Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsLPIC-1Exam Questions

LPI · Free Practice Questions · Last reviewed May 2026

LPIC-1 Exam Questions and Answers

42real exam-style questions organised by domain, each with the correct answer highlighted and a plain-English explanation of why it's right — and why the others are wrong.

60 exam questions
90 min time limit
Pass: 500/1000 / 1000
7 exam domains
OverviewDomain BlueprintStudy GuideAll QuestionsSample by Domain
1. Devices, Filesystems and FHS2. Linux Installation and Package Management3. GNU and Unix Commands4. Administrative Tasks5. Shells, Scripting and Data Management6. Essential System Services and Networking7. System Architecture
1

Domain 1: Devices, Filesystems and FHS

All Devices, Filesystems and FHS questions
Q1
easyFull explanation →

A system administrator wants to mount a USB flash drive formatted with the ext4 filesystem. The device is detected as /dev/sdc1. Which command should be used to mount the device to /mnt/usb?

A

mount -a /dev/sdc1 /mnt/usb

B

mount /mnt/usb /dev/sdc1

C

mount /dev/sdc1 /mnt/usb

Correct: mount with device and mount point, filesystem auto-detected.

D

mount -t ext4 /dev/sdc1 /mnt/usb

Why: Option C is correct because the standard syntax for the mount command is `mount [options] <device> <mountpoint>`. Here, `/dev/sdc1` is the device and `/mnt/usb` is the target directory. The ext4 filesystem is auto-detected by the kernel, so specifying `-t ext4` is optional but not incorrect.
Q2
mediumFull explanation →

A Linux system has two SATA disks: /dev/sda (250GB) and /dev/sdb (500GB). The administrator wants to create a logical volume group named 'vgdata' using partitions on both disks, then create a 600GB logical volume named 'lvdata' for a database. Which sequence of commands should be used?

A

pvcreate /dev/sdb1 /dev/sdc1; lvcreate -L 600G -n lvdata vgdata; vgcreate vgdata /dev/sdb1 /dev/sdc1

B

pvcreate /dev/sdb /dev/sdc; vgcreate vgdata /dev/sdb /dev/sdc; lvcreate -L 600G -n lvdata vgdata

C

pvcreate /dev/sdb1 /dev/sdc1; vgcreate vgdata /dev/sdb1 /dev/sdc1; lvcreate -L 600G -n lvdata vgdata

Correct order: pvcreate, vgcreate, lvcreate.

D

vgcreate vgdata /dev/sdb1 /dev/sdc1; pvcreate /dev/sdb1 /dev/sdc1; lvcreate -L 600G -n lvdata vgdata

Why: Option C is correct because it follows the proper LVM sequence: first create physical volumes (PVs) on the partitions /dev/sdb1 and /dev/sdc1 using pvcreate, then create the volume group 'vgdata' from those PVs using vgcreate, and finally create the logical volume 'lvdata' with a size of 600GB using lvcreate. This order ensures that the PVs exist before the VG is created, and the VG exists before the LV is created.
Q3
hardFull explanation →

During boot, a Linux system displays 'Kernel panic – not syncing: VFS: Unable to mount root fs on unknown-block(0,0)'. Which of the following is the most likely cause?

A

The root filesystem is corrupted and needs fsck.

B

The kernel lacks the necessary driver for the storage controller.

Missing driver prevents accessing the root filesystem.

C

The root= parameter in the boot loader points to a non-existent device.

D

The initrd is missing or corrupted.

Why: The error 'unknown-block(0,0)' indicates the kernel cannot find a device to mount as root. This typically occurs when the kernel lacks the driver for the storage controller (e.g., SATA, NVMe, SCSI host adapter) needed to access the root filesystem. Without the driver, the kernel cannot enumerate the block device, even if the root= parameter is correct and the filesystem is intact.
Q4
easyFull explanation →

Which of the following commands displays the amount of free disk space on all mounted filesystems in a human-readable format?

A

df -i

B

df -h

Correct: human-readable disk free.

C

du -sh

D

df -T

Why: The `df -h` command displays disk space usage for all mounted filesystems with sizes in human-readable units (e.g., KB, MB, GB). The `-h` flag converts raw block counts into powers of 1024 with appropriate suffixes, making the output easy to interpret at a glance.
Q5
mediumFull explanation →

An administrator needs to create a new ext4 filesystem on /dev/sdb1 and wants to reserve 2% of the blocks for the root user. Which command should be used?

A

mkfs.ext4 -m 2 /dev/sdb1

Correct: -m specifies reserved blocks percentage.

B

tune2fs -m 2 /dev/sdb1

C

mke2fs -r 2 /dev/sdb1

D

mkfs.ext4 -R 2 /dev/sdb1

Why: Option A is correct because the `-m` flag in `mkfs.ext4` specifies the percentage of filesystem blocks reserved for the root user (superuser). By default, ext4 reserves 5% of blocks; using `-m 2` reduces this to 2%, as required. This command creates a new ext4 filesystem on `/dev/sdb1` with the specified reserved block percentage.
Q6
hardFull explanation →

A Linux system has a software RAID1 array /dev/md0 consisting of /dev/sda1 and /dev/sdb1. After replacing a failed disk, the administrator runs 'mdadm --manage /dev/md0 --add /dev/sdc1', but the array remains degraded. Which command should be used to check the status of the array?

A

mdadm --examine /dev/sdc1

B

mdadm --version

C

mdadm --detail /dev/md0

Correct: shows detailed array status.

D

mdadm --query /dev/md0

Why: The `mdadm --detail /dev/md0` command displays the current state of the RAID array, including its status (e.g., degraded, active), the number of active and failed devices, and the sync/resync progress. Since the array remains degraded after adding a new disk, this command will show whether the new disk has been properly integrated or if there is an underlying issue, such as a missing or failed component.

Want more Devices, Filesystems and FHS practice?

Practice this domain
2

Domain 2: Linux Installation and Package Management

All Linux Installation and Package Management questions
Q1
easyFull explanation →

A system administrator needs to install the latest version of a package named 'webapp' from a third-party repository that has been added to the system. Which command should be used to update the package list and install the package in one step?

A

apt-get update && apt-get install webapp

Updates package list and installs the package.

B

apt-get upgrade webapp

C

dpkg -i webapp.deb

D

apt-cache search webapp && apt-get install webapp

Why: Option A is correct because it first runs `apt-get update` to refresh the local package index from all configured repositories (including the third-party one), then uses `&&` to conditionally execute `apt-get install webapp` only if the update succeeds. This ensures the latest version available from the third-party repository is fetched and installed in a single command sequence.
Q2
mediumFull explanation →

A Linux administrator is troubleshooting a package dependency issue. When attempting to install package 'foo', the package manager reports a missing dependency 'libbar.so.2'. Which of the following is the most appropriate next step?

A

Run 'ldconfig' to update the library cache

B

Reinstall the 'foo' package using 'rpm -i --force foo.rpm'

C

Run 'rpm -q --whatrequires libbar.so.2'

D

Use 'apt-file search libbar.so.2' or 'dnf provides libbar.so.2' to find the package that contains the file

Identifies the package providing the missing library.

Why: The error indicates that the file 'libbar.so.2' is missing from the system. The most appropriate next step is to identify which package provides this file, so that it can be installed to satisfy the dependency. On Debian-based systems, 'apt-file search' queries the package repository metadata to find the package containing a specific file; on Red Hat-based systems, 'dnf provides' performs the same function. This targeted search is the correct first troubleshooting step before any installation or library cache update.
Q3
hardFull explanation →

A company maintains a private Debian repository for internal packages. A new package 'internal-tool' version 2.0 has been added to the repository, but when users run 'apt-get update && apt-get install internal-tool', the old version 1.0 is still being offered. What is the most likely cause?

A

The package version number is not higher than the installed version

B

The local apt cache needs to be cleared with 'apt-get clean'

C

The 'apt-get update' command did not run successfully due to network issues

D

The repository's Release file has not been regenerated after adding the new package

apt uses the Release file to check validity; if outdated, it may ignore new Packages files.

Why: The most likely cause is that the repository's Release file has not been regenerated after adding the new package. APT relies on the Release file (and its associated InRelease or Release.gpg) to obtain the current package metadata, including version information. If the Release file is not updated to reflect the new package version 2.0, APT will still see the old metadata and offer version 1.0, even though the package file exists in the repository.
Q4
mediumFull explanation →

A system administrator wants to compile and install a program from source. After running './configure --prefix=/opt/myapp', the configure script fails with an error about missing 'libssl-dev'. What should the administrator do to resolve this issue?

A

Install the 'libssl-dev' package using the package manager

Development packages contain headers required by configure.

B

Manually download and place the missing header files in /usr/include

C

Install the 'libssl' runtime library

D

Add the '--disable-ssl' flag to ./configure

Why: The configure script requires the development headers and static libraries for OpenSSL to compile software that uses SSL/TLS. The 'libssl-dev' package provides these headers and the .so symlinks needed during compilation. Installing it via the package manager (e.g., apt, yum) is the correct and standard method to satisfy this build dependency.
Q5
easyFull explanation →

A technician needs to remove a package named 'apache2' along with its configuration files from a Debian system. Which command should be used?

A

dpkg -r apache2

B

apt-get autoremove apache2

C

apt-get purge apache2

Removes package and config files.

D

apt-get remove apache2

Why: Option C is correct because the 'apt-get purge' command removes the specified package along with its configuration files from a Debian system. Unlike 'remove', which leaves configuration files intact, 'purge' deletes both the package binaries and the associated configuration data from /etc and other locations, fulfilling the requirement to remove 'apache2' completely.
Q6
mediumFull explanation →

A Linux administrator is managing a server that uses RPM-based package management. They need to find which installed package provides the '/etc/ssh/sshd_config' file. Which command should they use?

A

rpm -qi /etc/ssh/sshd_config

B

rpm -qf /etc/ssh/sshd_config

Queries the package that owns the file.

C

rpm -ql /etc/ssh/sshd_config

D

rpm -qa | grep sshd_config

Why: The correct command is `rpm -qf /etc/ssh/sshd_config`. The `-q` flag queries the RPM database, and `-f` (or `--file`) tells RPM to find which installed package owns the specified file. This is the standard way to map a file back to its originating package in RPM-based systems.

Want more Linux Installation and Package Management practice?

Practice this domain
3

Domain 3: GNU and Unix Commands

All GNU and Unix Commands questions
Q1
mediumFull explanation →

A systems administrator needs to change the permissions of the file /home/user/script.sh so that the owner can read, write, and execute; the group can read and execute; and others have no access. Which command accomplishes this?

A

chmod 755 /home/user/script.sh

B

chmod 750 /home/user/script.sh

750 gives rwx for owner, r-x for group, and --- for others, matching the requirement.

C

chmod 770 /home/user/script.sh

D

chmod 741 /home/user/script.sh

Why: Option B is correct because chmod 750 sets the permissions to rwxr-x---, which gives the owner read, write, and execute (7), the group read and execute (5), and others no access (0). This matches the requirement exactly.
Q2
easyFull explanation →

Which TWO commands can be used to view the contents of a compressed file named archive.tar.gz without extracting it to disk?

A

gzip -d archive.tar.gz

B

bunzip2 -c archive.tar.gz | tar -t

C

tar -tzf archive.tar.gz

Correct: tar -t lists table of contents; -z handles gzip; -f specifies file.

D

gunzip -l archive.tar.gz

E

zcat archive.tar.gz | tar -t

Correct: zcat decompresses to stdout; pipe to tar -t lists contents.

Why: Option C is correct because the `tar -tzf` command lists the contents of a tar archive compressed with gzip without extracting it. The `-t` flag tells tar to list the table of contents, `-z` handles the gzip decompression on the fly, and `-f` specifies the archive file. This is the standard, single-command method for viewing the contents of a `.tar.gz` file without writing any files to disk.
Q3
hardFull explanation →

Refer to the exhibit. An administrator needs to edit /etc/example.conf to change setting1 to 'production' and add a new line 'setting2=value' after the include line. The file must be edited in place without creating a backup. Which command sequence achieves this?

A

sed -i 's/setting1=default/setting1=production/' /etc/example.conf; sed -i '/^include /a\nsetting2=value' /etc/example.conf

Correct: -i without argument edits in place; first command changes the setting; second appends after the include line.

B

sed -i 's/setting1=default/setting1=production/' /etc/example.conf; sed -i '/^include /i\nsetting2=value' /etc/example.conf

C

sed -i.bak 's/setting1=default/setting1=production/' /etc/example.conf; sed -i.bak '/^include /a\nsetting2=value' /etc/example.conf

D

sed -i.bak 's/setting1=default/setting1=production/' /etc/example.conf; sed -i.bak '/^include /a\nsetting2=value' /etc/example.conf

Why: Option A is correct because the first sed command uses the -i flag to edit the file in place without a backup, and the substitution 's/setting1=default/setting1=production/' changes the existing setting. The second sed command uses the 'a' (append) command after the line matching '^include ' to add the new line 'setting2=value' after it, also with -i to avoid creating a backup.
Q4
mediumFull explanation →

You are a Linux administrator for a company that runs a web server on a system with limited disk space. The web server logs are stored in /var/log/httpd/access_log and grow quickly. The operations team requires that the most recent logs be available for troubleshooting, but logs older than 7 days must be compressed to save space. You decide to implement log rotation using logrotate. The logrotate configuration file for httpd currently contains:

/var/log/httpd/*.log { daily rotate 7 compress delaycompress missingok notifempty sharedscripts postrotate /bin/systemctl reload httpd 2>/dev/null || true endscript

}

After applying this configuration, you notice that log files are being compressed immediately instead of after one rotation. What is the most likely cause and the correct step to fix this?

A

Remove the 'sharedscripts' directive to ensure the postrotate script runs for each log file individually.

B

Change the rotation frequency to 'weekly' so that the most recent week's logs remain uncompressed and older logs are compressed.

With weekly rotation, the most recent rotated log (one week old) remains uncompressed due to delaycompress, while older logs are compressed, meeting the requirement of compressing logs older than 7 days.

C

Remove the 'delaycompress' directive to ensure compression occurs at each rotation.

D

Add the 'copytruncate' directive to avoid moving the log file, allowing the web server to continue writing to the same file.

Why: Option B is correct because the configuration uses 'rotate 7' with 'daily' frequency, meaning seven daily rotations are kept. However, 'delaycompress' delays compression by one rotation, so the most recent rotated log remains uncompressed. With 'daily' rotation, the current log and the most recent rotated log are both uncompressed, which may appear as if compression happens immediately. Changing to 'weekly' ensures that only the most recent week's logs remain uncompressed, matching the requirement that logs older than 7 days are compressed.
Q5
mediumFull explanation →

Arrange the steps to configure a static IP address on a Linux system using the command line.

Why: Static IP configuration requires editing the appropriate config file, then restarting networking to apply changes.
Q6
mediumFull explanation →

Order the steps to recover a forgotten root password on a Linux system.

Why: Recovery involves booting into a shell with root access, remounting read-write, and changing the password.

Want more GNU and Unix Commands practice?

Practice this domain
4

Domain 4: Administrative Tasks

All Administrative Tasks questions
Q1
hardFull explanation →

A system administrator wants to ensure that the syslog service starts automatically on boot and is running immediately without a reboot. Which command sequence should be used?

A

systemctl start syslog && systemctl enable syslog

B

systemctl start --enable syslog

C

systemctl enable syslog && systemctl start syslog

D

systemctl enable --now syslog

The --now flag enables and starts the service in one step.

Why: Option D is correct because `systemctl enable --now syslog` combines enabling the service to start automatically on boot and starting it immediately in a single command. The `--now` flag triggers an immediate start after enabling, fulfilling both requirements without needing a reboot.
Q2
easyFull explanation →

A user reports that a cron job is not executing. The cron job is defined in /etc/crontab. The administrator checks the system logs and finds no errors. Which command should the administrator use to verify that the cron daemon is running?

A

pgrep cron

Returns PID if cron is running, gives no output if not.

B

systemctl status cron

C

crontab -l

D

ps aux | grep cron

Why: Option A is correct because `pgrep cron` searches the process table for processes named 'cron' and returns the PID(s) if running. This is a quick, reliable way to verify the cron daemon is active without parsing full process lists or relying on systemd-specific commands.
Q3
mediumFull explanation →

A system administrator wants to schedule a script to run every Monday at 3:00 AM, but only if the system clock is set to local time (not UTC). Which crontab entry should be used?

A

3 0 * * 1 /path/to/script

B

0 3 * * 1 /path/to/script

Correct: minute 0, hour 3, any day of month, any month, Monday (1).

C

0 15 * * 1 /path/to/script

D

0 3 * * 0 /path/to/script

Why: Option B is correct because the crontab format is 'minute hour day-of-month month day-of-week command'. To run at 3:00 AM Monday, the minute field is 0, the hour field is 3 (using 24-hour time), and the day-of-week field is 1 (Monday). The cron daemon does not care about UTC vs local time; it uses the system's configured timezone, so no special flag is needed.
Q4
hardFull explanation →

A server has a backup script that runs daily at midnight. The system administrator notices that the script sometimes fails because the filesystem is mounted read-only. Which approach is the best practice to ensure the script runs only when the filesystem is writable?

A

Add a cron job that runs before the backup to remount the filesystem read-write

B

Use anacron to run the job after boot

C

Wrap the backup command in a script that checks if the filesystem is writable before proceeding

Best practice: check condition inside script and exit gracefully if not met.

D

Change the cron job to run every hour until it succeeds

Why: Option C is correct because it implements a proactive check within the script itself, using a command like `touch /mountpoint/testfile 2>/dev/null` or checking `/proc/mounts` to verify write access before executing the backup. This avoids unnecessary remounts and ensures the script only proceeds when the filesystem is writable, which is a robust and self-contained solution.
Q5
easyFull explanation →

An administrator needs to find all files in the /var/log directory that have been modified in the last 24 hours. Which command should be used?

A

find /var/log -ctime 0

B

find /var/log -mtime 0

mtime 0 matches files modified within the last 24 hours.

C

find /var/log -atime 0

D

find /var/log -mmin 1440

Why: Option B is correct because the `find` command with `-mtime 0` searches for files whose data modification time is within the last 24 hours. The `-mtime` option uses a 24-hour period, and a value of 0 means modified less than 24 hours ago, which matches the requirement to find files modified in the last 24 hours in /var/log.
Q6
hardFull explanation →

A Linux system fails to boot with the error 'Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)'. Which of the following is the most likely cause?

A

The root filesystem has a corrupted superblock

B

The initrd file is missing or corrupted

C

The kernel lacks the necessary driver for the storage controller

Kernel cannot access the root device due to missing storage driver.

D

The bootloader configuration points to the wrong partition

Why: The error 'VFS: Unable to mount root fs on unknown-block(0,0)' indicates that the kernel cannot find or access the root filesystem. This typically occurs when the kernel lacks the necessary driver (module) for the storage controller (e.g., SATA, SCSI, NVMe) that the root device is connected to. Without the driver, the kernel cannot communicate with the storage hardware, resulting in the unknown-block(0,0) identifier.

Want more Administrative Tasks practice?

Practice this domain
5

Domain 5: Shells, Scripting and Data Management

All Shells, Scripting and Data Management questions
Q1
mediumFull explanation →

A system administrator writes a script that extracts data from a CSV file and inserts it into a database. The script works correctly when run manually but fails when executed by cron. Which environment variable is most likely causing the issue?

A

SHELL

B

LANG

C

HOME

D

PATH

PATH is often not set in cron, causing command not found errors.

Why: When a script runs manually, the user's interactive shell inherits a fully populated PATH environment variable that includes directories like /usr/local/bin, /usr/bin, and possibly custom script directories. Cron jobs, however, execute with a minimal environment, and the default PATH for cron is often just /usr/bin:/bin. If the script relies on commands (e.g., mysql, psql, or custom scripts) located outside these directories, cron will fail with a 'command not found' error. Setting the full PATH explicitly inside the script or in the crontab file resolves the issue.
Q2
hardFull explanation →

A developer needs to ensure a bash script exits immediately if any command fails, and also prints each command before executing it. Which set of shell options should be used at the beginning of the script?

A

set -ex

-e exits on error, -x prints commands.

B

set -e

C

set -vx

D

set -ux

Why: Option A is correct because `set -ex` combines two essential shell options: `-e` (errexit) causes the script to exit immediately if any command returns a non-zero exit status, and `-x` (xtrace) prints each command (after expansion) to stderr before executing it. This is the standard way to achieve both behaviors in a single line, as required by the question.
Q3
easyFull explanation →

A script contains the following line: for i in $(cat file.txt); do echo $i; done. The file file.txt contains a single line with multiple words. How many times will the loop execute?

A

Equal to the number of lines in the file

B

Equal to the number of words in the file

The command substitution splits into words.

C

Once

D

The loop will not execute

Why: The command substitution $(cat file.txt) expands to the content of file.txt, which is a single line with multiple words. The for loop iterates over each word (separated by whitespace) in the expanded string, not over lines. Therefore, the loop executes once per word in the file.
Q4
hardFull explanation →

Refer to the exhibit. Why does the cron job fail?

A

The cron job lacks the PATH environment variable.

B

The script is owned by root, but the cron job runs as a different user.

C

The script is not executable.

The file permissions do not include execute for the owner.

D

The script lacks a shebang line.

Why: C is correct because cron jobs require the script to be executable (i.e., have the execute permission bit set). If the script is not executable, cron will fail to run it even if the shebang line and PATH are correct. The error typically appears in the cron log or as a silent failure.
Q5
mediumFull explanation →

Which TWO commands can be used to sort the output of ps -ef by the resident set size (RSS) in descending order?

A

ps -ef | sort -k5,5 -rn

B

ps --sort=-rss

--sort=-rss sorts by RSS descending.

C

ps -ef | sort -k3 -rn

D

ps --sort=rss

E

ps -ef | sort -k5 -rn

RSS is typically the 5th field in ps -ef output.

Why: Option B is correct because `ps --sort=-rss` directly sorts the process list by resident set size (RSS) in descending order, using the minus sign prefix to indicate reverse sort. This is a native `ps` feature that avoids piping to `sort`, which can be less reliable due to column alignment issues.
Q6
hardFull explanation →

Which THREE statements are true about the sed command?

A

sed 's/old/new/g' file.txt permanently changes the file.

B

sed -i 's/foo/bar/g' file.txt replaces all occurrences of foo with bar in the file.

-i makes in-place changes.

C

sed uses extended regular expressions by default.

D

sed '/^#/d' file.txt deletes lines that start with #.

The address /^#/ matches lines starting with #, d deletes them.

E

sed -n '3,5p' file.txt prints lines 3 to 5 of file.txt.

-n suppresses output, p prints specified lines.

Why: Option B is correct because the `-i` flag in sed enables in-place editing, directly modifying the file rather than just outputting changes to stdout. The substitution command `'s/foo/bar/g'` replaces all occurrences of `foo` with `bar` globally on each line, and with `-i`, the changes are written back to the file.

Want more Shells, Scripting and Data Management practice?

Practice this domain
6

Domain 6: Essential System Services and Networking

All Essential System Services and Networking questions
Q1
hardFull explanation →

A system administrator notices that the NTP service on a Linux server is not synchronizing time with external NTP servers. The administrator runs 'ntpq -p' and sees that all servers listed have a 'reach' value of 0. Which of the following is the most likely cause?

A

The system timezone is incorrectly set.

B

The NTP service is configured to use the local clock.

C

A firewall is blocking UDP port 123.

Reach 0 indicates no response, common when firewall blocks NTP.

D

The NTP server is using a different NTP version.

Why: The `reach` value of 0 in `ntpq -p` output indicates that the NTP client has received no responses from any of the configured servers. Since NTP uses UDP port 123 for communication, a firewall blocking this port would prevent the client from sending or receiving NTP packets, resulting in zero reachability. This is the most common cause when all servers show a reach of 0.
Q2
mediumFull explanation →

A web server running Apache on Linux is experiencing slow response times. The administrator runs 'netstat -tuln' and sees many connections in TIME_WAIT state. Which of the following is the best course of action to improve performance?

A

Increase the KeepAliveTimeout directive.

B

Disable the KeepAlive directive.

C

Enable TCP keepalive and adjust kernel parameters for faster reuse.

Adjusting tcp_tw_reuse and tcp_tw_recycle can reduce TIME_WAIT.

D

Increase the MaxKeepAliveRequests directive.

Why: Option C is correct because TIME_WAIT connections indicate that the server is waiting for lingering packets before fully closing TCP sockets. Enabling TCP keepalive and adjusting kernel parameters like net.ipv4.tcp_tw_reuse (or net.ipv4.tcp_tw_recycle in older kernels) allows the kernel to reuse sockets in TIME_WAIT state for new connections, reducing resource exhaustion and improving performance under high connection rates.
Q3
easyFull explanation →

Which of the following commands will display the default gateway of a Linux system?

A

arp -a

B

netstat -i

C

ip route show

Displays routing table including default gateway.

D

ifconfig

Why: The `ip route show` command displays the kernel routing table, which includes the default gateway as a default route (typically `default via <gateway-IP>`). This is the standard modern tool for viewing routing information on Linux systems.
Q4
hardFull explanation →

A database server on a Linux system is configured to listen on TCP port 3306. The administrator wants to restrict access to the database server to only the local network (192.168.1.0/24) using iptables. Which of the following iptables rules achieves this?

A

iptables -A INPUT -p tcp --dport 3306 -d 192.168.1.0/24 -j DROP

B

iptables -A OUTPUT -p tcp --dport 3306 -d 192.168.1.0/24 -j ACCEPT

C

iptables -A INPUT -p tcp --dport 3306 -s 192.168.1.0/24 -j ACCEPT

Correct rule to allow incoming MySQL from local subnet.

D

iptables -A OUTPUT -p tcp --sport 3306 -s 192.168.1.0/24 -j ACCEPT

Why: Option C is correct because it adds an INPUT chain rule that accepts TCP traffic destined for port 3306 only when the source address is within the 192.168.1.0/24 subnet. This effectively restricts incoming database connections to the local network, while all other sources are implicitly dropped by the default INPUT policy or subsequent rules.
Q5
easyFull explanation →

A user reports that they cannot connect to a remote server using SSH. The administrator checks the SSH server status and it is running. Which of the following is the most likely cause?

A

A firewall is blocking port 22.

Firewall blocking SSH port is a common issue.

B

The client's subnet mask is incorrect.

C

The client cannot resolve the server's hostname.

D

The SSH server is using UDP instead of TCP.

Why: SSH operates over TCP port 22 by default. If the SSH server is running but the client cannot connect, a firewall blocking port 22 is the most likely cause because it would prevent the TCP handshake from completing, even though the SSH daemon (sshd) is active and listening.
Q6
mediumFull explanation →

A system administrator is configuring a Linux server to act as a router. The server has two network interfaces: eth0 (192.168.1.1/24) and eth1 (10.0.0.1/24). Which of the following commands enables IP forwarding on this server?

A

route add default gw 10.0.0.1

B

sysctl -w net.ipv4.ip_forward=1

C

echo 1 > /proc/sys/net/ipv4/ip_forward

D

sysctl -w net.ipv4.ip_forward=1

Correctly enables IP forwarding.

Why: Option D is correct because the `sysctl -w net.ipv4.ip_forward=1` command immediately enables IP forwarding at runtime by writing the value 1 to the kernel parameter `net.ipv4.ip_forward`. This is the standard and recommended method for enabling packet forwarding between interfaces on a Linux router, allowing traffic to be routed between the 192.168.1.0/24 and 10.0.0.0/24 networks.

Want more Essential System Services and Networking practice?

Practice this domain
7

Domain 7: System Architecture

All System Architecture questions
Q1
mediumFull explanation →

A system administrator notices that the server's clock is consistently off by several minutes. Which service should be used to synchronize the time with an external time source?

A

ntpd

ntpd is the standard NTP daemon for time synchronization.

B

timed

C

chronyd

D

systemd-timesyncd

Why: The Network Time Protocol (NTP) daemon (ntpd) is the traditional and widely used service for synchronizing a server's clock with an external time source. It continuously adjusts the system time by communicating with NTP servers, compensating for clock drift and network delays to maintain accurate time. This makes ntpd the correct choice for resolving a consistent clock offset of several minutes.
Q2
easyFull explanation →

During boot, the kernel must mount the root filesystem. Which of the following is responsible for providing the kernel with the location of the root filesystem?

A

udev

B

initramfs

C

init

D

boot loader

The boot loader passes root= parameter to the kernel.

Why: The boot loader (e.g., GRUB) is responsible for loading the kernel into memory and passing it the location of the root filesystem via kernel command-line parameters such as `root=`. Without this parameter, the kernel would not know which block device or partition to mount as `/`. The boot loader reads configuration files (e.g., `grub.cfg`) that specify this parameter, making it the direct provider of the root filesystem location.
Q3
hardFull explanation →

A server has two disk drives: /dev/sda (SSD) and /dev/sdb (HDD). The administrator wants to place frequently accessed files on the SSD for performance. Which approach best achieves this using Linux filesystem features?

A

Create separate LVM logical volumes on each disk and mount them at different mount points.

LVM allows flexible allocation of storage from different physical volumes.

B

Configure RAID 0 across both disks to combine speed.

C

Use symbolic links to redirect file access to the SSD.

D

Use a union mount to overlay the SSD on top of the HDD.

Why: Option A is correct because LVM allows the administrator to create separate logical volumes on each physical disk (/dev/sda and /dev/sdb) and mount them at distinct mount points. By placing frequently accessed files on the SSD logical volume and less critical data on the HDD logical volume, the administrator can directly control which files benefit from the SSD's faster performance without mixing data or requiring complex overlays.
Q4
mediumFull explanation →

A technician is troubleshooting a system that fails to boot with the error 'Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)'. What is the most likely cause?

A

The init binary is missing or corrupted.

B

The root filesystem is corrupted and needs fsck.

C

The kernel lacks the necessary driver for the storage controller.

Kernel cannot access the root device due to missing storage driver.

D

The boot loader is not installed correctly.

Why: The error 'VFS: Unable to mount root fs on unknown-block(0,0)' indicates that the kernel cannot locate or access the root filesystem. This typically occurs because the kernel lacks the necessary driver (module) for the storage controller (e.g., SATA, SCSI, NVMe) that the root device is connected to, so it cannot read the partition table or mount the root filesystem.
Q5
easyFull explanation →

Which hardware component uses a unique address to identify itself on the network at the data link layer?

A

IP address

B

MAC address

MAC addresses are used for communication within a local network segment.

C

Hostname

D

Port number

Why: The MAC address (Media Access Control) is a unique 48-bit identifier burned into the network interface controller (NIC) by the manufacturer. It operates at Layer 2 (data link layer) of the OSI model, enabling devices on the same local network segment to communicate directly using protocols like Ethernet or Wi-Fi.
Q6
mediumFull explanation →

A Linux system has two network interfaces: eth0 and eth1. The administrator wants to bond them for increased throughput. Which kernel module is required for bonding?

A

aggregation

B

bonding

The bonding kernel module provides network interface bonding.

C

team

D

bond

Why: The bonding driver in Linux allows multiple network interfaces to be aggregated into a single logical interface for increased throughput or redundancy. The correct kernel module is named 'bonding' (loaded via modprobe bonding or compiled into the kernel), which implements the IEEE 802.3ad Link Aggregation standard and other bonding modes. Option B is correct because 'bonding' is the exact module name used in the Linux kernel.

Want more System Architecture practice?

Practice this domain

Frequently asked questions

How many questions are on the LPIC-1 exam?

The LPIC-1 exam has 60 questions and must be completed in 90 minutes. The passing score is 500/1000.

What types of questions appear on the LPIC-1 exam?

Scenario-based questions covering exam objectives with detailed answer explanations.

How are LPIC-1 questions organised by domain?

The exam covers 7 domains: Devices, Filesystems and FHS, Linux Installation and Package Management, GNU and Unix Commands, Administrative Tasks, Shells, Scripting and Data Management, Essential System Services and Networking, System Architecture. Questions are weighted by domain — higher-weight domains appear more on your actual exam.

Are these the actual LPIC-1 exam questions?

No. These are original exam-style practice questions written against the official LPI LPIC-1 exam objectives. They are not copied from the real exam. Courseiva focuses on genuine understanding, not memorisation of braindumps.

Ready to practice all 60 LPIC-1 questions?

Courseiva tracks your accuracy per domain and routes you toward weak areas automatically. Free, no account required.

Browse all LPIC-1 questionsTake a timed practice test