41-50

Question 1

A Linux administrator is troubleshooting the root cause of a high CPU load and average.

$ uptime
07:30:43 up 20 days, 3 min, 1 user, load average: 2.98, 3. 62, 5.21

$ top
PID|USER|PR|NI|VIRT|RES|SHR|S|%CPU|%MEM|TIME+|COMMAND
user1|6295|1|7:42:19|tty/1|06:48:29|/usr/local/bin/app1

Which of the following commands will permanently resolve the issue?

A. renice -n -20 6295
B. pstree -p 6295
C. iostat -cy 1 5
D. kill -9 6295

Answer 1

A. renice -n -20 6295

Question 2

A Linux administrator wants to set the SUID of a file named dev_team.text with 744 access rights. Which of the following commands will achieve this goal?

A. chmod 4744 dev_team.txt
B. chmod 744 –setuid dev_team.txt
C. chmod -c 744 dev_team.txt
D. chmod -v 4744 –suid dev_team.txt

Answer 2

A. chmod 4744 dev_team.txt

Question 3

A developer has been unable to remove a particular data folder that a team no longer uses. The developer escalated the issue to the systems administrator. The following output was received:

rmdir data/
rmdir: failed to remove ‘data/’: operation not permitted

rm -rf data/
rm: cannot remove ‘data’: operation not permitted

mv data/mydata
mv: cannot move ‘data/’ to ‘mydata’: operation not permitted

cd data/

cat > test.txt
bash: test.txt: Permission denied

Which of the following commands can be used to resolve this issue?

A. chgrp -R 755 data/
B. chmod -R 777 data/
C. chattr -R -i data/
D. chown -R data/

Answer 3

C. chattr -R -i data/

Question 4

A Linux administrator needs to ensure that Java 7 and Java 8 are both locally available for developers to use when deploying containers. Currently only Java 8 is available. Which of the following commands should the administrator run to ensure both versions are available?

A. docker image load java:7
B. docker image pull java:7
C. docker image import java:7
D. docker image build java:7

Answer 4

B. docker image pull java:7

Question 5

A cloud engineer is installing packages during VM provisioning. Which of the following should the engineer use to accomplish this task?

A. Cloud-init
B. Bash
C. Docker
D. Sidecar

Answer 5

A. Cloud-init

Question 6

A systems administrator is tasked with creating a cloud-based server with a public IP address.
The code is as follows:

-name: start an instance with a public IP address community.abc.ec2_instance:
name: “public-compute-instance”
key_name: “comptia-ssh-key”
vpc_subnet_id: subnet-5cjssh1
instance_type: instance.type
security_group: comptia
network:
assign_public_ip: true
image_id: ami-1234568
tags:
Environment: Comptia-Items-Writing-workshop
…

Which of the following technologies did the systems administrator use to complete this task?

A. Puppet
B. Git
C. Ansible
D. Terraform

Answer 6

D. Terraform

Question 7

A Linux systems administrator is setting up a new web server and getting 404 - NOT FOUND errors while trying to access the web server pages from the browser. While working on the diagnosis of this issue, the Linux systems administrator executes the following commands:

getenforce
Enforcing

matchpathcon -V /var/www/html/*
/var/www/html/index.html has context unconfined_u:object_r:user_home_t:s0, should be system_u:object_r:httpd_sys_content_t:s0

/var/www/html/page1.html has context unconfined_u:object_r:user_home_t:s0, should be system_u:object_r:httpd_sys_content_t:s0

Which of the following commands will BEST resolve this issue?

A. sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/’ /etc/selinux/config
B. restorecon -R -v /var/www/html
C. setenforce 0
D. setsebool -P httpd_can_network_connect_db on

Answer 7

B. restorecon -R -v /var/www/html

Question 8

To harden one of the servers, an administrator needs to remove the possibility of remote administrative login via the SSH service. Which of the following should the administrator do?

A. Add the line DenyUsers root to the /etc/hosts.deny file.
B. Set PermitRootLogin to no in the /etc/ssh/sshd_config file.
C. Add the line account required pam_nologin. so to the /etc/pam.d/sshd file.
D. Set PubKeyAuthentication to no in the /etc/ssh/ssh_config file.

Answer 8

B. Set PermitRootLogin to no in the /etc/ssh/sshd_config file.

Question 9

Which of the following is a function of a bootloader?

A. It initializes all the devices that are required to load the OS.
B. It mounts the root filesystem that is required to load the OS.
C. It helps to load the different kernels to initiate the OS startup process.
D. It triggers the start of all the system services.

Answer 9

A. It initializes all the devices that are required to load the OS.

Question 10

A systems administrator configured firewall rules using firewalld. However, after the system is rebooted, the firewall rules are not present:

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

The systems administrator makes additional checks:

• dynamic firewall daemon
  Loaded: loaded (/usr/lib/systemd/system/firewalld.service: disable; vendor preset: enabled)

Active: inactive (dead)

Docs: man: firewalld (1)

firewalld is not running

Which of the following is the reason the firewall rules are not active?

A. iptables is conflicting with firewalld.
B. The wrong system target is activated.
C. FIREWALL_ARGS has no value assigned.
D. The firewalld service is not enabled.

Answer 10

D. The firewalld service is not enabled.