ExamGecko
Search Search Login
Home Home / CompTIA / N10-008

CompTIA N10-008 Practice Test - Questions Answers, Page 13

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A user is unable to perform a reverse DNS lookup of an IP address to a hostname. Which of the following DNS record types is missing?
Staff members notify a network technician that the wireless network is not working as expected and connectivity to wireless devices is intermittent. Some devices connect but then disconnect. The technician reviews the logs on the WAP controller and identifies thousands of connection attempts from unrecognized devices within a short amount of time. Which of the following is the most likely reason for the wireless network connectivity issue?
A firewall administrator observes log entries of traffic being allowed to a web server on port 80 and port 443. The policy for this server is to only allow traffic on port 443. The firewall administrator needs to investigate how this change occurred to prevent a reoccurrence. Which of the following should the firewall administrator do next?
The cybersecurity department needs to monitor historical IP network traffic on the WAN interface of the outside router without installing network sensors. Which of the following would be best to allow the department to complete this task?
Which of the following BEST describes a network appliance that warns of unapproved devices that are accessing the network?
Which of the following is the most accurate NTP time source that is capable of being accessed across a network connection?
A global company has acquired a local company. The companies are geographically separate. The IP address ranges for the two companies are as follows: * Global company: 10.0.0.0/16 * Local company: 10.0.0.0/24 Which of the following can the network engineer do to quickly connect the two companies?
A network is experiencing a number of CRC errors during normal network communication. At which of the following layers of the OSI model will the administrator MOST likely start to troubleshoot?
A network administrator is designing a new datacenter in a different region that will need to communicate to the old datacenter with a secure connection. Which of the following access methods would provide the BEST security for this new datacenter?
Which of the following records is the main type in a reverse DNS lookup zone?

Question 121

Report
Export
Collapse

A network technician was troubleshooting an issue for a user who was being directed to cloned websites that were stealing credentials. The URLs were correct for the websites but an incorrect IP address was revealed when the technician used ping on the user's PC After checking the is setting, the technician found the DNS server address was incorrect Which of the following describes the issue?

A.
Rogue DHCP server
A.
Rogue DHCP server
Answers
B.
Misconfigured HSRP
B.
Misconfigured HSRP
Answers
C.
DNS poisoning
C.
DNS poisoning
Answers
D.
Exhausted IP scope
D.
Exhausted IP scope
Answers
Suggested answer: C

Explanation:

DNS poisoning is a type of attack that modifies the DNS records of a domain name to point to a malicious IP address instead of the legitimate one. This can result in users being directed to cloned websites that are stealing credentials, even if they enter the correct URL for the website. The incorrect DNS server address on the user’s PC could be a sign of DNS poisoning, as the attacker could have compromised the DNS server or spoofed its response to redirect the user’s queries. Reference:

https://www.comptia.org/blog/what-is-dns-poisoning

Question 122

Report
Export
Collapse

A network technician needs to correlate security events to analyze a suspected intrusion. Which of the following should the technician use?

A.
SNMP
A.
SNMP
Answers
B.
Log review
B.
Log review
Answers
C.
Vulnerability scanning
C.
Vulnerability scanning
Answers
D.
SIEM
D.
SIEM
Answers
Suggested answer: D

Explanation:

SIEM stands for Security Information and Event Management, which is a tool that collects, analyzes, and correlates data from various network devices and sources to provide alerts and reports on security incidents and events. A network technician can use SIEM to correlate security events to analyze a suspected intrusion, as SIEM can help identify the source, target, method, and impact of an attack, as well as provide recommendations for remediation. Reference:

https://www.comptia.org/blog/what-is-siem

Question 123

Report
Export
Collapse

A network administrator is setting up several loT devices on a new VLAN and wants to accomplish the following

A.
Reduce manual configuration on each system
A.
Reduce manual configuration on each system
Answers
B.
Assign a specific IP address to each system
B.
Assign a specific IP address to each system
Answers
C.
Allow devices to move to different switchports on the same VLANWhich of the following should the network administrator do to accomplish these requirements?
C.
Allow devices to move to different switchports on the same VLANWhich of the following should the network administrator do to accomplish these requirements?
Answers
D.
Set up a reservation for each device
D.
Set up a reservation for each device
Answers
E.
Configure a static IP on each device
E.
Configure a static IP on each device
Answers
F.
Implement private VLANs for each device
F.
Implement private VLANs for each device
Answers
G.
Use DHCP exclusions to address each device
G.
Use DHCP exclusions to address each device
Answers
Suggested answer: A

Explanation:

A reservation is a feature of DHCP that assigns a specific IP address to a device based on its MAC address. This way, the device will always receive the same IP address from the DHCP server, regardless of its location or connection time. A network administrator can set up a reservation for each loT device to accomplish the requirements of reducing manual configuration, assigning a specific IP address, and allowing devices to move to different switchports on the same VLAN.

Reference: https://www.comptia.org/blog/what-is-dhcp

Question 124

Report
Export
Collapse

During the security audit of a financial firm the Chief Executive Officer (CEO) questions why there are three employees who perform very distinct functions on the server. There is an administrator for creating users another for assigning the users lo groups and a third who is the only administrator to perform file rights assignment Which of the following mitigation techniques is being applied'

A.
Privileged user accounts
A.
Privileged user accounts
Answers
B.
Role separation
B.
Role separation
Answers
C.
Container administration
C.
Container administration
Answers
D.
Job rotation
D.
Job rotation
Answers
Suggested answer: B

Explanation:

Role separation is a security principle that involves dividing the tasks and privileges for a specific business process among multiple users. This reduces the risk of fraud and errors, as no one user has complete control over the process. In the scenario, there are three employees who perform very distinct functions on the server, which is an example of role separation. Reference:

https://hyperproof.io/resource/segregation-of-duties/

Question 125

Report
Export
Collapse

A technician is troubleshooting a previously encountered issue. Which of the following should the technician reference to find what solution was implemented to resolve the issue?

A.
Standard operating procedures
A.
Standard operating procedures
Answers
B.
Configuration baseline documents
B.
Configuration baseline documents
Answers
C.
Work instructions
C.
Work instructions
Answers
D.
Change management documentation
D.
Change management documentation
Answers
Suggested answer: D

Explanation:

Change management documentation is a record of the changes that have been made to a system or process, including the reason, date, time, and impact of each change. A technician can reference this documentation to find what solution was implemented to resolve a previously encountered issue, as well as any potential side effects or dependencies of the change. Reference:

https://www.comptia.org/blog/what-is-change-management

Question 126

Report
Export
Collapse

A SaaS provider has decided to leave an unpatched VM available via a public DMZ port. With which of the following concepts is this technique MOST closely associated?

A.
Insider threat
A.
Insider threat
Answers
B.
War driving
B.
War driving
Answers
C.
Evil twin
C.
Evil twin
Answers
D.
Honeypot
D.
Honeypot
Answers
Suggested answer: D

Explanation:

A honeypot is a decoy system that is intentionally left vulnerable or exposed to attract attackers and divert them from the real targets. A honeypot can also be used to collect information about the attackers’ techniques and motives. In the scenario, the SaaS provider has left an unpatched VM available via a public DMZ port, which could be a honeypot technique to lure attackers and monitor their activities. Reference: https://www.comptia.org/blog/what-is-a-honeypot

Question 127

Report
Export
Collapse

An IDS was installed behind the edge firewall after a network was breached. The network was then breached again even though the IDS logged the attack. Which of the following should be used in place of these devices to prevent future attacks?

A.
A network tap
A.
A network tap
Answers
B.
A proxy server
B.
A proxy server
Answers
C.
A UTM appliance
C.
A UTM appliance
Answers
D.
A content filter
D.
A content filter
Answers
Suggested answer: C

Explanation:

A UTM appliance stands for Unified Threat Management appliance, which is a device that combines multiple security functions into one solution. A UTM appliance can provide firewall, IDS/IPS, antivirus, VPN, web filtering, and other security features. A network technician can use a UTM appliance in place of an edge firewall and an IDS to prevent future attacks, as a UTM appliance can block malicious traffic and detect and respond to intrusions more effectively. Reference:

https://www.comptia.org/blog/what-is-utm

Question 128

Report
Export
Collapse

A customer wants to segregate the traffic between guests on a hypervisor. Which of the following does a technician need to configure to meet the requirement?

A.
Virtual switches
A.
Virtual switches
Answers
B.
OSPF routing
B.
OSPF routing
Answers
C.
Load balancers
C.
Load balancers
Answers
D.
NIC teaming
D.
NIC teaming
Answers
E.
Fibre Channel
E.
Fibre Channel
Answers
Suggested answer: A

Explanation:

A virtual switch is a software-based switch that connects virtual machines on a hypervisor. A virtual switch can create and manage VLANs, which are logical segments of a network that isolate traffic between different groups of devices. A customer can use virtual switches to segregate the traffic between guests on a hypervisor by creating a separate VLAN for each guest and assigning it to a virtual switch port. Reference: https://www.comptia.org/blog/what-is-a-virtual-switch

Question 129

Report
Export
Collapse

A Chief Information Officer (CIO) wants to improve the availability of a company's SQL database

Which of the following technologies should be utilized to achieve maximum availability?

A.
Clustering
A.
Clustering
Answers
B.
Port aggregation
B.
Port aggregation
Answers
C.
NIC teaming
C.
NIC teaming
Answers
D.
Snapshots
D.
Snapshots
Answers
Suggested answer: A

Explanation:

Clustering is a technique that involves grouping multiple servers or instances together to provide high availability and fault tolerance for a database. Clustering can help improve the availability of a SQL database by allowing automatic failover and load balancing between the cluster nodes. If one node fails or becomes overloaded, another node can take over the database operations without disrupting the service. Reference: https://www.educba.com/sql-cluster/

Question 130

Report
Export
Collapse

A network administrator wants to improve the security of the management console on the company's switches and ensure configuration changes made can be correlated to the administrator who conformed them Which of the following should the network administrator implement?

A.
Port security
A.
Port security
Answers
B.
Local authentication
B.
Local authentication
Answers
C.
TACACS+
C.
TACACS+
Answers
D.
Access control list
D.
Access control list
Answers
Suggested answer: C

Explanation:

TACACS+ is a protocol that provides centralized authentication, authorization, and accounting (AAA) for network devices and users. TACACS+ can help improve the security of the management console on the company’s switches by verifying the identity and credentials of the administrators, enforcing granular access policies and permissions, and logging the configuration changes made by each administrator. This way, the network administrator can ensure only authorized and authenticated users can access and modify the switch settings, and also track and correlate the changes made by each user. Reference: https://www.comptia.org/blog/what-is-tacacs

Total 865 questions
Go to page: of 87
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms