Which three of the following are valid reasons to use 'systemctl mask' instead of 'systemctl disable'? (Choose three.)
Masking causes start to fail; disable does not.
Why this answer
Option C is correct because 'systemctl mask' creates a symlink from the unit file to /dev/null, which causes all attempts to start the service (including 'systemctl start') to fail silently. This is a stronger action than 'systemctl disable', which only removes the symlinks that enable automatic startup but still allows manual starting via 'systemctl start'.
Exam trap
The trap here is that candidates often confuse 'disable' with 'mask', thinking both prevent manual start, but only 'mask' ensures that even explicit 'systemctl start' commands fail.