×

Quiz Session - Attempts With Random Questions

CompTIA Linux+ Exam Questions

Page 3 of 25

41.

Which type of port forwarding sends traffic from the OpenSSH client on a client to the client's OpenSSH server?

  • Local

  • Remote

  • X11

  • VNC

Correct answer: Local

Local port forwarding sends traffic to the client's OpenSSH server before it gets tunneled to a destination server. It is accomplished with the -L option to the ssh command. 

Remote SSH port forwarding starts at the destination server rather than the remote client. X11 forwarding connects to a remote system with X11-based utilities. VNC connects a VNC client to a VNC server over port 5900.

42.

Which of the following is a Network Layer framework often used in VPN connections?

  • IPsec

  • PPTP

  • SLS/TLS

  • DTLS

Correct answer: IPsec

IPsec is a cryptographic framework used in VPNs. It primarily makes use of two protocols: Authenticated Headers (AH) and Encapsulating Security Payload (ESP). For key management in IPsec, the Internet Security Association and Key Management Protocol (ISAKMP) is typically employed but is not required. 

Point-to-Point Tunneling Protocol (PPTP) is an obsolete protocol for VPNs with many security flaws. SLS/TLS are protocols working at the Transport Layer. DTLS is based off of TLS but only uses UDP packets.

43.

An administrator is unable to find a system's volume. Which command will search for ALL volumes on physical devices?

  • pvscan

  • mdadm

  • lspci

  • fsck

Correct answer: pvscan

The pvscan utility searches for physical volumes. 

The mdadm command is used to create and manage storage arrays. The lspci command is used to scan PCI devices. The fsck command will fix filesystem errors.

44.

A programmer wants to prompt for user input in their script. Which command accepts user input from the terminal?

  • read

  • declare

  • echo

  • source

Correct answer: read

The read command will prompt a user for input when they execute the program. 

The declare command assigns a variable type to a variable. The echo command outputs the string given to it as input. The source command reads and executes a script.

45.

A user reports that they cannot modify file1.txt, which is in their home directory. Upon inspecting the file's attributes, the character "i" is seen preceding the filename. What command should the administrator use to make the file modifiable again?

  • chattr -i ./file1.txt

  • chmod -i ./file1.txt

  • umask -i ./file1.txt

  • chown -i ./file1.txt

Correct answer: chattr -i ./file1.txt 

The chattr command changes a file's attributes. The -i option can remove the immutable bit attribute. 

The chmod command is used to change permissions, not attributes. The umask command is for modifying the file mode creation mask. The chown command is for changing file ownership. 

46.

Which command sets firewalld to the pre-defined zone that is typically used on external networks when masquerading is enabled for local systems?

  • firewall-cmd --set-default-zone=external

  • firewall-cmd --set-default-zone=public

  • firewall-cmd --get-default-zone

  • firewall-cmd --get-active-zones

Correct answer: firewall-cmd --set-default-zone=external

The firewall-cmd --set-default-zone=[zone] command is used to pick a different default zone. The external zone is used when masquerading is being used on local systems. The firewall-cmd --set-default-zone=external will set firewalld to use the external pre-defined zone. 

The firewall-cmd --set-default-zone=public will set firewalld to use the public pre-defined zone. The public predefined zone is not used when masquerading is being used on local systems. The firewall-cmd --get-default-zone is used to view the default zone. The firewall-cmd --get-active-zones is used for viewing active zones and their traffic grouping. 

47.

Which command makes a variable available to any child processes spawned by a shell?

  • export

  • echo

  • printenv

  • env

Correct answer: export

The export command will give the export attribute to a variable so that child processes will inherit it. A variable can be assigned a value at the same time as using the export command. 

The echo command displays the string that is passed as an argument. The printenv command shows the values of environment variables of the current shell. The env command can print environment variables or allow a script to alter them without modifying the environment.

48.

An administrator wants to configure their Linux system to use DNS before the /etc/hosts file for resolving hostnames. Which file should they edit to accomplish this?

  • nsswitch.conf

  • resolv.conf

  • apt.conf

  • dhclient.conf

Correct answer: nsswitch.conf

The nsswitch.conf file has several configuration options. One option defines the order in which name resolution methods will be used. The options are to either use the /etc/hosts file first, then use DNS second, or use DNS first and the /etc/hosts file second. 

The resolv.conf file informs the system of the IP addresses of one or more DNS servers. The apt.conf file is used for managing the configuration of the APT suite of tools. The dhclient.conf file is for configuring DHCP.

49.

Which is not considered an orchestration utility?

  • AppArmor

  • Ansible

  • Puppet

  • SaltStack

Correct answer: AppArmor 

AppArmor is a Linux Security Module implementation of name-based mandatory access controls. It is not an orchestration utility.

Common orchestration utilities include Ansible, Puppet, SaltStack, Chef, and Terraform. 

50.

Which Linux file specifies the DNS servers that a host will use?

  • resolv.conf

  • hosts

  • nsswitch.conf

  • modprobe.conf

Correct answer: resolv.conf

The resolv.conf specifies the default domain name as well as the DNS servers to use. A DNS server is specified after each "nameserver" keyword in the file. 

The hosts file is for resolving hostnames locally. The nsswitch.conf file is for determining if the hosts file or DNS should try to resolve a hostname first. The modpobe.conf is for configuring the modprobe tool that loads and unloads kernel modules.

51.

An administrator is using the nmcli tool to enable the network interface eth0. Which command should be run to enable the network interface eth0?

  • nmcli con up eth0

  • nmcli general status 

  • nmcli con edit eth0

  • nmcli con down eth0

Correct answer: nmcli con up eth0

The nmcli command can be used to view and configure network information. The syntax of the nmcli command is nmcli [options] [subcommand] [arguments]. To enable a specific network interface, you should use the command nmcli con up [interface]. 

Using the command nmcli general status will display a summary of network connectivity data. The command nnmcli con edit [interface] will enter an interactive mode to configure the specified interface. The nmcli con down [interface] command will disable the specified interface. 

52.

A programmer wants to create custom errors in their scripts to aid in debugging. What command should they use in their script to quit the program and produce the error code when the error is encountered?  

  • exit

  • bash

  • echo

  • kill

Correct answer: exit

The exit command in a script will set the exit status to the number given to the command as an argument. 

Bash is the interpreter that runs commands. The echo command will not exit the script. The kill command is used to end processes.

53.

Which directive in /etc/ssh/sshd_config should be enabled to allow for SSH port forwarding?

  • AllowTCPForwarding

  • X11Forwarding

  • PermitRootLogin

  • UsePAM

Correct answer: AllowTCPForwarding

The AllowTCPForwarding directive must be set to yes in the ssh_config file. Removing the # symbol at the start of the line will uncomment it to make it active. 

The X11Forwarding directive is for tunneling an X11 connection. The PermitRootLogin directive should be disabled for security. The UsePAM (Pluggable Authentication Module) is not related to SSH port forwarding.

54.

Which subdirectory in /sys is for devices that connect components?

  • /sys/bus

  • /sys/block

  • /sys/device/

  • /sys/kernel

Correct answer: /sys/bus

The /sys/bus directory is for data buses. Each subdirectory here has device and driver directories. 

The /sys/block directory has entries for each block device. The /sys/device directory is for a hierarchical list of devices. The /sys/kernel directory is for the kernel status.

55.

An administrator wants to see which bootloader files are on a system that uses the UEFI boot method. What file extension would these files have which allows for the administrator to easily identify them?

  • .efi

  • .conf

  • .cfg

  • .list

Correct answer: .efi 

UEFI uses a disk partition that can hold many different bootloaders, which end in the .efi extension. These are located in the /boot/efi folder. 

A file that uses .conf is lilo.conf, which is a configuration file for the original Linux Loader. An example of a file that uses .cfg is grub2.cfg, which is the configuration file for GRUB2. A file that uses .list is menu.list, which has the menu commands in GRUB (Legacy).

56.

When using pam_faillock.so, which option in an /etc/pam.d file will record the attempted account name when a non-existent user account attempts to log in?

  • audit

  • preauth

  • authfail

  • authsucc

Correct answer: audit

The pam_faillock.so module is used as an alternative to pam_tally2 to view failed login attempts. The audit option will log attempted account names when a non-existent user tries to log in.

The preauth option will block a user after a large number of failed consecutive login attempts. The authfail option will record failed attempts into a user's tally file but won't record a non-existent username. The authsucc option will label failed logins as either consecutive or non-consecutive.

57.

An administrator is examining a Linux system that has been brought to them. They want to see which version of GRUB the system is running. What command can they run to find out this information?

  • grub-install -v

  • dracut -v

  • grub2-mkconfig 

  • mkinitrd 

Correct answer: grub-install -v

The first version of GRUB was created in 1999 and is now referred to as GRUB Legacy. GRUB2 was created in 2005 as a complete rewrite of the GRUB Legacy system. You can use grub-install -v to see which version of GRUB your system is using. The dracut command is for making an initramfs image. The -v options will provide verbose output. You can use grub2-mkconfig to assemble the grub.cfg file. The mkinitrd command may be used to create an initramfs file in Debian-based systems.

58.

An administrator wants to see which units took the MOST time to initialize during boot. Which systemd-analyze command will accomplish this?

  • blame

  • critical-chain

  • time

  • verify

Correct answer: blame

The blame command shows how much time each unit took to initialize. The units are listed from slowest to fastest. 

The critical-chain command shows units in a tree-format. The time command displays the overall time it took to initialize the kernel. The verify command scans unit files for errors.

59.

Which option to the ssh-keygen command will specify rsa as the key type? 

  • ssh-keygen -t rsa 

  • ssh-keygen -f rsa 

  • ssh-keygen -N rsa 

  • ssh-keygen -e rsa 

Correct answer: ssh-keygen -t rsa 

The -t option to the ssh-keygen command specifies the encryption method (also known as the key type). Popular methods are RSA, DSA, and ECDSA.

The -f option specifies the keyfile to store the key. The -N option specifies a new passphrase. The -e option specifies the key format.

60.

Which character is used to denote a variable in shell scripting?

  • $

  • #

  • |

  • *

Correct answer: $

The $ sign before a string means that it is a variable. 

The pound sign (#) is used for starting comments in a script. The pipe symbol (|) is used to pipe the output of one command into another. The asterisk (*) is used as a wildcard to mean zero or more characters.

×