NEW QUESTION 1

Which of the following is an example of on-demand scalable hardware that is typically housed in the vendor's data center?

• A. DaaS
• B. IaaS
• C. PaaS
• D. SaaS

Answer: B

NEW QUESTION 2

A technician is configuring a bandwidth-monitoring tool that supports payloads of 1,600 bytes. Which of the following should the technician configure for this tool?

• A. LACP
• B. Flow control
• C. Port mirroring
• D. Jumbo frames

Answer: D

Explanation:
Jumbo frames are Ethernet frames that can carry more than the standard 1,500 bytes of payload data. Jumbo frames can support payloads of up to 9,000 bytes, depending on the network device and configuration. Jumbo frames can improve network performance by reducing the overhead of packet headers and increasing the efficiency of data transmission. Jumbo frames can also reduce the CPU utilization of the sender and receiver devices, as they require fewer interrupts and processing cycles. However, jumbo frames also have some drawbacks, such as increased latency, fragmentation, and compatibility issues. Therefore, jumbo frames should be used with caution and only in networks that support them end-to-end.
A technician who is configuring a bandwidth-monitoring tool that supports payloads of 1,600 bytes should enable jumbo frames for this tool, as this would allow the tool to capture and analyze more data per frame and provide more accurate and detailed results. However, the technician should also ensure that the network devices and interfaces that the tool is connected to also support jumbo frames, and that the MTU (maximum transmission unit) is set to the same value across the network path.
ReferencesWhat are Jumbo Frames?How to Enable Jumbo FramesCompTIA Network+ Certification All-in-One Exam Guide, Eighth Edition (Exam N10-008)

NEW QUESTION 3

Which of the following is most likely to be implemented to actively mitigate intrusions on a host device?

• A. HIDS
• B. MDS
• C. HIPS
• D. NIPS

Answer: A

Explanation:
HIDS (host-based intrusion detection system) is a type of security software that monitors and analyzes the activity on a host device, such as a computer or a server. HIDS can detect and alert on intrusions, such as malware infections, unauthorized access, configuration changes, or policy violations. HIDS can also actively mitigate intrusions by blocking or quarantining malicious processes, files, or network connections1.
HIPS (host-based intrusion prevention system) is similar to HIDS, but it can also prevent intrusions from happening in the first place by enforcing security policies and rules on the host device2. MDS (multilayer switch) is a network device that combines the functions of a switch and a router, and it does not directly protect a host device from intrusions3. NIPS (network-based intrusion prevention system) is a network device that monitors and blocks malicious traffic on the network level, and it does not operate on the host device level4.

NEW QUESTION 4

A customer calls the help desk to report that users are unable to access any network resources_ The issue started earlier in the day when an employee rearranged the wiring closet A technician goes to the site but does not observe any obvious damage. The statistics output on the switch indicates high CPI-J usage, and all the lights on the switch are blinking rapidly in unison_ Which of the following is the most likely explanation for these symptoms?

• A. The switch was rebooted and set to run in safe mode.
• B. The line between the switch and the upstream router was removed
• C. A cable was looped and created a broadcast storm.
• D. A Cat 6 cable from the modem to the router was replaced with Cat 5e.

Answer: C

Explanation:
A cable was looped and created a broadcast storm is the most likely explanation for the symptoms of high CPU usage and blinking lights on the switch. A cable loop is a situation where a switch port is connected to another switch port on the same switch or another switch, creating a circular path for network traffic. A cable loop can cause a broadcast storm, which is a network phenomenon where a large number of broadcast or multicast packets are flooded on the network, consuming bandwidth and CPU resources. A broadcast storm can cause network congestion, performance degradation, or failure. A cable loop can occur when an employee rearranges the wiring closet without proper documentation or verification. A cable loop can be prevented or detected by using Spanning Tree Protocol (STP) or loop detection features on the switch. References: [CompTIA Network+ Certification Exam Objectives], What Is a Broadcast Storm? |
Definition & Examples | Forcepoint

NEW QUESTION 5

A network administrator is decommissioning a server. Which of the following will the network administrator MOST likely consult?

• A. Onboarding and off boarding policies
• B. Business continuity plan
• C. Password requirements
• D. Change management documentation

Answer: D

NEW QUESTION 6

The power company notifies a network administrator that it will be turning off the power to the building over the weekend. Which of the following is the BEST solution to prevent the servers from going down?

• A. Redundant power supplies
• B. Uninterruptible power supply
• C. Generator
• D. Power distribution unit

Answer: A

NEW QUESTION 7

A company is designing a new complex. The primary and alternate data centers will be in separate buildings 6.2mi (10km) apart and will be connected via fiber.
Which of the following types of SFP is the best choice?

• A. 10GBASE-SR
• B. 10000BASE-LX
• C. 10GBASE-LR
• D. 1000BASE-SX

Answer: C

Explanation:
10GBASE-LR is the best choice for connecting two data centers that are 6.2 miles (10 km) apart via fiber, because it supports a maximum distance of 6.2 miles (10 km) over single- mode fiber. 10GBASE-SR and 1000BASE-SX are designed for short-range connections over multi-mode fiber, and they can only reach up to 1,312 feet (400 m) and 1,804 feet (550 m), respectively. 10000BASE-LX is a typo and does not exist as a standard. References:
✑ Network Transceivers – CompTIA Network+ N10-007 – 2.11
✑ CompTIA Network+ Certification Exam Objectives2

NEW QUESTION 8

A local service provider connected 20 schools in a large city with a fiber-optic switched network. Which of the following network types did the provider set up?

• A. LAN
• B. MAN
• C. CAN
• D. WAN

Answer: B

Explanation:
MAN stands for Metropolitan Area Network, and it is a type of network that covers a large geographic area, such as a city or a county. MANs are often used to connect multiple LANs (Local Area Networks) within a region, such as schools, offices, or government buildings. MANs typically use high-speed and high-capacity transmission media, such as fiber-optic cables, to provide fast and reliable data communication. MANs can also provide access to WANs (Wide Area Networks), such as the Internet, or other services, such as cable TV or VoIP.
The other options are not correct because they are not the type of network that covers a large city. They are:
✑ LAN. LAN stands for Local Area Network, and it is a type of network that covers a
small geographic area, such as a home, an office, or a building. LANs are often used to connect multiple devices, such as computers, printers, or phones, within a single network. LANs typically use low-cost and low-capacity transmission media, such as twisted-pair cables, to provide data communication. LANs can also provide access to other networks, such as MANs or WANs, through routers or gateways.
✑ CAN. CAN stands for Campus Area Network, and it is a type of network that
covers a moderate geographic area, such as a university, a hospital, or a military base. CANs are often used to connect multiple LANs within a campus, such as different departments, buildings, or facilities. CANs typically use medium-cost and medium-capacity transmission media, such as coaxial cables, to provide data communication. CANs can also provide access to other networks, such as MANs or WANs, through routers or gateways.
✑ WAN. WAN stands for Wide Area Network, and it is a type of network that covers
a very large geographic area, such as a country, a continent, or the world. WANs are often used to connect multiple MANs or LANs across different regions, such as
different cities, states, or countries. WANs typically use high-cost and high- capacity transmission media, such as satellite links, to provide data communication. WANs can also provide access to various services, such as the Internet, email, or VPN.
References1: What is a Metropolitan Area Network (MAN)? - Definition from
Techopedia2: Network+ (Plus) Certification | CompTIA IT Certifications3: What is a Local Area Network (LAN)? - Definition from Techopedia4: What is a Campus Area Network (CAN)? - Definition from Techopedia5: What is a Wide Area Network (WAN)? - Definition from Techopedia

NEW QUESTION 9

A network administrator is designing a wireless network. The administrator must ensure a rented office space has a sufficient signal. Reducing exposure to the wireless network is important, but it is secondary to the primary objective. Which of the following would MOST likely facilitate the correct accessibility to the Wi-Fi network?

• A. Polarization
• B. Channel utilization
• C. Channel bonding
• D. Antenna type
• E. MU-MIMO

Answer: B

NEW QUESTION 10

Which of the following devices would be used to extend the range of a wireless network?

• A. A repeater
• B. A media converter
• C. A router
• D. A switch

Answer: A

Explanation:
A repeater is a device used to extend the range of a wireless network by receiving, amplifying, and retransmitting wireless signals. It is typically used to extend the range of a wireless network in a large area, such as an office building or a campus. Repeaters can also be used to connect multiple wireless networks together, allowing users to move seamlessly between networks. As stated in the CompTIA Network+ Study Manual, "a wireless repeater is used to extend the range of a wireless network by repeating the signal from one access point to another."

NEW QUESTION 11

A network administrator is implementing OSPF on all of a company’s network devices. Which of the following will MOST likely replace all the company’s hubs?

• A. A Layer 3 switch
• B. A proxy server
• C. A NGFW
• D. A WLAN controller

Answer: A

Explanation:
A Layer 3 switch will likely replace all the company's hubs when implementing OSPF on all of its network devices. A Layer 3 switch combines the functionality of a traditional Layer 2 switch with the routing capabilities of a router. By implementing OSPF on a Layer 3 switch, an organization can improve network performance and reduce the risk of network congestion. References: Network+ Certification Study Guide, Chapter 5: Network Security

NEW QUESTION 12

A security administrator is trying to prevent incorrect IP addresses from being assigned to clients on the network. Which of the following would MOST likely prevent this and allow the network to continue to operate?

• A. Configuring DHCP snooping on the switch
• B. Preventing broadcast messages leaving the client network
• C. Blocking ports 67/68 on the client network
• D. Enabling port security on access ports

Answer: A

Explanation:
To prevent incorrect IP addresses from being assigned to clients on the network and allow the network to continue to operate, the security administrator should consider configuring DHCP (Dynamic Host Configuration Protocol) snooping on the switch. DHCP snooping is a security feature that is used to prevent unauthorized DHCP servers from operating on a network. It works by allowing the switch to monitor and validate DHCP traffic on the network, ensuring that only legitimate DHCP messages are forwarded to clients. This can help to prevent incorrect IP addresses from being assigned to clients, as it ensures that only authorized DHCP servers are able to provide IP addresses to clients on the network.

NEW QUESTION 13

A lab environment hosts Internet-facing web servers and other experimental machines, which technicians use for various tasks A technician installs software on one of the web servers to allow communication to the company's file server, but it is unable to connect to it Other machines in the building are able to retrieve files from the file server. Which of the following is the MOST likely reason the web server cannot retrieve the files, and what should be done to resolve the problem?

• A. The lab environment's IDS is blocking the network traffic 1 he technician can whitelist the new application in the IDS
• B. The lab environment is located in the DM2, and traffic to the LAN zone is denied by defaul
• C. The technician can move the computer to another zone or request an exception from the administrator.
• D. The lab environment has lost connectivity to the company router, and the switch needs to be reboote
• E. The technician can get the key to the wiring closet and manually restart the switch
• F. The lab environment is currently set up with hubs instead of switches, and the requests are getting bounced back The technician can submit a request for upgraded equipment to management.

Answer: B

Explanation:
The lab environment is located in the DMZ, and traffic to the LAN zone is denied by default. This is the most likely reason why the web server cannot retrieve files from the file server, and the technician can either move the computer to another zone or request an exception from the administrator to resolve the problem. A DMZ (Demilitarized Zone) is a network segment that separates the internal network (LAN) from the external network (Internet). It usually hosts public-facing servers such as web servers, email servers, or FTP servers that need to be accessed by both internal and external users. A firewall is used to control the traffic between the DMZ and the LAN zones, and usually denies traffic from the DMZ to the LAN by default for security reasons. Therefore, if a web server in the DMZ needs to communicate with a file server in the LAN, it would need a special rule or permission from the firewall administrator. References: https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html

NEW QUESTION 14

Which of the following IP packet header fields is the mechanism for ending loops at Layer 3?

• A. Checksum
• B. Type
• C. Time-to-live
• D. Protocol

Answer: C

Explanation:
The time-to-live (TTL) field is the mechanism for ending loops at Layer 3, which is the network layer of the OSI model. The TTL field is an 8-bit field that indicates the maximum time or number of hops that an IP packet can travel before it is discarded. Every time an IP packet passes through a router, the router decrements the TTL value by one. If the TTL value reaches zero, the router drops the packet and sends an ICMP message back to the source, informing that the packet has expired. This way, the TTL field prevents an IP packet from looping endlessly in a network with routing errors or cycles123.
The other options are not mechanisms for ending loops at Layer 3. The checksum field is a 16-bit field that is used to verify the integrity of the IP header. The checksum field is calculated by adding all the 16-bit words in the header and taking the one’s complement of the result. If the checksum field does not match the calculated value, the IP packet is considered corrupted and discarded12. The type field, also known as the type of service (TOS) or differentiated services code point (DSCP) field, is an 8-bit field that is used to specify the quality of service (QoS) or priority of the IP packet. The type field can indicate how the packet should be handled in terms of delay, throughput, reliability, or cost12. The protocol field is an 8-bit field that is used to identify the transport layer protocol that is encapsulated in the IP packet. The protocol field can indicate whether the payload is a TCP segment, a UDP datagram, an ICMP message, or another protocol12.

NEW QUESTION 15

A network security engineer is investigating a potentially malicious Insider on the network. The network security engineer would like to view all traffic coming from the user's PC to the switch without interrupting any traffic or having any downtime. Which of the following should the network security engineer do?

• A. Turn on port security.
• B. Implement dynamic ARP inspection.
• C. Configure 802.1Q.
• D. Enable port mirroring.

Answer: D

Explanation:
Port mirroring is a feature that allows a network switch to copy the traffic from one or more ports to another port for monitoring purposes. Port mirroring can be used to analyze the network traffic from a specific source, destination, or protocol without affecting the normal operation of the network. Port mirroring can also help to detect and troubleshoot network problems, such as performance issues, security breaches, or policy violations.
The other options are not correct because they do not meet the requirements of the question. They are:
✑ Turn on port security. Port security is a feature that restricts the number and type
of devices that can connect to a switch port. Port security can help to prevent unauthorized access, MAC address spoofing, or MAC flooding attacks. However, port security does not allow the network security engineer to view the traffic from the user’s PC to the switch.
✑ Implement dynamic ARP inspection. Dynamic ARP inspection (DAI) is a feature
that validates the ARP packets on a network and prevents ARP spoofing attacks. DAI can help to protect the network from man-in-the-middle, denial-of-service, or data interception attacks. However, DAI does not allow the network security engineer to view the traffic from the user’s PC to the switch.
✑ Configure 802.1Q. 802.1Q is a standard that defines how to create and manage
virtual LANs (VLANs) on a network. VLANs can help to segment the network into logical groups based on function, security, or performance. However, 802.1Q does not allow the network security engineer to view the traffic from the user’s PC to the switch.
References1: Port Mirroring - an overview | ScienceDirect Topics2: Network+ (Plus) Certification | CompTIA IT Certifications3: Port Security - an overview | ScienceDirect Topics4: Dynamic ARP Inspection - an overview | ScienceDirect Topics5: 802.1Q - an overview | ScienceDirect Topics

NEW QUESTION 16
......