Ensurepass

CompTIA Network+ Certification Exam

 

QUESTION 81

During a check of the security control measures of the company network assets, a network administrator is explaining the difference between the security controls at the company. Which of the following would be identified as physical security controls? (Select THREE).

 

A.

RSA

B.

Passwords

C.

Man traps

D.

Biometrics

E.

Cipher locks

F.

VLANs

G.

3DES

 

Correct Answer: CDE

Explanation:

Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.

C: A mantrap is a mechanical physical security devices for catching poachers and trespassers. They have taken many forms, the most usual being like a large foothold trap, the steel springs being armed with teeth which met in the victim’s leg.

D: Biometric authentication is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure accessto electronic systems. Biometric authentication is a physical security device.

E: Cipher locks are used to control access to areas such as airport control towers, computer rooms, corporate offices, embassies, areas within financial institutions, research and development laboratories, and storage areas holding weapons, controlled substances, etc. Cipher locks are physical security devices.

 

 

QUESTION 82

Which of the following describes a smurf attack?

 

A.

Attack on a target using spoofed ICMP packets to flood it

B.

Intercepting traffic intended for a target and redirecting it to another

C.

Spoofed VLAN tags used to bypass authentication

D.

Forging tags to bypass QoS policies in order to steal bandwidth

 

Correct Answer: A

Explanation:

The Smurf Attack is a distributed denial-of-service attack in which largenumbers of Internet Control Message Protocol (ICMP) packets with the intended victim’s spoofed source IP are broadcast to a computer network using an IP Broadcast address.

Most devices on a network will, by default, respond to this by sending a reply to the source IP address. If the number of machines on the network that receive and respond to these packets is very large, the victim’s computer will be flooded with traffic. This can slow down the victim’s computer to the point where it becomes impossible towork on.

 

 

QUESTION 83

A technician needs to install software onto company laptops to protect local running services, from external threats. Which of the following should the technician install and configure on the laptops if the threat is network based?

 

A.

A cloud-based antivirus system with a heuristic and signature based engine

B.

A network based firewall which blocks all inbound communication

C.

A host-based firewall which allows all outbound communication

D.

A HIDS to inspect both inbound and outbound network communication

 

Correct Answer: C

Explanation:

A host-based firewall is a computer running firewall software that can protect the computer itself. For example, it can prevent incoming connections to the computer and allow outbound communication only.

 

 

 

 

 

 

QUESTION 84

Which of the following types of network would be set up in an office so that customers could access the Internet but not be given access to internal resources such as printers and servers?

 

A.

Quarantine network

B.

Core network

C.

Guest network

D.

Wireless network

 

Correct Answer: C

Explanation:

A wireless guest network could be set up so that it haslimited access (no access to local resources) but does provide Internet access for guest users.

 

 

QUESTION 85

Which of the following concepts are MOST important for a company’s long term health in the event of a disaster? (Select TWO).

 

A.

Redundancy

B.

Implementing acceptable use policy

C.

Offsite backups

D.

Uninterruptable power supplies

E.

Vulnerability scanning

 

Correct Answer: AC

Explanation:

In case of disaster you must protect yourdata. Some of the most common strategies for data protection include:

backups made to tape and sent off-site at regular intervals

backups made to disk on-site and automatically copied to off-site disk, or made directly to off-site disk

the use of high availability systems which keep both the data and system replicated off-site (making the main site redundant), enabling continuous access to systems and data, even after a disaster.

 

 

QUESTION 86

Ann, a network technician, was asked to remove a virus. Issues were found several levels deep within the directory structure. To ensure the virus has not infected the .mp4 files in the directory, she views one of the files and believes it contains illegal material. Which of the following forensics actions should Ann perform?

 

A.

Erase the files created by the virus

B.

Stop and escalate to the proper authorities

C.

Check the remaining directories for more .mp4 files

D.

Copy the information to a network drive to preserve the evidence

 

Correct Answer: B

Explanation:

Computer forensics is about legal evidence found in computers and digital storage.

A plan should includefirst responders securing the area and then escalating to senior management and authorities when required by policy or law.

 

QUESTION 87

A technician needs to ensure that new systems are protected from electronic snooping of Radio Frequency emanations. Which of the following standards should be consulted?

 

A.

DWDM

B.

MIMO

C.

TEMPEST

D.

DOCSIS

 

Correct Answer: C

Explanation:

Tempest was the name of a government project to study the ability to understand the data over a network by listening to the emanations. Tempest rooms are designed to keep emanations contained in that room to increasesecurity of data communications happening there.

 

 

QUESTION 88

Packet analysis reveals multiple GET and POST requests from an internal host to a URL without any response from the server. Which of the following is the BEST explanation that describes this scenario?

 

A.

Compromised system

B.

Smurf attack

C.

SQL injection attack

D.

Man-in-the-middle

 

Correct Answer: A

Explanation:

As the extra unexplainable traffic comes from an internal host on your network we can assume that this host has been compromised.

If your system has been compromised, somebody is probably using your machine–possibly to scan andfind other machines to compromise

 

 

QUESTION 89

A wireless network technician for a local retail store is installing encrypted access points within the store for real-time inventory verification, as well as remote price checking capabilities, while employees are away from the registers. The store is in a fully occupied strip mall that has multiple neighbors allowing guest access to the wireless networks. There are a finite known number of approved handheld devices needing to access the store’s wireless network. Which of the following is the BEST security method to implement on the access points?

 

A.

Port forwarding

B.

MAC filtering

C.

TLS/TTLS

D.

IP ACL

 

Correct Answer: B

Explanation:

MAC filtering allows traffic to be permitted or denied based on a device’s MAC address. We make a MAC filtering which contains the MAC addresses of all approved devices that need to access the wireless network. This ensures that only approved devices are given access to the network.

 

 

QUESTION 90

A network technician is assisting the company with developing a new business continuity plan. Which of the following would be an appropriate suggestion to add to the plan?

 

A.

Build redundant links between core devices

B.

Physically secure all network equipment< /p>

C.

Maintain up-to-date configuration backups

D.

Perform reoccurring vulnerability scans

 

Correct Answer: A

Explanation:

The business continuity plan focuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster.

By keeping redundant links between core devices critical business services can be kept running if one link is unavailable during a disaster.

 

Free VCE & PDF File for CompTIA N10-006 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …