CompTIA N10-008 Online Practice Questions and Exam Preparation

CompTIA N10-008 Online Questions & Answers

• Question 991:

  To access production applications and data, developers must first connect remotely to a different server From there, the developers are able to access production data. Which of the following does this BEST represent?

  A. A management plane
  B. A proxy server
  C. An out-of-band management device
  D. A site-to-site VPN
  E. A jump box
  E. A jump box

  ---

  Explanation/Reference:

  A jump box (also known as a jump server or a bastion host) is a dedicated server or virtual machine that provides secure access to other systems on a network. In the scenario described in the question, the jump box is the server that the developers connect to remotely in order to access production applications and data.

  The purpose of the jump box is to provide an additional layer of security by restricting direct access to the production servers. This helps to protect the production servers from potential security threats that could be introduced through the developers' remote connections.

• Question 992:

  In which of the following components do routing protocols belong in a software-defined network?

  A. Infrastructure layer
  B. Control layer
  C. Application layer
  D. Management plane
  B. Control layer

  ---

  Explanation/Reference:

  A software-defined network (SDN) is a network architecture that decouples the control plane from the data plane and centralizes the network intelligence in a software controller. The control plane is the part of the network that makes decisions about how to route traffic, while the data plane is the part of the network that forwards traffic based on the control plane's instructions. The control layer is the layer in an SDN that contains the controller and the routing protocols that communicate with the network devices. The control layer is responsible for managing and configuring the network devices and providing them with the necessary information to forward traffic.

  References: https://www.comptia.org/training/books/network-n10-008-study-guide (page 378)

• Question 993:

  Which of the following is an advantage of using the cloud as a redundant data center?

  A. The process of changing cloud providers is easy.
  B. Better security for company data is provided.
  C. The initial capital expenses are lower.
  D. The need for backups is eliminated.
  C. The initial capital expenses are lower.

  ---

  Explanation/Reference:

  Using the cloud as a redundant data center means that the company does not need to invest in building and maintaining a physical backup site, which can be costly and time- consuming. Instead, the company can pay for the cloud services as needed, which can reduce the initial capital expenses and operational costs. However, this does not mean that the other options are true. Changing cloud providers may not be easy due to compatibility, contractual, or regulatory issues. Security for company data may not be better in the cloud, depending on the cloud provider's policies and practices. The need for backups is not eliminated, as the cloud data still needs to be protected from loss, corruption, or unauthorized access.

• Question 994:

  A network engineer wants to establish a site-o-site VPN tunnel using a protocol that allows for both data confidentially and authentication. Which of the following is the best choice?

  A. IKE
  B. AH
  C. ESP
  D. IPSec
  C. ESP

• Question 995:

  An organization set up its offices so that a desktop is connected to the network through a VoIP phone. The VoIP vendor requested that voice traffic be segmented separately from non-voice traffic. Which of the following would allow the organization to configure multiple devices with network isolation on a single switch port?

  A. Subinterfaces
  B. Link aggregation
  C. Load balancing
  D. Tunneling
  A. Subinterfaces

  ---

  Explanation/Reference:

  To configure multiple devices with network isolation on a single switch port, the organization can use subinterfaces.

  subinterfaces can be used to divide a single physical interface into multiple logical interfaces. The switch port connected to the VoIP phone can be configured with multiple subinterfaces, with each subinterface carrying traffic for a specific

  VLAN. The desktop and VoIP phone can then be configured to use the appropriate subinterface for their traffic.

• Question 996:

  A city has hired a new employee who needs to be able to work when traveling at home and at the municipal sourcing of a neighboring city that snares services. The employee is issued a laptop, and a technician needs to train the employee on

  the appropriate solutions for secure access to the network from all the possible locations.

  On which of the following solutions would the technician MOST likely train the employee?

  A. Site-to-site VPNs between the two city locations and client-to-site software on the employee's laptop tor all other remote access
  B. Client-to-site VPNs between the travel locations and site-to-site software on the employee's laptop for all other remote access
  C. Client-to-site VPNs between the two city locations and site-to-site software on the employee's laptop for all other remote access
  D. Site-to-site VPNs between the home and city locations and site-to-site software on the employee's laptop for all other remote access
  A. Site-to-site VPNs between the two city locations and client-to-site software on the employee's laptop tor all other remote access

  ---

  Explanation/Reference:

  The technician would most likely train the employee on using site-to-site VPNs between the two city locations and client-to-site software on the employee's laptop for all other remote access. A VPN (Virtual Private Network) is a technology that creates a secure and encrypted tunnel over a public network such as the Internet. It allows remote users or sites to access a private network as if they were directly connected to it. A site-to- site VPN connects two or more networks, such as branch offices or data centers, using a VPN gateway device at each site. A client-to-site VPN connects individual users, such as mobile workers or telecommuters, using a VPN client software on their devices. In this scenario, the employee needs to access the network from different locations, such as home, travel, or another city. Therefore, the technician would train the employee on how to use site-to-site VPNs to connect to the network from another city location that shares services, and how to use client-to-site software to connect to the network from home or travel locations. References: https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/14106-how-vpn-works.html

• Question 997:

  Which of the following VPN types provides the highest security for a user who travels often but also has the highest bandwidth requirements to provide a satisfactory user experience?

  A. Full-tunnel
  B. Site-to-site
  C. Clientless D. Split-tunnel
  A. Full-tunnel

  ---

  Explanation/Reference:

  Full-tunnel VPN: In a full-tunnel VPN configuration, all of the user's internet traffic, regardless of destination, is routed through the VPN tunnel to the corporate network. This ensures that all communication is encrypted and secured, even when the user is accessing the internet from public or untrusted networks. While this level of security is ideal for protecting sensitive data, it can result in higher bandwidth usage due to routing all traffic through the VPN.

  Benefits of Full-tunnel VPN for the scenario described:

  Highest Security: All traffic is encrypted and protected, making it the most secure option for users who frequently travel and connect to various networks, including public Wi-Fi.

• Question 998:

  Which of the following network management methods is able to perform various automated tasks?

  A. SSH
  B. CLI
  C. GUI
  D. API
  D. API

  ---

  Explanation/Reference:

  API stands for Application Programming Interface, which is a set of rules and protocols that allow different software applications to communicate and exchange data. Network automation can use APIs to perform various automated tasks, such

  as configuring devices, provisioning resources, monitoring performance, and optimizing networks. APIs can enable network automation to interact with different network elements, platforms, and services, regardless of their vendor,

  technology, or architecture.

  The other options are not correct because:

  SSH stands for Secure Shell, which is a protocol that allows secure remote access to a network device. SSH can be used to manually configure and manage a network device, but it does not automate network tasks by itself. CLI stands for

  Command-Line Interface, which is a text-based interface that allows users to interact with a network device by typing commands. CLI can be used to manually configure and manage a network device, but it does not automate network tasks

  by itself.

  GUI stands for Graphical User Interface, which is a visual interface that allows users to interact with a network device by using icons, menus, and windows. GUI can be used to manually configure and manage a network device, but it does not

  automate network tasks by itself.

• Question 999:

  A client utilizes mobile tablets to view high-resolution images and videos via WiFi within a corporate office building. The previous administrator installed multiple high-density APs with WiFi 5, providing maximum coverage, but the measured performance is still below expected levels. Which of the following would provide the BEST solution?

  A. Channel bonding
  B. EIRP power settings
  C. Antenna polarization
  D. A directional antenna
  A. Channel bonding

• Question 1000:

  A network administrator is looking for an out-of-band method for accessing the console ports of a company's network devices when working remotely. Which of the following can be deployed as a solution?

  A. A hub
  B. Abridge
  C. A modem
  D. A WAP
  C. A modem

  ---

  Explanation/Reference: