00:15:00

CompTIA Server+ Practice Test (SK0-005)

Use the form below to configure your CompTIA Server+ Practice Test (SK0-005). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.

Logo for CompTIA Server+ SK0-005
Questions
Number of questions in the practice test
Free users are limited to 20 questions, upgrade to unlimited
Seconds Per Question
Determines how long you have to finish the practice test
Exam Objectives
Which exam objectives should be included in the practice test

CompTIA Server+ SK0-005 Information

The CompTIA Server+ (SK0‑005) certification is tailored for IT professionals aiming to validate their proficiency in installing, managing, securing, and troubleshooting server systems across data center, on‑premises, and hybrid environments. Launched in May 2021, this mid‑level exam comprises up to 90 multiple‑choice and performance‑based questions, to be completed in 90 minutes, and requires a passing score of 750 on a 100–900 scale. Candidates are expected to have approximately two years of hands‑on experience in server environments and should possess foundational knowledge equivalent to CompTIA A+ certification.

The exam covers four core domains: Server Hardware Installation and Management (18%), Server Administration (30%), Security and Disaster Recovery (24%), and Troubleshooting (28%).

The hardware domain includes tasks like racking servers, managing power and network cabling, configuring RAID, and maintaining various drive types, from SSDs to hybrid systems.

The administration domain focuses on OS installation (GUI, core, virtualized, or scripted), network configuration, server roles and virtualization, scripting basics, asset documentation, backup of configurations, and licensing concepts .

Security and disaster recovery encompass server hardening techniques, physical and data security, identity and access management, backup strategies (full, incremental, snapshot), and recovery planning including hot, warm, cold, and cloud-based site setup .

The troubleshooting domain emphasizes systematic problem-solving across hardware, storage, OS and software, network connectivity, and security issues, involving techniques such as diagnostics, log analysis, reseating components, and resolving boot errors or DHCP/DNS issues .

Aspiring candidates should follow a structured preparation plan using official exam objectives to guide their study. Practical experience and familiarity with real-world scenarios—especially using hands-on labs, performance-based exercises, scripting tasks, RAID configuration, virtualization, and disaster recovery setups—can significantly enhance readiness. This targeted strategy helps ensure both technical competence and confidence when tackling the SK0-005 Server+ exam.

Free CompTIA Server+ SK0-005 Practice Test

Press start when you are ready, or press Change to modify any settings for the practice test.

  • Questions: 15
  • Time: Unlimited
  • Included Topics:
    Server Hardware Installation and Management
    Server Administration
    Security and Disaster Recovery
    Troubleshooting
Question 1 of 15

You are logged in as ordinary user "sysops" on a CentOS 9 test server. To reproduce an application crash you export a diagnostic variable:

$ export LD_PRELOAD=/opt/debug/libmalloc.so

The crash only occurs with this variable present, but the binary itself must be executed as root. The sudo policy is still using its default env_reset setting, which normally clears most user-defined variables.

Which single sudo command-line option should you include when you run the binary so that LD_PRELOAD is retained rather than stripped out?

  • -E

  • -H

  • -i

  • -k

Question 2 of 15

A systems administrator is investigating a performance problem with a newly racked physical server. Although the server responds to ping, large file transfers crawl and application sessions frequently time out. The network switch port connected to the server is hard-coded to 100 Mbps, full-duplex. In the server's operating system the NIC statistics show a rapidly increasing number of CRC errors and collisions.

Which of the following is the MOST likely cause of the issue?

  • The network switch port is experiencing a hardware failure.

  • The server's NIC is set to auto-negotiate speed and duplex.

  • The server has been configured with incorrect IP address settings.

  • The server is connected with a faulty patch cable.

Question 3 of 15

Your organization runs a file share on a rack-mount server that contains eight 2 TB 10 000-RPM SAS drives in a single RAID 6 virtual disk. The array's usable capacity is 12 TB, of which 80 percent is already occupied. Monitoring shows the data set is growing at a steady 4 percent per month. You must ensure the share has enough space to last the next 18 months while keeping the same RAID level and without exceeding the server's 12-drive backplane. During the next maintenance window, what is the minimum number of additional 2 TB disks you must install?

  • Install two additional 2 TB disks.

  • Install four additional 2 TB disks.

  • Install three additional 2 TB disks.

  • Replace all existing drives with larger-capacity disks and rebuild an eight-drive RAID 6 array.

Question 4 of 15

During a hardware refresh, a systems administrator populates the bottom 10 U and the top 8 U of a 42 U cabinet that sits in a raised-floor cold-aisle/hot-aisle layout. All installed 1 U servers draw air in from the front and exhaust out the rear. Soon after the systems come online, temperature probes on the front of the upper servers report inlet temperatures that are 8 °C higher than those recorded at the bottom of the rack, even though the CRAC supply temperature and airflow are within specification. Which rack-level action will BEST restore proper cooling for the affected servers?

  • Install blanking panels in the empty rack units between the two groups of servers.

  • Replace the perforated rear door of the cabinet with a solid door to keep exhaust air inside the rack.

  • Increase the CRAC fan speed to raise static pressure in the cold aisle.

  • Rotate the top servers so their rear panels face the cold aisle and their fronts face the hot aisle.

Question 5 of 15

A systems administrator is deploying a new physical server that will function as a web server in the perimeter network (DMZ). The administrator manually configures the network interface with the following settings:

  • IP Address: 10.100.100.50
  • Subnet Mask: 255.255.255.0
  • DNS Server: 8.8.8.8

The administrator confirms that the server can successfully communicate with other servers on the same 10.100.100.0/24 subnet. However, the server is unable to reach the internet to download necessary software updates. Which of the following configuration changes is MOST likely to resolve this issue?

  • Change the IP address, as it is an invalid APIPA address.

  • Assign the primary DNS server address to the internal corporate DNS.

  • Change the subnet mask to 255.255.0.0.

  • Configure the default gateway address.

Question 6 of 15

While investigating why an Internet-facing Linux web server is accepting unexpected connections, you need to quickly determine which TCP ports on the host are reachable from the DMZ and identify the application protocol running on each open port. Intrusive vulnerability or brute-force scripts must be avoided, but speed is more important than stealth. Which Nmap command best meets these requirements?

  • nmap -sU -sC 203.0.113.25

  • nmap -O -sS 203.0.113.25

  • nmap -sV -T4 203.0.113.25

  • nmap -Pn -p- 203.0.113.25

Question 7 of 15

While troubleshooting why a Windows Server 2022 member server cannot open files stored at \FS01\Profiles, you verify that DNS resolution and basic connectivity succeed. You suspect that an outdated persistent mapping-cached with incorrect credentials-is blocking access. Which single Command Prompt command lets you view the current mapping and remove it so that a fresh connection can be created?

  • mountvol \FS01\Profiles /D

  • netstat -a | find "\FS01\Profiles"

  • diskpart remove volume \FS01\Profiles

  • net use \FS01\Profiles /delete

Question 8 of 15

A data-center VLAN is numbered with the global unicast prefix 2001:db8:22:10::/64. The router's interface on that VLAN is configured as the default gateway 2001:db8:22:10::1/64. You are manually assigning a static IPv6 address to a new application server on this subnet. Which of the following addresses is valid for the server and follows common addressing conventions?

  • fe80::25/64

  • 2001:db8:22:10::1/64

  • 2001:db8:22::25/64

  • 2001:db8:22:10::25/64

Question 9 of 15

A system administrator is investigating reports of data corruption on a critical database server. The corruption manifests as subtle, incorrect characters in various database records and does not align with specific user actions or application functions. While storage diagnostics show no disk failures, the server's management logs indicate numerous single-bit memory errors were corrected over the past month, but these corrections are no longer being reported. Which of the following is the MOST likely cause of this data corruption?

  • Failing ECC memory

  • Filesystem journaling errors

  • A zero-day exploit in the database application

  • Silent data corruption (bit rot) on the storage array

Question 10 of 15

During a data-center deployment you must write a Bash script that blocks further configuration steps until the HTTPS listener on the same host is accepting connections. The script will run nc -z localhost 443 every five seconds to test the port. Which basic loop construct lets the script automatically keep retrying as long as the command returns a non-zero exit status and then exit the loop immediately when the command succeeds, without extra negation or break statements?

  • An until loop that surrounds the test command.

  • A while loop that surrounds the test command.

  • A case statement that evaluates the test command's exit status.

  • A for loop that iterates over a fixed sequence of retry counts.

Question 11 of 15

During a remote-branch deployment, a systems administrator wants to boot a lightweight hypervisor from the server's internal dual Secure Digital (IDSDM) module so that every front-bay SSD can be reserved for production data. Two identical 32 GB microSD cards will be configured in a mirrored pair. Which primary limitation of Secure Digital media must the administrator take into account before approving this design?

  • The SD module requires a dedicated PCIe RAID card, consuming a scarce expansion slot.

  • An IDSDM cannot mirror two cards; it only supports single-disk (JBOD) mode.

  • SD flash has relatively low write-endurance, so frequent writes can wear the cards out quickly.

  • SD cards draw more than 15 W at peak, so they need a high-current PDU outlet.

Question 12 of 15

A systems administrator is tasked with applying the latest monthly OS security patches to a critical production server. This server hosts a proprietary financial application from a third-party vendor. The vendor has not yet certified the new OS patches and has stated that their support agreement is only valid for certified configurations. The administrator's primary goals are to maintain security compliance by patching and ensure the application remains stable. Which of the following is the most appropriate next action?

  • Deploy the patches to a staging server that mirrors the production environment to test for application compatibility.

  • Withhold the patches from the production server until the vendor officially certifies them.

  • Apply the patches to the production server during the next scheduled maintenance window.

  • Request emergency certification of the patches from the application vendor before deployment.

Question 13 of 15

A systems administrator is alerted that a critical Linux application server is running low on disk space on the root partition. Upon investigation, the administrator finds that a single log file, /var/log/app/application.log, has grown to over 100 GB. The administrator needs to implement a long-term, automated solution to prevent this from recurring while preserving recent log data for troubleshooting. Which of the following is the MOST effective solution?

  • Configure a log rotation utility to schedule the regular archiving and compression of the log file.

  • Write a cron job that runs a script nightly to delete the application.log file.

  • Modify the application's configuration to send all log output to /dev/null.

  • Provision a larger disk for the server and move the /var/log directory to the new partition.

Question 14 of 15

A server administrator has implemented several security measures on a new Linux server. A strong UEFI password is in place, and the boot order is locked to the internal drives only. Despite these precautions, the administrator is concerned that an attacker with physical console access could still interrupt the boot process to access a recovery shell and reset the root password. Which of the following security controls would specifically mitigate this risk?

  • Configure a GRUB password.

  • Enable full disk encryption.

  • Implement a chassis intrusion alert in the BIOS.

  • Set up a host-based intrusion detection system (HIDS).

Question 15 of 15

A Linux application server was recently configured with a host-based intrusion detection system (OSSEC/Wazuh). Since the change, nightly SCP backup jobs from three designated backup servers fail intermittently with a Connection timed out message. A review of the IDS logs on app01 shows repeated alerts such as:

** Alert 123456789.1234: - syslog,authentication_failed
2025-08-25 02:15:23 (app01) 192.168.50.10->sshd
Rule: 5716 (level 5) - "SSHD scan"
Src IP: 10.20.30.40

Immediately after each alert, active-responses.log records:

/var/ossec/active-response/bin/firewall-drop.sh add - 10.20.30.40 5716

The address 10.20.30.40 is one of the backup servers and uses SSH multiplexing to open many short-lived SCP sessions in parallel. The IDS active-response configuration currently contains:

<active-response>
  <command>firewall-drop</command>
  <location>local</location>
  <rules_id>5712,5716</rules_id>
  <timeout>900</timeout>
</active-response>

Which IDS configuration change will BEST allow the legitimate backup traffic to complete while still blocking real brute-force attacks?

  • Add each backup server's IP address to the IDS <white_list> or <allow_list> directive so Active Response never blocks them.

  • Reduce the Active Response timeout value from 900 seconds to 60 seconds.

  • Disable rule IDs 5712 and 5716 in the IDS ruleset.

  • Increase the Linux MaxSessions directive in /etc/ssh/sshd_config from 10 to 50.