Linux Foundation · Free Practice Questions · Last reviewed May 2026
36real exam-style questions organised by domain, each with the correct answer highlighted and a plain-English explanation of why it's right — and why the others are wrong.
A developer was removed from the 'developers' group but still needs to run commands that require membership in that group. The user has logged out and back in, but the issue persists. What is the most likely cause?
The user did not explicitly start a new login shell after group removal.
Group membership changes require a new login session; logging out and back in should suffice, but if the user only logged out of the desktop and the session manager cached credentials, it might not refresh. The most likely cause is that the user's current shell environment still has cached group membership from the previous session.
The user's primary group is different from the 'developers' group.
The user is using 'newgrp developers' but is no longer a member.
The 'id' command shows the old group because the user's shell is still running.
A system administrator needs to create a user 'john' with a home directory in /data/users and an expiry date of 2025-12-31. Which command accomplishes this?
useradd -d /data/users -c 2025-12-31 john
adduser --home /data/users --expiredate 2025-12-31 john
useradd -d /data/users -e 2025-12-31 john
Correctly sets home directory and expiry.
useradd -m -e 2025-12-31 john
An administrator needs to set up a shared directory /project for the group 'projectteam' (GID 5000). All members of the group should be able to create and delete files, but only the file owner can modify their own files. The directory should also ensure that new files inherit the group ownership. Which set of commands achieves this?
chown root:projectteam /project; chmod 2775 /project; setfacl -m g:projectteam:rwx /project
chown root:projectteam /project; chmod 2770 /project; setfacl -d -m o::--- /project
SGID (2) inherits group; 770 gives group rwx; default ACL denies others.
chown root:projectteam /project; chmod 2775 /project
chown root:projectteam /project; chmod 1770 /project; setfacl -m m::rwx /project
A user 'alice' is unable to log in via SSH. The administrator checks /etc/shadow and sees 'alice:!:19234:0:99999:7:::'. What does the '!' in the password field indicate?
The password must be changed at next login.
The account is disabled.
The account is locked.
'!' is a common indicator of a locked account in /etc/shadow.
The password is expired.
An administrator wants to enforce that users in the 'contractors' group must change their password every 30 days, with a warning 7 days before expiry. Which command should be used?
groupmod -p 30 contractors
passwd -x 30 -w 7 contractors
usermod -e 30 contractors
chage -M 30 -W 7 contractors
chage modifies password aging for a user; but the question says 'users in the group', so you would need to apply to each user. However, among the options, this is the closest correct command for a user.
Which TWO commands can be used to list all users currently logged into the system?
w
Shows who is logged in and what they are doing.
last
users
id
who
Lists currently logged-in users.
Want more User and Group Management practice?
Practice this domainA system administrator needs to ensure that a specific service, 'myapp', starts automatically after a system crash and also restarts if it fails. Which systemd unit directive should be used to achieve this behavior?
RemainAfterExit=yes
Restart=always
Restart=on-failure and WantedBy=multi-user.target
Restart=on-failure restarts the service only if it fails (non-zero exit), and WantedBy=multi-user.target ensures it starts at boot.
ExecStopPost=/bin/systemctl restart myapp.service
A Linux system reports 'Out of memory' errors frequently. The administrator checks memory usage with 'free -m' and notices that most memory is used by file cache. Which command can the administrator run to immediately free up the cache without affecting running processes?
sysctl vm.drop_caches=1
swapoff -a
echo 1 > /proc/sys/vm/drop_caches
Writing 1 to drop_caches frees pagecache.
kill -9 $(pidof some_process)
An administrator needs to schedule a cron job that runs a script every day at 3:00 AM, but the system is in a different time zone (UTC) than the administrator's local time (EST). The administrator wants the job to run at 3:00 AM local time regardless of system time zone changes. What is the best approach?
Change the system time zone to EST and set the cron job to run at 3:00 AM
Use the CRON_TZ variable in the crontab file to specify EST and schedule at 3:00 AM
CRON_TZ sets the time zone for subsequent cron jobs in the file.
Set the TZ environment variable in the crontab file before the job definition
Calculate the UTC equivalent (8:00 AM UTC) and schedule the job at that time
Which TWO commands can be used to display the current runlevel or target of a systemd-based system?
systemctl get-default
Displays the default target.
telinit
init 3
systemctl list-units --type=target
runlevel
Displays previous and current runlevel.
Which THREE steps are necessary to permanently disable a systemd service from starting at boot?
systemctl stop myapp.service
Stops the currently running service.
systemctl mask myapp.service
Masks the service, preventing it from being started manually or by dependencies.
systemctl reset-failed myapp.service
systemctl disable myapp.service
Prevents the service from starting at boot.
systemctl daemon-reload
A system administrator wants to view the last 10 lines of the system log file '/var/log/syslog' and continue to watch for new lines as they are appended. Which command should be used?
tail -n 10 /var/log/syslog
less /var/log/syslog
tail -n 10 -f /var/log/syslog
Shows last 10 lines and follows new entries.
head -n 10 /var/log/syslog
Want more Operation of Running Systems practice?
Practice this domainA user reports that a script fails with 'Permission denied' when executed. The script has permissions -rw-r--r-- and is owned by the user. Which command should the user run to make the script executable for the owner only?
chmod u+s script.sh
chmod u+x script.sh
Adds execute permission for the owner only.
chown :users script.sh
chmod +x script.sh
A system administrator needs to find all files in /var/log that have been modified in the last 7 days. Which command accomplishes this?
find /var/log -type f -atime -7
find /var/log -type f -ctime -7
find /var/log -type f -mtime +7
find /var/log -type f -mtime -7
Correct: -mtime -7 means modified less than 7 days ago.
An administrator wants to ensure that a background process continues running after logout. Which command should be used to start the process?
nohup sleep 100 &
nohup ignores SIGHUP, so process continues after logout.
runproc sleep 100 &
sleep 100 &
sleep 100 & disown
A technician needs to display the contents of a compressed file named archive.tar.gz without extracting it. Which command should be used?
tar -tf archive.tar
tar -xzf archive.tar.gz
zcat archive.tar.gz | tar -t
Decompresses and pipes to tar -t to list contents.
zcat archive.tar.gz
A user wants to find the location of the 'grep' binary. Which command should they use?
man grep
which grep
Displays the full path of the grep command.
uname -a
grep -r 'grep' /usr/bin
Which TWO commands can be used to create a new empty file?
touch file
Creates an empty file if it does not exist.
mkdir file
cat file
> file
Shell redirection creates an empty file.
echo 'text' > file
Want more Essential Commands practice?
Practice this domainA system administrator notices that a web server is not reachable from the internet but is reachable from the internal network. The server's IP is 10.0.1.10/24, and the gateway is 10.0.1.1. Which command should be used to verify the default gateway configuration?
arp -a
ip route show
This command displays the routing table, including the default gateway.
ip addr show
ss -tln
A developer needs to temporarily allow incoming TCP connections on port 8080 for testing. Which iptables command adds a rule to the INPUT chain to accept this traffic?
iptables -A OUTPUT -p tcp --sport 8080 -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
Appends a rule to INPUT chain to accept TCP on port 8080.
iptables -A FORWARD -p tcp --dport 8080 -j ACCEPT
iptables -I INPUT 1 -p tcp --dport 8080 -j DROP
A server has two network interfaces: eth0 (10.0.1.10/24, gateway 10.0.1.1) and eth1 (192.168.1.10/24, no gateway). Both are up. The default gateway is set to 10.0.1.1. A ping to 8.8.8.8 fails, but ping to 10.0.1.1 succeeds. What is the most likely cause?
eth1 has no gateway configured
The default route is missing or pointing to an incorrect gateway
Even though the gateway is reachable, the default route may be missing or misconfigured.
DNS resolution is failing
eth0 is down
An administrator wants to permanently configure a static IP address on a CentOS 7 system. Which file should be edited?
/etc/sysconfig/network-scripts/ifcfg-eth0
This is the standard network interface configuration file for CentOS/RHEL 7.
/etc/sysconfig/network
/etc/hostname
/etc/network/interfaces
A network administrator needs to block all incoming SSH traffic (port 22) from the 192.168.2.0/24 subnet. Which iptables command accomplishes this?
iptables -A INPUT -d 192.168.2.0/24 -p tcp --dport 22 -j DROP
iptables -A OUTPUT -d 192.168.2.0/24 -p tcp --sport 22 -j DROP
iptables -A INPUT -s 192.168.2.0/24 -j DROP
iptables -A INPUT -s 192.168.2.0/24 -p tcp --dport 22 -j DROP
This drops incoming TCP packets from the subnet to port 22.
An administrator is troubleshooting intermittent connectivity issues. Running 'ping -c 100 -i 0.2 10.0.0.1' shows about 5% packet loss. What is the primary purpose of the '-i 0.2' option?
It sets the TTL to 0.2
It sets the timeout to 0.2 seconds
It sets the packet size to 0.2 bytes
It sets the interval between pings to 0.2 seconds
This speeds up the test to detect intermittent loss.
Want more Networking practice?
Practice this domainA system administrator configures a web server using systemd. After creating a custom service unit file, the administrator runs `systemctl daemon-reload` but the service still fails to start with a 'Unit not found' error. What is the most likely cause?
The administrator forgot to run `systemctl enable` before starting the service.
The unit file is placed in /usr/lib/systemd/system/ instead of /etc/systemd/system/.
Unit files for custom services should be in /etc/systemd/system/; /usr/lib/systemd/system/ is for distribution-provided units.
The administrator is not in the 'systemd' group.
The service name was misspelled in the `systemctl start` command.
A server runs a custom application that listens on TCP port 8080. The administrator wants to ensure the application starts automatically on boot and restarts if it crashes. Which systemd unit file directive should be used to achieve the restart behavior?
RestartSec=5
Type=notify
RemainAfterExit=yes
Restart=on-failure
This directive tells systemd to restart the service when it exits unexpectedly.
An administrator needs to configure a service to run as a non-root user for security reasons. Which systemd unit file directive accomplishes this?
AmbientCapabilities=CAP_NET_BIND_SERVICE
DynamicUser=yes
User=myuser
User= specifies the username or UID to run the service.
Group=myuser
A developer reports that a web application's logs are not being written to /var/log/myapp.log. The service runs as user 'myapp' and the log directory /var/log/myapp/ has permissions 755 owned by root. What is the most likely cause?
AppArmor is denying access.
SELinux is blocking the write.
The service is logging to systemd-journald instead of a file.
The service user 'myapp' does not have write permission to the log directory.
The directory is owned by root with 755, so only root can write; myapp needs write permission.
An administrator wants to ensure that a custom service (myapp.service) starts only after the network is available and the PostgreSQL database service is running. Which systemd unit file directive should be used?
Requires=network.target postgresql.service
Wants=network.target postgresql.service
BindsTo=network.target postgresql.service
After=network.target postgresql.service
After= ensures myapp starts after the listed units are active, combined with Wants= or Requires= for dependency.
Which TWO statements are true about systemd service unit files? (Choose two.)
Environment variables can be loaded using EnvFile= directive.
The default service type is 'forking'.
The [Service] section is mandatory for a service unit file.
A service unit must have a [Service] section to define the process.
The [Install] section is used by systemctl enable to create symlinks.
[Install] defines WantedBy/RequiredBy for enablement.
The [Service] section must appear before the [Unit] section.
Want more Service Configuration practice?
Practice this domainA system administrator is tasked with setting up a new 2TB disk for a database server. The database requires high read/write performance and redundancy. The server has a hardware RAID controller, but the administrator wants to use Linux software RAID for flexibility. Which of the following RAID levels should the administrator choose to maximize performance while providing fault tolerance, assuming the disk will be part of a larger array in the future?
RAID 5
RAID 0
RAID 6
RAID 10
RAID 10 combines mirroring and striping for performance and redundancy.
An administrator wants to extend a logical volume named 'lv_data' in volume group 'vg_data' by 5GB. The volume group has free physical extents. Which command should be used?
pvextend -L +5G /dev/vg_data/lv_data
lvextend -L +5G /dev/vg_data/lv_data
The + sign indicates adding space.
lvresize -L +5G /dev/vg_data/lv_data
lvextend -L 5G /dev/vg_data/lv_data
A storage administrator notices that a newly created XFS filesystem on a logical volume shows only 90% of the expected capacity. The logical volume is 100GB. What is the most likely cause?
The disk has bad blocks that were marked as unusable.
The filesystem was created with a reduced size due to mkfs.xfs default settings.
XFS reserves space for metadata; mkfs.xfs may not use full device if size is not specified.
The volume group has insufficient physical extents.
The filesystem is mounted with the 'noatime' option.
Which command can be used to display the UUID of a filesystem on /dev/sdb1?
blkid /dev/sdb1
blkid displays UUID and filesystem type.
tune2fs -l /dev/sdb1
df -h /dev/sdb1
lsblk /dev/sdb1
An administrator needs to mount an XFS filesystem with options to optimize for a database workload. Which mount option would reduce metadata updates to improve performance?
noexec
nodiratime
relatime
noatime
Disables atime updates, reducing metadata writes.
Which TWO commands can be used to create a new physical volume for use with LVM? (Choose two.)
mkfs.ext4 /dev/sdb1
pvresize /dev/sdb1
pvcreate /dev/sdb1
pvcreate directly initializes a physical volume.
fdisk /dev/sdb (then set type to 8e)
fdisk can create an LVM partition that can later be used by pvcreate.
pvdisplay /dev/sdb1
Want more Storage Management practice?
Practice this domainThe LFCS exam is performance-based — there are no multiple-choice questions. It is a hands-on lab exam completed within 120 minutes. You complete practical tasks in a live or simulated environment. Courseiva practice questions cover the underlying concepts.
Hands-on Linux administration tasks completed in a live Linux environment.
The exam covers 6 domains: User and Group Management, Operation of Running Systems, Essential Commands, Networking, Service Configuration, Storage Management. Questions are weighted by domain — higher-weight domains appear more on your actual exam.
No. These are original exam-style practice questions written against the official Linux Foundation LFCS exam objectives. They are not copied from the real exam. Courseiva focuses on genuine understanding, not memorisation of braindumps.
Courseiva tracks your accuracy per domain and routes you toward weak areas automatically. Free, no account required.