SysAdmin Interview Questions
SysAdmin Interview Questions
Prep for the interview and get the job you want
About the Book
Land the SysAdmin job you want by mastering one of the most challenging questions you might have during the interview. This book is a collection of SysAdmin Question and Answers to win the Interview.
More than 100 questions with answers splitted in 5 chapters covering:
- System Questions.
- Devops Questions.
- Network Questions
- Cyber Security Questions.
- Super SysAdmin Questions.
Check out other books from the author:
Other Books by Alejandro
- Recommended Resources
- Who is this book for ?
- What this book covers ?
Chapter 1: System Questions
- Give some examples of Linux distribution. What is your favorite distro and why?
- What are the differences between Unix, Linux, BSD, and GNU?
- What is a CLI? Tell me about your favorite CLI tools, tips, and hacks.
- What is your favorite shell and why?
- How do you get help on the command line? ***
- Your first 5 commands on a *nix server after login.
- What do the fields in <code>ls -al</code> output mean?
- How do you get a list of logged-in users?
- What is the advantage of executing the running processes in the background? How can you do that?
- Running the command as root user. It is a good or bad practices?
- How to check memory stats and CPU stats?
- What is load average?
- Where is my password stored on Linux/Unix?
- How to recursively change permissions for all directories except files and for all files except directories?
- Every command fails with <code>command not found</code>. How to trace the source of the error and resolve it?
- What is <code>grep</code> command? How to match multiple strings in the same line?
- Explain the file content commands along with the description.
- SIGHUP, SIGINT, SIGKILL, and SIGTERM POSIX signals. Explain.
- What does <code>kill</code> command do?
- What is the difference between <code>rm</code> and <code>rm -rf</code>?
- <code>archive.tgz</code> has ~30 GB. How do you list content of it and extract only one file?
- Execute combine multiple shell commands in one line.
- What symbolic representation can you pass to <code>chmod</code> to give all users execute access to a file without affecting other permissions?
- How can I sync two local directories?
- Many basic maintenance tasks require you to edit config files. Explain ways to undo the changes you make.
- You have to find all files larger than 20MB. How you do it?
- Why do we use <code>sudo su -</code> and not just <code>sudo su</code>?
- How to find files that have been modified on your system in the past 60 minutes?
- What are the main reasons for keeping old log files?
- What is an incremental backup?
- What is RAID? What is RAID0, RAID1, RAID5, RAID6, RAID10?
- How is a user’s default group determined? How would you change it?
- Why would you want to mount servers in a rack?
- Explain in a few points the boot process of the Linux system.
- Why is a load of 1.00 not ideal on a single-core machine?
- What does it mean when the effective user is root, but the real user ID is still your name?
- Developer added cron job which generate massive log files. How do you prevent them from getting so big?
- How would you recognize a process that is hogging resources?
- You need to upgrade <code>ntpd</code> service at 200 servers. What is the best way to go about upgrading all of these to the latest?
- When your server is booting up some errors appears on the console. How to examine boot messages and where are they stored?
- Swap usage too high. What are the reasons for this and how to resolve swapping problems?
- What is umask? How to set it permanently for a user?
- Explain the differences among the following umask values: 000, 002, 022, 027, 077, and 277.
- What is the difference between a symbolic link and a hard link?
- How does the sticky bit work? The <code>SUID/GUID</code> is the same?
- What does <code>LC_ALL=C</code> before command do? In what cases it will be useful?
- You are configuring a new server. One of the steps is setting the permissions to the app directories. What steps will you take and what mistakes to avoid?
- I have forgotten the root password! What do I do in BSD? What is the purpose of booting into single user mode?
- How could you modify a text file without invoking a text editor?
- How to change the kernel parameters? What kernel options might you need to tune? ***
- Explain the <code>/proc</code> filesystem.
- Explain three types of journaling in ext3/ext4.
- What is an inode? How to find file’s inode number and how can you use it?
- <code>ls -l</code> shows file attributes as question marks. What this means and what steps will you take to remove unused “zombie” files?
- To LVM or not to LVM. What benefits does it provide?
- How to increase the size of LVM partition?
- What is a zombie/defunct process?
- Your friend during configuration of the MySQL server asked you: <i>Should I run <code>sudo mysql_secure_installation</code> after installing mysql?</i> What do you think about it?
- Present and explain the good ways of using the <code>kill</code> command.
- What is <code>strace</code> command and how should be used? Explain example of connect to an already running process.
- Which algorithms are supported in <code>/etc/shadow</code> file?
- What is the use of ulimit in Unix-like systems?
- What are soft limits and hard limits?
- During configuration HAProxy to working with Redis you get <code>General socket error (Permission denied)</code> from log. SELinux is enable. Explain basic SELinux troubleshooting in CLI. ***
- You have configured an RSA key login but your server show <code>Server refused our key</code> as expected. Where will you look for the cause of the problem?
- A project manager needs a new SQL Server. What do you ask her/his? ***
- Create a file with 100 lines with random values.
- How to run script as another user without password?
- How to check if running as root in a bash script? What should you watch out for?
- Can you give a particular example when is indicated to use <code>nobody</code> account? Tell me the differences running httpd service as a <code>nobody</code> and <code>www-data</code> accounts.
- Is there a way to redirect output to a file and have it display on stdout?
- What is the preferred bash shebang and why? What is the difference between executing a file using <code>./script</code> or <code>bash script</code>?
- You must run command that will be performed for a very long time. How to prevent killing this process after the ssh session drops?
- What is the main purpose of the intermediate certification authorities?
- How to reload PostgreSQL after configuration changes?
- You have added several aliases to <code>.profile</code>. How to reload shell without exit?
- How to exit without saving shell history?
- What is this UID 0 toor account? Have I been compromised?
- Is there an easy way to search inside 1000s of files in a complex directory structure to find files which contain a specific string?
- How to find out the dynamic libraries executables loads when run?
- You have the task of sync the testing and production environments. What steps will you take?
- What are the different types of kernels? Explain.
- The program returns the error of the missing library. How to provide dynamically linkable libraries?
- What is the advantage of synchronizing UID/GID across multiple systems?
- Describe start-up configuration files and directory in BSD systems.
- The Junior dev accidentally destroyed production database. How can you prevent such situations?
- Explain each system calls used for process management in Linux.
- Explain interrupts and interrupt handlers in Linux.
- What fields are stored in an inode?
- Ordinary users are able to read <code>/etc/passwd</code>. Is it a security hole? Do you know other password shadowing scheme?
- How do you run command every time a file is modified?
- Tell me about the dangers and caveats of LVM.
- What if <code>kill -9</code> does not work? Describe exceptions for which the use of SIGKILL is insufficient.
- Difference between <code>nohup</code>, <code>disown</code>, and <code>&</code>. What happens when using all together?
- What is the main advantage of using <code>chroot</code>? When and why do we use it? What is the purpose of the mount dev, proc, sys in a chroot environment?
- What are segmentation faults (segfaults), and how can identify what’s causing them?
- What is a file descriptor in Linux?
- Which way of additionally feeding random entropy pool would you suggest for producing random passwords? How to improve it?
- What is the difference between <code>/sbin/nologin</code>, <code>/bin/false</code>, and <code>/bin/true</code>?
- What is the meaning of the error <code>maxproc limit exceeded by uid %i …</code> in FreeBSD?
- How to read a file line by line and assigning the value to a variable?
- The client reports that his site received a grade B in the ssllabs scanner. Prepare a checklist of best practice for ssl configuration. ***
- What does CPU jumps mean?
- How do you trace a system call in Linux? Explain the possible methods.
- How to remove all files except some from a directory?
- How to check if a string contains a substring in Bash?
Explain differences between
- How to redirect stderr and stdout to different files in the same line?
- Load averages are above 30 on a server with 24 cores but CPU shows around 70 percent idle. One of the common causes of this condition is? How to debug and fixed?
- How to enforce authorization methods in SSH? In what situations it would be useful?
- Getting <code>Too many Open files</code> error for Postgres. How to resolve it?
- In what circumstance can <code>df</code> and <code>du</code> disagree on available disk space? How do you solve it?
- What is the difference between encryption and hashing?
- Should the root certificate go on the server?
- How to log all commands run by root on production servers?
- How to prevent <code>dd</code> from freezing your system?
- How to limit processes to not exceed more than X% of CPU usage?
- How mount a temporary ram partition?
- How to kills a process that is locking a file?
- Other admin trying to debug a server accidentally typed: <code>chmod -x /bin/chmod</code>. How to reset permissions back to default?
- <code>grub></code> vs <code>grub-rescue></code>. Explain.
- How to check whether the private key and the certificate match?
- How to add new user without using <code>useradd</code>/<code>adduser</code> commands?
- Why do we need <code>mktemp</code> command? Present an example of use.
- Is it safe to attach the <code>strace</code> to a running process on the production? What are the consequences?
- What is the easiest, safest and most portable way to remove <code>-rf</code> directory entry?
- What are salted hashes? Generate the password with salt for the <code>/etc/shadow</code> file.
Chapter 2: Devops Questions
- What is DevOps? Which is more important to the success of any DevOps community: how people communicate or the tools that you choose to deploy?
- What is a version control? Are your commit messages good looking?
- Explain some basic <code>git</code> commands.
- Explain a simple Continuous Integration pipeline.
- Explain some basic <code>docker</code> commands.
- Which are the top DevOps tools? Which tools have you worked on?
- How do all these tools work together?
- What are playbooks in Ansible?
- What is NRPE (Nagios Remote Plugin Executor) in Nagios?
- What is the difference between Active and Passive check in Nagios?
- How to <code>git clone</code> including submodules?
- Mention what are the advantages of using Redis? What is <code>redis-cli</code>?
- Explain how Flap Detection works in Nagios?
- What are the advantages that Containerization provides over Virtualization?
- Some of the common use cases of LXC and LXD come from the following requirements… Explain.
- You have to prepare a Redis cluster. How will you ensure security?
Chapter 3: Network Questions
- What are the most important things to understand about the OSI (or any other) model?
- What is the difference between a VLAN and a subnet? Do you need a VLAN to setup a subnet?
- List 5 common network ports you should know.
- What POP and IMAP are, and how to choose which of them you should implement?
- How to check default route and routing table?
- What is the difference between 127.0.0.1 and localhost?
- Which port is used for <code>ping</code> command?
- Server A can’t talk to Server B. Describe possible reasons in a few steps.
- How to resolve the domain name (using external dns) with CLI? Can IPs be resolved to domain names?
- How to test port connectivity with <code>telnet</code> or <code>nc</code>?
- Why should you avoid <code>telnet</code> to administer a system remotely?
- What is the difference between <code>wget</code> and <code>curl</code>?
- What is SSH and how does it work?
- Most tutorials suggest using SSH key authentication rather than password authentication. Why it is considered more secure?
- What is a packet filter and how does it work?
- What are the advantages of using a reverse proxy server?
- What is the difference between a router and a gateway? What is the default gateway?
- Explain the function of each of the following DNS records: SOA, PTR, A, MX, and CNAME.
- Why couldn’t MAC addresses be used instead of IPv4/6 for networking?
- What is the smallest IPv4 subnet mask that can be applied to a network containing up to 30 devices?
- What are some common HTTP status codes?
- According to an HTTP monitor, a website is down. You’re able to telnet to the port, so how do you resolve it?
- Explain difference between HTTP 1.1 and HTTP 2.0.
- Dev team reports an error: <code>POST http://ws.int/api/v1/Submit/ resulted in a 413 Request Entity Too Large</code>. What’s wrong?
- What is handshake mechanism and why do we need 3 way handshake?
- Why is UDP faster than TCP?
- What is NAT? What is it used for?
- What is the purpose of Spanning Tree?
- How to check which ports are listening on my Linux Server?
- What mean <code>Host key verification failed</code> when you connect to the remote host? Do you accept it automatically?
- How to send an HTTP request using <code>telnet</code>?
- How do you kill program using e.g. 80 port in Linux?
- You get <code>curl: (56) TCP connection reset by peer</code>. What steps will you take to solve this problem?
- How to allow traffic to/from specific IP with iptables?
- How to block abusive IP addresses with <code>pf</code> in OpenBSD?
- When does the web server like Apache or Nginx write info to log file? Before or after serving the request?
- Analyse web server log and show only <code>5xx</code> http codes. What external tools do you use?
- Developer uses private key on the server to deploy app through ssh. Why it is incorrect behavior and what is the better (but not ideal) solution in such situations?
- What is the difference between CORS and CSPs?
- Explain four types of responses from firewall when scanning with <code>nmap</code>.
- What does a <code>tcpdump</code> do? How to capture only incoming traffic to your interface?
- What is the difference between an authoritative and a nonauthoritative answer to a DNS query? ***
- If you try resolve hostname you get <code>NXDOMAIN</code> from <code>host</code> command. Your <code>resolv.conf</code> stores two nameservers but only second of this store this domain name. Why did not the local resolver check the second nameserver?
- Is it possible to have SSL certificate for IP address, not domain name?
- Developer reports a problem with connectivity to the remote service. Use <code>/dev</code> for troubleshooting.
- How do I measure request and response times at once using <code>curl</code>?
- Does having Varnish in front of your website/app mean you don’t need to care about load balancing or redundancy?
- What are hits, misses, and hit-for-pass in Varnish Cache?
- Developer says: <i><code>htaccess</code> is full of magic and it should be used</i>. What is your opinion about using <code>htaccess</code> files? How has this effect on the web app
- Is it safe to use SNI SSL in production? How to test connection with and without it? In which cases it is useful?
- How are cookies passed in the HTTP protocol?
- You should rewrite POST with payload to an external API but the POST requests loose the parameters passed on the URL. How to fix this problem (e.g. in Nginx) and what are the reasons for this behavior?
- What is the proper way to test NFS performance? Prepare a short checklist.
- You need to block several IPs from the same subnet. What is the most efficient way for the system to traverse the iptables rule set or the black-hole route?
- How to run <code>scp</code> with a second remote host?
- How can you reduce load time of a dynamic website?
- What types of dns cache working when you type api.example.com in your browser and press return?
- What is the difference between <code>Cache-Control: max-age=0</code> and <code>Cache-Control: no-cache</code>?
- What are the security risks of setting <code>Access-Control-Allow-Origin</code>?
- Create a single-use TCP or UDP proxy with <code>netcat</code>.
- Explain 3 techniques for avoiding firewalls with <code>nmap</code>.
Chapter 4: Cyber Security Questions
- What is a Security Misconfiguration?
- What is XSS, how will you mitigate it?
- HIDS vs NIDS and which one is better and why?
- What is compliance?
- What is a WAF and what are its types?
- What is CSRF?
- What is the difference between policies, processes and guidelines?
- What is a false positive and false negative in case of IDS?
- 10 quick points about web server hardening.
Chapter 5: Super SysAdmin Questions
- An application encounters some performance issues. You should to find the code we have to optimize. How to profile app in Linux environment?
- Using a Linux system with a limited number of packages installed, and telnet is not available. Use sysfs virtual filesystem to test connection on all interfaces (without loopback).
- Write two golden rules for reducing the impact of hacked system.
- Is there a way to allow multiple cross-domains using the Access-Control-Allow-Origin header in Nginx?
- Explain <code>:();:</code> and how stop this code if you are already logged into a system?
- How to recover deleted file held open e.g. by Apache?
- The team of admins needs your support. You must remotely reinstall the system on one of the main servers. There is no access to the management console (e.g. iDRAC). How to install Linux on disk, from and where other Linux exist and running?
- Rsync triggered Linux OOM killer on a single 50 GB file. How does the OOM killer decide which process to kill first? How to control this?
- Keep developing your SysAdmin skills
- About the Author
The Leanpub 60-day 100% Happiness Guarantee
Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
See full terms
80% Royalties. Earn $16 on a $20 book.
We pay 80% royalties. That's not a typo: you earn $16 on a $20 sale. If we sell 5000 non-refunded copies of your book or course for $20, you'll earn $80,000.
(Yes, some authors have already earned much more than that on Leanpub.)
In fact, authors have earnedover $12 millionwriting, publishing and selling on Leanpub.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.