Sample questions
CompTIA Linux+ XK0-005 practice questions
Drag and drop the steps to mount a new filesystem in the correct order.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag and drop the steps to troubleshoot a network connectivity issue using common commands in the correct order.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag and drop the steps to create and apply a systemd service unit in the correct order.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag and drop the steps to set up a cron job that runs a script daily in the correct order.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag and drop the steps to recover a forgotten root password in single-user mode in the correct order.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag and drop the steps to configure SELinux to allow a custom web application to listen on port 8080 in the correct order.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
A system administrator wants to create a new user and set a password in a single command as part of a provisioning script. Which command accomplishes this?
Trap 1: passwd user1 password
passwd does not accept password as argument.
Trap 2: useradd -m -p password user1
-p expects encrypted password.
Trap 3: usermod -p password user1
usermod does not set password.
- A
passwd user1 password
Why wrong: passwd does not accept password as argument.
- B
echo 'user1:password' | chpasswd
correctly reads from stdin.
- C
useradd -m -p password user1
Why wrong: -p expects encrypted password.
- D
usermod -p password user1
Why wrong: usermod does not set password.
A developer wants to run a container with a specific command that overrides the default entrypoint. Which Docker command should be used?
Trap 1: docker run myimage /bin/bash
Only overrides CMD, not ENTRYPOINT.
Trap 2: docker exec myimage /bin/bash
Runs in existing container.
Trap 3: docker start myimage /bin/bash
start does not accept command.
- A
docker run myimage /bin/bash
Why wrong: Only overrides CMD, not ENTRYPOINT.
- B
docker exec myimage /bin/bash
Why wrong: Runs in existing container.
- C
docker run --entrypoint /bin/bash myimage
Overrides ENTRYPOINT.
- D
docker start myimage /bin/bash
Why wrong: start does not accept command.
A cloud engineer needs to automate the deployment of a new virtual machine with a specific configuration using Ansible. Which file format is typically used for Ansible playbooks?
Trap 1: JSON
Not typical for playbooks.
Trap 2: XML
Not used.
Trap 3: INI
Used for inventory.
- A
JSON
Why wrong: Not typical for playbooks.
- B
YAML
Standard for playbooks.
- C
XML
Why wrong: Not used.
- D
INI
Why wrong: Used for inventory.
A systems administrator wants to build a custom Docker image from a Dockerfile located in the current directory. Which command should be used?
Trap 1: docker create .
Creates container.
Trap 2: docker commit .
Creates from container.
Trap 3: docker image build .
Alternative, but docker build is standard.
- A
docker create .
Why wrong: Creates container.
- B
docker commit .
Why wrong: Creates from container.
- C
docker build .
Builds from Dockerfile.
- D
docker image build .
Why wrong: Alternative, but docker build is standard.
A development team uses Git for version control and wants to automate the testing of every commit pushed to the repository. They have a Jenkins server running on a Linux machine. The team wants to automatically trigger a Jenkins pipeline job whenever a push is made to the main branch of their Git repository. The Jenkins server is behind a firewall and cannot be accessed from the internet. The Git repository is hosted on a private GitHub repository. Which of the following is the best approach to trigger the Jenkins job automatically?
Trap 1: Have developers manually click 'Build Now' in Jenkins after each…
Not automated.
Trap 2: Configure a GitHub webhook to send a POST request to the Jenkins…
Jenkins is not reachable from internet.
Trap 3: Set up a cron job on the Git server to execute a script that…
Git server is external and not under admin control.
- A
Have developers manually click 'Build Now' in Jenkins after each push.
Why wrong: Not automated.
- B
Configure Jenkins to poll the Git repository every minute for changes.
Works behind firewall.
- C
Configure a GitHub webhook to send a POST request to the Jenkins server.
Why wrong: Jenkins is not reachable from internet.
- D
Set up a cron job on the Git server to execute a script that triggers Jenkins.
Why wrong: Git server is external and not under admin control.
A Linux server with systemd is experiencing boot issues after a recent kernel update. Which command sequence should be used to boot into the previous kernel version?
Trap 1: Boot from a live CD and run 'rpm -Uvh --oldkernel' to revert the…
Reinstalling kernel is not a boot-time selection.
Trap 2: Use 'systemctl set-default multi-user.target' and reboot.
Sets the default target, not kernel version.
Trap 3: Use 'grub2-set-default' with the previous kernel entry before…
Sets default for next boot, but if already booting it's too late; interactive menu is better.
- A
Boot from a live CD and run 'rpm -Uvh --oldkernel' to revert the kernel.
Why wrong: Reinstalling kernel is not a boot-time selection.
- B
Interrupt the boot process, select 'Advanced options' in GRUB, then choose the previous kernel.
Allows selection of a specific kernel version from the GRUB menu.
- C
Use 'systemctl set-default multi-user.target' and reboot.
Why wrong: Sets the default target, not kernel version.
- D
Use 'grub2-set-default' with the previous kernel entry before rebooting.
Why wrong: Sets default for next boot, but if already booting it's too late; interactive menu is better.
A systems administrator wants to monitor system performance in real time. Which TWO commands can be used to display live updating information about processes, CPU, and memory usage? (Select TWO.)
Trap 1: ps aux
Static snapshot of processes.
Trap 2: sar -u 1 5
Historical data collection, not real-time interactive.
Trap 3: vmstat 1
Periodic output but not interactive like top.
- A
top
Real-time interactive process viewer.
- B
htop
Enhanced real-time interactive process viewer.
- C
ps aux
Why wrong: Static snapshot of processes.
- D
sar -u 1 5
Why wrong: Historical data collection, not real-time interactive.
- E
vmstat 1
Why wrong: Periodic output but not interactive like top.
An administrator configures a new web server with Apache and needs to ensure it starts automatically after a system reboot. The administrator runs 'systemctl enable httpd' but the service still does not start after reboot. What is the most likely reason?
Trap 1: The service name is incorrect; it should be 'apache2' instead of…
httpd is correct for RHEL/CentOS; the name varies by distribution but the question assumes correct name.
Trap 2: The administrator forgot to run 'systemctl start httpd' after…
Enable is for boot-time; start is for immediate start; but the service should start at boot if enabled.
Trap 3: The systemd daemon needs to be reloaded with 'systemctl…
Daemon-reload is needed after unit file changes, not after enable.
- A
The service name is incorrect; it should be 'apache2' instead of 'httpd'.
Why wrong: httpd is correct for RHEL/CentOS; the name varies by distribution but the question assumes correct name.
- B
The administrator forgot to run 'systemctl start httpd' after enabling it.
Why wrong: Enable is for boot-time; start is for immediate start; but the service should start at boot if enabled.
- C
The httpd service is masked, preventing it from starting.
A masked service cannot be started; check with 'systemctl is-enabled httpd'.
- D
The systemd daemon needs to be reloaded with 'systemctl daemon-reload'.
Why wrong: Daemon-reload is needed after unit file changes, not after enable.
A systems administrator needs to ensure that a custom service runs with a specific priority on a Linux server. Which command should the administrator use to achieve this?
Trap 1: renice -10 -p 1234
renice changes priority of an existing process, not starting a new one.
Trap 2: ionice -c 2 -n 0 -p 1234
ionice sets I/O priority, not CPU priority.
Trap 3: chrt -r 99 /usr/local/bin/myservice
chrt sets real-time scheduling attributes, not standard priority.
- A
renice -10 -p 1234
Why wrong: renice changes priority of an existing process, not starting a new one.
- B
ionice -c 2 -n 0 -p 1234
Why wrong: ionice sets I/O priority, not CPU priority.
- C
nice -n -10 /usr/local/bin/myservice
nice runs a command with a modified scheduling priority.
- D
chrt -r 99 /usr/local/bin/myservice
Why wrong: chrt sets real-time scheduling attributes, not standard priority.
Based on the exhibit, which statement is true about the sshd service?
Exhibit
Refer to the exhibit.
$ systemctl status sshd.service
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2023-06-12 10:23:45 UTC; 2h 15min ago
Main PID: 1234 (sshd)
CGroup: /system.slice/sshd.service
└─1234 /usr/sbin/sshd -DTrap 1: The service is masked.
'disabled' means it does not start at boot; 'masked' is a different state.
Trap 2: The service is inactive.
'Active: active (running)' shows it is running.
Trap 3: The service has exited.
The service is still running with PID 1234.
- A
The service is masked.
Why wrong: 'disabled' means it does not start at boot; 'masked' is a different state.
- B
The service is inactive.
Why wrong: 'Active: active (running)' shows it is running.
- C
The service has exited.
Why wrong: The service is still running with PID 1234.
- D
The service is not enabled to start at boot.
'disabled' indicates the service is not enabled for automatic start.
A Linux administrator discovers that a user's home directory contains a file with setuid bit set, owned by root. The file is not part of any authorized software. What is the most appropriate immediate action?
Trap 1: Move the file to /tmp for further analysis
Moving does not remove the setuid bit; the risk remains.
Trap 2: Delete the file immediately to remove the threat
Deleting may destroy evidence needed for investigation.
Trap 3: Change the file owner to the user with 'chown user:user <file>'
Changing ownership does not remove the setuid bit; root ownership is required for setuid to be effective.
- A
Move the file to /tmp for further analysis
Why wrong: Moving does not remove the setuid bit; the risk remains.
- B
Delete the file immediately to remove the threat
Why wrong: Deleting may destroy evidence needed for investigation.
- C
Change the file owner to the user with 'chown user:user <file>'
Why wrong: Changing ownership does not remove the setuid bit; root ownership is required for setuid to be effective.
- D
Remove the setuid bit with 'chmod u-s <file>'
This removes the setuid bit, preventing privilege escalation, while preserving the file.
Which TWO of the following are valid methods to enforce disk quota limits on a Linux filesystem? (Select TWO.)
Trap 1: Using 'setquota' to set limits in a script
setquota sets limits but does not enforce; enforcement requires quotaon.
Trap 2: Running 'repquota' to generate reports
repquota only reports usage, does not enforce.
Trap 3: Running 'quotacheck' to update quota files
quotacheck scans and updates, but does not enforce limits.
- A
Using 'edquota' to set soft and hard limits for users
Setting limits with edquota prepares enforcement when quotas are on.
- B
Using 'setquota' to set limits in a script
Why wrong: setquota sets limits but does not enforce; enforcement requires quotaon.
- C
Running 'repquota' to generate reports
Why wrong: repquota only reports usage, does not enforce.
- D
Running 'quotacheck' to update quota files
Why wrong: quotacheck scans and updates, but does not enforce limits.
- E
Running 'quotaon' on the filesystem
quotaon activates quota enforcement.
A user reports that they receive 'Permission denied' when trying to run a script located in their home directory. The script has permissions -rw-rw-r-- and is owned by the user. Which command should the user run to resolve the issue?
Trap 1: chmod g-w script.sh
This removes write permission for group, which does not add execute.
Trap 2: sudo chown user:user script.sh
The user already owns the script; ownership is not the issue.
Trap 3: chmod a+x script.sh
While this works, it grants execute to everyone, which is less secure than needed.
- A
chmod g-w script.sh
Why wrong: This removes write permission for group, which does not add execute.
- B
sudo chown user:user script.sh
Why wrong: The user already owns the script; ownership is not the issue.
- C
chmod u+x script.sh
Adds execute permission for the owner, allowing the script to run.
- D
chmod a+x script.sh
Why wrong: While this works, it grants execute to everyone, which is less secure than needed.
A Linux administrator is troubleshooting network connectivity. The server can ping its own IP address but cannot ping the default gateway. The output of 'ip route show' is: 'default via 10.0.0.1 dev eth0 proto static metric 100'. The output of 'ping -c 1 10.0.0.1' fails with 'Destination Host Unreachable'. Which of the following is the MOST likely cause?
Trap 1: The eth0 interface is down.
If eth0 were down, the own IP ping would also fail.
Trap 2: The gateway is down or not responding.
A down gateway would typically cause timeouts, not 'unreachable' from the local host.
Trap 3: The default gateway is not set.
The route table shows a default gateway is set.
- A
The eth0 interface is down.
Why wrong: If eth0 were down, the own IP ping would also fail.
- B
The gateway is down or not responding.
Why wrong: A down gateway would typically cause timeouts, not 'unreachable' from the local host.
- C
The default gateway is not set.
Why wrong: The route table shows a default gateway is set.
- D
The subnet mask on eth0 is incorrect, causing the gateway to be considered on a different network.
A wrong subnet mask can make the gateway appear on a different subnet, leading to 'unreachable'.
A database server running on Linux is experiencing high load. The administrator runs 'strace -p <pid>' and sees many 'epoll_wait' and 'futex' calls. Which THREE of the following are possible causes of the high load? (Choose THREE.)
Trap 1: CPU frequency scaling is set to powersave.
Powersave would reduce CPU speed, potentially lowering load but causing performance issues.
Trap 2: A memory leak in the database process.
Memory leak would cause swapping, not necessarily the observed syscalls.
- A
Disk I/O contention causing processes to wait.
Waiting on I/O increases load average as processes are in uninterruptible sleep.
- B
A large number of concurrent connections.
Many connections lead to context switching and contention.
- C
CPU frequency scaling is set to powersave.
Why wrong: Powersave would reduce CPU speed, potentially lowering load but causing performance issues.
- D
A memory leak in the database process.
Why wrong: Memory leak would cause swapping, not necessarily the observed syscalls.
- E
Inefficient database queries causing high CPU usage.
Inefficient queries increase CPU usage, visible via strace.
A user reports that a Linux workstation fails to boot and displays 'Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)'. Which of the following is the most likely cause?
Trap 1: A filesystem listed in /etc/fstab has errors.
/etc/fstab is read after root is mounted, so it cannot cause this boot-time error.
Trap 2: A memory module is faulty.
Faulty memory typically causes random crashes or bit errors, not a specific VFS error.
Trap 3: The boot loader is missing or corrupted.
A missing boot loader would not proceed to kernel panic; it would show a different error.
- A
A filesystem listed in /etc/fstab has errors.
Why wrong: /etc/fstab is read after root is mounted, so it cannot cause this boot-time error.
- B
A memory module is faulty.
Why wrong: Faulty memory typically causes random crashes or bit errors, not a specific VFS error.
- C
The boot loader is missing or corrupted.
Why wrong: A missing boot loader would not proceed to kernel panic; it would show a different error.
- D
The root filesystem device is incorrectly specified in the kernel command line.
The error 'unable to mount root fs' often means the root= parameter points to a nonexistent or wrong device.
A user reports that the /data directory is inaccessible. The Linux administrator runs the commands shown in the exhibit. Which of the following is the most likely cause of the issue?
Exhibit
Refer to the exhibit. # mount | grep /data /dev/sdb1 on /data type ext4 (rw,relatime,errors=remount-ro) # df -h /data Filesystem Size Used Avail Use% Mounted on /dev/sdb1 9.8G 9.5G 0 100% /data # ls -la /data | head ls: reading directory /data: Input/output error
Trap 1: The user does not have read permissions on /data.
The error is 'Input/output error', not permission denied.
Trap 2: The device /dev/sdb1 is not present.
The mount output shows /dev/sdb1 is mounted on /data.
Trap 3: The filesystem is mounted as read-only.
The mount output shows 'rw', so it is not read-only.
- A
The user does not have read permissions on /data.
Why wrong: The error is 'Input/output error', not permission denied.
- B
The filesystem is full and has become corrupted.
100% usage can lead to corruption; the I/O error indicates filesystem issues.
- C
The device /dev/sdb1 is not present.
Why wrong: The mount output shows /dev/sdb1 is mounted on /data.
- D
The filesystem is mounted as read-only.
Why wrong: The mount output shows 'rw', so it is not read-only.
A developer is writing a Bash script that must be portable across different Linux distributions. The script needs to check if a package is installed. Which command should be used to achieve this portability?
Trap 1: which package
Not always installed.
Trap 2: dpkg -l package
Debian-specific.
Trap 3: rpm -q package
Red Hat-specific.
- A
which package
Why wrong: Not always installed.
- B
command -v package
POSIX-compliant.
- C
dpkg -l package
Why wrong: Debian-specific.
- D
rpm -q package
Why wrong: Red Hat-specific.
Question Discussion
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
Sign in to join the discussion.