1. What’s one main
difference between Windows and Linux processes?
Answers
·
Linux processes can operate
independent of their parents. Windows processes have a parent-child
relationship.
·
There are no differences between
Windows and Linux processes
· Windows processes can operate independent of their parents. Linux processes have a parent-child relationship.
Explanation: Windows and Linux processes deal with file locking, which is one of the most significant distinctions between the two. Explicit requests for file locks may be made by processes in Windows by using the LockFile and UnlockFile methods. In Windows, the locking and unlocking of files is controlled by the operating system. This allows processes to manage access to a file and prevents multiple copies from being modified simultaneously.
On the other hand, Linux has a very different method for locking files. In most cases, it makes use of advisory file locks, which allow programs to make use of the fcntl system call in order to request a lock on a particular file area. On the other hand, in contrast to Windows, Linux does not actively enforce locks; rather, it is the responsibility of collaborating processes to respect the locks.
In a nutshell, the most significant distinction is in the manner in which Windows and Linux processes handle the implementation and enforcement of file locking. Windows offers a method that is more centralized and can be enforced, but Linux depends on advisory locks, which call for collaboration between processes.
2. What do we launch
when we execute a program?
Answers
·
A process
·
The CPU
·
A Word document
· A web browser
Explanation: When we run a program, we are really kicking off a process. An instance of a computer program that is now being carried out by the operating system of a computer is referred to as a process. It is a representation of the instructions of a program being carried out in a particular instance.
One or more processes are associated with each application that is currently executing. Processes are able to operate independently of one another because each process has its own memory space, its own set of system resources, and its own execution environment. Launching a program kicks off the formation of a process that is responsible for carrying out the actions that are specified in the program.
3. What type of process
is a daemon process?
Answers
·
Logging
·
Thought process
·
Background process
· Foreground process
Explanation: A
daemon process is a specific kind of background process that operates in an
uninterruptible manner, often offering services or carrying out activities in
the background without requiring direct contact from the user. Daemons are
often started up at the same time as the operating system, and they remain
active in the background, either watching for certain events to take place or
reacting to requests made by users.
4. What is the name of
the process that starts up other processes needed to boot a Linux OS?
Answers
·
Init
·
Smss.exe
·
PID
· Kill
Explanation: "init" is the name given to the process that launches all of the other essential processes required for booting a Linux operating system. During the booting process of classic Unix and Linux systems, the "init" process is the first one that is carried out by the kernel.
The init process, which has a process identifier (PID) of 1, is the one in charge of initializing the computer system, starting the most important system services, and handling the boot procedure. It acts as the ancestor of all other processes and is responsible for a very important part of the starting procedure for the whole system.
The conventional init procedure has either been superseded or modernized in more recent Linux distributions, most notably those that use systemd as their init system. In addition to performing the standard duties associated with the init process, systemd also performs the role of a system and service manager. It is responsible for the initialization and administration of a variety of system services.
5. Which process in
Windows OS handles running the GUI and command line console?
Answers
·
Smss.exe
·
Winlogon.exe
·
Notepad.exe
· csrss.exe
Explanation: "Explorer.exe" is the name of the process that runs both the graphical user interface (GUI) and the command-line terminal in the Windows operating system. "GUI" stands for "graphical user interface." The Windows Shell, which is represented by Explorer.exe, is the program that is accountable for delivering the user interface. This includes the desktop, the taskbar, and the Start menu.
The graphical user interface (GUI) portions of Windows are generally maintained by explorer.exe, while the command-line console of Windows, often known as Command Prompt or PowerShell, is managed by other processes. In most cases, the process name for Command Prompt is "cmd.exe," but the process name for PowerShell is "powershell.exe." Within a Windows system, the execution of scripts and instructions entered via the command line is handled by these processes.
6. Which of the
following tools can help you gather information about the processes running on
a Windows operating system?
Answers
·
The tasklist utility from a command
prompt
·
The Task Manager
·
The Get-Process commandlet from a
PowerShell prompt
·
All of the above
7. If you restart a
process using the Process Explorer utility, what will the new parent of that
process be?
Answers
·
Momanddad.exe
·
Process Explorer
·
Windows.exe
· Cmd.exe
Explanation: When you use the Process Explorer tool to restart a process, the Process Explorer application itself will become the new parent of the restarted process. As a consequence of Process Explorer effectively taking over the administration of the restarted process, the latter now reports to Process Explorer as its parent process.
When discussing management of processes, the process that "spawns" or "creates" another process is referred to as the "parent" process. When you use Process Explorer to restart a process, it kills all instances of the process that are already running and starts a new instance in its place. Because the newly created instance takes its parentage from the Process Explorer, the Process Explorer is considered to be the parent process of the one that was just restarted.
This action assures that the relaunched process is under the control and supervision of Process Explorer, which enables Process Explorer to provide more sophisticated monitoring and management options. These features include the ability to monitor and manage several processes simultaneously.
8. Which signal is used
to resume the execution of a process?
Answers
·
SIGCONT
·
SIGTERM
·
SIGSTP
· SIGKILL
Explanation: The SIGCONT signal is the signal that is used to restart the execution of a process after it has been suspended. Inter-process communication and event notification are both carried out with the use of signals in operating systems that are similar to Unix. Linux is one such system.
The SIGCONT signal was developed for the particular purpose of giving instructions to a process to restart its execution after the process has been previously halted. This signal is often sent by the shell or other controlling processes in order to continue a process that has been momentarily interrupted, most commonly as a result of receiving a SIGSTOP or SIGTSTP signal.
9. What is a common way
to troubleshoot mobile apps running in the background that slow down a mobile
device’s performance?
Answers
·
Upgrade the phone to a newer model
·
Close out the background
apps in the app switcher
·
Charge the phone
· Exit out of the app that is currently open
Explanation: Utilizing the built-in app management and monitoring functions that are available on the majority of mobile operating systems is a frequent method for troubleshooting mobile applications that are running in the background on a mobile device, which may slow down the performance of the device. You are able to discover and resolve problems that may be hurting the performance of your mobile device if you actively manage and monitor the programs that run in the background. It is important to keep in mind that the particular actions and features that are stated could be different depending on the mobile operating system and the type of the device.
10. What is a utility
Microsoft created to let IT support specialists, systems administrators, and
other users look at running processes?
Answers
·
UID
·
Task Manager
·
Process Explorer
· SIGKILL
Explanation: Microsoft developed an application known as "Task Manager" so that users of Windows operating systems, including IT support experts, system administrators, and other users, could see the tasks that were now executing. The Task Manager program is a built-in system monitoring and management tool that gives real-time information on the performance of the system, apps that are now running, and tasks that are taking place in the background.
11. Which of the
following PowerShell commands will tell you which process on your system is
using the most CPU resources?
Answers
·
Get-Process | Sort CPU
-descending | Select -first 1 -Property ID,ProcessName,CPU
·
Get-Process | Sort RAM -descending |
Select -first 1 -Property ID,ProcessName,CPU
· cpu_usage.exe | top -1
12. If you have a slow
computer, what are some possible culprits that could be causing this? Select
all that apply.
Answers
·
High CPU usage
·
Lots of I/O activity
·
High RAM usage
· Too many processes running
13. In a Linux machine,
what command can you use to safely terminate a process with a PID of 342?
Answers
·
kill 342
·
kill -KILL 342
·
kill -TSTP 342
· kill -CONT 342
Explanation: The kill command will, by default, send a termination signal (SIGTERM) to the given process. This will enable the process to complete any necessary clean-up or shutdown operations before the command is executed. In the event that the process does not reply when the termination signal is sent, you may use the -9 option to end the process in an unnatural way.
14. In a Linux machine,
what command can you use to absolutely kill a process with a PID of 342?
Answers
·
kill 342
·
kill -KILL 342
·
kill -TSTP 342
· kill -CONT 342
Explanation: You may use the kill command in conjunction with the -9 option in a Linux operating system to terminate a process with a PID (Process ID) of 342 in an absolute and uncompromising manner. The -9 option causes the SIGKILL signal to be sent to the chosen process, which causes the process to be terminated instantly without giving it the opportunity to complete any cleaning tasks.
15. In a Linux machine,
what command can you use to suspend a process with a PID of 342?
Answers
·
kill 342
·
kill -KILL 342
·
kill -TSTP 342
· kill -CONT 342
Explanation: On a computer running Linux, you may use the kill command in conjunction with the -STOP option to suspend (halt) a process that has a PID (Process ID) value of 342. A process may be temporarily halted by sending the SIGSTOP signal to it.
This command will send the SIGSTOP signal to the process
that has PID 342, which will cause that process to be halted temporarily. The
process will be in a halted state and will not carry out any further execution
until it gets a SIGCONT signal instructing it to restart operation in order to
continue.
16. When Windows boots up, what is
the first non-kernel process that starts?
Answers
·
Powershell.
·
The smss.exe process
·
The
csrss.exe process.
· The winlogon process.
A fundamental component of the Windows operating system is referred to be the "System" process. The management of system resources, the execution of system services, and the startup of the Windows Executive, which is the heart of the operating system, are all key responsibilities that fall within its purview.
The
"System" process, which is the first non-kernel process to start
during the boot process, lays the groundwork for the operation of the complete
operating system and paves the way for the later launch of other crucial
processes and services.
$ less /etc/myfile | grep Hello
Answers
·
The
parent is grep and the child is less.
·
The
parent is /etcand the
child is myfile.
·
The
parent is less and the child is /etc/myfile.
·
The parent is less and the child is grep.
Answers
·
Use
the Windows Task Manager.
·
From
the CLI, use the tasklist command.
·
From the PowerShell prompt, use the
Get-Process commandlet.
·
From
the CLI, use the ps command.
Answers
·
List the contents of the /proc directory.
·
Use
the ps -x command.
·
List
the contents of the /etc directory.
·
Use
the ls command.
Answers
·
To terminate the process that is signaled
·
To
restart the process that is signaled
·
To
put the process that is signaled into a sleep state
· To suspend the process that is signaled
On use, sending a SIGINT signal to the presently running foreground process on the terminal is accomplished by hitting the Ctrl and C keys simultaneously. Users may often use this method to interrupt a command or program that is currently executing and request that it exit in an orderly manner.
Even while
the SIGINT signal always brings about the termination of the process as its
default action, processes have the option to handle this signal in a variety of
other ways. For instance, a program may have a signal handler that responds to
the SIGINT signal by carrying out a predetermined set of tasks before
terminating itself. On the other hand, if a process does not explicitly handle
the SIGINT signal, the process will end since it is the action that is defined
as the default.
Answers
·
Process Explorer (procexp.exe)
·
smss.exe
·
notepad.exe
· PowerShell (powershell.exe)
When you restart a process, you are really putting an end to the currently running instance of the process and beginning a fresh run of the process. The new instance gets its parentage from the process that caused the restart, which in this case is Process Explorer. This means that the new instance is a child of the original instance. As a result, the program known as Process Explorer will serve as the notepad.exe process's parent when it has been resumed.
When you
manually restart a process using a tool like Process Explorer, it is crucial to
keep in mind that a new instance of the process is generated under the umbrella
of the process that initiated the restart. This is represented in the
parent-child connection that exists inside the process hierarchy.
Answers
·
SIGKILL
·
SIGTERM
·
SIGINT
· SIGTSTP
Explanation: Under Linux, the SIGSTOP signal
is the one that is responsible for putting a process into a suspended state.
When a process is sent the SIGSTOP signal, the process is instantly terminated
and the execution of the process is halted. The process will stay in this
suspended state until it gets a signal that tells it to continue, which is
often the SIGCONT signal.
Answers
·
SMSS
·
The
Home app
·
There
are no foreground apps when you are on the home screen.
· All open apps
Explanation: When you go to the home
screen on either iOS or Android, the app that you have most recently been using
is the one that will become the foreground program. This app is sometimes
referred to as the "launcher" or the "home app."
Answers
·
System
hardware properties
·
Process information along with data about the
resources that the process is consuming
·
Information
about current time and how long your system’s been running
· Information about particular resources on the system (like CPU, Memory, and Network usage)
Explanation: Users are able to discover
processes or services that may be using an excessive amount of resources thanks
to Resource Monitor, which offers a real-time picture of the system's use of
its resources and displays this view to users. It is an effective tool for
diagnosing problems with the system's performance as well as monitoring the
overall health of the computer. You can access Resource Monitor by clicking the
Performance tab in Task Manager, or by typing "resmon" into the Run
dialog box to bring up the command prompt.
Answers
·
It
provides information on process CPU and memory usage.
·
It
provides a snapshot of total tasks currently running or idling.
·
It
lists the top ten largest files on the system.
· It lists the top processes that are using the most resources on a machine.
26. Which of the following
statements are true about child processes in Windows? Select all that apply.
Answers
·
A child process inherits environment variables
and settings from its parent.
·
A child process can be terminated by clicking
on the X button in the top right corner of the application.
·
A
child process is dependent on its parent process until the child process is
terminated.
·
A child process can be terminated by running the taskkill
/pidcommand in the CLI.
Answers
·
kernel
·
less
·
grep
· init
Explanation: In Linux, the init process is indicated by a PID (Process Identifier) value of 1, and it is responsible for booting the system. During the booting process of a Linux computer system, the init process is the very first one that is initiated by the Linux kernel. It is the parent or root process in the process hierarchy, as well as the ancestor of all other processes.
The init process is in charge of initializing the system as well as kicking off the operation of any other necessary processes. In more recent iterations of Linux, the init process has been superseded by more sophisticated init systems like systemd. Despite this, the practice of giving PID 1 to the very first process in the system is still carried on, and the word "init" is often used to refer to this very first process in the system.
The init
process is always running on Linux since it is so important to the operation of
the Linux operating system, and it stays that way even when the system is up
and running.
28. Which of the following
options are available in Process Explorer after right-clicking a running
process in the top window pane? Select all that apply.
Answers
·
Restart
·
Suspend
·
Kill Process
· Remove Process Tree
29.
In Linux, what signal is sent when you enter the kill pidcommand?
Answers
·
SIGTSTP
·
SIGTERM
·
SIGINT
· SIGKILL
Explanation: SIGTERM (15) is the signal
that will be sent by default if you run the kill command on Linux. This signal
notifies the process that it should end in a dignified manner, giving it time
to clear off any resources it needs before quitting. You may use the kill -9
command to force the process to terminate instantly without giving it a time to
clean up if the process does not react to the SIGTERM signal. This command
delivers the SIGKILL (9) signal.
Answers
·
The PowerShell Get-Processcommandlet
·
The
msinfo32 command entered in the CLI
·
Control
Panel
·
The Resource Monitoring tool
Answers
·
The Powershell process is the parent process
for notepad.exe.
·
The
notepad.exe process is the parent process for Powershell.
·
The
notepad.exe process will terminate when the Powershell process terminates.
· The Powershell process will terminate when the notepad.exe process terminates.
Explanation: If you run notepad.exe from
inside PowerShell, the PowerShell command line won't be available again until
Notepad is shut down. This is due to the fact that PowerShell processes are
always launched synchronously by default. The command line will remain in its
current state until the Notepad window is closed, which indicates that the
procedure has been successfully completed.
Answers
·
top
·
uptime
·
lsof
· ps -ef
Answers
·
SUDO
·
PING
·
TOUCH
·
SIGPROF
Answers
·
Kill Process
·
Suspend
·
Kill Process Tree
· Restart
Explanation: You may kill a chosen process in Process Explorer by right-clicking on the process you wish to kill, and then selecting the "Kill Process" option from the context menu that appears. This will end the selected process. The chosen process will be abruptly shut off as a result of taking this action. You may do the same thing by using the shortcut key combination "Ctrl + K," which is another option.
It is
important to keep in mind that suddenly ending a process might result in the
loss of data as well as other unexpected behavior, therefore doing so should
only be done with extreme care.
Answers
·
Get-Process| Sort NPM -descending | Select
-property ID, ProcessName
·
Get-Process|
Sort CPU -descending | Select -property ID, ProcessName
·
Get-Process|
Sort -property ID, ProcessName
·
Get-Process|
Sort WS -ascending | Select -property ID, ProcessName
Answers
·
The
process terminates automatically.
·
The
process releases all the resources it was using to its parent.
·
The
process goes into a suspended state.
·
The process releases all the resources it was using back to the
kernel.
Answers
·
Task
Manager will not show PID numbers (you have to use the tasklist command or the
Get-Process commandlet).
·
Click
on the Processes tab.
·
Click
the Details tab.
·
Select
a process from the process list.
Answers
·
The
memory resources the process is using
·
What
application or image the process is running
·
What
time the process started
·
The CPU resources the process is using
Answers
·
It
can be sent at the CLI by typing the sigint command.
·
It
is a signal that exists in both Windows and Linux.
·
It
is an interrupt signal that can be sent to a process that is running.
· It can be sent at the CLI by pressing the CTRL+C keys.
Answers
·
The background apps will take turns
running in the background to use less processing power.
·
The OS will suspend
background mobile apps.
·
The background apps continue to run
normally.
· The OS will terminate the background apps.
Explanation: Even if applications running in the background could continue to execute certain limited activities, the operating systems' top priorities are protecting the battery life of the device and keeping the performance of the system as a whole up to par. To guarantee that their applications carry out proper actions when the platform is in the background, developers need to follow platform-specific requirements.
40. When using the ps
-ef command to read process information in Linux, what is the process’ PPID?
Answers
·
The terminal associated with the
process
·
The ID of the person who launched the
process
·
The Process Identification
number of its parent
· Its Process Identification number
Explanation: The ps -ef tool in Linux shows extensive information about processes. One of the pieces of data that it gives is the Parent Process ID (PPID), which is abbreviated.
The Process ID of the parent process that was responsible for the creation of the current process is denoted by the PPID. It identifies the process responsible for initiating or establishing the present process. In other words, it determines the hierarchical structure of the methods and their parent-child relationships.
When you run ps -ef, the result will include a column named "PPID," and each row of the output will correspond to a different process that is currently executing. The Process ID of the parent process is shown in the PPID column for each of the processes that are mentioned.
41. What are the two
most common ways to terminate a process in Linux at the CLI? Select two
options.
Answers
·
Use the kill -KILL
pidcommand
·
Use the terminate process command.
·
Use the end process command.
· Use the kill pidcommand.
42. Which of the
following Linux commands lists open files and what processes are using them?
Answers
·
lsof
·
uptime
·
ps -ef
· top
Explanation: This command offers information on
the processes that currently have regular files, directories, and special files
open, as well as a thorough list of all open files. This list includes regular
files, directories, and special files.
You may use a variety of parameters with lsof to narrow down the results and get information or filtering that is more suited to your needs. These choices include identifying a particular file, process, or user.
