CompTIA XK0-005 Exam Practice Test Instant Access

Question 1

An administrator changed the default port of an SSH server to 2222 on myhost, and clients are not able to connect. The administrator runs some commands and receives the following output:

vbnet

Copy code

$ ssh -p 2222 myhost

ssh:connect to host myhost on port 2222: No route to host

Which of the following commands should be run on myhost?

Afirewall-cmd --zone=public --add-service=ssh

Bfirewall-cmd --zone=public --add-port=2222

Ciptables --zone=public --add-service=ssh

Diptables --zone=public --add-port=2222

Answer : B

The administrator has likely updated the SSH server to listen on a non-standard port (2222), but the firewall rules were not updated to allow connections on this new port. The firewall-cmd command with the --add-port option allows traffic on a specific port through the firewall. The command should be executed on myhost to permit incoming SSH connections on port 2222.

Question 2

A Linux administrator is enabling root log-in over SSH on a server. Which of the following combinations of files and parameters should the administrator modify to accomplish this task?

A/etc/ssh/ssh_config - PermitRootLogin

B/etc/ssh/ssh_config - AllowRootLogin

C/etc/ssh/sshd_config - PermitRootLogin

D/etc/ssh/sshd_config - AllowRootLogin

Answer : C

To enable root login over SSH, the administrator must edit the /etc/ssh/sshd_config file, which configures the SSH daemon. The PermitRootLogin directive should be set to yes to allow root login. After making this change, the SSH daemon must be restarted for the changes to take effect.

Question 3

A Linux administrator is creating a user that can run the FTP service but cannot log in to the system. The administrator sets /bin/false as a login shell for the user. When the user tries to run the FTP service, it is rejected with an "invalid shell: /bin/false" message. Which of the following is the best way to resolve the issue?

AChange ownership of /bin/false to the FTP user

BAdd /bin/false entry to the /etc/shells file

CMake /bin/false an executable file

DChange the user's default shell to /bin/bash

Answer : B

The /etc/shells file contains a list of valid login shells. Since /bin/false is not listed as a valid shell, adding it to the /etc/shells file will resolve the issue and allow the user to run the FTP service without being able to log into the system interactively.

Question 4

An administrator is troubleshooting a database service outage that was reported by a monitoring system. Given the following output:

$ systemctl status mariadb

Oct 20 16:40:45 comptia systemd[1]: mariadb.service: Main process exited, code=killed, status=9/KILL

Oct 20 16:40:45 comptia systemd[1]: mariadb.service: Failed with result 'signal'.

Oct 20 16:40:50 comptia systemd[1]: Stopped MariaDB 10.3 database server.

$ dmesg

[ 1061.491433] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom, task_memcg=/system.slice/mariadb.service, task=mysqld,pid=1981,uid=27

[ 1061.491453] Out of memory: Killed process 1981 (mysqld) total-vm:330668kB, anon-rss:31316kB, file-rss:OkB, shmem-rss:OkB, UID:27 pgtables:324kB oom_score_adj:0

Which of the following is the reason for the outage?

AThe administrator sent a kill signal to the database

BThe server is missing the DMA bus

CThe database cannot write anything else to the storage

DThe server does not have enough physical memory

Answer : D

The oom-killer was invoked because the system ran out of memory, and as a result, it killed the mysqld process to free memory. This is a clear indication that the server did not have enough physical memory to run the MariaDB service, leading to the process being terminated.

Question 5

A Linux engineer wants to give read-write-execute permissions for the cloud_users directory to user Oliver. Which of the following commands should the engineer use?

Asetfacl -L Oliver
/cloud_users

Bsetfacl -x rwx
/cloud_users

Csetfacl -P rwx
/cloud_users

Dsetfacl -m u:Oliver
/cloud_users

Answer : D

The setfacl -m u:Oliver:rwx /cloud_users command modifies the ACL (Access Control List) for the directory cloud_users, granting the user Oliver read, write, and execute permissions. This is the correct syntax for assigning specific permissions to a user.

Question 6

A diagnostic tool reports a "host seems down" event for a server with an IP address of 192.168.47.44. Which of the following commands should the administrator use to confirm the host down event?

Anmap 192.168.47.0/32

Bnetcat 192.168.47.44

Cnmap 192.168.47.44 -Pn

Dping -c 1 192.168.47.44

Answer : D

The ping -c 1 192.168.47.44 command sends one ICMP echo request to the specified host to check its availability. If the host is down, there will be no response. This is the quickest way to confirm if a host is reachable. nmap -Pn can also be used to check a host status, but ping is faster and lighter.

Question 7

SIMULATION

A senior administrator has placed a private key for user admin in your home directory.

The server you need to remotely access is server1 and SSH is listening on port 2222.

INSTRUCTIONS

Part 1

Review the command output and build the correct command to place the private key

into your SSH folder.

Part 2

Review the command output and build the correct command to set the file

permissions.

Part 3

Review the command output and build the correct command to set the correct

ownership.

In each part, click on objects to build a complete command. Command objects may

be used more than once, but not all will be used. Use _ as the spacebar. Click the

arrow to remove any unwanted objects from your command.

Part 4

Select the proper file to edit for remote server access. Then, build the correct

configuration output based on the server name, ports, and files.

ASee the Explanation part for detailed answer of each part

Answer : A

Part 1

Here is the step-by-step command construction process:

1. Move the private key (likely named server1 based on the provided details) to the .ssh directory:

mv ~/server1 ~/.ssh/id_rsa

This command moves the private key (assuming it's named server1) from the home directory (~) to the .ssh directory and renames it to id_rsa (which is the default SSH private key file name).

2. Set the correct permissions for the private key file:

chmod 600 ~/.ssh/id_rsa

The private key file should be readable and writable only by the owner to maintain security.

3. Connect to the server using the private key and the correct port (2222):

ssh -i ~/.ssh/id_rsa -p 2222 admin@server1

This command tells ssh to use the specified private key (-i ~/.ssh/id_rsa), connect on port 2222 (-p 2222), and log in as the admin user on server1.

Part 2: Setting File Permissions

The correct command to set the file permissions based on the screenshots would likely involve using chmod. Here is the command to set permissions correctly:

chmod 600 ~/.ssh/id_rsa

This restricts the private key's permissions so that only the user can read and write it.

Part 3: Setting Ownership

If ownership needs to be set, the command would look like this:

chown comptia:comptia ~/.ssh/id_rsa

This command ensures that the file is owned by the correct user (comptia) and the correct group (comptia).

In part 4, it asks you to select the proper file for editing to enable remote server access. Based on standard SSH configuration requirements, the proper file to edit for remote server access would be ~/.ssh/config.

Here's why:

~/.ssh/config: This file allows you to set up configuration options for different hosts, including specifying ports, user names, and the identity file (private key). You would add the necessary configuration for server1 to this file for easier access.

Other options:

~/.ssh/authorized_keys: This file lists public keys that are authorized to log in to the local system. It's not meant for configuring remote access to another server.

~/.ssh/known_hosts: This file stores the host keys of servers you've connected to. It doesn't allow for editing remote access settings.

~/.ssh/server1: This seems like a private key file or another custom file, but it's not typically used to configure SSH options.

For configuring access to server1 on port 2222, you would add a block like this to the ~/.ssh/config file:

Host server1

HostName server1

Port 2222

User admin

IdentityFile ~/.ssh/id_rsa

CompTIA XK0-005 CompTIA Linux+ Certification Exam Practice Test