LFCS · topic practice

User and Group Management practice questions

Practise Linux Foundation Certified System Administrator LFCS User and Group Management practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: User and Group Management

What the exam tests

What to know about User and Group Management

User and Group Management questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Watch out for

Common User and Group Management exam traps

  • Answering from memory before reading the full scenario.
  • Missing a constraint such as cost, availability, security, scope or command context.
  • Choosing a broad answer when the question asks for the most specific fix.
  • Ignoring why the wrong options are tempting.

Practice set

User and Group Management questions

20 questions · select your answer, then reveal the explanation

A developer was removed from the 'developers' group but still needs to run commands that require membership in that group. The user has logged out and back in, but the issue persists. What is the most likely cause?

A system administrator needs to create a user 'john' with a home directory in /data/users and an expiry date of 2025-12-31. Which command accomplishes this?

An administrator needs to set up a shared directory /project for the group 'projectteam' (GID 5000). All members of the group should be able to create and delete files, but only the file owner can modify their own files. The directory should also ensure that new files inherit the group ownership. Which set of commands achieves this?

A user 'alice' is unable to log in via SSH. The administrator checks /etc/shadow and sees 'alice:!:19234:0:99999:7:::'. What does the '!' in the password field indicate?

An administrator wants to enforce that users in the 'contractors' group must change their password every 30 days, with a warning 7 days before expiry. Which command should be used?

Which TWO commands can be used to list all users currently logged into the system?

Which THREE files are directly related to user and group management in a Linux system? (Select three.)

You are the Linux administrator for a medium-sized company that uses a centralized authentication system (LDAP) for user accounts, but local files (/etc/passwd, /etc/shadow, /etc/group) are also used for a few service accounts. The server is running RHEL 8. A new employee, 'jane', needs to be added to the local system for a temporary project. You create the user with 'useradd jane' and set a password with 'passwd jane'. However, when jane tries to log in via SSH using her password, she receives 'Permission denied, please try again.' The SSH server is configured to allow password authentication. Other users (both LDAP and local) can log in successfully. You verify that the password was set correctly and that the account is not locked. What is the most likely cause and solution?

A system administrator needs to ensure that all users in the 'developers' group have read and write access to a shared project directory /project/data, but new files created in that directory should belong to the 'developers' group automatically. Which command sequence achieves this goal?

A user 'alice' cannot log in via SSH. The administrator checks /etc/passwd and sees: alice:x:1002:1002::/home/alice:/sbin/nologin. Which command should be used to allow alice to log in with a bash shell?

An administrator wants to add user 'bob' to the supplementary group 'docker' without removing bob from any existing groups. Which command accomplishes this?

A security policy requires that user 'svc_backup' have a password that never expires. Additionally, the account should be locked after 90 days of inactivity. Which set of commands achieves this?

Which TWO commands can be used to display the groups to which the current user belongs? (Select exactly two.)

You are managing a multi-user Linux server used by a development team. The server has a shared directory /data/projects where each project has a subdirectory owned by a project lead. The requirement is that all members of the 'devteam' group need to be able to create files in any project subdirectory, but only the project lead (owner) should be able to delete files. Currently, members of devteam are unable to create files in /data/projects. You check permissions: /data/projects has drwxrwxr-x root:devteam. Each project subdirectory, e.g., /data/projects/proj1, has drwx------ lead1:devteam. The lead1 user is in devteam. What is the most likely reason that devteam members cannot create files in proj1, and what is the correct solution?

An administrator needs to grant a user named 'john' the ability to switch to any other user without a password. Which TWO of the following steps are required to achieve this?

A user named 'charlie' has just been added to the 'devops' group. However, when 'charlie' runs 'sudo -l', no sudo entries are shown. What is the most likely cause?

Exhibit

Refer to the exhibit.

$ sudo cat /etc/group | grep devops
devops:x:3001:alice,bob
$ sudo cat /etc/sudoers.d/devops
%devops ALL=(ALL) /usr/bin/systemctl
$ ls -l /usr/bin/systemctl
-rwxr-xr-x 1 root root 100000 Jan  1 12:00 /usr/bin/systemctl
$ sudo -l -U alice
User alice may run the following commands on this host:
    (ALL) /usr/bin/systemctl
$ sudo -l -U bob
User bob may run the following commands on this host:
    (ALL) /usr/bin/systemctl

Scenario: You are managing a Linux server that hosts a web application. The application runs under the user 'webapp' and the group 'webgroup'. Recently, a new intern 'john' (username 'john') needs to be able to view and modify files in /var/www/html, which is owned by root:webgroup with permissions 775. John is currently a member of the group 'staff', but not 'webgroup'. The security policy requires that John must be able to edit files without using sudo, and his primary group must remain 'staff'. Which of the following actions should you take to meet the requirements?

Arrange the steps to configure a new user account with sudo privileges on a Linux system.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

Order the steps to create a systemd service unit that runs a script at boot.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

Order the steps to set up passwordless SSH key-based authentication.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused User and Group Management sessions

Start a User and Group Management only practice session

Every question in these sessions is drawn from the User and Group Management domain — nothing else.

Related practice questions

Related LFCS topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the LFCS exam test about User and Group Management?
User and Group Management questions test whether you can apply the concept in context, not just recognise a definition.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just User and Group Management questions in a focused session?
Yes — the session launcher on this page draws every question from the User and Group Management domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other LFCS topics?
Use the topic links above to move to related areas, or go back to the LFCS question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the LFCS exam covers. They are not copied from any real exam or dump site.