Linux Professional Institute Certification Level 1 LPIC-1 (LPIC-1) — Questions 451522

522 questions total · 7pages · All types, answers revealed

Page 6

Page 7 of 7

451
MCQhard

A medium-sized company runs a web application on a Linux server. The server uses systemd and has the following configuration: the web application service (webapp.service) is configured to start after network.target and requires a database service (database.service) to be running. The database service has a Restart=on-failure directive. Recently, the server experienced a power outage. Upon reboot, the system administrator notices that the web application fails to start because the database service is in a failed state. The administrator checks the status of database.service and sees 'inactive (dead)' with no recent attempts to restart. The journal shows that the database service failed to start because a required filesystem (mounted at /var/lib/database) was not mounted when the database service tried to start. The filesystem is listed in /etc/fstab with the nofail option. The administrator wants to ensure that in future reboots, the database service starts successfully and the web application comes up without manual intervention. Which of the following is the best course of action?

A.Change the Restart directive in database.service to 'always'
B.Remove the nofail option from /etc/fstab for /var/lib/database
C.Modify the database.service unit file to add 'After=var-lib-database.mount' and 'Requires=var-lib-database.mount'
D.Modify the webapp.service unit file to add 'After=database.service' and 'Requires=database.service'
AnswerC

This ensures the database service waits for the mount unit to be active before starting.

Why this answer

Option C is correct because the database service failed due to a missing mount at /var/lib/database. By adding 'After=var-lib-database.mount' and 'Requires=var-lib-database.mount' to the database.service unit, systemd will ensure the mount unit is started before the database service and that the database service is stopped if the mount fails. This directly addresses the root cause—the filesystem not being ready—without altering the restart behavior or the fstab nofail option, which is appropriate for allowing the system to boot even if the mount fails.

Exam trap

The trap here is that candidates often focus on restart policies (Option A) or fstab options (Option B) without realizing that systemd's dependency system must be used to enforce ordering between services and mount units, especially when nofail is present.

How to eliminate wrong answers

Option A is wrong because changing Restart to 'always' would cause the database service to restart indefinitely even after successful runs, but it does not solve the underlying issue of the mount not being ready; the service would still fail on the first attempt if the mount is missing, and Restart=on-failure already handles restarts after failure, but the service never got a chance to restart because it was never started again after the initial failure. Option B is wrong because removing the nofail option from /etc/fstab would cause the system to fail to boot entirely if the filesystem cannot be mounted, which is worse than the current behavior; the nofail option is correctly used to allow boot to proceed, but the dependency must be expressed in systemd units. Option D is wrong because webapp.service already has 'After=database.service' and 'Requires=database.service' (implied by the requirement that the database service must be running), so adding them again does nothing; the problem is that database.service itself fails due to the mount, not that webapp.service lacks ordering or dependency on database.service.

452
MCQeasy

Refer to the exhibit. An administrator wants to verify the integrity of the kernel-core package by checking its signature. Which command is used?

A.`rpm -qa kernel-core`
B.`rpm -q --changelog kernel-core`
C.`rpm -K kernel-core`
D.`rpm -V kernel-core`
AnswerC

Checks the package signature.

Why this answer

`rpm -K` (or `rpm --checksig`) checks the GPG signature of the package. `rpm -V` verifies file integrity against the database, not signature. `rpm --verify` is same as -V. `rpm -q --changelog` shows changelog. `rpm -qa` lists all packages.

453
MCQmedium

An administrator plans to back up the /home filesystem using dump. Which option to dump is required to perform a full backup?

A.-f /dev/st0
B.-u
C.-0
D.-1
AnswerC

Level 0 is a full backup.

Why this answer

The dump utility uses dump levels (0-9) to control backup depth. A level 0 dump performs a full backup of the specified filesystem, copying all files regardless of modification time. This is the required option for a complete backup of /home.

Exam trap

The trap here is that candidates confuse the -0 option with a generic flag or think -1 is the full backup because it is the lowest non-zero number, but dump levels start at 0 for full backups.

How to eliminate wrong answers

Option A is wrong because -f /dev/st0 specifies the output device (tape drive), not the backup level; it is optional and not required for a full backup. Option B is wrong because -u updates the /etc/dumpdates file with the backup timestamp, but does not control whether the backup is full or incremental. Option D is wrong because -1 specifies an incremental backup level 1, which only backs up files changed since the last lower-level dump (e.g., level 0), not a full backup.

454
MCQmedium

Refer to the exhibit. Which statement is true about SSH root login on this server?

A.Root can log in only from localhost.
B.Root cannot log in at all.
C.Root can log in using a public key.
D.Root can log in with a password.
AnswerC

PermitRootLogin prohibit-password allows key-based login.

455
MCQeasy

A script contains the following line: for i in $(cat file.txt); do echo $i; done. The file file.txt contains a single line with multiple words. How many times will the loop execute?

A.Equal to the number of lines in the file
B.Equal to the number of words in the file
C.Once
D.The loop will not execute
AnswerB

The command substitution splits into words.

Why this answer

The command substitution $(cat file.txt) expands to the content of file.txt, which is a single line with multiple words. The for loop iterates over each word (separated by whitespace) in the expanded string, not over lines. Therefore, the loop executes once per word in the file.

Exam trap

The trap here is that candidates often assume $(cat file.txt) preserves line boundaries, but the for loop splits the output by whitespace, so the number of iterations equals the number of words, not lines.

How to eliminate wrong answers

Option A is wrong because the loop iterates over words, not lines; $(cat file.txt) splits the output by whitespace (default IFS), so the number of iterations equals the number of words, not lines. Option C is wrong because the loop does not execute once; it executes multiple times, once for each word in the single line. Option D is wrong because the loop will execute; file.txt exists and contains data, so the command substitution produces a non-empty string, causing the loop to run.

456
MCQhard

A system administrator notices that the system time is slowly drifting from the actual time. The system uses chrony for NTP synchronization. The administrator runs 'chronyc sources' and sees no reachable sources. The firewall is enabled and configured. Which action should the administrator take to resolve the time synchronization issue?

A.Configure chrony to use a different port for NTP.
B.Restart chronyd service.
C.Add a firewall rule to allow UDP 123 outbound to NTP servers.
D.Use ntpdate to set the time manually once.
AnswerC

Opening the correct port allows chrony to communicate with NTP sources.

Why this answer

The absence of reachable sources suggests a firewall blocking UDP port 123, which chrony uses. Adding a firewall rule to allow outgoing NTP traffic will likely restore synchronization. Chrony cannot use a different port for standard NTP.

Restarting chronyd without fixing the firewall will not help. Switching to ntpdate is a temporary workaround.

457
MCQhard

A company runs a legacy application on a Linux server. The application fails to start after a reboot, claiming a 'cannot open shared object file' error. The system administrator checks the library path and finds that the required library is present in /usr/local/lib but the application cannot find it. The administrator has verified that the library file exists and is readable. Which of the following is the most likely cause and solution?

A.The library has insufficient execute permissions; add execute bit.
B.The application is setuid root and the library path is ignored; use $LD_LIBRARY_PATH.
C.The library path is not in /etc/ld.so.conf; run ldconfig after adding it.
D.The library is compiled for a different architecture; recompile the library.
AnswerC

ldconfig updates the linker cache to include paths from /etc/ld.so.conf.

Why this answer

The dynamic linker/loader (ld.so) uses the cache file /etc/ld.so.cache to resolve shared library dependencies at runtime. Although the library exists in /usr/local/lib, that path is not listed in /etc/ld.so.conf (or a file included by it), so the linker never scans it. Running ldconfig rebuilds the cache and makes the library discoverable, which resolves the 'cannot open shared object file' error.

Exam trap

The trap here is that candidates assume a library found in a standard-looking path like /usr/local/lib is automatically searched, but the dynamic linker only uses paths explicitly listed in /etc/ld.so.conf (or its included files) after running ldconfig.

How to eliminate wrong answers

Option A is wrong because shared object files require read permission, not execute permission, for the dynamic linker to load them; execute permission is irrelevant for libraries. Option B is wrong because setuid binaries do ignore LD_LIBRARY_PATH for security reasons, but the proper solution is to add the path to /etc/ld.so.conf and run ldconfig, not to rely on LD_LIBRARY_PATH which is insecure and not persistent. Option D is wrong because a library compiled for a different architecture would cause a different error (e.g., 'wrong ELF class' or 'cannot load shared object file: No such file or directory' due to ABI mismatch), not a simple 'cannot open' error when the file exists and is readable.

458
Multi-Selecteasy

Which TWO commands can be used to display the amount of free and used memory on a Linux system? (Select exactly 2.)

Select 2 answers
A.vmstat
B.du
C.cat /proc/meminfo
D.free
E.top
AnswersC, D

Directly reads kernel memory information.

Why this answer

Option C is correct because `/proc/meminfo` is a virtual file maintained by the kernel that provides detailed, real-time memory statistics, including total, free, available, and used memory. Reading this file with `cat` directly displays the current memory usage without any additional processing.

Exam trap

The trap here is that candidates may confuse `du` (disk usage) with memory reporting, or assume `vmstat` or `top` are primary tools for a simple free/used memory display, when `free` and `/proc/meminfo` are the direct and standard answers.

459
Multi-Selectmedium

Which TWO of the following commands can be used to replace text patterns in a file and output the result?

Select 2 answers
A.awk
B.grep
C.sed
D.tr
E.cut
AnswersA, C

awk can use gsub() or sub() for replacement.

Why this answer

Options A and B are correct: sed and awk both support search and replace operations. Option C (grep) only searches, Option D (cut) extracts columns, Option E (tr) translates characters.

460
MCQeasy

A small business uses a Linux server running CUPS to share a network printer. For several months, all employees could print successfully. Today, an employee in a different subnet reports that printing does not work. The administrator checks the server: cupsd is running, the printer is configured with an IPP URI pointing to the printer's IP address, and the printer is idle. The administrator can ping the printer from the server. The administrator checks the CUPS error log and sees the following line multiple times: 'E [04/Oct/2024:10:15:22 -0400] [Client 5] client-error-not-authorized'. Which of the following actions should the administrator take to resolve the issue?

A.Change the printer's URI from ipp:// to socket://
B.Add the employee's username to the lpadmin group
C.Restart the cupsd service with 'systemctl restart cupsd'
D.Add 'Allow from 192.168.2.0/24' to the appropriate policy in /etc/cups/cupsd.conf
AnswerD

This allows printing from the employee's subnet.

Why this answer

The error 'client-error-not-authorized' in CUPS indicates that the client's request was denied due to access control restrictions in cupsd.conf. Since the employee is in a different subnet (e.g., 192.168.2.0/24), the default CUPS policy likely only allows local subnet access. Adding 'Allow from 192.168.2.0/24' to the appropriate policy (e.g., under <Policy default>) grants printing access from that subnet, resolving the authorization failure.

Exam trap

The trap here is that candidates confuse 'client-error-not-authorized' with authentication issues (e.g., missing username/password) or service problems, when it is actually an IP-based access control restriction in CUPS' policy configuration.

How to eliminate wrong answers

Option A is wrong because changing the URI from ipp:// to socket:// would bypass CUPS' job management and authentication, but the error is about authorization, not protocol mismatch; the printer is reachable via ping, so the URI is not the issue. Option B is wrong because the lpadmin group is for printer administration (e.g., adding/removing printers), not for granting print access to users; the error is a client authorization failure, not a group membership issue. Option C is wrong because restarting cupsd would not change the access control rules; the service is already running and the error persists, indicating a configuration problem, not a service state issue.

461
MCQhard

Refer to the exhibit. Why does the cron job fail?

A.The cron job lacks the PATH environment variable.
B.The script is owned by root, but the cron job runs as a different user.
C.The script is not executable.
D.The script lacks a shebang line.
AnswerC

The file permissions do not include execute for the owner.

Why this answer

C is correct because cron jobs require the script to be executable (i.e., have the execute permission bit set). If the script is not executable, cron will fail to run it even if the shebang line and PATH are correct. The error typically appears in the cron log or as a silent failure.

Exam trap

The trap here is that candidates often assume a missing shebang line is the fatal error, but cron actually fails due to the missing execute permission, not the shebang.

How to eliminate wrong answers

Option A is wrong because cron jobs inherit a minimal PATH from the cron daemon, but the PATH variable is not required for a script to run; the script can use absolute paths or set its own PATH. Option B is wrong because cron jobs run as the user who owns the crontab, and the script's ownership does not prevent execution as long as the user has execute permission. Option D is wrong because a shebang line is not strictly required for a script to run; if missing, the script will be executed with the default shell (usually /bin/sh), but the script can still run if it is executable and contains valid shell commands.

462
MCQhard

A server with UEFI firmware and GPT partitioning has a corrupted bootloader. Which command can be used to reinstall GRUB in UEFI mode?

A.grub-install --target=x86_64-efi /dev/sda
B.grub-mkconfig -o /boot/grub/grub.cfg
C.grub2-install /dev/sda
D.grub-install /dev/sda
AnswerA

Correct for UEFI systems.

Why this answer

Option B is correct because it specifies the x86_64-efi target, which installs the EFI bootloader. Option A installs to MBR (for BIOS), C is for GRUB2 in BIOS mode, and D only regenerates the configuration file.

463
Multi-Selectmedium

Which TWO commands can be used to schedule a one-time task at a specific time in the future? (Choose TWO.)

Select 2 answers
A.cron
B.batch
C.sleep
D.at
E.anacron
AnswersB, D

batch is similar to at but runs when load is low.

Why this answer

The `at` command is specifically designed to schedule a one-time task at a specified future time, using the `atd` daemon to execute the job. The `batch` command schedules a one-time task to run when system load levels permit, typically when the load average drops below 0.8 or as defined in `/proc/loadavg`.

Exam trap

The trap here is that candidates often confuse `cron` with `at` because both are time-based job schedulers, but `cron` is strictly for recurring tasks while `at` is for one-time execution, and `batch` is often overlooked as a valid one-time scheduler due to its load-dependent nature.

464
Multi-Selecthard

Which TWO conditions would cause the boot process to fall back to the GRUB rescue shell? (Choose two.)

Select 2 answers
A.The GRUB modules are not loaded from the correct path.
B.The kernel image is not found in /boot.
C.The BIOS cannot find a bootable device.
D.The initramfs is missing or corrupt.
E.The /boot/grub/grub.cfg file is missing or corrupt.
AnswersA, E

If GRUB cannot load its modules (e.g., from /boot/grub), it cannot proceed and falls to rescue.

Why this answer

GRUB rescue shell appears when the GRUB core image cannot find its configuration file or necessary modules to continue booting. Missing boot files like kernel or initramfs cause a kernel panic, not GRUB rescue.

465
MCQmedium

A user compiling software from source successfully runs './configure' and 'make', but the resulting binaries are not in the PATH. Which command should be run to install them system-wide?

A.make
B.make all
C.make clean
D.make install
AnswerD

make install places compiled files in the appropriate system locations.

Why this answer

The 'make install' command copies binaries to standard directories (e.g., /usr/local/bin). 'make' only compiles, 'make all' is default, 'make clean' removes temporary files.

466
MCQhard

A small business runs a Linux server hosting a web application and a PostgreSQL database. The server uses LVM for storage, with a single volume group vg_data containing two logical volumes: lv_web (50GB) and lv_db (100GB). The root filesystem is on a separate disk. The administrator receives alerts that the database volume is at 95% capacity. The server has additional unused space from a recently added disk that was added to the volume group as an additional physical volume, but the space has not been allocated. The administrator runs 'vgs' which shows VG vg_data with total size 500GB, allocated 150GB, and free 350GB. The administrator wants to increase the size of lv_db by 50GB. Which course of action should the administrator take?

A.Run 'lvresize -L 50G /dev/vg_data/lv_db' and then 'xfs_growfs /mount/point'.
B.Run 'lvcreate -L 50G -n lv_backup vg_data' and mount it.
C.Run 'lvextend -L +50G /dev/vg_data/lv_db' and then 'resize2fs /dev/vg_data/lv_db' (if filesystem is ext4).
D.Run 'vgextend vg_data /dev/sdb1' and then 'lvextend -L 50G /dev/vg_data/lv_db'.
AnswerC

Correct: extends both the LV and filesystem.

Why this answer

Option C is correct because the administrator needs to extend the existing logical volume lv_db by 50GB using 'lvextend -L +50G /dev/vg_data/lv_db' (the '+' is critical for relative growth), and then if the filesystem is ext4, 'resize2fs /dev/vg_data/lv_db' resizes the filesystem to use the newly allocated space. The volume group already has 350GB free, so no new physical volume needs to be added.

Exam trap

The trap here is that candidates often forget the '+' sign in 'lvextend -L +50G' (which means add 50GB) versus '-L 50G' (which sets absolute size to 50GB), and they may also incorrectly assume a new physical volume must be added even when free space already exists in the volume group.

How to eliminate wrong answers

Option A is wrong because 'lvresize -L 50G' sets the absolute size to 50GB, which would shrink the volume from its current size (likely 100GB) to 50GB, causing data loss; also, xfs_growfs is only for XFS filesystems, not ext4. Option B is wrong because creating a new logical volume (lv_backup) does not increase the size of lv_db; it only adds a separate volume, leaving the database volume still at 95% capacity. Option D is wrong because 'vgextend' is unnecessary—the volume group already has 350GB free space—and 'lvextend -L 50G' without the '+' sign would set the absolute size to 50GB, potentially shrinking the volume.

467
Multi-Selectmedium

Which THREE of the following are valid files or directories used by the Domain Name System (DNS) resolution process on a Linux system?

Select 3 answers
A./etc/host.conf
B./etc/resolv.conf
C./etc/named.conf
D./etc/sysconfig/network
E./etc/nsswitch.conf
AnswersA, B, E

Specifies resolver options like order and multi.

Why this answer

Option A is correct because `/etc/host.conf` controls the order in which hostname resolution methods are tried (e.g., 'order hosts,bind'), directly influencing whether the system queries DNS or checks local files first. This file is part of the glibc resolver's configuration and is consulted during the DNS resolution process on Linux.

Exam trap

The trap here is that candidates confuse server-side DNS configuration files (like `/etc/named.conf`) with client-side resolution files, or they overlook `/etc/host.conf` and `/etc/nsswitch.conf` as essential parts of the DNS resolution chain.

468
MCQhard

An administrator wants to enforce a password history that prevents using the last 5 passwords. Which directive should be added to /etc/pam.d/system-auth?

A.password optional pam_pwhistory.so remember=5
B.password sufficient pam_pwhistory.so remember=5
C.password required pam_pwhistory.so remember=5
D.password requisite pam_pwhistory.so remember=5
AnswerC

Correct: enforces password history of 5 passwords.

Why this answer

Option C is correct because the `required` control flag ensures that the `pam_pwhistory.so` module must succeed for the password change to proceed, and `remember=5` enforces that the last 5 passwords cannot be reused. This is the standard way to enforce password history in PAM (Pluggable Authentication Modules) on Linux systems.

Exam trap

The trap here is confusing the PAM control flags (`required`, `requisite`, `sufficient`, `optional`) and their specific behaviors, especially thinking `requisite` is equivalent to `required` for password history, when in fact `required` is the standard choice for this module.

How to eliminate wrong answers

Option A is wrong because `optional` means the module's success or failure is ignored unless it is the only module in the stack, which would not enforce the password history requirement. Option B is wrong because `sufficient` means if this module succeeds, PAM skips remaining modules in the stack, which could bypass other password quality checks. Option D is wrong because `requisite` causes immediate failure if the module fails, but it is typically used for critical checks like account expiration, not for password history; `required` is the correct control for enforcing history without aborting the entire stack prematurely.

469
Multi-Selectmedium

An administrator needs to restart the SSH service after a configuration change. Which TWO commands can accomplish this on a systemd-based system?

Select 2 answers
A.initctl restart sshd
B.rc.d restart sshd
C.systemctl restart sshd
D.service sshd restart
E./etc/init.d/sshd restart
AnswersC, D

The correct systemd command to restart a service.

Why this answer

On a systemd-based system, the correct command to restart the SSH service is `systemctl restart sshd`. This command communicates directly with systemd's service manager to stop and then start the sshd unit, ensuring proper state tracking and dependency handling.

Exam trap

The trap here is that candidates may assume the `service` command (Option D) is always correct on systemd systems, but while it often works via a compatibility wrapper, the official and reliable command for systemd is `systemctl`, and the question explicitly asks for commands that 'can accomplish this on a systemd-based system'—both C and D are technically valid, but D relies on a legacy compatibility layer that may not be present in minimal or hardened systemd installations.

470
MCQeasy

A systems administrator needs to find all files in /var/log that were modified in the last 24 hours and contain the word 'error'. Which command accomplishes this?

A.grep -r 'error' /var/log -mtime 0
B.find /var/log -mtime 0 -exec grep -l 'error' {} \;
C.find /var/log -mmin 1440 -exec grep 'error' {}
D.ls -l /var/log | grep error
AnswerB

Correctly uses find to filter by modification time and grep to search content.

Why this answer

Option B is correct because it uses `find` with `-mtime 0` to locate files modified within the last 24 hours, then pipes each found file to `grep -l` to print only filenames containing 'error'. The `-exec` option runs `grep` on each file individually, and `-l` ensures only matching filenames are output, not the matching lines.

Exam trap

The trap here is that candidates often confuse `grep` options with `find` options (like `-mtime`) or forget that `grep` alone cannot filter by file modification time, leading them to choose Option A or C without recognizing the missing `-l` flag or syntax errors.

How to eliminate wrong answers

Option A is wrong because `grep -r` recursively searches file contents but does not filter by modification time; `-mtime 0` is not a valid `grep` option (it belongs to `find`), so the command would fail or behave unexpectedly. Option C is wrong because `-mmin 1440` correctly finds files modified in the last 1440 minutes (24 hours), but `-exec grep 'error' {}` lacks the `-l` flag, causing it to print matching lines instead of filenames, and it does not use `+` or `;` correctly (missing `\;` or `+`), which may lead to syntax errors or unintended behavior. Option D is wrong because `ls -l /var/log | grep error` only lists filenames in `/var/log` that contain 'error' in their name (or metadata line), not files whose content contains the word 'error', and it ignores modification time filtering entirely.

471
Multi-Selectmedium

A sysadmin is tasked with configuring the shell environment for all users. Which three files are typically sourced by Bash during login? (Choose THREE)

Select 3 answers
A.~/.bashrc
B./etc/bash.bashrc
C.~/.bash_profile
D./etc/profile
E.~/.profile
AnswersC, D, E

One of the user-specific login files.

Why this answer

Option C is correct because during a login shell, Bash reads ~/.bash_profile (if it exists) to set user-specific environment variables and startup scripts. This file is sourced before ~/.profile and is the preferred file for login shell configurations, ensuring environment settings like PATH are applied.

Exam trap

The trap here is that candidates confuse the sourcing order for login shells versus non-login interactive shells, mistakenly selecting ~/.bashrc or /etc/bash.bashrc which are only for non-login shells.

472
MCQmedium

A system administrator wants to configure NTP client on a server running systemd and using systemd-timesyncd. Which file should be edited to set the NTP server?

A./etc/chrony.conf
B./etc/systemd/timesyncd.conf
C./etc/ntp.conf
D./etc/ntp/ntp.conf
AnswerB

This is the configuration file for systemd-timesyncd, the default NTP client on systemd systems.

Why this answer

Option C is correct because systemd-timesyncd configuration is stored in /etc/systemd/timesyncd.conf. Option A is for the traditional ntpd, Option B for chrony, and Option D is not a standard path.

473
MCQhard

Refer to the exhibit. How many SATA controllers are detected, and what is the connection speed of the SSD?

A.3 controllers; SSD at 6.0 Gbps
B.2 controllers; SSD at 6.0 Gbps
C.2 controllers; SSD at 3.0 Gbps
D.1 controller; SSD at 6.0 Gbps
AnswerB

Two ata ports detected; SSD link speed is 6.0 Gbps.

Why this answer

The output from `lspci` shows two SATA controllers: one identified as 'SATA controller: Intel Corporation 82801IBM/IEM (ICH9M/ICH9M-E) 4 port SATA Controller' and another as 'SATA controller: Intel Corporation 82801IBM/IEM (ICH9M/ICH9M-E) 2 port SATA Controller'. The SSD is connected to the 6 Gbps port, as indicated by the '6 Gbps' label in the device listing, confirming a 6.0 Gbps connection speed.

Exam trap

The trap here is that candidates may miscount the number of SATA controllers by confusing individual ports or devices with separate controllers, or misread the speed indicator (e.g., assuming all SATA ports are 3.0 Gbps by default).

How to eliminate wrong answers

Option A is wrong because it claims 3 controllers are detected, but the exhibit only lists two distinct SATA controllers. Option C is wrong because it states the SSD is at 3.0 Gbps, but the exhibit explicitly shows '6 Gbps' for the SSD. Option D is wrong because it says only 1 controller is detected, while the exhibit clearly shows two separate SATA controller entries.

474
MCQeasy

A technician is repairing a system and needs to mount the root filesystem from a different disk to /mnt/sysroot. The partition is /dev/sda2 with an ext4 filesystem. Which command should be used?

A.mount -o loop /dev/sda2 /mnt/sysroot
B.mount -a
C.mount -t ext4 /dev/sda2 /mnt
D.mount /dev/sda2 /mnt/sysroot
AnswerD

This correctly mounts the device to the specified mount point, auto-detecting the filesystem type.

Why this answer

Option D is correct because the `mount` command with the device and mount point as arguments automatically detects the filesystem type (e.g., ext4) and mounts the partition at the specified directory. This is the standard way to mount a root filesystem from a different disk for repair purposes.

Exam trap

The trap here is that candidates may confuse the `-o loop` option with mounting a partition, or assume that `-t ext4` is always required, when in fact `mount` auto-detects the filesystem type for common formats like ext4.

How to eliminate wrong answers

Option A is wrong because the `-o loop` option is used for mounting a file as a loop device (e.g., an ISO image), not a block device like `/dev/sda2`. Option B is wrong because `mount -a` mounts all filesystems listed in `/etc/fstab`, not a specific partition to a custom mount point. Option C is wrong because it specifies the mount point as `/mnt` instead of `/mnt/sysroot`, which does not match the required target directory.

475
MCQmedium

An administrator wants to prevent a specific package from being upgraded during routine system updates. Which command marks the package as held back?

A.apt-get hold package
B.apt-mark hold package
C.dpkg --hold package
D.echo 'package hold' | dpkg --set-selections
AnswerB

apt-mark hold is the standard command to prevent package upgrades.

Why this answer

Option B is correct because apt-mark hold package prevents upgrades. Option A is incorrect because dpkg --set-selections with 'hold' works but requires a different syntax. Option C is incorrect because apt-get hold is not a valid command.

Option D is incorrect because dpkg --hold is not a valid option.

476
MCQmedium

Refer to the exhibit. A new installation requires the root filesystem to be placed on LVM. Based on the current disk layout, which partition is most suitable for use as an LVM physical volume?

A./dev/sda3
B./dev/sda2
C.A new partition must be created.
D./dev/sda1
AnswerB

It is type 8e (Linux LVM) and large enough.

Why this answer

Option B (/dev/sda2) is correct because it is the only partition with the Linux LVM system ID (8e) in the exhibit, which is required for a partition to be used as an LVM physical volume. The extended partition /dev/sda2 contains the logical drives, but the system ID 8e on /dev/sda2 itself indicates it is designated for LVM, making it suitable for pvcreate.

Exam trap

The trap here is that candidates may assume any partition within an extended partition (like /dev/sda3) can be used for LVM, but the system ID must be explicitly set to 8e, and the extended partition itself (/dev/sda2) can be the physical volume if it has the correct flag.

How to eliminate wrong answers

Option A is wrong because /dev/sda3 is a logical drive within the extended partition, but its system ID is 83 (Linux native), not 8e (LVM), so it cannot be used directly as an LVM physical volume without changing its type. Option C is wrong because a new partition is not necessary; /dev/sda2 already exists with the correct LVM system ID and can be used. Option D is wrong because /dev/sda1 has system ID 83 (Linux native) and is typically used for /boot, not for LVM, and lacks the 8e flag.

477
MCQeasy

A helpdesk technician receives a call about a user who is unable to run a script that was working yesterday. The user says they only changed the ownership of a file in their home directory. The script is located in /usr/local/bin and is owned by root:root. The script has permissions 755. Which of the following is the most likely cause of the issue?

A.The user changed the ownership of the /usr/local/bin directory.
B.The script requires root privileges to run.
C.The user accidentally changed the ownership of the script file.
D.The user changed the ownership of one of the script's input files, making it unreadable.
AnswerD

If an input file's ownership changed to another user, the current user may lose read access.

Why this answer

Option D is correct because the script itself is owned by root:root with 755 permissions, meaning it is executable by everyone. However, if the user changed the ownership of an input file that the script reads, that file may now be owned by the user but with permissions that prevent the script (running as the user) from reading it, or the script may require specific ownership to access the file. Since the script was working yesterday and the only change was ownership of a file in the home directory, the most likely cause is that the script's input file is now unreadable or inaccessible due to the ownership change.

Exam trap

The trap here is that candidates assume the script itself must be the problem because it's in /usr/local/bin, but the question explicitly states the user only changed ownership of a file in their home directory, so the issue must be with a file the script depends on, not the script itself.

How to eliminate wrong answers

Option A is wrong because changing ownership of /usr/local/bin would require root privileges, and the user only changed ownership of a file in their home directory, not a system directory. Option B is wrong because the script has permissions 755 and is owned by root:root, but it does not require root privileges to run; any user can execute it, and it was working yesterday without root. Option C is wrong because the script is located in /usr/local/bin and owned by root:root; the user cannot change ownership of that script without root privileges, and they only changed ownership of a file in their home directory.

478
MCQmedium

A system administrator installs a new RPM package, but it fails due to a missing library dependency. Which command can best identify the specific dependency that is missing?

A.yum deplist
B.rpm -qlp
C.rpm -qa
D.rpm -qpR
AnswerD

This queries a package file for its requires (dependencies).

Why this answer

The correct command is `rpm -qpR`. The `-q` flag queries the RPM database, `-p` specifies a package file (not an installed package), and `-R` lists all capabilities (including shared libraries) that the package requires. This directly shows the missing dependency by name, such as `libfoo.so.1`.

The other options either list installed packages, query files within a package, or use a higher-level tool that may not pinpoint the exact missing library.

Exam trap

The trap here is that candidates often confuse `rpm -qlp` (list files) with `rpm -qpR` (list requirements), or they assume `yum deplist` is the best tool for a local RPM file, but `yum` requires network access and repository metadata, while `rpm` works directly on the file.

How to eliminate wrong answers

Option A is wrong because `yum deplist` shows dependencies for a package but uses the YUM repository metadata, not the RPM package file itself, and may not reveal the exact missing library if the repository is incomplete or the package is local. Option B is wrong because `rpm -qlp` lists the files that would be installed by the package, not the dependencies it requires. Option C is wrong because `rpm -qa` lists all installed packages, which is irrelevant for diagnosing a missing dependency from a new package.

479
MCQhard

Refer to the exhibit. A system administrator checks the integrity of the passwd package on a CentOS 7 system using rpm -V. Based on the output, what is the most likely cause of the 'missing' line?

A.The package was updated to a newer version that no longer includes this file.
B.The file /etc/security/passwd was modified after installation.
C.The package was not installed completely.
D.The file /etc/security/passwd was deleted from the filesystem.
AnswerD

The 'missing' attribute indicates the file is not present on disk.

Why this answer

The 'missing' line in the rpm -V output indicates that the file /etc/security/passwd is not present on the filesystem. Since rpm -V verifies file attributes and existence against the RPM database, a missing file means it was deleted after installation. Option D correctly identifies this as the most likely cause.

Exam trap

The trap here is that candidates may confuse 'missing' with 'modified' or think an incomplete installation would cause a single missing file, but rpm -V specifically distinguishes between missing files (deleted) and modified files (changed attributes).

How to eliminate wrong answers

Option A is wrong because if the package were updated to a newer version that no longer includes this file, the file would be removed during the update and rpm -V would not report it as missing (the RPM database would reflect the new package contents). Option B is wrong because a modified file would show a '5' (MD5 checksum change) or other attribute change in the output, not a 'missing' indicator. Option C is wrong because an incomplete installation would likely cause multiple missing files or other verification errors, and the RPM database would not have recorded the file as part of the package if it were never installed.

480
MCQeasy

A system administrator wants to mount a USB flash drive formatted with the ext4 filesystem. The device is detected as /dev/sdc1. Which command should be used to mount the device to /mnt/usb?

A.mount -a /dev/sdc1 /mnt/usb
B.mount /mnt/usb /dev/sdc1
C.mount /dev/sdc1 /mnt/usb
D.mount -t ext4 /dev/sdc1 /mnt/usb
AnswerC

Correct: mount with device and mount point, filesystem auto-detected.

Why this answer

Option C is correct because the standard syntax for the mount command is `mount [options] <device> <mountpoint>`. Here, `/dev/sdc1` is the device and `/mnt/usb` is the target directory. The ext4 filesystem is auto-detected by the kernel, so specifying `-t ext4` is optional but not incorrect.

Exam trap

The trap here is that candidates often over-specify the `-t` flag thinking it is required, or confuse the argument order (device vs. mountpoint), leading them to pick D or B instead of the simpler and correct C.

How to eliminate wrong answers

Option A is wrong because `mount -a` mounts all filesystems listed in /etc/fstab, not a specific device; it ignores the `/dev/sdc1 /mnt/usb` arguments. Option B is wrong because it reverses the positional arguments, placing the mountpoint before the device, which will cause mount to interpret `/mnt/usb` as the device and fail. Option D is technically valid but not the minimal correct answer; the question asks 'which command should be used' and the `-t ext4` flag is unnecessary since the kernel can auto-detect ext4, making C the simpler and more standard choice.

481
MCQmedium

A user reports that a USB drive (device /dev/sdc1) is not automatically mounted at boot. The output of 'blkid' and the relevant line in /etc/fstab are shown in the exhibit. What is the most likely cause of the failure?

A.The device /dev/sdc1 does not exist.
B.The mount point /media/usb does not exist.
C.The UUID in /etc/fstab does not match the device's UUID.
D.The filesystem is corrupted and requires fsck.
E.The filesystem type is incorrectly specified as vfat.
AnswerC

The fstab entry has UUID=5678-EFGH but blkid shows UUID=1234-ABCD, so the system cannot find the device.

Why this answer

The UUID in /etc/fstab does not match the UUID reported by blkid, causing the system to not find the device at boot. Option A is incorrect because the filesystem is detected by blkid. Option B is incorrect because the mount point exists (otherwise manual mount would fail).

Option D is incorrect because the filesystem type matches. Option E is incorrect because the device file exists.

482
Multi-Selectmedium

Which THREE of the following commands can be used to transform delimited text (e.g., CSV) by selecting specific fields or columns?

Select 3 answers
A.cut
B.tr
C.awk
D.cat
E.sed
AnswersA, C, E

Selects columns by delimiter.

Why this answer

The `cut` command is specifically designed to extract sections from each line of input, making it ideal for selecting fields from delimited text like CSV. By using the `-d` option to specify a delimiter (e.g., `-d','`) and the `-f` option to choose fields (e.g., `-f1,3`), `cut` can efficiently extract columns without additional processing.

Exam trap

The trap here is that candidates often confuse `cut` with `tr` because both manipulate text, but `tr` operates on characters, not fields, making it unsuitable for column selection.

483
MCQhard

In the /etc/shadow file, a user's password hash begins with '$6$'. What hash algorithm does this prefix indicate?

A.SHA-512
B.SHA-256
C.MD5
D.Blowfish
AnswerA

$6$ corresponds to SHA-512.

Why this answer

The prefix '$6$' in the /etc/shadow file indicates that the password hash was generated using the SHA-512 (Secure Hash Algorithm 512-bit) algorithm. This is defined in the crypt(3) function's modular crypt format, where $1$ is MD5, $5$ is SHA-256, and $6$ is SHA-512. SHA-512 is the strongest of the commonly used hash algorithms in Linux password hashing, providing a 512-bit digest.

Exam trap

The trap here is that candidates often confuse the prefix '$6$' with SHA-256 (which uses '$5$') or mistakenly associate '$6$' with Blowfish due to similar numbering, but the correct mapping is $1$=MD5, $5$=SHA-256, $6$=SHA-512.

How to eliminate wrong answers

Option B (SHA-256) is wrong because SHA-256 uses the prefix '$5$', not '$6$'. Option C (MD5) is wrong because MD5 uses the prefix '$1$', and it is considered cryptographically broken for password storage. Option D (Blowfish) is wrong because Blowfish-based bcrypt uses the prefix '$2a$', '$2b$', or '$2y$', not '$6$'.

484
MCQhard

An administrator suspects that a critical system file has been modified after installation. Which command can be used to verify the integrity of all installed RPM packages on a RHEL system?

A.`rpm -K`
B.`rpm --verify`
C.`rpm -V all`
D.`rpm -Va`
AnswerD

Verifies all installed packages against RPM database.

Why this answer

`rpm -Va` verifies all installed packages by checking file sizes, permissions, hashes, etc., against the RPM database. The other options are incorrect: `rpm -V` requires a package name, `rpm --checksig` checks signature only, and `rpm -K` also checks signature.

485
MCQhard

A system administrator is tasked with migrating several shell scripts from a legacy UNIX system to a new Linux server. One script uses the command 'grep -E "pattern1|pattern2"' which works fine on the old system. However, on the new Linux server, the patterns are not being matched correctly. The administrator suspects it is due to differences in grep implementations. Which of the following is the most likely reason for the discrepancy?

A.The old system used GNU grep and the new system uses BSD grep, which treats the -E flag the same.
B.The old system's grep interpreted the pattern as basic regex and the new system's grep interprets it as extended regex because of the -E flag, but the pattern syntax is the same.
C.The pattern includes metacharacters that are interpreted differently because the shell's locale settings are different.
D.The new system's grep does not support the -E flag (e.g., BusyBox grep).
AnswerD

BusyBox grep may not include -E; it only supports basic regular expressions.

Why this answer

Option A is correct: The new system may have a minimal grep implementation (e.g., from BusyBox) that does not support the -E flag for extended regular expressions. BusyBox grep typically only supports basic regex without -E. Option B is less likely because locale affects character classes but not simple alternation.

Option C is false because GNU and BSD grep both support -E. Option D is false because -E enables extended regex on both implementations.

486
Multi-Selectmedium

Which THREE of the following are types of expansion performed by the bash shell during command parsing?

Select 3 answers
A.Parameter expansion
B.Tilde expansion
C.Brace expansion
D.Variable assignment
E.Alias expansion
AnswersA, B, C

e.g., ${var} expands variable value.

Why this answer

Options A, B, and D are correct: brace expansion, tilde expansion, and parameter expansion are all performed by bash. Alias expansion is not an expansion step; variable assignment is not an expansion.

487
MCQmedium

A system administrator wants to install custom scripts that should be available to all users. The scripts are not part of any package and should be placed under the Filesystem Hierarchy Standard (FHS). Which directory is most appropriate?

A./var
B./opt
C./usr/local/bin
D./home
AnswerC

/usr/local/bin is the standard location for locally administered binaries and scripts.

Why this answer

The correct answer is /usr/local/bin because the Filesystem Hierarchy Standard (FHS) designates /usr/local as the location for locally installed software not managed by the system's package manager. Placing custom scripts in /usr/local/bin ensures they are in the default PATH for all users, while keeping them separate from system binaries in /usr/bin and /bin.

Exam trap

The trap here is that candidates often confuse /opt with /usr/local, but /opt is designed for self-contained third-party application packages (each in its own subdirectory), not for individual scripts that need to be directly in the PATH.

How to eliminate wrong answers

Option A is wrong because /var is intended for variable data files such as logs, spools, and temporary files, not for executable scripts. Option B is wrong because /opt is reserved for add-on application software packages, typically installed in their own subdirectory tree, not for individual scripts meant to be directly executable from the PATH. Option D is wrong because /home contains user home directories and is not part of the default system PATH; scripts placed there would not be accessible to all users without explicit path configuration.

488
Multi-Selecthard

Which TWO commands can be used to count the number of lines in a file named 'data.txt'?

Select 2 answers
A.wc -l data.txt
B.awk 'END{print NR}' data.txt
C.cat data.txt | wc -c
D.grep -c '.*' data.txt
E.sed -n '$=' data.txt
AnswersA, B

wc -l counts line endings.

Why this answer

Option A is correct because `wc -l` specifically counts the number of newline characters in the file, which corresponds to the number of lines. Option B is correct because `awk 'END{print NR}'` processes the file line by line, and the built-in variable `NR` holds the total number of records (lines) processed when the END block is executed, thus outputting the line count.

Exam trap

The trap here is that candidates often confuse `wc -c` (byte count) with `wc -l` (line count), or assume `grep -c '.*'` counts all lines without realizing it may miss empty lines or behave differently across grep implementations.

489
MCQmedium

Refer to the exhibit. An administrator wants to mount /dev/sda4 persistently by its UUID. Which line should be added to /etc/fstab?

A.UUID=abc-123 /mnt/data ext4 defaults 0 2
B.UUID=abc-123 /mnt/data ext4 noauto 0 2
C.LABEL=data /mnt/data ext4 defaults 0 2
D./dev/sda4 /mnt/data ext4 defaults 0 2
AnswerA

This correctly uses the UUID and mount point.

Why this answer

The UUID is 'abc-123', filesystem type is ext4, and the mount point is /mnt/data. The correct fstab entry uses UUID=abc-123.

490
MCQeasy

After updating the SSH configuration, a sysadmin restarts the sshd service, but remote connections still use the old settings. Which command should be used to reload the configuration without dropping existing connections?

A.systemctl restart sshd
B.systemctl reload sshd
C.systemctl refresh sshd
D.systemctl restart sshd
AnswerB

Reloads config without dropping connections.

Why this answer

Option D is correct because 'systemctl reload sshd' instructs the daemon to reload its configuration without disconnecting active sessions. Option A is wrong because restart kills all connections. Option B is wrong because reload is standard.

Option C is wrong because it is not a valid systemctl command.

491
MCQhard

A company wants to migrate a database server from ext4 to XFS to support larger files and better scalability. The current data resides on a single partition /dev/sda1 mounted at /data. Which procedure ensures a successful migration with minimal downtime?

A.Use dd if=/dev/sda1 of=/dev/sdb1 bs=4M to clone the partition, then change fstab to use /dev/sdb1.
B.Add a new disk, create a partition with mkfs.xfs, mount it at /mnt, copy /data contents using cp -a, update /etc/fstab to use the new device, and remount.
C.Run tune2fs -O xfs /dev/sda1 to change the filesystem type.
D.Mount an NFS share, use rsync to copy data to the NFS mount, then unmount and reformat the original partition with XFS.
AnswerB

This creates a fresh XFS filesystem, preserves permissions with cp -a, and updates fstab for persistence.

Why this answer

Option B is correct because it provides a safe, low-downtime migration path: create a new XFS filesystem on a separate disk, copy the existing data with `cp -a` to preserve permissions and metadata, update `/etc/fstab` to mount the new XFS device at `/data`, and remount. This avoids modifying the original ext4 partition and ensures the database files are intact on a supported filesystem.

Exam trap

The trap here is that candidates may think `dd` or `tune2fs` can convert filesystem types, but `dd` only clones raw data and `tune2fs` is ext-specific, so the only safe method is to create a new XFS filesystem and copy the data.

How to eliminate wrong answers

Option A is wrong because `dd` clones the raw block device including the ext4 filesystem metadata, so the target `/dev/sdb1` would remain an ext4 partition, not XFS; it also requires an identical or larger disk and does not convert the filesystem. Option C is wrong because `tune2fs` is an ext2/ext3/ext4 utility and cannot change a filesystem to XFS; the `-O xfs` flag does not exist, and attempting this would corrupt the filesystem. Option D is wrong because using an NFS share introduces network dependency and potential permission/ownership issues, and the procedure of unmounting and reformatting the original partition would cause significant downtime and data loss if the rsync copy is incomplete.

492
MCQhard

A company security policy requires that user accounts be disabled after 90 days of inactivity. The system administrator locks user accounts using 'usermod -L username'. However, users with SSH key authentication can still log in. The administrator has verified that the locked flag is set in /etc/shadow. Which of the following is the most likely explanation?

A.The administrator forgot to restart the SSH service after locking accounts.
B.The SSH daemon is configured to allow passwordless login for locked accounts.
C.The usermod -L command only locks password-based login, not SSH key login.
D.The users have valid SSH keys in their ~/.ssh/authorized_keys, and SSH does not check the account lock status.
AnswerC

usermod -L sets an '!' in the password field, which prevents password authentication but not SSH key authentication.

Why this answer

The `usermod -L` command locks a user account by placing a '!' in the password hash field of /etc/shadow, which only prevents authentication via password-based methods (e.g., PAM's pam_unix). SSH key authentication uses the SSH protocol's public-key challenge-response, which is handled by the SSH daemon (sshd) and does not consult the locked password field in /etc/shadow. Therefore, users with valid SSH keys in ~/.ssh/authorized_keys can still log in despite the account being locked.

Exam trap

The trap here is that candidates assume 'locking' an account with `usermod -L` disables all login methods, but it only affects password-based authentication, not SSH key-based or other non-password mechanisms.

How to eliminate wrong answers

Option A is wrong because restarting the SSH service would not change the behavior; SSH does not cache account lock status, and the lock is already applied in /etc/shadow. Option B is wrong because SSH does not have a configuration option to allow passwordless login specifically for locked accounts; the lock only affects password authentication, not key-based authentication. Option D is wrong because SSH does check account lock status for password authentication, but for key-based authentication it only verifies the key against authorized_keys and does not check the shadow lock flag.

493
MCQmedium

An administrator needs to create a new ext4 filesystem on /dev/sdb1 and wants to reserve 2% of the blocks for the root user. Which command should be used?

A.mkfs.ext4 -m 2 /dev/sdb1
B.tune2fs -m 2 /dev/sdb1
C.mke2fs -r 2 /dev/sdb1
D.mkfs.ext4 -R 2 /dev/sdb1
AnswerA

Correct: -m specifies reserved blocks percentage.

Why this answer

Option A is correct because the `-m` flag in `mkfs.ext4` specifies the percentage of filesystem blocks reserved for the root user (superuser). By default, ext4 reserves 5% of blocks; using `-m 2` reduces this to 2%, as required. This command creates a new ext4 filesystem on `/dev/sdb1` with the specified reserved block percentage.

Exam trap

The trap here is that candidates confuse `-m` (reserved block percentage) with `-r` (revision level) or assume `tune2fs` can be used to create a filesystem, when in fact `tune2fs` only modifies existing filesystems.

How to eliminate wrong answers

Option B is wrong because `tune2fs` modifies parameters on an existing ext2/3/4 filesystem, but the question asks to create a new filesystem; `tune2fs` cannot create a filesystem. Option C is wrong because `mke2fs -r 2` sets the filesystem revision level (e.g., revision 1 or 2), not the reserved block percentage; the correct flag for reserved blocks is `-m`. Option D is wrong because `mkfs.ext4 -R 2` is invalid; `-R` is not a recognized option in `mkfs.ext4` (the correct flag is `-m`), and this would likely produce an error or be ignored.

494
MCQhard

After a system crash, the root filesystem (ext4) is mounted read-only and the administrator needs to perform an interactive check. Which command should be used?

A.fsck -n /dev/sda1
B.fsck -y /dev/sda1
C.fsck -r /dev/sda1
D.fsck -a /dev/sda1
AnswerC

Correct: -r runs interactive check, prompting for each repair.

Why this answer

Option C is correct because the `-r` flag in `fsck` performs an interactive repair, prompting the administrator for a yes/no decision before fixing each filesystem issue. This is exactly what is needed after a crash when the root filesystem is mounted read-only and the administrator wants to manually check and decide on repairs. The `-r` flag is the standard way to invoke interactive mode for ext4 filesystems.

Exam trap

The trap here is that candidates confuse the `-r` (interactive repair) flag with the `-a` (automatic repair) or `-y` (assume yes) flags, mistakenly thinking automatic repair is safer or more appropriate for a post-crash scenario, when in fact interactive checking is the standard for root filesystems to avoid unintended damage.

How to eliminate wrong answers

Option A is wrong because `-n` causes fsck to perform a non-interactive, read-only check without making any repairs, which does not allow the administrator to interactively decide on fixes. Option B is wrong because `-y` automatically answers 'yes' to all repair prompts, bypassing the interactive decision-making the administrator needs. Option D is wrong because `-a` is a legacy flag that automatically repairs without prompting (equivalent to `-y` on modern systems), and it does not provide interactive control.

495
Multi-Selecthard

Which THREE of the following are valid systemd targets?

Select 3 answers
A.rescue.target
B.sysinit.target
C.always.target
D.basic.target
E.runlevel4.target
AnswersA, B, D

A standard systemd target for rescue mode.

Why this answer

Correct options are A, B, C. rescue.target, sysinit.target, and basic.target are all standard systemd targets. Option D (runlevel4.target) is not a standard systemd target (runlevel4.target is missing; systemd uses runlevel?.target symlinks but runlevel4.target is not defined by default). Option E (always.target) does not exist in systemd.

496
Multi-Selectmedium

Which TWO of the following are valid methods to reduce boot time on a Linux system? (Select exactly 2.)

Select 2 answers
A.Disable unnecessary systemd services.
B.Use an initramfs with minimal drivers.
C.Replace a hard disk drive with a solid-state drive.
D.Increase the kernel log level to debug.
E.Use ext2 instead of ext4 as the root filesystem.
AnswersA, C

Reduces the number of processes started sequentially.

Why this answer

Disabling unnecessary systemd services reduces the number of processes that must be started during boot, directly decreasing the time spent in the target phase of systemd's parallel service activation. Each disabled service eliminates its own dependency resolution, unit loading, and execution overhead, which is especially impactful on systems with many enabled services.

Exam trap

The trap here is that candidates often confuse 'reducing boot time' with 'reducing kernel size' or 'removing features,' but the two most effective methods are eliminating unnecessary startup processes (services) and upgrading the storage hardware to reduce I/O wait, not tweaking filesystem types or kernel logging verbosity.

497
MCQhard

A Linux system fails to boot after an admin added an entry in /etc/fstab to mount an NFS share. The error message indicates 'mount: can't find /mnt/nfs in /etc/fstab'. Which is the most likely cause?

A.The NFS server is unreachable.
B.The option 'noauto' was used in fstab.
C.The fstab entry has incorrect syntax causing mount to ignore it.
D.The mount point directory /mnt/nfs does not exist.
AnswerC

A syntax error can cause the entire line to be skipped, leading to 'can't find' error.

Why this answer

Option C is correct because the error message 'mount: can't find /mnt/nfs in /etc/fstab' indicates that the system's mount command cannot locate a valid entry for the mount point in /etc/fstab. This typically occurs when the fstab entry contains a syntax error (e.g., missing fields, incorrect whitespace, or invalid options) that causes the system to skip or ignore the line entirely. Even if the mount point directory exists, a malformed entry will prevent the system from recognizing it during boot.

Exam trap

The trap here is that candidates confuse the error message for a missing mount point (Option D) with a missing fstab entry, when in fact the system is telling you it cannot find the entry in the fstab file due to a syntax error.

How to eliminate wrong answers

Option A is wrong because if the NFS server were unreachable, the error would be something like 'mount.nfs: Connection timed out' or 'mount: mounting ... failed: No route to host', not a complaint about the fstab entry. Option B is wrong because the 'noauto' option prevents automatic mounting at boot but does not cause mount to claim the entry is missing; the entry would still be found and simply skipped. Option D is wrong because if the mount point directory did not exist, the error would be 'mount: mount point /mnt/nfs does not exist' — a different message than 'can't find /mnt/nfs in /etc/fstab'.

498
MCQhard

A system boots in UEFI mode, and the administrator wants to add a new kernel entry to the EFI boot manager. Which tool should be used?

A.efibootmgr
B.grub2-install
C.lilo
D.mknbi
AnswerA

Efibootmgr is the standard tool to create, delete, and modify EFI boot entries.

Why this answer

The correct option is D: efibootmgr is a tool for managing EFI boot entries. Option A (grub2-install) installs GRUB but does not manage boot entries. Option B (mknbi) is for network boot.

Option C (lilo) is a legacy bootloader.

499
MCQhard

A security administrator needs to allow SSH access from the 10.0.0.0/8 network but deny all other traffic to port 22. The firewall uses iptables with default policy ACCEPT on the INPUT chain. Which set of rules should be added?

A.iptables -A INPUT -p tcp --dport 22 -j DROP; iptables -A INPUT -s 10.0.0.0/8 -p tcp --dport 22 -j ACCEPT
B.iptables -A INPUT -s 10.0.0.0/8 -p tcp --dport 22 -j DROP; iptables -A INPUT -p tcp --dport 22 -j ACCEPT
C.iptables -A INPUT -s 10.0.0.0/8 -p tcp --dport 22 -j ACCEPT
D.iptables -A INPUT -s 10.0.0.0/8 -p tcp --dport 22 -j ACCEPT; iptables -A INPUT -p tcp --dport 22 -j DROP
AnswerD

Allows subnet first, then drops all other SSH.

Why this answer

Option C is correct: First rule allows SSH from 10.0.0.0/8, second rule drops all other SSH. Option A would drop all SSH. Option B allows from subnet but doesn't block others.

Option D blocks subnet.

500
MCQmedium

A system administrator suspects a failing power supply because the server randomly reboots. Which command can be used to check hardware health and event logs?

A.ipmitool sensor list
B.sensors -u
C.lspci -v
D.dmidecode -t baseboard
AnswerA

ipmitool accesses IPMI BMC for sensor readings and event logs, ideal for hardware health monitoring.

Why this answer

Option A (dmidecode) reads DMI/SMBIOS tables for hardware info but not event logs. Option B (ipmitool) can query the BMC sensor data and event logs (SEL) via IPMI, which is useful for detecting power supply issues. Option C (lspci) lists PCI devices.

Option D (sensors) reads thermal sensors but not comprehensive logs. So B is correct.

501
Multi-Selecteasy

Which TWO of the following are valid methods to list currently loaded kernel modules?

Select 2 answers
A.dmesg | grep module
B.lsmod
C.modprobe -l
D.cat /proc/modules
E.modinfo
AnswersB, D

Standard command to list loaded modules.

Why this answer

Options A and C are correct: 'lsmod' and 'cat /proc/modules' both display loaded modules. 'modinfo' shows information about a specific module, 'dmesg | grep module' shows kernel messages, and 'modprobe -l' lists available modules, not loaded ones.

502
MCQmedium

A system administrator wants to schedule a script to run every Monday at 3:00 AM, but only if the system clock is set to local time (not UTC). Which crontab entry should be used?

A.3 0 * * 1 /path/to/script
B.0 3 * * 1 /path/to/script
C.0 15 * * 1 /path/to/script
D.0 3 * * 0 /path/to/script
AnswerB

Correct: minute 0, hour 3, any day of month, any month, Monday (1).

Why this answer

Option B is correct because the crontab format is 'minute hour day-of-month month day-of-week command'. To run at 3:00 AM Monday, the minute field is 0, the hour field is 3 (using 24-hour time), and the day-of-week field is 1 (Monday). The cron daemon does not care about UTC vs local time; it uses the system's configured timezone, so no special flag is needed.

Exam trap

The trap here is that candidates confuse the order of minute and hour fields (minute first, then hour) or mistakenly use 0 for Monday instead of 1, leading to selection of option A or D.

How to eliminate wrong answers

Option A is wrong because it specifies minute=3 and hour=0, which would run at 12:03 AM (00:03), not 3:00 AM. Option C is wrong because hour=15 corresponds to 3:00 PM, not 3:00 AM. Option D is wrong because day-of-week=0 represents Sunday, not Monday (in cron, 0 and 7 both mean Sunday).

503
MCQhard

A server has two disk drives: /dev/sda (SSD) and /dev/sdb (HDD). The administrator wants to place frequently accessed files on the SSD for performance. Which approach best achieves this using Linux filesystem features?

A.Create separate LVM logical volumes on each disk and mount them at different mount points.
B.Configure RAID 0 across both disks to combine speed.
C.Use symbolic links to redirect file access to the SSD.
D.Use a union mount to overlay the SSD on top of the HDD.
AnswerA

LVM allows flexible allocation of storage from different physical volumes.

Why this answer

Option A is correct because LVM allows the administrator to create separate logical volumes on each physical disk (/dev/sda and /dev/sdb) and mount them at distinct mount points. By placing frequently accessed files on the SSD logical volume and less critical data on the HDD logical volume, the administrator can directly control which files benefit from the SSD's faster performance without mixing data or requiring complex overlays.

Exam trap

The trap here is that candidates may confuse RAID 0's speed benefits with the goal of isolating hot data, failing to recognize that RAID 0 mixes all data across both disks, preventing the administrator from selectively placing frequently accessed files on the faster SSD.

How to eliminate wrong answers

Option B is wrong because RAID 0 stripes data across both disks, combining their storage capacity and speed but also mixing frequently and infrequently accessed data on both the SSD and HDD, which negates the goal of isolating hot data on the faster SSD. Option C is wrong because symbolic links redirect file access at the filesystem level but do not provide a mechanism to automatically or efficiently place frequently accessed files on the SSD; they require manual management and do not leverage any filesystem feature for performance tiering. Option D is wrong because a union mount overlays one filesystem on top of another, but it does not intelligently direct frequently accessed files to the SSD; it simply merges directories, and writes typically go to the top layer, which could be the HDD, defeating the purpose.

504
MCQmedium

You are a systems administrator for a medium-sized company that runs a web server on a Linux host. The server has two physical disks: /dev/sda (250 GB) and /dev/sdb (500 GB). The root filesystem is on /dev/sda2, and /var is on /dev/sda3 (50 GB). The web application stores user-uploaded files in /var/www/uploads, which is part of the /var filesystem. Recently, /var has been running out of space because uploads have grown to 40 GB. You have added /dev/sdb1 (500 GB) and created an ext4 filesystem on it. You need to make the space available for uploads without disrupting the current file paths. The server must remain online during the process. Which of the following actions should you take?

A.Convert /var to use LVM by backing up, reformatting, and restoring data.
B.Create a symbolic link from /var/www/uploads to /dev/sdb1.
C.Move /var/www/uploads to /mnt/uploads and create a symbolic link from /var/www/uploads to /mnt/uploads.
D.Mount /dev/sdb1 on /mnt, copy /var/www/uploads to /mnt/uploads, then mount --bind /mnt/uploads /var/www/uploads.
AnswerD

This moves the data to the new disk and uses a bind mount to keep the original path, preserving application access without downtime.

Why this answer

Option D is correct because using a bind mount allows you to mount the new 500 GB filesystem at /mnt/uploads and then bind it to /var/www/uploads, preserving the existing file paths without moving or renaming anything. This operation can be performed online without unmounting /var or disrupting the web server, as bind mounts are a feature of the Linux kernel that make a mounted filesystem accessible at another directory.

Exam trap

The trap here is that candidates often confuse symbolic links with bind mounts, assuming a symlink to a device or mount point will work, when in fact only a bind mount can transparently redirect directory access to a different filesystem without breaking paths or requiring manual mounting.

How to eliminate wrong answers

Option A is wrong because converting /var to LVM requires backing up, reformatting, and restoring data, which would cause significant downtime and is unnecessary when a simpler bind mount solution exists. Option B is wrong because a symbolic link cannot point to a block device like /dev/sdb1; symbolic links point to file paths, not device nodes, and even if you created a symlink to a mount point, it would not automatically mount the filesystem. Option C is wrong because moving /var/www/uploads to /mnt/uploads and creating a symbolic link would break the current file paths for the web application until the symlink is created, and the move operation itself could disrupt running services if files are in use; additionally, the symlink would not persist across reboots without proper fstab entries.

505
MCQeasy

Which command displays the system's architecture (e.g., x86_64)?

A.lscpu
B.All of the above
C.arch
D.uname -m
AnswerB

All three commands can display the system architecture.

Why this answer

Option B ('All of the above') is correct because each of the listed commands—lscpu, arch, and uname -m—can display the system's architecture (e.g., x86_64). lscpu parses /proc/cpuinfo to show architecture details, arch prints the machine hardware name directly, and uname -m outputs the kernel's machine hardware name, all of which report the same architecture identifier on a given system.

Exam trap

The trap here is that candidates often assume only one command can display architecture, overlooking that multiple commands (lscpu, arch, uname -m) all serve this purpose, making 'All of the above' the correct answer when it is listed.

How to eliminate wrong answers

Option A is wrong because lscpu is a valid command that displays architecture information, but it is not the only one; the question asks which command displays the architecture, and since multiple commands do, 'All of the above' is the correct choice. Option C is wrong because arch is a valid command that outputs the architecture, but again it is not the only one, making 'All of the above' the comprehensive answer. Option D is wrong because uname -m is a valid command that shows the machine hardware name (architecture), but it is not the only command that does so, so the correct answer is the inclusive option.

506
MCQmedium

A data center server with two NICs (eth0 and eth1) is configured for network bonding in mode 1 (active-backup). The admin notices that after a cable pull on eth0, the bond interface fails over to eth1 as expected. However, when the cable is reconnected to eth0, the bond remains on eth1 indefinitely. The admin checks /proc/net/bonding/bond0 and sees that eth0 is marked as 'up' but not as 'active'. Which parameter is most likely missing from the bond configuration? Options: A) 'miimon=100' to enable link monitoring, B) 'downdelay=0', C) 'updelay=0', D) 'primary=eth0' to prefer eth0 as the active slave.

A.updelay=0
B.downdelay=0
C.miimon=100
D.primary=eth0
AnswerD

Designates eth0 as preferred; the bond will switch back when it becomes available.

Why this answer

Option D is correct because without a primary setting, the bond does not automatically switch back to the preferred slave when it recovers. Active-backup mode does not preempt by default. Option A (miimon) is already working as failover occurred.

Options B and C adjust delay but do not cause failback. So D is needed to force failback to eth0.

507
MCQeasy

Refer to the exhibit. How much unpartitioned space is available on /dev/sda?

A.256G
B.5.5G
C.6G
D.150G
AnswerB

256G - (0.5G + 100G + 150G) = 5.5G.

Why this answer

The correct answer is B because the output of `fdisk -l /dev/sda` shows the total disk size as 256 GB, with partitions sda1 (50G), sda2 (100G), and sda3 (100G) summing to 250 GB. The unpartitioned space is the difference: 256 GB - 250 GB = 6 GB, but the question asks for 'unpartitioned space available,' which excludes the extended partition's metadata overhead (typically ~0.5 GB for the EBR), leaving approximately 5.5 GB of usable unpartitioned space.

Exam trap

The trap here is that candidates naively subtract the sum of partition sizes from the total disk size (256 - 250 = 6) and pick 6G, forgetting that extended partition metadata (EBR) consumes a small but real amount of space, making the available unpartitioned space slightly less than the raw difference.

How to eliminate wrong answers

Option A is wrong because 256G is the total disk size, not the unpartitioned space; it ignores that partitions already occupy 250 GB. Option C is wrong because 6G is the raw difference between total size and partition sum (256 - 250 = 6), but it fails to account for the extended partition's metadata overhead (e.g., extended boot record), which reduces usable unpartitioned space to about 5.5 GB. Option D is wrong because 150G is the size of a single partition (sda3), not the unpartitioned space; it likely confuses a partition's size with free space.

508
MCQmedium

A system administrator wants to ensure a service named 'app.service' starts automatically on boot in a systemd-based system. Which command should be used?

A.systemctl start app.service
B.systemctl enable app.service
C.chkconfig app.service on
D.update-rc.d app.service enable
AnswerB

Enables the service to start at boot.

Why this answer

Option A is correct because 'systemctl enable' creates the necessary symlinks for automatic start. Option B and C are for SysV init, and D only starts the service immediately.

509
MCQeasy

Refer to the exhibit. What is the current default target?

A.emergency.target
B.multi-user.target
C.rescue.target
D.graphical.target
AnswerB

Both the command output and the symlink indicate multi-user.target.

Why this answer

The systemctl get-default command explicitly shows multi-user.target, and the symlink confirms it points to the multi-user.target unit file.

510
MCQmedium

A system administrator notices that the system boots to the graphical interface but wants to change it to boot to a non-graphical multi-user target. Which command will make this change persistent?

A.systemctl set-default multi-user.target
B.systemctl isolate multi-user.target
C.systemctl enable multi-user.target
D.systemctl start multi-user.target
AnswerA

Sets the default target persistently.

Why this answer

Correct: A. The 'systemctl set-default multi-user.target' command sets the default target to multi-user, which is persistent across reboots. Option B (isolate) changes the current target but not the default; C (enable) is used for services, not targets; D (start) starts a target but does not set default.

511
MCQeasy

An administrator wants to change the ownership of a file to user 'jane' and group 'staff'. Which command should be used?

A.chown jane.staff file
B.chgrp jane staff file
C.chown jane:staff file
D.chown jane staff file
AnswerC

Correct syntax: user:group.

Why this answer

Option C is correct because the `chown` command with the syntax `chown user:group file` changes both the user and group ownership of a file in a single command. This is the standard POSIX syntax, where a colon separates the user and group names, allowing the administrator to set ownership to user 'jane' and group 'staff' atomically.

Exam trap

The trap here is that candidates often confuse the colon (:) with a period (.) as the separator, or incorrectly assume that `chown` can accept two separate arguments for user and group, leading them to choose option A or D instead of the correct colon syntax.

How to eliminate wrong answers

Option A is wrong because `chown jane.staff file` uses a period (dot) as a separator, which is an obsolete and non-portable syntax; modern systems interpret the dot as part of the username, not as a user:group delimiter, and may fail or produce unexpected results. Option B is wrong because `chgrp jane staff file` is invalid syntax—`chgrp` changes only the group, and its correct usage is `chgrp group file`; passing two arguments (jane and staff) before the file name is incorrect and will cause a command error. Option D is wrong because `chown jane staff file` treats 'staff' as a second file argument, not as a group; `chown` expects either a user alone or a user:group pair, so this will attempt to change ownership to user 'jane' on two files ('staff' and 'file'), which is not the intended operation.

512
MCQeasy

A system administrator needs to locate the largest directories under /var to free up disk space. Which command is most appropriate?

A.df -h /var
B.find /var -size +100M
C.ls -lS /var
D.du -sk /var/* | sort -rn
AnswerD

du reports disk usage per directory; sort -rn sorts numerically descending.

Why this answer

Option D is correct because `du -sk /var/* | sort -rn` calculates the disk usage in kilobytes for each top-level item under /var, then sorts them numerically in reverse order, showing the largest directories first. This directly addresses the need to locate the largest directories to free up space, as `du` reports actual disk usage (including subdirectories) rather than file sizes.

Exam trap

The trap here is that candidates often confuse `df` (filesystem-level usage) with `du` (directory-level usage), or mistakenly think `ls -lS` can show directory sizes, when in fact `ls` only shows the size of the directory entry itself (typically 4 KB), not its contents.

How to eliminate wrong answers

Option A is wrong because `df -h /var` shows the total disk usage and free space on the filesystem mounted at /var, not the sizes of individual directories or files within it. Option B is wrong because `find /var -size +100M` finds files larger than 100 MB, not directories, and does not aggregate sizes of directory contents. Option C is wrong because `ls -lS /var` lists the immediate contents of /var sorted by file size, but it does not recurse into subdirectories and cannot show the total size of directories, which is needed to identify large directories.

513
Drag & Dropmedium

Order the steps to create and apply a file system permission using ACLs.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

ACLs require the filesystem to be mounted with the acl option, then setfacl applies rules, and getfacl verifies them.

514
MCQmedium

A company is deploying a new web application and needs to ensure high availability. They have two web servers and want to use DNS round-robin. Which DNS record type is most appropriate?

A.MX
B.PTR
C.CNAME
D.A
AnswerD

Multiple A records enable DNS round-robin.

Why this answer

Option A is correct because multiple A records for the same hostname will rotate answers in round-robin fashion. Option B is wrong because CNAME is an alias, not for multiple IPs. Option C is wrong because MX is for mail exchange.

Option D is wrong because PTR is for reverse DNS.

515
MCQeasy

Which shell loop is most appropriate for iterating over all files in a directory, performing an action only on regular files, while safely handling filenames with spaces?

A.for file in "`ls`"; do ...
B.for file in `ls`; do if [ -f $file ]; then ... ; done
C.for file in $(ls); do if [ -f "$file" ]; then ... ; done
D.for file in *; do if [ -f "$file" ]; then ... ; done
AnswerD

Correctly handles spaces and regular files.

Why this answer

Option A is correct: using 'for file in *' with quoting and [ -f ] handles spaces and ensures only regular files. Options B and C use command substitution which splits on whitespace. Option D treats all names as one string.

516
MCQeasy

Refer to the exhibit. When will the cron job execute?

A.Every minute of every hour, but only weekdays.
B.Every day at midnight.
C.Every minute.
D.Every hour.
AnswerC

Five asterisks mean every minute of every hour of every day.

Why this answer

The cron job entry `* * * * *` specifies five fields (minute, hour, day of month, month, day of week), each set to `*`, meaning 'every'. This results in the job executing every minute of every hour, every day of the month, every month, and every day of the week — i.e., every minute without restriction.

Exam trap

The trap here is that candidates often misinterpret `* * * * *` as 'every hour' or 'every day at midnight' because they focus on the asterisks without understanding that each field must be evaluated independently — every asterisk means 'every possible value' for that field, leading to execution every minute.

How to eliminate wrong answers

Option A is wrong because 'every minute of every hour, but only weekdays' would require the day-of-week field to be set to 1-5 (or MON-FRI), not `*`. Option B is wrong because 'every day at midnight' would require the minute and hour fields to be `0 0`, not `* *`. Option D is wrong because 'every hour' would require the minute field to be a specific value (e.g., `0`) and the hour field to be `*`, but here both minute and hour are `*`, which means every minute, not just every hour.

517
MCQeasy

Which command adds a new group named 'developers' to the system?

A.addgroup developers
B.groupadd developers
C.newgroup developers
D.groupadd -r developers
AnswerB

Correct: standard command to add a group.

Why this answer

The correct command to add a new group on a Linux system is `groupadd developers`. This command creates a new group entry in the system's group database (typically /etc/group). The `groupadd` utility is the standard tool for this task in Linux, and it is part of the shadow-utils package.

Exam trap

The trap here is that candidates may confuse `groupadd` with distribution-specific wrappers like `addgroup` (Debian/Ubuntu) or think that `newgroup` is a valid command, or they may overlook the significance of the `-r` flag which creates a system group instead of a regular group.

How to eliminate wrong answers

Option A is wrong because `addgroup` is not a standard Linux command; it is a Debian/Ubuntu-specific wrapper that may not exist on all distributions, and the standard command is `groupadd`. Option C is wrong because `newgroup` is not a valid Linux command; the correct command is `groupadd`. Option D is wrong because `groupadd -r developers` creates a system group (with a GID in the system range, typically below 1000), not a regular group named 'developers' as required by the question.

518
MCQhard

A system reports 'No space left on device' but 'df -h' shows only 60% usage. Which command would help identify the cause?

A.stat /
B.lsof +L1
C.du -sh /
D.df -i
AnswerB

lsof +L1 lists files with link count 0 but still open; these occupy space.

Why this answer

The 'No space left on device' error can occur even when 'df -h' shows available space if the filesystem has exhausted its inodes (metadata structures that store file information). However, the question states 'df -h' shows only 60% usage, implying space is not the issue, but inodes could be. The command 'lsof +L1' lists all open files with a link count of zero (i.e., deleted but still held open by a process), which consume inodes and can fill the filesystem's inode table without using disk space.

This is the most direct way to identify processes holding deleted files that prevent inode reuse.

Exam trap

The trap here is that candidates assume 'No space left on device' always means disk space is full, but LPIC-1 tests the distinction between disk space exhaustion and inode exhaustion, where 'df -i' shows inode usage and 'lsof +L1' identifies the specific processes holding deleted files.

How to eliminate wrong answers

Option A is wrong because 'stat /' displays metadata about the root filesystem (like inode count, block size, and timestamps) but does not show which processes are holding deleted files or provide insight into inode exhaustion. Option C is wrong because 'du -sh /' calculates disk space usage of the root directory, which would show normal usage (matching 'df -h' 60%) and cannot detect inode exhaustion or deleted-but-open files. Option D is wrong because 'df -i' shows inode usage statistics (used vs free inodes) and could confirm inode exhaustion, but it does not identify the specific processes or files causing the issue; 'lsof +L1' is needed to pinpoint the culprit.

519
MCQhard

A system administrator is troubleshooting a server where the /var partition is full, causing services to fail. The administrator deletes old log files in /var/log, but the available space does not increase. Which step should be taken next?

A.Run 'sync; echo 3 > /proc/sys/vm/drop_caches' to clear cache.
B.Remount the /var partition with the 'noatime' option.
C.Use 'lsof /var/log' to find processes holding deleted file handles, then restart those processes.
D.Run 'df -i' to check inode usage.
AnswerC

Deleted files remain until all file handles are closed; lsof identifies the processes.

Why this answer

When a file is deleted while a process still holds an open file descriptor to it, the file's data blocks are not freed until that process releases the handle. The `lsof /var/log` command identifies such processes, and restarting them forces the kernel to release the deleted inodes, thereby reclaiming the disk space. This is why option C is the correct next step.

Exam trap

The trap here is that candidates assume deleting files immediately frees space, but they overlook that processes can keep deleted files open, and they confuse memory caches (cleared by drop_caches) with disk space.

How to eliminate wrong answers

Option A is wrong because writing to `/proc/sys/vm/drop_caches` clears kernel page cache, dentries, and inode caches, which frees memory but does not affect disk space; the /var partition remains full. Option B is wrong because remounting with `noatime` prevents future access time updates, which can reduce write overhead but does not recover already consumed disk space. Option D is wrong because `df -i` checks inode usage (the number of files/directories), not block usage; the problem is the partition is full due to block exhaustion, not inode exhaustion.

520
MCQmedium

An administrator needs to extend a logical volume by 10GB. The volume group has available physical extents. Which command should be used?

A.lvcreate -L 10G /dev/vg/lv
B.vgextend /dev/vg/lv -L +10G
C.lvextend -L +10G /dev/vg/lv
D.lvresize -L 10G /dev/vg/lv
AnswerC

Correct: extends the LV by 10GB.

Why this answer

Option C is correct because the `lvextend` command with the `-L +10G` flag increases the size of the existing logical volume `/dev/vg/lv` by exactly 10 GB, using available physical extents from the volume group. This is the standard LVM command for extending a logical volume without recreating it.

Exam trap

The trap here is that candidates confuse `lvcreate` with `lvextend` or forget the `+` sign in `lvresize`, leading them to choose an option that either creates a new volume or sets an absolute size instead of incrementing it.

How to eliminate wrong answers

Option A is wrong because `lvcreate` creates a new logical volume, not extends an existing one; using it would attempt to create a separate 10 GB LV, not modify the target LV. Option B is wrong because `vgextend` is used to add a physical volume to a volume group, not to extend a logical volume; the syntax and purpose are entirely mismatched. Option D is wrong because `lvresize -L 10G` sets the absolute size of the logical volume to exactly 10 GB, which would shrink it if it were larger than 10 GB, rather than adding 10 GB; the `+` sign is required for an extension operation.

521
MCQmedium

An administrator notices that a large file on an ext4 filesystem is taking up more disk space than expected based on its size. Which command would show the actual disk usage (block allocation) of the file?

A.ls -l
B.df -h
C.du -h
D.stat
AnswerC

du -h displays disk usage in human-readable format for files and directories.

Why this answer

Option C (du -h) is correct because du (disk usage) reports the actual disk space consumed by a file, including allocated blocks, which can be larger than the file's logical size due to block size overhead, fragmentation, or sparse file handling. On ext4, the default block size is 4096 bytes, so a 1-byte file occupies 4096 bytes on disk, and du reflects this allocation.

Exam trap

The trap here is that candidates confuse logical file size (shown by ls -l) with actual disk block allocation, assuming they are identical, and overlook that du accounts for filesystem overhead like block size rounding and sparse file handling.

How to eliminate wrong answers

Option A (ls -l) is wrong because it shows the logical file size (st_size), not the actual disk blocks allocated; it does not account for block size overhead or sparse file holes. Option B (df -h) is wrong because it reports filesystem-wide free and used space, not per-file disk usage. Option D (stat) is wrong because while it displays the file's size and blocks allocated (in 512-byte units), it does not directly show human-readable disk usage like du does; stat is more for inode metadata, not a quick usage summary.

522
MCQhard

A database server on a Linux system is configured to listen on TCP port 3306. The administrator wants to restrict access to the database server to only the local network (192.168.1.0/24) using iptables. Which of the following iptables rules achieves this?

A.iptables -A INPUT -p tcp --dport 3306 -d 192.168.1.0/24 -j DROP
B.iptables -A OUTPUT -p tcp --dport 3306 -d 192.168.1.0/24 -j ACCEPT
C.iptables -A INPUT -p tcp --dport 3306 -s 192.168.1.0/24 -j ACCEPT
D.iptables -A OUTPUT -p tcp --sport 3306 -s 192.168.1.0/24 -j ACCEPT
AnswerC

Correct rule to allow incoming MySQL from local subnet.

Why this answer

Option C is correct because it adds an INPUT chain rule that accepts TCP traffic destined for port 3306 only when the source address is within the 192.168.1.0/24 subnet. This effectively restricts incoming database connections to the local network, while all other sources are implicitly dropped by the default INPUT policy or subsequent rules.

Exam trap

The trap here is confusing the -s (source) and -d (destination) flags, leading candidates to pick Option A which drops traffic to the local network instead of accepting traffic from it.

How to eliminate wrong answers

Option A is wrong because it uses the -d (destination) flag instead of -s (source), and then jumps to DROP, which would block traffic destined for the 192.168.1.0/24 network (i.e., traffic going out to that subnet) rather than restricting incoming connections from it. Option B is wrong because it applies to the OUTPUT chain, which controls outgoing traffic; restricting access to an incoming database server requires an INPUT chain rule, not OUTPUT. Option D is wrong because it uses the OUTPUT chain with --sport 3306 (source port) and -s (source address), which would match outgoing packets originating from port 3306 with a source address in 192.168.1.0/24 — this is irrelevant for controlling incoming connections to the database server.

Page 6

Page 7 of 7

All pages