N10-007 : CompTIA Network+ : Part 20

NS – Modules 20 – 22

  1. A network topology requires a switch to be placed in an unsecured location. Which of the following techniques should be used to prevent unauthorized access? (Choose two.)

    • Disabling unused ports
    • Upgrading firmware
    • Using secure protocols
    • File hashing
    • MAC filtering
    • Configuring a honeypot
  2. A network technician is assisting a user who has relocated to a newly constructed office space. The user has no network connectivity. A cable tester was used on the port and is reporting that the pairs are open. Which of the following should be used to remedy this problem?

    • Loopback adapter
    • Tone generator
    • Multimeter
    • Punchdown tool
  3. A technician needs to add ten additional Ethernet ports to a small office network. A new basic function switch is added. Hosts connected to the new switch are unable to see any computers on the network other than those connected to the new switch. Which of the following should the technician perform to ensure the hosts on the new switch can communicate with the existing network?

    • Replace the new switch with a hub to ensure Layer 1 connectivity on the new network segment.
    • Move the straight-through Ethernet cable connecting the switches to the first port on both switches.
    • Connect the switches with a cable that has a TIA/EIA 586A wired connector end and a TIA/EIA 586B wired end.
    • Add a second cable connecting the switches for redundancy and disabling STP on both switches.
  4. Before upgrading the firmware on several routers, a technician must verify the firmware file received is the same one the vendor provided. Which of the following should the technician use?

    • 3DES encryption
    • SSL certificate
    • Digital signatures
    • MD5 hash
  5. Which of the following is the MOST secure type of remote administration?

    • SSH over IPsec client-to-site VPN
    • RDP over SSLv2 HTTPS terminal services gateway
    • HTTP over WPA2-TKIP WiFi
    • Telnet over PSTN
  6. A wireless access point that was working in a large warehouse last week is now offline. The technician observes there is no power to the device. The technician verifies PoE is working on the switchport, and then confirms the wireless access point is still not powering up. Which of the following is the MOST likely issue?

    • Attenuation
    • Incorrect pin-out
    • Damaged cable
    • Switch misconfiguration
  7. A network engineer is trying to determine where to place a firewall based on the flow of traffic. Which of the following types of documentation would assist the engineer in doing this?

    • Change management
    • Rack diagram
    • Network configuration
    • Network diagram
  8. A user believes a work email account has been compromised. A technician discovers that an email seeming to be from the user’s bank shares the same origin IP address as the last login to the email account. Which of the following types of attack is described in this scenario?

    • Spam
    • Ransomware
    • Man-in-the-middle
    • Phishing
  9. A customer wants to set up a guest wireless network for visitors. The customer prefers to not have a password on the network. Which of the following should a technician set up to force guests to provide information before using the network?

    • Single sign-on
    • RADIUS
    • TACACS+
    • Captive portal
  10. A zero-day vulnerability is discovered that affects a specific network device. This vulnerability only affects services on port 21. This network device is restricted to use only secure protocols and services. Which of the following explains why this device is secure?

    • Because secure protocols would reject malicious packets
    • Because SCP is not a secure service
    • Because FTP is not a secure service
    • Because a secure firewall will protect the device
  11. Which of the following protocols is used by Active Directory for authentication?

    • SSH
    • SFTP
    • LDAP
    • TLS
  12. When deploying UTP cables in a networking environment, which of the following are acceptable standards? (Choose two.)

    • 10Base2
    • 10Base5
    • 10GBaseT
    • 1000BaseLX
    • 1000BaseSX
    • 1000BaseT
  13. Which of the following is the physical location where the customer-premise equipment comes together with the ISP or third-party telecommunications equipment?

    • Server room
    • Equipment closet
    • Demarcation point
    • Intermediate distribution frame
  14. A vulnerability that would allow an unauthenticated, remote attacker to originate a DoS attack was found in a DHCP client implementation of a switch. Which of the following would BEST resolve the issue?

    • Verify the default passwords have been changed.
    • Upgrade to the latest firmware
    • Generate new SSH keys.
    • Review and modify the firewall rules.
  15. A human resources manager notifies the IT manager the night before an employee will be terminated so the employee’s access rights can be removed. Which of the following policies is being exercised?

    • Privileged user agreement
    • AUP
    • Non-disclosure agreement
    • Offboarding
  16. Log files show the admin user has logged into a public-facing device on several occasions in the evening. None of the technicians admit to doing any after-hours work, and the password has been changed several times but failed to prevent the logins. Which of the following should be the NEXT step to attempt to harden the device?

    • Disable unused ports.
    • Reset the two-factor token.
    • Disable virtual ports.
    • Upgrade the firmware.
  17. A network technician is setting up the wireless network for a company’s new branch office. After doing a site survey, the technician discovers there is a lot of interference from 2.4GHz devices at the location on channel 11. Which of the following would be the BEST channel on which to set up the WAPs?

    • Channel 6
    • Channel 7
    • Channel 9
    • Channel 10
  18. A network technician has deployed a new 802.11ac network and discovers some of the legacy POS equipment only supports WPA and 802.11a. Which of the following is the MOST secure method of connecting all devices while avoiding a performance impact to modern wireless devices?

    • Configure the APs to use LEAP authentication to support WPA rather than WPA2 for full compatibility.
    • Connect modern devices under the 5GHz band while dedicating the 2.4GHz band to legacy devices.
    • Connect the legacy devices with a PSK while the modern devices should use the more secure EAP.
    • Create two SSIDs, one to support CCMP-AES encryption and one with TKIP-RC4 encryption.
  19. Which of the following BEST describes the characteristics of a differential backup solution?

    • Backs up files with the creation or modified date as the current date.
    • Backs up all files and sets the archive bit.
    • Backs up files with a date earlier than today’s date with a clear archive bit.
    • Backs up files with the archive bit set but does not clear the bit.
  20. A technician has been asked to diagnose problems with DHCP addressing on a VLAN. The DHCP server responds to pings from the technician’s machine. Which of the following should the technician use to help diagnose the problem?

    • Packet sniffer
    • netstat
    • nslookup
    • Spectrum analyzer

NS – Modules 20 – 22