During a quarterly vulnerability assessment, several RHEL-based application servers are found to be missing security fixes that have been available in the vendor repositories for weeks. Manual execution of dnf update --security installs the missing packages without error, and the administrator confirms that network connectivity, repository configuration, and GPG key settings are all correct. Which systemd unit, if it were disabled, would most directly explain why the updates were never applied automatically, leaving the servers as unpatched vulnerable systems?
The dnf-automatic.timer unit schedules the dnf-automatic service that regularly synchronizes metadata, downloads, and (if configured) installs security updates. If this timer is disabled or masked, the automatic job never runs, so the system remains unpatched even though manual dnf commands work.
dnf-automatic.timer (Correct) - drives the automatic update mechanism; disabling it stops unattended patching.
NetworkManager-wait-online.service only delays boot until networking is ready and does not initiate package updates.
sysstat-collect.timer invokes the SAR data-collection tools and has no influence on package management.
tuned.service manages performance profiles; it is unrelated to update delivery.
Therefore, a disabled or misconfigured dnf-automatic.timer best explains the presence of unpatched vulnerabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of dnf-automatic.timer?
Open an interactive chat with Bash
How does dnf-automatic.timer differ from NetworkManager-wait-online.service?
Open an interactive chat with Bash
Why is sysstat-collect.timer irrelevant for patch management?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Troubleshooting
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access