Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsLFCSDomainsUser and Group Management
LFCSFree — No Signup

User and Group Management

Practice LFCS User and Group Management questions with full explanations on every answer.

88questions

Start practicing

User and Group Management — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

LFCS Domains

User and Group ManagementOperation of Running SystemsEssential CommandsNetworkingService ConfigurationStorage Management

Practice User and Group Management questions

10Q20Q30Q50Q

All LFCS User and Group Management questions (88)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

A developer was removed from the 'developers' group but still needs to run commands that require membership in that group. The user has logged out and back in, but the issue persists. What is the most likely cause?

2

A system administrator needs to create a user 'john' with a home directory in /data/users and an expiry date of 2025-12-31. Which command accomplishes this?

3

An administrator needs to set up a shared directory /project for the group 'projectteam' (GID 5000). All members of the group should be able to create and delete files, but only the file owner can modify their own files. The directory should also ensure that new files inherit the group ownership. Which set of commands achieves this?

4

A user 'alice' is unable to log in via SSH. The administrator checks /etc/shadow and sees 'alice:!:19234:0:99999:7:::'. What does the '!' in the password field indicate?

5

An administrator wants to enforce that users in the 'contractors' group must change their password every 30 days, with a warning 7 days before expiry. Which command should be used?

6

Which TWO commands can be used to list all users currently logged into the system?

7

Which THREE files are directly related to user and group management in a Linux system? (Select three.)

8

You are the Linux administrator for a medium-sized company that uses a centralized authentication system (LDAP) for user accounts, but local files (/etc/passwd, /etc/shadow, /etc/group) are also used for a few service accounts. The server is running RHEL 8. A new employee, 'jane', needs to be added to the local system for a temporary project. You create the user with 'useradd jane' and set a password with 'passwd jane'. However, when jane tries to log in via SSH using her password, she receives 'Permission denied, please try again.' The SSH server is configured to allow password authentication. Other users (both LDAP and local) can log in successfully. You verify that the password was set correctly and that the account is not locked. What is the most likely cause and solution?

9

A system administrator needs to ensure that all users in the 'developers' group have read and write access to a shared project directory /project/data, but new files created in that directory should belong to the 'developers' group automatically. Which command sequence achieves this goal?

10

A user 'alice' cannot log in via SSH. The administrator checks /etc/passwd and sees: alice:x:1002:1002::/home/alice:/sbin/nologin. Which command should be used to allow alice to log in with a bash shell?

11

An administrator wants to add user 'bob' to the supplementary group 'docker' without removing bob from any existing groups. Which command accomplishes this?

12

A security policy requires that user 'svc_backup' have a password that never expires. Additionally, the account should be locked after 90 days of inactivity. Which set of commands achieves this?

13

Which TWO commands can be used to display the groups to which the current user belongs? (Select exactly two.)

14

You are managing a multi-user Linux server used by a development team. The server has a shared directory /data/projects where each project has a subdirectory owned by a project lead. The requirement is that all members of the 'devteam' group need to be able to create files in any project subdirectory, but only the project lead (owner) should be able to delete files. Currently, members of devteam are unable to create files in /data/projects. You check permissions: /data/projects has drwxrwxr-x root:devteam. Each project subdirectory, e.g., /data/projects/proj1, has drwx------ lead1:devteam. The lead1 user is in devteam. What is the most likely reason that devteam members cannot create files in proj1, and what is the correct solution?

15

An administrator needs to grant a user named 'john' the ability to switch to any other user without a password. Which TWO of the following steps are required to achieve this?

16

A user named 'charlie' has just been added to the 'devops' group. However, when 'charlie' runs 'sudo -l', no sudo entries are shown. What is the most likely cause?

17

Scenario: You are managing a Linux server that hosts a web application. The application runs under the user 'webapp' and the group 'webgroup'. Recently, a new intern 'john' (username 'john') needs to be able to view and modify files in /var/www/html, which is owned by root:webgroup with permissions 775. John is currently a member of the group 'staff', but not 'webgroup'. The security policy requires that John must be able to edit files without using sudo, and his primary group must remain 'staff'. Which of the following actions should you take to meet the requirements?

18

Arrange the steps to configure a new user account with sudo privileges on a Linux system.

19

Order the steps to create a systemd service unit that runs a script at boot.

20

Order the steps to set up passwordless SSH key-based authentication.

21

Match each Linux boot component to its description.

22

Match each Linux filesystem hierarchy standard (FHS) directory to its purpose.

23

Match each logical volume management (LVM) term to its definition.

24

A system administrator needs to create a user account for a temporary contractor. The account should have a home directory under /home/contractors, the login shell should be /bin/bash, and the user should be a member of the 'contractors' group. Which command accomplishes this?

25

A security policy requires that a user's password must expire 90 days after last change, and the user must change it immediately on next login. The last password change was 30 days ago. Which set of commands achieves this?

26

An administrator needs to create a system user that runs a service (no login, no home directory). Which command is appropriate?

27

Existing user 'jdoe' is a member of groups 'users' (primary) and 'staff'. The administrator needs to add 'jdoe' to group 'projectx' while preserving existing supplementary group memberships. Which command achieves this?

28

An administrator needs to delete user 'obsolete' and remove its home directory and mail spool. Which command should be used?

29

A company follows the principle of least privilege. Several developers need sudo access to run specific commands like systemctl and journalctl. What is the best practice for granting this access?

30

A user reports that they cannot log in via SSH. The system administrator checks that the account is not locked, the password is correct, and the shell is valid. However, the user's home directory is owned by root instead of the user. What is the most likely cause of the login failure?

31

A team of developers must share files under /opt/project. All developers are members of the 'devteam' group. New files must be automatically assigned to group 'devteam' and be writable by the group. Which umask and setgid configuration should be applied?

32

An administrator wants to temporarily disable a user account without deleting it. The account should be locked, expire immediately, and the user should not be able to log in. Which single command accomplishes this with minimum side effects?

33

Which TWO commands can change a user's primary group?

34

Which TWO options in /etc/shadow are correctly described?

35

Which THREE fields are part of a standard /etc/group entry?

36

Refer to the exhibit. User 'alice' cannot log in. What is the most likely problem?

37

Refer to the exhibit. User 'alice' is a member of groups 'users' and 'projectx'? She needs to be a member of 'staff' as well. Which of the following statements is true?

38

Refer to the exhibit. Assuming today is Feb 20, 2025, what happens when 'bob' attempts to log in today?

39

An administrator created a new user 'john' with the default settings, but 'john' cannot log in. The error message indicates an invalid shell. Which command should the administrator use to fix this issue?

40

A system administrator needs to create a new group named 'developers' with GID 1500 and add the user 'alice' to this group. Which set of commands accomplishes this?

41

A security policy requires that a user account 'temp_audit' be locked immediately without changing the password. Which command locks the account and prevents login?

42

An administrator wants to force a user to change their password at next login. Which command should be used?

43

A large company needs to create 100 user accounts from a list of names in a CSV file. Which tool is most efficient for batch user creation?

44

A user reports that they cannot execute a file even though they are in the file's group. The file has permissions 644 and group ownership 'staff'. The user is a member of 'staff'. What is the likely issue?

45

An administrator needs to grant a user 'bob' the ability to run all commands as root without a password prompt. Which configuration in /etc/sudoers accomplishes this?

46

A temporary contractor 'contractor1' has left the company. The administrator needs to remove the user account and all associated files in the home directory. Which command accomplishes this?

47

An administrator needs to view a list of users who have logged in recently. Which command provides this information?

48

Which two commands can be used to set password expiration policies for a user?

49

Which three files contain user account information?

50

Which two commands can add an existing user to a supplementary group?

51

Refer to the exhibit. What is the most likely security issue with this configuration?

52

Refer to the exhibit. The 'developers' group has members alice, bob, and charlie. User 'charlie' is not in the 'developers' group. Which statement is true?

53

Refer to the exhibit. The administrator attempted to create a user 'newuser' but received an error. Which command should be used to check if the user already exists?

54

A junior administrator issued the command 'usermod -L alice' to lock the account of user alice. However, alice is still able to log in via SSH using a public key. What is the most likely reason?

55

A system administrator needs to create a shared group 'projectx' and add existing users 'bob' and 'carol' to it. The users need to collaborate on files in a directory /projectx. What is the correct sequence of commands to set up the group and ensure new files created in /projectx are automatically owned by the group 'projectx'?

56

A security policy requires that all users in the 'admin' group must have a umask of 027 set automatically upon login. An administrator adds 'umask 027' to /etc/profile. However, users report that the umask is still 022. What is a likely cause?

57

An administrator wants to change the primary group of user 'jane' from 'staff' to 'developers'. Which command accomplishes this?

58

A user's account needs to be set to expire on a specific date. Which command should the administrator use?

59

An administrator runs 'pwck' and receives an error indicating a user in /etc/passwd has no matching group in /etc/group. What is the most likely cause and the appropriate corrective action?

60

Which command will display all groups a specific user belongs to, including both primary and supplementary groups?

61

An administrator needs to create a user 'john' with a home directory in /data/home/john, a UID of 1500, and membership in the group 'developers' as a secondary group. The group 'developers' already exists. Which single command accomplishes this?

62

A user 'alice' has a umask of 027 in her .bashrc, but the system administrator wants to enforce a umask of 007 for all users in the 'staff' group. Where should the administrator place the umask command to ensure it cannot be overridden by users?

63

Which TWO commands can be used to display the group membership of a user? (Choose two.)

64

Which THREE of the following are valid methods to temporarily switch to a different user account without logging out entirely? (Choose three.)

65

Which TWO commands are used to modify user account attributes such as password age, expiration, or lock status? (Choose two.)

66

Refer to the exhibit. An administrator adds user 'frank' to the group 'projectx' by editing /etc/group directly and changing the line to 'projectx:x:500:carol,dave,frank'. After saving, the administrator runs 'groups frank' and sees only 'frank' in the output. Why does frank not appear in the group 'projectx'?

67

Refer to the exhibit. The shadow entry for user 'carol' shows 18000 in the third field. What does the value 18000 represent?

68

Refer to the exhibit. What is the primary group ID of user 'charlie'?

69

A system administrator needs to add a new user 'alice' with UID 1050 and a home directory at /home/alice. Which command should be used?

70

After attempting to log in as user 'alice', the system rejects the password. The admin checks /etc/passwd and sees 'alice:x:1001:1001::/home/alice:/bin/bash'. The /etc/shadow shows 'alice:!!:18200:0:99999:7:::', indicating the account is locked. Which command will unlock the account?

71

Which command adds an existing user to a supplementary group without removing the user from other groups?

72

A user must change their password at next login per security policy. The admin wants to expire the password immediately. Which command accomplishes this?

73

After deleting user 'alice', the system administrator wants to also remove the home directory and mail spool. Which command should be used?

74

Which file stores the encrypted password (or password hash) for user accounts?

75

An admin needs to change the primary group of user 'alice' from 'grp1' to 'grp2', but alice should still be a member of 'grp1' as a supplementary group. Which command accomplishes this?

76

After running 'chage -l bob', the output shows: 'Last password change: Apr 01, 2023', 'Password expires: May 31, 2023', 'Account expires: Jul 15, 2023'. What will happen on May 31, 2023?

77

Which TWO commands will correctly add the user 'john' to the 'docker' group without removing him from any existing supplementary groups?

78

Which THREE of the following actions require root privileges?

79

Which THREE of the following statements about the user private group (UPG) scheme are true?

80

You are a systems administrator at a company that uses a centralized LDAP server for authentication, but also maintains local users for emergency access. Recently, the compliance team mandated that all service accounts must have passwords that expire every 90 days. You have a local service account 'svc_backup' with UID 2000 and GID 2000. The account is used by a backup script that runs nightly. You have updated the password aging policy but the account still shows 'Password expires : never' when you run 'chage -l svc_backup'. You suspect that the account was created without an expiry date. Which command would you use to force the password to expire 90 days from now and also ensure that the account's password is changed at the next login?

81

You are managing a Linux server that hosts web applications. Developers often need to access the server via SSH using their personal accounts. You have been asked to create a new user 'devops' who will have sudo privileges to restart services. The user 'devops' should be a member of the 'sudo' group and also have a secondary group 'devs' for file access. The user's home directory should be /home/devops. You need to create this user with a password that is set to expire immediately so that the user must choose a new password upon first login. Which command would you use to accomplish this?

82

You are a system administrator for a financial firm. One of your users, 'alice', has forgotten her password and is locked out of the system. The security policy requires that all passwords must be changed every 30 days. Alice's account was disabled due to inactivity; the account has been inactive for 45 days. You need to unlock the account and ensure that Alice must change her password at the next login. You have root access. Which set of commands should you run?

83

Your company has a server that hosts a critical application. The application runs under a service account 'appuser'. Due to a security audit, it was discovered that 'appuser' has a password that never expires, which is against company policy. The policy requires that all user passwords expire after 60 days. Additionally, the application developers have requested that 'appuser' should not be allowed to change its own password via the 'passwd' command to prevent accidental lockouts. You need to enforce password expiry for 'appuser' but also ensure that only root can change its password. Which of the following approaches is the best course of action?

84

You are managing a Linux server that hosts a shared project directory /projects/alpha, owned by the group 'alpha' (GID 2001). The directory has permissions 2770 (setgid, rwx for owner and group, no access for others). User 'jane' (UID 1501) has a primary group 'staff' (GID 1001) and is not in the 'alpha' group. She reports being unable to list or modify files in /projects/alpha. You need to give her access as a member of the 'alpha' group without changing her primary group. Which command sequence should you use?

85

You are a system administrator for a company with a strict security policy: user accounts must be disabled after 90 days of inactivity. The tool used is the chage command with the -I (inactive) option. User 'bob' has been on leave and cannot log in. You run 'chage -l bob' and see: Last password change: Jan 10, 2024; Password expires: Apr 09, 2024; Account expires: never; Minimum number of days between password change: 0; Maximum number of days between password change: 90; Number of days of warning before password expires: 7; Number of days of inactivity after password expires: 90. Bob tells you he tried to log in today (date is July 15, 2024) and received 'Your account has expired; contact your system administrator'. You need to restore Bob's account access immediately while still enforcing the inactivity lock for future periods. What should you do?

86

A sysadmin set up a shared directory /data/project with group ownership project and permissions 2775 (rwxrwsr-x). Users in the project group can create files, but when they try to edit files created by other group members, they get permission denied. Which is the most likely cause?

87

A Linux administrator wants to restrict user 'alice' to only be able to use the system for non-interactive tasks (e.g., running cron jobs and receiving mail) but not allow her to log in via SSH or console. Which TWO actions would achieve this goal? (Choose two.)

88

Refer to the exhibit. User alice attempts to create a file in /data/project but receives 'Permission denied'. User bob can create files successfully. What is the most likely reason?

Practice all 88 User and Group Management questions

Other LFCS exam domains

Operation of Running SystemsEssential CommandsNetworkingService ConfigurationStorage Management

Frequently asked questions

What does the User and Group Management domain cover on the LFCS exam?

The User and Group Management domain covers the key concepts tested in this area of the LFCS exam blueprint published by Linux Foundation. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all LFCS domains — no account required.

How many User and Group Management questions are in the LFCS question bank?

The Courseiva LFCS question bank contains 88 questions in the User and Group Management domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice User and Group Management for LFCS?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only User and Group Management questions for LFCS?

Yes — the session launcher on this page draws questions exclusively from the User and Group Management domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your LFCS domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide