CompTIA CompTIA Mobility+ N10-005 Questions & Answers

• Question 151:

  Management has decided that they want a high level of security. They do not want Internet requests coming directly from users. Which of the following is the BEST recommendation?

  A. Content filter

  B. Proxy server

  C. Layer 3 switch

  D. Firewall

  Correct Answer: B

  A proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers.

• Question 152:

  Which of the following uses SSL encryption?

  A. SMTP

  B. FTP

  C. HTTPS

  D. SNMP

  Correct Answer: C

  HTTPS is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL/TLS protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications.

• Question 153:

  Which of the following security appliances are used to only identify traffic on individual systems?

  A. Host based IPS

  B. Application based IPS

  C. Network based IDS

  D. Host based IDS

  Correct Answer: D

  A host-based intrusion detection system (HIDS) is an intrusion detection system that monitors and analyzes the internals of a computing system as well as the network packets on its network interfaces.

• Question 154:

  Which of the following monitoring devices are used only to recognize suspicious traffic from specific software?

  A. Signature based IPS

  B. Application based IDS

  C. Anomaly based IDS

  D. Application based IPS

  Correct Answer: B

  An APIDS monitors the dynamic behavior and state of the protocol and will typically consist of a system or agent that would typically sit between a process, or group of servers, monitoring and analyzing the application protocol between two connected devices.

• Question 155:

  Which of the following ports would have to be allowed through a firewall for POP3 traffic to pass on its default port?

  A. 110

  B. 123

  C. 143

  D. 443

  Correct Answer: A

  Post Office Protocol (POP) is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection. POP3 server listens on well-known port 110.

• Question 156:

  Which of the following can a network technician change to help limit war driving?

  A. Signal strength

  B. SSID

  C. Frequency

  D. Channel

  Correct Answer: A

  War driving is a term used to describe the process of a hacker who, armed with a laptop and a wireless adapter card and traveling via a car, bus, subway train, or other form of mechanized transport, goes around sniffing for WLANs. Over time, the hacker builds up a database comprising the network name, signal strength, location, and ip/namespace in use..

• Question 157:

  An unusual amount of activity is coming into one of the switches in an IDF. A malware attack is suspected. Which of the following tools would appropriately diagnose the problem?

  A. Cable tester

  B. Protocol analyzer

  C. Load balancer

  D. OTDR

  Correct Answer: B

  A packet analyzer is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network.As data streams flow across the network, the sniffer captures each packet and, if needed, decodes the packet's raw data, showing the values of various fields in the packet, and analyzes its content.

• Question 158:

  Which of the following would be used to check whether a DoS attack is taking place from a specific remote subnet?

  A. Syslog files

  B. Honeypot

  C. Network sniffer

  D. tracert

  Correct Answer: C

  A network sniffers monitors data flowing over computer network links. It can be a self-contained software program or a hardware device with the appropriate software or firmware programming.

• Question 159:

  Which of the following attacks would allow an intruder to do port mapping on a company's internal server from a separate company server on the Internet?

  A. SYN flood

  B. Teardrop

  C. Smurf

  D. FTP bounce

  Correct Answer: D

  FTP bounce attack is an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine as a middle man for the request.

• Question 160:

  The company is setting up a new website that will be requiring a lot of interaction with external users. The website needs to be accessible both externally and internally but without allowing access to internal resources. Which of the following would MOST likely be configured on the firewall?

  A. PAT

  B. DHCP

  C. DMZ

  D. NAT

  Correct Answer: C

  DMZ is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external attacker only has access to equipment in the DMZ, rather than any other part of the network.