CompTIA  XK0-005 Exam Dumps & Practice Test Questions

Question 1:

An administrator has mistakenly removed the /boot/vmlinuz kernel image and needs to identify the correct version to recover it before restarting the system. 

Which command combination will help determine the appropriate kernel version?

A. rpm -qa | grep kernel; uname -a
B. yum -y update; shutdown -r now
C. cat /etc/centos-release; rpm -Uvh --nodeps
D. telinit 1; restorecon -Rv /boot

Correct Answer: A

Explanation:

The /boot/vmlinuz file is a symbolic link to the actual Linux kernel binary used during system boot. If it is deleted, the system may fail to boot correctly. Before rebooting, it's critical to identify the currently installed and active kernel version so that the correct version can be restored or reinstalled.

Option A, which uses rpm -qa | grep kernel and uname -a, is the most appropriate approach. The first part of the command, rpm -qa | grep kernel, queries all installed packages and filters out the kernel packages, displaying their exact versions. This provides a comprehensive view of all kernel versions available on the system. The second part, uname -a, returns the version of the currently running kernel, helping ensure that the replacement aligns with what is currently in use.

Option B, yum -y update; shutdown -r now, initiates a system update and then reboots. While this might install a new kernel, it doesn’t help identify the current kernel version or verify compatibility before rebooting. This option risks making changes without fully understanding the kernel state.

Option C includes cat /etc/centos-release, which only displays the operating system version—not the kernel version. The use of rpm -Uvh --nodeps installs packages without checking dependencies, which is unsafe and could create inconsistencies, especially when dealing with critical components like the kernel.

Option D, involving telinit 1 and restorecon, relates to changing the runlevel and restoring SELinux contexts, respectively. These actions don’t aid in identifying the missing kernel version or restoring the kernel image.

Thus, Option A is the best and safest method for determining the appropriate kernel version prior to restoring the /boot/vmlinuz file.

Question 2:

A cloud engineer wants to update the SSH server to accept connections on port 49000 instead of the default port 22. 

Which configuration file must be changed to implement this new port?

A. /etc/host.conf
B. /etc/hostname
C. /etc/services
D. /etc/ssh/sshd_config

Correct Answer: D

Explanation:

To change the port used by the SSH service for incoming remote login requests, the engineer must modify the SSH daemon’s configuration file. The default port for SSH is 22, but for security or compliance reasons, administrators often choose to configure SSH to use a non-standard port, like 49000.

The correct file to update is /etc/ssh/sshd_config, making Option D the right choice. This configuration file contains directives that control the behavior of the SSH daemon, including which port it listens on. To make the change, the engineer would need to locate the line in the file that starts with Port and replace the value with 49000 (e.g., Port 49000). After editing, the SSH service must be restarted for the change to take effect using a command like systemctl restart sshd.

Option A, /etc/host.conf, is used for controlling hostname resolution behavior and has no influence over SSH or port configurations.

Option B, /etc/hostname, contains the name of the host (machine) and is irrelevant to service ports or SSH configuration.

Option C, /etc/services, maps service names to port numbers for reference by some legacy applications. While it includes entries like ssh 22/tcp, editing this file does not actually change the behavior of SSH—it is more of a reference database than a configuration file.

Therefore, to effectively change the SSH port for remote login, the only correct file to edit is /etc/ssh/sshd_config. Changing this file ensures that the SSH daemon listens on the newly designated port. Following the change, the firewall should also be updated to allow traffic through the new port.

In conclusion, the correct file for configuring the SSH port is /etc/ssh/sshd_config, making Option D the correct answer.

Question 3

An administrator notices that a new file has been added to the central Git repository. 

To update the local repository and reflect this change, which Git command should the administrator execute?

A. git reflog
B. git pull
C. git status
D. git push

Correct Answer: B

Explanation:

To synchronize a local Git repository with the central (remote) repository, especially after new content like a file has been added, the most appropriate command is git pull. This command combines the actions of fetching and merging. First, it pulls the latest changes from the remote repository using git fetch. Then, it merges those changes into the local working branch using git merge.

In this scenario, a new file exists in the central repository. Executing git pull ensures that the administrator’s local repository is updated with that file and any other changes that have occurred remotely. This helps maintain consistency between local and remote copies, allowing for smooth collaboration and preventing potential merge conflicts later.

Let’s review the other options:

• A. git reflog: This command displays the local history of changes (reference logs) within a repository. It helps trace previous states and recover lost commits. However, it does not interact with or fetch updates from the remote repository. Thus, it’s not useful for syncing with new external files.

• C. git status: This command shows the current state of the working directory and staging area, such as tracked/untracked files and changes pending commit. It does not synchronize repositories and is more about viewing the local repo status.

• D. git push: This command is used to send local changes to the remote repository. In this case, the goal is to bring in new remote changes into the local environment, not the reverse. Therefore, using git push would not serve the administrator’s purpose.

Ultimately, git pull is the correct command as it retrieves and merges all new changes from the main repository into the local copy, ensuring full synchronization.

Question 4

A Linux system administrator needs to temporarily reroute all HTTP traffic to a proxy server with the IP address 192.0.2.25, listening on port 3128. 

Which iptables command correctly achieves this redirection?

A. iptables -t nat -D PREROUTING -p tcp --sport 80 -j DNAT --to-destination 192.0.2.25:3128
B. iptables -t nat -A PREROUTING -p tcp --dport 81 -j DNAT --to-destination 192.0.2.25:3129
C. iptables -t nat -I PREROUTING -p tcp --sport 80 -j DNAT --to-destination 192.0.2.25:3129
D. iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.0.2.25:3128

Correct Answer: D

Explanation:

To reroute all HTTP traffic (which operates on port 80) to a different proxy server at IP address 192.0.2.25 and port 3128, you must use the iptables command targeting the nat table with the PREROUTING chain and DNAT action. This approach rewrites the destination IP and port before the system processes the packet further, effectively redirecting the traffic.

Option D—iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.0.2.25:3128—is correct. Here’s why:

• -t nat specifies that the rule applies to the NAT table.

• -A PREROUTING appends the rule to the PREROUTING chain, which handles incoming packets before routing.

• -p tcp --dport 80 targets incoming TCP packets destined for port 80 (HTTP).

• -j DNAT --to-destination 192.0.2.25:3128 modifies the destination to route traffic to the proxy server.

Now, let’s analyze the incorrect options:

• A uses -D, which deletes an existing rule. Since the task is to add a redirection, this is inappropriate.

• B targets port 81 instead of 80, and redirects to port 3129 instead of 3128, making it both misconfigured and inaccurate.

• C uses --sport 80, referring to the source port. HTTP traffic typically has a destination port of 80, so this command wouldn’t match incoming HTTP requests. It also redirects to the wrong port (3129).

Thus, the correct method to redirect incoming HTTP traffic to the desired proxy endpoint is clearly option D, which uses all the proper parameters to achieve effective traffic redirection.

Question No 5:

A group of developers has requested the configuration of a permanent static route on an application server. The requirement is that all traffic directed to the IP address 10.0.213.5/32 through interface eth0 should be routed via the gateway 10.0.5.1. 

Which command should the system administrator use to correctly set up this routing rule?

A. route -i eth0 -p add 10.0.213.5 10.0.5.1
B. route modify eth0 +ipv4.routes "10.0.213.5/32 10.0.5.1"
C. echo "10.0.213.5 10.0.5.1 eth0" > /proc/net/route
D. ip route add 10.0.213.5/32 via 10.0.5.1 dev eth0

Correct Answer: D

Explanation:

To define a static route on a Linux system, the preferred and modern tool is the ip command from the iproute2 suite. The correct command in this context is:

This command explicitly states that any packets destined for the single host 10.0.213.5 (as denoted by /32) should be sent through the next-hop gateway 10.0.5.1 using the eth0 interface. Here’s how the command breaks down:

• ip route add: Starts the route addition process.

• 10.0.213.5/32: Represents a route to a single host.

• via 10.0.5.1: Indicates the gateway for this route.

• dev eth0: Specifies the interface to use.

Let’s assess the other choices:

A. This option uses the route command, which is outdated and does not support -i or -p flags as shown. The -p flag is for Windows persistent routes and not valid in Linux.
B. This syntax is incorrect and not standard for Linux routing commands. It resembles configuration in systems like NetworkManager but is not valid as a standalone command.
C. Writing directly to /proc/net/route is dangerous and unsupported. This file reflects current routing entries, but manually editing it can destabilize the system.

Ultimately, the ip command is the current and recommended method for managing routes on modern Linux systems. If the route needs to persist after a reboot, it should be added to system network configuration files based on the distro.

Question 6:

Which of the following options correctly verifies in a shell script whether a specific file exists?

A. if [ -f "$filename" ]; then
B. if [ -d "$filename" ]; then
C. if [ -f "$filename" ] then
D. if [ -f "$filename" ]; while

Correct Answer: A

Explanation:

To determine whether a file exists in a shell script, especially within bash or similar Unix shells, the -f test operator is used inside an if statement. The proper syntax is:

Here’s the role of each part:

• [ -f "$filename" ]: Tests if the file exists and is a regular file (i.e., not a directory or special file).

• then: Specifies the actions to execute if the condition is true.

• "$filename": A variable holding the name or path of the file.

Let’s now evaluate the other options:

B. if [ -d "$filename" ]; then is used to check if the path is a directory, not a regular file. Though syntactically correct, it doesn't fulfill the question's requirement to check for a file.

C. if [ -f "$filename" ] then is syntactically incorrect. There must be a semicolon ; or a newline between the closing square bracket ] and the then. Without this, the shell will produce a syntax error.

D. if [ -f "$filename" ]; while is invalid. The use of while here is unnecessary and incorrectly placed. A while loop is not relevant when just checking for a file’s existence.

In summary, the correct way to test for the existence of a regular file in bash is if [ -f "$filename" ]; then. This command structure is universally used and adheres to standard shell scripting practices.

Question 7:

A system administrator has written code to deploy three identical virtual servers in a cloud environment. Based on this approach, which technology are they most likely using?

A. Ansible
B. Puppet
C. Chef
D. Terraform

Correct Answer: D

Explanation:

In this scenario, the administrator is creating multiple identical cloud-based servers by using code, which strongly indicates the use of an Infrastructure as Code (IaC) tool. Among the options, Terraform best fits this description.

Terraform, developed by HashiCorp, allows administrators to define infrastructure in a high-level configuration language called HCL (HashiCorp Configuration Language). With this tool, infrastructure resources such as virtual machines, networking components, and cloud services can be declaratively defined and deployed in a consistent and repeatable manner. It supports all major cloud platforms like AWS, Azure, and Google Cloud, making it ideal for automating the provisioning of cloud infrastructure.

The other tools listed serve different purposes:

• Ansible is primarily a configuration management tool. It automates tasks such as software installation, updates, and configuration on already provisioned servers, though it does have limited cloud provisioning capabilities.
  
  

• Puppet is also focused on configuration management. It uses a declarative language to manage the state of system resources but is not widely used for provisioning infrastructure from scratch.
  
  

• Chef functions similarly to Puppet, using "recipes" and "cookbooks" to define system configurations. Like the others, it is not primarily intended for cloud infrastructure provisioning.

Therefore, while tools like Ansible, Puppet, and Chef can manage and configure systems after deployment, they are not typically used to provision infrastructure itself. Terraform, however, is explicitly designed for that purpose, making it the correct answer in this case.

In summary, when it comes to provisioning multiple identical servers in the cloud using code, Terraform stands out as the most efficient and purpose-built tool. It simplifies complex infrastructure deployment processes and ensures consistency across environments.

Question 8:

Which technology is most commonly used as a centralized system for managing Linux user and group accounts?

A. LDAP
B. MFA
C. SSO
D. PAM

Correct Answer: A

Explanation:

The appropriate solution for maintaining a central repository of Linux users and groups is LDAP (Lightweight Directory Access Protocol). LDAP is a protocol designed to access and maintain distributed directory information services. In Linux and Unix-based systems, LDAP is commonly implemented to manage centralized authentication and directory services across an organization.

By using LDAP, system administrators can maintain a single point of control for user identities. This centralization allows consistent management of login credentials, user permissions, and group policies across many machines. It is particularly useful in enterprise environments where managing local user databases individually on each server would be inefficient and error-prone.

Let’s review why the other options are incorrect:

• MFA (Multi-Factor Authentication) is a security feature used to strengthen authentication by requiring two or more verification methods (e.g., password + phone verification). It enhances security but does not store user or group data.

• SSO (Single Sign-On) allows users to authenticate once and gain access to multiple systems without repeated logins. It streamlines access but relies on a backend directory system—often LDAP or Active Directory—to authenticate users.

• PAM (Pluggable Authentication Modules) is a framework used by Linux systems to handle authentication tasks. PAM doesn't store user information itself; instead, it interfaces with sources like LDAP, local files, or Kerberos for authentication.

In short, LDAP is the foundational protocol that many authentication and access control systems rely upon. It plays a critical role in user and group management, making it the right answer for this scenario.

By implementing LDAP, organizations can simplify user administration, improve consistency, and increase security across multiple Linux systems through centralized identity management.

Question 9:

A Linux server is experiencing connectivity problems and is unable to communicate with other machines on the same local network. A system administrator checks the network settings and link parameters for the eth0 interface. 

Based on the diagnostic output, which of the following is the most likely reason for the connectivity issue?

A. The MAC address ac:00:11:22:33:cd is invalid.
B. The broadcast address should be set to ac:00:11:22:33:ff.
C. The eth0 interface is operating with an outdated kernel module.
D. The Ethernet cable connected to eth0 is not plugged into a switch.

Correct Answer: D

Explanation:

When troubleshooting connectivity issues in a Linux server, particularly when the system cannot reach other hosts on the same subnet, it's crucial to first examine the physical layer before jumping into complex configuration checks. Based on the provided scenario, the most plausible explanation is that the Ethernet cable is not connected to a switch, resulting in a lack of physical network connectivity.

This situation would prevent even basic local communication with other devices on the same subnet. In most cases, if an interface is physically disconnected, the link status will indicate this, and no data packets will be transmitted or received. Even if IP settings and MAC addresses are correctly configured, without a live physical link, network communication will fail. That is why option D is the most accurate.

Let’s review the incorrect options:

A. The MAC address ac:00:11:22:33:cd follows the correct format for Ethernet MAC addresses. MAC addresses are 48 bits long, typically shown as six groups of hexadecimal pairs. There is nothing about this specific address to suggest it is invalid.

B. The broadcast address mentioned here appears to confuse Ethernet broadcast addresses with IP broadcast behavior. The Ethernet broadcast address is universally ff:ff:ff:ff:ff:ff, and changing the MAC address to ac:00:11:22:33:ff is not required or even correct.

C. Using an outdated kernel module could cause networking issues, but those typically result in the interface being entirely non-functional. The scenario described does not suggest that eth0 is down or missing, but rather that the server cannot communicate with other machines—indicative of a physical connectivity issue instead.

Thus, the most likely root cause is that the Ethernet cable is simply not plugged into a switch or networking device, making D the correct answer.

Question 10:

A cloud operations engineer is reviewing server logs to investigate intermittent failures when sending application metrics to a monitoring backend. After analyzing the log details, the engineer suspects an issue with one of the OpenTelemetry Collector receivers. 

Based on this scenario, what is the most likely reason the data isn't being received?

A. The OpenTelemetry Collector’s metrics exporter is using the wrong endpoint.
B. The application is not using the correct port number expected by the metrics receiver.
C. The metrics receiver in the collector is not configured to accept compressed data.
D. The logging pipeline in the collector is disabled by default.

Correct Answer: B

Explanation:

When troubleshooting issues involving the transmission of telemetry data from an application to a monitoring backend through the OpenTelemetry Collector, port configuration plays a critical role. In this scenario, the issue likely stems from the application not targeting the correct port number that the metrics receiver in the OpenTelemetry Collector is expecting.

Each receiver component in the OpenTelemetry Collector listens on a specific port for incoming data—be it traces, metrics, or logs. If the application sends metrics to a port that is either incorrect or not actively being listened to by the collector, the data will never reach its destination, resulting in silent failures or dropped metrics. Therefore, option B is the most plausible explanation.

Let’s evaluate why the other choices are less likely:

A. If the exporter endpoint were incorrect, the issue would arise after data is received by the collector and during the process of forwarding it to an external backend. However, this scenario points to failures at the input stage (receiving data), not exporting.

C. While some receivers can be configured to accept or reject compressed data formats, this generally results in parsing or decoding errors, which are usually well-documented in logs. It is a less common cause compared to a simple misconfiguration of port numbers.

D. The logging pipeline being disabled might prevent visibility into what’s happening inside the collector, but it wouldn’t directly cause metric data to be dropped or not received. The question is specifically about metrics, not logs.

In conclusion, the most likely root cause is that the application is attempting to send metrics to a port that the OpenTelemetry Collector is not monitoring for that type of traffic. Ensuring that the application and collector are aligned on port configuration for metrics ingestion resolves this kind of issue. Thus, B is the correct answer.