CompTIA N10-008 Online Practice Questions and Exam Preparation

CompTIA N10-008 Online Questions & Answers

• Question 471:

  A client wants to increase overall security after a recent breach. Which of the following would be best to implement? (Choose two.)

  A. Least privilege network access
  B. Dynamic inventories
  C. Central policy management
  D. Zero-touch provisioning
  E. Configuration drift prevention
  F. Subnet range limits
  A. Least privilege network access
  C. Central policy management

  ---

  Explanation/Reference:

  Least privilege network access: Implementing the principle of least privilege ensures that users and systems have only the minimum levels of access or permissions necessary to perform their functions. This helps to limit the potential impact of security breaches. Central policy management: Centralized policy management allows for consistent application of security policies across the entire network. This ensures that security settings are centrally configured, monitored, and enforced, reducing the likelihood of misconfigurations or oversights that could lead to security vulnerabilities.

  While all the options listed can contribute to overall security, the two mentioned above are particularly effective in controlling access and managing security policies, which are crucial aspects of post-breach security measures.

• Question 472:

  A network technician is planning a network scope. The web server needs to be within 12.31 69.1 to 12.31.69.29. Which of the following would meet this requirement?

  A. Lease time
  B. Range reservation
  C. DNS
  D. Superscope
  A. Lease time

• Question 473:

  A customer wants to install a network that can utilize 802.1X authentication protocols. The customer uses a Windows laptop and does not want to install any additional software; therefore, a technician needs to configure the network to work with what is available natively. Which of the following should the technician configure for the 802.1X network?

  A. PEAP
  B. LDAP
  C. EAP-FAST
  D. NAC
  A. PEAP

  ---

  Explanation/Reference:

• Question 474:

  Which of the following policies is MOST commonly used for guest captive portals?

  A. AUP
  B. DLP
  C. BYOD
  D. NDA
  A. AUP

  ---

  Explanation/Reference:

  AUP stands for Acceptable Use Policy, which is a policy that defines the rules and guidelines for using a network or service. A guest captive portal is a web page that requires users to agree to the AUP before accessing the Internet or other

  network resources. This is a common way to enforce security and legal compliance for guest users.

  References:

  https://www.arubanetworks.com/techdocs/Instant_87_WebHelp/Content/instant-ug/captive-portal/captive-portal.htm

• Question 475:

  Which of the following connector types would have the MOST flexibility?

  A. SFP
  B. BNC
  C. LC
  D. RJ45
  A. SFP

  ---

  Explanation/Reference:

  SFP (Small Form-factor Pluggable) is a type of transceiver used for data communication. It is a compact and hot-swappable module that provides a physical connection between a network device and a fiber optic cable. SFPs can support various data rates and distances, depending on the type of SFP used.

  An example of SFP use for a home user would be connecting a home network to a high-speed internet service provider. The SFP would be used to connect the network switch to the fiber optic modem provided by the internet service provider, allowing the home network to access the internet at high speeds. This setup would be particularly useful for homes with multiple devices that require a high-speed internet connection, such as gaming consoles, smart TVs, and streaming devices.

• Question 476:

  Which of the following would be BEST suited for use at the access layer in a three-tier architecture system?

  A. Router
  B. Multilayer switch
  C. Layer 2 switch
  D. Access point
  C. Layer 2 switch

  ---

  Explanation/Reference:

  A layer 2 switch is a device that forwards traffic based on MAC addresses within a single network segment or VLAN. A layer 2 switch is best suited for use at the access layer in a three-tier architecture system. The access layer is the layer that connects end devices such as computers, printers, and phones to the network. A layer 2 switch can provide fast and efficient switching for end devices without adding complexity or overhead to the network.

  References: https://www.comptia.org/training/books/network-n10-008-study-guide (page 139)

• Question 477:

  A website administrator is concerned the company's static website could be defaced by hacktivists or used as a pivot point to attack internal systems. Which of the following should a network security administrator recommend to assist with detecting these activities?

  A. Implement file integrity monitoring.
  B. Change the default credentials.
  C. Use SSL encryption.
  D. Update the web-server software.
  A. Implement file integrity monitoring.

  ---

  Explanation/Reference:

• Question 478:

  A OLP system configured on a network's point of egress captured sensitive company documents going out to the Internet from an Internal workstation. The user o that workstation left to work for a competitor the next day. Which of the following attacks is lib MOST likely an example of?

  A. Ransomware
  B. Evil twin
  C. insider threat
  D. Social engineering
  A. Ransomware

• Question 479:

  During a recent security audit, a contracted penetration tester discovered the organization uses a number of insecure protocols. Which of the following ports should be disallowed so only encrypted protocols are allowed? (Select TWO).

  A. 22
  B. 23
  C. 69
  D. 443
  E. 587
  F. 8080
  B. 23
  C. 69

  ---

  Explanation/Reference:

  TFTP (Trivial File Transfer Protocol) is not considered a secure protocol. It does not provide any encryption or authentication mechanisms, making it vulnerable to man-in-the-middle attacks and unauthorized access to transferred data. It is mainly used for transferring files over local networks and is not recommended for sensitive information or data transmission over the internet.

• Question 480:

  A help desk technician is troubleshooting a Windows server named SQL.local and wants to check which port a specific application is running on. Which of the following commands should the technician run?

  A. dig
  B. traceroute
  C. arp
  D. netstat
  D. netstat

  ---

  Explanation/Reference:

  Netstat is a command-line tool that displays active network connections and listening ports on a host. By running the netstat command with appropriate parameters on the Windows server (SQL.local), the technician can view the list of active connections and the associated ports. This will help identify the port on which the specific application is running.