CompTIA Linux+ (XK0-005) — Question 201

A Linux engineer finds multiple failed login entries in the security log file for application users. The Linux engineer performs a security audit and discovers a security issue. Given the following:

# grep -iE '*www*|db' /etc/passwd
www-data:x:502:502:www-data:/var/www:/bin/bash
db:x:505:505:db:/opt/db:/bin/bash

Which of the following commands would resolve the security issue?

Answer options

• A. usermod -d /srv/www-data www-data && usermod -d /var/lib/db db
• B. passwd -u www-data && passwd -u db
• C. renice -n 1002 -u 502 && renice -n 1005 -u 505
• D. chsh -s /bin/false www-data && chsh -s /bin/false db

Correct answer: D

Explanation

The correct answer is D because changing the shell of the users 'www-data' and 'db' to '/bin/false' prevents them from logging in, thereby mitigating the security risk. The other options either modify user directories, unlock user accounts, or adjust process priorities, which do not directly address the login vulnerability.