CompTIA XK0-005 Practice Test - Questions Answers, Page 26

The yum history undo last command will undo the last transaction, which in this case is the installation of the httpd RPM package and its dependencies. This will remove the packages that were installed and restore the previous state of the system. SeeHow to undo or redo yum transactionsandyum history. Reference 1: https://www.redhat.com/sysadmin/undo-redo-yum-transactions 2: https://man7.org/linux/man-pages/man8/yum.8.html#HISTORY

The users who have root-level command-line access are those who have either the same user ID (UID) as root, which is 0, or the ability to run commands as root using sudo. Based on the /etc/passwd and /etc/sudoers files, the users who meet these criteria are:

Carl: Carl has the same UID as root, which is 0, as shown in the /etc/passwd file. This means that Carl can log in as root and execute any command with root privileges1

Mallory: Mallory has the ability to run commands as root using sudo, as shown in the /etc/sudoers file. The line ALL = (ALL) ALL means that any user can run any command as any other user, including root, by using sudo. Mallory can also use the root shell /bin/bash as her login shell, as shown in the /etc/passwd file2

Therefore, the correct answer is A and C. Lee, Eve, Bob, and Alice do not have root-level command-line access because they have different UIDs from root and they cannot use sudo to run commands as root. Lee can only use sudo to run the commands listed in the Cmnd_Alias SHELLS, which are /bin/tcsh, /bin/sh, and /bin/bash. Eve cannot log in at all because her login shell is /bin/nologin. Bob and Alice can only use sudo to run the command /usr/sbin/tcpdump without a password, as specified by the Cmnd_Alias SYSADMIN and the line ALL = NOPASSWD: SYSADMIN2

This command will use the iptables tool to append a rule to the POSTROUTING chain of the nat table, which will match any packet with a source address of 172.17.0.0/16 and an output interface of eth0, and apply the MASQUERADE target to it.This means that the packet will have its source address changed to the address of the eth0 interface, effectively hiding the internal network behind a NAT12.

The output shows that the user1 account has a locked password, indicated by the exclamation point (!) in the second field of the /etc/shadow file1.To unlock the password and allow the user to log in, the systems administrator should use the passwd command with the -u (unlock) option2.

This command will use the chsh tool to change the login shell of the users www-data and db to /bin/false, which means they will not be able to log in to the system1. This will prevent unauthorized access attempts and improve security.

This option declares an explicit dependency between the Docker service and the docker-repository.mount unit. It means that the Docker service will not start unless the docker-repository.mount unit is successfully activated.This ensures that the volume is mounted before the Docker service tries to use it12.

This file prevents any non-root user from logging in to the system, regardless of the authentication method. The contents of the file are displayed to the user before the login is terminated.This can be useful for system maintenance or security reasons12.

These commands can display all the firewall rules applied to the Linux servers, depending on which firewall service is being used.

The firewall-cmd command is a utility for managing firewalld, which is a dynamic firewall service that supports zones and services. The --list-all option will show all the settings and rules for the default zone, or for a specific zone if specified.For example, firewall-cmd --list-all --zone=public will show the rules for the public zone1.

The ufw command is a frontend for iptables, which is a low-level tool for manipulating netfilter, the Linux kernel's packet filtering framework. The status option will show the status of ufw and the active rules, or the numbered rules if verbose is specified.For example, ufw status verbose will show the numbered rules and other information2.

The other options are incorrect because:

A) ufw limit

This command will limit the connection attempts to a service or port using iptables' recent module.It does not display any firewall rules2.

B) iptables -F

This command will flush (delete) all the rules in the selected chain, or all chains if none is given.It does not display any firewall rules3.

C) systemctl status firewalld

This command will show the status of the firewalld service, including whether it is active or not, but it does not show the firewall rules4.

F) iptables -A

This command will append one or more rules to the end of the selected chain.It does not display any firewall rules3.

The correct answer is A. systemctl isolate multi-user.target sh script.sh systemctl isolate graphical.target

This sequence will allow the administrator to switch from the graphical mode to the console mode, run the script, and then switch back to the graphical mode.

The systemctl command is used to control the systemd system and service manager, which manages the boot targets and services on Linux systems. The isolate subcommand starts the unit specified on the command line and its dependencies and stops all others. The multi-user.target is a boot target that provides a text-based console login, while the graphical.target is a boot target that provides a graphical user interface. By using systemctl isolate, the administrator can change the boot target on the fly without rebooting the system.

The sh command is used to run a shell script, which is a file that contains a series of commands that can be executed by the shell. The script.sh is the name of the script that contains the application change that the administrator needs to make. By running sh script.sh, the administrator can execute the script in the console mode.

The other options are incorrect because:

B) systemctl isolate graphical.target sh script.sh systemctl isolate multi-user.target

This sequence will switch from the console mode to the graphical mode, run the script, and then switch back to the console mode. This is not what the administrator wants to do, as the script must be run only in console mode.

C) sh script.sh systemctl isolate multi-user.target systemctl isolate graphical.target

This sequence will run the script in the current mode, which may or may not be console mode, and then switch to console mode and back to graphical mode. This is not what the administrator wants to do, as the script must be run only in console mode.

D) systemctl isolate multi-user.target systemctl isolate graphical.target sh script.sh

This sequence will switch from graphical mode to console mode and then back to graphical mode, without running the script at all. This is not what the administrator wants to do, as the script must be run only in console mode.

systemctl(1) - Linux manual page

How to switch between the CLI and GUI on a Linux server

How to PROPERLY boot into single user mode in RHEL/CentOS 7/8

Changing Systemd Boot Target in Linux

Exit Desktop to Terminal in Ubuntu 19.10