Useful Linux Commands (Linux Forensics Analyst, DevOps Engineer, System Administrator) Flashcards by William Reese

What command repeatedly outputs a string until interrupted?

yes

How well did you know this?

Not at all

Perfectly

What is the purpose of the ‘yes’ command?

To automatically provide a repeated response, commonly ‘y’, to prompts.

How well did you know this?

Not at all

Perfectly

Which command displays text in an ASCII speech bubble spoken by a cow?

cowsay

How well did you know this?

Not at all

Perfectly

What command can be used to print text as if spoken by an ASCII cow?

cowsay

How well did you know this?

Not at all

Perfectly

What command reverses the characters of a string?

rev

How well did you know this?

Not at all

Perfectly

How can you reverse the characters in ‘linux’ using a Linux command?

echo ‘linux’ | rev

How well did you know this?

Not at all

Perfectly

What happens when you run ‘sl’ instead of ‘ls’ by mistake?

It shows an animation of a steam locomotive.

How well did you know this?

Not at all

Perfectly

Which command shows a steam locomotive animation if typed incorrectly?

How well did you know this?

Not at all

Perfectly

Which command builds and executes command lines from input?

xargs

How well did you know this?

Not at all

Perfectly

How do you remove all .txt files using ‘find’ and ‘xargs’?

find . -name ‘*.txt’ | xargs rm

How well did you know this?

Not at all

Perfectly

What cryptic-looking command can crash a system by creating infinite processes?

Fork bomb: :(){ :|:& };:

How well did you know this?

Not at all

Perfectly

What is the purpose of the ‘factor’ command?

To output the prime factors of a given number.

How well did you know this?

Not at all

Perfectly

What command displays the prime factors of a number?

factor

How well did you know this?

Not at all

Perfectly

Which command executes another command repeatedly at specified intervals?

watch

How well did you know this?

Not at all

Perfectly

How do you display disk usage (df) every 2 seconds using ‘watch’?

watch -n 2 df -h

How well did you know this?

Not at all

Perfectly

Which command displays a file in reverse line order?

tac

How well did you know this?

Not at all

Perfectly

How do you reverse the line order of a file using a Linux command?

tac filename.txt

How well did you know this?

Not at all

Perfectly

Which command shuffles the lines of input randomly?

shuf

How well did you know this?

Not at all

Perfectly

What command is used to shuffle the lines in a text file randomly?

shuf mylist.txt

How well did you know this?

Not at all

Perfectly

What does the ‘pv’ command do?

Monitors the progress of data through a pipe.

How well did you know this?

Not at all

Perfectly

Which command allows you to monitor the progress of a file being copied?

How well did you know this?

Not at all

Perfectly

What does the ‘dd’ command do?

Converts and copies files in raw byte form.

How well did you know this?

Not at all

Perfectly

How do you copy disk images using ‘dd’?

dd if=/dev/sda of=/dev/sdb bs=64K

How well did you know this?

Not at all

Perfectly

What is the function of the ‘mkfifo’ command?

Creates a named pipe (FIFO).

How well did you know this?

Not at all

Perfectly

What command creates a named pipe in Linux?

mkfifo

How well did you know this?

Not at all

Perfectly

Which command adds line numbers to text?

How well did you know this?

Not at all

Perfectly

How do you add line numbers to a text file?

nl file.txt

How well did you know this?

Not at all

Perfectly

What command displays how long the system has been running?

uptime

How well did you know this?

Not at all

Perfectly

What is the purpose of the ‘uptime’ command?

To display how long the system has been running and load averages.

How well did you know this?

Not at all

Perfectly

Which command displays random quotes or proverbs?

fortune

How well did you know this?

Not at all

Perfectly

What does the ‘fortune’ command do?

Displays random quotes, jokes, or proverbs.

How well did you know this?

Not at all

Perfectly

Which command pauses execution for a set amount of time?

sleep

How well did you know this?

Not at all

Perfectly

How do you pause a script for 5 seconds in Linux?

sleep 5

How well did you know this?

Not at all

Perfectly

Which command outputs the contents of a gzip-compressed file without decompressing it?

zcat

How well did you know this?

Not at all

Perfectly

What command allows you to view compressed files without decompressing them?

zcat

How well did you know this?

Not at all

Perfectly

Which command translates or deletes characters in text?

How well did you know this?

Not at all

Perfectly

How do you replace spaces with newlines using a Linux command?

echo ‘hello world’ | tr ‘ ‘ ‘\n’

How well did you know this?

Not at all

Perfectly

What is the purpose of the ‘tput’ command?

To manipulate terminal settings, such as colors or cursor movement.

How well did you know this?

Not at all

Perfectly

Which command changes text color to red in a terminal?

tput setaf 1

How well did you know this?

Not at all

Perfectly

Which command displays detailed information about a file, including metadata such as last access and modification times?

stat

How well did you know this?

Not at all

Perfectly

How can you view the detailed metadata of a file in Linux?

stat filename

How well did you know this?

Not at all

Perfectly

Which command is used to show the running processes in Linux?

How well did you know this?

Not at all

Perfectly

How do you view a list of all running processes in Linux?

ps aux

How well did you know this?

Not at all

Perfectly

Which command can show open network connections, listening ports, and other network-related information?

netstat

How well did you know this?

Not at all

Perfectly

What command lists all open network connections and listening ports on a Linux system?

netstat -tulnp

How well did you know this?

Not at all

Perfectly

Which command shows active network connections and related stats, replacing ‘netstat’ in modern systems?

How well did you know this?

Not at all

Perfectly

How do you view active TCP connections using the ‘ss’ command?

ss -t

How well did you know this?

Not at all

Perfectly

Which command lists all open files and the processes that opened them?

lsof

How well did you know this?

Not at all

Perfectly

How do you check which files are open by which processes in Linux?

lsof

How well did you know this?

Not at all

Perfectly

What command can be used to monitor changes to files and directories in real-time?

inotifywait

How well did you know this?

Not at all

Perfectly

How do you monitor changes in a directory in real-time in Linux?

inotifywait -m /path/to/directory

How well did you know this?

Not at all

Perfectly

Which command is used to create a cryptographic hash (checksum) of a file for integrity verification?

sha256sum

How well did you know this?

Not at all

Perfectly

How do you generate the SHA-256 hash of a file in Linux?

sha256sum filename

How well did you know this?

Not at all

Perfectly

Which command captures all traffic on a network interface and displays it for analysis?

tcpdump

How well did you know this?

Not at all

Perfectly

How do you capture network traffic on interface eth0 and write it to a file using tcpdump?

tcpdump -i eth0 -w capture.pcap

How well did you know this?

Not at all

Perfectly

Which command is used to analyze packet captures (PCAP files) from tools like tcpdump?

wireshark

How well did you know this?

Not at all

Perfectly

How can you visually analyze a pcap file in Linux?

wireshark filename.pcap

How well did you know this?

Not at all

Perfectly

What command is used to securely erase files by overwriting them multiple times?

shred

How well did you know this?

Not at all

Perfectly

How do you securely delete a file in Linux using ‘shred’?

shred -u filename

How well did you know this?

Not at all

Perfectly

Which command provides a forensic timeline of file access, modification, and creation times?

sleuthkit ‘fls’

How well did you know this?

Not at all

Perfectly

How do you create a forensic timeline from an image file using ‘fls’?

fls -r imagefile.img

How well did you know this?

Not at all

Perfectly

Which command allows forensic investigators to extract data from memory dumps?

volatility

How well did you know this?

Not at all

Perfectly

How can you analyze a memory dump for processes using Volatility?

volatility -f memory.dmp –profile=Win7SP1x64 pslist

How well did you know this?

Not at all

Perfectly

Which command provides detailed information about the usage of disk space by files and directories?

How well did you know this?

Not at all

Perfectly

How do you check the disk usage of a specific directory?

du -sh /path/to/directory

How well did you know this?

Not at all

Perfectly

What tool allows the recovery of deleted files from an ext3 or ext4 file system?

extundelete

How well did you know this?

Not at all

Perfectly

How do you recover deleted files from a partition using extundelete?

extundelete /dev/sda1 –restore-all

How well did you know this?

Not at all

Perfectly

Which command displays information about USB devices connected to the system?

lsusb

How well did you know this?

Not at all

Perfectly

How do you view a list of USB devices connected to the system?

lsusb

How well did you know this?

Not at all

Perfectly

What command lists all the block devices connected to the system?

lsblk

How well did you know this?

Not at all

Perfectly

How do you list all block devices (like hard drives) in Linux?

lsblk

How well did you know this?

Not at all

Perfectly

Which command provides a hexadecimal and ASCII dump of a file’s content, often used in forensics for low-level data inspection?

hexdump

How well did you know this?

Not at all

Perfectly

How do you display the hexadecimal contents of a file in Linux?

hexdump filename

How well did you know this?

Not at all

Perfectly

Which command is used to create a binary image of an entire drive for forensic analysis?

How well did you know this?

Not at all

Perfectly

How do you create a raw disk image of a drive using ‘dd’?

dd if=/dev/sda of=/path/to/output.img bs=64K

How well did you know this?

Not at all

Perfectly

Which command is used to examine the attributes of ext2, ext3, and ext4 file systems?

debugfs

How well did you know this?

Not at all

Perfectly

How do you open an ext4 filesystem for analysis using ‘debugfs’?

debugfs /dev/sda1

How well did you know this?

Not at all

Perfectly

What command is used to list hidden file attributes on ext file systems, such as immutable or append-only flags?

lsattr

How do you view the extended file attributes on a file in Linux?

lsattr filename

What command allows a forensic investigator to examine or mount disk images locally?

mount -o loop

How do you mount a disk image for analysis using the ‘mount’ command?

mount -o loop /path/to/image.img /mnt/analysis

Which command is used to monitor real-time system resource usage, including CPU and memory?

top

How do you monitor CPU, memory, and process usage in real-time in Linux?

top

Which command shows the current resource usage in a more visually appealing way compared to ‘top’?

htop

How can you interactively view system resources and processes using a visual interface?

htop

Which command is used to display or manipulate the routing table in Linux?

route

How do you view the current routing table in Linux?

route -n

Which command can check the availability and response time of a network host?

ping

How do you check if a server is reachable via network in Linux?

ping hostname_or_ip

Which command is used to trace the path packets take to reach a network host?

traceroute

How do you trace the route that packets take to a destination?

traceroute hostname_or_ip

Which command can be used to check the status of a service in systemd-based systems?

systemctl status

How do you check the status of a service like nginx using ‘systemctl’?

systemctl status nginx

Which command is used to start a service in systemd-based Linux systems?

systemctl start

How do you start the Apache (httpd) service in Linux?

systemctl start httpd

Which command is used to stop a service in systemd-based Linux systems?

systemctl stop

How do you stop the MySQL service in Linux?

systemctl stop mysql

Which command is used to restart a service in Linux?

systemctl restart

How do you restart the nginx service in Linux?

systemctl restart nginx

Which command is used to enable a service to start on boot in Linux?

systemctl enable

How do you enable the Apache service to start on boot?

systemctl enable httpd

Which command is used to check system logs managed by systemd?

journalctl

How do you view system logs from the last boot using ‘journalctl’?

journalctl -b

Which command lists all the open ports and the services listening on them?

netstat -tulnp

How do you list all open TCP and UDP ports and their associated services?

netstat -tulnp

Which command can be used to manage Docker containers, images, and volumes?

docker

How do you list all running Docker containers?

docker ps

Which command is used to build a Docker image from a Dockerfile?

docker build

How do you build a Docker image from a Dockerfile?

docker build -t imagename .

Which command is used to start a Docker container from an image?

docker run

How do you run a container from a Docker image in Linux?

docker run imagename

Which command is used to manage Kubernetes clusters and resources?

kubectl

How do you list all pods in a Kubernetes cluster?

kubectl get pods

Which command is used to update Kubernetes deployments or configurations?

kubectl apply

How do you apply a configuration file to update a Kubernetes deployment?

kubectl apply -f deployment.yaml

Which command is used to view the current disk space usage on Linux?

df -h

How do you check available disk space in a human-readable format?

df -h

Which command can recursively show disk usage for directories and files?

How do you check the disk usage of a specific directory?

du -sh /path/to/directory

Which command is used to monitor network interface statistics in real-time?

ifstat

How do you monitor network interface usage in real-time in Linux?

ifstat

Which command is used to display network interface configuration details?

ifconfig

How do you view the IP address of network interfaces on Linux?

ifconfig

Which command displays system hardware information, such as CPU, memory, and disk details?

lshw

How do you display detailed hardware information about your system?

lshw

Which command is used to view memory usage and swap information in Linux?

free -h

How do you check the memory usage on your system in human-readable format?

free -h

Which command allows a DevOps engineer to synchronize or backup files between two locations?

rsync

How do you synchronize files from a local directory to a remote server?

rsync -av /local/dir user@remote:/remote/dir

Which command can be used to automate tasks based on time or intervals?

cron

How do you edit the cron jobs for the current user?

crontab -e

Which command is used to list all cron jobs for the current user?

crontab -l

Which command can show the status of SELinux on a system?

getenforce

How do you check whether SELinux is enforcing, permissive, or disabled?

getenforce

Which command is used to display detailed information about the system, including hostname, kernel version, and more?

uname -a

How do you view the kernel version and system information in Linux?

uname -a

Which command can be used to change the hostname of the system?

hostnamectl

How do you change the hostname of a Linux system?

hostnamectl set-hostname new-hostname

Which command is used to view the current IP addresses assigned to network interfaces?

ip addr show

How do you display the IP addresses of all network interfaces in Linux?

ip addr show

Which command allows you to change the IP address of a network interface?

ip addr add

How do you assign a new IP address to the eth0 interface?

ip addr add 192.168.1.10/24 dev eth0

Which command displays the status of all active and inactive network interfaces?

ifconfig

How do you bring a network interface up or down using ‘ifconfig’?

ifconfig eth0 up/down

Which command shows a list of all logged-in users?

How do you view a list of users currently logged into the system?

Which command is used to reboot a Linux system immediately?

reboot

How do you reboot the system from the command line?

reboot

Which command is used to shut down a Linux system?

shutdown

How do you shut down a system after a delay of 10 minutes?

shutdown +10

Which command is used to manage user accounts, including creating or deleting users?

useradd / userdel

How do you create a new user account in Linux?

useradd username

Which command is used to change a user’s password?

passwd

How do you change or set the password for a user in Linux?

passwd username

Which command is used to modify user account details, such as group membership or shell access?

usermod

How do you add a user to a group using ‘usermod’?

usermod -aG groupname username

Which command displays the disk usage of a directory or filesystem in human-readable format?

df -h

How do you check disk space usage on all mounted filesystems?

df -h

Which command can be used to view file and directory permissions?

ls -l

How do you list files with detailed permissions in Linux?

ls -l

Which command changes file ownership in Linux?

chown

How do you change the owner of a file to a specific user and group?

chown user:group filename

Which command is used to change file permissions in Linux?

chmod

How do you set the permission for a file to be executable by the owner?

chmod u+x filename

Which command shows the last login times of users?

last

How do you view the login history of users on the system?

last

Which command is used to view system resource usage, such as CPU, memory, and disk I/O?

vmstat

How do you monitor system performance metrics using ‘vmstat’?

vmstat

Which command displays system messages and logs?

dmesg

How do you view system boot logs or kernel messages?

dmesg

Which command is used to monitor real-time log entries from system logs?

tail -f

How do you monitor real-time updates to a log file?

tail -f /var/log/syslog

Which command can be used to schedule future tasks in Linux?

How do you schedule a command to run at 2 PM using ‘at’?

echo ‘command’ | at 14:00

Which command is used to list or remove scheduled ‘at’ jobs?

atq / atrm

How do you view the list of scheduled ‘at’ jobs?

atq

Which command is used to monitor system load, including load averages and CPU usage?

uptime

How do you check system uptime and current load averages?

uptime

Which command allows you to synchronize file changes to disk manually?

sync

How do you manually flush file system buffers to disk?

sync

Which command shows the current system time and allows time configuration?

timedatectl

How do you view or set the system time in Linux?

timedatectl

Which command can check for bad blocks on a storage device?

badblocks

How do you check a disk for bad blocks in Linux?

badblocks /dev/sda

Which command allows you to mount a filesystem to a specific directory?

mount

How do you mount a partition to the /mnt directory?

mount /dev/sda1 /mnt

Which command unmounts a mounted filesystem?

umount

How do you unmount a filesystem from /mnt?

umount /mnt

Which command is used to view or configure firewall settings in Linux (using UFW)?

ufw

How do you allow traffic on port 80 using UFW?

ufw allow 80

Which command lists the active firewall rules in UFW?

ufw status

Which command allows you to check the status of SELinux?

sestatus

How do you view the current status of SELinux on a system?

sestatus

Brainscape's Knowledge GenomeTM

Useful Linux Commands (Linux Forensics Analyst, DevOps Engineer, System Administrator) Flashcards

Brainscape's Knowledge Genome^TM