Practice Free N10-008 Exam Online Questions
Question #121
A network resource was accessed by an outsider as a result of a successful phishing campaign.
Which of the following strategies should be employed to mitigate the effects of phishing?
- A . Multifactor authentication
- B . Single sign-on
- C . RADIUS
- D . VPN
Correct Answer: A
A
Explanation:
Multifactor authentication is a security measure that requires users to provide multiple pieces of evidence before they can access a network resource. This could include requiring users to enter a username, password, and a code sent to the user’s mobile phone before they are allowed access. This ensures that the user is who they say they are, reducing the risk of malicious actors gaining access to network resources as a result of a successful phishing campaign.
A
Explanation:
Multifactor authentication is a security measure that requires users to provide multiple pieces of evidence before they can access a network resource. This could include requiring users to enter a username, password, and a code sent to the user’s mobile phone before they are allowed access. This ensures that the user is who they say they are, reducing the risk of malicious actors gaining access to network resources as a result of a successful phishing campaign.
Question #122
A network administrator is decommissioning a server.
Which of the following will the network administrator MOST likely consult?
- A . Onboarding and off boarding policies
- B . Business continuity plan
- C . Password requirements
- D . Change management documentation
Correct Answer: D
D
Explanation:
A redundant cluster of devices is a group of devices that can provide backup or failover functionality in case of a hardware failure or a network attack.
Layer 2 devices operate at the data link layer of the OSI model and are responsible for forwarding frames based on MAC addresses. They include switches, bridges, and NICs.
Multiple routers are not Layer 2 devices, but Layer 3 devices that operate at the network layer of the OSI model and are responsible for forwarding packets based on IP addresses. Therefore, option A is incorrect.
Multiple switches are Layer 2 devices that can provide redundancy and scalability in the network by using protocols such as spanning tree, link aggregation, and VLANs. They can also support Layer 3 functions such as routing and inter-VLAN routing. Therefore, option B is the correct answer. Multiple firewalls are not Layer 2 devices, but Layer 4 devices that operate at the transport layer of the OSI model and are responsible for filtering traffic based on ports and protocols. They can also provide security services such as NAT, VPN, and IDS. Therefore, option C is incorrect.
Multiple budges is a typo and should be multiple bridges. Bridges are Layer 2 devices that can divide a network into segments and reduce collisions. However, they are less efficient and less intelligent than switches, and they are rarely used in modern networks. Therefore, option D is incorrect.
Reference:
CompTIA Network+ N10-008 Study Guide, Chapter 2: Network Devices, pages 47-48, 51-52, 55-56, 59-60.
Professor Messer’s Network+ Video Course, Section 1.1: Network Devices, videos 1.1.1 – 1.1.4, 1.1.6,
D
Explanation:
A redundant cluster of devices is a group of devices that can provide backup or failover functionality in case of a hardware failure or a network attack.
Layer 2 devices operate at the data link layer of the OSI model and are responsible for forwarding frames based on MAC addresses. They include switches, bridges, and NICs.
Multiple routers are not Layer 2 devices, but Layer 3 devices that operate at the network layer of the OSI model and are responsible for forwarding packets based on IP addresses. Therefore, option A is incorrect.
Multiple switches are Layer 2 devices that can provide redundancy and scalability in the network by using protocols such as spanning tree, link aggregation, and VLANs. They can also support Layer 3 functions such as routing and inter-VLAN routing. Therefore, option B is the correct answer. Multiple firewalls are not Layer 2 devices, but Layer 4 devices that operate at the transport layer of the OSI model and are responsible for filtering traffic based on ports and protocols. They can also provide security services such as NAT, VPN, and IDS. Therefore, option C is incorrect.
Multiple budges is a typo and should be multiple bridges. Bridges are Layer 2 devices that can divide a network into segments and reduce collisions. However, they are less efficient and less intelligent than switches, and they are rarely used in modern networks. Therefore, option D is incorrect.
Reference:
CompTIA Network+ N10-008 Study Guide, Chapter 2: Network Devices, pages 47-48, 51-52, 55-56, 59-60.
Professor Messer’s Network+ Video Course, Section 1.1: Network Devices, videos 1.1.1 – 1.1.4, 1.1.6,
Question #122
A network administrator is decommissioning a server.
Which of the following will the network administrator MOST likely consult?
- A . Onboarding and off boarding policies
- B . Business continuity plan
- C . Password requirements
- D . Change management documentation
Correct Answer: D
D
Explanation:
A redundant cluster of devices is a group of devices that can provide backup or failover functionality in case of a hardware failure or a network attack.
Layer 2 devices operate at the data link layer of the OSI model and are responsible for forwarding frames based on MAC addresses. They include switches, bridges, and NICs.
Multiple routers are not Layer 2 devices, but Layer 3 devices that operate at the network layer of the OSI model and are responsible for forwarding packets based on IP addresses. Therefore, option A is incorrect.
Multiple switches are Layer 2 devices that can provide redundancy and scalability in the network by using protocols such as spanning tree, link aggregation, and VLANs. They can also support Layer 3 functions such as routing and inter-VLAN routing. Therefore, option B is the correct answer. Multiple firewalls are not Layer 2 devices, but Layer 4 devices that operate at the transport layer of the OSI model and are responsible for filtering traffic based on ports and protocols. They can also provide security services such as NAT, VPN, and IDS. Therefore, option C is incorrect.
Multiple budges is a typo and should be multiple bridges. Bridges are Layer 2 devices that can divide a network into segments and reduce collisions. However, they are less efficient and less intelligent than switches, and they are rarely used in modern networks. Therefore, option D is incorrect.
Reference:
CompTIA Network+ N10-008 Study Guide, Chapter 2: Network Devices, pages 47-48, 51-52, 55-56, 59-60.
Professor Messer’s Network+ Video Course, Section 1.1: Network Devices, videos 1.1.1 – 1.1.4, 1.1.6,
D
Explanation:
A redundant cluster of devices is a group of devices that can provide backup or failover functionality in case of a hardware failure or a network attack.
Layer 2 devices operate at the data link layer of the OSI model and are responsible for forwarding frames based on MAC addresses. They include switches, bridges, and NICs.
Multiple routers are not Layer 2 devices, but Layer 3 devices that operate at the network layer of the OSI model and are responsible for forwarding packets based on IP addresses. Therefore, option A is incorrect.
Multiple switches are Layer 2 devices that can provide redundancy and scalability in the network by using protocols such as spanning tree, link aggregation, and VLANs. They can also support Layer 3 functions such as routing and inter-VLAN routing. Therefore, option B is the correct answer. Multiple firewalls are not Layer 2 devices, but Layer 4 devices that operate at the transport layer of the OSI model and are responsible for filtering traffic based on ports and protocols. They can also provide security services such as NAT, VPN, and IDS. Therefore, option C is incorrect.
Multiple budges is a typo and should be multiple bridges. Bridges are Layer 2 devices that can divide a network into segments and reduce collisions. However, they are less efficient and less intelligent than switches, and they are rarely used in modern networks. Therefore, option D is incorrect.
Reference:
CompTIA Network+ N10-008 Study Guide, Chapter 2: Network Devices, pages 47-48, 51-52, 55-56, 59-60.
Professor Messer’s Network+ Video Course, Section 1.1: Network Devices, videos 1.1.1 – 1.1.4, 1.1.6,
Question #124
A network administrator is implementing process changes based on recommendations following a recent penetration test. The testers used a method to gain access to the network that involved exploiting a publicly available and fixed remote code execution vulnerability in the VPN appliance.
Which of the following should the administrator do to BEST prevent this from happening again?
- A . Change default passwords on internet-facing hardware.
- B . Implement robust ACLs with explicit deny-all entries.
- C . Create private VLANs for management plane traffic.
- D . Routinely upgrade all network equipment firmware.
Correct Answer: D
D
Explanation:
Firmware is the software that runs on network equipment such as routers, switches, and VPN appliances. Firmware updates often contain bug fixes, security patches, and performance improvements that can prevent or mitigate vulnerabilities and attacks. By routinely upgrading all network equipment firmware, a network administrator can ensure that the network devices are running the latest and most secure versions of firmware and avoid exploiting known and fixed remote code execution vulnerabilities in the VPN appliance.
Reference: https://www.comptia.org/training/books/network-n10-008-study-guide (page 462)
D
Explanation:
Firmware is the software that runs on network equipment such as routers, switches, and VPN appliances. Firmware updates often contain bug fixes, security patches, and performance improvements that can prevent or mitigate vulnerabilities and attacks. By routinely upgrading all network equipment firmware, a network administrator can ensure that the network devices are running the latest and most secure versions of firmware and avoid exploiting known and fixed remote code execution vulnerabilities in the VPN appliance.
Reference: https://www.comptia.org/training/books/network-n10-008-study-guide (page 462)
Question #125
At which of the following OSI model layers does a MAC filter list for a wireless infrastructure operate?
- A . Physical
- B . Network
- C . Session
- D . Data link
Correct Answer: D
D
Explanation:
A MAC filter list is a security feature that allows or denies access to a wireless network based on the MAC address of the device. A MAC address is a unique identifier assigned to a network interface card (NIC) at the physical layer of the OSI model. However, MAC filtering operates at the data link layer of the OSI model, where MAC addresses are used to encapsulate and deliver data frames between devices on the same network segment.
Reference: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 3.1: Given a scenario, install and configure wireless LAN infrastructure and implement the appropriate technologies in support of wireless capable devices.
D
Explanation:
A MAC filter list is a security feature that allows or denies access to a wireless network based on the MAC address of the device. A MAC address is a unique identifier assigned to a network interface card (NIC) at the physical layer of the OSI model. However, MAC filtering operates at the data link layer of the OSI model, where MAC addresses are used to encapsulate and deliver data frames between devices on the same network segment.
Reference: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 3.1: Given a scenario, install and configure wireless LAN infrastructure and implement the appropriate technologies in support of wireless capable devices.
Question #126
A network technician is investigating why a core switch is logging excessive amounts of data to the syslog server.
The running configuration of the switch showed the following logging information:
Which of the following changes should the technician make to BEST fix the issue?
- A . Update the logging host IP
- B . Change lo asynchronous logging.
- C . Stop logging SSH events.
- D . Adjust the logging level.
Correct Answer: D
D
Explanation:
The logging level is set to debugging, which is the most verbose and detailed level of logging. This means that the switch will send a lot of information to the syslog server, which can cause excessive network traffic and storage consumption. To fix the issue, the technician should adjust the logging level to a lower value, such as informational or warning, which will reduce the amount of data logged
D
Explanation:
The logging level is set to debugging, which is the most verbose and detailed level of logging. This means that the switch will send a lot of information to the syslog server, which can cause excessive network traffic and storage consumption. To fix the issue, the technician should adjust the logging level to a lower value, such as informational or warning, which will reduce the amount of data logged
Question #127
Which of the following factors should be considered when evaluating a firewall to protect a datacenter’s east-west traffic?
- A . Replication traffic between an on-premises server and a remote backup facility
- B . Traffic between VMs running on different hosts
- C . Concurrent connections generated by Internet DDoS attacks
- D . VPN traffic from remote offices to the datacenter’s VMs
Correct Answer: B
B
Explanation:
When evaluating a firewall to protect a datacenter’s east-west traffic, it is important to consider traffic between VMs running on different hosts. This type of traffic is referred to as east-west traffic and is often protected by internal firewalls. By implementing firewalls, an organization can protect their internal network against threats such as lateral movement, which can be caused by attackers who have breached a perimeter firewall.
Reference: Network+ Certification Study Guide, Chapter 5: Network Security
B
Explanation:
When evaluating a firewall to protect a datacenter’s east-west traffic, it is important to consider traffic between VMs running on different hosts. This type of traffic is referred to as east-west traffic and is often protected by internal firewalls. By implementing firewalls, an organization can protect their internal network against threats such as lateral movement, which can be caused by attackers who have breached a perimeter firewall.
Reference: Network+ Certification Study Guide, Chapter 5: Network Security
Question #128
Access to a datacenter should be individually recorded by a card reader even when multiple employees enter the facility at the same time.
Which of the following allows the enforcement of this
policy?
- A . Motion detection
- B . Access control vestibules
- C . Smart lockers
- D . Cameras
Correct Answer: B
B
Explanation:
The most effective security mechanism against physical intrusions due to stolen credentials would likely be a combination of several of these options. However, of the options provided, the most effective security mechanism would probably be an access control vestibule. An access control vestibule is a secure area that is located between the outer perimeter of a facility and the inner secure area. It is designed to provide an additional layer of security by requiring that individuals pass through a series of security checks before being allowed access to the secure area. This could include biometric authentication, access card readers, and motion detection cameras.
Access control vestibules allow the enforcement of the policy that access to a datacenter should be individually recorded by a card reader even when multiple employees enter the facility at the same time. An access control vestibule is a physical security device that consists of two doors with an interlocking mechanism. Only one door can be opened at a time, and only one person can pass through each door. This prevents tailgating or piggybacking, where unauthorized persons follow authorized persons into a secure area. An access control vestibule can also be integrated with a card reader or other authentication system to record each individual’s access.
Reference: https://www.boonedam.us/blog/what-are-access-control-vestibules
B
Explanation:
The most effective security mechanism against physical intrusions due to stolen credentials would likely be a combination of several of these options. However, of the options provided, the most effective security mechanism would probably be an access control vestibule. An access control vestibule is a secure area that is located between the outer perimeter of a facility and the inner secure area. It is designed to provide an additional layer of security by requiring that individuals pass through a series of security checks before being allowed access to the secure area. This could include biometric authentication, access card readers, and motion detection cameras.
Access control vestibules allow the enforcement of the policy that access to a datacenter should be individually recorded by a card reader even when multiple employees enter the facility at the same time. An access control vestibule is a physical security device that consists of two doors with an interlocking mechanism. Only one door can be opened at a time, and only one person can pass through each door. This prevents tailgating or piggybacking, where unauthorized persons follow authorized persons into a secure area. An access control vestibule can also be integrated with a card reader or other authentication system to record each individual’s access.
Reference: https://www.boonedam.us/blog/what-are-access-control-vestibules
Question #129
A company with multiple routers would like to implement an HA network gateway with the least amount of downtime possible. This solution should not require changes on the gateway setting of the network clients.
Which of the following should a technician configure?
- A . Automate a continuous backup and restore process of the system’s state of the active gateway.
- B . Use a static assignment of the gateway IP address on the network clients.
- C . Configure DHCP relay and allow clients to receive a new IP setting.
- D . Configure a shared VIP and deploy VRRP on the routers.
Correct Answer: D
D
Explanation:
The open standard protocol Virtual Router Redundancy Protocol (VRRP) is similar to HSRP, the differences mainly being in terminology and packet formats. In VRRP, the active router is known as the master, and all other routers in the group are known as backup routers. There is no specific standby router; instead, all backup routers monitor the status of the master, and in the event of a failure, a new master router is selected from the available backup routers based on priority
D
Explanation:
The open standard protocol Virtual Router Redundancy Protocol (VRRP) is similar to HSRP, the differences mainly being in terminology and packet formats. In VRRP, the active router is known as the master, and all other routers in the group are known as backup routers. There is no specific standby router; instead, all backup routers monitor the status of the master, and in the event of a failure, a new master router is selected from the available backup routers based on priority
Question #130
A help desk supervisor reviews the following excerpt of a call transcript:
Which of the following was the agent trying to accomplish with this exchange?
- A . The agent was questioning the obvious.
- B . The agent was verifying full system functionality
- C . The agent was identifying potential effects.
- D . The agent was trying to duplicate the problem.
Correct Answer: D
D
Explanation:
The agent was trying to duplicate the problem by asking the user to perform the same steps that led
to the issue. This is a common troubleshooting technique that helps the agent to identify the root cause of the problem and verify if it is reproducible or intermittent. By duplicating the problem, the agent can also gather more information about the symptoms and error messages that the user encountered.
Reference: [CompTIA Network+ Certification Exam Objectives], [Troubleshooting Methodology – CompTIA Network+ N10-007 – 1.4 | Professor Messer IT Certification Training Courses]
D
Explanation:
The agent was trying to duplicate the problem by asking the user to perform the same steps that led
to the issue. This is a common troubleshooting technique that helps the agent to identify the root cause of the problem and verify if it is reproducible or intermittent. By duplicating the problem, the agent can also gather more information about the symptoms and error messages that the user encountered.
Reference: [CompTIA Network+ Certification Exam Objectives], [Troubleshooting Methodology – CompTIA Network+ N10-007 – 1.4 | Professor Messer IT Certification Training Courses]