CompTIA SK0-005 Practice Test

Explanation:

Disk quotas allow an administrator to set storage limits per user or per group on a file system.
This directly ties storage utilization to the number of users — each user gets a defined portion of disk space.

By using quotas, the administrator can:

Prevent individual users from consuming excessive space.
Predict storage growth based on user count.
Monitor and enforce fair resource usage.

This creates the direct relationship between user count and storage consumption that management wants.

Incorrect Options:

A. Partitioning:
Divides a disk into sections but doesn’t control or correlate space usage per user.

B. Deduplication:
Reduces duplicate data to save space but does not tie storage use to user accounts.

D. Compression:
Saves space by reducing file size but doesn’t limit how much space users can use.

Reference:
CompTIA Server+ (SK0-005) Exam Objectives, Domain 2.1 – “Summarize storage solutions, including technologies and configurations.”
Microsoft Docs – Manage Disk Quotas on NTFS Volumes
Linux man pages – quota(1)

Summary:
To ensure storage usage grows in proportion to the number of users, the best solution is to implement disk quotas per user or group.

Explanation

The goal is to create multiple new VMs with similar system requirements in the SHORTEST amount of time.

D. Template: A template is a master image of a virtual machine (VM) that has been pre-configured with an operating system, common applications, and standard settings.
When an administrator needs to rapidly deploy many identical or similar VMs, they use the template to clone or provision new VMs.
This is the fastest method because it skips the time-consuming steps of installing the OS, patching, and configuring common settings for each new VM individually.

Why the other options are incorrect:

A. Snapshot: A snapshot is a point-in-time image of a running VM's state and data. While useful for backups and rollbacks, you would typically not use a snapshot as the base for creating new, separate VMs. It captures the running state, which is less clean than a properly prepared template, and its primary purpose is recovery, not mass deployment.

B. Deduplication: Data deduplication is a process that identifies and eliminates redundant copies of data. It saves storage space but has nothing to do with the speed or process of deploying new virtual machines.

C. System Restore: System Restore is a feature in Windows that allows users to revert the system files, registry, and settings to a previous state. It is a recovery tool and is entirely irrelevant to the task of creating new virtual machines efficiently.

Reference/Domain
This question falls under CompTIA Server+ (SK0-005) Domain 4.0: Virtualization, Storage, and Networking.
4.1 Given a scenario, configure and manage virtualization. (Specifically, using virtualization features like templates for efficient deployment and resource management.)

Explanation:

Log rotation is the standard Linux/Unix practice (via logrotate) that automatically:

Compresses old log files (e.g., .gz)
Deletes logs older than a defined period (e.g., 7 days, 4 weeks)
Keeps only a set number of archived copies
Creates fresh log files for new entries

Example /etc/logrotate.d/ config:

conf/var/log/app.log {
daily
rotate 7
compress
missingok
size 100M
}

Why the other options are incorrect:

B. Log shipping
Incorrect. This moves logs to a remote server (e.g., via rsyslog, Fluentd). It frees space eventually, but requires a central log server — which the question states does not exist.

C. Log alerting
Incorrect. Alerting notifies admins of issues (e.g., via email/SNMP). It does nothing to reduce disk space.

D. Log analysis
Incorrect. Analyzing logs helps with troubleshooting, not freeing disk space.

References:
CompTIA Server+ SK0-005 Exam Objectives
2.3 – Perform basic Linux server administration tasks → Includes managing log files and disk space via log rotation.

Linux logrotate(8) Man Page
“logrotate is designed to ease administration of systems that produce large numbers of log files… by rotating, compressing, and mailing log files.”

Red Hat Enterprise Linux – System Administrator’s Guide
“Use logrotate to prevent log files from growing unbounded and consuming disk space.”

Exam Tip:
Local server full of logs + no central log server → use logrotate (log rotation)
This is a frequent SK0-005 question on Linux storage and log management.

Explanation:

The question is asking for the access control methodology that is fundamentally designed to grant the minimum level of access required for a user to perform their job functions. This is a core information security principle known as the Principle of Least Privilege.

Role-Based Access Control (RBAC):
In an RBAC model, permissions are not assigned to individual users. Instead, permissions are assigned to roles (e.g., "Backup Operator," "Help Desk Technician," "SQL Database Admin"). Users are then made members of the appropriate roles based on their job responsibilities. This is the most efficient and secure way to enforce least privilege because it ensures a user automatically gets all the access needed for their job—and nothing more.

Why the Other Options Are Incorrect:

A. Scope-based:
This is not a standard, formal access control methodology. "Scope" might refer to network scope or the scope of a project, but it is not a recognized model for implementing least privilege access control in the way the question describes.

C. Location-based:
This is a context-aware access control method that grants or denies access based on the user's physical or network location (e.g., only allowing access to a server from the corporate LAN). While it can be part of a security strategy, it does not inherently define the least set of permissions a user needs to do their job.

D. Rule-based:
In a rule-based access control (RBAC, not to be confused with Role-Based) model, access is granted or denied based on a set of rules defined by an administrator (e.g., "No access to the HR server between 6 PM and 6 AM"). These rules are applied globally and are not tailored to an individual user's job function, making it a less precise tool for implementing the principle of least privilege.

Reference:
This question tests your knowledge of fundamental access control models, which is a key part of the SK0-005 exam under Domain 3.0: Security. Role-Based Access Control (RBAC) is a widely adopted industry best practice and is explicitly covered in the CompTIA exam objectives as a method for implementing secure access and the principle of least privilege.

Explanation:

A synthetic full backup is a full backup that is created from previous backup data — typically by combining a full backup with incremental or differential backups — without rereading data from the source system.

In this scenario:

The backup application copies only changed files each time → behaves like incremental backups.
During a restore, only a single file (the synthetic full) is needed → because the system has already combined the changes into one complete backup file.
So, it’s a synthetic full backup process — efficient in both storage and restore time.

Incorrect Options:

A. Open file:
Refers to backing up files that are in use — not related to incremental behavior.

C. Full incremental:
Incremental backups copy only changed data but require all incremental sets + the full backup to restore — not a single file.

D. Full differential:
Requires both the last full and the latest differential to restore — not just one file.

Reference:
CompTIA Server+ (SK0-005) Exam Objectives, Domain 4.1 – “Explain different backup types, methodologies, and concepts.”
CompTIA Server+ Study Guide (Exam SK0-005) – Data Backup and Recovery section.

Summary:
The described backup method — copying only changed files but restoring from a single backup file — is a Synthetic Full Backup.

Explanation

The goal is to deploy multiple VMs with the same configuration as efficiently as possible.

D. Use a VM template: A VM template is a master image of a virtual machine that has been pre-configured with the operating system, standard applications, network settings, and patches.

Using a template allows the administrator to clone or provision the five new VMs very quickly from a single source, bypassing the time-consuming process of installing and configuring the OS for each VM individually. This is the standard, most efficient method for mass VM deployment.

Why the other options are incorrect:

A. Snapshot a VM:
A snapshot captures the current state of a running VM (including memory and disk data) for rollback purposes. While it contains the configuration, its primary use is recovery, and it's generally not the best practice for creating a new, independent set of production VMs. Templates are specifically designed for efficient, repeatable deployment.

B. Use a physical host:
This choice doesn't address the need to deploy VMs. Deploying to a physical host would require installing the OS five separate times on hardware, which is vastly less efficient than using virtualization and templates.

C. Perform a P2V conversion:
A Physical-to-Virtual (P2V) conversion involves taking an existing physical server and converting it into a VM. This is a migration tool, not a deployment tool for creating new, identical virtual machines efficiently.

Reference/Domain
This question falls under CompTIA Server+ (SK0-005) Domain 4.0: Virtualization, Storage, and Networking.
4.1 Given a scenario, configure and manage virtualization. (Specifically, understanding and utilizing VM templates for efficient provisioning.)

Explanation:

The current permissions dr-xr-xr-- translate to 751 in octal:

Owner: r-x (5)
Group: r-- (4)
Others: r-- (1)


The owner (Ann) lacks write (w) permission on her own home directory — that’s why she cannot save files.

A user’s home directory should typically allow:

Owner: full access (rwx → 7) — to read, list, and write files
Group/Others: execute-only (--x → 1) — to allow traversal (e.g., cd /home/Ann) without reading or modifying contents

Thus, 711 is the minimal, secure fix:

bashchmod 711 /home/Ann
→ drwx--x--x
This grants Ann write access while keeping the directory secure from unauthorized reads/writes.

Why the other options are incorrect:

A. chmod 777 /home/Ann
Incorrect. Grants full access to everyone — security risk. Others can read and delete Ann’s files.

B. chmod 666 /home/Ann
Incorrect. Applies to files, not directories. Also, removes execute bit → breaks directory traversal (cd fails). And still allows group/others to write — insecure.

D. chmod 754 /home/Ann
Incorrect. Gives group read access (r--) — allows other users to list and read Ann’s files. Violates principle of least privilege.

References:
CompTIA Server+ SK0-005 Exam Objectives
2.3 – Perform basic Linux server administration tasks → Includes proper home directory permissions (drwx--x--x or 711).

Linux Filesystem Hierarchy Standard (FHS)
“User home directories should be mode 700 or 711.”

Red Hat Enterprise Linux – Security Guide “Home directories: chmod 711 ~username ensures privacy and functionality.”

Exam Tip:
User can’t save in /home/username + permissions dr-xr-xr-- → fix with chmod 711 /home/username
Never use 777 or 754 on home directories — tested heavily in SK0-005 Linux security questions.

Explanation:

This question continues the theme of key disaster recovery metrics, specifically focusing on data loss tolerance.

RPO (Recovery Point Objective):
This is defined as the maximum acceptable amount of data loss measured in time. It answers the question: "How much data can we afford to lose?" For example, if a company has an RPO of 4 hours, it means that in a disaster, losing up to 4 hours of data is considered acceptable. This metric directly determines the required frequency of data backups or replications.

Why the Other Options Are Incorrect:

A. RTO (Recovery Time Objective):
As discussed in the previous question, RTO is about downtime tolerance ("How long can we be down?"), not data loss. It is the target time to restore service, not the point from which you recover the data.

B. MTBF (Mean Time Between Failures):
This is a hardware reliability metric that predicts the average time between inherent failures of a system or component. It describes how often a device breaks, not how much data is lost when it does.

D. MTTR (Mean Time To Repair):
This is the average time required to fix a failed component and return it to production. It is a measure of repair efficiency, not a measure of acceptable data loss.

Reference:
This is another core concept from Domain 5.0:
Disaster Recovery in the SK0-005 exam objectives. It is crucial to understand the distinction between:

RTO: Time objective for getting the system back online.
RPO: Point objective for how current the data must be.

These two metrics are the foundation for designing any disaster recovery solution, as they dictate the technology and processes required (e.g., cold site vs. hot site, nightly backups vs. synchronous replication).

Explanation:

The server IP is 10.20.10.15 and the default gateway is 10.20.10.254. For these two devices to communicate directly on the same local network, they must be in the same subnet. The subnet mask determines the size of the network and which IP addresses belong to it.

With a subnet mask of 255.255.255.0 (/24):

The network address is 10.20.10.0.
Usable host range is 10.20.10.1 to 10.20.10.254.
Both 10.20.10.15 and 10.20.10.254 fall within this range.
Thus, 255.255.255.0 correctly places both addresses in the 10.20.10.0/24 network.

Why the other options are incorrect:

B. 255.255.255.128 (/25):
This creates two subnets:
10.20.10.0 – 10.20.10.127
10.20.10.128 – 10.20.10.255
The server (10.20.10.15) is in the first subnet, but the gateway (10.20.10.254) is in the second. They are not on the same subnet, so direct communication fails without a router.

C. 255.255.255.240 (/28):
This divides the address space into 16-host blocks. The IP 10.20.10.15 falls in one block (e.g., 10.20.10.0–10.20.10.15), while 10.20.10.254 falls in a much later block (e.g., 10.20.10.240–10.20.10.255). Again, different subnets.

D. 255.255.255.254 (/31):
This is a special point-to-point subnet with only two usable IPs (per RFC 3021), used only for direct links between routers. It is not appropriate for a server and gateway in a standard LAN environment.

Reference:
CompTIA Server+ SK0-005 Exam Objectives – 1.2: Given a scenario, configure basic network settings → Requires knowledge of IP addressing, subnet masks, and ensuring proper subnet membership for local communication.
RFC 1918– Defines 10.0.0.0/8 as private address space; commonly subnetted with /24 in enterprise environments.

Final Answer: A. 255.255.255.0
Only this mask ensures the server and gateway are in the same subnet.

Explanation:

A. LVM (Logical Volume Manager) is the correct and best choice. LVM is a device mapper framework that provides a layer of abstraction between the physical disks and the logical file systems. Its primary advantage is the flexibility it offers in managing disk space.

How it works:
With LVM, you create Physical Volumes (PVs) from disks or partitions, group them into a Volume Group (VG), and then carve out Logical Volumes (LVs) from that pool. The file system is created on the Logical Volume.

Why it's the best for this scenario:
If you need to increase the size of a partition (logical volume in LVM terms), you can simply add a new physical disk to the system, add it to the existing Volume Group, and then dynamically extend the Logical Volume and the file system to use the new space—all without needing to unmount the filesystem or reformat anything. This provides maximum flexibility and minimizes downtime.

Why the other options are incorrect:

B. DiskPart is a command-line disk management utility, but it is native to Microsoft Windows. It is not used on Linux systems and is therefore incorrect for this Linux-based scenario.

C. fdisk is a classic command-line utility for partitioning disks on Linux. While it is powerful for creating, deleting, and managing partition tables, it is generally not non-destructive. To change the size of a standard partition with fdisk, you would typically have to delete the partition and recreate it with a larger size, which would result in data loss unless you had a full backup to restore. Some modern versions have limited resize capabilities, but it is not the tool's primary purpose and is far less flexible and safe than LVM.

D. Format is a generic term and a command used to create a file system on a partition. The act of formatting erases all existing data on that partition. It is the exact opposite of what the question requires, which is to increase size without reformatting.

Reference:
This topic falls under CompTIA Server+ Objective 3.3: "Given a scenario, perform proper server maintenance techniques," which includes storage management and understanding volume management types like LVM. LVM is the industry-standard method on Linux for achieving flexible, resizable storage.