Compare commits

..

8 Commits

Author SHA1 Message Date
waldek 63caf7c747 removes bad csv files 2021-10-21 15:27:36 +02:00
waldek ec675e3e07 level argument is now used to isolate one level 2021-10-21 14:51:57 +02:00
waldek 199ddd82dc some improvments to the logic and startup 2021-10-14 00:07:26 +02:00
waldek 71177c1aa3 adds full book csv 2021-10-13 15:07:22 +02:00
waldek bc82006ea5 first clean of the big batch 2021-10-12 23:39:48 +02:00
waldek 8662634ff5 fixes some minor bugs 2021-10-11 23:21:57 +02:00
waldek 6a78e96bc4 adds part 2 2021-10-11 21:03:37 +02:00
waldek 7c34c81d54 Merge pull request 'add lpic101 completed (lpic1_book_101-500.csv)' (#7) from testing into master
Reviewed-on: https://gitea.86thumbs.net/waldek/ccpq/pulls/7
2021-07-13 14:42:44 +02:00
7 changed files with 1187 additions and 180 deletions

1
.gitignore vendored
View File

@ -3,5 +3,6 @@ include/
lib/ lib/
__pycache__ __pycache__
*.swp *.swp
*.ods
.idea/ .idea/
venv/ venv/

View File

@ -29,13 +29,12 @@ class Question(object):
def _clean_data(self): def _clean_data(self):
""" """
TODO needs quite bit of actual cleanup to make the parsing more robust TODO needs quite bit of actual cleanup to make the parsing more robust
TODO needs a 'private' variable for issue 5
""" """
self._level = self._data[LEVEL].strip() self._level = self._data[LEVEL].strip()
self._question = self._data[QUESTION].strip() self._question = self._data[QUESTION].strip()
self._answers = self._data[ANSWER].strip().split(" ") self._answers = self._data[ANSWER].strip().split(" ")
self._answers = [x for x in self._answers if x] self._answers = [x for x in self._answers if x]
self._create_list_of_possibilities() self._possibilities = self._create_list_of_possibilities()
try: try:
self._explication = self._data[EXPLICATION].strip() self._explication = self._data[EXPLICATION].strip()
except: except:
@ -44,7 +43,6 @@ class Question(object):
def dump_json(self): def dump_json(self):
""" """
dumps all data to JSON for the REST API dumps all data to JSON for the REST API
TODO needs a key to include the date for issue 5
""" """
data = { data = {
UUID: self.get_uuid(), UUID: self.get_uuid(),
@ -75,7 +73,7 @@ class Question(object):
if key.isnumeric(): if key.isnumeric():
possibilities.append(self._data[key]) possibilities.append(self._data[key])
possibilities = [x for x in possibilities if x] # hack to remove empty objects possibilities = [x for x in possibilities if x] # hack to remove empty objects
self._possibilities = possibilities return possibilities
def get_possibilities(self): def get_possibilities(self):
return self._possibilities return self._possibilities
@ -125,7 +123,7 @@ class Database(object):
for row in data: for row in data:
try: try:
question = Question(row) question = Question(row)
if question.get_level() == self.level: if question.get_level() in self.level:
self._db.append(question) self._db.append(question)
except Exception as e: except Exception as e:
print(e) print(e)
@ -158,10 +156,13 @@ class Game(object):
self.shuffled_list = [] self.shuffled_list = []
def setup_players(self): def setup_players(self):
with open(self._filepath, "r") as fp: if not self._filepath.is_file():
lines = fp.readlines() self.add_player("Hans Solo")
for line in lines: else:
self.add_player(line.strip()) with open(self._filepath, "r") as fp:
lines = fp.readlines()
for line in lines:
self.add_player(line.strip())
def get_random_player(self): def get_random_player(self):
if len(self.shuffled_list) == 0: if len(self.shuffled_list) == 0:
@ -200,6 +201,9 @@ class Player(object):
self.name = name self.name = name
self.stats = Stats() self.stats = Stats()
def __str__(self):
return self.name
def get_stats(self): def get_stats(self):
return self.name, self.stats.get_right(), self.stats.get_wrong() return self.name, self.stats.get_right(), self.stats.get_wrong()

View File

@ -0,0 +1,99 @@
LEVEL,ANSWER,QUESTION,1,2,3,4,5,EXPLICATION
102-400,1,"When you configure an X server, you need to make changes to configuration files and then start or restart the X server. Which of the following can help streamline this process?","Shut down X by switching to a runlevel in which X doesnt run automatically, and then reconfigure it and use startx to test X startup.","Shut down X by booting into single-user mode, and then reconfigure X and use telinit to start X running again.","Reconfigure X, and then unplug the computer to avoid the lengthy shutdown process before restarting the system and X along with it.",Use the startx utility to check the X configuration file for errors before restarting the X server.,"Connect the Linux computers network port directly to the X server, without using any intervening routers, in order to reduce network latency.","A. On most Linux systems, some runlevels dont run X by default, so using one of them along with the startx program (which starts X running) can be an effective way to test changes to an X configuration quickly, making option A correct. The telinit program changes runlevels, which is a lengthy process compared to using startx, so option B is incorrect. Unplugging the computer to avoid the shutdown process is self-defeating because youll have to suffer through a long startup (if you use a non-journaling file- system), and it can also result in data loss, thus option C is incorrect. The startx utility doesnt check the veracity of an X configuration file; it starts X running from a text-mode login, making option D incorrect. Reconfiguring an X server does not normally require network access; the X server runs on the computer at which you sit. Thus option E is incorrect."
102-400,4,Which of the following summarizes the organization of the X configuration file?,"The file contains multiple sections, one for each screen. Each section includes subsections for individual components (keyboard, video card, and so on).","Configuration options are entered in any order desired. Options relating to specific components (keyboard, video card, and so on) may be interspersed.",The file begins with a summary of individual screens. Configuration options are preceded by a code word indicating the screen to which they apply.,"The file is broken into sections, one or more for each component (keyboard, videocard, and so on). The file also has one or more sections that define how to combine the main sections.",The file is a rare binary configuration file that must be accessed using SQL database tools.,"D. The XF86Config and xorg.conf file design enables you to define variants or multiple components and easily combine or recombine them as necessary, using the structure specified in option D. Options A, B, and C all describe fictitious structures. Option E is incorrect because the X.org-X11 and XFree86 configuration files use a text-mode structure, not a binary structure."
102-400,3,A monitors manual lists its range of acceptable synchronization values as 27kHz96kHz horizontal and 50Hz160Hz vertical. What implications does this have for the resolutions and refresh rates the monitor can handle?,The monitor can run at up to 160Hz vertical refresh rate in all resolutions.,The monitor can handle up to 160Hz vertical refresh rate depending on the color depth.,The monitor can handle up to 160Hz vertical refresh rate depending on the resolution.,"The monitor can handle vertical resolutions of up to 600 lines (96,000 ÷ 160), but no more.","The monitor can handle horizontal resolutions of up to 600 columns (96,000 ÷ 160), but no more.","C. The vertical refresh rate range includes a maximum value, but that value may be reduced when the resolution and vertical refresh rate would demand a higher horizontal refresh rate than the monitor can handle. Thus, option C is correct. Since the resolution affects the maximum refresh rate, option A is incorrect. The color depth is irrelevant to resolution and refresh rate calculations, so option B is incorrect. The computations shown in options D and E are bogus, making these options incorrect."
102-400,5,In what section of XF86Config or xorg.conf do you specify the resolution that you want to run?,"In the ServerLayout section, using the Screen option","In the Monitor section, using the Modeline option","In the Device section, using the Modeline option","In the DefaultResolution section, using the Define option","In the Screen section, subsection Display, using the Modes option","E. Option E describes the correct location for this option. The ServerLayout section (referenced in option A) combines all of the other options together but doesnt set the resolution. The Modeline option in the Monitor section (as described in option B) defines one possible resolution, but there may be several Modeline entries defining many resolutions, and theres no guarantee that any of them will be used. The Modeline option doesnt exist in the Device section (as suggested by option C), nor is that section where the resolution is set. There is no DefaultResolution section (as referenced in option D)."
102-400,2,What is an advantage of a font server?,It provides faster font displays than are otherwise possible.,It can simplify font maintenance on a network with many X servers.,Its the only means of providing TrueType support for XFree86 4.x.,It enables the computer to turn a bitmapped display into an ASCII text file.,"It enables X to use font smoothing, which isnt possible with core fonts.","B. By maintaining fonts on one font server and pointing other X servers to that font server, you can reduce the administrative cost of maintaining the fonts on all of the systems, so option B is correct. Font servers dont produce faster font displays than Xs local font handling; if anything, the opposite is true. Thus, option A is incorrect. XFree86 4.x supports TrueType fonts directly, so option C is incorrect. Converting a bitmapped display into ASCII text is a function of optical character recognition (OCR) software, not a font server, so option D is incorrect. Neither X core fonts nor a font server handles font smoothing; for that, you need Xft. Thus, option E is incorrect."
102-400,3 5,What methods do Linux distributions use to start X automatically when the system boots?(Select two.),Start an XDMCP server from the Start folder.,Start an XDMCP server from an ~/.xinitrc script.,Start an XDMCP server via a system startup script.,Start an XDMCP server via a boot manager.,Start an XDMCP server from init.,"C, E. XDMCP servers are typically launched either from a system startup script or by init (as specified in /etc/inittab), as described in options C and E. The XDMCP server then starts X. The Start folder mentioned in option A is a Windows construct, not a Linux construct. The ~/.xinitrc script mentioned in option B is an X login script used when starting X from the command line via startx; its not used to start X automatically when the system boots. A boot manager, as described in option D, launches the kernel; it doesnt directly start X, so option D is incorrect."
102-400,5,How would you change the text displayed by XDM as a greeting?,"Click Configure ➣ Greeting from the XDM main menu, and edit the text in the resulting dialog box.","Pass greeting=""text"" as a kernel option in the boot loader, changing text to the new greeting.","Edit the /etc/X11/xorg.conf file, and change the Greeting option in the xdm area.","Run xdmconfig, and change the greeting on the Login tab.","Edit the /etc/X11/xdm/Xresources file, and change the text in the xlogin*greeting line.","E. The XDM greeting is a resource set in the /etc/X11/xdm/Xresources file, so option E is correct. XDM doesnt offer many options on its main screen and certainly not one to change its greeting, as described in option A. The kernel doesnt directly handle the login process, nor does it pass options directly to XDM, so option B is incorrect. Although the xorg.conf file mentioned in option C is real, this file provides no XDM configuration options because XDM is a separate program from the X server. There is no standard xdmconfig program, as mentioned in option D."
102-400,3,Which of the following features do KDM and GDM provide that XDM doesnt?,"An encrypted remote X-based access ability, improving network security","The ability to accept logins from remote computers, once properly configured",The ability to select the login environment from a menu on the main login screen,A login screen that shows the username and password simultaneously rather than sequentially,An option to log into text mode if X should fail to start,"C. KDM and GDM add many features, one of which is a menu that enables users to select their desktop environment or window manager when they log in rather than specifying it in a configuration file, as option C states. Option A describes one of the advantages of the Secure Shell (SSH) as a remote-access protocol. Option B describes a feature common to all three XDMCP servers. Option D describes the way both KDM and XDM function; GDM is the one that presents username and password fields in series rather than simultaneously. Although a failure of X to start usually results in a fallback to a text-mode login, this feature is not provided by the XDMCP server, so option E is incorrect."
102-400,1,Which of the following commands tells the X server to accept connections from penguin.example.com?,xhost +penguin.example.com,export DISPLAY=penguin.example.com:0,telnet penguin.example.com,xaccess penguin.example.com,ssh penguin.example.com,"A. The xhost command controls various aspects of the local X server, including the remote computers from which it will accept connections, making option A correct. Option B sets the DISPLAY environment variable, which doesnt directly affect the X server (it does tell X clients which X server to use). Option C initiates a text-mode remote login session with penguin.example.com. Option Ds xaccess is a fictitious program. Although logging into penguin.example.com via ssh may also initiate an X tunnel, this isnt guaranteed, and such a tunnel doesnt cause the local X server to accept direct connections from the remote computer, so option E is incorrect."
102-400,1,"To assist an employee who has trouble with keyboard repeat features, youve disabled this function in /etc/X11/xorg.conf. Why might this step not be sufficient for the goal of disabling keyboard repeat?","GNOME, KDE, or other desktop environment settings for keyboard repeat may override those set in xorg.conf.",The xorg.conf file has been deprecated you should instead adjust the /etc/X11/XF86Config file.,Keyboard settings in xorg.conf apply only to Bluetooth keyboards you must use usbkbrate to adjust keyboard repeat for USB keyboards.,You must also locate and reset the DIP switch on the keyboard to disable keyboard repeat.,"The keyboard repeat options in xorg.conf work only if the keyboards nationality is set incorrectly, which is not often.","A. As stated in option A, GNOME, KDE, and other user programs often override the keyboard repeat settings in the X configuration file. Option B has it almost backward; most Linux distributions have abandoned XFree86, and therefore its XF86Config file, in favor of X.org-X11 and its xorg.conf file. Option C is pure fiction; xorg.conf settings apply to all varieties of keyboards, and there is no standard usbkbrate program. Although some keyboards do have hardware switches, they dont affect Xs ability to control the keyboard repeat rate, contrary to option D. Although you can set a keyboards nationality in xorg.conf, this option is independent of the keyboard repeat rate settings, so option E is incorrect."
102-400,3 5,Which of the following programs may be used to provide computer-generated speech for users who have trouble reading computer displays? (Select two.),SoX,Braille,Orca,talk,Emacspeak,"C, E. The Orca and Emacspeak programs both provide text-to-speech conversion facilities, so options C and E are both correct. Braille is a form of writing that uses bumps or holes in a surface that can be felt by the reader. Although Linux supports Braille output devices, the question specifies computer-generated speech, which Braille is not, so option B is incorrect. SoX (option A) is an audio format converter, but it wont convert from text to speech. The talk program (option D) is an early Unix online text-mode “chat” program, but it has no built-in speech synthesis capabilities."
102-400,2 5,"You manage a computer thats located in Los Angeles, California, but the time zone is misconfigured as being in Tokyo, Japan. What procedure can you follow to fix this problem? (Select two.)",Run hwclock --systohc to update the clock to the correct time zone.,"Delete /etc/localtime, and replace it with an appropriate file from /usr/share/zoneinfo.",Edit the /etc/tzconfig file so that it specifies North_America/Los_Angeles as the time zone.,"Edit /etc/localtime, and change the three-letter time zone code on the TZ line.",Use the tzselect program to select a new (Los Angeles) time zone.,"B, E. Time zones are determined by the /etc/localtime file, so replacing that one with the correct file (a selection is stored in /usr/share/zoneinfo) will fix the problem, making option B correct. (You may also need to edit /etc/timezone or some other file to keep automatic utilities from becoming confused.) Utilities such as tzselect will make these changes for you after prompting you for your location, so option E is also correct. The hwclock program mentioned in option A reads and writes data from the systems hardware clock. Although it relies on time zone data, it cant adjust your systems time zone itself. There is no standard /etc/tzconfig file, although the tzconfig program, like tzselect, can help you set the time zone. Thus, option C is incorrect. The /etc/localtime file is a binary format; you shouldnt attempt to edit it in a text editor, making option D incorrect."
102-400,4,Youre configuring a Linux system that doesnt boot any other OS. What is the recommended time to which the computers hardware clock should be set?,Helsinki time,Local time,US Pacific time,UTC,Internet time,"D. Linux, like Unix, maintains its time internally in Coordinated Universal Time (UTC), so setting the computers hardware clock to UTC (option D) is the recommended procedure for computers that run only Linux. Although Linus Torvalds spent time at the University of Helsinki, Helsinki time (as in option A) has no special place in Linux. Local time (as in option B) is appropriate if the computer dual-boots to an OS, such as Windows, that requires the hardware clock to be set to local time, but this is the second-best option for a Linux-only system. Option Cs US Pacific time, like Helsinki time, has no special significance in Linux. Internet time (option E) is an obscure way to measure time that divides each day into 1,000 “beats.” Its not a time zone and is not an appropriate way to set your hardware clock."
102-400,3,"Youve developed a script that uses several Linux commands and edits their output.You want to be sure that the script runs correctly on a computer in Great Britain, although youre located elsewhere, since the output includes features such as currency symbols and decimal numbers that are different from one nation to another. What might you do to test this?","Enter the BIOS, locate and change the location code, reboot into Linux, and run the script.","Edit /etc/locale.conf, change all the LC_* variables to en_GB.UTF-8, and then reboot and run the script.","Type export LC_ALL=en_GB.UTF-8, and run the script from the same shell you used to type this command.","Type locale_set Great_Britain, and run the script from the same shell you used to type this command.","Type export TZ=:/usr/share/zoneinfo/Europe/London, and run the script from the same shell you used to type this command.","C. When set, the LC_ALL environment variable (option C) adjusts all the locale (LC_*) variables, so setting this and then running the script will make the programs that your script uses work as if on a British computer. The BIOS has no location code data, so option A is incorrect. There is no standard /etc/locale.conf file, so option B is incorrect. There is no standard locale_set utility, so option D is incorrect. Although setting the TZ environment variable, as in option E, will set the time zone for your local shell to that for Great Britain, this wont affect the sort of text formatting options noted in the question. 15. A. The Unicode Transformation Format 8 (UTF-8) standard can encode characters for just about any language on Earth, while looking just like ordinary ASCII to programs that only understand ASCII. Thus UTF-8 (option A) is the preferred method for character encoding when a choice is possible. ASCII (option B) is an old standard thats adequate for English and a few other languages, but it lacks some or all characters needed by most languages. ISO-8859 (options C and D) is a standard that extends ASCII, but it requires separate encodings for different languages and so it is awkward when a computer must process data from multiple languages. ATASCII (option E) is a variant of ASCII used in the 1980s by Atari for its home computers; its obsolete and inadequate today."
102-400,5,Which character set encoding is the preferred method on modern Linux systems?,UTF-8,ASCII,ISO-8859-1 ,ISO-8859-8,ATASCII,"E. The smart filter makes a print queue “smart” in that it can accept different file types (plain text, PostScript, graphics, and so on) and print them all correctly, as in option E. Font smoothing is useful on low-resolution computer monitors, but not on most printers, and adding font smoothing is not a function of a smart filter, so option A is incor- rect. A smart filter doesnt detect confidential information (option B) or prank print jobs (option D). The lpr program can be given a parameter to email a user when the job finishes (option C), but the smart filter doesnt do this."
102-400,2 4,Which of the following describes the function of a smart filter?,It improves the legibility of a print job by adding font smoothing to the text.,It detects information in print jobs that may be confidential as a measure against industrial espionage.,"It sends email to the person who submitted the print job, obviating the need to wait around the printer for a printout.",It detects and deletes prank print jobs that are likely to have been created by troublemakers trying to waste your paper and ink.,It detects the type of a file and passes it through programs to make it printable on a given model of printer.,"B, D. The job ID (option B) and job owner (option D) are both displayed by lpq. Unless the application embeds its own name (option A) in the filename, that information wont be present. Most printers lack Linux utilities to query ink or toner status (option C); certainly lpq cant do this. Although knowing when your job will finish printing (option E) would be handy, providing this information is well beyond lpqs capabilities."
102-400,3,What information about print jobs does the lpq command display? (Select two.),The name of the application that submitted the job,A numerical job ID that can be used to manipulate the job,The amount of ink or toner left in the printer,The username of the person who submitted the job,The estimated time to finish printing the job,"C. The lprm command (option C) deletes a job from the print queue. It can take the -Pqueue option to specify the queue and a print job number or various other parameters to specify which jobs to delete. BSD LPD, LPRng, and CUPS all implement the lprm command, so you can use it with any of these systems, making option A incorrect. Option B presents the correct syntax but the wrong command name; there is no standard lpdel command. The cupsdisable command can be used to disable the whole queue but not to delete a single print job, so option D is incorrect. Because option C is correct, option E obviously is not."
102-400,2,"Youve submitted several print jobs, but youve just realized that you mistakenly submitted a huge document that you didnt want to print. Assuming that you can identify the specific job, that its not yet printing, and that its job ID number is 749, what command would you type to delete it from the okidata print queue?","The answer depends on whether youre using BSD, LPD, LPRng, or CUPS.",Type lpdel -Pokidata 749.,Type lprm -Pokidata 749.,Type cupsdisable -Pokidata 749.,None of the above the task is impossible. ,"B. PostScript is the de facto printing standard for Unix and Linux programs, as specified in option B. Linux programs generally do not send data directly to the printer port (option A); on a multitasking, multiuser system, this would produce chaos because of competing print jobs. Although a few programs include printer driver collections, most forgo this in favor of generating PostScript, making option C incorrect. Printing utilities come standard with Linux; add-on commercial utilities arent required, so option D is incorrect. Verdana is one of several “web fonts” released by Microsoft. Although many Linux programs can use Verdana for printing if the font is installed, most Linux distributions dont install Verdana by default, and few Linux programs use it for printing by default even if its installed, so option E is not correct."
102-400,2,Which of the following is generally true of Linux programs that print?,They send data directly to the printer port.,They produce PostScript output for printing.,They include extensive collections of printer drivers.,They can print only with the help of add-on commercial programs.,They specify use of the Verdana font.,"B. The mpage utility (option B) prints multiple input pages on a single output page, so its ideally suited to the specified task. PAM (option A) is the Pluggable Authentication Modules, a tool for helping to authenticate users. 4Front (option C) is the name of a company that produces commercial sound drivers for Linux. The route command (option D) is used to display or configure a Linux routing table. The 411toppm program (option E) converts files from Sonys 411 image file format to the PPM image file for- mat; it doesnt do the specified task."
102-400,5,"When a user account has been locked using the usermod -L command, you will see what in the /etc/shadow files record for that user?",An x in the password field,An !! in the password field,A blank password field,A zero (0) at the front of the password field,An ! at the front of the password field,"E. When the usermod -L username command is used, the username record in the /etc/shadow file has its password field modified. An exclamation point (!) is placed in front of the password, making the password inoperable and thus locking the account. Therefore, option E is correct. An x exists in the /etc/passwd files records password field, if the /etc/shadow file is used for passwords (which it should be) and does not indicate a locked account. Therefore, option A is incorrect. Option B is only true when an account has not yet had a password set. Therefore, option B is incorrect. Option C is also incorrect. You would never have a blank password field for a user accounts /etc/shadow record, unless the file had been incorrectly manually modified. Manual modifications of the /etc/shadow files are never recommended. A user record could have a zero (0) as the first character in their password field, but this would be due to the password being hashed, not locked. Therefore, option D is incorrect."
102-400,1 2 3,What commands can be used to add user accounts to a Linux system?,useradd username,adduser username,"useradd -c ""full name"" username",usradd username,passwd username,"A, B, C. The useradd command is used to add user accounts to a Linux system, and therefore option A is correct. The adduser command is available on some Linux distributions, and it also allows you to add user accounts to the system. Thus, option B is correct as well. The useradd command has a valid -c option that allows you to enter comments, such as a users full name. Therefore, option C is also correct. There is no usradd command, so option D is incorrect. The passwd command cannot add users to the system. Therefore, option E is incorrect."
102-400,1,An administrator types chage -M 7 time. What is the effect of this command?,The time accounts password must be changed at least once every seven days.,All users must change their passwords at least once every seven days.,All users are permitted to change their passwords at most seven times.,The time accounts age is set to seven months.,The account databases time stamp is set to seven months ago.,"A. The chage command changes various account expiration options. The -M parameter sets the maximum number of days for which a password is valid, and in the context of the given command, time is a username. Thus, option A is correct. Options B, C, D, and E are all made up."
102-400,4,What is wrong with the following /etc/passwd file entry? sally:x:1029:Sally Jones:/home/myhome:/bin/passwd,"The default shell is set to /bin/passwd, which is an invalid shell.",The username is invalid. Linux usernames cant be all lowercase letters.,The home directory doesnt match the username.,Either the UID or the GID field is missing.,The hashed password is missing.,"D. The /etc/passwd entries have third and fourth fields of the UID and the GID, but this line has only one of those fields (which one is intended is impossible to determine); this example lines fourth field is clearly the fifth field of a valid entry. Thus, option D is the correct answer. Option A is incorrect because, although /bin/passwd is an unorthodox login shell, its perfectly valid. This configuration might be used on, say, a Samba file server or a POP mail server to enable users to change their passwords via SSH without granting login shell access. The sally username is valid and thus, Option B is not a correct answer. You may have usernames that are all lowercase letters. Option C is a correct observation, but an incorrect answer; the username and the users home directory name need not match. The hashed password is officially stored in the second field, but in practice, most Linux computers place the hashed passwords in the /etc/shadow file. An x value for the password is consistent with this use, so option E is incorrect."
102-400,5,"You want sally, who is already a member of the Production group, also to be a member of the Development group. What is the best way to accomplish this?",Use the groupadd Development sally command.,Use the groupadd Production sally command.,"Manually edit the /etc/group file, and change the Development groups record to Development:501:sally.",Use the usermod -G Development sally command.,Use the usermod -a -G Development sally command.,"E. Option E is the best way to accomplish the task, because it will add sally to the Development group without removing her from any other groups or potentially damaging the /etc/group file. Option A would attempt to add the groups Development and sally to the system, thus it is not even a valid choice. Option B, also not a valid choice, would attempt to add the groups Production and sally. Option C would work, but it is very dangerous to edit an account configuration file manually instead of using account tools. Therefore, option C is not the best choice. Option D would work, but it would remove sally from all of her other groups, including the Production group. Therefore, option D is not the best choice either."
102-400,2 3 4,What types of files might you expect to find in /etc/skel? (Select three.),A copy of the /etc/shadow file,An empty set of directories to encourage good file management practices,A README or similar welcome file for new users,A starting .bashrc file,The RPM or Debian package management database,"B, C, D. Files in /etc/skel are copied from this directory to the new users home directories by certain account-creation tools. Thus, files that you want in all new users home directories should reside in /etc/skel. Options B, C, and D all describe reasonable possibilities, although none is absolutely required. Including a copy of /etc/ shadow in /etc/skel (option A) would be a very bad idea because this would give all users access to all other users hashed passwords, at least as of the moment of account creation. You wouldnt likely find package management databases (option E) in /etc/skel, since users dont need privileged access to this data, nor do they need individualized copies of it."
102-400,3,What would a Linux system administrator type to remove the nemo account and its home directory?,userdel nemo,userdel -f nemo,userdel -r nemo,rm -r /home/nemo,usermod -D nemo,"C. The userdel command deletes an account, and the -r option to userdel (option C) causes it to delete the users home directory and mail spool, thus satisfying the terms of the question. Option A deletes the account but leaves the users home directory intact. Option B does the same; the -f option forces account deletion and file removal under some circumstances, but its meaningful only when -r is also used. Option Ds rm command deletes the users home directory (assuming that its located in the conventional place, given the username) but doesnt delete the users account. Option Es usermod command can modify accounts, including locking them, but it cant delete accounts. Furthermore, the -D option to usermod is fictitious."
102-400,5,Which of the following system logging codes represents the highest priority?,info,warning,crit,debug,emerg,"E. The emerg priority code (option E) is the highest code available and so is higher than all the other options. From highest to lowest priorities, the codes given as options are emerg, crit, warning, info, and debug."
102-400,1,Which of the following configuration files does the logrotate program consult for its settings?,/etc/logrotate.conf,/usr/sbin/logrotate/logrotate.conf,/usr/src/logrotate/logrotate.conf,/etc/logrotate/.conf,~/.logrotate,"A. The logrotate program consults a configuration file called /etc/logrotate.conf (option A), which includes several default settings and typically refers to files in /etc/logrotate.d to handle specific log files. The remaining options are all fictitious, at least as working log files for logrotate."
102-400,4,"You want to create a log file entry noting that youre manually shutting down the system to add a new network card. How might you create this log entry, just prior to using shutdown?","dmesg -l ""shutting down to add network card""",syslog shutting down to add network card,"rsyslogd ""shutting down to add network card""",logger shutting down to add network card,"wall ""shutting down to add network card""","D. The logger utility can be used to create a one-time log file entry that you specify. In its simplest form, it takes no special arguments, just a message to be inserted in the log file, as in option D. The dmesg utility in option A is used to review the kernel ring buffer; it doesnt create log file entries. Option Bs syslog command isnt a Linux usermode command, although it is the name of the logging system generically as well as a programming language command name. Option Cs rsyslogd is the name of one of several system logging daemons; it maintains the system log, but isnt used to manually insert log entries. Option Es wall command writes a message to all users logged into virtual console terminals. It wont create a log file entry as the question requires and is not installed on all distributions."
102-400,3,"Your manager has asked that you configure logrotate to run on a regular, unattended basis. What utility/feature should you configure to make this possible?",at,logrotate.d,cron,inittab,ntpd,"C. The logrotate program can be started automatically—and unattended—on a regular basis by adding an entry for it in cron, so option C is correct. The at utility (option A) would be used if you wanted the program to run only once. Option B, logrotate.d, is a file stored in the /etc directory, which defines how the program is to handle specific log files. The inittab file (option D) is used for services and startup and not for individual programs. The ntpd program (option E) is the Network Time Protocol daemon, which synchronizes the systems clock with outside time sources."
102-400,5,"Youve set your system (software) clock on a Linux computer to the correct time, and now you want to set the hardware clock to match. What command might you type to accomplish this goal?",date --sethwclock,ntpdate,sysclock --tohc,time --set hw,hwclock --systohc,"E. The hwclock utility is used to view or set the hardware clock. The systohc sets the hardware clock based on the current value of the software clock, thus option E is correct. Option As date utility can be used to set the software clock but not the hardware clock; it has no sethwclock option. Option Bs ntpdate is used to set the software clock to the time maintained by an NTP server; it doesnt directly set the hardware clock. Option Cs sysclock utility is fictitious. Option Ds time command is used to time how long a command takes to complete; it has no set or hw option and does not set the hardware clock."
102-400,1,"As root, you type date What will be the effect?",The software clock will be set to 7:10 a.m. on December 11 of the current year.,The software clock will be set to 12:11 p.m. on October 7 of the current year.,The software clock will be set to 7:10 a.m. on November 12 of the current year.,The software clock will be set to 12:11 p.m. on July 10 of the current year.,The software clock will be set to July 10 in the year 1211.,"A. The format of the date commands date code is [MMDDhhmm[[CC]YY][.ss]]. Given that the question specified an eight-digit code, this means that the ordering of the items, in two-digit blocks, is month-day-hour-minute. Option A correctly parses this order, whereas options B, C, D, and E do not."
102-400,3,What will be the effect of a computer having the following two lines in /etc/ntp.conf? server pool.ntp.org server tardis.example.org,The local computers NTP server will poll a server in the public NTP server pool the first server option overrides subsequent server options. ,The local computers NTP server will poll the tardis.example.org time server the last server option overrides earlier server options. ,The local computers NTP server will poll both a server in the public NTP server pool and the server at tardis.example.org and use whichever site provides the cleanest time data.,The local computers NTP server will refuse to run because of a malformed server specification in /etc/ntp.conf.,The local computers NTP server will poll a computer in the public NTP server pool but will fall back on tardis.example.org if and only if the public pool server is down.,"C. Multiple server entries in /etc/ntp.conf tell the system to poll all of the named servers and to use whichever one provides the best time data. Thus option C is correct. (The pool.ntp.org subdomain and numbered computers within that subdomain give round-robin access to a variety of public time servers.) Options A and B both incor- rectly state that one server statement overrides another, when in fact this isnt the case. The server statements shown in the question are properly formed. These server entries are properly formed, so option D is incorrect. Although it is true that this con- figuration will result in use of tardis.example.com should the public-pool server be unavailable, as option E states, this is not the only reason the NTP server will use tardis.example.com; this could happen if the public-pool server provides an inferior time signal, for instance. Thus option E is incorrect."
102-400,4,Youve configured one computer (gateway.pangaea.edu) on your five-computer network as an NTP server that obtains its time signal from ntp.example.com. What computer(s) should your networks other computers use as their time source(s)?,You should consult a public NTP server list to locate the best server for you.,Both gateway.pangaea.edu and ntp.example.com,Only ntp.example.com,Only gateway.pangaea.edu,"None. NTP should be used on the Internet, not on small local networks.","D. Once youve configured one computer on your network to use an outside time source and run NTP, the rest of your computers should use the first computer as their time reference. This practice reduces the load on the external time servers as well as your own external network traffic. Thus option D is correct. (Very large networks might configure two or three internal time servers that refer to outside servers for redundancy, but this isnt necessary for the small network described in the question.) Option A describes the procedure to locate a time server for the first computer configured (gateway.pangaea.edu) but not for subsequent computers. Although configuring other computers to use ntp.example.com instead of or in addition to gateway.pangaea.edu is possible, doing so will needlessly increase your network traffic and the load on the ntp.example.com server. Thus options B and C are both incorrect. Contrary to option E, NTP is suitable for use on small local networks, and in fact its very helpful if you use certain protocols, such as Kerberos."
102-400,2 4,Which of the following tasks are most likely to be handled by a cron job? (Select two.),Starting an important server when the computer boots,Finding and deleting old temporary files,Scripting supervised account creation,Monitoring disk partition space status and emailing a report,Sending files to a printer in an orderly manner,"B, D. The cron utility is a good tool for performing tasks that can be done in an unsupervised manner, such as deleting old temporary files (option B) or checking to see that disk space is not low (option D). Tasks that require interaction or do not occur on a scheduled basis, such as creating accounts (option C), arent good candidates for cron jobs, which must execute unsupervised and on a schedule. Although a cron job could restart a crashed server, its not normally used to start a server when the system boots (option A); thats done through system startup scripts or a super server. Sending files to a printer (option E) is generally handled by a print server such as the cupsd daemon."
102-400,2,"Which of the following lines, if used in a user cron job, will run /usr/local/bin/cleanup twice a day?","15 7,19 * * * tbaker /usr/local/bin/cleanup","15 7,19 * * * /usr/local/bin/cleanup",15 */2 * * * tbaker /usr/local/bin/cleanup,15 */2 * * * /usr/local/bin/cleanup,2 * * * * /usr/local/bin/cleanup,"B. User cron jobs dont include a username specification (tbaker in options A and C). The */2 specification for the hour in options C and D causes the job to execute every other hour; the 7,19 specification in options A and B causes it to execute twice a day, on the 7th and 19th hours (in conjunction with the 15 minute specification, that means at 7:15 a.m. and 7:15 p.m.). Thus, option B provides the correct syntax and runs the job twice a day, as the question specifies, whereas options A, C, and D all get something wrong. Option E causes the job to run once an hour, not twice a day."
102-400,2,Youre installing Linux on a critical business system. Which of the following programs might you want to add to ensure that a daily backup job is handled correctly?,tempus,anacron,crontab,ntpd,syslog-ng,"B. The anacron program is a supplement to cron that helps ensure that log rotation, daily backups, and other traditional cron tasks are handled even when the computer is shut down (and, hence, when cron isnt running) for extended periods of time. This is the program to add to the system to achieve the stated goal, and option B is correct. There is no common Linux utility called tempus, so option A is incorrect. Option Cs crontab is the name of a file or program for controlling cron, which is likely to be an unreliable means of log rotation on a laptop computer. The ntpd program (option D) is the NTP daemon, which helps keep the system clock in sync with an external source. Although running ntpd on a laptop computer is possible, it wont directly help with the task of scheduling log rotation. The syslog-ng package is an alternative system log daemon, but this program doesnt help solve the problem of missed daily backups when using standard cron utilities, so option E is incorrect."
102-400,5,What do the following commands accomplish? (The administrator presses Ctrl+D after typing the second command.) # at teatime at> /usr/local/bin/system-maintenance,"Nothing, these commands arent valid. ","Nothing, teatime isnt a valid option to at. ","Nothing, you may only type valid bash built-in commands at the at> prompt. ","Nothing, at requires you to pass it the name of a script, which teatime is not. ",The /usr/local/bin/system-maintenance program or script is run at 4:00 p.m.,"E. The at command runs a specified program at the stated time in the future. This time may be specified in several ways, one of which is teatime, which stands for 4:00 p.m. Thus, option E is correct. The objections stated in options A, B, C, and D are all invalid. (You may pass a script to at with the -f parameter, but this isnt required, contrary to option D.)"
102-400,1 3,How might you schedule a script to run once a day on a Linux computer? (Select two.),"Place the script, or a link to it, in /etc/cron.daily.",Use the at command to schedule the specified script to run on a daily basis at a time of your choosing.,"Create a user cron job that calls the specified script once a day at a time of your choosing, and install that cron job using crontab.",Use run-parts to schedule the specified script to run on a daily basis.,"Type crontab -d scriptname, where scriptname is the name of your script.","A, C. The contents of /etc/cron.daily are automatically run on a daily basis in most Linux distributions, and the crontab utility can create user cron jobs that run programs at arbitrary time intervals, so both A and C are correct. The at command noted in option B can be used to run a program a single time, but not on a regular basis (such as daily). Option Ds run-parts utility is used by some distributions as a tool to help run programs in the /etc/cron.* subdirectories, but its not used to schedule jobs. Although the crontab program can maintain user crontabs, its not used as shown in option E and it has no -d parameter at all."
102-400,1 2 5,Which types of network hardware does Linux support? (Select three.),Token Ring,Ethernet,DHCP,NetBEUI,Fibre Channel,"A, B, E. Ethernet (option B) is currently the most common type of wired network hardware for local networks. Linux supports it very well, and Linux also includes support for Token Ring (option A) and Fibre Channel (option E) network hardware. DHCP (option C) is a protocol used to obtain a TCP/IP configuration over a TCP/IP network. Its not a type of network hardware, but it can be used over hardware that supports TCP/IP. NetBEUI (option D) is a network stack that can be used instead of or in addition to TCP/IP over various types of network hardware. Linux doesnt support NetBEUI directly."
102-400,2,Which of the following is a valid IPv4 address for a single computer on a TCP/IP network?,202.9.257.33,63.63.63.63,107.29.5.3.2,98.7.104.0/24,255.255.255.255,"B. IP addresses consist of four 1-byte numbers (0255). Theyre normally expressed in base 10 and separated by periods. 63.63.63.63 meets these criteria, so option B is correct. 202.9.257.33 includes one value (257) thats not a 1-byte number, so option A is incorrect. 107.29.5.3.2 includes five 1-byte numbers, so option C is incorrect. 98.7.104.0/24 (option D) is a network address—the trailing /24 indicates that the final byte is a machine identifier, and the first 3 bytes specify the network. Option E, 255.255.255.255, meets the basic form of an IP address, but its a special case—this is a broadcast address that refers to all computers rather than to the single computer specified by the question."
102-400,3,"You want to set up a computer on a local network via a static TCP/IP configuration, but you lack a gateway address. Which of the following is true?","Because the gateway address is necessary, no TCP/IP networking functions will work.","TCP/IP networking will function, but youll be unable to convert hostnames to IP addresses or vice versa.",Youll be able to communicate with machines on your local network segment but not with other systems.,"Since a gateway is needed only for IPv6, youll be able to use IPv4 but not IPv6 protocols.","Without a gateway address available, youll be unable to use DHCP to simplify configuration.","C. The gateway computer is a router that transfers data between two or more network segments. As such, if a computer isnt configured to use a gateway, it wont be able to communicate beyond its local network segment, making option C correct. A gateway is not necessary for communicating with other systems on the local network segment, so option A is incorrect. If your DNS server is on a different network segment, name resolution via DNS wont work, as stated in option B; however, other types of name resolution, such as /etc/hosts file entries, will still work, and the DNS server might be on the local network segment, so option B is incorrect. Gateways perform the same function in both IPv4 and IPv6 networking, so option D is incorrect. DHCP functions fine without a gateway, provided that a DHCP server is on the same local network segment as its clients (as is normally the case), so option E is incorrect."
102-400,4,"Using a packet sniffer, you notice a lot of traffic directed at TCP port 22 on a local computer. What protocol does this traffic use, assuming its using the standard port?",HTTP,SMTP,Telnet,SSH,NNTP,"D. The Secure Shell (SSH) protocol uses port 22, so if the traffic to port 22 is using the correct protocol, its SSH traffic and option D is correct. The Hypertext Transfer Protocol (HTTP; option A) is conventionally bound to port 80; the Simple Mail Transfer Protocol (SMTP; option B) uses port 25; Telnet (option C) uses port 23; and the Network News Transfer Protocol (NNTP; option E) uses port 119. None of these would normally be directed to port 22."
102-400,4,What network port would an IMAP server normally use for IMAP exchanges?,21,25,110,143,443,"D. The Interactive Mail Access Protocol (IMAP) is assigned to TCP port 143. Ports 21, 25, 110, and 443 are assigned to the File Transfer Protocol (FTP), the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol version 3 (POP3), and the Hypertext Transfer Protocol over SSL (HTTPS), respectively. Although some IMAP server programs also support POP3 and might therefore listen to both ports 110 and 143, the question specifies IMAP exchanges, so option D is the only correct answer."
102-400,3 5,Which of the following are not Linux DHCP clients? (Select two.),pump,dhcpcd,dhcpd,dhclient,ifconfig,"C, E. Option C, dhcpd, is the Linux DHCP server. Option E, ifconfig, can be used for network configuration but is not itself a DHCP client. The others are all DHCP clients. Any given computer will use just one DHCP client (or none at all), but any one of A, B, or D will be available choices."
102-400,2 3,Which of the following types of information are returned by typing ifconfig eth0?(Select two.),The names of programs that are using eth0,The IP address assigned to eth0,The hardware address of eth0,The hostname associated with eth0,The kernel driver used by eth0,"B, C. When used to display information on an interface, ifconfig shows the hardware and IP addresses (options B and C) of the interface, the protocols (such as TCP/IP) bound to the interface, and statistics on transmitted and received packets. This command does not return information about programs using the interface (option A), the hostname associated with the interface (option D), or the kernel driver used by the interface (option E)."
102-400,1,Which of the following programs is conventionally used to perform a DNS lookup?,host,dnslookup,pump,ifconfig,netstat,"A. The host program (option A) is a commonly used program to perform a DNS lookup. There is no standard dnslookup program (option B), although the nslookup program is a deprecated program for performing DNS lookups. pump (option C) is a DHCP client. ifconfig (option D) is used for configuration of networking parameters and cards. netstat (option E) is a general-purpose network diagnostic tool."
102-400,2,Which of the following commands should you type to add to host 192.168.0.10 a default gateway of 192.168.0.1?,route add default gw 192.168.0.10 192.168.0.1,route add default gw 192.168.0.1,route add 192.168.0.10 default 192.168.0.1,route 192.168.0.10 gw 192.168.0.1,route host gw 192.168.0.1,"B. To add a default gateway of 192.168.0.1, the command would be route add default gw 192.168.0.1, as in option B. Specifying the IP address of the host system (as in options A, C, and D) is not necessary and in fact will confuse the route command. Although route provides a -host option, using host (without a dash), as in option E, is incorrect. Furthermore, option E omits the critical add parameter."
102-400,1 2,Which of the following commands might bring up an interface on eth1? (Select two.),dhclient eth1,ifup eth1,ifconfig eth1,network eth1,netstat -up eth1,"A, B. The dhclient utility, if installed, attempts to configure and bring up the network(s) passed to it as options (or all networks if its given no options) using a DHCP server for guidance. Thus option A may work, although it wont work if no DHCP server is available. Option B applies whatever network options are configured using distribution-specific tools and brings up the network. Thus options A and B both may work, although neither is guaranteed to work. Option C displays the network status of eth1, but it wont activate eth1 if its not already active. There is no standard network utility in Linux, so option D wont work. The netstat utility is a network diagnostic tool; it wont bring up a network interface, so option E is incorrect."
102-400,5,"What is the purpose of /etc/hostname, if its present on the system?",It holds the hostname of a package repository server.,It holds a list of servers that resolve hostnames.,It holds a list of IP addresses and associated hostnames.,It holds the hostname of the local gateway computer.,It holds the computers default hostname.,"E. Although not all systems use /etc/hostname, option E correctly describes it for those systems that use it. The file or files that hold information on package repository servers vary from one package system to another, so option A is incorrect. Option B describes the purpose of /etc/resolv.conf. Option C describes the purpose of /etc/hosts. Option D doesnt describe any standard Linux configuration file, although the gateway computers IP address is likely to appear in a distribution-specific configuration file."
102-400,3,"Network accesses to parts of the Internet work fine, but several common sites have stopped responding (even when addressed via raw IP addresses). Which of the following tools will be most helpful in diagnosing the source of this problem?",netstat,ping,traceroute,ifconfig,dig,"C. The traceroute command (option C) identifies the computers that lie between your own computer and a destination computer, along with some very basic information about network packet travel time and reliability. Thus, traceroute can help you track down the source of the described problem—perhaps a router thats critical to reaching all of the non-responsive systems has failed. The netstat and ifconfig utilities of options A and D both provide information about local network configuration options, but they most likely wont be of much help in diagnosing a problem that affects only some sites. The ping utility (option B) may help you quickly identify sites that have failed but wont be of much use beyond that. You can use dig (option E) to obtain information on the mapping of hostnames to IP addresses, but it wont help in resolving basic connectivity problems."
102-400,2,What value identifies an IPv6 address as a link-local address?,The address uses the MAC address of the system.,The address starts with fe80.,The address starts with fee.,The address starts with 2001.,,"B. Both global and link-local IPv6 addresses can use the system MAC address as part of the IPv6 address, thus option A is incorrect. The fee network address identifies a site-local address but not a link-local address, so option C is also incorrect. An address that starts with 2001 would be a normal global address, making option D incorrect. IPv6 link-local addresses start with fe80, thus C is the correct answer."
102-400,3,How can you learn what programs are currently accessing the network on a Linux system?,Type ifconfig -p eth0.,Examine /proc/network/programs.,Type netstat -p.,Examine /etc/xinetd.conf.,Type dmesg | less.,"C. The netstat program produces various network statistics, including the process IDs (PIDs) and names of programs currently accessing the network when its passed the -p parameter, thus option C is correct. The ifconfig program cant produce this information, and the -p option to this program is fictitious, so option A is incorrect. Option Bs /proc/network/programs file is also fictitious. Option Ds /etc/xinetd.conf file is real and may provide some information about some servers that are using the network (as described in Chapter 10), but this file wont provide information about all servers, much less about clients that are accessing the network. The dmesg command displays the kernel ring buffer, which doesnt contain information on programs that are currently accessing the network, so option E is incorrect."
102-400,1 4,"To diagnose a problem with an IMAP server (imap.example.com), you type telnet imap.example.com 143 from a remote client. How can this procedure help you?(Select two.)",You can verify basic connectivity between the client computer and the server program.,"By examining the output, you can locate intermediate routers that are misbehaving.","By using an encrypted protocol, you ensure that a packet-sniffing intruder doesnt cause problems.","Once connected, you can type IMAP commands to test the servers response to them.","Once youve logged into the remote system, you can examine its IMAP log files.","A, D. If you get any response at all, you know that the basic network connection is working, including that the server is responding to the client. With basic knowledge of IMAP commands, telnet enables you to test the servers responses in more detail than most IMAP clients (mail readers) permit. Thus options A and D are both correct. Option B describes the functionality of traceroute or tracepath; telnet provides no information about intermediate routers functionality, so option B is incorrect. Because neither telnet nor IMAP on port 143 uses encryption, option C is incorrect. Furthermore, a packet sniffer is likely to have no effect on the transfer of data; it just copies the data so that the packet sniffers user can see it. Although telnet can be used for remote access in a way that could make option E correct, the question specifies using telnet to connect to port 143, which is the IMAP port, not the Telnet port. Thus, option E is incorrect. (Furthermore, using telnet for remote administration is very risky because telnet is an unencrypted protocol.)"
102-400,2,"Youre configuring a new system, and your network administrator scribbles its IP address (172.25.78.89), netmask (255.255.255.0), gateway address (172.25.79.1), and DNS server address (10.24.89.201) on a piece of paper. You enter this information into your configuration files and type ifup eth0, but you find that you cant access the Internet with this computer. Which of the following is definitely true?","Because the DNS server is on a completely different network, it wont function properly for your system. You should ask for the local networks DNS servers IP address.","The netmask identifies the gateway as being on a different network segment than the computer youre configuring, so the two cant communicate directly. You most likely misread one address.","Because the IP addresses involved are private IP addresses, theres no way for them to access the Internet. You must ask for public IP addresses for this system or use only your local private network.","The computers IP address is a Class B address, but the netmask is for a Class C address. This combination cant work together, so you must obtain a new IP address or netmask.","The ifup utility works only for computers that use DHCP, so using a static IP address as specified in the question wont work correctly.","B. The computers IP address (172.25.78.89) and netmask (255.255.255.0) mean that the computer can directly address computers with IP addresses in the range of 172.25.78.1 to 172.25.78.254, but the gateway address (172.25.79.1) is outside of this range. Thus, either the IP address or the gateway address is wrong, and option B is correct. Nothing about the way DNS operates necessitates that the DNS server be on the same network segment as the DNS client, so option A is incorrect. Although private IP addresses are often isolated from the Internet, as option C specifies, Network Address Translation (NAT) can get around this limitation. Thus, although there could be some truth to option C, its not certain to be true. The Class A/B/C distinctions are just guidelines that can be overridden by specific configurations. Thus option D is incorrect. Option Es assertion that ifup is used only on computers that use DHCP is incorrect; ifup can work on computers that use static IP addresses provided the relevant information is entered correctly."
102-400,5,What is the purpose of the -n option to route?,"It causes no operation to be performed, route reports what it would do if -n were omitted. ",It precedes the specification of a netmask when setting the route.,It limits routes output to descriptions of non-Internet routes.,It forces interpretation of a provided address as a network address rather than a host address.,It causes machines to be identified by IP address rather than hostname in output.,"E. The -n option is used when you want to use route to display the current routing table, and it does as option E specifies. There is no route parameter that behaves as options A or C specify. Option B describes the purpose of the netmask parameter to route. Option D describes the purpose of the -net parameter to route."
102-400,5,What is the purpose of /etc/resolv.conf?,It holds the names of network protocols and the port numbers with which theyre associated.,It controls whether the computers network options are configured statically or via a DHCP server.,It specifies the IP address of a DHCP server from which the computer attempts to obtain an IP address.,"It holds the routing table for the computer, determining the route that network packets take to other computers.",It sets the computers default search domain and identifies (by IP address) the name servers that the computer may use.,"E. Option E correctly identifies the function of /etc/resolv.conf. Option A describes the purpose of /etc/services. Various distribution-specific configuration files perform the function described in option B, but /etc/resolv.conf is not one of these files. A DHCP client sends a broadcast to locate a DHCP server; there is no client configuration file that holds the DHCP servers address, as option C describes. The routing table is maintained internally, although basic routing information may be stored in distribution-specific configuration files, so option D is also incorrect."
102-400,2,Which of the following entries are found in the /etc/hosts file?,A list of hosts allowed to access this one remotely,Mappings of IP addresses to hostnames,A list of users allowed to access this host remotely,Passwords for remote web administration,A list of port numbers and their associated protocols,"B. The /etc/hosts file holds mappings of IP addresses to hostnames, on a one-line-per-mapping basis. Thus option B is correct. The file does not list the users (option C) or other hosts (option A) allowed to access this one remotely, affect remote administration through a web browser (option D), or map port numbers to protocols (option E)."
102-400,4,How can you reconfigure Linux to use DNS queries prior to consulting /etc/hosts?,"Edit the /etc/resolv.conf file, and be sure the nameserver dns line comes before the nameserver files line.","As root, type nslookup dns.","Edit the /etc/named.conf file, and change the preferred-resolution option from files to dns.","Edit /etc/nsswitch.conf, and change the order of the files and dns options on the hosts: line.","As root, type dig local dns.","D. The /etc/nsswitch.conf file controls the order of name resolution, among other things. Option D correctly describes the procedure for changing the order in which Linux performs name resolution. The /etc/resolv.conf file mentioned in option A controls the DNS servers that Linux consults, but it doesnt control access to /etc/hosts. Option Bs nslookup command resolves a hostname, so option B will return the IP address of the computer called dns, if Linux can find such a system. The /etc/named.conf file of option C is the configuration file for the standard name server. This server isnt likely to be installed on most Linux systems, and even if it is, the procedure described in option C is invalid. Like option Bs nslookup, option Es dig looks up hostname-to-IP-address mappings, so option E will display such mappings for the computers called local and dns, if they exist."
102-400,4,Which environment variable stores the format for the command prompt?,PROMPT,PSI,PAGER,PS1,None of these variables store the format for the command prompt.,"D. The PS1 environment variable contains various formatting codes preceded by a backslash (\) as well as text to be included in the primary command prompt. Therefore, option D is correct. There is no environment variable called PROMPT, nor is there an environment variable called PSI, so options A and B are incorrect. Programs that use a pager, such as less or more, use the PAGER environment variable. If the variable is set, the programs use the pager listed in the variable. Therefore, option C is incorrect. Option D is correct, so option E is incorrect."
102-400,1,"You want to create a shortcut command for the command cd ~/papers/trade. Which of the following lines, if entered in a bash startup script, will accomplish this goal?",alias cdpt='cd ~/papers/trade',export cdpt='cd ~/papers/trade',alias cdpt 'cd ~/papers/trade',alias cd 'cdpt ~/papers/trade',env cdpt `cd ~/papers/trade`,"A. The alias built-in command creates a duplicate name for a (potentially much longer) command. Option A shows the correct syntax for using this built-in command. It causes the new alias cdpt to work like the much longer cd ~/papers/trade. The export command in option B creates an environment variable called cdpt that holds the value cd ~/papers/trade. This will have no useful effect. Option C, if placed in a bash startup script, will cause an error because it uses incorrect alias command syntax, as does option D. Although env is a valid command, its used incorrectly in option E, and so this option is incorrect."
102-400,5,What is the purpose of the EDITOR environment variable?,"If its set to Y (the default), the shell environment permits editing of commands if its set to N, such editing is disallowed. ",It specifies the filename of the text editor that bash uses by default while youre entering commands at its prompt.,"If you type edit filename at a command prompt, the program specified by EDITOR will be launched.","If its set to GUI, programs call a GUI editor, if its set to TEXT, programs call a textbased editor. ",Some programs refer to EDITOR to determine what external editor to launch when they need to launch one.,"E. Some programs use the EDITOR environment variable as described in option E. Contrary to option A, the EDITOR environment variable has nothing to do with command-line editing. When youre typing at a bash command prompt, bash itself provides simple editing features, so option B is incorrect. (You can launch the editor specified by $EDITOR by typing Ctrl+X followed by Ctrl+E, though.) The edit command doesnt behave as option C suggests. (This command may be configured differently on different systems.) You can create links called GUI and TEXT to have the EDITOR environment variable behave as option D suggests, but this isnt a normal configuration."
102-400,3,In what environment variable is the current working directory stored?,PATH,CWD,PWD,PRESENT,WORKING,"C. The PWD environment variable holds the present working directory, so option C is correct. The PATH environment variable (option A) holds a colon-delimited list of directories in which executable programs are stored so that they may be run without specifying their complete pathnames. There are no standard CWD, PRESENT, or WORKING environment variables, so options B, D, and E are all incorrect."
102-400,1 3,"If typed in a bash shell, which of the following commands will create an environment variable called MYVAR with the contents mystuff that will be accessible to any created subshells? (Choose all that apply.)",export MYVAR='mystuff',MYVAR='mystuff',MYVAR='mystuff'; export MYVAR ,echo $MYVAR mystuff,setenv MYVAR mystuff,"A, C. Option A creates the desired environment variable. Option C also creates the desired environment variable. It combines the variable setting and the export of the MYVAR variable using a different method than option A uses. It combines the two commands on one line using a semicolon (;). Option B creates a local variable—but not an environment variable—called MYVAR, holding the value mystuff. After typing option B, you can also type export MYVAR to achieve the desired goal, but option B by itself is insufficient. Option D displays the contents of the MYVAR variable and also echoes mystuff to the screen, but it doesnt change the contents of any environment variable. Option Es setenv isnt a valid bash command, but it will set an environ- ment variable in tcsh."
102-400,5,What file might a user modify to alter their own bash environment?,/etc/inputrc,/etc/bashrc,$HOME/bashrc,$HOME/.profile_bash,~/.bashrc,"E. The ~/.bashrc file is a non-login bash startup script file. As such, it can be used to alter a users bash environment, and option E is correct. The /etc/inputrc file is a global bash configuration file for keyboard customization and setting terminal behavior. The ~/.inputrc file is for users to create or modify their own keyboard configuration file. Therefore, option A is incorrect. The /etc/bashrc file is a global bash startup script. Editing it will modify users bash environments, but an individual user should not be able to modify it, so option B is incorrect. There is no standard $HOME/bashrc file because the filename is missing its prefixed period (.). Thus, option C is incorrect. Likewise, option Ds $HOME/.profile_bash doesnt refer to a users con- figuration file and is incorrect. However, there is a $HOME/.bash_profile bash configuration file."
102-400,1 4,What commands might you use (along with appropriate options) to learn the value of a specific environment variable? (Select two.),env,DISPLAY,export,echo,cat,"A, D. The env command displays all defined environment variables, so option A satisfies the question. (In practice, you might pipe the results through grep to find the value of a specific environment variable.) The echo command, when passed the name of a specific environment variable, displays its current value, so option D is also correct. DISPLAY is an environment variable, but its not a command for displaying environment variables, so option B is incorrect. You can use the export command to create an envi- ronment variable but not to display the current settings for one, so option C is incor- rect. Option Es cat command concatenates files or displays the contents of a file to the screen, but it doesnt display environment variables."
102-400,2,"Immediately after creating a shell script called a_script.sh in a text editor, which method will not work to run the script?",Typing bash a_script.sh at the command line.,Typing ./a_script.sh at the command line.,Typing . a_script.sh at the command line.,Typing source a_script.sh at the command line.,Any of the above will work.,"B. Before using the ./ execution method, the script must have at least one executable bit set. Therefore, an error will be generated since chmod was not used to modify the execute permissions on the a_script file. Thus Option B is the correct choice since it would not work. Option A uses the bash command to execute a script, and this will work fine without any file permission changes. Likewise, when you source a file using either the source command or a dot (.) and a space, there is no need to modify a scripts permission bits before executing the file. Therefore, option C and option D are incorrect because they also work fine."
102-400,3,"Describe the effect of the following short script, cp1.sh, if its called as cp1.sh big.c big.cc: #!/bin/bash cp $2 $1",It has the same effect as the cp command—copying the contents of big.c to big.cc.,It compiles the C program big.c and calls the result big.cc.,"It copies the contents of big.cc to big.c, eliminating the old big.c.",It converts the C program big.c into a C++ program called big.cc.,It interprets the big.c and big.cc files as bash scripts.,"C. The cp command is the only one called in the script, and that command copies files. Because the script passes the arguments ($1 and $2) to cp in reverse order, their effect is reversed—where cp copies its first argument to the second name, the cp1.sh script copies the second argument to the first name. Thus, option C is correct. Because the order of arguments to cp is reversed, option A is incorrect. The cp command has nothing to do with compiling (option B) or converting (option D) C or C++ programs, so neither does the script. The reference to /bin/bash in the first line of the script identifies the script itself as being a bash script; it does not cause the arguments to the script to be run as bash scripts, so option E is incorrect."
102-400,5,Where are the commands iterated by the loop located within the loop?,Within the then statement section,Between the double semicolons (;;),Within the case and esac constructs,Within the test statement,Between do and done constructs,"E. The commands iterated by the for, while, and until loops are located between the do and done constructs. Therefore, option E is correct. Commands in the then statement section are for an if-then construct, not a loop, thus option A is incorrect. Double semicolons are used for case constructs, but not loops, and so option B is incorrect. The case and esac keywords begin and end a case construct, and thus option C is incorrect. A test statement can be used to determine whether or not a loops commands should iterate or not. However, it does not contain the actual commands to be iterated, and therefore option D is incorrect."
102-400,2 3,Which of the following lines identify valid shell scripts on a normally configured system? (Select two.),#!/bin/script,#!/bin/bash,#!/bin/tcsh,!#/bin/sh,!#/bin/zsh,"B, C. Valid shell scripts begin with the characters #! and the complete path to a program that can run the script. Options B and C both meet this description, because /bin/bash is a shell program thats installed on virtually all Linux systems and /bin/tcsh is often also available. There is no standard /bin/script program, so option A is incorrect. Options D and E are both almost correct; /bin/sh is typically linked to a valid shell and /bin/zsh is a valid shell on many systems, but the order of the first two characters is reversed, so these options are incorrect."
102-400,1 2 4,Which of the following are valid looping statements in bash shell scripting? (Select all that apply.),for,while,if-then,until,case,"A, B, D. The for, while, and until statements are all valid looping statements in bash, so options A, B, and D are all correct. The if-then statement in bashs scripting language tests a condition and, if it is true, executes its commands one time only. Therefore, option C is incorrect. The case statement is a conditional, not a looping statement in bash, so option E is incorrect."
102-400,2,"Your SMTP email server receives a message addressed to postmaster. The postmaster username has an alias of john on this computer. Assuming that the system is properly configured, who will receive the email message?",postmaster,john,The account listed in ~/.forward,root,"No user, because an alias was set","B. When aliases are properly configured, any email addresses sent to the email with an alias is received by the alias account. Therefore, option B is correct. The postmaster username would not receive the email because the alias is set to john, and so option A is incorrect. The ~/.forward file is associated with email forwarding, not aliases. Therefore, option C is incorrect. There is no reason for root to receive this email, so option D is incorrect. An alias does allow email to be sent to the alias account, so the statement in Option E does not make sense and is incorrect."
102-400,3,Which of the following is not a popular SMTP server for Linux?,Postfix,Sendmail,Fetchmail,Exim,qmail,"C. The Fetchmail program is a tool for retrieving email from remote POP or IMAP servers and injecting it into a local (or remote) SMTP email queue. As such, its not an SMTP server, so option C is correct. Postfix (option A), sendmail (option B), Exim (option D), and qmail (option E) are all popular SMTP email servers for Linux."
102-400,2,"You see the following line in a script: mail -s ""Error"" -c abort < /tmp/msg root What is the effect of this line, if and when it executes?","An email is sent to the user Error, the script is aborted using root privileges, and error messages are written to /tmp/msg.",An email with the subject of Error and the contents from /tmp/msg is sent to the local users root and abort.,"An email with the subject of Error and the contents of /tmp/msg is sent to the local user root, and then the script is aborted.","An email is sent with Error priority to the local user root, and the email system is then shut down with error messages being stored in /tmp/msg.","An email with the subject of Error and contents of /tmp/msg is sent to root, and information on this is logged with priority abort.","B. The -s option to mail sets the message subject line, and -c sets carbon copy (cc:) recipients. Input redirection (via <) reads the contents of a line into mail as a message. A mail command line normally terminates with the primary recipient. Thus, option B correctly describes the effect of the specified line. Options A, C, D, and E are all confused in their interpretation of the effects of mail parameters. Options A, B, and D also confuse input and output redirection, and option A incorrectly suggests that a script (or the mail program) can elevate its run status to root privileges."
102-400,4,Your Internet connection has gone down for several hours. What command can you use to check if there is a long list of jobs in the email queue?,service sendmail status,lp -d queue ~/Maildir,sendmail -bq,mailq,ls /var/spool,"D. To view your mail queue, use the mailq command (option D). The service sendmail status command is a SysV service status command and does not show mail queues, so option A is incorrect. Option B is a printer command and is therefore incorrect. Option C is close, but the correct command is sendmail -bp not -bq. Option E will show you the various directories within /var/spool and is therefore not the correct command."
102-400,2,You examine your /etc/aliases file and find that it contains the following line: root: jody What can you conclude from this?,Email addressed to jody on this system will be sent to the local user root.,Email addressed to root on this system will be sent to the local user jody.,The local user jody has broken into the system and has acquired root privileges.,The local user jody has permission to read email directly from roots mail queue.,The administrator may log in using either username: root or jody.,"B. The /etc/aliases file configures system-wide email forwarding. The specified line does as option B describes. A configuration like this one is common. Option A has things reversed. Option C is not a valid conclusion from this evidence alone, although an intruder conceivably may be interested in redirecting roots email, so if jody shouldnt be receiving roots email, this should be investigated further. Although the effect of option D (jody reading roots email) is nearly identical to the correct answers effect, they are different; jody cannot directly access the file or directory that is roots email queue. Instead, the described configuration redirects roots email into jodys email queue. Thus, option D is incorrect. Because /etc/aliases is an email configuration file, not an account configuration file, it cant have the effect described in option E."
102-400,2,Youve just installed MySQL and run it by typing mysql. How would you create a database called fish to store data on different varieties of fish?,Type NEW DATABASE fish; at the mysql> prompt. ,Type CREATE DATABASE fish; at the mysql> prompt.,Type NEW DATABASE FISH; at the mysql> prompt.,Type DATABASE CREATE fish; at the mysql> prompt. ,Type DB CREATE fish; at the mysql> prompt. ,"B. The CREATE DATABASE command creates a new database with the specified name. Because SQL commands are case insensitive, this command may be typed in uppercase or lowercase, and option B is correct. Options A and C both use the incorrect com- mand NEW rather than CREATE, and option C specifies the database name as FISH rather than fish. (Database names are case sensitive.) Option D reverses the order of the CREATE and DATABASE keywords. Option E uses the fictitious command DB."
102-400,1 4,Which of the following are true statements about SQL tables? (Select two.),Multiple tables may exist in a single SQL database.,Tables may be combined for cross-table searches using the DROP command.,"Tables consist of rows, each of which holds attributes, and columns, each of which defines a specific database item.",Careful table design can reduce the amount of data entry and database storage size.,Tables are stored on disk using a lossy compression algorithm.,"A, D. A single database may hold multiple tables, as option A suggests. Option D is also correct; if data is split across tables (such as into tables describing objects generically and specifically), databases can be more space efficient. Option B is incorrect because the DROP command doesnt combine tables—it deletes a table! Option C is incorrect because it reverses the meaning of rows and columns in a SQL table. A lossy compression algorithm, as the name suggests, deliberately corrupts or loses some data—an unacceptable option for a text database, making option E incorrect. (Lossy compression is used for some audio and video file formats, though.)"
102-400,3,"What is the effect of the following SQL command, assuming the various names and data exist? mysql> UPDATE stars SET magnitude=2.25 WHERE starname='Mintaka';",It returns database entries from the stars table for all stars with magnitude of 2.25 and starname of Mintaka.,"It sets the value of the stars field in the magnitude set to Mintaka, using a precision of 2.25.",It sets the value of the magnitude field to 2.25 for any item in the stars table with the starname value of Mintaka.,"It combines the stars and magnitude=2.25 tables, returning all items for which the starname is Mintaka.","It updates the stars database, creating a new entry with a starname value of Mintaka and a magnitude of 2.25.","C. The UPDATE command modifies existing database table entries, and in this case it does so as option C describes. Option B also describes an update operation, but in a confused and incorrect way. Options A and D both describe database retrieval operations, but UPDATE doesnt retrieve data. Option E mistakenly identifies stars as a database name, but its a table name, and it mistakenly identifies the operation as adding a new entry (INSERT in SQL) rather than as modifying an existing entry (UPDATE in SQL)."
102-400,5,"Typing lsof -i | grep LISTEN as root produces three lines of output, corresponding to the sendmail, sshd, and proftpd servers. What can you conclude about the security of this system?","Everything is OK, the presence of sshd ensures that data are being encrypted via SSH. ","The sendmail and sshd servers are OK, but the FTP protocol used by proftpd is insecure and should never be used.","The sendmail server should be replaced by Postfix or qmail for improved security, but sshd and proftpd are fine.","Because sendmail and proftpd both use unencrypted text-mode data transfers, neither is appropriate on a network-connected computer.","No conclusion can be drawn without further information, the listed servers may or may not be appropriate or authentic. ","E. The server names alone are insufficient to determine whether theyre legitimate. The computer in question may or may not need to run any of these servers, and their presence may or may not be intentional, accidental, or the sign of an intrusion. Thus, option E is correct. Contrary to option A, the mere presence of an SSH server does not ensure security. Although, as option B asserts, FTP is not a secure protocol, its still useful in some situations, so the mere presence of an FTP server is not, by itself, grounds for suspicion. Similarly, in option C, although some administrators prefer Postfix or qmail to sendmail for security reasons, sendmail isnt necessarily bad, and the names alone dont guarantee that the sshd and proftpd servers are legitimate. As option D states, sendmail and proftpd both use unencrypted text-mode transfers, but this is appropriate in some situations, so option D is incorrect."
102-400,3,"As part of a security audit, you plan to use Nmap to check all of the computers on your network for unnecessary servers. Which of the following tasks should you do prior to running your Nmap check?",Back up /etc/passwd on the target systems to eliminate the possibility of it being damaged.,Obtain the root passwords to the target systems so that you can properly configure them to accept the Nmap probes.,Obtain written permission from your boss to perform the Nmap sweep.,"Configure /etc/sudoers on the computer you intend to use for the sweep, to give yourself the ability to run Nmap.",Disable any firewall between the computer thats running Nmap and the servers you intend to scan.,"C. Although Nmap and other port scanners are useful security tools, troublemakers also use them, and many organizations have policies restricting their use. Thus, you should always obtain permission to use such tools prior to using them, as option C specifies. A port scanner cant cause damage to /etc/passwd, so theres no need to back it up, contrary to option A. A port scanner also doesnt need the root password on a target system to operate, so you dont need this information, making option B incorrect. (In fact, asking for the root password could be seen as extremely suspicious!) Although you could use sudo to run Nmap, theres no need to do so to perform a TCP scan, and you can perform a UDP scan by running Nmap as root in other ways (such as via a direct login or by using su). Thus, option D isnt strictly necessary, although you might want to tweak /etc/sudoers as a matter of system policy. Because a firewall is part of your networks security, you probably want it running when you perform a network scan, contrary to option E. Furthermore, it would be safer to leave the firewall running and scan from behind it if you want to test the security of the network in case of a firewall breach."
102-400,3,"Your login server is using PAM, and you want to limit users access to system resources. Which configuration file will you need to edit?",/etc/limits.conf,/etc/pam/limits.conf,/etc/security/limits.conf,/etc/security/pam/limits.conf,/usr/local/limits.conf,C. The /etc/security/limits.conf (option C) file holds the configuration settings that allow you to limit users access. The other options listed dont give the correct path to this file.
102-400,1 2 3,Which of the following tools might you use to check for open ports on a local computer? (Select three.),Nmap,netstat,lsof,portmap,services,"A, B, C. Nmap (option A) is usually used to perform scans of remote computers, but it can scan the computer on which its run as well. The netstat (option B) and lsof (option C) utilities can both identify programs that are listening for connections (that is, open ports) on the local computer. The Network File System (NFS) and some other servers use the portmap program (option D), but its not used to identify open ports. There is no standard Linux services program (option E), although the /etc/services file holds a mapping of port numbers to common service names."
102-400,2,Which of the following commands will locate all of the program files on a computer on which the SUID bit is set?,find / -type SUID,find / -perm +4000 -type f,find / -perm +SUID -type f,find / -type +4000,find / -suid,"B. The -perm option to find locates files with the specified permissions, and +4000 is a permission code that matches SUID files. The -type f option restricts matches to files in order to avoid false alarms on directories. Option B uses these features correctly. Options A, C, and D use these features incorrectly. Option E specifies a fictitioussuid parameter to find."
102-400,1,The /etc/sudoers file on a computer includes the following line. What is its effect? %admin ALL=(ALL) ALL,Members of the admin group may run all programs with root privileges by using sudo.,"Users in the admin user alias, defined earlier in the file, may run all programs with root privileges by using sudo.",The admin user alias is defined to include all users on the system.,The admin command alias is defined to include all commands.,The user admin may run all programs on the computer as root by using sudo.,"A. Option A correctly describes the meaning of the specified line. A percent sign (%) identifies a Linux group name, and the remainder of the line tells sudoers to enable users of that group to run all programs as root by using sudo. The remaining options all misinterpret one or more elements of this configuration file entry."
102-400,2,"Which command would you type, as root, to discover all the open network connections on a Linux computer?",lsof -c a,netstat -ap,ifconfig eth0,nmap -sT localhost,top -net,"B. The netstat command can do what is described in the question. The -ap options to the command are good choices to discover all the open network connections, so option B is correct. Although lsof can also accomplish the job, the -c a option is incorrect; this option restricts output to processes whose names begin with a. Thus, option A is incorrect. Option Cs ifconfig command doesnt display open network connections, so its incorrect. Although option Ds nmap command will locate ports that are open on the localhost interface, it doesnt locate all open connections, nor does it locate connections on anything but the localhost interface. Option Es top command displays a list of processes sorted by CPU use, not open network connections (-net is an invalid option to top as well)."
102-400,4,A server/computer combination appears in both hosts.allow and hosts.deny. Whats the result of this configuration when TCP wrappers runs?,TCP wrappers refuses to run and logs an error in /var/log/messages.,The systems administrator is paged to decide whether to allow access.,"hosts.deny takes precedence, the client is denied access to the server.","hosts.allow takes precedence, the client is granted access to the server.",The client is granted access to the server if no other client is currently accessing it.,"D. Option D is correct. TCP wrappers uses this feature to allow you to override broad denials by adding more specific access permissions to hosts.allow, as when setting a default deny policy (ALL : ALL) in hosts.deny."
102-400,3,When is the bind option of xinetd most useful?,When you want to run two servers on one port,When you want to specify computers by name rather than IP address,When xinetd is running on a system with two network interfaces,When resolving conflicts between different servers,When xinetd manages a DNS server program,"C. The bind option of xinetd lets you tie a server to just one network interface rather than link to them all, so option C is correct. It has nothing to do with running multiple servers on one port (option A), specifying computers by hostname (option B), resolving conflicts between servers (option D), or the Berkeley Internet Name Domain (BIND) or any other DNS server (option E)."
102-400,1 4,Youve discovered that the Waiter program (a network server) is running inappropriately on your computer. You therefore locate its startup script and shut it down by removing that script. How can you further reduce the risk that outsiders will abuse the Waiter program? (Select two.),By blocking the Waiter programs port using a firewall rule,By reading the Waiter programs documentation to learn how to run it in stealth mode,By tunneling the Waiter programs port through SSH,By uninstalling the Waiter package,By uninstalling any clients associated with Waiter from the server computer,"A, D. Using a firewall rule to block Waiters port, as in option A, can increase security by providing redundancy; if Waiter is accidentally run in the future, the firewall rule will block access to its port. Uninstalling the program, as in option D, improves security by reducing the risk that the program will be accidentally run in the future. Most programs dont have a “stealth” mode, so option B is incorrect. (Furthermore, reading the documentation isnt enough; to improve security, you must change some configuration.) Tunneling Waiters connections might have some benefit in some situations, but this configuration requires setup on both client and server computers and by itself leaves the servers port open, so option C is incorrect. Clients associated with the server program, installed on the server computer, pose little or no risk of abuse of the associated server; the clients on other computers are most likely to be used to abuse a server program, and you cant control that. Thus option E is incorrect."
102-400,2,"You want to use xinetd access controls to limit who may access a server thats launched via xinetd. Specifically, only users on the 192.168.7.0/24 network block should be able to use that server. How may you do this?",Enter hosts_allowed = 192.168.7.0/24 in the /etc/xinetd.conf configuration file for the server in question.,Enter only_from = 192.168.7.0/24 in the /etc/xinetd.conf configuration file for the server in question.,"Enter server : 192.168.7., where server is the servers name, in the /etc/hosts.allow file.","Enter server : 192.168.7., where server is the servers name, in the /etc/hosts.deny file.",Type iptables -L 192.168.7.0 to enable only users of 192.168.7.0/24 to access the server.,"B. Option B correctly describes how to accomplish this goal. Option A is incorrect because the hosts_allowed option isnt a legal xinetd configuration file option. Option C correctly describes how to configure the described restriction using TCP wrappers, which is generally used with inetd, but its not the way this is done using xinetd. Option D is also a TCP wrappers description, but it reverses the meaning. Option Es iptables utility configures a firewall. Although a firewall rule could be a useful redundant measure, the question specifies an xinetd configuration, and option Es use of iptables is incorrect."
102-400,2,"Of the following, which is the best password?",Odysseus,iA71Oci^My~~~~~~,pickettomato,Denver2Colorado,123456,"B. Ideally, passwords should be completely random but still memorable. Option Bs password was generated from a personally meaningful acronym and then modified to change the case of some letters, add random numbers and symbols, and extend its length using a repeated character. This creates a password thats close to random but still memorable. Option A uses a well-known mythological figure, who is likely to be in a dictionary. Option C uses two common words, which is arguably better than option A, but not by much. Option D uses two closely related words separated by a single number, which is also a poor choice for a password. Option E uses a sequential series of numbers, which is a poor (but sadly common) password choice."
102-400,1,Which of the following types of attacks involves sending bogus email to lure unsuspecting individuals into divulging sensitive financial or other information?,Phishing,Script kiddies,Spoofing,Ensnaring,Hacking,A. Phishing (option A) involves sending bogus email or setting up fake websites that lure unsuspecting individuals into divulging sensitive financial information or other sensitive information. Script kiddies (option B) are intruders who use root kits. Spoof- ing (option C) involves pretending that data is coming from one computer when its coming from another. Ensnaring (option D) isnt a type of attack. Hacking (option E) refers to either lawful use of a computer for programming or other advanced tasks or breaking into computers.
102-400,3,"Ordinary users report being unable to log onto a computer, but root has no problems doing so. What might you check to explain this situation?",A misbehaving syslogd daemon,A login process thats running as root,The presence of an /etc/nologin file,The presence of an SUID bit on /bin/login,Inappropriate use of shadow passwords,"C. The /etc/nologin file, if present, prevents logins from ordinary users; only root may log in. You might set this file when performing maintenance and then forget to remove it, thus explaining the symptoms in the question. Thus, option C is correct. The syslogd daemon mentioned in option A records system messages, and it is unlikely to produce the specified symptoms. The login process ordinarily runs as root and is normally SUID root, so options B and D are also incorrect. Shadow passwords, as in option E, are used on almost all modern Linux systems and are not likely to cause these symptoms."
102-400,2 3,Which servers might you consider retiring after activating an SSH server? (Select two.),SMTP,Telnet,FTP,NTP,Samba,"B, C. SSH is most directly a replacement for Telnet (option B), but SSH also includes file-transfer features that enable it to replace FTP (option C) in many situations. SSH is not a direct replacement for the Simple Mail Transfer Protocol (SMTP, option A), the Network Time Protocol (NTP, option D), or Samba (option E). "
102-400,1,You find that the ssh_host_dsa_key file in /etc/ssh has 0666 (-rw-rw-rw-) permissions. Your SSH server has been in operation for several months. Should you be concerned?,Yes,No,Only if the ssh_host_dsa_key.pub file is also world-readable,Only if youre launching SSH from a super server,Only if youre using a laptop computer,"A. The ssh_host_dsa_key file holds one of three critical private keys for SSH. The fact that this key is readable (and writeable!) to the entire world is disturbing, so option A is correct. In principle, a troublemaker who has acquired this file might be able to redirect traffic and masquerade as your system, duping users into delivering passwords and other sensitive data. Because of this, option B (no) is an incorrect response, and the conditions imposed by options C, D, and E are all irrelevant, making all of these options incorrect."
102-400,2,"For best SSH server security, how should you set the Protocol option in /etc/ssh/sshd_config?",Protocol 1,Protocol 2,"Protocol 1,2","Protocol 2,1",Protocol *,B. SSH protocol level 2 is more secure than protocol level 1; thus option B (specifying acceptance of level 2 only) is the safest approach. Option A is the least safe approach because it precludes the use of the safer level 2. Options C and D are exactly equivalent in practice; both support both protocol levels. Option E is invalid.
102-400,5,Why is it unwise to allow root to log on directly using SSH?,"Disallowing direct root access means that the SSH server may be run by a non-root user, improving security.","The root password should never be sent over a network connection, allowing root logins in this way is inviting disaster. ","SSH stores all login information, including passwords, in a publicly readable file.","When logged on using SSH, roots commands can be easily intercepted and duplicated by undesirable elements.",Somebody with the root password but no other password can then break into the computer.,"E. Allowing only normal users to log in via SSH effectively requires two passwords for any remote root maintenance, improving security, so option E is correct. Whether or not you permit root logins, the SSH server must normally run as root, since SSH uses port 22, a privileged port. Thus, option A is incorrect. SSH encrypts all connections, so its unlikely that the password, or commands issued during an SSH session, will be intercepted, so option B isnt a major concern. (Nonetheless, some administrators prefer not to take even this small risk.) SSH doesnt store passwords in a file, so option C is incorrect. Because SSH employs encryption, option D is incorrect (this option better describes Telnet than SSH)."
102-400,4,Youve downloaded a GPG public key from a website into the file fredkey.pub. What must you do with this key to use it?,Type inspect-gpg fredkey.pub.,Type gpg --readkey fredkey.pub.,Type import-gpg fredkey.pub.,Type gpg --import fredkey.pub.,Type gpg-import fredkey.pub.,"D. Option D provides the correct command to import fredkey.pub prior to use. The inspect-gpg, import-gpg, and gpg-import commands of options A, C, and E are fictitious, and there is no --readkey option to gpg, as option B suggests."
1 LEVEL ANSWER QUESTION 1 2 3 4 5 EXPLICATION
2 102-400 1 When you configure an X server, you need to make changes to configuration files and then start or restart the X server. Which of the following can help streamline this process? Shut down X by switching to a runlevel in which X doesn’t run automatically, and then reconfigure it and use startx to test X startup. Shut down X by booting into single-user mode, and then reconfigure X and use telinit to start X running again. Reconfigure X, and then unplug the computer to avoid the lengthy shutdown process before restarting the system and X along with it. Use the startx utility to check the X configuration file for errors before restarting the X server. Connect the Linux computer’s network port directly to the X server, without using any intervening routers, in order to reduce network latency. A. On most Linux systems, some runlevels don’t run X by default, so using one of them along with the startx program (which starts X running) can be an effective way to test changes to an X configuration quickly, making option A correct. The telinit program changes runlevels, which is a lengthy process compared to using startx, so option B is incorrect. Unplugging the computer to avoid the shutdown process is self-defeating because you’ll have to suffer through a long startup (if you use a non-journaling file- system), and it can also result in data loss, thus option C is incorrect. The startx utility doesn’t check the veracity of an X configuration file; it starts X running from a text-mode login, making option D incorrect. Reconfiguring an X server does not normally require network access; the X server runs on the computer at which you sit. Thus option E is incorrect.
3 102-400 4 Which of the following summarizes the organization of the X configuration file? The file contains multiple sections, one for each screen. Each section includes subsections for individual components (keyboard, video card, and so on). Configuration options are entered in any order desired. Options relating to specific components (keyboard, video card, and so on) may be interspersed. The file begins with a summary of individual screens. Configuration options are preceded by a code word indicating the screen to which they apply. The file is broken into sections, one or more for each component (keyboard, videocard, and so on). The file also has one or more sections that define how to combine the main sections. The file is a rare binary configuration file that must be accessed using SQL database tools. D. The XF86Config and xorg.conf file design enables you to define variants or multiple components and easily combine or recombine them as necessary, using the structure specified in option D. Options A, B, and C all describe fictitious structures. Option E is incorrect because the X.org-X11 and XFree86 configuration files use a text-mode structure, not a binary structure.
4 102-400 3 A monitor’s manual lists its range of acceptable synchronization values as 27kHz–96kHz horizontal and 50Hz–160Hz vertical. What implications does this have for the resolutions and refresh rates the monitor can handle? The monitor can run at up to 160Hz vertical refresh rate in all resolutions. The monitor can handle up to 160Hz vertical refresh rate depending on the color depth. The monitor can handle up to 160Hz vertical refresh rate depending on the resolution. The monitor can handle vertical resolutions of up to 600 lines (96,000 ÷ 160), but no more. The monitor can handle horizontal resolutions of up to 600 columns (96,000 ÷ 160), but no more. C. The vertical refresh rate range includes a maximum value, but that value may be reduced when the resolution and vertical refresh rate would demand a higher horizontal refresh rate than the monitor can handle. Thus, option C is correct. Since the resolution affects the maximum refresh rate, option A is incorrect. The color depth is irrelevant to resolution and refresh rate calculations, so option B is incorrect. The computations shown in options D and E are bogus, making these options incorrect.
5 102-400 5 In what section of XF86Config or xorg.conf do you specify the resolution that you want to run? In the ServerLayout section, using the Screen option In the Monitor section, using the Modeline option In the Device section, using the Modeline option In the DefaultResolution section, using the Define option In the Screen section, subsection Display, using the Modes option E. Option E describes the correct location for this option. The ServerLayout section (referenced in option A) combines all of the other options together but doesn’t set the resolution. The Modeline option in the Monitor section (as described in option B) defines one possible resolution, but there may be several Modeline entries defining many resolutions, and there’s no guarantee that any of them will be used. The Modeline option doesn’t exist in the Device section (as suggested by option C), nor is that section where the resolution is set. There is no DefaultResolution section (as referenced in option D).
6 102-400 2 What is an advantage of a font server? It provides faster font displays than are otherwise possible. It can simplify font maintenance on a network with many X servers. It’s the only means of providing TrueType support for XFree86 4.x. It enables the computer to turn a bitmapped display into an ASCII text file. It enables X to use font smoothing, which isn’t possible with core fonts. B. By maintaining fonts on one font server and pointing other X servers to that font server, you can reduce the administrative cost of maintaining the fonts on all of the systems, so option B is correct. Font servers don’t produce faster font displays than X’s local font handling; if anything, the opposite is true. Thus, option A is incorrect. XFree86 4.x supports TrueType fonts directly, so option C is incorrect. Converting a bitmapped display into ASCII text is a function of optical character recognition (OCR) software, not a font server, so option D is incorrect. Neither X core fonts nor a font server handles font smoothing; for that, you need Xft. Thus, option E is incorrect.
7 102-400 3 5 What methods do Linux distributions use to start X automatically when the system boots?(Select two.) Start an XDMCP server from the Start folder. Start an XDMCP server from an ~/.xinitrc script. Start an XDMCP server via a system startup script. Start an XDMCP server via a boot manager. Start an XDMCP server from init. C, E. XDMCP servers are typically launched either from a system startup script or by init (as specified in /etc/inittab), as described in options C and E. The XDMCP server then starts X. The Start folder mentioned in option A is a Windows construct, not a Linux construct. The ~/.xinitrc script mentioned in option B is an X login script used when starting X from the command line via startx; it’s not used to start X automatically when the system boots. A boot manager, as described in option D, launches the kernel; it doesn’t directly start X, so option D is incorrect.
8 102-400 5 How would you change the text displayed by XDM as a greeting? Click Configure ➣ Greeting from the XDM main menu, and edit the text in the resulting dialog box. Pass greeting="text" as a kernel option in the boot loader, changing text to the new greeting. Edit the /etc/X11/xorg.conf file, and change the Greeting option in the xdm area. Run xdmconfig, and change the greeting on the Login tab. Edit the /etc/X11/xdm/Xresources file, and change the text in the xlogin*greeting line. E. The XDM greeting is a resource set in the /etc/X11/xdm/Xresources file, so option E is correct. XDM doesn’t offer many options on its main screen and certainly not one to change its greeting, as described in option A. The kernel doesn’t directly handle the login process, nor does it pass options directly to XDM, so option B is incorrect. Although the xorg.conf file mentioned in option C is real, this file provides no XDM configuration options because XDM is a separate program from the X server. There is no standard xdmconfig program, as mentioned in option D.
9 102-400 3 Which of the following features do KDM and GDM provide that XDM doesn’t? An encrypted remote X-based access ability, improving network security The ability to accept logins from remote computers, once properly configured The ability to select the login environment from a menu on the main login screen A login screen that shows the username and password simultaneously rather than sequentially An option to log into text mode if X should fail to start C. KDM and GDM add many features, one of which is a menu that enables users to select their desktop environment or window manager when they log in rather than specifying it in a configuration file, as option C states. Option A describes one of the advantages of the Secure Shell (SSH) as a remote-access protocol. Option B describes a feature common to all three XDMCP servers. Option D describes the way both KDM and XDM function; GDM is the one that presents username and password fields in series rather than simultaneously. Although a failure of X to start usually results in a fallback to a text-mode login, this feature is not provided by the XDMCP server, so option E is incorrect.
10 102-400 1 Which of the following commands tells the X server to accept connections from penguin.example.com? xhost +penguin.example.com export DISPLAY=penguin.example.com:0 telnet penguin.example.com xaccess penguin.example.com ssh penguin.example.com A. The xhost command controls various aspects of the local X server, including the remote computers from which it will accept connections, making option A correct. Option B sets the DISPLAY environment variable, which doesn’t directly affect the X server (it does tell X clients which X server to use). Option C initiates a text-mode remote login session with penguin.example.com. Option D’s xaccess is a fictitious program. Although logging into penguin.example.com via ssh may also initiate an X tunnel, this isn’t guaranteed, and such a tunnel doesn’t cause the local X server to accept direct connections from the remote computer, so option E is incorrect.
11 102-400 1 To assist an employee who has trouble with keyboard repeat features, you’ve disabled this function in /etc/X11/xorg.conf. Why might this step not be sufficient for the goal of disabling keyboard repeat? GNOME, KDE, or other desktop environment settings for keyboard repeat may override those set in xorg.conf. The xorg.conf file has been deprecated you should instead adjust the /etc/X11/XF86Config file. Keyboard settings in xorg.conf apply only to Bluetooth keyboards you must use usbkbrate to adjust keyboard repeat for USB keyboards. You must also locate and reset the DIP switch on the keyboard to disable keyboard repeat. The keyboard repeat options in xorg.conf work only if the keyboard’s nationality is set incorrectly, which is not often. A. As stated in option A, GNOME, KDE, and other user programs often override the keyboard repeat settings in the X configuration file. Option B has it almost backward; most Linux distributions have abandoned XFree86, and therefore its XF86Config file, in favor of X.org-X11 and its xorg.conf file. Option C is pure fiction; xorg.conf settings apply to all varieties of keyboards, and there is no standard usbkbrate program. Although some keyboards do have hardware switches, they don’t affect X’s ability to control the keyboard repeat rate, contrary to option D. Although you can set a keyboard’s nationality in xorg.conf, this option is independent of the keyboard repeat rate settings, so option E is incorrect.
12 102-400 3 5 Which of the following programs may be used to provide computer-generated speech for users who have trouble reading computer displays? (Select two.) SoX Braille Orca talk Emacspeak C, E. The Orca and Emacspeak programs both provide text-to-speech conversion facilities, so options C and E are both correct. Braille is a form of writing that uses bumps or holes in a surface that can be felt by the reader. Although Linux supports Braille output devices, the question specifies computer-generated speech, which Braille is not, so option B is incorrect. SoX (option A) is an audio format converter, but it won’t convert from text to speech. The talk program (option D) is an early Unix online text-mode “chat” program, but it has no built-in speech synthesis capabilities.
13 102-400 2 5 You manage a computer that’s located in Los Angeles, California, but the time zone is misconfigured as being in Tokyo, Japan. What procedure can you follow to fix this problem? (Select two.) Run hwclock --systohc to update the clock to the correct time zone. Delete /etc/localtime, and replace it with an appropriate file from /usr/share/zoneinfo. Edit the /etc/tzconfig file so that it specifies North_America/Los_Angeles as the time zone. Edit /etc/localtime, and change the three-letter time zone code on the TZ line. Use the tzselect program to select a new (Los Angeles) time zone. B, E. Time zones are determined by the /etc/localtime file, so replacing that one with the correct file (a selection is stored in /usr/share/zoneinfo) will fix the problem, making option B correct. (You may also need to edit /etc/timezone or some other file to keep automatic utilities from becoming confused.) Utilities such as tzselect will make these changes for you after prompting you for your location, so option E is also correct. The hwclock program mentioned in option A reads and writes data from the system’s hardware clock. Although it relies on time zone data, it can’t adjust your system’s time zone itself. There is no standard /etc/tzconfig file, although the tzconfig program, like tzselect, can help you set the time zone. Thus, option C is incorrect. The /etc/localtime file is a binary format; you shouldn’t attempt to edit it in a text editor, making option D incorrect.
14 102-400 4 You’re configuring a Linux system that doesn’t boot any other OS. What is the recommended time to which the computer’s hardware clock should be set? Helsinki time Local time US Pacific time UTC Internet time D. Linux, like Unix, maintains its time internally in Coordinated Universal Time (UTC), so setting the computer’s hardware clock to UTC (option D) is the recommended procedure for computers that run only Linux. Although Linus Torvalds spent time at the University of Helsinki, Helsinki time (as in option A) has no special place in Linux. Local time (as in option B) is appropriate if the computer dual-boots to an OS, such as Windows, that requires the hardware clock to be set to local time, but this is the second-best option for a Linux-only system. Option C’s US Pacific time, like Helsinki time, has no special significance in Linux. Internet time (option E) is an obscure way to measure time that divides each day into 1,000 “beats.” It’s not a time zone and is not an appropriate way to set your hardware clock.
15 102-400 3 You’ve developed a script that uses several Linux commands and edits their output.You want to be sure that the script runs correctly on a computer in Great Britain, although you’re located elsewhere, since the output includes features such as currency symbols and decimal numbers that are different from one nation to another. What might you do to test this? Enter the BIOS, locate and change the location code, reboot into Linux, and run the script. Edit /etc/locale.conf, change all the LC_* variables to en_GB.UTF-8, and then reboot and run the script. Type export LC_ALL=en_GB.UTF-8, and run the script from the same shell you used to type this command. Type locale_set Great_Britain, and run the script from the same shell you used to type this command. Type export TZ=:/usr/share/zoneinfo/Europe/London, and run the script from the same shell you used to type this command. C. When set, the LC_ALL environment variable (option C) adjusts all the locale (LC_*) variables, so setting this and then running the script will make the programs that your script uses work as if on a British computer. The BIOS has no location code data, so option A is incorrect. There is no standard /etc/locale.conf file, so option B is incorrect. There is no standard locale_set utility, so option D is incorrect. Although setting the TZ environment variable, as in option E, will set the time zone for your local shell to that for Great Britain, this won’t affect the sort of text formatting options noted in the question. 15. A. The Unicode Transformation Format 8 (UTF-8) standard can encode characters for just about any language on Earth, while looking just like ordinary ASCII to programs that only understand ASCII. Thus UTF-8 (option A) is the preferred method for character encoding when a choice is possible. ASCII (option B) is an old standard that’s adequate for English and a few other languages, but it lacks some or all characters needed by most languages. ISO-8859 (options C and D) is a standard that extends ASCII, but it requires separate encodings for different languages and so it is awkward when a computer must process data from multiple languages. ATASCII (option E) is a variant of ASCII used in the 1980s by Atari for its home computers; it’s obsolete and inadequate today.
16 102-400 5 Which character set encoding is the preferred method on modern Linux systems? UTF-8 ASCII ISO-8859-1 ISO-8859-8 ATASCII E. The smart filter makes a print queue “smart” in that it can accept different file types (plain text, PostScript, graphics, and so on) and print them all correctly, as in option E. Font smoothing is useful on low-resolution computer monitors, but not on most printers, and adding font smoothing is not a function of a smart filter, so option A is incor- rect. A smart filter doesn’t detect confidential information (option B) or prank print jobs (option D). The lpr program can be given a parameter to email a user when the job finishes (option C), but the smart filter doesn’t do this.
17 102-400 2 4 Which of the following describes the function of a smart filter? It improves the legibility of a print job by adding font smoothing to the text. It detects information in print jobs that may be confidential as a measure against industrial espionage. It sends email to the person who submitted the print job, obviating the need to wait around the printer for a printout. It detects and deletes prank print jobs that are likely to have been created by troublemakers trying to waste your paper and ink. It detects the type of a file and passes it through programs to make it printable on a given model of printer. B, D. The job ID (option B) and job owner (option D) are both displayed by lpq. Unless the application embeds its own name (option A) in the filename, that information won’t be present. Most printers lack Linux utilities to query ink or toner status (option C); certainly lpq can’t do this. Although knowing when your job will finish printing (option E) would be handy, providing this information is well beyond lpq’s capabilities.
18 102-400 3 What information about print jobs does the lpq command display? (Select two.) The name of the application that submitted the job A numerical job ID that can be used to manipulate the job The amount of ink or toner left in the printer The username of the person who submitted the job The estimated time to finish printing the job C. The lprm command (option C) deletes a job from the print queue. It can take the -Pqueue option to specify the queue and a print job number or various other parameters to specify which jobs to delete. BSD LPD, LPRng, and CUPS all implement the lprm command, so you can use it with any of these systems, making option A incorrect. Option B presents the correct syntax but the wrong command name; there is no standard lpdel command. The cupsdisable command can be used to disable the whole queue but not to delete a single print job, so option D is incorrect. Because option C is correct, option E obviously is not.
19 102-400 2 You’ve submitted several print jobs, but you’ve just realized that you mistakenly submitted a huge document that you didn’t want to print. Assuming that you can identify the specific job, that it’s not yet printing, and that its job ID number is 749, what command would you type to delete it from the okidata print queue? The answer depends on whether you’re using BSD, LPD, LPRng, or CUPS. Type lpdel -Pokidata 749. Type lprm -Pokidata 749. Type cupsdisable -Pokidata 749. None of the above the task is impossible. B. PostScript is the de facto printing standard for Unix and Linux programs, as specified in option B. Linux programs generally do not send data directly to the printer port (option A); on a multitasking, multiuser system, this would produce chaos because of competing print jobs. Although a few programs include printer driver collections, most forgo this in favor of generating PostScript, making option C incorrect. Printing utilities come standard with Linux; add-on commercial utilities aren’t required, so option D is incorrect. Verdana is one of several “web fonts” released by Microsoft. Although many Linux programs can use Verdana for printing if the font is installed, most Linux distributions don’t install Verdana by default, and few Linux programs use it for printing by default even if it’s installed, so option E is not correct.
20 102-400 2 Which of the following is generally true of Linux programs that print? They send data directly to the printer port. They produce PostScript output for printing. They include extensive collections of printer drivers. They can print only with the help of add-on commercial programs. They specify use of the Verdana font. B. The mpage utility (option B) prints multiple input pages on a single output page, so it’s ideally suited to the specified task. PAM (option A) is the Pluggable Authentication Modules, a tool for helping to authenticate users. 4Front (option C) is the name of a company that produces commercial sound drivers for Linux. The route command (option D) is used to display or configure a Linux routing table. The 411toppm program (option E) converts files from Sony’s 411 image file format to the PPM image file for- mat; it doesn’t do the specified task.
21 102-400 5 When a user account has been locked using the usermod -L command, you will see what in the /etc/shadow file’s record for that user? An x in the password field An !! in the password field A blank password field A zero (0) at the front of the password field An ! at the front of the password field E. When the usermod -L username command is used, the username record in the /etc/shadow file has its password field modified. An exclamation point (!) is placed in front of the password, making the password inoperable and thus locking the account. Therefore, option E is correct. An x exists in the /etc/passwd file’s records’ password field, if the /etc/shadow file is used for passwords (which it should be) and does not indicate a locked account. Therefore, option A is incorrect. Option B is only true when an account has not yet had a password set. Therefore, option B is incorrect. Option C is also incorrect. You would never have a blank password field for a user account’s /etc/shadow record, unless the file had been incorrectly manually modified. Manual modifications of the /etc/shadow files are never recommended. A user record could have a zero (0) as the first character in their password field, but this would be due to the password being hashed, not locked. Therefore, option D is incorrect.
22 102-400 1 2 3 What commands can be used to add user accounts to a Linux system? useradd username adduser username useradd -c "full name" username usradd username passwd username A, B, C. The useradd command is used to add user accounts to a Linux system, and therefore option A is correct. The adduser command is available on some Linux distributions, and it also allows you to add user accounts to the system. Thus, option B is correct as well. The useradd command has a valid -c option that allows you to enter comments, such as a user’s full name. Therefore, option C is also correct. There is no usradd command, so option D is incorrect. The passwd command cannot add users to the system. Therefore, option E is incorrect.
23 102-400 1 An administrator types chage -M 7 time. What is the effect of this command? The time account’s password must be changed at least once every seven days. All users must change their passwords at least once every seven days. All users are permitted to change their passwords at most seven times. The time account’s age is set to seven months. The account database’s time stamp is set to seven months ago. A. The chage command changes various account expiration options. The -M parameter sets the maximum number of days for which a password is valid, and in the context of the given command, time is a username. Thus, option A is correct. Options B, C, D, and E are all made up.
24 102-400 4 What is wrong with the following /etc/passwd file entry? sally:x:1029:Sally Jones:/home/myhome:/bin/passwd The default shell is set to /bin/passwd, which is an invalid shell. The username is invalid. Linux usernames can’t be all lowercase letters. The home directory doesn’t match the username. Either the UID or the GID field is missing. The hashed password is missing. D. The /etc/passwd entries have third and fourth fields of the UID and the GID, but this line has only one of those fields (which one is intended is impossible to determine); this example line’s fourth field is clearly the fifth field of a valid entry. Thus, option D is the correct answer. Option A is incorrect because, although /bin/passwd is an unorthodox login shell, it’s perfectly valid. This configuration might be used on, say, a Samba file server or a POP mail server to enable users to change their passwords via SSH without granting login shell access. The sally username is valid and thus, Option B is not a correct answer. You may have usernames that are all lowercase letters. Option C is a correct observation, but an incorrect answer; the username and the user’s home directory name need not match. The hashed password is officially stored in the second field, but in practice, most Linux computers place the hashed passwords in the /etc/shadow file. An x value for the password is consistent with this use, so option E is incorrect.
25 102-400 5 You want sally, who is already a member of the Production group, also to be a member of the Development group. What is the best way to accomplish this? Use the groupadd Development sally command. Use the groupadd Production sally command. Manually edit the /etc/group file, and change the Development group’s record to Development:501:sally. Use the usermod -G Development sally command. Use the usermod -a -G Development sally command. E. Option E is the best way to accomplish the task, because it will add sally to the Development group without removing her from any other groups or potentially damaging the /etc/group file. Option A would attempt to add the groups Development and sally to the system, thus it is not even a valid choice. Option B, also not a valid choice, would attempt to add the groups Production and sally. Option C would work, but it is very dangerous to edit an account configuration file manually instead of using account tools. Therefore, option C is not the best choice. Option D would work, but it would remove sally from all of her other groups, including the Production group. Therefore, option D is not the best choice either.
26 102-400 2 3 4 What types of files might you expect to find in /etc/skel? (Select three.) A copy of the /etc/shadow file An empty set of directories to encourage good file management practices A README or similar welcome file for new users A starting .bashrc file The RPM or Debian package management database B, C, D. Files in /etc/skel are copied from this directory to the new users’ home directories by certain account-creation tools. Thus, files that you want in all new users’ home directories should reside in /etc/skel. Options B, C, and D all describe reasonable possibilities, although none is absolutely required. Including a copy of /etc/ shadow in /etc/skel (option A) would be a very bad idea because this would give all users access to all other users’ hashed passwords, at least as of the moment of account creation. You wouldn’t likely find package management databases (option E) in /etc/skel, since users don’t need privileged access to this data, nor do they need individualized copies of it.
27 102-400 3 What would a Linux system administrator type to remove the nemo account and its home directory? userdel nemo userdel -f nemo userdel -r nemo rm -r /home/nemo usermod -D nemo C. The userdel command deletes an account, and the -r option to userdel (option C) causes it to delete the user’s home directory and mail spool, thus satisfying the terms of the question. Option A deletes the account but leaves the user’s home directory intact. Option B does the same; the -f option forces account deletion and file removal under some circumstances, but it’s meaningful only when -r is also used. Option D’s rm command deletes the user’s home directory (assuming that it’s located in the conventional place, given the username) but doesn’t delete the user’s account. Option E’s usermod command can modify accounts, including locking them, but it can’t delete accounts. Furthermore, the -D option to usermod is fictitious.
28 102-400 5 Which of the following system logging codes represents the highest priority? info warning crit debug emerg E. The emerg priority code (option E) is the highest code available and so is higher than all the other options. From highest to lowest priorities, the codes given as options are emerg, crit, warning, info, and debug.
29 102-400 1 Which of the following configuration files does the logrotate program consult for its settings? /etc/logrotate.conf /usr/sbin/logrotate/logrotate.conf /usr/src/logrotate/logrotate.conf /etc/logrotate/.conf ~/.logrotate A. The logrotate program consults a configuration file called /etc/logrotate.conf (option A), which includes several default settings and typically refers to files in /etc/logrotate.d to handle specific log files. The remaining options are all fictitious, at least as working log files for logrotate.
30 102-400 4 You want to create a log file entry noting that you’re manually shutting down the system to add a new network card. How might you create this log entry, just prior to using shutdown? dmesg -l "shutting down to add network card" syslog shutting down to add network card rsyslogd "shutting down to add network card" logger shutting down to add network card wall "shutting down to add network card" D. The logger utility can be used to create a one-time log file entry that you specify. In its simplest form, it takes no special arguments, just a message to be inserted in the log file, as in option D. The dmesg utility in option A is used to review the kernel ring buffer; it doesn’t create log file entries. Option B’s syslog command isn’t a Linux usermode command, although it is the name of the logging system generically as well as a programming language command name. Option C’s rsyslogd is the name of one of several system logging daemons; it maintains the system log, but isn’t used to manually insert log entries. Option E’s wall command writes a message to all users logged into virtual console terminals. It won’t create a log file entry as the question requires and is not installed on all distributions.
31 102-400 3 Your manager has asked that you configure logrotate to run on a regular, unattended basis. What utility/feature should you configure to make this possible? at logrotate.d cron inittab ntpd C. The logrotate program can be started automatically—and unattended—on a regular basis by adding an entry for it in cron, so option C is correct. The at utility (option A) would be used if you wanted the program to run only once. Option B, logrotate.d, is a file stored in the /etc directory, which defines how the program is to handle specific log files. The inittab file (option D) is used for services and startup and not for individual programs. The ntpd program (option E) is the Network Time Protocol daemon, which synchronizes the system’s clock with outside time sources.
32 102-400 5 You’ve set your system (software) clock on a Linux computer to the correct time, and now you want to set the hardware clock to match. What command might you type to accomplish this goal? date --sethwclock ntpdate sysclock --tohc time --set –hw hwclock --systohc E. The hwclock utility is used to view or set the hardware clock. The ––systohc sets the hardware clock based on the current value of the software clock, thus option E is correct. Option A’s date utility can be used to set the software clock but not the hardware clock; it has no ––sethwclock option. Option B’s ntpdate is used to set the software clock to the time maintained by an NTP server; it doesn’t directly set the hardware clock. Option C’s sysclock utility is fictitious. Option D’s time command is used to time how long a command takes to complete; it has no ––set or ––hw option and does not set the hardware clock.
33 102-400 1 As root, you type date What will be the effect? The software clock will be set to 7:10 a.m. on December 11 of the current year. The software clock will be set to 12:11 p.m. on October 7 of the current year. The software clock will be set to 7:10 a.m. on November 12 of the current year. The software clock will be set to 12:11 p.m. on July 10 of the current year. The software clock will be set to July 10 in the year 1211. A. The format of the date command’s date code is [MMDDhhmm[[CC]YY][.ss]]. Given that the question specified an eight-digit code, this means that the ordering of the items, in two-digit blocks, is month-day-hour-minute. Option A correctly parses this order, whereas options B, C, D, and E do not.
34 102-400 3 What will be the effect of a computer having the following two lines in /etc/ntp.conf? server pool.ntp.org server tardis.example.org The local computer’s NTP server will poll a server in the public NTP server pool the first server option overrides subsequent server options. The local computer’s NTP server will poll the tardis.example.org time server the last server option overrides earlier server options. The local computer’s NTP server will poll both a server in the public NTP server pool and the server at tardis.example.org and use whichever site provides the cleanest time data. The local computer’s NTP server will refuse to run because of a malformed server specification in /etc/ntp.conf. The local computer’s NTP server will poll a computer in the public NTP server pool but will fall back on tardis.example.org if and only if the public pool server is down. C. Multiple server entries in /etc/ntp.conf tell the system to poll all of the named servers and to use whichever one provides the best time data. Thus option C is correct. (The pool.ntp.org subdomain and numbered computers within that subdomain give round-robin access to a variety of public time servers.) Options A and B both incor- rectly state that one server statement overrides another, when in fact this isn’t the case. The server statements shown in the question are properly formed. These server entries are properly formed, so option D is incorrect. Although it is true that this con- figuration will result in use of tardis.example.com should the public-pool server be unavailable, as option E states, this is not the only reason the NTP server will use tardis.example.com; this could happen if the public-pool server provides an inferior time signal, for instance. Thus option E is incorrect.
35 102-400 4 You’ve configured one computer (gateway.pangaea.edu) on your five-computer network as an NTP server that obtains its time signal from ntp.example.com. What computer(s) should your network’s other computers use as their time source(s)? You should consult a public NTP server list to locate the best server for you. Both gateway.pangaea.edu and ntp.example.com Only ntp.example.com Only gateway.pangaea.edu None. NTP should be used on the Internet, not on small local networks. D. Once you’ve configured one computer on your network to use an outside time source and run NTP, the rest of your computers should use the first computer as their time reference. This practice reduces the load on the external time servers as well as your own external network traffic. Thus option D is correct. (Very large networks might configure two or three internal time servers that refer to outside servers for redundancy, but this isn’t necessary for the small network described in the question.) Option A describes the procedure to locate a time server for the first computer configured (gateway.pangaea.edu) but not for subsequent computers. Although configuring other computers to use ntp.example.com instead of or in addition to gateway.pangaea.edu is possible, doing so will needlessly increase your network traffic and the load on the ntp.example.com server. Thus options B and C are both incorrect. Contrary to option E, NTP is suitable for use on small local networks, and in fact it’s very helpful if you use certain protocols, such as Kerberos.
36 102-400 2 4 Which of the following tasks are most likely to be handled by a cron job? (Select two.) Starting an important server when the computer boots Finding and deleting old temporary files Scripting supervised account creation Monitoring disk partition space status and emailing a report Sending files to a printer in an orderly manner B, D. The cron utility is a good tool for performing tasks that can be done in an unsupervised manner, such as deleting old temporary files (option B) or checking to see that disk space is not low (option D). Tasks that require interaction or do not occur on a scheduled basis, such as creating accounts (option C), aren’t good candidates for cron jobs, which must execute unsupervised and on a schedule. Although a cron job could restart a crashed server, it’s not normally used to start a server when the system boots (option A); that’s done through system startup scripts or a super server. Sending files to a printer (option E) is generally handled by a print server such as the cupsd daemon.
37 102-400 2 Which of the following lines, if used in a user cron job, will run /usr/local/bin/cleanup twice a day? 15 7,19 * * * tbaker /usr/local/bin/cleanup 15 7,19 * * * /usr/local/bin/cleanup 15 */2 * * * tbaker /usr/local/bin/cleanup 15 */2 * * * /usr/local/bin/cleanup 2 * * * * /usr/local/bin/cleanup B. User cron jobs don’t include a username specification (tbaker in options A and C). The */2 specification for the hour in options C and D causes the job to execute every other hour; the 7,19 specification in options A and B causes it to execute twice a day, on the 7th and 19th hours (in conjunction with the 15 minute specification, that means at 7:15 a.m. and 7:15 p.m.). Thus, option B provides the correct syntax and runs the job twice a day, as the question specifies, whereas options A, C, and D all get something wrong. Option E causes the job to run once an hour, not twice a day.
38 102-400 2 You’re installing Linux on a critical business system. Which of the following programs might you want to add to ensure that a daily backup job is handled correctly? tempus anacron crontab ntpd syslog-ng B. The anacron program is a supplement to cron that helps ensure that log rotation, daily backups, and other traditional cron tasks are handled even when the computer is shut down (and, hence, when cron isn’t running) for extended periods of time. This is the program to add to the system to achieve the stated goal, and option B is correct. There is no common Linux utility called tempus, so option A is incorrect. Option C’s crontab is the name of a file or program for controlling cron, which is likely to be an unreliable means of log rotation on a laptop computer. The ntpd program (option D) is the NTP daemon, which helps keep the system clock in sync with an external source. Although running ntpd on a laptop computer is possible, it won’t directly help with the task of scheduling log rotation. The syslog-ng package is an alternative system log daemon, but this program doesn’t help solve the problem of missed daily backups when using standard cron utilities, so option E is incorrect.
39 102-400 5 What do the following commands accomplish? (The administrator presses Ctrl+D after typing the second command.) # at teatime at> /usr/local/bin/system-maintenance Nothing, these commands aren’t valid. Nothing, teatime isn’t a valid option to at. Nothing, you may only type valid bash built-in commands at the at> prompt. Nothing, at requires you to pass it the name of a script, which teatime is not. The /usr/local/bin/system-maintenance program or script is run at 4:00 p.m. E. The at command runs a specified program at the stated time in the future. This time may be specified in several ways, one of which is teatime, which stands for 4:00 p.m. Thus, option E is correct. The objections stated in options A, B, C, and D are all invalid. (You may pass a script to at with the -f parameter, but this isn’t required, contrary to option D.)
40 102-400 1 3 How might you schedule a script to run once a day on a Linux computer? (Select two.) Place the script, or a link to it, in /etc/cron.daily. Use the at command to schedule the specified script to run on a daily basis at a time of your choosing. Create a user cron job that calls the specified script once a day at a time of your choosing, and install that cron job using crontab. Use run-parts to schedule the specified script to run on a daily basis. Type crontab -d scriptname, where scriptname is the name of your script. A, C. The contents of /etc/cron.daily are automatically run on a daily basis in most Linux distributions, and the crontab utility can create user cron jobs that run programs at arbitrary time intervals, so both A and C are correct. The at command noted in option B can be used to run a program a single time, but not on a regular basis (such as daily). Option D’s run-parts utility is used by some distributions as a tool to help run programs in the /etc/cron.* subdirectories, but it’s not used to schedule jobs. Although the crontab program can maintain user crontabs, it’s not used as shown in option E and it has no -d parameter at all.
41 102-400 1 2 5 Which types of network hardware does Linux support? (Select three.) Token Ring Ethernet DHCP NetBEUI Fibre Channel A, B, E. Ethernet (option B) is currently the most common type of wired network hardware for local networks. Linux supports it very well, and Linux also includes support for Token Ring (option A) and Fibre Channel (option E) network hardware. DHCP (option C) is a protocol used to obtain a TCP/IP configuration over a TCP/IP network. It’s not a type of network hardware, but it can be used over hardware that supports TCP/IP. NetBEUI (option D) is a network stack that can be used instead of or in addition to TCP/IP over various types of network hardware. Linux doesn’t support NetBEUI directly.
42 102-400 2 Which of the following is a valid IPv4 address for a single computer on a TCP/IP network? 202.9.257.33 63.63.63.63 107.29.5.3.2 98.7.104.0/24 255.255.255.255 B. IP addresses consist of four 1-byte numbers (0–255). They’re normally expressed in base 10 and separated by periods. 63.63.63.63 meets these criteria, so option B is correct. 202.9.257.33 includes one value (257) that’s not a 1-byte number, so option A is incorrect. 107.29.5.3.2 includes five 1-byte numbers, so option C is incorrect. 98.7.104.0/24 (option D) is a network address—the trailing /24 indicates that the final byte is a machine identifier, and the first 3 bytes specify the network. Option E, 255.255.255.255, meets the basic form of an IP address, but it’s a special case—this is a broadcast address that refers to all computers rather than to the single computer specified by the question.
43 102-400 3 You want to set up a computer on a local network via a static TCP/IP configuration, but you lack a gateway address. Which of the following is true? Because the gateway address is necessary, no TCP/IP networking functions will work. TCP/IP networking will function, but you’ll be unable to convert hostnames to IP addresses or vice versa. You’ll be able to communicate with machines on your local network segment but not with other systems. Since a gateway is needed only for IPv6, you’ll be able to use IPv4 but not IPv6 protocols. Without a gateway address available, you’ll be unable to use DHCP to simplify configuration. C. The gateway computer is a router that transfers data between two or more network segments. As such, if a computer isn’t configured to use a gateway, it won’t be able to communicate beyond its local network segment, making option C correct. A gateway is not necessary for communicating with other systems on the local network segment, so option A is incorrect. If your DNS server is on a different network segment, name resolution via DNS won’t work, as stated in option B; however, other types of name resolution, such as /etc/hosts file entries, will still work, and the DNS server might be on the local network segment, so option B is incorrect. Gateways perform the same function in both IPv4 and IPv6 networking, so option D is incorrect. DHCP functions fine without a gateway, provided that a DHCP server is on the same local network segment as its clients (as is normally the case), so option E is incorrect.
44 102-400 4 Using a packet sniffer, you notice a lot of traffic directed at TCP port 22 on a local computer. What protocol does this traffic use, assuming it’s using the standard port? HTTP SMTP Telnet SSH NNTP D. The Secure Shell (SSH) protocol uses port 22, so if the traffic to port 22 is using the correct protocol, it’s SSH traffic and option D is correct. The Hypertext Transfer Protocol (HTTP; option A) is conventionally bound to port 80; the Simple Mail Transfer Protocol (SMTP; option B) uses port 25; Telnet (option C) uses port 23; and the Network News Transfer Protocol (NNTP; option E) uses port 119. None of these would normally be directed to port 22.
45 102-400 4 What network port would an IMAP server normally use for IMAP exchanges? 21 25 110 143 443 D. The Interactive Mail Access Protocol (IMAP) is assigned to TCP port 143. Ports 21, 25, 110, and 443 are assigned to the File Transfer Protocol (FTP), the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol version 3 (POP3), and the Hypertext Transfer Protocol over SSL (HTTPS), respectively. Although some IMAP server programs also support POP3 and might therefore listen to both ports 110 and 143, the question specifies IMAP exchanges, so option D is the only correct answer.
46 102-400 3 5 Which of the following are not Linux DHCP clients? (Select two.) pump dhcpcd dhcpd dhclient ifconfig C, E. Option C, dhcpd, is the Linux DHCP server. Option E, ifconfig, can be used for network configuration but is not itself a DHCP client. The others are all DHCP clients. Any given computer will use just one DHCP client (or none at all), but any one of A, B, or D will be available choices.
47 102-400 2 3 Which of the following types of information are returned by typing ifconfig eth0?(Select two.) The names of programs that are using eth0 The IP address assigned to eth0 The hardware address of eth0 The hostname associated with eth0 The kernel driver used by eth0 B, C. When used to display information on an interface, ifconfig shows the hardware and IP addresses (options B and C) of the interface, the protocols (such as TCP/IP) bound to the interface, and statistics on transmitted and received packets. This command does not return information about programs using the interface (option A), the hostname associated with the interface (option D), or the kernel driver used by the interface (option E).
48 102-400 1 Which of the following programs is conventionally used to perform a DNS lookup? host dnslookup pump ifconfig netstat A. The host program (option A) is a commonly used program to perform a DNS lookup. There is no standard dnslookup program (option B), although the nslookup program is a deprecated program for performing DNS lookups. pump (option C) is a DHCP client. ifconfig (option D) is used for configuration of networking parameters and cards. netstat (option E) is a general-purpose network diagnostic tool.
49 102-400 2 Which of the following commands should you type to add to host 192.168.0.10 a default gateway of 192.168.0.1? route add default gw 192.168.0.10 192.168.0.1 route add default gw 192.168.0.1 route add 192.168.0.10 default 192.168.0.1 route 192.168.0.10 gw 192.168.0.1 route host gw 192.168.0.1 B. To add a default gateway of 192.168.0.1, the command would be route add default gw 192.168.0.1, as in option B. Specifying the IP address of the host system (as in options A, C, and D) is not necessary and in fact will confuse the route command. Although route provides a -host option, using host (without a dash), as in option E, is incorrect. Furthermore, option E omits the critical add parameter.
50 102-400 1 2 Which of the following commands might bring up an interface on eth1? (Select two.) dhclient eth1 ifup eth1 ifconfig eth1 network eth1 netstat -up eth1 A, B. The dhclient utility, if installed, attempts to configure and bring up the network(s) passed to it as options (or all networks if it’s given no options) using a DHCP server for guidance. Thus option A may work, although it won’t work if no DHCP server is available. Option B applies whatever network options are configured using distribution-specific tools and brings up the network. Thus options A and B both may work, although neither is guaranteed to work. Option C displays the network status of eth1, but it won’t activate eth1 if it’s not already active. There is no standard network utility in Linux, so option D won’t work. The netstat utility is a network diagnostic tool; it won’t bring up a network interface, so option E is incorrect.
51 102-400 5 What is the purpose of /etc/hostname, if it’s present on the system? It holds the hostname of a package repository server. It holds a list of servers that resolve hostnames. It holds a list of IP addresses and associated hostnames. It holds the hostname of the local gateway computer. It holds the computer’s default hostname. E. Although not all systems use /etc/hostname, option E correctly describes it for those systems that use it. The file or files that hold information on package repository servers vary from one package system to another, so option A is incorrect. Option B describes the purpose of /etc/resolv.conf. Option C describes the purpose of /etc/hosts. Option D doesn’t describe any standard Linux configuration file, although the gateway computer’s IP address is likely to appear in a distribution-specific configuration file.
52 102-400 3 Network accesses to parts of the Internet work fine, but several common sites have stopped responding (even when addressed via raw IP addresses). Which of the following tools will be most helpful in diagnosing the source of this problem? netstat ping traceroute ifconfig dig C. The traceroute command (option C) identifies the computers that lie between your own computer and a destination computer, along with some very basic information about network packet travel time and reliability. Thus, traceroute can help you track down the source of the described problem—perhaps a router that’s critical to reaching all of the non-responsive systems has failed. The netstat and ifconfig utilities of options A and D both provide information about local network configuration options, but they most likely won’t be of much help in diagnosing a problem that affects only some sites. The ping utility (option B) may help you quickly identify sites that have failed but won’t be of much use beyond that. You can use dig (option E) to obtain information on the mapping of hostnames to IP addresses, but it won’t help in resolving basic connectivity problems.
53 102-400 2 What value identifies an IPv6 address as a link-local address? The address uses the MAC address of the system. The address starts with fe80. The address starts with fee. The address starts with 2001. B. Both global and link-local IPv6 addresses can use the system MAC address as part of the IPv6 address, thus option A is incorrect. The fee network address identifies a site-local address but not a link-local address, so option C is also incorrect. An address that starts with 2001 would be a normal global address, making option D incorrect. IPv6 link-local addresses start with fe80, thus C is the correct answer.
54 102-400 3 How can you learn what programs are currently accessing the network on a Linux system? Type ifconfig -p eth0. Examine /proc/network/programs. Type netstat -p. Examine /etc/xinetd.conf. Type dmesg | less. C. The netstat program produces various network statistics, including the process IDs (PIDs) and names of programs currently accessing the network when it’s passed the -p parameter, thus option C is correct. The ifconfig program can’t produce this information, and the -p option to this program is fictitious, so option A is incorrect. Option B’s /proc/network/programs file is also fictitious. Option D’s /etc/xinetd.conf file is real and may provide some information about some servers that are using the network (as described in Chapter 10), but this file won’t provide information about all servers, much less about clients that are accessing the network. The dmesg command displays the kernel ring buffer, which doesn’t contain information on programs that are currently accessing the network, so option E is incorrect.
55 102-400 1 4 To diagnose a problem with an IMAP server (imap.example.com), you type telnet imap.example.com 143 from a remote client. How can this procedure help you?(Select two.) You can verify basic connectivity between the client computer and the server program. By examining the output, you can locate intermediate routers that are misbehaving. By using an encrypted protocol, you ensure that a packet-sniffing intruder doesn’t cause problems. Once connected, you can type IMAP commands to test the server’s response to them. Once you’ve logged into the remote system, you can examine its IMAP log files. A, D. If you get any response at all, you know that the basic network connection is working, including that the server is responding to the client. With basic knowledge of IMAP commands, telnet enables you to test the server’s responses in more detail than most IMAP clients (mail readers) permit. Thus options A and D are both correct. Option B describes the functionality of traceroute or tracepath; telnet provides no information about intermediate routers’ functionality, so option B is incorrect. Because neither telnet nor IMAP on port 143 uses encryption, option C is incorrect. Furthermore, a packet sniffer is likely to have no effect on the transfer of data; it just copies the data so that the packet sniffer’s user can see it. Although telnet can be used for remote access in a way that could make option E correct, the question specifies using telnet to connect to port 143, which is the IMAP port, not the Telnet port. Thus, option E is incorrect. (Furthermore, using telnet for remote administration is very risky because telnet is an unencrypted protocol.)
56 102-400 2 You’re configuring a new system, and your network administrator scribbles its IP address (172.25.78.89), netmask (255.255.255.0), gateway address (172.25.79.1), and DNS server address (10.24.89.201) on a piece of paper. You enter this information into your configuration files and type ifup eth0, but you find that you can’t access the Internet with this computer. Which of the following is definitely true? Because the DNS server is on a completely different network, it won’t function properly for your system. You should ask for the local network’s DNS server’s IP address. The netmask identifies the gateway as being on a different network segment than the computer you’re configuring, so the two can’t communicate directly. You most likely misread one address. Because the IP addresses involved are private IP addresses, there’s no way for them to access the Internet. You must ask for public IP addresses for this system or use only your local private network. The computer’s IP address is a Class B address, but the netmask is for a Class C address. This combination can’t work together, so you must obtain a new IP address or netmask. The ifup utility works only for computers that use DHCP, so using a static IP address as specified in the question won’t work correctly. B. The computer’s IP address (172.25.78.89) and netmask (255.255.255.0) mean that the computer can directly address computers with IP addresses in the range of 172.25.78.1 to 172.25.78.254, but the gateway address (172.25.79.1) is outside of this range. Thus, either the IP address or the gateway address is wrong, and option B is correct. Nothing about the way DNS operates necessitates that the DNS server be on the same network segment as the DNS client, so option A is incorrect. Although private IP addresses are often isolated from the Internet, as option C specifies, Network Address Translation (NAT) can get around this limitation. Thus, although there could be some truth to option C, it’s not certain to be true. The Class A/B/C distinctions are just guidelines that can be overridden by specific configurations. Thus option D is incorrect. Option E’s assertion that ifup is used only on computers that use DHCP is incorrect; ifup can work on computers that use static IP addresses provided the relevant information is entered correctly.
57 102-400 5 What is the purpose of the -n option to route? It causes no operation to be performed, route reports what it would do if -n were omitted. It precedes the specification of a netmask when setting the route. It limits route’s output to descriptions of non-Internet routes. It forces interpretation of a provided address as a network address rather than a host address. It causes machines to be identified by IP address rather than hostname in output. E. The -n option is used when you want to use route to display the current routing table, and it does as option E specifies. There is no route parameter that behaves as options A or C specify. Option B describes the purpose of the netmask parameter to route. Option D describes the purpose of the -net parameter to route.
58 102-400 5 What is the purpose of /etc/resolv.conf? It holds the names of network protocols and the port numbers with which they’re associated. It controls whether the computer’s network options are configured statically or via a DHCP server. It specifies the IP address of a DHCP server from which the computer attempts to obtain an IP address. It holds the routing table for the computer, determining the route that network packets take to other computers. It sets the computer’s default search domain and identifies (by IP address) the name servers that the computer may use. E. Option E correctly identifies the function of /etc/resolv.conf. Option A describes the purpose of /etc/services. Various distribution-specific configuration files perform the function described in option B, but /etc/resolv.conf is not one of these files. A DHCP client sends a broadcast to locate a DHCP server; there is no client configuration file that holds the DHCP server’s address, as option C describes. The routing table is maintained internally, although basic routing information may be stored in distribution-specific configuration files, so option D is also incorrect.
59 102-400 2 Which of the following entries are found in the /etc/hosts file? A list of hosts allowed to access this one remotely Mappings of IP addresses to hostnames A list of users allowed to access this host remotely Passwords for remote web administration A list of port numbers and their associated protocols B. The /etc/hosts file holds mappings of IP addresses to hostnames, on a one-line-per-mapping basis. Thus option B is correct. The file does not list the users (option C) or other hosts (option A) allowed to access this one remotely, affect remote administration through a web browser (option D), or map port numbers to protocols (option E).
60 102-400 4 How can you reconfigure Linux to use DNS queries prior to consulting /etc/hosts? Edit the /etc/resolv.conf file, and be sure the nameserver dns line comes before the nameserver files line. As root, type nslookup dns. Edit the /etc/named.conf file, and change the preferred-resolution option from files to dns. Edit /etc/nsswitch.conf, and change the order of the files and dns options on the hosts: line. As root, type dig local dns. D. The /etc/nsswitch.conf file controls the order of name resolution, among other things. Option D correctly describes the procedure for changing the order in which Linux performs name resolution. The /etc/resolv.conf file mentioned in option A controls the DNS servers that Linux consults, but it doesn’t control access to /etc/hosts. Option B’s nslookup command resolves a hostname, so option B will return the IP address of the computer called dns, if Linux can find such a system. The /etc/named.conf file of option C is the configuration file for the standard name server. This server isn’t likely to be installed on most Linux systems, and even if it is, the procedure described in option C is invalid. Like option B’s nslookup, option E’s dig looks up hostname-to-IP-address mappings, so option E will display such mappings for the computers called local and dns, if they exist.
61 102-400 4 Which environment variable stores the format for the command prompt? PROMPT PSI PAGER PS1 None of these variables store the format for the command prompt. D. The PS1 environment variable contains various formatting codes preceded by a backslash (\) as well as text to be included in the primary command prompt. Therefore, option D is correct. There is no environment variable called PROMPT, nor is there an environment variable called PSI, so options A and B are incorrect. Programs that use a pager, such as less or more, use the PAGER environment variable. If the variable is set, the programs use the pager listed in the variable. Therefore, option C is incorrect. Option D is correct, so option E is incorrect.
62 102-400 1 You want to create a shortcut command for the command cd ~/papers/trade. Which of the following lines, if entered in a bash startup script, will accomplish this goal? alias cdpt='cd ~/papers/trade' export cdpt='cd ~/papers/trade' alias cdpt 'cd ~/papers/trade' alias cd 'cdpt ~/papers/trade' env cdpt `cd ~/papers/trade` A. The alias built-in command creates a duplicate name for a (potentially much longer) command. Option A shows the correct syntax for using this built-in command. It causes the new alias cdpt to work like the much longer cd ~/papers/trade. The export command in option B creates an environment variable called cdpt that holds the value cd ~/papers/trade. This will have no useful effect. Option C, if placed in a bash startup script, will cause an error because it uses incorrect alias command syntax, as does option D. Although env is a valid command, it’s used incorrectly in option E, and so this option is incorrect.
63 102-400 5 What is the purpose of the EDITOR environment variable? If it’s set to Y (the default), the shell environment permits editing of commands if it’s set to N, such editing is disallowed. It specifies the filename of the text editor that bash uses by default while you’re entering commands at its prompt. If you type edit filename at a command prompt, the program specified by EDITOR will be launched. If it’s set to GUI, programs call a GUI editor, if it’s set to TEXT, programs call a textbased editor. Some programs refer to EDITOR to determine what external editor to launch when they need to launch one. E. Some programs use the EDITOR environment variable as described in option E. Contrary to option A, the EDITOR environment variable has nothing to do with command-line editing. When you’re typing at a bash command prompt, bash itself provides simple editing features, so option B is incorrect. (You can launch the editor specified by $EDITOR by typing Ctrl+X followed by Ctrl+E, though.) The edit command doesn’t behave as option C suggests. (This command may be configured differently on different systems.) You can create links called GUI and TEXT to have the EDITOR environment variable behave as option D suggests, but this isn’t a normal configuration.
64 102-400 3 In what environment variable is the current working directory stored? PATH CWD PWD PRESENT WORKING C. The PWD environment variable holds the present working directory, so option C is correct. The PATH environment variable (option A) holds a colon-delimited list of directories in which executable programs are stored so that they may be run without specifying their complete pathnames. There are no standard CWD, PRESENT, or WORKING environment variables, so options B, D, and E are all incorrect.
65 102-400 1 3 If typed in a bash shell, which of the following commands will create an environment variable called MYVAR with the contents mystuff that will be accessible to any created subshells? (Choose all that apply.) export MYVAR='mystuff' MYVAR='mystuff' MYVAR='mystuff'; export MYVAR echo $MYVAR mystuff setenv MYVAR mystuff A, C. Option A creates the desired environment variable. Option C also creates the desired environment variable. It combines the variable setting and the export of the MYVAR variable using a different method than option A uses. It combines the two commands on one line using a semicolon (;). Option B creates a local variable—but not an environment variable—called MYVAR, holding the value mystuff. After typing option B, you can also type export MYVAR to achieve the desired goal, but option B by itself is insufficient. Option D displays the contents of the MYVAR variable and also echoes mystuff to the screen, but it doesn’t change the contents of any environment variable. Option E’s setenv isn’t a valid bash command, but it will set an environ- ment variable in tcsh.
66 102-400 5 What file might a user modify to alter their own bash environment? /etc/inputrc /etc/bashrc $HOME/bashrc $HOME/.profile_bash ~/.bashrc E. The ~/.bashrc file is a non-login bash startup script file. As such, it can be used to alter a user’s bash environment, and option E is correct. The /etc/inputrc file is a global bash configuration file for keyboard customization and setting terminal behavior. The ~/.inputrc file is for users to create or modify their own keyboard configuration file. Therefore, option A is incorrect. The /etc/bashrc file is a global bash startup script. Editing it will modify users’ bash environments, but an individual user should not be able to modify it, so option B is incorrect. There is no standard $HOME/bashrc file because the filename is missing its prefixed period (.). Thus, option C is incorrect. Likewise, option D’s $HOME/.profile_bash doesn’t refer to a user’s con- figuration file and is incorrect. However, there is a $HOME/.bash_profile bash configuration file.
67 102-400 1 4 What commands might you use (along with appropriate options) to learn the value of a specific environment variable? (Select two.) env DISPLAY export echo cat A, D. The env command displays all defined environment variables, so option A satisfies the question. (In practice, you might pipe the results through grep to find the value of a specific environment variable.) The echo command, when passed the name of a specific environment variable, displays its current value, so option D is also correct. DISPLAY is an environment variable, but it’s not a command for displaying environment variables, so option B is incorrect. You can use the export command to create an envi- ronment variable but not to display the current settings for one, so option C is incor- rect. Option E’s cat command concatenates files or displays the contents of a file to the screen, but it doesn’t display environment variables.
68 102-400 2 Immediately after creating a shell script called a_script.sh in a text editor, which method will not work to run the script? Typing bash a_script.sh at the command line. Typing ./a_script.sh at the command line. Typing . a_script.sh at the command line. Typing source a_script.sh at the command line. Any of the above will work. B. Before using the ./ execution method, the script must have at least one executable bit set. Therefore, an error will be generated since chmod was not used to modify the execute permissions on the a_script file. Thus Option B is the correct choice since it would not work. Option A uses the bash command to execute a script, and this will work fine without any file permission changes. Likewise, when you source a file using either the source command or a dot (.) and a space, there is no need to modify a scripts permission bits before executing the file. Therefore, option C and option D are incorrect because they also work fine.
69 102-400 3 Describe the effect of the following short script, cp1.sh, if it’s called as cp1.sh big.c big.cc: #!/bin/bash cp $2 $1 It has the same effect as the cp command—copying the contents of big.c to big.cc. It compiles the C program big.c and calls the result big.cc. It copies the contents of big.cc to big.c, eliminating the old big.c. It converts the C program big.c into a C++ program called big.cc. It interprets the big.c and big.cc files as bash scripts. C. The cp command is the only one called in the script, and that command copies files. Because the script passes the arguments ($1 and $2) to cp in reverse order, their effect is reversed—where cp copies its first argument to the second name, the cp1.sh script copies the second argument to the first name. Thus, option C is correct. Because the order of arguments to cp is reversed, option A is incorrect. The cp command has nothing to do with compiling (option B) or converting (option D) C or C++ programs, so neither does the script. The reference to /bin/bash in the first line of the script identifies the script itself as being a bash script; it does not cause the arguments to the script to be run as bash scripts, so option E is incorrect.
70 102-400 5 Where are the commands iterated by the loop located within the loop? Within the then statement section Between the double semicolons (;;) Within the case and esac constructs Within the test statement Between do and done constructs E. The commands iterated by the for, while, and until loops are located between the do and done constructs. Therefore, option E is correct. Commands in the then statement section are for an if-then construct, not a loop, thus option A is incorrect. Double semicolons are used for case constructs, but not loops, and so option B is incorrect. The case and esac keywords begin and end a case construct, and thus option C is incorrect. A test statement can be used to determine whether or not a loop’s commands should iterate or not. However, it does not contain the actual commands to be iterated, and therefore option D is incorrect.
71 102-400 2 3 Which of the following lines identify valid shell scripts on a normally configured system? (Select two.) #!/bin/script #!/bin/bash #!/bin/tcsh !#/bin/sh !#/bin/zsh B, C. Valid shell scripts begin with the characters #! and the complete path to a program that can run the script. Options B and C both meet this description, because /bin/bash is a shell program that’s installed on virtually all Linux systems and /bin/tcsh is often also available. There is no standard /bin/script program, so option A is incorrect. Options D and E are both almost correct; /bin/sh is typically linked to a valid shell and /bin/zsh is a valid shell on many systems, but the order of the first two characters is reversed, so these options are incorrect.
72 102-400 1 2 4 Which of the following are valid looping statements in bash shell scripting? (Select all that apply.) for while if-then until case A, B, D. The for, while, and until statements are all valid looping statements in bash, so options A, B, and D are all correct. The if-then statement in bash’s scripting language tests a condition and, if it is true, executes its commands one time only. Therefore, option C is incorrect. The case statement is a conditional, not a looping statement in bash, so option E is incorrect.
73 102-400 2 Your SMTP email server receives a message addressed to postmaster. The postmaster username has an alias of john on this computer. Assuming that the system is properly configured, who will receive the email message? postmaster john The account listed in ~/.forward root No user, because an alias was set B. When aliases are properly configured, any email addresses sent to the email with an alias is received by the alias account. Therefore, option B is correct. The postmaster username would not receive the email because the alias is set to john, and so option A is incorrect. The ~/.forward file is associated with email forwarding, not aliases. Therefore, option C is incorrect. There is no reason for root to receive this email, so option D is incorrect. An alias does allow email to be sent to the alias account, so the statement in Option E does not make sense and is incorrect.
74 102-400 3 Which of the following is not a popular SMTP server for Linux? Postfix Sendmail Fetchmail Exim qmail C. The Fetchmail program is a tool for retrieving email from remote POP or IMAP servers and injecting it into a local (or remote) SMTP email queue. As such, it’s not an SMTP server, so option C is correct. Postfix (option A), sendmail (option B), Exim (option D), and qmail (option E) are all popular SMTP email servers for Linux.
75 102-400 2 You see the following line in a script: mail -s "Error" -c abort < /tmp/msg root What is the effect of this line, if and when it executes? An email is sent to the user Error, the script is aborted using root privileges, and error messages are written to /tmp/msg. An email with the subject of Error and the contents from /tmp/msg is sent to the local users root and abort. An email with the subject of Error and the contents of /tmp/msg is sent to the local user root, and then the script is aborted. An email is sent with Error priority to the local user root, and the email system is then shut down with error messages being stored in /tmp/msg. An email with the subject of Error and contents of /tmp/msg is sent to root, and information on this is logged with priority abort. B. The -s option to mail sets the message subject line, and -c sets carbon copy (cc:) recipients. Input redirection (via <) reads the contents of a line into mail as a message. A mail command line normally terminates with the primary recipient. Thus, option B correctly describes the effect of the specified line. Options A, C, D, and E are all confused in their interpretation of the effects of mail parameters. Options A, B, and D also confuse input and output redirection, and option A incorrectly suggests that a script (or the mail program) can elevate its run status to root privileges.
76 102-400 4 Your Internet connection has gone down for several hours. What command can you use to check if there is a long list of jobs in the email queue? service sendmail status lp -d queue ~/Maildir sendmail -bq mailq ls /var/spool D. To view your mail queue, use the mailq command (option D). The service sendmail status command is a SysV service status command and does not show mail queues, so option A is incorrect. Option B is a printer command and is therefore incorrect. Option C is close, but the correct command is sendmail -bp not -bq. Option E will show you the various directories within /var/spool and is therefore not the correct command.
77 102-400 2 You examine your /etc/aliases file and find that it contains the following line: root: jody What can you conclude from this? Email addressed to jody on this system will be sent to the local user root. Email addressed to root on this system will be sent to the local user jody. The local user jody has broken into the system and has acquired root privileges. The local user jody has permission to read email directly from root’s mail queue. The administrator may log in using either username: root or jody. B. The /etc/aliases file configures system-wide email forwarding. The specified line does as option B describes. A configuration like this one is common. Option A has things reversed. Option C is not a valid conclusion from this evidence alone, although an intruder conceivably may be interested in redirecting root’s email, so if jody shouldn’t be receiving root’s email, this should be investigated further. Although the effect of option D (jody reading root’s email) is nearly identical to the correct answer’s effect, they are different; jody cannot directly access the file or directory that is root’s email queue. Instead, the described configuration redirects root’s email into jody’s email queue. Thus, option D is incorrect. Because /etc/aliases is an email configuration file, not an account configuration file, it can’t have the effect described in option E.
78 102-400 2 You’ve just installed MySQL and run it by typing mysql. How would you create a database called fish to store data on different varieties of fish? Type NEW DATABASE fish; at the mysql> prompt. Type CREATE DATABASE fish; at the mysql> prompt. Type NEW DATABASE FISH; at the mysql> prompt. Type DATABASE CREATE fish; at the mysql> prompt. Type DB CREATE fish; at the mysql> prompt. B. The CREATE DATABASE command creates a new database with the specified name. Because SQL commands are case insensitive, this command may be typed in uppercase or lowercase, and option B is correct. Options A and C both use the incorrect com- mand NEW rather than CREATE, and option C specifies the database name as FISH rather than fish. (Database names are case sensitive.) Option D reverses the order of the CREATE and DATABASE keywords. Option E uses the fictitious command DB.
79 102-400 1 4 Which of the following are true statements about SQL tables? (Select two.) Multiple tables may exist in a single SQL database. Tables may be combined for cross-table searches using the DROP command. Tables consist of rows, each of which holds attributes, and columns, each of which defines a specific database item. Careful table design can reduce the amount of data entry and database storage size. Tables are stored on disk using a lossy compression algorithm. A, D. A single database may hold multiple tables, as option A suggests. Option D is also correct; if data is split across tables (such as into tables describing objects generically and specifically), databases can be more space efficient. Option B is incorrect because the DROP command doesn’t combine tables—it deletes a table! Option C is incorrect because it reverses the meaning of rows and columns in a SQL table. A lossy compression algorithm, as the name suggests, deliberately corrupts or loses some data—an unacceptable option for a text database, making option E incorrect. (Lossy compression is used for some audio and video file formats, though.)
80 102-400 3 What is the effect of the following SQL command, assuming the various names and data exist? mysql> UPDATE stars SET magnitude=2.25 WHERE starname='Mintaka'; It returns database entries from the stars table for all stars with magnitude of 2.25 and starname of Mintaka. It sets the value of the stars field in the magnitude set to Mintaka, using a precision of 2.25. It sets the value of the magnitude field to 2.25 for any item in the stars table with the starname value of Mintaka. It combines the stars and magnitude=2.25 tables, returning all items for which the starname is Mintaka. It updates the stars database, creating a new entry with a starname value of Mintaka and a magnitude of 2.25. C. The UPDATE command modifies existing database table entries, and in this case it does so as option C describes. Option B also describes an update operation, but in a confused and incorrect way. Options A and D both describe database retrieval operations, but UPDATE doesn’t retrieve data. Option E mistakenly identifies stars as a database name, but it’s a table name, and it mistakenly identifies the operation as adding a new entry (INSERT in SQL) rather than as modifying an existing entry (UPDATE in SQL).
81 102-400 5 Typing lsof -i | grep LISTEN as root produces three lines of output, corresponding to the sendmail, sshd, and proftpd servers. What can you conclude about the security of this system? Everything is OK, the presence of sshd ensures that data are being encrypted via SSH. The sendmail and sshd servers are OK, but the FTP protocol used by proftpd is insecure and should never be used. The sendmail server should be replaced by Postfix or qmail for improved security, but sshd and proftpd are fine. Because sendmail and proftpd both use unencrypted text-mode data transfers, neither is appropriate on a network-connected computer. No conclusion can be drawn without further information, the listed servers may or may not be appropriate or authentic. E. The server names alone are insufficient to determine whether they’re legitimate. The computer in question may or may not need to run any of these servers, and their presence may or may not be intentional, accidental, or the sign of an intrusion. Thus, option E is correct. Contrary to option A, the mere presence of an SSH server does not ensure security. Although, as option B asserts, FTP is not a secure protocol, it’s still useful in some situations, so the mere presence of an FTP server is not, by itself, grounds for suspicion. Similarly, in option C, although some administrators prefer Postfix or qmail to sendmail for security reasons, sendmail isn’t necessarily bad, and the names alone don’t guarantee that the sshd and proftpd servers are legitimate. As option D states, sendmail and proftpd both use unencrypted text-mode transfers, but this is appropriate in some situations, so option D is incorrect.
82 102-400 3 As part of a security audit, you plan to use Nmap to check all of the computers on your network for unnecessary servers. Which of the following tasks should you do prior to running your Nmap check? Back up /etc/passwd on the target systems to eliminate the possibility of it being damaged. Obtain the root passwords to the target systems so that you can properly configure them to accept the Nmap probes. Obtain written permission from your boss to perform the Nmap sweep. Configure /etc/sudoers on the computer you intend to use for the sweep, to give yourself the ability to run Nmap. Disable any firewall between the computer that’s running Nmap and the servers you intend to scan. C. Although Nmap and other port scanners are useful security tools, troublemakers also use them, and many organizations have policies restricting their use. Thus, you should always obtain permission to use such tools prior to using them, as option C specifies. A port scanner can’t cause damage to /etc/passwd, so there’s no need to back it up, contrary to option A. A port scanner also doesn’t need the root password on a target system to operate, so you don’t need this information, making option B incorrect. (In fact, asking for the root password could be seen as extremely suspicious!) Although you could use sudo to run Nmap, there’s no need to do so to perform a TCP scan, and you can perform a UDP scan by running Nmap as root in other ways (such as via a direct login or by using su). Thus, option D isn’t strictly necessary, although you might want to tweak /etc/sudoers as a matter of system policy. Because a firewall is part of your network’s security, you probably want it running when you perform a network scan, contrary to option E. Furthermore, it would be safer to leave the firewall running and scan from behind it if you want to test the security of the network in case of a firewall breach.
83 102-400 3 Your login server is using PAM, and you want to limit users’ access to system resources. Which configuration file will you need to edit? /etc/limits.conf /etc/pam/limits.conf /etc/security/limits.conf /etc/security/pam/limits.conf /usr/local/limits.conf C. The /etc/security/limits.conf (option C) file holds the configuration settings that allow you to limit users’ access. The other options listed don’t give the correct path to this file.
84 102-400 1 2 3 Which of the following tools might you use to check for open ports on a local computer? (Select three.) Nmap netstat lsof portmap services A, B, C. Nmap (option A) is usually used to perform scans of remote computers, but it can scan the computer on which it’s run as well. The netstat (option B) and lsof (option C) utilities can both identify programs that are listening for connections (that is, open ports) on the local computer. The Network File System (NFS) and some other servers use the portmap program (option D), but it’s not used to identify open ports. There is no standard Linux services program (option E), although the /etc/services file holds a mapping of port numbers to common service names.
85 102-400 2 Which of the following commands will locate all of the program files on a computer on which the SUID bit is set? find / -type SUID find / -perm +4000 -type f find / -perm +SUID -type f find / -type +4000 find / -suid B. The -perm option to find locates files with the specified permissions, and +4000 is a permission code that matches SUID files. The -type f option restricts matches to files in order to avoid false alarms on directories. Option B uses these features correctly. Options A, C, and D use these features incorrectly. Option E specifies a fictitioussuid parameter to find.
86 102-400 1 The /etc/sudoers file on a computer includes the following line. What is its effect? %admin ALL=(ALL) ALL Members of the admin group may run all programs with root privileges by using sudo. Users in the admin user alias, defined earlier in the file, may run all programs with root privileges by using sudo. The admin user alias is defined to include all users on the system. The admin command alias is defined to include all commands. The user admin may run all programs on the computer as root by using sudo. A. Option A correctly describes the meaning of the specified line. A percent sign (%) identifies a Linux group name, and the remainder of the line tells sudoers to enable users of that group to run all programs as root by using sudo. The remaining options all misinterpret one or more elements of this configuration file entry.
87 102-400 2 Which command would you type, as root, to discover all the open network connections on a Linux computer? lsof -c a netstat -ap ifconfig eth0 nmap -sT localhost top -net B. The netstat command can do what is described in the question. The -ap options to the command are good choices to discover all the open network connections, so option B is correct. Although lsof can also accomplish the job, the -c a option is incorrect; this option restricts output to processes whose names begin with a. Thus, option A is incorrect. Option C’s ifconfig command doesn’t display open network connections, so it’s incorrect. Although option D’s nmap command will locate ports that are open on the localhost interface, it doesn’t locate all open connections, nor does it locate connections on anything but the localhost interface. Option E’s top command displays a list of processes sorted by CPU use, not open network connections (-net is an invalid option to top as well).
88 102-400 4 A server/computer combination appears in both hosts.allow and hosts.deny. What’s the result of this configuration when TCP wrappers runs? TCP wrappers refuses to run and logs an error in /var/log/messages. The system’s administrator is paged to decide whether to allow access. hosts.deny takes precedence, the client is denied access to the server. hosts.allow takes precedence, the client is granted access to the server. The client is granted access to the server if no other client is currently accessing it. D. Option D is correct. TCP wrappers uses this feature to allow you to override broad denials by adding more specific access permissions to hosts.allow, as when setting a default deny policy (ALL : ALL) in hosts.deny.
89 102-400 3 When is the bind option of xinetd most useful? When you want to run two servers on one port When you want to specify computers by name rather than IP address When xinetd is running on a system with two network interfaces When resolving conflicts between different servers When xinetd manages a DNS server program C. The bind option of xinetd lets you tie a server to just one network interface rather than link to them all, so option C is correct. It has nothing to do with running multiple servers on one port (option A), specifying computers by hostname (option B), resolving conflicts between servers (option D), or the Berkeley Internet Name Domain (BIND) or any other DNS server (option E).
90 102-400 1 4 You’ve discovered that the Waiter program (a network server) is running inappropriately on your computer. You therefore locate its startup script and shut it down by removing that script. How can you further reduce the risk that outsiders will abuse the Waiter program? (Select two.) By blocking the Waiter program’s port using a firewall rule By reading the Waiter program’s documentation to learn how to run it in stealth mode By tunneling the Waiter program’s port through SSH By uninstalling the Waiter package By uninstalling any clients associated with Waiter from the server computer A, D. Using a firewall rule to block Waiter’s port, as in option A, can increase security by providing redundancy; if Waiter is accidentally run in the future, the firewall rule will block access to its port. Uninstalling the program, as in option D, improves security by reducing the risk that the program will be accidentally run in the future. Most programs don’t have a “stealth” mode, so option B is incorrect. (Furthermore, reading the documentation isn’t enough; to improve security, you must change some configuration.) Tunneling Waiter’s connections might have some benefit in some situations, but this configuration requires setup on both client and server computers and by itself leaves the server’s port open, so option C is incorrect. Clients associated with the server program, installed on the server computer, pose little or no risk of abuse of the associated server; the clients on other computers are most likely to be used to abuse a server program, and you can’t control that. Thus option E is incorrect.
91 102-400 2 You want to use xinetd access controls to limit who may access a server that’s launched via xinetd. Specifically, only users on the 192.168.7.0/24 network block should be able to use that server. How may you do this? Enter hosts_allowed = 192.168.7.0/24 in the /etc/xinetd.conf configuration file for the server in question. Enter only_from = 192.168.7.0/24 in the /etc/xinetd.conf configuration file for the server in question. Enter server : 192.168.7., where server is the server’s name, in the /etc/hosts.allow file. Enter server : 192.168.7., where server is the server’s name, in the /etc/hosts.deny file. Type iptables -L 192.168.7.0 to enable only users of 192.168.7.0/24 to access the server. B. Option B correctly describes how to accomplish this goal. Option A is incorrect because the hosts_allowed option isn’t a legal xinetd configuration file option. Option C correctly describes how to configure the described restriction using TCP wrappers, which is generally used with inetd, but it’s not the way this is done using xinetd. Option D is also a TCP wrappers description, but it reverses the meaning. Option E’s iptables utility configures a firewall. Although a firewall rule could be a useful redundant measure, the question specifies an xinetd configuration, and option E’s use of iptables is incorrect.
92 102-400 2 Of the following, which is the best password? Odysseus iA71Oci^My~~~~~~ pickettomato Denver2Colorado 123456 B. Ideally, passwords should be completely random but still memorable. Option B’s password was generated from a personally meaningful acronym and then modified to change the case of some letters, add random numbers and symbols, and extend its length using a repeated character. This creates a password that’s close to random but still memorable. Option A uses a well-known mythological figure, who is likely to be in a dictionary. Option C uses two common words, which is arguably better than option A, but not by much. Option D uses two closely related words separated by a single number, which is also a poor choice for a password. Option E uses a sequential series of numbers, which is a poor (but sadly common) password choice.
93 102-400 1 Which of the following types of attacks involves sending bogus email to lure unsuspecting individuals into divulging sensitive financial or other information? Phishing Script kiddies Spoofing Ensnaring Hacking A. Phishing (option A) involves sending bogus email or setting up fake websites that lure unsuspecting individuals into divulging sensitive financial information or other sensitive information. Script kiddies (option B) are intruders who use root kits. Spoof- ing (option C) involves pretending that data is coming from one computer when it’s coming from another. Ensnaring (option D) isn’t a type of attack. Hacking (option E) refers to either lawful use of a computer for programming or other advanced tasks or breaking into computers.
94 102-400 3 Ordinary users report being unable to log onto a computer, but root has no problems doing so. What might you check to explain this situation? A misbehaving syslogd daemon A login process that’s running as root The presence of an /etc/nologin file The presence of an SUID bit on /bin/login Inappropriate use of shadow passwords C. The /etc/nologin file, if present, prevents logins from ordinary users; only root may log in. You might set this file when performing maintenance and then forget to remove it, thus explaining the symptoms in the question. Thus, option C is correct. The syslogd daemon mentioned in option A records system messages, and it is unlikely to produce the specified symptoms. The login process ordinarily runs as root and is normally SUID root, so options B and D are also incorrect. Shadow passwords, as in option E, are used on almost all modern Linux systems and are not likely to cause these symptoms.
95 102-400 2 3 Which servers might you consider retiring after activating an SSH server? (Select two.) SMTP Telnet FTP NTP Samba B, C. SSH is most directly a replacement for Telnet (option B), but SSH also includes file-transfer features that enable it to replace FTP (option C) in many situations. SSH is not a direct replacement for the Simple Mail Transfer Protocol (SMTP, option A), the Network Time Protocol (NTP, option D), or Samba (option E).
96 102-400 1 You find that the ssh_host_dsa_key file in /etc/ssh has 0666 (-rw-rw-rw-) permissions. Your SSH server has been in operation for several months. Should you be concerned? Yes No Only if the ssh_host_dsa_key.pub file is also world-readable Only if you’re launching SSH from a super server Only if you’re using a laptop computer A. The ssh_host_dsa_key file holds one of three critical private keys for SSH. The fact that this key is readable (and writeable!) to the entire world is disturbing, so option A is correct. In principle, a troublemaker who has acquired this file might be able to redirect traffic and masquerade as your system, duping users into delivering passwords and other sensitive data. Because of this, option B (no) is an incorrect response, and the conditions imposed by options C, D, and E are all irrelevant, making all of these options incorrect.
97 102-400 2 For best SSH server security, how should you set the Protocol option in /etc/ssh/sshd_config? Protocol 1 Protocol 2 Protocol 1,2 Protocol 2,1 Protocol * B. SSH protocol level 2 is more secure than protocol level 1; thus option B (specifying acceptance of level 2 only) is the safest approach. Option A is the least safe approach because it precludes the use of the safer level 2. Options C and D are exactly equivalent in practice; both support both protocol levels. Option E is invalid.
98 102-400 5 Why is it unwise to allow root to log on directly using SSH? Disallowing direct root access means that the SSH server may be run by a non-root user, improving security. The root password should never be sent over a network connection, allowing root logins in this way is inviting disaster. SSH stores all login information, including passwords, in a publicly readable file. When logged on using SSH, root’s commands can be easily intercepted and duplicated by undesirable elements. Somebody with the root password but no other password can then break into the computer. E. Allowing only normal users to log in via SSH effectively requires two passwords for any remote root maintenance, improving security, so option E is correct. Whether or not you permit root logins, the SSH server must normally run as root, since SSH uses port 22, a privileged port. Thus, option A is incorrect. SSH encrypts all connections, so it’s unlikely that the password, or commands issued during an SSH session, will be intercepted, so option B isn’t a major concern. (Nonetheless, some administrators prefer not to take even this small risk.) SSH doesn’t store passwords in a file, so option C is incorrect. Because SSH employs encryption, option D is incorrect (this option better describes Telnet than SSH).
99 102-400 4 You’ve downloaded a GPG public key from a website into the file fredkey.pub. What must you do with this key to use it? Type inspect-gpg fredkey.pub. Type gpg --readkey fredkey.pub. Type import-gpg fredkey.pub. Type gpg --import fredkey.pub. Type gpg-import fredkey.pub. D. Option D provides the correct command to import fredkey.pub prior to use. The inspect-gpg, import-gpg, and gpg-import commands of options A, C, and E are fictitious, and there is no --readkey option to gpg, as option B suggests.

View File

@ -1,89 +0,0 @@
"LEVEL","ANSWER","QUESTION",1,2,3,4,5
"101-500",,"Which of the following commands is used to view kernel-related udev events in real time?","udevis all","lsudev -f","udevmon -a","udevadm monitor",
"101-500",,"Which command enables you to view the current interrupt request (IRQ) assignments?","view /proc/irq","cat /proc/interrupts","cat /dev/irg","less /dev/irg",
"101-500",,"Configuration of udev devices is done by working with files in which directory?","/udev/devices","/devices/","/udev/config","/etc/udev",
"101-500",,"Which command is used to automatically load a module and its dependencies?","modprobe","lsmod","insmod","rmmod",
"101-500",,"Which command is used to obtain a list of USB devices?","usb-list","lsusb","1s -usb","1s --usb",
"101-500",,"When working with hotplug devices, you need to gather more information about them through udevadm. Which udevadm command enables you to query the udev database for information on a device?","query","info","getinfo","devinfo",
"101-500",,"Which command can be used to view the kernel ring buffer in order to troubleshoot the boot process?","lsboot","boot-log","krblog","dmesg",
"101-500",,"During the initialization process for a Linux system using SysV init, which runlevel corresponds to single-user mode?","Runlevel 5","Runlevel SU","Runlevel 1","Runlevel 6",
"101-500",,"On a system using SysV init, in which directory are the startup and shutdown scripts for services stored?","/etc/init-d","/etc/init","/etc/sysV","/etc/init.d",
"101-500",,"Which command can be used to reboot a system?","init 6","shutdown -h -t now","init 1","refresh-system",
"101-500",,"When using an SysV init-based system, which command would you use if you make changes to the /etc/inittab file and want those changes to be reloaded without a reboot?","init-refresh","init 6","telinit","reload-inittab",
"101-500",,"Which command displays the current runlevel for a system?","show-level","init --level","sudo init","runlevel",
"101-500",,"Within which folder are systemd unit configuration files stored?","/etc/system.conf.d","/lib/system.conf.d","/lib/systemd/system","/etc/sysconfd",
"101-500",,"Which command is used with systemd in order to list the available service units?","systemd List-units","systemctl list-units","systemd unit-list","systemctl show-units",
"101-500",,"Which option to lspci is used to display both numeric codes and device names?","-numdev","-n","-nn","-devnum",
"101-500",,"Which command can be used to obtain a list of currently loaded kernel modules?","insmod","modlist","1s --modules","1smod",
"101-500",,"Which option to the modprobe command shows the dependencies for a given module?","--show-options","--list-deps","--show-depends","--list-all",
"101-500",,"Which command can you use to send a message to all users who are currently logged into a system?","cat","wall","tee","ssh",
"101-500",,"Which of the following is a good first troubleshooting step when a hard disk is not detected by the Linux kernel?","Unplug the disk.","Check the system BIOS.","Restart the web server service.","Run the disk-detect command.",
"101-500",,"Within which directory is information about USB devices stored?","/etc/usbdevices","/var/usb","/lib/sys/usb","/sys/bus/usb/devices",
"101-500",,"If the kernel ring buffer has been overwritten, within which file can you look to find boot messages?","/var/log/bootmessages","/var/log/mail.info","/var/adm/log/boot. info","/var/log/dmesg",
"101-500",,"Which command and option can be used to determine whether a given service is currently loaded?","systemctl --1s","telinit","systemctl status","sysctl -a",
"101-500",,"Which command on a systemd-controlled system would place the system into single-user mode?","systemctl one","systemctl isolate rescue. target","systemctl single-user","systemctl runlevel one",
"101-500",,"Which command on a system controlled by Upstart will reload the configuration files?","initctl reload","systemd reload","upstart --reload","ups -reload",
"101-500",,"When working with a SysV system, which option to chkconfig will display all services and their runlevels?","--reload","--list","--all","--ls",
"101-500",,"A drive connected to USB is considered which type of device?","Medium","Coldplug","Hotplug","Sideplug",
"101-500",,"The system is using a temporary flash USB disk for data mounted at /dev/sdal. You need to remove the disk. Which of the following commands will enable the disk to be safely removed from the system?","usbstop /dev/sda","umount /dev/sdal","unmount /dev/sdal","dev-eject /dev/sdal",
"101-500",,"You have connected a USB disk to the system and need to find out its connection point within the system. Which of the following is the best method for accomplishing this task?","Rebooting the system","Viewing the contents of /var/log/usb. log","Connecting the drive to a USB port that you know the number of","Running dmesg and looking for the disk",
"101-500",,"Which of the following commands will initiate an immediate shutdown of the system?","shutdown -c","halt","systemd stop","stop-system",
"101-500",,"Which option within a systemd service file indicates the program to execute?","StartProgram","ShortCut","ExecStart","Startup",
"101-500",,"Which command will display the default target on a computer running systemd?","systemctl defaults","update-rc.d defaults","systemctl runlevel","systemctl get-default",
"101-500",,"Which option to the systemctl command will change a service so that it runs on the next boot of the system?","enable","startonboot","loadonboot","start",
"101-500",,"Which of the following best describes the /proc filesystem?","/proc contains information about files to be processed.","/proc contains configuration files for processes.","/proc contains information on currently running processes, including the kernel.","/proc contains variable data such as mail and web files.",
"101-500",,"Which command will retrieve information about the USB connections on a computer in a tree-like format?","lsusb -tree","lsusb --tree","lsusb -t","usblist --tree",
"101-500",,"What is one reason why a device driver does not appear in the output of lsmod, even though the device is loaded and working properly?","The use of systemd means that drivers are not required for most devices.","The use of initramfs means that support is enabled by default.","The system does not need a driver for the device.","Support for the device has been compiled directly into the kernel.",
"101-500",,"Which option to rmmod will cause the module to wait until its no longer in use to unload the module?","-test","-f","-w","-unload",
"101-500",,"You are using a storage area network (SAN) that keeps causing errors on your Linux system due to an improper kernel module created by the SAN vendor. When the SAN sends updates, it causes the filesystem to be mounted as read-only. Which command and option can you use to change the behavior of the filesystem to account for the SAN bug?","mount --continue","tune2fs -e continue","mkfs --no-remount","mount -o remount",
"101-500",,"Within which directory are rules related to udev stored?","/etc/udev.conf","/etc/udev.conf.d","/etc/udev/rules.d","/etc/udev.d",
"101-500",,"Which option to Lspci displays the kernel driver in use for the given Peripheral Component Interconnect (PCI) device?","-t","-k","-n","-a",
"101-500",,"Within which of the following directories will you find blacklist information for modules loaded with modprobe?","/etc/blacklist","/etc/modprobe.d","/etc/blacklist.mod","/etc/modprobe",
"101-500",,"When working with a CentOS 6 system, which command is used to create the initial RAM disk?","mkinit","dracut","mkraminit","mkinitfs",
"101-500",,"Within which file will you find a list of the currently available kernel symbols?","/proc/kernelsyms","/etc/kernel.conf","/etc/syms","/proc/kallsyms",
"101-500",,"Which of the following commands can be used to show the various information related to a currently loaded module, including core size and settings for options?","systool -v -m <module>","modinfo -r <module>","lsmod <module>","infmod <module>",
"101-500",,"Which directory contains various elements and configuration information about the kernel such as the release number, domain name, location of modprobe, and other settings?","/proc/sys/kmod","/proc/sys/kernel","/proc/kernel","/proc/kernel/sys",
"101-500",,"Within which directory should systemd unit files that you create be stored?","/etc/system","/etc/systemd/system","/usr/share/systemd","/usr/share/system",
"101-500",,"Which of the following commands should you execute after making changes to systemd service configurations in order for those changes to take effect?","systemd reload","reboot","systemctl daemon-reload","systemctl reboot",
"101-500",,"Which of the following files contains the runlevels for the system along with a reference to the corresponding rc file?","/etc/runlevels","/etc/inittab","/etc/re","/etc/runlevel",
"101-500",,"Which boot loader can be used for File Allocation Table (FAT) filesystems and might be used for a rescue disk?","SYSBOOT","SYSLINUX","TIELINUX","FATLINUX",
"101-500",,"Which of the following is used to provide an early filesystem-based loading process for key drivers needed to continue the boot process?","bootrd","driverload","initrd","initdrv",
"101-500",,"When booting a system you receive an error similar to ""No init found"" and are then placed at an initramfs prompt. You need to check the hard drive for errors. Which of the following commands performs an error check on a hard drive partition in Linux?","defrag","fsck","checkfs","chkfs",
"101-500",,"Which of the following commands places the system in single-user mode?","tellinit 1","chginit 1","telinet 1","telinit 1",
"101-500",,"Which of the following commands changes the boot order for the next boot?","efibootmgr -c","efibootmgr -b -B","efibootmgr -o","efibootmgr -n",
"101-500",,"Which boot loader can be used with IS09660 CD-ROMS?","ISOLINUX","EFIBOOT","ISOFS","BOOTISO",
"101-500",,"Within which directory are systemd user unit files placed by installed packages?","/usr/lib/systemd/user","/usr/lib/systemd/system","/usr/systemd","/usr/system",
"101-500",,"When using Unified Extensible Firmware Interface (UEFI), which of the following files can be used as a boot loader?","shim.uefi","shim.efi","shim. fx","efi.shim",
"101-500",,"Which directory on a SysV init-based system contains scripts that are used for starting and stopping services?","/etc/rc.int","/etc/boot","/etc/bootscripts","/etc/init.d",
"101-500",,"Which of the following commands is used to find overriding configuration files on a systemd-based system?","diff","systemctl -diff","systemd-delta","systemctl configoverride",
"101-500",,"Which of the following commands on a Red Hat system lists all of the SysV services set to be executed on boot along with their setting for each runlevel?","rlevel","chkconfig --list","bootldr --list","init --bootlist",
"101-500",,"Which of the following commands, executed from within the UEFI shell, controls the boot configuration?","bootcfg","befg","grub-install","ercfg",
"101-500",,"Which file must exist within /tftpboot on the Trivial File Transfer Protocol (TFTP) server for a system that will use PXELINUX for its boot loader?","pxelinux.tftp","pxelinux.boot","pxelinux.conf","pxelinux.0",
"101-500",,"Which utility can you use on a Debian or Ubuntu system to manage SysV init scripts, such as setting them to run on boot?","bootorder","bootloader","configchk","update-rc.d",
"101-500",,"Which key, pressed during the operating system selection menu, is used to enable editing of the parameters related to boot with GRUB?","v","e","r","y",
"101-500",,"Which systemct1 subcommand is used to switch runlevels?","switch","move","runlevel","isolate",
"101-500",,"When examining the /etc/inittab file, which option signifies the default runlevel to which the system will boot?","default","defaultboot","initdefault","defaultlvl",
"101-500",,"Which of the following is used instead of initrd to provide an early filesystem for essential drivers?","initnext","initramfs","initialize","initfs",
"101-500",,"Which of the following commands sets the default systemd target to multi-user?","systemctl set-default multi-user.target","systemd set-default multi-user. target","systemctl set-def muser.target","systemd set-def muser.target",
"101-500",,"When using a shim for booting a UEFI-based system, which of the following files is loaded after shim.efi?","grubx64.cfg","grub.conf","grubx64.efi","efi.boot",
"101-500",,"Within which hierarchy are files from /etc/init.d linked so that the files are executed during the various runlevels of a SysV system?","/etc/rc.S","/etc/rc","/etc/boot/re","/etc/rc.d",
"101-500",,"What is the name of the unit to which a systemd system is booted in order to start other levels?","default.target","init.target","initial.target","load.target",
"101-500",,"When viewing information in /dev/disk/by-path using the command Ls -1, which of the following filenames represents a logical unit number (LUN) from Fibre Channel?","/dev/fco","pci-0000:1a:00.0-fc-0x500601653ee0025F : 0x0000000000000000","pci-0000:1a:00.0-scsi-0x500601653ee0025f : 0x0000000000000000","/dev/fibreo",
"101-500",,"You have purchased new solid-state drive (SSD) hardware that uses the NVMe (Non-Volatile Memory Express) protocol but cannot find the disks in the normal /dev/sd* location in which you have traditionally found such storage. In which location should you look for these drives?","/dev/nd*","/dev/nvme*","/dev/nv*","/dev/nvme/*",
"101-500",,"Which file contains information about the current md Redundant Array of Inexpensive Disks (RAID) configuration such as the personalities?","/proc/raidinfo","/proc/rhyinfo","/proc/mdraid","/proc/mdstat",
"101-500",,"Which of the following directory hierarchies contains information such as the World Wide Name (WWN) for Fibre Channel?","/sys/class/wwn","/sys/class/fc_host","/sys/class/fclist","/sys/class/fc/wwn",
"101-500",,"Information about logical volumes can be found in which of the following directories?","/dev/lvinfo","/dev/map","/dev/mapper","/dev/lvmap",
"101-500",,"Which of the following commands will examine the PCI subsystem for NVMe-based devices?","psnvme","lsnvme","lspci | grep scsi","lspci | grep -i nvme",
"101-500",,"Which of the following devices is the location of the first Small Computer System Interface (SCSI) tape device detected at boot?","/dev/st1","/dev/sdo","/dev/sdi","/dev/sto",
"101-500",,"Which of the following files should be used to display a message to users prior to logging in locally?","/etc/loginmesg","/etc/logmessage.txt","/etc/issue","/etc/banner",
"101-500",,"Which file contains a message that is displayed after a successful login?","/etc/loginbanner","/etc/issue","/etc/motd","/etc/message",
"101-500",,"Which of the following files can be used to provide a message to users logging in remotely with a protocol such as telnet?","/etc/telnet.msg","/etc/issue.net","/etc/login.msg","/etc/telnet. login",
"101-500",,"Which of the following commands turns off the computer, including removing power, if possible?","systemctl halt","systemctl reboot","systemctl stop","systemctl poweroff",
"101-500",,"Which of the following shutdown commands reboots the system in 15 minutes?","shutdown -r +15","shutdown +15","shutdown -15","shutdown -r 00:15",
"101-500",,"When terminating a process on a SysV init-based system, which command can be used to stop the process?","service","sysv","syscl","servc",
"101-500",,"Which of the following commands show the boot messages captured by systemd?","journalctl -b","systemctl -b","journatctl -bm","journatctl -1",
"101-500",,"Which option to the shutdown command halts or stops the system?","-h","-s","-f","-t",
"101-500",,"Which signal number is used as SIGKILL when used with the kill command?",1,4,9,11,
"101-500",,"Which directory contains rc-related startup scripts on a legacy Debian system?","/etc/init","/etc/inittab","/etc/init.d","/etc/rc.init",
"101-500",,"When attempting to enable an integrated peripheral on a basic input/output system (BIOS) system, what should be done to determine whether the peripheral has been enabled within the BIOS?","Examine boot messages to determine if the kernel has detected the peripheral.","Examine /var/log/auth. Log for detection of the peripheral.","Reboot the system to determine if the device works.","Enable the peripheral by removing it from the blacklisted modules.",
"101-500",,"Which option to the wall command suppresses the ""Broadcast message"" banner that normally displays?","-b","-a","-n","-d",
1 LEVEL ANSWER QUESTION 1 2 3 4 5
2 101-500 Which of the following commands is used to view kernel-related udev events in real time? udevis all lsudev -f udevmon -a udevadm monitor
3 101-500 Which command enables you to view the current interrupt request (IRQ) assignments? view /proc/irq cat /proc/interrupts cat /dev/irg less /dev/irg
4 101-500 Configuration of udev devices is done by working with files in which directory? /udev/devices /devices/ /udev/config /etc/udev
5 101-500 Which command is used to automatically load a module and its dependencies? modprobe lsmod insmod rmmod
6 101-500 Which command is used to obtain a list of USB devices? usb-list lsusb 1s -usb 1s --usb
7 101-500 When working with hotplug devices, you need to gather more information about them through udevadm. Which udevadm command enables you to query the udev database for information on a device? query info getinfo devinfo
8 101-500 Which command can be used to view the kernel ring buffer in order to troubleshoot the boot process? lsboot boot-log krblog dmesg
9 101-500 During the initialization process for a Linux system using SysV init, which runlevel corresponds to single-user mode? Runlevel 5 Runlevel SU Runlevel 1 Runlevel 6
10 101-500 On a system using SysV init, in which directory are the startup and shutdown scripts for services stored? /etc/init-d /etc/init /etc/sysV /etc/init.d
11 101-500 Which command can be used to reboot a system? init 6 shutdown -h -t now init 1 refresh-system
12 101-500 When using an SysV init-based system, which command would you use if you make changes to the /etc/inittab file and want those changes to be reloaded without a reboot? init-refresh init 6 telinit reload-inittab
13 101-500 Which command displays the current runlevel for a system? show-level init --level sudo init runlevel
14 101-500 Within which folder are systemd unit configuration files stored? /etc/system.conf.d /lib/system.conf.d /lib/systemd/system /etc/sysconfd
15 101-500 Which command is used with systemd in order to list the available service units? systemd List-units systemctl list-units systemd unit-list systemctl show-units
16 101-500 Which option to lspci is used to display both numeric codes and device names? -numdev -n -nn -devnum
17 101-500 Which command can be used to obtain a list of currently loaded kernel modules? insmod modlist 1s --modules 1smod
18 101-500 Which option to the modprobe command shows the dependencies for a given module? --show-options --list-deps --show-depends --list-all
19 101-500 Which command can you use to send a message to all users who are currently logged into a system? cat wall tee ssh
20 101-500 Which of the following is a good first troubleshooting step when a hard disk is not detected by the Linux kernel? Unplug the disk. Check the system BIOS. Restart the web server service. Run the disk-detect command.
21 101-500 Within which directory is information about USB devices stored? /etc/usbdevices /var/usb /lib/sys/usb /sys/bus/usb/devices
22 101-500 If the kernel ring buffer has been overwritten, within which file can you look to find boot messages? /var/log/bootmessages /var/log/mail.info /var/adm/log/boot. info /var/log/dmesg
23 101-500 Which command and option can be used to determine whether a given service is currently loaded? systemctl --1s telinit systemctl status sysctl -a
24 101-500 Which command on a systemd-controlled system would place the system into single-user mode? systemctl one systemctl isolate rescue. target systemctl single-user systemctl runlevel one
25 101-500 Which command on a system controlled by Upstart will reload the configuration files? initctl reload systemd reload upstart --reload ups -reload
26 101-500 When working with a SysV system, which option to chkconfig will display all services and their runlevels? --reload --list --all --ls
27 101-500 A drive connected to USB is considered which type of device? Medium Coldplug Hotplug Sideplug
28 101-500 The system is using a temporary flash USB disk for data mounted at /dev/sdal. You need to remove the disk. Which of the following commands will enable the disk to be safely removed from the system? usbstop /dev/sda umount /dev/sdal unmount /dev/sdal dev-eject /dev/sdal
29 101-500 You have connected a USB disk to the system and need to find out its connection point within the system. Which of the following is the best method for accomplishing this task? Rebooting the system Viewing the contents of /var/log/usb. log Connecting the drive to a USB port that you know the number of Running dmesg and looking for the disk
30 101-500 Which of the following commands will initiate an immediate shutdown of the system? shutdown -c halt systemd stop stop-system
31 101-500 Which option within a systemd service file indicates the program to execute? StartProgram ShortCut ExecStart Startup
32 101-500 Which command will display the default target on a computer running systemd? systemctl defaults update-rc.d defaults systemctl runlevel systemctl get-default
33 101-500 Which option to the systemctl command will change a service so that it runs on the next boot of the system? enable startonboot loadonboot start
34 101-500 Which of the following best describes the /proc filesystem? /proc contains information about files to be processed. /proc contains configuration files for processes. /proc contains information on currently running processes, including the kernel. /proc contains variable data such as mail and web files.
35 101-500 Which command will retrieve information about the USB connections on a computer in a tree-like format? lsusb -tree lsusb --tree lsusb -t usblist --tree
36 101-500 What is one reason why a device driver does not appear in the output of lsmod, even though the device is loaded and working properly? The use of systemd means that drivers are not required for most devices. The use of initramfs means that support is enabled by default. The system does not need a driver for the device. Support for the device has been compiled directly into the kernel.
37 101-500 Which option to rmmod will cause the module to wait until it’s no longer in use to unload the module? -test -f -w -unload
38 101-500 You are using a storage area network (SAN) that keeps causing errors on your Linux system due to an improper kernel module created by the SAN vendor. When the SAN sends updates, it causes the filesystem to be mounted as read-only. Which command and option can you use to change the behavior of the filesystem to account for the SAN bug? mount --continue tune2fs -e continue mkfs --no-remount mount -o remount
39 101-500 Within which directory are rules related to udev stored? /etc/udev.conf /etc/udev.conf.d /etc/udev/rules.d /etc/udev.d
40 101-500 Which option to Lspci displays the kernel driver in use for the given Peripheral Component Interconnect (PCI) device? -t -k -n -a
41 101-500 Within which of the following directories will you find blacklist information for modules loaded with modprobe? /etc/blacklist /etc/modprobe.d /etc/blacklist.mod /etc/modprobe
42 101-500 When working with a CentOS 6 system, which command is used to create the initial RAM disk? mkinit dracut mkraminit mkinitfs
43 101-500 Within which file will you find a list of the currently available kernel symbols? /proc/kernelsyms /etc/kernel.conf /etc/syms /proc/kallsyms
44 101-500 Which of the following commands can be used to show the various information related to a currently loaded module, including core size and settings for options? systool -v -m <module> modinfo -r <module> lsmod <module> infmod <module>
45 101-500 Which directory contains various elements and configuration information about the kernel such as the release number, domain name, location of modprobe, and other settings? /proc/sys/kmod /proc/sys/kernel /proc/kernel /proc/kernel/sys
46 101-500 Within which directory should systemd unit files that you create be stored? /etc/system /etc/systemd/system /usr/share/systemd /usr/share/system
47 101-500 Which of the following commands should you execute after making changes to systemd service configurations in order for those changes to take effect? systemd reload reboot systemctl daemon-reload systemctl reboot
48 101-500 Which of the following files contains the runlevels for the system along with a reference to the corresponding rc file? /etc/runlevels /etc/inittab /etc/re /etc/runlevel
49 101-500 Which boot loader can be used for File Allocation Table (FAT) filesystems and might be used for a rescue disk? SYSBOOT SYSLINUX TIELINUX FATLINUX
50 101-500 Which of the following is used to provide an early filesystem-based loading process for key drivers needed to continue the boot process? bootrd driverload initrd initdrv
51 101-500 When booting a system you receive an error similar to "No init found" and are then placed at an initramfs prompt. You need to check the hard drive for errors. Which of the following commands performs an error check on a hard drive partition in Linux? defrag fsck checkfs chkfs
52 101-500 Which of the following commands places the system in single-user mode? tellinit 1 chginit 1 telinet 1 telinit 1
53 101-500 Which of the following commands changes the boot order for the next boot? efibootmgr -c efibootmgr -b -B efibootmgr -o efibootmgr -n
54 101-500 Which boot loader can be used with IS09660 CD-ROMS? ISOLINUX EFIBOOT ISOFS BOOTISO
55 101-500 Within which directory are systemd user unit files placed by installed packages? /usr/lib/systemd/user /usr/lib/systemd/system /usr/systemd /usr/system
56 101-500 When using Unified Extensible Firmware Interface (UEFI), which of the following files can be used as a boot loader? shim.uefi shim.efi shim. fx efi.shim
57 101-500 Which directory on a SysV init-based system contains scripts that are used for starting and stopping services? /etc/rc.int /etc/boot /etc/bootscripts /etc/init.d
58 101-500 Which of the following commands is used to find overriding configuration files on a systemd-based system? diff systemctl -diff systemd-delta systemctl configoverride
59 101-500 Which of the following commands on a Red Hat system lists all of the SysV services set to be executed on boot along with their setting for each runlevel? rlevel chkconfig --list bootldr --list init --bootlist
60 101-500 Which of the following commands, executed from within the UEFI shell, controls the boot configuration? bootcfg befg grub-install ercfg
61 101-500 Which file must exist within /tftpboot on the Trivial File Transfer Protocol (TFTP) server for a system that will use PXELINUX for its boot loader? pxelinux.tftp pxelinux.boot pxelinux.conf pxelinux.0
62 101-500 Which utility can you use on a Debian or Ubuntu system to manage SysV init scripts, such as setting them to run on boot? bootorder bootloader configchk update-rc.d
63 101-500 Which key, pressed during the operating system selection menu, is used to enable editing of the parameters related to boot with GRUB? v e r y
64 101-500 Which systemct1 subcommand is used to switch runlevels? switch move runlevel isolate
65 101-500 When examining the /etc/inittab file, which option signifies the default runlevel to which the system will boot? default defaultboot initdefault defaultlvl
66 101-500 Which of the following is used instead of initrd to provide an early filesystem for essential drivers? initnext initramfs initialize initfs
67 101-500 Which of the following commands sets the default systemd target to multi-user? systemctl set-default multi-user.target systemd set-default multi-user. target systemctl set-def muser.target systemd set-def muser.target
68 101-500 When using a shim for booting a UEFI-based system, which of the following files is loaded after shim.efi? grubx64.cfg grub.conf grubx64.efi efi.boot
69 101-500 Within which hierarchy are files from /etc/init.d linked so that the files are executed during the various runlevels of a SysV system? /etc/rc.S /etc/rc /etc/boot/re /etc/rc.d
70 101-500 What is the name of the unit to which a systemd system is booted in order to start other levels? default.target init.target initial.target load.target
71 101-500 When viewing information in /dev/disk/by-path using the command Ls -1, which of the following filenames represents a logical unit number (LUN) from Fibre Channel? /dev/fco pci-0000:1a:00.0-fc-0x500601653ee0025F : 0x0000000000000000 pci-0000:1a:00.0-scsi-0x500601653ee0025f : 0x0000000000000000 /dev/fibreo
72 101-500 You have purchased new solid-state drive (SSD) hardware that uses the NVMe (Non-Volatile Memory Express) protocol but cannot find the disks in the normal /dev/sd* location in which you have traditionally found such storage. In which location should you look for these drives? /dev/nd* /dev/nvme* /dev/nv* /dev/nvme/*
73 101-500 Which file contains information about the current md Redundant Array of Inexpensive Disks (RAID) configuration such as the personalities? /proc/raidinfo /proc/rhyinfo /proc/mdraid /proc/mdstat
74 101-500 Which of the following directory hierarchies contains information such as the World Wide Name (WWN) for Fibre Channel? /sys/class/wwn /sys/class/fc_host /sys/class/fclist /sys/class/fc/wwn
75 101-500 Information about logical volumes can be found in which of the following directories? /dev/lvinfo /dev/map /dev/mapper /dev/lvmap
76 101-500 Which of the following commands will examine the PCI subsystem for NVMe-based devices? psnvme lsnvme lspci | grep scsi lspci | grep -i nvme
77 101-500 Which of the following devices is the location of the first Small Computer System Interface (SCSI) tape device detected at boot? /dev/st1 /dev/sdo /dev/sdi /dev/sto
78 101-500 Which of the following files should be used to display a message to users prior to logging in locally? /etc/loginmesg /etc/logmessage.txt /etc/issue /etc/banner
79 101-500 Which file contains a message that is displayed after a successful login? /etc/loginbanner /etc/issue /etc/motd /etc/message
80 101-500 Which of the following files can be used to provide a message to users logging in remotely with a protocol such as telnet? /etc/telnet.msg /etc/issue.net /etc/login.msg /etc/telnet. login
81 101-500 Which of the following commands turns off the computer, including removing power, if possible? systemctl halt systemctl reboot systemctl stop systemctl poweroff
82 101-500 Which of the following shutdown commands reboots the system in 15 minutes? shutdown -r +15 shutdown +15 shutdown -15 shutdown -r 00:15
83 101-500 When terminating a process on a SysV init-based system, which command can be used to stop the process? service sysv syscl servc
84 101-500 Which of the following commands show the boot messages captured by systemd? journalctl -b systemctl -b journatctl -bm journatctl -1
85 101-500 Which option to the shutdown command halts or stops the system? -h -s -f -t
86 101-500 Which signal number is used as SIGKILL when used with the kill command? 1 4 9 11
87 101-500 Which directory contains rc-related startup scripts on a legacy Debian system? /etc/init /etc/inittab /etc/init.d /etc/rc.init
88 101-500 When attempting to enable an integrated peripheral on a basic input/output system (BIOS) system, what should be done to determine whether the peripheral has been enabled within the BIOS? Examine boot messages to determine if the kernel has detected the peripheral. Examine /var/log/auth. Log for detection of the peripheral. Reboot the system to determine if the device works. Enable the peripheral by removing it from the blacklisted modules.
89 101-500 Which option to the wall command suppresses the "Broadcast message" banner that normally displays? -b -a -n -d

File diff suppressed because it is too large Load Diff

View File

@ -1,61 +0,0 @@
"LEVEL","ANSWER","QUESTION",1,2,3,4,5
"101-500","3","Which of the following statements is correct when talking about /proc/?","All changes to files in /proc/ are stored in /etc/proc.d/ and restored on reboot.","All files within /proc/ are read-only and their contents cannot be changed.","All changes to files in /proc/ are immediately recognized by the kernel.","All files within /proc/ are only readable by the root user."
"101-500","3","Which SysV init configuration file should be modified to disable the ctrl-alt-delete key combination?","/etc/keys","/proc/keys","/etc/inittab","/proc/inittab","/etc/reboot"
"101-500","1 3","Which of the following commands reboots the system when using SysV init? (Choose TWO correct answers.)","shutdown -r now","shutdown -r 'rebooting',"telinit 6","telinit 0","shutdown -k now 'rebooting'"
"101-500","3 4","Which of the following commands brings a system running SysV init into a state in which it is safe to perform maintenance tasks? (Choose TWO correct answers.)","shutdown -R 1 now","shutdown -single now","init 1","telinit 1","runlevel 1"
"101-500","5","Which of the following options for the kernel's command line changes the systemd boot target to rescue.target instead of the default target?","systemd.target=rescue.target","systemd.runlevel=rescue.target","systemd.service=rescue.target","systemd.default=rescue.target","systemd.unit=rescue.target"
"101-500","2 4","What of the following statements are true regarding /dev/ when using udev? (Choose TWO correct answers.)","Entries for all possible devices get created on boot even if those devices are not connected.","Additional rules for udev can be created by adding them to /etc/udev/rules.d/.","When using udev, it is not possible to create block orcharacter devices in /dev/ using mknod.","The /dev/ directory is a filesystem of type tmpfs and is mounted by udev during system startup.","The content of /dev/ is stored in /etc/udev/dev and is restored during system startup."
"101-500","3","To what environment variable will you assign or append a value if you need to tell the dynamic linker to look in a build directory for some of a program's shared
libraries?","LD_LOAD_PATH","LD_LIB_PATH","LD_LIBRARY_PATH","LD_SHARE_PATH","LD_RUN_PATH"
"101-500","1 2 4","When using rpm --verify to check files created during the installation of RPM packages, which of the following information is taken into consideration? (Choose
THREE correct answers.)","Timestamps","MD5 checksums","Inodes","File sizes","GnuPG signatures"
"101-500","2","Which of the following commands can be used to perform a full text search on all available packages on a Debian system?","apt","apt-cache","apt-get","apt-search","dpkg"
"101-500","2","Which of the following commands can be used to download the RPM package kernel without installing it?","yum download --no-install kernel","yumdownloader kernel","rpm --download --package kernel","rpmdownload kerne",""
"101-500","4","What happens after issuing the command vi without any additional parameters?","vi starts and loads the last file used andmoves the cursor to the position where vi was when it last exited.","vi starts and requires the user to explicitly either create a new or load an existing file.","vi exits with an error message as it cannot be invoked without a file name to operate on.","vi starts in command mode and opens a new empty file.","vi starts and opens a new file which is filled with the content of the vi buffer if the buffer contains text."
"101-500","2","When given the following command line. echo "foo bar" | tee bar | cat
Which of the following output is created?","cat","foo bar","tee bar","bar","foo"
"101-500","4","Which of the following commands will print the last 10 lines of a text file to the standard output?","cat -n 10 filename","dump -n 10 filename","head -n 10 filename","tail -n 10 filename",""
"101-500","2","Which of the following commands displays the contents of a gzip compressed tar archive?","gzip archive.tgz | tar xvf -","tar ztf archive.tgz","gzip -d archive.tgz | tar tvf -","tar cf archive.tgz",""
"101-500","4","In the vi editor, which of the following commands will copy the current line into the vi buffer?","c","cc","1c","yy","1y"
"101-500","2","In a nested directory structure, which find command line option would be used to restrict the command to searching down a particular number of subdirectories?","-dirmax"," -maxdepth"," -maxlevels","-n","-s"
"101-500","4","What is the purpose of the Bash built-in export command?","It allows disks to be mounted remotely.","It runs a command as a process in a subshell.","It makes the command history available to subshells.","It sets up environment variables for applications.","It shares NFS partitions for use by other systems on the network."
"101-500","2","Which of the following explanations are valid reasons to run a command in the background of your shell?","The command does not need to execute immediately.","The command has to run immediately but the user needs to log out.","The system is being shut down and the command needs to restart execution immediately after the reboot.","The command can run at a lower priority than normal commands run on the command line.",""
"101-500","4","A user accidentally created the subdirectory \dir in his home directory. Which of the following commands will remove that directory?","rmdir '~/\dir'","rmdir ~/'dir'","rmdir ~/\dir","rmdir ~/\\dir",""
"101-500","2","Regarding the command: nice -5 /usr/bin/prog
Which of the following statements is correct?","/usr/bin/prog is executed with a nice level of -5.","/usr/bin/prog is executed with a nice level of 5.","/usr/bin/prog is executed with a priority of -5.","/usr/bin/prog is executed with a priority of 5.",""
"101-500","4","Which of the following commands instructs SysVinit to reload its configuration file?","reinit","initreload","telinit 7","telinit q","init reinit"
"101-500","4","What does the command mount -a do?","It mounts all available filesystems onto the current directory.","It shows all mounted filesystems.","It mounts all user mountable filesystems for thecurrent user.","It mounts all filesystems listed in /etc/fstab which have the option auto set.","It mounts all filesystems listed in /etc/fstab which have the option noauto set."
"101-500","5","Which of the following commands can be used to locate programs and their corresponding man pages and configuration files?","dirname","which","basename","query","whereis"
"101-500","4","Which of the following settings for umask ensures that new files have the default permissions -rw-r----- ?","0017","0640","0038","0027",""
"101-500","3","In Bash, inserting 2>&1 after a command redirects:","standard error to standard input.","standard input to standard error.","standard output to standard error.","standard error to standard output.","standard outputto standard input."
"101-500","4","What is the purpose of the Filesystem Hierarchy Standard?","It is a security model used to ensurefiles are organized according to their permissions and accessibility.","It provides unified tools to create, maintain and manage multiple filesystems in a common way.","It defines a common internal structure of inodes for all compliant filesystems.","It is a distribution neutral description of locations of files and directories.",""
"101-500","1","Which command is used to query information about the available packages on a Debian system?","apt-cache","apt-get","apt-search","dpkg","dpkg-search"
"101-500","4","Which of the following options must be passed to a filesystems entry in /etc/fstab in order to mount the file system without root privileges?","auto","norestrict","noauto","user",""
"101-500","2","Which of the following commands will print important system information such as the kernel version and machine hardware architecture?","sysinfo","uname","lspci","arch","info"
"101-500","1","Which of the following commands will change the quota for a specific user?","edquota","repquota","quota -e","quota",""
"101-500","4","How can the list of files that would be installed by the RPM package file apache-xml.rpm be previewed?","rpm qp apache-xml.rpm","rpm qv apache-xml.rpm","rpm ql apache-xml.rpm","rpm qpl apache-xml.rpm",""
"101-500","3","Which of the following commands will mount an already inserted CD-ROM in /dev/sr0 onto an existing directory /mnt/cdrom when issued with root privileges?","mount /dev/cdrom /mnt/cdrom","mount /dev/sr0 /mnt/cdrom","mount t cdrom /dev/sr0 /mnt/cdrom","mount l cdrom /dev/sr0 /mnt/cdrom","mount f /dev/sr0/mnt/cdrom"
"101-500","4","Which of the following shell commands makes the already defined variable TEST visible to new child processes? (Choose two.)","visible TEST","declare +x TEST","declare x TEST","export TEST","export v TEST"
"101-500","3","Which of the following pieces of information of an existing file is changed when a hard link pointing to that file is created?","File size","Modify timestamp","Link count","Inode number","Permissions"
"101-500","4","Which signal is sent by the kill command by default?","SIGHUP(1)","SIGQUIT(3)","SIGKILL(9)","SIGTERM(15)",""
"101-500","1","Which of the following commands can be used to create a new file that is 100kB in size?","dd","file","mkfile","touch",""
"101-500","4","Which chown command will change the ownership to dave and the group to staff on a file named data.txt?","chown dave/staff data.txt","chown u dave g staff data.txt","chown --user dave --group staff data.txt","chown dave:staff data.txt",""
"101-500","3","Which of the following commands shows the definition of a given shell command?","where","stat","type","case",""
"101-500","2","After running the command umount /mnt, the following error message is displayed: umount: /mnt: device is busy.
What is a common reason for this message?","The kernel has not finished flushing disk writes to themounted device.","A user has a file open in the /mnt directory.","Another file system still contains a symlink to a file inside /mnt.","The files in /mnt have been scanned and added to the locate database.","The kernel thinks that a process is about toopen a file in /mnt for reading."
"101-500","3","Which of the following commands can be used to search for the executable file foo when it has been placed in a directory not included in $PATH?","apropos","which","find","query","whereis"
"101-500","3","Which of the following commands changes the number of days before the ext3 filesystem on /dev/sda1 has to run through a full filesystem check while booting?","tune2fs -d 200 /dev/sda1","tune2fs -c 200 /dev/sda1","tune2fs -i 200 /dev/sda1","tune2fs -n 200 /dev/sda1","tune2fs --days 200 /dev/sda1"
"101-500","3","Which of the following file permissions belong to a symbolic link?","-rwxrwxrwx","+rwxrwxrwx","lrwxrwxrwx","srwxrwxrwx",""
"101-500","4 5","Which of the following properties of a Linux system should be changed when a virtual machine is cloned? (Choose two.)","The partitioning scheme","The file system","The D-Bus Machine ID","The permissions of /root/","The SSH host keys"
"101-500","1 5","When is the content of the kernel ring buffer reset? (Choose two.)","When the ring buffer is explicitly reset using the command dmesg --clear","When the ring buffer is read using dmesg without any additional parameters","When a configurable amount of time, 15 minutes by default, has passed","When the kernel loads a previously unloaded kernel module","When the system is shut down or rebooted"
"101-500","5","Which of the following apt-get subcommands installs the newest versions of all currently installed packages?","auto-update","dist-upgrade","full-upgrade","install","update"
"101-500","5","When redirecting the output of find to the xargs command, what option to find is useful if the filenames contain spaces?","rep-space","-printnul","-nospace","ignore-space"," print0"
"101-500","1","What output will be displayed when the user fred executes the following command? echo fred $USER","fred fred","fred /home/fred/","fred $USER","fred $USER","fred fred"
"101-500","1 4","Which of the following statements are true about the boot sequence of a PC using a BIOS? (Choose two.)","Some parts of the boot process can be configured from the BIOS","Linux does not require the assistance of the BIOS to boot a computer","The BIOS boot process starts only if secondary storage, such as the hard disk, is functional","The BIOS initiates the boot process after turning the computer on","The BIOS is started by loading hardware drivers from secondary storage, such as the hard disk"
"101-500","5","Given a log file loga.log with timestamps of the format DD/MM/YYYY:hh:mm:ss, which command filters out all log entries in the time period between 8:00 am and
8:59 am?","grep E :08:[09]+:[09]+ loga.log","grep E :08:[00]+ loga.log","grep E loga.log :08:[0-9]+:[0-9]+","grep loga.log :08:[0-9]:[0-9]","grep E :08:[0-9]+:[0-9]+ loga.log"
"101-500","2 4","Which of the following files exist in a standard GRUB 2 installation? (Choose two.)","/boot/grub/stages/stage0","/boot/grub/i386-pc/1vm.mod","/boot/grub/fstab","/boot/grub/grub.cfg","/boot/grub/linux/vmlinuz"
"101-500","1","Which of the following commands changes all CR-LF line breaks in the text file userlist.txt to Linux standard LF line breaks and stores the result in newlist.txt?","tr d \r < userlist.txt > newlist.txt","tr c \n\r <newlist.txt> userlist.txt","tr \r\n <userlist.txt> newlist.txt","tr \r \n userlist.txt newlist.txt","tr s /^M/^J/ userlist.txt newlist.txt"
"101-500","1","What does the command mount --bind do?","It makes the contents of one directory available in another directory","It mounts all available filesystems to the current directory","It mounts all user mountable filesystems to the users home directory","It mounts all file systems listed in /etc/fstab which have the option userbind set","It permanently mounts a regular file to a directory"
"101-500","3","It permanently mounts a regular file to a directory","d2","2d","2dd","dd2","de12"
"101-500","","","","","","",""
Can't render this file because it has a wrong number of fields in line 2.

View File

@ -30,6 +30,14 @@ DIFFICULTY = {
"hard": "102-500", "hard": "102-500",
} }
LEVELS = [
"010-160",
"101-400",
"101-500",
"102-400",
"102-500",
]
class Tui(object): class Tui(object):
def __init__(self): def __init__(self):
@ -40,25 +48,25 @@ class Tui(object):
os.system("clear") os.system("clear")
md = Markdown("# {}".format(question.get_question())) md = Markdown("# {}".format(question.get_question()))
self._console.print(md) self._console.print(md)
md = Markdown("level: {}".format(question.get_level()))
self._console.print(md)
md = "" md = ""
for possibility in question.get_possibilities(): for possibility in question.get_possibilities():
md += "1. {}\n".format(possibility) md += "1. {}\n".format(possibility)
md = Markdown(md) md = Markdown(md)
self._console.print(md) self._console.print(md)
def prompt_for_answer(self): def prompt_for_answer(self, name):
#md = Markdown("What's your answer?") #md = Markdown("What's your answer?")
#self._console.print(md) #self._console.print(md)
answer = self._parse_input() answer = self._parse_input(name)
return answer return answer
def _parse_input(self): def _parse_input(self, name):
""" """
TODO make it adapt to questions with multiple choices and fill the
blank
""" """
answers = [] answers = []
results = input("\n What's your answer? (only numbers, separated by a SPACE) ") results = input("\n {}, what's your answer? (only numbers, separated by a SPACE) ".format(name))
results = results.split() results = results.split()
for result in results: for result in results:
if result.isdigit(): if result.isdigit():
@ -131,21 +139,21 @@ class Tui(object):
class Application(object): class Application(object):
def __init__(self, filepath_csv, filepath_players, interface, number, level): def __init__(self, filepath_csv, filepath_players, interface, number, level):
self._db = Database(filepath_csv, level) self._db = Database(filepath_csv, level)
self._number = number
self._session = Game(filepath_players) self._session = Game(filepath_players)
self._number = number * len(self._session.get_all_players())
self._interface = interface self._interface = interface
def start(self): def start(self):
pass pass
def run(self): def run(self):
while self._number > 0: while self._number > 0:
player = self._session.get_random_player() player = self._session.get_random_player()
self._interface.signal_player(player) if len(self._session.get_all_players()) > 1:
self._interface.signal_player(player)
question = self._db.get_question() question = self._db.get_question()
self._interface.ask_question(question) self._interface.ask_question(question)
answer = self._interface.prompt_for_answer() answer = self._interface.prompt_for_answer(player)
stat = question.verify(answer) stat = question.verify(answer)
player.stats.update_stats(stat) player.stats.update_stats(stat)
self._interface.show_success(stat) self._interface.show_success(stat)
@ -164,23 +172,65 @@ class Application(object):
self._interface.goodbye() self._interface.goodbye()
def level_logic(level, difficulty):
if level is None and difficulty is None:
level = "lpic1_part1"
elif level is not None:
# level = LEVELS[0:LEVELS.index(DIFFICULTY[level]) + 1]
level = (level)
elif difficulty is not None:
level = LEVELS[0:LEVELS.index(DIFFICULTY[difficulty]) + 1]
return level
if __name__ == "__main__": if __name__ == "__main__":
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser()
parser.add_argument("-f", "--file", required=True, help="file to use as database", action="store") parser.add_argument(
parser.add_argument("-p", "--players", required=True, help="list of players", action="store") "-f",
parser.add_argument("-n", "--number", default=10, help="number of questions to ask", type=int, action="store") "--file",
parser.add_argument("-d", "--difficulty", default="easy", help="easy, medium or hard", type=str, action="store") required=False,
default="data",
help="path to specific CSV file or directory",
action="store"
)
parser.add_argument(
"-p",
"--players",
required=False,
default="",
help="file with list of players",
action="store"
)
parser.add_argument(
"-n",
"--number",
default=20,
help="number of questions to ask",
type=int,
action="store"
)
group_level = parser.add_mutually_exclusive_group()
group_level.add_argument(
"-d",
"--difficulty",
choices=DIFFICULTY.keys(),
help="easy, medium or hard"
)
group_level.add_argument(
"-l",
"--level",
choices=LEVELS,
help="LPI level to test"
)
args = parser.parse_args() args = parser.parse_args()
filepath_csv = pathlib.Path(args.file) filepath_csv = pathlib.Path(args.file)
filepath_players = pathlib.Path(args.players) filepath_players = pathlib.Path(args.players)
if not filepath_csv.exists() or not filepath_players.exists(): if not filepath_csv.exists():
print("no such file!") print("no such file or directory!")
exit(1) exit(1)
try:
level = DIFFICULTY[args.difficulty] level = level_logic(args.level, args.difficulty)
except Exception as e:
print(e)
level = DIFFICULTY["easy"]
interface = Tui() interface = Tui()
app = Application(filepath_csv, filepath_players, interface, args.number, level) app = Application(filepath_csv, filepath_players, interface, args.number, level)
try: try: