- (Topic 3)
Which of the following is used when a workstation sends a DHCP broadcast to a server on another LAN?

1. A. Reservation
2. B. Dynamic assignment
3. C. Helper address
4. D. DHCP offer

Correct Answer: C
A helper address is an IP address that is configured on a router interface to forward DHCP broadcast messages to a DHCP server on another LAN. A DHCP broadcast message is a message that a workstation sends when it needs to obtain an IP address from a DHCP server. Since broadcast messages are not routed across different networks, a helper address is needed to relay the DHCP broadcast message to the DHCP server on another network. References: https://www.comptia.org/training/books/network-n10-008- study-guide (page 199)

- (Topic 3)
Which of the following attacks, if successful, would provide a malicious user who is connected to an isolated guest network access to the corporate network?

1. A. VLAN hopping
2. B. On-path attack
3. C. IP spoofing
4. D. Evil twin

Correct Answer: A
The attack which, if successful, would provide a malicious user who is connected to an isolated guest network access to the corporate network is VLAN hopping. VLAN hopping is an attack technique which involves tricking a switch into sending traffic from one VLAN to another. This is done by sending specially crafted packets, which force the switch to send traffic from one VLAN to another, thus allowing the malicious user to gain access to the corporate network.
VLAN hopping is an attack technique which involves tricking a switch into sending traffic from one VLAN to another. This is done by sending specially crafted packets, which force the switch to send traffic from one VLAN to another, thus allowing the malicious user to gain access to the corporate network. According to the CompTIA Network+ N10-008 Exam Guide VLAN hopping is a type of attack that is used to gain access to network resources that are not meant to be accessible by a user on a guest network.

- (Topic 3)
A company has been added to an unapproved list because of spam. The network administrator confirmed that a workstation was infected by malware. Which of the following processes did the administrator use to identify the root cause?

1. A. Traffic analysis
2. B. Availability monitoring
3. C. Baseline metrics
4. D. Network discovery

Correct Answer: A
One possible process that the administrator used to identify the root cause of the spam issue is traffic analysis. Traffic analysis is a technique that monitors and analyzes the network traffic that flows between devices or applications. Traffic analysis can help troubleshoot network problems by identifying the source, destination, volume, frequency, and content of the network packets12.
To use traffic analysis to identify the root cause of the spam issue, the administrator could follow these steps:
✑ Install a traffic analysis tool on the server or a device that is connected to the same
network as the server, such as Wireshark3, tcpdump4, or Microsoft Network Monitor5.
✑ Start capturing the network traffic and filter it by using the IP address or hostname
of the server, or by using a specific port or protocol that is used by the email service, such as SMTP (port 25), POP3 (port 110), or IMAP (port 143).
✑ Analyze the filtered traffic and look for any signs of abnormal or malicious activity, such as high volume of outgoing emails, unknown recipients, suspicious attachments, or spam keywords.
✑ Trace back the source of the spam emails to the infected workstation by using its IP address or MAC address.
✑ Isolate and clean up the infected workstation by using an antivirus or malware removal tool.
The other options are not processes that the administrator used to identify the root cause of the spam issue. Availability monitoring is a technique that measures and reports the uptime and downtime of a network device or service. Availability monitoring can help troubleshoot network problems by detecting any failures or outages that affect the network performance. Baseline metrics are a set of standard measurements that establish the normal behavior or performance of a network device or service. Baseline metrics can help troubleshoot network problems by comparing the current state of the network with the expected state and identifying any deviations or anomalies. Network discovery is a technique that scans and maps the network devices and services that are connected to a network. Network discovery can help troubleshoot network problems by providing a comprehensive and updated view of the network topology and configuration.

- (Topic 3)
A company's web server is hosted at a local ISP. This is an example of:

1. A. allocation.
2. B. an on-premises data center.
3. C. a branch office.
4. D. a cloud provider.

Correct Answer: D

- (Topic 2)
An IT technician suspects a break in one of the uplinks that provides connectivity to the core switch. Which of the following command-line tools should the technician use to determine where the incident is occurring?

1. A. nslookup
2. B. show config
3. C. netstat
4. D. show interface
5. E. show counters

Correct Answer: D
show interface is a command-line tool that displays information about the status, configuration, and statistics of an interface on a network device. A technician can use show interface to determine where the incident is occurring in a network by checking the uplink status, speed, duplex mode, errors, collisions, and other parameters of each interface. References: https://www.comptia.org/blog/what-is-show-interface