CompTIA CompTIA Certifications N10-008 Questions & Answers

• Question 421:

  ARP spoofing would normally be a part of:

  A. an on-path attack.

  B. DNS poisoning.

  C. a DoS attack.

  D. a rogue access point.

  Correct Answer: A

  ARP spoofing is a technique used in network attacks where an attacker sends falsified Address Resolution Protocol (ARP) messages over a local area network to link an attacker's MAC address with the IP address of a legitimate computer or server on the network. This allows the attacker to intercept network traffic meant for that legitimate computer or server, redirecting it to their own device to carry out various attacks. This is often part of an on-path attack where the attacker attempts to intercept and manipulate the network traffic between two endpoints.

• Question 422:

  A network engineer is monitoring a fiber uplink to a remote office and notes the uplink has been operating at 100% capacity for a long duration. Which of the following performance metrics is MOST likely to be impacted with sustained link saturation?

  A. Latency

  B. Jitter

  C. Speed

  D. Bandwidth

  Correct Answer: A

  When a fiber uplink is operating at 100% capacity for an extended period of time, it can cause sustained link saturation. This can impact the network's performance by increasing latency. Latency is the time it takes for a packet to travel from the source to its destination. When there is link saturation, packets may have to wait in a queue before being transmitted, which increases the time it takes for them to reach their destination. As a result, users may experience delays or timeouts when accessing network resources. Other metrics such as jitter, speed, and bandwidth are also important, but they are not as directly impacted by sustained link saturation as latency.

• Question 423:

  A network engineer developed a plan of action to resolve an ongoing issue. Which of the following steps should the engineer take NEXT?

  A. Verify full system functionality and implement preventative measures.

  B. Implement the solution to resolve the problem.

  C. Document findings, actions, outcomes, and lessons learned.

  D. Establish a theory of probable cause.

  Correct Answer: B

  Network troubleshooting is a repeatable process, which means that you can break it down into clear steps that anyone can follow.

  Identify the Problem. ...

  Develop a Theory. ...

  Test the Theory. ...

  Plan of Action. ...

  Implement the Solution. ...

  Verify System Functionality. ...

  Document the Issue.

  Theory of probable cause is before Plan of action. https://www.comptia.org/content/guides/a-guide-to-network-troubleshooting

• Question 424:

  Which of the following layers of the OSI model receives data from the application layer and converts it into syntax that is readable by other devices on the network?

  A. Layer 1

  B. Layer 3

  C. Layer 6

  D. Layer 7

  Correct Answer: C

  "Presentation Layer is the 6th layer in the Open System Interconnection (OSI) model. This layer is also known as Translation layer, as this layer serves as a data translator for the network. The data which this layer receives from the Application Layer is extracted and manipulated here as per the required format to transmit over the network. The main responsibility of this layer is to provide or define the data format and encryption. The presentation layer is also called as Syntax layer since it is responsible for maintaining the proper syntax of the data which it either receives or transmits to other layer(s)."

• Question 425:

  A network administrator views a network pcap and sees a packet containing the following:

  

  Which of the following are the BEST ways for the administrator to secure this type of traffic? (Select TWO).

  A. Migrate the network to IPv6.

  B. Implement 802.1 X authentication

  C. Set a private community siring

  D. Use SNMPv3.

  E. Incorporate SSL encryption

  F. Utilize IPSec tunneling.

  Correct Answer: CD

  The "community: public" line indicates that the default community string "public" is being used for SNMP requests. This is a well-known community string that is often used for testing but should not be used in production environments. Changing the community string to a private, unique value is essential to prevent unauthorized access. Only devices with the correct community string can access SNMP data.

  SNMPv3 is the most secure version of SNMP. It provides authentication, data integrity, and encryption features to protect SNMP traffic. By using SNMPv3, the administrator can ensure that SNMP traffic is secure and protected from unauthorized access and data tampering.

• Question 426:

  A technician recently set up a small office network for nine users. When the installation was complete, all the computers on the network showed addresses ranging from 169.254.0.0 to 169.254.255.255. Which of the following types of address ranges does this represent?

  A. Private

  B. Public

  C. APIPA

  D. Classless

  Correct Answer: C

  APIPA stands for Automatic Private IP Addressing (APIPA). It is a feature or characteristic in operating systems (eg. Windows) which enables computers to self-configure an IP address and subnet mask automatically when their DHCP (Dynamic Host Configuration Protocol) server isn't reachable.

• Question 427:

  An administrator is working with the local ISP to troubleshoot an issue. Which of the following should the ISP use to define the furthest point on the network that the administrator is responsible for troubleshooting?

  A. Firewall

  B. A CSU/DSU

  C. Demarcation point

  D. Router E. Patch panel

  Correct Answer: C

  Demarc point denotes the separation of responsibility from ISP to administrator.

• Question 428:

  A company has multiple offices around the world. The computer rooms in some office locations are too warm Dedicated sensors are in each room, but the process of checking each sensor takes a long time. Which of the following options can the company put In place to automate temperature readings with internal resources?

  A. Implement NetFlow.

  B. Hire a programmer to write a script to perform the checks

  C. Utilize ping to measure the response.

  D. Use SNMP with an existing collector server

  Correct Answer: D

  SNMP (Simple Network Management Protocol) is a protocol that allows network devices to communicate with a management server. By using SNMP, the company can set up an SNMP agent on each sensor, which will report its temperature readings to an existing collector server. This will enable the company to monitor the temperatures of all their sensors in real-time without the need for manual checks. Additionally, SNMP's scalability means that even if the company adds more rooms or sensors, the existing system can be easily expanded to accommodate them.

• Question 429:

  An organization purchased an allocation of public IPv4 addresses. Instead of receiving the network address and subnet mask, the purchase paperwork indicates the allocation is a /28. This type of notation is referred to as:

  A. CIDR

  B. classful

  C. classless

  D. RFC1918

  Correct Answer: A

  Classless Inter-Domain Routing (CIDR) is a group of IP addresses that are allocated to the customer when they demand a fixed number of IP addresses.

  In CIDR there is no wastage of IP addresses as compared to classful addressing because only the numbers of IP addresses that are demanded by the customer are allocated to the customer.

  The group of IP addresses is called Block in Classless Inter - Domain (CIDR).

  CIDR follows CIDR notation or Slash notation. The representation of CIDR notation is x.y.z.w /n the x.y.z.w is IP address and n is called mask or number of bits that are used in network id.

  https://www.tutorialspoint.com/what-is-cidr-and-how-it-works

• Question 430:

  A network technician at a university is assisting with the planning of a simultaneous software deployment to multiple computers in one classroom in a building. Which of the following would be BEST to use?

  A. Multicast

  B. Anycast

  C. Unicast

  D. Broadcast

  Correct Answer: A

  Multicast would be the BEST to use in this scenario.

  Multicast is a method of transmitting a single copy of data to a group of destinations on a network simultaneously. It allows a source to send a single copy of data to a specific group of hosts, rather than sending a separate copy of the data to

  each individual host. This is an efficient way to deploy software to multiple computers in one classroom, as it reduces network traffic and ensures that all computers receive the software update at the same time.