ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam XK0-005 All Questions

View all questions & answers for the XK0-005 exam
Go to Exam

Exam XK0-005 topic 1 question 207 discussion

Actual exam question from CompTIA's XK0-005
Question #: 207
Topic #: 1
[All XK0-005 Questions]

A Linux administrator provisioned a new web server with custom administrative permissions for certain users. The administrator receives a report that user1 is unable to restart the Apache web service on this server. The administrator reviews the following output:



Which of the following would most likely resolve the issue while maintaining a least privilege security model?

  • A. User1 should be added to the wheel group to manage the service.
  • B. User1 should have "NOPASSWD:" after the "ALL=" in the custom.conf.
  • C. The wheel line in the custom.conf file should be uncommented.
  • D. Webadmin should be listed as a group in the custom.conf file.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by makuziker at Feb. 19, 2024, 3:53 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
NastyNutsu
1 month, 1 week ago
1. User1 does not have "restart" command permission 2. Only webadmin have start pemission 3. User1 is part of webadmin group so I think by listing webadmin as a group (%webadmin) should work. user1 can start and stop the web service, and will need to use sudo command to restart the service...
upvoted 1 times
...
Pokoyo
2 months, 3 weeks ago
Selected Answer: B
user1 need the 'NOPASSWD' in order to be able to restart the httpd service. This only enable user1 to run sudo commands on 'hppd' only and no other service.
upvoted 2 times
NastyNutsu
1 month, 1 week ago
but user1 only have star and stop permission, not restart...
upvoted 1 times
...
...
IFBBPROSALCEDO
4 months ago
Selected Answer: B
The answer is B because user1 needs permission to restart the httpd service using `systemctl`, which is not currently allowed. By adding `NOPASSWD:` and including the restart command in the sudoers file, user1 can manage the service without requiring a password, ensuring the correct and necessary permissions are applied. The answer is not D because user1 is already a member of the webadmin group, and the permissions for restarting the `httpd` service using `systemctl` are not included in the webadmin group configuration. The correct answer is B because user1 needs `NOPASSWD` permission specifically for `systemctl restart httpd`, which is currently missing. Adding this to the sudoers file ensures user1 can restart the service without requiring unnecessary broader permissions.
upvoted 2 times
NastyNutsu
1 month, 1 week ago
"B. User1 should have "NOPASSWD:" after the "ALL=" in the custom.conf." this answer does not include adding restart command...
upvoted 1 times
...
...
makuziker
7 months, 2 weeks ago
Selected Answer: D
I choose D. A: user1 does not need to be part of the wheel group, for that typically gives them permission to run any commands anywhere. B: Removing the password prompt before running sensitive commands would weaken security. C: User1 is not part of the wheel group. Uncommenting this line would not solve their problem. D: Correct. You specify a group entry with the % symbol, like this: %webadmin ALL=(ALL) NOPASSWD: <allowed_commands>
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago