ExamGecko
Search Search Login
Home Home / CompTIA / N10-008
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The cybersecurity department needs to monitor historical IP network traffic on the WAN interface of the outside router without installing network sensors. Which of the following would be best to allow the department to complete this task?
Staff members notify a network technician that the wireless network is not working as expected and connectivity to wireless devices is intermittent. Some devices connect but then disconnect. The technician reviews the logs on the WAP controller and identifies thousands of connection attempts from unrecognized devices within a short amount of time. Which of the following is the most likely reason for the wireless network connectivity issue?
A firewall administrator observes log entries of traffic being allowed to a web server on port 80 and port 443. The policy for this server is to only allow traffic on port 443. The firewall administrator needs to investigate how this change occurred to prevent a reoccurrence. Which of the following should the firewall administrator do next?
Which of the following is the most accurate NTP time source that is capable of being accessed across a network connection?
Which of the following BEST describes a network appliance that warns of unapproved devices that are accessing the network?
A user is unable to perform a reverse DNS lookup of an IP address to a hostname. Which of the following DNS record types is missing?
A global company has acquired a local company. The companies are geographically separate. The IP address ranges for the two companies are as follows: * Global company: 10.0.0.0/16 * Local company: 10.0.0.0/24 Which of the following can the network engineer do to quickly connect the two companies?
Which of the following records is the main type in a reverse DNS lookup zone?
A network administrator is designing a new datacenter in a different region that will need to communicate to the old datacenter with a secure connection. Which of the following access methods would provide the BEST security for this new datacenter?
A network is experiencing a number of CRC errors during normal network communication. At which of the following layers of the OSI model will the administrator MOST likely start to troubleshoot?

Question 405 - N10-008 discussion

Report
Export

The lack of a formal process to grant network permissions to different profiles of employees and contractors is leading to an increasing number of security incidents Non-uniform and overly permissive network accesses are being granted. Which of the following would be the MOST appropriate method to improve the security of the environment?

A.
Change the default permissions to implicit deny
Answers
A.
Change the default permissions to implicit deny
B.
Configure uniform ACLs to employees and NAC for contractors.
Answers
B.
Configure uniform ACLs to employees and NAC for contractors.
C.
Deploy an RDP server to centralize the access to the network
Answers
C.
Deploy an RDP server to centralize the access to the network
D.
Implement role-based access control
Answers
D.
Implement role-based access control
Suggested answer: D

Explanation:

The most appropriate method to improve the security of the environment would be to implement role-based access control (RBAC). With RBAC, users are granted access to the network based on their role within the organization. This allows for more granular access control, as different roles may require different levels of access. Additionally, this ensures that users only have access to the resources they need and no more. This helps to reduce the risk of unauthorized access or misuse of the network. Reference and further information can be found in the CompTIA Network+ Study Manual, Chapter 8, Access Control.

RBAC is a method of restricting network access based on the roles of individual users within the organization. With RBAC, users are granted access only to the resources they need to perform their specific job functions. This approach reduces the risk of unauthorized access, provides greater visibility into user activity, and simplifies network management. Changing the default permissions to implicit deny may improve security, but it could also cause issues for legitimate users who require access to specific resources. Configuring uniform ACLs and NAC for contractors is a step in the right direction, but it may not be enough to address the overall lack of a formal process for granting network permissions. Deploying an RDP server to centralize access to the network is not a viable solution, as it would not address the root cause of the security incidents.

Therefore, the most appropriate option is to implement role-based access control. Reference:

CompTIA Network+ Study Guide, Fourth Edition, Chapter 7, section 7.4.

Show Answer
asked 02/10/2024
Farshin Golpad
38 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms