Ensurepass

CompTIA Network+ Certification Exam

 

QUESTION 91

Which of the following is a security benefit gained from setting up a guest wireless network?

 

A.

Optimized device bandwidth

B.

Isolatedcorporate resources

C.

Smaller ACL changes

D.

Reduced password resets

 

Correct Answer: B

Explanation:

A wireless guest network could be set up so that it has limited access (no access to local resources) but does provide Internet access for guest users. The corporate resources would be inaccessible (isolated) from the guest network.

 

 

QUESTION 92

A company has decided to update their usage policy to allow employees to surf the web unrestricted from their work computers. Which of the following actions should the IT security team implement to help protect the network from attack as a result of this new policy?

 

A.

Install host-based anti-malware software

B.

Implement MAC filtering on all wireless access points

C.

Add an implicit deny to the core router ACL

D.

Block port 80 outboundon the company firewall

E.

Require users to utilize two-factor authentication

 

Correct Answer: A

Explanation:

To protect the computers from employees installing malicious software they download on the internet, antimalware should be run on all systems.

After asingle machine in a company is compromised and is running malicious software (malware), the attacker can then use that single computer to proceed further into the internal network using the compromised host as a pivot point. The malware may have been implemented by an outside attacker or by an inside disgruntled employee.

 

 

 

QUESTION 93

Which of the following would be the result of a user physically unplugging a VoIP phone and connecting it into another interface with switch port security enabled as the default setting?

 

A.

The VoIP phone would request a new phone number from the unified communications server.

B.

The VoIP phone would cause the switch interface, that the user plugged into, to shutdown.

C.

The VoIP phone would be able to receive incoming calls but will not be able to make outgoing calls.

D.

The VoIP phone would request a different configuration from the unified communications server.

 

Correct Answer: B

Explanation:

Without configuring any other specific parameters, the switchport security feature will only permit one MAC address to be learned per switchport (dynamically) and use the shutdown violation mode; this means that if a second MAC address is seen on the switchport the port will be shutdown and put into the err-disabled state.

 

 

QUESTION 94

A technician wants to securely manage several remote network devices. Which of the following should be implemented to securely manage the devices?

 

A.

WPA2

B.

IPv6

C.

SNMPv3

D.

RIPv2

 

Correct Answer: C

Explanation:

To manage the remote network devices we need to use a network management protocol. SNMP has become the de facto standard of network management protocols. The security weaknesses of SNMPv1 and SNMPv2c are addressed inSNMPv3.

 

 

QUESTION 95

The ability to make access decisions based on an examination of Windows registry settings, antivirus software, and AD membership status is an example of which of the following NAC features?

 

A.

Quarantine network

B.

Persistent agents

C.

Posture assessment

D.

Non-persistent agents

 

Correct Answer: C

Explanation:

Network Admission Control (NAC) can permit or deny access to anetwork based on characteristics of the device seeking admission, rather than just checking user credentials. For example, a client’s OS, Windows Registry settings, AD membership status, and version of antivirus software could be checked against a set of requirements before allowing the client to access a network.

This process of checking a client’s characteristics is called posture assessment.

 

 

QUESTION 96

An organization notices a large amount of malware and virus incidents at one satellite office, but hardly any at another. All users at both sites are running the same company image and receive the same group policies. Which of the following has MOST likely been implemented at the site with the fewest security issues?

 

A.

Consent to monitoring

B.

Business continuity measures

C.

Vulnerability scanning

D.

End-user awareness training

 

Correct Answer: D

Explanation:

Users should have security awareness training and should have all accepted and signed acceptable usepolicy (AUP) agreements. User awareness training is one of the most significant countermeasures the company can implement.

 

 

QUESTION 97

A network technician has been tasked to configure a new network monitoring tool that will examine interface settings throughout various network devices. Which of the following would need to be configured on each network device to provide that information in a secure manner?

 

A.

S/MIME

B.

SYSLOG

C.

PGP

D.

SNMPv3

E.

RSH

 

Correct Answer: D

Explanation:

The network monitoring need to use a network management protocol. SNMP has become the de facto standard of network management protocols. The securityweaknesses of SNMPv1 and SNMPv2c are addressed in SNMPv3.

 

 

QUESTION 98

An administrator only has telnet access to a remote workstation. Which of the following utilities will identify if the workstation uses DHCP?

 

A.

tracert

B.

ping

C.

dig

D.

ipconfig

E.

netstat

 

Correct Answer: D

Explanation:

The ipconfig command displays the TCP/IP configuration of a Windows system. The ipconfig /all command displays the system’s TCP/IPconfiguration in detail. This output includes whether DHCP is enabled or not.

 

 

 

QUESTION 99

A network technician has received comments from several users that cannot reach a particular website. Which of the following co
mmands would provide the BEST information about the path taken across the network to this website?

 

A.

ping

B.

netstat

C.

telnet

D.

tracert

 

Correct Answer: D

Explanation:

The tracert command is used to determine the amount of hops a packet takes to reach a destination. It makesuse of ICMP echo packets to report information at every step in the journey. This is how the path taken across the network is obtained.

 

 

QUESTION 100

A user connects to a wireless network at the office and is able to access unfamiliar SMB shares and printers. Which of the following has happened to the user?

 

A.

The user is connected using the wrong channel.

B.

The user is connected to the wrong SSID.

C.

The user is experiencing an EMI issue.

D.

The user is connected to the wrong RADIUS server.

 

Correct Answer: B

Explanation:

The user is connecting to an SSID assignedto a different subnet. Therefore, the user has access to SMB shares and printers that are not recognizable.

 

Free VCE & PDF File for CompTIA N10-006 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …