00:20:00

CompTIA Linux+ Practice Test (XK0-006)

Use the form below to configure your CompTIA Linux+ Practice Test (XK0-006). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.

Logo for CompTIA Linux+ XK0-006 (V8)
Questions
Number of questions in the practice test
Free users are limited to 20 questions, upgrade to unlimited
Seconds Per Question
Determines how long you have to finish the practice test
Exam Objectives
Which exam objectives should be included in the practice test

CompTIA Linux+ XK0-006 (V8) Information

CompTIA Linux+ (v8 / XK0-006) Exam

The CompTIA Linux+ (XK0-006) certification is designed for IT professionals who work with Linux systems. It validates skills in system administration, security, scripting, and troubleshooting. This certification is vendor-neutral, covering multiple distributions such as Ubuntu, CentOS, and Red Hat.

Exam Overview

The XK0-006 exam consists of a maximum of 90 questions, including multiple-choice and performance-based questions. Candidates have 90 minutes to complete the test. The exam costs $358 USD. A passing score is 720 on a scale of 100 to 900. The certification is valid for three years and can be renewed through CompTIA’s continuing education program.

Exam Content

The XK0-006 exam focuses on five main domains: system management, security, scripting and automation, troubleshooting, and Linux fundamentals. System management includes package management, system monitoring, and user administration. Security covers permissions, authentication, and encryption. Scripting and automation focus on Bash scripting and task automation. Troubleshooting tests problem-solving skills for system failures and performance issues. Linux fundamentals include file system hierarchy, networking, and command-line operations.

Who Should Take This Exam?

The CompTIA Linux+ certification is ideal for system administrators, Linux support technicians, and DevOps professionals. It is recommended for individuals with at least one year of Linux experience. This certification is beneficial for IT professionals working with servers, cloud infrastructure, and cybersecurity.

How to Prepare

Candidates should review the official CompTIA Linux+ Exam Objectives and study materials provided by CompTIA. Hands-on experience with Linux systems is essential. Practice exams can help assess readiness and identify weak areas. Using Linux in a lab or virtual environment can provide practical experience with commands, system configuration, and troubleshooting.

Summary

The CompTIA Linux+ (XK0-006) certification is a valuable credential for IT professionals working with Linux systems. It validates essential skills in system administration, security, and automation. This certification is ideal for those managing Linux-based environments in IT infrastructure, cybersecurity, and cloud computing.

CompTIA Linux+ XK0-006 (V8) Logo
  • Free CompTIA Linux+ XK0-006 (V8) Practice Test

  • 20 Questions
  • Unlimited
  • System Management
    Services and User Management
    Security
    Automation, Orchestration, and Scripting
    Troubleshooting
Question 1 of 20

On a Debian-based server, you are tasked with decommissioning the local account named charlie. The security policy states that the account and its home directory (including the mail spool) must be deleted immediately, no backup should be kept, and any files charlie owns that are located outside /home/charlie - such as /srv/projects/ - must remain untouched. Which single deluser command meets all of these requirements?

  • deluser --remove-home charlie

  • deluser charlie

  • deluser --backup-to /srv/archive charlie

  • deluser --remove-all-files charlie

Question 2 of 20

A Linux system administrator is troubleshooting a server that has a significantly longer boot time than expected. The administrator needs to identify the individual services or units that are taking the most time to initialize during the boot process to pinpoint the source of the delay. Which of the following commands would be the MOST effective for this specific task?

  • systemctl list-units --state=failed

  • systemd-analyze blame

  • top

  • systemd-analyze critical-chain

Question 3 of 20

A system administrator is configuring a service on a Linux server and needs to quickly find all network IP addresses associated with the system's hostname. Which of the following commands will accomplish this task?

  • hostname -f

  • hostname -I

  • hostname -a

  • hostname -d

Question 4 of 20

You are preparing to start two containers with Podman on a RHEL server where SELinux is in enforcing mode. Both containers must read from and write to the same host directory /srv/data, which should be mounted at /data inside each container. You want SELinux to relabel the directory automatically so that it can be shared among multiple containers without disabling confinement. Which volume-mount option accomplishes this requirement?

  • Append :Z to the -v argument (for example, -v /srv/data:/data:Z)

  • Append :shared to the -v argument (for example, -v /srv/data:/data:shared)

  • Append :z to the -v argument (for example, -v /srv/data:/data:z)

  • Use no additional option; SELinux automatically permits shared bind mounts

Question 5 of 20

A Linux administrator is configuring a server that uses an external USB drive for daily backups. The drive is listed in /etc/fstab to be mounted automatically at boot. To prevent boot failures when the USB drive is not connected, which mount option should the administrator add to the corresponding entry in /etc/fstab?

  • nofail

  • remount

  • nodev

  • auto

Question 6 of 20

You asked a large-language model to generate a Kubernetes Deployment manifest for an intranet web service. The first response works, but it uses the deprecated extensions/v1beta1 API version and does not set any CPU or memory limits. According to prompt-engineering best practices referenced in the Linux+ objective on AI, which follow-up prompt is most likely to guide the model toward a corrected, production-ready manifest with the least trial-and-error?

  • "Please update your previous manifest by replacing extensions/v1beta1 with apps/v1 and adding reasonable CPU and memory limits to every container, then return the complete YAML."

  • "Fix anything wrong in the manifest you just wrote."

  • "Regenerate the manifest and make it fully production-ready."

  • "Reset this conversation and give me a fresh Kubernetes Deployment manifest instead."

Question 7 of 20

While deploying two Docker containers on a CentOS Stream 9 host with SELinux in enforcing mode, you bind-mount the same host directory into each container with the option:

-v /srv/shared-data:/data:Z

The first container can create and read files under /data, but the second container receives "Permission denied" errors when it tries to access those files. Setting SELinux to permissive mode makes the error disappear, but you must keep SELinux enforcing. Which change to the volume specification will allow both containers to share the directory without disabling SELinux?

  • Mount the directory with the suffix ":z" instead of ":Z" ( -v /srv/shared-data:/data:z ).

  • Add the option --security-opt label=disable to each container.

  • Start both containers with the --privileged flag so SELinux no longer blocks the access.

  • Keep ":Z" but append the read-only flag ( -v /srv/shared-data:/data:Z,ro ).

Question 8 of 20

While troubleshooting an application on a CentOS Stream server, you run the command:

# getenforce
Permissive

Which statement best describes what this status means for SELinux on the host?

  • SELinux is operating with the targeted policy so only selected daemons are confined.

  • SELinux is actively denying operations that violate the loaded security policy.

  • SELinux is not blocking any actions but still logs every policy violation for auditing purposes.

  • SELinux is completely disabled; no policy is loaded and no AVC messages are generated.

Question 9 of 20

A system administrator needs to update a configuration file named app.conf. They must replace every instance of the old IP address 192.168.1.5 with the new IP address 10.10.0.5 within the file. The changes need to be saved directly back into app.conf. Which of the following commands will accomplish this task correctly?

  • sed -i 's/192.168.1.5/10.10.0.5/g' app.conf

  • sed 's/192.168.1.5/10.10.0.5/g' app.conf > app.conf

  • sed 's/192.168.1.5/10.10.0.5/g' app.conf

  • sed -i 's/192.168.1.5/10.10.0.5/' app.conf

Question 10 of 20

After cloning a Debian-based server to a replacement disk, the first reboot halts with an initramfs emergency prompt reporting that the kernel cannot mount the root filesystem on the UUID supplied in the root= parameter. Investigation shows that GRUB2 (installed in legacy BIOS/MBR mode) is still passing the old UUID to the kernel. The administrator wants to make the new root UUID persist across future kernel updates. Which configuration file should be modified before running update-grub so the correct root= value is passed to the kernel at every boot?

  • /etc/fstab

  • /boot/grub/grub.cfg

  • /etc/default/grub

  • /etc/grub.d/40_custom

Question 11 of 20

A systems administrator is analyzing a vulnerability scan report for a production web server. The report lists the following vulnerabilities found on the system. Based on the Common Vulnerability Scoring System (CVSS), which vulnerability should be prioritized for immediate remediation?

  • An information disclosure vulnerability in the SSH service with a CVSS score of 5.3.

  • A cross-site scripting (XSS) vulnerability in the web server's administration interface with a CVSS score of 7.2.

  • A remote code execution vulnerability in a web application framework with a CVSS score of 9.8.

  • A denial-of-service vulnerability in the kernel's TCP/IP stack with a CVSS score of 7.5.

Question 12 of 20

A system administrator is troubleshooting a log rotation failure for the file /var/log/syslog. The rotation script cannot access the file because it is held open by a running process. Which of the following commands will most effectively identify the command, process ID (PID), and user associated with the process that has /var/log/syslog open?

  • lsof /var/log/syslog

  • stat /var/log/syslog

  • ps -ef | grep /var/log/syslog

  • file /var/log/syslog

Question 13 of 20

A Linux administrator wants to use a public generative AI chat service to refactor an Ansible playbook that will later configure production servers containing regulated customer data. Which approach BEST follows responsible-AI and data-governance best practices in this situation?

  • Turn off the AI tool's safety filters to avoid incomplete answers and trust the model's internal tests instead of performing manual reviews.

  • Log in from a personal account to keep prompts unlinked to the company, copy the AI output verbatim, and push it straight to the corporate Git repository.

  • Sanitize the prompt by replacing passwords and IP addresses with placeholders, submit the snippet to the AI, then perform a peer review and standard change-control before committing the code.

  • Paste the entire production playbook, including credentials, into the AI chat so it can generate a fully contextual answer, and deploy the result immediately.

Question 14 of 20

You just removed several tracked files and modified others in your project, but you also created a few brand-new files that you do not want to commit yet. From the repository's root, which single Git command stages the deletions and modifications of tracked files while leaving the new untracked files out of the index?

  • git add .

  • git add -A

  • git add -u

  • git add -i

Question 15 of 20

A network administrator needs to connect several containers directly to the local LAN so that each container receives its own IP address on that subnet. The access-switch port is configured to allow only one MAC address, so the solution must avoid assigning unique hardware addresses to every container. Which container network driver meets these requirements?

  • bridge

  • macvlan

  • host

  • ipvlan

Question 16 of 20

A Linux system administrator is troubleshooting a network connectivity issue from their workstation (192.168.10.20). They are unable to get a response when they run the command ping 192.168.10.105. However, a second command, ping 192.168.10.106, to a different server on the same subnet succeeds. The administrator has already confirmed that the local firewall on their workstation is not blocking any outbound traffic. Which of the following is the MOST likely cause of the issue?

  • The network interface on the administrator's workstation is disabled.

  • An incorrect default gateway is configured on the administrator's workstation.

  • A firewall on the destination server (192.168.10.105) is blocking ICMP echo requests.

  • A DNS resolution failure is preventing the connection to the server.

Question 17 of 20

During a nightly health-check script you must test whether the internal endpoint https://service.example.local/ is alive. The check has three strict requirements:

  • Do not download the response body (only a HEAD request is acceptable).
  • Show only the HTTP status code on standard output so the code can be captured by the monitoring system.
  • Cause the shell to return a non-zero exit status automatically when the server answers with any 4xx or 5xx error.

Which single curl command meets all of these requirements?

Question 18 of 20

A system administrator needs to temporarily disable password-based login for a user account named temp_user without deleting the user or their current password. The administrator wants to be able to easily re-enable login later. Which of the following commands will accomplish this?

  • passwd -u temp_user

  • passwd -d temp_user

  • passwd -l temp_user

  • passwd -e temp_user

Question 19 of 20

During a code review you spot the following Bash snippet that is supposed to keep a running counter:

#!/usr/bin/env bash
count=0

increment() {
    local count=$((count + 1))
}

increment
echo "$count"

The developer expects the script to print 1, but it prints 0. Which single change will make the script print 1 while remaining portable to any POSIX-compliant /bin/sh and without starting a subshell?

  • Capture the function's output: count=$(increment) instead of calling the function directly.

  • Delete the word local so the function assigns directly to the existing count variable.

  • Add export count before the function declaration to make the variable global.

  • Replace local with declare -g -i count=$((count + 1)) inside the function.

Question 20 of 20

An administrator is building a lightweight Linux workstation for developers who prefer to control their entire desktop from the keyboard. All application windows must automatically occupy non-overlapping tiles on the screen (no floating or stacking), the solution must avoid the overhead of a compositing manager, and it has to run on X11 so it will work with older graphics hardware. Which window manager best meets these requirements?

  • Openbox

  • i3

  • Mutter

  • KWin