Free CompTIA Linux+ Practice Test (XK0-005) 2026

1. The security team flagged q1-budget.xlsx during an audit because the current mode allows any authenticated user to modify it. Compliance requires the file owner (cfo) to read and write, members of the finance group to read only, and all other users to have no access whatsoever. Which chmod command brings the file into compliance?

[admin@srv01 finance]$ ls -la /srv/finance/
total 24
drwxr-xr-x  2 root    finance 4096 May  5 09:14 .
drwxr-xr-x 14 root    root    4096 May  5 09:00 ..
-rw-rw-rw-  1 cfo     finance 8192 May  5 09:14 q1-budget.xlsx
-rwxr-xr-x  1 cfo     finance  512 May  5 09:14 ledger.csv
[admin@srv01 finance]$ # security audit flagged the world-writable bits

• A chmod 764 q1-budget.xlsx
• B chmod 640 q1-budget.xlsx
• C chmod 755 q1-budget.xlsx
• D chmod 600 q1-budget.xlsx

2. After deploying a fresh RHEL 9 web server, the administrator confirms that httpd is currently disabled and inactive as shown below. The change window is short and the service must come up immediately and survive the next reboot without a second command. Which single systemctl invocation accomplishes both goals?

[root@web02 ~]# cat /etc/systemd/system/httpd.service.d/override.conf
[Service]
Restart=on-failure
RestartSec=10s

[root@web02 ~]# systemctl is-enabled httpd
disabled
[root@web02 ~]# systemctl is-active httpd
inactive

• A systemctl start httpd
• B systemctl enable httpd
• C systemctl enable --now httpd
• D systemctl restart httpd

3. The /data filesystem on db01 is at 96% capacity as shown below, and an outage cannot be tolerated, so unmounting is not an option. Plenty of free PE remain in vg01. Which sequence correctly grows lv_data by 10 GB and makes the new space immediately usable in the live ext4 filesystem?

[root@db01 ~]# vgs
  VG    #PV #LV #SN Attr   VSize   VFree
  vg01    2   3   0 wz--n- 100.00g  15.00g
[root@db01 ~]# lvs /dev/vg01/lv_data
  LV      VG   Attr       LSize
  lv_data vg01 -wi-ao----  40.00g
[root@db01 ~]# df -hT /data
Filesystem               Type  Size  Used Avail Use% Mounted on
/dev/mapper/vg01-lv_data ext4   40G   38G  1.9G  96% /data

• A lvextend -L +10G /dev/vg01/lv_data && resize2fs /dev/vg01/lv_data
• B resize2fs /dev/vg01/lv_data && lvextend -L +10G /dev/vg01/lv_data
• C vgextend -L +10G /dev/vg01/lv_data
• D pvcreate /dev/vg01/lv_data +10G

4. Nginx is running and bound to ports 80 and 443 as shown below, but external clients receive connection refused errors because firewalld is blocking the traffic. The administrator needs the rules to survive a reboot and take effect without restarting the service. Which command set correctly opens HTTP and HTTPS in the public zone?

[root@rhel9-web ~]# firewall-cmd --get-default-zone
public
[root@rhel9-web ~]# firewall-cmd --zone=public --list-services
cockpit dhcpv6-client ssh
[root@rhel9-web ~]# ss -tlnp | grep -E ':80|:443'
LISTEN 0  511  *:80   *:*  users:(("nginx",pid=1842,fd=6))
LISTEN 0  511  *:443  *:*  users:(("nginx",pid=1842,fd=7))

• A iptables -A INPUT -p tcp --dport 80 -j ACCEPT
• B firewall-cmd --add-service=http
• C ufw allow 80/tcp
• D firewall-cmd --permanent --add-service=http --add-service=https && firewall-cmd --reload

5. Apache cannot write user uploads even though DAC ownership and mode look correct, and SELinux is enforcing with a default_t label on the directory as shown below. Before changing any contexts or permissions, the administrator wants to confirm exactly which AVC denial is firing and what target type SELinux expects. Which command should be run FIRST to diagnose the issue?

[root@web03 ~]# getenforce
Enforcing
[root@web03 ~]# ls -lZ /var/www/uploads
drwxrwxr-x. apache apache unconfined_u:object_r:default_t:s0 .
[root@web03 ~]# tail -2 /var/log/httpd/error_log
[Mon May 05 14:22:11.882] [core:error] (13)Permission denied:
   [client 10.0.2.55:54312] AH00132: file permissions deny server access:
   /var/www/uploads/avatar.png

• A setenforce 0
• B ausearch -m avc -ts recent
• C chmod 777 /var/www/uploads
• D chown apache:apache /var/www/uploads

6. The backup engineer is filling in the missing fields shown below for a new cron entry that must execute /opt/scripts/backup.sh every day at exactly 2:30 AM local time. Cron's five time fields read minute, hour, day-of-month, month, and day-of-week from left to right. Which entry correctly schedules the job?

[backup@nas01 ~]$ crontab -l
# m   h   dom mon dow  command
# Existing jobs:
0    1   *   *   0    /opt/scripts/weekly-prune.sh
*/15 *   *   *   *    /opt/scripts/health-check.sh
# TODO: nightly database dump - run at 02:30 every day
???  ???  *   *   *    /opt/scripts/backup.sh >> /var/log/backup.log 2>&1

• A 2 30 * * * /opt/scripts/backup.sh
• B * * 2 30 * /opt/scripts/backup.sh
• C 30 2 * * * /opt/scripts/backup.sh
• D 0 2 30 * * /opt/scripts/backup.sh

7. The script shown below must create /opt/backups only when that directory does not already exist. If the path already exists as a directory the script should skip mkdir to avoid the "File exists" error and the resulting non-zero exit caused by `set -e`. Which conditional belongs in place of __CONDITIONAL__?

#!/usr/bin/env bash
# /opt/scripts/backup.sh
set -euo pipefail

DEST="/opt/backups"

# <-- conditional goes here so mkdir runs ONLY when /opt/backups is missing
__CONDITIONAL__

tar czf "$DEST/site-$(date +%F).tgz" /var/www
echo "Backup complete: $(ls -1 $DEST | tail -1)"

• A if [ ! -d "/opt/backups" ]; then mkdir /opt/backups; fi
• B if [ -f "/opt/backups" ]; then mkdir /opt/backups; fi
• C if [ -e "/opt/backups" ]; then mkdir /opt/backups; fi
• D if [ -d "/opt/backups" ]; then mkdir /opt/backups; fi

8. The root filesystem on app01 is at 99% capacity as shown below, and applications are starting to fail when they try to write logs and PID files. df has confirmed which mount is full but does not say WHERE the space went inside that filesystem. Which command identifies the ten largest top-level directories under / sorted from biggest to smallest?

[root@app01 ~]# df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda2        50G   49G  500M  99% /
tmpfs           3.9G     0  3.9G   0% /dev/shm
/dev/sda1       497M  140M  357M  29% /boot
/dev/mapper/vg-data 200G  120G   80G  60% /data

[root@app01 ~]# # / is at 99% - need to find which top-level dir is the culprit

• A df -h
• B du -sh /* | sort -rh | head -10
• C free -m
• D top -bn1

9. The user-facing web application returns connection refused even though systemd reports httpd as active and the NIC has a valid IP as shown below. SSH to the host works fine, ruling out a full network outage. Which command should be run FIRST to confirm whether httpd is actually bound to TCP port 80 and which PID owns the socket?

[admin@web05 ~]$ systemctl is-active httpd
active
[admin@web05 ~]$ ip -br addr
lo               UNKNOWN        127.0.0.1/8 ::1/128
ens192           UP             10.10.20.45/24
[admin@web05 ~]$ curl -sI http://10.10.20.45/
curl: (7) Failed to connect to 10.10.20.45 port 80: Connection refused

• A ping localhost
• B traceroute 8.8.8.8
• C ss -tlnp | grep :80
• D nslookup localhost

10. Load average on app07 has climbed above 40 with multiple processes stuck in uninterruptible sleep (D state) as shown below, which typically points at the kernel waiting on hardware or I/O. Before tuning the database or rebooting, the administrator wants to look at the central log that captures kernel ring messages, disk errors, and OOM events. Which log file should be checked FIRST?

[root@app07 ~]# uptime
 15:04:22 up 12 days,  3:11,  2 users,  load average: 48.21, 42.07, 30.55
[root@app07 ~]# ps aux --sort=-%cpu | head -4
USER  PID %CPU %MEM    VSZ   RSS TTY STAT START   TIME COMMAND
root  912 12.4  1.1 312844 22480 ?   D    Apr23 285:19 [kworker/u8:2+flush]
root  104  9.8  0.2      0     0 ?   D    Apr23 199:04 [jbd2/sda2-8]
mysql 2241 7.1 22.4 4128400 1812044 ? Sl Apr23 167:42 /usr/sbin/mysqld
[root@app07 ~]# # many tasks in 'D' state - I/O? hardware? check kernel ring/system log first

• A /var/log/auth.log
• B /var/log/mail.log
• C /var/log/cron
• D /var/log/syslog or /var/log/messages