CompTIA N10-008 CompTIA Network+ Certification Exam Practice Test

Answer : D

A brute-force attack is a method of guessing passwords by trying every possible combination of characters until the correct one is found. The longer and more complex the password, the harder it is to crack by brute-force. A password that provides the best defense against a brute-force attack should have a combination of uppercase and lowercase letters, numbers, and special characters, and should be as long as possible. The password T5!8j5 meets these criteria, while the other options are either too short, too simple, or too common.

Password Attacks -- N10-008 CompTIA Network+ : 4.21

CompTIA Network+ Cert Guide: Security Concepts and Tools, page 25

: https://www.pearsonitcertification.com/articles/article.aspx?p=3021579&seqNum=2

Answer : B

A role-based access control (RBAC) policy is a security measure that assigns permissions and privileges to users based on their roles and responsibilities within an organization. RBAC helps to enforce the principle of least privilege, which states that users should only have the minimum level of access required to perform their tasks. RBAC also helps to prevent unauthorized access, modification, or misuse of sensitive data or resources by limiting the scope and impact of user actions.

A software patching policy, firewalls on the software development servers, and longer and more complex password requirements are all good security practices, but they do not directly address the issue of preventing the former software developer from modifying code. A software patching policy ensures that software is updated regularly to fix bugs and vulnerabilities, but it does not prevent a user from introducing new code changes. Firewalls on the software development servers protect the servers from external attacks, but they do not prevent a user from accessing the servers internally. Longer and more complex password requirements make it harder for attackers to guess or crack passwords, but they do not prevent a user from using their own valid credentials.

Reference

1: Role-Based Access Control (RBAC) - Definition and Examples

2: Network+ (Plus) Certification | CompTIA IT Certifications

3: [What is the Principle of Least Privilege? - Definition from Techopedia]

Answer : D

The best security measure to implement when removing a computer from a cubicle is to remove the employee's network access. This will prevent the employee from accessing any network resources or data from the computer, as well as prevent any unauthorized users from using the computer to access the network. Removing the employee's network access can be done by deleting or disabling the user account, revoking the credentials, or changing the permissions.

The other options are not as effective or necessary as removing the employee's network access. They are:

* Disabling DHCP on the computer being removed will prevent the computer from obtaining an IP address from the network, but it will not prevent the computer from using a static IP address or accessing the network through another device.

* Placing the switch port in a private VLAN will isolate the computer from other devices on the network, but it will not prevent the computer from accessing the network through another port or device.

* Applying a firewall rule to block the computer's IP address will prevent the computer from communicating with the network, but it will not prevent the computer from changing its IP address or accessing the network through another device.

Reference

1: CompTIA Network+ N10-008 Cert Guide - O'Reilly Media

2: Network+ (Plus) Certification | CompTIA IT Certifications

3: 10 Ways to Secure Office Workstations - Computer Security

Answer : D

A /27 subnet mask has 32 IP addresses, of which 30 are usable for hosts. This is the smallest subnet that can accommodate 31 laptops, as the other options have either too few or too many IP addresses. A /27 subnet mask is equivalent to 255.255.255.224 in decimal notation, and has a wildcard mask of 0.0.0.31. The network address is 10.10.10.0, and the broadcast address is 10.10.10.31. The usable host range is 10.10.10.1 to 10.10.10.30.

Reference

1: Subnet Cheat Sheet -- 24 Subnet Mask, 30, 26, 27, 29, and other IP Address CIDR Network Reference

2: IP Subnet Calculator

Answer : A

DHCP exhaustion is a situation where the DHCP server runs out of available IP addresses to assign to clients. This can happen due to misconfiguration, malicious attacks, or high demand. When a client requests an IP address from the DHCP server and does not receive a response, it may resort to using an APIPA address, which is a self-assigned address in the range of 169.254.0.1 to 169.254.255.254. APIPA addresses are only valid for local communication and cannot access the internet or other networks. Therefore, a workstation showing an APIPA address indicates that it failed to obtain a valid IP address from the DHCP server, most likely due to DHCP exhaustion

Answer : B

MAN stands for Metropolitan Area Network, and it is a type of network that covers a large geographic area, such as a city or a county. MANs are often used to connect multiple LANs (Local Area Networks) within a region, such as schools, offices, or government buildings. MANs typically use high-speed and high-capacity transmission media, such as fiber-optic cables, to provide fast and reliable data communication. MANs can also provide access to WANs (Wide Area Networks), such as the Internet, or other services, such as cable TV or VoIP.

The other options are not correct because they are not the type of network that covers a large city. They are:

LAN. LAN stands for Local Area Network, and it is a type of network that covers a small geographic area, such as a home, an office, or a building. LANs are often used to connect multiple devices, such as computers, printers, or phones, within a single network. LANs typically use low-cost and low-capacity transmission media, such as twisted-pair cables, to provide data communication. LANs can also provide access to other networks, such as MANs or WANs, through routers or gateways.

CAN. CAN stands for Campus Area Network, and it is a type of network that covers a moderate geographic area, such as a university, a hospital, or a military base. CANs are often used to connect multiple LANs within a campus, such as different departments, buildings, or facilities. CANs typically use medium-cost and medium-capacity transmission media, such as coaxial cables, to provide data communication. CANs can also provide access to other networks, such as MANs or WANs, through routers or gateways.

WAN. WAN stands for Wide Area Network, and it is a type of network that covers a very large geographic area, such as a country, a continent, or the world. WANs are often used to connect multiple MANs or LANs across different regions, such as different cities, states, or countries. WANs typically use high-cost and high-capacity transmission media, such as satellite links, to provide data communication. WANs can also provide access to various services, such as the Internet, email, or VPN.

Reference 1:What is a Metropolitan Area Network (MAN)? - Definition from Techopedia 2:Network+ (Plus) Certification | CompTIA IT Certifications 3:What is a Local Area Network (LAN)? - Definition from Techopedia 4:What is a Campus Area Network (CAN)? - Definition from Techopedia 5:What is a Wide Area Network (WAN)? - Definition from Techopedia

Answer : D

SNMP stands for Simple Network Management Protocol, and it is a protocol that allows network devices to communicate their status, performance, and configuration information to a central management system. SNMP can be used to monitor and manage various aspects of network devices, such as CPU usage, memory utilization, interface statistics, temperature, voltage, power supply, etc. SNMP can also generate alerts or notifications when certain events or thresholds are reached, such as a power supply failure, a link down, or a high traffic volume. SNMP is widely used for network monitoring and troubleshooting purposes, as it provides a comprehensive and detailed view of the network health and performance.

The other options are not correct because they are not protocols that allow for detailed device monitoring. They are:

TFTP. TFTP stands for Trivial File Transfer Protocol, and it is a protocol that allows for simple and fast file transfer between network devices. TFTP is often used to transfer configuration files, firmware updates, or boot images to network devices, such as routers, switches, or firewalls. TFTP does not provide any monitoring or management capabilities for network devices, nor does it generate any alerts or notifications.

TLS. TLS stands for Transport Layer Security, and it is a protocol that provides encryption and authentication for data transmission over a network. TLS is often used to secure web traffic, email, or other applications that use TCP as the transport protocol. TLS does not provide any monitoring or management capabilities for network devices, nor does it generate any alerts or notifications.

SSL. SSL stands for Secure Sockets Layer, and it is a protocol that provides encryption and authentication for data transmission over a network. SSL is the predecessor of TLS, and it is still used to secure some web traffic, email, or other applications that use TCP as the transport protocol. SSL does not provide any monitoring or management capabilities for network devices, nor does it generate any alerts or notifications.

Reference 1:What is SNMP? - Definition from WhatIs.com 2:Network+ (Plus) Certification | CompTIA IT Certifications 3:What is TFTP? - Definition from WhatIs.com 4:What is TLS? - Definition from WhatIs.com 5:What is SSL? - Definition from WhatIs.com