N10-008 Study Notes: Networking Essentials

Questions and Answers

What type of attack did the network administrator prevent by directing the unknown person to security?

Evil twin

Tailgating (correct)

Shoulder surfing

Piggybacking

At which OSI layer should the administrator begin troubleshooting if experiencing CRC errors?

Layer 3

Layer 2

Layer 4

Layer 1 (correct)

Which two metrics would MOST accurately indicate the cause of slow virtual desktops for the new users?

Memory (correct)

CPU usage (correct)

Bandwidth

Temperature

What action can the administrator take to resolve an exhausted DHCP scope without creating a new pool?

Reduce the lease time

What is the primary purpose of the script being written by the administrator?

To log IPv6 and MAC addresses

Which of the following best describes the problem when minimal network congestion is reported but users experience slow desktops?

Inadequate memory allocation

In network diagnostics, what does a high number of CRC errors typically indicate?

Faulty network equipment

Which of the following actions would potentially increase the performance of VMs for users reporting slowness?

Upgrading CPU resources

Which wireless standard should be selected for improving WiFi performance in a mixed device environment using 2.4 GHz and 5 GHz?

802.11ax

What protocol is MOST effective for detecting MAC spoofing attacks?

Reverse Address Resolution Protocol

Which tool is MOST appropriate for troubleshooting high amounts of jitter on a wireless network?

Spectrum analyzer

What is the FIRST step a network administrator should take to address intermittent connectivity issues reported by wireless users?

Verify the session time-out configuration on the captive portal settings

Which wireless standard provides the best performance for streaming video in an office environment?

802.11ax

Which of the following would MOST likely indicate a problem with DHCP in a wireless network?

Users are unable to connect to the wireless network

Which option is a likely cause of jitter when using a wireless network?

Interference from neighboring networks

What is the purpose of the Reverse Address Resolution Protocol in network troubleshooting?

To map IP addresses to MAC addresses

Which option allows the use of the original Cat 6 cable without needing a new cabling certification?

MDIX

Which software tool is best for finding all devices connected within a network?

IP scanner

What frequency range should a technician look for to maximize the number of channels in a high-density wireless network?

5GHz

What should a technician configure on a network switch to prevent unintended connections in a public location?

Port security

Which command would be most useful to test the connectivity to a server from a technician's PC?

ping

What is the main advantage of using PoE+ in network installations?

Powering devices over Ethernet

Which protocol is implemented in Ethernet for collision detection?

CSMA/CD

Which option best describes the purpose of a netFlow analyzer in a network?

Analyzing bandwidth usage

What should a technician do NEXT after determining the most likely probable cause of an issue?

Implement the solution or escalate as necessary

Which of the following BEST describes a network appliance that warns of unapproved devices accessing the network?

IDS (Intrusion Detection System)

Which cable type is MOST likely used to connect a cable modem to the ISP in a SOHO setting?

Coaxial

What is the physical topology for an Ethernet LAN?

Star

Which method should be used to verify that a solution has resolved the identified issue?

Verify full system functionality

What should be considered when implementing preventive measures after resolving an issue?

Effectiveness of the current solution

Which of the following devices functions as a barrier and filters incoming and outgoing network traffic?

Firewall

In the context of network security, what is the purpose of a Proxy server?

To enhance bandwidth by caching data

What is the FIRST verification task the network administrator should perform after identifying the IP addresses for new-mail.company.com?

Confirm the internal DNS server is replying to requests for the cloud solution.

Which security protocol would BEST support enabling encryption and creating a password for AP security?

WPA2

Which of the following ports is NOT associated with IMAP?

25

What component is primarily responsible for enforcing security policies in a network?

Firewall

What should be the immediate course of action if a network technician detects unauthorized access to a network device?

Change the device password immediately.

Which of the following protocols would be used to secure communications over the Internet?

HTTPS

If a network administrator is troubleshooting connectivity from a device to a switchport, which tool would BEST help identify the issue?

Ping

What is the purpose of using a Pass-Through Authentication Protocol?

To allow users to access multiple systems with a single login.

Which security capability should the network administrator utilize to ensure the least administrative effort while maintaining the defined permissions?

Role-based access

What would be the best method to quickly refresh MX record updates to authoritative name servers?

Time to live

To accommodate 412 network-connected devices on the same subnet with minimal size, which subnet mask is most appropriate?

255.255.254.0

Which DNS record should be created to redirect clients to the corporate organization page after an acquisition?

CNAME record

Which of the following provides auditors with read-only access to system logs while prohibiting operators from accessing them?

Role-based access

What type of access control allows for a structured approach to user permissions based on predefined roles?

Role-based access

Which option would best assist in minimizing disruption when updating DNS records?

Reducing TTL values

When accommodating a new office for 412 devices, which subnet mask option is least likely to conserve IP addresses?

255.255.0.0

Study Notes

N10-008 Study Notes

• Topic 1, #1: A systems administrator needs to improve WiFi performance in a densely populated office tower. The best standard to use is 802.11ax.

• Topic 1, #2: The BEST method to detect a MAC spoofing attack is the Internet Control Message Protocol.

• Topic 1, #3: A technician is experiencing high jitter on a wireless network. Large variations in ping latency to the default gateway indicate interference from other networks or non-802.11 devices. The technician should use a spectrum analyzer to troubleshoot the issue.

• Topic 1, #4: Wireless users are reporting intermittent internet connectivity. Connectivity is restored when the network is interrupted.

• Topic 1, #5: A network administrator sees an unknown person following closely and directs them to the security desk. This prevents a Tailgating attack.

• Topic 1, #6: A network is experiencing CRC errors during normal communication. The administrator should troubleshoot at Layer 1 of the OSI model.

• Topic 1, #7: A client added 100 VM users and reports slow unresponsive desktops. The MOST accurate metrics to show the underlying performance issues are CPU usage and memory.

• Topic 1, #8: Client devices cannot enter a network because the DHCP scope is exhausted. The best way to resolve this is to decrease the lease time.

• Topic 1, #9: An administrator needs to create a script to periodically log IPv6 and MAC addresses on a network segment. A Spanning Tree Protocol switch feature will most likely be needed to accomplish that task.

• Topic 1, #10: 802.11ax performs best given the varying 2.4GHz and 5GHz devices and the latest standards.

• Topic 1, #11: CNAME DNS records act as aliases for other records

• Topic 1, #12: If a company's internal network is inaccessible via web browser but external sites are available, the network administrator should check the external firewall gateway address.

• Topic 1, #13: A technician is installing fiber optic to a network device. The connection steps are device, LC/LC patch cable/ Patch panel, Cross-connect fiber cable, patch panel, LC/LC patch cable.

• Topic 1, #14: NIC teaming provides redundancy on a file server to ensure continued operation when a switchport fails,

• Topic 1, #15: An IT organization needs to optimize speeds for global content distribution to reduce latency in high-density user locations. The BEST technology to meet these organization's requirements is a content delivery network.

• Topic 1, #16: A user reports being unable to access network resources; the administrator should FIRST ask what changes were made.

• Topic 1, #17: A technician is creating a crossover cable for a Cat 6 certified cable from one end to the other. Performing MDIX will allow for use of the original cable.

• Topic 1, #18: An IP scanner is the BEST tool to identify all devices, and those connected in a network.

• Topic 1, #19-20: For a high-density wireless network, the technician should consider 5GHz for the optimal number of channels, and DHCP snooping for a publicly accessible location to prevent unintended connections.

• Topic 1, #21-22: CVE is used to track and document various known vulnerabilities

• Topic 1, #23: A network administrator should implement brute force protection if a user's email password is frequently hacked.

• Topic 1, #24: For increasing server bandwidth, the network engineer should configure LACP on the switchports.

• Topic 1, #25: The network block is 192.168.0.0/20. The appropriate subnet is 255.255.255.0.

• Topic 1, #26: The largest MTU for a standard Ethernet frame is 1500D.2304.

• Topic 1, #27: A firewall is the best network appliance to warn of unapproved devices.

• Topic 1, #28: Coaxial Cable is MOST likely the cable type used to connect a modem to an ISP.

• Topic 1, #29: The physical topology for Ethernet LAN is star

• Topic 1, #30: Establishing a plan of action is the next step after determining the cause of an issue in troubleshooting

• Topic 1, #31: A change management policy BEST supports maintaining version control of modifications to corporate networks.

• Topic 1, #32: The MOST likely action to generate significant East-West traffic in a datacenter is downloading navigation data to a portable device for offline access.

• Topic 1, #33: To troubleshoot network switch issues with intermittent response times, check the audit logs.

• Topic 1, #34-35: For a three-story office, a wireless network comprised of multiple access points broadcasting the same SSID is an extended service set, and to allow user access to a network, one must know its network address.

• Topic 1, #36: The BEST tool for identifying all devices on a network is an IP scanner.

• Topic 1, #37-38: The most suitable methods when migrating server services to a cloud solution is SaaS, and appropriate configuration for network inter-connectivity is NAT.

• Topic 1, #39: Bandwidth management is used to prioritize Internet usage per application and user on a network

• Topic 1, #40: The command "dig" is the easiest method to query the NS servers for remote applications.

• Topic 1, #41: Change management is the most likely way to review previous upgrades.

• Topic 1, #42: MIB is used to gather metrics from network switches to record/manage changes.

• Topic 1, #43: To troubleshoot a networking issue with a syslog server and the sending of critical events, consider the config of the log level on the server

• Topic 1, #44: A Layer 3 switch is the best replacement for a company's hubs

• Topic 1, #45-48: If users are using a guest network improperly, the admin should enforce client isolation, adjust the wireless power levels, and/or adjust the wireless channels.

• Topic 1, #49-51: A network technician who implements OSPF should replace company hubs with Layer 3 switches.

• Topic 1, #52: A network engineers should configure VLANs for network security.

• Topic 1, #53: A network should be configured with redundancy in a system, such as a load balancer and/or a virtual IP for failover.

• Topic 1, #54-67: A technician troubleshooting a wireless connectivity issue should use a variety of tools, such as connector types, to identify potential issues.

• Topic 1, #68: VoIP phones commonly use port 5060

• Topic 1, #69: A network engineer needs to consider VoIP calls running over WAN connections and potential jitter problems.

• Topic 1, #70: To prevent outside users from telnetting into servers, block port 23.

• Topic 1, #71: The documentation should include the company server farm information and configuration.

• Topic 1, #72-73-74: SFP+ is recommended if the network supports 40Gbps connections, consider appropriate VLAN configurations for the network, and the choice of access method is based on security requirements.

• Topic 1, #75: Port 445 is predominantly used by Windows OS for file sharing.

• Topic 1, #76-77-78-79: Wireless devices used for video conferencing must have adequate bandwidth for performance. Appropriate access control, and/or configuration of the equipment is essential for security. Maintaining a record of equipment changes/updates is important.

• Topic 1, #80: Ransomware is an attack that encrypts user data and requires a backup.

• Topic 1, #81: A honeypot is a system a network administrator uses to analyze attacks directed toward a network.

• Topic 1, #82-83: Databases should use TCP port 1433 for server communication; a network router must ensure wirelessly associated devices can communicate with each other through the implementation of client isolation or port security.

• Topic 1, #84: A company that does not have sufficient financial means to support redundant data should utilize cold or warm site configurations for disaster recovery.

• Topic 1, #85: The command 'show interface' should be used to identify the location of network issues.

• Topic 1, #86: The first troubleshooting step for a non-connecting DSL customer's workstation is reviewing the configuration to identify any asymmetrical routing, rogue DHCP server configurations, or errors with cables.

• Topic 1, #87: A cloud third-party platform provides data storage with options for hardware configurations.

• Topic 1, #88: Network administrators should ensure that a NDA, or Non-disclosure agreement, is signed to prevent sharing project details to third-parties.

• Topic 1, #89: A site-to-site VPN connection is best to enable access of a network share between two remote offices over an untrusted network.

• Topic 1, #90-91: In a multibuilding campus network, Port tagging is the configuration used for consistent, efficient, and cost-effective department segmentation of the network on a small configuration. The implementation of a security appliance that correlates and receives events from multiple devices relies on network protocols.

• Topic 1, #92: A vulnerability assessment is the most suitable method to address CVEs.

• Topic 1, #93: A misplaced/misconfigured AP is the most likely cause for a client having trouble connecting to a network.

• Topic 1, #94: A network switch should have loopback configuration to test it.

• Topic 1, #95-99: The Session layer of the OSI model is where conversations between applications are established, coordinated and terminated. Network services such as VoIP and VPN need specific configurations for different network standards or systems.

• Topic 1, #100-101-102: DNS caching, and/or MX record is expedited using UDP forwarding.

• Topic 1, #103-104-105-106-107-108: To manage a network, one must prioritize services/applications by configuring Quality of Service. To expedite network configuration, one needs to determine the proper IP addresses for applications.

• Topic 1, #109: MX Record updates are used to expedite network access to a new location by updating appropriate authoritative Name Servers (NSs), potentially leveraging external UDP forwarding to provide faster configuration.

• Topic 1, #110-111-112-113: Link Aggregation (LAG) /Port Aggregation improves network performance by creating more bandwidth, and disabling 2.4GHz radios should be applied when improving a network by lowering overall traffic. A load balancer or firewall would typically be used in the design and/or construction and implementation of a network.

• Topic 1, #114-115-116-117-118: To ensure proper configuration of a data center, consider the appropriate networking resources. In order to prevent unnecessary network access and issues caused by a router, implement port security.

• Topic 1, #119-120-121-122: Echo issues in phone calls might be caused by jitter, speed mismatches, QoS misconfiguration, protocol mismatch, CRC errors, and encapsulation errors. A split-tunnel VPN should be used to separate Internet and corporate traffic. To connect a device with an RJ45 port to a port with ST port; a media converter is necessary.

• Topic 1, #123-124-125-126-127: Security considerations like physical access to a data center or location should be controlled using access control vestibules, appropriate security techniques such as a warm site should be used. Correct configurations should be tested prior to deploying to new users, or locations and configurations should be verified for completeness to ensure proper access and performance.

• Topic 1, #128-129-130-131-132-133: Troubleshooting phone/VoIP issues includes determining if the issue is related to jitter, speed mismatch, misconfiguration, protocols or encapsulation errors. Network segmentation allows for a simpler approach in a multi-building environment.

• Topic 1, #134: Network problems in a cloud environment can have various causes. A network administrator will need to use tools such as nslookup to pinpoint the issues.

• Topic 1, #135-136-137: To increase network security, and to address AP connectivity, configure the necessary security groups or using a firewall.

• Topic 1, #138: A company with multiple routers can use either automatic backup and/or use a statically configured route, setting such as a VIP , or create a new IP setting.

• Topic 1, #139: A switch that blocks spanning trees is meant to prevent forwarding of loops in a network. A technician should use a cable tester/troubleshooting tools to determine if the cable, port or device is the problem.

• Topic 1, #140: To troubleshoot a network issue efficiently, first recreate it, then document the findings and escalate if needed.

• Topic 1, #141: iSCSI and FCOE are two architectures suitable for large SDN deployments.

• Topic 1, #142-143-144: The next step in troubleshooting is testing the theory, by verifying functionality and/or implement the solution, and/or escalating the issue

• Topic 1, #145: An organization can deploy a virtual appliance to filter traffic on a network or firewall to filter outbound traffic to an external web server.

• Topic 1, #146: A warm site in disaster recovery is a backup data center location ready for operations and equipment.

• Topic 1, #147-148-149: Protocols that support secure connections include RDP, SMB and SSH.

• Topic 1, #150: When troubleshooting network issues, problems on both switches can include an issue with the cable, and/or the MTU size

• Topic 1, #151: Security issues are often caused by the use of simple/single-word passwords.

• Topic 1, #152-153: The next troubleshooting step for a system is performing a factory reset,

• Topic 1, #154: The TCP port numbers are related to an addressing scheme.

• Topic 1, #155-156: A network engineer troubleshooting a device connecting to a switch should verify connectivity, or use appropriate tools like tracert, or ipconfig to determine the issue.

• Topic 1, #157-158: Using a single virtual proxies is often used for filtering spam content on a network, or to filter traffic using a reverse proxy on a company network.

• Topic 1, #159-160-161-162: The most common topology used in network design is a hub and spoke design that has a central system (hub). A VPN can be used to securely connect locations over a distance.

Description

This quiz covers essential topics for the N10-008 certification, focusing on WiFi performance, network security, and troubleshooting techniques. Test your knowledge on standards, security protocols, and methods to detect network issues. Ensure you are well-prepared for your upcoming exam!