WIXLIB

Comptia linux xk0- 004 study guide pdf online downloadEach command option utilizes parameters to define what to do, such as display network settings or modify existing network settings. mkinitramfs C. While commercial applications hide their source code from prying eyes, open-source projects make their program code openly available for anyone to peruse and modify if needed. Press Ctrl C while thescript is running. D. The kernel creates files in the /dev directory for each device on the Linux system. Certain switches are helpful for copying large fi les or creating backups locally, so it’s a good idea to review the more commonly used rsync options listed in Table 3.4. Ta b L e 3 . The firewalld zone configuration files are stored in the/usr/lib/firewalld/zones/ directory. However, it’s important that the server trusts the certificate as well. Though it’s typically not installed by default, most distros have the nmap package in their standard repositories. Your X11 session has become hung. This ensures that any files created in the /sales directory are assigned to the sales group. Commandsubstitution allows you to capture the output from a command into a variable so you can extract information from the command output within your shell script. The job queue holds the jobs submitted by the at command for processing. This includes individuals who may have vision impairment, challenges using the mouse, finger movement issues, andso on. 674 Chapter 25 Deploying Bash Scripts Exam Essentials Describe how to link multiple command-line commands together in a shell script.The bash shell allows us to place multiple commands sequentially in a file and will then process each command when you run the file from the command line. The modprobe command is easier touse than the insmod utility because you can denote modules by their module name. Using super user privileges, issue the reboot command. Linux places physical devices in the virtual directory using mount points. reiserFS B. Display ManagerThe desktop environment’s login screen is where you choose a username and enter a password to gainsystem access. /etc/ssh/ssh host rsa key.pub 7. Typically used in a public setting, where other systems on network are not trusted. Git stores this data in the .git/ directory. Commands such as setfacl and getfacl are not associated with firewalls. You must incorporate other commands and write a Bash shell script for it to process a whole text file withit. It uses two components to interface between the kernel and applications: dm-crypt: This module plugs into the kernel and provides the interface between a virtual mapped drive and the actual physical drive. Replace the production container with the development container when the app is ready for production. Sally is concerned about anapplication that allows guests to connect to her Linux system and access a database. The “continual manner” can be hourly, daily, weekly or whatever meets the app’s business requirements. This works similarly to telephone extensions used in a large business. Fortunately, Linux provides several layers of security that you can implement in yourLinux server environment. The /etc/rc.local file allows you to issue certain commands or run any scripts as soon as system initialization is completed. C. The nice command allows you to specify the priority level for an application, so option B is correct. maintenance System is in emergency or recovery mode. PNQ5*"¡ -JOVY 4UVEZ (VJEF &YBN 9, 'PVSUI &EJUJPO By ISJTUJOF #SFTOBIBO BOE 3JDIBSE #MVN PQZSJHIU CZ PIO 8JMFZ 4POT *OD Chapter 2 Sifting Through Services Objective 2.5: Summarize and explain server roles. When copying disks via the dd utility, it is prudent to make sure the drives are not mounted anywhere in the virtual directory structure. Listing 20.3: Settingup the nc server sudo ufw allow 8001 Rule added Rule added (v6) nc -l 8001 /dev/null The -l option on the nc command tells it to go into listening mode and act as a server. A disabled service is one that does not start at system boot. Passing Kernel Parameters Besides the single-user mode trick, you can add other kernel parameters to the linuxcommand in the GRUB boot menu. Be aware that when the utility checks if the service is enabled at the current runlevel, a true or false is returned in the ? Hashing data prior to encryption and then encrypting the produced message digest allows you to add a digital signature to your transmitted encrypted data. The chattr command can add orremove certain file attributes, such as the immutable bit, but is not helpful at this point, so option B is an incorrect answer. To restore files from an archive, employ just the -ivI options. Type oneshot D. B. The pkill command allows you to send a HUP signal to a running process based on a search term for the process name, so option B is correct. TheKerberos package provides authentication services; it does not allow Linux servers to share folders, so option D is incorrect. The only incorrect answer is option B, and it is wrong because kernel modules are not compiled into the kernel. The ls command only displays file and directory names, so option B is also a wrong answer. Which bonding modewould you use to combine two network interfaces to create a single network interface with double the amount of bandwidth to your Linux server? Table 13.5 shows the commands you can use with it. usermod -G NCC-1701 JKirk C. "/var/spool/mail/rich": 1 message 1 new N 1 Rich Thu Feb 28 18:49 15/568 "Output from your job " & Message 1: Fromrich@localhost.localdomain Thu Feb 28 18:49:00 2019 Return-Path: X-Original-To: rich Delivered-To: rich@localhost.localdomain Subject: Output from your job 2 To: rich@localhost.localdomain Date: Thu, 28 Feb 2019 18:49:00 -0500 (EST) From: rich@localhost.localdomain (Rich) Status: R "This script ran at 18:49:00" "This is the end of the script"& As shown in Listing 26.3, when we ran the at command, it produced a warning message, indicating what shell the system uses to run the script (the default shell assigned to /bin/sh, which for Linux is the Bash shell) along with the job number assigned to the job and the time the job is scheduled to run. The K stands for kill (stop), and the S standsfor Managing SysV init Systems 171 start. It contains directives for use in various shadow password suite commands. The most popular implementation of LDAP in the Linux world is the OpenLDAP package. Thus, option E is an incorrect choice as well. nat applies rules to change the addresses of the packets before they exit the chain. The pingand ping6 commands send Internet Control Message Protocol (ICMP) packets to remote hosts using either the IP (ping) or IPv6 (ping6) protocol. Be very careful with the -p and -P options. stop Stop the designated service. Protecting applications from one another is yet another system security feature. The / symbol combination represents a user’shome directory. Describe UFW and its commands.The Uncomplicated Firewall (UFW) is the default firewall service on Ubuntu distributions. The grep utility can employ regular expressions in its PATTERN. This is handy if you have several windows open in the main UI frame. The /etc/hosts.deny file creates a blacklist of hosts you don’t want toallow to connect to network resources on your Linux system. You are trying to decide whether to use a hard link or a symbolic link for a data file. You can modify any of these files or add new files and directories, if needed. Your public key has been saved in /home/Christine/.ssh/id rsa.pub. Infrastructure as a Service (IaaS) In the Infrastructure as aService (IaaS) model, the cloud computing vendor provides low-level server resources to host applications for organizations. While automated configuration management and orchestrated containers may be part of continuous software delivery, they are not directly related. listing 12.1: Comparing the various Linux compression utilities # cp/var/log/wtmp # # cp wtmp wtmp1 # cp wtmp wtmp2 # cp wtmp wtmp3 # cp wtmp wtmp4 # # ls -lh wtmp? The EFI System Partition (ESP) is stored in the directory on Linux systems. X11 forwarding allows you to interact with various X11-based graphical utilities on a remote system through an encrypted network connection. An example is shownin Listing 10.37. C. The sticky bit assigned to a directory restricts all of the files in that directory so that only the file owner can delete the file, even if a user account is in the group that has write permissions, so option C is correct. In snipped Listing 10.31, you can see how it is used to set the USER environment variable within the /etc/profile file ona Fedora Workstation system. Compressing objects: 100% (3/3), done. To prevent that from happening, open the blacklist.conf text file and add these lines: blacklist uas blacklist usb storage Save the file and then reboot the Linux system. [ ] ssh-copy-id -i /.ssh/id ecdsa Christine@192.168.0.104 [ ] Number of key(s) added: 1 [ ] Once you havethe key pair properly created with a passphrase on the remote system, securely transmitted, and installed on the server’s authorized key file, you can employ the ssh-agent utility to start an SSH agent session. The easiest way to find the log files for your system is to examine the / etc/rsyslog.conf configuration file. Table 12.3 provides some tarcommand options for viewing and verifying data backups. E. Listing 4.5: Employing the sort command cat alphabet.txt Alpha Tango Bravo Echo Foxtrot sort alphabet.txt Alpha Bravo Echo Foxtrot Tango If a file contains numbers, the data may not be in the order you desire using the sort utility. Listing 25.12 shows an example of using thecase statement. Unfortunately, in this environment, problems ensue. Figure 28.8 shows how a Type II hypervisor works. The nano text editor is wonderful to use for simple text fi le modifications. Which of the following files contain user account creation directives used by the useradd command? edquota -u B. Distributed version control systems(VCSs) make projects even easier. Platform as a Service (PaaS) provides on-demand environments for developing software. Don’t let kickstart file typographical errors cause installation problems. Enter a name for the virtual machine, select the operating system type as Linux, and then select the version appropriate for your .iso LiveDVD file. PATAsupports two devices per adapter. It allows servers and clients to synchronize on the same time source across multiple networks, adding or subtracting fractions of a second as needed to stay in sync. The port is a unique number assigned to the application so that when a remote client communicates with the server, the server knows which applicationto send the connection to. This is especially helpful, if you’d like to employ the LOG target to create log files of particular packets. Therefore, option B is the correct answer. View the test file using the command cat testfile.txt. To reverse the operation, type in unzip followed by the compressed archive file’s name. In addition, you should know whichparticular distribution versions are helpful. This information assists in tracking fi le changes. mkinitramfs E. The three Internet services Linux servers provide are as follows: Web services Database services Email services 20 Chapter 2 Sifting Through Services The following sections discuss each of these types of Linux services andshow you the open-source software packages commonly used to support them. There’s nothing to prevent a user from sharing his or her user ID and password with others, allowing them to log into the system and perform actions. RAID-1: Disk mirroring duplicates data across two drives. netmask C. C. Barbara wants to ensure that the journal logfiles will be saved after the next reboot of her Linux system. The set command displays all of the global variables set. /.ssh/id rsa 9. The systemd-journald application itself only adds event messages to the journal and doesn’t read it, so option D is incorrect. 6Convenient systemctl service status commands Command Description is-active Displaysactive for running services and failed for any service that has reached a failed state. You can use the up or down option to place the network card in an active or inactive state by default, but it’s not required. To view the current setting of a policy, use the getsebool command: getsebool antivirus can scan system antivirus can scan system -- off To view all of the policies for the system, include the -a option, as shown in Listing 15.6. Listing 15.6: Using the -a option with the getsebool command sudo getsebool -a abrt anon write -- off abrt handle event -- off abrt upload watch anon write -- on antivirus can scan system -- off antivirus use jit -- off auditadm exec content -- onauthlogin nsswitch use ldap -- off authlogin radius -- off authlogin yubikey -- off awstats purge apache log files -- off boinc execmem -- on cdrecord read content -- off cluster can network connect -- off cluster manage all files -- off cluster use execmem -- off cobbler anon write -- off cobbler can network connect -- offcobbler use cifs -- off cobbler use nfs -- off collectd tcp network connect -- off condor tcp network connect -- off conman can network -- off conman use nfs -- off . The purpose of this book is to provide you with the knowledge and skills you need to succeed in the Linux world. 2 The Linux virtual directory structure divided between twodrives Hard Drive 1 bin Hard Drive 2 etc home mnt barbara katie jessica rich Understanding Filesystems 325 In Figure 11.2 , there are two drives used on the Linux system. Kwin E. 2 2. Create a new text file using the command echo "This is a test" testfile. The root account can still be accessed via SSH utilities, such as ssh and scp. You can alsoemploy the /dev/random and/or the /dev/urandom device files to put random data onto the disk. /dev/disk/by-path links storage devices by the physical hardware port they are connected to. While the cat commands may display user environment files in the account’s home directory, they do not display information concerning the account. This outputtells you that to make the fi rst fi le, numbers.txt, just like the second fi le, random.txt, you will need to change the numbers.txt fi le’s lines 2 through 3 to match the random.txt fi le’s lines 2 through 3. -a B. Version Control After the software development process and prior to moving a modified app container image into production, the container and itsrecorded configuration are registered with a version control system. It is critical to understand your options in order to make the correct selections. (SSH is covered later in this chapter.) In addition, the su and sudo commands (covered in Chapter 15) are not hampered from accessing the root account by this PAM configuration. The swapoff utilitydisengages a partition/file from swap space, and thus, option D is an incorrect choice. It will not display the original file to output, so option D is a wrong answer. Thus, if you select 700GB as your virtual disk size, but only 300GB of space is written to the virtual drive, then only 300GB of space is consumed on the physical drive. The RADIUS packageis a simpler authentication package that’s commonly used for network devices, such as switches and routers. 142 root root -rw-r--r--. You downloaded a large important file, fortytwo.db, from your company’s local website to your Linux server but got interrupted by an emergency. The backtick character is not the same as a single quote. You simply letyour orchestration tool know that you need X number of production app container images running at any one time. A blind coworker who is programming on the Linux server is suddenly having odd problems with his braille display device. 340 Chapter 11 Handling Storage Review Questions 1. The hour is in 24-hour format, so the specifiedentry would run the job at 5:10 a.m. every day, making option E correct. Are you sure you want to continue connecting (yes/no)? E. The repquota -a command will display the various quotas on all your filesystems employing quota limits. A. The timedatectl program is part of the systemd package and allows you to both view and change the currenttime, date, and time zone for the Linux system, so option A is correct. Summarize SysV init concepts.The classic SysV init method consists of the /etc/inittab file, which sets the default runlevel via the initdefault record. Type II hypervisors run on top of a host operating system and don’t directly interface with the 832 Appendix Answers toReview Questions system hardware, so option C is incorrect. This chapter walks through how to configure your Linux system to blend in with the local environment where it’s running. The iwconfig command only sets wireless network information, so option B is incorrect. optional 3. Adapters Network adapters are system hardware that allowsnetwork communications. However, to help you with memorizing the assorted components that make up these different desktops, we are providing tables. For example, generally speaking, rsync is better to use than scp in backups because it provides more options. The dmesg utility will simply dump the current kernel ring buffer to STDOUT. Thisallows you to customize the script with new data each time you run it. ls -Z B. The kernel program loads into memory and starts the necessary background programs required for the system to operate (such as a graphical desktop manager for desktops or web and database servers for servers). C. A text file record is considered to be a single file linethat ends in a newline linefeed that is the ASCII character LF. The Virtual Machine Manager can be initiated from a terminal emulator within the graphical environment via the virt-manager command. However, the data restoration time for this backup type can be significant. Shell scripting is covered more thoroughly in Chapter 25. A directive is asetting that modifies a configuration, such as the After setting shown in Listing 6.7. The more commonly used [Unit] section directives are described in Table 6.2 Ta b L e 6 . The order in which Linux checks these can get a little complicated: 1. This allows you to employ multiple scripts in the sed command. -u ––update Only overwrite preexistingdestination files with the same name as DEST if the source file is newer. A stream editor modifies text that is passed to it via a file or output from a pipeline. Thus, tar cvf is valid, but tar c v f is not. This DevOps component is covered more in depth later in this chapter. security applies mandatory access control rules. A NAT adapter creates avirtualized NAT router for the VM. You will see iptables.service listed in the output as a conflict. Finally, you can configure Linux servers for fault tolerance by clustering a large group of small servers together to create one large server. The OpenSSL package provides standard certificate functions for both servers and clients. See Chapter 13 fordetails on how to install software packages. An SSH agent session allows you to enter the session one time and add the key, then connect as often as needed to remote systems via encrypted SSH methods without entering a password or passphrase over and over again. Understanding your business and data needs is part of the backup planningprocess. Listing 3.10: Renaming a directory using the mv command pwd /home/Christine/SpaceOpera ls -F Emphasis/ Story-Line/ mv -i Story-Line Story-Topics ls -F Emphasis/ Story-Topics/ You can move a file and rename it all in one simple mv command, as shown in Listing 3.11. What commands allow you to set the workstation BIOSclock time to the Linux system time? At the end of this introduction is an assessment test that you can take to check your level of Linux skills. Often you can press either the Esc key or the Ctrl Alt F1 key combination to view those messages. -mmin n Display names of files whose data changed n minutes ago. C. The loginctl command will help youdetermine your current GUI session number. The auditd utility creates detailed logs of system activity such as user file access but doesn’t encrypt files or disks, so option D is incorrect. The sysstat is a package that provides the sar utility, and therefore, option B is an incorrect answer. Place the application in a chroot jail. /etc/inittab B. Its developercalls it “cat with wings” because of the bat utility’s many additional features. -rw-r--r--. Now if only you could use systemd-analyze blame to analyze your friends who are always late. /dev/sda 3. Focusing on the GUI 219 File ManagerThis program allows you to perform file maintenance activities graphically. It employs the Authentication Header(AH) protocol for authentication. The free command shows memory items such as free memory, used memory, and buffer/cache usage. The lsmod utility shows 808 Appendix Answers to Review Questions brief module information for loaded modules but is not involved in the unlinking process. You don’t edit the grub.cfg file directly but insteadstore files in the /etc/default/grub file or individual configuration files in the /etc/grub.d folder. Table 15.3 shows the command-line options you can use to restrict specific resources for the user account. Change C. The OVF format creates a distribution package consisting of multiple files. Notice in the output from the ps command that each of thebackground processes is tied to the terminal session (pts/0) terminal. Thus, often OpenSSH is employed. Each document can also contain different data elements. Therefore, option D is the only incorrect choice. Option E is incorrect because locale is a Linux command and not a character set. If your system has the pstree program installed, you cansee a diagram depicting this relationship by typing in pstree -p 1 at the command line. A. The mount command allows you to specify the partition and the location in the virtual directory to append the partition files and folders. Note that the -1F options are used on the ls command to display the scripts in a single column and tack on a fi le indicatorcode. It is simply a message digest of the original plain-text data, which is then encrypted with a user’s private key and sent along with the ciphertext. Keep in mind that if CREATE HOME is not set or set to no within the /etc/login.defs file, a home directory is not created by default. Hybrid cloud services utilize servers hosted both internally andexternally, not just by a third party, so option C is incorrect. pam faillock E. Ta b l e 1 2 . Ctrl D Scroll down half of a screen. This is the mode where you can perform simple editing. The various access tools for vison-impaired users include cursor blinking, cursor size, contract modifications, text size enlargement, sound keys, zoom functions, andscreen readers. In addition, the Linux firewall applications use configuration files to maintain persistency, which allows the firewall configuration to survive system reboots and/or the firewall application being started or reloaded. /sys E. What will the head -15 FileA.txt command do? To solve that problem, each Linux distribution has its own centralclearinghouse of packages, called a repository. Passwords are also stored salted and hashed, using the same hashing algorithm employed for passwords stored in the /etc/shadow fi le. readlink -f B. The Simple protocol for ICEs, or Simple Protocol for Independent Computing Environments (SPICE), is used by the Spice remote desktop. Linux supportsa wide variety of programming languages, so you’ll need to know just what programming language the application was written in. The vmstat utility provides a lot of memory statistics, including disk I/O specific to swapping as well as total blocks in and blocks out to the device. The /boot folder contains the GRUB configuration files and image filesnecessary to boot the system, but it’s not where Linux stores boot logs and is thus incorrect. The /etc/modprobe.d/*.conf files C. The /etc/sysctl.conf file defines kernel network parameters and not a list of DNS servers, so option E is incorrect. The VNC server is flexible in that you can also use a Java-enabled web browser to access it. If you just have afew additional components, you can extend the configuration. It is as follows: rsync [OPTION]. Listing 16.19: Using ssh-keygen to create new public/private key pair sudo ssh-keygen -t rsa -f /etc/ssh/ssh host rsa key Generating public/private rsa key pair. dd of /dev/sde if /dev/sdc B. Exploring Network Issues In order to properly create atroubleshooting plan, you need to understand various network configuration and performance components. Weston is a compositor for the Wayland display server, so option E is also a correct choice. Initialize the .git/ directory. A DHCP server D. In the example in Listing 20.11, only the ext4 fi lesystems are viewed via the -t option, and the results aredisplayed in human-readable format (-h), providing a succinct display. Thus, you must have the proper permissions to access the command and output files specified in the command listing. Cloud services change rapidly, so you may not be able to find the Linux distribution versions you need. Recall that the fourth field in the record is the account’sGID, which is the default group. Many services run all the time, even when no clients are actively using them. Options B and D contain commands that are used with managing filesystem quotas. In Listing 10.25, on a Fedora Workstation distribution, the user’s directory is checked for all four environment fi les. Many Linux users are very passionateabout the desktop environment they use and for good reason. Review Questions Review Questions 1. Partitioning drives can help you better organize your data, such as segmenting operating system data from user data. The /dev folder contains files for communicating with devices, not kernel and system information, so option A is incorrect. Thatcan simplify transferring data between programs. It only displays status information for certain events. Which type of hypervisor template bundles all of the configuration files into a single file for distribution? Thus, for this distribution, both the vi and vim commands will start the vim editor. Table 8.3 briefly describes some of the Cinnamoncomponents. The git config --list command shows configuration data, which should be done after the .git/ directory is initialized, so option B is a wrong choice. Listing 3.38: Using the locate command with no file globbing locate -b passwd /etc/passwd /etc/passwd/etc/pam.d/passwd /etc/security/opasswd /usr/bin/gpasswd [ ]/usr/share/vim/vim74/syntax/passwd.vim locate -b '\passwd' /etc/passwd /etc/pam.d/passwd /usr/bin/passwd /usr/share/bash-completion/completions/passwd The fi rst example in Listing 3.38 shows what would happen if you allow the default fi le globbing to occur. The netmask value defines the local network but not how to map hostnames to IPaddresses, so option B is incorrect. NAT in the physical networking realm uses a network device, such as a router, to “hide” a LAN computer system’s IP address when that computer sends traffic out onto another network segment. A file indicator code is a symbol that indicates the file’s classification, and it is generated by the ls -F command.Container Software Linux has been in the forefront of container development, making it a popular choice for developers. 17 Launching Services There are two primary ways Linux servers run service programs: As a background process, running at all times listening for requests As a process spawned by a parent program that listens for therequests When a Linux service program runs continually as a background process, it’s called a daemon. The head command’s syntax is shown as follows: head [OPTION]. There are several excellent tutorials on the Web. The execute and write bits set those permissions for the standard category of users, groups, or others. The lsmod commanddisplays currently loaded modules. Using multiple workspaces can be very handy, especially if you need to quickly look productive at work when your boss walks by. You’ll see lots of informative messages scroll by as the system detects hardware and loads software. The ps command doesn’t support numeric options, so option E is also incorrect.Setting Your Locale As shown in Listing 9.1, there are three components to how Linux handles localization. Wayland’s only compositor is Weston. The most popular software package that implements SSH in the Linux environment is the OpenSSH package. Now if a user plugs in a USB storage device, the system should ignore the kernel request toload the module necessary to interface with the device. Explain how to prepare a partition to be used in the Linux virtual directory.To use a storage device partition in the virtual directory, it must be formatted with a filesystem that Linux recognizes. Remember that the CompTIA Linux objectives are static, until the next time the certificationexam is updated. To determine the current time zone setting for your Linux system, use the date command, with no options: date Fri Oct 5 21:15:33 EDT 2018 The time zone appears as the standard three-letter code at the end of the date and time display, before the year. Therefore, options C and E are wrong choices. cron B. Go to the end of thelinux or linux16 line, and add the word single. When the setting is set to auto, it will look for the /var/log/journal directory and store event messages there. Private key files should have a 0640 or 0600 (octal) permission setting and be root owned. The program’s name is also not helpful here, so option E is an incorrect choice. For a default CentOSsystem, that folder contains several repository fi les: cd /etc/yum.repos.d ls -al total 44 drwxr-xr-x. You will s

Comptia linux xk0- 004 study guide pdf online download Each command option utilizes parameters to define what to do, such as display network settings or modify existing network settings. mkinitramfs C. While commercial applications hide their source code from prying eyes, open-source projects make their program code openly available for anyone .