A systems administrator wants to check for running containers. Which of the following commands can be used to show this information?

1. A. docker pull
2. B. docker stats
3. C. docker ps
4. D. docker list

Correct Answer: C
The command that can be used to check for running containers is docker ps. The docker ps command can list all the containers that are currently running on the system. To show all the containers, including those that are stopped, the administrator can use docker ps -a
R©e. ferences:
✑ [CompTIA Linux+ Study Guide], Chapter 11: Working with Containers, Section: Managing Containers with Docker
✑ [Docker PS Command with Examples]

Which of the following tools is BEST suited to orchestrate a large number of containers across many different servers?

1. A. Kubernetes
2. B. Ansible
3. C. Podman
4. D. Terraform

Correct Answer: A
The tool that is best suited to orchestrate a large number of containers across many different servers is Kubernetes. Kubernetes is an open-source platform for managing containerized applications and services. Kubernetes allows the administrator to deploy, scale, and update containers across a cluster of servers, as well as to automate the configuration and coordination of the containers. Kubernetes also provides features such as service discovery, load balancing, storage management, security, monitoring, and logging. Kubernetes can handle complex and dynamic workloads and ensure high availability and performance of the containers. Kubernetes is the tool that is best suited to orchestrate a large number of containers across many different servers. This is the correct answer to the question. The other options are incorrect because they either do not orchestrate containers (Ansible or Terraform) or do not operate across many different servers (Podman). References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 19: Managing Cloud and Virtualization Technologies, page 573.

A Linux administrator needs to determine whether a hostname is in the DNS. Which of the following would supply the information that is needed?

1. A. nslookup
2. B. rsyn
3. C. netstat
4. D. host

Correct Answer: A
The commands nslookup or host can be used to determine whether a hostname is in the DNS. The DNS is the domain name system, which is a service that translates domain names into IP addresses and vice versa. The nslookup command is a tool for querying the DNS and obtaining information about a domain name or an IP address. The host command is a similar tool that performs DNS lookups. Both commands can be used to check if a hostname is in the DNS by providing the hostname as an argument and seeing if the command returns a valid IP address or an error message. For example, the command nslookup www.google.com or host www.google.com will return the IP address of the Google website, while the command nslookup www.nosuchdomain.com or host www.nosuchdomain.com will return an error message indicating that the hostname does not exist. These commands will supply the information that is needed to determine whether a hostname is in the DNS. These are the correct commands to use for this task. The other options are incorrect because they do not query the DNS or obtain information about a hostname (rsync or netstat). References: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 12: Managing Network Connections, page 378.

Which of the following actions are considered good security practices when hardening a Linux server? (Select two).

1. A. Renaming the root account to something else
2. B. Removing unnecessary packages
3. C. Changing the default shell to /bin/csh
4. D. Disabling public key authentication
5. E. Disabling the SSH root login possibility
6. F. Changing the permissions on the root filesystem to 600

Correct Answer: BE
Some good security practices when hardening a Linux server are:
✑ Removing unnecessary packages (B) to reduce the attack surface and eliminate potential vulnerabilities
✑ Disabling the SSH root login possibility (E) to prevent unauthorized access and brute-force attacks on the root account References:
✑ [CompTIA Linux+ Study Guide], Chapter 9: Securing Linux, Section: Hardening Linux
✑ [How to Harden Your Linux Server]

A systems administrator is trying to track down a rogue process that has a TCP listener on a network interface for remote command-and-control instructions.
Which of the following commands should the systems administrator use to generate a list of rogue process names? (Select two).

1. A. netstat -antp | grep LISTEN
2. B. lsof -iTCP | grep LISTEN
3. C. lsof -i:22 | grep TCP
4. D. netstat -a | grep TCP
5. E. nmap -p1-65535 | grep -i tcp
6. F. nmap -sS 0.0.0.0/0

Correct Answer: AB
The best commands to use to generate a list of rogue process names that have a TCP listener on a network interface are A. netstat -antp | grep LISTEN and B. lsof -iTCP | grep LISTEN. These commands will show the process ID (PID) and name of the processes that are listening on TCP ports, which can be used to identify any suspicious or unauthorized processes. The other commands are either not specific enough, not valid, or not relevant for this task. For example:
✑ C. lsof -i:22 | grep TCP will only show the processes that are listening on port 22, which is typically used for SSH, and not any other ports.
✑ D. netstat -a | grep TCP will show all the TCP connections, both active and listening, but not the process names or IDs.
✑ E. nmap -p1-65535 | grep -i tcp will scan all the TCP ports on the local host, but not show the process names or IDs.
✑ F. nmap -sS 0.0.0.0/0 will perform a stealth scan on the entire internet, which is not only impractical, but also illegal in some countries.