CompTIA Linux+ Exam Study Guide Flashcards
What are the stages of the Boot Process?
1) BIOS/UEFI POST
2) Boot Loader
3) Kernel Initializations
4) Start the System Initialization Processes (says or systemd)
BIOS / UEFI
This is the Basic Input Output System, a firmware that is on the mainboard that is used to initialize the hardware on the system. The process is called the Power On Self Test (POST) and it ensures that all of the connected devices are initialized and responding before passing over control to the bootloader. Most recently, the BIOS system has been replaced by the Unified Extensible Firmware Interface that performs the same tasks as the BIOS, but it has additional capabilities.
Boot Loader
This is the program that loads the operating system for the computer. It takes over once the POST has completed. On Linux, the most common bootloaders are GRUB (the GRand Unified Bootloader, also called legacy GRUB), and its updated replacement GRUB2, now simply referred to as GRUB. The bootloader is configured with the location of the desired operating system kernel which it loads into memory.
Kernel Initialization
The loaded Kernel will extract itself from a compressed image that is located in the /boot directory and then load the system initialization daemon. On older systems this was sysv-init , but on modern systems this is systemd . Once the kernel and the system initialization daemon are running, the system can start.
Describe System Initialization
The system initialization daemon mounts the devices located in fstab , and proceeds to boot the system into the default run level. Once the process has completed the system is considered booted
What are Boot Options
- Boot from ISO: This process uses a ISO image, that is mounted as a drive, to load the kernel.
- PXE: The Pre-EXacutable environment is a client environment that searches for an appropriate server on the network from which to acquire a boot image. Once this image has been located, it is downloaded using the trivial file transfer protocol (tftp)
- Boot from HTTP/HTPS: This process allows the image to be loaded using standard networking protocols.
Describe Boot File Locations
Most configuration files for the boot process are in the /boot directory. Exceptions to this can be the GRUB files that can be located in different places, depending on the BIOS / UEFI specifications of the system. Most often they are found in one of the following:
• /etc/grub/
• /etc/grub2.cfg
• /boot/grub or /boot/grub2 • /boot/efi
Describe mkinitrd
This command will create the initial ramdisk is used by the kernel to preload block devices that are needed to access the root filesystem.
dracut
This command is similar to mkinitrd and results in an initial ramdisk the kernel can use to load block devices that are needed to access the root filesystem.
grub2-install
This command is used to install the GRUB2 boot loader onto a device, which includes necessary images as well as creating the boot sector
grub2-mkconfig
This command is used for creating a configuratuion file for use by GRUB2
initramfs
This is a complete set of root file system directories, bundled into a cpio archive and compressed.
efi files
These files are used by the UEFI bootloader and comprise the efi partition. They are normally located at /boot/efi/
vmlinuz
This is the name of the Linux kernel executable. It is a compressed kernel that is capable of loading the operating system into memory (Virtual Memory LINUX gZip)
vmlinux
This is a statically-linked executable file that contains the Linux kernel. It can be used in debugging. In contrast to vmlinu(z), this file is not compressed (Virtual Memory LINUX)
Describe Kernel Panic
A Kernel Panic is a situation where the kernel discovers an unrecoverable error and it is not able to recover from that error without risk of data loss. This normally results in a bug check error being printed to the screen, followed by a memory dump prior to either waiting for a manual reboot or automatically rebooting once the memory dump is completed
What is the lsmod command used for?
lsmod lists the currently loaded modules
insmod
Inserts a module into the kernel
modprobe
Loads or removes a loadable kernel module to or from the kernel
modinfo
Extracts information about a kernel module that is provided to the command on the command line
dmesg
Prints the message buffer of the kernel:
–This output usually contains messages from device drivers and kernel modules.
rmmod
Removes modules from the kernel, but not modules that are in use
depmod
Creates a list of module dependencies
/usr/lib/modules/[kernelversion]
This is location of the kernel modules specific to a release of the kernel
/usr/lib/modules
This is the parent location for module storage
/etc/modprobe.conf
This is the file that contains the options that can be configured for modprobe. It is
scheduled to be deprecated
/etc/modprobe.d/
This is the location of the modprobe configuration files. It is the replacement for /etc/
modprobe.conf
ping
Leverages the ICMP protocol to get an echo response from a host that is passed to it on the command line, either as a hostname or an IP address
netstat
Used to print network connections, routing tables, and many other pieces of information about the network status
nslookup
Queries the DNS system to resolve a domain name to an IP address
dig
Short for Domain Information Groper, use for interrogating DNS name servers
host
Simple tool for DNS lookups
route
Manipulates the kernel’s routing table, and can be used to set static routes
ethtool
Used to configure and manipulate network device drivers and connections
- It is mostly used for wired connections
ss
Dumps socket statistics
iwconfig
Configures and displays information about wireless network interfaces
nmcli
Command line tool used for controlling NetworkManager and getting its status
brctl
Manages ethernet bridges
nmtui
Similar to mncli, and provides a text interface that shows options for the tool
Where is the location of the network interface configuration scripts used to manipulate the network interfaces
/etc/sysconfig/network-scripts/
/etc/sysconfig/network/
This is the location of more general network configurations that are not specific to an interface
This is the file that is the store for local DNS resolution
/etc/hosts
This is the location of the network configuration files
/etc/network
This is the file that is used to determine the sources from which to obtain name-
service information
/etc/nsswitch.conf
This is the file that contains the list of external DNS servers
/etc/resolv.conf
This is the location of files that can be used to configure networking on newer systems.
/etc/netplan
This file is used to override default kernel parameter values
/etc/sysctl.conf
This file is used to configure the DHCP client
/etc/dhcp/dhclient.conf
Aggregation
This is the process of combining several network connections in parallel, to increase network throughput
Active/Passive
This is a type of load balancing in which one side is the active side. The other side is passive and is held in reserve, in the event of the active side experiencing a failure
Load balancing
This is the process of distributing network traffic across multiple resources, to ensure that no single resource experiences resource exhaustion
Basic Partitions in Linux
There are several types of partitions in Linux, These are different than file systems, and partitioning a device is simply dividing it. A partition can span the entire device, or be smaller pieces of it
What is a raw device?
A raw device is a special type of logical device. It is associated with a character device file that allows it to be accessed directly, without using the operating systems buffers
Describe GPT
Short for GUID Partition Table, this type of partition table allows a device to be divided into a nearly unlimited number of partitions, depending on the operating system. GPT also allows for much larger drives, again limited by the operating system and the file system that will be used in the partition. GPT also stores multiple copies of its partition table in several locations on the device.
Describe MBR
The Master Boot Record is a partition table that stores its partition data in a special boot sector, and has a 2TB limit in total drive size. MBR only supports 4 primary partitions
What is a real file system?
A real file system is a type of file system that exists on a device. It is physically mounted to the machine
What is a virtual file system?
A virtual file system exists in memory and does not actually physically exist on a device. Once the computer is powered off, the virtual file system no longer exists. One example of this would be /proc
Describe a relative path
A relative path is one that is dependent on the directory that you are currently in, such as ./example , where this means the object example in the current directory
Describe an Absolute Path
An absolute path is one that is not dependent on the current directory, such as /home/user/example . This is the absolute location of the file example
What is a device mapper?
The Device Mapper is a framework in Linux that allows the mapping of physical devices to logical file volumes. It provides the following services
A logical volume is a volume that can be made up of multiple physical partitions. The Logical Volume Manager (LVM) is used to mange these Volumes.
mdadm is a command line tool that allows the management of Redundant Array of Independant Disks (RAID) that are created using the device mapper.
Multipath is a storage technology that lets us use more than one method of accessing storage devices. This allows for load balancing and high availability of the storage devices
Describe a logical volume
A logical volume is a volume that can be made up of multiple physical partitions. The Logical Volume Manager (LVM) is used to mange these Volumes.
Describe mdadm
mdadm is a command line tool that allows the management of Redundant Array of Independant Disks (RAID) that are created using the device mapper
Describe Multi-path
Multipath is a storage technology that lets us use more than one method of accessing storage devices. This allows for load balancing and high availability of the storage devices
Describe File System Types
ext3 : The 3rd extended file system was introduced in 2001 and it included journaling. It is limited by individual file size of 2TB and an overall system size of 32TB
ext4 : The 4th extended file system was introduced in 2008. It includes journaling too, but also allows for huge file sizes. Individual files can be up to 16TB and system size can be up to 1EB (exabyte).
xfs : This file system was ported to Linux in 2014, it is a 64 bit, journaling file system that has excellent support for parallel I/O loads.
nfs : The Network File System is a client/server file system that allows file access across networks as if they were local files.
smb : Server Message Block is a network protocol allowing network access to files and other network resources.
cifs : This is a version of smb and it stands for Common Internet File System.
ntfs : This is a proprietary journaling file system developed by Microsoft, and is the default file system on
modern versions of the Windows operating system
ext3
The 3rd extended file system was introduced in 2001 and it included journaling. It is limited by individual file size of 2TB and an overall system size of 32TB
ext4
The 4th extended file system was introduced in 2008. It includes journaling too, but also allows for huge file sizes. Individual files can be up to 16TB and system size can be up to 1EB (exabyte)
xfs
This file system was ported to Linux in 2014, it is a 64 bit, journaling file system that has excellent support for parallel I/O loads
nfs
The Network File System is a client/server file system that allows file access across networks as if they were local files
smb
Server Message Block is a network protocol allowing network access to files and other network resources
cifs
This is a version of smb and it stands for Common Internet File System
ntfs
This is a proprietary journaling file system developed by Microsoft, and is the default file system on
modern versions of the Windows operating system
This is the location of the File System TABle, and it contains the information necessary to allow automatic mounting of devices
/etc/fstab
This is the location of the information for encrypted devices that are set up during system boot
/etc/crypttab
This contains the special device files for all the devices on the system
/dev/
This contains a listing of the Logical Volumes managed by LVM
/dev/mapper
/dev/disk/by-
/dev/disk/by-
id : This contains a mapping of the devices based on the serial number.
uuid : This contains a mapping of the devices based on the UUID. This is how the devices are listed in fstab by
default.
path : This is a mapping of the devices based on the shortest physical path according to sysfs and contains
the bus name (pci,ata, etc.).
multipath : If this exists, it contains the path mappings for the device
This contains a list of the currently mounted file systems according to the mount command
/etc/mtab
This contains symlinks to each of the block devices on the system
/sys/block
This contains the major and minor numbers of the partitioned devices
/proc/partitions
This is similar to mtab but it is maintained by the kernel.
/proc/mounts
mdadm
Device mapper administration
fdisk
CLI program for managing device partitions does not work with partitions larger than 2TB
parted
CLI program for managing device partitions does not have the partition size limit of fdisk
mkfs
MaKe File System, used to build a file system on a partitioned device (normally a disk drive)
iostat
Reports CPU and device I/O stats
df
Disk Free, reports the free space on the file system that is passed to it:
- Using no arguments lists the system
du
Disk Usage, reports the size of the file that is passed to it:
1. With no arguments, it lists the file size of all files on the system each on one line.
mount
Attaches a file system to a mount point
umount
Removes a file system attachment from a mount point
lsblk
LiSt BLocK devices
blkid
Locate and print block device attributes
dumpe2fs
Prints the superblock block group info for a filesystem on a device
resize2fs
Used for resizing a filesystem
fsck
File System ChecK, used to detect errors on a filesystem and can be instructed to attempt to correct
issues
tune2fs
Allows adjustment of tunable file system parameters
e2label
Displays or changes filesystem labels
Describe Templates
A VM template is what describes a virtual machine, and it is used to create the machine resources. There are several different types of templates, depending on how the virtual machine was created
Describe an OVA Template
An OVA template is an archive if a machine that is a single file, made up of several other files that describe the virtual machine
Describe an OVF
An OVF, which is made up of several files that comprise the virtual machine template. The files are contained inside of an OVA archive. OVA and OVF templates are seen in VMware virtualization
Describe JSON
Virtual machines can also be described in Java Script Object Notation (JSON). This type of template is used in places such as AWS cloud formation.
Yet Another Markup Language (YAML)
Yet Another Markup Language (YAML) can also be used to describe a virtual machine as well as many other deployment types. A container image is different than a VM template. It contains the files that are used by the container, while a VM template describes the configuration
What is Bootstrapping?
The bootstrapping process refers to the methods that are used to instantiate a Virtual Machine. Machines that are created on cloud providers can use technologies such as Cloud-Init
What is Cloud-Init
This technique uses identical starting images, and then configures those images for their specific role
What is Anaconda?
Anaconda is the system installer used in RedHat Linux. The Anaconda configuration can be used to create identical machines via a process called Kickstart, which allows unattended installation
What is Thick Provisioning
Thick provisioning is when the entire amount of storage is allocated when the storage is instantiated
What is Thin Provisioning
Thin provisioning is where the limit of the disk is created but the actual storage is not allocated until it is used
Describe a Persistent Volume
A Persistent Volume is one that is independent of a virtual machine, and exists even if the machine does not. These types of volumes are attached to machines, as opposed to ephemeral storage that only exists if the machine exists
Describe Blob storage
Blob storage is Binary Large Object storage and differs from Block storage. It stores objects, and is not a block device like a traditional hard disk
Describe Block Storage
Block storage is tied to a virtual machine instance, and can contain a file system. Blob storage is normally remote storage and is accessed to retrieve objects but does not contain addressable blocks, or a file system that can be used for an operating system
Networking
Virtual Machines use the same network of the host system. It can be accomplished in several ways
What is Bridging
Bridging is a method in which the host network is simply bridged to the virtual machines. The virtual machines then exist on the host network
What is an overlay network?
An overlay network is an entire network segment that is created for the virtual machines independent of the host network. Ingress/egress methods must be created for network traffic to and from this overlay
What is Network Address Translation (NAT)
Network Address Translation (NAT) is a technique in which internal IP addresses are mapped to an external IP address, making it appear as if all of the network traffic is coming from the same single IP on the host
What is a local network?
A local network is one in which the virtual machines are only able to communicate with one another and their host system
Describe Dual Homed Networks
Dual-homed networks provide high availability by incorporating two or more network interfaces. One is live and the others are hot standbys in case the primary fails
What is a Hypervisor?
The hypervisor is the layer that exists between a virtual machine and its underlying host’s system. This can be any one of several that are used, such as KVM, Virtualbox, VMware, etc
a management tool us used to start and stop the virtual machine,s as well as change settings and configurations. Some of the more common tools are libvirt, virsh, and vmm
Describe Localization inside Linux
Time is one of the most important components, as it affects every system operation. In addition, the language that the system used and the way that time is displayed should be considered. This is referred to as localization. The files used for this can be located in:
• /etc/timezone
• /usr/share/zoneinfo
localectl
Used to change the keyboard layout and location settings
timedatectl
Sets the system clock
date
Displays the current time in a specific format
LC_*
Refers to all of the categories that exist for the Local such as time, messages etc
LC_ALL
Overrides all settings, normally used by applications to output in a known format
LANG
Refers to the language that the system is using
TZ
The time zone that is used for clock correction from UTC
Software Packages come in several types
.rpm : Used in RedHat based distributions
.deb : Debian-based system package type
.tar : Archive file that contains the software files
.tgz : Compressed archive of the software files
.gz : Another type of compression used to package the software files
Used in RedHat based distributions
.rpm
Debian-based system package type
.deb
Archive file that contains the software files
.tar
Compressed archive of the software files
.tgz
Another type of compression used to package the software files
.gz
rpm
Installs .rpm packages
dpkg
Installs .deb packages
apt
Package manager for Debian-based distributions
yum
Package manager for RedHat-based distributions
dnf
Package manager for Fedora, and is a derivative of the YUM package manager
zypper
Package manager for OpenSUSE
What are the commands make and make install used for?
The commands make and make install are used to build software from source
What is the command used to check for dependencies in software?
The command used to check for dependencies in software is ldd
What is a compiler?
Compiler converts the readable code into machine code. Shared Libraries are pieces of code that are used more than once, and the library is included to prevent repetition in the code.
Describe a repository
A repository is a place where the code can be stored and accessed by development teams. The repositories can be created locally and then configured for remote access. As files are modified they can be synced to the repository. Commands such as wget or curl can download code to the local machine
What is the command used for adding a new user?
useradd
What is the command used to add users to a group?
groupadd
If a user already exist, it may be necessary to change properties of the user. What command can be used to do so?
usermod
What command is used for group modification?
groupmod
What command is used to create user passwords?
passwd
What command is used for password aging?
chage
User and Group Removal
User and Group removal is done with the userdel or groupdel commands
Where are global bash profile settings located?
Global bash profile settings are located in the /etc directory
Where are user and group management files found?
/etc/passwd and /etc/group list and configure the users and groups, respectively, in combination with the /etc/shadow file that contains encrypted users passwords
What are some commands that are associated with users?
Some commands that are used with users: • id : Show the users' IDs • whoami : Show the current user • who : Shows logged in users • w : Shows detailed information about logged in users • last : Shows historical user logins
What is the ‘id’ command used for?
shows the users id
What is the ‘whoami’ command used for?
shows the current user
What is the ‘who’ command used for?
Shows logged in users
What is the ‘w’ command used for?
Shows detailed information about logged in users
What is the ‘last’ command used for?
Shows historical user logins
Name two common text editors
vi and nano are common text editors on the Linux OS
What is grep used for?
Grep prints lines matching a pattern
What is cat used for?
cat is used to print the contents of the file
What is the tail command used for?
tail prints the last lines of the file
What is the head command used for?
head prints the first lines of the file
What is the less command used for?
less reads the whole file and paginates the output
What is the more command used for?
More is similar to the less command which reads the whole file and paginates the output
What is the stream editor command?
sed or awk
How do you copy files on a system?
You can copy files on a system by using the cp command
How do you move files on the system?
To move files on the system use the mv command
What is the command ‘locate’ used for?
The locate command is used for searching for files in the systems file database. You can update the database by using the updatedb command
What are the two service management systems that are the most common on Linux systems?
sysVinit (older)
systemd(newer)
Describe Server Roles
Servers can be configured to provide a specific service or role
Describe NTP
Using the Network Time Protocol, these servers provide time services so that clocks can be synced across the network
Describe WEB
These servers serve web pages
What is a CA?
A Certificate Authority, these servers provide certificate validation
What is a Name Server?
These provide DNS services on the network.
DHCP
Dynamic Host Configuration Protocol, These servers issue IP addresses
File Servers
These provide network storage
Monitoring
These servers are usually part of an agent server pair and provide real time performance
information about monitored servers
Authentication server
These provide centralized authentication and can be part of a single sign on (SSO)
infrastructure
Database
These servers provide data services
Load balancer
These servers route traffic, based on load numbers, to servers that are behind them in the
network.
What is the command to list installed hardware?
lsdev
What is the command to list used devices?
lsusb
What is the command to list PCI connected devices?
lspci
What is the command to list block devices (hard disks)?
lsblk
What is the command used to examine the kernel ring buffer?
dmesg
What is the command used to print a file?
lpr
How do you show the print queue?
lpq
Where are devices mostly listed in the systems virtual file systems?
/proc
/sys
/dev
What are the three types of user permissions?
User permissions come in three types Read write and execute.
In standard notation these are listed as User group and other
What is Octal Notation?
Linux permissions listed as numbers, such as 755 or 644, are known as octal notation
read = 4 write = 2 and execute = 1
When permissions are added together, 6 = read and write and 7 = read write execute
What is the highest permission?
0777 is the highest permission
which means everybody (all users and groups) can read, write, and execute
Describe default permissions
Default permissions are set using a umask.
A umask is subtracted from the highest permission.
For example a umask of 0022 would result in a default permission of 0755 (0777 - 0022 = 0755)
What is the purpose of the sticky bit?
If the sticky bit is set, only the owner of the file or directory, and root , can delete or rename the file
Describe inheritance
Inheritance is the process by which files and directories obtain their permission settings from their parent
What is the command used to change the permissions on a file or directory?
chmod
What is the command used to change the owner of a file or a directory?
chown
What is the command used to change the group ownership?
chgrp
What is the command that’s displays the File Access Control List (FACL)?
getfacl
What is the command used to modify the FACL?
setfacl
What is the command used to list files and directories?
ls
Where can you find users with escalated privileges?
Users with escalated privileges are listed in the sudoers file.
To edit this file use the visudo command which checks the file syntax so permissions are not broken
What are the commands used to elevate permissions?
su(switch user)
sudo(super user do)
Describe members of the wheel group
Members of the wheel group are normally system administrators, and are allowed to elevate privileges to root by default
What are context based permissions?
Context-based permissions are based on extended attributes of objects
What is SELinux?
SELinux, or Security Enhanced Linux, is the default context-based permissions kernel module on RedHat-based distributions
What are the three states SELinux can be in?
SELinux can be in one of three states:
• Disabled: Permissions are not applied and are not logged.
• Permissive: Permissions are not applied, but permission violations are logged. This is useful for
troubleshooting.
• Enforcing: Permissions are applied and violations are logged
SELinux
The policy that is applied is one of two by default
Targeted: Only objects that are listed in the targeted policy are evaluated. Unconfined objects are not evaluated.
• Strict: All objects are evaluated and confined objects are restricted
What is the command used to get the current state of SELinux?
getenforce
What is the command used to set the state of SELinux?
setenforce
What is the command used to list the status of SELinux including the state and policy
sestatus
What is the command used to change the context for an object
chcon
What is the command used to restore the context for an object to its default
restorecon
What is the command used to list the context for the objects in the directory passed?
ls -Z
What is the command used to list the context for the processes?
ps -Z
What is AppArmor?
AppArmor is the default context-based permissions kernel module on Debian-based distributions
How do you disable an AppArmor profile?
aa-disable
What is the command used for setting enforcement mode on a profile?
aa-complain
What is the command used to list network processes that do not have an AppArmor profile loaded?
aa-unconfined
What is Pluggable Authentication Method (PAM)
On Linux, authentication is handled by Pluggable Authentication Modules (PAM). This provides an interface that applications can leverage, and creates a standardized method for authenticating users
What is PAM responsible for?
PAM is responsible for:
• Password Policies: Complex passwords as well as password histories
• LDAP integration: Lightweight Directory Access Protocol, used for centralized authentication • User lockouts: Failed logins resulting in lockout after a configured number of failures
Describe Modules in PAM
Modules in PAM an be required (the module must have a positive return),
optional (the module is not required to have a positive result),
sufficient (the module is the only one necessary to have a positive result).
What is SSH?
SSH, or secure shell, is a method of accessing a server and receiving a shell prompt. This access can be limited to only certain users (User-specific access) or limited to connections from certain hosts using TCP Wrappers
Some files used with SSH: known_hosts
A list of trusted connections with the fingerprint for the server
Some files used with SSH: authorized_keys
A key store for the keys of users that are allowed to access the server with no password
Some files used with SSH: config
The local configuration for the SSH users
Some files used with SSH: id_rsa
The private SSH key
Some files used with SSH: id_rsa.pub
The public SSH key
PKI
PKI is an infrastructure providing services that can be used to validate hosts. This consists of private keys and public keys, as well as certificates issued by certificate authorities. In addition, these services can be used to generate Digital signatures
What is an incremental backup?
An incremental backup is one that contains the changes since the last incremental backup
What is a full backup?
A full backup contains the entire file set that was intended to be backed up
What is a differential backup?
A differential backup contains the changes since the last full backup
Describe File Hashing
File hashing is the process of generating a hash value based on the file’s contents, and can be used to validate that the backup file has not changed on disk
Give some characteristics of shells
- Environment is the workspace, and the shell is an instance.
- The children inherit from the parent Environment.
- Shell variables are set on each child independently.
- Shell variables are not passed to children.
Describe Variables
- Are used to store data
- Can be changed
- Can be local or global
Describe Scripts
- Used for automating repetitive tasks
- Used for configuring a task
- Can be on the command line (CLI) or in files (.sh).
- Need to be executable.
- Need to start with #!/bin/bash
What is the command used to create a Git repository?
git init
What is the command used to copy a repository?
git clone
What is the command used to push to a remote repository?
git push
Git Branches
Git repositories can be checked out into branches so that code can be worked on, reviewed, and committed without disrupting the main body of code
What is central configuration?
Central Configuration is the process of managing servers via code. It is a system of automation that allows for provisioning, monitoring, and patching resources within an infrastructure. This could be virtualized infrastructure, or bare-metal
What is an agent system?
An Agent system is one that uses software installed on target machines. The software typically reports back to a management server
What is agentless?
Conversely, a management system that does not require software agents to be installed on the managed systems is referred to as Agentless
What is Inventory Management?
Inventory management is the process of recording the specifications of systems in the infrastructure. This is important as it can affect the commands that are used to manage the systems, as well as assisting with life cycles and patch management
nfrastructure as Code
Infrastructure as Code is a way to describe the deployed resources so that they can be reproduced from that code. an example of this is a Kickstart file or a cloud-init file. This leverages build automation as well as automated configuraiton management to ensure that instantiated resources are tagged and configured correctly
What is Ansible?
Ansible is an example of an agentless system
What is Puppet?
Puppet is a system that uses an agent
