CompTIA Network+ Question C-30

A network administrator configures an email server to use secure protocols. When the upgrade is completed, which of the following ports on the firewall should be configured to allow for connectivity? (Choose three.)

A. TCP 25
B. TCP 110
C. TCP 143
D. TCP 389
E. TCP 587
F. TCP 993
G. TCP 995

Correct Answer: EFG

CompTIA Network+ Question C-29

A network technician needs to separate a web server listening on port 80 from the internal LAN and secure the server from the public Internet. The web server should be accessible to the public Internet over port 80 but not the private LAN. Currently, the network is segmented with a network-based firewall using the following IP addressing scheme on each interface:

Which of the following ones should the technician use to place the web server and which of the following firewall rules should the technician configure?

A. Place the web server in the public zone with an inbound rule from eth0 interface to accept traffic over port 80 designated to the web server
B. Place the web server in the DMZ with an inbound rule from eth0 interface to eth1 to accept traffic over port 80 designated to the web server
C. Place the web server in the private zone with an inbound rule from eth2 interface to eth1 to accept traffic over port 80 designated to the web server
D. Place the web server in the DMZ with an inbound rule from eth1 interface to eth0 to accept traffic over port 80 designated to the web server

Correct Answer: B

CompTIA Network+ Question C-28

A administrator’s network has OSPF for the internal routing protocol and has two interfaces that continue to flap. The administrator reviews the following output:
Fast ethernet 0 is up, line protocol is up
Int ip address is 10.20.130.5/25
MTU 1500 bytes, BW10000 kbit, DLY 100 usec Reliability 255/255, Tx load 1/255, Rx load 1/255 Encapsulation ospf, loopback not set
Keep alive 10
Full duplex, 100Mb/s, 100Base Tx/Fx Received 1052993 broadcasts
1258 input errors
983881 packet output, 768588 bytes
1747 output errors, 0 collisions, 423 resets

Which of the following problems would cause the interface flap?

A. Wrong IP address
B. Loopback not set
C. Bad wire
D. Incorrect encapsulation
E. Duplex mismatch

Correct Answer: E

CompTIA Network+ Question C-27

Which of the following communication technologies is used by video conferencing systems to synchronize video streams, and reduce bandwidth, sent by a central location to subscribed devices?

A. Anycast
B. Unicast
C. CoS
D. QoS
E. Multicast

Correct Answer: E

CompTIA Network+ Question C-26

Network segmentation provides which of the following benefits?

A. Security through isolation
B. Link aggregation
C. Packet flooding through all ports
D. High availability through redundancy

Correct Answer: A

Explanation:
Network segmentation in computer networking is the act or profession of splitting a computer network into subnetworks, each being a network segment. Advantages of such splitting are primarily for boosting performance and improving security through isolation.
Advantages of network segmentation:
Improved security: Broadcasts will be contained to local network. Internal network structure will not be visible from outside
Reduced congestion: Improved performance is achieved because on a segmented network there are fewer hosts per subnetwork, thus minimizing local traffic Containing network problems: Limiting the effect of local failures on other parts of network

CompTIA Network+ Question C-25

A technician needs to ensure that new systems are protected from electronic snooping of Radio Frequency emanations. Which of the following standards should be consulted?

A. DWDM
B. MIMO
C. TEMPEST
D. DOCSIS

Correct Answer: C

Explanation:
Tempest was the name of a government project to study the ability to understand the data over a network by listening to the emanations. Tempest rooms are designed to keep emanations contained in that room to increase security of data communications happening there.

CompTIA Network+ Question C-24

Which of the following protocols uses label-switching routers and label-edge routers to forward traffic?

A. BGP
B. OSPF
C. IS-IS
D. MPLS

Correct Answer: D

Explanation:
In an MPLS network, data packets are assigned labels. Packet-forwarding decisions are made solely on the contents of this label, without the need to examine the
packet itself.
MPLS works by prefixing packets with an MPLS header, containing one or more labels.
An MPLS router that performs routing based only on the label is called a label switch router (LSR) or transit router. This is a type of router located in the middle of a MPLS network. It is responsible for switching the labels used to route packets. When an LSR receives a packet, it uses the label included in the packet header as an index to determine the next hop on the label-switched path (LSP) and a corresponding label for the packet from a lookup table. The old label is then removed from the header and replaced with the new label before the packet is routed forward.
A label edge router (LER) is a router that operates at the edge of an MPLS network and acts as the entry and exit points for the network. LERs respectively, add an MPLS label onto an incoming packet and remove it off the outgoing packet.
When forwarding IP datagrams into the MPLS domain, an LER uses routing information to determine appropriate labels to be affixed, labels the packet accordingly, and then forwards the labelled packets into the MPLS domain. Likewise, upon receiving a labelled packet which is destined to exit the MPLS domain, the LER strips off the label and forwards the resulting IP packet using normal IP forwarding rules.

CompTIA Network+ Question C-23

A company has had several virus infections over the past few months. The infections were caused by vulnerabilities in the application versions that are being used. Which of the following should an administrator implement to prevent future outbreaks?

A. Host-based intrusion detection systems
B. Acceptable use policies
C. Incident response team
D. Patch management

Correct Answer: D

Explanation:
As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be vulnerable to virus infections, in a piece of software.
A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated.

CompTIA Network+ Question C-22

An administrator only has telnet access to a remote workstation. Which of the following utilities will identify if the workstation uses DHCP?

A. tracert
B. ping
C. dig
D. ipconfig
E. netstat

Correct Answer: D

Explanation:
The ipconfig command displays the TCP/IP configuration of a Windows system. The ipconfig /all command displays the system’s TCP/IP configuration in detail. This output includes whether DHCP is enabled or not.