CompTIA Server+ Practice Test (SK0-005)
Use the form below to configure your CompTIA Server+ Practice Test (SK0-005). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.
CompTIA Server+ SK0-005 Information
The CompTIA Server+ (SK0‑005) certification is tailored for IT professionals aiming to validate their proficiency in installing, managing, securing, and troubleshooting server systems across data center, on‑premises, and hybrid environments. Launched in May 2021, this mid‑level exam comprises up to 90 multiple‑choice and performance‑based questions, to be completed in 90 minutes, and requires a passing score of 750 on a 100–900 scale. Candidates are expected to have approximately two years of hands‑on experience in server environments and should possess foundational knowledge equivalent to CompTIA A+ certification.
The exam covers four core domains: Server Hardware Installation and Management (18%), Server Administration (30%), Security and Disaster Recovery (24%), and Troubleshooting (28%).
The hardware domain includes tasks like racking servers, managing power and network cabling, configuring RAID, and maintaining various drive types, from SSDs to hybrid systems.
The administration domain focuses on OS installation (GUI, core, virtualized, or scripted), network configuration, server roles and virtualization, scripting basics, asset documentation, backup of configurations, and licensing concepts.
Security and disaster recovery encompass server hardening techniques, physical and data security, identity and access management, backup strategies (full, incremental, snapshot), and recovery planning including hot, warm, cold, and cloud-based site setup.
The troubleshooting domain emphasizes systematic problem-solving across hardware, storage, OS and software, network connectivity, and security issues, involving techniques such as diagnostics, log analysis, reseating components, and resolving boot errors or DHCP/DNS issues.
Aspiring candidates should follow a structured preparation plan using official exam objectives to guide their study. Practical experience and familiarity with real-world scenarios, especially using hands-on labs, performance-based exercises, scripting tasks, RAID configuration, virtualization, and disaster recovery setups, can significantly enhance readiness. This targeted strategy helps ensure both technical competence and confidence when tackling the SK0-005 Server+ exam.
Free CompTIA Server+ SK0-005 Practice Test
- 20 Questions
- Unlimited time
- Server Hardware Installation and ManagementServer AdministrationSecurity and Disaster RecoveryTroubleshooting
A systems administrator is tasked with hardening a new file server to mitigate the risk of data theft from a physical breach of the data center. A primary security requirement is that all data stored on the server's drives must be unreadable if the physical drives are removed from the server. The encryption method should be transparent to the operating system and applications once the system is booted. Which of the following solutions BEST meets this requirement?
Full Disk Encryption (FDE)
Database encryption
Transport Layer Security (TLS)
File-level encryption
Answer Description
The correct answer is Full Disk Encryption (FDE). FDE is designed to encrypt all data on a storage device, including the operating system, application files, and temporary files. This method directly addresses the scenario's requirement to make the entire drive's contents unreadable if the physical drives are stolen. Once the system is booted and the key is provided, the process is largely transparent to the OS and applications.
- Transport Layer Security (TLS) is incorrect because it is a protocol used to encrypt data in transit over a network, not data at rest on a storage device.
- File-level encryption is incorrect because it encrypts individual files or folders, not the entire disk. While a form of data-at-rest encryption, it would not protect the operating system or other unencrypted files on the disk, making it less comprehensive than FDE for this scenario.
- Database encryption (such as Transparent Data Encryption or TDE) is incorrect because it is specific to securing database files. This solution would not encrypt the operating system or other non-database files on the server.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Full Disk Encryption (FDE)?
How is Full Disk Encryption different from File-level encryption?
Why isn't Transport Layer Security (TLS) suitable for securing data at rest?
A systems administrator is reviewing the EULA for a new analytics engine that will run on a pair of rack-mount servers, each equipped with two 20-core CPUs that have Hyper-Threading enabled (40 logical processors per socket). The vendor's terms state that one license is required for every physical CPU core that is enabled in firmware, and that simultaneous multithreading does not increase the license count. No additional CALs are necessary, regardless of how many users connect to the service.
Which licensing model is the software vendor using?
Per-socket
Per-concurrent user
Per-server
Per-core
Answer Description
In a per-core (also called core-based) licensing model, the customer must purchase a license for every physical processor core that is present or enabled on the host. Logical processors created by Hyper-Threading/SMT are ignored, and the license fee is not tied to sockets, servers, or user counts. Per-socket licenses would be based on the number of CPU packages, per-server licenses would charge a flat fee per machine, and per-concurrent-user models meter active user sessions rather than hardware resources. Therefore, the scenario describes a per-core model.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Hyper-Threading, and why doesn't it affect licensing in this case?
What is the difference between per-core and per-socket licensing?
What are CALs, and why aren't they needed in this scenario?
Your organization's file server uses a hardware RAID-5 array with HPE SmartDrives. While performing routine rounds in the data center you notice that the drive-status LED on bay 3 is blinking amber and the activity ring is flashing irregularly green. The iLO management log simultaneously records the message "Predictive Failure: Port 3I Box 1 Bay 3." All virtual disks remain online and writable.
Based on the fault and device indications, which response best follows vendor recommendations to protect data availability?
Move the suspect drive to another bay and force the controller to rebuild it.
Perform an immediate hot-swap of the disk in bay 3 with a compatible spare drive.
Clear the controller log and continue operating because the array is still fault-tolerant.
Disable the drive's fault LED in the RAID utility and replace the disk after a second failure.
Answer Description
HPE documentation states that a drive whose status LED is blinking amber-especially when accompanied by a predictive-failure SMART message-has been marked by the RAID controller as likely to fail soon. Vendor guidance is to replace that specific drive as soon as possible via the hot-swap procedure so the array can rebuild before an unplanned outage occurs. Simply clearing logs or hiding LEDs does not remove the imminent risk, relocating the drive may trigger an immediate hard failure, and waiting for an additional drive to fail would put the RAID-5 set at high risk of total data loss.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does a blinking amber LED on an HPE SmartDrive indicate?
What is a RAID-5 array, and how does it remain fault-tolerant?
What is the purpose of a hot-swap procedure in RAID systems?
During a quarterly security assessment, an administrator reviewing several newly racked servers notices that each motherboard includes an 802.11ax/Bluetooth radio that shipped from the manufacturer enabled by default. The organization's data-center policy forbids any form of wireless communication on production hosts. Which action, performed during the next maintenance window, BEST satisfies the hardware-hardening requirement?
Install a host-based firewall and block all outbound HTTPS traffic.
Disable the onboard Wi-Fi/Bluetooth adapter in the server's UEFI/BIOS settings.
Replace the factory wireless antenna leads with shielded cables to absorb RF signals.
Enable 802.1X authentication on every wired Ethernet interface.
Answer Description
Hardware hardening reduces the attack surface by removing or disabling components that the workload does not need. Because the servers must not use wireless networking, the most direct and reliable control is to disable the integrated Wi-Fi/Bluetooth adapter in system firmware (UEFI/BIOS). Doing so physically prevents the radio from transmitting or receiving and eliminates the associated drivers and services at the OS level. Enabling 802.1X on wired NICs secures Ethernet access but leaves the wireless interface active. Installing a host-based firewall is a software control that still allows the wireless hardware to function and does not meet the policy's prohibition. Replacing antenna leads with shielded cabling would be an improvised mitigation and still leaves the device powered and detectable. Therefore, disabling the onboard wireless adapter in firmware is the correct, policy-compliant hardening step.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is UEFI/BIOS, and why is it used to disable hardware features?
Why is disabling Wi-Fi/Bluetooth in firmware better than using software controls like firewalls?
What is hardware hardening, and how does it improve security?
You are scheduling a nightly Robocopy job to migrate a 2 TB departmental share from \FS01\Share to \FS02\Share. The migration must (1) delete any files or folders that were removed from the source, (2) preserve every NTFS permission, ownership entry, and audit record, (3) append status details to an existing log file at C:\Logs\ShareSync.log, and (4) speed up the transfer by using 16 copy threads. Which command will meet all of these requirements?
robocopy \FS01\Share \FS02\Share /E /COPYALL /MT:16 /LOG+:C:\Logs\ShareSync.log
robocopy \FS01\Share \FS02\Share /E /SEC /MT:16 /LOG:C:\Logs\ShareSync.log
robocopy \FS01\Share \FS02\Share /MIR /COPY:DATS /MT:8 /LOG+:C:\Logs\ShareSync.log
robocopy \FS01\Share \FS02\Share /MIR /COPYALL /MT:16 /LOG+:C:\Logs\ShareSync.log
Answer Description
The /MIR switch mirrors the directory tree, combining /E and /PURGE so any item deleted on the source is also removed on the destination. /COPYALL is shorthand for /COPY:DATSOU and preserves data, attributes, timestamps, security (ACLs), owner, and auditing information-satisfying the metadata requirement more completely than /SEC. /LOG+ appends (rather than overwrites) output to the specified log file, and /MT:16 enables a 16-thread, multithreaded copy operation. The other commands each miss at least one requirement: using /E without /PURGE does not delete removed items, /SEC omits owner and audit data, /LOG overwrites the file, and /MT defaults to 8 threads in the third option.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the /MIR switch do in Robocopy?
What is the difference between /COPYALL and /SEC in Robocopy?
How does the /MT switch improve Robocopy performance?
A systems administrator is configuring a new server that will host the company's primary authentication service. The service requires high availability, and the primary concern for the operating system volume is resilience against a single drive failure to ensure continuous operation. Storage capacity and write performance are secondary concerns for this volume. Which of the following RAID configurations should the administrator implement for the two dedicated OS drives?
RAID 0
RAID 5
JBOD
RAID 1
Answer Description
The correct answer is RAID 1. RAID 1, or mirroring, writes identical data to two or more disks simultaneously. This configuration provides high availability and fault tolerance because if one drive fails, the system can continue to operate without interruption using the other drive. This directly meets the scenario's primary requirement for resilience against a single drive failure. RAID 0 (striping) offers improved performance but no fault tolerance; if one drive fails, the entire array is lost. RAID 5 (striping with parity) provides fault tolerance but requires a minimum of three drives, which is not an option in this scenario. JBOD (Just a Bunch of Disks) combines disks into a single logical volume but offers no redundancy or fault tolerance.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is RAID 1 preferred for fault tolerance?
Why can't RAID 5 be used with only two drives?
What are the limitations of JBOD in terms of fault tolerance?
A systems administrator is configuring a new rack-mounted hypervisor to connect to a block-level storage array over the existing Ethernet network. The goal is to present storage LUNs to the hypervisor, which will appear as local disks to the virtual machines. To achieve this, the administrator must configure a software component on the hypervisor to discover and log in to the storage array. What is the standard name for this software component in an iSCSI configuration?
Fibre Channel HBA
LUN masker
iSCSI initiator
iSCSI target
Answer Description
The correct answer is iSCSI initiator. In an iSCSI storage network, the client component that resides on the server (in this case, the hypervisor) is called the initiator. It is responsible for sending SCSI commands over the IP network to the iSCSI target. The iSCSI target is the storage system that provides the LUNs. A Fibre Channel HBA is hardware for a different storage protocol (Fibre Channel) that requires a dedicated network, not standard Ethernet. LUN masking is a security process configured on the target to control which initiators have access to specific LUNs; it is not the client component itself.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between an iSCSI initiator and an iSCSI target?
How does an iSCSI initiator discover and log in to a target?
Why is iSCSI preferred over Fibre Channel in some setups?
A company operates its primary data center on the South Carolina coast, an area that is frequently in the path of Atlantic hurricanes. Management is reviewing four candidate facilities for a warm disaster-recovery site and has instructed the systems administrator that the location must satisfy the requirement for a separate geographic location so that a single regional event cannot disable both sites. Which proposed facility BEST meets this requirement?
A colocation cage 10 km inland that remains inside the coastal hurricane evacuation zone and uses the same regional power grid.
A tier-III facility 400 km inland in northern Georgia that is outside the coastal hurricane zone, on a different power grid, and connected through a separate long-haul telecom provider.
A second data-hall floor in the same building that houses the primary data center.
A leased data hall 50 km up the coast that shares the primary site's electrical grid but sits outside the immediate storm-surge floodplain.
Answer Description
Best practice calls for locating an alternate processing site far enough away-and preferably on a different power grid and telecommunications infrastructure-so that the same natural disaster or utility failure cannot affect both locations. The facility in northern Georgia is hundreds of kilometers inland, outside the coastal hurricane evacuation zone, and served by a different electrical grid and carrier network, thereby minimizing correlated risk. The other options leave the secondary site in the same hurricane hazard zone, on the same power grid, or even in the same building as the primary data center, so a single regional incident could still take both sites offline.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to use a different power grid for a disaster-recovery site?
What is a Tier-III facility and why is it suitable for disaster recovery?
What are the advantages of locating a disaster-recovery site far from the primary site?
A company relies on a mission-critical database application licensed under a subscription model. The server administrator receives a notification that due to a budget shortfall, the annual subscription renewal, due next month, will not be paid. What is the MOST significant and immediate risk the company faces in this situation?
The company can continue using the current software version but will no longer receive security patches or support.
The company will lose the right to use the database application, leading to a service outage.
The vendor will initiate a mandatory and costly license compliance audit.
The software will automatically downgrade to a free, feature-limited version.
Answer Description
The correct answer is that the company will lose the right to use the database application, leading to a service outage. A subscription license is essentially a rental; it grants the right to use the software only for the paid term. If the subscription lapses, access to the software is typically revoked, causing an immediate halt to any services dependent on it.
Continuing to use the software without updates is a characteristic of a lapsed maintenance plan on a perpetual license, not a subscription. In a perpetual model, the user owns the license indefinitely but pays for support and updates separately. A subscription model usually bundles software access, support, and updates together. While a vendor might offer a grace period or reduced functionality, the primary risk for a mission-critical application is the complete loss of service, not a downgrade. Facing legal action for non-compliance is a risk, but the immediate operational impact of the service stopping is a more significant and direct consequence of non-renewal.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between a subscription license and a perpetual license?
What happens during the grace period for expired subscriptions, if offered?
Why is a subscription license considered riskier for mission-critical applications compared to a perpetual license?
A server administrator is performing a routine audit of network traffic logs for a file server. The administrator discovers that a large volume of data, several gigabytes in size, was transferred to an unknown external IP address overnight. The transfer occurred outside of the normal backup window and does not correspond to any scheduled maintenance tasks. Which of the following data security risks has the administrator most likely identified?
Insider threat
Data corruption
Hardware failure
Data breach
Answer Description
The correct answer is a data breach. The scenario describes a classic indicator of data exfiltration, which is a type of data breach. Unexpected and large outbound data transfers to unknown locations are a primary sign that an unauthorized party has accessed the network and is stealing data. This process of recognizing the signs of an attack is the 'Identification' phase of incident response.
- Data corruption involves data being altered or destroyed, which is not indicated by the network traffic logs.
- While an insider threat could be the cause of the breach, the risk identified by the log evidence itself is the data breach (the event), not the actor (the insider).
- A hardware failure would more likely present as network errors, packet loss, or a loss of connectivity, not a large, successful data transfer.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is data exfiltration?
What is the 'Identification' phase of incident response?
How can network traffic monitoring help prevent data breaches?
Your organization's business-continuity plan specifies a recovery time objective of four days and a 24-hour recovery point objective for a non-critical archival records system. Senior management insists on the lowest possible recurring cost for the alternate facility. Only power, climate control, and network connectivity need to be in place ahead of time; the IT staff is prepared to ship in hardware and restore data from nightly backups after a disaster occurs. Which type of disaster-recovery site BEST meets these requirements?
Cold site that supplies only basic utilities and floor space
Active-active metropolitan cluster running live workloads in multiple datacenters
Fully equipped hot site synchronized with production systems
Partially provisioned warm site with pre-installed servers but inactive data
Answer Description
A cold site is essentially an empty shell that provides only fundamental infrastructure (electricity, HVAC, network access). Because it contains no pre-installed servers, storage, or data, its recurring cost is the lowest of the common DR-site options. The trade-off is a longer recovery time while equipment is delivered, installed, and backups are restored-often several days-making it appropriate when an RTO of multiple days is acceptable.
A hot site, in contrast, is fully equipped and kept in sync with production workloads, offering near-immediate failover but at the highest operating cost. A warm site already hosts some hardware and possibly partial data replication, shortening recovery time but still costing more than a cold site. An active-active metropolitan cluster keeps live services running in two or more datacenters simultaneously; this provides the fastest recovery and virtually no downtime but is by far the most expensive to maintain. Therefore, the cold site is the only option that satisfies the strict cost constraint while meeting the stated four-day RTO.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between a cold site and a hot site?
What do RTO and RPO mean in disaster recovery?
Why is a cold site the best choice for this scenario?
A data-center administrator performs an initial full backup on Sunday and incremental backups Monday through Friday. To avoid re-scanning the 25 TB file share every weekend, the backup application runs a Saturday job that creates a new full backup image entirely on the backup repository by merging the last full backup with the week's incremental files; no data is read from the production server or traverses the network. Which backup method is the administrator using?
Reverse incremental backup
Synthetic full backup
Active full backup
Differential backup
Answer Description
The described process synthesizes a fresh full-backup file from backup data that already exists on the target device. Because it combines the previous full (or synthetic full) with all subsequent incrementals without pulling data from the protected server, it is a synthetic full backup. An active full backup would reacquire all source data over the network, a differential backup contains only the cumulative changes since the last full, and reverse incremental updates the existing full while storing deltas for roll-backs-none of which match the scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a synthetic full backup?
How does an active full backup differ from a synthetic full backup?
What is the difference between incremental and differential backups?
While onboarding a new virtualization host, a systems administrator bonds two 10 GbE interfaces with LACP and enables 802.1Q tagging so the server can carry multiple VLANs. The host's management interface on VLAN 10 is reachable from the network, but virtual machines on VLAN 30 can only talk to one another locally and cannot ping the gateway that resides on the access-layer switch. Other servers connected to the same distribution switches have full connectivity on VLAN 30. After verifying that the NIC team and the vSwitch on the host are tagging frames for both VLANs, which switch-side configuration error would most likely cause this symptom?
The port-channel connected to the host is set to access mode in VLAN 10 instead of a trunk that permits VLAN 30.
BPDU Guard is enabled on the switch interface, causing Spanning Tree to restrict VLAN 30 traffic.
LACP fast-timer negotiation is disabled on the switch, so the bundle reverts to individual links.
The router sub-interface for VLAN 30 is configured with a smaller MTU than the switch and server.
Answer Description
Because traffic on VLAN 10 succeeds while all VLAN 30 frames are lost, the link clearly passes untagged (or access) traffic but not tagged VLAN 30 traffic. This occurs when the switch port (or aggregated port-channel) is configured as an access interface in VLAN 10 instead of an 802.1Q trunk that allows VLAN 30. In that state the switch will accept only VLAN 10 and drop any frames tagged for other VLANs, so virtual-machine traffic never reaches the upstream gateway. The other listed issues could degrade performance or block the entire link, but none would selectively affect only one additional tagged VLAN while leaving the native/management VLAN untouched.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is LACP, and why is it used in network configurations?
What is 802.1Q tagging, and why is it required for multiple VLANs?
What is the difference between access mode and trunk mode on a switch port?
A user in the finance department reports they can no longer open a critical quarterly report file stored on a Windows file server. The user was able to access this file yesterday without any issues. The server administrator confirms the user is a member of the correct Active Directory security group, and the NTFS and share permissions are configured correctly. The administrator also verifies the user can open other files in the same network folder.
While reviewing the server's security event logs, the administrator discovers a high-priority alert from the previous night related to the specific file. The alert states that the file's hash value changed unexpectedly and was flagged by the server's file integrity monitoring (FIM) system.
What is the MOST likely cause of the user being unable to open the file?
The user's domain account has been locked out due to multiple failed login attempts.
The file has become corrupted due to a bad sector on the storage volume.
A Data Loss Prevention (DLP) policy has quarantined the file due to a detected integrity violation.
The Workstation service on the user's local computer has stopped functioning.
Answer Description
The correct answer is that a Data Loss Prevention (DLP) policy has quarantined the file. The key evidence is the security log alert from the File Integrity Monitoring (FIM) system. FIM systems track changes to critical files by monitoring their cryptographic hashes. An unexpected hash change on a sensitive file, like a financial report, would trigger an alert. In a secure environment, this FIM alert can trigger an automated response from a Data Loss Prevention (DLP) system. The DLP system's response is often to quarantine the file, which makes it inaccessible to users as a protective measure against data tampering or exfiltration. The other options are less likely given the specific evidence. A domain lockout or a stopped local service would cause more widespread access issues, not an issue with a single file. While file system corruption is possible, the security log explicitly points to a security-related action, which should be the primary line of investigation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a File Integrity Monitoring (FIM) system, and how does it work?
How does a Data Loss Prevention (DLP) policy work in conjunction with a FIM system?
Why would a file's hash value change unexpectedly, and what does this indicate?
A server administrator is investigating a recent performance degradation issue on a critical file server. The investigation reveals that a former employee's account, which was not properly deprovisioned, was used to log in outside of business hours. System logs show that this account was used to access and delete several project directories before the user attempted to clear the security event logs. Which of the following security risks is most likely represented in this scenario?
Unintentional insider threat
Malicious insider threat
Backdoor
Social engineering
Answer Description
The correct answer is 'Malicious insider threat'. This scenario describes an individual with authorized access (a former employee whose account was still active) intentionally causing harm. The actions of deleting files and clearing logs are deliberate and harmful, which are key characteristics of a malicious insider threat. An unintentional insider threat would involve an accident or mistake, not deliberate sabotage. Social engineering involves tricking someone to gain access, and while it can lead to an insider threat, the direct actions described here point to the insider threat itself as the primary risk. A backdoor is a covert method of bypassing authentication, whereas this scenario involves the use of legitimate (though improperly managed) credentials.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is this considered a malicious insider threat rather than a backdoor?
How could the administrator have prevented this insider threat?
What are some common signs of a malicious insider threat?
During a data-center deployment you must write a Bash script that blocks further configuration steps until the HTTPS listener on the same host is accepting connections. The script will run nc -z localhost 443 every five seconds to test the port. Which basic loop construct lets the script automatically keep retrying as long as the command returns a non-zero exit status and then exit the loop immediately when the command succeeds, without extra negation or break statements?
A
casestatement that evaluates the test command's exit status.A
whileloop that surrounds the test command.A
forloop that iterates over a fixed sequence of retry counts.An
untilloop that surrounds the test command.
Answer Description
In Bash an until loop executes its body repeatedly while the test command returns a non-zero (false) exit status, and it stops as soon as that command succeeds (exit status 0). Because nc -z localhost 443 fails until the port is open, wrapping the command in an until loop makes the script wait and then continue automatically when the service is ready.
A while loop has the opposite logic (it repeats only while the test command succeeds), so it would loop after the port is already open and exit immediately when the port is closed. A for loop requires a predefined list or counter and would need extra logic to stop at the right time, while a case statement is used for single evaluations rather than continuous polling. Therefore, the until loop is the most appropriate construct.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does an 'until' loop do in Bash?
What does the 'nc -z localhost 443' command do?
How does the exit status of a command determine loop behavior in Bash?
After a new security-hardening Group Policy Object (GPO) was linked to the OU that contains a Windows Server 2022 file-backup server, the custom BackupAgent service-configured to run under the DOMAIN\backup_svc account-now fails to start.
System-level Event ID 7000 shows: "The BackupAgent service failed to start due to the following error: The service did not start due to a logon failure."
The DOMAIN\backup_svc password has not changed, DNS and network connectivity test cleanly, and no firewall rules were modified. Which specific User Rights Assignment setting in the GPO is the MOST likely cause and should be corrected to restore the service?
Assign the DOMAIN\backup_svc account the Log on as a batch job right
Remove the account from Deny log on through Remote Desktop Services
Grant the DOMAIN\backup_svc account the Log on as a service right
Add the DOMAIN\backup_svc account to Allow log on locally
Answer Description
Windows services that run under a domain or local user account must have the Log on as a service (SeServiceLogonRight) privilege. When a GPO removes that right-or overwrites it with a blank list-the service account cannot obtain a logon token, so Windows records Event ID 7000 and reports a logon failure. Re-granting the DOMAIN\backup_svc account the Log on as a service right (or moving it to a group that already has the right) allows the Service Control Manager to authenticate the account and start the BackupAgent service.
The other options would not resolve this symptom:
- Allow log on locally governs interactive console logons, not service logons.
- Log on as a batch job applies to scheduled tasks, not background services.
- Deny log on through Remote Desktop Services affects RDP sessions and would not prevent a service from starting.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'Log on as a service' mean and why is it important for Windows services?
What steps can you take to re-grant the 'Log on as a service' right to an account?
What’s the significance of Event ID 7000 when troubleshooting service startup issues?
An administrator is troubleshooting why a standalone file server has stopped receiving the company's regularly scheduled security updates from WSUS. Tests confirm that WSUS connectivity and network access are normal. The host runs Windows Server 2012 R2 Datacenter, and WindowsUpdate.log contains the message "This operating system version is no longer supported." In addition, the newest version of the third-party backup agent refuses to install because it "requires Windows Server 2019 or later." The physical server model is still listed on the vendor's current hardware-compatibility list, and management wants the least possible downtime for the file shares.
Which action provides the best long-term remediation for both patching and third-party software support?
Manually download individual security hotfixes from the Microsoft Update Catalog each month and install them with PowerShell.
Leave the existing OS in place but block all internet traffic to and from the host at the perimeter firewall.
Enroll the server in Microsoft's paid Extended Security Updates (ESU) program to continue receiving critical patches until 2026.
Perform an in-place upgrade of the server to a currently supported Windows Server LTSC release (for example, Windows Server 2022) while preserving roles and data.
Answer Description
Windows Server 2012 R2 reached the end of extended support on 10 October 2023. After that date Microsoft stops publishing security, non-security, and bug-fix updates, and most ISVs discontinue qualification of new versions of their products for the OS. Extended Security Updates (ESUs) are intended only as a short-term bridge; they supply critical/important security fixes but no new features or vendor-requested changes, so the backup agent would remain unsupported. Manually importing updates or isolating the host does not restore vendor support and leaves the organization with an aging platform that will become increasingly hard to maintain.
Performing an in-place upgrade (or a migration with minimal downtime) to a currently supported LTSC release such as Windows Server 2022 returns the server to the normal update channel and meets the backup vendor's minimum requirements, solving both problems while preserving the existing shares and data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an LTSC release in Windows Server?
Why is Extended Security Updates (ESU) not ideal as a long-term solution?
What is the difference between an in-place upgrade and a migration in Windows Server?
A systems administrator is configuring a new application on a Linux server. The application needs to connect to a database server with the hostname db1.corp.local. When testing the connection, the administrator receives the following error: Could not resolve hostname db1.corp.local: Name or service not known. The administrator verifies that the application server has network connectivity by successfully pinging the IP address of its default gateway. Which of the following is the MOST likely cause of this error?
A firewall rule is blocking traffic to the database server.
The server's
/etc/resolv.conffile is misconfigured.The server's primary network adapter is disabled.
The server's routing table is missing a route to the database subnet.
Answer Description
The correct answer is that the server has an incorrectly configured DNS resolver file. The error message Could not resolve hostname... Name or service not known specifically indicates a failure in the Domain Name System (DNS) resolution process. On Linux systems, the /etc/resolv.conf file is the primary configuration file for the DNS resolver, containing the IP addresses of the nameservers the system should query. If this file is empty, contains incorrect IP addresses for the DNS servers, or if the specified DNS servers are offline or unreachable, the server will be unable to translate hostnames into IP addresses, leading to this error. A firewall blocking the port would occur after name resolution and result in a connection timeout, not a hostname resolution error. An incorrect route would also manifest after name resolution, typically causing a 'Destination Host Unreachable' error. A disabled network adapter would prevent all network traffic, including the successful ping to the gateway mentioned in the scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of the /etc/resolv.conf file in Linux?
How can you verify if the DNS server specified in /etc/resolv.conf is working properly?
What could cause a misconfiguration in the /etc/resolv.conf file?
A company's primary datacenter is located directly on a major seismic fault line. The systems administrator must choose where to keep the weekly backup copies of 30 TB of engineering data so that the organization can continue operating if an earthquake destroys the facility. Which storage location BEST satisfies the data-security principle of physical location separation for this scenario?
An encrypted external drive stored in a safe two floors above the datacenter
A virtual tape library that shares the production SAN's disk shelves
A cloud provider's region 450 km away on a different power grid and tectonic plate
A Tier III colocation facility 5 km away in the same metropolitan area
Answer Description
Off-site backup locations should be far enough from the primary site to avoid being affected by the same regional disaster. Industry guidance for seismic and other large-scale natural hazards recommends placing copies hundreds of kilometers away, on different utility grids and geological zones. A cloud region 450 km distant meets that requirement, giving the organization a geographically independent copy. The other options keep data in the same building, on the same storage system, or within the same urban area-all of which are likely to suffer the same earthquake damage and therefore do not provide true physical-location protection.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Tier III colocation facility and why is it not ideal in this scenario?
What is the significance of using a location on a different power grid and tectonic plate?
Why are options like an encrypted external drive or virtual tape library inadequate?
Gnarly!
Looks like that's it! You can go back and review your answers or click the button below to grade your test.