CompTIA · XK0-006
CompTIA Linux+ validates the skills of IT professionals to configure, manage, and troubleshoot Linux systems used in cloud, cybersecurity, and enterprise environments. It covers system administration, scripting, automation, security hardening, and container management.
Questions
699
Duration
90 minutes
Passing Score
720/900
Difficulty
AssociateLast Updated
Mar 2026
Use this XK0-006 practice exam to prepare for CompTIA Linux+ (XK0-006) with realistic questions, detailed explanations, and focused study modes. The practice bank includes 699 questions for CompTIA XK0-006, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to recurring topics such as System Configuration and Management, Storage and Device Management, Network Configuration, Shell Scripting and Automation, and Security and OS Hardening. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
CompTIA Linux+ (XK0-006) validates the advanced skills of IT professionals to configure, manage, operate, and troubleshoot Linux systems in enterprise, cloud, and cybersecurity environments. This Associate-level certification demonstrates competency across system administration, storage and network configuration, security hardening, shell scripting, containerization, and troubleshooting. The exam emphasizes practical, hands-on knowledge required for modern Linux environments including hybrid cloud deployments, containerized applications, and enterprise security implementations. Successfully obtaining this certification indicates proficiency in automating tasks, implementing security best practices, and managing complex Linux infrastructure at scale.
CompTIA Linux+ is designed for IT professionals with foundational Linux experience seeking to advance into system administration, cloud infrastructure, or DevOps roles. Ideal candidates include junior Linux system administrators, junior cloud engineers, junior DevOps engineers, systems engineers, and network engineers managing Linux-based infrastructure. This certification appeals to those with 12 months of hands-on Linux server experience or equivalent knowledge from CompTIA A+, Network+, or Server+ certification. Career paths include Linux systems administrator, cloud infrastructure engineer, cybersecurity operations roles, and site reliability engineer positions.
Recommended prerequisites include 12 months of hands-on experience managing Linux servers in production or lab environments. While not mandatory, CompTIA strongly recommends foundational IT knowledge equivalent to CompTIA A+, Network+, or Server+ certifications. Candidates should be comfortable with command-line interfaces, basic system administration tasks, file permissions, networking concepts, and troubleshooting methodologies. Linux experience can be gained through home labs, free Linux distributions (Ubuntu, CentOS, Red Hat), or entry-level support roles. A solid understanding of basic networking, storage concepts, and security principles is beneficial.
The CompTIA Linux+ (XK0-006) exam consists of a maximum of 90 scored questions combining multiple-choice and performance-based (hands-on) questions. The exam is delivered online or at testing centers and must be completed within 90 minutes. The scoring scale ranges from 100 to 900, with a passing score of 720 required. Performance-based questions require candidates to demonstrate practical Linux skills in simulated environments. The exam launched July 15, 2025, and is ISO/IEC accredited by ANSI.
CompTIA Linux+ opens doors to well-compensated roles in high-demand areas of IT. Professionals with this certification earn between $68,000 and $120,000+ annually, with average salaries around $89,000–$91,000 in the United States; experienced professionals in senior roles can exceed six figures. The certification is particularly valuable given the industry shift toward cloud computing and containerization, where Linux expertise is essential. Linux+ validates competency across critical infrastructure technologies, making certified professionals significantly more marketable than non-certified peers. Career advancement opportunities include progression to senior systems administrator, infrastructure architect, cloud engineer, or DevOps engineer roles, with steady salary growth potential as experience accumulates.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 699 questions.
Preview — answers shown1. A DevOps engineer at Contoso is building a Dockerfile for a production Node.js application. The security team requires the application to not run as root. The engineer needs to create a non-root user in the container and switch to that user before the application starts. Which set of Dockerfile instructions correctly accomplishes this? (Select one!)
Explanation
The USER Dockerfile instruction sets the user for all subsequent RUN, CMD, and ENTRYPOINT instructions in the Dockerfile. Creating the user with RUN useradd -r -s /bin/false nodeuser followed by USER nodeuser correctly establishes a non-root runtime user. The -r flag creates a system account and -s /bin/false prevents shell login, which is good practice. Using RUN su nodeuser in the first option does not persist across layers; su only affects the current RUN layer, not subsequent instructions. Using USER nobody is problematic because nobody is a shared system user with minimal privileges that may have unintended access to other system resources, and chmod 777 /app creates a security vulnerability. Using su in CMD in the fourth option is unnecessarily complex, and setting ENV USER does not actually change the execution context.
2. A systems administrator at Tailspin Toys is setting up a systemd timer to run a backup script /usr/local/bin/backup.sh daily at 2:30 AM. The timer must also run the script if the system was powered off when the scheduled time was missed. Which two files must be created? (Select two!)
Multiple correct answersExplanation
Systemd timers require two separate unit files: a .service file that defines what command to execute, and a .timer file that defines when to run the associated service. The service file needs at minimum a [Service] section with ExecStart specifying the command to run. The timer file needs a [Timer] section with OnCalendar to specify the schedule and Persistent=true to enable catch-up behavior when the system missed a scheduled run. Without Persistent=true, if the system is off at 2:30 AM, the task will be skipped until the next scheduled time. Using a cron entry would work for scheduling but does not provide the persistent catch-up functionality and is not a systemd timer approach. Systemd does not support combining service and timer definitions in a single unit file. The timesyncd.conf file is for NTP time synchronization configuration, not scheduling.
3. A security administrator at Contoso needs to investigate brute-force SSH login attempts that occurred before the server was rebooted last night. The server uses systemd and persistent journal logging is enabled. Which command will display failed SSH authentication messages only from the previous boot session? (Select one!)
Explanation
The command 'journalctl -u sshd -b -1 --grep=Failed' correctly queries the systemd journal for the sshd service unit (-u sshd), restricts output to the previous boot session (-b -1), and filters messages containing 'Failed' using the --grep flag which applies PCRE2 pattern matching against the MESSAGE field. The -b flag uses a relative offset system where -1 means one boot prior to the current boot, -2 means two boots prior, and so on. This is the correct and only supported way to target a single previous boot session. Specifying multiple -b flags simultaneously (such as -b 0 -b -1) does not query two boot sessions at once. The second -b flag overrides the first, or the behavior is undefined depending on the systemd version. This option does not correctly address the requirement. The lastb command reads the binary /var/log/btmp file and shows failed login attempts, but it does not filter by service or limit output to a specific boot session. It also lacks the structured journal integration needed to reliably isolate pre-reboot events. Using --since yesterday queries by calendar time rather than by boot session boundary. If the server rebooted at 11:58 PM, '--since yesterday' would include entries from the current boot as well, and it does not guarantee results are limited to the previous boot session.
4. A systems administrator at Contoso Ltd. is debugging a bash script that processes user input. The script should exit immediately if any command fails, treat unset variables as errors, and ensure that a pipeline reports failure if any command in the pipe chain fails. Which set of bash options should appear at the top of the script? (Select one!)
Explanation
set -e causes the script to exit immediately when any command returns a non-zero exit status. set -u treats references to unset variables as errors rather than expanding them to empty strings. set -o pipefail causes a pipeline to return the exit status of the last command that failed rather than the exit status of the final command, preventing silent failures in chains like 'grep pattern file | wc -l'. Combining these as 'set -euo pipefail' is the standard bash strict mode pattern used in production scripts. set -x prints each command before executing it (useful for debugging) and set -v prints input lines as they are read, but neither provides error handling or pipefail behavior. pipefail is NOT enabled by default — without it, 'false | true' returns 0. Using only -e and -u without pipefail leaves pipeline failures undetected.
5. A systems administrator at Litware Inc. is troubleshooting a web server that cannot serve files from a newly created directory /srv/webapp. SELinux is in enforcing mode and file permissions appear correct. The audit log shows AVC denial messages. Which sequence of commands should the administrator use to permanently fix the SELinux context and immediately apply it? (Select two!)
Multiple correct answersExplanation
The correct approach is semanage fcontext to add a permanent file context rule followed by restorecon to apply that rule immediately to existing files. semanage fcontext -a adds a persistent rule to the SELinux policy database that survives relabeling and system reboots. restorecon -Rv then reads the policy database and applies the correct contexts to the specified path recursively. setenforce 0 only sets SELinux to permissive mode, which disables enforcement but does not fix the underlying context problem. chcon temporarily changes the context but the change is lost when the filesystem is relabeled or files are restored. setsebool adjusts boolean values for specific behaviors and is not the appropriate fix for a file context issue.
CompTIA A+ Core 1 (220-1101)
220-1101 · 700 questions
CompTIA A+ Core 2 (220-1102)
220-1102 · 700 questions
CompTIA Cloud+ (CV0-004)
CV0-004 · 700 questions
CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003)
CS0-003 · 700 questions
CompTIA Data+ (DA0-001)
DA0-001 · 700 questions
CompTIA DataSys+ (DS0-001)
DS0-001 · 700 questions
$17.99
One-time access to this exam