ExamGecko
Search Search Login
Home Home / CompTIA / N10-008

CompTIA N10-008 Practice Test - Questions Answers, Page 63

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The cybersecurity department needs to monitor historical IP network traffic on the WAN interface of the outside router without installing network sensors. Which of the following would be best to allow the department to complete this task?
Staff members notify a network technician that the wireless network is not working as expected and connectivity to wireless devices is intermittent. Some devices connect but then disconnect. The technician reviews the logs on the WAP controller and identifies thousands of connection attempts from unrecognized devices within a short amount of time. Which of the following is the most likely reason for the wireless network connectivity issue?
A firewall administrator observes log entries of traffic being allowed to a web server on port 80 and port 443. The policy for this server is to only allow traffic on port 443. The firewall administrator needs to investigate how this change occurred to prevent a reoccurrence. Which of the following should the firewall administrator do next?
A user is unable to perform a reverse DNS lookup of an IP address to a hostname. Which of the following DNS record types is missing?
Which of the following is the most accurate NTP time source that is capable of being accessed across a network connection?
Which of the following BEST describes a network appliance that warns of unapproved devices that are accessing the network?
A global company has acquired a local company. The companies are geographically separate. The IP address ranges for the two companies are as follows: * Global company: 10.0.0.0/16 * Local company: 10.0.0.0/24 Which of the following can the network engineer do to quickly connect the two companies?
A network is experiencing a number of CRC errors during normal network communication. At which of the following layers of the OSI model will the administrator MOST likely start to troubleshoot?
A network administrator is designing a new datacenter in a different region that will need to communicate to the old datacenter with a secure connection. Which of the following access methods would provide the BEST security for this new datacenter?
Which of the following records is the main type in a reverse DNS lookup zone?

Question 621

Report
Export
Collapse

Which of the following cloud deployment models involves servers that are hosted at a company's property and are only used by that company?

A.
Public
A.
Public
Answers
B.
Private
B.
Private
Answers
C.
Hybrid
C.
Hybrid
Answers
D.
Community
D.
Community
Answers
Suggested answer: B

Explanation:

A private cloud deployment model involves servers that are hosted at a company's property and are only used by that company. A private cloud provides exclusive access and control over the cloud resources to the company, as well as higher security and privacy.However, a private cloud also requires more investment and maintenance from the company, compared to other cloud deployment models1

Question 622

Report
Export
Collapse

An organization has a security requirement that all network connections can be traced back to a user. A network administrator needs to identify a solution to implement on the wireless network. Which of the following is the best solution?

A.
Implementing enterprise authentication
A.
Implementing enterprise authentication
Answers
B.
Requiring the use of PSKs
B.
Requiring the use of PSKs
Answers
C.
Configuring a captive portal for users
C.
Configuring a captive portal for users
Answers
D.
Enforcing wired equivalent protection
D.
Enforcing wired equivalent protection
Answers
Suggested answer: A

Explanation:

Enterprise authentication is a method of securing wireless networks that uses an external authentication server, such as RADIUS, to verify the identity of users and devices. Enterprise authentication can provide user traceability by logging the network connections and activities of each authenticated user.This can help the organization meet its security requirement and comply with any regulations or policies that mandate user accountability12.

CompTIA Network+ N10-008 Certification Exam Objectives, page 83

CompTIA Network+ Cert Guide: Wireless Networking, page 13

Question 623

Report
Export
Collapse

A network engineer needs to enable device monitoring using authentication and encryption. Which of the following protocols offers this option?

A.
ESP
A.
ESP
Answers
B.
SNMPv3
B.
SNMPv3
Answers
C.
NetFIow
C.
NetFIow
Answers
D.
SSLv3
D.
SSLv3
Answers
Suggested answer: B

Explanation:

SNMPv3 is a protocol that offers device monitoring using authentication and encryption. SNMP stands for Simple Network Management Protocol, and it is a standard way of collecting and organizing information about network devices, such as routers, switches, servers, printers, and so on. SNMPv3 is the latest version of SNMP, and it provides enhanced security features, such as data integrity, data origin authentication, data confidentiality, and access control.SNMPv3 can use different algorithms to encrypt and authenticate the communication between the network management system and the network devices12.

Network Monitoring Tools -- CompTIA Network+ N10-006 -- 2.12

CompTIA Network+ N10-008 Certification Exam Objectives, page 93

Question 624

Report
Export
Collapse

Which of the following describes a network in which users and devices need to mutually authenticate before any network resource can be accessed?

A.
Least privilege
A.
Least privilege
Answers
B.
Local authentication
B.
Local authentication
Answers
C.
Zero trust
C.
Zero trust
Answers
D.
Need to know
D.
Need to know
Answers
Suggested answer: C

Explanation:

A zero trust network is a network in which users and devices need to mutually authenticate before any network resource can be accessed. A zero trust network assumes that no one and nothing can be trusted by default, even if they were previously verified or are within the network perimeter.A zero trust network uses various technologies and practices, such as data and log aggregation, cybersecurity analytics, continuous diagnostics and mitigation, user behavior analytics, microsegmentation, and identity and access management, to enforce granular and dynamic policies based on the context and behavior of the users and devices123.

What is Zero Trust?| Internet of Things | CompTIA3

The Death of the Perimeter: Zero Trust is (Almost) Here to Stay | Cybersecurity | CompTIA2

CompTIA Network+ Certification Exam N10-008 Practice Test 17 - ExamCompass1

Question 625

Report
Export
Collapse

Which of the following architectures would allow the network-forwarding elements to adapt to new business requirements with the least amount of operating effort?

A.
Software-defined network
A.
Software-defined network
Answers
B.
Spine and leaf
B.
Spine and leaf
Answers
C.
Three-tier
C.
Three-tier
Answers
D.
Backbone
D.
Backbone
Answers
Suggested answer: A

Explanation:

Software-defined network (SDN) is a network architecture that allows the network-forwarding elements to be controlled by a centralized software application. This enables the network to adapt to new business requirements with the least amount of operating effort, as the network administrator can configure and manage the network from a single console, without having to manually configure each device individually. SDN also provides more flexibility, agility, and scalability for the network, as it can dynamically adjust the network resources and policies based on the application needs and traffic conditions.

CompTIA Network+ Certification Exam Objectives, page 5, section 1.3: ''Explain the concepts and characteristics of routing and switching.''

Software-Defined Networking -- CompTIA Network+ N10-007 -- 1.3, video lecture by Professor Messer.

Question 626

Report
Export
Collapse

Which of the following best describe the functions of Layer 2 of the OSI model? (Select two).

A.
Local addressing
A.
Local addressing
Answers
B.
Error preventing
B.
Error preventing
Answers
C.
Logical addressing
C.
Logical addressing
Answers
D.
Error detecting
D.
Error detecting
Answers
E.
Port addressing
E.
Port addressing
Answers
F.
Error correcting
F.
Error correcting
Answers
Suggested answer: A, D

Explanation:

Layer 2 of the OSI model, also known as the data link layer, is responsible for physical addressing and error detecting. Physical addressing refers to the use of MAC addresses to identify and locate devices on a network segment. Error detecting refers to the use of techniques such as checksums and CRCs to identify and correct errors in the data frames.

OSI Model | Computer Networking | CompTIA1

Question 627

Report
Export
Collapse

A company is designing a new complex. The primary and alternate data centers will be in separate buildings 6.2mi (10km) apart and will be connected via fiber.

Which of the following types of SFP is the best choice?

A.
10GBASE-SR
A.
10GBASE-SR
Answers
B.
10000BASE-LX
B.
10000BASE-LX
Answers
C.
10GBASE-LR
C.
10GBASE-LR
Answers
D.
1000BASE-SX
D.
1000BASE-SX
Answers
Suggested answer: C

Explanation:

10GBASE-LR is the best choice for connecting two data centers that are 6.2 miles (10 km) apart via fiber, because it supports a maximum distance of 6.2 miles (10 km) over single-mode fiber. 10GBASE-SR and 1000BASE-SX are designed for short-range connections over multi-mode fiber, and they can only reach up to 1,312 feet (400 m) and 1,804 feet (550 m), respectively. 10000BASE-LX is a typo and does not exist as a standard.

Network Transceivers -- CompTIA Network+ N10-007 -- 2.11

CompTIA Network+ Certification Exam Objectives2

Question 628

Report
Export
Collapse

Which of the following fiber connector types is the most likely to be used on a network interface card?

A.
LC
A.
LC
Answers
B.
SC
B.
SC
Answers
C.
ST
C.
ST
Answers
D.
MPO
D.
MPO
Answers
Suggested answer: A

Explanation:

LC (local connector) is the most likely fiber connector type to be used on a network interface card, because it is a small form factor connector that can fit more interfaces on a single card. LC connectors use square connectors that have a locking mechanism on the top, similar to an RJ45 copper connector.LC connectors are also compatible with SFP (small form-factor pluggable) modules that are often used to link a gigabit Ethernet port with a fiber network12.

Optical Fiber Connectors -- CompTIA Network+ N10-007 -- 2.11

CompTIA Network+ Certification Exam Objectives2

Question 629

Report
Export
Collapse

A VOIP phone is plugged in to a port but cannot receive calls. Which Of the following needs to be done on the port to address the issue?

A.
Trunk all VLANs on the port.
A.
Trunk all VLANs on the port.
Answers
B.
Configure the native VLAN.
B.
Configure the native VLAN.
Answers
C.
Tag the traffic to voice VLAN. Disable VLANs.
C.
Tag the traffic to voice VLAN. Disable VLANs.
Answers
Suggested answer: C

Explanation:

To enable a VOIP phone to receive calls on a port, the traffic needs to be tagged to the voice VLAN that is configured on the switch. This allows the phone to communicate with the voice network and the PBX server. Tagging the traffic also separates the voice traffic from the data traffic that may be coming from a computer connected to the phone.The port should be configured to tag the traffic for the voice VLAN and untag the traffic for the data VLAN1. Trunking all VLANs on the port is unnecessary and may cause security issues. Configuring the native VLAN is not relevant for this issue. Disabling VLANs would prevent the phone from working at all.

Optical Fiber Connectors -- CompTIA Network+ N10-007 -- 2.13

VoIP and computer on separate VLANs through one cable1

Question 630

Report
Export
Collapse

A network security technician is designing a solution for a secure remote access scheme with the following requirements:

* The solution must allow for users at multiple locations to access corporate resources.

* The on-premises equipment will not handle non-corporate, resource-bound traffic.

Which of the following should the network security technician consider when designing the solution? (Select two).

A.
Clientless VPN
A.
Clientless VPN
Answers
B.
Personal VPN
B.
Personal VPN
Answers
C.
Full-tunnel VPN
C.
Full-tunnel VPN
Answers
D.
Client-to-site VPN
D.
Client-to-site VPN
Answers
E.
Site-to-site VPN
E.
Site-to-site VPN
Answers
F.
Split-tunnel VPN
F.
Split-tunnel VPN
Answers
Suggested answer: D, F

Explanation:

A client-to-site VPN and a split-tunnel VPN are the best options for designing a secure remote access scheme that meets the given requirements.A client-to-site VPN allows users at multiple locations to access corporate resources over the internet by creating a secure tunnel between their devices and a VPN concentrator on the corporate network1.A split-tunnel VPN allows the on-premises equipment to handle only the traffic that is destined for the corporate resources, while the non-corporate traffic is routed directly to the internet without passing through the VPN tunnel2. This reduces the bandwidth and processing load on the corporate network and improves the performance of the remote access.

Remote Access -- N10-008 CompTIA Network+ : 4.41

comptia Network+ : Remote Access Methods And Network Monitoring2

Total 865 questions
Go to page: of 87
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms