Linux Flashcards

Question 1

Q

How to check the kernel version of a Linux system?

Question 2

Q

How to see the current IP address on Linux?

Question 3

Q

How to check for free disk space in Linux?

Question 4

Q

How to see if a Linux service is running?

Answer

A

Service –status-all

Service

Question 5

Q

How to check the size of a directory in Linux?

Answer

A

Du -sh foldername

Question 6

Q

How to check for open ports in Linux?

Answer

A

Netstat -tulpn

ON REMOTE HOST
telnet 8.8.8.8 53
nc -w5 -z -v (AKA NETCAT)

Question 7

Q

How to check Linux process information (CPU usage, memory, user information, etc.)?

Answer

A

Ps aux
Top
htop

Question 8

Q

How to deal with mounts in Linux

Question 9

Q

what does LSOF return

Answer

A

the list of open files
COMMAND
PID
TID
TASKCMD
USER
FD (file descriptor)
TYPE
DEVICE
SIZE
NODE
NAME

Question 10

Q

Difference b/t CTRL-C and CTRL-Z in linux

Answer

A

CTRL - C sends SIGINT which interrupts the application, usually cause process abort and give you a blank prompt

CTRL - Z send SIGSTP which sends the application to suspend mode on the backend to be continued later with fg

Question 11

Q

Difference between Tar and ZIP

Answer

A

tar is only an archiver while zip archives and compresses.

tar preserves setuid, setgid, and sticky bit

Question 12

Q

SETUID

Answer

A

Setuid is a Linux file permission setting that allows a USER to execute that file or program with the permission of the owner of that file. This is primarily used to elevate the privileges of the current user.

Question 13

Q

SETGUID

Answer

A

Setuid is a Linux file permission setting that allows a USER to execute that file or program with the permission of the owner of that file. This is primarily used to elevate the privileges of the current user.

Same as SETUID except with GROUPS

Question 14

Q

STICKY BIT

Answer

A

Prevents everyone except the OWNER of a directory from deleting a file…like on tmp folders.

Question 15

Q

How to check open ports on a remote server without NET CAT or NMAP

Answer

A

echo > /dev/tcp// && echo “GOOD” || “BAD”

Question 16

Q

5 ways to secure an SSH connection.

Answer

A

Disable Password Based Logins and Allow Key based logins
Disable root login
Change the standard port number
Force the service to use only SSH v2
White List users or servers “Allowed List” is the new PC term.

Question 17

Q

LVM

Answer

A

Logical Volume Manager
LV-extend / LV-reduce to extend or reduce partition sizes
create/resize/delete LVM partitions while the server is running.

Question 18

Q

How would you connect to a machine in the cloud

Answer

A

Is there a VPN…connect to it.

SSH @

Question 19

Q

CD

Answer

A

change directory

CD /

Question 20

Q

LS

Answer

A

list directory contents.

ls [flags] [directory]

Question 21

Q

PWD

Answer

A

print working directory (path of current directory or the one you choose)

Question 22

Q

echo

Answer

A

Displays a line of txt

Question 23

Q

grep

Answer

A

print lines to match patterns
If no FILE is given, recursive searches examine the working directory, and nonrecursive searches read standard
input.

Question 24

Q

cp

Answer

A

Copy file

cp

Question 25

Q

systemctl

Answer

A

Control the systemd system and service manager

Question 26

Q

How to list services with systemctl

Answer

A

systemctl list-units type=service

Question 27

Q

how to get status of a service

Answer

A

systemctl status

Question 28

Q

how do you enable a service to start at boot time

Answer

A

systemctl enable

Question 29

Q

start or stop a service

Answer

A

systemctl start/stop

Question 30

Q

What is init system.

Answer

A

o	Init is the first process
o	Starts all services and units
o	Reparening orphaned processes
o	Systemctl enable/start services
o	Journalctl -fu nginx (logs)

Question 31

Q

How do you show ip address of eth0

Answer

A

• Ip addr show dev eth0

Question 32

Q

how to you display route information

Answer

A

ip route show

Question 33

Q

Know the basics of System D

Answer

A

Contains Init which boots the rest of the system
Collection of programs and libraries
systemctl and journalctl
init process management
network management 
login management
logs 
etc

Question 34

Q

What is a linux user made of?

Answer

A

Bascially a bunch of lines in a bunch of different files
Passwd gives username UID password or reference to the hashed password file
remove user from all groups before deleting

Question 35

Q

What do you know about PROC?

Answer

A

Proc file system (procfs) is virtual file system created on fly when system boots and is dissolved at time of system shut down.

It contains useful information about the processes that are currently running, it is regarded as control and information center for kernel.

Question 36

Q

How can you check resource utilization

Answer

A

top, htop, or atop

Question 37

Q

How do you look for application binary?

Answer

A

whereis will show you where the app and man pages live

Question 38

Q

report a snapshot of the current processes.

Question 39

Q

How to get open files by process id

Question 40

Q

how to view open ports on a machine

Answer

A

netstat -tulpn

Question 41

Q

What can prevent you from writing a file?

Answer

A

Ownership in a folder
Permissions
I-node exhaustion…you can run df -i

Question 42

Q

What are I-nodes

Answer

A

Linux datastructure that contains info on files When are they created. 
File type
Permissions
Owner ID
Group ID
Size of file
Time last accessed
Time last modified
Soft/Hard Links
Access Control List (ACLs)

Question 43

Q

What commands can you use to find i node info on a file

Answer

A

stat (various arguments) %i displays inode number

ls -lhi | grep

Question 44

Q

How to check inode usage on a system

Question 45

Q

What happens to the inode when you copy vs move a file

Answer

A

copy creates new inode

move same inode, new info

Question 46

Q

How do you identify where an application is installed

Answer

A

use the WHICH or WHEREIS

Question 47

Q

What is cron

Answer

A

daemon to execute scheduled commands

Question 48

Q

How to find config files for applications

Answer

A

Use Find in the /etc folder

Question 49

Q

You want to check the logs for an apache / nginx server, but you cant find them in /var/log/, where would you look

Answer

A

find out where the application is installed and check the .conf file

Question 50

Q

How would you access a web service running in server B only accessible from server A, to which you have access, but from your local machine

Answer

A

ssh tunnel using port forwarding -L or proxy socks -D

ssh -L 8080:192.168.1.1:3389 user@192.168.1.1

Question 51

Q

• Difference between a process and a thread?

Answer

A

Process is an instance of a computer program that is being executed, while a thread is a component of a process which is the smallest execution unit.
Processes have their own memory space, which the thread, in turn, use.
In a multi-processing environment, each process executes independently. But a thread can read, write or modify data of another thread.

Question 52

Q

What command used to find processes as well as cpu and memory usage?

Answer

A

top, htop

Question 53

Q

What is the difference between a L4 and L7 load balancer?

Answer

A

Layer 4 load balancing takes place at the transport layer of the OSI model, which is in charge of delivering messages regardless of their content. Layer 4 load balancers simply route network packets to and from the upstream server without inspecting them. By reviewing the initial few packets in the transmission control protocol (TCP) stream, they can only make limited routing decisions. It is still the heart of the OSI.
QUICK, EFFICIENT, SECURE…..NO SMARTBALANCING, NO MICROSERVICES

Layer 7 load balancing works at the application layer of the OSI model, which is in charge of the message’s actual content. Application Load Balancers route network traffic in a more complex way, typically for TCP-based traffic such as HTTP or HTTPS. A Layer 7 load balancer, unlike a Layer 4 load balancer, disconnects network traffic and processes the message inside.
BASED ON URL, SMART ROUTING, CACHING…EXPENSIVE, NEEDS DECRYPTION

Question 54

Q

whats the difference between df and free

Answer

A

df is to check free disk space

free is to check free memory

Question 55

Q

how does kill work?

Answer

A

The default signal for kill is TERM. Use -l or -L to list available signals. Particularly useful signals include HUP, INT, KILL, STOP, CONT, and 0. Al‐
ternate signals may be specified in three ways: -9, -SIGKILL or -KILL. Negative PID values may be used to choose whole process groups; see the PGID column
in ps command output. A PID of -1 is special; it indicates all processes except the kill process itself and init.

Question 56

Q

Which files are open?

Question 57

Q

Which processes have this file open?

Question 58

Q

Which files does process X have open

Answer

A

lsof -p 1

lsof -p `pgrep ABC

Question 59

Q

Where is the binary for this process

Answer

A

o lsof -p ABC | grep bin

Question 60

Q

Which shared libraries is this program using? (manually upgrading software, i.e. openssl)

Answer

A

o lsof -p PID | grep .so

Question 61

Q

Where is this thing logging to?

Answer

A

o lsof -p ABC | grep log

Question 62

Q

Which processes still have this old library open

Answer

A

o lsof grep libname.so

Question 63

Q

Which files does user XYZ have open?

Answer

A

o lsof -u XYZ

lsof -u XYZ -i (selects IPv 4/6 files for networking)

Question 64

Q

Which process is listening on Port X (or using Protocol Y)?

Answer

A

lsof -i :80

lsof -i tcp

Answer 56

A

tells uptime of machine and session time of use
load averages if 1 CPU .5 is 50% load
load averages if 4 CPUS 1 is 25% aggregated load of 4 CPUs

Answer 57

A

overal stats by time
memory swpd=paging...free,buff,cache
swap in and out
io -disk bits in and bits out
system
cpu looking at user, system, idel and steal

Answer 58

A

mpstat -P ALL 1

Answer 59

A

pidstat 1

Answer 60

A

io stat -xz 1

Answer 61

A

sar -n DEV 1

sar -n TCP, ETCP 1

Answer 62

A

Disk with iostat
Swaps with vmstat
Network with sar
system calls with strace

Answer 63

A

overview with vmstat
mpstat for cpu usage
pidstat to check when ps is hogging resources
check disk with iostat
run strace -tp 'pgrep ' | head 100

Answer 64

A

top (not always super usefull)
mpstat 1
iostat -x 1
sar -n DEV 1
vmstat 1
perf record -F 99 -a -g --sleep 10
perf report -n --stdio

Answer 65

A

ps | awk ‘{print $1}’ prints first column

Answer 66

A

awk -F “:” ‘{print $1}’ /etc/passwd

Answer 67

A

awk F “:” ‘{print $1”\t”$6”\t”$7}’ /etc/passwd

awk ‘BEGIN{FS=”:”; OFS=”-“} {PRINT $1, $6, $7}’ /etc/passwd

Answer 68

A

d=directory-
-=file
l=link

read write execute for user/owner….no permissions for group…and read and execute for everyone else

777 is rwx for all three

r=4
w=2
x=1

Answer 69

A

kinda like wireshark

terrible performance inhibitor

Answer 70

A

ss gives more socket info

iptraf gives a histogram of network packet size

Answer 71

A

performance monitoring console (counter)

Answer 72

A

setfacl -m u::rwx filename

-x to remove

Answer 73

A

Min/Hour/DOM/Month/DOW/cmd

Brainscape's Knowledge GenomeTM

Linux Flashcards

Brainscape's Knowledge Genome^TM