Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsLFCSExam Questions

Linux Foundation · Free Practice Questions · Last reviewed May 2026

LFCS Exam Questions and Answers

36real exam-style questions organised by domain, each with the correct answer highlighted and a plain-English explanation of why it's right — and why the others are wrong.

120 min time limit
6 exam domains
OverviewDomain BlueprintStudy GuideAll QuestionsSample by Domain
1. User and Group Management2. Operation of Running Systems3. Essential Commands4. Networking5. Service Configuration6. Storage Management
1

Domain 1: User and Group Management

All User and Group Management questions
Q1
mediumFull explanation →

A developer was removed from the 'developers' group but still needs to run commands that require membership in that group. The user has logged out and back in, but the issue persists. What is the most likely cause?

A

The user did not explicitly start a new login shell after group removal.

Group membership changes require a new login session; logging out and back in should suffice, but if the user only logged out of the desktop and the session manager cached credentials, it might not refresh. The most likely cause is that the user's current shell environment still has cached group membership from the previous session.

B

The user's primary group is different from the 'developers' group.

C

The user is using 'newgrp developers' but is no longer a member.

D

The 'id' command shows the old group because the user's shell is still running.

Why: When a user is removed from a supplementary group, the group membership is cached in the user's current login session. Even after logging out and back in, if the user does not explicitly start a new login shell (e.g., by using `su -` or `login`), the old group membership persists because the session's group list is inherited from the parent process. The `newgrp` command or a fresh login shell is required to re-read the group database and update the group list.
Q2
easyFull explanation →

A system administrator needs to create a user 'john' with a home directory in /data/users and an expiry date of 2025-12-31. Which command accomplishes this?

A

useradd -d /data/users -c 2025-12-31 john

B

adduser --home /data/users --expiredate 2025-12-31 john

C

useradd -d /data/users -e 2025-12-31 john

Correctly sets home directory and expiry.

D

useradd -m -e 2025-12-31 john

Why: Option C is correct because the `useradd` command with `-d /data/users` sets the home directory to the specified path, and `-e 2025-12-31` sets the account expiry date in YYYY-MM-DD format. The `-e` flag directly corresponds to the `EXPIRE_DATE` field in `/etc/shadow`, which controls when the account becomes locked.
Q3
hardFull explanation →

An administrator needs to set up a shared directory /project for the group 'projectteam' (GID 5000). All members of the group should be able to create and delete files, but only the file owner can modify their own files. The directory should also ensure that new files inherit the group ownership. Which set of commands achieves this?

A

chown root:projectteam /project; chmod 2775 /project; setfacl -m g:projectteam:rwx /project

B

chown root:projectteam /project; chmod 2770 /project; setfacl -d -m o::--- /project

SGID (2) inherits group; 770 gives group rwx; default ACL denies others.

C

chown root:projectteam /project; chmod 2775 /project

D

chown root:projectteam /project; chmod 1770 /project; setfacl -m m::rwx /project

Why: Option B is correct because it sets the SGID bit (2770) so new files inherit the group 'projectteam', grants rwx to the group, and uses a default ACL with `setfacl -d -m o::---` to remove 'other' permissions, ensuring only the file owner can modify their own files while group members can create/delete but not modify others' files.
Q4
easyFull explanation →

A user 'alice' is unable to log in via SSH. The administrator checks /etc/shadow and sees 'alice:!:19234:0:99999:7:::'. What does the '!' in the password field indicate?

A

The password must be changed at next login.

B

The account is disabled.

C

The account is locked.

'!' is a common indicator of a locked account in /etc/shadow.

D

The password is expired.

Why: The '!' in the password field of /etc/shadow indicates that the account is locked. This is a standard convention in Linux shadow password files: an exclamation mark placed before the hashed password (or replacing it entirely) disables password-based authentication, effectively locking the account. SSH login fails because the system refuses to authenticate any password attempt against a locked entry.
Q5
hardFull explanation →

An administrator wants to enforce that users in the 'contractors' group must change their password every 30 days, with a warning 7 days before expiry. Which command should be used?

A

groupmod -p 30 contractors

B

passwd -x 30 -w 7 contractors

C

usermod -e 30 contractors

D

chage -M 30 -W 7 contractors

chage modifies password aging for a user; but the question says 'users in the group', so you would need to apply to each user. However, among the options, this is the closest correct command for a user.

Why: The `chage` command is specifically designed to manage user password aging policies. The `-M 30` option sets the maximum number of days a password is valid (30 days), and `-W 7` sets the number of days before expiry to start warning the user (7 days). This directly fulfills the requirement for the 'contractors' group by applying the policy to each user in that group.
Q6
mediumFull explanation →

Which TWO commands can be used to list all users currently logged into the system?

A

w

Shows who is logged in and what they are doing.

B

last

C

users

D

id

E

who

Lists currently logged-in users.

Why: The `w` command displays a list of currently logged-in users along with detailed information such as login time, idle time, JCPU, PCPU, and the current process. It reads from /var/run/utmp to show active sessions, making it a correct choice for listing current users.

Want more User and Group Management practice?

Practice this domain
2

Domain 2: Operation of Running Systems

All Operation of Running Systems questions
Q1
hardFull explanation →

A system administrator needs to ensure that a specific service, 'myapp', starts automatically after a system crash and also restarts if it fails. Which systemd unit directive should be used to achieve this behavior?

A

RemainAfterExit=yes

B

Restart=always

C

Restart=on-failure and WantedBy=multi-user.target

Restart=on-failure restarts the service only if it fails (non-zero exit), and WantedBy=multi-user.target ensures it starts at boot.

D

ExecStopPost=/bin/systemctl restart myapp.service

Why: Option C is correct because the combination of `Restart=on-failure` ensures the service restarts automatically if it exits with a non-zero exit code or is terminated by a signal, and `WantedBy=multi-user.target` creates a dependency that starts the service at boot, including after a system crash. This satisfies both requirements: automatic start after crash (via systemd's dependency-based boot) and restart on failure (via the Restart directive).
Q2
mediumFull explanation →

A Linux system reports 'Out of memory' errors frequently. The administrator checks memory usage with 'free -m' and notices that most memory is used by file cache. Which command can the administrator run to immediately free up the cache without affecting running processes?

A

sysctl vm.drop_caches=1

B

swapoff -a

C

echo 1 > /proc/sys/vm/drop_caches

Writing 1 to drop_caches frees pagecache.

D

kill -9 $(pidof some_process)

Why: Option C is correct because writing 1 to /proc/sys/vm/drop_caches instructs the kernel to free pagecache (file cache) without terminating any processes. This is a safe, non-destructive operation that reclaims memory used for caching disk I/O, which is exactly what the administrator needs when 'free -m' shows most memory consumed by cache.
Q3
mediumFull explanation →

An administrator needs to schedule a cron job that runs a script every day at 3:00 AM, but the system is in a different time zone (UTC) than the administrator's local time (EST). The administrator wants the job to run at 3:00 AM local time regardless of system time zone changes. What is the best approach?

A

Change the system time zone to EST and set the cron job to run at 3:00 AM

B

Use the CRON_TZ variable in the crontab file to specify EST and schedule at 3:00 AM

CRON_TZ sets the time zone for subsequent cron jobs in the file.

C

Set the TZ environment variable in the crontab file before the job definition

D

Calculate the UTC equivalent (8:00 AM UTC) and schedule the job at that time

Why: Option B is correct because the CRON_TZ variable, when set in a crontab file, allows you to specify a time zone for the cron daemon to interpret the schedule entries. This ensures the job runs at 3:00 AM EST regardless of the system's default time zone (UTC), and it persists even if the system time zone changes, as cron uses the variable for scheduling.
Q4
mediumFull explanation →

Which TWO commands can be used to display the current runlevel or target of a systemd-based system?

A

systemctl get-default

Displays the default target.

B

telinit

C

init 3

D

systemctl list-units --type=target

E

runlevel

Displays previous and current runlevel.

Why: Option A is correct because `systemctl get-default` directly queries the systemd default target, which is the equivalent of the traditional runlevel in a systemd-based system. This command outputs the target that will be activated at boot, such as `multi-user.target` or `graphical.target`.
Q5
hardFull explanation →

Which THREE steps are necessary to permanently disable a systemd service from starting at boot?

A

systemctl stop myapp.service

Stops the currently running service.

B

systemctl mask myapp.service

Masks the service, preventing it from being started manually or by dependencies.

C

systemctl reset-failed myapp.service

D

systemctl disable myapp.service

Prevents the service from starting at boot.

E

systemctl daemon-reload

Why: Option A is correct because `systemctl stop` immediately terminates the service process, which is necessary to ensure the service is not currently running before disabling it from future boots. While stopping alone does not prevent the service from starting at boot, it is a required step in the process of permanently disabling a service, as you must stop the current instance before disabling it to avoid an inconsistent state.
Q6
easyFull explanation →

A system administrator wants to view the last 10 lines of the system log file '/var/log/syslog' and continue to watch for new lines as they are appended. Which command should be used?

A

tail -n 10 /var/log/syslog

B

less /var/log/syslog

C

tail -n 10 -f /var/log/syslog

Shows last 10 lines and follows new entries.

D

head -n 10 /var/log/syslog

Why: Option C is correct because the `tail -n 10 -f /var/log/syslog` command first displays the last 10 lines of the file and then uses the `-f` (follow) flag to continuously monitor the file for new appended lines, outputting them in real time. This matches the requirement to both view the last 10 lines and watch for new entries.

Want more Operation of Running Systems practice?

Practice this domain
3

Domain 3: Essential Commands

All Essential Commands questions
Q1
mediumFull explanation →

A user reports that a script fails with 'Permission denied' when executed. The script has permissions -rw-r--r-- and is owned by the user. Which command should the user run to make the script executable for the owner only?

A

chmod u+s script.sh

B

chmod u+x script.sh

Adds execute permission for the owner only.

C

chown :users script.sh

D

chmod +x script.sh

Why: Option B is correct because the script currently has permissions `-rw-r--r--`, meaning the owner has read and write but not execute permission. The `chmod u+x` command adds the execute permission for the owner only, which is exactly what the user needs to run the script without affecting group or others.
Q2
easyFull explanation →

A system administrator needs to find all files in /var/log that have been modified in the last 7 days. Which command accomplishes this?

A

find /var/log -type f -atime -7

B

find /var/log -type f -ctime -7

C

find /var/log -type f -mtime +7

D

find /var/log -type f -mtime -7

Correct: -mtime -7 means modified less than 7 days ago.

Why: Option D is correct because the `find` command with `-mtime -7` searches for files whose modification time (content change) is less than 7 days ago, which matches the requirement of 'modified in the last 7 days'. The `-type f` restricts the search to regular files, and `/var/log` is the target directory.
Q3
hardFull explanation →

An administrator wants to ensure that a background process continues running after logout. Which command should be used to start the process?

A

nohup sleep 100 &

nohup ignores SIGHUP, so process continues after logout.

B

runproc sleep 100 &

C

sleep 100 &

D

sleep 100 & disown

Why: The correct answer is A because `nohup` allows a process to ignore the SIGHUP signal that is sent to background processes when the parent shell exits, ensuring it continues running after logout. The `&` places the command in the background, and `nohup` redirects output to `nohup.out` by default, making it the standard way to run a process immune to hangups.
Q4
mediumFull explanation →

A technician needs to display the contents of a compressed file named archive.tar.gz without extracting it. Which command should be used?

A

tar -tf archive.tar

B

tar -xzf archive.tar.gz

C

zcat archive.tar.gz | tar -t

Decompresses and pipes to tar -t to list contents.

D

zcat archive.tar.gz

Why: Option C is correct because it uses `zcat` to decompress the `.gz` layer on the fly and pipes the resulting uncompressed tar archive into `tar -t`, which lists the contents without extracting. This allows viewing the file listing without first decompressing to disk, satisfying the requirement to display contents without extraction.
Q5
easyFull explanation →

A user wants to find the location of the 'grep' binary. Which command should they use?

A

man grep

B

which grep

Displays the full path of the grep command.

C

uname -a

D

grep -r 'grep' /usr/bin

Why: The 'which' command is specifically designed to locate the binary (executable) of a command by searching the directories listed in the user's PATH environment variable. Option B, 'which grep', will output the full path to the grep binary, such as '/usr/bin/grep', directly answering the user's request.
Q6
hardFull explanation →

Which TWO commands can be used to create a new empty file?

A

touch file

Creates an empty file if it does not exist.

B

mkdir file

C

cat file

D

> file

Shell redirection creates an empty file.

E

echo 'text' > file

Why: Option A is correct because the `touch` command is specifically designed to create an empty file if it does not already exist, or update its timestamps if it does. Option D is correct because using the shell redirection operator `>` with no command before it (or with a null command) creates an empty file by truncating any existing content or creating a new zero-byte file.

Want more Essential Commands practice?

Practice this domain
4

Domain 4: Networking

All Networking questions
Q1
mediumFull explanation →

A system administrator notices that a web server is not reachable from the internet but is reachable from the internal network. The server's IP is 10.0.1.10/24, and the gateway is 10.0.1.1. Which command should be used to verify the default gateway configuration?

A

arp -a

B

ip route show

This command displays the routing table, including the default gateway.

C

ip addr show

D

ss -tln

Why: The `ip route show` command displays the kernel routing table, including the default gateway entry. Since the server is reachable internally but not from the internet, a missing or incorrect default gateway is the likely cause. This command directly verifies whether a default route (e.g., via 10.0.1.1) is present.
Q2
easyFull explanation →

A developer needs to temporarily allow incoming TCP connections on port 8080 for testing. Which iptables command adds a rule to the INPUT chain to accept this traffic?

A

iptables -A OUTPUT -p tcp --sport 8080 -j ACCEPT

B

iptables -A INPUT -p tcp --dport 8080 -j ACCEPT

Appends a rule to INPUT chain to accept TCP on port 8080.

C

iptables -A FORWARD -p tcp --dport 8080 -j ACCEPT

D

iptables -I INPUT 1 -p tcp --dport 8080 -j DROP

Why: Option B is correct because the INPUT chain processes traffic destined for the local system, and the `--dport 8080` flag matches incoming TCP packets with destination port 8080. The `-j ACCEPT` target allows these packets through, which is exactly what is needed to temporarily permit incoming TCP connections on port 8080 for testing.
Q3
hardFull explanation →

A server has two network interfaces: eth0 (10.0.1.10/24, gateway 10.0.1.1) and eth1 (192.168.1.10/24, no gateway). Both are up. The default gateway is set to 10.0.1.1. A ping to 8.8.8.8 fails, but ping to 10.0.1.1 succeeds. What is the most likely cause?

A

eth1 has no gateway configured

B

The default route is missing or pointing to an incorrect gateway

Even though the gateway is reachable, the default route may be missing or misconfigured.

C

DNS resolution is failing

D

eth0 is down

Why: The default gateway is correctly set to 10.0.1.1, and ping to that gateway succeeds, so eth0 and its route are functional. However, ping to 8.8.8.8 fails, which indicates that the default route (0.0.0.0/0 via 10.0.1.1) is either missing or misconfigured, preventing traffic destined for external networks from being forwarded. The fact that eth1 has no gateway is irrelevant because the default route is already defined via eth0.
Q4
easyFull explanation →

An administrator wants to permanently configure a static IP address on a CentOS 7 system. Which file should be edited?

A

/etc/sysconfig/network-scripts/ifcfg-eth0

This is the standard network interface configuration file for CentOS/RHEL 7.

B

/etc/sysconfig/network

C

/etc/hostname

D

/etc/network/interfaces

Why: On CentOS 7, network interface configuration is stored in individual files under /etc/sysconfig/network-scripts/, named ifcfg-<interface>. The ifcfg-eth0 file contains parameters like BOOTPROTO, IPADDR, NETMASK, and GATEWAY, and setting BOOTPROTO=static along with the IP address values permanently configures a static IP. This is the standard method for RHEL/CentOS 7 systems using the legacy network scripts (not NetworkManager's keyfile format).
Q5
mediumFull explanation →

A network administrator needs to block all incoming SSH traffic (port 22) from the 192.168.2.0/24 subnet. Which iptables command accomplishes this?

A

iptables -A INPUT -d 192.168.2.0/24 -p tcp --dport 22 -j DROP

B

iptables -A OUTPUT -d 192.168.2.0/24 -p tcp --sport 22 -j DROP

C

iptables -A INPUT -s 192.168.2.0/24 -j DROP

D

iptables -A INPUT -s 192.168.2.0/24 -p tcp --dport 22 -j DROP

This drops incoming TCP packets from the subnet to port 22.

Why: Option D is correct because it appends a rule to the INPUT chain that matches packets originating from the 192.168.2.0/24 subnet (-s 192.168.2.0/24) using TCP protocol with destination port 22 (--dport 22), and then drops them (-j DROP). This precisely blocks all incoming SSH traffic from that subnet while leaving other traffic unaffected.
Q6
hardFull explanation →

An administrator is troubleshooting intermittent connectivity issues. Running 'ping -c 100 -i 0.2 10.0.0.1' shows about 5% packet loss. What is the primary purpose of the '-i 0.2' option?

A

It sets the TTL to 0.2

B

It sets the timeout to 0.2 seconds

C

It sets the packet size to 0.2 bytes

D

It sets the interval between pings to 0.2 seconds

This speeds up the test to detect intermittent loss.

Why: The '-i 0.2' option in the ping command sets the interval between sending ICMP Echo Request packets to 0.2 seconds. This allows the administrator to send pings more frequently than the default (typically 1 second), which helps in detecting intermittent connectivity issues over a shorter test duration. By sending 100 packets at a 0.2-second interval, the test completes in about 20 seconds, making it practical for troubleshooting transient packet loss.

Want more Networking practice?

Practice this domain
5

Domain 5: Service Configuration

All Service Configuration questions
Q1
mediumFull explanation →

A system administrator configures a web server using systemd. After creating a custom service unit file, the administrator runs `systemctl daemon-reload` but the service still fails to start with a 'Unit not found' error. What is the most likely cause?

A

The administrator forgot to run `systemctl enable` before starting the service.

B

The unit file is placed in /usr/lib/systemd/system/ instead of /etc/systemd/system/.

Unit files for custom services should be in /etc/systemd/system/; /usr/lib/systemd/system/ is for distribution-provided units.

C

The administrator is not in the 'systemd' group.

D

The service name was misspelled in the `systemctl start` command.

Why: The 'Unit not found' error after `systemctl daemon-reload` indicates that systemd cannot locate the unit file. Unit files in `/usr/lib/systemd/system/` are intended for distribution packages and are not automatically scanned by `daemon-reload` unless they are symlinked or the directory is explicitly included. The correct location for custom administrator-created unit files is `/etc/systemd/system/`, which is the primary location for locally managed units and is always included in the unit search path.
Q2
hardFull explanation →

A server runs a custom application that listens on TCP port 8080. The administrator wants to ensure the application starts automatically on boot and restarts if it crashes. Which systemd unit file directive should be used to achieve the restart behavior?

A

RestartSec=5

B

Type=notify

C

RemainAfterExit=yes

D

Restart=on-failure

This directive tells systemd to restart the service when it exits unexpectedly.

Why: The `Restart=on-failure` directive in a systemd unit file instructs systemd to automatically restart the service unit when it exits with a non-zero exit code, is terminated by a signal (including SIGKILL), or times out. This directly satisfies the requirement for the application to restart if it crashes, as a crash typically results in an unclean exit that triggers the restart condition.
Q3
easyFull explanation →

An administrator needs to configure a service to run as a non-root user for security reasons. Which systemd unit file directive accomplishes this?

A

AmbientCapabilities=CAP_NET_BIND_SERVICE

B

DynamicUser=yes

C

User=myuser

User= specifies the username or UID to run the service.

D

Group=myuser

Why: Option C is correct because the `User=` directive in a systemd unit file specifies the user (by name or UID) under which the service process runs. By setting `User=myuser`, the service executes with the privileges of that non-root user, reducing the attack surface and adhering to the principle of least privilege. This is the standard systemd mechanism for dropping root privileges for a service.
Q4
hardFull explanation →

A developer reports that a web application's logs are not being written to /var/log/myapp.log. The service runs as user 'myapp' and the log directory /var/log/myapp/ has permissions 755 owned by root. What is the most likely cause?

A

AppArmor is denying access.

B

SELinux is blocking the write.

C

The service is logging to systemd-journald instead of a file.

D

The service user 'myapp' does not have write permission to the log directory.

The directory is owned by root with 755, so only root can write; myapp needs write permission.

Why: Option D is correct because the /var/log/myapp/ directory has permissions 755, which grants read and execute access to the 'others' category but not write. Since the service runs as user 'myapp', which is not the owner (root) and not in the root group, it falls under 'others' and thus lacks write permission. Without write permission on the directory, the service cannot create or write to /var/log/myapp.log, even if the file itself might have different permissions.
Q5
mediumFull explanation →

An administrator wants to ensure that a custom service (myapp.service) starts only after the network is available and the PostgreSQL database service is running. Which systemd unit file directive should be used?

A

Requires=network.target postgresql.service

B

Wants=network.target postgresql.service

C

BindsTo=network.target postgresql.service

D

After=network.target postgresql.service

After= ensures myapp starts after the listed units are active, combined with Wants= or Requires= for dependency.

Why: Option D is correct because the `After=` directive in a systemd unit file specifies ordering constraints, ensuring that `myapp.service` starts only after `network.target` and `postgresql.service` have reached the 'started' state. This does not create a dependency that forces those units to start; it only orders the startup sequence, which is exactly what the administrator needs to guarantee the service starts after the network and PostgreSQL are available.
Q6
mediumFull explanation →

Which TWO statements are true about systemd service unit files? (Choose two.)

A

Environment variables can be loaded using EnvFile= directive.

B

The default service type is 'forking'.

C

The [Service] section is mandatory for a service unit file.

A service unit must have a [Service] section to define the process.

D

The [Install] section is used by systemctl enable to create symlinks.

[Install] defines WantedBy/RequiredBy for enablement.

E

The [Service] section must appear before the [Unit] section.

Why: Option C is correct because the [Service] section is mandatory in a systemd service unit file; without it, systemd cannot determine how to manage the service process. This section defines the service type, execution command, and other runtime parameters essential for the unit to function.

Want more Service Configuration practice?

Practice this domain
6

Domain 6: Storage Management

All Storage Management questions
Q1
mediumFull explanation →

A system administrator is tasked with setting up a new 2TB disk for a database server. The database requires high read/write performance and redundancy. The server has a hardware RAID controller, but the administrator wants to use Linux software RAID for flexibility. Which of the following RAID levels should the administrator choose to maximize performance while providing fault tolerance, assuming the disk will be part of a larger array in the future?

A

RAID 5

B

RAID 0

C

RAID 6

D

RAID 10

RAID 10 combines mirroring and striping for performance and redundancy.

Why: RAID 10 (striping of mirrors) provides both high read/write performance and fault tolerance by combining the speed of RAID 0 striping with the redundancy of RAID 1 mirroring. Since the administrator plans to add more disks to the array in the future, RAID 10 scales well with additional pairs, maintaining performance and redundancy without the parity calculation overhead of RAID 5 or RAID 6.
Q2
easyFull explanation →

An administrator wants to extend a logical volume named 'lv_data' in volume group 'vg_data' by 5GB. The volume group has free physical extents. Which command should be used?

A

pvextend -L +5G /dev/vg_data/lv_data

B

lvextend -L +5G /dev/vg_data/lv_data

The + sign indicates adding space.

C

lvresize -L +5G /dev/vg_data/lv_data

D

lvextend -L 5G /dev/vg_data/lv_data

Why: The correct command to extend a logical volume is `lvextend`. Option B uses the correct syntax with the `-L +5G` flag, which adds 5GB to the existing logical volume `/dev/vg_data/lv_data`. The volume group `vg_data` has free physical extents, so the extension can proceed without needing to add new physical volumes.
Q3
hardFull explanation →

A storage administrator notices that a newly created XFS filesystem on a logical volume shows only 90% of the expected capacity. The logical volume is 100GB. What is the most likely cause?

A

The disk has bad blocks that were marked as unusable.

B

The filesystem was created with a reduced size due to mkfs.xfs default settings.

XFS reserves space for metadata; mkfs.xfs may not use full device if size is not specified.

C

The volume group has insufficient physical extents.

D

The filesystem is mounted with the 'noatime' option.

Why: B is correct because `mkfs.xfs` by default reserves 10% of the filesystem space for metadata and performance optimization (the `-i maxpct` and internal log overhead). This is not a capacity loss but a design feature of XFS, which explains why a 100GB logical volume shows only ~90GB usable.
Q4
easyFull explanation →

Which command can be used to display the UUID of a filesystem on /dev/sdb1?

A

blkid /dev/sdb1

blkid displays UUID and filesystem type.

B

tune2fs -l /dev/sdb1

C

df -h /dev/sdb1

D

lsblk /dev/sdb1

Why: The blkid command is specifically designed to locate and print block device attributes, including the UUID and filesystem type. When run against a device like /dev/sdb1, it queries the kernel's device mapper and reads the filesystem superblock to extract the universally unique identifier (UUID). This is the most direct and reliable method for displaying a filesystem's UUID.
Q5
mediumFull explanation →

An administrator needs to mount an XFS filesystem with options to optimize for a database workload. Which mount option would reduce metadata updates to improve performance?

A

noexec

B

nodiratime

C

relatime

D

noatime

Disables atime updates, reducing metadata writes.

Why: The `noatime` mount option disables updates to the inode access time (atime) on every file read. For database workloads, this eliminates a significant source of metadata write I/O, reducing disk contention and improving overall performance by avoiding unnecessary journal updates on XFS.
Q6
mediumFull explanation →

Which TWO commands can be used to create a new physical volume for use with LVM? (Choose two.)

A

mkfs.ext4 /dev/sdb1

B

pvresize /dev/sdb1

C

pvcreate /dev/sdb1

pvcreate directly initializes a physical volume.

D

fdisk /dev/sdb (then set type to 8e)

fdisk can create an LVM partition that can later be used by pvcreate.

E

pvdisplay /dev/sdb1

Why: Option C is correct because `pvcreate /dev/sdb1` initializes a block device (or partition) as a physical volume (PV) for LVM, writing LVM metadata to the device. This is the standard command to create a new PV, making it available for inclusion in a volume group.

Want more Storage Management practice?

Practice this domain

Frequently asked questions

How many questions are on the LFCS exam?

The LFCS exam is performance-based — there are no multiple-choice questions. It is a hands-on lab exam completed within 120 minutes. You complete practical tasks in a live or simulated environment. Courseiva practice questions cover the underlying concepts.

What types of questions appear on the LFCS exam?

Hands-on Linux administration tasks completed in a live Linux environment.

How are LFCS questions organised by domain?

The exam covers 6 domains: User and Group Management, Operation of Running Systems, Essential Commands, Networking, Service Configuration, Storage Management. Questions are weighted by domain — higher-weight domains appear more on your actual exam.

Are these the actual LFCS exam questions?

No. These are original exam-style practice questions written against the official Linux Foundation LFCS exam objectives. They are not copied from the real exam. Courseiva focuses on genuine understanding, not memorisation of braindumps.

Ready to practice LFCS?

Courseiva tracks your accuracy per domain and routes you toward weak areas automatically. Free, no account required.

Browse all LFCS questionsTake a timed practice test