CompTIA XK0-005 CompTIA Linux+ Certification Exam Practice Test

Answer : B

The reason the developer cannot log in is because their account is locked. This is indicated by the '!!' in the /etc/shadow file:

developer:!!::0:99999:7:::

The '!!' in the password field means the account is locked, and the user cannot authenticate using a password.

To unlock the account, the administrator must reset the password:

passwd developer

OR, if SSH key authentication is used, the administrator can remove the lock without setting a password:

usermod -U developer

Why the other options are incorrect?

A . The developer's private key has been deleted from the server. Incorrect, because the login attempt is failing before key authentication even starts.

C . The developer's public key is in the wrong location. Incorrect, because the SSH configuration (PubkeyAuthentication yes) allows key-based authentication, but the user is still unable to log in. The issue is with the account lock.

D . SSH has been disabled for user log-in. Incorrect, because PasswordAuthentication yes confirms SSH is enabled for users (except root).

CompTIA Linux+ Official Documentation

Linux User Management -- Red Hat

Answer : C

The iptables command is used to configure firewall rules in Linux.

To allow packets from a specific source (192.168.10.22) to the server, we must append a rule to the INPUT chain:

iptables -A INPUT -s 192.168.10.22 -j ACCEPT

Explanation of the command:

-A INPUT Appends a rule to the INPUT chain (incoming traffic).

-s 192.168.10.22 Specifies the source IP address.

-j ACCEPT Accepts the packet and allows communication.

Why the other options are incorrect?

A . iptables -L -s 192.168.10.22 -j ACCEPT Incorrect, -L is used to list rules, not to add them.

B . iptables -D INPUT -s 192.168.10.22 -j ACCEPT Incorrect, -D is used to delete a rule, not add one.

D . iptables -A OUTPUT -S 192.168.10.22 -j ACCEPT Incorrect, -A OUTPUT affects outgoing packets, but we need to accept incoming packets.

Persisting the Rule:

To make the rule persistent after a reboot, it must be saved:

iptables-save > /etc/iptables/rules.v4

CompTIA Linux+ Official Documentation

Answer : A

In modern Linux distributions using systemd, the correct way to change the system time zone is by using the timedatectl command:

cpp

CopyEdit

timedatectl set-timezone <TimeZone>

For example, to set the time zone to America/New_York, the command would be:

cpp

CopyEdit

timedatectl set-timezone America/New_York

Why the other options are incorrect?

B . systemd-timezone set Asia/Tokyo Incorrect, as there is no systemd-timezone command in Linux.

C . systemctl configure-timezone Africa/Nairobi Incorrect, systemctl does not have a configure-timezone option.

D . tzconfig configure Europe/London Incorrect, tzconfig was used in older Debian-based systems, but it has been deprecated in favor of timedatectl.

CompTIA Linux+ Official Documentation

Answer : C

The curl error 'No route to host' suggests that the server is unreachable on port 443 (HTTPS).

The firewall-cmd --list-all output shows the active firewall rules:

The firewall is only allowing the following services:

makefile

CopyEdit

services: cockpit dhcpv6-client http ssh

Port 443 (HTTPS) is missing from the allowed services list.

Port 3001/tcp is open, but port 443 is not listed, which means HTTPS traffic is being blocked.

The routing table (ip route output) appears correct, as the default route is properly set to 172.31.1.1 via eth0. This rules out option B.

Option A is incorrect because eth0 is active and configured (default via 172.31.1.1 dev eth0), meaning the network interface is not down.

Option D is misleading because the firewall rules are only rejecting SSH traffic from specific IP addresses, not HTTPS traffic.

Fixing the Issue:

To allow HTTPS traffic, the administrator should enable HTTPS in the firewall:

# firewall-cmd --add-service=https --permanent

# firewall-cmd --reload

This will allow HTTPS (port 443) through the firewall.

CompTIA Linux+ Official Documentation

firewalld Documentation - Red Hat

Linux Firewall Configuration - CompTIA Security+ Guide

Answer : A

In Docker, a Dockerfile is a script that contains instructions to build a container image. The first line in a Dockerfile is typically the FROM directive, which specifies the base image from which the container will be built.

The correct syntax for specifying a base image is:

ruby

CopyEdit

FROM <image>:<tag>

If no tag is provided, Docker will pull the latest version of the specified image by default.

httpd is the official Apache HTTP Server image available in Docker Hub.

The incorrect options:

BASE httpd Incorrect, as there is no such directive in Dockerfile syntax.

USE httpd Incorrect, this is not a valid Docker command.

INHERIT httpd Incorrect, as Docker does not use INHERIT to specify base images.

Thus, the correct answer is A. FROM httpd.

CompTIA Linux+ Official Documentation

Dockerfile Reference - Docker Docs

Official httpd Docker Image

Answer : D

Comprehensive and Detailed Step-by-Step

mkdir CompTIA_doc && cd CompTIA_doc ensures that the directory is created first, and only then does the command switch into it.

mkdir CompTIA doc is incorrect because it attempts to create two separate directories.

mkdir CompTIA_doc > cd CompTIA_doc uses incorrect syntax (> is used for output redirection).

mkdir CompTIA_doc || cd CompTIA_doc is incorrect because || means 'execute the second command only if the first one fails.'

Answer : C

Comprehensive and Detailed Step-by-Step

cat /var/log/messages > /home/admin/messages copies the file contents while preserving the original file.

touch only creates an empty file and does not copy contents.

mv moves the file instead of copying it.

ln -s creates a symbolic link but does not copy the contents.