CompTIA Network+ Practice Test (N10-009)

Using hash functions is the best measure to support integrity as they generate a fixed-size string (hash) based on the data input. If even a single bit of the data changes, the resulting hash will change significantly. This allows any alterations in data to be easily detected, thus maintaining integrity. Encrypting data, while crucial for confidentiality, does not primarily ensure integrity as it does not necessarily reveal data modifications. Enforcing strong authentication measures mainly enhances security by verifying user identity, addressing access control more squarely than data integrity itself.

The Authentication Header primarily provides integrity and authentication of IP packets. It does this by appending a header to each packet, which ensures that the packet has not been altered during transit and that the source is authenticated. While encryption might secure a packet's content, AH does not provide encryption services; that is a function of the Encapsulating Security Payload (ESP). Similarly, AH does not specifically optimize network traffic or enhance transmission speed; these are not functions of the IPsec Authentication Header.

Private network addresses, as defined by RFC 1918, are used for internal networks and are not routable on the public internet. Assigning these addresses ensures the servers are isolated from direct external connections, enhancing security. Public network addresses are globally routable and would expose the servers to the internet. APIPA addresses are used as a fallback when a DHCP server is unavailable and are not suitable for a planned data center configuration. The term "Externally routable RFC 1918 addresses" is a contradiction, as these address ranges are specifically designated as non-routable on the global internet.

Implementing IPv6 addressing provides a massively larger address space (128-bit) compared to IPv4's 32-bit space, eliminating the risk of address exhaustion.

Why other answers are incorrect:

• Network Address Translation (NAT) conserves public IPv4 addresses by letting many hosts share one public address, but it does not create additional addresses.
• More stringent subnetting can allocate the existing space more efficiently but cannot increase the total number of addresses.
• Assigning only private address ranges avoids using public addresses on internal networks but still depends on a limited pool of public IPv4 addresses for external communication.

TFTP is most suitable for this scenario because it uses minimal network traffic for file transfers, which is ideal for environments with limited resources and devices with low storage. It provides a straightforward method without the complexity and overhead associated with more robust file transfer protocols, making it suitable for simple tasks like firmware updates where security is not a concern.

Packet loss percentage is the correct answer because it provides a direct indication of network quality and efficiency, crucial for establishing a performance baseline. High packet loss can significantly affect the quality of service, making it a vital metric for alarm thresholds and troubleshooting. Network uptime, while important, is more of a reliability or availability metric, not a baseline metric used for performance anomalies. The number of active connections can vary greatly and does not necessarily indicate performance issues. Average CPU usage is a device health metric, not a direct measure of network traffic performance, although it can be a cause of performance degradation.

The correct answer is 'Network uptime commitment', as it specifies the amount of time the network should be operational and accessible, which is critical for maintaining business operations. An SLA that includes a substantial uptime guarantee reduces potential disruptions caused by network outages. The option '24/7 customer support' is helpful but does not directly mitigate downtime impact, as support responsiveness does not govern the actual operational performance of the network. 'Disaster recovery options' are crucial in a broader context but pertain more to recovery post-incident rather than preventing downtime. 'Early termination rights' relate to contract flexibility rather than operational performance.

Link aggregation allows multiple network connections to be combined into a single group, providing increased data rates and redundancy to improve network performance and reliability. This technique does not primarily focus on resolving IP conflicts which is typically handled by network protocols and subnetting strategies, nor does it segment a network like VLANs or directly manage traffic as a router does.

Static routing involves manual entry of routes into a network router's routing table by the network administrator. This method depends on pre-determined paths set by the admin and does not change unless manually updated. This contrasts with dynamic routing where routes are automatically updated based on changes in the network.

An unauthorized server that assigns network configurations, such as a rogue DHCP server, often intercepts or disrupts network traffic by providing incorrect configurations to clients. This misdirection can lead to man-in-the-middle attacks or other security breaches, highlighting why understanding this threat is crucial. The incorrect answers do not accurately describe the primary malicious intent of such a server.

A hybrid topology is the combination of two or more different network topologies, such as star, mesh, or bus, into a single network. This approach allows for the benefits of each topology to be utilized, increasing the overall performance and reliability of the network. Star topology refers singularly to networks where each node is connected to a central node, not a combination. Mesh topology involves each node connecting directly to every other node, again not inherently combined with others. Point-to-point topology typically involves direct connections between two nodes, and does not represent a combination of multiple types.

A Denial-of-Service (DoS) attack is intended to make a server or network resource unavailable to users, typically by overwhelming it with excessive requests until it can no longer respond effectively. The sudden spike in traffic and degradation of service mentioned in the scenario is characteristic of a DoS attack. ARP poisoning is a threat that affects data integrity by redirecting network traffic to an attacker, which is different from overwhelming a service with traffic. MAC flooding aims to saturate a switch's MAC address table, forcing it to broadcast traffic to all ports, which is a different mechanism and goal than the one described. A Rogue AP is an unauthorized access point that provides a vector for various other attacks but does not in itself cause a massive flood of traffic to a specific web server.

Using APIs (Application Programming Interfaces) provided by the network management system allows for seamless integration between third-party tools and proprietary systems. APIs act as a bridge, facilitating secure and efficient data exchange and enabling automation and enhanced functionality across different platforms, making them the optimal choice for integrating diverse system components. SNMP, while useful for gathering network status and metrics, does not offer the same level of deep integration or control capabilities as APIs. Syslog is primarily used for collecting and forwarding log messages and does not support the direct, interactive integration required in the scenario. Manual data entry via a GUI is inefficient, error-prone, and the opposite of automation.

This scenario describes a tabletop exercise, which is a discussion-based session where team members meet to discuss their roles and walk through the steps of a disaster recovery plan in response to a simulated event. It does not involve physical relocation or actual system recovery. A full-scale exercise would involve a hands-on, physical run-through. A hot site cutover is the actual process of switching to a live backup site. RPO (Recovery Point Objective) is a metric that defines the acceptable amount of data loss, not a type of exercise.

Playbooks, in the context of Infrastructure as Code, allow network administrators to automate and reapply configurations across multiple devices efficiently. They are designed to execute a series of tasks, making them ideal for scalable and repetitive deployment scenarios. Other options, although useful in network management, do not directly align with the need for repeatable task automation in the same way that playbooks do.

The spine and leaf topology is ideal for modern data centers because it provides high-capacity, low-latency communication between servers. Each leaf switch connects directly to every spine switch, creating multiple equal-cost paths that minimize bottlenecks and increase fault tolerance compared with traditional three-tier or star designs.

It is essential to back up the current configurations before any changes are made. This allows the network to be restored to its previous state if the new configurations lead to issues or failures. This practice ensures minimal service disruption and provides a recovery point. Making notes of performance metrics helps to compare before and after states but does not safeguard against configuration errors. While informing the IT team is a good practice for awareness, it does not directly protect against potential configuration issues.

Analyzing the utilization statistics on network switches provides immediate and relevant information to identify high traffic flows and overloaded pathways, which are indicative of a bottleneck. This approach targets the specific area of concern quickly and efficiently. Viewing system logs on servers might not directly pinpoint network bottlenecks, although server issues can indirectly affect network performance. Implementing QoS helps manage traffic prioritization but does not identify existing bottlenecks. Similarly, replacing network cables is a premature action without confirming they are the source of the bottleneck.

Role-Based Access Control (RBAC) is the most suitable choice because it assigns permissions according to the roles that users hold within an organization. In this scenario, a single role such as "executive" can be granted the necessary rights, ensuring that only those users can see the records.

• Mandatory Access Control (MAC) is highly secure and label-oriented but is designed around fixed classification levels and can be cumbersome to adjust for changing organizational roles.
• Discretionary Access Control (DAC) leaves permission decisions to resource owners, which is more flexible but less stringent and can lead to accidental over-sharing.
• Attribute-Based Access Control (ABAC) offers very fine-grained, attribute-driven policies, but that level of complexity is unnecessary when a straightforward role assignment meets the requirements.

Therefore, RBAC best matches the need for role-centric, easily managed restrictions.

The correct answer is "Data exfiltration," which involves the unauthorized transfer of data from a computer or other device to an external location or party. The observed signs-large, unusual outbound traffic to unfamiliar IP addresses-typically indicate that data is being intentionally siphoned out of the network. "ARP spoofing" primarily redirects traffic within the local network and does not directly explain the large outbound data flow. "Phishing" deceives individuals into disclosing sensitive data, but it does not inherently cause sustained outbound transfers. "Rogue AP" refers to unauthorized wireless access points inside or near the environment; while it can facilitate attacks, it does not itself explain the observed bulk data transmissions to external addresses.