ExamGecko
Search Search Login
Home Home / CompTIA / XK0-005
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A systems administrator is enabling LUKS on a USB storage device with an ext4 filesystem format. The administrator runs dmesg and notices the following output: Given this scenario, which of the following should the administrator perform to meet these requirements? (Select three).
A Linux administrator needs to harden a system and guarantee that the Postfix service will not run, even after a restart or system upgrade. Which of the following commands allows the administrator to fulfill the requirement?
A Linux systems administrator is updating code. After completing the update, the administrator wants to publish the updated code without including the configuration files. Which of the following should the administrator use to accomplish this task?
A Linux engineer set up two local DNS servers (10.10.10.10 and 10.10.10.20) and was testing email connectivity to the local mail server using the mail command on a local machine when the following error appeared: The local machine DNS settings are: Which of the following commands could the engineer use to query the DNS server to get mail server information?
Junior system administrator had trouble installing and running an Apache web server on a Linux server. You have been tasked with installing the Apache web server on the Linux server and resolving the issue that prevented the junior administrator from running Apache. INSTRUCTIONS Install Apache and start the service. Verify that the Apache service is running with the defaults. Typing "help" in the terminal will show a list of relevant event commands. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
A new application container was built with an incorrect version number. Which of the following commands should be used to rename the image to match the correct version 2.1.2?
Which of the following options describes the purpose of YAML?
A Linux administrator needs to analyze a failing application that is running inside a container. Which of the following commands allows the Linux administrator to enter the running container and analyze the logs that are stored inside?
A Linux system fails to start and delivers the following error message: Which of the following commands can be used to address this issue?
A Linux administrator is scheduling a system job that runs a script to check available disk space every hour. The Linux administrator does not want users to be able to start the job. Given the following: The Linux administrator attempts to start the timer service but receives the following error message: Which of the following is MOST likely the reason the timer will not start?

Question 151 - XK0-005 discussion

Report
Export

The security team has identified a web service that is running with elevated privileges A Linux administrator is working to change the systemd service file to meet security compliance standards.

Given the following output:

Which of the following remediation steps will prevent the web service from running as a privileged user?

A.
Removing the ExecStarWusr/sbin/webserver -D SOPTIONS from the service file
Answers
A.
Removing the ExecStarWusr/sbin/webserver -D SOPTIONS from the service file
B.
Updating the Environment File line in the [Service] section to/home/webservice/config
Answers
B.
Updating the Environment File line in the [Service] section to/home/webservice/config
C.
Adding the User-webservice to the [Service] section of the service file
Answers
C.
Adding the User-webservice to the [Service] section of the service file
D.
Changing the:nulti-user.target in the [Install] section to basic.target
Answers
D.
Changing the:nulti-user.target in the [Install] section to basic.target
Suggested answer: C

Explanation:

The remediation step that will prevent the web service from running as a privileged user is adding the User=webservice to the [Service] section of the service file. The service file is a configuration file that defines the properties and behavior of a systemd service. The systemd is a system and service manager that controls the startup and operation of Linux systems. The service file contains various sections and options that specify how the service should be started, stopped, and managed. The [Service] section defines how the service should be executed and what commands should be run.

The User option specifies the user name or ID that the service should run as. The webservice is the name of the user that the administrator wants to run the web service as. The administrator should add the User=webservice to the [Service] section of the service file, which will prevent the web service from running as a privileged user, such as root, and improve the security of the system. This is the correct remediation step to use to prevent the web service from running as a privileged user. The other options are incorrect because they either do not change the user that the service runs as (removing the ExecStart=/usr/sbin/webserver -D OPTIONS from the service file or updating the EnvironmentFile line in the [Service] section to /home/webservice/config) or do not affect the user that the service runs as (changing the multi-user.target in the [Install] section to basic.target). Reference: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 15: Managing System Services, page 458.

Show Answer
asked 02/10/2024
Bernardo Garcia
43 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms