CompTIA N10-008 Online Practice Questions and Exam Preparation

CompTIA N10-008 Online Questions & Answers

• Question 861:

  A network administrator would like 10 enable NetFlow on a Layer 3 switch but is concerned about how the feature may impact the switch. Which of the following metrics should the administrator graph using SNMP to BEST measure the feature's Impact?

  A. CPU usage
  B. Temperature
  C. Electrical consumption
  D. Bandwidth usage
  A. CPU usage

• Question 862:

  Which of the following is conducted frequently to maintain an updated list of a system's weaknesses?

  A. Penetration test
  B. Posture assessment
  C. Risk assessment
  D. Vulnerability scan
  D. Vulnerability scan

  ---

  Explanation/Reference:

  A vulnerability scan is an automated process that checks a system or network for known vulnerabilities, such as outdated software versions, misconfigured settings, and unpatched systems. It checks the system against a database of known vulnerabilities and generates a report of any weaknesses that are found. This process is usually done periodically, such as weekly or monthly, to ensure that the system stays up-to-date with the latest patches and security updates.

• Question 863:

  The management team has instituted a 48-hour RTO as part of the disaster recovery plan. Which of the following procedures would meet the policy's requirements?

  A. Recover all systems to a loss of 48 hours of data.
  B. Limit the network downtime to a maximum of 48 hours per year.
  C. Recover all systems within 48 hours.
  D. Require 48 hours of system backup maintenance.
  C. Recover all systems within 48 hours.

  ---

  Explanation/Reference:

  Recovery time objective (RTO) is the period following a disaster that an individual IT system may remain offline. This represents the maximum amount of time allowed to identify that there is a problem and then perform recovery (restore from backup or switch in an alternative system, for instance).

• Question 864:

  Which of the following devices is found in the middle tier of a three-tier network architecture?

  A. Router
  B. Multilayer switch
  C. Access switch
  D. Firewall
  B. Multilayer switch

  ---

  Explanation/Reference:

  In a three-tier network architecture, the middle tier is typically where the distribution layer resides, which connects network services to the access layer below and the core layer above. A multilayer switch operates at this level, providing routing, switching, and traffic management between subnets and VLANs.

• Question 865:

  A firewall administrator observes log entries of traffic being allowed to a web server on port 80 and port 443. The policy for this server is to only allow traffic on port 443. The firewall administrator needs to investigate how this change occurred to prevent a reoccurrence. Which of the following should the firewall administrator do next?

  A. Consult the firewall audit logs.
  B. Change the policy to allow port 80.
  C. Remove the server object from the firewall policy.
  D. Check the network baseline.
  A. Consult the firewall audit logs.

  ---

  Explanation/Reference:

  Firewall audit logs are records of the changes made to the firewall configuration, policies, and rules. They can help the firewall administrator to track who, when, and what changes were made to the firewall, and identify any unauthorized or erroneous modifications that could cause security issues or network outages. By consulting the firewall audit logs, the firewall administrator can investigate how the change that allowed traffic on port 80 to the web server occurred, and prevent it from happening again

• Question 866:

  A network administrator wants to control new router deployments via the use of application programming interfaces (APIs). This would be an example of:

  A. software-defined networking
  B. a three-tiered architecture
  C. collapsed backbone
  D. top-of-rack switching
  A. software-defined networking

  ---

  Explanation/Reference:

  Software-Defined Networking (SDN) is an approach to networking that uses software-based controllers or application programming interfaces (APIs) to communicate with underlying hardware infrastructure and direct traffic on a network. This model differs from that of traditional networks, which use dedicated hardware devices (i.e., routers and switches) to control network traffic. SDN can create and control a virtual network ?or control a traditional hardware ?via software. Reference: https://www.vmware.com/topics/glossary/content/software-defined-networking.html

• Question 867:

  A company commissioned a site survey to check wireless network coverage. The technician noticed undesirable levels of RSSI in different areas of the office.

  Which of the following levels did the technician most likely notice?

  A. -82dBm
  B. -61dBm
  C. 42dBm
  D. 63dBm
  A. -82dBm

• Question 868:

  A network technician needs to ensure outside users are unable to telnet into any of the servers at the datacenter. Which of the following ports should be blocked when checking firewall configuration?

  A. 22
  B. 23
  C. 80
  D. 3389
  E. 8080
  B. 23

  ---

  Explanation/Reference:

  Telnet uses UDP port 23.

• Question 869:

  A security analyst found the following vulnerability on the company's website:

  Which of the following should be implemented to prevent this type of attack in the future?

  A. Input sanitization
  B. Output encoding
  C. Code obfuscation
  D. Prepared statements
  A. Input sanitization

  ---

  Explanation/Reference:

  Input sanitization is the process of validating and filtering the user input to prevent malicious code or commands from being executed on the web server or the web browser. Input sanitization can prevent this type of attack, which is called cross-site scripting (XSS), by removing or escaping any special characters or scripts that are not expected or allowed in the input field. Input sanitization can be implemented on the server-side or the client- side, or both, to enhance the security of the web application.

• Question 870:

  An ISP is unable to provide services to a user in a remote area through cable and DSL. Which of the following is the NEXT best solution to provide services without adding external infrastructure?

  A. Fiber
  B. Leased line
  C. Satellite
  D. Metro optical
  C. Satellite

  ---

  Explanation/Reference:

  Satellite internet is a reliable alternative when cable and DSL services are unavailable in remote areas. With satellite internet, the user can connect to the internet via a satellite signal and a satellite dish. This is often the most cost-effective and practical option for remote areas where other types of internet services are not feasible due to distance or lack of infrastructure.