CompTIA Linux+ Practice Test (XK0-005)

The lsattr command is used to list the attributes of files. When looking for immutable files, the administrator should scan for the 'i' attribute in the command output. This attribute indicates that a file cannot be modified, deleted, or renamed, no links can be created to it, and no data can be written to the file. The chattr command is used for changing attributes, not listing them. The -a option for lsattr lists all files, but the 'a' attribute flag denotes 'append-only'. The lsattr command does not have a -l option for detailed output.

The systemctl set-default multi-user.target command updates the default target, adjusting the /etc/systemd/system/default.target symlink to point to multi-user.target, which provides a text-based login. Using systemctl isolate only switches targets for the current session and doesn’t persist across reboots. Creating a symlink to getty.target instead of the default target is incorrect since default.target controls the boot target. Editing /etc/inittab has no effect under systemd.

The cat /proc/mdstat command is the correct option because it provides the current status of all active software RAID arrays, including information on individual disks and their state within each array. The mdadm --detail command also gives detailed information, but it needs to be followed by a specific device name (e.g., mdadm --detail /dev/md0), and therefore it is not as comprehensive for displaying all active arrays at once. The fdisk -l command lists all partition tables, which is not specific to active RAID arrays. The lsblk command lists block devices, which includes RAID arrays, but does not provide detailed RAID status.

Having insufficient memory available for buffer/cache can lead to high I/O wait times because the system has to commit to disk I/O more frequently than if it had enough memory to cache operations. This leads to higher wait times as processes are queued while the I/O bottleneck is resolved. Optimizing memory usage or adding more memory can help reduce I/O wait times. A failing hard drive or misconfigured I/O scheduler may also cause increased I/O wait, but these options are less likely if disk activity is not high and the hardware was previously functioning correctly.

The chosen file is sourced by all Bourne-compatible (sh, bash, ksh) login shells. It applies system-wide environment settings before any user-specific scripts. The other files are either not processed at login by those shells, apply only to interactive or non-login sessions, or reside in a user’s skeleton directory and affect only new accounts.

The correct answer is rsync -a /local/directory user@remote:/backup/directory because the -a (archive) flag is used to preserve permissions, timestamps, ownership, and to ensure recursive copying — while also optimizing by transferring only the differences from the last sync. The --dry-run flag would only simulate the transfer without actually copying files, --update will skip files newer on the receiver without considering other changes, and --in-place could potentially reduce transfer efficiency as it updates destination files in place - useful for large, single files but not necessarily for directory syncs with minimal changes.

The ssh-copy-id user@server command is the standard, most secure, and efficient method for deploying a public key. This utility automatically handles creating the ~/.ssh directory and the authorized_keys file on the remote server if they do not exist, appends the key, and, most importantly, sets the correct restrictive file permissions (e.g., 700 for the directory, 600 for the file). While using scp to copy the key followed by appending it is a functional manual method, it is more error-prone as it does not automatically enforce correct permissions, which can lead to security vulnerabilities or authentication failures. Transferring the private key is a severe security violation. Editing /etc/ssh/sshd_config is incorrect for adding a user's public key.

The correct answer is pwd, which stands for 'print working directory'. This command is used to output the full pathname of the current working directory, providing users with their exact location in the filesystem hierarchy. This information is especially important when performing operations that are sensitive to the current directory context, such as deploying applications, running scripts, or managing files. While echo $PWD often produces the same output, it reads from the $PWD environment variable, which may not always be accurate and is not the primary command for this task. The cd command is used to change directories, not display the current one. The ls -d . command lists the current directory entry itself as '.', not its full path.

Using a single at-sign (@) before the destination tells rsyslog to send the selected messages over UDP. The selector . matches every facility and every priority, so the line . @192.168.150.50 forwards all logs to that host on the default UDP port 514. A double at-sign (@@) would switch the transport to TCP, while > is shell redirection and # begins a comment, so those lines would not achieve the stated goal.

In the /etc/passwd file, it is common for system accounts to not have a corresponding /home directory because these accounts are not meant for regular user logins and do not require personal storage space. They're typically used for running specific services or tasks. Standard user accounts should normally be configured with a home directory. The presence of nologin as the shell is an additional confirmation that the account is not intended for interactive login, but it is not a direct indicator of the absence of the home directory. Accounts with shells set to /usr/sbin/nologin or /bin/false can still have home directories configured for storing service data, even though they don't provide shell access. The other answers include misconceptions, as an expired password or incorrect group assignments would not cause an account to lack a home directory; these issues would affect the ability to login or permissions, respectively.

The '-A' option in Nmap enables aggressive scanning, which combines OS detection, version detection, script scanning, and traceroute. This thorough scanning option is informative for deep network analysis. The '-sn' option is for ping scanning (host discovery), '-p-' scans all 65535 ports, and '-o' is an invalid option as it lacks the specifics for output files like '-oN' or '-oX'.

Multifactor authentication (MFA) requires users to provide two or more verification factors to gain access to a resource such as applications, online accounts, or VPNs, making it significantly more secure than single-factor authentication methods. Tokens and Pluggable Authentication Modules (PAM) are forms of single-factor authentication methods, whereas System Security Services Daemon (SSSD) is an authentication broker but does not inherently indicate a requirement for multiple forms of identification.

The correct answer is tar -czvf log_backup.tar.gz /var/log because the options -c create a new archive, -z filter the archive through gzip for compression, -v produce verbose output, showing all processed files, and -f specify the filename of the archive. The incorrect options either do not specify gzip compression, which is required to produce a .gz file, or use options that perform actions other than creating an archive, such as extracting files or listing the contents of an archive.

The correct answer is tune2fs -c 1 /dev/sda1 because the command sets the maximum mount count (-c) to 1 for the filesystem on /dev/sda1, ensuring that fsck will be run the next time the filesystem is mounted. This is typically during the boot process. The option -C 0 sets the current mount count to 0, which is incorrect in this context because it does not schedule a check on the next boot. The -i flag is used for setting the interval between checks based on time, not on the number of mounts. The e2fsck -p /dev/sda1 executes a filesystem check, but does not schedule it for the next boot.

The correct answer is After=mysqld.service because the After= directive ensures that the custom service starts only after the MySQL service (mysqld.service) is active. The Wants= directive is used to start units together but does not dictate order, and BindTo= and BindsTo= are incorrect because there is no systemd directive called BindTo=, and BindsTo= creates a stronger dependency than required for start-up order – it's used to bind the start/stop of units together.

Modern SSD controllers contain many internal NAND channels that can be accessed in parallel. Generating multiple outstanding I/O requests (for example, by running several threads or processes or by increasing the I/O queue depth) allows the drive to keep these channels busy and reach its rated bandwidth and IOPS. Running a single synchronous thread typically issues only one request at a time, leaving most of the drive's internal resources idle, so throughput is lower. While filesystem alignment and scheduler choice can influence latency and consistency, they do not eliminate the need for concurrent I/O to reach peak performance, and modern SSDs do benefit from host-side queuing.

The correct command is pkexec network-configuration-tool. The pkexec wrapper hands the request to PolicyKit, which evaluates the defined policies and, if necessary, invokes the desktop's polkit authentication agent to display a GUI password dialog. Running sudo network-configuration-tool would bypass PolicyKit and only present a terminal prompt. polkit network-configuration-tool is invalid because polkit is the privilege framework, not a launcher. pexec is an unrelated parallel-execution utility and provides no privilege-escalation or PolicyKit integration.

The loop in option 1 uses the command true, which always exits with status 0 (success). Because the while condition evaluates to success on every iteration, the body executes indefinitely, resulting in an infinite loop.

Option 2 will terminate if the file /tmp/stop is removed, option 3 ends when it reaches end-of-file on /etc/passwd, and option 4 never runs because the condition false immediately returns a non-zero status.

Use chronyc tracking to view key synchronization metrics such as current system time offset, last offset, frequency, root delay, and dispersion. These values show whether the local clock is in sync and how well it is being disciplined.

• chronyc sources lists each configured or discovered time source and its reachability, but it does not summarize the overall state of the local clock.
• chronyc sourcestats reports statistical data (frequency drift, standard deviation, etc.) for each source, which is useful for trend analysis rather than a quick status check.
• chronyc add server <address> (shown here without parameters) adds a new NTP server dynamically; it does not display synchronization status.

Therefore, chronyc tracking is the appropriate command for quickly confirming the server's current synchronization status and performance.

A stateful firewall has the capability to monitor the entire state of active connections, and thus can make decisions based on the context of the traffic (such as the state of the connection), rather than relying solely on predetermined rules. This allows it to permit or deny traffic based on the history of the connection, which is not something that stateless firewalls can do. Stateless firewalls can only permit or deny traffic based on static rules and do not have the ability to retain connection state information. Dynamic rule creation is not a feature directly associated with being stateful; while a stateful firewall could potentially create rules dynamically, it's the state tracking that defines it. Nor do performance considerations determine whether a firewall is stateful or stateless.