Which two statements are true about the GRUB 2 bootloader?

A. Its configuration can be changed bu editing /etc/default/grub2 and executing

grub2-mkconfig to regenerate grub2.cfg

B. It can load many free operating systems directly and chain-load property
operating systems.

C. Its configuration file is /boot/grub2/grub2.cfg and BIOS-based systems.

D. It understands file systems and kernel executable formats, allowing the loading
of operating systems without recording the on-disk physical location of the kernel.

E. Its configuration file is /boot/efi/EFI/redhat/grub2.cfg on UEFI-based systems.

Answer: B, D

Which mdadm command creates a RAID-1 device consisting of two block volumes and one
spare device?
A. mdadm --create /dev/md0 --level=5 --raid-devices=2 /dev/xvdd1 /dev/xvdd2 --
spare-devices=1 /dev/xvdd3

B. mdadm --create /dev/md0 --level=1 --raid-devices =2 /dev/xvdd1 /dev/xvdd2

C. mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/xvdd1 /dev/xvdd2 --

spare-devices=1 /dev/xvdd3

D. mdadm --create /dev/md0 --level=0 --raid-devices=2 /dev/xvdd1 /dev/xvdd2 --

spare-devices=1 /dev/xvdd3

Answer: C

Examine this command and output:

# mdadm --detail /dev/md0

/dev/md0:

Version : 1.2

Creation Time : Tue Oct 27 16:53:38 2020

Raid Level : raid5

Array Size : 207872 (203.03 MiB 212.86 MB)

Used Dev Size : 103936 (101.52 MiB 106.43 MB)

Raid Devices : 3

Total Devices : 3
 Persistence : Superblock is persistent

Update Time : Tue Oct 27 16:53:38 2020

State : clean, degraded, recovering

Active Devices : 2

Working Devices : 3

Failed Devices : 0

Spare Devices : 1

Layout : left-symmetric

Chunk Size : 512K

Rebuild Status : 60% complete

Name : ol8.example.com:0 (local to host ol8.example.com)

UUID : 70f8bd2f:0505d92d:750a781e:c224508d

Events : 66

Number Major Minor RaidDevice State

0 8 49 0 active sync /dev/sdd1

1 8 65 1 active sync /dev/sde1

3 8 81 2 spare rebuilding /dev/sdf1

Which two are true ?

A. A RAID device failed and has returned to normal operating status.

B. The RAID set read and write performance is currently sub-optimal.

C. A new RAID device was just added to replace a failed one.

D. An extra device was added to this RAID set to increase its size

E. Only write performance is currently sub-optimal on this RAID set.

Answer: B,C

Which two statements are true about naming network interfaces ?

A. Consistent device naming is enabled by default

B. The udev device manager generates device names based on a series of schemes.

C. The udev device manager uses a random number if all other schemes fail.
D. Device names cannot be manually configured.

E. Device names incorporate the physical location and hot plug slot index number.

Answer: A,B

Which two default user account settings are contained in /etc/login.defs ?

A. decryption method used to decrypt passwords

B. user hashed passwords

C. group hashed passwords

D. password aging controls

E. encryption method used to encrypt passwords

Answer: D,E

Examine the contents of the /etc/exports file on an NFS server:

/status *(rw,async)

/usr/shared/tools *(all_squash,anonuid=501,anongid=501,ro)

/projects/big *(ro) pteam(rw)

The NFS server exports /usr/shared/tools to NFS clients.

Which statement is true ?

A. All clients except those with a local 501 user cand mount /usr/shared/tools
read-only

B. All clients can mount /usr/shared/tools read-only and NFS explicitly maps all
requests to the UID and GID of the privileged local 501 user.

C. All clients can mount /usr/shared/tools read-only and NFS explicitly maps all
requests to the UID and GID of the unprivileged local 501 user.

D. All clients can mount /usr/shared/tools read-only and all-squash overrides

explicit mapping of the UID and GID defined by anonuid and anongid

E. All clients can mount /usr/shared/tools read-only and NFS ignores the directives
defined by the anonuid and anongid options.

Answer: C

You must add an additional swap device and you add this entry to /etc/fstab:
/.swapfile none swap defaults 0 0

Examine these commands and output:

# dd if=/dev/zero of=/.swapfile bs=1024 count=1048576

1048576+0 records in

1048576+0 records out

1073741824 bytes (1.1 GB, 1.0 GiB) copied, 4.32488s , 248 MB/s

# swapon -a

swapon: /.swapfile: insecure permissions 0644, 0600 suggested.

swapon: /.swapfile: read swap header failed

Answer: A,B

Which two actions must you perform to add this swap device ?

A. Initialize the /.swapfile file by using the mkswap command.

B. Execute swapon --all.

C. Change default to user in the /etc/fstab entry

D. Assign a label to the /.swapfile file by using the swaplabel command.

E. Execute swapon -L swapfile /.swapfile after adding a label

F. Use a physical disk partition type of 82 (Linux swap).

Examine this output:

Last metadata expiration check: 4:30:21 ago on Mon 26 Oct 2020 03:09:52 PM GMT.

Installed Packages

Name: gzip

Version : 1.9

Release : 9.el8
Architecture : x86_64

Size : 412k

Source : gzip-1.9-9.el8.src.rpm

Repository : @System

From repo : anaconda

Summary : The GNU data compression program

URL : http://www.gzip.org

License : GPLv3+ and GFDL

Description : The gzip package contains the popular GNU gzip data compression

: program. Gzipped files have a .gz extension.

: Gzip should be installed on your system, because it is a

: very commonly used data compression program.

Which command generated it ?

A. dnf list /usr/bin/gzip

B. dnf provides /usr/bin/gzip

C. dnf info /usr/bin/gzip

D. dnf search /usr/bin/gzip

Answer: C

Which two statements are true about the proc and sys file systems ?

A. proc contains information about memory and CPUs.

B. sys contains a list of running processes.

C. sys contains information about memory and CPUs.

D. proc contains a list of network drivers.

E. sys contains a list of mounted devices.

Answer: A,C

Examine these commands, which execute successfully:

# firewall-cmd --zone=public --add-service=cockpit --permanent

# firewall-cmd --zone=public --add-port=1313/tcp --permanent

# firewall-cmd --reload

Which two are true upon execution ?

A. The Cockpit service is added only to the public zone.

B. Egress traffic is allowed for the Cockpit service only when using port 1313.

C. Runtime firewall configuration is not lost when the firewalld process is

restarted or the system is rebooted.

D. Port 1313 blocks all traffic for the public zone except for ingress traffic to
the Cockpit service.

E. The custom Cockpit service configuration file is updated in

/usr/lib/firewalld/services.

Answer: A,C

Examine this command and output:

$ ftp host01.example.com

Connected to host01.example.com (192.168.40.131).

220 (vsFTPd 3.0.2)

Name (host01.example.com: oracle):

After entering a carriage return, this error message is displayed:

530 Permission denied.

Login failed.

ftp>

Why is the oracle user denied access to the FTP server on host01.example.com ?

A. The oracle user does not exist on host01.example.com.

B. LOCAL_ENABLE is set to NO in /etc/vsftpd/vsftpd.conf.

C. The oracle user is listed in /etc/vsftpd/user_list and USERLIST_ENABLE is set to

NO in /etc/vsftpd/vsftpd.conf.
D. The oracle user is listed in /etc/vsftpd/ftpusers.

E. The oracle user is listed in /etc/vsftpd/user_list and USERLIST_ENABLE is set to

YES in /etc/vsftpd/vsftpd.conf.

Answer: E

Examine these requirements for a host with a user oracle:

1. Network services must run in a confined domain.

2. The oracle user must be confined.

3. The oracle user must be able to use Mozilla Firefox.

4. Access to files and directories must be granted based only on SELINUX contexts.

5. The SELinux configuration must be persistent across system restarts.

6. User must be able to publish private HTML content.

Now examine these commands and output:

# sestatus

SELinux status: enabled

SELinuxfs mount: /sys/fs/selinux

SELinux root directory : /etc/selinux

Loaded policy name : targeted

Current mode : permissive

Mode from config file : permissive

Policy MLS status: enabled

Policy deny_unknown status: allowed

Memory protection checking: actual (secure)

Max kernel policy version: 31

# setenforce enforcing

# semanage login -a -s guest_u oracle

# setsebool -P httpd_enable_homedirs on
Which requirements are satisfied ?

A. 1,2,4,5,6

B. 1,2,3,4,5,6

C. 1,2,3,5,6

D. 1,2,6

E. 1,2,4,6

F. 1,2,3,6

Answer: A

Examine this command:

# cryptsetup luksOpen /dev/xvdd1 cryptfs

What happens upon execution ?

A. It creates the /dev/mapper/cryptfs device mapping file.

B. It creates the LUKS partition on /dev/xvdd1 .

C. It creates the /dev/mapper/xvdd1 device mapping file.

D. It creates the /dev/mapper/xvdd1/cryptfs device mapping file.

E. It creates the /dev/mapper/xvdd1-cryptfs device mapping file.

Answer: A

Which two statements are true about fdisk ?

A. It understands GPT, MBR, and HFS partition tables.

B. fdisk -l displays disk size information for all disks.

C. It can partition disks larger than 2 TB by using a GPT partition table.

D. It can divide logical devices into one or more block disks called partitions.

E. It cannot partition disks larger than 2 TB by using a GPT partition table.

Answer: B,E

Examine this command and output:

# ausearch -k mkdir

type=SYSCALL msg=audit (1604360199.719:44733): arch=c000003e syscall=83 success=no

a0 =55dec0b47400 a1=1c0 a2=0 a3=0 items=2 ppid=1354 pid=284632 auid=4294967295 uid=

gid=996 euid=998 suid=998 fsuid=998 egid=996 sgid=996 fsgid=996 tty=(none) ses=429

comm="pkla-check-auth" exe="/usr/bin/pkla-check-authorization"

subj=system_u:system_r:policykit_auth_t:s0 key="mkdir"

Which command displays the syscall in text format instead of numerical format ?

A. ausearch -a 83 -k mkdir

B. ausearch -i -k mkdir

C. ausearch -sc 83 -k mkdir

D. ausearch --format text -k mkdir

E. ausearch -r -k mkdir

Answer: B

Which two statements are true about container technology ?

A. A container application buit on a bare metal system cannot run on virtual

machines or cloud instances.

B. A container application is dependent on the host operating system and kernel

version.

C. Containers package an application with the individual runtime slack.

D. Podman, Buildah, and Skopeo are independent tools to create, run, and manage
container

applications across compatible Oracle Linux systems.

E. Podman requires a running daemon to function and to enable containers to start

and run

without root permissions.

Answer: C,D

Which two methods of changing kernel parameters can you use to modify values for
the running … ?
A. issuing the sysctl -w command to write values to specific files in the /proc/sys
directory

B. using the echo command to write values to specific files in the /proc/sys
directory

C. issuing the sysctl -w command to write values to specific files in the /sys
directory.

D. using the echo command to write values to specific files in /sys directory.

E. adding to or modifying parameters and values in the /etc/systemd/sysctl.conf

file followed

by issuing the sysctl -p command

Answer: A,B

Which two statemens are true about the Oracle Linux 8 boot process ?

A. The bootloader loads the initramfs file into memory and extracts the vmlinuz
file into a temporary file system (tmpfs)

B. The kernel loads driver modules from vmlinuz that are required to access the
root file system.

C. The bootloader loads the initramfs file into memory and extracts the vmlinuz
file into the /boot file system.

D. The kernel loads driver modules from initramfs that are required to access the
root file system.

E. Both the vmlinuz file and the initramfs file are located in the /boot directory.

Answer: A,D

Which is true about the /etc/sysconfig directory in an Oracle Linux 8 system ?

A. It is used to access device and device driver information.

B. Files in this directory hierarchy contain information about running processes.

C. Its contents depend on the packages installed on the system.

D. Files in this directory hierarchy contain information about system hardware.

Answer: C

Which two statements are true about the Linux Auditing System ?

A. Auditing rules can log administrator attempts to access user home directories.

B. Auditing system call rules can affect system performance depending on the amount
of

information that is logged.

C. Auditing modes include permissive, enforcing, and disabled.

D. Auditing can scan for Common Vulnerabilities and Exposures (CVE) and
automatically apply

needed patches to a system.

E. Auditing includes security policies, each of which includes security rules, or

checks, which are

checked when you run a security scan.

Answer: A,B

Examine this command:

# nft add rule inet filter input tcp dport 80 drop

Which two statements are true upon execution ?

A. The rule is applied to both IPv4 and IPv6 packets.

B. The rule updates the configuration on disk.

C. All traffic inbound on port 80 is dropped.

D. The rule applies to the input table.

E. TCP packets inbound on port 80 are dropped.

F. TCP packets outbound on port 80 are dropped.

Answer: A,E

Examine this udev device naming rule which gets processed successfully:

KERNEL=="hdb", DRIVER=="ide-disk", SYMLINK+="sparedisk"

Which two statements are true ?

A. Symbolic link /dev/sparedisk is created linking to /dev/hdb and with an ide-disk

device

driver, thus overwriting existing symbolic links.

B. The matching device will be named /dev/sparedisk.

C. Symbolic link /dev/sparedisk is created for a device named /dev/hdb which has an
ide-disk

device driver if such a device is discovered.

D. The matching device will have the kernel device name /dev/hdb.

E. Symbolic link /dev/sparedisk is created for a device named /dev/hdb or one that
has an ide-disk

device driver, whichever is discovered first.

Answer: C,D

Examine this command, which executes successfully:

useradd -m -s /bin/bash alice

Which statement is true about the account ?

A. It is a member of the wheel group.

B. It is assigned a shell but without a password.

C. Is is assigned a home directory and a password.

D. Is is not assigned a home directory.

Answer: C

Which are three of the network bonding modes supported in Oracle Linux 8 ?

A. Multicast

B. Round-Robin

C. Split Horizon

D. 802.3ad

E. Poison reverse

F. Active backup

G. Passive backup

Answer: B,D,F

Which two statements are true about the at and batch commands ?

A. batch schedules the execution of recurring tasks.

B. at schedules the execution of recurring tasks.

C. Both at and batch are read from standard input, or you can specify a file and
execute the

commands with the -f option.

D. batch executes a task when the system load average is greater than 0.8.

E. at executes a one-time task to run at a specific time.

Answer: C,E

Which statement is true about slice units ?

A. A slice unit is a concept for hierarchically managing resources in a group of

processes.

B. Processes in a slice unit are named at the same level as scopes and services.

C. The system.slice contains all system services and user sessions.

D. A slice unit accepts multiple names by the creation of additional symlinks to

the unit file.

Answer: A

Which two statements are true about kernel boot parameters ?

A. Boot parameters are defined as values for the GRUB_CMDLINE_LINUX directive in

the

/etc/default/grub file.

B. Boot parameters are defined as values for the GRUB_BOOT directive in the
/etc/default/grub

file .

C. Parameters passed to the kernel from the GRUB 2 command-line interface are
persistent and

apply to all subsequent reboots.

D. Each kernel version's boot parameters are stored in independent configuration

files in

/boot/loader/entries .

E. Parameters passed to the kernel from the GRUB 2 menu are persistent and apply to
all

subsequent reboots.

Answer: A,D
Which two types of reports does iostat generate ?

A. Storage Utilization Report

B. Device Utilization Report

C. Memory Utilization Report

D. Swap Utilization Report

E. CPU Utilization Report

Answer: B,E

Which two statements are true about systemd system and service manager ?

A. systemd service units expose kernel devices and can be used to implement device-
based

activation.

B. systemd is the first process that starts after the system boots, and is the
final process left

running before the system shuts down.

C. systemd is backward-compatible with the System V init scripts that were used in
earlier

versions of Oracle Linux.

D. The service command is used to start and stop systemd service units.

Answer: B,C

Examine these Kubernetes components:

Component Description

1) kubectl a) Processes and validates requests and performs the operation

2) etcd b) Determines where containers should be run by availability of

resources
3) kubelet c) Agent that allows nodes to communicate with the API server

4) kube-proxy d) Command-line interface used to control Kubernetes

cluster manager

5) kube-apiserver e) Performs all of the networking functions and routes

network traffic

6) kube-scheduler f) Stores configuration data relating to the status of the

cluster

Which option correctly matches the components with their description ?

A. 1-d, 2-f, 3-e, 4-a, 5-c, 6-b

B. 1-b, 2-a, 3-e, 4-c, 5-f, 6-d

C. 1-a, 2-d, 3-b, 4-c, 5-e, 6-f

D. 1-c, 2-f, 3-d, 4-b, 5-e, 6-a

E. 1-d, 2-f, 3-c, 4-e, 5-a, 6-b

Answer: A

Which two components are used for creating a new rsyslog rule ?

A. filter

B. action

C. parser

D. module

E. security policy

Answer: B,D

Examine this command:

$ podman run --name=oracleshell -it oraclelinux:8-slim

Which two statements are true upon execution ?

A. The container creates and starts an interactive shell.

B. The container named oracleshell must already exist; otherwise, the command
fails.

C. The command fails if the oraclelinux:8-slim image does not exist on the local
machine.

D. The container is created and started in a single command.

E. The container is removed by typing exit at the bash shell prompt.

Answer: A,D

Which two actions are performed by the logrotate utility ?

A. rotating log files as specified

B. encrypting log files

C. compressing log files

D. duplicating log files

E. hashing log files

Answer: A,C

As root you configured a file system using AutoFS with default settings.

In the first session, you changed to a directory under AutoFS control. In a second
session, you

directory to /etc. Now the idle time for the first session expires.

Which two statements are true about the status of the file system mounted in the
first session.

A. It remains mounted as long as the system is running.

B. It remains mounted until you log out from the first session.

C. It was unmounted from the first session when the timer expired.

D. It was unmounted when the second session began.

E. It remains mounted until you switch to a directory outside the current mount
point.

Answer: C,D

Examine these commands and output:

# cat /etc/auto.master

/net -hosts

/- auto.direct ro

# cat /etc/auto.direct

/nfs1 host01:/export/share1
/nfs2 -sync host01:/export/share2

/nfs3 host02:/export/share3

automounter must be used to mount these filesystems.

Which mount options will it use ?

A. /nfs1 and /nfs3 are mounted read-only, async while /nfs2 is mounted read-
only,sync .

B. All three filesystems are mounted read-write, sync.

C. All three filesystems are mounted read-only, sync.

D. All three filesystems are mounted read-only, async .

E. /nfs1 and /nfs3 are mounted read-only, async while /nfs2 is mounted read-write,
sync.

Answer: A

Which three statements are true about DNF modules ?

A. Modules are a group of packages that are installed together along with
dependencies.

B. Installing a module allows a user to select a specific stream.

C. Profiles are used to provide alternate versions of the same module.

D. Streams are used to define optional configurations of module.

E. Streams cannot declare dependencies on the streams of other modules.

F. Packages exist in multiple streams, where each stream contains a different

version.

G. Switching an enabled module stream automatically changes installed packages.

Answer: A,B,F

Which three statements are true about the journalctl command ?

A. journalctl -b1 -p err fails if journal persistence is not configured.

B. journalctl -p err shows only error log level.

C. journalctl -p notice..warning shows all messages from notice to warning log

level since

the last boot.

D. journalctl -k shows kernel logs since the last boot.

E. journalctl -p 6 shows all info log level messages and above.

Answer: A,B,D

Which two statements are true about the configuration and use of cron or anacron ?

A. cron jobs may run only once a minute.

B. All crontabs are held in the /etc/cron.d directory

C. The crond daemon looks for jobs only in /etc/crontab.

D. anacron jobs may run only once a day.

E. anacron jobs are used to run cron jobs if the system was powered off when they
were

scheduled to run.

Answer: A,E

Examine /etc/anacrontab :

SHELL=/bin/bash

PATH=/sbin:/bin:/usr/sbin:/usr/bin

MAILTO=root

# the maximal random delay added to the base delay of the jobs

RANDOM_DELAY = 45

# the jobs are started during the following hours only

START_HOURS_RANGE=3-22

# period in days delay in minutes job-identifier command

1 5 dailyjob nice run-parts /etc/cron.daily

7 25 weeklyjob nice run-parts /etc/cron.weekly

"@monthly" 45 monthlyjob nice run-parts /etc/cron.monthly

Which two statements are true about the jobs scheduled in this file ?

A. Scripts run by the first job are delayed between 11 and 45 minutes.

B. Jobs defined in this anacrontab file can be executed between 15:00 and 22:00.

C. Scripts run by the third job are delayed between 45 and 90 minutes.

D. Jobs defined in this anacrontab file are randomly delayed by up to 51 minutes.

E. Scripts run by the second job are delayed between 31 and 70 minutes.

Answer: D,E

Examine this command, which executes successfully :

# nmcli con add con-name eth2 type ethernet ifname eth2 \

ipv6.address 2804:14c:110:ab2f:c31b:1212:7917:708a/64 \

ipv6.gateway 2804:14c:110:ab2f::1003 \

ipv4.address 192.168.0.5/24 ipv4.gateway 192.168.0.254

The eth2 connection does not exist.

Which two statements are true ?

A. Ethernet connection eth2 is created.

B. The configuration is saved in /etc/sysconfig/network .

C. A static IP address is assigned to the eth2 connection.

D. It configures an automatic IPV6 address.

E. Ethernet interface eth2 is created.

Answer: A,C

Which takes precedence for ssh program configuration ?

A. /etc/ssh/ssh_config

B. ~/.ssh/config

C. Command line

D. /etc/ssh/sshd_config
Answer: C

Which two commands relabel an SELinux system after a reboot ?

A. Set kernel parameter autorelabel=0

B. fixfiles -F relabel

C. echo "relabel=1" > /.selinux

D. touch /.autorelabel

E. Set kernel parameter selinux=0

F. fixfiles -F onboot

Answer: D,F

Which command configures a fully functional and accessible interface on VLAN 800 ?

A. modprobe 8021q

ip link add link eth0 name eth0.800 type vlan id 800

ip link set eth0.800 up

B. modprobe 8021q

ip link add link eth0 name eth0.800 VLAN 800

ip address add 10.135.1.120/24 dev eth0.800

ip link set eth0.800 up

C. ip link add link eth0 name eth0.800 type vlan id 800

ip address add 10.135.1.120/24 dev eth0.800

ip link set eth0.800 up

D. modprobe 8021q

ip address add 10.135.1.120/24 dev eth0.800

ip link set eth0.800 up

Answer: C

Which two features does a user private group provide ?

A. provision of a unique group

B. capability to create new group users

C. capability to execute sudo

D. ability for only a group's users to read files in a new directory

E. capability to prevent other users from modifying a file

Answer: A,E

Which two are true about using Ksplice ?

A. Ksplice can be used without a network connection.

B. It can patch the kernel without shutting down the system.

C. yum cannot upgrade a kernel patched by Ksplice.

D. Ksplice has two clients; each can run in three different modes.

E. The Ksplice client is freely available to all customers.

Answer: A,B

Which command produces human-readable time stamps in kernel ring buffer messages ?

A. dmesg -t

B. dmesg -x

C. dmesg -T

D. dmesg -w

Answer: C

You must prevent Ksplice from reapplying updates at next system reboot.

Which two commands or parameters can do this ?

A. uptrack-upgrade -n

B. nouptrack

C. uptrack-remove --all

D. uptrack=0

E. touch /etc/uptrack/disable

Answer: B,E
Examine this command:

# ssh -L 5011:127.0.0.1:80 bob@10.10.2.20 -f sleep 30

Which two are true upon execution ?

A. A reverse tunnel is created back to the local host on port 80.

B. A local port forward is created between client and server.

C. A socket remains open for 30 minutes unless a connection is established.

D. A web server is listening on port 5011.

E. An SSH connection process is forked to the background.

Answer: B,E

Examine these commands executed by root:

# mkdir -p /jail /jail/bin /jail/lib64

# cp $(which bash) /jail/bin

# ldd $(which bash)

linux-vdso.so.1 (0x00007ffd574f5000)

libtinfo.so.6 => /lib64/libtinfo.so.6 (0x00007fb458c2c000)

libdl.so.2 => /lib64/libdl.so.2 (0x00007fb458a28000)

libc.so.6 => /lib64/libc.so.6 (0x00007fb458666000)

/lib64/ld-linux-x86-64.so.2 (0x00007fb459177000)

# cp /lib64/libtinfo.so.6 /jail/lib64/

# cp /lib64/libdl.so.2 /jail/lib64/

# cp /lib64/libc.so.6 /jail/lib64/

# cp /lib64/ld-linux-x86-64.so.2 /jail/lib64

The root user then issues this command :

# chroot /jail

What is the output from the cd, pwd, and ls commands ?

A. bash-4.4 # cd

bash: cd: command not found

bash-4.4 # pwd

bash: pwd: command not found

bash-4.4 # ls

bash: ls: command not found

B. bash-4.4 # cd

bash: cd: /root: Unable to access chrooted file or directory /root

bash-4.4 # pwd

bash-4.4 # ls

bin lib64

C. bash-4.4 # cd

bash-4.4 # pwd

/root

bash-4.4 # ls

bash: ls: command not found

D. bash-4.4 # cd

bash: cd: /root: No such file or directory

bash-4.4 # pwd

bash-4.4 # ls
 bin lib64

Answer: D

Examine this network configuration :

NAME="ens4"

DEVICE="ens4"

ONBOOT=no

NETBOOT=yes

IPV6INIT=yes

BOOTPROTO=none

IPADDR=192.168.2.5

PREFIX=24

GATEWAY=192.168.2.1

TYPE=Ethernet

Which two statements are true after executing: nmcli con mod ens4 ipv4.method auto

A. Interface ens4 automatically starts on boot

B. BOOTPROTO value is set to dhcp

C. ONBOOT value is set to yes

D. IPADDR value is considered null.

E. ONBOOT value is set to dhcp

F. Interface ens4 is assigned an IP address of 192.168.2.5

Answer: B,F

Which three are features of the btrfs file system ?

A. block devices mirroring

B. copy-on-write metadata

C. cluster file system

D. efficient storage for small files

E. online resizing

F. general-purpose volume manager

G. automatic defragmentation

Answer: B,E,G

Examine this command and output :

$ cat deployment.yaml

apiVersion: apps/v1

kind: Deployment

metadata:

name: nginx-deployment

spec:

selector:

matchLabels:

app: nginx

replicas: 2

template:

metadata:

labels:

app: nginx

spec:

containers:

"-name: nginx"

image: nginx:1.14.2

ports:

"-containerPort: 80"

Now examine this command which executes successfully:

$ kubectl create -f deployment.yaml

Which two statements are true ?

A. The command creates and guarantees the availability of a specified number of

identical pods.

B. The command creates a deployment named nginx.

C. The command creates a pod named nginx.

D. The command specifies port 80 as the port that the container exposes.

E. The command specifies nginx image version 1.14.2 and will fail if the image
version is no

available.

Answer: D,E

Examine this command:

# auditctl -w /etc/passwd -p w -k pass

Which two statements are true upon execution ?

A. A write occurs to /etc/audit/rules.d/audit.rules.

B. An audit rule is defined that creates a log entry every time /etc/passwd is
read.

C. An audit rule is defined with the keyword pass

D. An audit rule is defined that creates a log entry every time a write occures
to /etc/passwd.

E. A write occurs to /etc/audit/audit.rules.

Answer: C,D

Which two statements are true about removing a physical volume (PV) from a volume:

A. It can be removed only after removing it from its VG by using vgreduce

B. It can be removed when an active VG has mounted file systems by running vgexport
C. It cannot be removed when it is part of an active VG

D. It can be removed when an inactive logical volume is on the VG.

E. It can be removed when it is part of an active VG.

Answer: A,B

The ss command was invoked with options to:

1. limit output to all listening and non-listening tcp ports.

2. display ports instead of the procotols that typically use those ports.

3. display all available internal tcp information.

4. display only connections whose source or destination port is 80.

Which two results are produced by the command ?

A. UNCONN 0 0 [::1]:323 [::]:*

B. tcp CLOSE-WAIT 32 0 server.example.com:44732 12.210.15:https

C. ESTAB 0 0 10.12.18.92:50384 169.254.169.254:80 cubic wscale:9,7 rto:201

D. LISTEN 0 511 *:80 *:* cubic cwnd:10

E. icmp6 UNCONN 0 0 *:58 *:*

Answer: C,D

Which two statements are true about control groups (cgroups) in Oracle Linux 8 ?

A. Oracle Linux 8 implements cgroups v2 by default.

B. A cgroup is a collection of processes bound to a set of limits or parameters

defined in the

cgroups filesystem.

C. Different controllers from cgroups version 1 and cgroups version 2 cannot be

used at one time.

D. The cgroups filesystem allows limits to be overwritten in the lower levels of

the hierarchy.

E. cgroups allow processes to be organized into hierarchical groups whose resource

usage can be

limited and monitored

Answer: B,E
Examine this content from /etc/chrony.conf:

….

pool pool.ntp.org offline

driftfile /var/lib./chrony/drift

keyfile /etc/chrony.keys

….

Which statement is true about pool.ntp.org ?

A. chronyd polls a maximum of 3 sources from pool.ntp.org after it is enabled.

B. chronyd does not poll pool.ntp.org until it is enabled to do so by chronyd

C. chronyd takes pool.ntp.org offline automatically when the sending of a request

to the pool fails.

D. chronyd does not poll pool.ntp.org until it is enabled to do so by chronyc.

Answer: D

Examine this segment of /etc/rsyslog.conf .

# Log all kernel messages to the console.

# Logging much else clutters up the screen.

#kern.* /dev/console

# Log anything (except mail) of level info or higher.

# Don't log private authentication messages!

*.info;mail.none;authpriv.none;cron.none /var/log/messages

# The authpriv file has restricted access.

authpriv.* /var/log/secure

# Log all the mail messages in one place.

mail.* - /var/log/maillog
# Log cron stuff

cron.* /var/log/cron

# Everybody gets emergency messages

*.emerg :omusrmsg:*

Now examine this log file output:

Nov 9 20:32:16 server02 sudo[4570]: pam_unix(sudo:session): session opened

opc(uid=0)

Nov 9 20:32:17 server02 sudo[4570]: pam_unix(sudo:session): session closed

Nov 9 20:32:24 server02 unix_chkpwd[4661]: password check failed for user

Nov 9 20:32:24 server02 su[4581]: pam_unix(su:auth): authentication fail

uid=1000 euid=0 tty=pts/0 ruser=opc rhost= user=root

Which setting enabled the reporting of this log file output ?

A. authpriv.* /var/log/auth

B. *.emerg *

C. *.info;mail.none;authpriv.none;cron.none /var/log/messages

D. #kern.* /dev/sssd/sssd.log

E. cron.* /var/log/cron

Answer: A

Which two directories store PAM authentication modules ?

A. /lib64/security

B. /etc/pam.d

C. /usr/lib

D. /lib/security

E. /var/lib
Answer: A,D

Examine the access privileges on this directory:

drwx ------ 2 user1 test 4096 Nov 6 10:12 my_directory/

You must enable another user to read and navigate to my_directory.

Which command will do this ?

A. setfacl --default --modify user:user2:rw- my_directory

B. setfacl --modify user:user2:r-- my_directory

C. setfacl -x user:user2 my_directory

D. setfacl --modify user:user2:r-x my_directory

E. setfacl --modify group:test:r-- my_directory

Answer: D