CCNA Linux Commands and File Permissions Questions

30 questions · Linux Commands and File Permissions · All types, answers revealed

1
MCQmedium

A user reports that an application fails to start because a configuration file is owned by root with permissions 644, but the application runs as user 'appuser'. Which command will allow 'appuser' to edit the file without changing ownership?

A.chmod 666 config.cfg
B.chown appuser config.cfg
C.chgrp appgroup config.cfg && chmod g+w config.cfg
D.setfacl -m u:appuser:rw config.cfg
AnswerC

This changes the group to one that includes appuser and adds group write permission, allowing editing without changing the owner.

Why this answer

This tests understanding of file permissions and groups. By adding 'appuser' to the file's group and granting group write permission, the user can edit without being owner.

2
MCQhard

A malicious script is suspected to have changed permissions on critical system files. The administrator needs to restore the /etc/passwd file to its default permissions, which are 644. The file is currently 777. Which command will set the correct permissions?

A.chmod 644 /etc/passwd
B.chmod 600 /etc/passwd
C.chmod 755 /etc/passwd
D.chmod 444 /etc/passwd
AnswerA

This sets owner read/write, group read, others read, which is the correct default for /etc/passwd.

Why this answer

The correct answer is A because chmod 644 /etc/passwd sets the permissions to rw-r--r--, which is the standard for /etc/passwd. This removes the world-writable and executable bits.

3
MCQmedium

A system administrator needs to find all files in /var/log that have been modified in the last 24 hours to check for recent activity. Which command accomplishes this?

A.find /var/log -mtime -1
B.find /var/log -atime -1
C.find /var/log -ctime -1
D.find /var/log -mmin -1440
AnswerA

This correctly finds files modified within the last 24 hours using -mtime -1.

Why this answer

The correct answer is A because the `find` command with `-mtime -1` searches for files whose content (modification time) was changed within the last 24 hours. This is exactly what the administrator needs to check for recent activity in /var/log.

Exam trap

CompTIA often tests the distinction between `-mtime` (modification), `-atime` (access), and `-ctime` (inode change), and candidates frequently confuse `-ctime` with content modification or pick `-atime` thinking 'activity' includes reads.

How to eliminate wrong answers

Option B is wrong because `-atime -1` checks access time (last read), not modification time, so it would include files that were only read but not changed. Option C is wrong because `-ctime -1` checks inode change time (metadata changes like permissions or ownership), not file content modification. Option D is wrong because `-mmin -1440` checks for files modified within the last 1440 minutes (24 hours), which is functionally equivalent to `-mtime -1`, but the question asks for a command that 'accomplishes this' and option A is the standard, correct syntax; option D uses minutes instead of days and is less common, but more importantly, the exam expects `-mtime -1` as the precise answer.

4
MCQeasy

A helpdesk technician is assisting a user who is unable to find a file named 'notes.txt' they saved earlier. The user is in their home directory. Which command will search the entire filesystem for this file?

A.locate notes.txt
B.grep notes.txt /
C.find ~ -name notes.txt
D.find / -name notes.txt
AnswerD

This searches the entire filesystem from root, making it the correct command for a full system search.

Why this answer

Option D is correct because the `find / -name notes.txt` command starts at the root directory (`/`) and recursively searches the entire filesystem for a file named exactly 'notes.txt'. The `-name` option performs a case-sensitive match on the filename, and the starting point `/` ensures all mounted filesystems are included.

Exam trap

The exam often tests the distinction between `find` and `locate`, where candidates mistakenly choose `locate` for a real-time search without considering that the database may not be current, or they confuse the starting directory argument (e.g., `~` vs. `/`).

How to eliminate wrong answers

Option A is wrong because `locate` relies on a pre-built database (usually updated daily via `updatedb`) and may not find a file saved recently if the database hasn't been refreshed; it also does not search the live filesystem in real-time. Option B is wrong because `grep notes.txt /` attempts to search the root directory as a file for the pattern 'notes.txt', but `/` is a directory, not a regular file, so `grep` will either fail with an error or produce no meaningful results; `grep` is designed for searching file contents, not filenames. Option C is wrong because `find ~ -name notes.txt` limits the search to the user's home directory (`~`), not the entire filesystem, so it will miss the file if it was saved elsewhere.

5
MCQeasy

A software deployment script fails because it cannot write to the /opt/app directory. The directory currently has permissions drwxr-xr-x and is owned by root. The script runs as a non-root user. Which command would allow the script to write files without compromising security more than necessary?

A.chmod o+w /opt/app
B.chmod 777 /opt/app
C.chown user:user /opt/app
D.chmod g+w /opt/app
AnswerA

This adds write permission for others, allowing the non-root script to write while keeping group permissions unchanged.

Why this answer

The correct answer is A because chmod o+w /opt/app adds write permission for 'others' (the non-root user), which is the minimal change needed. The script runs as a non-root user, so this grants write access without affecting group permissions.

6
MCQhard

A system administrator needs to add a new user 'jdoe' to the system and ensure that their home directory is created with restrictive permissions so that no other users can access it. Which command sequence achieves this?

A.useradd -m jdoe && chmod 700 /home/jdoe
B.useradd jdoe && chmod 755 /home/jdoe
C.adduser jdoe --private
D.useradd -m -g jdoe jdoe
AnswerA

This creates the user with a home directory and then sets the directory permissions to 700 (owner only), preventing others from accessing it.

Why this answer

Option A is correct because `useradd -m jdoe` creates the user and their home directory `/home/jdoe`, and `chmod 700 /home/jdoe` sets the directory permissions to `rwx------`, which grants full access only to the owner (jdoe) and denies all access to group and others. This meets the requirement of restrictive permissions so that no other users can access the home directory.

Exam trap

CompTIA often tests the distinction between creating a user with default permissions versus explicitly setting restrictive permissions, and the trap here is that candidates may assume `useradd -m` alone or a group-based option (like `-g`) automatically enforces privacy, when in fact the umask or default settings can leave the home directory accessible to others.

How to eliminate wrong answers

Option B is wrong because `chmod 755 /home/jdoe` sets permissions to `rwxr-xr-x`, which allows other users to read and execute (i.e., traverse) the home directory, violating the requirement for no other user access. Option C is wrong because `adduser jdoe --private` is not a valid command in standard Linux distributions; `adduser` is a Perl script that does not support a `--private` flag, and even if it did, it would not guarantee the specific restrictive permission of 700. Option D is wrong because `useradd -m -g jdoe jdoe` creates the user with a primary group named `jdoe` (which is typically the same as the username) but does not set any restrictive permissions on the home directory; the default umask (often 022) would result in permissions like 755, allowing other users access.

7
MCQhard

A security incident response team needs to find all files in /var/www that have the SUID bit set, which may indicate a privilege escalation risk. Which command should they use?

A.find /var/www -type f -perm 4000
B.find /var/www -type f -perm /4000
C.ls -la /var/www | grep '^...s'
D.chmod -R u+s /var/www
AnswerB

The /4000 syntax finds any file where the SUID bit is set, regardless of other permission bits.

Why this answer

Option B is correct because the `find` command with `-perm /4000` matches any file that has the SUID bit set (the 4000 octal permission), regardless of other permission bits. The `/` prefix tells `find` to match if any of the specified permission bits are set, which is the precise way to locate files with the SUID bit enabled. This command will recursively search `/var/www` for regular files (`-type f`) with the SUID bit, helping identify potential privilege escalation risks.

Exam trap

CompTIA often tests the distinction between `-perm 4000` (exact match) and `-perm /4000` (any match), where candidates mistakenly choose the exact match option, not realizing it will miss files with additional permission bits set.

How to eliminate wrong answers

Option A is wrong because `-perm 4000` matches files with exactly the permission 4000 (i.e., only the SUID bit set and no other bits), which would miss files that have the SUID bit set along with other permissions like 4755. Option C is wrong because `ls -la /var/www | grep '^...s'` only checks the first level of `/var/www` and does not search recursively, so it would miss files in subdirectories; also, the grep pattern is incorrect as it expects the SUID indicator in the owner execute position but does not account for other permission patterns. Option D is wrong because `chmod -R u+s /var/www` sets the SUID bit on all files and directories recursively, which is a dangerous action that would create privilege escalation risks, not find them.

8
MCQeasy

During a security audit, a Linux server is found to have a configuration file that is world-writable. The file /etc/app/config.cfg must only be readable and writable by the root user. Which command should the administrator run?

A.chmod 777 /etc/app/config.cfg
B.chmod 644 /etc/app/config.cfg
C.chmod 600 /etc/app/config.cfg
D.chmod 400 /etc/app/config.cfg
AnswerC

This grants read and write only to the owner (root), and no permissions to group or others, securing the file.

Why this answer

Option C is correct because `chmod 600` sets the file permissions to read and write for the owner (root) and no permissions for group or others. This satisfies the requirement that only root can read and write `/etc/app/config.cfg`, as root is the owner of the file.

Exam trap

The trap here is that candidates may confuse the numeric permission values, often picking `644` (thinking it restricts write access) or `400` (thinking read-only is sufficient), while overlooking the explicit requirement for both read and write by root.

How to eliminate wrong answers

Option A is wrong because `chmod 777` grants read, write, and execute permissions to everyone (owner, group, others), making the file world-writable and world-executable, which violates the security requirement. Option B is wrong because `chmod 644` grants read and write to the owner but read-only to group and others, meaning non-root users can still read the file, which does not meet the 'only root' condition. Option D is wrong because `chmod 400` grants read-only to the owner (root) and no permissions to group or others, but the requirement explicitly states the file must be both readable and writable by root, so write permission is missing.

9
MCQeasy

A junior admin needs to list all files in /var/log that were modified in the last 24 hours. Which command accomplishes this?

A.ls -la /var/log | grep '24 hours'
B.find /var/log -mtime 0
C.find /var/log -atime 0
D.locate /var/log | sort -m
AnswerB

This correctly finds files modified within the last 24 hours (0 means less than 1 day ago).

Why this answer

Option B is correct because the `find` command with `-mtime 0` searches for files whose modification time is within the last 24 hours. The `-mtime` argument uses a 24-hour period, where `0` means modified less than 24 hours ago, making it the precise tool for this task.

Exam trap

The A+ exam often tests the distinction between `-mtime` (modification time) and `-atime` (access time), trapping candidates who confuse the two or who think `ls` with `grep` can perform time-based filtering.

How to eliminate wrong answers

Option A is wrong because `ls -la` lists files but does not filter by modification time; piping to `grep '24 hours'` would only match lines containing that literal string, not files modified in the last 24 hours. Option C is wrong because `-atime 0` checks access time (last read), not modification time, so it would list files accessed in the last 24 hours, not those modified. Option D is wrong because `locate` searches a pre-built database of file paths and does not support time-based filtering; `sort -m` merges sorted files, which is irrelevant to listing recently modified files.

10
MCQmedium

A user reports that a shared file on a Linux server is not accessible to their team. The file permissions are -rwxr----- and the user is a member of the group 'staff'. The file's group owner is 'admin'. Which command should the administrator run to allow the staff group to read the file?

A.chmod 755 file
B.chmod g+r file
C.chgrp staff file
D.chown user:staff file
AnswerC

This changes the group to 'staff', so the group read permission applies to the user's team, granting access.

Why this answer

The file's current permissions (-rwxr-----) grant the owner full access and the group 'admin' read-only access, but the user is in the 'staff' group, not 'admin'. To allow the 'staff' group to read the file, the file's group owner must be changed to 'staff' using `chgrp staff file`. This ensures that the group read permission (r--) applies to members of the 'staff' group.

Exam trap

The trap here is that candidates often confuse 'chmod g+r' (which modifies permissions for the current group) with changing the group ownership, leading them to overlook the core issue that the file's group owner is 'admin', not 'staff'.

How to eliminate wrong answers

Option A is wrong because `chmod 755 file` sets permissions to -rwxr-xr-x, which would give read and execute to everyone, including users outside the intended group, and does not address the group ownership mismatch. Option B is wrong because `chmod g+r file` adds read permission for the current group owner ('admin'), not for the 'staff' group; the user is in 'staff', so this command does not grant access to the user's group. Option D is wrong because `chown user:staff file` changes both the owner and group to 'user' and 'staff', which is excessive and could disrupt other access controls; the requirement is only to change the group ownership to 'staff', not the file owner.

11
MCQeasy

A junior admin needs to list all files in the current directory, including hidden files, with detailed information such as permissions, owner, and size. Which command should they use?

A.ls -l
B.ls -a
C.ls -la
D.ll
AnswerC

The combination -la lists all files in long format, fulfilling the requirement.

Why this answer

The `ls -la` command combines the `-l` (long format) and `-a` (all files, including hidden ones) options. This fulfills the requirement to list all files in the current directory, including hidden files (those starting with a dot), with detailed information such as permissions, owner, group, size, and modification time.

Exam trap

A common mistake is to think that either `ls -l` (shows details but not hidden files) or `ls -a` (shows hidden files but no details) is sufficient. The correct answer is `ls -la` which combines both options.

How to eliminate wrong answers

Option A is wrong because `ls -l` lists files in long format but does not include hidden files (those starting with a dot). Option B is wrong because `ls -a` lists all files including hidden ones but does not provide detailed information such as permissions, owner, or size. Option D is wrong because `ll` is often an alias for `ls -l` (not `ls -la`) in many distributions, so it would not show hidden files unless specifically aliased to include `-a`; it is not a standard command and its behavior is not guaranteed across systems.

12
MCQmedium

A user cannot run a command because they get 'permission denied' even though they are in the sudoers file. The command is located in /opt/custom/bin. Which command will show the current permissions and ownership of the file?

A.stat /opt/custom/bin/command
B.ls -l /opt/custom/bin/command
C.file /opt/custom/bin/command
D.chmod /opt/custom/bin/command
AnswerB

This is the standard command to view permissions, owner, and group in a concise format.

Why this answer

Option B is correct because the 'ls -l' command displays the file's permissions (e.g., -rwxr-xr-x), ownership (user and group), and other metadata. This directly shows whether the file is executable and who owns it, which is essential for diagnosing a 'permission denied' error despite sudoers membership.

Exam trap

CompTIA often tests the distinction between viewing permissions ('ls -l' or 'stat') and modifying them ('chmod'), and candidates may confuse 'file' (type detection) with 'ls -l' (permission display).

How to eliminate wrong answers

Option A is wrong because 'stat' shows detailed file metadata (inode, timestamps, etc.) but does not display permissions and ownership in a concise, human-readable format like 'ls -l'. Option C is wrong because 'file' determines the file type (e.g., ELF binary, script) but does not show permissions or ownership. Option D is wrong because 'chmod' is used to change permissions, not to view them; running it without a mode argument will produce an error.

13
MCQeasy

A help desk technician receives a complaint that a shared file in /opt/app/data cannot be read by any user except root. The file permissions are -rw-------. Which command will allow the group 'developers' to read the file?

A.chmod o+r /opt/app/data
B.chmod 644 /opt/app/data
C.chmod g+r /opt/app/data
D.chown :developers /opt/app/data
AnswerC

This adds read permission specifically for the group, which is the minimal required change.

Why this answer

The file currently has permissions `-rw-------`, meaning only the owner (root) has read and write access. To allow the group 'developers' to read the file, you need to add read permission for the group. The command `chmod g+r /opt/app/data` adds read permission for the group, which is the correct approach.

This directly addresses the requirement without altering other permissions unnecessarily.

Exam trap

The trap here is that examinees often confuse changing group ownership (`chown :developers`) with granting group permissions (`chmod g+r`), or they mistakenly apply permissions to 'others' (`o+r`) instead of the group, failing to realize that the group must have explicit read permission to access the file.

How to eliminate wrong answers

Option A is wrong because `chmod o+r` adds read permission for 'others' (users not the owner and not in the group), not for the group 'developers'. Option B is wrong because `chmod 644` sets permissions to `-rw-r--r--`, which gives read access to both group and others, but it also removes any existing special permissions (like setuid/setgid) and does not specifically target only the group; it is overly broad and changes the owner's permissions unnecessarily. Option D is wrong because `chown :developers /opt/app/data` changes the group ownership of the file to 'developers', but it does not change the file's permissions; the file still has `-rw-------`, so even after changing the group, members of 'developers' still cannot read the file because no group read permission is set.

14
MCQmedium

A technician needs to search for any file in /etc that contains the string 'Password' (case-insensitive). Which command should be used?

A.grep -r 'Password' /etc
B.grep -ri 'Password' /etc
C.find /etc -name '*Password*'
D.locate Password | grep /etc
AnswerB

The -r flag enables recursive search, and -i makes it case-insensitive, matching all variations.

Why this answer

Option B is correct because the `grep -ri` command performs a recursive (`-r`) case-insensitive (`-i`) search for the string 'Password' across all files under the `/etc` directory. This matches the requirement exactly: case-insensitive search for any file containing the string.

Exam trap

CompTIA often tests the distinction between searching file contents (`grep`) versus searching filenames (`find`, `locate`), and the trap here is that candidates may forget the `-i` flag for case-insensitivity or confuse `grep` with `find`.

How to eliminate wrong answers

Option A is wrong because `grep -r 'Password' /etc` performs a case-sensitive search, which would miss files containing 'password', 'PASSWORD', etc. Option C is wrong because `find /etc -name '*Password*'` searches for filenames containing 'Password', not file contents. Option D is wrong because `locate Password | grep /etc` uses the `locate` database to find files with 'Password' in their path, then filters for `/etc`, but this searches filenames, not file contents, and is case-sensitive by default.

15
MCQmedium

A technician is troubleshooting a web server that is not serving pages from /var/www/html. The directory permissions are drwxr-x--- and the web server runs as user 'www-data'. The directory is owned by root:www-data. Which command will allow the web server to read the directory and its contents?

A.chmod g+rx /var/www/html
B.chmod o+rx /var/www/html
C.chown www-data:www-data /var/www/html
D.usermod -aG www-data www-data
AnswerD

This adds the user www-data to the group www-data, ensuring the group permissions apply, which is the correct approach.

Why this answer

Option D is correct because the web server runs as user 'www-data', and the directory /var/www/html has permissions drwxr-x--- (owner root, group www-data). This means the group has read and execute permissions, but the user 'www-data' is not in the group 'www-data' by default. The command 'usermod -aG www-data www-data' adds the user 'www-data' to the group 'www-data', granting group-level read and execute access to the directory and its contents, allowing the web server to serve pages.

Exam trap

The trap here is that candidates assume changing file permissions (chmod) or ownership (chown) is the only solution, overlooking the fact that the user 'www-data' is not a member of the group 'www-data', which is a common Linux group membership issue tested in the 220-1202 exam.

How to eliminate wrong answers

Option A is wrong because 'chmod g+rx /var/www/html' would add read and execute permissions for the group, but the group already has those permissions (drwxr-x--- shows group has r-x). This command does not address the issue that the user 'www-data' is not a member of the group 'www-data'. Option B is wrong because 'chmod o+rx /var/www/html' would add read and execute permissions for others, which could be a security risk and is unnecessary; the correct approach is to add the user to the group, not open permissions to all.

Option C is wrong because 'chown www-data:www-data /var/www/html' would change ownership to user 'www-data' and group 'www-data', but the web server runs as user 'www-data', so the user already has no group membership issue; however, changing ownership might break other processes expecting root ownership, and it does not solve the group membership problem—the user still needs to be in the group to leverage group permissions.

16
MCQhard

A system administrator needs to change the group ownership of a directory /srv/data and all its contents to 'datagroup'. Which command will accomplish this recursively?

A.chgrp -R datagroup /srv/data
B.chown datagroup: /srv/data
C.chmod -R g+rw /srv/data
D.groupmod -R datagroup /srv/data
AnswerA

chgrp with -R recursively changes the group ownership of the directory and all its contents.

Why this answer

The correct command is `chgrp -R datagroup /srv/data`. The `-R` (or `--recursive`) flag tells `chgrp` to operate on the directory and all its contents, changing the group ownership to 'datagroup'. This directly fulfills the requirement to change group ownership recursively.

Exam trap

The trap here is that candidates often confuse `chgrp` with `chown` or `chmod`, mistakenly thinking that `chown datagroup:` or `chmod -R g+rw` will change group ownership, when in fact they change user ownership or permissions, respectively.

How to eliminate wrong answers

Option B is wrong because `chown datagroup: /srv/data` changes the user owner to 'datagroup' (with an empty group field), not the group ownership, and it does not operate recursively. Option C is wrong because `chmod -R g+rw /srv/data` modifies file permissions (adding read and write for the group), not group ownership. Option D is wrong because `groupmod` is used to modify the properties of a group (e.g., its name or GID) in the system's group database, not to change ownership of files or directories, and it does not accept a `-R` flag for recursion.

17
MCQmedium

A security incident response team needs to identify all files on a system that have the SUID bit set, as these may pose a security risk. Which command should they use?

A.find / -type f -perm 0777
B.find / -type f -perm 4000
C.find / -type f -perm -4000
D.find / -type f -perm /4000
AnswerC

This finds any file with the SUID bit set, regardless of other permission bits, which is the correct approach.

Why this answer

Option C is correct because the `-perm -4000` syntax in the `find` command matches files that have the SUID bit set (the 4000 octal permission), regardless of other permission bits. The leading dash (`-`) means 'at least these bits must be set,' so it correctly identifies all files where the SUID bit is enabled, which is a common security concern as it allows execution with the file owner's privileges.

Exam trap

This question tests the distinction between exact permission matching (`-perm 4000`), 'at least' matching (`-perm -4000`), and 'any of these bits' matching (`-perm /4000`), trapping candidates who confuse the dash prefix with the slash prefix or assume exact matching is sufficient.

How to eliminate wrong answers

Option A is wrong because `-perm 0777` matches files with exact permissions of 0777 (all read, write, execute for owner, group, and others), not files with the SUID bit set. Option B is wrong because `-perm 4000` matches files with exactly the permission 4000 (only the SUID bit, no other permissions), which is unrealistic and would miss files that have the SUID bit combined with other permissions like 4755. Option D is wrong because `-perm /4000` uses the `/` prefix, which in GNU find matches files where any of the specified bits are set (logical OR), but this is not the standard POSIX syntax and may not be available on all systems; the correct POSIX-compliant syntax for matching the SUID bit is `-perm -4000`.

18
MCQmedium

A security incident is reported where a user accidentally deleted a critical script in /usr/local/bin. The script was owned by root and had permissions 755. Which command will restore the script from a backup located in /backup?

A.mv /backup/script.sh /usr/local/bin/
B.cp /backup/script.sh /usr/local/bin/
C.cp -p /backup/script.sh /usr/local/bin/
D.rsync -a /backup/script.sh /usr/local/bin/
AnswerC

The -p flag preserves the original file's permissions, timestamps, and ownership if run as root.

Why this answer

Option C is correct because the `cp -p` command preserves the original file's ownership (root) and permissions (755) when restoring the script from /backup to /usr/local/bin. Since the script was owned by root and had specific permissions, using `-p` ensures these attributes are retained, which is critical for a system script in /usr/local/bin. Without `-p`, the restored file would inherit the user's default umask and ownership, breaking the intended security context.

Exam trap

The trap here is that candidates often choose `cp` without `-p` (Option B) because they assume a simple copy is sufficient, overlooking that file ownership and permissions are not preserved by default, which is a common oversight in Linux file restoration scenarios tested on the A+ exam.

How to eliminate wrong answers

Option A is wrong because `mv` moves the file from /backup to /usr/local/bin, which removes the backup copy entirely, leaving no fallback if the restore fails or is incorrect. Option B is wrong because `cp` without the `-p` flag does not preserve the original file's ownership (root) and permissions (755); the restored script would be owned by the user running the command and have permissions based on the current umask, potentially breaking system functionality. Option D is wrong because `rsync -a` (archive mode) preserves permissions, ownership, and timestamps, but it is designed for synchronizing directories and may introduce unnecessary overhead or unintended behavior (e.g., deleting files in the destination if used with `--delete`), and it is not the standard simple restore command for a single file in this context.

19
MCQmedium

A help desk ticket states that a user cannot write to a shared directory /data/projects. The directory permissions are drwxr-xr-x and the user is in the 'staff' group. The directory's group owner is 'staff'. What is the most likely cause?

A.The user does not have read permission on the directory.
B.The directory lacks group write permission.
C.The user is not the owner of the directory.
D.The sticky bit is set on the directory.
AnswerB

The group has r-x, meaning no write permission; adding group write (chmod g+w) would resolve the issue.

Why this answer

The directory permissions are drwxr-xr-x, which means the owner has read, write, and execute (rwx), the group has read and execute (r-x), and others have read and execute (r-x). Since the user is in the 'staff' group and the directory's group owner is 'staff', the user's effective permissions are the group permissions, which lack write (w). Therefore, the user cannot write to the directory.

Option B correctly identifies that the directory lacks group write permission.

Exam trap

The CompTIA A+ exam often tests the misconception that being a member of the group that owns a directory automatically grants write access, but candidates overlook that the group permissions must explicitly include the write bit (w) for the user to write to the directory.

How to eliminate wrong answers

Option A is wrong because the user has read permission via the group's 'r-x' permissions (the 'r' allows listing contents). Option C is wrong because ownership is not required to write to a directory; group write permission would suffice if present. Option D is wrong because the sticky bit (indicated by a 't' in the execute position) is not set in the displayed permissions (drwxr-xr-x), and even if it were, it restricts deletion of files by non-owners, not the ability to write new files.

20
MCQmedium

A user complains that when they run the command 'find /var/log -name "*.log" -type f', they get a 'Permission denied' error for several directories. They need to see all log files regardless. What is the most appropriate command to use instead?

A.find /var/log -name '*.log' -type f 2>/dev/null
B.sudo find /var/log -name '*.log' -type f
C.find /var/log -name '*.log' -type f -exec ls -l {} \;
D.chmod -R 755 /var/log && find /var/log -name '*.log' -type f
AnswerB

Running find with sudo gives root privileges, allowing access to all directories and files.

Why this answer

Option B is correct because the 'Permission denied' errors indicate that the user lacks read or execute permissions on certain subdirectories under /var/log. Using 'sudo' elevates privileges to root, which has unrestricted access to all files and directories, allowing the find command to traverse and list every log file without encountering permission restrictions.

Exam trap

CompTIA often tests the misconception that suppressing error output (2>/dev/null) solves permission problems, when in fact it only hides the errors without granting access to the restricted directories.

How to eliminate wrong answers

Option A is wrong because redirecting stderr to /dev/null with 2>/dev/null merely suppresses the error messages; it does not grant the user permission to access the restricted directories, so the command still fails to list log files in those directories. Option C is wrong because appending '-exec ls -l {} \;' adds detailed file listings but does not resolve the underlying permission issue; the find command will still encounter 'Permission denied' errors and skip those directories. Option D is wrong because changing permissions recursively with 'chmod -R 755 /var/log' is an insecure and inappropriate solution that modifies system file permissions, potentially breaking services or exposing sensitive logs, and it requires root privileges anyway, making 'sudo find' the simpler and safer approach.

21
MCQmedium

A technician needs to copy a directory tree from /home/user/docs to a backup location /backup/docs, preserving all permissions, ownership, and timestamps. Which command should they use?

A.cp -r /home/user/docs /backup/docs
B.cp -a /home/user/docs /backup/docs
C.cp -p /home/user/docs /backup/docs
D.rsync -r /home/user/docs /backup/docs
AnswerB

The -a (archive) option preserves all attributes including permissions, ownership, and timestamps.

Why this answer

Option B is correct because the `cp -a` (archive) command preserves all file attributes, including permissions, ownership, and timestamps, while recursively copying the entire directory tree. This is the most comprehensive single command for duplicating a directory with full metadata integrity.

Exam trap

CompTIA often tests the distinction between `-p` and `-a` by making candidates think preserving permissions and timestamps is sufficient, while the key requirement to preserve ownership is only met by `-a` (or running `-p` as root).

How to eliminate wrong answers

Option A is wrong because `cp -r` only performs a recursive copy without preserving ownership or timestamps; it may also alter permissions based on the current umask. Option C is wrong because `cp -p` preserves permissions and timestamps but does not preserve ownership (files will be owned by the copying user unless run as root). Option D is wrong because `rsync -r` recursively copies files but does not preserve ownership or timestamps by default; it requires additional flags like `-a` or `--archive` to achieve full preservation.

22
MCQmedium

A user reports that a script they run daily now fails with 'Permission denied' even though they haven't changed any permissions. The script is located in /usr/local/bin/script.sh and has permissions -rwxr-xr-x. The user is in the 'users' group. What is the most likely issue?

A.The script's shebang line is incorrect.
B.The /usr/local/bin partition is mounted with the noexec option.
C.The user does not have read permission on the script.
D.The script has been replaced with a directory.
AnswerB

If the filesystem is mounted with noexec, no binaries or scripts can be executed, even if permissions are correct.

Why this answer

The script has execute permissions for the user (rwxr-xr-x), so the 'Permission denied' error is not due to missing execute bits. The most likely cause is that the /usr/local/bin filesystem is mounted with the 'noexec' option, which prevents execution of any binary or script regardless of its permission bits. This is a common administrative security measure that blocks execution from specific partitions, and it would cause the script to fail with 'Permission denied' even though the file permissions appear correct.

Exam trap

This question tests the distinction between file permission bits and filesystem mount options, trapping candidates who focus only on chmod or ownership changes when the real issue is a system-wide execution restriction like 'noexec'.

How to eliminate wrong answers

Option A is wrong because an incorrect shebang line would typically cause a 'command not found' or 'bad interpreter' error, not a 'Permission denied' error. Option C is wrong because the script's permissions are -rwxr-xr-x, which grants read permission to the owner, group, and others, so the user in the 'users' group does have read access. Option D is wrong because if the script were replaced with a directory, the error would be 'Is a directory' or similar, not 'Permission denied'.

23
MCQeasy

A user reports that they cannot execute a shell script they wrote in their home directory. The script has permissions -rw-r--r--. Which command should be used to allow the owner to execute the script?

A.chmod 755 script.sh
B.chmod u+x script.sh
C.chmod +r script.sh
D.chmod 644 script.sh
AnswerB

This adds execute permission only for the owner, which is exactly what is required.

Why this answer

The script currently has permissions -rw-r--r--, meaning the owner has read and write but not execute. The command chmod u+x adds execute permission for the owner (u) without affecting other permissions. This directly addresses the user's inability to execute the script by granting the missing execute bit to the owner.

Exam trap

CompTIA often tests the distinction between adding a specific permission (u+x) versus setting an absolute mode (755), where candidates may choose 755 because it 'works' without recognizing it unnecessarily grants execute to group and others.

How to eliminate wrong answers

Option A is wrong because chmod 755 sets permissions to rwxr-xr-x, which grants execute to owner, group, and others — this is overly permissive and not the minimal change needed. Option C is wrong because chmod +r adds read permission, but the script already has read permission for all; it does not add execute permission. Option D is wrong because chmod 644 sets permissions to rw-r--r--, which is identical to the current permissions and does not add execute permission for anyone.

24
MCQhard

During a forensic investigation, an analyst needs to list all files in a directory that have been modified in the last 24 hours, including hidden files, and display the results with full path and timestamp. Which command should they use?

A.ls -laR --time-style=full-iso | grep '2025-03-21'
B.find . -mtime -1 -ls
C.stat * .* | grep Modify
D.find . -newer /tmp/ref -ls
AnswerB

This finds files modified within the last 24 hours and uses -ls to show full details including path and timestamp.

Why this answer

Option B is correct because the `find` command with `-mtime -1` lists files modified within the last 24 hours, and the `-ls` action displays detailed output including full path and timestamp. This approach inherently includes hidden files (those starting with a dot) because `find` traverses all directory entries by default, unlike `ls` which requires the `-a` flag to show hidden files.

Exam trap

CompTIA often tests the distinction between `ls` and `find` for file searches, trapping candidates who choose `ls` with `grep` because they overlook that `ls` output is static and requires manual date filtering, while `find` natively supports time-based criteria like `-mtime`.

How to eliminate wrong answers

Option A is wrong because `ls -laR` recursively lists all files including hidden ones, but the `grep '2025-03-21'` filter is hardcoded to a specific date, which is not dynamic and will fail on any other day; it also does not guarantee the last 24 hours unless the current date matches exactly. Option C is wrong because `stat * .*` will fail if there are no hidden files (the `.*` glob may expand to `.` and `..`, causing errors or incorrect results), and `grep Modify` only extracts the modification timestamp without filtering for the last 24 hours or providing full paths. Option D is wrong because `-newer /tmp/ref` compares against a reference file, but `/tmp/ref` does not exist by default; even if created, it would only find files newer than that specific file, not files modified within the last 24 hours, and the `-ls` action still provides the required output format.

25
MCQeasy

A user reports that they cannot execute a custom shell script they created in their home directory. The script is owned by the user and has permissions set to 644. Which command should be used to allow the owner to execute the script?

A.chmod 755 script.sh
B.chmod u+x script.sh
C.chmod 644 script.sh
D.chown user:user script.sh
AnswerB

This adds execute permission only for the owner, preserving the existing read/write permissions for others.

Why this answer

The script has permissions 644, which means the owner has read/write (6) but not execute. To allow the owner to execute the script, you need to add the execute permission for the owner. The command `chmod u+x script.sh` adds execute permission for the user (owner) only, which is the correct and minimal change to resolve the issue.

Exam trap

The trap here is that candidates often choose `chmod 755` (Option A) because it is a common permission set for scripts, but the question specifically asks to allow only the owner to execute, making `chmod u+x` the precise and correct answer.

How to eliminate wrong answers

Option A is wrong because `chmod 755 script.sh` sets permissions to rwxr-xr-x, which grants execute to the owner, group, and others — this is overly permissive and not the minimal fix required. Option C is wrong because `chmod 644 script.sh` sets permissions to rw-r--r--, which is the current state and does not add execute permission, so it would not solve the problem. Option D is wrong because `chown user:user script.sh` changes the owner and group of the file, but the script is already owned by the user; the issue is about permissions, not ownership.

26
MCQhard

A technician needs to create a new user 'jdoe' with a home directory and set the password in one command. Which command accomplishes this?

A.useradd -m jdoe && passwd jdoe
B.adduser jdoe
C.useradd jdoe && passwd jdoe
D.usermod -m jdoe
AnswerA

This correctly creates the user with a home directory and then prompts to set the password.

Why this answer

Option A is correct because `useradd -m jdoe` creates the user 'jdoe' with a home directory (the `-m` flag ensures the /home/jdoe directory is created), and `&&` chains the `passwd jdoe` command to run only if the user creation succeeds, allowing the password to be set interactively in a single command line. This meets the requirement of creating the user with a home directory and setting the password in one command.

Exam trap

The trap here is that candidates assume `useradd` always creates a home directory or that `adduser` is the standard command, leading them to pick Option B or C without considering the `-m` flag.

How to eliminate wrong answers

Option B is wrong because `adduser` is a Perl script (not a standard Linux command on all distributions) that may create a home directory by default but does not set the password in the same command; it typically prompts for password separately, and on some systems it may not be available. Option C is wrong because `useradd jdoe` without the `-m` flag does not create a home directory by default (the home directory is only created if the system's default settings or the `-m` flag are used), so it fails the requirement to create a home directory. Option D is wrong because `usermod -m jdoe` modifies an existing user's home directory (moving its contents) and does not create a new user or set a password, making it entirely inappropriate for creating a new user.

27
MCQhard

A technician is investigating a privilege escalation vulnerability. They need to list all files in /usr/bin that have the SUID or SGID bit set and are owned by root. Which single command will achieve this?

A.find /usr/bin -user root -perm -6000
B.find /usr/bin -user root -perm 4000 -o -perm 2000
C.ls -la /usr/bin | grep '^...s'
D.find /usr/bin -user root -perm /6000
AnswerD

This correctly uses the / prefix to match files with either SUID or SGID bit set, and filters by owner root.

Why this answer

Option D is correct because the `find` command with `-perm /6000` matches files where either the SUID (4000) or SGID (2000) bit is set, combined with `-user root` to restrict results to files owned by root. The `/` prefix in the permission mask tells `find` to match any of the specified bits, making it the precise single command for this task.

Exam trap

CompTIA often tests the distinction between `-perm -mode` (all bits must match) and `-perm /mode` (any bit can match), and candidates frequently confuse the minus sign with the forward slash, leading them to pick Option A.

How to eliminate wrong answers

Option A is wrong because `-perm -6000` uses a minus sign, which requires all bits in 6000 (both SUID and SGID) to be set simultaneously, not just one of them; this would miss files with only SUID or only SGID. Option B is wrong because it uses `-o` (OR) without grouping parentheses, causing the `-user root` condition to apply only to the first expression, so it would list files with SGID set regardless of owner. Option C is wrong because `ls -la | grep '^...s'` only matches files with SUID set (the 's' in the owner execute position) and misses files with only SGID set (where the 's' appears in the group execute position), plus it relies on parsing `ls` output which is fragile and not recommended for scripting.

28
MCQhard

A user reports that a script they run daily now fails with 'Text file busy' error. The script is located on an NFS mount. Which command will show if the script is currently being used by another process?

A.fuser /path/to/script
B.ps aux | grep script
C.lsof /path/to/script
D.strace -p $(pgrep script)
AnswerC

lsof lists all open files and the associated processes; it will show if the script is in use.

Why this answer

Option C is correct because `lsof /path/to/script` lists all processes that have the file open, including those holding it for execution. The 'Text file busy' error occurs when a process is executing the script (the text segment is mapped), and `lsof` can detect this by showing the file descriptor or memory mapping for the running process.

Exam trap

The A+ exam often tests the distinction between `lsof` and `fuser`; the trap here is that candidates assume `fuser` is sufficient, but `fuser` may not report processes that have the file mapped for execution (text segment) on NFS mounts, whereas `lsof` reliably shows all open file descriptors and memory mappings.

How to eliminate wrong answers

Option A is wrong because `fuser /path/to/script` shows the PID(s) of processes using the file, but it does not distinguish between a file being open for reading/writing and a file being executed (text segment busy), and it may not reliably detect the 'Text file busy' condition on NFS mounts. Option B is wrong because `ps aux | grep script` only shows processes whose command line contains 'script', but it does not directly confirm that the file itself is open or being executed by another process. Option D is wrong because `strace -p $(pgrep script)` attaches to a process with 'script' in its name and traces its system calls, but it does not show whether the script file is busy; it also requires the script process to be running and named exactly 'script', which may not be the case.

29
MCQmedium

During a security audit, you find that a configuration file /etc/app/config.cfg has permissions -rwxrwxrwx. What command should you run to restrict it so only the owner can read and write, and the group can read, while others have no access?

A.chmod 640 /etc/app/config.cfg
B.chmod 750 /etc/app/config.cfg
C.chmod 644 /etc/app/config.cfg
D.chmod 600 /etc/app/config.cfg
AnswerA

640 gives owner read/write, group read, and others no access, matching the requirement.

Why this answer

The correct answer is A because the requirement is to set permissions so the owner can read and write (6), the group can read (4), and others have no access (0). The octal representation 640 achieves exactly this: 6 (rw-) for owner, 4 (r--) for group, and 0 (---) for others. This matches the security policy of restricting access to only the owner and group read access.

Exam trap

CompTIA often tests the distinction between 644 and 640, where candidates mistakenly choose 644 because they forget that 'others have no access' means the last digit must be 0, not 4.

How to eliminate wrong answers

Option B (750) is wrong because it grants the group execute permission (5) and others no access, but the requirement specifies group should only have read access, not execute. Option C (644) is wrong because it grants others read access (4), violating the requirement that others have no access. Option D (600) is wrong because it grants the group no access (0), but the requirement specifies the group should have read access.

30
MCQeasy

A user reports that they cannot execute a custom shell script they placed in their home directory, even though they can read and write to it. The script has permissions -rw-r--r--. Which command should you use to resolve this issue?

A.chmod 644 script.sh
B.chmod 755 script.sh
C.chmod 777 script.sh
D.chmod u+x script.sh
AnswerB

755 gives the owner read, write, and execute, and group/others read and execute, which allows the user to execute the script.

Why this answer

The script has permissions -rw-r--r-- (644), which does not include execute for anyone. The correct command is chmod 755 script.sh (option B), which sets rwxr-xr-x, allowing the owner to execute (and others to read/execute). Option D (chmod u+x) also adds execute for the owner, resulting in -rwxr--r-- (744), which does allow the user to run the script.

However, in the context of this question, the expected best practice is to use chmod 755, as it is the standard for executable scripts and ensures group/others have minimum necessary read/execute. Option D is considered incorrect because it only adds execute for the owner without adjusting group/others, which is not the typical recommended approach.

Exam trap

CompTIA often tests the distinction between making a file executable (adding the x bit) and the specific octal values; candidates may incorrectly choose chmod 644 (which only sets read/write) or chmod 777 (which grants excessive permissions) because they confuse 'readable' with 'executable' or overcorrect with full permissions.

How to eliminate wrong answers

Option A is wrong because chmod 644 sets permissions to -rw-r--r--, which is exactly the current non-executable state and does not add execute permission. Option C is wrong because chmod 777 sets permissions to -rwxrwxrwx, which grants full read, write, and execute to all users, violating the principle of least privilege and creating a security risk. Option D is wrong because chmod u+x only adds execute permission for the owner, resulting in -rwxr--r-- (744), which would technically work but is not the best practice; the question asks for the command to resolve the issue, and 755 is the standard recommended permission for scripts that need to be executed by the owner and possibly others, while u+x is a valid but less common approach that does not match the typical exam answer.

Ready to test yourself?

Try a timed practice session using only Linux Commands and File Permissions questions.