2023年11月27日合格確定ガイド準備XK0-005試験知能問題集
無料最新Linux+ XK0-005リアル試験問題と回答2023年更新
質問 # 81
A Linux administrator is trying to remove the ACL from the file /home/user/dat a. txt but receives the following error message:
Given the following analysis:
Which of the following is causing the error message?
- A. File attributes are preventing file modification.
- B. The administrator is not using a highly privileged account.
- C. SELinux file context is denying the ACL changes.
- D. The filesystem is mounted with the wrong options.
正解:A
解説:
File attributes are preventing file modification, which is causing the error message. The output of lsattr /home/user/data.txt shows that the file has the immutable attribute (i) set, which means that the file cannot be changed, deleted, or renamed. The command setfacl -b /home/user/data.txt tries to remove the ACL from the file, but fails because of the immutable attribute. The administrator needs to remove the immutable attribute first by using the command chattr -i /home/user/data.txt and then try to remove the ACL again. The other options are incorrect because they are not supported by the outputs. The administrator is using a highly privileged account, as shown by the # prompt. The filesystem is mounted with the correct options, as shown by the output of mount | grep /home. SELinux file context is not denying the ACL changes, as shown by the output of ls -Z /home/user/data.txt. Reference: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 11: Managing Files and Directories, pages 357-358.
質問 # 82
A user is attempting to log in to a Linux server that has Kerberos SSO enabled. Which of the following commands should the user run to authenticate and then show the ticket grants? (Select TWO).
- A. kioad
- B. klist
- C. kinit
- D. kexec
- E. realm
- F. pkexec
正解:B、C
解説:
The following commands can help the user to authenticate and show the ticket grants using Kerberos SSO on a Linux server:
kinit: This command obtains and caches an initial ticket-granting ticket (TGT) for the user from the Kerberos key distribution center (KDC). The user needs to enter their password or use a keytab file to authenticate1.
klist: This command lists the cached tickets, including the TGT and any service tickets, for the user. It also shows the expiration time and flags for each ticket2.
For example, the user can run the following commands to log in and view their tickets:
$ kinit username@REALM
Password for username@REALM:
$ klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: username@REALM
Valid starting Expires Service principal
04/06/2023 16:06:59 04/07/2023 02:06:59 krbtgt/REALM@REALM
renew until 04/13/2023 16:06:59
Reference:
kinit(1) - Linux man page, section "Description".
klist(1) - Linux man page, section "Description".
質問 # 83
Junior system administrator had trouble installing and running an Apache web server on a Linux server. You have been tasked with installing the Apache web server on the Linux server and resolving the issue that prevented the junior administrator from running Apache.
INSTRUCTIONS
Install Apache and start the service. Verify that the Apache service is running with the defaults.
Typing "help" in the terminal will show a list of relevant event commands.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
正解:
解説:
yum install httpd
systemctl --now enable httpd
systemctl status httpd
netstat -tunlp | grep 80
pkill <processname>
systemctl restart httpd
systemctl status httpd
質問 # 84
A Linux systems administrator is setting up a new web server and getting 404 - NOT FOUND errors while trying to access the web server pages from the browser. While working on the diagnosis of this issue, the Linux systems administrator executes the following commands:
Which of the following commands will BEST resolve this issue?
- A. sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
- B. setenforce 0
- C. restorecon -R -v /var/www/html
- D. setsebool -P httpd_can_network_connect_db on
正解:C
質問 # 85
A Linux administrator created the directory /project/access2all. By creating this directory, the administrator is trying to avoid the deletion or modification of files from non-owners. Which of the following will accomplish this goal?
- A. chmod +t /project/access2all
- B. chmod 2770 /project/access2all
- C. chmod ugo+rwx /project/access2all
- D. chmod +rws /project/access2all
正解:A
解説:
The command that will accomplish the goal of avoiding the deletion or modification of files from non-owners is chmod +t /project/access2all. This command will set the sticky bit on the directory /project/access2all, which is a special permission that restricts file deletion or renaming to only the file owner, directory owner, or root user. This way, even if multiple users have write permission to the directory, they cannot delete or modify each other's files.
The other options are not correct commands for accomplishing the goal. The chmod +rws /project/access2all command will set both the SUID and SGID bits on the directory, which are special permissions that allow a program or a directory to run or be accessed with the permissions of its owner or group, respectively. However, this does not prevent file deletion or modification from non-owners. The chmod 2770 /project/access2all command will set only the SGID bit on the directory, which means that any new files or subdirectories created in it will inherit its group ownership. However, this does not prevent file deletion or modification from non-owners. The chmod ugo+rwx /project/access2all command will grant read, write, and execute permissions to all users (user, group, and others) on the directory, which means that anyone can delete or modify any file in it. Reference: chmod(1) - Linux manual page; How to Use SUID, SGID, and Sticky Bits on Linux
質問 # 86
A systems administrator is checking the system logs. The administrator wants to look at the last 20 lines of a log. Which of the following will execute the command?
- A. tail -l 20
- B. tail -v 20
- C. tail -n 20
- D. tail -c 20
正解:C
質問 # 87
A systems administrator made some changes in the ~/.bashrc file and added an alias command. When the administrator tried to use the alias command, it did not work. Which of the following should be executed FIRST?
- A. read ~/.bashrc
- B. touch ~/.bashrc
- C. echo ~/.bashrc
- D. source ~/.bashrc
正解:D
解説:
Explanation
The command source ~/.bashrc should be executed first to use the alias command. The source command reads and executes commands from a file in the current shell environment. The ~/.bashrc file is a configuration file that contains commands and aliases that are executed when a new bash shell is started. The administrator made some changes in the ~/.bashrc file and added an alias command, but the changes are not effective until the file is sourced or a new shell is started. The command source ~/.bashrc will reload the file and make the alias command available. The other options are incorrect because they either do not execute the commands in the file (read, touch, or echo) or do not affect the current shell environment (read or echo). References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 9: Working with the Linux Shell, page 295.
質問 # 88
A cloud engineer needs to remove all dangling images and delete all the images that do not have an associated container. Which of the following commands will help to accomplish this task?
- A. docker push images -a
- B. docker images rmi --all
- C. docker rmi -a images
- D. docker images prune -a
正解:D
解説:
Explanation
The command docker images prune -a will help to remove all dangling images and delete all the images that do not have an associated container. The docker command is a tool for managing Docker containers and images. The images subcommand operates on images. The prune option removes unused images.
The -a option removes all images, not just dangling ones. A dangling image is an image that is not tagged and is not referenced by any container. This command will accomplish the task of cleaning up the unused images.
The other options are incorrect because they either do not exist (docker push images -a or docker images rmi
--all) or do not remove images (docker rmi -a images only removes images that match the name or ID of
"images"). References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 19: Managing Cloud and Virtualization Technologies, page 567.
質問 # 89
A systems administrator requires that all files that are created by the user named web have read-only permissions by the owner. Which of the following commands will satisfy this requirement?
- A. echo "umask 377" >> /home/web/.bashrc
- B. setfacl read /home/web
- C. chmod -R 400 /home/web
- D. chown web:web /home/web
正解:C
質問 # 90
A systems administrator wants to be sure the sudo rules just added to /etc/sudoers are valid. Which of the following commands can be used for this task?
- A. visudo -c
- B. cat /etc/sudoers | tee test
- C. test -f /etc/sudoers
- D. sudo vi check
正解:A
解説:
The command visudo -c can be used to check the validity of the sudo rules in the /etc/sudoers file. The visudo command is a tool for editing and validating the /etc/sudoers file, which defines the rules for the sudo command. The -c option checks the syntax and logic of the file and reports any errors or warnings. The command visudo -c will verify the sudo rules and help the administrator avoid any mistakes. This is the correct command to use for this task. The other options are incorrect because they either do not check the validity of the file (test, sudo, or cat) or do not exist (sudo vi check). Reference: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 18: Securing Linux Systems, page 546.
質問 # 91
A Linux system is failing to start due to issues with several critical system processes. Which of the following options can be used to boot the system into the single user mode? (Choose two.)
- A. Interrupt the boot process in the GRUB menu and add init=/bin/bash in the kernel line.
- B. Interrupt the boot process in the GRUB menu and add single=user in the kernel line.
- C. Execute the following command from the GRUB rescue shell: mount -o remount, ro/sysroot.
- D. Interrupt the boot process in the GRUB menu and add systemd.unit=rescue.target in the kernel line.
- E. Interrupt the boot process in the GRUB menu and add systemd.unit=single in the kernel line.
- F. Interrupt the boot process in the GRUB menu and add systemd.unit=single.target in the kernel line.
正解:D、F
解説:
The administrator can use the following two options to boot the system into the single user mode:
Interrupt the boot process in the GRUB menu and add systemd.unit=rescue.target in the kernel line. This option will boot the system into the rescue mode, which is a minimal environment that allows the administrator to perform basic tasks such as repairing the system. The GRUB menu is a screen that appears when the system is powered on and allows the administrator to choose which kernel or operating system to boot. The kernel line is a line that specifies the parameters for the kernel, such as the root device, the init system, and the boot options. The administrator can interrupt the boot process by pressing the e key in the GRUB menu and edit the kernel line by adding systemd.unit=rescue.target at the end. This option will tell the system to use the rescue target, which is a unit that defines the state of the system in the rescue mode. The administrator can then press Ctrl+X to boot the system with the modified kernel line. This option will boot the system into the single user mode and allow the administrator to troubleshoot the issues.
Interrupt the boot process in the GRUB menu and add systemd.unit=single.target in the kernel line. This option will boot the system into the single user mode, which is a mode that allows the administrator to log in as the root user and perform maintenance tasks. The GRUB menu and the kernel line are the same as the previous option. The administrator can interrupt the boot process by pressing the e key in the GRUB menu and edit the kernel line by adding systemd.unit=single.target at the end. This option will tell the system to use the single target, which is a unit that defines the state of the system in the single user mode. The administrator can then press Ctrl+X to boot the system with the modified kernel line. This option will boot the system into the single user mode and allow the administrator to troubleshoot the issues.
The other options are incorrect because they either do not boot the system into the single user mode (execute the following command from the GRUB rescue shell: mount -o remount, ro/sysroot or interrupt the boot process in the GRUB menu and add systemd.unit=single in the kernel line) or do not use the correct syntax (interrupt the boot process in the GRUB menu and add single=user in the kernel line or interrupt the boot process in the GRUB menu and add init=/bin/bash in the kernel line). Reference: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 8: Managing the Linux Boot Process, pages 267-268.
質問 # 92
A systems administrator pressed Ctrl+Z after starting a program using the command line, and the shell prompt was presented. In order to go back to the program, which of the following commands can the administrator use?
- A. fg
- B. su
- C. bg
- D. ed
正解:A
解説:
Ctrl+Z suspended the process, and "fg" will bring it back into the foreground of the shell
質問 # 93
To harden one of the servers, an administrator needs to remove the possibility of remote administrative login via the SSH service. Which of the following should the administrator do?
- A. Add the line DenyUsers root to the /etc/hosts.deny file.
- B. Set PermitRootLogin to no in the /etc/ssh/sshd_config file.
- C. Set PubKeyAuthentication to no in the /etc/ssh/ssh_config file.
- D. Add the line account required pam_nologin. so to the /etc/pam.d/sshd file.
正解:B
質問 # 94
While inspecting a recently compromised Linux system, the administrator identified a number of processes that should not have been running:
Which of the following commands should the administrator use to terminate all of the identified processes?
- A. pkill -9 -f "upload*.sh"
- B. kill -9 "upload*.sh"
- C. skill -9 "upload*.sh"
- D. killall -9 -upload*.sh"
正解:A
解説:
Explanation
The pkill -9 -f "upload*.sh" command will terminate all of the identified processes. This command will send a SIGKILL signal (-9) to all processes whose full command line matches the pattern "upload*.sh" (-f). This signal will force the processes to terminate immediately without giving them a chance to clean up or save their state. The kill -9 "upload*.sh" command is invalid, as kill requires a process ID (PID), not a pattern. The killall -9 "upload*.sh" command is incorrect, as killall requires an exact process name, not a pattern. The skill
-9 "upload*.sh" command is incorrect, as skill requires a username or a session ID (SID), not a pattern. References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 15: Managing Memory and Process Execution, page 470.
質問 # 95
A Linux administrator is trying to remove the ACL from the file /home/user/dat a. txt but receives the following error message:
Given the following analysis:
Which of the following is causing the error message?
- A. File attributes are preventing file modification.
- B. The administrator is not using a highly privileged account.
- C. SELinux file context is denying the ACL changes.
- D. The filesystem is mounted with the wrong options.
正解:A
質問 # 96
A Linux administrator is troubleshooting a memory-related issue. Based on the output of the commands:
Which of the following commands would address the issue?
- A. top -p 8321
- B. renice -10 8321
- C. free 8321
- D. kill -9 8321
正解:B
質問 # 97
After installing a new version of a package, a systems administrator notices a new version of the corresponding, service file was Installed In order to use the new version of the, service file, which of the following commands must be Issued FIRST?
- A. systemctl reinstall
- B. systemctl daemon-reload
- C. systemctl stop
- D. systemctl status
正解:B
解説:
Explanation
After installing a new version of a package that includes a new version of the corresponding service file, the systemctl daemon-reload command must be issued first in order to use the new version of the service file. This command will reload the systemd manager configuration and read all unit files that have changed on disk. This will ensure that systemd recognizes the new service file and applies its settings correctly. The systemctl status command will display information about a service unit, but it will not reload the configuration. The systemctl stop command will stop a service unit, but it will not reload the configuration. The systemctl reinstall command does not exist. References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 17:
System Maintenance and Operation, page 518.
質問 # 98
Which of the following commands is used to configure the default permissions for new files?
- A. sudo
- B. chmod
- C. umask
- D. setenforce
正解:C
質問 # 99
A systems administrator is investigating why one of the servers has stopped connecting to the internet.
Which of the following is causing the issue?
- A. No default route is defined.
- B. Wired connection 1 is offline.
- C. The search entry in the /etc/resolv.conf file is incorrect.
- D. The DNS address has been commented out in the configuration file.
正解:D
質問 # 100
Several users reported that they were unable to write data to the /oracle1 directory. The following output has been provided:
Which of the following commands should the administrator use to diagnose the issue?
- A. df -i /oracle1
- B. du -sh /oracle1
- C. lsblk /dev/sdb1
- D. fdisk -1 /dev/sdb1
正解:A
解説:
Explanation
The administrator should use the command df -i /oracle1 to diagnose the issue of users being unable to write data to the /oracle1 directory. This command will show the inode usage of the /oracle1 filesystem, which indicates how many files and directories can be created on it. If the inode usage is 100%, it means that no more files or directories can be added, even if there is still free space on the disk. The administrator can then delete some unnecessary files or directories, or increase the inode limit of the filesystem, to resolve the issue.
The other options are not correct commands for diagnosing this issue. The fdisk -l /dev/sdb1 command will show the partition table of /dev/sdb1, which is not relevant to the inode usage. The lsblk /dev/sdb1 command will show information about /dev/sdb1 as a block device, such as its size, mount point, and type, but not its inode usage. The du -sh /oracle1 command will show the disk usage of /oracle1 in human-readable format, but not its inode usage. References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 7:
Managing Disk Storage; How to Check Inode Usage in Linux - Fedingo
質問 # 101
A Linux administrator is troubleshooting SSH connection issues from one of the workstations.
When users attempt to log in from the workstation to a server with the IP address 104.21.75.76, they receive the following message:
The administrator reviews the information below:

Which of the following is causing the connectivity issue?
- A. The server has an incorrect default gateway configuration.
- B. The sshd service is disabled.
- C. The server's firewall is preventing connections from being made.
- D. The workstation has the wrong IP settings.
正解:C
解説:
The server's firewall is preventing connections from being made, which is causing the connectivity issue. The output of iptables -L -n shows that the firewall is blocking all incoming traffic on port 22, which is the default port for SSH. The output of ssh -v [email protected] shows that the connection is refused by the server. To resolve the issue, the administrator needs to allow port 22 on the firewall. The other options are incorrect because they are not supported by the outputs. The workstation has the correct IP settings, as shown by the output of ip addr show. The sshd service is enabled and running, as shown by the output of systemctl status sshd. The server has the correct default gateway configuration, as shown by the output of ip route show. Reference: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 13: Managing Network Services, pages 406-407.
質問 # 102
A development team asks an engineer to guarantee the persistency of journal log files across system reboots. Which of the following commands would accomplish this task?
- A. journalctl --list-boots && systemctl restart systemd-journald.service
- B. sed -i 's/auto/persistent/g' /etc/systemd/journald.conf && sed -i 'persistent/s/#//q' /etc/systemd/journald.conf
- C. grep -i auto /etc/systemd/journald.conf && systemctl restart systemd-journald.service
- D. cat /etc/systemd/journald.conf | awk '(print $1,$3)'
正解:C
質問 # 103
......
CompTIA Linux+ 認定試験は、Linux システム管理のキャリアを追求するプロフェッショナルにとって必須の認定資格です。Linux システムの管理とトラブルシューティングに必要なスキルと知識を検証し、さまざまな組織や企業によって世界的に認められています。試験に合格するためには、Linux コマンドライン、ファイルシステム、ユーザー管理、ネットワーク構成、シェルスクリプトについての理解が必要であり、書籍、オンラインコース、実践的な経験など、さまざまなリソースを活用して準備する必要があります。
候補者は、XK0-005試験に合格して、Comptia Linux+認定を取得する必要があります。この試験は、複数選択とパフォーマンスベースの質問で構成されており、実世界のシナリオで知識を適用する候補者の能力をテストするように設計されています。この試験はコンピューターベースであり、世界中の任意の認定テストセンターで撮影できます。
究極な準備用ガイドXK0-005認定試験Linux+:https://www.jpntest.com/shiken/XK0-005-mondaishu
XK0-005究極な学習ガイド:https://drive.google.com/open?id=1hEqiwkaPqlms0iuOCI_42j0U5FRcgzym