To comply with industry requirements, a security assessment on the cloud server should identify which protocols and weaknesses are being exposed to attackers on the Internet. Which of the following tools is the MOST appropriate to complete the assessment?
A. Use tcpdump and parse the output file in a protocol analyzer.
B. Use an IP scanner and target the cloud WAN network addressing.
C. Run netstat in each cloud server and retrieve the running processes.
D. Use nmap and set the servers' public IPs as the targets.
Correct Answer: D
Nmap (Network Mapper) is a popular and widely-used open source tool for network exploration, management, and security auditing. It can be used to identify which protocols and services are exposed to the Internet on a cloud server, by setting the server's public IP address as the target. Nmap can scan for open ports and associated services, and report on any vulnerabilities that are detected.
Question 982:
A network administrator wants to reduce overhead and increase efficiency on a SAN. Which of the following can be configured to achieve these goals?
A. Port aggregation
B. Traffic shaping
C. Jumbo frames
D. Flow control
Correct Answer: C
In a Storage Area Network (SAN), large amounts of data are frequently transferred, which can result in overhead and decreased efficiency. Jumbo frames can be used to reduce overhead and increase efficiency by increasing the maximum transmission unit (MTU) size for a network. By increasing the MTU size, jumbo frames can reduce the overhead associated with transmitting large amounts of data, resulting in improved performance for large data transfers, such as those that occur in a SAN.
Port aggregation (A) combines multiple physical links into a single logical link to increase the bandwidth of a network. Traffic shaping (B) is used to control the flow of data and prioritize certain types of network traffic. Flow control (D) is used to regulate the amount of data that can be transmitted on a network to prevent network congestion. While these technologies can also play a role in improving network efficiency, they are not directly related to reducing overhead in a SAN specifically.
Question 983:
A network administrator needs to implement an HDMI over IP solution. Which of the following will the network administrator MOST likely use to ensure smooth video delivery?
A. Link aggregation control
B. Port tagging
C. Jumbo frames
D. Media access control
Correct Answer: C
Giants are packets that exceed the configured MTU (Maximum Transmission Unit) of a switchport or interface, which causes them to be dropped or fragmented by the switch or router. The MTU is the maximum size of a packet that can be transmitted without fragmentation on a given medium or protocol. Giants can indicate misconfiguration or mismatch of MTU values between devices or interfaces on a network, which can cause performance issues or errors. CRC errors are errors that occur when the cyclic redundancy check (CRC) value of a packet does not match the calculated CRC value at the destination, which indicates corruption or alteration of data during transmission due to noise, interference, faulty cabling, etc., but not necessarily exceeding MTU values. Runts are packets that are smaller than the minimum size allowed by the medium or protocol, which causes them to be dropped or ignored by the switch or router. Flooding is a technique where a switch sends packets to all ports except the source port when it does not have an entry for the destination MAC address in its MAC address table, which can cause congestion or broadcast storms on a network.
Question 984:
A user is having difficulty with video conferencing and is looking for assistance.
Which of the following would BEST improve performance?
A. Packet shaping
B. Quality of service
C. Port mirroring
D. Load balancing
Correct Answer: B
Quality of service (QoS) is a mechanism that prioritizes network traffic based on different criteria, such as application type, source and destination address, port number, etc., and allocates bandwidth and resources accordingly. QoS would best improve performance for video conferencing, as it would ensure that video traffic gets higher priority and lower latency than other types of traffic on the network. Packet shaping is a technique that controls the rate or volume of network traffic by delaying or dropping packets that exceed certain thresholds or violate certain policies, which may not improve performance for video conferencing if it causes packet loss or jitter. Port mirroring is a technique that copies traffic from one port to another port on a switch for monitoring or analysis purposes, which does not improve performance for video conferencing at all. Load balancing is a technique that distributes network traffic across multiple servers or devices for improved availability and scalability, which does not
Question 985:
A network administrator is reviewing interface errors on a switch. Which of the following indicates that a switchport is receiving packets in excess of the configured MTU?
A. CRC errors
B. Giants
C. Runts
D. Flooding
Correct Answer: B
Giants are packets that exceed the configured MTU (Maximum Transmission Unit) of a switchport or interface, which causes them to be dropped or fragmented by the switch or router. The MTU is the maximum size of a packet that can be transmitted without fragmentation on a given medium or protocol. Giants can indicate misconfiguration or mismatch of MTU values between devices or interfaces on a network, which can cause performance issues or errors. CRC errors are errors that occur when the cyclic redundancy check (CRC) value of a packet does not match the calculated CRC value at the destination, which indicates corruption or alteration of data during transmission due to noise, interference, faulty cabling, etc., but not necessarily exceeding MTU values. Runts are packets that are smaller than the minimum size allowed by the medium or protocol, which causes them to be dropped or ignored by the switch or router. Flooding is a technique where a switch sends packets to all ports except the source port when it does not have an entry for the destination MAC address in its MAC address table, which can cause congestion or broadcast storms on a network.
Question 986:
A company is being acquired by a large corporation. As part of the acquisition process, the company's address should now redirect clients to the corporate organization page. Which of the following DNS records needs to be created?
A. SOA
B. NS
C. CNAME
D. TXT
Correct Answer: C
CNAME (Canonical Name) is a type of DNS record that maps an alias name to another name, which can be either another alias or the canonical name of a host or domain. A CNAME record can be used to redirect clients from one domain name to another domain name, such as from the company's address to the corporate organization page. SOA (Start of Authority) is a type of DNS record that specifies authoritative information about a DNS zone, such as the primary name server, contact email address, serial number, refresh interval, etc., which does not redirect clients to another domain name. NS (Name Server) is a type of DNS record that specifies which name server is authoritative for a domain or subdomain, which does not redirect clients to another domain name. TXT (Text) is a type of DNS record that provides arbitrary text information about a domain or subdomain, such as SPF (Sender Policy Framework) records or DKIM (DomainKeys Identified Mail) records, which does not redirect clients to another domain name.
Question 987:
A client moving into a new office wants the IP network set up to accommodate 412 network-connected devices that are all on the same subnet. The subnet needs to be as small as possible.
Which of the following subnet masks should be used to achieve the required result?
A. 255.255.0.0
B. 255.255.252.0
C. 255.255.254.0
D. 255.255.255.0
Correct Answer: C
The standard Class C subnet mask 255.255.255.0 gives you 256 addresses. Borrowing one more bit from the network portion doubles the address capacity (512). Subtract 2 for gateway/broadcast and you're at 510. The answer is
Question 988:
Which of the following would be used to expedite MX record updates to authoritative NSs?
A. UDP forwarding
B. DNS caching
C. Recursive lookup
D. Time to live
Correct Answer: D
Time to live (TTL) is a value that indicates how long a DNS record can be cached by authoritative NSs (name servers) or other DNS servers before it expires and needs to be updated. A lower TTL value would expedite MX record updates to authoritative NSs, as they would refresh the record more frequently. UDP forwarding is not a DNS term, but a technique of sending UDP packets from one host to another. DNS caching is the process of storing DNS records locally for faster resolution, which does not expedite MX record updates. Recursive lookup is a type of DNS query where a DNS server queries other DNS servers on behalf of a client until it finds the answer, which does not expedite MX record updates.
Question 989:
A network administrator is required to ensure that auditors have read-only access to the system logs, while systems administrators have read and write access to the system logs, and operators have no access to the system logs. The network administrator has configured security groups for each of these functional categories. Which of the following security capabilities will allow the network administrator to maintain these permissions with the LEAST administrative effort?
A. Mandatory access control
B. User-based permissions
C. Role-based access
D. Least privilege
Correct Answer: C
Role-based access is a security capability that assigns permissions to users based on their roles or functions within an organization. It allows the network administrator to maintain these permissions with the least administrative effort, as they only need to configure the security groups for each role once and then assign users to those groups. Mandatory access control is a security capability that assigns permissions based on security labels or classifications, which requires more administrative effort to maintain. User-based permissions are a security capability that assigns permissions to individual users, which is not scalable or efficient for large organizations. Least privilege is a security principle that states that users should only have the minimum level of access required to perform their tasks, which is not a security capability by itself.
Question 990:
Which of the following is used to provide networking capability for VMs at Layer 2 of the OSI model?
A. VPN
B. VRRP
C. vSwitch
D. VIP
Correct Answer: C
A vSwitch (virtual switch) is a software-based switch that provides networking capability for VMs (virtual machines) at Layer 2 of the OSI model. It connects the VMs to each other or to external networks using virtual NICs (network interface cards). A VPN (virtual private network) is a technology that creates a secure tunnel over a public network for remote access or site-to-site connectivity. VRRP (Virtual Router Redundancy Protocol) is a protocol that provides high availability for routers by creating a virtual router with multiple physical routers. A VIP (virtual IP) is an IP address that can be shared by multiple servers or devices for load balancing or failover purposes.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your N10-008 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.