Memory leaks occur when a program mismanages memory allocations, by not releasing memory that is no longer needed, causing a progressive loss of available memory. Over time, this can lead to memory exhaustion, where no additional memory is available for use, potentially causing system slowdowns or crashes. While leaks may increase CPU or disk usage indirectly due to increased swapping or garbage collection, memory exhaustion is a direct consequence.

The correct answer is 'read -p "Enter the file name: " file; IFS= read -r line < "$file"' because the '-p' option allows the script to prompt the user with a message and read input into the 'file' variable. Then, 'IFS= read -r line < "$file"' is used to read the first line from the file specified by the user into the variable 'line'; 'IFS=' prevents leading/trailing whitespace from being trimmed, and '-r' prevents backslashes from being interpreted as escape characters. The '< "$file"' syntax redirects the contents of the file into the read command. Options B and C are incorrect because they attempt to use 'cat', which is unnecessary and will not properly assign the first line to the variable 'line'. Option D is incorrect because '<<<' is not the correct way to redirect file content to 'read'.

The correct answer is ssh -X user@hostname as it enables X11 forwarding securely, allowing the graphical output of the remote application to be displayed on the local machine. The -Y option is less secure than -X and should be used with caution as it provides trusted X11 forwarding, which can expose the local system to possible X11 security risks. The -x option disables X11 forwarding and is incorrect. Lastly, the -C option compresses data during the session, which might be useful in low-bandwidth scenarios but does not address the requirement for X11 forwarding and GUI display. Therefore, while -C combined with -X could be used together, -C alone is not correct for the scenario described.

The 'rw' option is used to mount a filesystem with both read and write permissions. If a filesystem is unintentionally mounted as read-only, ensuring that the 'rw' option is set during the mount process will resolve the issue, allowing users to perform write operations once more. Other options, such as 'ro', 'sync', and 'user', have specific uses: 'ro' mounts the filesystem as read-only, 'sync' ensures that input/output operations are done synchronously, and 'user' allows an ordinary user to mount the filesystem without requiring superuser privileges. However, these do not address the problem described.

A process with a 'Z' status code is known as a zombie process. Zombie processes cannot be interacted with or killed using the kill command because they are already terminated and are only awaiting the parent process to read their exit status. The resources are held by the OS to allow the parent process to check the child's exit status. Only the parent process finishing or reading the exit status can remove the zombie from the process table.

The command docker pull ubuntu retrieves the latest version of the Ubuntu image from the default Docker hub registry. docker pull ubuntu is the correct command because it specifies only the image name, which defaults to pulling the 'latest' tag if no other version is specified. pull ubuntu is incorrect because it is missing the docker command. docker push ubuntu is incorrect because it is using push which is for uploading images, not downloading them. docker rmi ubuntu is incorrect because rmi is used to remove images, not to pull them.

The sed utility, short for stream editor, is designed to filter and transform text. It is used on the command line and within scripts for pattern matching and substitution, making it an ideal tool for search and replace operations within files without the need for writing complex scripts or programs. The other choices do not match the specific utility that directly performs search and replace operations on a file.

The correct answer is enable. The systemctl enable command is used to create a set of symlinks, so the specified unit is started automatically during the boot process. start only initiates the service immediately but does not configure it to start on boot. status provides the current status of the unit and does not modify its startup behavior. reload is used to re-read the configuration of a service without interrupting its operation.

The correct answer is tune2fs -c 1 /dev/sda1 because the command sets the maximum mount count (-c) to 1 for the filesystem on /dev/sda1, ensuring that fsck will be run the next time the filesystem is mounted. This is typically during the boot process. The option -C 0 sets the current mount count to 0, which is incorrect in this context because it does not schedule a check on the next boot. The -i flag is used for setting the interval between checks based on time, not on the number of mounts. The e2fsck -p /dev/sda1 executes a filesystem check, but does not schedule it for the next boot.

The correct answer is grep -c 'refused' /var/log/auth.log because the -c option in the grep command provides a count of matching lines that contain the pattern specified. In this scenario, it counts the number of lines that have the word 'refused', giving an indication of the number of failed SSH login attempts logged in the 'auth.log' file. The options that include piping with the wc -l command are incorrect because when used with grep's -c option, they are redundant and unnecessarily complicate the command. The option that includes -v is incorrect because this inverts the match and would count all lines that do not contain the word 'refused'.

The correct answer is chattr +i /path/to/file. The chattr command changes the file attributes on a Linux file system. The +i attribute makes a file immutable, which means that the file can neither be modified nor deleted, and new links cannot be created to it. This is an advanced method for securing files that are not commonly modified but are critical to system security. The incorrect options either do not directly apply to the prevention of hard link creation, use an incorrect attribute, or are unrelated to file attributes.

The sed command is used to perform basic text transformations. In the example provided, 's/quick/slow/' is a substitute command that tells sed to replace the first occurrence of the pattern 'quick' with the replacement 'slow'. The result is the output of the initial string with the word 'quick' replaced by 'slow'.

The correct answer is 'du -h /home/* > disk_report.txt' because the '>' operator will redirect the output of the 'du' command to 'disk_report.txt', overwriting its contents every time the command is run, thus only saving the latest disk usage report in the file.

The 'du -h /home/* >> disk_report.txt' is incorrect because using the '>>' operator would append to the file rather than overwriting it, leading to accumulation of data over time rather than maintaining a single report.

The 'du -h /home/* < disk_report.txt' is incorrect because the '<' operator is used for input redirection, which is not what is needed when intending to write to a file.

Lastly, 'du -h /home/* &> disk_report.txt' is incorrect as '&>' redirects both standard output and standard error to a file, which could include error messages in the report unnecessarily.

The correct answer is nmap <target> because Nmap is a network scanning tool, and the most basic usage involves executing nmap followed by the specification of the target, which can be an IP address or hostname. This command will initiate a simple scan to find open ports on the target. Other options like -A and -sV add extra functionality, such as OS detection and service version detection, which is not required for a basic port scan. The --top-ports option specifies that only a certain number of the most common ports should be scanned, not all ports, which would be the default for a basic scan without additional arguments.

The correct answer is tar -czvf system_logs.tar.gz /var/log. The -c option tells tar to create a new archive, -z instructs tar to compress the archive with gzip, -v enables verbose output, displaying files added to the archive, and -f specifies the filename of the archive. The incorrect options either omit compression with gzip by not using -z, use the r option inappropriately (which is used for appending files to an already existing archive), or incorrectly specify the output archive name without the -f option which is necessary for naming the archive file.