Valid XK0-005 Dumps shared by ExamDiscuss.com for Helping Passing XK0-005 Exam! ExamDiscuss.com now offer the newest XK0-005 exam dumps, the ExamDiscuss.com XK0-005 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com XK0-005 dumps with Test Engine here:
Access XK0-005 Dumps Premium Version
(895 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 6/176
A Linux administrator provisioned a new web server with custom administrative permissions for certain users. The administrator receives a report that user1 is unable to restart the Apache web service on this server.
The administrator reviews the following output:
[ root@server ] # id user1
UID=1011 (user1) gid=1011 (USER1) groups=1011 (user1), 101 (www-data), 1120 (webadmin)
[ root@server ] # cat /etc/sudoers.d/custom.conf
user1 ALL=/usr/sbin/systemctl start httpd, /usr/sbin/systemctl stop httpd webadmin ALL=NOPASSWD: /etc/init.d.httpd restart, /sbin/service httpd restart, /usr/sbin/apache2ctl restart
#%wheel ALL=(ALL) NOPASSWD: ALL
Which of the following would most likely resolve the issue while maintaining a least privilege security model?
The administrator reviews the following output:
[ root@server ] # id user1
UID=1011 (user1) gid=1011 (USER1) groups=1011 (user1), 101 (www-data), 1120 (webadmin)
[ root@server ] # cat /etc/sudoers.d/custom.conf
user1 ALL=/usr/sbin/systemctl start httpd, /usr/sbin/systemctl stop httpd webadmin ALL=NOPASSWD: /etc/init.d.httpd restart, /sbin/service httpd restart, /usr/sbin/apache2ctl restart
#%wheel ALL=(ALL) NOPASSWD: ALL
Which of the following would most likely resolve the issue while maintaining a least privilege security model?
Correct Answer: D
The custom.conf file grants sudo privileges to user1 and webadmin for managing the Apache web service, but it uses different commands for each of them. User1 is allowed to use systemctl to start and stop the httpd service, while webadmin is allowed to use init.d, service, or apache2ctl to restart the httpd service. However, the user1 is unable to restart the service, only start and stop it. To fix this, user1 should be able to use the same commands as webadmin, which can be achieved by listing webadmin as a group in the custom.conf file, using the syntax %groupname. This way, user1 will inherit the sudo privileges of the webadmin group, and be able to restart the Apache web service without compromising the least privilege security model.
References
* Sudo and Sudoers Configuration | Servers for Hackers, section "Groups"
* Chapter 12. Managing sudo access - Red Hat Customer Portal, section "12.1. Configuring sudo access for users and groups"
References
* Sudo and Sudoers Configuration | Servers for Hackers, section "Groups"
* Chapter 12. Managing sudo access - Red Hat Customer Portal, section "12.1. Configuring sudo access for users and groups"
- Question List (176q)
- Question 1: A Linux systems administrator is troubleshooting an I/O late...
- Question 2: A cloud engineer needs to remove all dangling images and del...
- Question 3: A systems administrator is encountering performance issues. ...
- Question 4: A Linux engineer has been notified about the possible deleti...
- Question 5: A systems administrator wants to delete app . conf from a Gi...
- Question 6: A Linux administrator provisioned a new web server with cust...
- Question 7: A systems administrator is tasked with installing GRUB on th...
- Question 8: Users have reported that the interactive sessions were lost ...
- Question 9: A Linux administrator intends to start using KVM on a Linux ...
- Question 10: A Linux administrator wants a permission bit on a shared fol...
- Question 11: A systems administrator is cloning a system partition /dev/s...
- Question 12: An administrator is trying to diagnose a performance issue a...
- Question 13: A Linux administrator needs to forward port 8000 on a remote...
- Question 14: Which of the following will prevent non-root SSH access to a...
- Question 15: A server administrator has scheduled a cron job to run YUM u...
- Question 16: A systems administrator identifies multiple processes in a z...
- Question 17: A systems administrator has been tasked with disabling the n...
- Question 18: A systems administrator needs to install the file installer_...
- Question 19: A user (userA) has reported issues while logging in to the s...
- Question 20: A developer has been unable to remove a particular data fold...
- Question 21: A systems administrator is investigating an issue in which o...
- Question 22: A systems administrator is tasked with creating a cloud-base...
- Question 23: A systems administrator is tasked with configuring a reposit...
- Question 24: A Linux administrator is installing a web server and needs t...
- Question 25: A Linux systems administrator needs to compress a file named...
- Question 26: Which of the following paths stores the configuration files ...
- Question 27: A systems engineer deploys a new application server, but the...
- Question 28: At what point is the Internal Certificate Authority (ICA) cr...
- Question 29: A systems administrator is deploying three identical, cloud-...
- Question 30: A Linux administrator created the directory /project/access2...
- Question 31: An administrator is troubleshooting a database service outag...
- Question 32: While troubleshooting server issues, a Linux systems adminis...
- Question 33: Which of the following specifications is used to perform dis...
- Question 34: A Linux administrator has logged in to a server for the firs...
- Question 35: A Linux administrator needs to analyze a failing application...
- Question 36: A systems administrator wants to test the route between IP a...
- Question 37: A systems administrator needs to verify whether the built co...
- Question 38: A systems administrator wants to list all local account name...
- Question 39: A cloud engineer needs to block the IP address 192.168.10.50...
- Question 40: A systems administrator was tasked with assigning the tempor...
- Question 41: A systems administrator is troubleshooting connectivity issu...
- Question 42: An administrator transferred a key for SSH authentication to...
- Question 43: An administrator has source code and needs to rebuild a kern...
- Question 44: A Linux administrator is investigating the reason a systemd ...
- Question 45: A Linux administrator wants to prevent the httpd web service...
- Question 46: An administrator wants to execute a long-running script in t...
- Question 47: A Linux system is failing to boot with the following error: ...
- Question 48: A Linux administrator is tasked with creating resources usin...
- Question 49: A user is unable to log on to a Linux workstation. The syste...
- Question 50: A systems administrator is tasked with mounting a USB drive ...
- Question 51: A Linux administrator needs to determine whether a hostname ...
- Question 52: A systems administrator checked out the code from the reposi...
- Question 53: The application team has reported latency issues that are ca...
- Question 54: A cloud engineer is installing packages during VM provisioni...
- Question 55: A Linux administrator would like to measure possible packet ...
- Question 56: A systems administrator is gathering information about a fil...
- Question 57: A systems administrator is investigating a service that is n...
- Question 58: A Linux administrator needs to list the packages that are cu...
- Question 59: A Linux systems administrator needs to persistently enable I...
- Question 60: A Linux systems administrator receives reports from various ...
- Question 61: A systems administrator is investigating why one of the serv...
- Question 62: An administrator attempts to connect to a remote server by r...
- Question 63: Due to performance issues on a server, a Linux administrator...
- Question 64: Joe, a user, is unable to log in to the Linux system Given t...
- Question 65: An administrator needs to make some changes in the IaC decla...
- Question 66: Ann, a security administrator, is performing home directory ...
- Question 67: After connecting to a remote host via SSH, an administrator ...
- Question 68: An administrator is running a web server in a container name...
- Question 69: An administrator made a change to a system's network configu...
- Question 70: Which of the following should be used to verify the integrit...
- Question 71: An administrator would like to mirror the website files on t...
- Question 72: A systems administrator is tasked with setting up key-based ...
- Question 73: A Linux administrator is troubleshooting an issue in which a...
- Question 74: A diagnostic tool reports a "host seems down" event for a se...
- Question 75: The administrator comptia is not able to perform privileged ...
- Question 76: A Linux administrator copied a Git repository locally, creat...
- Question 77: A systems administrator is implementing a new service task w...
- Question 78: A Linux administrator has defined a systemd script docker-re...
- Question 79: Which of the following can be used as a secure way to access...
- Question 80: A Linux administrator needs to remove software from the serv...
- Question 81: A Linux administrator has installed a web server, a database...
- Question 82: Which of the following will prevent non-root SSH access to a...
- Question 83: A systems administrator created a user cron to run a schedul...
- Question 84: A Linux administrator cloned an existing Linux server and bu...
- Question 85: An administrator thinks that a package was installed using a...
- Question 86: A systems administrator notices the process list on a missio...
- Question 87: A network administrator issues the dig www.comptia.org comma...
- Question 88: Users report that connections to a MariaDB service are being...
- Question 89: A Linux systems administrator is updating code. After comple...
- Question 90: Users are experiencing high latency when accessing a web app...
- Question 91: A systems administrator is receiving tickets from users who ...
- Question 92: Using AD Query, the security gateway connections to the Acti...
- Question 93: Some servers in an organization have been compromised. Users...
- Question 94: A Linux administrator needs to determine if prerequisites ar...
- Question 95: A Linux administrator is implementing a CI/CD process for th...
- Question 96: The group named support is unable to make changes to the con...
- Question 97: A Linux administrator is troubleshooting the root cause of a...
- Question 98: An administrator is provisioning an Apache web server. When ...
- Question 99: A junior administrator updated the PostgreSQL service unit f...
- Question 100: An engineer needs to insert a character at the end of the cu...
- Question 101: A systems administrator is customizing a new Linux server. W...
- Question 102: A Linux administrator needs to create a symlink for /usr/loc...
- Question 103: A systems administrator creates a public key for authenticat...
- Question 104: A Linux administrator needs to resolve a service that has fa...
- Question 105: A new Linux systems administrator just generated a pair of S...
- Question 106: Which of the following tools is commonly used for creating C...
- Question 107: A Linux systems administrator is trying to execute a particu...
- Question 108: Users report that they cannot access some files located in t...
- Question 109: A Linux administrator needs to remove all local firewall rul...
- Question 110: A systems administrator pressed Ctrl+Z after starting a prog...
- Question 111: A Linux engineer wants to give read-write-execute permission...
- Question 112: A senior Linux administrator has created several scripts tha...
- Question 113: A systems administrator is tasked with changing the default ...
- Question 114: A Linux administrator needs to create an image named sda.img...
- Question 115: A systems administrator made some unapproved changes prior t...
- Question 116: In which of the following filesystems are system logs common...
- Question 117: Users are reporting that a production application has slow p...
- Question 118: A Linux administrator would like to use systemd to schedule ...
- Question 119: Which of the following would significantly help to reduce da...
- Question 120: A user is cleaning up a directory because it has more than 1...
- Question 121: A systems administrator is configuring a Linux system so the...
- Question 122: Which of the following enables administrators to configure a...
- Question 123: After starting an Apache web server, the administrator recei...
- Question 124: A developer wants to ensure that all files and folders creat...
- Question 125: A Linux administrator modified the SSH configuration file. W...
- Question 126: A Linux administrator is creating a primary partition on the...
- Question 127: Joe, a user, is unable to log in to the system. The Linux ad...
- Question 128: A Linux administrator is troubleshooting SSH connection issu...
- Question 129: A file called testfile has both uppercase and lowercase lett...
- Question 130: A Linux engineer needs to create a custom script, cleanup.sh...
- Question 131: A Linux systems administrator is configuring a new filesyste...
- Question 132: A Linux engineer finds multiple failed login entries in the ...
- Question 133: An administrator made a change to a system's network configu...
- Question 134: Which of the following actions are considered good security ...
- Question 135: An operations engineer is planning to start a container runn...
- Question 136: A new drive was recently added to a Linux system. Using the ...
- Question 137: An administrator is running a web server in a container name...
- Question 138: A DevOps engineer wants to allow the same Kubernetes contain...
- Question 139: The users of a Linux system are unable to use one of the app...
- Question 140: A Linux administrator is enabling root log-in over SSH on a ...
- Question 141: Users have been unable to reach www.comptia.org from a Linux...
- Question 142: Following the migration from a disaster recovery site, a sys...
- Question 143: An administrator thinks that a package was installed using a...
- Question 144: An administrator recently updated the BIND software package ...
- Question 145: A Linux administrator is configuring a new internal web serv...
- Question 146: Users are reporting that writes on a system configured with ...
- Question 147: Users report that they cannot access some files located in t...
- Question 148: A DevOps engineer pushed the updated configuration to an exi...
- Question 149: An organization's business office needs to collaborate on qu...
- Question 150: A Linux engineer set up two local DNS servers (10.10.10.10 a...
- Question 151: A junior administrator is trying to set up a passwordless SS...
- Question 152: A junior developer is unable to access an application server...
- Question 153: Users have been unable to save documents to /home/tmp/temp a...
- Question 154: A Linux administrator needs to create a new cloud.cpio archi...
- Question 155: A Linux administrator logs in to a system and identifies tha...
- Question 156: The journald entries have filled a Linux machine's /var volu...
- Question 157: A systems administrator is reviewing the following output on...
- Question 158: A systems administrator needs to reconfigure a Linux server ...
- Question 159: A Linux administrator is configuring network traffic forward...
- Question 160: A network administrator issues the dig ww. comptia. org comm...
- Question 161: A junior administrator is setting up a new Linux server that...
- Question 162: A Linux administrator wants to find out whether files from t...
- Question 163: A Linux administrator has set up a new DNS forwarder and is ...
- Question 164: A systems administrator receives the following errors via em...
- Question 165: A new file was added to a main Git repository. An administra...
- Question 166: A Linux administrator is configuring a log collector agent t...
- Question 167: A Linux administrator needs to redirect all HTTP traffic tem...
- Question 168: An administrator would like to list all current containers, ...
- Question 169: An administrator started a long-running process in the foreg...
- Question 170: A Linux administrator needs to expose port 9000 for a contai...
- Question 171: A Linux systems administrator is working to obtain the insta...
- Question 172: An administrator needs to stop a foreground process in betwe...
- Question 173: A Linux administrator is creating a directory called CompTIA...
- Question 174: A Linux engineer needs to download a ZIP file and wants to s...
- Question 175: A Linux administrator created a virtual clone of a physical ...
- Question 176: A Linux system is failing to start due to issues with severa...
