CompTIA Linux+ Practice Test (XK0-005)
Use the form below to configure your CompTIA Linux+ Practice Test (XK0-005). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.
CompTIA Linux+ XK0-005 (v7) Information
CompTIA Linux+ (XK0-005) Exam
The CompTIA Linux+ (XK0-005) certification is designed for IT professionals who work with Linux systems. It validates skills in system administration, security, scripting, and troubleshooting. This certification is vendor-neutral, covering multiple distributions such as Ubuntu, CentOS, and Red Hat.
Exam Overview
The XK0-005 exam consists of a maximum of 90 questions, including multiple-choice and performance-based questions. Candidates have 90 minutes to complete the test. The exam costs $358 USD. A passing score is 720 on a scale of 100 to 900. The certification is valid for three years and can be renewed through CompTIA’s continuing education program.
Exam Content
The XK0-005 exam focuses on five main domains: system management, security, scripting and automation, troubleshooting, and Linux fundamentals. System management includes package management, system monitoring, and user administration. Security covers permissions, authentication, and encryption. Scripting and automation focus on Bash scripting and task automation. Troubleshooting tests problem-solving skills for system failures and performance issues. Linux fundamentals include file system hierarchy, networking, and command-line operations.
Who Should Take This Exam?
The CompTIA Linux+ certification is ideal for system administrators, Linux support technicians, and DevOps professionals. It is recommended for individuals with at least one year of Linux experience. This certification is beneficial for IT professionals working with servers, cloud infrastructure, and cybersecurity.
How to Prepare
Candidates should review the official CompTIA Linux+ Exam Objectives and study materials provided by CompTIA. Hands-on experience with Linux systems is essential. Practice exams can help assess readiness and identify weak areas. Using Linux in a lab or virtual environment can provide practical experience with commands, system configuration, and troubleshooting.
Summary
The CompTIA Linux+ (XK0-005) certification is a valuable credential for IT professionals working with Linux systems. It validates essential skills in system administration, security, and automation. This certification is ideal for those managing Linux-based environments in IT infrastructure, cybersecurity, and cloud computing.
Free CompTIA Linux+ XK0-005 (v7) Practice Test
- 20 Questions
- Unlimited
- System ManagementSecurityScripting, Containers, and AutomationTroubleshooting
Free Preview
This test is a free preview, no account required.
Subscribe to unlock all content, keep track of your scores, and access AI features!
A Linux administrator is compiling a software package from its source code. Which of the following command sequences is the standard and correct order for this process?
makemake install./configuremake install./configuremake./configuremakemake install./configuremake installmake
Answer Description
The correct sequence for compiling software from source code is typically to first run the ./configure script to check system dependencies and create a Makefile. Next, the make command is used to compile the source code into binary files based on the Makefile's instructions. Finally, make install is executed, usually with root privileges, to copy the compiled binaries, libraries, and documentation to their appropriate locations in the filesystem. The other sequences are incorrect as they do not follow this standard workflow.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the `./configure` command do?
What is the purpose of the `make` command?
Why is `make install` necessary after running `make`?
In the process of deploying a new virtual machine that hosts an Apache web server, a Linux administrator has opened port 80 on the server's firewall and added the host record to DNS. From a workstation on a different subnet, the administrator now needs to verify two things: (1) that the web daemon is actually bound to TCP port 80 on the new server, and (2) that the port can be reached end-to-end across the network. The administrator prefers to perform both checks with a single command-line tool that requires no configuration changes on the remote host. Which command should be used?
netstat -tuln | grep ':80'
openssl s_client -connect remote_server_ip:80
dig remote_server_ip -p 80
nmap -p 80 remote_server_ip
Answer Description
The nmap command can test connectivity to a specific TCP port on a remote host and report whether that port is open. By specifying the -p option with 80 (the default HTTP port) and the target's IP address, nmap sends the necessary probe packets and interprets the response, confirming both that the service is listening and that the port is reachable. openssl s_client focuses on initiating an SSL/TLS handshake; when pointed at an unencrypted HTTP port it typically hangs or errors, so it is not ideal for simple port-reachability tests. netstat displays sockets on the local system only and cannot interrogate a remote host. dig is used for DNS lookups, not for checking open ports.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the -p option in nmap do?
Why can't openssl s_client be used to test HTTP ports?
How does nmap confirm if a port is reachable?
When configuring a systemd service unit file, which Type setting will only consider the service started after the process finishes initializing and explicitly signals that it is ready to accept connections or tasks?
forking
simple
dbus
notify
Answer Description
Type=notify is used for daemons that call sd_notify() to send a READY=1 message to the systemd notification socket. Systemd will not mark the service active, nor start units that depend on it, until this message is received. Type=simple is considered active immediately after the main process is forked (or execed in the case of Type=exec). Type=forking assumes the service is ready once the parent process exits. Type=dbus waits until the specified D-Bus name is acquired. Only notify relies on an explicit ready signal from the service itself.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is sd_notify() and how does it work?
How does Type=forking differ from Type=notify in systemd?
When should I use Type=simple in a systemd unit file?
A system administrator is provisioning a new server and creating user accounts for the development team. One of the new developers, 'mchavez', will need a dedicated space to store source code, personal scripts, and user-specific application configuration files. According to the Filesystem Hierarchy Standard (FHS), which of the following directories should be the default location for this user's data?
/boot
/tmp
/etc
/home
Answer Description
According to the Filesystem Hierarchy Standard (FHS), the /home directory is the designated location for user-specific files and directories. When a new user account is created, a subdirectory (e.g., /home/mchavez) is typically generated to serve as that user's personal workspace. The /boot directory contains files essential for the system's boot process. The /etc directory holds system-wide configuration files, not user-specific data. The /tmp directory is intended for temporary files that may be deleted upon reboot.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why does each user have their own directory within '/home'?
How are permissions set for directories under '/home'?
What happens to a user’s '/home' directory when the user is deleted?
You are logged in to a Linux server running Docker Engine 24.x. To obtain a concise table showing only the containers that are currently running-excluding any that are stopped-using the original shorthand form of the Docker CLI, which single command should you run?
docker container ls -a
docker ps -a
docker inspect $(docker ps -q)
docker ps
Answer Description
The legacy shorthand command docker ps lists only containers that are currently running. Adding the -a (or --all) option would include stopped containers, while the docker container ls command is a newer subcommand alias but is not the requested shorthand form. docker container ls -a lists all containers, and the pipeline using docker inspect gathers details for each listed ID rather than displaying the running containers directly.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Docker container?
What does the `docker ps -a` command do?
How is the `docker inspect` command different from `docker ps`?
A directory at /data/shared currently has permissions set to 0777, allowing all users full access. You need to keep read, write, and execute rights for everyone but ensure that only file owners can remove or rename their own files. Which command achieves this goal?
chmod 0777 /data/shared
chmod 6777 /data/shared
chmod 1777 /data/shared
chmod 2777 /data/shared
Answer Description
The numeric mode prefix 1 applies the sticky bit. Mode 1777 grants read, write, and execute access to the owner, group, and others while restricting file deletion and renaming within the directory to the file's owner. Prefix 2 sets the setgid bit (group ID), prefix 6 sets both the setuid and setgid bits, and prefix 0 leaves no special bits, so other users could remove files they don't own.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the sticky bit in Linux?
What is the difference between setuid, setgid, and the sticky bit?
Why is `chmod 1777` preferred for shared directories like /data/shared?
A script needs to create a temporary file in the directory from which it is executed. The script will be called by users from various locations, so hardcoding an absolute path is not feasible. To ensure the script can reliably determine its current working directory, which of the following lines would correctly assign the absolute path of the current directory to the EXEC_DIR variable?
EXEC_DIR=$(dirname $0)EXEC_DIR=$(pwd)EXEC_DIR=$(which $0)EXEC_DIR=$CWD
Answer Description
The pwd command (print working directory) returns the absolute path of the current directory. Capturing its output with command substitution $(pwd) is the standard and most reliable method for this task. The distractor dirname $0 would return the directory containing the script file itself, which is not necessarily the same as the directory it was executed from. which $0 is not a valid use of which, as which locates a command in the user's PATH, it does not operate on script paths this way. The correct shell variable for the current working directory is PWD, not CWD, making EXEC_DIR=$CWD incorrect.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does `pwd` stand for and why is it used?
What is the difference between an absolute path and a relative path?
How does `dirname $(pwd)` differ from just `pwd`?
A systems administrator needs to download a critical security patch from a vendor's website. The download link is http://vendor.com/downloads/patch.cgi?id=9a4f2, which saves the file with a non-descriptive name. To maintain clarity in the local /tmp/patches directory, the administrator wants to save the file as vendor_patch_2025-10-07.tar.gz directly during the download. Which of the following commands will achieve this?
wget --download-as /tmp/patches/vendor_patch_2025-10-07.tar.gz http://vendor.com/downloads/patch.cgi?id=9a4f2
wget --save-as /tmp/patches/vendor_patch_2025-10-07.tar.gz http://vendor.com/downloads/patch.cgi?id=9a4f2
wget -O /tmp/patches/vendor_patch_2025-10-07.tar.gz http://vendor.com/downloads/patch.cgi?id=9a4f2
wget --output-file=/tmp/patches/vendor_patch_2025-10-07.tar.gz http://vendor.com/downloads/patch.cgi?id=9a4f2
Answer Description
The correct command uses the wget -O option. The -O (short for --output-document) flag writes the downloaded content to a specified file. In this scenario, it saves the patch with the desired descriptive filename vendor_patch_2025-10-07.tar.gz instead of the original, non-descriptive name from the URL. The --output-file option is incorrect because it redirects log messages from wget to a file, rather than saving the downloaded content. The --save-as and --download-as options are not valid for the wget command.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of the wget command?
What does the -O option in wget do?
How does wget differ from curl when downloading files?
A system administrator needs to ensure that a recently installed kernel appears in the boot menu. The GRUB2 bootloader is used, and the administrator has copied the new kernel image to /boot. Which of the following commands should be executed to regenerate the GRUB2 configuration so that the new kernel will be listed at boot time?
update-grub
mkinitrd
grub2-mkconfig --refresh
grub2-mkconfig -o /boot/grub/grub.cfg
Answer Description
The correct answer is grub2-mkconfig -o /boot/grub/grub.cfg. When the grub2-mkconfig command is followed by -o (output) option, it directs the command to write the generated configuration to a specified file, which is typically /boot/grub/grub.cfg or /boot/grub2/grub.cfg depending on the distribution. Writing to any other location, as suggested in the incorrect answers, will not influence the boot process, and the command update-grub is a convenience script present in some systems, which essentially calls grub-mkconfig with the appropriate arguments.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is GRUB2 and why is it important?
Why is the grub2-mkconfig command necessary, and what does it do?
What is the difference between grub2-mkconfig and update-grub?
What would be the result of the following command: echo 'The quick brown fox' | sed 's/quick/slow/'?
Theslowbrownfox
The quick brown fox
The quick slow brown fox
The slow brown fox
Answer Description
The sed command is used to perform basic text transformations. In the example provided, 's/quick/slow/' is a substitute command that tells sed to replace the first occurrence of the pattern 'quick' with the replacement 'slow'. The result is the output of the initial string with the word 'quick' replaced by 'slow'.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why does `sed` only replace the first occurrence by default?
What does each part of the `s/quick/slow/` command mean?
Can `sed` be used to transform or edit multiple lines of text?
A system administrator is writing a shell script that periodically checks the disk space usage on a Linux server. To ensure that the output of the disk check does not flood the terminal or logs when running the script via a cron job, the administrator wants to discard the standard output. Which command redirection to /dev/null achieves this purpose?
df -h &> /dev/null
df -h > /dev/null
df -h 2> /dev/null
df -h | /dev/null
Answer Description
The correct answer is df -h > /dev/null. The > operator redirects the standard output (STDOUT) to the specified file, in this case, /dev/null. The /dev/null device is a special file that discards all data written to it, effectively silencing any output that would normally be sent to the terminal. Incorrect answers involve the use of 2> /dev/null which would only redirect standard error (STDERR) and &> /dev/null which is not as commonly used or may not be the intended operation since it redirects both STDOUT and STDERR.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of /dev/null in Linux?
What are the differences between >, 2>, and &> operators for redirection?
Why is &> /dev/null not recommended in this case?
An administrator needs to enable a fellow technician to access a remote Linux server for system management. Which of the following configurations will BEST ensure that the technician can connect securely without password authentication?
Provide the technician with the server password to use with SSH.
Modify the ~/.ssh/config file on the technician's machine to include the server's information.
Use ssh-keygen to create a key pair and ssh-copy-id to copy the public key to the server.
Instruct the technician to use ssh-add followed by the server's IP to access the server.
Answer Description
Generating an SSH key pair with ssh-keygen and then using ssh-copy-id to append the technician's public key to the server's ~/.ssh/authorized_keys file enables public-key authentication. The private key remains on the technician's workstation, and the SSH daemon grants access only after the technician proves possession of that key, eliminating the need to transmit or store a password on the server. Simply providing the server password continues to rely on weaker, brute-force-susceptible password authentication. Running ssh-add alone merely loads an existing private key into the local ssh-agent and does not install the key on the server. Editing ~/.ssh/config can set host aliases or specify an identity file, but it still requires the public key to be present in authorized_keys to permit passwordless login. Therefore, deploying the key pair with ssh-copy-id is the most secure and complete solution for password-free access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is `ssh-keygen`, and why is it important?
What does `ssh-copy-id` do, and how is it used?
Why is SSH key-based authentication considered more secure than password-based authentication?
A systems administrator is running a script in the foreground that will take a long time to complete. The administrator needs to check the status of another service but does not want to terminate the script. Which of the following keyboard shortcuts should be used to suspend the script's execution?
Ctrl+CCtrl+Zkill -9 <PID>bg
Answer Description
The Ctrl+Z keyboard shortcut sends the SIGTSTP (Terminal Stop) signal, which suspends the current foreground process. This allows the administrator to regain control of the shell. The suspended process can be resumed later in the foreground with fg or in the background with bg. Ctrl+C sends the SIGINT (Interrupt) signal, which typically terminates a process. The bg command is used to resume an already suspended process in the background. kill -9 <PID> sends the SIGKILL signal, which forcibly and non-gracefully terminates a process.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the SIGTSTP signal do?
How is SIGINT different from SIGTSTP?
What does the `bg` command do?
While containerizing an existing application, a DevOps engineer needs to guarantee that the application container and its accompanying logging sidecar always start, stop, and scale together on the same Kubernetes node, sharing an IP address and storage volumes. Which Kubernetes object should she define to meet this requirement?
A Deployment that manages desired replica counts for stateless microservices
A Pod that groups the containers and their shared resources
A Namespace that isolates resources and access controls within the cluster
A Service that exposes the containers on a stable virtual IP
Answer Description
The correct choice is a Pod. In Kubernetes, a Pod is the smallest deployable unit and can encapsulate one or more tightly coupled containers that share the same network namespace and any mounted volumes, ensuring they always run together. A Service only exposes a stable network endpoint, a Deployment maintains the desired replica count and updates for Pods, and a Namespace serves as a logical cluster partition for resource isolation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between a Pod and a container in Kubernetes?
Why do Pods typically share storage and network resources?
Can a Pod contain more than one container, and why might this be useful?
A Linux administrator is preparing to decommission a physical volume that is part of a volume group. Before migrating the data, the administrator must ensure that one of the logical volumes in the group, lv_data, is taken offline to prevent any I/O operations and accidental modifications. Which of the following commands will make the lv_data logical volume in the vg_corp volume group unavailable?
lvchange --alloc lock vg_corp/lv_datalvchange -pr vg_corp/lv_datalvchange -an vg_corp/lv_datalvextend --snapshot vg_corp/lv_data
Answer Description
To deactivate a logical volume and make it unavailable to the system, the lvchange -an (or lvchange --activate n) command is used. This prevents the kernel from recognizing the logical volume by removing its device mapper target, which stops all I/O. Making the volume read-only with the -pr option would prevent writes but would not take it offline. The --alloc lock option is not a valid parameter for the lvchange command, as 'lock' is not a defined allocation policy. The lvextend command is used for resizing logical volumes, not for changing their activation state.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a logical volume in Linux?
How does the '--alloc none' option specifically prevent changes to a logical volume?
What are physical extents in LVM?
In an effort to secure communication for an internal-facing web service, a system administrator has been tasked with implementing an encrypted connection protocol. External validation of the server's identity by outside entities is not a requirement due to the service being exclusively accessed within the organization. What is the most appropriate action for the administrator to undertake?
Create and configure a certificate signed by the server's private key.
Rely on secure shell protocols for encrypted web traffic, circumventing the need for certificates.
Obtain and install a certificate from a recognized certificate authority.
Operate the web service without encryption since it is internally accessed and does not need protection.
Answer Description
The correct action is to generate a self-signed certificate because it allows the administrator to implement encryption for the web service without involving an external certificate authority (CA). This method is suitable for environments where trust is established by other means, such as within an organization where all clients accessing the service are controlled and can be configured to trust the self-signed certificate. The use of a self-signed certificate enables encrypted connections and ensures data privacy on the internal network.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a self-signed certificate?
Why is a self-signed certificate suitable for internal services?
How does a certificate signed by a certificate authority differ from a self-signed certificate?
What is the state of a Linux process that has completed execution but still has an entry in the process table?
Sleeping
Stopped
Zombie
Running
Answer Description
A process that has completed execution but still has an entry in the process table is in the 'zombie' state. This occurs when a process has finished running, but its parent has not yet called wait() to read the child's exit status, leaving an entry in the process table as a 'zombie' that needs to be reaped. This is why the 'zombie' state is also sometimes referred to as a 'defunct' process. The other options are incorrect: 'running' is when a process is actively being executed; 'sleeping' is when a process is waiting for a resource or event; 'stopped' is when a process has been paused, typically by a signal, not when it has finished execution.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What happens if a zombie process is not reaped?
How can you identify zombie processes on a Linux system?
How can zombie processes be resolved if they persist?
A Linux administrator is testing a newly developed kernel module for a proprietary hardware device. The module file, special_pci_driver.ko, is located in a temporary development directory and has not yet been integrated into the system's standard module path or dependency database. The administrator needs to load this single module for an immediate, isolated functionality test, intentionally bypassing any dependency checks or automatic loading of related modules. Which command is designed for this direct and specific purpose?
modinfo
insmod
lsmod
modprobe
Answer Description
The insmod command is used to insert a kernel module directly from a specified file path, without automatically handling dependencies. This makes it ideal for testing or loading modules that are not yet part of the system's managed module tree. The modprobe command, in contrast, is a more sophisticated tool that loads modules by name and automatically resolves and loads their dependencies from standard locations. lsmod is used to list currently loaded modules, and modinfo displays information about a module file, but neither command loads modules. Therefore, for loading a single module file directly, insmod is the correct choice.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between 'insmod' and 'modprobe'?
What is the purpose of the 'lsmod' command?
Why might 'modinfo' be useful before using 'insmod'?
A system administrator is tasked with setting up several virtual machines to join an existing cloud infrastructure. They need to ensure that each virtual machine is configured automatically upon boot with a specific hostname pattern, user credentials, and custom network configuration without manual intervention. Which technology would be the MOST effective for achieving this goal during the initial boot process?
Cloud-init
Systemd service units
Puppet
Ansible
Answer Description
Cloud-init is a widely used tool for the early initialization of cloud instances. It supports various cloud platforms and allows for the automatic configuration of the environment based on user-provided initialization metadata, such as setting hostnames, usernames, and network configurations through user-data scripts or configuration files. This makes it excellent for quickly bootstrapping new virtual machines with the necessary custom settings. Other tools like Puppet and Ansible are also used for automation and configuration management, but they are typically used post-boot for ongoing management, rather than during the initial boot process.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Cloud-init and how does it work?
Why is Cloud-init better suited for initial VM configuration compared to tools like Ansible or Puppet?
What are user-data scripts in Cloud-init, and what can you configure with them?
An administrator wants to conduct an aggressive scan to retrieve version information, run default scripts, and to detect the operating system of the target device. Which Nmap command option should be used?
-A
-p-
-o
-sn
Answer Description
The '-A' option in Nmap enables aggressive scanning, which combines OS detection, version detection, script scanning, and traceroute. This thorough scanning option is informative for deep network analysis. The '-sn' option is for ping scanning (host discovery), '-p-' scans all 65535 ports, and '-o' is an invalid option as it lacks the specifics for output files like '-oN' or '-oX'.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Nmap used for?
What does the '-A' option do during an Nmap scan?
How is '-p-' different from the default port scanning in Nmap?
That's It!
Looks like that's it! You can go back and review your answers or click the button below to grade your test.