Practice EX200 Manage users and groups questions with full explanations on every answer.
Start practicing
Manage users and groups — choose a session length
Free · No account required
Click any question to see the full explanation and answer options, or start a focused practice session above.
A system administrator needs to ensure that a user named 'bob' can access a shared directory '/data' owned by group 'developers'. The directory has permissions 2775 and is owned by root:developers. Bob is a member of the 'developers' group. However, when Bob tries to create a file in '/data', it fails with 'Permission denied'. What is the most likely cause?
2A company policy requires that when a user is deleted, all files owned by that user in /home should be reassigned to a 'guest' account. Which command accomplishes this?
3An administrator wants to add the user 'jane' to the supplementary groups 'wheel' and 'docker' without removing her from other groups. Which command should be used?
4A server has a requirement that all users in the 'finance' group must have a password aging policy that forces password change every 90 days. Which approach best achieves this for existing users?
5Which TWO commands can change the primary group of an existing user?
6Given the exhibit, which statement is true about the file /project/report.txt?
7You are managing a Red Hat Enterprise Linux 8 server that hosts a shared development environment. The server has a directory /projects owned by root:developers with permissions 2770. There are three users: dev1, dev2, and dev3, all members of the 'developers' group. Developers need to create and edit files in /projects, and any new file should be writable by all members of the developers group. However, you notice that when dev1 creates a file, the permissions are 644 instead of 664, and the group is set to dev1's primary group (dev1) instead of 'developers'. After investigating, you find that the setgid bit is set on /projects, but the directory's ACLs are not configured. What is the most efficient way to ensure that new files in /projects inherit the group 'developers' and have group-writable permissions by default?
8A system administrator needs to ensure that the user 'jdoe' cannot log in via SSH but can still use other services like FTP. Which approach should the administrator take?
9Which TWO commands can be used to add the user 'alice' to the supplementary group 'developers'?
10Refer to the exhibit. A web server runs as user 'apache'. The directory /var/www/html is owned by root:root with permissions 755. The administrator wants to allow the user 'webuser' to upload files to /var/www/html via SFTP. Which step is necessary to achieve this?
11Arrange the steps to configure a network bond (mode 1) using two interfaces (eth0, eth1) in RHEL.
12Match each firewall zone to its default trust level.
13A company needs to create a user account for a temporary contractor who will work for exactly 90 days. The account must be automatically disabled after 90 days. Which command should the administrator use?
14A user named jdoe is receiving 'Permission denied' errors when trying to access a file owned by root with permissions 644. The user is a member of the root group. What is the most likely cause?
15After being added to a new supplementary group with usermod -aG, a user logs out and back in but still cannot access files owned by that group. Which command should the user run to verify current effective group membership?
16A new employee named asmith needs a user account with a home directory and a specific UID of 1500. Which command accomplishes this?
17A system administrator needs to change the primary group of an existing user to a group that already exists. Which command should be used?
18A server has been compromised, and the administrator suspects an unauthorized user account may have been created. Which file should be examined to list all local user accounts?
19An administrator wants to ensure that any new user accounts created on the system have a default primary group matching the username. What change is needed?
20A user reports that they can log in but cannot change their password. Which file might be misconfigured?
21An administrator used the command useradd -D -f 10 to change the default inactivity period. What effect does this have on future user accounts?
22Which TWO commands can be used to add a user to a secondary group without removing existing supplementary group memberships? (Choose exactly 2)
23Which THREE statements about /etc/shadow are true? (Choose exactly 3)
24Which TWO commands can list all groups a user belongs to? (Choose exactly 2)
25Refer to the exhibit. A user named 'carol' has been added to the system with the command useradd -G wheel carol. Which line in /etc/group will confirm that carol is now a member of the wheel group?
26Refer to the exhibit. What effect does the value INACTIVE=-1 have on newly created user accounts?
27Refer to the exhibit. A user bob exists with UID 1002 and GID 1002. The /etc/group shows a group bob with GID 1002 but no members listed. Bob tries to access a file owned by group 'bob' with permissions 640 and owner root. What will happen?
28A system administrator needs to ensure that a user named 'jdoe' can execute commands as root without being prompted for a password. Which configuration change should be made?
29A user reports they cannot log in to a Linux system. Their account was recently created. The administrator checks /etc/passwd and sees the entry: jsmith:x:1001:1001::/home/jsmith:/sbin/nologin. What is the likely issue?
30An administrator is migrating user accounts to a new system. They want to preserve the user's primary group name and GID. Which commands should be used in sequence?
31A helpdesk ticket states that user 'bob' cannot write to his own home directory. The directory /home/bob has permissions drwxr-xr-x and is owned by root:root. What command will fix this?
32An administrator needs to create a user account that will be used by an application service. The account should not have a valid shell or home directory. Which command correctly creates such an account?
33During an audit, it is discovered that a critical file /etc/shadow has permissions 644 and is owned by root:shadow. The administrator needs to secure it. What is the correct action?
34An administrator wants to modify the default expiration settings for new user passwords. Which file should be modified?
35A user 'carol' is in group 'staff'. The directory /shared has permissions drwxrwx--- and group staff. Carol can create files but cannot delete other users' files. What is missing?
36An administrator accidentally deleted the group 'sales' which is the primary group of several users. What is the immediate effect on those users?
37Which TWO of the following are valid methods to set a user's password expiration date?
38Which TWO commands can be used to add a user to an existing supplementary group without removing them from other groups?
39Which THREE conditions must be met for a user to effectively use the 'sudo' command to execute commands with root privileges?
40A user jdoe, who is a member of the group staff, reports they cannot access the directory /shared. The administrator runs getfacl /shared and receives the output shown. Which of the following explains the issue?
41Alice tries to run 'sudo less /var/log/messages' and gets 'Sorry, user alice is not allowed to execute /usr/bin/less /var/log/messages as root on this host.' Why?
42Your organization has a shared directory /data/projects with permissions 2770 owned by root:projectmanagers. The directory is used by a team of developers who are all members of the 'developers' group. However, you need to ensure that any file created inside /data/projects automatically belongs to the 'developers' group, not the user's primary group. Additionally, you need to ensure that developers can delete only their own files, not those of others. Your IT security policy also requires that all user passwords must expire every 90 days and that new users should have a warning period of 7 days before expiration. Given the following options, which one describes the correct set of actions to achieve all these requirements?
43A system administrator needs to ensure that the user 'jdoe' can read files in the shared directory /project/data which is owned by group 'project'. The user 'jdoe' is currently not a member of the 'project' group. Which TWO steps should the administrator take to add 'jdoe' to the 'project' group? (Choose two.)
44You are a junior administrator at a company that uses Red Hat Enterprise Linux 8. The HR department has a shared directory /hr/data that should be accessible to all members of the 'hr' group. The directory is currently owned by root:root with permissions 755. You need to configure the system so that new files created in /hr/data are automatically owned by the group 'hr' and the group has read-write permissions. Additionally, you need to ensure that user 'jane' (who is a member of 'hr') can create files in the directory. However, after adding 'jane' to the 'hr' group, she still cannot create files, receiving 'Permission denied'. Which of the following is the best course of action to resolve this issue?
45A Red Hat Enterprise Linux 9 system enforces a security policy that user accounts must be disabled after 90 days of inactivity. The system administrator has configured /etc/shadow accordingly with the proper fields. User 'bob' has been on leave for 95 days. When bob returns and tries to log in, he is unable to do so. The administrator checks the shadow file and sees that bob's password expiration date has passed and the account is locked due to inactivity (the inactivity period has exceeded). The administrator wants to immediately reactivate bob's account without changing the password, and also wants to set the account to expire in 30 days from now (relative to the current date). Which set of commands should the administrator run to achieve this goal?
46Which TWO commands can be used to create a new user account in Red Hat Enterprise Linux 8?
47A user was recently added to the 'testgrp' group using `usermod -aG testgrp user1`. However, when they try to access a file owned by testgrp with permissions 660, they get permission denied. What is the most likely reason?
48You are managing a Red Hat Enterprise Linux 8 server that hosts backup scripts. A user named 'backup' (UID 1005) is a member of the 'backup' group. The directory /var/backups is owned by root:backup with permissions 775. The 'backup' user needs to create files in this directory. However, when the user attempts to create a file, they receive 'Permission denied'. You verify that 'backup' is indeed listed in the backup group in /etc/group. The user's current shell was started after their last login. Which of the following is the most likely cause and solution?
The Manage users and groups domain covers the key concepts tested in this area of the EX200 exam blueprint published by Red Hat. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all EX200 domains — no account required.
The Courseiva EX200 question bank contains 48 questions in the Manage users and groups domain. Click any question to see the full explanation and answer breakdown.
Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.
Yes — the session launcher on this page draws questions exclusively from the Manage users and groups domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.
Save your results, see per-domain analytics, and get readiness scores — free, for every certification.
Sign Up FreeFree forever · Every certification included