CompTIA Linux+ XK0-004 Thoughts

Lately I’ve been seeing a lot of steam about the CompTIA Linux+ exam. Evidently they’re separating away from the LPI partnership that’s long been in place – not sure if that has anything to do with the bruhaha – but I thought I’d dig into the exam outline to see what the competency focuses were, and issue some of my opinions about them. Bear in mind that I’m not a proctor or advisor of any kind, and that opinions are strictly that. I’m going to run down the objectives in the same order they appear in the official outline document, so nothing comes out of order.

You can view the outline here:

1.0 Hardware and System Configuration

1.1 Linux Boot Process Concepts

Man, am I happy to see that someone finally understands that not a single person on this planet uses LILO any longer. Say what you will about technical merit, the clear winner here was GRUB. Any mention of the former has been wiped clear from the objective list. Hopefully this isn’t one of those Cisco-style documents where what’s on the exam isn’t anywhere near close to the outline document, unless of course your abstract thinking expands to the realm of what’s par for LSD abuse. Also happy to see that there’s a focus on UEFI/EFI rather than BIOS. Having deployed more than a fair share of contemporary computers both manually and via PXE, it feels dirty to reconfigure the system to run BIOS. Practically speaking, I don’t think UEFI/EFI is as big of a monster as it once was several years ago. We in the Linux community have already crossed this bridge, so let’s stop taking a piss on the side with wilting grass here.

1.2 Kernel Modules

Part of me feels as if this section is gratuity on every entry-level Linux exam. Why? There have been maybe a handful of times I’ve had to manhandle modules, and its come in the user-space on workstations rather than servers. Dealing with Type-2 Hypervisors that don’t play nice with Linux (looking at you VMware) or Nvidia graphics drivers seem to be the only real plays here. For the most part, the kernel does a good job of taking care of what you need for common use cases, and this is especially true if you’re deploying any enterprise distribution whose philosophy is that users shouldn’t have to eat their own skin off their arms to get these systems to work in the 21st century. That said, it’s still valuable knowledge. I’m just unsure that it requires a point allocation on an exam.

1.3 Network Connectivity Configuration

Not really too much to comment on here, except for the inclusion of NetPlan configuration. Along with Gradle, YAML is one of those technologies that was likely written by some hipster and is just a dumpster fire of epic proportions. Since that’s all dandy, let’s change from semi-palatable traditional network configuration scripts that look much like an INI file – which is well understood – to some arcane indent-based copulation between Python-like syntax (because, you know, Python is the greatest thing since sliced bread) and the never ending ML-based projects that seek to change the world. No thanks. Learn it for the exam, learn to hate it, and move back to better things.

1.4 Linux Storage Management

RIP btrfs. Not really.

I’m not sure I’ve understood the migratory path to XFS over EXT4. In my deployment contexts, especially with M2 drives, XFS has caused all sorts of problems that I can’t really explain away. The result, however, was a revert to EXT4 after several FS-level repair attempts were made to fix the corruption on the root partition. One instance I chalked up to a silently botched install, but the other five I couldn’t attribute to really anything. But this FS seems to sit in the first-class citizen spot with EXT4 not too far behind it.

Glad to see that there are some subtle hints at RAID management here. It’s never a huge factor in entry-level exams, but still worth mentioning.

1.5 Cloud and Virtualization Concepts

YAML makes yet another appearance. Yay…

With as long as virtualization has been around, I’m a bit shocked that its taken this long for it to appear in entry-level exams. Most enterprises these days are at a minimum leveraging Type-2 Hypervisors, but this comes in the form of VMware. The focus here, however, is on KVM. Looks as if there may be a little bit of a touch on containers as well, although I seriously doubt it’d be a heavy hitter in comparison to the contemporary content.

An aside, I’m not aware of many enterprises that leverage KVM explicitly for virtualization needs. This mostly gets passed off to VMware or Citrix. I usually find KVM in a Type-2 context on workstations.

That said, there appear to be more here that serves general-purpose understanding of virtualization technologies. Definitely worth taking a look at if you’re unfamiliar.

1.6 Localization Options

Most people don’t really pay attention to these sorts of configurations, but they’re important, especially those concerned with keeping accurate time on a computer. If not for the workstation, then at least be sure that you’re familiar with these commands, especially in the context of virtualized guests. Time drift here can be a pretty common problem.

2.0 Systems Operations and Maintenance

2.1 Software Management

As with many vendor-neutral exams, this one appears to target the most common installation methods for three types of distributions: Debian-based, RHEL-based, and OpenSUSE (Zypper is an explicit target here, for some reason). Not sure why there’s no mention of Flatpak or Snap. Both are emerging as pretty common ways to install user-space programs on a Linux computer.

2.2 User and Group Management

Run-of-the-mill stuff here. The only addition I would’ve added would be domain-based local user management. I believe there’s a section later in the Security topic that covers LDAP integration, but there are some user-space tools that go along with this and I don’t personally consider these to be mid-level knowledge points.

2.3 File Management

These sections should be renamed Grep/Sed/Awk 101. At least you’ll get exposure to some of the more esoteric commands for file management like wc and tee, but again, there’s nothing here that isn’t off kilter.

2.4 Service Management

I thought we were beyond the point where SysV was still a major player, but evidently it remains more pervasive than I estimated. Most enterprise-focused distributions will focus only on Systemd, and it’s more than adequate enough for even the prevalent Debian-based distributions (unless of course you think running Devuan is a good idea, to which I’d say you need clinical help). In these situations, most of the SysV commands translate to Systemd commands anyway.

2.5 Summarize Server Roles

Not much to mention here. Just know the roles.

2.6 Job Automation and Scheduling

If you don’t know the five finger mnemonic for remembering how to configure cron jobs, take a look at this post:–timing-your-cron-jobs.html

2.7 Linux Devices

You’d be surprised how little most people know about udev, and it’s critical to understand when talking about managing devices on contemporary Linux computers. My recommendation would be to read through the Arch Wiki article on udev to get a better understanding of it if you’re unfamiliar:

2.8 Graphical User Interfaces

In the wake of recent events with my attempts at deploying Linux to workstations in the enterprise I manage, I’ve since developed a substantial amount of beef with sections like these. Without getting too much into detail, because honestly it could warrant its own post, I’ll say the following concerning the exam outline:

No serious enterprise professional is going to leverage anything other than GNOME in their environment because it’s easily the most supported in terms of contractual support from major enterprise distribution vendors. Anything outside of that is going to require internal support abilities which may or may not exist. Furthermore, Unity as a DE was officially deprecated by Canonical within the last few releases of Ubuntu, and it was so jarring to begin with that supporting it is completely out of the question. In my opinion, requesting that a prospective student be familiar with DE like Unity, Cinnamon, or MATE is just an absolute waste. This isn’t a game. Managers will have a hard enough time selling the idea of getting Linux on workstations to begin with. Along with that decision comes which DE to standardize on, and this is frankly more contentious than the predicate aspect of getting Linux installed. Rolling the dice to every single option out there is an incredibly insane notion. X11 forwarding via SSH isn’t as common a function as it may have once been. Most all servers run headless, ergo there’s no need for this.

My advice here is to understand at least what the DE arena looks like, familiarize yourself with how each expresses various UX metaphors, and then move on with your life.

3.0 Security

3.1 User/Group Permissions

The focus here is on traditional DAC concepts as well as MAC through both SELinux and AppArmor, with the lion’s share being the former. There appears to be some concern with ACLs, which both EXT4 and XFS support, but most people don’t realize that ACLs are entirely optional in these file systems, and that their translation to other file systems is generally unclean in the sense that they just get clobbered. Furthermore, you can have several EXT4/XFS mounts on a system, one of them supporting ACLs and the other not. The point here is that because they’re not first-class citizens, honouring ACLs in Linux has been and continues to be an odd conversation.

The fact that the bulk of the weight appears to be on SELinux isn’t an accident. Again, in the arena it has emerged largely victorious despite Canonical’s need to be different. As arcane as SELinux seems to be, the truth is that there’s a tremendous amount of enterprise support behind it.

3.2 Access and Authentication Methods

Not too much to comment on here. One thing worth mentioning, however, is the part that focuses on LDAP integration. In most cases, Linux servers/workstations will integrate with AD rather than a LDAP implementation like IPA, regardless of the benefits. Most tests will operate under the latter context, unfortunately, and may focus exclusively on pure OpenLDAP, which is to my knowledge hardly ever deployed itself.

3.3 Security Best Practises

Not too much to comment on here either. These are things that most everyone should be doing if they’re serious about getting Linux secure, even in the server environment.

3.4 Logging Services

Another not too much going on section. Garden variety things here.

3.5 Linux Firewalls

Here’s another one of those fun sections where cross-vendor technologies come into play. Most people are familiar with iptables and Netfilter, but when we’re talking about firewalld VS ufw, the former is the clear victor in the enterprise space, and doesn’t appear to be changing any time soon.

3.6 Backups

I’m glad to see some focus on this for entry-level exams. This still seems to be the last thing anyone thinks about concerning their computing architecture. Three techs are covered here: SFTP, SCP, and rsync. I still maintain that rsync is the winner here, even for off-site. SCP has noted performance concerns, and SFTP has FTP in it, so we don’t want to touch it.

4.0 Troubleshooting and Diagnostics

4.1 System Analysis and Remediation

In general, I feel as if this section is one that most Linux users gloss over, especially since in the day-to-day, a reinstall combined with smart partitioning will usually cure all serious ails.

Some of the network diagnostics here are a bit odd since they’ll usually always end up at a network-level rather than at the host. For example, unless you’ve been modifying your network interfaces, routing issues hardly ever emerge at the host level. Further, some of the network diagnostic commands aren’t trivial, like the use of nmap or tshark. Sure you could stumble your way through these, but you might not realize half of what you’re looking at when viewed with an untrained eye.

Root password recovery has shifted a bit over the years. Even select contemporary enterprise distributions are shipping with the root-account-disabled model, instead relying exclusively on sudo for escalation. The techniques for recovery are still valid, however.

EDIT: Reading over this some time in the future, I realised that I omitted here that although the root-account-disabled model is becoming prevalent, systems without the proper configurations can be vulnerable when booting into single user since the root account will just login by default with no password. There are provisions for this in your boot configuration files. Look them up for your distribution.

4.2 Optimize Process Performance

Again, another aspect where users might get a taste but not dive too deeply. Being able to dynamically adjust process priority is crucial when diagnosing system performance issues. Furthermore, being able to identify a process is a bit of an art. Being able to go between top, ps, lsof and pgrep are important.

4.3 Troubleshoot User Issues

If you’ve understood topics from previous sections concerning SELinux, DAC/MAC, and file systems, you’ve pretty much got this section in the bag.

4.4 Troubleshoot Application and Hardware Issues

Most of this is garden variety, with the caveat on select storage points such as the focus on HBAs and degraded storage in a RAID context. Not very common problems encountered by junior admins, but still worth mentioning.

5.0 Automation and Scripting

5.1 Deploy and Execute Bash Scripts

I think the title here is a bit misleading, as it seems the content is focused more on being a Bash primer more than anything else. If you already are familiar with Bash, this should be a breeze.

5.2 Git

Very basic git usage is covered here. You’re not going to be doing cherry picking, rebasing, or blaming here.

5.3 Orchestration Concepts

It’s not really clear what they mean here. General principles are one thing, but are they hinting at any specific implementation such as Puppet, Chef, or Ansible? Orchestration also occurs in the virtualization space, and it means something a little different. Methinks some ambiguity is here simply because of the aforementioned virtualization section not being exclusive to Linux itself.

Overall, I think this looks like a pretty good vendor-agnostic exam, despite my personal opinions on the matter. There’s a nice effort to blend rudimentary enterprise concepts with general knowledge, which seems to be a trend, and I think exam takers would get a lot out of it. It’s unclear to me what the industry adoption would be, especially since there’s a split between them and LPI.