Network+ N10-008 - 4.0 Network Security

Ref:📕CompTIA Network+ Review Guide: Exam N10-008 5th Edition

Network+ N10-008 – 4.0 Network Security

1 / 125

What are the responsibilities of a Security Information and Event Management (SIEM) system?

A. Data collection, identifying anomalies, and deploying countermeasures

B. Definition of user permissions and roles within the network

C. Maintenance of network hardware and software

D. Analysis and interpretation of network traffic

Incorrect

Correct!

Explanation: A SIEM system is responsible for collecting data (usually in the form of logs), identifying anomalies in that data, and taking actions based on the identified anomalies, which can range from sending a notification to actively blocking a threat.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 473 in PDF)

2 / 125

What method of sanitization is typically used for magnetic drives?

A. Overwriting data with 1s and 0s

B. Using a vendor-specific tool

C. Degaussing the disk

D. Destroying the disk physically

Incorrect

Correct!

Explanation: The sanitization of magnetic drives requires the overwriting of data because the data is stored magnetically on the platter. The data is erased by writing 1s and 0s to each addressable cluster location in the filesystem.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 524 in PDF)

3 / 125

What server does the 802.1X typically use for authentication?

A. HTTP

B. SMTP

C. RADIUS

D. DHCP

Incorrect

Correct!

Explanation: The 802.1X protocol commonly uses RADIUS as the authentication server as mentioned in the text. This process is used to verify the credentials and control access to the network.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 469 in PDF)

4 / 125

According to the text, why is employee training important in prevention methods for unauthorized physical access?

A. It allows the employees to identify physical security risks and may mitigate the risk without additional help.

B. It allows employees to adopt an authoritarian attitude that endangers the organization’s security.

C. It allows employees to prop the door to get back in.

D. It allows employees to take more frequent breaks.

Incorrect

Correct!

Explanation: The text highlights the importance of employee training, arguing that employees, through effective training, can identify potential security risks and sometimes mitigate them without additional help. This is due to their everyday presence and interaction with the physical security of the organization.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 519 in PDF)

5 / 125

What advantage does role-based access have over individual file-based permissions?

A. Role-based access allows for more granularity in permission settings.

B. Role-based access significantly simplifies permission settings by grouping specific rights into roles.

C. Role-based access prevents users from sharing documents in a meeting.

D. Role-based access only applies to cloud-based applications.

Incorrect

Correct!

Explanation: Role-based access simplifies the permission settings by assigning users specific roles that already have established rights, instead of assigning individual permissions. This both reduces complexity and minimizes potential errors.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 457 in PDF)

6 / 125

What is a common feature of biometric access control systems?

A. They use a person’s physical characteristics to allow access.

B. They rely solely on electronic badges for identification.

C. They allow anyone to access a system if they have the correct password.

D. They are only used in secret government installations and are not applicable to general businesses.

Incorrect

Correct!

Explanation: Biometric access control systems use unique physical or behavioral characteristics of a person to grant or deny access. The most common forms of biometrics are fingerprints, facial features, iris or retinal scans, and voice. The description in the text explains that fingerprint recognition is most common.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 520 in PDF)

7 / 125

What is the characteristic of an amplified DoS attack?

A. The attack is directly executed without a third-party server.

B. The attack relies on one victim.

C. The attack makes a small request to the third-party server that yields a larger response to the victim.

D. The source of the DoS is varied and it employs many bots.

Incorrect

Correct!

Explanation: By definition, an amplified DoS attack involves making a small request to a third-party server that results in a larger response being sent to the victim. Taking advantage of server capabilities like DNS and NTP, the attacker can cause a disproportionately large traffic signal to be sent to the victim based on a relatively small initial request, greatly magnifying the impact of the attack.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 477 in PDF)

8 / 125

According to the text, what considerations should be made when disposing of assets?

A. Accounting practices, environmental compliance, recycling, and physical security

B. Cost of recycling and disposal

C. Location of disposal

D. Value of the asset on disposal

Incorrect

Correct!

Explanation: The text specifies that when disposing of assets, considerations must be made regarding accounting practices, environmental compliance, recycling, and physical security which also includes the residual data on the equipment.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 523 in PDF)

9 / 125

According to the given text, what does multifactor authentication entail?

A. It requires only a strong password.

B. It involves merging location-based authentication with something a user does.

C. It includes only biometric and physical security.

D. It combines two or more authentication methods.

Incorrect

Correct!

Explanation: Multifactor authentication tackles the issue of a compromised single-factor authentication method by integrating multiple authentication methods. This could include a combination of physical security (something you have), biometrics (something you are), passwords (something you know), location data (somewhere you are), or behavioral attributes (something you do).

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 465 in PDF)

10 / 125

What is MAC spoofing used for in network attacks?

A. To guess the password of a user

B. To bypass firewalls and captive portals by using MAC Authentication Bypass (MAB)

C. To carry out dictionary or brute-force password attacks

D. To induce automatic lockouts on other users’ accounts

Incorrect

Correct!

Explanation: MAC spoofing refers to the technique where an attacker mimics the MAC address of a validated device to bypass network security measures like firewalls or captive portals using the MAC Authentication Bypass protocol. This method is commonly used in networks that allow self-registration of devices.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 484 in PDF)

11 / 125

Which EAP method was jointly developed by Cisco, Microsoft, and RSA Security?

A. Protected Extensible Authentication Protocol (PEAP)

B. Extensible Authentication Protocol – Flexible Authentication via Secure Tunneling (EAP-FAST)

C. Extensible Authentication Protocol – Transport Layer Security (EAP-TLS)

D. Lightweight Extensible Authentication Protocol (LEAP)

Incorrect

Correct!

Explanation: Protected Extensible Authentication Protocol (PEAP) is jointly developed by Cisco, Microsoft, and RSA Security and works in conjunction with 802.1X authentication systems and provides Transport Layer Security (TLS).

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 501 in PDF)

12 / 125

Why is it necessary to disable unneeded switchports on a network device?

A. To prevent remote exploits through TCP/IP ports.

B. To provide additional bandwidth for network traffic.

C. To allow for easier network management.

D. To avoid physical exploits by an attacker with physical access to the switch.

Incorrect

Correct!

Explanation: Unused switchports on network devices can be exploited by an attacker with physical access to the switch. If they are not disabled or protected, an attacker can connect a device, such as a laptop or a wireless access point, to these ports and gain access to the network.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 493 in PDF)

13 / 125

What is a key distinguishing feature of a virus compared to other types of malware?

A. A virus is not self-replicating

B. A virus injects its payload into documents and executables

C. A virus can only be found in certain regions of the world

D. A virus is less harmful than other types of malware

Incorrect

Correct!

Explanation: A virus distinguishes itself from other malware because it is self-replicating code that often injects its payload into documents and executables. This is done in an attempt to infect more users and systems.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 486 in PDF)

14 / 125

Which of the following measures can be used to enhance the confidentiality of information according to the CIA triad?

A. Use of redundant systems

B. Restoration of information from two perspectives

C. Use of access control lists (ACLs) for the integrity of data.

D. Use of physical locks, authentication, encryption, and firewalls

Incorrect

Correct!

Explanation: From the text, it is clear that confidentiality, as part of the CIA triad, can be achieved with physical locks, file cabinets, safes, and, in extreme cases, security guards. Confidentiality can also be achieved electronically with authentication, encryption, and firewalls. These measures limit access to only the individuals allowed to access the information while denying access for those individuals who are restricted from accessing the information.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 454 in PDF)

15 / 125

Which type of DoS attack employs multiple compromised servers or hosts that are controlled by a cybercriminal?

A. Reflective DoS

B. Amplified DoS

C. Distributed DoS (DDoS)

D. DNS Poisoning

Incorrect

Correct!

Explanation: A distributed denial-of-service (DDoS) is a more common type of DoS attack that uses multiple compromised servers or hosts, cast as bots, to create a botnet. The large number of sources makes it difficult to block or isolate the DoS. The bad actor controls the botnet using a command and control server, which is often a compromised server as well.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 475 in PDF)

16 / 125

What is one of the key benefits of good employee training on security in an organization?

A. Employees can recognize and potentially mitigate security risks.

B. Employees can bypass security protocols if they are well-known.

C. Employees can skip breaks to maintain secure areas.

D. Employees can start officially managing security in place of the management.

Incorrect

Correct!

Explanation: Well-trained employees can identify when a threat exists and anticipate the potential risks associated with that threat being carried out. In some cases, they might be able to address the risk without external assistance, thereby bolstering the organization’s security.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 519 in PDF)

17 / 125

What is the purpose of Phase 0 in EAP-FAST?

A. To establish a secure tunnel

B. To authenticate the supplicant and authentication server

C. To create a shared secret for use in Phase 1

D. To replace previous authentication protocols like LEAP

Incorrect

Correct!

Explanation: Phase 0 in EAP-FAST (Extensible Authentication Protocol – Flexible Authentication via Secure Tunneling) is when in-band provision occurs to create a shared secret that will be used in Phase 1 to establish a secure tunnel.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 502 in PDF)

18 / 125

What is the primary use of Terminal Access Controller Access Control System+ (TACACS+) protocol?

A. Control the flow of network traffic

B. Authorization, authentication and auditing of routers and switches

C. Handle requests for e-mail

D. Encrypt and decrypt data sent over the network

Incorrect

Correct!

Explanation: The TACACS+ protocol is primarily used for authorization, authentication, and auditing of routers and switches. It was developed by Cisco as an open standard.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 466 in PDF)

19 / 125

According to the text, which of the following best describes brute-force attack methods in password attacks?

A. They are always the most effective methods of password attacks.

B. They are only possible in online systems.

C. They involve guessing common words from a dictionary of commonly used passwords.

D. They involve trying every combination of a password until access is granted, and can be employed in online and offline methods.

Incorrect

Correct!

Explanation: According to the text, brute-force attacks involve trying every combination of a password until access is granted. This method is a last resort in password attacks and can be employed in both online, which is attempting to crack the password directly on the application, and offline methods, which involves theft of the credentials file and attempting the attack on the offline credentials file.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 483 in PDF)

20 / 125

What is the purpose of a console router in a network?

A. To provide wireless connectivity

B. To allow console CLI access for configuration and diagnostics

C. To serve as a firewall

D. To increase the total bandwidth of the network

Incorrect

Correct!

Explanation: The console router is used by the technician to give access to the console CLI (command-line interface). This is useful for out-of-band configuration and diagnostics or initial setup.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 513 in PDF)

21 / 125

What does a phishing attack typically attempt to collect?

A. The target’s supervisor’s name

B. The target’s home address

C. Usernames, passwords, and other personally identifiable information (PII)

D. The organization’s capital resources

Incorrect

Correct!

Explanation: Phishing is a social engineering attack that is typically performed via email to gather usernames, passwords and other personally identifiable information. The attacker crafts an email resembling the system’s interface and asks the user to input their information, usually through a link to a compromised website.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 487 in PDF)

22 / 125

What is the main concern in doing a factory reset with a piece of equipment?

A. The equipment will completely discard its configuration

B. The vendor may not have a clear procedure for factory reset

C. Stateful information may still be recoverable after resetting

D. The Reset process takes too long

Incorrect

Correct!

Explanation: Although factory reset means that the configuration of the equipment will be wiped out, it does not always mean that all stateful information will also be deleted beyond recovery. This is particularly true for computers, where data may still be recoverable post-reset, depending on the method. Therefore, it is important to refer to the vendor’s documentation for proper decommissioning procedures.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 524 in PDF)

23 / 125

Which concept ensures a user is given no more privileges than what is required for his/her role in the context of remote access?

A. Principle of least privilege

B. Two-Factor Authentication

C. Azure Active Directory Risky Sign-in feature

D. Machine Learning

Incorrect

Correct!

Explanation: The principle of least privilege ensures that a user is given no more access rights than what is necessary for them to perform their duties. This is a fundamental concept of IT security and is critical to minimizing potential damage upon security incidences. In the context of remote access, this principle specifically applies to what resources a user can access in the organization’s internal network when working remotely.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 511 in PDF)

24 / 125

Which of the following options best describe how data integrity in transit is ensured?

A. By using physical locks like doors and safes

B. By using the Authentication Header (AH) protocol

C. By using file cabinets and security guards

D. By creating point-in-time snapshot of the data

Incorrect

Correct!

Explanation: Data integrity in transit can be ensured using signatures and checksums, such as the use of the Authentication Header (AH) protocol. This ensures that the data is not altered as it is being transmitted across the network.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 454 in PDF)

25 / 125

What is the purpose of a penetration test in a ‘security assessment’?

A. To avoid a red team vs. blue team scenario

B. To assess the security posture of the employees

C. To execute and exploit known vulnerabilities to test the security of a network

D. To provide a script for the security team to follow

Incorrect

Correct!

Explanation: In a security assessment, a penetration test is carried out to exploit the known vulnerabilities in a network. This is done in order to test the security of the network, and to see how it would hold up against an actual attack.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 472 in PDF)

26 / 125

What type of encryption does SSH use to provide authentication between the SSH client and server?

A. Symmetrical encryption

B. Asymmetrical encryption

C. Hashing encryption

D. Block cipher encryption

Incorrect

Correct!

Explanation: Secure Shell (SSH) uses asymmetrical encryption, or public-private keypair, to provide authentication between the SSH client and server.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 510 in PDF)

27 / 125

What is the correct method to sanitize a solid-state drive (SSD) for disposal?

A. Overwriting the data with 1s and 0s

B. Using a degaussing magnet

C. Physical Destruction

D. Using a vendor-specific tool

Incorrect

Correct!

Explanation: Solid state drives contain non-volatile memory chips and they use proprietary algorithms to arrange the data in the memory. So, these drives cannot be sanitized by the systematic writing of 1s and 0s to erase the underlying data. These devices typically require a vendor-specific tool that can erase the entire drive. Each vendor will have a proprietary tool to sanitize the data, and therefore you should always check with the vendor when preparing to sanitize an SSD.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 524 in PDF)

28 / 125

What does an On-Path Attack allow an attacker to do?

A. Allows the attacker to physically damage the network

B. Allows the attacker to impersonate both parties involved in a network conversation

C. Allows the attacker to shut down the network

D. Allows the attacker to block user’s access to certain websites

Incorrect

Correct!

Explanation: In an On-Path (Man-in-the-Middle) attack, the attacker positions themselves between the user and the destination server. This allows the attacker to eavesdrop on and manipulate the network conversation without either party knowing, impersonating both parties involved in the network conversation.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 478 in PDF)

29 / 125

In the context of social engineering, what is the method of ’tailgating’ used by attackers?

A. Watching someone enter their sensitive data by looking over their shoulder.

B. Collecting sensitive information via a crafted email that mimics an organization’s system.

C. Extracting information from employees by making them believe they are helping a fellow employee.

D. Following closely behind a person entering a building, without needing to use a security device.

Incorrect

Correct!

Explanation: Tailgating, a social engineering tactic, refers to an attacker sticking so close to a person entering a building that they are able to enter right behind them without needing to use a key, card, or any other security device. The person who is being followed might even unwittingly hold the door open for the attacker, thinking they are a colleague.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 487 in PDF)

30 / 125

Which of the following is not a type of tamper detection?

A. Security strip detection

B. Alarm system detection

C. Electrical circuitry detection

D. Transmission interception detection

Incorrect

Correct!

Explanation: Transmission interception detection is not a type of tamper detection mentioned in the material. Tamper detection mostly involves detection of direct physical interference with the equipment.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 519 in PDF)

31 / 125

What is a significant security consideration when implementing IoT devices in an organization?

A. IoT devices makes the wireless network weak

B. IoT devices increase the network load

C. IoT devices require frequent updates for security patches which they often don’t get

D. IoT devices interfere with other devices on the network

Incorrect

Correct!

Explanation: According to the provided passage, a significant concern when implementing IoT devices in an organization is that they often do not receive frequent updates for security patches. This is because hardware vendors often integrate off-the-shelf components that don’t get frequent updates, leaving the IoT devices exploitable.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 504 in PDF)

32 / 125

Why is it recommended to change the native VLAN from its default setting on a switch?

A. To prevent unauthorized users from accessing the management network

B. To increase the speed of data transmission

C. Because the default VLAN doesn’t support trunking

D. To allow more devices to connect to the switch

Incorrect

Correct!

Explanation: Changing the native VLAN mitigates the risk of users being exposed to the management VLAN and potential VLAN hopping attacks. This reduces the possibility of unauthorized access to the management network or undesired data movement.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 495 in PDF)

33 / 125

What information can be obtained through the use of detection methods in network security?

A. The current status of the network

B. The level of vulnerability in the network

C. Events occurred, their time, and the person responsible

D. The efficiency of the network equipment

Incorrect

Correct!

Explanation: The text mentions that detection of physical access allows you to know what happened (event), when it happened (time), and who did it (person responsible). Therefore, option C is correct.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 515 in PDF)

34 / 125

What differentiates passive and active RFID asset tracking tags?

A. Active RFID tags do not require battery power, while passive RFID tags do.

B. Active RFID tags require a high-powered transponder, while passive RFID tags do not.

C. Active RFID tags contain a battery-powered transmitter, while passive RFID tags respond to emitted RF signals.

D. Passive RFID tags can be tracked and located more effectively than active RFID tags.

Incorrect

Correct!

Explanation: Active RFID tags contain a battery-powered transmitter, which makes them capable of transceiving tracking signals. On the other hand, passive RFID tags do not have their own power source, they work by responding to the incoming radiation (RF) from a high-powered transponder.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 518 in PDF)

35 / 125

What is the purpose of single sign-on (SSO)?

A. It enables the user to input different usernames and passwords for each application they access.

B. It allows the user to authenticate to the first application and reuse the credentials for other applications.

C. It requires the user to authenticate separately for every application they access.

D. It prevents the user from logging into multiple applications using the same username and password.

Incorrect

Correct!

Explanation: Single sign-on (SSO) assists the user logon by allowing the user to authenticate to the first application and then reusing the credentials for other applications. The user no longer has to enter the same username and password for each application they access.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 466 in PDF)

36 / 125

Which of the following best describes the purpose of patching an operating system immediately after installation?

A. To add new features to the operating system

B. To fix vulnerabilities found in the operating system and fixed by the vendor

C. To update the firmware of the device

D. To implement Windows Server Update Services (WSUS)

Incorrect

Correct!

Explanation: Patching an operating system immediately after installation is crucial to fix vulnerabilities present in the system at the time of the build, as outlined in the provided text. This ensures that the system is secure before it is put into service, and patches are provided by the system vendor.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 496 in PDF)

37 / 125

What is the primary purpose of a rogue DHCP server in a network?

A. To encrypt user data

B. To distribute invalid IP addresses

C. To install ransomware in the network

D. To mimic organization’s wireless access points

Incorrect

Correct!

Explanation: A rogue DHCP server is an unauthorized DHCP server that an attacker can use to distribute invalid IP addresses within a network. By doing so, the attacker causes a DoS (Denial of Service) and could also redirect network traffic through their own host computer.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 481 in PDF)

38 / 125

Why does implementing role-based access harden security?

A. It increases complexity by adding layer upon layer of permission.

B. It reduces complexity of traditional security that requires layer upon layer of permission.

C. It comes preconfigured with few roles and does not allow to create new roles.

D. It limits permissions which used to be granted to users.

Incorrect

Correct!

Explanation: Role-based access simplifies security by grouping the necessary permissions for a specific job into a single role. Once the role is assigned to a user, they are granted all of the necessary permissions, reducing the complexity of security setups that would traditionally require individual permissions to be layered or stacked on one another. This simplifies the management of permissions, helps to prevent the misallocation of permissions and reduces the risk of security breaches due to inappropriate access permissions.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 498 in PDF)

39 / 125

What is the main difference between a split tunnel and a full tunnel in a VPN configuration?

A. A split tunnel only encrypts data while a full tunnel also encrypts headers

B. Full tunnel requires installation of a VPN client while split tunnel does not

C. A split tunnel directs only corporate network traffic over the tunnel, while a full tunnel directs all traffic over the tunnel

D. Full tunnel creates a pseudo network adapter while split tunnel does not

Incorrect

Correct!

Explanation: A split tunnel directs only corporate network traffic over the tunnel, allowing direct access to the Internet for non-corporate traffic. A full tunnel, however, directs all traffic over the tunnel, regardless of its destination. This is useful when an organization wants to filter all traffic, often for security or content filtering purposes.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 509 in PDF)

40 / 125

What is the role of power levels in wireless antenna placement and which protocol can help control it?

A. Power levels should be maximized and the protocol to control is 802.11h

B. Power levels should be adjusted to avoid signal-overstretch and the protocol to control is HTTP

C. Power levels are irrelevant to antenna placement and the protocol to control is TCP/IP

D. Power levels should be adjusted to avoid signal-overstretch and the protocol to control it is 802.11h

Incorrect

Correct!

Explanation: Considering security viewpoint, power levels should be adjusted so the signal does not go beyond the interior of the building, preventing possible infiltrations. The 802.11h wireless protocol can help control the power of the access point needed by each individual client through its Transmit Power Control (TPC) and Dynamic Frequency Selection (DFS) functionality.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 500 in PDF)

41 / 125

Why is it important to keep network racks and cabinets locked in an organization?

A. To provide easy access to authorized personnel

B. To prevent authorized personnel from accessing the network

C. To prevent non-authorized personnel from modifying wiring, powering down equipment accidentally, or accessing the network

D. To allow easy modification of the network by any personnel

Incorrect

Correct!

Explanation: Locking network racks and cabinets is an important physical security measure. It helps in preventing unauthorized personnel from accidentally or intentionally powering down equipment, modifying existing wiring, or accessing the network. It also prevents unauthorized access to information or materials stored in locked cabinets.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 522 in PDF)

42 / 125

Which of the following considerations are NOT typically considered when creating a guest network within an organization?

A. Amount of bandwidth guests have

B. Languages spoken by guests

C. Length of time guests have access

D. Which servers and systems guests can connect to

Incorrect

Correct!

Explanation: The languages spoken by guests is not typically a consideration when setting up a guest network. Factors such as bandwidth, length of access, and connection permissions are more critical for network security and functionality.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 501 in PDF)

43 / 125

Why should the firmware of a new network device be upgraded before it is configured and put into service?

A. To update the device’s aesthetic interface

B. Several exploits could have been created for vulnerabilities discovered while it was in storage

C. To provide the device with more advanced features

D. To change the device’s password

Incorrect

Correct!

Explanation: Due to the unknown length of time that a device may have been stored before purchase, vulnerabilities may have been discovered that hackers can exploit. Updating the firmware helps to patch these vulnerabilities, ensuring the security of the device when it is put into service.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 496 in PDF)

44 / 125

Which of the following best describes an internal threat to an organization’s network?

A. A weather event that damages the network infrastructure

B. An attack from a hacker over the internet

C. A disgruntled employee leaking the organization’s data

D. The melting of ice cream

Incorrect

Correct!

Explanation: An internal threat refers to a potential danger to the network or the assets of the organization coming from within the organization itself. This could be actions taken by a disgruntled employee such as leaking sensitive data or running malicious code.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 455 in PDF)

45 / 125

Which of the following is NOT a common metric used in Biometrics for physical access control?

A. Voice recognition

B. Fingerprint

C. Iris scans

D. DNA sample

Incorrect

Correct!

Explanation: While DNA is a measure related to a person’s body, it is not commonly used for biometric access control due to practicality and privacy concerns. Regularly used biometric access controls include voice recognition, fingerprints and iris (or retina) scans.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 520 in PDF)

46 / 125

Why is changing both the default username and password crucial during the initial setup of a network device?

A. It makes it more difficult for a brute-force attack to be carried out against the default username

B. It is necessary to change them for the device to function correctly

C. It is a requirement by most vendors

D. It provides a backup in case the original credentials are lost

Incorrect

Correct!

Explanation: Changing both the default username and password makes it more difficult for a brute-force attack to be performed against the default username. This in turn increases the overall security of the network device.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 494 in PDF)

47 / 125

What should be kept in mind when evaluating hardening techniques for network security?

A. Evaluating your risk, the overhead introduced, and prioritizing the techniques

B. Evaluating the cost of implementing the techniques

C. Evaluating the time taken to implement the techniques

D. Evaluating the user friendliness of the techniques

Incorrect

Correct!

Explanation: The text mentions that when evaluating the hardening techniques to be utilized on a network, it is necessary to evaluate your risk, evaluate the overhead the hardening introduces, and prioritize which of these techniques should be activated.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 489 in PDF)

48 / 125

What is the purpose of ARP spoofing in an on-path attack?

A. To create an evil twin access point

B. To start a rogue DHCP server

C. To set up a rogue access point

D. To manipulate the victim’s ARP entry and intercept packets intended for the default gateway

Incorrect

Correct!

Explanation: In an ARP spoofing attack, the attacker sends a spoofed ARP reply (a forged Gratuitous Address Resolution Protocol packet) in response to the victim’s ARP request for the default gateway IP address. This updated (manipulated) ARP entry causes the victim to send subsequent packets intended for the default gateway to the attacker’s address instead. The attacker can then inspect the packets’ contents and forward the information to the real default gateway.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 481 in PDF)

49 / 125

What is the maximal speed a modem can provide on a plain old telephone service (POTS) line?

A. 56 Kbps

B. 9600 bits per second

C. 54 Kbps

D. 512 Kbps

Incorrect

Correct!

Explanation: On POTS lines, the modem can provide a top speed of 56 Kbps.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 512 in PDF)

50 / 125

What is the purpose of a honeypot in network security?

A. To provide a backup server in case of a cyber attack

B. To allow unauthorized access for the explicit purpose of analyzing an attacker’s efforts

C. To provide an alternate route for network traffic during periods of high usage

D. To disguise the true nature of the network from potential attackers

Incorrect

Correct!

Explanation: A honeypot is a physical or virtual host that is set up to allow unauthorized access. The honeypot is a system that is tightly controlled by the administrator, but it allows an attacker to compromise the system so that the administrator can analyze the attacker’s efforts.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 464 in PDF)

51 / 125

What purpose can a deauthentication attack serve in terms of wireless security protocols?

A. It allows the attacker to generate association traffic for the purpose of cracking a wireless passphrase.

B. It helps to strengthen the encryption of the wireless network.

C. It assists in the detection of viruses in the network devices.

D. It serves to improve the overall signal strength for the connected clients.

Incorrect

Correct!

Explanation: The deauthentication attack is a type of security attack involving the 802.11 wireless protocol. An attacker can use a deauthentication frame to disconnect a client from their access point, typically in an effort to get them to inadvertently connect to a false access point set up by the attacker. This can then allow the attacker to generate association traffic, which can be utilized for cracking the wireless passphrase and further compromising network security.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 486 in PDF)

52 / 125

Which of the following best defines an ’exploit’ in the context of network security?

A. A software tool that patches vulnerabilities

B. A weakness in a network’s security system

C. A method that acts on a vulnerability in a security system

D. A documented vulnerability in a security system

Incorrect

Correct!

Explanation: In the context of network security, an exploit refers to a method (usually in the form of scripts, software, or sequences of commands) that takes advantage of a known vulnerability. The aim of an exploit is often to gain unauthorized access or control.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 456 in PDF)

53 / 125

Which of the following is an accurate statement about sanitizing a Solid-State Drive (SSD)?

A. SSDs are sanitized by writing 1s and 0s to each addressable cluster location in the filesystem.

B. SSDs are sanitized using a vendor-specific tool that erases the entire drive.

C. SSDs are sanitized using the DoD 5220.22-M standard method of overwriting data three times.

D. SSDs can be sanitized using degaussing magnets.

Incorrect

Correct!

Explanation: As explained in the text, solid state drives contain non-volatile memory chips and use proprietary algorithms to organize the data. They cannot sanitize data through the systematic writing of 1s and 0s to eliminate the underlying data. Instead, these devices usually require a vendor-specific tool to erase the drive fully.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 524 in PDF)

54 / 125

Which of the following best describes a brute-force attack?

A. An attacker guesses a password by using a common words database

B. It is a last-effort method to crack a password, trying every combination possible

C. This method uses automatic lockouts after so many failed attempts to slow the attacker down

D. It involves passively sniffing and learning the valid MAC address of a registered computer

Incorrect

Correct!

Explanation: A brute-force attack is generally a last-ditch effort in which an attacker uses a brute-force application to try every possible combination of a password until access is granted. These combinations include uppercase and lowercase letters, symbols, and numbers, making the total number of potential combinations exponentially increase with each added character.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 483 in PDF)

55 / 125

What best describes the concept of ’Defense in Depth’ as it relates to network security?

A. The implementation of a single, comprehensive security measure.

B. The combination of several different security measures, making it tougher for a bad actor to launch a successful attack.

C. The reliance on powerful antivirus and antimalware software to protect sensitive data.

D. The use of content filtering software to prevent exploits from calling back to malicious servers.

Incorrect

Correct!

Explanation: Defense in depth is based on the concept that combining several different security measures will make it harder for an attacker to succeed. It doesn’t rely on any single mechanism but uses different mechanisms to create more layers, or depth, to the defense strategy.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 459 in PDF)

56 / 125

What differentiates the Zero Trust model from the traditional trust model in terms of network security:

A. Only in the Zero Trust model are users required to connect via a VPN

B. In the Zero Trust model, all elements are trusted, unlike the traditional model where there’s a distinction between internal and external elements

C. In the Zero Trust model, nothing is trusted and everything must be authenticated, regardless of the location

D. The Zero Trust model only works suitably for office environments, unlike the traditional trust model that works for both office and remote settings

Incorrect

Correct!

Explanation: Unlike a traditional trust model, where everything within the network perimeter is trusted and everything outside isn’t, the Zero Trust model logicizes that no trust should be given to any factor whether inside or outside the perimeter. Instead, every user, device or request must be authenticated and authorized before access is granted, and this is regardless of their location.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 458 in PDF)

57 / 125

Which of the following best describes the difference between in-band and out-of-band management in relation to network device access?

A. In-band management is used when the network device is running and functioning, while out-of-band management is used when there is an equipment failure.

B. In-band management is performed via a modem, whereas out-of-band management is not.

C. Out-of-band management prevents network intrusion, while in-band management enhances it.

D. In-band management can only be performed in North America, while out-of-band management can be performed worldwide.

Incorrect

Correct!

Explanation: In-band management of a network device is viable while the device is active and functioning properly, as it is accessible via the data plane it serves. However, when a malfunction or an equipment failure occurs, out-of-band management becomes necessary, allowing the device to be reached independently of the network connections it serves.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 512 in PDF)

58 / 125

What is the main purpose of control plane policing (CoPP) in a network?

A. To process the ICMP packets of a router

B. To drop large amounts of traffic directed to the control plane of the router

C. To further segment the primary VLAN (standard VLAN)

D. To protect the data plane of communications

Incorrect

Correct!

Explanation: Control Plane Policing (CoPP) is designed to protect the control plane of a router or switch from being overwhelmed by unnecessary or maliciously intended traffic. It does this by policing and, if necessary, dropping traffic directed to the control plane, thereby protecting the CPU of the device.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 492 in PDF)

59 / 125

Which version of Simple Network Management Protocol (SNMP) addresses security concerns by incorporating features such as encryption and robust authentication?

A. SNMP version 1

B. SNMP version 2c

C. SNMP version 3

D. No version of SNMP addresses security concerns

Incorrect

Correct!

Explanation: SNMP version 3 is the first version to address security concerns. It acknowledges potential issues of unauthorized access and introduces encryption and strong authentication process for a safer and secure transmission of information. Therefore, the statement focusing on SNMP version 3 is correct.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 489 in PDF)

60 / 125

What characteristic distinguishes an amplified DoS attack from a Reflective DoS attack?

A. An amplified DoS attack requires a third-party server

B. An amplified DoS attack is a direct attack on the victim

C. An amplified DoS attack generates a larger response from a smaller request

D. An amplified DoS attack uses a forged source IP address

Incorrect

Correct!

Explanation: An Amplified DoS attack involves making a small request to the third-party server which results in a larger response to the victim. This creates a stronger disruption to the server’s functions.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 475 in PDF)

61 / 125

What is the main purpose of a risk assessment in an organization?

A. To contract out to security firms

B. To identify an organization’s overall risk and steps to mitigate it

C. To carry out a vulnerability assessment and penetration test

D. To identify a potential bad actor

Incorrect

Correct!

Explanation: While a risk assessment may involve elements like identifying potential bad actors or contracting out to security firms, its main function is to identify an organization’s overall risks and recommend steps to mitigate these risks.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 472 in PDF)

62 / 125

What is a dictionary attack and how can it be mitigated?

A. An attack using common words from a dictionary, can be mitigated by using privileged usernames like admin, root

B. An attack created by guessing every possible combination of a password, and can be mitigated by using passwords of 10 characters or more

C. An attack carried out by using a database of common words, can be mitigated by using complex and long passwords

D. An attack that requires the theft of the credentials file, which can be mitigated by the use of firewalls

Incorrect

Correct!

Explanation: A dictionary attack is made using a database of common words or frequently used passwords. The best way to mitigate this kind of attack is to use passwords that are complex, including lowercase, uppercase, symbols, and numbers, and also long (over 10 characters), making them less likely to appear in the ’dictionary’ of commonly-used words.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 483 in PDF)

63 / 125

What is the role of a Network Access Control (NAC) system in conjunction with the 802.1X protocol?

A. To provide additional security layers for network communication

B. To check the health and integrity of a client before network access

C. To maintain the quality of service (QoS) on the network

D. To control the number of user logins on the network

Incorrect

Correct!

Explanation: A Network Access Control (NAC) system, when used with the 802.1X protocol, acts as a monitoring tool for client health and integrity before permitting network access. This check includes factors like the client’s current patch level, antivirus signature date, and firewall status. This setup not only assists in ensuring stable and secure network operation but can also place any client that fails the checks into a remediation network for appropriate rectification before network access.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 463 in PDF)

64 / 125

What is the default action if a specific condition in an Access Control List (ACL) is not met?

A. The traffic is allowed

B. The ACL ceases to work

C. The traffic is denied

D. A notification is sent to the network administrator

Incorrect

Correct!

Explanation: As per the information provided, if a specific condition in an ACL is not met, the default action is to deny the traffic.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 496 in PDF)

65 / 125

What is the primary purpose of the wireless client isolation feature?

A. It allows the wireless devices in a network to share resources like printers and media server devices.

B. It prevents wireless devices on the same network from interacting with each other to enhance security.

C. It enables guests to access organization’s internal resources like servers and database systems.

D. It helps in managing the bandwidth by limiting access duration for guests on the network.

Incorrect

Correct!

Explanation: The wireless client isolation feature is primarily used for enhancing security. It prevents wireless clients on the same network from interacting with each other, making it harder for an attacker to compromise other devices or use them as a pivot point for their attack.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 500 in PDF)

66 / 125

How is data sanitization performed on hybrid drives?

A. Data is overwritten with 1s and 0s

B. The data is erased using a degaussing magnet

C. The data is sanitized using a proprietary tool from the vendor

D. The drive is physically destroyed

Incorrect

Correct!

Explanation: Hybrid drives are made up of a combination of a conventional magnetic drive and a small amount of SSD flash to store the most frequently used data blocks. Due to this arrangement, these drives need to be sanitized using a proprietary tool from the vendor.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 525 in PDF)

67 / 125

How does MAC filtering enhance wireless security?

A. It generates a firewall to protect against external threats

B. It provides access only to whitelisted MAC addresses

C. It encrypts data transmitted across the network

D. It automatically updates the software on all network devices

Incorrect

Correct!

Explanation: MAC filtering enhances wireless security by only permitting devices with MAC addresses that have been whitelisted to access the network. This is particularly effective as it’s challenging for an attacker to identify which MAC addresses are allowed by the switch or WAP.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 499 in PDF)

68 / 125

What is the primary purpose of a Virtual Private Network (VPN)?

A. To control data flow between networks

B. To make a public network private

C. To extend a company’s internal network across the Internet

D. To assign an IP address that matches the company’s internal network

Incorrect

Correct!

Explanation: A VPN is primarily used to extend a company’s internal network across the public internet. It allows remote clients and branch networks to connect securely and privately with the company’s network.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 506 in PDF)

69 / 125

What is DNS Poisoning?

A. It is a type of on-path attack where an attacker replaces valid DNS entries with their own IP address

B. It is a type of off-path attack

C. It is a type of attack where the DNS server’s cache is locked

D. It is an attack that occurs when the DNS server’s socket pools are compromised

Incorrect

Correct!

Explanation: DNS poisoning is an attack that involves an attacker replacing valid DNS entries with their own IP address, often carried out by sending random answers to the DNS server with their IP address. This is done in the hope that the targeted DNS server, which may have asked a legitimate DNS server for the answer, will accept the malicious reply.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 479 in PDF)

70 / 125

Which of the following is NOT true about Virtual Network Computing (VNC)?

A. VNC operates on TCP port 5900

B. VNC is similar to Microsoft RDP

C. VNC is encrypted by default

D. VNC operates in a client and server model

Incorrect

Correct!

Explanation: VNC supports encryption via plug-ins but is not encrypted by default.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 510 in PDF)

71 / 125

What is the main purpose of an Access Control Vestibule (Previously Known as a Mantrap) in network security?

A. To allow multiple people to enter at the same time

B. To prevent tailgating of nonauthorized users

C. To allow unrestricted access to authorized users

D. To serve as an extra storage space for sensitive documents

Incorrect

Correct!

Explanation: An access control vestibule, also known as a mantrap, is a security measure designed primarily to prevent unauthorized users from following an authorized user into a secure area. This is called tailgating. The vestibule is a small room with two controlled access doors; a person must enter the first door and be authenticated before the second door will open, effectively preventing anyone from entering without proper authorization.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 522 in PDF)

72 / 125

How does an employee access an electronic device from a smart locker in a tech-driven organization?

A. By manually writing down their name and the device they are taking

B. By mailing a request to the organization’s equipment department

C. By scanning their employee badge

D. By entering a password given by their manager

Incorrect

Correct!

Explanation: An employee can access an electronic device from a smart locker by scanning their employee badge. The equipment is then automatically checked out to them.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 523 in PDF)

73 / 125

What is a distinctive characteristic of a distributed denial-of-service (DDoS) as compared to other types of DoS attacks?

A. It involves a single compromised server launching an attack

B. It relies on a third-party server for the attack execution

C. It employs a command and control server to send commands to a botnet

D. It sends a small request to a third-party server that yields a larger response to the victim

Incorrect

Correct!

Explanation: In a DDoS attack, many bots are employed to create a botnet. A compromised server or host, known as a command and control server, is used by the bad actor to send commands to each bot in the botnet. Unlike other forms of DoS attacks, it’s virtually impossible to isolate and firewall the source of the attack when traffic is coming from millions of different hosts making up the botnet.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 478 in PDF)

74 / 125

What is the key goal of a security assessment?

A. To assess the overall preparedness of your organization

B. To meet the requirement by cyber insurance companies

C. To comply with regulations in an organization’s industry sector

D. To report the current security status of the organization and tighten security

Incorrect

Correct!

Explanation: The key goal of a security assessment is to report the current security status of the organization with an aim to improve or tighten security.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 471 in PDF)

75 / 125

What is a suggested best practice when creating passwords based on the text?

A. The password should be at least 12 characters

B. The password should always use leet speak

C. The password should include common words

D. The password can be shorter if using symbols

Incorrect

Correct!

Explanation: The text suggests that creating a password should always follow best practices, which include the password being at least 12 to 18 characters. This ensures that the password is strong enough and thus, harder for a potential hacker to guess or crack.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 494 in PDF)

76 / 125

What does the term ’Zero-Day’ in the context of network vulnerabilities refer to?

A. Vulnerabilities that are discovered and patched within a day.

B. Vulnerabilities for which no patch or workaround exists.

C. Vulnerabilities that are known to the public.

D. Vulnerabilities that are immediately attacked.

Incorrect

Correct!

Explanation: A zero-day vulnerability refers to a network vulnerability that is discovered before a patch or workaround can be developed and made available. This leaves the network exposed to potential attacks.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 456 in PDF)

77 / 125

What accurately describes a preshared key (PSK)?

A. It is predominantly used for EAP-TLS deployments

B. It is a symmetrical encryption system where the key that encrypts data also decrypts data

C. It is only used with wireless protocols WPA- and WPA2-Personal mode for home wireless applications

D. It is an asymmetrical encryption system where different keys are used for encryption and decryption

Incorrect

Correct!

Explanation: A preshared key (PSK) is indeed a symmetrical encryption system where the key that encrypts the data also decrypts the data.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 501 in PDF)

78 / 125

Which protocol uses Transmit Power Control (TPC) and Dynamic Frequency Selection (DFS) to adjust for optimal power and frequency of the network client?

A. 802.11g

B. 802.11h

C. 802.11s

D. 802.3u

Incorrect

Correct!

Explanation: 802.11h is the protocol that uses Transmit Power Control (TPC) and Dynamic Frequency Selection (DFS) to adjust for the optimal power and frequency of the client. This helps to control the power levels of the wireless signal and the frequency, ensuring optimal coverage while also not permitting the signal to reach areas it shouldn’t.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 500 in PDF)

79 / 125

What is the function of an explicit deny in a firewall?

A. To allow applications that are not explicitly stated in the firewall rules

B. To restrict applications or IP addresses even if an explicit rule allowing access follows

C. To provide an exception for applications that are in the implicit deny list

D. To automatically block applications that are not explicitly allowed

Incorrect

Correct!

Explanation: Explicit deny is used in a firewall to restrict specific applications or IP addresses even if there is a subsequent rule that allows broad access. This allows more control and security over the network as you can deny access to certain applications like Remote Desktop Protocol (RDP) or Secure Shell (SSH) that shouldn’t be accessible from the client network.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 499 in PDF)

80 / 125

What role does Transport Layer Security (TLS) play in Protected Extensible Authentication Protocol (PEAP)?

A. Provides support for shared keys

B. Facilitates authentication to occur between the supplicant and authentication server

C. Protects EAP messages by providing an encrypted tunnel and authentication between the host and the authenticating server

D. Transmits the credentials over TLS in WPA-Enterprise mode.

Incorrect

Correct!

Explanation: PEAP uses TLS to protect EAP messages by providing an encrypted tunnel as well as authentication between the host and the authenticating server before credentials are passed.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 502 in PDF)

81 / 125

Which of the following best describes a vulnerability in the context of network security?

A. A form of cyber attack

B. A protective mechanism to safeguard sensitive information

C. A confidence-building measure in cyberspace diplomacy

D. A weakness in security that can be exploited by attackers

Incorrect

Correct!

Explanation: In the context of network security, a vulnerability is a weakness which can be exploited by attackers. It can be physical- or network-based, found in applications, operating systems, and network products. Regular patching helps mitigate known vulnerabilities but it’s impossible to eliminate all vulnerabilities.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 455 in PDF)

82 / 125

Which of the following best describes the purpose of the Common Vulnerabilities and Exposures (CVE) system?

A. To create a database for storing vulnerabilities

B. To generate software patches for vulnerabilities

C. To create a common naming scheme for vulnerabilities and reduce overlap in documentation

D. To rank vulnerabilities based on their impact

Incorrect

Correct!

Explanation: The CVE system was designed primarily to create a standard nomenclature for vulnerabilities, reducing overlap in documentation from different agencies documenting the same vulnerability. This system aids in easy tracking and referencing of vulnerabilities across multiple platforms and documentation.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 455 in PDF)

83 / 125

What is the purpose of DHCP snooping in a network?

A. To allow all DHCP messages to be forwarded from all ports

B. To prevent a rogue DHCP server from sending DHCP messages to clients

C. To explicitly trust all switchports for forwarding DHCP messages

D. To setup a rogue DHCP server for monitoring purposes

Incorrect

Correct!

Explanation: DHCP snooping prevents a rogue DHCP server, also referred to as a spurious DHCP server, from sending DHCP messages to clients. This helps protect the network from DHCP spoofing attacks in which an attacker uses a rogue DHCP server to redirect valid traffic to a compromised website.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 495 in PDF)

84 / 125

What are the steps described in the NIST Cyber Security Framework (CSF) for handling a threat and maintaining network security?

A. Identify, Secure, Monitor, Control, Recover

B. Analyze, Protect, Detect, Respond, Resolve

C. Illustrate, Guard, Determine, React, Restore

D. Identify, Protect, Detect, Respond, Recover

Incorrect

Correct!

Explanation: As specified in the provided text, the NIST CSF outlines a cyclical process of Identify, Protect, Detect, Respond, and Recover for handling network threats and maintaining network security.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 472 in PDF)

85 / 125

What is Ransomware in the context of network security?

A. An unauthorized DHCP server that hands out invalid IP addresses

B. A wireless phishing attack where an attacker sets up a wireless access point to mimic the organization’s wireless access points

C. Malicious software that encrypts or holds files hostage and requests a ransom for decryption

D. A spoofed ARP reply sent by an attacker to route packets through them

Incorrect

Correct!

Explanation: Ransomware is a type of malicious software (malware) that restricts access to a computer system that it infects in some way, and demands that the user pay a ransom to the operators of the malware to remove the restriction.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 482 in PDF)

86 / 125

What is the role of a VPN concentrator in a site-to-site VPN?

A. It encrypts and encapsulates information as data and sends it over the Internet.

B. It provides a high-bandwidth connection to the Internet.

C. It serves as a destination inside the branch network.

D. It licenses the VPN software.

Incorrect

Correct!

Explanation: A VPN concentrator in a site-to-site VPN connection encrypts and encapsulates the information as data, creating a route entry for the remote network. It then sends the encrypted data to the other side of the tunnel over the Internet.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 506 in PDF)

87 / 125

What does the Kerberos protocol do?

A. It provides strong security for transmitted usernames and passwords via Triple Data Encryption Standard (3DES) and Advanced Encryption Standard (AES) encryption.

B. It automatically encrypts all traffic on a network.

C. It checks for viruses on a network.

D. It improves network speed.

Incorrect

Correct!

Explanation: The Kerberos protocol provides strong security for transmitted usernames and passwords via Triple Data Encryption Standard (3DES) and Advanced Encryption Standard (AES) encryption, and it was named after a three-headed hound in Greek mythology. It introduces this level of security through a three-way trust, where both the client and server must trust the authenticating server for access.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 469 in PDF)

88 / 125

What is the function of a captive portal in a network?

A. It provides firewall services to the network users

B. It redirects users to a portal for login or agreement to the Acceptable Use Policy

C. It serves as a basic switch connecting various network devices

D. It acts as a broadband modem providing internet access

Incorrect

Correct!

Explanation: A captive portal acts as a mechanism to redirect users who connect to the network (wired or wireless) to a portal where they can log in or agree to the Acceptable Use Policy (AUP). This is done before the users gain full web access. This feature is common in establishments such as hotels.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 503 in PDF)

89 / 125

What is the main purpose of identification badges in organizations with physical and electronic-based security?

A. Only to identify an employee within the organization

B. To allow employees to exchange roles within the organization

C. To serve as a proof of access and aid with physical security protocol

D. To replace the need for physical keys

Incorrect

Correct!

Explanation: Identification badges serve as a proof of access and act as a part of the physical security protocol in organizations. In addition to serving as identification, they help regulate who can access specific areas of an organization. If an employee is in an unrecognized area and their ID badge is not on display, other security measures can be taken.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 520 in PDF)

90 / 125

Which of the following correctly describes the function of EAP-TLS?

A. It replaces the older Cisco proprietary protocol of Lightweight Extensible Authentication Protocol (LEAP).

B. It’s a Cisco proposed standard for establishing a secure tunnel using shared keys.

C. It’s an open standard that can be deployed with a preshared key (PSK) or with a certificate authority, where each user or computer is issued an individual certificate.

D. It was jointly developed by Cisco, Microsoft, and RSA Security to provide Transport Layer Security (TLS).

Incorrect

Correct!

Explanation: EAP-TLS is an open standard defined by the IETF which is commonly deployed with a certificate authority. When it’s deployed with a certificate authority, the deployment is more secure because each user or computer is issued an individual certificate, according to the passage.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 502 in PDF)

91 / 125

What is the primary role of the Remote Desktop Gateway?

A. It allows centralized access to remote desktops.

B. It provides a direct connection to the Internet.

C. It serves as a router for local network traffic.

D. It manages the storage of user data on remote desktops.

Incorrect

Correct!

Explanation: The Remote Desktop Gateway is a Microsoft server role that primarily allows centralized access to remote desktops, such as remote desktop workstations or remote desktop servers. This allows users to access their systems remotely through a secured and authorized connection.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 509 in PDF)

92 / 125

What technique is used by both the Microsoft Server and Linux/Unix operating systems to reduce the surface area of attack?

A. Enabling all services out of the box

B. Turning off the firewall by default

C. Disabling all services out of the box

D. Installing all services by default

Incorrect

Correct!

Explanation: Both Microsoft Server (starting from Windows Server 2008) and Linux/Unix operating systems use the tactic of disabling all services out of the box. This reduces the surface area of attack by reducing the number of potentially exploitable entry points.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 494 in PDF)

93 / 125

What is the best defense against shoulder surfing attacks?

A. Using a privacy filter

B. Calling a supervisor

C. Surveying your environment before entering personal data

D. Using a mechanical device

Incorrect

Correct!

Explanation: Surveying the environment before entering personal data is the best defense against shoulder surfing. It allows you to ensure that no one is positioned in a way that they could view your keystrokes or other sensitive information.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 487 in PDF)

94 / 125

What is a rogue access point in the context of a network security threat?

A. An unauthorized DHCP server that distributes invalid IP addresses

B. A software that encrypts network files and demands a ransom for their decryption

C. An access point installed on a LAN without proper security measures

D. An attack where the attacker sets up an access point to mimic existing ones

Incorrect

Correct!

Explanation: A rogue access point is an unauthorized access point installed on a network that can open up the organization to potential data loss or infiltration by an attacker due to a lack of proper security settings.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 482 in PDF)

95 / 125

Which of the following best describes a clientless VPN solution based on the information provided in the text?

A. A VPN solution that requires a separate VPN client installed on all devices to access the internal network.

B. A VPN solution that allows the web browser on the device to act as the VPN client.

C. A VPN solution that does not need an IP address from the internal corporate network.

D. A VPN solution that does not encrypt the data before sending it to the physical NIC and through the Internet.

Incorrect

Correct!

Explanation: According to the text, clientless VPN solutions are those which do not require the installation of a client. Instead, they allow the web browser on the device requiring connectivity back to the corporate network to act as the VPN client, with the VPN appliance acting as a reverse proxy to various resources internal to the organization.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 509 in PDF)

96 / 125

Which of the following statements accurately describes the characteristics of different motion detection sensors?

A. Microwave detectors send pulses of microwaves out and are susceptible to external interference, but PIR sensors use microwaves and have a wider area of coverage

B. Microwave detectors operate by monitoring the measurement of infrared radiation from several zones but do not have a reflective panel

C. Passive infrared (PIR) sensors operate by monitoring the measurement of infrared radiation from several zones and have this grid pattern on the sensor’s face

D. Vibration sensors are most often implemented as seismic sensors and they protect against unauthorised access by sending pulses of microwaves out

Incorrect

Correct!

Explanation: PIR sensors operate by monitoring the measurement of infrared radiation from several zones, and they typically have a grid pattern on the sensor face.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 517 in PDF)

97 / 125

What is local authentication typically used for?

A. Networking with other databases

B. Small-group access where each account needs to be manually created

C. Accessing data over a large network

D. Bypassing the need for protocols

Incorrect

Correct!

Explanation: Local authentication is typically used for providing access to a small group of people where each account has to be manually created on each device or server to be accessed. This is because local authentication operates by authenticating the user to a local database contained on the equipment or server.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 469 in PDF)

98 / 125

What is the principle of Least Privilege?

A. it’s a policy that allows users unlimited access to all parts of a system.

B. it’s a security concept that limits a user to the least amount of privileges they need to perform their job.

C. it is a principle that requires users to remember complex passwords.

D. it is a requirement for all organizations to follow at all times without exceptions.

Incorrect

Correct!

Explanation: The principle of Least Privilege is a security concept whereby a user is granted the minimum levels of access necessary to perform his or her job functions. This helps limit internal and external threats and the potential for a data leak.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 457 in PDF)

99 / 125

What happens when a mobile device steps outside a geofencing-permitted area?

A. The device will stop functioning

B. The device gets a new IP address

C. The device may be subject to a device wipe

D. The device’s GPS system shuts down

Incorrect

Correct!

Explanation: Geofencing creates a virtual perimeter using mapping software and GPS coordinates reported by an agent installed on the device. If a device moves outside of this virtual boundary, it is considered out of compliance and may be subject to a device wipe as a security measure to prevent data loss.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 503 in PDF)

100 / 125

Which of the following methods is the easiest to implement for network segmentation according to the text?

A. Physical routers

B. Separate switches

C. Firewalls

D. Virtual local area networks (VLANs)

Incorrect

Correct!

Explanation: According to the text, the easiest method of segmentation for a network is to implement virtual local area networks, or VLANs. VLANs each have a distinct network ID and can create segments within the network, improving security by limiting access.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 461 in PDF)

101 / 125

What port does the Remote Desktop Protocol (RDP) communicate over?

A. TCP 443

B. TCP 3389

C. TCP 22

D. TCP 80

Incorrect

Correct!

Explanation: The Remote Desktop Protocol (RDP) communicates over TCP 3389 to deliver the remote screen and connect the local mouse and keyboard to the RDP session.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 509 in PDF)

102 / 125

What is the primary function of private VLANs?

A. They protect the router from DoS attacks

B. They allow hosts to communicate outside of their logical subnet

C. They create security between hosts with micro-segmentation

D. They reduce burden on the CPU during routing of data

Incorrect

Correct!

Explanation: Private VLANs offer micro-segmentation of the primary VLAN (standard VLAN) to introduce security between hosts. They isolate different parts of the network to ensure secure communication.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 492 in PDF)

103 / 125

What does the ’Availability’ in the CIA triad for information security refers to?

A. The access to the information only by authorized individuals

B. The accuracy of the information and its vulnerability to unauthorized alteration

C. The uptime of the systems serving the information

D. The use of physical locks or electronic measures to safeguard the information

Incorrect

Correct!

Explanation: In the context of the CIA triad for information security, ’Availability’ refers to how consistently, effectively, and reliably the systems serving the information are available or function without downtime. It involves the use of redundant systems and components to ensure high availability of information, and also considers backups and restoration times.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 454 in PDF)

104 / 125

What is the purpose of separation of duties in network security?

A. To distribute the control and power to all individuals in the process

B. To reduce the control or power of one individual over a process

C. To give each individual full permissions to all areas of the network

D. To ensure that each individual can delete their actions in logs

Incorrect

Correct!

Explanation: The separation of duties in network security is aimed at reducing the control or power of one individual over a process. This is done by assigning specific responsibilities and limiting permissions to those areas necessary to perform their specific duties. This helps prevent misuse, misconfigurations, as well as concealing illicit activities by deleting logs.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 462 in PDF)

105 / 125

Which of the following is NOT a characteristic of MAC filtering?

A. It can be used to secure wireless systems

B. It involves whitelisting MAC addresses

C. It eliminates the need for an administrative burden

D. It can be used in conjunction with an 802.1X/NAC solution

Incorrect

Correct!

Explanation: MAC filtering does involve an administrative burden as the MAC addresses to be whitelisted will need to be entered. It does not eliminate this task.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 499 in PDF)

106 / 125

What is social engineering in the context of network security?

A. The use of physical force to gain access to a network

B. The act of extracting key information from employees without raising suspicion

C. The technical manipulation of hardware to compromise network security

D. The act of remotely hacking into a network from a different location

Incorrect

Correct!

Explanation: Social engineering in the context of network security is about manipulating people to disclose confidential information. It usually involves making people feel obliged to help without realizing they’re disclosing sensitive information that can be used for malicious activities.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 487 in PDF)

107 / 125

What is the primary function of the Router Advertisement (RA) Guard feature?

A. To advertise IPv6 addresses

B. To allow a host to originate Router Advertisement messages

C. To restrict which port can send RA messages

D. To enable spoofing attacks

Incorrect

Correct!

Explanation: The RA Guard feature is designed to restrict which port can send Router Advertisement (RA) messages. This aids in the prevention of spoofing attacks where an attacker may attempt to divert traffic via a forged RA message.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 490 in PDF)

108 / 125

Which of the following is NOT a commonly used factor of authentication?

A. Something you know (Password)

B. Something you have (Smartcard)

C. Something you are (Biometrics)

D. Something you think (Thoughts)

Incorrect

Correct!

Explanation: The text mentions the most common authentication factors as: something you know (passwords), something you have (smartcard), and something you are (biometrics). There is no mention of ’Something you think (Thoughts)’ being an authentication factor.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 464 in PDF)

109 / 125

What is the first tactic done in a vulnerability assessment?

A. Vulnerability scanning

B. Identification of open services

C. Identification of network weaknesses

D. Use of the Nessus vulnerability scanner

Incorrect

Correct!

Explanation: In a vulnerability assessment, the first tactic is to identify the open services using a port scanning tool according to the passage.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 471 in PDF)

110 / 125

What are the two main types of cameras used in video surveillance and their general uses?

A. DSLR cameras for daily recording and Micro four thirds cameras for specific incidents.

B. DSLR cameras for specific incidents and Micro four thirds cameras for daily recording.

C. Fixed cameras for surveillance activities and Pan-tilt-zoom (PTZ) cameras for intervention incidents.

D. Fixed cameras for intervention incidents and Pan-tilt-zoom (PTZ) cameras for surveillance activities.

Incorrect

Correct!

Explanation: Fixed cameras are ideal for recording surveillance activities as they are more reliable to be pointing at the incident area when needed. PTZ cameras, although often deployed for the wrong reasons, are useful for intervention situations as they allow for 360-degree movement and zooming in on a specific area.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 515 in PDF)

111 / 125

What happens when a client computer establishes a VPN connection according to the description provided?

A. The client computer becomes a part of the external corporate network.

B. The client computer becomes a part of the internal corporate network.

C. The client computer gets disconnected from all networks.

D. The client computer switches to a different corporate network.

Incorrect

Correct!

Explanation: When a client computer establishes a VPN connection, it gets assigned an IP address from the internal corporate network, making it effectively a part of the internal corporate network.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 507 in PDF)

112 / 125

Why is it recommended to lock network racks even if they are located in secure areas?

A. To prevent someone from mistakenly powering down a server or equipment

B. To maintain a clean and organized appearance

C. To make it easier for authorized individuals to access the equipment

D. To prevent electrical interference from disrupting network activity

Incorrect

Correct!

Explanation: Even in secure areas where unauthorized access is unlikely, locking network racks can prevent accidental power down or tampering of the server or equipment. This can be particularly crucial in maintaining uninterrupted network services.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 522 in PDF)

113 / 125

What do Access Control Lists (ACLs) in a screened subnet (DMZ) typically restrict or control?

A. The websites that users outside the network can visit

B. The amount of data that can be transferred between hosts

C. Services internet hosts can access on servers in the DMZ and communication between hosts

D. The type of applications that can be installed on hosts in the DMZ

Incorrect

Correct!

Explanation: Access Control Lists (ACLs) in a screened subnet (DMZ) are typically designed to restrict which services Internet hosts can access on servers in the DMZ, as well as control which hosts can communicate with internal servers. It is a form of security measure to control and restrict unauthorized access to the network.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 461 in PDF)

114 / 125

Which of the following is NOT a method for ensuring the confidentiality of information as described in the CIA triad?

A. Use of physical locks

B. Use of file hashes

C. Use of encryption

D. Use of firewalls

Incorrect

Correct!

Explanation: According to the CIA triad described in the text, file hashes are used to protect the integrity of the information by detecting unauthorized altering of the data, not its confidentiality.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 453 in PDF)

115 / 125

What protocol and port does LDAP use by default?

A. TCP/636

B. UDP/389

C. TCP/389

D. UDP/636

Incorrect

Correct!

Explanation: Lightweight Directory Access Protocol (LDAP) by default uses the TCP protocol on port 389.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 468 in PDF)

116 / 125

What is one of the primary purposes behind the implementation of port security?

A. To allow all MAC addresses on a switch port

B. To restrict a specific MAC address or a specific number of MAC addresses on a switch port

C. To enhance the wireless connectivity of a switch port

D. To allow users to plug in hubs or switches as they wish

Incorrect

Correct!

Explanation: Port security is implemented primarily to restrict specific MAC addresses or a certain number of MAC addresses on a physical access mode switch port. By doing this, it sets a limit on who has access that port which can help to improve network security.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 490 in PDF)

117 / 125

What is a reflective DoS attack?

A. An attack that employs multiple bots to target a single system

B. An attack where an attacker sends a request to a third-party server, making it appear to come from the victim’s IP

C. An attack where a large data request leads to a massive response directed at the victim

D. An attack that targets a command and control server

Incorrect

Correct!

Explanation: A reflective DoS attack is when an attacker sends a request to a third-party server and forges the source address of the packet with the victim’s IP address. The third party then responds to the victim, leading to a denial of service.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 476 in PDF)

118 / 125

What is the primary reason organizations have embraced VDI according to the passage?

A. It simplifies imaging and software rollouts.

B. It allows for easy scaling and downsizing.

C. It keeps the organization’s data within the data center.

D. It minimizes capital costs.

Incorrect

Correct!

Explanation: According to the passage, the main reason organizations have adopted VDI is for better control over their data. The text clearly states that this strategy can minimize an organization’s data loss because the data never leaves the organization’s data center.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 511 in PDF)

119 / 125

Which of the following statements accurately describes IP Spoofing based on the provided text?

A. IP Spoofing helps strengthen an organization’s network security.

B. IP Spoofing cannot be used in combination with MAC spoofing.

C. IP Spoofing is an attack method by which an attacker uses the IP address of an organization’s asset to gain access to protected resources.

D. IP Spoofing is primarily used to increase the speed of network communications.

Incorrect

Correct!

Explanation: IP Spoofing is, indeed, an attack technique where an attacker impersonates the IP address of an organization’s assets. This allows the attacker to circumvent access control systems and gain access to protected resources.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 485 in PDF)

120 / 125

What is the purpose of Dynamic ARP Inspection (DAI) in relation to the DHCP snooping binding table?

A. To drop any ARP request that conflicts with the DHCP snooping binding table

B. To verify and record the IP address and MAC address in the DHCP snooping binding table

C. To redirect ARP requests to an attacker’s host

D. To allow ARP replies that conflict with the DHCP snooping binding table

Incorrect

Correct!

Explanation: Dynamic ARP Inspection (DAI) inspects the DHCP binding table for each ARP request. If an ARP reply comes back that conflicts with the information in this table, the DAI process will drop the ARP reply. This serves as a security measure to prevent ARP spoofing attacks.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 491 in PDF)

121 / 125

In the context of CompTIA Network+, which of the following best describes ’Piggybacking’?

A. Extracting vital information from an organization’s employees without raising suspicion.

B. Following so closely behind someone entering a building that you can enter without needing a security device.

C. Deceiving someone into revealing their password by observing their keystrokes.

D. A type of phishing attack where an email is sent to solicit personal information.

Incorrect

Correct!

Explanation: In the context of CompTIA Network+, ’Piggybacking’ refers to an individual covertly following another person into a secure area, such as a building, without using a key, card, or any other security device. The person originally swiping in may not even see the ’piggybacker’. This type of physical intrusion is a form of social engineering.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 487 in PDF)

122 / 125

What is an Evil Twin attack as described in the topic ’Evil twin’?

A. It is a type of ransomware attack that encrypts files and seeks payment for decryption.

B. It is a type of wireless phishing attack where an attacker sets up a wireless access point that mimics the organization’s wireless access points, often luring users via a stronger signal.

C. It’s an unauthorized DHCP server attack, in which the attacker sets up an unauthorized DHCP to distribute faulty IP addresses.

D. It involves the attacker impersonating a legitimate user on the network and altering data being transmitted.

Incorrect

Correct!

Explanation: In an Evil Twin attack, the attacker sets up a fake wireless access point that mimics a legitimate one. Once a user connects to it, their traffic can be monitored and exploited by the attacker. Creating a stronger signal is one way to lure users into connecting with the fake access point.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 482 in PDF)

123 / 125

What does the term ’Tailgating’ refer to in the context of social engineering attacks?

A. Watching someone when they enter their sensitive data

B. A type of phishing performed via email

C. Entering a building so close behind someone that no security device is needed

D. Extracting vital information without raising suspicion

Incorrect

Correct!

Explanation: ’Tailgating’ refers to a social engineering tactic where an intruder gains physical access to a building by entering so close behind an authorized user that no security measure (like a key or a card) is needed. Sometimes, the authorized user might even hold the door for them, mistaking them for a fellow employee.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 487 in PDF)

124 / 125

What is the Extensible Authentication Protocol (EAP)?

A. A specific authentication method used by Cisco devices

B. An authentication framework that allows for extensibility of authentication

C. A protocol used exclusively for biometric authentication

D. A propriety authentication mechanism used by Microsoft alone

Incorrect

Correct!

Explanation: EAP is not a specific authentication method or mechanism. Instead, it’s a framework that allows for the extensibility of authentication methods.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 470 in PDF)

125 / 125

What are the two primary methods of VLAN hopping?

A. ARP spoofing and switch spoofing

B. Switch spoofing and double-tagging of frames

C. Double-tagging of frames and evil twin

D. Rogue DHCP and evil twin

Incorrect

Correct!

Explanation: Switch spoofing and double-tagging of frames are the two main types of VLAN hopping. In switch spoofing, an attacker can negotiate a trunk link and tag their packets with the VLAN they want to attack, bypassing controls. In double-tagging, attacker’s packets carry two tags, one for the current VLAN and one for the target VLAN. The switch removes the first tag and sends the packet based on the second tag.

Ref: CompTIA Network+ Review Guide: Exam N10-008 5th Edition

(Page 479 in PDF)

Your score is

🔒 Hands-On IT Course (Start a New Career in 8-12 Weeks!) 🔒

Visit IT Course　

Boost Your Skills with Free Anki Flashcards

Click the download button to get the Network+ N10-008 Anki deck.

Boost your IT skills with our free CompTIA Network+ practice test focusing on 4.0 Network Security. Whether you’re entering the IT industry or advancing in cyber security, our resources are here to help you succeed in the CompTIA Exam.

Why Choose Our CompTIA Network+ Practice Test?

Skill Enhancement: Covers essential network security concepts crucial for the CompTIA Exam and vulnerability management.
Career Advancement: Passing the CompTIA Network+ exam can open doors to new job opportunities and significant career changes in the IT industry.
Vulnerability Management: Master the art of managing network vulnerabilities, a key skill in the field of cyber security.

Free Anki Deck Download

Download our free Anki Deck, reviewed by industry expert Josh Madakor, who has extensive experience in IT and cyber security, including work with Microsoft and government sectors. Learn more about Anki on the official site.

Get Started with Your IT Career Change Today!

Visit the CompTIA Network+ official site to learn more. Prepare, practice, and succeed with our comprehensive resources, supporting your IT career change in the IT industry and cyber security.

Explore our other free mock exams:

Network+ N10-008 – 4.0 Network Security

Boost Your Skills with Free Anki Flashcards

Why Choose Our CompTIA Network+ Practice Test?

Free Anki Deck Download

Get Started with Your IT Career Change Today!

Related Posts

The Affordable, Hands-On Josh Madakor IT Course that gets Results!

The Affordable, Hands-On Cyber Security that gets Results!

JOIN OUR

NEWSLETTER