Network Security and Configuration Quiz

Questions and Answers

Which software tool would BEST assist a technician in finding all the devices connected within a network?

Packet sniffer

Performance monitor

Configuration manager

Network scanner (correct)

A technician should configure DHCP snooping to prevent unintended connections on a network switch.

False

What standard 802.11 frequency range should a technician consider for a high-density wireless network to maximize channels?

5 GHz

To track and document various types of known vulnerabilities, one would typically use a __________.

vulnerability management tool

Match the network security configurations with their correct purposes:

DHCP snooping = Validates IP address assignments Geofencing = Restricts access based on geographic location Port security = Prevents unauthorized device connections Secure SNMP = Secures network management protocols

What is the best configuration method to limit connections for a switch located in a public area?

Implementing port security

The 2.4 GHz frequency range supports a higher number of channels compared to the 5 GHz frequency range.

False

What is a common approach to mitigating RF interference in a wireless network?

Using different channels within the same frequency band

Which document would BEST support the management team in ensuring unnecessary modifications to the corporate network are not permitted?

Change Management Policy

East-West traffic in a datacenter typically involves traffic between servers within the same network segment.

True

What should a technician check if a network switch stops responding when the logging level is set to debugging?

CPU utilization

A technician is deploying a wireless network with 30 WAPs broadcasting the same SSID. This deployment is BEST described as a __________ network.

flat

Match the following types of network traffic with their descriptions:

East-West = Traffic between servers within the same datacenter North-South = Traffic between networks and the internet Broadcast = Traffic sent to all devices in a network segment Unicast = Traffic sent to a specific device

Which of the following is MOST likely to generate significant East-West traffic in a datacenter?

Database replication

Debugging logging levels always improve the performance of network devices.

False

What term refers to the presence of multiple Access Points broadcasting the same SSID in a wireless network?

SSID overlapping

Which subnet mask option is the most voted?

255.255.254.0

A CNAME record is used to redirect clients to a corporate organization page.

True

What would be the BEST way to improve video conferencing performance?

Quality of service

The LAST rule that should be applied in a firewall is called an implicit _______.

deny

What type of DNS record should be created for redirecting a company's address?

CNAME

Port security should be the last rule implemented in a firewall configuration.

False

What is the purpose of packet shaping?

To manage network traffic and ensure efficient bandwidth usage.

Match the following networking terms with their functions:

Quality of Service = Prioritizes network traffic CNAME = Domain redirection Implicit Deny = Blocks all non-allowed traffic Packet Shaping = Manages bandwidth usage

Which of the following IP addresses falls within the subnet range of 10.1.2.0?

10.1.2.10

The SOA record is primarily used for managing email servers.

False

What does TTL stand for in DNS records?

Time to Live

The __ standard is used in wireless networks for managing multiple simultaneous client access.

CSMA/CA

Match the following DNS record types with their purposes:

A = Maps a domain name to an IP address MX = Routes emails to the correct mail servers TXT = Provides human-readable text information about a domain SOA = Indicates the authoritative information about a domain

Which of the following options would help a technician keep track of equipment changes?

Asset tags

A network administrator should choose CSMA/CD for a wireless network.

False

What is a common type of cyberattack that encrypts user data requiring backups for recovery?

Ransomware

Which method will a network administrator MOST likely use to ensure smooth video delivery?

Jumbo frames

Traffic shaping is used to reduce overhead and increase efficiency on a SAN.

False

What should be implemented to stop a rogue access point without physical removal?

Port security

A large frame size in networking is referred to as _______.

jumbo frames

Which option can be configured to reduce overhead on a SAN?

Jumbo frames

A network topology where all Internet-bound traffic exits through a main datacenter is considered a centralized topology.

True

What is the primary purpose of port security in a network?

To restrict unauthorized access to the network

Match the following network security measures with their primary functions:

Port security = Restricts unauthorized devices from accessing the network Traffic shaping = Manages data transmission rates Jumbo frames = Reduces overhead by increasing frame size Wireless client isolation = Prevents client devices from communicating with each other on the network

Which network topology is often characterized as the most voted option?

Hub-and-spoke

Using tcpdump is the best tool for conducting a cloud security assessment.

False

What is the most appropriate tool to assess a cloud server's security by identifying exposed protocols?

nmap

The LAN interface configuration for NAT with PAT would best be suited with the address _____

172.23.0.0/16

What is the primary purpose of the value assigned to a packet in a network?

To ensure it does not traverse indefinitely

Match the following IP address ranges with their respective CIDR notation:

172.15.0.0 = /18 172.18.0.0 = /10 172.23.0.0 = /16 172.28.0.0 = /8

An IP scanner is the best option for analyzing the WAN network addressing of a cloud server.

False

Which of the following options is NOT suitable for the LAN interface in NAT with PAT?

172.15.0.0/18

Study Notes

N10-008 Exam Questions - Study Notes

• WiFi Performance Improvement: A systems administrator needs to improve Wi-Fi performance in a dense office building. With a mix of 2.4 GHz and 5 GHz devices, selecting 802.11ax is the best option for latest standard.

• MAC Spoofing Detection: Internet Control Message Protocol (ICMP), Reverse Address Resolution Protocol (RARP), Dynamic Host Configuration Protocol (DHCP), and Internet Message Access Protocol (IMAP) are protocols used in networking. Reverse Address Resolution Protocol (ARP) is best for detecting MAC spoofing attacks.

• Jitter Troubleshooting: A technician troubleshooting high jitter on a wireless network, with variations in latency using ping, should utilize a spectrum analyzer.

• Wireless Connectivity Issues: Wireless users reporting intermittent internet connectivity with web authentication requiring reconnection, the cause is likely a session timeout configuration on the captive portal's settings.

• Network Attacks: Tailgating is a security attack that involves physically following someone through a secured location. A network administrator prevented this security attack by stopping the unknown person and directing the person to security.

• Wireless Network Setup: A wireless network setup simulation involves configuring three Access Points (APs) and one switch. The SSIDs should be "CorpNet" using the key "S3cr3t!". The wireless signals shouldn't interfere, the subnet should support a maximum of 30 connected devices, and the APs should only support TKIP clients at maximum speed for efficient setup.

• CRC Errors: CRC errors during network communication indicates a problem on the Layer 2 of the OSI model which is often related to cabling.

• VM Performance Issues: A sudden increase in 100 VM users caused performance issues. Metrics like CPU usage and memory will provide an accurate analysis of the underlying performance issues.

• DHCP Exhaustion: When DHCP scope is exhausted, the administrator should reduce the lease time to avoid creating a new DHCP pool.

• IPv6 and MAC Addresses: The switch feature MOST likely used to assist in scripting to log IPv6 and MAC addresses on a network segment is Neighbor Discovery Protocol (NDP).

• DNS Records: A CNAME record in DNS acts as an alias for another record.

• Network Connectivity: Troubleshooting internet connectivity issues in a new building that's connected to the LAN via fiber optic cable, the administrator should correct the DNS server entries in the DHCP scope to resolve the internet access issue.

• Fiber Optic Cable Issues: A fiber optic cable connection problem was most likely caused by reversed TX/RX (transmit/receive) connections.

• Finding Network Devices: Using the MAC table on a network switch is the BEST way for a technician to locate a device's network port.

• Server Redundancy: Network Interface Card (NIC) teaming provides redundancy on a file server to ensure continued connection to the LAN in case of a port failure on a switch.

• Content Delivery Networks: Content Delivery Networks (CDNs) are a technology that help optimize speeds and reduce latency for global content distribution.

• Network Troubleshooting First Steps: Asking users about the specific changes made to the network is the recommended FIRST step in troubleshooting a network issue.

• Cable Crossover: Using MDIX on the switch can resolve the cable crossover issue with vendor certified cables.

• Network Monitoring Tool: IP scanner is the best network tool for finding devices on a network.

• Wireless Network Channel Configuration: The technician should use 5GHz for configuring high density wireless networks to help reduce interference. A 5GHz network will allow for more channels to be used.

• Network Switch Configuration: Configuring DHCP snooping on a switch in a public location can help prevent unintended network connections.

• Vulnerability Tracking Tools: Common Vulnerabilities and Exposures (CVE) is used to track various types of known vulnerabilities.

• Password Policies Two-factor authentication and complex passwords are recommended policies to mitigate brute-force password attacks.

• Network Bandwidth Increase Using Multipathing, NIC teaming, Load Balancing, or Clustering on the server is best way to increase server bandwidth. This is achieved by connecting two network cables on the switch stack and ensuring correct configuration on the switch interfaces.

• Network Device Configuration Commands: Validating network settings on a Linux device to match the 192.168.0.0/20 network block can be accomplished by using the 'ifconfig' or 'ip' command to get a detailed network configuration.

• Biggest MTU for an Ethernet Frame: The biggest MTU for a standard Ethernet frame is 1500.

• Command Line Networking Tools: The command-line tool 'netstat' shows the status of network connections and processes.

• Troubleshooting Network Errors: Checking for errors on a network can include verifying the cable (by replacing cables), the switch (by verifying its functions), and the device (by confirming it is properly configured).

• Network Troubleshooting: Using a bottom-up approach will help in efficiently troubleshooting network issues which starts from basic connectivity checks to more complex issues, such as checking for a rogue DHCP server or a misconfigured subnet mask.

Description

Test your knowledge on network security configurations, wireless standards, and best practices for device management. This quiz covers essential concepts for technicians in the field, including DHCP snooping and RF interference mitigation strategies.