Browse CompTIA Certification Guides

CompTIA XK0-006 Cheat Sheet: Linux Admin, Shell, and Services

April 24, 2026

CompTIA XK0-006 cheat sheet for Linux admin, shell, services, traps, and final review.

On this page

Use this cheat sheet for CompTIA Linux+ (XK0-006) after you know basic commands and need faster operational decisions. Linux+ questions usually ask what changed, whether it persists, what permission boundary applies, and how to prove the system is working.

XK0-006 answer sequence

Use this when the stem mixes layer, change type, permissions, or verification.

    flowchart TD
	  S["Scenario"] --> L["Identify the Linux layer"]
	  L --> C["Check whether the change is temporary or persistent"]
	  C --> P["Check permissions and service state"]
	  P --> V["Verify with output, logs, or persistence"]

Read every Linux+ question in this order

  1. Identify the layer: user, file, process, service, package, storage, network, security, script, or log.
  2. Decide whether the command inspects, changes temporarily, or changes persistently.
  3. Check permissions: user, group, mode bits, ACL, sudo, SELinux/AppArmor, and ownership.
  4. Verify the result with status, logs, files, or command output.
  5. Reject answers that disable controls or use root without solving the actual issue.

File and permission map

Need Start with Verify with
see ownership and mode ls -l owner, group, rwx bits
change owner chown ls -l
change group chgrp or chown :group ls -l
change mode bits chmod numeric or symbolic mode review
find ACLs getfacl effective permissions
change ACLs setfacl inherited and effective entries
privilege for command sudo policy /etc/sudoers or sudoers drop-in
search files find, locate, grep path, pattern, permissions

Process and service triage

Symptom First checks
process consuming CPU top, ps, pidstat, process owner, recent change
service not starting systemctl status, journalctl -u, config syntax, port conflict, permissions
service must start at boot systemctl enable plus current start if needed
one-time service restart systemctl restart and verify status
application cannot bind port existing listener, privilege, firewall, SELinux/AppArmor, config
scheduled job failed cron syntax, environment, permissions, path, mail/log output

Storage and filesystem decisions

Requirement Better answer path
show disk usage df -h for filesystem space, du -sh for directory size
mount persistent filesystem /etc/fstab with reliable identifier and tested mount
manage logical volumes PV, VG, LV, filesystem resize order
investigate full disk logs, caches, large files, rotated archives, inode exhaustion
verify filesystem mount state, filesystem type, UUID, permissions, and free space
add swap create, secure, mkswap, swapon, and persist in fstab if required

Networking triage

Symptom Check first
no IP connectivity interface state, IP address, route, gateway, VLAN, and link
DNS failure resolver config, DNS server reachability, record lookup, cache
service unreachable listener, local firewall, remote firewall, route, SELinux/AppArmor, service config
SSH denied account, key, permissions, sshd config, firewall, logs
wrong route route table, default gateway, metrics, and interface config
intermittent packet loss link, MTU, congestion, DNS, firewall state, and logs

Security and hardening

Control Exam instinct
sudo grant narrow administrative action, not broad root by habit
SSH keys protect private keys and enforce correct file permissions
updates patch packages from trusted repos and verify service impact
firewall allow only required ports and verify active rules
SELinux/AppArmor inspect denials before disabling enforcement
audit/logging know who did what and when
password policy enforce age, complexity where configured, lockout, and account lifecycle

Automation and text processing

Need Tool pattern
repeat command logic shell script with variables, conditions, loops, and exit checks
scheduled command cron or systemd timer, with explicit paths and logs
filter text grep, awk, sed, cut, sort, uniq, wc
redirect output >, >>, 2>, 2>&1, pipes
detect failure exit code, set -e with care, logging, and validation
process structured logs choose fields carefully; do not assume column positions blindly

Common traps

Trap Better instinct
temporary versus persistent know whether the change survives reboot
root as workaround fix ownership, permissions, service config, or policy instead
disabling security controls read denial logs and make targeted changes
command memorization know what the command changes and how to verify
editing fstab blindly test mounts and use stable identifiers
script works only interactively account for environment, paths, permissions, and exit codes

Final 15-minute review

If the stem says… Start here
permission denied owner, group, mode, ACL, sudo, SELinux/AppArmor
service failure systemctl status, logs, config, port, permission, dependency
disk issue df, du, inodes, mounts, LVM, logs
network issue IP, route, DNS, listener, firewall, logs
persistence required config file, enablement, fstab, timer, firewall reload
script problem shebang, executable bit, PATH, variables, quoting, exit code

Practice fit

Use IT Mastery for the exact product route, practice status, spaced review when available, and close-answer explanation practice as coverage expands.

Open the exact IT Mastery route here: XK0-006 on MasteryExamPrep.

One-line decision rule

Linux+ answers should pair the right command with the right persistence point, permission boundary, and verification step.

Revised on Sunday, May 10, 2026
Study Plan