Home / CompTIA / N10-009

Question list

List of questions

Question 1

(0)

A network administrator wants to configure a backup route in case the primary route fails. A dynamic routing protocol is not installed on the router. Which of the following routing features should t

Question 2

(0)

Which of the following is a characteristic of the application layer?

Question 3

(0)

Which of the following most likely requires the use of subinterfaces?

Question 4

(0)

Which of the following attacks utilizes a network packet that contains multiple network tags?

Question 5

(0)

Which of the following describes the best reason for using BGP?

Question 6

(0)

A company's marketing team created a new application and would like to create a DNS record for newapplication.comptia.org that always resolves to the same address as www.comptia.org . Which of the

Question 7

(0)

Which of the following is the most closely associated with segmenting compute resources within a single cloud account?

Question 8

(0)

A user connects to a corporate VPN via a web browser and is able to use TLS to access the internal financial system to input a time card. Which of the following best describes how the VPN is being u

Question 9

(0)

A network engineer wants to implement a new IDS between the switch and a router connected to the LAN. The engineer does not want to introduce any latency by placing the IDS in line with the gateway.

Question 10

(0)

Which of the following panels would be best to facilitate a central termination point for all network cables on the floor of a company building?

Related questions

A network administrator is notified that a user cannot access resources on the network. The network administrator checks the physical connections to the workstation labeled User 3 and sees the Ethernet is properly connected. However, the network interface's indicator lights are not blinking on either the computer or the switch. Which of the following Is the most likely cause?

Which of the following best explains the role of confidentiality with regard to data at rest?

A network administrator suspects users are being sent to malware sites that are posing as legitimate sites. The network administrator investigates and discovers that user workstations are configured with incorrect DNS IP addresses. Which of the following should the network administrator implement to prevent this from happening again?

A network manager wants to implement a SIEM system to correlate system events. Which of the following protocols should the network manager verify?

A network administrator needs to add 255 useable IP addresses to the network. A /24 is currently in use. Which of the following prefixes would fulfill this need?

A technician is troubleshooting a computer issue for a user who works in a new annex of an office building. The user is reporting slow speeds and intermittent connectivity. The computer is connected via a Cat 6 cable to a distribution switch that is 492ft (150m) away. Which of the following should the technician implement to correct the issue?

Due to concerns around single points of failure, a company decided to add an additional WAN to the network. The company added a second MPLS vendor to the current MPLS WAN and deployed an additional WAN router at each site. Both MPLS providers use OSPF on the WAN network, and EIGRP is run internally. The first site to go live with the new WAN is successful, but when the second site is activated, significant network issues occur. Which of the following is the most likely cause for the WAN instability?

A technician needs to set up a wireless connection that utilizes MIMO on non-overlapping channels. Which of the following would be the best choice?

Newly crimped 26ft (8m) STP Cat 6 patch cables were recently installed in one room to replace cables that were damaged by a vacuum cleaner. Now, users in that room are unable to connect to the network. A network technician tests the existing cables first. The 177ft (54m) cable that runs from the core switch to the access switch on the floor is working, as is the 115ft (35m) cable run from the access switch to the wall jack in the office. Which of the following is the most likely reason the users cannot connect to the network?

Which of the following cloud service models most likely requires the greatest up-front expense by the customer when migrating a data center to the cloud?

Question 22 - N10-009 discussion

A network administrator wants to implement security zones in the corporate network to control access to only individuals inside of the corporation. Which of the following security zones is the best solution?

Extranet

Trusted

VPN

Public

Suggested answer: B

Explanation:

Introduction to Security Zones:

Security zones are logical segments within a network designed to enforce security policies and control access. They help in segregating and securing different parts of the network.

Types of Security Zones:

Trusted Zone: This is the most secure zone, typically used for internal corporate networks where only trusted users have access.

Extranet: This zone allows controlled access to external partners, vendors, or customers.

VPN (Virtual Private Network): While VPNs are used to create secure connections over the internet, they are not a security zone themselves.

Public Zone: This zone is the least secure and is typically used for public-facing services accessible by anyone.

Trusted Zone Implementation:

The trusted zone is configured to include internal corporate users and resources. Access controls, firewalls, and other security measures ensure that only authorized personnel can access this zone.

Internal network segments, such as the finance department, HR, and other critical functions, are usually placed in the trusted zone.

Example Configuration:

Firewall Rules: Set up rules to allow traffic only from internal IP addresses.

Access Control Lists (ACLs): Implement ACLs on routers and switches to restrict access based on IP addresses and other criteria.

Segmentation: Use VLANs and subnetting to segment and isolate the trusted zone from other zones.

Explanation of the Options:

A . Extranet: Suitable for external partners, not for internal-only access.

B . Trusted: The correct answer, as it provides controlled access to internal corporate users.

C . VPN: A method for secure remote access, not a security zone itself.

D . Public: Suitable for public access, not for internal corporate users.

Conclusion:

Implementing a trusted zone is the best solution for controlling access within a corporate network. It ensures that only trusted internal users can access sensitive resources, enhancing network security.

CompTIA Network+ guide detailing security zones and their implementation in a corporate network (see page Ref 9Basic Configuration Commands).

Show Answer

asked 02/10/2024

ALLIE SEBRONE MUHAMUBI

42 questions

Your answer: A B C D

0 comments

Sorted by