CompTIA CompTIA Certifications N10-008 Questions & Answers

• Question 241:

  A company receives a cease-and-desist order from its ISP regarding prohibited torrent activity. Which of the following should be implemented to comply with the cease-and-desist order?

  A. MAC security

  B. Content filtering

  C. Screened subnet

  D. Perimeter network

  Correct Answer: B

  Content filtering is a technique that blocks or allows access to certain types of web content, based on predefined criteria or policies. Content filtering can be used to comply with the cease-and-desist order by preventing users from accessing torrent sites or downloading torrent files, which are often used for illegal file sharing or piracy. Content filtering can also protect the network from malware, phishing, or inappropriate content. References: CompTIA Network+ N10-008 Cert Guide - O'Reilly Media, Chapter 14: Securing a Basic Network, page 520

• Question 242:

  Which of the following combinations of single cables and transceivers will allow a server to have 40GB of network throughput? (Select two).

  A. SFP+

  B. SFP

  C. QSFP+

  D. Multimode

  E. Cat 6a

  F. Cat5e

  Correct Answer: CD

  QSFP+ is a type of transceiver that supports 40 gigabit Ethernet (40GbE) over four lanes of 10 gigabit Ethernet (10GbE) each. QSFP+ stands for quad small form-factor pluggable plus, and it is a compact and hot-swappable module that plugs into a QSFP+ port on a network device. QSFP+ transceivers can support various types of cables and connectors, such as direct attach copper (DAC), active optical cable (AOC), or fiber optic cable. Multimode is a type of fiber optic cable that supports multiple modes of light propagation within the core. Multimode fiber optic cable can carry higher bandwidth and data rates than single-mode fiber optic cable, but over shorter distances. Multimode fiber optic cable is commonly used for short-reach applications, such as within a data center or a campus network. Multimode fiber optic cable can be paired with QSFP+ transceivers to achieve 40GbE connectivity. The other options are not correct because they do not support 40GbE. They are: SFP+. SFP+ is a type of transceiver that supports 10 gigabit Ethernet (10GbE) over a single lane. SFP+ stands for small form-factor pluggable plus, and it is a compact and hot-swappable module that plugs into an SFP+ port on a network device. SFP+ transceivers can support various types of cables and connectors, such as direct attach copper (DAC), active optical cable (AOC), or fiber optic cable. However, SFP+ transceivers cannot support 40GbE by themselves, unless they are used in a breakout configuration with a QSFP+ transceiver. SFP. SFP is a type of transceiver that supports 1 gigabit Ethernet (1GbE) over a single lane. SFP stands for small form-factor pluggable, and it is a compact and hot-swappable module that plugs into an SFP port on a network device. SFP transceivers can support various types of cables and connectors, such as twisted- pair copper, coaxial cable, or fiber optic cable. However, SFP transceivers cannot support 40GbE by themselves, unless they are used in a breakout configuration with a QSFP+ transceiver. Cat 6a. Cat 6a is a type of twisted-pair copper cable that supports 10 gigabit Ethernet (10GbE) over distances up to 100 meters. Cat 6a stands for category 6 augmented, and it is an enhanced version of Cat 6 cable that offers better performance and reduced crosstalk. Cat 6a cable can be paired with 10Gbase-T transceivers to achieve 10GbE connectivity. However, Cat 6a cable cannot support 40GbE by itself, unless it is used in a breakout configuration with a QSFP+ transceiver. Cat 5e. Cat 5e is a type of twisted-pair copper cable that supports 1 gigabit Ethernet (1GbE) over distances up to 100 meters. Cat 5e stands for category 5 enhanced, and it is an improved version of Cat 5 cable that offers better performance and reduced crosstalk. Cat 5e cable can be paired with 1000base-T transceivers to achieve 1GbE connectivity. However, Cat 5e cable cannot support 40GbE by itself, unless it is used in a breakout configuration with a QSFP+ transceiver. References1: QSFP+ - an overview | ScienceDirect Topics2: Multimode Fiber - an overview | ScienceDirect Topics3: Network+ (Plus) Certification | CompTIA IT Certifications4: SFP+ - an overview | ScienceDirect Topics5: SFP - an overview | ScienceDirect Topics6: Cat 6a - an overview | ScienceDirect Topics7: [Cat 5e - an overview | ScienceDirect Topics]

• Question 243:

  Which of the following routing technologies is used to prevent network failure at the gateway by protecting data traffic from a failed router?

  A. BGP

  B. OSPF

  C. EIGRP

  D. FHRP

  Correct Answer: D

  FHRP stands for First Hop Redundancy Protocol, and it is a group of protocols that allow routers to work together to provide backup or failover for the default gateway in a network. FHRP can prevent network failure at the gateway by protecting data traffic from a failed router and ensuring that there is always an active router to forward packets. Some examples of FHRP protocols are HSRP, VRRP, and GLBP12. References: 1: CompTIA Network+ N10-008 Cert Guide Chapter 13: Routing Protocols32: First Hop Redundancy Protocols (FHRP) Explained4

• Question 244:

  A malicious user is using special software 10 perform an on-path attack. Which of the following best practices should be configured to mitigate this threat?

  A. Dynamic ARP inspection

  B. Role-based access

  C. Control plane policing

  D. MAC filtering

  Correct Answer: A

• Question 245:

  A network administrator is preparing new switches that will be deployed to support a network extension project. The lead network engineer has already provided documentation to ensure the switches are set up properly. Which of the following did the engineer most likely provide?

  A. Physical network diagram

  B. Site survey reports

  C. Baseline configurations

  D. Logical network diagram

  Correct Answer: D

• Question 246:

  A VOIP phone is plugged in to a port but cannot receive calls. Which Of the following needs to be done on the port to address the issue?

  A. Trunk all VLANs on the port.

  B. Configure the native VLAN.

  C. Tag the traffic to voice VLAN.

  D. Disable VLANs.

  Correct Answer: C

  To enable a VOIP phone to receive calls on a port, the traffic needs to be tagged to the voice VLAN that is configured on the switch. This allows the phone to communicate with the voice network and the PBX server. Tagging the traffic also separates the voice traffic from the data traffic that may be coming from a computer connected to the phone. The port should be configured to tag the traffic for the voice VLAN and untag the traffic for the data VLAN1. Trunking all VLANs on the port is unnecessary and may cause security issues. Configuring the native VLAN is not relevant for this issue. Disabling VLANs would prevent the phone from working at all. References: Optical Fiber Connectors ?CompTIA Network+ N10-007 ?2.13 VoIP and computer on separate VLANs through one cable1

• Question 247:

  Which of the following is an advantage of using the cloud as a redundant data center?

  A. The process of changing cloud providers is easy.

  B. Better security for company data is provided.

  C. The initial capital expenses are lower.

  D. The need for backups is eliminated.

  Correct Answer: C

  Using the cloud as a redundant data center means that the company does not need to invest in building and maintaining a physical backup site, which can be costly and time- consuming. Instead, the company can pay for the cloud services as needed, which can reduce the initial capital expenses and operational costs. However, this does not mean that the other options are true. Changing cloud providers may not be easy due to compatibility, contractual, or regulatory issues. Security for company data may not be better in the cloud, depending on the cloud provider's policies and practices. The need for backups is not eliminated, as the cloud data still needs to be protected from loss, corruption, or unauthorized access.

• Question 248:

  A network administrator is checking to see if anything has changed. Which of the following steps of the troubleshooting methodology is involved?

  A. Identify the problem.

  B. Test the theory.

  C. Establish a theory.

  D. Document findings.

  Correct Answer: B

  According to the CompTIA troubleshooting methodology1, testing the theory is the step where the network administrator verifies if the problem is caused by a specific factor or change. This step involves checking the system logs, running diagnostic tools, or performing other tests to confirm or eliminate the possible cause.

• Question 249:

  The network engineer receives a new router to use for WAN connectivity. Which of the following best describes the layer the network engineer should connect the new router to?

  A. Core

  B. Leaf

  C. Distribution

  D. Access

  Correct Answer: C

  The distribution layer is the layer that connects the access layer to the core layer in a hierarchical network design. The distribution layer is responsible for routing, filtering, and policy enforcement between the LAN and the WAN. A router is a layer 3 device that can perform these functions and connect to different WAN technologies.

• Question 250:

  Which of the following authentication methods requires a user to enter a password and scan a fingerprint?

  A. Single sign-on

  B. Kerberos

  C. Multifactor

  D. Network access control

  Correct Answer: C

  Multifactor authentication is a method of verifying a user's identity by requiring more than one factor, such as something the user knows, something the user has, or something the user is. A password is something the user knows, and a fingerprint is something the user is. Therefore, a user who needs to enter a password and scan a fingerprint is using multifactor authentication.