A client who shares office space and an IT closet with another company recently reported connectivity issues throughout the network. Multiple third-party vendors regularly perform on-site maintenance in the shared IT closet. Which of the following security techniques would BEST secure the physical networking equipment?
A. Disabling unneeded switchports
B. Implementing role-based access
C. Changing the default passwords
D. Configuring an access control list
Correct Answer: B
Role-based access is a security technique that assigns permissions and privileges to users or groups based on their roles or functions within an organization. Role- based access can help secure the physical networking equipment by limiting who can access, modify, or manage the devices in the shared IT closet. Only authorized personnel with a valid role and credentials should be able to access the networking equipment. Disabling unneeded switchports is a security technique that prevents unauthorized devices from connecting to the network by turning off unused ports on a switch. Changing the default passwords is a security technique that prevents unauthorized access to network devices by replacing the factory-set passwords with strong and unique ones. Configuring an access control list is a security technique that filters network traffic by allowing or denying packets based on criteria such as source and destination IP addresses, ports, or protocols. References: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 3.2: Given a scenario, use appropriate network hardening techniques.
Question 852:
Which of the following would be the BEST choice to connect branch sites to a main office securely?
A. VPN headend
B. Proxy server
C. Bridge
D. Load balancer
Correct Answer: A
Host-to-Site, or Client-to-Site, VPN allows for remote servers, clients, and other hosts to establish tunnels through a VPN gateway (or VPN headend) via a private network. The tunnel between the headend and the client host encapsulates and encrypts data.
Question 853:
A network administrator installed an additional IDF during a building expansion project. Which of the following documents need to be updated to reflect the change? (Select TWO).
A. Data loss prevention policy
B. BYOD policy
C. Acceptable use policy
D. Non-disclosure agreement
E. Disaster recovery plan
F. Physical network diagram
Correct Answer: EF
Physical network diagram: The physical network diagram needs to be updated to include the new IDF location and the connections to the existing network infrastructure.
Disaster recovery plan: The disaster recovery plan needs to be updated to reflect the addition of the new IDF. This may include updating the recovery procedures and identifying any new critical systems or applications that are now located in the new IDF.
Question 854:
Several employees have expressed concerns about the company monitoring their internet activity when they are working from home. The company wants to mitigate this issue and reassure employees that their private internet activity is not being monitored. Which of the following would satisfy company and employee needs?
A. Split tunnel
B. Full tunnel
C. Site-to-site tunnel
D. Virtual desktop
Correct Answer: A
Split tunnel is a configuration that allows a remote user to access both the local network and the Internet at the same time. In a split tunnel configuration, only traffic destined for the corporate network is sent through the VPN tunnel, while all other traffic is sent directly to the Internet. This allows the remote user to access the Internet without the company's VPN server being able to monitor or intercept their traffic. Using a split tunnel configuration can help the company to mitigate employee concerns about internet activity being monitored and reassure employees that their private internet activity is not being monitored.
Question 855:
A new company recently moved into an empty office space Within days, users in the next office began noticing increased latency and packet drops with their Wi-Fi-connected devices. Which of the following is the MOST likely reason for this issue?
A. Channel overlap
B. Distance from the AP
C. Bandwidth latency
D. RF attenuation
E. Network congestion
Correct Answer: A
Network congestion would be if they were all on the same network, from the question I'm coming to the conclusion these are two different offices with two different WiFi connections. The new office's channel is overlapping with the preexisting office, causing them to have issues.
Question 856:
A new global ISP needs to connect from central offices in North America to the United Kingdom. Which of the following would be the BEST cabling solution for this project?
A. Single-mode
B. Coaxial
C. Cat 6a
D. Twinaxial
Correct Answer: A
Single-mode fiber would be the best cabling solution for this project as it provides higher bandwidth and longer distances than other cabling types, such as coaxial and Cat 6a. Single-mode fiber uses a small core that allows only one mode of light to propagate, which minimizes signal degradation and attenuation, making it ideal for long-distance communications. Twinaxial cable is typically used for short-distance, high-speed connections between devices, and coaxial cable is commonly used for cable television and other applications that require high-frequency signals.
Question 857:
Due to concerns around single points of failure, a company decided to add an additional WAN to the network. The company added a second MPLS vendor to the current MPLS WAN and deployed an additional WAN router at each site. Both MPLS providers use OSPF on the WAN network, and EIGRP is run internally. The first site to go live with the new WAN is successful, but when the second site is activated significant network issues occur. Which of the following is the MOST likely cause for the WAN instability?
A. A routing loop
B. Asymmetrical routing
C. A switching loop
D. An incorrect IP address
Correct Answer: B
Asymmetrical routing is the most likely cause for the WAN instability. When two different routing protocols are used, like OSPF and EIGRP, it can cause asymmetrical routing, which results in traffic being routed differently in each direction. This can lead to instability in the WAN. A CDP neighbor change, a switching loop, or an incorrect IP address are not likely causes for WAN instability.
Question 858:
A security engineer is trying to determine whether an internal server was accessed by hosts on the internet. The internal server was shut down during the investigation.
Which of the following will the engineer review to determine whether the internal server had an unauthorized access attempt?
A. The ARP table
B. The NetFlow statistics
C. The firewall logs
D. The audit logs on the core switch
Correct Answer: C
Although all these could be used in a situation like this, the key term was "from the internet," the only thing that watches/disseminates/monitors/ etc. your network from the internet is a firewall.
Question 859:
Which of the following would be used to forward requests and replies between a DHCP server and client?
A. Relay
B. Lease
C. Scope
D. Range
Correct Answer: A
A relay would be used to forward requests and replies between a DHCP (Dynamic Host Configuration Protocol) server and client. In networking, a relay is a device that receives incoming messages and then forwards them to their destination. In the context of DHCP, a relay is a device that receives DHCP requests from clients on one network and then forwards them to the DHCP server on another network. This is useful when the client and server are not on the same network and cannot communicate directly. The relay helps to ensure that the client can still receive a valid IP address and other configuration information from the server.
Question 860:
A technician needs to configure a routing protocol for an internet-facing edge router. Which of the following routing protocols will the technician MOST likely use?
A. BGP
B. RIPv2
C. OSPF
D. EIGRP
Correct Answer: A
Border Gateway Protocol (BGP) is used to Exchange routing information for the internet and is the protocol used between ISP which are different ASes. The protocol can connect together any internetwork of autonomous system using an arbitrary topology.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your N10-008 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.