Visit here for our full LPI 101-500 exam dumps and practice test questions.

Question 61

A Linux administrator needs to view the first 20 lines of a log file named system.log. Which command should be used?

A) tail -n 20 system.log

B) head -n 20 system.log

C) cat -n 20 system.log

D) more -n 20 system.log

Answer: B

Explanation:

The head command with the -n option is used to display the first specified number of lines from a file. In this case, head -n 20 system.log will display the first 20 lines of the system.log file, which is exactly what the administrator needs to accomplish.

The head command is a fundamental text processing utility in Linux that reads files and outputs the beginning portion to standard output. By default, head displays the first 10 lines of a file when no options are specified. The -n option allows administrators to specify exactly how many lines should be displayed, providing flexibility for viewing different amounts of content from the beginning of files.

This command is particularly useful when examining log files, configuration files, or any text file where the beginning content is most relevant. Log files often contain chronological entries with the oldest entries at the top, making head useful for seeing when logging began or viewing initial system startup messages. Configuration files frequently have important header information or comments at the beginning that head can quickly display.

The syntax for head allows multiple variations. The command head -n 20 system.log explicitly specifies 20 lines using the -n flag. An alternative syntax head -20 system.log achieves the same result using a shorthand notation where the hyphen directly precedes the number. Both formats are widely accepted and produce identical output. Additionally, head can process multiple files simultaneously, displaying the first lines of each file with headers indicating the filename.

Head can also work with input from pipes and standard input, making it versatile in command pipelines. For example, administrators might use commands like ps aux | head -n 20 to view the first 20 processes from the process list. This pipeline capability integrates head into complex data processing workflows where viewing the beginning of command output is necessary.

The tail command displays lines from the end of files rather than the beginning, making option A incorrect for viewing the first 20 lines. The cat command concatenates and displays entire file contents without built-in line limiting, so option C is incorrect. The more command is a pager for viewing files page by page but does not have a -n option for limiting initial display to a specific number of lines, making option D incorrect. Only head with -n 20 correctly displays the first 20 lines.

Question 62

An administrator wants to search for all files larger than 100MB in the /var directory. Which find command accomplishes this task?

A) find /var -size +100M

B) find /var -size 100M

C) find /var -larger 100M

D) find /var -maxsize 100M

Answer: A

Explanation:

The find command with the -size +100M option searches for files larger than 100 megabytes in the specified directory. The plus sign before the size value indicates that find should match files exceeding the specified size, while the M suffix denotes megabytes as the size unit.

The find command is one of the most powerful file searching utilities in Linux, capable of locating files based on numerous criteria including name, size, modification time, permissions, ownership, and type. The -size option specifically filters files based on their size, supporting various units to accommodate different search requirements. Understanding size specification syntax is essential for effective file system management and disk space analysis.

Size specifications in find use suffixes to indicate units. The c suffix represents bytes, b represents 512-byte blocks, k represents kilobytes, M represents megabytes, and G represents gigabytes. Prefixing the size value with a plus sign searches for files larger than the specified size, while a minus sign searches for files smaller than the specified size. Omitting both signs searches for files exactly matching the specified size, though exact matches are less common in practice.

The command find /var -size +100M recursively searches all directories under /var for files exceeding 100 megabytes. This search helps administrators identify large files consuming disk space, locate log files that have grown excessively, or find data files requiring archival or deletion. The recursive nature of find means it examines all subdirectories within /var unless limited by additional options.

Find commands can combine multiple criteria to create sophisticated searches. For example, find /var -size +100M -type f -mtime +30 would locate regular files larger than 100MB that have not been modified in the past 30 days, identifying candidates for archival. The -exec option enables find to perform actions on matched files, such as find /var -size +100M -exec ls -lh {} ; to display detailed information about large files.

Option B without the plus sign would search for files exactly 100MB, which is rarely useful. Option C uses an invalid -larger option that does not exist in find syntax. Option D uses an invalid -maxsize option. Only option A with -size +100M correctly searches for files larger than 100 megabytes.

Question 63

A system administrator needs to change the ownership of a file named report.txt to user john and group developers. Which command accomplishes this?

A) chmod john:developers report.txt

B) chown john:developers report.txt

C) chgrp john:developers report.txt

D) owner john:developers report.txt

Answer: B

Explanation:

The chown command is used to change file ownership in Linux, and the syntax chown john:developers report.txt changes both the owner to john and the group to developers in a single command. This is the correct and most efficient way to modify both ownership attributes simultaneously.

File ownership in Linux consists of two components: the user owner who typically created the file and has special privileges over it, and the group owner which allows multiple users to share access based on group membership. The chown command provides the capability to modify either or both of these ownership attributes. Understanding ownership management is fundamental to Linux system administration because ownership directly affects file access permissions and security.

The chown syntax supports several formats for specifying ownership changes. The format user:group changes both owner and group, as in chown john:developers report.txt. The format user: changes the owner and also changes the group to the user’s primary group. The format :group changes only the group, leaving the user owner unchanged. The format user changes only the user owner, leaving the group unchanged. These variations provide flexibility for different ownership modification scenarios.

Only the root user or a user with appropriate sudo privileges can change file ownership using chown. This restriction prevents regular users from arbitrarily changing ownership of files they do not own, which could otherwise create security vulnerabilities. After ownership changes, the previous owner loses special ownership privileges unless they retain access through group membership or other permission settings.

The chown command supports recursive operation through the -R option, enabling ownership changes for entire directory trees. For example, chown -R john:developers /home/john/projects would change ownership of the projects directory and all files and subdirectories within it. This recursive capability is essential when setting up user directories or migrating file ownership after user account changes.

The chmod command modifies file permissions rather than ownership, making option A incorrect. The chgrp command changes only group ownership and does not support the user:group syntax for changing both attributes, making option C incorrect. There is no owner command in Linux, making option D invalid. Only chown with the user:group syntax correctly changes both owner and group.

Question 64

An administrator needs to display the last 50 lines of a continuously growing log file and keep the display updated as new lines are added. Which command should be used?

A) tail -n 50 -f logfile.log

B) head -n 50 -f logfile.log

C) cat -n 50 -f logfile.log

D) less -n 50 -f logfile.log

Answer: A

Explanation:

The tail command with both -n 50 and -f options displays the last 50 lines of the file and continues to follow the file, showing new lines as they are appended. This combination is essential for real-time log monitoring, allowing administrators to observe system events as they occur.

The tail command specializes in displaying the end portion of files, which is particularly useful for log files where the most recent entries appear at the bottom. By default, tail shows the last 10 lines, but the -n option specifies a different number of lines to display. The -f option, short for follow, tells tail to not terminate after displaying the initial lines but instead to continuously monitor the file for new content and display it as it appears.

Real-time log monitoring with tail -f is invaluable for troubleshooting, debugging applications, and monitoring system activity. Administrators can watch authentication attempts in /var/log/auth.log, observe web server requests in Apache or Nginx access logs, or monitor application errors as they occur. The continuous update eliminates the need to repeatedly execute commands or manually refresh file views, providing immediate visibility into system events.

The tail -f implementation uses an efficient polling mechanism that checks for file changes at regular intervals. When new lines are appended to the monitored file, tail immediately displays them. The command continues running until explicitly terminated by the user, typically with Ctrl+C. This persistent monitoring capability makes tail -f a standard tool in administrator workflows for investigating active issues or validating configuration changes.

Multiple variations and related options enhance tail functionality. The -F option provides follow behavior with retry capability, continuing to monitor even if the file is rotated or temporarily unavailable. The –pid option terminates tail when a specified process ends, useful for monitoring logs only while a particular application runs. The -s option adjusts the polling interval for environments where default polling is too frequent or infrequent.

The head command displays lines from the beginning of files and does not support the -f option, making option B incorrect. The cat command displays entire files without line limiting or follow capability, making option C incorrect. The less pager does not support the -n and -f combination in the manner described, making option D incorrect. Only tail with -n 50 -f provides the required functionality.

Question 65

A user needs to compress a directory named project and all its contents into a single archive file named project.tar.gz. Which command accomplishes this?

A) tar -czf project.tar.gz project

B) gzip -r project project.tar.gz

C) compress -z project project.tar.gz

D) zip -c project.tar.gz project

Answer: A

Explanation:

The tar command with options -czf creates a compressed archive file using gzip compression. The syntax tar -czf project.tar.gz project creates an archive named project.tar.gz containing the project directory and all its contents with gzip compression applied.

The tar utility, short for tape archive, is the standard Linux tool for creating archive files that bundle multiple files and directories into a single file. Originally designed for backup to tape drives, tar has evolved into the primary archival tool for file distribution, backups, and system administration tasks. Understanding tar options and compression integration is essential for managing file archives effectively.

The options in tar -czf each serve specific purposes. The -c option creates a new archive rather than extracting or listing existing archives. The -z option applies gzip compression to the archive, reducing file size significantly. The -f option specifies the archive filename that follows. These options can be combined as -czf or written separately as -c -z -f, though the combined format is more common and concise.

The order of components in the tar command follows a consistent pattern. After the options, the archive filename is specified, followed by the files or directories to include in the archive. In tar -czf project.tar.gz project, project.tar.gz is the output archive filename and project is the directory to archive. If multiple files or directories should be included, they can be listed sequentially after the archive filename.

Tar supports various compression methods through different options. The -z option uses gzip compression, creating .tar.gz or .tgz files. The -j option uses bzip2 compression for potentially better compression ratios, creating .tar.bz2 files. The -J option uses xz compression for even better ratios, creating .tar.xz files. The choice among compression methods balances compression ratio, speed, and compatibility requirements.

The gzip command compresses individual files but the -r option does not create tar archives in the manner described, making option B incorrect. There is no standard compress command with -z option that creates tar archives, making option C incorrect. The zip command uses a different archive format incompatible with tar.gz and uses different syntax, making option D incorrect. Only tar -czf correctly creates compressed tar archives.

Question 66

An administrator wants to find all lines in a file named config.txt that contain the word database. Which command should be used?

A) find config.txt database

B) grep database config.txt

C) search database config.txt

D) locate database config.txt

Answer: B

Explanation:

The grep command searches for text patterns within files and displays matching lines. The syntax grep database config.txt searches the file config.txt for lines containing the word database and outputs those lines to standard output.

Grep is one of the most essential text processing utilities in Linux, derived from the ed editor command for global regular expression print. The tool excels at pattern matching and text filtering, making it indispensable for log analysis, configuration file searches, and data extraction. Basic grep usage involves specifying a search pattern followed by one or more filenames to search.

The grep command offers numerous options that modify search behavior. The -i option performs case-insensitive matching, finding Database, DATABASE, and database. The -v option inverts the match, displaying lines that do not contain the pattern. The -n option prefixes output lines with their line numbers, helping locate matches within large files. The -r option recursively searches directories, examining all files within a directory tree.

Regular expressions enhance grep’s pattern matching capabilities beyond simple text searches. Patterns can include metacharacters like dot for any character, asterisk for repetition, caret for line beginning, and dollar sign for line ending. For example, grep ^database config.txt finds lines beginning with database, while grep database$ finds lines ending with database. Extended regular expressions enabled with -E provide additional operators for complex pattern matching.

Grep integrates seamlessly into command pipelines, processing output from other commands. Common patterns include ps aux | grep apache to find Apache processes, or dmesg | grep error to find error messages in kernel logs. This pipeline capability makes grep a versatile filter in complex data processing workflows.

The find command locates files by attributes rather than searching file contents, making option A incorrect. There is no standard search command in Linux with the syntax shown, making option C incorrect. The locate command finds files by name using a database rather than searching file contents, making option D incorrect. Only grep searches for text patterns within files as required.

Question 67

A system administrator needs to view all currently running processes with detailed information including CPU and memory usage. Which command provides this information?

A) ps aux

B) ls -l

C) df -h

D) du -sh

Answer: A

Explanation:

The ps aux command displays detailed information about all currently running processes on the system, including process IDs, CPU usage, memory usage, command names, and execution states. This comprehensive process listing is essential for system monitoring, troubleshooting, and performance analysis.

The ps command, short for process status, reports information about active processes. Without options, ps shows only processes associated with the current terminal session, which is rarely useful for system administration. The aux option combination provides a much more comprehensive view. The a option shows processes for all users rather than just the current user. The u option displays user-oriented format with additional details including username, CPU percentage, memory percentage, and start time. The x option includes processes not attached to terminals, such as system daemons and background services.

The output from ps aux contains multiple columns with specific meanings. USER shows the process owner. PID displays the process ID, a unique identifier for each process. CPU percentage indicates the portion of CPU time the process consumes. MEM percentage shows the portion of physical memory the process uses. VSZ displays virtual memory size in kilobytes. RSS shows resident set size, the non-swapped physical memory in kilobytes. START indicates when the process began. TIME shows cumulative CPU time consumed. COMMAND displays the command that started the process with arguments.

Process information from ps aux helps administrators identify resource-intensive processes, locate specific running programs, detect unauthorized processes, and understand system load. Common administrative tasks include finding processes to terminate, identifying why system resources are exhausted, or verifying that expected services are running. The command output can be filtered through grep to locate specific processes, as in ps aux | grep apache.

The ps command supports numerous options beyond aux. The -ef option combination provides similar comprehensive listings in a different format. The –forest option displays process hierarchies showing parent-child relationships. The -p option shows information for specific process IDs. These variations accommodate different preferences and specific information requirements.

The ls command lists directory contents rather than processes, making option B incorrect. The df command displays filesystem disk space usage, making option C incorrect. The du command shows directory space usage, making option D incorrect. Only ps aux displays detailed information about running processes.

Question 68

An administrator needs to create a symbolic link named shortcut that points to the file /usr/local/bin/application. Which command creates this symbolic link?

A) ln shortcut /usr/local/bin/application

B) ln -s /usr/local/bin/application shortcut

C) link -s shortcut /usr/local/bin/application

D) symlink /usr/local/bin/application shortcut

Answer: B

Explanation:

The ln command with the -s option creates a symbolic link. The syntax ln -s /usr/local/bin/application shortcut creates a symbolic link named shortcut that points to the target file /usr/local/bin/application. The order places the target first, followed by the link name.

Symbolic links, also called soft links or symlinks, are special file types that contain references to other files or directories. Unlike hard links that point directly to inode data, symbolic links store a path to the target. This distinction allows symbolic links to cross filesystem boundaries, point to directories, and reference targets that may not currently exist. Understanding symbolic links is essential for organizing filesystems, creating convenient access paths, and managing software installations.

The ln command creates links between files. Without options, ln creates hard links that are additional directory entries pointing to the same inode as the original file. The -s option changes behavior to create symbolic links instead. The syntax requires the target path first, then the link name. This ordering can be counterintuitive because it differs from copy commands, but it follows the pattern of pointing from the link to the target.

Symbolic links offer several advantages in system administration. They create convenient shortcuts to deeply nested files or directories, allowing easy access without remembering complex paths. They enable multiple names for the same resource, useful when different applications expect files in different locations. They facilitate version management by allowing a generic link name to point to specific versioned directories, as in linking /usr/local/python to /usr/local/python3.9.

Symbolic link management requires understanding their behavior characteristics. When a symbolic link is removed, only the link is deleted; the target remains unchanged. If the target is moved or deleted, the symbolic link becomes broken, pointing to a nonexistent location. File operations on symbolic links typically affect the target rather than the link itself, though specific commands have options to operate on the link. The ls -l command displays symbolic links with an arrow showing the target path.

Option A without -s would attempt to create a hard link with reversed arguments, which would fail. Option C uses an invalid link command. Option D uses an invalid symlink command. Only ln -s with the correct argument order creates the symbolic link properly.

Question 69

A user wants to view the manual page for the grep command. Which command displays the manual page?

A) help grep

B) info grep

C) man grep

D) doc grep

Answer: C

Explanation:

The man command displays manual pages for Linux commands, system calls, library functions, and configuration files. The syntax man grep displays the comprehensive manual page for the grep command, including description, options, examples, and related commands.

Manual pages, commonly called man pages, are the primary documentation system in Unix and Linux environments. They provide detailed reference information organized into numbered sections. Section 1 contains user commands, section 2 covers system calls, section 3 documents library functions, section 4 describes device files, section 5 covers file formats, section 6 contains games, section 7 holds miscellaneous information, and section 8 documents system administration commands. Understanding how to navigate manual pages is fundamental to Linux proficiency.

The man command offers various options for accessing documentation. Without additional arguments, man displays the first matching page found when searching sections in numeric order. The -k option searches manual page names and descriptions for keywords, useful when the exact command name is unknown. The -a option displays all matching pages from all sections rather than just the first match. The -f option shows a brief description from the whatis database.

Manual pages follow a consistent structure that aids information location. The NAME section identifies the command and provides a brief description. SYNOPSIS shows command syntax including options and arguments. DESCRIPTION provides detailed explanation of functionality. OPTIONS lists available command-line options with explanations. EXAMPLES demonstrates common usage patterns. SEE ALSO references related commands. This standardized format allows efficient information retrieval once users become familiar with the structure.

Navigation within manual pages uses keyboard controls inherited from the less pager. The space bar advances one screen, b moves back one screen, forward slash initiates search, n repeats the last search forward, N repeats search backward, and q quits the manual page. These navigation keys enable efficient browsing of lengthy documentation.

The help command is a bash builtin that provides brief information about shell builtins but does not display full manual pages, making option A incorrect. The info command accesses GNU info documentation, an alternative system with different organization, making option B less standard though sometimes available. There is no doc command in standard Linux systems, making option D incorrect. The man command is the standard tool for accessing manual pages.

Question 70

An administrator needs to display the current working directory path. Which command shows this information?

A) dir

B) path

C) pwd

D) cwd

Answer: C

Explanation:

The pwd command, short for print working directory, displays the absolute path of the current working directory. This simple but essential command helps users orient themselves within the filesystem hierarchy and is frequently used in scripts and interactive sessions.

Understanding the current working directory is fundamental to filesystem navigation in Linux. Most commands that accept file or directory arguments interpret relative paths as starting from the current working directory. Knowing the current location prevents errors when creating files, running programs, or navigating the filesystem. The pwd command provides this information instantly without requiring additional options or arguments in typical usage.

The pwd command has two operational modes that handle symbolic links differently. The pwd command without options displays the logical current directory, showing the path used to reach the current location even if it includes symbolic links. The -P option displays the physical current directory, resolving all symbolic links to show the actual filesystem path. This distinction matters when symbolic links create shortcuts to deeply nested directories.

Every process in Linux has a current working directory maintained by the kernel. When a shell starts, it typically inherits the working directory from its parent process. The cd command changes the current working directory, while pwd reveals it. Scripts and programs inherit the working directory from the process that launched them, making pwd useful for determining execution context in scripts.

Shell built-in pwd versus external pwd binary creates a subtle difference. Most shells include pwd as a built-in command for efficiency. An external /bin/pwd program also exists. The built-in is usually invoked by default and is faster because it queries the shell’s internal state rather than making system calls. The external program can be explicitly called as /bin/pwd if needed for specific purposes.

There is no standard dir command that displays the working directory in Linux, though dir exists as an alias for ls in some configurations, making option A incorrect. There is no path command with this functionality, making option B incorrect. The cwd abbreviation is not a standard command, making option D incorrect. Only pwd displays the current working directory path.

Question 71

A system administrator needs to terminate a process with PID 1234. Which command sends the default termination signal to this process?

A) stop 1234

B) end 1234

C) kill 1234

D) halt 1234

Answer: C

Explanation:

The kill command sends signals to processes, and when used with just a process ID like kill 1234, it sends the default TERM signal which requests graceful termination. Despite its name suggesting immediate destruction, kill actually provides controlled process signaling with the TERM signal allowing processes to clean up before exiting.

Process signaling in Linux enables communication between processes and the kernel. Signals notify processes of events, request state changes, or force termination. The kill command serves as the primary user interface for sending signals to processes. Understanding signal types and their effects is crucial for process management and troubleshooting stuck or misbehaving applications.

The default signal sent by kill is SIGTERM, signal number 15. This signal requests that a process terminate gracefully, allowing it to catch the signal, perform cleanup operations like closing files, flushing buffers, and releasing resources, then exit voluntarily. Well-designed applications handle SIGTERM by shutting down cleanly. If a process does not respond to SIGTERM, stronger signals may be necessary.

Alternative signals provide different termination behaviors. The SIGKILL signal, number 9, forces immediate termination without allowing cleanup, used when processes do not respond to SIGTERM. The syntax kill -9 1234 or kill -SIGKILL 1234 sends this forceful signal. The SIGHUP signal, number 1, traditionally meant hangup and often causes daemons to reload configurations. The SIGSTOP signal pauses process execution without termination, while SIGCONT resumes stopped processes.

The kill command requires appropriate permissions to signal processes. Regular users can only send signals to their own processes. Root or users with sudo privileges can signal any process. This security model prevents unauthorized process interference while allowing administrators full process control. Attempting to kill another user’s process without privileges results in a permission denied error.

Signal syntax in kill accepts either numeric signal numbers or symbolic names. The format kill -SIGNAL PID sends the named signal, while kill -NUMBER PID uses numeric identifiers. For example, kill -TERM 1234, kill -15 1234, and kill 1234 all send SIGTERM. The symbolic names improve command readability.

There is no stop command that terminates processes in standard Linux, making option A incorrect. There is no end command for process termination, making option B incorrect. There is no halt command for individual processes, making option D incorrect. Only kill sends signals to terminate processes.

Question 72

An administrator needs to change file permissions to make a script executable by everyone. The script is currently -rw-r–r–. Which command adds execute permission for all users?

A) chmod +x script.sh

B) chmod 777 script.sh

C) chown +x script.sh

D) chgrp +x script.sh

Answer: A

Explanation:

The chmod command with the +x option adds execute permission for all user categories including owner, group, and others. The syntax chmod +x script.sh adds execute permission to the existing read and write permissions, making the script executable while preserving other permission settings.

File permissions in Linux control access to files and directories using a three-category model. The owner is the user who created or owns the file. The group is a collection of users who share group-based access. Others represents all remaining users on the system. Each category has three permission types: read allows viewing contents, write enables modification, and execute permits running programs or accessing directories.

The chmod command modifies permissions using either symbolic or numeric modes. Symbolic mode uses letters to represent permission changes, with u for user owner, g for group, o for others, and a for all categories. The operators plus adds permissions, minus removes permissions, and equals sets exact permissions. Permission types are r for read, w for write, and x for execute. The format chmod +x adds execute permission for all categories without affecting existing permissions.

Understanding when execute permission is required helps administrators set appropriate access levels. Shell scripts need execute permission to run directly as commands. Binary programs require execute permission to load and run. Directories need execute permission for users to access contents or traverse through them. Without execute permission on a directory, users cannot list files or access subdirectories even if read permission exists.

Numeric mode provides an alternative chmod syntax using octal numbers. Each permission set is represented by three bits: read equals 4, write equals 2, and execute equals 1. The sum creates permission values from 0 to 7 for each category. For example, 755 means owner has read, write, execute (4+2+1), while group and others have read and execute (4+1). The command chmod 755 script.sh sets specific permissions but overwrites existing settings.

Option B using chmod 777 would add execute permission but would also add write permission for group and others, which is overly permissive and insecure for most scripts. The chown command changes ownership rather than permissions, making option C incorrect. The chgrp command changes group ownership, making option D incorrect. Only chmod +x adds execute permission appropriately.

Question 73

A user wants to view disk usage of the /home directory and its subdirectories in human-readable format. Which command provides this information?

A) df -h /home

B) du -sh /home

C) ls -lh /home

D) stat /home

Answer: B

Explanation:

The du command with -sh options displays disk usage in human-readable format with a summary total. The syntax du -sh /home shows the total space consumed by the /home directory and all its contents, presenting the result in units like megabytes or gigabytes that are easy to understand.

The du command, short for disk usage, calculates and displays the space consumed by files and directories. Unlike df which shows filesystem-level space availability, du examines actual directory and file sizes. This distinction makes du the appropriate tool for identifying which directories consume the most space and for capacity planning at the directory level.

The -s option produces a summary showing only the total for the specified directory rather than listing every subdirectory separately. Without -s, du displays space usage for every subdirectory within the target, which can produce overwhelming output for directories with many subdirectories. The -s option condenses this to a single total, making the output concise and readable.

The -h option enables human-readable output formatting. Without this option, du displays sizes in kilobyte blocks, which are difficult to interpret for large directories. The -h option automatically selects appropriate units like K for kilobytes, M for megabytes, or G for gigabytes based on the size being displayed. This formatting significantly improves readability.

Common du usage patterns help administrators manage disk space. The command du -sh * executed in a directory shows sizes of all immediate subdirectories and files, helping identify space consumers. Combining with sort enables ranking by size, as in du -sh * | sort -h to list items from smallest to largest. The -c option adds a grand total when multiple directories are specified.

The df command shows filesystem space usage rather than directory space consumption, making option A incorrect for this specific requirement. The ls command lists directory contents with file sizes but does not sum subdirectory contents, making option C incorrect. The stat command displays file metadata but not cumulative directory sizes, making option D incorrect. Only du -sh provides directory space usage summaries.

Question 74

An administrator needs to extract files from an archive named backup.tar.gz. Which command extracts the contents?

A) tar -xzf backup.tar.gz

B) untar backup.tar.gz

C) extract backup.tar.gz

D) gzip -d backup.tar.gz

Answer: A

Explanation:

The tar command with -xzf options extracts files from a compressed tar archive. The syntax tar -xzf backup.tar.gz decompresses the gzip-compressed archive and extracts all contained files and directories to the current working directory, preserving directory structure and permissions.

Archive extraction is a fundamental Linux administration task for deploying software, restoring backups, and accessing distributed files. Understanding tar extraction options ensures safe and correct file recovery. The tar command serves both archival creation and extraction roles, with different options controlling each operation mode.

The -x option tells tar to extract files from an archive rather than create one. This is the fundamental option that switches tar into extraction mode. The -z option indicates that the archive is compressed with gzip and should be decompressed during extraction. The -f option specifies that the next argument is the archive filename. These three options combine as -xzf for extracting gzip-compressed tar archives.

Additional extraction options provide useful capabilities. The -v option enables verbose output, listing each file as it is extracted. This visibility helps verify extraction progress and confirms expected contents. The -C option specifies a target directory for extraction, as in tar -xzf backup.tar.gz -C /tmp to extract into the /tmp directory. The –strip-components option removes leading directory components from extracted paths, useful when archives have unnecessary directory wrappers.

Before extracting archives, administrators should verify contents using tar -tzf backup.tar.gz, which lists files without extracting them. This preview prevents accidentally overwriting existing files and confirms the archive contains expected contents. The -k option during extraction prevents tar from overwriting existing files, providing additional protection.

Different compression methods require different tar options. Archives with .tar.bz2 extensions use -j instead of -z for bzip2 decompression. Archives with .tar.xz extensions use -J for xz decompression. Plain .tar archives without compression omit the compression option entirely, using just -xf.

There is no untar command in standard Linux, making option B incorrect. There is no extract command, making option C incorrect. The gzip -d command decompresses gzip files but does not extract tar archives, making option D incomplete. Only tar -xzf properly extracts compressed tar archives.

Question 75

A system administrator needs to display the amount of free and used memory in the system. Which command provides this information?

A) mem

B) free

C) memory

D) ram

Answer: B

Explanation:

The free command displays the amount of free and used memory in the system, including both physical RAM and swap space. This essential monitoring tool helps administrators understand memory utilization, identify potential memory pressure, and verify that systems have adequate resources for their workloads.

Memory management in Linux involves complex interactions between physical RAM, swap space, buffers, and caches. The free command presents this information in an accessible format showing total memory, used memory, free memory, shared memory, buffer and cache memory, and available memory. Understanding these values helps administrators interpret system memory state accurately.

The free command output contains several rows and columns with specific meanings. The Mem row shows physical RAM statistics. The Swap row displays swap space usage. The total column shows total installed memory. The used column indicates memory currently allocated to processes and kernel structures. The free column shows completely unused memory. The shared column displays memory used by tmpfs filesystems. The buff/cache column shows memory used for buffers and filesystem caches. The available column estimates memory available for starting new applications without swapping.

Common free command options modify output presentation. The -h option displays sizes in human-readable format using megabytes and gigabytes rather than kilobytes. The -m option shows sizes in megabytes, while -g shows gigabytes. The -s option with a number enables continuous monitoring, updating the display at specified intervals, as in free -s 5 to update every 5 seconds. The -t option adds a total row summing physical and swap memory.

Linux memory management uses available RAM efficiently through caching. The kernel caches recently accessed file data in unused RAM, improving performance for repeated file access. This caching explains why free memory may appear low while the system performs well. The available column in modern free output accounts for reclaimable cache, providing a better indicator of truly available memory than the raw free value.

Interpreting free output requires understanding that low free memory with high cache usage is normal and healthy in Linux. Memory pressure occurs when available memory becomes low and swap usage increases significantly. High swap usage combined with low available memory indicates the system lacks sufficient RAM for its workload. These insights guide decisions about memory upgrades or workload redistribution.

There is no mem command in standard Linux, making option A incorrect. There is no memory command, making option C incorrect. There is no ram command, making option D incorrect. Only the free command displays system memory usage information.