Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsEX200TopicsManage security
Free · No Signup RequiredRed Hat · EX200

EX200 Manage security Practice Questions

20+ practice questions focused on Manage security — one of the most tested topics on the Red Hat Certified System Administrator EX200 exam. Each question includes a detailed explanation so you learn why the right answer is correct.

Start Manage security Practice

Exam Domains

Operate running systemsConfigure local storageCreate and configure file systemsDeploy, configure, and maintain systemsManage users and groupsManage securityManage containersAll domains →

Study Tools

Practice TestMock ExamFlashcardsAll Topics

Sample Manage security Questions

Practice all 20+ →
1.

A junior admin needs to ensure that the 'apache' user (UID 48) cannot log in via SSH or console. Which command achieves this?

A.usermod -s /sbin/nologin apache
B.passwd -l apache
C.chage -l apache
D.usermod -e 1 apache

Explanation: Option A is correct because setting the user's login shell to `/sbin/nologin` prevents the user from obtaining an interactive shell via SSH or console login. When the user attempts to log in, the system executes `/sbin/nologin`, which prints a polite message and exits immediately, effectively denying shell access while leaving other services (e.g., Apache) functional.

2.

An administrator runs 'getenforce' and sees 'Enforcing'. They then run 'setenforce 0' but SELinux still denies access to a custom application. What is the most likely reason?

A.SELinux is in enforcing mode and the policy is misconfigured.
B.The application's SELinux context is incorrect and needs relabeling.
C.The issue is due to file permissions or ACLs, not SELinux.
D.The change requires a reboot to take effect.

Explanation: Option C is correct because `setenforce 0` switches SELinux to permissive mode, which logs but does not enforce denials. If access is still denied after this command, the issue is not caused by SELinux enforcement but by traditional Linux file permissions (DAC) or ACLs. The administrator should check `ls -l` and `getfacl` to verify the file's ownership and permissions.

3.

A system administrator wants to allow user 'jdoe' to execute any command as root via sudo without being prompted for a password, but only from the host 'client1.example.com'. Which sudoers rule achieves this?

A.jdoe client1.example.com=(root) NOPASSWD: ALL
B.jdoe client1.example.com=(root) ALL
C.jdoe ALL=(root) NOPASSWD: ALL
D.jdoe ALL=(root) ALL

Explanation: Option A is correct because the sudoers rule 'jdoe client1.example.com=(root) NOPASSWD: ALL' specifies the user 'jdoe', the host 'client1.example.com' as the source host from which the command is run, the target user '(root)', the NOPASSWD tag to skip password authentication, and the command 'ALL' to allow any command. This matches the requirement exactly: passwordless root access restricted to a specific client host.

4.

A server's firewall is managed by firewalld. The admin adds a rule to allow HTTPS traffic to the public zone, but clients still cannot connect. What is the most likely cause?

A.The rule was added with --permanent but firewall-cmd --reload was not run.
B.The rule must be added as a rich rule, not a simple service.
C.The default zone is not set to public.
D.firewalld is just a wrapper for iptables, so iptables rules must be cleared.

Explanation: Option A is correct because when a rule is added with the `--permanent` flag in firewalld, it is written to the configuration files but not applied to the runtime firewall. Until `firewall-cmd --reload` is executed, the runtime configuration remains unchanged, so the new rule allowing HTTPS traffic is not active. Clients cannot connect because the firewall is still blocking HTTPS based on the old runtime rules.

5.

Which TWO commands can be used to display SELinux contexts of files? (Choose two.)

A.stat -c %C
B.chcon -l
C.id -Z
D.ls -Z

Explanation: The `stat -c %C` command displays the SELinux security context of a file by using the `%C` format specifier, which outputs the security context string. The `ls -Z` command also shows SELinux contexts for files in a directory listing, with the `-Z` flag specifically requesting security context information. Both commands are standard tools for viewing SELinux labels on files.

+15 more Manage security questions available

Practice all Manage security questions

How to master Manage security for EX200

1. Baseline your knowledge

Start with 10 questions to gauge your current understanding of Manage security. This tells you whether you need a concept refresher or just practice.

2. Review every explanation

For each question — right or wrong — read the full explanation. Understanding why an answer is correct is more valuable than knowing the answer itself.

3. Focus on exam traps

Manage security questions on the EX200 frequently use trap wording. Look for subtle differences in answers that test your precision, not just general knowledge.

4. Reach 80% consistently

Do repeated sessions until you score 80%+ three times in a row. Then move to mixed-mode practice to test cross-topic recall under realistic conditions.

Frequently asked questions

How many EX200 Manage security questions are on the real exam?

The exact number varies per candidate. Manage security is tested as part of the Red Hat Certified System Administrator EX200 blueprint. Practicing with targeted Manage security questions ensures you can handle any format or difficulty that appears.

Are these EX200 Manage security practice questions free?

Yes. Courseiva provides free EX200 practice questions across all exam topics and domains. The platform includes topic-based practice, mock exams, missed-question review, bookmarked questions, and readiness tracking — no account required.

Is Manage security one of the harder EX200 topics?

Difficulty is subjective, but Manage security is a high-priority exam concept tested in multiple ways — direct recall, scenario analysis, and command-output interpretation. Consistent practice is the best way to build confidence.

Ready to practice?

Launch a full Manage security practice session with instant scoring and detailed explanations.

Start Manage security Practice →

Topic Info

Topic

Manage security

Exam

EX200

Questions available

20+