1) What is `at` command used for?
Ans:-The at command is used to schedule a one-time task at a specific time. Unlike cron, which is recurring, at runs the job only once.
2) Where are system logs stored?
Ans:-
- /var/log/messages – general system messages
- /var/log/syslog – system logs (on Debian/Ubuntu)
- /var/log/auth.log – authentication logs
- /var/log/secure – security/auth logs (on RHEL/CentOS)
- /var/log/dmesg – kernel ring buffer messages
3) What is `syslog`?
Ans:-Syslog is a standard protocol for logging in Linux; it collects system and application logs and stores them in /var/log/ via daemons like rsyslog
4) How do you monitor log files in real-time?
Ans:-
tail -f /var/log/messages
5) What is log rotation?
Ans:-Log rotation is the process of automatically archiving, compressing, or deleting old log files so that logs don’t grow too large and fill up the disk
6) How do you search logs for specific patterns?
Ans:-We search logs using grep (e.g., grep “error” /var/log/messages), and for real-time we combine it with tail -f
7)How do you install packages using `apt`?
Ans:-
apt install package_name
8) What is `yum` used for?
Ans:-yum(Yellowdog Updater, Modified) is the package manager for RHEL-based systems used to install, update, and manage software with automatic dependency resolution
9) How do you update all packages?
Ans:-We update all packages using sudo apt update && sudo apt upgrade on Debian/Ubuntu, or sudo yum update on RHEL-based systems
10) What’s the difference between `apt` and `apt-get`?
Ans:-apt is a newer, user-friendly command with better output, while apt-get is older and still used for scripting and backward compatibility.
11) How do you remove packages?
Ans:-We remove packages using apt remove or apt purge on Debian/Ubuntu, and yum remove (or dnf remove) on RHEL-based systems
12) What is a shell script?
Ans:-A shell script is a text file containing a sequence of commands written for the shell (like bash, sh, zsh). It is used to automate repetitive tasks such as backups, monitoring, deployments, or system administration.
13) How do you make a script executable?
Ans:-We make a script executable by using chmod +x script.sh and then running it with ./script.sh
14) What is the shebang line?
Ans:-The shebang line is the first line in a script that starts with #! followed by the path to the interpreter. It tells the system which program should execute the script
15) How do you pass arguments to a script?
Ans:-We pass arguments by writing them after the script name and access them inside using $1, $2, … or $@ for all arguments
16) What are conditional statements in bash?
Ans:-Conditional statements in Bash (if, elif, else, and case) let us control script execution based on conditions
17) How do you mount and unmount filesystems?
Ans:-We mount a filesystem using mount <device> <mountpoint> and unmount it with umount <mountpoint>. Permanent mounts are configured in /etc/fstab
18) What is `/etc/fstab`?
Ans:-/etc/fstab (file system table) is a configuration file that defines how and where filesystems, partitions, or storage devices should be mounted automatically at boot time
19) How do you check filesystem disk space?
Ans:-We check filesystem disk space using df -h for mounted filesystems and du -sh <dir> for specific directory usage.
20) What is `fsck` used for?
Ans:-fsck (File System Consistency Check) is a command used to check and repair filesystem errors on Linux.
21) How do you create and manage users?
Ans:-e manage users with commands like useradd, passwd, usermod, and userdel. For example, useradd -m creates a user with a home directory, and usermod -aG adds them to groups
22) How do you troubleshoot high CPU usage?
Ans:-I would use top/htop to identify the process, ps and pidstat for details, check logs to understand why it’s consuming CPU, and then decide whether to kill, restart, or optimize the process. If it’s a recurring issue, I’d look into application tuning or scaling.
23) What is `iostat` used for?
Ans:-iostat (Input/Output Statistics) is a Linux command-line tool used to monitor CPU usage and I/O (disk) performance. It helps identify whether high system load is caused by CPU bottlenecks or slow disk I/O.
24) How do you monitor network traffic?
Ans:-“I monitor network traffic using tools like iftop or nload for real-time bandwidth, tcpdump or wireshark for packet-level analysis, and sar -n or bmon for interface statistics. For long-term monitoring, I’d use centralized tools like Prometheus, Grafana, or Zabbix.
25) What is `vmstat`?
Ans:-vmstat (Virtual Memory Statistics) is a Linux command-line tool that reports real-time performance statistics about memory, CPU, processes, and I/O.
26) How do you analyze memory usage?
Ans:-I analyze memory usage using free -h and vmstat for overall stats, then top or ps to identify processes consuming the most memory. I also check /proc/meminfo and smem for detailed analysis, and watch swap usage. If I suspect memory leaks, I’ll use pmap and monitoring tools to track growth over time.
27)How do you secure SSH connections?
Ans:-To secure SSH, I use key-based authentication instead of passwords, disable root login, and change the default port. I also restrict access by user/IP, enable fail2ban against brute-force, enforce strong ciphers, and limit idle sessions. For higher security, I enable 2FA
28) What is `sudo` and how does it work?
Ans:- sudo stands for “superuser do”.It allows a regular user to run commands with elevated (root or another user’s) privileges, without logging in as root.It helps enforce least privilege and improves security.
29) How do you configure firewall rules?
Ans:- To configure firewall rules, I use tools like firewalld or ufw for simple management, or iptables for granular control. For example, I can allow ports 22, 80, and 443 while blocking others, and then make the rules persistent. I always verify with firewall-cmd –list-all or ufw status to ensure the rules are applied
30) What is SELinux?
Ans:- SELinux = Security-Enhanced Linux.It is a mandatory access control (MAC) security system built into the Linux kernel.Unlike traditional Linux permissions (user/group/others), SELinux adds an extra layer of access control based on policies
31) How do you check for rootkits?
Ans:-To check for rootkits, I use tools like chkrootkit and rkhunter to scan the system. I also verify system binaries with the package manager, check running processes and kernel modules, and review logs for suspicious activity. For long-term protection, I use integrity monitoring tools like AIDE and keep the system updated
32) How do you configure static IP addresses?
Ans:-To configure a static IP, I either edit the network configuration files (/etc/sysconfig/network-scripts/ifcfg-* on RHEL, or Netplan YAML on Ubuntu) or use tools like nmcli. I set the IP, gateway, and DNS, then restart networking and verify with ip addr and ping
33) What is `iptables`?
Ans:-iptables is a Linux firewall utility that works with the kernel’s netfilter framework to control network traffic. It uses tables, chains, and rules to allow, block, or modify packets. For example, I can allow SSH and HTTP while dropping all other inbound connections.
34) How do you set up port forwarding?
Ans:-Port forwarding maps traffic from one port or host to another. In Linux, I can set it up with iptables using the NAT table, or with firewalld rules. For quick secure access, I can also use SSH port forwarding. For example, I can forward external port 8080 to a local web server running on port 80.
35) What is network bonding?
Ans:-Network bonding means combining two or more network interfaces (NICs) into a single logical interface.Purpose: high availability (failover) and/or increased bandwidth (load balancing).
36) How do you troubleshoot DNS issues?
Ans:-I first check network connectivity with ping or curl to an IP address. Then I verify /etc/resolv.conf for correct DNS servers. I test name resolution with nslookup or dig, and if it works with a public DNS like 8.8.8.8 but not the default one, I know it’s a local resolver issue. I also check /etc/hosts, flush DNS cache, and ensure port 53 isn’t blocked by firewalls or SELinux.
37) What is the difference between containers and VMs?
Ans:-A VM virtualizes hardware and runs a full OS, which makes it heavier but provides strong isolation. Containers virtualize at the OS level, sharing the host kernel, so they are lightweight, start quickly, and are ideal for running microservices. I’d use containers for scalable apps and CI/CD, while VMs are better when strong isolation or different OS types are required
38) How do you install Docker on Linux?
Ans:-To install Docker on Linux, I first add Docker’s official repository and GPG key, then install the docker-ce package. After that, I start and enable the Docker service, and test it with docker run hello-world. On Ubuntu I’d use apt, and on CentOS I’d use yum.
39) What are Linux namespaces?
Ans:-Linux namespaces are a kernel feature that isolate system resources like process IDs, network interfaces, mount points, and hostnames. They are the building blocks of containers, giving each container its own isolated view of the system while still sharing the same Linux kernel
40)How do you manage Linux containers?
Ans:-Linux containers can be managed using tools like Docker, Podman, or LXC. With Docker, for example, I can start, stop, monitor, and connect containers, manage storage volumes, and control networking. For large-scale environments, orchestration tools like Kubernetes are used to automate container deployment, scaling, and management.
41) What is systemd and how does it work?
Ans:-Systemd is the init system and service manager for modern Linux. It is the first process started by the kernel and is responsible for initializing the system, managing services, logging, and handling dependencies. Services are defined using unit files, and administrators can control them with systemctl. It replaces older init systems like SysVinit and Upstart.