CompTIA N10-008 Online Practice Questions and Exam Preparation

CompTIA N10-008 Online Questions & Answers

• Question 801:

  A network attack caused a network outage by wiping the configuration and logs of the border firewall. Which of the following sources, in an investigation to determine how the firewall was compromised, can provide the MOST detailed data?

  A. Syslog server messages
  B. MIB of the attacked firewall
  C. Network baseline reports
  D. NetFlow aggregate data
  A. Syslog server messages

  ---

  Explanation/Reference:

  Syslog server messages would be the best source to provide the most detailed data in an investigation to determine how the firewall was compromised. Syslog server messages can contain a wealth of information related to network activity, including messages related to firewall activity, such as configuration changes and log messages. In this scenario, reviewing the syslog messages from the firewall prior to the attack could provide insight into the attack method and the source of the attack.

• Question 802:

  A technician is expanding a wireless network and adding new access points. The company requires that each access point broadcast the same SSID. Which of the following should the technician implement for this requirement?

  A. MIMO
  B. Roaming
  C. Channel bonding
  D. Extended service set
  D. Extended service set

  ---

  Explanation/Reference:

  An extended service set (ESS) is a wireless network that consists of two or more access points (APs) that share the same SSID and are connected by a distribution system, such as a switch or a router. An ESS allows wireless clients to roam seamlessly between different APs without losing connectivity or changing network settings. An ESS can also increase the coverage area and capacity of a wireless network

• Question 803:

  A wireless network was installed in a warehouse for employees to scan crates with a wireless handheld scanner. The wireless network was placed in the corner of the building near the ceiling for maximum coverage However users in the offices adjacent lo the warehouse have noticed a large amount of signal overlap from the new network Additionally warehouse employees report difficulty connecting to the wireless network from the other side of the building; however they have no issues when Ihey are near the antenna.

  Which of the following is MOST likely the cause?

  A. The wireless signal is being refracted by the warehouse's windows
  B. The antenna's power level was set too high and is overlapping
  C. An omnidirectional antenna was used instead of a unidirectional antenna
  D. The wireless access points are using channels from the 5GHz spectrum
  C. An omnidirectional antenna was used instead of a unidirectional antenna

  ---

  Explanation/Reference:

  An omnidirectional antenna was used instead of a unidirectional antenna, which is most likely the cause of the wireless network issues. An omnidirectional antenna provides wireless coverage in all directions from the antenna, which can cause signal overlap with adjacent offices and interference with other wireless networks. A unidirectional antenna, on the other hand, provides wireless coverage in a specific direction from the antenna, which can reduce signal overlap and interference and increase signal range and quality. A unidirectional antenna would be more suitable for a warehouse environment where users are located on one side of the building1.

  References: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/82068-omni-vs-direct.html

• Question 804:

  A network technician configures a firewall to block only certain IP addresses from accessing the Internet.

  All users are reporting that they are unable to access the Internet.

  Which of the following is the MOST likely reason?

  A. Incorrectly configured ACL
  B. Implicit allow statement
  C. SMTP requests are being denied
  D. All protocols are being allowed in
  A. Incorrectly configured ACL

• Question 805:

  A network administrator is setting up a web-based application for a company. The application needs to be continually accessible to all end users.

  Which of the following would best ensure this need is fulfilled?

  A. NIC teaming
  B. Cold site
  C. Snapshots
  D. High availability
  D. High availability

  ---

  Explanation/Reference:

  High availability is a quality of a system or component that assures a high level of operational performance for a given period of time. High availability means that an IT system, component, or application can operate at a high level, continuously, without intervention, for a given time period. High-availability infrastructure is configured to deliver quality performance and handle different loads and failures with minimal or zero downtime. High availability is important for web-based applications, as it ensures that the application is always accessible to the end users, even in the event of a server or component failure. High availability can be achieved by eliminating single points of failure, implementing redundancy, load balancing, and failover mechanisms.

• Question 806:

  A network technician is configuring a new web server at the company office. The network manager has instructed the technician to implement it in such a way so it is isolated from the local network and still able to be reached from an external network. Which of the following BEST describes where the technician should set up the new server?

  A. Private VLAN
  B. IDF
  C. DMZ
  D. Native VLAN
  C. DMZ

• Question 807:

  A network administrator views a network pcap and sees a packet containing the following:

  

  Which of the following are the BEST ways for the administrator to secure this type of traffic? (Select TWO).

  A. Migrate the network to IPv6.
  B. Implement 802.1 X authentication
  C. Set a private community siring
  D. Use SNMPv3.
  E. Incorporate SSL encryption
  F. Utilize IPSec tunneling.
  C. Set a private community siring
  D. Use SNMPv3.

  ---

  Explanation/Reference:

  The "community: public" line indicates that the default community string "public" is being used for SNMP requests. This is a well-known community string that is often used for testing but should not be used in production environments. Changing the community string to a private, unique value is essential to prevent unauthorized access. Only devices with the correct community string can access SNMP data.

  SNMPv3 is the most secure version of SNMP. It provides authentication, data integrity, and encryption features to protect SNMP traffic. By using SNMPv3, the administrator can ensure that SNMP traffic is secure and protected from unauthorized access and data tampering.

• Question 808:

  Which of the following demarcation connections would be MOST appropriate to use with a cable modem being installed in a SOHO situation?

  A. RG6
  B. Cat 6
  C. RJ11
  D. Multimode fiber
  A. RG6

• Question 809:

  Which of the following is the most cost-effective way for a network administrator to establish a persistent, secure connection between two facilities?

  A. Site-to-site VPN
  B. SSH tunnel
  C. API gateway
  D. Dedicated line
  A. Site-to-site VPN

  ---

  Explanation/Reference:

  A site-to-site VPN (Virtual Private Network) is the most cost-effective way for a network administrator to establish a persistent, secure connection between two facilities. It allows secure communication over the internet by encrypting the data transmitted between the two locations. Site-to-site VPNs are a practical and economical solution for connecting geographically dispersed sites over the public internet while maintaining a high level of security.

• Question 810:

  A network security technician is designing a solution for a secure remote access scheme with the following requirements:

  1.

  The solution must allow for users at multiple locations to access corporate resources.

  2.

  The on-premises equipment will not handle non-corporate, resource-bound traffic.

  Which of the following should the network security technician consider when designing the solution? (Choose two.)

  A. Clientless VPN
  B. Personal VPN
  C. Full-tunnel VPN
  D. Client-to-site VPN
  E. Site-to-site VPN
  F. Split-tunnel VPN
  A. Clientless VPN
  F. Split-tunnel VPN