ExamGecko
Search Search Login
Home Home / CompTIA / XK0-005
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A systems administrator is enabling LUKS on a USB storage device with an ext4 filesystem format. The administrator runs dmesg and notices the following output: Given this scenario, which of the following should the administrator perform to meet these requirements? (Select three).
A Linux administrator needs to harden a system and guarantee that the Postfix service will not run, even after a restart or system upgrade. Which of the following commands allows the administrator to fulfill the requirement?
A Linux systems administrator is updating code. After completing the update, the administrator wants to publish the updated code without including the configuration files. Which of the following should the administrator use to accomplish this task?
A Linux engineer set up two local DNS servers (10.10.10.10 and 10.10.10.20) and was testing email connectivity to the local mail server using the mail command on a local machine when the following error appeared: The local machine DNS settings are: Which of the following commands could the engineer use to query the DNS server to get mail server information?
Junior system administrator had trouble installing and running an Apache web server on a Linux server. You have been tasked with installing the Apache web server on the Linux server and resolving the issue that prevented the junior administrator from running Apache. INSTRUCTIONS Install Apache and start the service. Verify that the Apache service is running with the defaults. Typing "help" in the terminal will show a list of relevant event commands. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
A new application container was built with an incorrect version number. Which of the following commands should be used to rename the image to match the correct version 2.1.2?
Which of the following options describes the purpose of YAML?
A Linux administrator needs to analyze a failing application that is running inside a container. Which of the following commands allows the Linux administrator to enter the running container and analyze the logs that are stored inside?
A Linux system fails to start and delivers the following error message: Which of the following commands can be used to address this issue?
A Linux administrator is scheduling a system job that runs a script to check available disk space every hour. The Linux administrator does not want users to be able to start the job. Given the following: The Linux administrator attempts to start the timer service but receives the following error message: Which of the following is MOST likely the reason the timer will not start?

Question 245 - XK0-005 discussion

Report
Export

A Linux administrator provisioned a new web server with custom administrative permissions for certain users. The administrator receives a report that user1 is unable to restart the Apache web service on this server. The administrator reviews the following output:

[ root@server ] # id user1

UID=1011 (user1) gid=1011 (USER1) groups=1011 (user1), 101 (www-data), 1120 (webadmin)

[ root@server ] # cat /etc/sudoers.d/custom.conf

user1 ALL=/usr/sbin/systemctl start httpd, /usr/sbin/systemctl stop httpd

webadmin ALL=NOPASSWD: /etc/init.d.httpd restart, /sbin/service httpd restart, /usr/sbin/apache2ctl restart

#%wheel ALL=(ALL) NOPASSWD: ALL

Which of the following would most likely resolve the issue while maintaining a least privilege security model?

A.
User1 should be added to the wheel group to manage the service.
Answers
A.
User1 should be added to the wheel group to manage the service.
B.
User1 should have 'NOPASSWD:' after the 'ALL=' in the custom. conf.
Answers
B.
User1 should have 'NOPASSWD:' after the 'ALL=' in the custom. conf.
C.
The wheel line in the custom. conf file should be uncommented.
Answers
C.
The wheel line in the custom. conf file should be uncommented.
D.
Webadmin should be listed as a group in the custom. conf file.
Answers
D.
Webadmin should be listed as a group in the custom. conf file.
Suggested answer: D

Explanation:

The custom.conf file grants sudo privileges to user1 and webadmin for managing the Apache web service, but it uses different commands for each of them. User1 is allowed to use systemctl to start and stop the httpd service, while webadmin is allowed to use init.d, service, or apache2ctl to restart the httpd service. However, the user1 is unable to restart the service, only start and stop it. To fix this, user1 should be able to use the same commands as webadmin, which can be achieved by listing webadmin as a group in the custom.conf file, using the syntax %groupname. This way, user1 will inherit the sudo privileges of the webadmin group, and be able to restart the Apache web service without compromising the least privilege security model.

Reference

Sudo and Sudoers Configuration | Servers for Hackers, section ''Groups''

Chapter 12. Managing sudo access - Red Hat Customer Portal, section ''12.1. Configuring sudo access for users and groups''

Show Answer
asked 02/10/2024
EDUARDO VIDAL
41 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms