D and E are incorrect.
  4. E. The octal mode permission 644 represents read/write for the owner and read only for the group and other categories. In symbolic mode that would be rw-r--r--, so option E is correct. Option A, rwxrw-r--, would be octal mode 764, so it is incorrect. Option B, -w--w--w-, would be octal mode 222, so it is incorrect. Option C, -w-r--r--, would be octal mode 244, so it is also incorrect. Option D, rwxrw-rw-, would be octal mode 766, so it too is incorrect.
  5. A, B. The chgrp command is used to change the group assigned to a file or directory; however, you can also specify a new group with the chown command to change the owner and the group at the same time, so both options A and B are correct. The chmod command changes the permissions assigned to a file or directory but not the group, so option C is incorrect. The chage command is used to control the password of user accounts, not the group assigned to a file or directory, so option D is incorrect. The ulimit command is used to restrict the system resources a user account can use, not to set the group assignment of a file or directory, so option E is incorrect.
  6. C. The getfacl command retrieves all of the ACL permissions assigned to a file or directory, so option C is correct. The -Z option added to the ls command displays SELinux context settings, not ACL permissions, so option A is incorrect. The -l option of the ls command displays the standard Linux file permissions, not the ACL permissions, so option B is incorrect. The chmod command allows you to change the standard permissions assigned to a file or directory, not display the ACL permissions, so option D is incorrect. The setfacl command allows you to change the ACL permissions for a file or directory, but not view them, so option E is incorrect.
  7. D. The permissive mode in SELinux logs policy violations but doesn't prevent the action from happening, so option D is correct. The disabled mode allows all actions to happen but doesn't log them, so option A is incorrect. The enforcing mode logs policy violations and enforces them, so option B is incorrect. Options C and E, targeted and MLS, are not SELinux modes but rather define what types of daemons to monitor; they are both incorrect.
  8. C. The -Z option of the ls command displays the SELinux security context assigned to a file or directory, so option C is correct. The getsebool command displays the current setting for a policy rule, not the security context of files, so option A is incorrect. The setsebool command enables or disables a policy rule, and it doesn't display the security context of a file, so option B is incorrect. The getenforce command displays the current SELinux mode, not the security context of files, so option D is incorrect. The -l option of the ls command displays the standard permissions assigned to a file, not the SELinux security context of the file, so option E is incorrect.
  9. A, D. The su command allows you to run an application as another user, including the root user account, and the sudo command allows you to run an application as the root user account, so options A and D are both correct. Both wheel and adm are user groups that provide administrator privileges, but they aren't commands that run applications themselves, so options B and E are both incorrect. The visudo command opens an editor to edit the sudoers file so you can edit it, but it can't run other applications, so option C is incorrect.
  10. C, D. Red Hat–based distributions use the wheel group and Debian-based distributions use the sudo group to allow members to gain administrator privileges on the system to run applications, so options C and D are correct. The lp group is used to grant access to system printers, not run applications with administrator privileges, so option A is incorrect. The adm group is commonly used in Debian-based systems to grant access to log files, but not run applications with administrator privileges, so option B is incorrect. Option E, su, is a command-line command for running commands as another user, not a user group, so it is incorrect.

Chapter 16: Looking at Access and Authentication Methods

  1. D. For an application to use PAM, it must be compiled with the libpam (also called libpam.so) library. Thus, option D is the correct answer. Option A lists the ldd command, which allows you to view modules compiled with various applications. Therefore, option A is a wrong answer. Options B, C, and E are all PAM modules, but none are the PAM library module needed to make an application PAM-aware. Therefore, options B, C, and E are incorrect choices.
  2. A, B, D, E. requisite, required, sufficient, and optional are all PAM control flags you may find in a PAM /etc/pam.d/ configuration file. Therefore, options A, B, D, and E are correct. Option C, allowed, is made up and thus an incorrect choice.
  3. B, E. The pam_tally2 and faillock commands display failed login attempts, and therefore options B and E are correct answers. The tally2 command does not exist, and thus option A is a wrong answer. The pam_tally2.so module is involved with locking out accounts due to failed login attempts, but it does not display failed logins. Therefore, option C is a wrong choice. The pam_faillock is made up, and thus, option D is also an incorrect choice.
  4. B, C. Asymmetric, or public/private, key encryption involves a message sender encrypting a message with the receiver's public key. When the receiver obtains the encrypted message, it is then decrypted using the receiver's private key. Therefore, options B and C are correct answers. Symmetric key encryption is also called secret or private key encryption. It involves the sender and receiver using the same secret key to encrypt and decrypt a message. Therefore, options A, D, and E are incorrect choices.
  5. E. Option E best describes a digital signature and is therefore the correct answer. Option A describes encryption and is thus a wrong answer. Option B describes decryption and is also an incorrect choice. PKI is described in option C, and thus option C is a wrong answer. Option D describes a self-signed digital certificate, and therefore it is an incorrect choice as well.
  6. A. The OpenSSH application keeps track of any previously connected hosts and their public keys in each user's ~/.ssh/known_hosts file. Therefore, option A is the correct answer. The ~/.ssh/authorized_keys file is used on an SSH server to keep track of authorized public keys used for password-less authentication. Therefore, option B is a wrong answer. Options C and D are made up and therefore incorrect choices. Option E is an RSA public key that could be created by the ssh-keygen utility, so it is a wrong choice as well.
  7. A, B, C. The ~./ssh/config, /etc/ssh/ssh_config, and /etc/ssh/sshd_config files are all OpenSSH configuration files. Therefore, options A, B, and C are correct choices. The files listed in options D and E are made up and therefore incorrect answers.
  8. E. The only correct answer is option E. These identity keys are created with the filenames of id_type for the private key and id_type.pub for the public key. The key in option E is a private key using the RSA algorithm. Option A's key is an RSA private key used in establishing a password authenticated SSH connection, so it is a wrong answer. The key listed in option B is a public version of option A's key, so it too is a wrong choice. The keys listed in options C and D are made up, and thus they are wrong choices as well.
  9. A, C, D, E. Options A, C, D, and E are all true statements concerning TCP wrappers and therefore are correct choices. You would never want to place ALL: ALL in the /etc/hosts.allow file because it would block everyone from accessing the service. Instead, you would want to place this record in the /etc/hosts.deny file to provide the best security because it is checked last. Therefore, option B is a wrong choice.
  10. B, D, E. Options B and E are protocols that may be involved in using VPN software as a client, and therefore they are correct choices. IPSec is a framework, which may be involved at the Network layer when using VPN software as a client, and thus option D is also a correct answer. Tunnel and transport are modes of IPSec, but not frameworks or protocols, so options A and C are incorrect choices.

Chapter 17: Implementing Logging Services

  1. D. The syslog protocol created by the Sendmail project has become the de facto standard for logging system event messages in Linux, so option D is correct. SMTP is a mail protocol, and FTP stands for File Transfer Protocol, so both options A and B are incorrect. NTP stands for Network Time Protocol, so option C is incorrect. Option E, journalctl, is a tool used to read systemd-journald journal files, not a protocol for logging event messages, so it is also incorrect.
  2. A. The cron application schedules jobs on Linux systems, so the cron facility keyword represents event messages received from the job scheduler, so option A is correct. The user keyword represents events received from users, so option B is incorrect. The kern keyword represents events received from the kernel, so option C is incorrect. The console keyword represents events received from a console on the system, so option D is incorrect. The local0 keyword is not defined in the standard and is normally defined within the system but doesn't normally receive events from the job scheduler, so option E is incorrect.
  3. C. The emerg severity level has a priority of 0, the highest level in syslog, so option C is correct. The crit severity level is at level 2, so it's not the highest level and therefore option A is incorrect. The alert keyword is assigned level 1, but it's not the highest level, so option B is incorrect. The notice keyword is assigned level 5 and is not the highest level, so option D is incorrect. The err keyword is assigned level 3 and is not the highest level, so option E is incorrect.
  4. B. The notice severity level represents system event messages that are significant but normal, so option B is correct. The crit and alert keywords represent event messages that are critical or that require special attention, so options A and D are incorrect. The info keyword represents event messages that are only informational but not significant, so option C is incorrect. The local0 keyword is not defined in the syslog protocol but by the local system, so option E is incorrect.
  5. E. The rsyslogd application was designed to be a faster version of the syslogd application, so option E is correct. The syslogd application is the original syslog application and was not known for its speed, so option A is incorrect. The syslog-ng application was designed to be more versatile than syslogd, but not faster, so option B is incorrect. The systemd-journald application is known for faster queries in reading journal entries but wasn't designed to be faster in handling event messages, so option C is incorrect. The klogd application is part of the original sysklogd application and is also not fast, so option D is incorrect.
  6. A. The rsyslogd application uses the rsyslog.conf configuration file by default, so option A is correct. Option D, rsyslog.d, is commonly used as a folder for storing additional rsyslogd configuration files, but it isn't the default configuration filename, so it is incorrect. Options B and C are configuration files for other logging applications, not rsyslogd, so they are incorrect. Option E is not a valid logging application configuration filename.
  7. D. The rsyslogd application priorities log event messages with the defined severity or higher, so option D would log all kernel event messages at the warn, alert, or emerg severities and therefore it is correct. The option A facility and priority setting would only log kernel messages with a severity of warning, so it is incorrect. Option B would log all kernel event messages, not just warnings or higher, so it is incorrect. Option C would log all facility type event messages but include the information or higher level severity, so it is incorrect. Option E would log kernel event messages but only at the alert or emerg severity levels, not the warning level, so it is incorrect.
  8. B. The Storage setting controls how systemd-journald manages the journal file. Setting the value to persistent ensures that the journal file will remain in the /var/log/journal directory, so option B is correct. Setting the value to auto only ensures that the journal file will be persistent if the /var/log/journal directory exists, so option A is incorrect. Setting the value to volatile ensures that the file does not persist, so option D is incorrect. Options C and E refer to settings that control whether or not event messages are passed to the rsyslogd application, so they are both incorrect.
  9. C. The -r option displays the journal entries in reverse order, so the most recent entry will appear first. Thus, option C is correct. The -a option displays all of the data fields, but in the normal order, so option A is incorrect. The -l option displays all printable data fields, but in the normal order, so option B is incorrect. The -e option jumps to the end of the journal file but displays the remaining entries in normal order instead of reverse order, so option D is incorrect. The -n option displays a specified number of entries, but in normal order, so option E is incorrect.
  10. A. The journalctl application allows you to filter event messages related to a specific application by the application process ID (PID) using the OBJECT_PID match, so option A is correct. The Kernel match retrieves event messages generated by the system kernel and not applications, so option B is incorrect. The _TRANSPORT option filters event messages based on how they were received and not by application, so option C is incorrect. Option D, _UID, filters event messages based on the user ID value, not the application, so it is incorrect. Option E, _UDEV, filters events by device ID and not by application, so it too is incorrect.

Chapter 18: Overseeing Linux Firewalls

  1. A, C, E. The Linux firewall applications covered in this chapter use access control lists (ACLs) to identify which network packets are allowed in or out of the system. Therefore, option A is a correct answer. They identify the network packets by inspecting their control information along with other network data. Thus, option C is also a correct choice. In addition, the Linux firewall applications use configuration files to maintain persistency, which allows the firewall configuration to survive system reboots and/or the firewall application being started or reloaded. Therefore, option E is also a correct answer. These firewalls cannot detect malicious behavior; they only follow predefined rules. Therefore, option B is a wrong answer. In addition, they use netfilter embedded in the Linux kernel and not iptables (which is instead a firewall service), so option D is also an incorrect choice.
  2. B. Option B best describes packet filtering. Option A describes how packets are identified but only allows them into the system, and therefore is not the best answer. A packet's payload refers to the data it is carrying. In packet filtering, packets are identified by their control information, such as their source IP address. Therefore, option C is not the correct answer either. Network packets can be identified by much more than just their source address, making option D a wrong answer. Option E is also a wrong answer because it focuses on the packet's payload and not its control information.
  3. C, D. A stateful firewall uses a memory table to track an established connection's packets, making it faster for those connections. In addition, it can tell if packets are fragmented and thus protects the system from attacks that spread among multiple packets. Therefore, options C and D are the correct answers. Stateless firewalls operate faster overall, and they are not as vulnerable to DDoS attacks. Thus, options A and B are wrong answers. While stateful firewalls are vulnerable to DDoS attacks, it is not a benefit. Therefore, option E is also an incorrect choice.
  4. E. With firewalld, network traffic is grouped into a zone, which is a predefined rule set, also called a trust level. Therefore, option E is the correct answer. While firewalld does employ the netfilter and the firewall-cmd commands, those items are not predefined rule sets, so options A and B are wrong answers. A service is a predefined configuration set for a particular service, such as DNS. Therefore, option C is an incorrect answer as well. Option D is an incorrect choice because the zone that rejects packets is called block.
  5. D. The firewalld's runtime environment is the active firewall, but if the configuration is not saved as the permanent environment, it is not persistent. Therefore, after his successful tests, he should issue the firewall-cmd --runtime-to-permanent command to save the runtime environment to the permanent environment. Thus, option D is the correct answer. Rebooting the system would lose the tested runtime environment, so option A is a wrong answer. The --panic-on option blocks all incoming traffic, so option B is also an incorrect answer. The runtime environment is different than the permanent environment in this situation, so option C is a wrong choice. While the --permanent option will allow you to modify the runtime and permanent environment at the same time, Peter did not do this, so option E is also an incorrect answer.
  6. C. To achieve the desired result, Peter will need to modify the iptables INPUT chain for the protocol ping uses, which is ICMP. Also, the target will need to be set to DROP, in order to not send any rejection message. Therefore, option C is the correct iptables command to use. The command in option A will set the policy to DROP for all incoming packets that do not have a rule in the INPUT chain, but that does not target ping packets. Therefore, option A is a wrong answer. The command in option B will send a rejection message, which is not desired, so it is also an incorrect answer. The command in option D is attempting to delete a rule, not add one. Therefore, option D is a wrong choice. The command in option E is modifying the OUTPUT chain instead of the INPUT chain, which will affect outbound network packets. Thus, option E is an incorrect choice.
  7. D. The sudo ufw status numbered command will display the UFW firewall's ACL rules with their associated numbers. Therefore, option D is the correct answer. Option A is made up and thus is a wrong answer. Both options B and C will show any rules, but they will not include their numbers, so those options are incorrect answers. The UFW command in option E enables the firewall but does not display ACL rules, so it is an incorrect choice as well.
  8. A. While all these options use simple syntax, the ufw command in option A will block all incoming and outgoing OpenSSH connections and not send a blocking (rejection) message. Thus, option A is the correct answer. There is no drop argument in the ufw command, so option B is a wrong answer. The command in option C would send a rejection message. Thus, it is a wrong choice. The command in option D will allow OpenSSH connections, and therefore it is an incorrect answer. There is no block argument in the ufw command, so option E is also an incorrect choice.
  9. A, B. Options A and B are true statements concerning both DenyHosts and Fail2Ban. DenyHosts only works with OpenSSH traffic, while Fail2Ban can handle many different types of traffic. So option C is a wrong answer. Fail2Ban's configuration file is named /etc/fail2ban/jail.conf, but the configuration file for DenyHosts is not. Therefore, option D is an incorrect answer as well. DenyHosts can only work with TCP Wrappers, whereas Fail2Ban can work with iptables, TCP Wrappers, firewalld, and so on. Thus, option E is an incorrect choice.
  10. E. The command in option E will properly add the new IP address to the BlockThem IPset. Thus, it is the correct answer. The commands in options A and B create the IPset and do not add new addresses to it. Therefore, those options are wrong answers. The command in option C will save the current IPset configuration to the IPset configuration file. While this is something Virginia should do after the new address is added, it is not the currently needed command. Thus, option C is a wrong answer. The command in option D adds an entire subnet of addresses to the IPset and not a single IP address. Thus it is an incorrect answer as well.

Chapter 19: Embracing Best Security Practices

  1. B. The Kerberos authentication method uses a ticket-granting system to assign a ticket to the user account after a successful authentication. Any server on the network that uses Kerberos can then authenticate the user account using that ticket. Thus, option B is correct. The LDAP, RADIUS, and TACACS+ authentication methods don't use tickets for user authentication, so options A, C, and D are all incorrect. The biometrics authentication method uses user physical features to authenticate user accounts but doesn't issue a ticket to allow single sign-on, so option E is incorrect.
  2. C. Biometrics uses physical features of users to authenticate them on the Linux system, so option C is correct. LDAP and Kerberos are only single-factor authentication methods, so options A and E are incorrect. Tokens and PKI are both two-factor authentication methods but use digital tokens instead of physical features for authentication, so options B and D are incorrect.
  3. A. The LDAP authentication method allows administrators to create a distributed database that not only authenticates user accounts but tracks user authorization of network resources, so option A is correct. The Kerberos and RADIUS authentication methods don't use a distributed database, nor can they authorize users to access network resources, so options B and D are incorrect. Tokens and PKI are two-factor authentication methods that don't use distributed databases, nor do they authorize users to access network resources, so options C and E are incorrect.
  4. E. When you specify the nologin utility as the default shell for a user account, users will receive a message upon successful login that they aren't allowed to access the system, so option E is correct. Biometrics, tokens, and Kerberos are all authentication methods that won't prevent the root user account from logging in, so options A, B, and C are all incorrect. Removing the root user account from the /etc/passwd file removes the root user account from the system, which will break applications that require the root user account to run, so option D is incorrect.
  5. B. All user data is normally stored under the /home directory structure on Linux systems, so placing the /home directory on a separate disk partition would separate user data from system data, making option B correct. The /usr, /etc, /sbin, and /bin directories all contain system data and not user data, so options A, C, D, and E are all incorrect.
  6. D. The chroot program restricts an application to a specific area within the virtual filesystem structure, so option D is correct. Blocking the application network port would prevent guests from connecting to the application, so option A is incorrect. Moving the application to a private port number wouldn't restrict access to directories, so option B is incorrect. Placing the application in an encrypted partition or on a separate partition wouldn't prevent the application from accessing data outside of the application, so options C and E are incorrect.
  7. A. The Linux Unified Key Setup (LUKS) feature provides disk-level encryption so that all files stored in a partition are automatically encrypted when written and decrypted when read, so option A is correct. The chroot utility restricts an application to a specific location in the virtual filesystem but doesn't encrypt files, so option B is incorrect. The auditd utility creates detailed logs of system activity such as user file access but doesn't encrypt files or disks, so option D is incorrect. Both PKI and Kerberos are authentication methods and not disk encryption methods, so both options D and E are incorrect.
  8. C. The /etc/cron.deny file is a list of user accounts prevented from scheduling jobs, so adding the user to that file would stop them from scheduling the job, making option C correct. The chroot program restricts applications to a specific location in the virtual filesystem; it doesn't block users from scheduling jobs, so option A is incorrect. The nologin program prevents user accounts from logging into the system, which is an extreme solution to the problem, so option B isn't a good solution. The /etc/hosts.deny file blocks hosts from accessing the system and not users from scheduling jobs, so option D is incorrect. The /etc/motd file displays a message to all users as they log into the system, but it won't block them from scheduling jobs, so option E is incorrect.
  9. D. The fastest way to deter an attacker is to place their IP address in the /etc/hosts.deny file, preventing them from accessing the system, so option D is correct. Placing applications into a chroot jail prevents the application from accessing files outside of the jail filesystem but doesn't prevent the attacker from continuing to access a user account, so option A is incorrect. Adding the nologin shell to the user account will prevent the attacker from accessing the user account but will also block the valid user from accessing the account, so option B is incorrect. Implementing two-factor authentication will help stop the attacker but isn't a quick solution, so option C is incorrect. Adding the user account to the /etc/cron.deny file prevents the user account from scheduling jobs but won't stop the attacker from trying to log in as the user account, so option E is incorrect.
  10. E. Disabling the FTP application network ports will prevent users from being able to use the FTP service, so option E is correct. Placing a message in the /etc/motd file to display when users log in won't prevent them from using the FTP service, so option A is incorrect. Moving the FTP application to a different network port may temporarily solve the problem, but once users find the alternative ports, they can continue using FTP, so option B is incorrect. The /etc/hosts.deny file contains IP addresses or hostnames of remote hosts to block, not user accounts, so option C is incorrect. The /etc/cron.deny file blocks users from scheduling jobs, not accessing network applications, so option D is incorrect.

Chapter 20: Analyzing System Properties and Remediation

  1. B, C. A network socket is a single endpoint of a network connection's two endpoints. That single endpoint is on the local system, bound to a particular port, and uses a combination of an IP address and a port number. Therefore, options B and C are correct answers. Ports use numbers to identify which service or application is transmitting data, and thus option A is a wrong answer. Unix sockets are endpoints between processes on a local system and provide better interprocess communication (IPC) than localhost. Therefore, options D and E are incorrect choices.
  2. A, B, E. The iperf, ping, and traceroute utilities will help test the network for high latency (slowness) in order to determine the cause. Thus, options A, B, and E are correct answers. The ip neigh command is used to check the routing tables and is often employed in situations where a duplicate or incorrect MAC address is causing problems on a local network segment. Therefore, option C is a wrong answer. The dig utility checks name server resolutions, not high latency. Thus, option D is also an incorrect choice.
  3. A, D, E. The mtr, tracepath, and traceroute utilities all allow Mr. Scott to view router packets traveling through certain network segments and isolate which routers may be dropping packets. Therefore, options A, D, and E are correct answers. The ifconfig tool is for viewing and configuring network adapters. Therefore, option B is a wrong answer. The ethtool -s command will show adapter statistics but not router information, and therefore option C is also an incorrect choice.
  4. D. The nslookup utility can be used along with the time command to test new name servers to see if they are more efficient (faster). Thus, option D is the correct answer. Option A's dnsmasq is caching-only name server software, so it is a wrong answer. The whois utility performs queries of Whois servers, not name servers. Thus, option B is an incorrect answer. The nmap utility is used for network mapping and analysis (or pentesting), and therefore, option C is a wrong choice. The ipset list command displays the various IPsets on a system but is not involved with name resolution. Thus, option E is an incorrect choice.
  5. A. The iostat command displays I/O wait, which is a performance statistic showing the amount of time a processor must wait on disk I/O. Therefore, option A is the correct answer. The ioping utility is more for testing new disks on performance items such as disk I/O latency, seek rates, sequential speeds, and so on. Therefore, option B is a wrong answer. The du and df commands are useful for situations where disk space is an issue but do not provide I/O wait statistics. Therefore, options C and D are incorrect answers. The iotop utility is helpful in locating an application or process causing high I/O but not CPU latency due to high I/O. Thus, option E is also an incorrect answer.
  6. B. The deadline I/O scheduler is good for situations where increased database I/O and overall reduced I/O latency are needed, and/or an SSD is employed, and/or a real-time application is in use. Therefore, option B is the correct answer. Option A is the I/O scheduler configuration file's name, and therefore it is a wrong answer. Option C is one of the subdirectories in the directory that contains the I/O scheduler configuration file, such as /sys/block/sdc/queue/. Thus, option C is also an incorrect answer. The cfq scheduler is best for situations where more balanced I/O handling is needed and/or the system has a multiprocessor. Therefore, option D is a wrong answer. The noop I/O scheduler is good for situations where an SSD is employed but less CPU usage is needed. Therefore, option E is an incorrect choice.
  7. A, B, D. The uptime command displays CPU load averages in 1-, 5-, and 15-minute increments. Thus, options A, B, and D are correct answers and options C and E are incorrect choices.
  8. C. The sar utility is the best one for viewing a system's processor performance over time. It uses data stored by the sadc program in the /var/log/sa/ directory, which contains up to a month's worth of data. Therefore, option C is the correct answer. The uptime utility is handy to view processor performance, but sar is a better one for viewing it over time. Thus, option A is a wrong answer. sysstat is a package that provides the sar utility, and therefore, option B is an incorrect answer. The /proc/cpuinfo file contains detailed processor information, but it is not the best for viewing CPU performance. Thus, option D is also a wrong choice. The sysctl utility is used to view or tweak kernel parameters. Therefore, option E is an incorrect choice.
  9. E. The swapon -s command will allow Gertie to view a swap space element's type, name, and priority. Therefore, option E is the correct answer. The vmstat utility provides a lot of memory statistics, including disk I/O specific to swapping as well as total blocks in and blocks out to the device. However, it does not provide the information Gertie needs, so option A is a wrong answer. The free command shows memory items such as free memory, used memory, and buffer/cache usage. Thus, option B is an incorrect answer. fstab is not a command, but a file. This file is where swap partitions/files must have records in order for the swap space to remain persistent through reboots. Therefore, option C is a wrong choice. The swapoff utility disengages a partition/file from swap space, and thus, option D is an incorrect choice.
  10. E. In this scenario, since multiple swap spaces already exist and the one swap partition or file is on a logical volume, Elliot should add more swap space by using LVM tools to increase the logical volume. Thus, option E is the correct answer. While Elliot would need to employ mkswap and swapon on the logical volume after it is extended, options A, B, C, and D are using those utilities on files or partitions, instead of logical volumes. Therefore, those options are incorrect choices.

Chapter 21: Optimizing Performance

  1. A, C, D. The GNU ps command in Linux supports parameters that were supported by the legacy BSD and Unix ps command, along with new options created by GNU, so options A, C, and D are correct. There are no Linux style options used by the ps command, so option B is incorrect. The ps command doesn't support numeric options, so option E is also incorrect.
  2. B. The Unix style command-line options for the GNU ps command are identified by placing a single dash in front of the option, so option B is correct. The newer GNU options are identified by using a double dash, so option A is incorrect. The legacy BSD style options are identified by not placing anything in front of the option letter, so option C is incorrect. Unix style options still use letters, not decimal or hexadecimal numbers, so options D and E are both incorrect.
  3. D. With no command-line options, the GNU ps command displays only processes run by the current shell, so option D is correct. To display all processes running on a specific terminal, you need to add the -t option, so option A is incorrect. To display all active processes, you must add the -A option, so option B is incorrect. To display the sleeping processes, you need to use the -ef option, so option C is incorrect. To display all processes run by the current user account, you need to add the -x option, so option E is incorrect.
  4. A. The top command displays the currently running processes on the system and updates every 3 seconds, so option A is correct. The ps command displays currently running processes but doesn't update in real time, so option B is incorrect. The lsof command displays files currently opened by processes but not the processes themselves, so option C is incorrect. The pkill and kill commands are used to stop running processes, not display them, so options D and E are both incorrect.
  5. E. The S command displays the processes based on the cumulative CPU time for each process, so option E is correct. The l command displays the processes based on the load average, so option A is incorrect. The F command allows you to select the field used to sort the display, so option B is incorrect. The r command reverses the sort order of the display, so option C is incorrect. The y command highlights running tasks, so option D is incorrect.
  6. B. The RES column in the top output displays the amount of physical memory used by the applications, so option B is correct. The VIRT column displays the amount of virtual memory, not physical memory, so option A is incorrect. The SHR column displays the amount of shared memory used, so option C is incorrect. The S column displays the status of the application process, so option D is incorrect. The %MEM column displays the percentage of physical memory the application is using but not the amount of physical memory, so option E is incorrect.
  7. C. The nice command allows you to specify the priority level for an application, so option C is correct. The renice command allows you to change the priority level of an application that's already running, but not one that hasn't started yet, so option A is incorrect. The pkill and kill commands are used to stop running processes, not change their priority levels, so options B and D are incorrect. The pgrep command displays the application processes matching a search term; it doesn't change the priority level of the processes, so option E is incorrect.
  8. A. The renice command allows you to change the priority level assigned to an application that's already running on the system, so option A is correct. The pkill and kill commands allow you to stop an application but not change the priority level, so options B and D are both incorrect. The nice command allows you to start an application with a specified priority level but not change the priority level of an application that's already running, so option C is incorrect. The pgrep command allows you to search for a running application based on a search term but not change the priority level of it, so option E is incorrect.
  9. B. The pkill command allows you to send a HUP signal to a running process based on a search term for the process name, so option B is correct. The renice command allows you to change the priority level of an application that's already running but not stop it, so option A is incorrect. The nice command allows you to start an application at a specified priority level but not stop an application that's already running, so option C is incorrect. The kill command allows you to stop an application that's running, but you need to use the process ID number and not the name, so option D is incorrect. The pgrep command allows you to search for running applications based on their name but not stop them, so option E is incorrect.
  10. D. The kill command allows you to stop an application that's already running by specifying its process ID, so option D is correct. The renice command allows you to change the priority level of an application but not stop it, so option A is incorrect. The pkill command allows you to stop an application, but by specifying its process name and not its process ID, so option B is incorrect. The nice command allows you to start an application using a specified priority level but not stop an application, so option C is incorrect. The pgrep command allows you to display running applications based on a search term for the application name but not stop them, so option E is incorrect.

Chapter 22: Investigating User Issues

  1. C. Since Lamar is a contractor, his account should have an expiration date set. Thus, the first thing to check for his particular local access problem is whether or not the account has expired. Option C is the correct answer. GUI services may not be running, but this is not the first thing to check (and no one else is having problems, just Lamar). Thus, option A is an incorrect choice. Lamar is not employing a utility such as OpenSSH, so option B is a wrong answer. The account might be locked, but this is not the first thing to check, so option D is an incorrect answer. SELinux policy violations also may be a problem, but you don't know if the system is running SELinux or AppArmor. Therefore, option E is also an incorrect choice.
  2. E. Since Irene normally logs into the system using the tty4 terminal and is having trouble today but can log in using the tty3 terminal, the first thing to check is whether or not the tty4 device file is corrupted. Therefore, option E is the correct answer. If getty services were not running, Irene could not log into the tty3 terminal, so option A is a wrong answer. Option B is not the first item to check, so it is an incorrect answer. The account is not locked because Irene can log in via the tty3 terminal. Thus, option C is an incorrect answer. Using the last command is not helpful in this scenario, unless you think Irene is confused, so option D is an incorrect choice as well.
  3. B. To enlist Vincent's help, have him add the -vvv option on to his ssh command. This will provide a great deal of information that will assist you as you track down the problem. Therefore, option B is the correct answer. The /etc/ssh/sshd_config configuration file is on the server side, and Vincent cannot reach the system, so option A is the wrong answer. The -X option will only help if your system is forwarding X11 GUI servers over the network, so option C is an incorrect answer. If Vincent is using token-based authentication via ssh, then this will need to be checked, but it's not the first item to address. Thus, option D is a wrong choice. The config file may need to be checked, but it's not the first item to address, so option E is an incorrect choice as well.
  4. D, E. The best log files for Anton to peruse in this situation are /var/log/secure and /var/log/lastlog using the lastlog command. Therefore, options D and E are the correct answers. Since auditd is not employed, the file in option A is not available and is a wrong answer. Since SELinux is not used, the file in option B is also an incorrect answer. This system, Rocky Linux, is a Red Hat–based system and not Debian, so the /var/log/auth file is not available. Thus option C is also an incorrect choice.
  5. A, D. From the choices listed, to allow Tarissa to run the script, add her to the wheel group and add execute (x) to the shell script file's permissions. Thus, options A and D are the correct answers. Option B will do nothing for this situation and is a wrong answer. Adding write (w) to the group permissions will not allow her (or the wheel group members) to execute the file. Thus, option C is a wrong choice. Actions need to take place, so option E is incorrect.
  6. B. For Miles to change his present working directory to /home/miles, the other section must have the execute (x) permission. Therefore, option B is the correct answer. You do not know Miles's home directory configuration, so you cannot assume it is /home/miles. Thus, option A is the wrong answer. The write (w) and read (r) permissions don't allow a user to change his present working directory to this directory. Therefore, options C and D are incorrect answers. The dash (-) in a file permission listing is not a permission but instead shows the absence of a permission. Thus, option E is also an incorrect choice.
  7. A, B, D, E. Options A, B, D, and E contain potential causes of Sarah's file creation problem and are therefore correct answers. A file with an immutable bit cannot be deleted, and thus option C is the only incorrect choice.
  8. E. The lsattr command used on the file will display whether or not the immutable bit is set. If this bit is set, the user cannot delete the file until it is removed. Therefore, option E is the correct answer. The chown command changes a file's ownership, and thus option A is the wrong answer. The chattr command can add or remove certain file attributes, such as the immutable bit, but is not helpful at this point, so option B is an incorrect answer. The chmod utility changes file permissions (modes), but it does not help in this situation, so option C is a wrong choice. The umask command displays or sets what permissions are removed from default permissions when a file or directory is created. This is not helpful here, so option D is an incorrect choice.
  9. D. When the export EDITOR='vim' line is put in her ~/.profile file, the default editor will be set to the vim editor for Melissa. It will also stay set when she enters a subshell. Thus, option D is the correct answer. If option A or B was completed, then everyone on the system would have the vim editor as their default editor. Therefore, options A and B are incorrect answers. Option C would set the vim editor as Melissa's default editor, but it would not be set when she entered a subshell due to the missing export command. Thus, option C is also an incorrect answer. The . bash.bashrc file does not reside in the user's local directory (it is located in the /etc directory) and is also not a hidden file, so option E is an incorrect choice.
  10. B, C, E. The echo $SHELL command will show Mark his current shell. Though it could be a modified environment variable, this will help to determine if his default shell has been changed. Thus, option B is a correct answer. The sudo grep tcsh$ /etc/passwd command will display any /etc/passwd file records that have /bin/tcsh as their default shell, including Mark's. Thus, option C is a correct answer too. The sudo getent passwd MW2015 command will show Mark's account's password file setting, including its default shell. Therefore, option E is also a correct answer. The option A command will display the settings in the profile environment configuration file, but since Mark is the only one experiencing the problem, the SHELL environment variable is not set with this method. Thus, option A is a wrong answer. The command in option D will show the shadow file records and not the password file records. Therefore, option D is an incorrect choice.

Chapter 23: Dealing with Linux Devices

  1. C. PCI boards use interrupts, I/O ports, and DMA channels to send and receive data with the PC motherboard, so option C is correct. USB devices transmit data using a serial bus connected to the motherboard and don't use DMA channels, so option A is incorrect. The GPIO interface uses memory-mapped specialty IC chips and not interrupts and I/O ports, so option B is incorrect. Monitors and printers are hardware devices and not hardware interfaces, so options D and E are incorrect.
  2. A. The Linux kernel uses the /proc/ioports file to track the I/O ports used by the installed PCI boards on the system, so option A is correct. The kernel uses the /proc/interrupts and /proc/dma files to track interrupts and the DMA channel, not I/O ports, so options B and E are incorrect. The /sys directory contains files used to track kernel, module, and system features, not I/O ports, so option C is incorrect. The /dev directory contains files used to transfer data to and from devices, not track their I/O ports, so option D is incorrect.
  3. D. The kernel creates files in the /dev directory for each device on the Linux system. These files are used to send data to the device and read data from the device. Thus, option D is correct. The /sys and /proc directories are used by the kernel to display system information, not transfer data, so options A and B are incorrect. The /etc directory is used for configuration files, not for transferring data, so option C is incorrect. The /dev/mapper directory is used by virtual systems such as LVM and LUKS to create virtual files that indirectly interface with devices through another application, not directly, so option E is incorrect.
  4. B. The kernel uses the /dev/mapper directory to create virtual files that interface with applications that manipulate data on a virtual LVM volume before being sent to a physical hard drive device, so option B is correct. The /dev directory contains the physical device files, not virtual files, so option A is incorrect. The kernel uses the /proc and /sys directories to display kernel and system information, not virtual files for LVM volumes, so options C and D are incorrect. The /etc directory contains configuration files for applications, not LVM volumes, so option E is incorrect.
  5. A. The lsdev command displays all the hardware information about all the devices connected to the system, so option A is correct. The lsblk command only displays information on block devices, so option B is incorrect. The lspci command only displays information about PCI devices, so option C is incorrect. The lsusb command only displays information about USB devices, so option D is incorrect. The dmesg command displays messages from the kernel ring buffer, not information about the current devices, so option E is incorrect.
  6. E. The dmesg command displays the kernel event messages contained in the kernel ring buffer, so option E is correct. The lsdev command displays hardware information about devices, but not messages from the kernel, so option A is incorrect. The lsblk command only displays information about block devices, not kernel event messages, so option B is incorrect. The lspci command only displays information about PCI devices, not kernel event messages, so option C is incorrect. The lsusb command only displays information about USB devices, not kernel event messages, so option D is incorrect.
  7. A, C. The X.org and Wayland software packages implement the X Windows graphical system for Linux, so options A and C are correct. The CUPS software package implements PostScript printing for Linux, not X Windows graphical systems, so option B is incorrect. X11 is an X Windows standard but not a software package, so option D is incorrect. The udev program is used to detect hot-pluggable devices, not implement the X Windows graphical system, so option E is incorrect.
  8. B. The CUPS software package provides an interface to convert PostScript documents and send them to common printers, so option B is correct. The X.org and Wayland software packages are used to implement the X Windows graphical system in Linux, not interface with printers, so options A and C are incorrect. X11 is a standard for X Windows, not a software package for printers, so option D is incorrect. The udev program detects hot-pluggable devices but doesn't interact directly with the printers, so option E is incorrect.
  9. E. The udev program runs in the background and monitors the kernel ring buffer for event messages from new devices, so option E is correct. The X.org and Wayland software packages implement the X Windows graphical system but don't listen for new devices, so options A and C are incorrect. The CUPS package interfaces with printers on the Linux system and doesn't listen for new devices, so option B is incorrect. X11 is a standard for X Windows and not a software package that listens for new devices, so option D is incorrect.
  10. A. The udevadm program allows you to send control messages to the udev application running in background, signaling it to reload the rules defined in the /etc/udev/rules.d directory, so option A is correct. The udev application can't direct itself to reload the rules, so option B is incorrect. The lsusb, lspci, and lsdev programs are used for displaying hardware information for the system, not for directing the udev program to reload defined rules, so options C, D, and E are all incorrect.

Chapter 24: Troubleshooting Application and Hardware Issues

  1. B. Due to this application that is memory intensive and experiencing performance issues, the system's swap space is most likely receiving high I/O from RAM. SSDs have a finite number of program/erase (PE) cycles, and continually writing and removing data from them, such as occurs in swap, will cause them to become degraded storage faster than normal. Thus, option B is the correct answer. Degraded mode refers to the mode a RAID enters when one or more of its member disks have failed. Since it is not stated whether the application data is stored on a RAID array, option A is a wrong answer. Only NVMe SSDs need to have a namespace in their device filenames. Since it is not stated whether these SSDs are NVMe disks, option C is also an incorrect answer. A missing volume occurs when a disk that is part of a logical volume fails or is accidentally removed. Since it is not stated whether these SSDs are involved with a logical volume, option D is a wrong choice. Resource exhaustion occurs when a system's finite resources are committed and unavailable to others. For disks, this includes running out of inode numbers or disk space. While it is possible that at some point in time the SSDs will experience resource exhaustion, there is not enough information provided to declare that they will. Therefore, option E is also an incorrect choice.
  2. A, C. Since this is this system's first SCSI disk and it is not being recognized, it is possible that the appropriate modules (drivers) are not loaded. Thus, Mary should check to see if the drivers are on the system via the command in option A and check if they are currently loaded into the kernel using the command in option C. The pvscan utility is used for physical volumes being used for a logical volume's volume group. Therefore, option B is a wrong answer. The hdparm and smartctl commands in options D and E are employed for checking and resetting power management configurations on a SATA device. Thus, they are incorrect choices.
  3. B, C, D. For Norman to begin the process of troubleshooting this application permission issue, he'll need to either know or determine the information listed in options B, C, and D. The disk type, where the program resides, does not assist in this troubleshooting process, so option A is a wrong answer. The program's name is also not helpful here, so option E is an incorrect choice.
  4. D. Because the application can create the file in a particular directory with no problem but cannot write to the file, it is most likely a permission inheritance issue via default directory ACLs. Therefore, option D is the correct answer. If the directory ownership and their permissions were a problem, the application could not create a file in that directory. Therefore, option A is a wrong answer. File ownership and group membership would have to be manually changed by the application in order to cause this issue. Therefore, options B and C are incorrect answers. Executable privileges are involved with being able to run a program file or change a process's present working directory, and thus, option E is an incorrect choice.
  5. E. The upgrade may have broken the Apache package by breaking a dependency. The sudo apt-get check command will check for such a thing. Thus, option E is the correct answer. The commands in options A and B will clean up the repository database and any temporary download files but not help to troubleshoot this issue. Therefore, options A and B are wrong answers. The command in option C shows library files used by the Apache service, but it does not help troubleshoot the problem and is therefore an incorrect answer. Option D's command checks for broken dependencies, but on a Red Hat–based system, and thus it is an incorrect choice.
  6. C. If Peter cannot compile a flawlessly written C++ application, then the problem must lie with the compiler, GCC. Thus, option C is the correct answer. Application and file permissions would not cause this particular issue, so options A and B are wrong answers. A missing or outdated device would not be the problem for this situation, so option D is also an incorrect answer. Since Peter wrote this application, instead of trying to obtain one from a package repository, option E is an incorrect choice as well.
  7. B. The sealert utility is used to check the audit log file for SELinux context violations. Therefore, the issue here revolves around SELinux. The ls -Z command will allow Mary to view the flash.txt file's SELinux context to determine if it needs to have it changed. Thus, option B is the correct answer. The option A command will not show the file's SELinux context and is therefore a wrong answer. While the flash.txt directory might have a context problem, the ls -l command will not show it, and thus option C is a wrong choice as well. Option D's setroubleshoot is a package and not a command, so it is a wrong answer. Option E's restorecon will fix SELinux labels, which may be used in the repair process but not in troubleshooting, so it is an incorrect choice.
  8. A, B, D, E. For troubleshooting this issue, the firewall ACLs on both the NTP server and the application server must be checked. Either side could be dropping or rejecting packets, so options A and B are correct answers. If you do not have the NTP ports and transport protocols memorized, the /etc/services file needs checking. That information is critical for reviewing server- and client-side firewall ACLs. Thus, option D is a correct answer too. It is a good idea to view the firewall log entries because they may point to the exact cause of the problem or provide valuable information. Therefore, option E is a right choice. The firewall-cmd command is specific only to those systems that employ the firewalld firewall. Therefore, option C is the only incorrect choice.
  9. B. The communications port is a serial port, represented by the /dev/ttyS# device files. To find the right number (#), use the dmesg command to start the troubleshooting process. Thus, option B is the correct answer. Since a serial port is not represented by files named /dev/COM#, both options A and C are wrong answers. The setserial command is used after you determined the appropriate filename for the serial device, so it is not the first step and option D is an incorrect answer. The cat /proc/interrupts command is performed after you find the correct IRQ via the setserial command, so option E is an incorrect choice as well.
  10. C, D, E. The activities in options C, D, and E are all steps that may be included in troubleshooting this USB printer issue. A CUPS system uses the /etc/cups/printers.conf file instead of the /etc/printcap file, so option A is a wrong answer. The lpinfo -m command allows you to view available printer drivers, not USB ports, so option B is an incorrect choice as well.

Chapter 25: Deploying Bash Scripts

  1. B. The #! character combination defines the shebang, which tells the Linux shell what shell to use to run the shell script code, so option B is correct. The >> character combination appends the output of a command to a file, so option A is incorrect. The | character pipes the output of a command to another command, so option C is incorrect. The > character redirects the output of a command to a new file or overwrites an existing file, so option D is incorrect. The 2> character combination redirects error messages from a command to a file, so option E is incorrect.
  2. D. The > character redirects all of the output from a command to a new file, or overwrites an existing file, so option D is correct. The >> character combination appends all of the output from a command to an existing file, so option A is incorrect. The #! combination defines the shell to use, so option B is incorrect. The | character pipes output from one command to another command, so option C is incorrect. The 2> character combination redirects only error messages from a command to a new file, not all of the output, so option E is incorrect.
  3. C. The u+x chmod permission assigns execute permissions to the file owner so that you can run the file at the command prompt, which makes option C correct. The 644 octal permission assigns only read and write permissions to the file owner, not execute permissions, so option A is incorrect. The u+r permission assigns read permissions, not execute permissions, so option B is incorrect. The u+w permission assigns only write permissions and not execute permissions, so option D is incorrect. The u=wr permission assigns both read and write permissions but not execute permissions to the file owner, so option E is incorrect.
  4. A. The $USER environment variable contains the text username of the user account that started the shell, so option A is correct. The $UID environment variable contains the numeric user ID, not the text username, so option B is incorrect. The $HOME environment variable contains the home directory location of the user account, not the username, so option C is incorrect. The $BASH environment variable contains the location of the Bash shell executable file, not the username of the user who started the shell, so option D is incorrect. The $1 variable is a positional variable, not an environment variable. It's used to retrieve data from the command-line command that launched the shell, not to identify the user who started the shell, so option E is incorrect.
  5. C. To assign a value to a variable, you use the equal sign, but no spaces must be used between the variable name, the equal sign, and the value, so option C is correct. Option A uses the command substitution format, which doesn't assign a value to a variable but to the output of a command, so option A is incorrect. Option B places spaces between the variable name, equal sign, and the value, so option B is incorrect. Option D places quotes around the value, making it a string value and not a numeric value, so option D is incorrect. Option E uses backtick characters around the value, which attempts to run it using command substitution, which is incorrect.
  6. B. The -f file test checks if the specified object exists, and if it's a file, so option B is correct. The -e file test checks if the object exists, not the object type, so option A is incorrect. The -d file test checks if the object exists but is a directory, not a file, so option C is incorrect. The -x file test checks if the current user account has execute permissions for the file, not that the object exists and is a file, so option D is incorrect. The -w file test checks if the current user account has write permissions for the file, not that the object exists and is a file, so option E is incorrect.
  7. C. The bar character (|) pipes the output of one command to the input of another command, so option C is correct. The >> character combination appends the output of a command to an existing file, not to another command, so option A is incorrect. The shebang (#!) is used to identify the shell to use to run the script, not to redirect output from a command to another command, so option B is incorrect. The > character redirects the output of a command to a new file, not to another command, so option D is incorrect. The 2> character combination redirects the error messages from a command to a new file, not to another command, so option E is incorrect.
  8. D. The exit command allows us to return a specific error status when the shell script exits, so option D is correct. The #! shebang defines the shell to use to run the shell script, not the exit status, so option A is incorrect. The $? character combination displays the exit status from the last command; it doesn't return a specific exit status, so option B is incorrect. The $1 variable contains the first command-line parameter used when the shell script is launched from the command line; it doesn't set the exit status for the shell script, so option C is incorrect. The while command allows us to iterate through a set of commands until a specific condition is met; it doesn't return a specific exit status when the shell exits, so option E is incorrect.
  9. E. The $() command assigns the output of a command to a specified variable in the shell script, so option E is correct. The > character redirects the output of a command to a file, not to a variable, so option A is incorrect. The >> character combination appends the output of a command to an existing file, not to a variable, so option B is incorrect. The $[] command performs integer mathematical operations in the Bash shell, so option C is incorrect. The | character redirects the output of a command to another command, not to a variable, so option D is incorrect.
  10. C. The $[] command performs simple integer mathematical operations in the Bash shell, so option C is correct. The > character redirects the output of a command to a new file, so option A is incorrect. The >> character combination appends the output of a command to an existing file, so option B is incorrect. The | character redirects the output of a command to another command, so option D is incorrect. The $() command redirects the output of a command to a variable in the shell script, so option E is incorrect.

Chapter 26: Automating Jobs

  1. B. The ampersand character (&) tells the shell to start the command in background mode from the console session, so option B is correct. The greater-than sign (>) redirects the output from the command to a file, so option A is incorrect. The pipe symbol (|) redirects the output from the command to another command, so option C is incorrect. The double greater-than sign (>>) appends the output from the command to a file, so option D is incorrect. The nohup command disconnects the session from the console session, so option E is incorrect.
  2. E. The nohup command disconnects the shell script from the current console session, so option E is correct. The greater-than sign (>) redirects the output from the command to a file, so option A is incorrect. The ampersand sign (&) runs the shell script in background mode, so option B is incorrect. The pipe symbol (|) redirects the output from the command to another command, so option C is incorrect. The double greater-than symbol (>>) appends the output from the command to a file, so option D is incorrect.
  3. C. The Ctrl+C key combination stops the job currently running in foreground mode on the console session, so option C is correct. Starting a command with the nohup command disconnects the job from the console session, so you can't stop it from the console with a key command, making option A incorrect. Starting a job with the ampersand (&) command places the job in background mode but doesn't allow you to stop the job from running, so option B is incorrect. The pipe symbol redirects the output from a shell script to another command, so option D is incorrect. The kill command will stop a running shell script, but if the shell script is running in your console session, you won't be able to submit the kill command from the command prompt, so option E is incorrect.
  4. A. The Ctrl+Z key combination pauses the job currently running in foreground mode on the console session, so option A is correct. The Ctrl+C key combination stops the job currently running in the foreground in the console session, rather than pauses it, so option B is incorrect. The nohup command disconnects a job from the console session but doesn't pause the job, so option C is incorrect. The ampersand sign (&) runs a job in background mode in the console session, so option D is incorrect. The fg command resumes a stopped job in foreground mode, so option E is incorrect.
  5. C. When you list the current jobs using the jobs command, there will be a plus sign next to the default job number, so option C is correct. The minus sign next to a job number indicates the job next in line to become the default job, so option D is incorrect. Neither the PID nor the job number indicates the default job, so options A and B are both incorrect. The ps command lists the running jobs but doesn't indicate the default job in a console session, so option E is incorrect.
  6. B. The fg command allows you to change a currently running or stopped job to run in foreground mode on the current console session, so option B is correct. The bg command changes a currently running or stopped job to run in background mode, so option A is incorrect. The nohup command disconnects a job from the console session, so option C is incorrect. The ampersand sign (&) places a job in background mode, not foreground mode, so option D is incorrect. The at command runs a job in background mode at a specific time, so option E is incorrect.
  7. C. The at command allows you to schedule a job to run at a specific time, so option C is correct. The nohup command disconnects a job from the console session, so option A is incorrect. The ampersand sign (&) runs a job in background mode, so option B is incorrect. The pipe symbol (|) and the greater-than symbol redirect the job output to either a command or a file, so options D and E are both incorrect.
  8. D. The cron program checks the cron tables for each user account and runs any scheduled jobs automatically, so option D is correct. The at command only runs a specified command once at a scheduled time, so option A is incorrect. The nohup and ampersand (&) commands do not schedule jobs to run, so both options B and C are incorrect. The atq command displays the jobs already scheduled to run from the at command, so option E is incorrect.
  9. E. The times specified in the cron table are listed in the order of minute, hour, day of month, month, and day of week. The hour is in 24-hour format, so the specified entry would run the job at 5:10 a.m. every day, making option E correct. Options A, B, C, and D are all incorrect times based on the specified entry.
  10. C. The crontab command allows you to list or edit the cron table for your own user account, so option C is correct. The cron command is what reads the cron tables for each user account and runs the specified jobs; it doesn't list the jobs, so option A is incorrect. The at command allows you to schedule a job to run at a specific time, so option B is incorrect. The jobs command allows you to view the currently running or stopped jobs in your console session, so option D is incorrect. The nohup command disconnects the job from the console session, so option E is incorrect.

Chapter 27: Controlling Versions with Git

  1. A, C, D, E. Options A, C, D, and E all contain true statements concerning version control and are therefore correct answers. Version control does not require filenames to contain version numbers, and thus, option B is an incorrect choice.
  2. B, C, D, E. Conceptually Git is broken up into distinct areas, which are the working directory, the staging area (also called the index), the local repository, and the remote repository. Therefore, options B, C, D, and E are correct answers. A blob is another name for an object stored by Git in the .git/objects/ directory. Thus, option A is an incorrect choice.
  3. A, B, C, E. The steps listed in options A, B, C, and E are all involved in setting up a Git environment for the first time. Adding files to the staging area is done after the environment is set up and files have been created in the working directory. Therefore, option D is the only incorrect choice.
  4. D. Because Natasha is setting up her Git environment, she should next create and initialize the .git/ directory in her working directory, via the git init command. Therefore, option D is the correct answer. The mkdir command is employed to create the working directory, which is already done, so option A is a wrong answer. The git config --list command shows configuration data, which should be done after the .git/ directory is initialized, so option B is a wrong choice. While Natasha could set up her GitHub repository now, it is not the best next step, so option C is a wrong answer. Starting to create program files is an incorrect choice since Natasha is still setting up her Git environment. Therefore, option E is incorrect.
  5. B. Since Bruce employed the --global option when setting his Git configuration options, the information is stored in the global ~/.gitconfig file. Therefore, option B is the correct answer. This Git configuration information is not stored on GitHub, and GitHub may not even be employed as the remote repository in this case, so option A is a wrong answer. The working directory's .git/config file is the local file, not the global one, so option C is a wrong choice. The .git/index file and .git/objects directory do not store this type of data, so options D and E are incorrect choices.
  6. A. The next step Bruce should take is to add his new script to the staging area (index) via the git add GreenMass.sh command. Therefore, option A is the correct answer. The git init command is used to initialize the .git/ directory in the working directory and is part of setting up the Git environment, so option B is a wrong answer. The script cannot yet be committed to the local repository because it has not been added to the staging area. Thus, option C is an incorrect choice. The git log command shows the commit history and is not appropriate at this point, so option D is a wrong answer. The script cannot be committed to the remote repository until it is committed to the local repository. Therefore, option E is an incorrect choice.
  7. D. Natasha is being efficient by employing the git add . command, which will add all the files within the working directory to the staging area (index). To stay efficient, she should create a .gitignore file in the working directory and add the names of the three files that she wishes to keep out of the index to that file. This will prevent them from being added. Therefore, option D is the correct answer. While Natasha could move the three files out of her working directory, that is a sloppy and inefficient choice, so option A is a wrong answer. She also could add the 22 files individually to the index, but that too is very inefficient, as is creating a new working directory for the three files. Thus, options B and C are incorrect answers. Temporarily deleting the three files would force Natasha to re-create them after the other files are added to the index. This too is sloppy, and therefore option E is an incorrect choice.
  8. C. Natasha is ready to push her project to the remote repository, so option C is the correct answer. While she may go home and relax later, if the project is released to the public, she must upload it to the remote repository first. Therefore, option A is a wrong answer. Cloning a remote repository is done when someone wants all the project files as well as the VCS history. In this scenario, Natasha already has that data, so option B is a wrong choice. Since the project is complete, there is no need to pull down any files from the remote repository. Therefore, option D is also an incorrect answer. The remote add origin URL command is used to configure the remote repository's address (URL), which Natasha has already accomplished. Thus, option E is an incorrect choice.
  9. E. The git checkout testing command will allow you to switch to a new Git branch called testing. Thus, option E is the correct answer. The git branch testing command creates a new branch called testing instead of switching to it. Thus, option A is a wrong answer. The command in option B allows you to view the names of any files managed by the testing branch, so it is an incorrect answer. The git branch command shows you the current branches within this project and designates which one is current via an asterisk, but it does not allow you to switch branches. Thus, option C is an incorrect answer. The command in option D will perform a commit to the local repository and add a comment of testing to the log file. Therefore, option D is also an incorrect choice.
  10. B. The git merge report command will merge the report branch into the master branch as desired, so option B is the correct answer. The git merge master command will attempt to merge the master branch into another branch, but since Tony is already in the master branch, this will not work (and is not desired), so option A is a wrong answer. The rebase arguments will attempt to perform a rebase instead of a merge. Thus, options C and D are incorrect answers. The git checkout master command was already used by Tony to reach the master branch, and thus option E is an incorrect choice.

Chapter 28: Understanding Cloud and Virtualization Concepts

  1. B. Public cloud services utilize servers hosted by a third-party company, so option B is correct. Private cloud services use servers hosted internally by the company, not by a third party, so option A is incorrect. Hybrid cloud services utilize servers hosted both internally and externally, not just by a third party, so option C is incorrect. Type I and Type II are types of hypervisors and not cloud services, so options D and E are incorrect.
  2. C. A hybrid cloud service utilizes servers internal to the company as well as external at a third-party location. This provides an easy way to increase server capabilities without having to purchase your own hardware, so option C is correct. The entire private cloud is hosted internally, so Tom would need to purchase additional servers to support the application, so option A is incorrect. A public cloud is hosted in its entirety externally on a third-party network, so Tom wouldn't be able to use his current cloud servers, so option B is incorrect. Type I and Type II are types of hypervisors and not cloud services, so options D and E are incorrect.
  3. A. The platform-as-a-service (PaaS) cloud type provides a complete development environment for customers, so option A is correct. The private and hybrid clouds are methods of implementing a cloud and not types of clouds, so options B and E are incorrect. The infrastructure-as-a-service (IaaS) cloud type provides only hardware to build an operating system, so Sally would need more to develop her applications, making option C incorrect. The software-as-a-service (SaaS) cloud type provides the full application—it doesn't allow you to develop your own applications—so option D is incorrect.
  4. C. The infrastructure-as-a-service (IaaS) cloud type allows you to install your own operating systems on the cloud hardware, so option C is correct. The private and hybrid clouds are methods of implementing clouds and not cloud types, so options B and E are incorrect. The platform-as-a-service (PaaS) and software-as-a-service (SaaS) cloud types provide the operating system, so you can't install your own, making options A and D incorrect.
  5. D. Type I hypervisors interface directly with the system hardware and act as a go-between, controlling resources for the guest virtual machines, making option D correct. Type II hypervisors run on top of a host operating system and don't directly interface with the system hardware, so option C is incorrect. Private, public, and hybrid are methods for implementing cloud services and not hypervisors, so options A, B, and E are all incorrect.
  6. C. Type II hypervisors install on a host operating system and receive resources from the host operating system, so option C is correct. Type I hypervisors install directly on the server hardware without a host operating system, so option D is incorrect. Private, public, and hybrid are methods of implementing cloud services and not types of hypervisors, so options A, B, and E are all incorrect.
  7. C. The Open Virtualization Appliance (OVA) file format bundles all of the virtual machine configuration files into a single tar file for distribution, so option C is correct. The Open Virtualization Format (OVF) format defines several separate files for storing configuration values, not a single file, so option D is incorrect. XML, JSON, and YAML are all configuration file formats and not methods to bundle the configuration files, so options A, B, and E are all incorrect.
  8. A. Containers bundle the application runtime files along with any library files required to run the application. This ensures that the application will run in any environment, so option A is correct. A hypervisor manages virtual machines on a system and doesn't deploy applications, so option B is incorrect. Deploying the application to a private cloud would make the application available to Fred's internal network, but customers outside of his network wouldn't be able to run the application, so option C is incorrect. Deploying the application as a virtual machine would make the application run consistently but would also require each customer to install the same hypervisor package on their operating system, so option D is incorrect. Bundling the application files as a tar file doesn't ensure that the required system library will be present on all of the customer workstations, so option E is incorrect.
  9. E. Containers include all of the files necessary to run an application, no matter what the host system, so option E is the correct answer. Public and private clouds don't guarantee the same development and production environments directly, so options A and B are both incorrect. Type I and Type II hypervisors don't host applications directly but need a virtual machine, so options C and D are both incorrect.
  10. B. The Docker container package runs as a process on the host operating system and provides a command-line interface for controlling containers, so option B is correct. The Snap package provides software application containers but doesn't provide a command-line interface to control them, so option A is incorrect. The KVM, XEN, and VirtualBox packages are all hypervisor packages, not containers, so options C, D, and E are all incorrect.

Chapter 29: Inspecting Cloud and Virtualization Services

  1. A, C, E. Options A, C, and E all contain true statements concerning the libvert library software collection and are therefore correct answers. This software collection does not provide a complete hypervisor application (though many hypervisors incorporate it), so option B is a wrong answer. Also the libvert library does not provide an anaconda file. Thus, option D is also an incorrect choice.
  2. A, D. The virsh and virt-install utilities are ones that Carol can incorporate into her Bash shell script for managing her virtual machines. Therefore, options A and D are correct answers. virtinst is the name of a package file, which provides utilities such as virsh, and thus, option B is a wrong answer. Option C, virt-manage, is a made-up utility, making option C an incorrect answer. setvcpus is an argument you can use with the virsh utility, as opposed to a utility itself, so option E is an incorrect choice.
  3. A, B, E. The question does not indicate whether this system will be a virtual one or not. Typically for a physical installation, using the kickstart method, the installation tree is stored in a network location or removable media, such as a USB flash drive. Therefore, options A and B are correct answers. For a virtual machine installation, often the installation tree (or ISO) is stored alongside the kickstart file. Thus, option E is also a correct choice. AutoYaST and preseed are alternatives to kickstart for the openSUSE and Ubuntu distributions, so options C and D are incorrect choices.
  4. B, C, D, E. Options B, C, D, and E are true statements about the cloud-init application and thus are correct answers. The only untrue is statement is in option A—the cloud-init product was created and is maintained by Canonical.
  5. D. Ms. Danvers' best choice is to configure the three virtual machines to use thin provisioned storage. This method will allow the VMs to immediately consume 600 GB of the 1 TB of host disk space and grow over time as needed (which is called overprovisioning). As the VMs' data grows, she can purchase additional disk space for her host machine and add it to the logical volume. Thus, option D is the correct answer. There is not enough information provided to determine whether or not the virtual machines' disks should be configured as permanent or temporary, so options A and B are wrong answers. Thick provisioning would cause the three virtual machines to allocate 1.2 TB of disk space, which is not available, and thus, option C is an incorrect answer. Blob storage is used on Microsoft Azure virtual machines, and the question does not indicate that this is the cloud provider environment Ms. Danvers is using. Thus, option E is an incorrect choice.
  6. A. Because Mr. Fury's programming students will be creating a single program that they are working on for the entire semester, the virtual machine storage needs to be configured as persistent. This will allow the students to access and modify their program on the virtual machine without having to re-create it each time their VM boots. Thus, option A is the correct choice. If Mr. Fury uses temporary storage, the students would have to re-create their program each time the VM boots, so option B is a wrong answer. Thickly or thinly provisioned storage needs are not discussed in this question, so options C and D are also incorrect answers. Blob storage is used on Microsoft Azure virtual machines, and the question does not indicate that this is the cloud provider environment Mr. Fury is using. Therefore, option E is an incorrect choice.
  7. B, C, D. Overlay networking is a network virtualization method that employs encapsulation as well as channel bandwidth tunneling. Therefore, options B, C, and D are correct answers. It is not a storage virtualization method, so option A is a wrong answer. Also, it does not employ page blobs (which are a Microsoft Azure platform storage option), so option E is also an incorrect choice.
  8. B. In order for Carol's virtual machines to all act as nodes on her host machine's LAN and get their own IP address that they will use to send/receive network traffic, she needs to configure them as bridged adapters. Thus, option B is the correct answer. A host-only configured NIC will not be able to communicate on the external network, so option A is a wrong answer. A NAT adapter will not allow the VMs to each operate as a node on the host machine's network, so option C is a wrong choice. Multihomed and dual-homed are descriptions of the number of NICS employed by a VM, so options D and E are incorrect choices.
  9. C. A virtual machine with a NAT configured adapter will have its IP address kept private and use the host machine's IP address to communicate on the host machine's network. Thus, option C is the correct answer. A host-only configured NIC will not be able to communicate on the external network, so option A is a wrong answer. A bridged adapter will not keep its assigned IP address private, so option B is also an incorrect answer. Multihomed and dual-homed are descriptions of the number of NICs employed by a VM, so options D and E are incorrect choices.
  10. A, B, E. For Nick's firewall VM to act as a firewall to the other four virtual machines, it would need a host-only adapter to communicate with the other machines on the local internal network. The firewall VM would also need a bridged NIC to act as a node on the host machine’s network. Because this firewall VM has two virtual NICs, it is considered to be dual-homed. Thus, options A, B, and E are correct choices. The NAT configuration type is not needed or employed in this scenario, so option C is a wrong answer. Also, since there are no more than two virtual adapters needed, it is not a multihomed (more than two) configuration, and option D is an incorrect choice.

Chapter 30: Orchestrating the Environment

  1. A, B, C, D, E. All these choices contain items that can use orchestration and are correct choices. Since orchestration refers to the organization of a process that is balanced and coordinated and achieves consistency in the results, there are not many things that cannot use orchestration. An exception would be a situation where you are trying to simulate random chaos.
  2. B. To meet Connie's requirement, the development environment must be immutable (not modifiable). Therefore, option B is the correct answer. Self-replication will not assist in reaching Connie's requirement for an unchanging environment, so option A is a wrong answer. Kubernetes is an orchestration engine, not an attribute, so option C is also an incorrect choice. Infrastructure as code does not provide an unchanging environment, so option D is a wrong answer. In orchestration, self-healing refers to a different issue than an unchanging environment, so option E is also an incorrect choice.
  3. D. With container orchestration and DevOps, to keep the production and development environment matching so that problems do not occur when an app is moved into production, you simply replace the old production environment with the development environment. In the case of containers, this means you stop the old production container and start the new development container as the production container in its place. Thus, option D is the correct answer and follows the “replace, not update” attribute. While the answer in option A would work, it is terribly tedious, time-consuming, and full of potential problems. Therefore, it is a wrong answer. The answer in option B is the old-school method of moving an app into production, and it does not meet Connie's desire for a static and matching environment. Thus, it is also an incorrect answer. If before the app is ready for production, you stop any software updates on the development container from occurring, that does not make the development environment match the production environment alone. Thus, option C is a wrong choice. Option E also would work but is even more tedious and full of potential problems than the answer in option A. Therefore, it too is an incorrect choice.
  4. C. Replication allows an orchestrated container to be built and deployed in multiple copies automatically. This provides high availability when a container crashes as well as when a new app container is being deployed. Therefore, option C is the correct answer. Immutability prevents environment issues from causing application problems, but it is not the best proponent of high availability, and thus, option A is a wrong answer. Version control allows you to roll back and troubleshoot problems in a production environment, which does help provide higher availability, but again it's not the best attribute toward doing so. Therefore, option B is also an incorrect answer. Option D provides speed in the orchestrated environment, which also helps provide high availability to an app user, but it too is not the best advocate. Thus, option D is also a wrong answer. While documentation helps in the troubleshooting process and slightly contributes to higher availability, it is not the best either. Therefore, option E is also an incorrect choice.
  5. E. Infrastructure as code is an umbrella term that encompasses both the configuration management settings (operating system, libraries, additional software) and the policy as code items (security policies, authentication settings). Thus, option E is the correct choice. Marathon is the orchestration tool used with the Mesos application. Therefore, option A is a wrong answer. Build automation uses infrastructure as code. Thus, option B is an incorrect answer. A development environment can be built using infrastructure as a code. Therefore, option C is also a wrong answer. A container also can be built using infrastructure as a code but is not the code itself, so option D is an incorrect choice too.
  6. B. Ms. Ward is using build automation. Thus, option B is the correct answer. Monitoring comes after containers are deployed, so option A is a wrong answer. Replication is part of the process Ms. Ward used, but it does not describe the container deployment, so option C is not the best answer and is an incorrect choice. Version control was hopefully used by Ms. Ward so she can roll back or troubleshoot her application, if needed, but option D is not a correct answer. Docker Swarm is an orchestration system, and thus, option E is also an incorrect answer.
  7. A, B, C, E. In container orchestration, automated configuration management allows containers to be deployed and replicated automatically (build automation). Also, troubleshooting infrastructure issues is easier because the modifications are tracked in a version control system. Thus, options A, B, C, and E are all correct answers. While automated configuration management and orchestrated containers may be part of continuous software delivery, they are not directly related. Therefore, option D is the only incorrect choice.
  8. A. Mr. Abbot needs an orchestration tool that can perform self-healing. Therefore, option A is the correct answer. Build automation may be involved in self-healing, but it does not describe the ability to deploy and replicate containers after they have crashed. Thus, option B is a wrong answer. Continuous integration is a DevOps software revision control method that encourages quickly integrating app changes into the main branch. Therefore, option C is an incorrect answer. Infrastructure as code may be employed by build automation but does not describe the ability to self-heal. Thus, option D is wrong choice. Pods are a component of the Kubernetes orchestration engine. Thus, option E is also an incorrect answer.
  9. B, C, D, E. App container performance, metrics, container health, and default states are all collected, watched, or used by an orchestration monitoring tool. Therefore, options B, C, D, and E are all correct answers. Option A is the only incorrect choice because the version control system is not used or watched by an orchestration monitoring utility.
  10. B, C. Those who choose agentless orchestration monitoring tools typically do not want to install monitoring software (an agent) on their app containers. Also, they are concerned about this installed agent adversely affecting performance. Therefore, options B and C are the correct answers. Since the answers in options A and D are opposite of options B and C, they are wrong answers. Also, the industry is divided on which is the best to use (agent or agentless) for orchestration monitoring, so option E is also an incorrect choice.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.117.145.173