CompTIA Linux+ V8 Exam XK0-006 Practice Questions

Page: 1 / 14
Total 87 questions

Want more questions? Get Premium Access.
()

Question 1

SIMULATION

Joe, a user, has taken a position previously held by Ann. As a systems administrator, you

need to archive all the files from Ann's home directory and extract them into Joe's home

directory.

INSTRUCTIONS

Within each tab, click on an object to form the appropriate commands. Command objects may only be used once, but the spacebar _ object may be used multiple times. Not all objects will be used.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

ASee the solution in Explanation below

Answer : A

Archive Tab -- Create the archive from Ann's home directory

Correct Command:

tar -cvf /tmp/ann.tar -C /home/ ann

Extract Tab -- Extract the archive into Joe's home directory

Correct Command:

tar -xvf /tmp/ann.tar -C /home/ joe

This performance-based question tests file archiving and restoration using tar, a core System Management skill in the CompTIA Linux+ V8 objectives. The task requires preserving Ann's files and placing them correctly into Joe's home directory.

Archive Phase Explanation

The goal of the first step is to archive Ann's entire home directory without embedding the full path (/home/ann) inside the archive. This is accomplished using the -C option.

Command breakdown:

tar archive utility

-c create an archive

-v verbose output (optional but allowed)

-f /tmp/ann.tar specifies the archive file

-C /home/ changes directory before archiving

ann archives the ann directory only

This results in a clean archive containing Ann's files without absolute paths, which is best practice and explicitly covered in Linux+ V8 documentation.

Extract Phase Explanation

The second step extracts the archived files into Joe's home directory.

Command breakdown:

-x extract

-v verbose

-f /tmp/ann.tar specifies the archive

-C /home/joe extracts files directly into Joe's home directory

This ensures Joe receives Ann's files correctly under /home/joe/ann or directly under /home/joe depending on post-extraction handling, which matches Linux+ expectations for administrative user transitions.

Question 2

A Linux systems administrator is running an important maintenance task that consumes a large amount of CPU, causing other applications to slow. Which of the following actions should the administrator take to help alleviate the issue?

AIncrease the available CPU time with pidstat.

BLower the priority of the maintenance task with renice.

CRun the maintenance task with nohup.

DExecute the other applications with the bg utility.

Answer : B

Process scheduling and resource management are essential Linux administration skills covered in Linux+ V8. When a process consumes excessive CPU resources, it can negatively impact overall system performance.

The correct solution is to lower the priority of the CPU-intensive task using the renice command. Niceness values influence how much CPU time a process receives relative to others. Increasing the niceness value reduces the process's priority, allowing other applications to receive CPU resources more fairly.

Option B directly addresses the issue. The other options do not. pidstat monitors processes but does not modify CPU allocation. nohup allows a process to continue running after logout but does not affect scheduling priority. bg resumes a stopped job in the background but does not reduce CPU usage.

Linux+ V8 documentation explicitly references nice and renice for managing CPU contention. Therefore, the correct answer is B.

Question 3

A technician wants to temporarily use a Linux virtual machine as a router for the network segment 10.10.204.0/24. Which of the following commands should the technician issue? (Select three).

Aecho '1' > /proc/sys/net/ipv4/ip_forward

Biptables -A FORWARD -j ACCEPT

Ciptables -A PREROUTING -j ACCEPT

Diptables -t nat -s 10.10.204.0/24 -p tcp -A PREROUTING -j MASQUERADE

Eecho '0' > /proc/sys/net/ipv4/ip_forward

Fecho '1' > /proc/net/tcp

Giptables -t nat -s 10.10.204.0/24 -A POSTROUTING -j MASQUERADE

Hiptables -t nat -A PREROUTING -j MASQUERADE

Answer : A, B, G

Comprehensive and Detailed Explanation From Exact Extract:

To temporarily configure a Linux virtual machine as a router, the technician must enable IP forwarding and set up iptables rules to allow and masquerade traffic:

A . echo '1' > /proc/sys/net/ipv4/ip_forward: Enables IPv4 forwarding in the Linux kernel, allowing the VM to forward packets between interfaces.

B . iptables -A FORWARD -j ACCEPT: Adds a rule to the iptables firewall to accept all forwarded packets (allows traffic to be routed).

G . iptables -t nat -s 10.10.204.0/24 -A POSTROUTING -j MASQUERADE: Sets up network address translation (NAT) for outgoing packets from the 10.10.204.0/24 subnet, masquerading them as if they are coming from the VM's external IP.

Other options:

C . and H. are not relevant for routing/NAT in this context (PREROUTING is generally used for DNAT, not for standard source NAT).

D . is syntactically incorrect and mixes PREROUTING with MASQUERADE, which is not the proper combination for SNAT.

E . disables forwarding.

F . is not related to IP forwarding.

CompTIA Linux+ Study Guide: Exam XK0-006, Sybex, Chapter 9: 'Networking', Section: 'Configuring Linux as a Router'

CompTIA Linux+ XK0-006 Objectives: Domain 2.0 -- Networking

Official CompTIA Linux+ Cert Guide, Chapter 12: ''Firewall and NAT configuration''

Question 4

A systems administrator is configuring new Linux systems and needs to enable passwordless authentication between two of the servers. Which of the following commands should the administrator use?

Assh-keygen -t rsa && ssh-copy-id -i ~/.ssh/id_rsa.pub john@server2

Bssh-keyscan -t rsa && ssh-copy-id john@server2 -i ~/.ssh/key

Cssh-agent -i rsa && ssh-copy-id ~/.ssh/key john@server2

Dssh-add -t rsa && scp -rp ~/.ssh john@server2

Answer : A

Comprehensive and Detailed 250 to 350 words of Explanation From Linux+ V8 documents:

Passwordless authentication using SSH key pairs is a foundational security practice covered in the Security domain of CompTIA Linux+ V8. It allows administrators to securely authenticate between systems without transmitting passwords over the network, significantly reducing the risk of credential compromise.

The correct approach involves two essential steps: generating an SSH key pair and installing the public key on the remote system. Option A correctly performs both steps using best-practice commands.

The command ssh-keygen -t rsa generates an RSA public/private key pair in the user's ~/.ssh/ directory. The private key (id_rsa) remains securely on the local system, while the public key (id_rsa.pub) is intended to be shared. The second part of the command, ssh-copy-id -i ~/.ssh/id_rsa.pub john@server2, securely copies the public key to the remote server's ~/.ssh/authorized_keys file. This enables key-based authentication for the specified user.

The other options are incorrect or incomplete. Option B uses ssh-keyscan, which is intended for collecting host keys to populate known_hosts, not for user authentication. Option C misuses ssh-agent, which manages keys already generated and does not create or install them. Option D is insecure and incorrect because copying the entire .ssh directory risks exposing private keys and violates security best practices.

Linux+ V8 documentation emphasizes the use of ssh-keygen and ssh-copy-id as the standard, secure method for configuring passwordless SSH access. This approach ensures proper permissions, correct key placement, and minimal risk.

Question 5

A systems administrator needs to integrate a new storage array into the company's existing storage pool. The administrator wants to ensure that the server is able to detect the new storage array. Which of the following commands should the administrator use to ensure that the new storage array is presented to the systems?

Alsscsi

Blsusb

Clsipc

Dlshw

Answer : A

Comprehensive and Detailed Explanation From Exact Extract:

The lsscsi command is used to list information about SCSI devices (including storage arrays) that are attached to the system. This is critical when integrating a new storage array because it allows the administrator to verify that the operating system detects the new device at the SCSI layer, which is the underlying interface for most enterprise storage solutions. lsscsi outputs a list of recognized SCSI devices, their device nodes, and associated information.

Other options:

B . lsusb: Lists USB devices, not storage arrays on SCSI/SATA/SAS.

C . lsipc: Displays information on IPC (inter-process communication) facilities, unrelated to hardware detection.

D . lshw: Lists hardware details and can show storage, but lsscsi is specifically designed for SCSI device detection and is the most direct method for this task.

CompTIA Linux+ Study Guide: Exam XK0-006, Sybex, Chapter 7: 'Managing Storage', Section: 'Identifying and Accessing Storage Devices'

CompTIA Linux+ XK0-006 Objectives: Domain 4.0 -- Storage and Filesystems

===========

Question 6

An administrator is investigating the reason a Linux workstation is not resolving the website http://www.comptia.org. The administrator executes some commands and receives the following output:

Which of the following is the most likely cause?

AThe static entry needs to be removed from /etc/hosts.

BThe remote website does not support IPv6, and the workstation requires it.

CThe firewall needs to be modified to allow outbound HTTP and HTTPS.

DThe nameserver in /etc/resolv.conf needs to be updated to 8.8.8.8

Answer : A

When troubleshooting name resolution issues in Linux, /etc/hosts entries take precedence over DNS lookups. The workstation's /etc/hosts file contains the line:

CopyEdit

104.18.99.101 www.comptia.org

This means any attempt to access www.comptia.org will resolve to 104.18.99.101, regardless of the real DNS response. However, both dig and nslookup show the correct IP as 104.18.16.29. Because the local /etc/hosts entry overrides DNS, and the hardcoded IP is either incorrect or unreachable, all network traffic to www.comptia.org will fail or not reach the intended destination, resulting in the observed connectivity issue (Destination Host Unreachable).

Other options:

B . The lack of IPv6 support is irrelevant since the host is using IPv4 and the DNS queries for IPv4 (A record) are successful.

C . The firewall would block all HTTP/HTTPS connections, but the error shown is a host unreachable, not a port-specific issue.

D . The nameserver is working; both dig and nslookup queries succeed and return the correct A record.

CompTIA Linux+ Study Guide: Exam XK0-006, Sybex, Chapter 8: 'Networking Fundamentals', Section: 'Troubleshooting Name Resolution'

CompTIA Linux+ XK0-006 Objectives, Domain 2.0: Networking

Question 7

A Linux administrator just finished setting up passwordless SSH authentication between two nodes. However, upon test validation, the remote host prompts for a password. Given the following logs:

Which of the following is the most likely cause of the issue?

AThe SELinux policy is incorrectly targeting the unconf ined_u context.

BThe administrator forgot to restart the SSHD after creating the authorizedjceys file.

CThe authorized_keys file has the incorrect root permissions assigned.

DThe authorized_keys file does not have the correct security context to match SELinux policy.

Answer : D

This issue is directly related to SELinux enforcement, which is a key topic in the Security domain of CompTIA Linux+ V8. The logs clearly indicate that SSH key-based authentication is failing due to an SELinux access control violation rather than a traditional file permission or SSH configuration problem.

The most important clue is the AVC denial message, which shows that the sshd process is being denied read access to the authorized_keys file. The security context of the file is listed as unconfined_u:object_r:home_root_t:s0. Under a targeted SELinux policy, SSH is only permitted to read authorized_keys files that are labeled with the correct SELinux type, typically ssh_home_t.

Because SELinux is running in enforcing mode, it actively blocks access that violates policy rules, even if standard UNIX permissions are correct. Although the file permissions (600) are acceptable for an authorized_keys file, SELinux does not rely solely on traditional permissions. The mismatch between the expected SELinux context and the actual context prevents sshd from accessing the file, causing SSH to fall back to password authentication.

Option D correctly identifies the root cause: the authorized_keys file does not have the correct SELinux security context. This is a well-documented Linux+ V8 troubleshooting scenario, commonly resolved by restoring the correct context using commands such as restorecon or by ensuring the file resides in a properly labeled home directory.

The other options are incorrect. Restarting sshd does not fix SELinux labeling issues. The policy itself is functioning as intended, and file ownership alone does not override SELinux access controls.

Linux+ V8 documentation emphasizes that SELinux denials must be addressed by correcting file contexts rather than weakening security controls. Therefore, the correct answer is D.