更新されたのは2024年06月25日認定試験XK0-005問題集で練習テスト問題
更新された検証済みのXK0-005問題集と解答で合格保証もしくは全額返金
質問 # 11
A network administrator issues the dig ww. compti
a. org command and receives an NXDOMAIN response. Which of the following files should the administrator check first?
- A. /etc/nsswitch.conf
- B. /etc/resolv.conf
- C. /etc/sysconfig/network-scripts
- D. /etc/hosts
正解:B
解説:
The dig command uses the DNS servers listed in the /etc/resolv.conf file to resolve domain names. If the dig command returns an NXDOMAIN response, it means the domain does not exist according to the DNS servers used. Therefore, the administrator should check the /etc/resolv.conf file first34.
Reference:
3(https://www.linuxquestions.org/questions/linux-newbie-8/help-me-dig-status-nxdomain-4175684441/)
4(https://serverfault.com/questions/729025/what-are-all-the-flags-in-a-dig-response)
質問 # 12
An administrator installed an application from source into /opt/operations1/ and has received numerous reports that users are not able to access the application without having to use the full path /opt/operations1/bin/*. Which of the following commands should be used to resolve this issue?
- A. echo 'export PATH=$PATH/opt/operations1/bin' >> /etc/profile
- B. echo 'export $PATH:/opt/operations1/bin' >> /etc/profile
- C. echo 'export PATH=$PATH:/opt/operations1/bin' >> /etc/profile
- D. echo 'export PATH=/opt/operations1/bin' >> /etc/profile
正解:C
質問 # 13
An administrator transferred a key for SSH authentication to a home directory on a remote server. The key file was moved to .ssh/authorized_keys location in order to establish SSH connection without a password.
However, the SSH command still asked for the password. Given the following output:
Which of the following commands would resolve the issue?
- A. chmod 600 .ssh/authorized_keys
- B. chown root:root .ssh/authorized_keys
- C. restorecon .ssh/authorized_keys
- D. ssh_keygen -t rsa -o .ssh/authorized_keys
正解:A
解説:
Explanation
The command that would resolve the issue is chmod 600 .ssh/authorized_keys. This command will change the permissions of the .ssh/authorized_keys file to 600, which means that only the owner of the file can read and write it. This is necessary for SSH key authentication to work properly, as SSH will refuse to use a key file that is accessible by other users or groups for security reasons. The output of ls -l shows that currently the
.ssh/authorized_keys file has permissions of 664, which means that both the owner and group can read and write it, and others can read it.
The other options are not correct commands for resolving the issue. The restorecon .ssh/authorized_keys command will restore the default SELinux security context for the .ssh/authorized_keys file, but this will not change its permissions or ownership. The ssh_keygen -t rsa -o .ssh/authorized_keys command is invalid because ssh_keygen is not a valid command (the correct command is ssh-keygen), and the -o option is used to specify a new output format for the key file, not the output file name. The chown root:root
.ssh/authorized_keys command will change the owner and group of the .ssh/authorized_keys file to root, but this will not change its permissions or make it accessible by the user who wants to log in with SSH key authentication. References: How to Use Public Key Authentication with SSH; chmod(1) - Linux manual page
質問 # 14
Based on an organization's new cybersecurity policies, an administrator has been instructed to ensure that, by default, all new users and groups that are created fall within the specified values below.
To which of the following configuration files will the required changes need to be made?
- A. /etc/default/useradd
- B. /etc/login.defs
- C. /etc/security/limits.conf
- D. /etc/profile
正解:B
解説:
Explanation
The required changes need to be made to the /etc/login.defs configuration file. The /etc/login.defs file defines the default values for user and group IDs, passwords, shells, and other parameters for user and group creation.
The file contains the directives UID_MIN, UID_MAX, GID_MIN, and GID_MAX, which set the minimum and maximum values for automatic user and group ID selection. The administrator can edit this file and change the values to match the organization's new cybersecurity policies. This is the correct file to modify to accomplish the task. The other options are incorrect because they either do not affect the user and group IDs (/etc/security/limits.conf or /etc/profile) or do not set the default values (/etc/default/useradd). References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 15:
Managing Users and Groups, page 463.
質問 # 15
A systems administrator has been unable to terminate a process. Which of the following should the administrator use to forcibly stop the process?
- A. kill -HUP
- B. kill -15
- C. kill -TERM
- D. kill -1
- E. kill -3
正解:C
解説:
Explanation
The administrator should use the command kill -TERM to forcibly stop the process. The kill command is a tool for sending signals to processes on Linux systems. Signals are messages that inform the processes about certain events and actions. The processes can react to the signals by performing predefined or user-defined actions, such as terminating, suspending, resuming, or ignoring. The -TERM option specifies the signal name or number that the kill command should send. The TERM signal, which stands for terminate, is the default signal that the kill command sends if no option is specified. The TERM signal requests the process to terminate gracefully, by closing any open files, releasing any resources, and performing any cleanup tasks.
However, if the process does not respond to the TERM signal, the kill command can send a stronger signal, such as the KILL signal, which forces the process to terminate immediately, without any cleanup. The administrator should use the command kill -TERM to forcibly stop the process. This is the correct answer to the question. The other options are incorrect because they either do not terminate the process (kill -1 or kill -3) or do not terminate the process forcibly (kill -15 or kill -HUP). References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 14: Managing Processes, page 431.
質問 # 16
As part of the requirements for installing a new application, the swappiness parameter needs to be changed to
O. This change needs to persist across re-boots and be applied immediately. A Linux systems administrator is performing this change. Which of the following steps should the administrator complete to accomplish this task?
- A. echo "vm. swappiness-()" >> /etc/sysctl . conf && sysctl -p
- B. sysctl -v >> / proc/meminfo & & echo "vm. swapiness=0"
- C. sysctl -h "vm. swapiness-O" && echo / etc/vmswapiness
- D. echo "vrn. >> / proc/meminfo && sysctl -a
正解:A
解説:
Explanation
To change the swappiness parameter to 0 and make it persistent across reboots and applied immediately, the administrator can perform the following steps:
Append the line vm.swappiness=0 to the file /etc/sysctl.conf using echo "vm.swappiness=0" >>
/etc/sysctl.conf (A). This will set the swappiness parameter to 0 for future boots.
Reload the sysctl configuration using sysctl -p (A). This will apply the changes to the current system without rebooting. The other commands will not achieve this task, but either write to a wrong file, use a wrong option, or have a syntax error. References:
[CompTIA Linux+ Study Guide], Chapter 8: Optimizing Linux Performance, Section: Tuning Kernel Parameters with sysctl
[How to Change Swappiness in Linux]
質問 # 17
A systems administrator configured firewall rules using firewalld. However, after the system is rebooted, the firewall rules are not present:
The systems administrator makes additional checks:
Which of the following is the reason the firewall rules are not active?
- A. FIREWALL_ARGS has no value assigned.
- B. The wrong system target is activated.
- C. The firewalld service is not enabled.
- D. iptables is conflicting with firewalld.
正解:C
解説:
Explanation
The reason the firewall rules are not active is that the firewalld service is not enabled. This means that the service will not start automatically at boot time or after a system reload. To enable the firewalld service, the systems administrator needs to use the command sudo systemct1 enable firewalld. This will create a symbolic link from the firewalld service file to the appropriate systemd target, such as multi-user.target. Enabling the service does not start it immediately, so the systems administrator also needs to use the command sudo systemct1 start firewalld or sudo systemct1 reload firewalld to activate the firewall rules.
The other options are not correct reasons for the firewall rules not being active. iptables is not conflicting with firewalld, because firewalld uses iptables as its backend by default. The wrong system target is not activated, because firewalld is independent of the system target and can be enabled for any target. FIREWALL_ARGS has no value assigned, but this is not a problem, because FIREWALL_ARGS is an optional environment variable that can be used to pass additional arguments to the firewalld daemon, such as --debug or --nofork. If FIREWALL_ARGS is empty or not defined, firewalld will use its default arguments. References: firewalld.service(8) - Linux manual page; firewall-cmd(1) - Linux manual page; systemct1(1) - Linux manual page
質問 # 18
Which of the following is a function of a bootloader?
- A. It initializes all the devices that are required to load the OS.
- B. It triggers the start of all the system services.
- C. It mounts the root filesystem that is required to load the OS.
- D. It helps to load the different kernels to initiate the OS startup process.
正解:D
解説:
Explanation
A function of a bootloader is to help load the different kernels to initiate the OS startup process. A bootloader is a program that runs when the system is powered on and prepares the system for booting the OS. A bootloader can load different kernels, which are the core components of the OS, and pass the control to the selected kernel. A bootloader can also provide a menu for the user to choose which kernel or OS to boot. This is a correct function of a bootloader. The other options are incorrect because they are either functions of the kernel (initialize devices or mount root filesystem) or functions of the init system (trigger the start of system services). References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 8: Managing the Linux Boot Process, page 265.
質問 # 19
A Linux administrator wants to prevent the httpd web service from being started both manually and automatically on a server. Which of the following should the administrator use to accomplish this task?
- A. systemctl stop httpd
- B. systemctl mask httpd
- C. systemctl reload httpd
- D. systemctl disable httpd
正解:B
解説:
Explanation
The best command to use to prevent the httpd web service from being started both manually and automatically on a server is A. systemctl mask httpd. This command will create a symbolic link from the httpd service unit file to /dev/null, which will make the service impossible to start or enable. This is different from systemctl disable httpd, which will only prevent the service from starting automatically on boot, but not manually. The other commands are either not relevant or not sufficient for this task. For example:
C: systemctl stop httpd will only stop the service if it is currently running, but it will not prevent it from being started again.
D: systemctl reload httpd will only reload the configuration files of the service, but it will not stop or disable it.
質問 # 20
Users are unable to create new files on the company's FTP server, and an administrator is troubleshooting the issue. The administrator runs the following commands:
Which of the following is the cause of the issue based on the output above?
- A. The inodes is at full capacity and would affect file creation for users.
- B. The users do not have the correct permissions to create files on the FTP server.
- C. ftpusers is mounted as read only.
- D. The ftpusers filesystem does not have enough space.
正解:A
解説:
Explanation
The cause of the issue based on the output above is C. The inodes is at full capacity and would affect file creation for users.
An inode is a data structure that stores information about a file or directory, such as its name, size, permissions, owner, timestamps, and location on the disk. Each file or directory has a unique inode number that identifies it. The number of inodes on a filesystem is fixed when the filesystem is created, and it determines how many files and directories can be created on that filesystem. If the inodes are exhausted, no new files or directories can be created, even if there is enough disk space available.
The output for the second command shows that the /ftpusers/ filesystem has 0% of inodes available, which means that all the inodes have been used up. This would prevent users from creating new files on the FTP server. The administrator should either delete some unused files or directories to free up some inodes, or resize the filesystem to increase the number of inodes.
The other options are incorrect because:
A: The users do not have the correct permissions to create files on the FTP server.
This is not true, because the output for the first command shows that the /ftpusers/ filesystem has 26% of disk space available, which means that there is enough space for users to create files. The permissions of the files and directories are not shown in the output, but they are not relevant to the issue of inode exhaustion.
B: The ftpusers filesystem does not have enough space.
This is not true, because the output for the first command shows that the /ftpusers/ filesystem has 26% of disk space available, which means that there is enough space for users to create files. The issue is not related to disk space, but to inode capacity.
D: ftpusers is mounted as read only.
This is not true, because the output for the first command does not show any indication that the /ftpusers/ filesystem is mounted as read only. If it was, it would have an (ro) flag next to the mounted on column. A read only filesystem would prevent users from creating or modifying files on the FTP server, but it would not affect the inode usage.
質問 # 21
Which of the following is the best tool for dynamic tuning of kernel parameters?
- A. tuned
- B. turbostat
- C. tune2fs
- D. tuned-adm
正解:A
解説:
Explanation
The tuned application is the best tool for dynamic tuning of kernel parameters, as it monitors the system and optimizes the performance under different workloads. It provides a number of predefined profiles for typical use cases, such as power saving, low latency, high throughput, virtual machine performance, and so on. It also allows users to create, modify, and delete profiles, and to switch between them on the fly. The tuned application uses the sysctl command and the configuration files in the /etc/sysctl.d/ directory to adjust the kernel parameters at runtime.
References
Chapter 2. Getting started with TuneD - Red Hat Customer Portal, paragraph 1 Kernel tuning with sysctl - Linux.com, paragraph 1
質問 # 22
A systems administrator is working on a security report from the Linux servers. Which of the following commands can the administrator use to display all the firewall rules applied to the Linux servers? (Select two).
- A. iptables -F
- B. ufw limit
- C. systemct1 status firewalld
- D. iptables -A
- E. firewall-cmd --1ist-a11
- F. ufw status
正解:E、F
解説:
These commands can display all the firewall rules applied to the Linux servers, depending on which firewall service is being used.
The firewall-cmd command is a utility for managing firewalld, which is a dynamic firewall service that supports zones and services. The --list-all option will show all the settings and rules for the default zone, or for a specific zone if specified. For example, firewall-cmd --list-all --zone=public will show the rules for the public zone1.
The ufw command is a frontend for iptables, which is a low-level tool for manipulating netfilter, the Linux kernel's packet filtering framework. The status option will show the status of ufw and the active rules, or the numbered rules if verbose is specified. For example, ufw status verbose will show the numbered rules and other information2.
The other options are incorrect because:
A) ufw limit
This command will limit the connection attempts to a service or port using iptables' recent module. It does not display any firewall rules2.
B) iptables -F
This command will flush (delete) all the rules in the selected chain, or all chains if none is given. It does not display any firewall rules3.
C) systemctl status firewalld
This command will show the status of the firewalld service, including whether it is active or not, but it does not show the firewall rules4.
F) iptables -A
This command will append one or more rules to the end of the selected chain. It does not display any firewall rules3.
質問 # 23
A junior administrator is setting up a new Linux server that is intended to be used as a router at a remote site. Which of the following parameters will accomplish this goal?
- A.

- B.

- C.

- D.

正解:A
質問 # 24
A Linux administrator is troubleshooting SSH connection issues from one of the workstations.
When users attempt to log in from the workstation to a server with the IP address 104.21.75.76, they receive the following message:
The administrator reviews the information below:

Which of the following is causing the connectivity issue?
- A. The server has an incorrect default gateway configuration.
- B. The workstation has the wrong IP settings.
- C. The server's firewall is preventing connections from being made.
- D. The sshd service is disabled.
正解:C
解説:
Explanation
The server's firewall is preventing connections from being made, which is causing the connectivity issue. The output of iptables -L -n shows that the firewall is blocking all incoming traffic on port 22, which is the default port for SSH. The output of ssh -v [email protected] shows that the connection is refused by the server. To resolve the issue, the administrator needs to allow port 22 on the firewall. The other options are incorrect because they are not supported by the outputs. The workstation has the correct IP settings, as shown by the output of ip addr show. The sshd service is enabled and running, as shown by the output of systemctl status sshd. The server has the correct default gateway configuration, as shown by the output of ip route show. References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 13: Managing Network Services, pages 406-407.
質問 # 25
A cloud engineer needs to check the link status of a network interface named eth1 in a Linux server. Which of the following commands can help to achieve the goal?
- A. netstat -r eth1
- B. ip link show eth1
- C. ifconfig hw eth1
- D. ss -ti eth1
正解:B
解説:
Explanation
The ip link show eth1 command can be used to check the link status of a network interface named eth1 in a Linux server. It will display information such as the MAC address, MTU, state, and flags of the interface. The ifconfig hw eth1 command is invalid, as hw is not a valid option for ifconfig. The netstat -r eth1 command would display the routing table for eth1, not the link status. The ss -ti eth1 command would display TCP information for sockets associated with eth1, not the link status. References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 13: Networking Fundamentals, page 436.
質問 # 26
In which of the following filesystems are system logs commonly stored?
- A. /opt
- B. /var
- C. /tmp
- D. /etc
正解:B
解説:
Explanation
The filesystem that system logs are commonly stored in is /var. The /var filesystem is a directory that contains variable data files on Linux systems. Variable data files are files that are expected to grow in size over time, such as logs, caches, spools, and temporary files. The /var filesystem is separate from the / filesystem, which contains the essential system files, to prevent the / filesystem from being filled up by the variable data files.
The system logs are files that record the events and activities of the system and its components, such as the kernel, the services, the applications, and the users. The system logs are useful for monitoring, troubleshooting, and auditing the system. The system logs are commonly stored in the /var/log directory, which is a subdirectory of the /var filesystem. The /var/log directory contains various log files, such as syslog, messages, dmesg, auth.log, and kern.log. The filesystem that system logs are commonly stored in is /var. This is the correct answer to the question. The other options are incorrect because they are not the filesystems that system logs are commonly stored in (/tmp, /etc, or /opt). References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 16: Managing Logging and Monitoring, page 487.
質問 # 27
......
試験エンジンはXK0-005試験無料お試しサンプル365日更新されます:https://jp.fast2test.com/XK0-005-premium-file.html
XK0-005のPDF問題とテストエンジンには294問があります:https://drive.google.com/open?id=1CJFhw9eFno5knE-pVSRBlbd4qQj1afhS