Red Hat Certified System Administrator EX200 (EX200) — Questions 226300

527 questions total · 8pages · All types, answers revealed

Page 3

Page 4 of 8

Page 5
226
MCQmedium

Refer to the exhibit. If the system administrator wants to create a new logical volume of size 2GB in the 'rhel' volume group, what is the first command that must be executed?

A.pvcreate /dev/sdb
B.pvcreate /dev/sdb1
C.lvcreate -L 2G -n lvdata rhel
D.vgextend rhel /dev/sdb
AnswerB

Initializes the partition as a physical volume.

Why this answer

Before a new logical volume can be created in the 'rhel' volume group, the physical volume must be prepared. The exhibit shows that /dev/sdb is not yet partitioned; the first step is to create a partition (e.g., /dev/sdb1) and then initialize it as a physical volume using `pvcreate /dev/sdb1`. Only after this can the volume group be extended and the logical volume created.

Exam trap

Red Hat often tests the misconception that you can directly extend a volume group with an uninitialized disk or create a logical volume without first ensuring the VG has free space, leading candidates to skip the essential `pvcreate` step.

How to eliminate wrong answers

Option A is wrong because `pvcreate /dev/sdb` would attempt to initialize the entire disk without a partition table, which is not the standard practice for adding a new disk to LVM; a partition (e.g., /dev/sdb1) is typically required first. Option C is wrong because `lvcreate -L 2G -n lvdata rhel` cannot succeed until the volume group has enough free physical extents, which requires first adding a physical volume and extending the VG. Option D is wrong because `vgextend rhel /dev/sdb` would fail if /dev/sdb is not yet a physical volume; the PV must be created before extending the VG.

227
MCQmedium

A volume group vg_data has no free extents. An admin adds a new disk /dev/sdc and wants to extend the logical volume lv_data (ext4 filesystem) by 5GB. Which sequence of commands is correct?

A.pvcreate /dev/sdc → vgextend vg_data /dev/sdc → lvextend -L+5G /dev/vg_data/lv_data
B.pvcreate /dev/sdc → vgextend vg_data /dev/sdc → lvextend -L+5G /dev/vg_data/lv_data → resize2fs /dev/vg_data/lv_data
C.lvextend -L+5G /dev/vg_data/lv_data → pvcreate /dev/sdc → vgextend vg_data /dev/sdc
D.fdisk /dev/sdc → mkfs.ext4 /dev/sdc1 → pvcreate /dev/sdc1 → vgextend vg_data /dev/sdc1 → lvextend -L+5G /dev/vg_data/lv_data
AnswerB

Correct sequence: add PV, extend VG, extend LV, resize ext4 filesystem.

Why this answer

Option B is correct because it follows the proper sequence: first create the physical volume with pvcreate, then extend the volume group with vgextend, then extend the logical volume with lvextend, and finally resize the ext4 filesystem with resize2fs. Since the filesystem is ext4, the resize2fs command is required after lvextend to make the additional space available to the filesystem.

Exam trap

The trap here is that candidates often forget the filesystem resize step for ext4, assuming lvextend alone is sufficient, or they incorrectly add unnecessary partitioning and filesystem creation steps, which wastes time and can cause errors in a real environment.

How to eliminate wrong answers

Option A is wrong because it omits the resize2fs step; after extending an ext4 logical volume, the filesystem must be resized to use the new space, otherwise the filesystem remains at its original size. Option C is wrong because it attempts to extend the logical volume before adding the physical volume and extending the volume group; the volume group has no free extents, so lvextend will fail immediately. Option D is wrong because it unnecessarily partitions the disk with fdisk and creates a filesystem with mkfs.ext4 on the partition before creating the physical volume; pvcreate expects a block device (partition or whole disk) without a filesystem, and the mkfs.ext4 step is redundant and incorrect for LVM.

228
MCQmedium

An admin is setting up a new RHEL 9 server. He has two disks: /dev/sda (500GB) and /dev/sdb (500GB). He wants to create a 300GB logical volume for application data, with the ability to take snapshots. He decides to use LVM thin provisioning. He creates a physical volume on /dev/sda, a volume group vg_data, and a thin pool with 300GB of data space and 10GB metadata. He then creates a thin volume lv_app of 300GB. Later, he wants to extend lv_app to 400GB as usage increases. He runs 'lvextend -L+100G /dev/vg_data/lv_app'. The command succeeds, but the application reports no additional space. What is the likely issue?

A.The thin pool has insufficient free space to accommodate the extension.
B.The thin volume must be unmounted to extend.
C.He should have used lvextend with the --resizefs option.
D.He forgot to resize the filesystem (e.g., xfs_growfs or resize2fs).
AnswerD

Extending the LV does not automatically resize the filesystem; a separate resize command is needed.

Why this answer

Option D is correct because when extending a thin volume, the underlying logical volume is extended, but the filesystem on top of it does not automatically grow. The admin must run a filesystem-specific command like xfs_growfs (for XFS) or resize2fs (for ext4) to make the additional space available to the application. Without this step, the filesystem remains at its original size, so the application sees no change.

Exam trap

The trap here is that candidates assume lvextend automatically resizes the filesystem, but in standard LVM (without the --resizefs flag, which does not exist), the filesystem must be resized separately, and this is a frequent point of confusion in the EX200 exam.

How to eliminate wrong answers

Option A is wrong because the thin pool was created with 300GB of data space, and the extension of lv_app by 100GB brings the total to 400GB, which exceeds the pool's data space; however, the lvextend command succeeded, indicating that the thin pool likely had enough free space (e.g., the pool may have been larger or the extension was allowed due to over-provisioning). Option B is wrong because LVM thin volumes can be extended while mounted; unmounting is not required for lvextend. Option C is wrong because --resizefs is not a valid option for lvextend; the correct approach is to use lvextend followed by a separate filesystem resize command.

229
MCQhard

A system administrator wants to find all files in /var that are larger than 100MB and have been modified within the last 7 days. The output should be a list of file paths with sizes in human-readable format, sorted by size descending. Which command pipeline accomplishes this?

A.find /var -type f -size +100M -mtime -7 -ls | sort -k7 -n
B.find /var -type f -size +100M -mtime -7 -exec ls -lh {} \; | sort -k5 -h
C.find /var -type f -size +100M -mtime -7 -exec du -h {} + | sort -rh
D.find /var -type f -size +100M -mtime -7 -printf '%s %p\n' | sort -n -r | head -20
AnswerC

du -h gives human-readable sizes, sort -rh sorts by size descending correctly.

Why this answer

Option C is correct because it uses `find` with `-size +100M` and `-mtime -7` to match files larger than 100MB modified within 7 days, then `-exec du -h {} +` aggregates sizes in human-readable format, and `sort -rh` sorts by the first field (size) in reverse human-numeric order, producing the required descending list.

Exam trap

Red Hat often tests the distinction between `-exec ls -lh` and `-exec du -h` for human-readable sizes, and the requirement for `sort -rh` (reverse human-numeric) versus `sort -n` (plain numeric) to correctly sort sizes with suffixes like 'M' or 'G'.

How to eliminate wrong answers

Option A is wrong because `-ls` outputs a detailed listing with size in the 7th column, but `sort -k7 -n` sorts numerically on that column, which does not handle human-readable suffixes (e.g., 'M', 'G') and would sort incorrectly. Option B is wrong because `-exec ls -lh {} \;` runs `ls` per file, but `sort -k5 -h` sorts by the 5th column (size), which works for human-readable sizes; however, `ls -lh` output includes multiple columns and the size column may vary in position (e.g., with symlinks or ACLs), and the pipeline lacks `-r` for descending order, so it would sort ascending, not descending. Option D is wrong because `-printf '%s %p\n'` prints size in bytes (not human-readable) and `sort -n -r` sorts numerically descending, but the output is not in human-readable format as required, and `head -20` limits output to 20 lines, which is not requested.

230
MCQmedium

A system administrator needs to replace all occurrences of 'enabled' with 'disabled' in /etc/ssh/sshd_config, but only on lines that do not start with '#'. Which sed command accomplishes this?

A.sed '/^#/!s/enabled/disabled/g' /etc/ssh/sshd_config
B.sed 's/enabled/disabled/g' /etc/ssh/sshd_config
C.sed -n '/^#/!s/enabled/disabled/gp' /etc/ssh/sshd_config
D.sed '/^#/s/enabled/disabled/g' /etc/ssh/sshd_config
AnswerA

Correctly skips comment lines and replaces all occurrences on non-comment lines.

Why this answer

Option A is correct because it uses an address range `/^#/!` to negate lines starting with `#` (comments), then applies the substitution `s/enabled/disabled/g` only to non-comment lines. The `!` operator inverts the match, so the command acts on lines that do NOT match the pattern, which is exactly what the requirement specifies.

Exam trap

The trap here is that candidates may confuse the `!` negation operator with the `-n` suppress-print option, or mistakenly apply the substitution to commented lines instead of non-commented lines, leading to incorrect configuration changes.

How to eliminate wrong answers

Option B is wrong because it applies the substitution to all lines, including commented lines, which violates the requirement to only change lines that do not start with `#`. Option C is wrong because the `-n` flag suppresses automatic printing, and `gp` prints only lines where a substitution occurred; this would output only changed lines, not the entire file, so it does not produce the full modified configuration. Option D is wrong because the address `/^#/` selects only lines that start with `#` (comments), so the substitution is applied to comments instead of non-comment lines, which is the opposite of what is needed.

231
Multi-Selectmedium

Refer to the exhibit. A developer created this Containerfile to build a custom web server image. The build fails. Which TWO changes are necessary to make the Containerfile correct and allow the build to succeed?

Select 2 answers
A.Change the FROM line to use ubi9/ubi (Red Hat Universal Base Image 9)
B.Add a specific tag to the FROM line, e.g., ubi8/ubi:8.4
C.Add an EXPOSE 80 instruction before the CMD
D.Change yum to dnf in the RUN instruction
E.Add a second COPY instruction to copy the container configuration files
AnswersB, D

The FROM line should include a tag to pin the image version; otherwise, Podman defaults to 'latest' which may not exist or be unintended.

Why this answer

Option A is needed because the FROM line must specify a tag (e.g., ubi8/ubi:latest or a specific version) to avoid ambiguity. Option B is required because Red Hat Enterprise Linux 8 uses dnf instead of yum for package installation. Option C (EXPOSE 80) is not required to fix the build failure; it is documentation for port mapping.

Option D (changing FROM to ubi9) is not necessary; the issue is the missing tag, not the base image version. Option E (adding COPY) already exists; an additional COPY is not needed to fix the build.

232
MCQmedium

An administrator wants to optimize system performance for a database workload. Which tool should be used to select a performance profile?

A.performance-tune --profile database
B.setroubleshoot
C.tuned-adm profile throughput-performance
D.systemctl set-profile database
AnswerC

tuned-adm selects and applies a performance profile.

Why this answer

C is correct because `tuned-adm profile throughput-performance` selects a Tuned performance profile optimized for high throughput, which is suitable for database workloads that benefit from increased I/O and network performance. Tuned is the systemd-based dynamic system tuning daemon in RHEL that adjusts kernel parameters, disk schedulers, and other settings based on the selected profile.

Exam trap

The trap here is that candidates may confuse `tuned-adm` with non-existent commands like `performance-tune` or incorrectly assume `systemctl` can manage performance profiles, when in fact Tuned is a separate service controlled via `tuned-adm`.

How to eliminate wrong answers

Option A is wrong because `performance-tune` is not a valid command in RHEL; the correct tool for managing performance profiles is `tuned-adm`. Option B is wrong because `setroubleshoot` is a tool for diagnosing SELinux denials, not for selecting performance profiles. Option D is wrong because `systemctl set-profile` is not a valid systemctl command; systemctl manages systemd units and services, not performance tuning profiles.

233
MCQmedium

Refer to the exhibit. The web server fails to start. What is the most likely cause?

A.SELinux context is wrong and should be httpd_sys_content_t.
B.SELinux context is correct, but httpd is not enabled.
C.The index.html file is missing.
D.httpd is masked.
AnswerB

The service is disabled; enable with systemctl enable httpd.

Why this answer

Option A is correct. The SELinux context on index.html is correct (httpd_sys_content_t). However, the httpd service is disabled.

It needs to be enabled and started. Option B is wrong because the context is already correct. Option C is not evident.

Option D is not true; it is disabled but not masked.

234
Multi-Selecthard

An administrator wants to change the default systemd target to multi-user.target. Which three steps are part of a correct procedure? (Choose three.)

Select 3 answers
A.systemctl enable multi-user.target
B.systemctl start multi-user.target
C.systemctl isolate multi-user.target
D.ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
E.systemctl set-default multi-user.target
AnswersC, D, E

Changes the current target immediately (part of procedure).

Why this answer

Option C is correct because `systemctl isolate multi-user.target` immediately switches the current systemd target to multi-user.target, which is the correct way to change the active target at runtime without a reboot. This command stops all units not required by the new target and starts those that are, effectively changing the system's operational state.

Exam trap

The trap here is that candidates confuse `systemctl enable` (which controls whether a unit starts at boot) with `systemctl set-default` (which sets the default target for boot), and they may think `systemctl start` is sufficient to change the active target, not realizing that `isolate` is required to properly transition systemd to a different target.

235
MCQhard

A technician attempts to mount an XFS filesystem from /dev/sdc1 to /mnt/backup but receives: 'mount: /mnt/backup: mount point does not exist.' The directory /mnt/backup does exist. What is the most likely cause?

A.SELinux context of /mnt/backup prevents mounting.
B.The directory /mnt/backup is not empty.
C.The device /dev/sdc1 does not exist.
D.The filesystem on /dev/sdc1 is not XFS.
AnswerA

SELinux can block mount if context is wrong.

Why this answer

The error message 'mount: /mnt/backup: mount point does not exist' is misleading because the directory does exist. The most likely cause is that SELinux is blocking the mount due to a missing or incorrect context on the mount point. SELinux requires the mount point directory to have a specific context (e.g., `default_t` or a context matching the filesystem type) for the mount to succeed; if the context is wrong or missing, the kernel may treat the directory as nonexistent for the mount operation.

Exam trap

Red Hat often tests the misconception that a mount point must be empty, but the real trap here is that SELinux can cause a 'does not exist' error even when the directory is present, leading candidates to overlook SELinux as the root cause.

How to eliminate wrong answers

Option B is wrong because a non-empty directory can still be used as a mount point; the existing contents are simply hidden while the filesystem is mounted. Option C is wrong because if /dev/sdc1 did not exist, the error would be 'mount: /dev/sdc1: special device does not exist' or similar, not a mount point error. Option D is wrong because if the filesystem were not XFS, the mount command would fail with a 'wrong fs type' or 'superblock invalid' error, not a mount point error.

236
MCQmedium

A server running Red Hat Enterprise Linux 9 experiences high system load (load average 15 on a 4-core system) and slow response times. The administrator runs 'top' and sees that the 'kworker' processes are consuming significant CPU time. Further investigation reveals that the system is performing heavy I/O operations on the root filesystem, which is formatted as XFS. The administrator wants to reduce the impact of filesystem maintenance tasks on system performance. Which of the following actions should the administrator take?

A.Increase the value of the 'nr_requests' queue parameter for the underlying block device.
B.Mount the filesystem with the 'noatime' option to reduce metadata updates.
C.Schedule filesystem checks (fsck) to run during off-peak hours using a cron job.
D.Set the dirty ratio sysctl parameters (vm.dirty_ratio and vm.dirty_background_ratio) to lower values.
AnswerD

Lower values trigger more frequent writebacks, smoothing I/O load.

Why this answer

Option B is correct. Lowering vm.dirty_background_ratio and vm.dirty_ratio causes the kernel to begin writing dirty pages sooner and more frequently, preventing large bursts of I/O that can cause high load and slow responses. Option A (noatime) reduces metadata updates but is not the primary cause.

Option C (increasing nr_requests) can improve I/O queue depth but may increase memory pressure and does not directly reduce kworker CPU usage. Option D (scheduling fsck) is unrelated to the current issue.

237
MCQmedium

A system administrator needs to create a file system on /dev/sdb1 with a size of 10 GB and mount it persistently at /data. The file system should support extended attributes and be suitable for large files. Which command sequence achieves this?

A.mkfs.xfs /dev/sda1 && mkdir /data && echo '/dev/sda1 /data xfs defaults 0 0' >> /etc/fstab
B.mkfs.xfs /dev/sdb1 && mkdir /data && mount /dev/sdb1 /data && echo '/dev/sdb1 /data xfs defaults 0 0' >> /etc/fstab
C.mkfs.ext4 /dev/sdb1 && mkdir /data && mount /dev/sdb1 /data && echo '/dev/sdb1 /data ext4 defaults 0 0' >> /etc/fstab
D.mkswap /dev/sdb1 && mkdir /data && swapon /dev/sdb1 && echo '/dev/sdb1 /data swap defaults 0 0' >> /etc/fstab
AnswerB

Correct sequence: creates XFS, mounts, and adds persistent mount.

Why this answer

Option B is correct because it uses mkfs.xfs to create an XFS file system on /dev/sdb1, which supports extended attributes and is optimized for large files. It then creates the mount point /data, mounts the file system, and adds an entry to /etc/fstab for persistent mounting with the correct device, mount point, and file system type.

Exam trap

Red Hat often tests the requirement to mount the file system immediately after creation, not just add it to fstab, and the specific file system type (XFS vs. ext4) based on suitability for large files and extended attributes.

How to eliminate wrong answers

Option A is wrong because it uses /dev/sda1 instead of /dev/sdb1, and it does not mount the file system before adding the fstab entry, which means the mount point will not be active until a reboot. Option C is wrong because it uses mkfs.ext4 to create an ext4 file system; while ext4 supports extended attributes, it is not as suitable for very large files as XFS, and the question specifies a file system suitable for large files. Option D is wrong because mkswap creates a swap area, not a file system, and the fstab entry uses 'swap' as the file system type, which is incorrect for mounting a data directory.

238
MCQeasy

A developer wants to create a script that accepts a directory path as an argument and creates a timestamped backup of that directory. If no argument is provided, it should back up the current directory. How should the script handle the argument?

A.dir=${1:-.}
B.dir=${@:-.}
C.dir=${0:-.}
D.dir=${?:-.}
AnswerA

D is correct. ${1:-.} uses $1 if set, otherwise '.'.

Why this answer

Option A is correct because `${1:-.}` uses the default value substitution syntax in bash: if parameter `$1` (the first positional argument) is unset or null, it expands to `.` (the current directory). This ensures the script backs up the supplied directory path or defaults to the current directory when no argument is provided, exactly matching the requirement.

Exam trap

Red Hat often tests the distinction between positional parameters (`$1`, `$2`, etc.) and special variables (`$@`, `$0`, `$?`), and the trap here is that candidates confuse `$1` with `$0` (the script name) or incorrectly assume `$@` works as a single default value, leading to option B or C.

How to eliminate wrong answers

Option B is wrong because `${@:-.}` expands to all positional arguments (`$@`) or `.` if none are provided, but `$@` is a list, not a single directory path, and using it in a backup command would break the script. Option C is wrong because `${0:-.}` refers to the script's own name (the zeroth argument), not the first argument passed by the user, so it would always expand to the script name instead of the intended directory. Option D is wrong because `${?:-.}` is not valid bash syntax; `$?` holds the exit status of the last command, and the `:-` substitution does not apply meaningfully here, causing a syntax error or unintended behavior.

239
MCQeasy

An administrator wants to mount an existing ext4 filesystem from /dev/sdb1 to /mnt/data at boot time. What entry should be added to /etc/fstab?

A./dev/sdb1 /mnt/data xfs defaults 0 0
B.LABEL=data ext4 defaults 0 0
C./dev/sdb1 /data ext4 defaults 0 0
D./dev/sdb1 /mnt/data ext4 defaults 0 0
AnswerD

This is a valid fstab entry with device, mount point, filesystem type, and default options.

Why this answer

Option D is correct because it specifies the correct device (/dev/sdb1), the correct mount point (/mnt/data), the correct filesystem type (ext4), and the correct mount options (defaults) for an ext4 filesystem to be mounted at boot. The /etc/fstab entry must include all six fields in order: device, mount point, filesystem type, options, dump, and pass.

Exam trap

The trap here is that candidates may confuse the filesystem type (ext4 vs xfs) or misremember the required mount point path (/mnt/data vs /data), leading them to select an option that looks correct but has a subtle mismatch.

How to eliminate wrong answers

Option A is wrong because it specifies xfs as the filesystem type, but the question explicitly states the filesystem is ext4. Option B is wrong because it omits the mount point and the device identifier (it uses LABEL=data but does not include a mount point or the required six-field structure). Option C is wrong because it specifies /data as the mount point, but the question requires the mount point to be /mnt/data.

240
MCQhard

A system administrator needs to ensure that a user named 'bob' can access a shared directory '/data' owned by group 'developers'. The directory has permissions 2775 and is owned by root:developers. Bob is a member of the 'developers' group. However, when Bob tries to create a file in '/data', it fails with 'Permission denied'. What is the most likely cause?

A.The directory has incorrect SELinux context
B.Bob's umask is set to 0077
C.The setgid bit is not set
D.Bob's primary group is not developers
AnswerA

SELinux contexts can prevent access even when standard permissions allow it. The default context for /data might be different, causing denial.

Why this answer

The directory '/data' has permissions 2775, which grants read, write, and execute to the group 'developers'. Bob is a member of 'developers', so standard Unix permissions should allow him to create files. However, the failure with 'Permission denied' despite correct group membership and permissions strongly indicates that SELinux is enforcing a policy that denies Bob write access.

The most likely cause is that the directory lacks the correct SELinux context (e.g., `default_t` instead of a type like `public_content_rw_t` or a context that allows write operations).

Exam trap

Red Hat often tests the misconception that group membership alone guarantees access, ignoring that SELinux can block operations even when Unix permissions are correct; the trap here is that candidates focus on umask or primary group instead of recognizing SELinux as the likely cause when permissions and group membership appear correct.

How to eliminate wrong answers

Option B is wrong because umask affects the default permissions of newly created files, not the ability to create them; a umask of 0077 would not cause a 'Permission denied' error when creating a file if the directory permissions allow write access. Option C is wrong because the setgid bit (2775) is already set (the '2' in the permissions), so it is not missing; the setgid bit ensures new files inherit the group, but its absence would not cause a 'Permission denied' error. Option D is wrong because Bob's primary group does not need to be 'developers'; as a member of the 'developers' group, he has group-level access to the directory regardless of his primary group.

241
MCQeasy

A technician needs to configure a network interface to use a static IP address permanently. Which command should be used in RHEL 9?

A.ip
B.vi /etc/sysconfig/network-scripts/ifcfg-eth0
C.nmcli
D.ifconfig
AnswerC

nmcli is the correct tool for permanent network configuration via NetworkManager.

Why this answer

Option C is correct because `nmcli` is the primary command-line tool for managing NetworkManager in RHEL 9, and it allows you to configure a static IP address persistently. Using `nmcli con mod` followed by the connection name and IP settings ensures the configuration survives reboots, as NetworkManager stores the settings in its own configuration files.

Exam trap

The trap here is that candidates familiar with older RHEL versions (e.g., RHEL 7 or 8) may still expect the legacy `ifcfg-*` files to work, but RHEL 9 has fully transitioned to NetworkManager keyfiles, making `nmcli` the correct persistent tool.

How to eliminate wrong answers

Option A is wrong because `ip` is a low-level tool for viewing and temporarily changing network parameters (e.g., IP addresses, routes) at runtime; it does not write persistent configuration to any file, so changes are lost after a reboot. Option B is wrong because RHEL 9 no longer uses the legacy `ifcfg-*` files in `/etc/sysconfig/network-scripts/` by default; NetworkManager ignores these files unless explicitly configured, and the correct persistent method is via `nmcli` or `nmtui`. Option D is wrong because `ifconfig` is deprecated and not installed by default in RHEL 9; it only makes temporary changes and does not support persistent configuration.

242
Multi-Selectmedium

An administrator needs to configure a static IP address on an interface that will persist across reboots using NetworkManager. Which TWO commands or files can be used to achieve this?

Select 2 answers
A.systemctl restart network
B.nmcli con up eth0
C.nmcli con mod eth0 ipv4.addresses 192.168.1.10/24
D.Edit /etc/sysconfig/network-scripts/ifcfg-eth0
E.ip addr add 192.168.1.10/24 dev eth0
AnswersC, D

Modifies the connection configuration, which is saved and persists.

Why this answer

Option C is correct because the `nmcli con mod` command modifies the NetworkManager connection profile for the interface, setting a static IPv4 address that is stored persistently in the connection configuration. Option D is correct because editing the `/etc/sysconfig/network-scripts/ifcfg-eth0` file directly defines the static IP address in the ifcfg format, which NetworkManager reads on boot to apply persistent settings.

Exam trap

The trap here is that candidates confuse runtime commands like `ip addr add` (which are temporary) with persistent configuration methods, or they mistakenly think restarting the network service (systemctl restart network) will save the IP address, when in fact it only reloads existing configurations without making changes permanent.

243
MCQeasy

An administrator runs 'df -h' and sees the output above. The /data partition is nearly full. Which command will help identify the largest files in /data?

A.du -sch /data/*
B.du -sh /data
C.du -h --max-depth=1 /data
D.du -sh /data/*
AnswerD

Shows size of each top-level item in /data.

Why this answer

Option D is correct because 'du -sh /data/*' calculates the total disk usage of each top-level item (files and directories) within /data, showing human-readable sizes. The asterisk expands to all immediate children, allowing the administrator to identify which specific files or directories consume the most space, which is exactly what is needed when /data is nearly full.

Exam trap

The trap here is that candidates often confuse 'du -sh /data' (which shows only the total) with 'du -sh /data/*' (which shows per-item sizes), or they pick 'du -h --max-depth=1 /data' thinking it shows files, when in fact it only shows directory totals at depth 1, missing top-level files.

How to eliminate wrong answers

Option A is wrong because 'du -sch /data/*' includes the '-c' flag, which adds a grand total line at the end; while it shows individual sizes, the total is unnecessary and can clutter output, but more critically it does not limit depth and could descend into subdirectories if not combined with --max-depth. Option B is wrong because 'du -sh /data' shows only the total size of the entire /data directory, not the sizes of individual files or subdirectories inside it, so it cannot identify the largest files. Option C is wrong because 'du -h --max-depth=1 /data' shows the total size of each immediate subdirectory but does not include the sizes of files directly in /data (only directories), so it would miss large files at the top level.

244
Multi-Selecthard

Which THREE of the following are valid and recommended practices when writing shell scripts for RHEL?

Select 3 answers
A.Using 'local' keyword for variable declarations inside functions.
B.Always quoting variable expansions with double quotes.
C.Using [[ $var =~ regex ]] for pattern matching.
D.Using 'set -e' to exit on non-zero exit codes.
E.Using the 'source' command instead of '.' for readability.
AnswersA, B, C

Local variables prevent global namespace pollution.

Why this answer

Option A (using [[ with =~ for regex) is a bash-specific feature, but in RHEL bash is default, so it's valid and often recommended for readability. Option C (quoting variables) is a fundamental best practice to prevent word splitting. Option E (using local in functions) limits variable scope and avoids side effects.

Option B (source vs .) is a matter of preference; both work. Option D (set -e) can cause unexpected exits and is not always recommended.

245
MCQhard

Alice tries to run 'sudo less /var/log/messages' and gets 'Sorry, user alice is not allowed to execute /usr/bin/less /var/log/messages as root on this host.' Why?

A.The command path must exactly match, including arguments
B.The secure_path does not include /usr/bin
C.The sudoers allows only specific commands with specific arguments
D.The /var/log/messages file does not exist
AnswerC

The entry '/usr/bin/less /var/log/secure' restricts less to that file only.

Why this answer

Option B is correct: the sudoers entry allows only specific commands with specific arguments. The entry '/usr/bin/less /var/log/secure' allows less only with that exact argument. Option A is about path matching but the path is fine.

Option C is not the issue. Option D is incorrect because secure_path is not relevant.

246
MCQhard

A system administrator notices that a server is responding slowly. The administrator runs `top` and sees a process named `backup_script` consuming 95% CPU. The process runs as root and is supposed to run nightly backups. However, the system load average is low. The administrator wants to investigate without killing the process. Which of the following is the best course of action?

A.Use `renice -n 19 -p <PID>` to lower the priority of the process.
B.Use `nice -n 19 ./backup_script` to start the process with lower priority next time.
C.Use `chrt -i 0 <PID>` to set the scheduling policy to idle.
D.Use `kill -STOP <PID>` to pause the process and then resume later.
AnswerA

This reduces CPU impact while allowing the process to continue.

Why this answer

Option A is correct because `renice -n 19 -p <PID>` lowers the CPU scheduling priority of the running `backup_script` process to the lowest possible value (19), which reduces its CPU consumption without killing it. This allows the administrator to investigate the cause of the high CPU usage while minimizing the impact on other processes and system responsiveness.

Exam trap

Red Hat often tests the distinction between `nice` (for starting a new process) and `renice` (for adjusting an existing process), and candidates may confuse the two or think `nice` can be applied to a running process.

How to eliminate wrong answers

Option B is wrong because `nice` sets the priority of a new process, not an already running one; the administrator needs to adjust the priority of the currently running `backup_script`, not start a new instance. Option C is wrong because `chrt -i 0 <PID>` sets the scheduling policy to SCHED_IDLE, which is an idle scheduling class that only runs when no other process needs the CPU, but this is a more drastic change than needed and may not be appropriate for a backup script that should eventually complete; also, the `-i` option is for SCHED_IDLE, but the correct syntax for setting idle policy is `chrt -i 0 <PID>` (though `chrt` typically uses `-i` for idle, but the policy value 0 is for SCHED_OTHER, not idle — the trap is that `chrt -i` expects a priority argument, and 0 is not valid for idle). Option D is wrong because `kill -STOP` pauses the process, which would halt the backup entirely, preventing it from completing its work and potentially leaving data in an inconsistent state; the administrator wants to investigate without killing or stopping the process.

247
MCQhard

Which of the following is the correct way to persistently mount a filesystem using its UUID?

A.LABEL=1234 /mnt xfs defaults 0 0
B.UUID=1234 /mnt xfs defaults 0 0
C./dev/disk/by-uuid/1234 /mnt xfs defaults 0 0
D.PARTUUID=1234 /mnt xfs defaults 0 0
AnswerB

Valid fstab entry using UUID.

Why this answer

Option B is correct because the /etc/fstab entry uses the 'UUID=' prefix followed by the actual UUID value to persistently mount a filesystem. The kernel reads this line at boot time and resolves the UUID to the corresponding block device, ensuring the mount is consistent regardless of device name changes.

Exam trap

The trap here is that candidates confuse the 'UUID=' fstab syntax with the /dev/disk/by-uuid/ path, or mistakenly think 'LABEL=' or 'PARTUUID=' are interchangeable with UUID for filesystem identification.

How to eliminate wrong answers

Option A is wrong because it uses 'LABEL=' with a numeric string that looks like a UUID, but LABEL expects a filesystem label, not a UUID; the correct syntax for a label mount is 'LABEL=labelname'. Option C is wrong because it uses a device path under /dev/disk/by-uuid/ which is not a valid fstab format; fstab requires either 'UUID=' or 'LABEL=' for persistent identification, not a full path. Option D is wrong because 'PARTUUID=' refers to the partition table UUID (GPT partition unique identifier), not the filesystem UUID; while PARTUUID can be used for mounting, the question specifically asks for the filesystem UUID.

248
Multi-Selectmedium

Which THREE actions will create a new empty file named 'testfile' in the current directory? (Choose three.)

Select 3 answers
A.> testfile
B.ls > testfile
C.touch testfile
D.cp /dev/null testfile
E.echo "content" > testfile
AnswersA, C, D

Output redirection with no command creates an empty file.

Why this answer

Option A is correct because the shell redirection operator `>` without a preceding command truncates or creates the specified file. When used alone, `> testfile` opens 'testfile' for writing, which creates an empty file if it does not exist, or truncates it to zero length if it does. This is a standard POSIX shell feature.

Exam trap

The trap here is that candidates may think only `touch` creates an empty file, overlooking the shell redirection operator `>` used alone and the `cp /dev/null` technique, both of which are valid methods for creating or truncating files to empty.

249
MCQmedium

An administrator wants to ensure that any new user accounts created on the system have a default primary group matching the username. What change is needed?

A.Set GROUP to same name in /etc/default/useradd
B.Set USERGROUPS_ENAB to no; then create user with -g
C.Set USERGROUPS_ENAB to yes in /etc/login.defs
D.Set CREATE_HOME to yes in /etc/login.defs
AnswerC

Option A is correct: when USERGROUPS_ENAB=yes, useradd creates a group with the same name as the user and sets it as the primary group.

Why this answer

Option C is correct because setting USERGROUPS_ENAB to yes in /etc/login.defs instructs the useradd command to automatically create a private group with the same name as the new user and assign it as the user's primary group. This is the default behavior in Red Hat Enterprise Linux and ensures that each new user has a matching primary group without manual intervention.

Exam trap

The trap here is that candidates often confuse the GROUP setting in /etc/default/useradd (which sets a fixed default group) with the USERGROUPS_ENAB mechanism that dynamically creates a matching group, leading them to incorrectly select Option A.

How to eliminate wrong answers

Option A is wrong because the GROUP setting in /etc/default/useradd specifies the default primary group for new users (e.g., GROUP=100 for users group), not a group matching the username. Option B is wrong because setting USERGROUPS_ENAB to no disables the automatic creation of a private group, and using -g manually would require the group to already exist, not create it automatically. Option D is wrong because CREATE_HOME controls whether a home directory is created for new users, not the primary group assignment.

250
MCQmedium

An administrator wants to install a package 'httpd' but only if it is available in the configured repositories. Which command should be used to check if the package exists?

A.rpm -q httpd
B.dnf search httpd
C.dnf list available httpd
D.dnf install httpd
AnswerC

Shows available packages matching the name.

Why this answer

Option C is correct because `dnf list available httpd` queries the configured DNF repositories and displays the package only if it exists in them. This command checks availability without installing, which matches the requirement to verify the package is present in the repositories before proceeding.

Exam trap

The trap here is that candidates often confuse `rpm -q` (which checks local installation status) with repository availability checks, or they mistakenly think `dnf search` is the correct command for listing available packages, when in fact `dnf list available` is the precise tool for this task.

How to eliminate wrong answers

Option A is wrong because `rpm -q httpd` checks if the package is already installed on the system, not whether it is available in repositories. Option B is wrong because `dnf search httpd` searches package names and descriptions across repositories but does not specifically list only available packages; it may return partial matches and is not the standard command for confirming availability. Option D is wrong because `dnf install httpd` attempts to install the package immediately, which does not fulfill the requirement to check existence first without making changes.

251
Multi-Selectmedium

Which two commands can be used to view systemd journal entries for the sshd service?

Select 2 answers
A.journalctl -u sshd
B.systemctl status sshd
C.journalctl _SYSTEMD_UNIT=sshd.service
D.grep sshd /var/log/messages
E.tail -f /var/log/secure
AnswersA, C

Filters journal by unit name.

Why this answer

Options A and B are correct. journalctl -u sshd and journalctl _SYSTEMD_UNIT=sshd.service both filter journal entries for sshd. Option C shows current status. Options D and E read traditional log files, not the journal.

252
Multi-Selecteasy

Which TWO commands can be used to create a new user account in Red Hat Enterprise Linux 8?

Select 2 answers
A.adduser
B.groupadd
C.usermod
D.passwd
E.useradd
AnswersA, E

adduser is a symbolic link to useradd on RHEL and also creates users.

Why this answer

Both `adduser` and `useradd` are commands that create a new user account in Red Hat Enterprise Linux 8. `adduser` is a symbolic link to `useradd` in RHEL 8, so they perform the same function. The `useradd` command creates a new user with default settings from `/etc/default/useradd` and `/etc/login.defs`, while `adduser` behaves identically.

Exam trap

The trap here is that candidates may think `adduser` is a separate, interactive command (as in Debian-based systems), but in RHEL 8 it is identical to `useradd`, and `passwd` or `groupadd` are often mistakenly chosen for user creation.

253
MCQmedium

A system administrator needs to run a container that remains running in the background and executes a web server. Which podman command will correctly run the container detached and map host port 8080 to container port 80?

A.podman run -d -p 8080:80 nginx
B.podman run -d -p 80:8080 nginx
C.podman run -d --expose 80 nginx
D.podman run -d -P 8080:80 nginx
AnswerA

Correct: -d for detached, -p 8080:80 maps host 8080 to container 80.

Why this answer

Option A is correct because `podman run -d` runs the container in detached mode (background), and `-p 8080:80` maps host port 8080 to container port 80, which is the standard port for the nginx web server. This allows external traffic on host port 8080 to be forwarded to the nginx service inside the container.

Exam trap

The trap here is confusing the order of the port mapping (`host_port:container_port`) with the reverse, and mistaking `--expose` for a functional port publishing mechanism instead of a documentation-only flag.

How to eliminate wrong answers

Option B is wrong because it maps host port 80 to container port 8080, which would not serve the web server (nginx listens on port 80 by default) and would require the container to be configured to listen on port 8080. Option C is wrong because `--expose 80` only documents that port 80 is exposed in the container metadata but does not publish any ports to the host, so the web server would not be accessible from outside. Option D is wrong because `-P` (capital P) automatically publishes all exposed ports to random high-numbered host ports, and the syntax `-P 8080:80` is invalid; `-P` does not accept a port mapping argument.

254
MCQhard

A container exits immediately with status 1. The administrator runs 'podman logs container' but sees no output. What is the most likely reason for the missing logs?

A.The container binary is missing or has the wrong architecture (exec format error).
B.The container's logging driver is not configured to capture stdout.
C.The log file is rotated and cleared.
D.The container is using a non-standard log location inside the container.
AnswerA

Exec format error often occurs before the application produces any output; logs appear empty.

Why this answer

Option A is correct because when a container exits immediately with status 1 and `podman logs` shows no output, the most common cause is that the container binary is missing or has the wrong architecture (e.g., an x86 binary on an ARM system). This results in an 'exec format error' that prevents the container's entrypoint from executing, so no stdout/stderr is ever written to the logging driver. The container exits before any process runs, leaving the log buffer empty.

Exam trap

Red Hat often tests the misconception that missing logs are always due to a logging configuration issue, but the trap here is that an immediate exit with status 1 and no output points to a failure before any process runs, such as an exec format error.

How to eliminate wrong answers

Option B is wrong because Podman's default logging driver (journald) captures stdout/stderr from the container's PID 1; if the container never starts a process, there is nothing to capture, so the driver is not the issue. Option C is wrong because log rotation or clearing would not cause an immediate exit with status 1 and zero logs; rotated logs would still show prior output if any existed. Option D is wrong because `podman logs` only reads from the container's configured log driver (stdout/stderr), not from files inside the container; a non-standard log location inside the container is irrelevant to the `podman logs` command.

255
Multi-Selecthard

Which TWO LVM commands can be used to reduce the size of a logical volume?

Select 2 answers
A.lvresize
B.lvchange
C.lvreduce
D.lvdisplay
E.lvextend
AnswersA, C

Correct: can reduce or extend.

Why this answer

Both `lvresize` and `lvreduce` can reduce the size of a logical volume. `lvresize` is the general-purpose command for resizing LVs, and when used with the `-L` or `--size` option to specify a smaller size, it shrinks the volume. `lvreduce` is a dedicated command that specifically reduces the size of a logical volume, offering the same functionality as `lvresize --size` but with a more explicit name. Both commands require the filesystem to be shrunk first (if it contains data) using tools like `resize2fs` or `xfs_growfs` (though XFS cannot be shrunk).

Exam trap

The trap here is that candidates often assume only `lvreduce` can shrink a volume, forgetting that `lvresize` is a universal tool that can both increase and decrease size, making both correct answers.

256
MCQeasy

Which command initializes a disk partition as a physical volume for LVM?

A.fdisk
B.vgcreate
C.lvcreate
D.pvcreate
AnswerD

pvcreate initializes a physical volume.

Why this answer

Option D is correct because `pvcreate` is the LVM command specifically designed to initialize a disk partition as a physical volume (PV), which is the first step in creating an LVM logical volume. Without a PV, LVM cannot manage the underlying block device. The command writes LVM metadata to the partition, marking it as available for inclusion in a volume group.

Exam trap

The trap here is that candidates confuse the LVM creation sequence and select `fdisk` (which only partitions the disk) instead of `pvcreate` (which initializes the partition for LVM use), or select `vgcreate` or `lvcreate` which operate on already-initialized physical volumes.

How to eliminate wrong answers

Option A is wrong because `fdisk` is a partitioning tool used to create or modify partition tables on a disk, not to initialize a partition as an LVM physical volume. Option B is wrong because `vgcreate` creates a volume group from one or more existing physical volumes, not initializes a partition as a PV. Option C is wrong because `lvcreate` creates a logical volume within an existing volume group, which requires physical volumes and a volume group to already exist.

257
MCQmedium

An administrator wants newly created files to be readable and writable only by the owner, and readable by group and others. Which umask value should be set?

A.027
B.022
C.002
D.077
AnswerB

umask 022 gives files 644 permissions.

Why this answer

A umask of 022 subtracts write permission for group and others from the default 666 (files) and 777 (directories), resulting in files with 644 permissions (owner read/write, group read, others read).

258
MCQmedium

A script needs to execute a command that might fail, but the script should continue. The administrator wants to capture the exit status for logging. Which code snippet correctly implements this?

A.set -e; ./risky_command; rc=$?; echo $rc
B.rc=$? ./risky_command; echo $rc
C../risky_command; rc=$?; echo $rc
D../risky_command && rc=$?; echo $rc
AnswerC

C is correct. The exit status is always captured after command.

Why this answer

Option C is correct because the exit status is captured immediately after the command. Option A is wrong because using 'set -e' would exit on failure. Option B is wrong because chaining with '&&' would skip the status capture if the command fails.

Option D is wrong because the variable assignment and command execution are reversed.

259
MCQmedium

An administrator needs to create a new logical volume named 'lvdata' of size 5G in vgdata, format it with ext4, and mount it persistently at /mnt/data. The system currently has /dev/sdc as a physical volume in vgdata. Which command sequence accomplishes this?

A.lvcreate -L 5G -n lvdata vgdata; mkfs.ext4 /dev/vgdata/lvdata; echo '/dev/vgdata/lvdata /mnt/data ext4 defaults 0 0' >> /etc/fstab; mount -a
B.pvcreate /dev/sdc; vgcreate vgdata /dev/sdc; lvcreate -L 5G -n lvdata vgdata; mkfs.ext4 /dev/vgdata/lvdata; echo '/dev/vgdata/lvdata /mnt/data ext4 defaults 0 0' >> /etc/fstab
C.lvcreate -L 5G -n lvdata vgdata; mkfs.ext4 /dev/vgdata/lvdata; mount /dev/vgdata/lvdata /mnt/data; echo '/dev/vgdata/lvdata /mnt/data ext4 defaults 0 0' >> /etc/fstab
D.mkfs.ext4 /dev/sdc; lvcreate -L 5G -n lvdata vgdata; mount /dev/vgdata/lvdata /mnt/data; echo '/dev/vgdata/lvdata /mnt/data ext4 defaults 0 0' >> /etc/fstab
AnswerA

Correct sequence.

Why this answer

Option A is correct because it assumes the volume group vgdata and physical volume /dev/sdc already exist, so only the lvcreate command is needed to create the logical volume. It then formats the LV with ext4, adds a persistent mount entry to /etc/fstab, and uses mount -a to mount all filesystems from fstab, including the new entry. This sequence efficiently meets all requirements without redundant or incorrect steps.

Exam trap

Red Hat often tests the assumption that the volume group and physical volume already exist, tricking candidates into adding unnecessary pvcreate/vgcreate steps that would disrupt existing configurations.

How to eliminate wrong answers

Option B is wrong because it unnecessarily recreates the physical volume and volume group (pvcreate and vgcreate) that already exist, which could destroy existing data or cause conflicts. Option C is wrong because it mounts the filesystem directly with mount before adding the entry to /etc/fstab, but it does not use mount -a; while the mount command works immediately, the persistent mount is only established after the fstab entry, and the sequence lacks the final mount -a to ensure the fstab entry is tested. Option D is wrong because it attempts to create a filesystem directly on /dev/sdc (the physical volume) instead of on the logical volume, which would corrupt the LVM metadata and fail to create the LV correctly.

260
Multi-Selectmedium

Which three network configuration methods are valid in RHEL 8/9?

Select 3 answers
A.system-config-network
B./etc/sysconfig/network-scripts/ifcfg-* files
C.nmcli
D.ip command
E.ifconfig
AnswersB, C, D

Still available, though not managed by NetworkManager by default.

Why this answer

Options A, C, and E are valid. nmcli is the primary CLI tool. ip command is used for low-level network management. /etc/sysconfig/network-scripts/ifcfg-* files are still supported. ifconfig is deprecated. system-config-network is removed.

261
MCQmedium

A system has a new disk /dev/sdb that needs to be used as an LVM physical volume for an existing volume group 'vg_data'. Which sequence of commands is correct?

A.vgcreate vg_data /dev/sdb; pvcreate /dev/sdb
B.lvextend vg_data /dev/sdb
C.pvcreate /dev/sdb; vgcreate vg_data /dev/sdb
D.pvcreate /dev/sdb; vgextend vg_data /dev/sdb
AnswerD

First create the PV, then extend the existing VG.

Why this answer

Option D is correct because the disk /dev/sdb must first be initialized as a physical volume using pvcreate, then added to the existing volume group vg_data using vgextend. This sequence properly extends the volume group with the new physical volume, as required by LVM.

Exam trap

The trap here is that candidates often confuse vgcreate (which creates a new volume group) with vgextend (which adds a physical volume to an existing volume group), leading them to select option C instead of D.

How to eliminate wrong answers

Option A is wrong because vgcreate creates a new volume group, but the question specifies an existing volume group 'vg_data', and the command order also incorrectly places vgcreate before pvcreate. Option B is wrong because lvextend extends a logical volume, not a volume group, and it requires a physical volume or logical volume path, not a volume group name. Option C is wrong because vgcreate would attempt to create a new volume group named 'vg_data', which already exists, causing a conflict; the correct command to add a physical volume to an existing volume group is vgextend, not vgcreate.

262
MCQmedium

A system administrator needs to extend an existing logical volume 'lv_data' in volume group 'vg_data'. The administrator has already added a new physical volume /dev/sdd1 to the volume group. Which sequence of commands should be used to complete the extension and ensure the filesystem is usable?

A.lvextend -L +10G /dev/vg_data/lv_data; mount /dev/vg_data/lv_data; resize2fs /dev/vg_data/lv_data
B.lvextend -L +10G /dev/vg_data/lv_data; resize2fs /dev/vg_data/lv_data
C.lvextend -L +10G /dev/vg_data/lv_data; mkfs.ext4 /dev/vg_data/lv_data
D.lvresize -L +10G /dev/vg_data/lv_data; fsck /dev/vg_data/lv_data
E.vgextend vg_data /dev/sdd1; lvextend -L +10G /dev/vg_data/lv_data; resize2fs /dev/vg_data/lv_data
AnswerB

Correct: extends the LV and resizes the filesystem.

Why this answer

Option B is correct because after adding a physical volume to the volume group, the logical volume must be extended with `lvextend`, and then the filesystem must be resized with `resize2fs` to use the new space. The filesystem remains mounted and usable throughout; no remount or filesystem recreation is needed.

Exam trap

The trap here is that candidates may think they need to remount the filesystem (Option A) or recreate it (Option C) after extending the logical volume, but in Red Hat Enterprise Linux, `resize2fs` can grow an ext4 filesystem online without unmounting.

How to eliminate wrong answers

Option A is wrong because `mount` is unnecessary and incorrect here — the filesystem is already mounted and does not need to be remounted after extension. Option C is wrong because `mkfs.ext4` would destroy the existing filesystem, not extend it. Option D is wrong because `fsck` checks filesystem integrity but does not resize the filesystem; also `lvresize` alone without `resize2fs` leaves the filesystem unaware of the new space.

Option E is wrong because `vgextend` has already been performed (as stated in the question), so repeating it is redundant and not part of the required sequence.

263
MCQhard

A system fails to boot because of a corrupted fstab file. The administrator boots into rescue mode from a RHEL installation ISO. Which command should be run first to mount the root filesystem read-write?

A.mount /dev/mapper/rhel-root /mnt/sysimage
B.mount -o rw,remount /sysroot
C.chroot /mnt/sysimage
D.systemctl rescue
AnswerA

Mounts the root logical volume to the rescue mount point.

Why this answer

In rescue mode, the root filesystem is not mounted by default. The first step is to mount the logical volume containing the root filesystem (e.g., /dev/mapper/rhel-root) to a temporary mount point like /mnt/sysimage so that you can access and repair the corrupted /etc/fstab file. Option A correctly uses the mount command with the device and mount point, which is the standard procedure for RHEL rescue environments.

Exam trap

The trap here is that candidates confuse the rescue mode mount point (/mnt/sysimage) with the emergency mode mount point (/sysroot) or attempt to use chroot before mounting, leading them to select options B or C.

How to eliminate wrong answers

Option B is wrong because /sysroot is not a standard mount point in rescue mode; the correct temporary mount point is /mnt/sysimage, and the -o rw,remount option is used to remount an already mounted filesystem, not to mount one from scratch. Option C is wrong because chroot /mnt/sysimage changes the root directory into the mounted filesystem, but it cannot be run before the filesystem is actually mounted; it is a subsequent step after mounting. Option D is wrong because systemctl rescue switches the system to rescue mode (a systemd target), but the system is already booted into rescue mode from the ISO, and this command does not mount the root filesystem.

264
MCQeasy

A container fails to start because the port it needs is already in use. Which command can the administrator use to identify the process using the port?

A.podman logs <container>
B.ss -tlnp
C.podman port -l
D.firewall-cmd --list-ports
AnswerB

Correct. This displays listening ports and the associated process IDs.

Why this answer

Option B is correct because the `ss -tlnp` command displays listening TCP sockets (`-t`), numeric addresses (`-n`), and the associated process information (`-p`). This allows the administrator to identify which process (PID and program name) is bound to a specific port, directly addressing the container startup failure caused by a port conflict.

Exam trap

The trap here is that candidates often think `podman port -l` or `podman logs` can diagnose host-level port conflicts, but these commands only show container-specific information and cannot identify processes outside the container namespace.

How to eliminate wrong answers

Option A is wrong because `podman logs <container>` shows the log output of a container, not the processes using ports on the host; it cannot identify which external process is occupying the port. Option C is wrong because `podman port -l` lists port mappings for the last created container, but it does not show which process on the host is using a port; it only shows the container's port bindings. Option D is wrong because `firewall-cmd --list-ports` lists ports opened in the firewall configuration, not the actual processes or sockets using those ports; a port can be in use by a process even if it is not listed in the firewall rules.

265
MCQhard

Refer to the exhibit. A web server (httpd) is unable to serve files from a user's home directory. What is the most appropriate single command to resolve the issue?

A.chcon -u system_u /home/user/www/index.html
B.setsebool -P httpd_enable_homedirs on
C.semanage fcontext -a -t httpd_sys_content_t '/home/user/www(/.*)?' && restorecon -Rv /home/user/www
D.chcon -r object_r /home/user/www/index.html
AnswerC

Changes the file context to httpd_sys_content_t, allowing httpd to read.

Why this answer

Option C is correct because it uses `semanage fcontext` to set the default SELinux file context for the `/home/user/www` directory tree to `httpd_sys_content_t`, then applies it with `restorecon`. This is the proper way to persistently label custom web content directories so that httpd can serve them, as SELinux policy by default blocks httpd from reading user home directories.

Exam trap

The trap here is that candidates confuse the SELinux boolean (`httpd_enable_homedirs`) with the file context labeling, thinking enabling the boolean alone fixes all home directory access issues, when in fact the specific directory must also have the correct type (`httpd_sys_content_t`) for httpd to serve it.

How to eliminate wrong answers

Option A is wrong because `chcon -u system_u` changes only the SELinux user (user identity), not the type; httpd requires the `httpd_sys_content_t` type, not a user change. Option B is wrong because `setsebool -P httpd_enable_homedirs on` enables the boolean that allows httpd to access user home directories, but the question states the web server is unable to serve files from a user's home directory, implying the issue is file labeling (the boolean is a separate toggle that may already be off, but the core problem is the missing type context on the specific directory). Option D is wrong because `chcon -r object_r` changes the SELinux role to `object_r`, which is irrelevant for httpd access; the required fix is setting the type to `httpd_sys_content_t`, not altering the role.

266
MCQeasy

An administrator adds a new 100GB disk to a RHEL 9 server. Which command should be used first to verify that the kernel has detected the new disk?

A.udevadm trigger
B.dmesg | grep sd
C.fdisk -l
D.lsblk
E.partprobe
AnswerD

Correct. lsblk displays all block devices and their attributes.

Why this answer

The `lsblk` command lists all block devices detected by the kernel, including newly added disks, by reading the sysfs filesystem. It is the safest and most direct way to verify kernel detection without requiring root privileges or triggering side effects. Option D is correct because it immediately shows whether the 100GB disk appears in the device list.

Exam trap

The trap here is that candidates often choose `dmesg | grep sd` (Option B) because they recall kernel messages for SCSI disks, but this fails for non-SCSI devices (e.g., NVMe, virtio) and may miss the disk if the buffer has rotated, making `lsblk` the universal and correct first check.

How to eliminate wrong answers

Option A is wrong because `udevadm trigger` forces the kernel to re-evaluate device events, but it does not verify detection; it is used to reprocess rules or simulate hotplug events, not to check current state. Option B is wrong because `dmesg | grep sd` may show kernel messages about SCSI disk detection, but it is not a reliable first verification step—messages can scroll off the ring buffer, and the new disk might use a different driver (e.g., nvme, vd) not matching 'sd'. Option C is wrong because `fdisk -l` requires root privileges and may not show the disk if the partition table is unreadable or the disk is not yet partitioned; it also risks modifying the disk if used incorrectly.

Option E is wrong because `partprobe` informs the kernel of partition table changes, not disk detection; it is used after partitioning, not to verify initial kernel recognition.

267
MCQmedium

An administrator wants to view only the error messages from the kernel ring buffer since last boot. Which command should be used?

A.cat /var/log/kernel-errors
B.dmesg -p err
C.journalctl -k -p err
D.systemctl status kernel
AnswerC

journalctl -k shows kernel messages, -p err filters by priority error.

Why this answer

Option C is correct because `journalctl -k -p err` filters the kernel messages (`-k`) from the systemd journal by priority level `err` (error), showing only error-level kernel messages since the last boot. This is the standard way to view kernel error messages in modern RHEL/CentOS systems using systemd-journald.

Exam trap

The trap here is that candidates may confuse `dmesg` options (using `-l` for level filtering) with `journalctl` options (using `-p` for priority), or assume a static log file exists for kernel errors, leading them to pick option A or B.

How to eliminate wrong answers

Option A is wrong because `/var/log/kernel-errors` is not a standard log file; kernel messages are stored in the kernel ring buffer and accessed via `dmesg` or `journalctl`, not a dedicated file. Option B is wrong because `dmesg -p err` is invalid syntax; `dmesg` uses `-l` (level) to filter by priority, not `-p`. Option D is wrong because `systemctl status kernel` is not a valid systemctl command; systemctl manages services, not the kernel directly.

268
MCQmedium

A web server running Apache (httpd) on RHEL 9 serves content from /var/www/custom. Clients get a 403 error. The SELinux context on files is system_u:object_r:default_t:s0. Which command resolves the issue persistently without disabling SELinux?

A.chcon -t httpd_sys_content_t /var/www/custom
B.setsebool -P httpd_enable_custom on
C.restorecon -R /var/www/custom
D.semanage fcontext -a -t httpd_sys_content_t "/var/www/custom(/.*)?" && restorecon -R /var/www/custom
AnswerD

Adds a persistent file context rule and applies it, ensuring correct context across relabels.

Why this answer

Option D is correct because it uses `semanage fcontext` to add a persistent file context rule for `/var/www/custom` and its contents, then applies it with `restorecon`. This ensures the `httpd_sys_content_t` type is set persistently across file system relabeling, resolving the 403 error caused by the default SELinux type (`default_t`) that denies Apache access.

Exam trap

The trap here is that candidates choose `chcon` (Option A) because it immediately fixes the 403 error, but they overlook the requirement for a persistent change, which `semanage fcontext` with `restorecon` provides.

How to eliminate wrong answers

Option A is wrong because `chcon` changes the SELinux context immediately but does not persist after a file system relabel (e.g., `restorecon` or `fixfiles`), making it a temporary fix. Option B is wrong because `setsebool -P httpd_enable_custom on` is not a valid boolean; the correct boolean for allowing Apache to access custom content directories is `httpd_read_user_content` or similar, and this option does not address the file context issue. Option C is wrong because `restorecon` alone will reset the context to the default policy, which is `default_t` for an unlabeled directory, not `httpd_sys_content_t`, so it does not fix the 403 error.

269
MCQeasy

A helpdesk ticket states that user 'bob' cannot write to his own home directory. The directory /home/bob has permissions drwxr-xr-x and is owned by root:root. What command will fix this?

A.setfacl -m u:bob:rwx /home/bob
B.usermod -d /home/bob bob
C.chmod 755 /home/bob
D.chown bob:bob /home/bob
AnswerD

Changes owner and group to bob, giving him write access.

Why this answer

Option A is correct: changing ownership to bob:bob gives him full control. Option B changes permissions but does not address ownership. Option C changes the home directory but not ownership.

Option D uses ACLs, which is not the most straightforward fix.

270
MCQmedium

A company policy requires that when a user is deleted, all files owned by that user in /home should be reassigned to a 'guest' account. Which command accomplishes this?

A.usermod -l guest olduser
B.find /home -user olduser -exec chown guest {} +
C.userdel -r olduser
D.rsync -a /home/olduser/ /home/guest/
AnswerB

This finds all files owned by olduser under /home and changes ownership to guest.

Why this answer

Option B uses `find` to locate all files owned by `olduser` under `/home` and then executes `chown guest` on them, which reassigns ownership to the `guest` account. This directly satisfies the policy requirement without affecting the user account itself or copying files.

Exam trap

Red Hat often tests the distinction between modifying user attributes (usermod), deleting users (userdel), copying files (rsync), and directly reassigning file ownership (find + chown), expecting candidates to recognize that only the latter changes ownership without altering or removing the files.

How to eliminate wrong answers

Option A is wrong because `usermod -l` changes the login name of an existing user, not ownership of files; it would rename `olduser` to `guest`, which does not reassign ownership to a separate `guest` account and may conflict if `guest` already exists. Option C is wrong because `userdel -r` removes the user and their home directory, which deletes files rather than reassigning ownership. Option D is wrong because `rsync -a` copies files from one directory to another, leaving the original files still owned by `olduser` and not reassigning ownership of the originals.

271
Multi-Selecteasy

Which TWO files are essential in the /boot directory for the kernel to boot?

Select 2 answers
A.fstab
B.grub.cfg
C.initramfs
D.vmlinuz
E.kernel
AnswersC, D

initramfs provides initial drivers to access the root filesystem.

Why this answer

The initramfs (initial RAM filesystem) is essential because it contains the necessary drivers and tools to mount the root filesystem before the kernel can take over. Without it, the kernel would not be able to access the storage device containing the root partition, especially when using filesystems or hardware that require kernel modules not built into the kernel itself.

Exam trap

The trap here is that candidates often confuse the bootloader configuration file (grub.cfg) with a kernel-essential file, or they think the generic term 'kernel' is an actual filename, when in fact the correct filename is vmlinuz.

272
MCQeasy

A system administrator needs to create a shell script that processes a list of hostnames stored in a file, one per line, and runs a command on each host. Which loop construct is most appropriate?

A.while read host; do ... done < hosts
B.for i in $(seq 1 $(wc -l < hosts)); do ... done
C.for host in $(cat hosts); do ... done
D.until read host; do ... done < hosts
AnswerA

B is correct. It reads each line correctly, even with spaces.

Why this answer

Option B is correct because the 'while read' loop is the standard way to read a file line by line in shell scripts, handling each line as a separate variable. Option A is wrong because 'for' with '$(cat file)' can break on spaces. Option C is wrong because it uses 'seq' unnecessarily.

Option D is wrong because 'until' is not suitable for this purpose.

273
MCQmedium

A system administrator is tasked with configuring a RHEL 9 system to automatically mount an NFS share from 192.168.1.10:/export/data on /mnt/data at boot. Which entry in /etc/fstab is correct?

A.192.168.1.10 /export/data /mnt/data nfs4 defaults 0 0
B./mnt/data 192.168.1.10:/export/data nfs4 defaults 0 0
C.192.168.1.10:/export/data /mnt/data nfs4 defaults 0 0
D.192.168.1.10:/export/data /mnt/data nfs defaults 0 0
AnswerC

Correct syntax for NFSv4 mount.

Why this answer

Option C is correct because the /etc/fstab entry for an NFS mount requires the remote server and export path in the format server:/export, followed by the local mount point, the filesystem type (nfs4 for NFSv4), mount options, dump flag, and fsck order. This matches the standard NFS fstab syntax for automatic mounting at boot.

Exam trap

The trap here is that candidates often confuse the fstab field order or use the generic 'nfs' type instead of 'nfs4', not realizing that RHEL 9 defaults to NFSv4 and the exam expects precise syntax for the specified protocol version.

How to eliminate wrong answers

Option A is wrong because it places the server IP and export path as separate fields, which is invalid; the correct format is a single field server:/export. Option B is wrong because it reverses the order, putting the local mount point first and the remote source second, which violates the fstab column order (device, mount point, type, options, dump, pass). Option D is wrong because it uses 'nfs' instead of 'nfs4' as the filesystem type; while 'nfs' may work for older NFS versions, the question specifies RHEL 9 and NFSv4, and 'nfs4' is the correct type for NFSv4 mounts to ensure proper protocol negotiation and security.

274
MCQhard

A server has an LVM volume group vg01 with a physical volume /dev/sdb. The administrator wants to move all physical extents from /dev/sdb to /dev/sdd which is also in the same volume group. Which command sequence is correct?

A.pvmove /dev/sdb; vgreduce vg01 /dev/sdb
B.vgreduce vg01 /dev/sdb; pvmove
C.pvmove /dev/sdb; pvremove /dev/sdb
D.pvmove /dev/sdb /dev/sdd
AnswerA

pvmove moves all data off /dev/sdb, then vgreduce removes the PV from the VG.

Why this answer

The correct sequence is to first use `pvmove /dev/sdb` to relocate all physical extents from /dev/sdb to other physical volumes in the same volume group (vg01), and then use `vgreduce vg01 /dev/sdb` to remove the now-empty physical volume from the volume group. This ensures no data loss and that the volume group metadata is properly updated.

Exam trap

The trap here is that candidates often think `pvmove` requires a target PV or that `pvremove` can be used directly after moving extents, but they forget that the PV must first be removed from the VG with `vgreduce` before it can be fully decommissioned.

How to eliminate wrong answers

Option B is wrong because `vgreduce` before `pvmove` would attempt to remove /dev/sdb from the volume group while it still contains data, causing an error or data loss. Option C is wrong because after `pvmove`, the physical volume /dev/sdb is empty but still part of the volume group; `pvremove` would fail because the PV is still in a VG, and it does not remove the PV from the VG metadata. Option D is wrong because `pvmove /dev/sdb /dev/sdd` attempts to move extents directly to a specific target PV, but if /dev/sdd does not have enough free extents, the command will fail; the correct approach is to use `pvmove` without a target to let LVM distribute extents across all available PVs in the VG.

275
Multi-Selecthard

Which TWO commands can be used to display the current SELinux mode?

Select 2 answers
A.setenforce
B.ausearch
C.getenforce
D.sestatus
E.semanage
AnswersC, D

Displays current SELinux mode.

Why this answer

The `getenforce` command (option C) displays the current SELinux mode as either Enforcing, Permissive, or Disabled. The `sestatus` command (option D) provides a detailed status report including the current mode, the loaded policy, and the mode from the configuration file. Both are standard tools for querying the SELinux operational state.

Exam trap

Red Hat often tests the distinction between commands that *query* state versus those that *modify* state, so candidates may confuse `setenforce` (which changes mode) with `getenforce` (which displays mode).

276
MCQhard

You are a system administrator for a small company. The development team has created a shell script named 'deploy.sh' that automates deployment of a web application. The script is located at /home/devops/deploy.sh. The team reports that when they run the script with './deploy.sh' from the /home/devops directory, it fails with a 'Permission denied' error. However, running 'bash deploy.sh' works fine. Additionally, the script's first line is '#!/bin/bash' and the file permissions are '-rw-rw-r--'. The team wants to be able to run the script directly without typing 'bash'. Which of the following actions should you take to resolve the issue?

A.Change the shebang line to '#!/bin/sh' because bash is not the default shell.
B.Move the script to /usr/local/bin so it can be found in the PATH.
C.Add the execute permission to the script using 'chmod +x /home/devops/deploy.sh'.
D.Change the owner of the script to root using 'chown root:root /home/devops/deploy.sh'.
AnswerC

This makes the script directly executable.

Why this answer

Option C is correct because the 'Permission denied' error when running './deploy.sh' indicates that the script lacks execute permission. The current permissions '-rw-rw-r--' show read/write for owner and group, and read-only for others, but no execute bit. Adding execute permission with 'chmod +x' allows the script to be run directly via its shebang line.

Exam trap

Red Hat often tests the distinction between execute permission and interpreter availability; candidates may mistakenly think the shebang or PATH is the issue when the real problem is the missing execute bit.

How to eliminate wrong answers

Option A is wrong because the shebang '#!/bin/bash' is correct; bash is the default shell on Red Hat Enterprise Linux, and changing to '#!/bin/sh' would not resolve the missing execute permission. Option B is wrong because moving the script to /usr/local/bin does not grant execute permission; the script would still fail with 'Permission denied' when run directly. Option D is wrong because changing ownership to root does not add execute permission; the script would still lack the execute bit and fail with 'Permission denied'.

277
MCQmedium

An administrator extends a logical volume by 5GB. The filesystem is XFS. Which command must be run to make the additional space available?

A.xfs_growfs /mount
B.mount -o remount /mount
C.resize2fs /dev/vg/lv_root
D.lvresize -L +5G /dev/vg/lv_root
AnswerA

xfs_growfs expands an XFS filesystem to use all available space in the LV.

Why this answer

After extending a logical volume with lvresize, the XFS filesystem does not automatically recognize the new space. The xfs_growfs command must be run on the mounted filesystem to expand it to fill the enlarged logical volume. This command can target the mount point directly and works online without unmounting.

Exam trap

The trap here is that candidates confuse the logical volume resize (lvresize) with the filesystem resize, assuming the filesystem automatically expands when the LV grows, or they mistakenly apply ext4 tools like resize2fs to an XFS filesystem.

How to eliminate wrong answers

Option B is wrong because 'mount -o remount /mount' only reapplies mount options and does not resize any filesystem; it is irrelevant for making additional space available after an LV extension. Option C is wrong because 'resize2fs' is the tool for ext2/ext3/ext4 filesystems, not XFS; using it on an XFS filesystem would fail or cause corruption. Option D is wrong because 'lvresize -L +5G /dev/vg/lv_root' is the command that extends the logical volume itself, but the question asks what must be run after that step to make the space available to the filesystem; the LV resize is already assumed to have been done.

278
Multi-Selectmedium

Which TWO commands can be used to add a user to a secondary group without removing existing supplementary group memberships? (Choose exactly 2)

Select 2 answers
A.usermod -aG group user
B.usermod -AG group user
C.adduser user group
D.gpasswd -a user group
E.groupadd -a user group
AnswersA, D

Option A is correct; -aG appends the user to the supplementary groups list without affecting others.

Why this answer

Option A is correct because `usermod -aG` appends the user to the specified supplementary group(s) without affecting any existing supplementary group memberships. The `-a` flag (append) must be used with `-G` to avoid overwriting the current list of supplementary groups. This is the standard method in Red Hat Enterprise Linux for adding a user to an additional group while preserving all other group memberships.

Exam trap

The trap here is that candidates often confuse `usermod -G` (which replaces all supplementary groups) with `usermod -aG` (which appends), and may also mistakenly think `groupadd` or `adduser` can modify group memberships, when in fact only `usermod -aG` and `gpasswd -a` are the correct tools for this task.

279
Multi-Selectmedium

Which three statements about firewalld zones are correct? (Choose three.)

Select 3 answers
A.The default zone can be changed using firewall-cmd.
B.A network interface can be assigned to multiple zones simultaneously.
C.The 'public' zone is more restrictive than the 'trusted' zone.
D.Rich rules can specify source and destination addresses.
E.Zones can have a default target of only 'DROP' or 'ACCEPT'.
AnswersA, C, D

--set-default-zone changes the default zone.

Why this answer

Option A is true: default zone can be changed. Option B is false: zones can have targets like 'default', 'ACCEPT', 'DROP', 'REJECT', not only 'DROP' or 'ACCEPT'. Option C is false: an interface can belong to only one zone.

Option D is true: rich rules allow detailed control. Option E is true: public is more restrictive than trusted.

280
Multi-Selecthard

Which TWO methods can be used to permanently set the system's hostname to 'server01.example.com'?

Select 2 answers
A.hostnamectl set-hostname server01.example.com
B.echo '127.0.1.1 server01.example.com' >> /etc/hosts
C.echo 'server01.example.com' > /etc/hostname
D.hostname server01.example.com
E.echo 'HOSTNAME=server01.example.com' >> /etc/sysconfig/network
AnswersA, C

Updates the static hostname persistently.

Why this answer

Option A is correct because `hostnamectl set-hostname server01.example.com` is the systemd-based command that permanently sets the hostname by writing to `/etc/hostname` and applying the change immediately via the `hostnamed` service. This is the recommended method on RHEL 8/9 systems, as it updates both the transient and static hostnames, ensuring persistence across reboots.

Exam trap

The trap here is that candidates confuse setting the hostname with hostname resolution, picking option B (editing `/etc/hosts`) because they think it permanently sets the hostname, when it only affects local DNS-like lookups and does not change the system's actual hostname.

281
MCQhard

Refer to the exhibit. A system administrator wants to add an additional mount option 'noexec' to the /boot filesystem permanently. Which step is necessary before remounting?

A.Run mount -o remount,noexec /boot without editing /etc/fstab
B.Edit /etc/fstab to add 'noexec' to the /boot entry, then run mount -o remount /boot
C.Run umount /boot, edit /etc/fstab to add 'noexec', then mount /boot
D.Edit /etc/fstab to add 'noexec' to the /boot entry, then run mount -a
AnswerB

Correct. This makes the change permanent and applies it.

Why this answer

To add 'noexec' permanently, edit /etc/fstab and add 'noexec' to the options field of the /boot entry (e.g., defaults,noexec). Then remount with 'mount -o remount /boot'.

282
MCQhard

Refer to the exhibit. A CGI script located at /var/www/cgi-bin/test.cgi fails to execute. What is the most likely cause?

A.The script is in the wrong directory.
B.The SELinux context should be httpd_sys_script_exec_t.
C.The script is not marked as executable.
D.The file permissions are incorrect.
AnswerB

Executable CGI scripts need the exec_t context.

Why this answer

CGI scripts require the httpd_sys_script_exec_t context to be executable by the web server. The current context httpd_sys_content_t is for static files only.

283
MCQmedium

Refer to the exhibit. A user attempts to start a new container named 'web3' but receives an error. The user wants to reuse the name 'web3'. Which command should be run first to resolve the issue?

A.podman rmi registry.access.redhat.com/ubi8/nginx-118
B.podman rm web3
C.podman kill web2
D.podman stop web1
AnswerB

Removes the existing container named web3, freeing the name.

Why this answer

The error occurs because a container named 'web3' already exists, even if it is not running. To reuse the name, the existing container must be removed first. Option B, `podman rm web3`, removes the stopped container, freeing the name for a new container.

Exam trap

Red Hat often tests the distinction between container removal (`podman rm`) and image removal (`podman rmi`), leading candidates to mistakenly try to delete the image when the actual conflict is a container name.

How to eliminate wrong answers

Option A is wrong because `podman rmi` removes an image, not a container; the issue is a container name conflict, not an image conflict. Option C is wrong because `podman kill web2` sends a SIGKILL to a running container named 'web2', which does not affect the existing 'web3' container. Option D is wrong because `podman stop web1` gracefully stops a container named 'web1', which is unrelated to the 'web3' name conflict.

284
MCQeasy

A container named 'web1' was created and ran briefly before exiting with status 0. The administrator needs to restart it and attach to the running container's console. Which command should be used?

A.podman run --name web1 -it registry.access.redhat.com/ubi8/httpd-24
B.podman start web1
C.podman restart web1 && podman attach web1
D.podman start web1 && podman attach web1
AnswerD

Start the stopped container, then attach to it.

Why this answer

Option D is correct because `podman start web1` restarts the existing container that exited with status 0, and `podman attach web1` connects the current terminal to the container's main process console. The `&&` ensures the attach runs only after the container is successfully started, allowing the administrator to interact with the running container's console.

Exam trap

The trap here is that candidates may confuse `podman restart` (which stops and starts the container) with `podman start` (which directly resumes an exited container), or forget that `podman start` alone does not attach to the console, leading them to choose option B or C.

How to eliminate wrong answers

Option A is wrong because `podman run` creates and runs a new container with the name 'web1', which will fail since a container named 'web1' already exists, and it does not restart the existing container. Option B is wrong because `podman start web1` only starts the container but does not attach to its console, so the administrator cannot interact with the running container. Option C is wrong because `podman restart web1` stops and then starts the container, which is unnecessary for a container that exited with status 0 and can be started directly; additionally, the `&&` syntax is valid but the restart is redundant and may cause a brief interruption.

285
Matchingmedium

Match each log file to its typical content.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

General system log (most non-critical messages)

Authentication and security events

Audit records from auditd

Cron job execution logs

Why these pairings

These log files are commonly monitored by sysadmins.

286
MCQmedium

A Red Hat Enterprise Linux server has multiple network interfaces, and the administrator needs to ensure that the service 'httpd' starts automatically after a reboot. The administrator has already enabled the service using 'systemctl enable httpd', but after a reboot, the service is not running. The administrator checks the status and finds that the service is enabled but not started. The system uses systemd. Which additional step is required to ensure the service starts automatically at boot?

A.Set the service to be started by the network target using systemctl add-wants.
B.Run systemctl start httpd after enabling it.
C.Check that the service's unit file has an [Install] section and is properly configured.
D.Create a symlink in /etc/rc.d/rc3.d/ for the service.
AnswerC

Without an [Install] section, systemctl enable may not create the required symlinks in the .wants directory.

Why this answer

Option C is correct because for a service to start automatically at boot, its unit file must contain a properly configured [Install] section that defines the target (e.g., WantedBy=multi-user.target). Running 'systemctl enable httpd' creates the necessary symlinks only if the [Install] section is present. Without it, 'systemctl enable' may succeed silently but no symlinks are created, so the service is marked as enabled but never started by systemd at boot.

Exam trap

The trap here is that candidates assume 'systemctl enable' always guarantees automatic startup at boot, but they overlook the critical requirement of a properly configured [Install] section in the unit file, which is essential for systemd to create the necessary boot-time symlinks.

How to eliminate wrong answers

Option A is wrong because 'systemctl add-wants' is not a valid systemd command; the correct command is 'systemctl add-wants' (though it exists, it is rarely used and not the standard way to ensure a service starts at boot; the proper method is to rely on the [Install] section and 'systemctl enable'). Option B is wrong because 'systemctl start httpd' only starts the service immediately; it does not configure automatic startup at boot, which is the goal after a reboot. Option D is wrong because modern RHEL systems use systemd, not SysV init; creating symlinks in /etc/rc.d/rc3.d/ is an outdated approach and will not work with systemd, which uses unit files and targets.

287
MCQmedium

An admin needs to mount an NFS export from server nfs.example.com:/exports/app to /mnt/app with options for read-only and no root squash. Which command is correct?

A.mount -t nfs -o ro,no_root_squash nfs.example.com:/exports/app /mnt/app
B.mount -t nfs -o ro,root_squash nfs.example.com:/exports/app /mnt/app
C.mount -t nfs -o ro,no_root_squash,nosuid nfs.example.com:/exports/app /mnt/app
D.mount -t nfs -o rw,no_root_squash nfs.example.com:/exports/app /mnt/app
AnswerA

Correct options.

Why this answer

Option A is correct because the `mount -t nfs -o ro,no_root_squash` command mounts the NFS export from `nfs.example.com:/exports/app` to `/mnt/app` as read-only (`ro`) and disables root squash (`no_root_squash`), which allows the root user on the client to retain root privileges when accessing files on the NFS server. The `-t nfs` specifies the NFS filesystem type, and the mount point `/mnt/app` must exist prior to execution.

Exam trap

Red Hat often tests the exact combination of mount options, where candidates mistakenly choose an option with extra flags like `nosuid` or confuse `root_squash` with `no_root_squash`, or select `rw` instead of `ro` when the question explicitly requires read-only.

How to eliminate wrong answers

Option B is wrong because it uses `root_squash` instead of `no_root_squash`, which maps the root user on the client to an anonymous user (typically `nobody`), violating the requirement to disable root squash. Option C is wrong because it includes the `nosuid` option, which is not requested in the question and would block set-user-ID and set-group-ID bits, potentially altering security behavior beyond the specified requirements. Option D is wrong because it uses `rw` (read-write) instead of `ro` (read-only), which directly contradicts the requirement to mount the export as read-only.

288
MCQmedium

A developer deploys a container using podman with a bind mount to persist web content. They run: podman run -d --name web -v /webdata:/usr/local/apache2/htdocs:Z -p 8080:80 httpd:latest. The container fails to start. The journal shows SELinux denials for the httpd process inside the container trying to read files with context httpd_sys_content_t, while the process runs in container_t domain. The host directory /webdata exists and contains index.html. The administrator checks that the container image is standard. What is the most likely cause of the failure?

A.The SELinux context on /webdata is incorrect for container use.
B.The /webdata directory does not exist.
C.The podman command should use :z instead of :Z.
D.The container image is incompatible with the host SELinux policy.
AnswerC

:Z relabels with private context; :z uses shared context that allows access.

Why this answer

Option C is correct because the `:Z` flag in the bind mount tells Podman to relabel the host directory with a private SELinux context (`container_file_t`) unique to that container, which prevents other containers from accessing it. However, the SELinux denial shows the httpd process inside the container (running in `container_t` domain) cannot read files labeled `httpd_sys_content_t` (the default label for web content on the host). Using `:z` instead of `:Z` would relabel the directory with the shared context `container_file_t`, allowing the container process to read the files while still enforcing SELinux policy.

Exam trap

The trap here is that candidates confuse `:z` (shared) with `:Z` (private) and assume the SELinux denial is due to the host directory context being wrong, when in fact the `:Z` flag relabels the directory to a private context that the container cannot read because the process domain (`container_t`) expects the shared `container_file_t` label.

How to eliminate wrong answers

Option A is wrong because the SELinux context on `/webdata` is `httpd_sys_content_t`, which is correct for web content on the host, but the container process runs in the `container_t` domain, which is not allowed to read `httpd_sys_content_t` — the issue is the mount flag, not the host context itself. Option B is wrong because the question explicitly states that `/webdata` exists and contains `index.html`, so a missing directory is not the cause. Option D is wrong because the container image is standard (`httpd:latest`), and SELinux denials are not caused by image incompatibility with the host policy; the policy applies uniformly to all container processes in the `container_t` domain regardless of the image.

289
Multi-Selectmedium

A system administrator needs to ensure that the user 'jdoe' can read files in the shared directory /project/data which is owned by group 'project'. The user 'jdoe' is currently not a member of the 'project' group. Which TWO steps should the administrator take to add 'jdoe' to the 'project' group? (Choose two.)

Select 2 answers
A.gpasswd -a jdoe project
B.groupmod -A jdoe project
C.vigr to add jdoe to project group
D.useradd -G project jdoe
E.usermod -aG project jdoe
AnswersA, E

Correct: adds user to the specified group.

Why this answer

The correct options are A and B. usermod -aG project jdoe appends the user to the supplementary group without removing existing group memberships. gpasswd -a jdoe project also adds the user to the group. Option C (useradd -G) is incorrect because useradd is for creating new users, not modifying existing ones; using it would require the -M option and still is not appropriate. Option D (groupmod -A) is invalid syntax; groupmod does not have an -A option.

Option E (vigr) is for manually editing group files, but it is not a direct command to add a user to a group; it would require manual file editing which is error-prone and not recommended.

290
MCQhard

A system fails to boot and drops into an emergency shell. The administrator suspects a misconfigured /etc/fstab. Which command should be used to determine which filesystem is causing the boot issue?

A.systemctl status local-fs.target
B.journalctl -xb -p err
C.fsck -A
D.mount -a
AnswerB

Shows error messages from the journal, including mount failures.

Why this answer

When a system fails to boot due to a misconfigured /etc/fstab, the emergency shell is entered. The `journalctl -xb -p err` command displays the systemd journal from the current boot (`-b`) with extended information (`-x`) and filters for error-level messages (`-p err`). This will show the exact mount failure and the offending filesystem entry, making it the correct diagnostic tool.

Exam trap

The trap here is that candidates often choose `mount -a` (option D) thinking it will show the error, but it only attempts the mount again without providing the specific fstab line or error context, whereas `journalctl -xb -p err` reveals the exact failure from the boot process.

How to eliminate wrong answers

Option A is wrong because `systemctl status local-fs.target` shows the status of the local-fs target unit, but it does not provide detailed error messages about which specific filesystem failed to mount; it only indicates whether the target is active or failed. Option C is wrong because `fsck -A` checks all filesystems listed in /etc/fstab for consistency, but it does not report which filesystem caused the boot failure—it may run checks on healthy filesystems and does not parse mount errors. Option D is wrong because `mount -a` attempts to mount all filesystems in /etc/fstab, but if the system is already in an emergency shell, this command may fail again without providing clear diagnostic output about the specific misconfiguration.

291
MCQeasy

A system administrator needs to create an XFS filesystem on /dev/sdb1 with the label 'data'. Which command should be used?

A.mkfs.ext4 -L data /dev/sdb1
B.mkfs.xfs -l data /dev/sdb1
C.xfs_admin -L data /dev/sdb1
D.mkfs.xfs -L data /dev/sdb1
AnswerD

Correct: mkfs.xfs -L sets the label during filesystem creation.

Why this answer

Option D is correct because the `mkfs.xfs` command creates an XFS filesystem, and the `-L` flag assigns a label to the filesystem during creation. The command `mkfs.xfs -L data /dev/sdb1` correctly creates an XFS filesystem on the specified partition with the label 'data'.

Exam trap

The trap here is confusing the lowercase `-l` (used for log parameters in mkfs.xfs) with the uppercase `-L` (used for labels), or thinking that `xfs_admin` can create a filesystem when it only modifies existing ones.

How to eliminate wrong answers

Option A is wrong because `mkfs.ext4` creates an ext4 filesystem, not XFS, and the `-L` flag is used for labels on ext4, but the question specifically requires an XFS filesystem. Option B is wrong because `mkfs.xfs -l data /dev/sdb1` uses a lowercase `-l`, which in mkfs.xfs is used to specify the log section parameters (e.g., log size or device), not the filesystem label; the correct flag for a label is uppercase `-L`. Option C is wrong because `xfs_admin` is used to change parameters of an existing XFS filesystem (like the label or UUID), not to create a new one; it cannot be used to create a filesystem.

292
MCQeasy

A system administrator needs to add a new 10GB disk to an existing volume group 'vgdata' to extend logical volumes. Which of the following is the correct sequence of commands?

A.pvcreate /dev/sdb, vgextend vgdata /dev/sdb, lvextend
B.vgextend vgdata /dev/sdb, pvcreate /dev/sdb, lvextend
C.pvcreate /dev/sdb, lvextend, vgextend vgdata /dev/sdb
D.lvextend, vgextend vgdata /dev/sdb, pvcreate /dev/sdb
AnswerA

Correct order: pvcreate, vgextend, then lvextend.

Why this answer

Option A is correct because the proper sequence to add a new disk to an existing volume group is: first create a physical volume with `pvcreate /dev/sdb`, then extend the volume group with `vgextend vgdata /dev/sdb`, and finally extend the logical volume with `lvextend`. This order ensures the disk is initialized as a PV before it can be added to the VG, and the VG must have the new PV before the LV can be extended.

Exam trap

The trap here is that candidates may think `vgextend` can automatically initialize the disk, or that the order of commands does not matter, but LVM strictly requires `pvcreate` before `vgextend` and `vgextend` before `lvextend`.

How to eliminate wrong answers

Option B is wrong because `vgextend` is attempted before `pvcreate`, but a disk must be initialized as a physical volume before it can be added to a volume group. Option C is wrong because `lvextend` is performed before `vgextend`, but the volume group does not yet contain the new physical volume, so the extension would fail. Option D is wrong because both `lvextend` and `vgextend` are attempted before `pvcreate`, violating the dependency that the disk must first be a PV, then added to the VG, then used to extend the LV.

293
MCQhard

An administrator wants to enable user disk quotas on an XFS filesystem mounted at /home. Which steps are required?

A.Add 'usrquota' to /etc/fstab, remount, then run quotacheck and edquota
B.Quotas are not supported on XFS filesystems
C.Use mount -o uquota /home, then setquota -u user1 500M 1G /home
D.Add 'uquota' to /etc/fstab, remount, then run xfs_quota -x -c 'limit -u bsoft=500m bhard=1g user1' /home
AnswerD

Correct: XFS uses uquota option and xfs_quota command.

Why this answer

Option D is correct because XFS uses its own quota management tools, not the traditional `quotacheck`/`edquota` tools used by ext4. The correct procedure is to add the `uquota` mount option to `/etc/fstab`, remount the filesystem, and then use `xfs_quota` to set limits. The `xfs_quota` command with the `-x` (expert) flag and `-c` (command) flag allows setting user quotas directly, and the path `/home` specifies the filesystem.

Exam trap

The trap here is that candidates familiar with ext4 quotas assume the same `quotacheck`/`edquota` workflow applies to XFS, but Red Hat EX200 expects knowledge of XFS-specific tools like `xfs_quota` and the `uquota` mount option.

How to eliminate wrong answers

Option A is wrong because `quotacheck` and `edquota` are tools for ext2/ext3/ext4 filesystems, not XFS; XFS manages quotas internally and does not require a separate `quotacheck` step. Option B is wrong because XFS fully supports user and group quotas via the `uquota`/`gquota` mount options and the `xfs_quota` utility. Option C is wrong because `mount -o uquota /home` only enables quota accounting but does not set any limits; additionally, `setquota` is an ext4 command and is not used with XFS.

294
MCQeasy

Refer to the exhibit. When the system boots, which filesystem will be mounted after the root filesystem?

A.None
B.Swap
C.Both /boot and swap
D./boot
AnswerD

/boot is the next filesystem listed in fstab.

Why this answer

Option D is correct because, according to the default boot process in RHEL 8/9, the initramfs mounts the root filesystem first, then the systemd-based init process mounts the /boot filesystem (if it is a separate partition) as specified in the /etc/fstab file. The root filesystem is mounted by the kernel or initramfs, and subsequent filesystems like /boot are mounted by systemd based on fstab entries.

Exam trap

The trap here is that candidates often confuse swap with a filesystem, but swap is a raw block device for memory paging and is not mounted; it is activated via swapon, so it does not count as a mounted filesystem in this context.

How to eliminate wrong answers

Option A is wrong because the system does mount additional filesystems after root, such as /boot, as defined in /etc/fstab. Option B is wrong because swap is not a filesystem in the traditional sense; it is a swap area that is activated by swapon, not mounted as a filesystem, and it is typically activated after filesystem mounts. Option C is wrong because while /boot is mounted, swap is not mounted as a filesystem; it is activated separately, and the question specifically asks about filesystem mounting.

295
MCQeasy

A new employee named asmith needs a user account with a home directory and a specific UID of 1500. Which command accomplishes this?

A.useradd -m -u 1500 asmith
B.adduser -uid 1500 asmith
C.useradd -h /home/asmith -u 1500 asmith
D.useradd -d /home/asmith -U 1500 asmith
AnswerA

Option A is correct: -m creates the home directory, -u sets the UID.

Why this answer

Option A is correct because `useradd -m -u 1500 asmith` creates the user asmith with a home directory (via `-m`) and assigns a specific UID of 1500 (via `-u`). The `-m` flag ensures the home directory is created if it does not exist, which is required by the question.

Exam trap

The trap here is confusing `-u` (UID) with `-U` (create user group) and mistaking `-h` for home directory instead of the correct `-d` flag.

How to eliminate wrong answers

Option B is wrong because `adduser` is a Perl script (not a standard command on RHEL/CentOS) and `-uid` is not a valid flag; the correct flag for UID with `adduser` would be `--uid`, but the question expects the standard `useradd` command. Option C is wrong because `-h` is not a valid flag for `useradd`; the flag to specify a home directory is `-d`, and `-h` is used for help. Option D is wrong because `-U` creates a user group with the same name as the user (not a UID), and the UID should be specified with `-u` (lowercase), not `-U`.

296
MCQmedium

A user complains that the 'ls' command no longer outputs colors. The administrator suspects a change in environment variables. Which command would help diagnose the issue?

A.set
B.declare
C.env
D.alias
AnswerC

Lists environment variables including LS_COLORS.

Why this answer

Option C is correct because the `env` command displays all current environment variables, which directly affect the behavior of commands like `ls`. The `ls` command uses the `LS_COLORS` environment variable to determine color output; if this variable is missing or altered, colors will not appear. Running `env` allows the administrator to inspect the current environment and identify if `LS_COLORS` has been changed or unset.

Exam trap

The trap here is that candidates often confuse `env` with `set` or `declare`, thinking all three show the same information, but `env` specifically shows only exported environment variables, which is exactly what affects child processes like `ls`.

How to eliminate wrong answers

Option A is wrong because `set` displays shell variables (including local variables) and shell functions, not just environment variables; it may show environment variables but is not the standard tool for diagnosing environment-specific issues like `LS_COLORS`. Option B is wrong because `declare` is used to declare and display shell variables and attributes in Bash, but it is not the primary command for listing environment variables; it also shows local variables and functions, which can clutter the output. Option D is wrong because `alias` displays or defines command aliases, which are not environment variables; while an alias could override `ls` (e.g., `alias ls='ls --color=auto'`), the question specifically points to a change in environment variables, not aliases.

297
MCQmedium

An IT department runs a web server that stores user uploads on an ext4 filesystem on /dev/sdb1 mounted at /uploads. Recently, the partition has run out of space. The administrator checks with df -h and sees 100% usage. However, du -sh /uploads shows only 2GB used. The administrator suspects deleted files still held open by processes. Which command should be used to identify and resolve the issue?

A.rm -rf /uploads/* to clean all files
B.fsck /dev/sdb1 to repair filesystem
C.resize2fs /dev/sdb1 to shrink filesystem
D.lsof +L1 /uploads to find deleted open files, then kill processes
AnswerD

Identifies deleted files still in use; killing processes releases space.

Why this answer

Option D is correct because the discrepancy between `df -h` showing 100% usage and `du -sh /uploads` showing only 2GB indicates that deleted files are still held open by running processes. The `lsof +L1 /uploads` command lists files with a link count of zero (deleted but still open), and killing the associated processes releases the disk space. This is a classic scenario on ext4 filesystems where file descriptors prevent space reclamation until the process closes the file.

Exam trap

Red Hat often tests the misconception that `rm` or filesystem repair tools can recover space from deleted-but-open files, when in fact only closing the file descriptor (by killing the process) releases the blocks.

How to eliminate wrong answers

Option A is wrong because `rm -rf /uploads/*` would attempt to remove files that are already deleted (unlinked) and thus cannot free the space held by open file descriptors; it may also delete active uploads. Option B is wrong because `fsck` checks and repairs filesystem metadata, but the filesystem is not corrupted—the issue is with in-use file handles, not structural damage. Option C is wrong because `resize2fs` resizes the filesystem, but shrinking it would not recover space from deleted-but-open files and could cause data loss if the filesystem is full.

298
MCQeasy

An administrator needs to list all container images stored locally, including intermediate layers. Which command should be used?

A.podman images -q
B.podman images --all
C.podman images --no-trunc
D.podman images -a
AnswerD

Correct. The -a flag shows all images including intermediate layers.

Why this answer

Option D (`podman images -a`) is correct because the `-a` (or `--all`) flag instructs Podman to list all images in the local storage, including intermediate layers that are not tagged and are used as building blocks for other images. Without this flag, only top-level (tagged) images are shown, which would omit the intermediate layers the administrator needs to see.

Exam trap

The trap here is that candidates confuse `-a` (all images including intermediates) with `-q` (quiet mode) or `--no-trunc` (full output), mistakenly thinking those flags also reveal hidden layers.

How to eliminate wrong answers

Option A (`podman images -q`) is wrong because the `-q` flag only shows image IDs in quiet mode, not a full listing, and it does not include intermediate layers. Option B (`podman images --all`) is wrong because `--all` is not a valid flag for `podman images`; the correct equivalent is `-a` or `--all` is actually accepted in some versions, but the standard syntax is `-a` and the option is listed as `-a` in the EX200 objectives. Option C (`podman images --no-trunc`) is wrong because `--no-trunc` prevents truncation of output (e.g., showing full image IDs), but it does not affect whether intermediate layers are included; it only changes the display format.

299
MCQhard

The /data filesystem is at 99% capacity. The LVM setup shows that the volume group has 50GB free space, but the logical volume is only 100GB. What is the correct sequence of commands to increase the filesystem to use all available space in the volume group?

A.lvextend -L 50G /dev/mapper/vg01-data && xfs_growfs /dev/mapper/vg01-data
B.lvextend -L +50G /dev/mapper/vg01-data && xfs_growfs /data
C.lvextend -L +50G /dev/mapper/vg01-data && resize2fs /dev/mapper/vg01-data
D.xfs_growfs /dev/mapper/vg01-data && lvextend -L +50G /dev/mapper/vg01-data
AnswerB

lvextend expands the LV, then xfs_growfs expands the filesystem to fill the LV.

Why this answer

Option B is correct because the volume group has 50GB free space, so you need to extend the logical volume by +50GB (not to 50GB) using `lvextend -L +50G`, and then grow the XFS filesystem with `xfs_growfs /data` (the mount point, not the block device). The `+` sign indicates an addition to the current size, while omitting it would set an absolute size.

Exam trap

The trap here is that candidates confuse the `-L` syntax (absolute vs. relative size) and mistakenly use `resize2fs` for XFS, or reverse the order of commands.

How to eliminate wrong answers

Option A is wrong because `lvextend -L 50G` sets the logical volume to exactly 50GB, which would shrink it from 100GB to 50GB, losing data and not using the free space; also `xfs_growfs` should target the mount point, not the block device. Option C is wrong because `resize2fs` is for ext2/3/4 filesystems, not XFS; XFS requires `xfs_growfs`. Option D is wrong because the order is reversed: you must extend the logical volume first with `lvextend` before growing the filesystem with `xfs_growfs`.

300
Multi-Selectmedium

Which two are required to create a logical volume? (Choose two.)

Select 2 answers
A.Physical volume
B.Mount point
C.Filesystem
D.Partition
E.Volume group
AnswersA, E

Correct. A PV is needed as storage for the VG.

Why this answer

A physical volume (PV) is required because it is the underlying storage device (e.g., a disk or partition) that LVM uses as a building block. Without a PV, there is no raw storage to allocate to a volume group. The volume group (VG) is then created from one or more PVs, and logical volumes (LVs) are carved from the VG.

Both are mandatory steps in the LVM workflow.

Exam trap

The trap here is that candidates confuse the steps of creating a logical volume with the steps of making it usable (mount point and filesystem), leading them to select options B or C as required prerequisites.

Page 3

Page 4 of 8

Page 5

All pages