Visit here for our full LPI 101-500 exam dumps and practice test questions.
Question 61:
Which command shows all running processes along with memory and CPU usage in a continuously updating display?
A) ps aux
B) top
C) uptime
D) last
Answer: B) top
Explanation:
Top provides a dynamic, real-time view of system processes, CPU, and memory usage. Ps aux is static, uptime shows system load and running time, and last shows login history.
In Linux, monitoring system performance and user activity is a fundamental task for administrators. Various commands provide insights into processes, CPU, memory, and login history, each serving a distinct purpose. Among the most commonly used tools are top, ps aux, uptime, and last. Understanding the differences between these commands is crucial for effective system monitoring and troubleshooting.
The top command is a dynamic, interactive utility that displays a real-time view of system processes along with CPU and memory usage. When executed, top continuously refreshes the display, typically every few seconds, providing administrators with up-to-date information about process IDs (PIDs), user ownership, CPU and memory percentages, and the commands being executed. Additionally, the top provides a summary of system statistics, including the total number of tasks, running and sleeping processes, CPU load, memory, and swap usage. Interactive features allow sorting processes by CPU or memory usage, sending signals to terminate processes, or adjusting the refresh interval. This makes the top especially useful for identifying resource-intensive processes and troubleshooting performance bottlenecks.
In contrast, ps aux provides a static snapshot of processes at the moment it is run. The a option lists processes for all users, u adds user and resource information, and x includes processes not attached to a terminal. While ps aux does not update in real time like top, it is highly useful for scripting, reporting, or when a fixed snapshot of process states is needed. Administrators often use it in combination with grep to locate specific processes or analyze their resource consumption.
The uptime command offers a concise summary of system runtime and load averages. It displays how long the system has been running, the number of logged-in users, and the system load averages for the past 1, 5, and 15 minutes. Load averages indicate the average number of processes waiting for CPU time and are a useful measure of system performance over time. Unlike top or ps aux, uptime does not provide information about individual processes.
The last command reads from /var/log/wtmp to show a historical list of user logins, reboots, and shutdowns. It provides usernames, terminal sessions, login and logout times, and session durations. This command is essential for auditing user activity, tracking system usage patterns, or identifying unauthorized access.
Question 62:
What is the difference between lsblk and df -h?
A) lsblk lists mounted filesystems; df -h lists all block devices
B) lsblk lists block devices; df -h shows mounted filesystem usage
C) Both commands show identical information
D) df -h lists hardware devices; lsblk shows directory sizes
Answer: B) lsblk lists block devices; df -h shows mounted filesystem usage
Explanation:
lsblk provides a tree view of storage devices, partitions, and mount points, whereas df -h focuses on usage statistics of mounted filesystems.
Linux systems rely heavily on block devices and filesystems for data storage. Managing these resources efficiently requires understanding both the physical layout of storage devices and the logical utilization of mounted filesystems. Two essential commands for these tasks are lsblk and df -h. Though they may seem similar at first glance, they serve distinct purposes and provide complementary information.
lsblk: Listing Block Devices
The command lsblk stands for “list block devices.” A block device is a storage device that reads and writes data in fixed-size blocks, such as hard drives, SSDs, USB drives, and partitions. Unlike character devices (like /dev/tty), block devices allow random access to data, making them suitable for filesystems.
Running the lsblk command on a Linux system produces a tree-like structure of all block devices. For example:
$ lsblk
NAME MAJ: MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:00 931.5G 0 disk
├─sda1 8:1 0 500M 0 part /boot
├─sda2 8:2 0 100G 0 part /
└─sda3 8:30 831G 0 part /home
sdb 8:16 0 465.8G 0 disk
└─sdb1 8:17 0 465.8G 0 part /mnt/backup
Here, several key details are presented:
NAME: The device or partition name. Devices like sda are physical drives; sda1, sda2 are partitions.
MAJ:MIN: Major and minor device numbers assigned by the kernel.
RM: Indicates whether the device is removable (1) or fixed (0).
SIZE: Physical or logical size of the device or partition.
RO: Read-only status.
TYPE: The type of block device: disk for the physical drive, part for partitions, lvm for logical volumes, or rom for optical drives.
MOUNTPOINT: Shows where the partition is mounted in the filesystem hierarchy, if applicable.
Key benefits of lsblk:
Tree structure visualization – helps visualize the hierarchy of disks, partitions, and logical volumes.
No root privileges needed – unlike fdisk -l, lsblk can be run by normal users to get a read-only overview of devices.
Integration with other commands – lsblk supports options like -f to display filesystem type and UUIDs, or -o to customize output columns.
Example with filesystem details:
$ lsblk -f
NAME FSTYPE LABEL UUID MOUNTPOINT
sda
├─sda1 vfat 1234-ABCD /boot
├─sda2 ext4 a1b2c3d4-e5f6-7890-1234-abcdef /
└─sda3 ext4 9876-5432-ABCD-1234-56789 /home
sdb
└─sdb1 ext4 1122-3344-5566-7788 /mnt/backup
With -f, you can see filesystem types (FSTYPE), labels, and UUIDs, which are crucial when mounting partitions, creating fstab entries, or troubleshooting storage issues.
df -h: Disk Free and Usage Statistics
The df command stands for disk free, and it focuses on the logical usage of mounted filesystems, rather than the physical devices themselves. Running df provides a summary of available and used space on each filesystem. The -h option formats sizes in human-readable units (KB, MB, GB), making interpretation easier. Example:
$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 100G 60G 35G 64% /
/dev/sda1 500M 120M 380M 25% /boot
/dev/sda3 831G 400G 430G 50% /home
/dev/sdb1 466G 200G 266G 43% /mnt/backup
Key columns explained:
Filesystem: Device or logical volume providing the filesystem.
Size: Total size of the filesystem.
Used: Space already occupied by files.
Avail: Free space available for new files.
Use%: Percentage of total space used.
Mounted on: Mount point of the filesystem.
Df -h is particularly useful for monitoring filesystem usage, checking disk space before installing software or copying data, and preventing full partitions, which could cause system instability or application failures.
Comparing lsblk and df -h
While lsblk and df -h both provide information related to storage, they differ fundamentally in scope and purpose:
| Feature | lsblk | df -h |
| Focus | Physical block devices and partitions | Logical usage of mounted filesystems |
| View | Tree hierarchy | Tabular, summary |
| Shows unmounted devices? | Yes | No, only mounted filesystems |
| Filesystem type | Yes (with -f) | Yes (default column may vary) |
| Size details | Device/partition size | Available and used filesystem space |
| Root privileges required? | No | No |
| Best use case | Inspecting hardware layout and partitions | Monitoring disk usage and free space |
Key point: lsblk answers “What physical and logical devices exist?” whereas df -h answers “How much space is used and free on mounted filesystems?”
Practical Scenarios and Examples
System Setup: Before creating new partitions or formatting disks, lsblk shows all available devices. You might discover sdb is an unused disk suitable for a new mount point.
Disk Usage Monitoring: To ensure applications do not fail due to full disks, df -h provides a quick overview. For example, seeing / 90% usage indicates that cleaning old logs or extending the filesystem is needed.
Troubleshooting Mount Issues: If a device is not mounting correctly, lsblk -f shows UUIDs, filesystem types, and mount points, while df -h can confirm whether the filesystem is actively mounted and its available space.
Scripting for Automation: Admins often use both commands in scripts. For example, using lsblk -l -o NAME, SIZE, TYPE, MOUNTPOINT to generate a list of devices and df -h | grep ‘/mnt’ to monitor specific mount points’ usage.
Advanced Usage and Options
lsblk advanced options:
-o NAME, SIZE, FSTYPE, MOUNTPOINT, UUID → Custom column selection
-f → Filesystem type, UUID, label
-J → JSON output for programmatic parsing
Df advanced options:
-T → Show filesystem type
–total → Show cumulative usage for all filesystems
-i → Show inode usage, useful for detecting inode exhaustion
Question 63:
Which command displays the last logins of a user or all users?
A) w
B) who
C) last
D) uptime
Answer: C) last
Explanation:
Last reads /var/log/wtmp to display historical login sessions. w and who show currently logged-in users, and uptime shows the system running time.
In Linux, monitoring user activity and system uptime is essential for system administration, security auditing, and troubleshooting. Several commands provide insights into who is logged in, system load, and historical login activity. Among the most commonly used commands for these tasks are last, w, who, and uptime. Each serves a specific purpose, and understanding their differences is crucial for efficient system management.
The last command is used to display a historical record of logins, reboots, and shutdowns. It reads from the /var/log/wtmp file, which logs all user login sessions and system boot events. Each line in the last output provides details such as the username, terminal or TTY, IP address if the login was remote, login and logout times, and session duration. For example, last can help an administrator identify when a user last logged in, how long they were active, or if there were unauthorized login attempts. It is particularly useful for auditing user activity, tracking system usage trends, or investigating security incidents.
In contrast, it provides a snapshot of currently logged-in users. It reads from /var/run/utmp, which maintains information about active sessions. The output shows the username, terminal, login time, and occasionally the originating IP address. While it does not provide historical data, it is invaluable for monitoring active sessions and understanding which users are currently connected to the system.
The w command extends the functionality of who by also displaying system activity alongside logged-in users. In addition to user sessions, we show the idle time for each user, the process they are currently running, and a system summary including uptime, load averages, and the number of active users. This makes w useful for diagnosing system load problems or identifying resource-intensive sessions in real-time.
Finally, uptime provides a concise summary of how long the system has been running since the last boot. It displays the current time, the total uptime, the number of logged-in users, and the system load averages over the past 1, 5, and 15 minutes. Unlike last, w, or who, uptime does not provide user-specific information; instead, it offers a quick overview of system performance and health over time.
Question 64:
Which command can create a user with a home directory and a specific login shell?
A) useradd -m -s /bin/bash john
B) passwd john
C) usermod john
D) groupadd john
Answer: A) useradd -m -s /bin/bash john
Explanation:
-m creates a home directory, and -s sets the login shell. passwd only sets the password, usermod modifies existing accounts, and groupadd creates groups.
In Linux, creating and managing user accounts is a fundamental administrative task. Several commands are used to handle user accounts and permissions, each serving a specific role. Among these, useradd, passwd, usermod, and groupadd are essential tools for creating and configuring users and groups. Understanding how these commands interact and the options available is crucial for system administrators and for LPIC-1 exam preparation.
The useradd command is a low-level utility used to create new user accounts. By default, useradd adds a user entry to /etc/passwd and creates a UID and GID for the account, but it does not automatically create a home directory unless explicitly instructed. The -m option ensures that a home directory is created for the new user, typically under /home/username. This directory serves as the user’s personal workspace, containing configuration files, documents, and settings. Without -m, the user would not have a home directory unless it is created manually.
The -s option allows the administrator to specify the login shell for the user. The login shell is the command interpreter that runs when the user logs in. For instance, -s /bin/bash sets Bash as the default shell, while -s /bin/zsh would assign Zsh. Choosing the appropriate shell affects user experience and scripting behavior. Without specifying -s, the system uses the default shell defined in /etc/default/useradd.
The passwd command is used to set or change a user’s password. Running passwd username allows the administrator to assign a secure password to the newly created account. It does not create the user account; it only updates the encrypted password stored in /etc/shadow. This separation of responsibilities ensures flexibility and security: user accounts and passwords are managed independently.
The usermod command is used to modify existing user accounts. It can change the login shell, home directory, primary group, or add the user to supplementary groups. For example, usermod -s /bin/zsh john changes the shell for an existing user named john. It cannot create new users; its role is strictly modification.
The groupadd command is used to create new groups, which can later be assigned to users. Groups help manage permissions collectively, allowing multiple users to share access rights to files and directories without modifying individual user permissions.
Question 65:
Which command is used to change file ownership recursively?
A) chmod -R user: group /path
B) chown -R user: group /path
C) usermod -R /path
D) chgrp /path
Answer: B) chown -R user: group /path
Explanation
chown changes file ownership; -R applies the change recursively. chmod changes permissions, usermod modifies user accounts, and chgrp changes group ownership only.
In Linux, managing file and directory ownership is a critical aspect of system administration and security. Each file and directory is associated with an owner user and a group, which determines who can access or modify the file. The chown command is the primary tool for changing file ownership, allowing administrators to assign ownership to a specific user and optionally to a group.
The basic syntax of chown is:
chown [OPTIONS] USER[:GROUP] FILE
For example, chown john: developers /var/www/html/index.html changes the owner of the file to john and the group to developers. If the group is omitted, only the owner is changed.
A key option in chown is -R, which stands for recursive. When applied, chown -R changes the ownership of the specified directory and all files and subdirectories within it. This is particularly useful when moving large directory structures or configuring web servers, where all files must belong to a specific user and group. Without -R, chown affects only the specified file or directory and does not traverse subdirectories.
It is important to distinguish chown from other related commands:
chmod: This command changes file permissions (read, write, execute) for owner, group, and others. Unlike chown, it does not affect ownership. For example, chmod 755 /var/www/html sets the owner to have full access and read-execute access for the group and others.
usermod: This command modifies user account attributes, such as login shell, home directory, or group memberships. It does not interact with individual file ownership. For instance, usermod-aGG developer John adds John to the developers group but does not alter ownership of the files he owns.
chgrp: This command changes only the group ownership of a file or directory. For example, chgrp developers /var/www/html assigns the file to the developers group without modifying the owner. Like chown, chgrp also supports the -R option to apply changes recursively.
Proper use of chown ensures secure access control, preventing unauthorized users from modifying critical files while allowing intended users the necessary privileges. For example, web server files often need to be owned by a specific user (www-data) to allow server processes to read or write data securely. Misconfigured ownership can lead to security risks or service failures.
Question 66: How do you monitor the last 50 lines of a log file in real-time?
A) tail -50 file.log
B) tail -n 50 -f file.log
C) less file.log
D) cat file.log
Answer: B) tail -n 50 -f file.log
Explanation: tail -n 50 -f shows the last 50 lines and continues to follow new additions. Tail -50 shows only the last 50 lines once; less allows navigation but requires interactive commands.
In Linux, managing and analyzing log files is a fundamental task for system administrators, and the commands provided—A) tail -50 file.log, B) tail -n 50 -f file.log, C) less file.log, and D) cat file.log—each provides distinct ways to access, monitor, and interpret log data, depending on the use case. Option A, tail -50 file.log, outputs the last 50 lines of the specified log file statically, allowing administrators to quickly review the most recent entries without scrolling through the entire file. This command is useful when you only need a snapshot of recent activity, such as checking the latest error messages or monitoring the conclusion of a process, but it does not provide a continuous update as new lines are added. Option B, tail -n 50 -f file.log, combines the functionality of displaying the last 50 lines with the -f (follow) flag, which allows real-time monitoring of the file as new entries are appended. This makes it invaluable for observing live logs during active system processes, troubleshooting ongoing issues, or watching service outputs without reopening the file repeatedly. Administrators often use this command to track errors, performance metrics, or system events as they occur, providing an immediate understanding of system behavior. Option C, with fewer files. loentriesg offers an interactive pager for navigating the log file. Unlike tail, less allows users to scroll forward and backward, search for keywords, and efficiently move through very large files without loading the entire file into memory. It is ideal for in-depth investigation of historical log entries or when needing to cross-reference different parts of a file, providing more control over the examination process than simple line-limited commands. Finally, option D, cat file.log, displays the entire content of the log file sequentially. While this is straightforward and effective for small files, it becomes cumbersome for large logs since it outputs everything at once, requiring additional filtering or redirection to analyze specific information. Cat is frequently used in combination with other commands like grep, less, or tail to selectively view or process log data. Collectively, these four tools provide a comprehensive approach to log management in Linux: tail -50 is ideal for quick snapshots, tail -n 50 -f for live monitoring, less for interactive exploration of large or historical files, and cat for full file output or piping into other utilities. By understanding their differences and proper use cases, system administrators can efficiently monitor logs, detect anomalies, troubleshoot errors, and maintain operational stability, ensuring that critical system events are tracked accurately and promptly, while balancing efficiency and detail in their log review workflows.
Question 67:
Which command displays all groups on a system, including those from network sources like LDAP?
A) cat /etc/group
B) getent group
C) groups
D) id
Answer: B) getent group
Explanation:
getent group queries the Name Service Switch (NSS) to list groups from local and external sources. Cat/etc/group only shows local groups; groups shows user group membership.
In Linux, understanding group membership and managing user access is an essential part of system administration, and the commands provided—A) cat /etc/group, B) getent group, C) groups, and D) id—each offers unique ways to access information about groups and their associations with users, allowing administrators to effectively monitor and configure permissions. Option A, cat /etc/group, directly reads the local group file, displaying all group names, their corresponding GIDs, and the usernames of members for each group. This command provides a simple and immediate view of local groups, but is limited to the groups defined on the system itself and does not account for groups provided through external directory services such as LDAP or NIS. While useful for quickly listing all local groups and checking memberships, it does not interact with network-based authentication sources, which can be a limitation in enterprise environments. Option B, getent group, overcomes this limitation by querying the Name Service Switch (NSS), which allows Linux to retrieve group information from both local files and external sources such as LDAP or Active Directory. This command ensures a comprehensive view of all groups available to the system, including network-managed groups, making it invaluable for administrators managing centralized authentication systems or hybrid environments where not all groups are locally defined. Option C, groups, focuses on the current user or a specified user, displaying the groups that the user belongs to. It provides an immediate understanding of a user’s group memberships, which is critical for verifying access rights, troubleshooting permission issues, and confirming that newly added users have been correctly assigned to the necessary groups. While it is not a comprehensive listing of all groups on the system, it is a fast and convenient way to check individual user privileges. Option D, id, provides detailed identity information for a user, including the UID, primary GID, and all supplementary groups, along with their numeric IDs. Unlike groups, ID offers both numeric and textual representation, which can be useful for scripting, auditing, and verifying that a user’s effective groups align with security policies. Together, these four commands offer a layered and versatile approach to Linux group management: cat /etc/group for a raw, local view, getent group for a comprehensive system-wide or network-aware perspective, groups for quick verification of a user’s group memberships, and id for detailed identity information, including numeric IDs. Mastering these tools allows system administrators to efficiently monitor user access, manage permissions, and maintain system security by understanding both the structure of local groups and the dynamic memberships of individual users, ensuring that access control policies are correctly implemented and easily auditable.
Question 68:
Which command changes the password of an existing user?
A) passwd username
B) useradd username
C) usermod username
D) sudo username
Answer: A) passwd username
Explanation:
passwd updates the encrypted password stored in /etc/shadow. useradd creates users, usermod modifies accounts, and sudo executes commands with elevated privileges.
In Linux, managing user accounts involves several distinct commands, each designed for a specific purpose, and the options provided—A) passwd username, B) useradd username, C) usermod username, and D) sudo username—highlight the different aspects of user account creation, modification, and security management. Option A, passwd username, is used to set or change the password for an existing user. It updates the password hash stored in /etc/shadow and can enforce password policies such as expiration dates and minimum age. This command is critical for maintaining account security, allowing administrators to reset forgotten passwords, enforce periodic password changes, and ensure compliance with organizational password policies. However, it does not create a user account or modify other user attributes. Option B, useradd username, is a low-level utility for creating a new user account on the system. When executed, it creates an entry in /etc/passwd, optionally sets up a home directory, and defines default user attributes such as the login shell and group membership. The useradd command is typically used in scripts or automation tasks because it provides precise control over user attributes but does not automatically assign passwords; a subsequent passwd command is needed to secure the account. Option C, usermod username, is used to modify existing user accounts. This command allows administrators to change a user’s login name, home directory, default shell, group memberships, and other attributes without recreating the account. It is a versatile tool for updating accounts as organizational requirements change, such as moving users between departments, updating login shells for security or preference reasons, or managing access rights through group changes. Option D, sudo username, is a common misconception and is actually not a valid command for managing user accounts directly. The sudo utility itself is used to execute commands with elevated privileges, allowing authorized users to perform administrative tasks. For example, commands like sudo useradd username or sudo passwd username would grant the necessary root privileges to create or modify user accounts. Alone, typing sudo username would result in an error because sudo requires a command to execute; it is not used to directly manipulate users. Together, these four options illustrate the layered approach to user management in Linux: useradd creates the account, passwd secures it with a password, usermod updates attributes as needed, and sudo provides the privilege escalation required to execute administrative operations. Understanding the distinct roles and limitations of each command ensures administrators can efficiently manage users, enforce security policies, and maintain proper access controls across a Linux environment, while avoiding common errors such as assuming a sudo username can independently manage accounts.
Question 69:
Which command provides a snapshot of current memory usage?
A) vmstat
B) free -h
C) top
D) All of the above
Answer: D) All of the above
Explanation:
Free -h shows memory totals, used, and available. vmstat shows memory, processes, and CPU stats. Top shows per-process memory usage in real-time.
When monitoring memory usage and system performance in Linux, there are several powerful commands that administrators can use to gain insight into how the system is consuming resources, and understanding the nuances of each command helps in selecting the right tool for a particular situation. Option A, vmstat, is a versatile utility that reports virtual memory statistics, including memory usage, swap activity, CPU usage, and I/O statistics. It provides both a summary of system performance since boot and real-time updates when run with a delay argument, making it extremely useful for identifying bottlenecks in memory allocation, swap usage, or overall system load. While vmstat does not provide per-process information, it is valuable for obtaining a holistic view of memory and CPU utilization and detecting trends over time. Option B, free -h, focuses specifically on memory usage, displaying total, used, free, shared, buffer/cache, and available memory in a human-readable format. The -h flag converts memory units into gigabytes, megabytes, or kilobytes, which makes it easier to quickly assess the system’s memory state without having to interpret raw numbers in bytes. Free -h is ideal for a quick snapshot of memory consumption, helping administrators determine if the system is under memory pressure or if swap space is being used excessively. Option C, top, is an interactive real-time monitoring tool that not only shows memory usage but also provides detailed process-level information, including which processes are consuming the most RAM and CPU. By default, top updates every few seconds and allows sorting processes by memory or CPU usage, sending signals to processes, and observing swap and buffer usage in real time. This makes top invaluable for diagnosing performance issues caused by specific applications or processes and for making immediate adjustments if needed. When considering all three tools together, option D, “All of the above,” is the most comprehensive choice, because each command complements the others: vmstat provides overall system statistics and performance trends, free -h gives a concise snapshot of memory availability and usage, and top enables administrators to see individual process impacts on memory and CPU. Using these tools in combination allows for both macro-level analysis of memory and system performance with vmstat and free -h and micro-level troubleshooting with top, ensuring that both system-wide and process-specific memory usage can be monitored effectively. In practice, a Linux administrator might start with free -h to check overall memory availability, then use vmstat 2 to monitor trends over a period of time, and finally open top to investigate which processes are using the most memory and potentially impacting system performance. This holistic approach ensures that memory issues are identified accurately, performance bottlenecks are located quickly, and corrective actions can be taken efficiently, demonstrating why the combination of these tools—vmstat, free -h, and top—represents a comprehensive memory and system monitoring strategy in Linux.
Question 70:
What is the purpose of the /etc/login? defs file?
A) Stores encrypted passwords
B) Defines default user account creation parameters
C) Lists all groups
D) Configures sudo privileges
Answer: B) Defines default user account creation parameters
Explanation:
/etc/login.defs specifies UID/GID ranges, password expiration, and login defaults. Passwords are stored in /etc/shadow, groups in /etc/group, and sudo privileges in /etc/sudoers.
In Linux, proper management of users, groups, and privileges is crucial for system security and administration, and various configuration files and utilities serve distinct purposes to achieve this. Option A, storing encrypted passwords, is primarily handled by the /etc/shadow file, which contains hashed passwords for each user along with password aging information such as last change date, minimum and maximum age, warning period, and account expiration. By storing passwords in a separate, restricted-access file rather than /etc/passwd, Linux enhances security by ensuring that only privileged users, such as root, can access sensitive authentication data, protecting the system from unauthorized access. Option B, defining default user account creation parameters, is managed through the /etc/login. defs file, which sets system-wide policies for user creation, including default UID and GID ranges, password expiration policies, minimum and maximum password lengths, and other parameters used by tools like useradd or adduser. This file ensures consistency and compliance across new user accounts, streamlining administration and enhancing security. Option C, listing all groups, is provided by the /etc/group file, which contains group names, GIDs, and members of each group. Groups are a fundamental aspect of Linux permissions management, allowing multiple users to share access to files and directories without granting excessive individual privileges. Administrators can quickly see which users belong to which groups and manage file access accordingly. Option D, configuring sudo privileges, is accomplished through the /etc/sudoers file, which defines which users or groups can execute commands with root privileges using sudo. This file allows fine-grained control over administrative access, specifying whether a user can run all commands as root or only specific commands, and includes options such as timestamp-based authentication and command logging. Together, these four components—encrypted password storage, default account parameters, group listings, and sudo configuration—form a comprehensive framework for user and privilege management in Linux. For example, when a new user is created, the system references /etc/login.defs to apply default parameters, stores the encrypted password in /etc/shadow, assigns the user to one or more groups listed in /etc/group, and optionally grants sudo access according to /etc/sudoers. Proper understanding and administration of these files are essential for maintaining system security, ensuring correct access control, and managing users effectively. Misconfiguration in any of these areas can lead to security vulnerabilities, such as unauthorized root access, weak password policies, or improper group memberships, highlighting the need for administrators to carefully manage encrypted passwords, default account settings, group memberships, and sudo privileges in a coordinated manner.
Question 71:
Which command would you use to temporarily change the current runlevel in SysV init?
A) systemctl isolate runlevel3.target
B) init 3
C) edit /etc/inittab
D) login
Answer: B) init 3
Explanation:
Init 3 changes the current runlevel temporarily. Editing /etc/inittab changes the default runlevel, and systemctl applies only to systemd.
In Linux, managing system runlevels and transitioning between different modes of operation is an essential part of system administration, especially for maintenance, troubleshooting, or performing tasks in a minimal environment. Option A, systemctl isolate runlevel3.target, is a modern command used on systemd-based distributions to switch the system to runlevel 3, which corresponds to multi-user mode with networking but without a graphical interface. This command isolates the specified target, stopping all services not required by that target and starting the necessary ones, effectively moving the system to a text-based multi-user environment. It is particularly useful for administrators who need to perform maintenance without the overhead of a graphical desktop environment. Option B, init 3, is the traditional SysV init command used to change runlevels on older Linux systems that do not use systemd. Running init 3 switches the system to runlevel 3, similar to the systemd command, stopping graphical services and bringing the system into multi-user mode. While still supported in some systems, it is largely replaced by systemd in modern distributions. Option C, editing /etc/inittab, involves modifying the configuration file that defines the default runlevel for SysV init systems. By changing the line that specifies id:5:initdefault: to id:3:initdefault:, administrators can ensure the system boots directly into runlevel 3 on startup, which is useful for servers that do not require a graphical interface. However, this method is specific to older init systems and does not apply to systemd-managed distributions. Option D, login, refers to the process of authenticating a user to access the system, either at the console or via SSH, once the system has reached the desired runlevel. After switching to runlevel 3 using any of the above methods, a text-based login prompt appears, allowing users or administrators to log in and perform necessary administrative tasks. The login step is crucial because, without authenticating, the administrator cannot execute commands or manage services. Together, these four components demonstrate the progression of managing Linux runlevels: administrators can use systemctl isolate runlevel3.target on systemd systems or init 3 on legacy SysV systems to switch to multi-user text mode, modify /etc/inittab on older systems to set a default runlevel for boot, and then log in at the console or remotely to perform administrative operations. Understanding all these options ensures that system administrators can maintain and troubleshoot Linux systems effectively across both modern and legacy environments, providing flexibility, security, and control over system behavior during maintenance or recovery tasks.
Question 72:
Which file contains the primary configuration for sudo privileges?
A) /etc/passwd
B) /etc/sudoers
C) /etc/shadow
D) /etc/login.defs
Answer: B) /etc/sudoers
Explanation:
/etc/sudoers defines which users or groups can execute commands with elevated privileges. Other files manage accounts, passwords, or login defaults.
Question 73:
Which chmod numeric value gives full permissions to the owner, and read-execute to the group and others?
A) 777
B) 755
C) 644
D) 700
Answer: B) 755
Explanation:
Numeric permissions: owner=7 (rwx), group=5 (r-x), others=5 (r-x). chmod modifies permissions but not ownership.
Question 74:
Which command lists the files in a directory, including hidden files, with detailed human-readable info?
A) ls
B) ls -lh
C) ls -alh
D) ls -a
Answer: C) ls -alh
Explanation:
Combines -a (all files), -l (long format), and -h (human-readable sizes) to show detailed information for all files, including hidden ones.
Question 75:
Which command allows switching to another user account interactively?
A) sudo
B) su
C) usermod
D) passwd
Answer: B) su
Explanation
su switches users interactively, requiring the target user’s password. Sudo executes commands with privileges, usermod modifies accounts, and passwd changes passwords.
Question 76:
Which file stores user account information such as UID, GID, home directory, and login shell?
A) /etc/shadow
B) /etc/passwd
C) /etc/group
D) /etc/sudoers
Answer: B) /etc/passwd
Explanation:
/etc/passwd contains account info; passwords are stored securely in /etc/shadow, and groups are stored in /etc/group.
Question 77:
Which command provides a summary of free, used, and available memory in human-readable form?
A) top
B) free -h
C) vmstat
D) df -h
Answer: B) free -h
Explanation:
Free -h displays total, used, free, shared, buffer/cache, and available memory in human-readable units. vmstat gives more detailed stats, top is real-time per-process, and df -h is for disk usage.
Question 78:
Which command shows all block devices in a tree format with sizes and mount points?
A) lsblk
B) df -h
C) mount
D) du -sh
Answer: A) lsblk
Explanation:
lsblk lists all storage devices, partitions, and mount points in a clear tree structure. Df -h shows usage of mounted filesystems, not the full device layout.
Question 79:
Which command is used to view password aging policies and encrypted passwords?
A) /etc/passwd
B) /etc/shadow
C) passwd
D) /etc/login.defs
Answer: B) /etc/shadow
Explanation:
/etc/shadow stores encrypted passwords and password aging info. /etc/passwd contains user account info, but not passwords.
Question 80:
Which command shows all processes sorted by memory usage in descending order?
A) ps aux –sort=-%mem
B) top
C) uptime
D) free -h
Answer: A) ps aux –sort=-%mem
Explanation:
Sorting by -%mem in ps aux lists processes using the most memory first. Top can sort interactively, uptime shows load, and free-hh shows overall memory stats.
