ExamGecko
Search Search Login
Home Home / CompTIA / N10-008
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The cybersecurity department needs to monitor historical IP network traffic on the WAN interface of the outside router without installing network sensors. Which of the following would be best to allow the department to complete this task?
Staff members notify a network technician that the wireless network is not working as expected and connectivity to wireless devices is intermittent. Some devices connect but then disconnect. The technician reviews the logs on the WAP controller and identifies thousands of connection attempts from unrecognized devices within a short amount of time. Which of the following is the most likely reason for the wireless network connectivity issue?
A firewall administrator observes log entries of traffic being allowed to a web server on port 80 and port 443. The policy for this server is to only allow traffic on port 443. The firewall administrator needs to investigate how this change occurred to prevent a reoccurrence. Which of the following should the firewall administrator do next?
Which of the following BEST describes a network appliance that warns of unapproved devices that are accessing the network?
A user is unable to perform a reverse DNS lookup of an IP address to a hostname. Which of the following DNS record types is missing?
Which of the following is the most accurate NTP time source that is capable of being accessed across a network connection?
A global company has acquired a local company. The companies are geographically separate. The IP address ranges for the two companies are as follows: * Global company: 10.0.0.0/16 * Local company: 10.0.0.0/24 Which of the following can the network engineer do to quickly connect the two companies?
A network administrator is designing a new datacenter in a different region that will need to communicate to the old datacenter with a secure connection. Which of the following access methods would provide the BEST security for this new datacenter?
A network is experiencing a number of CRC errors during normal network communication. At which of the following layers of the OSI model will the administrator MOST likely start to troubleshoot?
Which of the following records is the main type in a reverse DNS lookup zone?

Question 584 - N10-008 discussion

Report
Export

A company has been added to an unapproved list because of spam. The network administrator confirmed that a workstation was infected by malware. Which of the following processes did the administrator use to identify the root cause?

A.
Traffic analysis
Answers
A.
Traffic analysis
B.
Availability monitoring
Answers
B.
Availability monitoring
C.
Baseline metrics
Answers
C.
Baseline metrics
D.
Network discovery
Answers
D.
Network discovery
Suggested answer: A

Explanation:

One possible process that the administrator used to identify the root cause of the spam issue is traffic analysis. Traffic analysis is a technique that monitors and analyzes the network traffic that flows between devices or applications. Traffic analysis can help troubleshoot network problems by identifying the source, destination, volume, frequency, and content of the network packets12.

To use traffic analysis to identify the root cause of the spam issue, the administrator could follow these steps:

Install a traffic analysis tool on the server or a device that is connected to the same network as the server, such as Wireshark3, tcpdump4, or Microsoft Network Monitor5.

Start capturing the network traffic and filter it by using the IP address or hostname of the server, or by using a specific port or protocol that is used by the email service, such as SMTP (port 25), POP3 (port 110), or IMAP (port 143).

Analyze the filtered traffic and look for any signs of abnormal or malicious activity, such as high volume of outgoing emails, unknown recipients, suspicious attachments, or spam keywords.

Trace back the source of the spam emails to the infected workstation by using its IP address or MAC address.

Isolate and clean up the infected workstation by using an antivirus or malware removal tool.

The other options are not processes that the administrator used to identify the root cause of the spam issue. Availability monitoring is a technique that measures and reports the uptime and downtime of a network device or service. Availability monitoring can help troubleshoot network problems by detecting any failures or outages that affect the network performance. Baseline metrics are a set of standard measurements that establish the normal behavior or performance of a network device or service. Baseline metrics can help troubleshoot network problems by comparing the current state of the network with the expected state and identifying any deviations or anomalies.

Network discovery is a technique that scans and maps the network devices and services that are connected to a network. Network discovery can help troubleshoot network problems by providing a comprehensive and updated view of the network topology and configuration.

Show Answer
asked 02/10/2024
Sandor Alayon
27 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms