매달, 우리는 1000명 이상의 사람들이 시험 준비를 잘하고 시험을 잘 통과할 수 있도록 도와줍니다.
LPIC-3: Virtualization and Containerization - Exam 305, version 3.0 온라인 연습
최종 업데이트 시간: 2026년02월14일
당신은 온라인 연습 문제를 통해 LPI 305-300 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 305-300 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 60개의 시험 문제와 답을 포함하십시오.
정답:
Explanation:
The correct command to move the libvirt domain web1 from the current host system to the host system host2 is virsh migrate web1 qemu+ssh://host2/system. This command uses the virsh migrate command, which initiates the live migration of a domain to another host1. The first argument is the name of the domain to migrate, which in this case is web1. The second argument is the destination URI, which specifies the connection to the remote host and the hypervisor to use2. In this case, the destination URI is qemu+ssh://host2/system, which means to use the QEMU driver and connect to host2 via SSH, and use the system instance of libvirtd3. The other options are incorrect because they either use invalid commands or arguments, such as node-update, pool-add, patch, or cp, or they do not specify the destination URI correctly.
Reference:
https://balamuruhans.github.io/2019/01/09/kvm-migration-with-libvirt.html
http://libvirt.org/migration.html
정답:
Explanation:
VirtualBox is a hosted hypervisor, which means it runs as an application on top of an existing operating system, not as a special kernel that is booted before the first regular operating system starts1. VirtualBox supports a large number of guest operating systems, including Windows, Linux, Solaris, OS/2, and OpenBSD1. VirtualBox does not require dedicated shared storage, as it can store virtual machine disk images locally on block devices of the virtualization host, or on network shares, or on iSCSI targets1. VirtualBox provides both a graphical user interface (GUI) and command line tools (VBoxManage) to administer virtual machines1. VirtualBox is available for Windows, Linux, macOS, and Solaris hosts1, and does not require the source code of the currently running Linux
kernel to be available.
Reference: Oracle VM VirtualBox: Features Overview
정답:
Explanation:
QEMU can provide some network services in a user network, which is a mode of networking that does not require any administrator privilege to run. The user network uses the SLIRP TCP/IP emulator to create a virtual NAT’ted subnet, with a DHCP server started by QEMU that gives out IP addresses to the guest machines and puts the host on 10.0.2.21. QEMU can also provide a TFTP server in the user network, which can be used to boot the guest machines from a network image. The TFTP server can be configured with the -tftp option2. QEMU does not provide BGP, CIFS, or AppleTalk services in the user network. BGP is a routing protocol that is used to exchange routing information between autonomous systems on the Internet3. CIFS is a file-sharing protocol that is used to access files and printers on a network4. AppleTalk is a deprecated network protocol suite that was used by Apple devices5. These services require more advanced networking features than the user network can offer, such as bridging, routing, or tunneling.
Reference: Documentation/Networking - QEMU
QEMU/Networking - Wikibooks, open books for an open world
Border Gateway Protocol - Wikipedia
Common Internet File System - Wikipedia
AppleTalk - Wikipedia
정답:
Explanation:
LXC (Linux Containers) is a lightweight virtualization technology that allows multiple isolated Linux systems (containers) to run on the same host. LXC uses Linux kernel features such as namespaces, cgroups, and AppArmor to create and manage containers. Each container has its own file system, network interfaces, process tree, and resource limits. However, containers share the same kernel and hardware with the host, which makes them more efficient and faster than full virtualization.
By default, an LXC container has a minimal set of devices that are needed for its operation. These devices are created by the LXC library when the container is started, and are removed when the container is stopped.
The default devices are:
/dev/log: This is a Unix domain socket that connects to the syslog daemon on the host. It allows the container to send log messages to the host’s system log1.
/dev/console: This is a character device that provides access to the container’s console. It is usually connected to the host’s terminal or a file. It allows the container to interact with the user or the host’s init system12.
/dev/urandom: This is a character device that provides an unlimited source of pseudo-random numbers. It is used by various applications and libraries that need randomness, such as cryptography, UUID generation, and hashing13.
The other devices listed in the question do not exist by default in an LXC container. They are either
not needed, not allowed, or not supported by the container’s namespace or cgroup configuration.
These devices are:
/dev/kmem: This is a character device that provides access to the kernel’s virtual memory. It is not needed by the container, as it can access its own memory through the /proc filesystem. It is also not allowed by the container, as it would expose the host’s kernel memory and compromise its security4.
/dev/root: This is a symbolic link that points to the root device of the system. It is not supported by the container, as it does not have a separate root device from the host. The container’s root file system is mounted from a directory, an image file, or a loop device on the host5.
Reference: Linux Containers - LXC - Manpages - lxc.container.conf.5
Linux Containers - LXC - Getting started
Random number generation - Wikipedia
/dev/kmem - Wikipedia
Linux Containers - LXC - Manpages - lxc.container.conf.5
정답:
Explanation:
A hypervisor is a software that creates and runs virtual machines (VMs) by separating the operating system and resources from the physical hardware. One of the main tasks of a hypervisor is to map the resources of VMs to the resources of the host system, such as CPU, memory, disk, and network. This allows the hypervisor to allocate and manage the resources among multiple VMs and ensure that they run efficiently and independently123. Another important task of a hypervisor is to isolate the VMs and prevent unauthorized access to resources of other VMs. This ensures the security and privacy of the VMs and their data, as well as the stability and performance of the host system. The hypervisor can use various techniques to isolate the VMs, such as virtual LANs, firewalls, encryption, and access control145.
The other tasks listed are not part of a hypervisor’s responsibility, but rather of the guest operating system or the application running inside the VM. A hypervisor does not create filesystems during the installation of new VMs, as this is done by the installer of the guest operating system6. A hypervisor does not provide host-wide unique PIDs to the processes running inside the VMs, as this is done by the kernel of the guest operating system7. A hypervisor does not manage authentication to network services running inside a VM, as this is done by the network service itself or by a directory service such as LDAP or Active Directory8.
Reference: 1 (search for “What is a hypervisor?”), 2 (search for
“How does a hypervisor work?”), 3 (search for “The hypervisor gives each virtual machine the resources that have been allocated”), 4 (search for “Benefits of hypervisors”), 5 (search for “Isolate the virtual machines and prevent unauthorized access”), 6 (search for “Create filesystems during the installation of new virtual machine quest operating systems”), 7 (search for “Provide host-wide unique PIDs to the processes running inside the virtual machines”), 8 (search for “Manage authentication to network services running inside a virtual machine”).
정답:
Explanation:
The correct command to boot a QEMU virtual machine using hardware virtualization extensions is qemu -accel kvm -drive file-debian.img -cdrom debian.iso -m 1024 -boot d. This command uses the - accel option to specify the hardware accelerator to use, which in this case is kvm. KVM is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V)1. The -drive option specifies the disk image file to use, which in this case is debian.img. The - cdrom option specifies the ISO image file to use as a CD-ROM, which in this case is debian.iso. The -m option specifies the amount of memory to allocate to the virtual machine, which in this case is 1024
MB. The -boot option specifies the boot order, which in this case is d, meaning to boot from the CD-ROM first.
Reference:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-troubleshooting-enabling_intel_vt_x_and_amd_v_virtualization_hardware_extensions_in_bios
https://fedoraproject.org/wiki/Virtualization
정답:
Explanation:
The WORKDIR instruction sets the working directory for any subsequent RUN, CMD, ENTRYPOINT, COPY and ADD instructions that follow it in the Dockerfile1. The RUN instruction executes commands in a new layer on top of the current image and commits the results2. The RUN cd command does not change the working directory for the next RUN instruction, because each RUN command runs in a new shell and a new environment3. Therefore, the file test is created in the root directory (/) of the container image, not in the /tmp directory.
Reference: Dockerfile reference: WORKDIR
Dockerfile reference: RUN
difference between RUN cd and WORKDIR in Dockerfile
정답:
Explanation:
Nested page table extensions, such as Intel Extended Page Table (EPT) or AMD Rapid Virtualization Indexing (RVI), are hardware features that facilitate the virtualization of memory. They allow the CPU to perform the translation of guest virtual addresses to host physical addresses in a single step, without the need for software-managed shadow page tables. This reduces the overhead and complexity of memory management for virtual machines, and improves their performance and isolation. Nested page table extensions do not directly affect the virtualization of other hardware components, such as network interfaces, host bus adapters, hard disks, or IO cache.
Reference: Second Level Address Translation - Wikipedia
c - What is use of extended page table? - Stack Overflow
Hypervisor From Scratch C Part 4: Address Translation Using Extended …
정답:
Explanation:
Libvirt is a toolkit that provides a common API for managing different virtualization technologies, such as KVM, Xen, LXC, and others. Libvirt allows users to configure and control various aspects of a virtual machine (also called a domain), such as its CPU, memory, disk, network, and other resources.
Among the resources that can be limited by libvirt for a KVM domain are:
Amount of CPU time: Libvirt allows users to specify the number of virtual CPUs (vCPUs) that a domain can use, as well as the CPU mode, model, topology, and tuning parameters. Users can also set the CPU shares, quota, and period to control the relative or absolute amount of CPU time that a domain can consume. Additionally, users can pin vCPUs to physical CPUs or NUMA nodes to improve performance and isolation. These settings can be configured in the domain XML file under the <cpu> and <cputune> elements12.
Size of available memory: Libvirt allows users to specify the amount of memory that a domain can use, as well as the memory backing, tuning, and NUMA node parameters. Users can also set the memory hard and soft limits, swap hard limit, and minimum guarantee to control the memory allocation and reclaim policies for a domain. These settings can be configured in the domain XML file under the <memory>, <memoryBacking>, and <memtune> elements13.
The other resources listed in the question are not directly limited by libvirt for a KVM domain. File systems allowed in the domain are determined by the disk and filesystem devices that are attached to the domain, which can be configured in the domain XML file under the <disk> and <filesystem> elements14. Number of running processes and number of available files are determined by the operating system and the file system of the domain, which are not controlled by libvirt.
Reference: libvirt: Domain XML format
CPU Allocation
Memory Allocation
Hard drives, floppy disks, CDROMs
정답:
Explanation:
Containerd is an industry-standard container runtime that uses Runc (a low-level container runtime) by default, but can be configured to use others as well1. Containerd manages the complete container lifecycle of its host system, from image transfer and storage to container execution and supervision1. It supports the standards established by the Open Container Initiative (OCI)1. Containerd does not require the Docker engine and Docker CLI to be installed, as it can be used independently or with other container platforms2. Containerd is not a text file format, nor does it run in each Docker container or provide DHCP client functionality. Containerd is not the initial process run at the start of any Docker container, as that is the role of the container runtime, such as Runc3.
Reference: 1 (search for “containerd”), 2 (search for “Containerd is an open source”), 3 (search for “It uses rune to start containers”).
정답:
Explanation:
The output of xl list shows the state of the domains. The domain with ID 6, Ubuntu, has a state of “b―”. This means that the domain is blocked, which means it is idle or waiting for I/O.
https://xenbits.xen.org/docs/unstable/man/xl.1.html
정답:
Explanation:
Libvirt uses XML files to store configuration data for objects in the libvirt API, such as domains, networks, storage, etc. This allows for ease of extension in future releases and validation of documents prior to usage. Libvirt does not use any of the other file formats listed in the question.
Reference: libvirt: XML Format
LPIC-3 Virtualization and Containerization: Topic 305.1: Virtualization Concepts and Theory
정답:
Explanation:
LXC and Docker are both container technologies that use Linux kernel features to create isolated environments for running applications.
The main mechanisms that they use are:
Linux Capabilities: These are a set of privileges that can be assigned to processes to limit their access to certain system resources or operations. For example, a process with the CAP_NET_ADMIN capability can perform network administration tasks, such as creating or deleting network interfaces. Linux capabilities allow containers to run with reduced privileges, enhancing their security and isolation.
Kernel Namespaces: These are a way of creating separate views of the system resources for different processes. For example, a process in a mount namespace can have a different file system layout than the host or other namespaces. Kernel namespaces allow containers to have their own network interfaces, process IDs, user IDs, and other resources, without interfering with the host or other containers.
Control Groups: These are a way of grouping processes and applying resource limits and accounting to them. For example, a control group can limit the amount of CPU, memory, disk I/O, or network bandwidth that a process or a group of processes can use. Control groups allow containers to have a fair share of the system resources and prevent them from exhausting the host resources.
POSIX ACLs and file system permissions are not mechanisms used by LXC and Docker to create containers. They are methods of controlling the access to files and directories on a file system, which can be applied to any process, not just containers.
Reference: LXC vs Docker: Which Container Platform Is Right for You?
LXC vs Docker: Why Docker is Better in 2023 | UpGuard
What is the Difference Between LXC, LXD and Docker Containers
lxc - Which container implementation docker is using - Unix & Linux Stack Exchange
정답:
Explanation:
The Linux kernel module that must be loaded in order to use QEMU with hardware virtualization extensions is KVM (Kernel-based Virtual Machine). KVM is a full virtualization solution that allows a user space program (such as QEMU) to utilize the hardware virtualization features of various processors (such as Intel VT or AMD-V). KVM consists of a loadable kernel module, kvm.ko, that provides the core virtualization infrastructure and a processor specific module, kvm-intel.ko or kvm-amd.ko. KVM must be loaded into the kernel of the host system in order to use the virtualization extensions of the host system’s CPU. This enables QEMU to run multiple virtual machines with unmodified Linux or Windows images, each with private virtualized hardware. KVM is integrated with QEMU, so there is no need to load it into the kernel of each virtual machine or the first virtual machine. KVM also does not require paravirtualization, which is a technique that modifies the guest operating system to communicate directly with the hypervisor, bypassing the emulation layer.
Reference: Features/KVM - QEMU
Kernel-based Virtual Machine
KVM virtualization on Red Hat Enterprise Linux 8 (2023)
정답:
Explanation:
The firmware attribute of the <os> element in a libvirt domain definition specifies the type of firmware used to boot the virtual machine. The valid values for this attribute are efi and bios, which correspond to the Extensible Firmware Interface (EFI) and the Basic Input/Output System (BIOS) respectively. EFI is a newer standard that supports more features and security than BIOS, such as Secure Boot and faster boot times. BIOS is an older standard that is widely compatible and supported by most hypervisors and operating systems. The other values, scsi, virtio, and pcie, are not related to firmware, but to different types of devices or drivers that can be used in a virtual machine.
Reference: 1 (search for firmware enum)