ExamGecko
Search Search Login
Home Home / CompTIA / N10-008
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A user is unable to perform a reverse DNS lookup of an IP address to a hostname. Which of the following DNS record types is missing?
The cybersecurity department needs to monitor historical IP network traffic on the WAN interface of the outside router without installing network sensors. Which of the following would be best to allow the department to complete this task?
Staff members notify a network technician that the wireless network is not working as expected and connectivity to wireless devices is intermittent. Some devices connect but then disconnect. The technician reviews the logs on the WAP controller and identifies thousands of connection attempts from unrecognized devices within a short amount of time. Which of the following is the most likely reason for the wireless network connectivity issue?
A firewall administrator observes log entries of traffic being allowed to a web server on port 80 and port 443. The policy for this server is to only allow traffic on port 443. The firewall administrator needs to investigate how this change occurred to prevent a reoccurrence. Which of the following should the firewall administrator do next?
Which of the following BEST describes a network appliance that warns of unapproved devices that are accessing the network?
Which of the following is the most accurate NTP time source that is capable of being accessed across a network connection?
A global company has acquired a local company. The companies are geographically separate. The IP address ranges for the two companies are as follows: * Global company: 10.0.0.0/16 * Local company: 10.0.0.0/24 Which of the following can the network engineer do to quickly connect the two companies?
A network is experiencing a number of CRC errors during normal network communication. At which of the following layers of the OSI model will the administrator MOST likely start to troubleshoot?
A network administrator is designing a new datacenter in a different region that will need to communicate to the old datacenter with a secure connection. Which of the following access methods would provide the BEST security for this new datacenter?
Which of the following records is the main type in a reverse DNS lookup zone?

Question 767 - N10-008 discussion

Report
Export

A network security engineer is investigating a potentially malicious Insider on the network. The network security engineer would like to view all traffic coming from the user's PC to the switch without interrupting any traffic or having any downtime. Which of the following should the network security engineer do?

A.
Turn on port security.
Answers
A.
Turn on port security.
B.
Implement dynamic ARP inspection.
Answers
B.
Implement dynamic ARP inspection.
C.
Configure 802.1Q.
Answers
C.
Configure 802.1Q.
D.
Enable port mirroring.
Answers
D.
Enable port mirroring.
Suggested answer: D

Explanation:

Port mirroring is a feature that allows a network switch to copy the traffic from one or more ports to another port for monitoring purposes. Port mirroring can be used to analyze the network traffic from a specific source, destination, or protocol without affecting the normal operation of the network. Port mirroring can also help to detect and troubleshoot network problems, such as performance issues, security breaches, or policy violations.

The other options are not correct because they do not meet the requirements of the question. They are:

Turn on port security. Port security is a feature that restricts the number and type of devices that can connect to a switch port. Port security can help to prevent unauthorized access, MAC address spoofing, or MAC flooding attacks. However, port security does not allow the network security engineer to view the traffic from the user's PC to the switch.

Implement dynamic ARP inspection. Dynamic ARP inspection (DAI) is a feature that validates the ARP packets on a network and prevents ARP spoofing attacks. DAI can help to protect the network from man-in-the-middle, denial-of-service, or data interception attacks. However, DAI does not allow the network security engineer to view the traffic from the user's PC to the switch.

Configure 802.1Q. 802.1Q is a standard that defines how to create and manage virtual LANs (VLANs) on a network. VLANs can help to segment the network into logical groups based on function, security, or performance. However, 802.1Q does not allow the network security engineer to view the traffic from the user's PC to the switch.

Reference 1:Port Mirroring - an overview | ScienceDirect Topics 2:Network+ (Plus) Certification | CompTIA IT Certifications 3:Port Security - an overview | ScienceDirect Topics 4:Dynamic ARP Inspection - an overview | ScienceDirect Topics 5:802.1Q - an overview | ScienceDirect Topics

Show Answer
asked 02/10/2024
Péter Szittya
43 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms