nerdexam
CompTIA

LX0-104 · Question #272

Which of the following is the BEST way to temporarily suspend a user's ability to interactively login?

The correct answer is C. Changing the user's shell to /bin/false.. The most effective and reversible method to temporarily suspend a user's interactive login capability is by changing their shell to /bin/false.

Administrative Tasks

Question

Which of the following is the BEST way to temporarily suspend a user's ability to interactively login?

Options

  • AChanging the user's UID.
  • BChanging the user's password.
  • CChanging the user's shell to /bin/false.
  • DRemoving the user's entry in /etc/passwd.
  • EPlacing the command logout in the user's profile.

How the community answered

(27 responses)
  • A
    7% (2)
  • B
    4% (1)
  • C
    74% (20)
  • E
    15% (4)

Why each option

The most effective and reversible method to temporarily suspend a user's interactive login capability is by changing their shell to `/bin/false`.

AChanging the user's UID.

Changing a user's UID (User ID) would disassociate them from their files and processes, leading to data access issues and system instability, which is not a temporary suspension method.

BChanging the user's password.

Changing the user's password prevents them from logging in with their old password, but they could still log in if given a new password, and it's not the cleanest way to temporarily suspend *interactive* login.

CChanging the user's shell to /bin/false.Correct

Changing a user's login shell to `/bin/false` (or `/sbin/nologin`) prevents them from being granted an interactive shell upon successful authentication, thereby effectively suspending interactive logins without deleting the account or files, and it is easily reversible.

DRemoving the user's entry in /etc/passwd.

Removing the user's entry in `/etc/passwd` permanently deletes the user account and all associated data, which is not a temporary suspension.

EPlacing the command logout in the user's profile.

Placing `logout` in a user's profile file would allow them to log in briefly before being logged out, which is less secure and less robust than preventing interactive shell access entirely.

Concept tested: User account management and login suspension

Source: https://man7.org/linux/man-pages/man8/usermod.8.html

Topics

#user management#user accounts#shell access#security

Community Discussion

No community discussion yet for this question.

Full LX0-104 Practice