System Management - 23%
|
|
Explain basic Linux concepts. |
- Basic boot process
-
Bootloader
- Configuration files
-
Kernel
- Parameters
-
Initial RAM [random-access memory] disk (initrd)
-
Preboot Execution Environment (PXE)
- Filesystem Hierarchy Standard (FHS)
-
/
-
/bin
-
/boot
-
/dev
-
/etc
-
/home
-
/lib
-
/proc
-
/sbin
-
/tmp
-
/usr
-
/var
- Server architectures
-
AArch64
-
Reduced instruction set computer, version five (RISC-V)
-
x86
-
x86_64/AMD64
- Distributions
-
RPM Package Manager (RPM)-based
-
Debian packet manager (dpkg)-based
- Graphical User Interface (GUI)
-
Display managers
-
Window managers
-
X Server
-
Wayland
- Software licensing
-
Opensource software
-
Free software
-
Proprietary software
-
Copyleft
|
|
Summarize Linux device management concepts and tools. |
- Kernel modules
-
depmod
-
insmod
-
lsmod
-
modinfo
-
modprobe
-
rmmod
- Device management
-
dmesg
-
dmidecode
-
ipmitool
-
lm_sensors
-
lscpu
-
lshw
-
lsmem
-
lspci
-
lsusb
- initrd management
- Custom hardware
-
Embedded systems
-
Graphics Processing Unit (GPU) use cases
-& nvtop
|
|
Given a scenario, manage storage in a Linux system. |
- Logical Volume Manager (LVM)
-
Logical volume
- lvchange
- lvcreate
- lvdisplay
- lvremove
- lvresize/lvextend
- lvs
- Volume group
-
vgchange
-
vgcreate
-
vgdisplay
-
vgexport
-
vgextend
-
vgimport
-
vgremove
-
vgs
-
vgscan
- Physical volume
-
pvcreate
-
pvdisplay
-
pvmove
-
pvremove
-
pvresize
-
pvs
-
pvscan
- Partitions
-
blkid
-
fdisk/gdisk
-
growpart
-
lsblk
-
parted
- Filesystems
-
Formats
- xfs
- ext4
- btrfs
- tmpfs
- Utilities
-
df
-
du
-
fio
-
fsck
-
mkfs
-
resize2fs
-
xfs_growfs
-
xfs_repair
- Redundant Array of Independent Disks (RAID)
- Mounted storage
-
Mounting
- /etc/fstab
- /etc/mtab
- /proc/mounts
- autofs
- mount
- umount
-
Mount options
- noatime
- nodev
- nodiratime
- noexec
- nofail
- nosuid
- remount
- ro
- rw
-
Network mounts
- Network file system (NFS)
- Server Message Block (SMB) Samba
- Inodes |
|
Given a scenario, manage network services and configurations on a Linux server. |
- Network configuration
-
/etc/hosts
-
/etc/resolv.conf
-
/etc/nsswitch.conf
- NetworkManager
- Netplan
-
netplan apply
-
netplan status
-
netplan try
- Configuration files
1. /etc/netplan
- Common network tools
-
arp
-
curl
-
dig
-
ethtool
-
hostname
-
ip
- ip address
- ip link
- ip route
-
iperf3
-
mtr
-
nc
-
nmap
-
nslookup
-
ping/ping6
-
ss
-
tcpdump
-
tracepath
-
traceroute
|
|
Given a scenario, manage a Linux system using common shell operations. |
- Common environmental variables
-
DISPLAY
-
HOME
-
PATH
-
PS1
-
SHELL
-
USER
- Paths
- Relative
- Shell environment configurations
-
.bashrc
-
.bash_profile
-
.profile
- Channel redirection
-
<
-
>
-
<<
-
>>
-
|
-
Standard output
-
Standard error
-
Standard input
-
Here docs
- <<<
- Basic shell utilities
-
!
-
!!
-
alias
-
awk
-
bc
-
cat
-
cut
-
echo
-
grep
-
head
-
history
-
less
-
more
-
printf
-
sed
-
sort
-
source
-
tail
-
tee
-
tr
-
uname
-
uniq
-
wc
-
xargs
- Text editors
|
|
Given a scenario, perform backup and restore operations for a Linux server. |
- Archiving
- Compression tools
-
7-Zip
-
bzip2
-
gzip
-
unzip
-
xz
- Other tools
-
dd
-
ddrescue
-
rsync
-
zcat
-
zgrep
-
zless
|
|
Summarize virtualization on Linux systems. |
- Linux hypervisors
-
Quick Emulator (QEMU)
-
Kernel-based Virtual Machine (KVM)
- Virtual machines (VMs)
-
Paravirtualized drivers
-
VirtIO
-
Disk image operations
- Convert
- Resize
- mage properties
-
VM states
-
Nested virtualization
- VM operations
-
Resources
- Storage
- RAM
- Central processing unit (CPU)
Network
-
Baseline image templates
-
Cloning
-
Migrations
-
Snapshots
- Bare metal vs. virtual machines
- Network types
-
Bridged
-
Network address translation (NAT)
-
Host-only/isolated
-
Routed
-
Open
- Virtual machine tools
-
libvirt
-
virsh
-
vit-manager
|
Services and User Management - 20%
|
|
Given a scenario, manage files and directories on a Linux system. |
- Utilities
-
cd
-
cp
-
diff
-
file
-
find
-
ln
-
locate
-
ls
-
lsof
-
mkdir
-
mv
-
pwd
-
rm
-
rmdir
-
sdiff
-
stat
-
touch
- Links
- Device types in /dev
-
Block devices
-
Character devices
-
Special character devices
|
|
Given a scenario, perform local account management in a Linux environment. |
- Add
- Delete
- Modify
-
chsh
-
groupmod
-
passwd
-
usermod
- Lock
- Expiration
-
Configuration files
-
chage
- List
-
getent passwd
-
groups
-
id
-
last
-
lastlog
-
w
-
who
-
whoami
- User profile templates
- Account files
-
/etc/group
-
/etc/passwd
-
/etc/shadow
- Attributes
-
Unique Identifier (UID)
-
Group Identifier (GID)
-
Effective User Identifier (EUID)
-
Effective Group Identifier (EGID)
- User accounts vs. system accounts vs. service accounts
|
|
Given a scenario, manage processes and jobs in a Linux environment. |
- Process verification
-
/proc/<PID>
-
atop
-
htop
-
lsof
-
mpstat
-
pidstat
-
ps
-
pstree
-
strace
-
top
- Process ID
-
Parent Process Identification Number (PPID)
-
Process Identification Number (PID)
- Process states
-
Running
-
BCompTIA Linux+ (Linux Plus) Exam SyllabusCompTIA Linux+ (Linux Plus) Exam Syllabuslocked
-
Sleeping
-
Stopped
-
Zombie
- Priority
- Process limits
- Job and process management
-
&
-
bg
-
Ctrl + c
-
Ctrl + d
-
Ctrl + z
-
exec
-
fg
-
jobs
-
kill
-
killall
-
nohup
-
pkill
-
Signals
- 1 HUP
- 9 KILL
- 15 TERM
- Scheduling
|
|
Given a scenario, configure and manage software in a Linux environment. |
- Installation, update, and removal
-
Repository
-
Source
-
Package dependencies and conflicts
-
Package managers
-
Language-specific
- pip
- cargo
- npm
- Repository management
-
Enabling/disabling
-
Third party
-
Gnu’s Not Unix (GNU) Privacy Guard (GPG) signatures
- Package and repository exclusions
- Update alternatives
- Software configuration
- Sandboxed applications
- Basic configurations of common services
-
Domain Name System (DNS) protocol
-
Network Time Protocol (NTP)/ Precision Time Protocol (PTP)
-
Dynamic Host Configuration Protocol (DHCP)
-
HyperText Transfer Protocol (HTTP)
- Apache HTTP Server (httpd)
- Nginx
-
Simple Mail Transfer Protocol (SMTP)
-
Internet Messaging Access Protocol (IMAP4)
|
|
Given a scenario, manage Linux using systemd. |
- Systemd units
-
Services
-
Timers
-
Mounts
-
Targets
- Utilities
-
hostnamectl
-
resolvectl
-
sysctl
-
systemctl
-
systemd-analyze
-
systemd-blame
-
systemd-resolved
-
timedatectl
- Managing unit states
-
daemon-reload
-
disable
-
edit
-
enable
-
mask
-
reload
-
restart
-
start
-
status
-
stop
-
unmask
|
|
Given a scenario, manage applications in a container on a Linux server. |
- Runtimes
-
runC
-
Podman
-
containerd
-
Docker
- Image operations
-
Pulling images
-
Build an image
- Dockerfile
1. ENTRYPOINT
2. CMD
3. USER
4. FROM
-
Pruning
-
Tags
-
Layers
- Container operations
-
Read container logs
-
Map container volumes
-
Start/stop containers
-
Inspect containers
-
Delete a container
-
Run
-
Exec
-
Pruning
-
Tags
-
Environmental variables
- Volume operations
-
Create volume
-
Mapping volume
-
Pruning
-
SELinux context
-
Overlay
- Container networks
-
Create network
-
Port mapping
-
Pruning
-
Types
- macvlan
- ipvlan
- Host
- Bridge
- Overlay
- None
- Privileged vs. unprivileged |
Security - 18%
|
|
Summarize authorization, authentication, and accounting methods. |
- Polkit
- Pluggable Authentication Modules (PAM)
- System Security Services Daemon (SSSD)/Winbind realm
- Lightweight Directory Access Protocol (LDAP)
- Kerberos
- Samba
- Logging
-
journalctl
-
rsyslog
-
logrotate
-
/var/log
- System audit
|
|
Given a scenario, configure and implement firewalls on a Linux system. |
- firewalld
-
firewall-cmd
-
Runtime vs. permanent
-
Rich rules
-
Zones
-
Ports vs. services
- Uncomplicated Firewall (ufw)
- nftables
- iptables
- ipset
- Netfilter module
- Address translation
-
NAT
-
Port Address Translation (PAT)
-
Destination Network Address Translation (DNAT)
-
Source Network Address Translation (SNAT)
- Stateful vs. stateless
- Internet rotocol (IP) forwarding
|
|
Given a scenario, apply operating system (OS) hardening techniques on a Linux system. |
- Privilege escalation
-
sudo
- /etc/sudoers
1. NOEXEC
2. NOPASSWD implications
- /etc/sudoers.d
- visudo
- sudo -i
- wheel group
- sudo group
-
su -
- File attributes
-
chattr
-
lsattr
- immutable
- append only
- Permissions
-
File permissions
- chgrp
- chmod
1. Octal
2. Symbolic
- chown
-
Special permissions
- Sticky bit
- setuid
- setgid
-
Default user file-creation mode mask (umask)
- Access control
-
Access control lists (ACLs)
- setfacl
- getfacl
-
SELinux
- restorecon
- semanage
- chcon
- ls -Z
- getenforce
- setenforce
- getsebool
- setsebool
- audit2allow
- sealert
- States
1. Enforcing
2. Permissive
3. Disabled
- Secure remote access
-
Secure Shell daemon (SSHD)
- Key vs. password authentication
- Secure Shell (SSH) tunneling
- PermitRootLogin
- Disabling X forwarding
- AllowUsers
- AllowGroups
-
SSH agent
-
Secure File Transfer Protocol (SFTP)
- chroot
-
fail2ban
- Avoid the use of unsecure access services
- Disabling unused file systems
- Removal of unnecessary Set User ID (SUID) permissions
- Secure boot
-
Unified Extensible Firmware Interface (UEFI)
|
|
Explain account hardening techniques and best practices. |
- Passwords
-
Complexity
-
Length
-
Expiration
-
Reuse
-
History
- Multifactor authentication (MFA)
- Checking existing breach lists
- Restricted shells
- pam_tally2
- Avoid running as root |
|
Explain cryptographic concepts and technologies in a Linux environment. |
- Data at rest
-
File encryption
- GPG
-
Filesystem encryption
- Linux Unified Key Setup 2 (LUKS2)
- Argon2
- Data in transit
-
Open Secure Sockets Layer (OpenSSL)
-
WireGuard
-
LibreSSL
-
Transport Layer Security (TLS) protocol versions
- Hashing
-
SHA-256
-
Hashed message authentication code (HMAC)
- Removal of weak algorithms
- Certificate management
-
Trusted root certificates
- No-cost
- Commercial
- Avoiding self-signed certificates |
|
Explain the importance of compliance and audit procedures. |
- Detection and response
-
Anti-malware
-
Indicators of compromise (IOC)
- Vulnerability scanning
-
Common Vulnerabilities and Exposures (CVEs)
-
Common Vulnerability Scoring System (CVSS)
-
Backporting patches
-
Service misconfigurations
-
Tools
- Port scanners
- Protocol analyzer
- Standards and audit
-
Open Security Content Automation Protocol (OpenSCAP)
-
Center for Internet Security (CIS) Benchmarks
- File integrity
-
Advanced Intrusion Detection Environment (AIDE)
-
Rootkit hunter (rkhunter)
-
Signed package verification
-
Installed file verification
- Secure data destruction
-
shred
-
badblocks -w
-
dd if=/dev/urandom
-
Cryptographic destruction
- Software supply chain
- Security banners
-
/etc/issue
-
/etc/issue.net
-
/etc/motd
|
Automation, Orchestration, and Scripting - 17%
|
|
Summarize the use cases and techniques of automation and orchestration in a Linux environment. |
- Infrastructure as code
-
Ansible
- Playbooks
- Inventory
- Modules
- Ad hoc
- Collections
- Facts
- Agentless
-
Puppet
- Classes
- Certificates
- Modules
- Facts
- Agent/Agentless
-
OpenTofu
- Provider
- Resource
- State
- Application programming interface (API)
- Unattended deployment
- Continuous integration/ Continuous deployment (CI/CD)
-
Version control
-
Shift left testing
-
GitOps
-
Pipelines
-
DevSecOps
- Deployment orchestration
-
Kubernetes
- ConfigMaps
- Secrets
- Pods
- Deployments
- Volumes
- Services
- Variables
-
Docker Swarm
- Service
- Nodes
- Tasks
- Networks
- Scale
-
Docker/Podman Compose
- Compose file
- Up/down
- Logs
|
|
Given a scenario, perform automated tasks using shell scripting. |
- Expansion
-
Parameter expansion
- ${var}
-
Command substitution
- $(foo)
-
Subshell
- (foo)
- Functions
- Internal Field Separator/Output Field Separator (IFS/OFS)
- Conditional statements
- Looping statements
- Interpreter directive
- Comparisons
-
Numerical
1. -eq
2. -ge
3. -gt
4. -le
5. -lt
6. -ne
-
String
1. >
2. <
3. ==
4. =
5. = ~
6. ! =
7. <=
8. >=
- Regular expressions
- Test
- Variables
-
Environmental
-
Arguments
-
Assignments
- alias
- export
- local
- set
- unalias
- unset
-
Return codes
- $?
|
|
Summarize Python basics used for Linux system administration. |
- Setting up a virtual environment
- Built-in modules
- Installing dependencies
- Python fundamentals
-
Indentations
-
Current versions
-
Data types and structures
- Boolean
- Dictionary
- Floating point
- Integer
- List
- String
-
Extensible using modules and packages
- Python Enhancement Proposal (PEP) 8 best practices |
|
Given a scenario, implement version control using Git. |
- .gitignore
- add
- branch
- checkout
- clone
- commit
- config
- diff
- fetch
- init
- log
- merge
- pull
- push
- rebase
- reset
- stash
- tag |
|
Summarize best practices and responsible uses of artificial intelligence (AI). |
- Common use cases
-
Generation of code
-
Generation of regular expressions
-
Generation of infrastructure as code
-
Document code/create documentation
-
Recommendations for how to improve compliance
-
Security review
-
Code optimization
-
Code linting
- Best practices
-
Avoid copy/paste without review/quality assurance
-
Verify output
-
Data governance
- Security of data
1. Large language model (LLM) training
2. Human review
- Local models
1. Private vs. public
-
Adhere to corporate policy
- Prompt engineering |
Troubleshooting - 22%
|
|
Summarize monitoring concepts and configurations in a Linux system. |
- Service monitoring
-
Service-level agreement (SLA)
-
Service-level indicator (SLI)
-
Service-level objective (SLO)
- Data acquisition methods
-
Simple Network Management Protocol (SNMP)
- Traps
- Management information bases (MIBs)
-
Agent/agentless
-
Webhooks
-
Health checks
-
Log aggregation
- Configurations
-
Thresholds
-
Alerts
-
Events
-
Notifications
-
Logging
|
|
Given a scenario, analyze and troubleshoot hardware, storage, and Linux OS issues. |
- Common issues
-
Kernel panic
-
Data corruption issues
-
Kernel corruption issues
-
Package dependency issues
-
Filesystem will not mount
-
Server not turning on
-
OS filesystem full
-
Server inaccessible
-
Device failure
-
Inode exhaustion
-
Partition not writable
-
Segmentation fault
-
Grand Unified Bootloader (GRUB) misconfiguration
-
Killed processes
-
PATH misconfiguration issues
-
Systemd unit failures
-
Missing or disabled drivers
-
Unresponsive process
-
Quota issues
-
Memory leaks
|
|
Given a scenario, analyze and troubleshoot networking issues on a Linux system. |
- Common issues
-
Misconfigured firewalls
-
DHCP issues
-
DNS issues
-
Interface misconfiguration
- Maximum transmission unit (MTU) mismatch
- Bonding
- Media access control (MAC) spoofing
- Subnet
- Cannot ping server
-
Routing issues
- Gateway
-
Server unreachable
-
IP conflicts
-
Dual stack issues (IPv4 and IPv6)
-
Link down
-
Link negotiation issues
|
|
Given a scenario, analyze and troubleshoot security issues on a Linux system. |
Common issues
-
SELinux issues
- Policy
- Context
- Booleans
-
File and directory permission issues
- ACLs
- Attributes
-
Account access
-
Unpatched vulnerable systems
-
Exposed or misconfigured services
-
Remote access issues
-
Certificate issues
-
Misconfigured package repository
-
Use of obsolete or insecure protocols and ciphers
-
Cipher negotiation issues
|
|
Given a scenario, analyze and troubleshoot performance issues. |
- Common symptoms
-
Swapping
-
Out of memory
-
Slow application response
-
System unresponsiveness
-
High CPU usage
-
High load average
-
High context switching
-
High failed log-in attempts
-
Slow startup
-
High input/output (I/O) wait time
-
Packet drops
-
Jitter
-
Random disconnects
-
Random timeouts
-
High latency
-
Slow response times
-
High disk latency
-
Low throughput
-
Blocked processes
-
Hardware errors
-
Sluggish terminal behavior
-
Exceeding baselines
-
Slow remote storage response
-
CPU bottleneck
|
Use this quick start guide to collect all the information about CompTIA Linux+ (XK0-006) Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the XK0-006 CompTIA Linux+ exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual CompTIA Linux Plus certification exam.