ExamGecko
Search Search Login
Home Home / CompTIA / N10-008

CompTIA N10-008 Practice Test - Questions Answers, Page 68

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The cybersecurity department needs to monitor historical IP network traffic on the WAN interface of the outside router without installing network sensors. Which of the following would be best to allow the department to complete this task?
Staff members notify a network technician that the wireless network is not working as expected and connectivity to wireless devices is intermittent. Some devices connect but then disconnect. The technician reviews the logs on the WAP controller and identifies thousands of connection attempts from unrecognized devices within a short amount of time. Which of the following is the most likely reason for the wireless network connectivity issue?
A firewall administrator observes log entries of traffic being allowed to a web server on port 80 and port 443. The policy for this server is to only allow traffic on port 443. The firewall administrator needs to investigate how this change occurred to prevent a reoccurrence. Which of the following should the firewall administrator do next?
A user is unable to perform a reverse DNS lookup of an IP address to a hostname. Which of the following DNS record types is missing?
Which of the following is the most accurate NTP time source that is capable of being accessed across a network connection?
Which of the following BEST describes a network appliance that warns of unapproved devices that are accessing the network?
A global company has acquired a local company. The companies are geographically separate. The IP address ranges for the two companies are as follows: * Global company: 10.0.0.0/16 * Local company: 10.0.0.0/24 Which of the following can the network engineer do to quickly connect the two companies?
A network is experiencing a number of CRC errors during normal network communication. At which of the following layers of the OSI model will the administrator MOST likely start to troubleshoot?
A network administrator is designing a new datacenter in a different region that will need to communicate to the old datacenter with a secure connection. Which of the following access methods would provide the BEST security for this new datacenter?
Which of the following records is the main type in a reverse DNS lookup zone?

Question 671

Report
Export
Collapse

A network administrator replaced a faulty NIC in a printer, but the printer is still not reachable. The printer is configured with the correct IP address, mask, and gateway, and a link light is lit on the switch port that the printer is attached to. Which of the following is the best command for the administrator to run first on the switch?

A.
show vlan
A.
show vlan
Answers
B.
show route
B.
show route
Answers
C.
show arp
C.
show arp
Answers
D.
show config
D.
show config
Answers
Suggested answer: A

Explanation:

The best command for the administrator to run first on the switch is show vlan, which displays the VLAN configuration information on the switch, such as the VLAN IDs, names, and ports. The show vlan command can help the administrator to verify if the printer is assigned to the correct VLAN, and if there is any mismatch or misconfiguration that prevents the printer from being reachable. The show route command displays the routing table on the switch, which is not relevant for the printer connectivity, as the printer is configured with the correct gateway. The show arp command displays the ARP cache on the switch, which maps the IP addresses to the MAC addresses of the devices. The show arp command can help the administrator to check if the switch has learned the MAC address of the printer, but it is not the best command to run first, as the ARP cache can be cleared or updated frequently. The show config command displays the running configuration on the switch, which includes the VLAN configuration, but it also includes other information that is not related to the printer issue, such as the hostname, the interface settings, the security settings, and so on. The show config command can be overwhelming and time-consuming to analyze, so it is not the best command to run first.

Reference

1: VLANs and Trunking -- N10-008 CompTIA Network+ : 2.3

2: N10-008 CompTIA Network+ : 5.5

3: Interface Configurations -- N10-008 CompTIA Network+ : 2.3

4: Configuring VLANs -- CompTIA Network+ N10-006 -- 2.6

Question 672

Report
Export
Collapse

A customer connects a firewall to an ISP router that translates traffic destined for the internet. The customer can connect to the internet but not to the remote site. Which of the following will verify the status of NAT?

A.
tcpdump
A.
tcpdump
Answers
B.
nmap
B.
nmap
Answers
C.
ipconfig
C.
ipconfig
Answers
D.
tracert
D.
tracert
Answers
Suggested answer: A

Explanation:

tcpdump is a command-line tool that can capture and analyze network traffic on a given interface. tcpdump can verify the status of NAT by showing the source and destination IP addresses of the packets before and after they pass through the ISP router that translates traffic destined for the internet. tcpdump can also show the NAT protocol and port numbers used by the router. nmap, ipconfig, and tracert are not suitable tools for verifying the status of NAT, as they do not show the IP address translation process.

Reference

1: Network Address Translation -- N10-008 CompTIA Network+ : 1.4

2: CompTIA Network+ N10-008 Certification Study Guide, page 95-96

3: CompTIA Network+ N10-008 Exam Subnetting Quiz, question 16

4: CompTIA Network+ N10-008 Certification Practice Test, question 7

Question 673

Report
Export
Collapse

Which of the following routing technologies uses a successor and a feasible successor?

A.
IS-IS
A.
IS-IS
Answers
B.
OSPF
B.
OSPF
Answers
C.
BGP
C.
BGP
Answers
D.
EIGRP
D.
EIGRP
Answers
Suggested answer: D

Explanation:

EIGRP stands for Enhanced Interior Gateway Routing Protocol, which is a hybrid routing protocol that uses a successor and a feasible successor to determine the best route to a destination. A successor is the next-hop router that has the lowest cost (or metric) to reach the destination, and a feasible successor is a backup router that has a cost that is less than the cost of the successor. EIGRP uses the successor and the feasible successor to achieve fast convergence and load balancing. EIGRP also uses a Diffusing Update Algorithm (DUAL) to maintain the routing table and avoid routing loops. IS-IS, OSPF, and BGP are other routing protocols that do not use a successor and a feasible successor, but rather use different algorithms and criteria to select the best route.

Reference

1: EIGRP -- N10-008 CompTIA Network+ : 2.1

2: CompTIA Network+ N10-008 Certification Study Guide, page 150-151

3: CompTIA Network+ N10-008 Exam Subnetting Quiz, question 20

4: CompTIA Network+ N10-008 Certification Practice Test, question 9

Question 674

Report
Export
Collapse

A security analyst found the following vulnerability on the company's website:

<INPUT TYPE='IMAGE' SRC='javascript : alert ('test') ; '>

Which of the following should be implemented to prevent this type of attack in the future?

A.
Input sanitization
A.
Input sanitization
Answers
B.
Output encoding
B.
Output encoding
Answers
C.
Code obfuscation
C.
Code obfuscation
Answers
D.
Prepared statements
D.
Prepared statements
Answers
Suggested answer: A

Explanation:

Input sanitization is the process of validating and filtering the user input to prevent malicious code or commands from being executed on the web server or the web browser. Input sanitization can prevent this type of attack, which is called cross-site scripting (XSS), by removing or escaping any special characters or scripts that are not expected or allowed in the input field. Input sanitization can be implemented on the server-side or the client-side, or both, to enhance the security of the web application.

Reference

1: Web Application Attacks -- N10-008 CompTIA Network+ : 3.2

2: CompTIA Network+ N10-008 Certification Study Guide, page 317

3: CompTIA Network+ N10-008 Exam Subnetting Quiz, question 15

4: CompTIA Network+ N10-008 Certification Practice Test, question 6

Question 675

Report
Export
Collapse

During an incident, an analyst sends reports regularly to the investigation and leadership teams. Which of the following best describes how Pll should be safeguarded during an incident?

A.
Implement data encryption and store the data so only the company has access.
A.
Implement data encryption and store the data so only the company has access.
Answers
B.
Ensure permissions are limited to the investigation team and encrypt the data.
B.
Ensure permissions are limited to the investigation team and encrypt the data.
Answers
C.
Implement data encryption and create a standardized procedure for deleting data that is no longer needed.
C.
Implement data encryption and create a standardized procedure for deleting data that is no longer needed.
Answers
D.
Ensure the permissions are open only to the company.
D.
Ensure the permissions are open only to the company.
Answers
Suggested answer: C

Explanation:

PII stands for Personally Identifiable Information, which is any data that can be used to identify, contact, or locate a specific individual, such as name, address, phone number, email, social security number, and so on. PII should be safeguarded during an incident to protect the privacy and security of the individuals involved, and to comply with the legal and ethical obligations of the organization. One way to safeguard PII during an incident is to implement data encryption, which is a process of transforming data into an unreadable format that can only be accessed by authorized parties who have the decryption key. Data encryption can prevent unauthorized access, modification, or disclosure of PII by malicious actors or third parties. Another way to safeguard PII during an incident is to create a standardized procedure for deleting data that is no longer needed, such as after the incident is resolved or the investigation is completed. Deleting data that is no longer needed can reduce the risk of data breaches, data leaks, or data theft, and can also save storage space and resources. A standardized procedure for deleting data can ensure that the data is erased securely and completely, and that the deletion process is documented and audited.

Reference

1: CompTIA Network+ N10-008 Certification Study Guide, page 304-305

2: CompTIA Network+ N10-008 Exam Subnetting Quiz, question 13

3: CompTIA Network+ N10-008 Certification Practice Test, question 5

4: Data Encryption -- N10-008 CompTIA Network+ : 3.1

Question 676

Report
Export
Collapse

A software developer changed positions within a company and is now a sales engineer. The security team discovered that the former software developer had been modifying code to implement small features requested by customers. Which of the following would be the best thing for the security administrator to implement to prevent this from happening?

A.
A software patching policy
A.
A software patching policy
Answers
B.
A role-based access control policy
B.
A role-based access control policy
Answers
C.
Firewalls on the software development servers
C.
Firewalls on the software development servers
Answers
D.
Longer and more complex password requirements
D.
Longer and more complex password requirements
Answers
Suggested answer: B

Explanation:

A role-based access control (RBAC) policy is a security measure that assigns permissions and privileges to users based on their roles and responsibilities within an organization. RBAC helps to enforce the principle of least privilege, which states that users should only have the minimum level of access required to perform their tasks. RBAC also helps to prevent unauthorized access, modification, or misuse of sensitive data or resources by limiting the scope and impact of user actions.

A software patching policy, firewalls on the software development servers, and longer and more complex password requirements are all good security practices, but they do not directly address the issue of preventing the former software developer from modifying code. A software patching policy ensures that software is updated regularly to fix bugs and vulnerabilities, but it does not prevent a user from introducing new code changes. Firewalls on the software development servers protect the servers from external attacks, but they do not prevent a user from accessing the servers internally. Longer and more complex password requirements make it harder for attackers to guess or crack passwords, but they do not prevent a user from using their own valid credentials.

Reference

1: Role-Based Access Control (RBAC) - Definition and Examples

2: Network+ (Plus) Certification | CompTIA IT Certifications

3: [What is the Principle of Least Privilege? - Definition from Techopedia]

Question 677

Report
Export
Collapse

A network technician is configuring a wireless network that consists of multiple APS for better coverage and allows roaming between the APS. Which of the following types of SSIDs should the technician configure?

A.
Basic Service Set
A.
Basic Service Set
Answers
B.
Independent Basic Service Set
B.
Independent Basic Service Set
Answers
C.
Extended Service Set
C.
Extended Service Set
Answers
D.
Distribution System Service
D.
Distribution System Service
Answers
Suggested answer: C

Explanation:

An extended service set (ESS) is a type of SSID that allows multiple access points (APs) to share the same SSID and provide seamless roaming for wireless clients. An ESS consists of two or more basic service sets (BSSs), which are individual APs with their own SSIDs. A distribution system (DS), such as a wired Ethernet LAN, connects the BSSs and enables data transfer between them. A wireless client can associate with any AP in the ESS and move from one BSS to another without losing connectivity or reauthenticating.

CompTIA Network+ N10-008 Certification Exam Objectives, page 51

CompTIA Network+ Cert Guide: Wireless Networking, page 12

Question 678

Report
Export
Collapse

Which of the following cables is the most appropriate to use when running bulk cables in ceilings?

A.
Plenum
A.
Plenum
Answers
B.
Coaxial
B.
Coaxial
Answers
C.
Ethernet
C.
Ethernet
Answers
D.
DAC
D.
DAC
Answers
Suggested answer: A

Explanation:

Plenum cable is the most appropriate to use when running bulk cables in ceilings because it is designed to meet fire safety standards and reduce the risk of toxic smoke in plenum spaces, which are areas with air flow above or below floors.

Question 679

Report
Export
Collapse

The network engineer receives a new router to use for WAN connectivity. Which of the following best describes the layer the network engineer should connect the new router to?

A.
Core
A.
Core
Answers
B.
Leaf
B.
Leaf
Answers
C.
Distribution
C.
Distribution
Answers
D.
Access
D.
Access
Answers
Suggested answer: C

Explanation:

The distribution layer is the layer that connects the access layer to the core layer in a hierarchical network design. The distribution layer is responsible for routing, filtering, and policy enforcement between the LAN and the WAN. A router is a layer 3 device that can perform these functions and connect to different WAN technologies.

CompTIA Network+ N10-008 Certification Study Guide, page 151

CompTIA Network+ N10-008 Cert Guide, Deluxe Edition, page 322

CompTIA Network+ N10-008 Exam Cram, page 233

Question 680

Report
Export
Collapse

A security engineer is trying to connect cameras to a 12-port PoE switch, but only eight cameras turn on. Which of the following should the engineer check first?

A.
Ethernet cable type
A.
Ethernet cable type
Answers
B.
Voltage
B.
Voltage
Answers
C.
Transceiver compatibility
C.
Transceiver compatibility
Answers
D.
DHCP addressing
D.
DHCP addressing
Answers
Suggested answer: B

Explanation:

The most likely reason why only eight cameras turn on is that the PoE switch does not have enough power budget to supply all 12 cameras. The engineer should check the voltage and wattage ratings of the PoE switch and the cameras, and make sure they are compatible and sufficient. The Ethernet cable type, transceiver compatibility, and DHCP addressing are less likely to cause this problem, as they would affect the data transmission rather than the power delivery.

CompTIA Network+ N10-008 Certification Study Guide, page 181

CompTIA Network+ N10-008 Cert Guide, Deluxe Edition, page 352

PoE Troubleshooting: The Common PoE Errors and Solutions3

Total 865 questions
Go to page: of 87
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms