Free CompTIA Linux+ XK0-005 Practice Test

The correct answer is rsync -a /local/directory user@remote:/backup/directory because the -a (archive) flag is used to preserve permissions, timestamps, ownership, and to ensure recursive copying — while also optimizing by transferring only the differences from the last sync. The --dry-run flag would only simulate the transfer without actually copying files, --update will skip files newer on the receiver without considering other changes, and --in-place could potentially reduce transfer efficiency as it updates destination files in place - useful for large, single files but not necessarily for directory syncs with minimal changes.

The 'lspci' command lists all PCI devices on the system, including network cards, regardless of whether the kernel has appropriate drivers for them. This makes it the correct tool to check if the hardware is recognized at the PCI level. 'lsusb' is incorrect because it lists USB devices, not PCI devices. 'dmesg | grep -i network' could show kernel messages about network cards, but it would not necessarily list all PCI devices. 'lsmod' is used to display the kernel modules currently loaded, which is useful for driver information but not for listing hardware.

The discrepancy between 'df' and 'du' along with the inability to create new files, despite apparent available disk space, points to inode exhaustion. 'df' reports total disk space including used inodes, while 'du' reports actual file data usage. Inode exhaustion occurs when all the available inodes are in use; new files cannot be created even if physical space is available. A corrupted filesystem would also prevent new files from being created, but wouldn't normally cause the discrepancies between 'df' and 'du' focused on inodes. A full '/tmp' directory would cause issues with file creation but is more likely to be related to space, not inodes, and rogue processes consuming disk space would not directly prevent new file creation if inodes were still available.

SELinux System booleans are toggle switches that can enable or disable certain security features within SELinux. They are used to adjust the security policy without requiring policy recompilation or relabeling, which makes them a powerful tool for system administrators when customizing the behavior of SELinux. The correct answer explains this concept accurately, whereas the other options relate to different aspects of SELinux or Linux security and do not describe System booleans.

The correct answer is nmap -sS -g 53 --exclude-ports 22 10.0.0.12. The -sS flag specifies a SYN scan, which is considered stealthier than a connect scan. The -g 53 option sets the source port to 53, which may help in evading certain IDS configurations as it makes the scan look like DNS traffic. The --exclude-ports 22 option ensures that port 22 is not scanned. The other answers either do not correctly form the combination or are not the proper usage of Nmap flags, making them incorrect for the required stealthy scan excluding port 22.

The 'resolvectl' command is used to query and change the system resolver settings, typically provided by the systemd-resolved service. It effectively allows users to manage DNS settings, such as querying DNS records or changing the DNS server used by the system. Answer A is correct because it directly pertains to managing DNS resolution on the system, which is the primary role of 'resolvectl'. Answer B is incorrect because 'resolvectl' does not manage the enabling or disabling of network interfaces; 'ip' or 'ifconfig' would be used for that. Answer C is incorrect because 'resolvectl' does not provide the functionality to monitor network traffic, which would be accomplished with tools like 'tcpdump' or 'wireshark'. Answer D is incorrect as it describes a function of 'networkmanager' or 'nmcli', not 'resolvectl'.

To diagnose domain name resolution issues, running dig +trace example.com or nslookup example.com can provide detailed information about the entire process of resolving a domain name, from the root servers down to the authoritative name servers. Comparing this output with known good output can reveal any discrepancies or failures in the resolution process. If dig +trace or nslookup provides the correct information, this indicates that the issue is intermittent or specific to the server's resolver configuration rather than a problem with the DNS server itself. Modifying /etc/resolv.conf would not fully diagnose the problem, as it could be a configuration issue, and checking for a high number of outgoing DNS queries or pinging the domain would not yield detailed resolution process information. Therefore, using dig (with the +trace option) or nslookup is the best initial step for diagnosis.

The correct answer is 'Bridge' because the bridge network driver provides a private network internal to the host machine, allowing containers connected to the same bridge network to communicate with each other while isolating them from other containers not connected to the bridge. The default bridge network does not provide isolation between containers, which is why it is necessary to create a user-defined bridge network for this scenario. The 'Overlay' network driver is used for networking between multiple Docker hosts, which is not the requirement here. The 'Host' mode removes network isolation and uses the host's networking directly, which does not meet the requirement for network isolation. 'Host' mode also would not use NAT because the containers would share the network with the host. Therefore, the 'Host' network driver is not suitable for this scenario.

The command iptables -n -v -L displays the current rule set with packet and byte counters and does not resolve names, which can slow down the output if there are lots of network traffic and active rules. This is commonly used to get a precise and quick overview of the rules that are counting traffic on a Linux server. iptables -L -v also lists the active rules with verbose output, but without the -n option, it may attempt to resolve names, which can be less efficient in some scenarios. iptables -S lists the active rules in a format that can be used as input to restore the table, but it does not include packet and byte counts. The iptables -t nat -L command specifically checks only the rules in the 'nat' table, which is not what the question asked for.

The addition of an extra disk into a RAID 5 array increases the complexity of the parity computation for every write operation. Since RAID 5 needs to update the parity information across the drives for data protection, it inherently suffers from write penalties. This can become more pronounced as the array extends, due to the added overhead of handling the parity calculations across an additional disk. The SATA protocol for connecting disks to the controller is not specified in the question, and while degraded cables or faulty hardware could cause slowdowns, they don't directly relate to the expansion of the array, thus are less likely the primary cause of the issue.

To permanently mount a filesystem at boot in Linux, an entry must be added to the /etc/fstab file. The mount command only mounts filesystems temporarily until the next reboot.

In this scenario, the best course of action is to replace the current I/O scheduler with one that is optimized for the particular workload characteristics (e.g. CFQ, Deadline, NOOP). The I/O scheduler is responsible for ordering disk access to improve performance. Some schedulers are better suited for certain workloads than others, and so choosing the correct one can potentially reduce I/O wait times and thus lower latency.

The correct answer is grep -c 'refused' /var/log/auth.log because the -c option in the grep command provides a count of matching lines that contain the pattern specified. In this scenario, it counts the number of lines that have the word 'refused', giving an indication of the number of failed SSH login attempts logged in the 'auth.log' file. The options that include piping with the wc -l command are incorrect because when used with grep's -c option, they are redundant and unnecessarily complicate the command. The option that includes -v is incorrect because this inverts the match and would count all lines that do not contain the word 'refused'.

The correct answer is noexec. This mount option prevents execution of any binaries on the mounted filesystem to increase security. If scripts need to be executed from this mount point, the noexec option should not be used. The nosuid option prevents the setuid bit from taking effect, which is not directly related to the ability to execute scripts, but rather affects whether users can gain elevated privileges via setuid binaries. The options nodev and sync are related to device node handling and write synchronization respectively, and do not impact script execution. Therefore, noexec is the specific mount option that should be reviewed to resolve the given issue.

The command iptables -L -v -n is the correct answer as it displays all the active rules in all chains with verbose output and does not resolve hostnames (due to the -n flag), which can be helpful in speeding up the process. It is more comprehensive compared to just listing the rules without additional verbosity, the numeric option preserves exact network addresses and port numbers, and the combination of these flags gives the admin a detailed perspective on the rules. iptables -S simply lists the rules in a format that can be reused as input to the firewall, and the --state flag is not a valid iptables option, leading to a command error. firewall-cmd --list-all only works with systems using firewalld and is therefore not guaranteed to work on all Linux distributions.