A network administrator is reviewing the network device logs on a syslog server. The messages are normal, but the time stamps on the messages are incorrect. Which of the following actions should the administrator take to ensure the log message time stamps are correct?
Correct Answer: C
Question 672
Which of the following describes a network in which users and devices need to mutually authenticate before any network resource can be accessed?
Correct Answer: C
Explanation A zero trust network is a network in which users and devices need to mutually authenticate before any network resource can be accessed. A zero trust network assumes that no one and nothing can be trusted by default, even if they were previously verified or are within the network perimeter. A zero trust network uses various technologies and practices, such as data and log aggregation, cybersecurity analytics, continuous diagnostics and mitigation, user behavior analytics, microsegmentation, and identity and access management, to enforce granular and dynamic policies based on the context and behavior of the users and devices123. References: What is Zero Trust? | Internet of Things | CompTIA3 The Death of the Perimeter: Zero Trust is (Almost) Here to Stay | Cybersecurity | CompTIA2 CompTIA Network+ Certification Exam N10-008 Practice Test 17 - ExamCompass1
Question 673
A company has been added to an unapproved list because of spam. The network administrator confirmed that a workstation was infected by malware. Which of the following processes did the administrator use to identify the root cause?
Correct Answer: A
One possible process that the administrator used to identify the root cause of the spam issue is traffic analysis. Traffic analysis is a technique that monitors and analyzes the network traffic that flows between devices or applications. Traffic analysis can help troubleshoot network problems by identifying the source, destination, volume, frequency, and content of the network packets12. To use traffic analysis to identify the root cause of the spam issue, the administrator could follow these steps: * Install a traffic analysis tool on the server or a device that is connected to the same network as the server, such as Wireshark3, tcpdump4, or Microsoft Network Monitor5. * Start capturing the network traffic and filter it by using the IP address or hostname of the server, or by using a specific port or protocol that is used by the email service, such as SMTP (port 25), POP3 (port 110), or IMAP (port 143). * Analyze the filtered traffic and look for any signs of abnormal or malicious activity, such as high volume of outgoing emails, unknown recipients, suspicious attachments, or spam keywords. * Trace back the source of the spam emails to the infected workstation by using its IP address or MAC address. * Isolate and clean up the infected workstation by using an antivirus or malware removal tool. The other options are not processes that the administrator used to identify the root cause of the spam issue. Availability monitoring is a technique that measures and reports the uptime and downtime of a network device or service. Availability monitoring can help troubleshoot network problems by detecting any failures or outages that affect the network performance. Baseline metrics are a set of standard measurements that establish the normal behavior or performance of a network device or service. Baseline metrics can help troubleshoot network problems by comparing the current state of the network with the expected state and identifying any deviations or anomalies. Network discovery is a technique that scans and maps the network devices and services that are connected to a network. Network discovery can help troubleshoot network problems by providing a comprehensive and updated view of the network topology and configuration.
Question 674
A network technician is attempting to increase throughput by configuring link port aggregation between a Gigabit Ethernet distribution switch and a Fast Ethernet access switch. Which of the following is the BEST choice concerning speed and duplex for all interfaces that are participating in the link aggregation?
Correct Answer: B
Explanation The best choice for configuring link port aggregation between a Gigabit Ethernet distribution switch and a Fast Ethernet access switch is to use full duplex and 1GB speed for all interfaces that are participating in the link aggregation. This will allow for maximum throughput, as the full duplex connection will enable simultaneous sending and receiving of data, and the 1GB speed will ensure that the data is transferred quickly. According to the CompTIA Network+ Study Guide, "Full-duplex Ethernet allows the network adapter to transmit and receive data simultaneously, which can result in double the bandwidth of half-duplex Ethernet." Additionally, the official text states, "Ethernet and Fast Ethernet use different speeds for data transmission, with Ethernet being 1,000 megabits (1 gigabit) per second and Fast Ethernet being 100 megabits per second."
Question 675
A network administrator is implementing OSPF on all of a company's network devices. Which of the following will MOST likely replace all the company's hubs?
Correct Answer: A
The OSPF (Open Shortest Path First) protocol is one of a family of IP Routing protocols, and is an Interior Gateway Protocol (IGP) for the Internet, used to distribute IP routing information throughout a single Autonomous System (AS) in an IP network.
