XK0-005 · topic practice

Security practice questions

Practise CompTIA Linux+ XK0-005 Security practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Security

What the exam tests

What to know about Security

Security questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Watch out for

Common Security exam traps

  • Answering from memory before reading the full scenario.
  • Missing a constraint such as cost, availability, security, scope or command context.
  • Choosing a broad answer when the question asks for the most specific fix.
  • Ignoring why the wrong options are tempting.

Practice set

Security questions

20 questions · select your answer, then reveal the explanation

Question 1easymultiple choice
Read the full Security explanation →

A Linux administrator needs to add a new user named 'jdoe' with a home directory and a bash shell. Which command accomplishes this?

Question 2mediummultiple choice
Read the full Security explanation →

A security audit reveals that users can change their password without meeting complexity requirements. Which PAM module should be configured to enforce password complexity?

Question 3hardmultiple choice
Read the full Security explanation →

An administrator wants to allow the user 'ops' to run only the command '/usr/bin/systemctl restart httpd' via sudo on a specific host 'webserver'. Which /etc/sudoers entry is correct?

Question 4mediummultiple choice
Read the full Security explanation →

An administrator needs to allow incoming TCP traffic on port 8443 using firewalld. Which command should be used to make this change persistent?

Question 5mediummultiple choice
Read the full Security explanation →

A system is running SELinux in enforcing mode. A custom application needs to write to /var/log/app.log. The log file shows the correct context, but access is denied. What is the most likely cause?

Question 6easymultiple choice
Read the full Security explanation →

Which command displays the current SELinux mode?

Question 7mediummultiple choice
Read the full Security explanation →

An administrator wants to audit all attempts to access the file /etc/shadow. Which auditctl command should be used?

Question 8hardmultiple choice
Read the full Security explanation →

An AppArmor profile for a web server is in complain mode. After testing, the administrator wants to enforce the profile. Which command accomplishes this?

Question 9mediummultiple choice
Read the full Security explanation →

An administrator is hardening SSH and wants to disable root login and only allow users in the 'sshusers' group. Which two directives should be set in /etc/ssh/sshd_config?

Question 10easymultiple choice
Read the full Security explanation →

Which command displays the last successful login times for all users?

Question 11mediummultiple choice
Read the full Security explanation →

A technician needs to generate a self-signed certificate for an internal web server. Which OpenSSL command creates a new private key and a certificate signing request (CSR) in one step?

Question 12hardmultiple choice
Read the full Security explanation →

An administrator notices that a process is running with the context 'unconfined_u:unconfined_r:unconfined_t:s0'. What does this indicate about SELinux?

Question 13mediummulti select
Read the full Security explanation →

A security policy requires that user passwords must be changed every 60 days, and users should be warned 7 days before expiration. Which two chage commands set these requirements for user 'jsmith'? (Choose TWO.)

Question 14hardmulti select
Read the full Security explanation →

An administrator is configuring iptables on a server. The requirements are: allow incoming SSH (port 22) from the 192.168.1.0/24 network, drop all other incoming traffic, and allow all outgoing traffic. Which three iptables rules achieve this? (Choose THREE.)

Question 15mediummulti select
Read the full Security explanation →

A Linux administrator is troubleshooting a firewall issue using nftables. The ruleset is complex. Which two commands are useful for listing the current ruleset and adding a new rule? (Choose TWO.)

Question 16easymultiple choice
Read the full Security explanation →

A Linux administrator needs to ensure that user passwords expire after 90 days. Which command should be used to enforce this policy?

Question 17mediummultiple choice
Read the full Security explanation →

A security auditor notices that a service account's password never expires. The company policy requires password rotation every 60 days. Which command will enforce this policy for the service account?

Question 18mediummultiple choice
Read the full Security explanation →

An administrator wants to restrict SSH access to only users in the 'sshusers' group. Which configuration directive should be added to /etc/ssh/sshd_config?

Question 19hardmultiple choice
Read the full Security explanation →

A system administrator needs to configure PAM to lock a user account after 5 failed login attempts for 15 minutes. Which two PAM modules and configuration lines are appropriate? (Select TWO.)

Question 20mediummultiple choice
Read the full Security explanation →

A security policy requires that all users must have passwords with at least one uppercase letter, one digit, and a minimum length of 12 characters. Which PAM configuration file and module should be used to enforce this?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Security sessions

Start a Security only practice session

Every question in these sessions is drawn from the Security domain — nothing else.

Related practice questions

Related XK0-005 topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the XK0-005 exam test about Security?
Security questions test whether you can apply the concept in context, not just recognise a definition.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Security questions in a focused session?
Yes — the session launcher on this page draws every question from the Security domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other XK0-005 topics?
Use the topic links above to move to related areas, or go back to the XK0-005 question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the XK0-005 exam covers. They are not copied from any real exam or dump site.