Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsXK0-005Flashcards
Free — No Signup RequiredCompTIA· Updated 2026

XK0-005 Flashcards — Free CompTIA Linux+ XK0-005 Study Cards

Reinforce XK0-005 concepts with active-recall study cards covering all 5 blueprint domains. Each card shows the question on the front and the correct answer with a full explanation on the back.

1000+ study cards5 domains coveredActive recall methodFull explanations included
Start 30-card session50-card shuffle
Exam OverviewPractice TestMock ExamStudy GuideFlashcards

Study Sessions

XK0-005 Flashcards

Pick a session size:

⚡Quick 10📝20 Cards🎯30 Cards📊50 Cards💪100 Cards
1,000+ cards · All free

Domains

Security
Troubleshooting
Scripting, Containers, and Automation
System Management
Scripting, Containers and Automation

How to use XK0-005 flashcards effectively

Flashcards work through active recall — the process of retrieving information from memory rather than passively re-reading it. Research consistently shows that active recall produces stronger, longer-lasting memory than re-reading study guides. For XK0-005 preparation, this means flashcards are one of the highest-return study tools available.

Attempt recall first

Read the XK0-005 question on each card, pause, and attempt to formulate the answer in your own words before revealing. This retrieval attempt — even if wrong — dramatically strengthens memory compared to immediately reading the answer.

Review wrong cards again

When you get a card wrong, note it and add it back to your review pile. Spaced repetition — seeing difficult cards more frequently — is the mechanism that makes flashcard study far more efficient than linear reading.

Study by domain

Group your XK0-005 flashcard sessions by domain for the first 3–4 weeks. Master one domain before moving to the next. In the final week, shuffle all cards together to test cross-domain recall — which is what the real XK0-005 exam requires.

Short sessions beat marathon reviews

20–30 flashcard cards per session, done daily, produces better retention than a single 200-card marathon session. Five short daily sessions per week over 4 weeks gives you over 400 total card reviews — enough to reliably pass XK0-005.

XK0-005 flashcard preview

Sample cards from the XK0-005 flashcard bank. Read the question, think of the answer, then read the explanation below.

1

A Linux administrator needs to add a new user named 'jdoe' with a home directory and a bash shell. Which command accomplishes this?

Security

useradd -m -s /bin/bash jdoe

The useradd command with -m creates the home directory and -s sets the shell. useradd -m -s /bin/bash jdoe is correct.

2

A Linux administrator needs to check which services are listening on TCP ports on a server. Which command should be used to replace the deprecated netstat command?

Troubleshooting

ss -tlnp

The ss command is the modern replacement for netstat, and ss -tlnp shows listening TCP ports with process information.

3

A Linux administrator wants to ensure a bash script stops execution immediately if any command fails. Which line should be added to the script?

Scripting, Containers, and Automation

set -e

The 'set -e' command causes the script to exit immediately when a command returns a non-zero exit status.

4

A Linux administrator needs to locate all files in the /var directory that have been modified within the last 30 minutes and are larger than 10MB. Which command accomplishes this task?

System Management

find /var -mmin -30 -size +10M

The find command with -mmin and -size options can locate files based on modification time and size. -mmin -30 finds files modified less than 30 minutes ago, and -size +10M finds files larger than 10MB.

5

A DevOps engineer needs to ensure that a containerized web application always restarts automatically if the container exits unexpectedly. Which Docker run option should be used?

Scripting, Containers and Automation

--restart=always

The `--restart=always` policy ensures that the container restarts regardless of the exit code or reason for termination, including unexpected crashes. This is the correct choice for a containerized web application that must maintain high availability by automatically recovering from any unexpected exit.

6

A system administrator wants to create a new user and set a password in a single command as part of a provisioning script. Which command accomplishes this?

echo 'user1:password' | chpasswd

Option B is correct because the `chpasswd` command reads username:password pairs from standard input, allowing a single command to create or update a user's password. When combined with `echo`, it sets the password for a new or existing user in one line, which is ideal for provisioning scripts. The `-p` option in `useradd` expects an already-hashed password, not a plaintext one, and `passwd` does not accept the password as an argument for security reasons.

7

A developer wants to run a container with a specific command that overrides the default entrypoint. Which Docker command should be used?

docker run --entrypoint /bin/bash myimage

Option C is correct because the `--entrypoint` flag in `docker run` allows you to override the default entrypoint defined in the Docker image. By specifying `--entrypoint /bin/bash`, the container will start with `/bin/bash` as its entrypoint, ignoring any `ENTRYPOINT` or `CMD` instructions in the Dockerfile. This is the standard Docker syntax for replacing the entrypoint at runtime.

8

A cloud engineer needs to automate the deployment of a new virtual machine with a specific configuration using Ansible. Which file format is typically used for Ansible playbooks?

YAML

Ansible playbooks are written in YAML (YAML Ain't Markup Language) because it is human-readable, supports complex data structures like lists and dictionaries, and is designed for configuration management. YAML's indentation-based syntax aligns with Ansible's declarative approach, allowing tasks, variables, and handlers to be defined cleanly without the overhead of brackets or tags.

9

A systems administrator wants to build a custom Docker image from a Dockerfile located in the current directory. Which command should be used?

docker build .

The `docker build .` command reads the Dockerfile from the current directory and builds a custom Docker image from its instructions. This is the standard command for building an image from a Dockerfile, where the dot represents the build context (the current directory).

10

A development team uses Git for version control and wants to automate the testing of every commit pushed to the repository. They have a Jenkins server running on a Linux machine. The team wants to automatically trigger a Jenkins pipeline job whenever a push is made to the main branch of their Git repository. The Jenkins server is behind a firewall and cannot be accessed from the internet. The Git repository is hosted on a private GitHub repository. Which of the following is the best approach to trigger the Jenkins job automatically?

Configure Jenkins to poll the Git repository every minute for changes.

Option B is correct because Jenkins' polling mechanism allows it to periodically check the Git repository for changes, which works even when the Jenkins server is behind a firewall and cannot receive inbound webhooks. Polling every minute provides near-real-time automation without requiring internet access to the Jenkins server, making it the only viable option given the network constraint.

11

A system administrator needs to find all files in the /etc directory that are larger than 1 MB and are regular files. Which find command accomplishes this?

find /etc -type f -size +1M / find /etc -type d -size +1M

Only option A correctly accomplishes the task. Option A uses -type f to select regular files and -size +1M to find files larger than 1 MB. Option B fails because the size suffix 'MB' is invalid; it should be 'M'. Option C omits the '+' prefix, so it matches files exactly 1 MB, not larger. Option D is incorrect; it uses -type d, which selects directories, not regular files. Option E also uses -type d, and the order of predicates does not affect the output, but the type is wrong.

12

An administrator is troubleshooting a web server that is running under SELinux enforcing mode. The web content is located in a non-standard directory /webfiles. Using the standard SELinux context 'httpd_sys_content_t', the files are still inaccessible. Which command will properly set the context recursively and persist across relabels?

semanage fcontext -a -t httpd_sys_content_t '/webfiles(/.*)?' ; restorecon -Rv /webfiles

Option A is correct because `semanage fcontext -a -t httpd_sys_content_t '/webfiles(/.*)?'` adds a file-context mapping to the SELinux policy database, ensuring the context survives a `restorecon` or filesystem relabel. The subsequent `restorecon -Rv /webfiles` applies that context recursively to the directory. Without the `semanage` entry, `restorecon` alone would revert to the default context (often `default_t`), which is not accessible by httpd.

13

A Linux administrator needs to check which process is using the most memory on a system. The administrator wants to view dynamically updating list of processes sorted by memory usage. Which command should the administrator use?

top -o %MEM

The `top` command provides a real-time, dynamically updating view of system processes. The `-o %MEM` option sorts the process list by memory usage (the %MEM column), allowing the administrator to immediately see which process is consuming the most memory. This directly meets the requirement for a dynamically updating list sorted by memory usage.

14

An AppArmor profile for a web server is in complain mode. After testing, the administrator wants to enforce the profile. Which command accomplishes this?

aa-enforce /etc/apparmor.d/usr.sbin.httpd

The correct command to enforce an AppArmor profile that is currently in complain mode is `aa-enforce`. This command switches the profile from complain (log-only) to enforce (block violations) mode. The option `-r` in `apparmor_parser` reloads the profile but does not change its mode; `aa-complain` sets it to complain mode, and `aa-status` only displays status.

15

An administrator notices that a non-root user 'alice' can run commands as root without being in the sudoers file. Which group membership could allow this?

wheel

Option B is correct because on many Linux distributions, membership in the 'wheel' group is a standard mechanism that allows non-root users to execute commands with root privileges via the 'su' command, even if they are not listed in the sudoers file. The 'wheel' group is traditionally used to control access to the 'su' utility, and by default, PAM (Pluggable Authentication Modules) configuration often permits members of the 'wheel' group to switch to the root user without additional sudo configuration.

16

An administrator wants to generate a self-signed certificate and private key for testing. Which command creates both in one step?

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes

Option A is correct because the `openssl req -x509 -newkey rsa:2048` command generates a new private key (via `-newkey`) and immediately creates a self-signed X.509 certificate (via `-x509`) in a single step. The `-keyout` and `-out` flags specify the output files for the private key and certificate, respectively, and `-nodes` ensures the private key is not encrypted with a passphrase, which is typical for testing scenarios.

17

An administrator needs to add a script to be executed daily. The script is placed at /etc/cron.daily/myscript. After placing the script, it does not run. Based on the exhibit, what is the most likely issue?

The script is not executable

Scripts placed in /etc/cron.daily/ are executed by run-parts, which requires files to have the executable bit set. Without the execute permission (e.g., chmod +x), the script is skipped entirely, even if it is owned correctly and the cron daemon is active.

18

A server with multiple disks is configured with RAID 5 for performance and redundancy. The administrator notices that write performance is lower than expected. Which RAID level would provide better write performance while still offering fault tolerance with the same number of disks (minimum 4)?

RAID 10

RAID 10 (striping of mirrors) provides better write performance than RAID 5 because it does not incur the overhead of calculating and writing parity data on every write operation. With a minimum of four disks, RAID 10 offers fault tolerance (each mirror can survive one disk failure) while delivering the full write speed of the underlying disks, unlike RAID 5 which must update parity across all disks.

19

An administrator needs to generate a self-signed certificate and private key for an internal web server. Which OpenSSL command creates both in one step?

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes

Option C is correct because the `openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes` command generates a new RSA private key and a self-signed X.509 certificate in a single step. The `-x509` flag outputs a self-signed certificate instead of a CSR, `-newkey` creates the key pair, and `-nodes` prevents encryption of the private key, which is typical for an internal web server that must start without manual passphrase entry.

20

Based on the exhibit, the service has failed. Which of the following is the most appropriate first step to diagnose the cause of the failure?

Check the script /usr/local/bin/myservice.sh for errors and run it manually

The exhibit indicates the service has failed, and the most appropriate first step is to check the script referenced in the unit file for errors and run it manually. This directly tests the executable that systemd is trying to run, isolating whether the failure is due to a script bug, missing dependencies, or permission issues, rather than assuming the service configuration or logs are the problem.

21

Which command will display the disk usage of each directory in the current directory, in human-readable format?

du -h

The `du -h` command displays disk usage for each directory in the current directory, with the `-h` flag converting sizes into human-readable formats (e.g., K, M, G). This is the correct tool for per-directory disk usage reporting.

22

A Linux server with systemd is experiencing boot issues after a recent kernel update. Which command sequence should be used to boot into the previous kernel version?

Interrupt the boot process, select 'Advanced options' in GRUB, then choose the previous kernel.

Option B is correct because GRUB (Grand Unified Bootloader) stores multiple kernel versions in its menu. By interrupting the boot process and selecting 'Advanced options for Ubuntu' (or similar), you can choose the previous kernel entry, which loads the older kernel and its associated initramfs. This is the standard method to recover from a failed kernel update on systems using systemd and GRUB.

23

An administrator configures a new web server with Apache and needs to ensure it starts automatically after a system reboot. The administrator runs 'systemctl enable httpd' but the service still does not start after reboot. What is the most likely reason?

The httpd service is masked, preventing it from starting.

The most likely reason the httpd service does not start after reboot despite being enabled is that it is masked. A masked service is symlinked to /dev/null, which prevents systemd from starting it even if it is enabled. The 'systemctl enable' command creates the necessary symlinks for automatic startup, but a mask overrides this by blocking the service unit entirely.

Study all 1000+ XK0-005 cards

XK0-005 flashcards by domain

The XK0-005 flashcard bank covers all 5 official blueprint domains published by CompTIA. Cards are distributed proportionally, so domains with higher exam weight have more cards.

Domain Coverage

Security

~1 cards

Troubleshooting

~1 cards

Scripting, Containers, and Automation

~1 cards

System Management

~1 cards

Scripting, Containers and Automation

~1 cards

Flashcards vs practice tests: which is better for XK0-005?

Both flashcards and practice questions are evidence-based study tools. The difference is in what they train:

Flashcards — concept retention

Best for memorising definitions, acronyms, protocol behaviours, command syntax, and conceptual distinctions. Use flashcards to build the foundational vocabulary that XK0-005 questions assume you know.

Best in: weeks 1–3

Practice tests — application

Best for applying concepts to realistic scenarios, eliminating distractors, and building exam stamina.XK0-005 questions test scenario reasoning — not just recall — so practice tests are essential.

Best in: weeks 3–6

The most effective XK0-005 study plan combines both: use flashcards for the first 2–3 weeks to build conceptual foundations, then shift to practice tests and mock exams in the final 2–3 weeks to apply and benchmark that knowledge. Most candidates who pass on their first attempt use both tools.

XK0-005 flashcards — frequently asked questions

Are the XK0-005 flashcards free?

Yes. Courseiva provides free XK0-005 flashcards across all official exam domains. Every card includes the correct answer and a full explanation of why it is right and why the distractors are wrong. The platform also includes topic-based practice, mock exams, and readiness tracking — no account required.

How many XK0-005 flashcards are on Courseiva?

Courseiva has 1000+ original XK0-005 flashcards across all 5 exam blueprint domains. New cards are added regularly as the question bank grows. All cards are written by certified engineers against the official CompTIA exam objectives.

How are Courseiva flashcards different from Anki or Quizlet?

Courseiva flashcards are purpose-built for IT certification exams. Unlike generic flashcard platforms where content quality varies, every Courseiva card is mapped to the official XK0-005 exam blueprint, written by engineers who hold the certification, and includes a full explanation of the correct answer and why the distractors are wrong. This explanation quality is what separates genuine learning from rote memorisation.

Can I use XK0-005 flashcards offline?

Courseiva is a web platform — an internet connection is required. For offline study, we recommend creating free Courseiva account, using the platform in your browser, and using your device's offline capabilities if your browser supports offline web apps.

Free forever · No credit card required

Track your XK0-005 flashcard progress

Save your results, see which domains need more work, and get spaced repetition recommendations — all free.

Sign Up Free

Free forever · Every certification included

Start Studying

⚡Quick 10 cards📝20-card session🎯30-card session📊50-card shuffle💪100-card marathon

Also Study With

Practice TestMock ExamStudy GuideExam Domains

Related Flashcards

220-1101N10-009LFCSEX200

Related Flashcard Sets

220-1101

CompTIA A+

N10-009

CompTIA Network+

LFCS

Linux Foundation LFCS

EX200

Red Hat RHCSA

Browse all certifications →