- (Topic 1)
Which of the following TCP ports is used by the Windows OS for file sharing?

1. A. 53
2. B. 389
3. C. 445
4. D. 1433

Correct Answer: C
TCP port 445 is used by the Windows OS for file sharing. It is also known as SMB (Server Message Block) or CIFS (Common Internet File System) and allows users to access files, printers, and other shared resources on a network. References: https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3

- (Topic 3)
Which of the following steps of the troubleshooting methodology would most likely include checking through each level of the OSI model after the problem has
been identified?

1. A. Establish a theory.
2. B. Implement the solution.
3. C. Create a plan of action.
4. D. Verify functionality.

Correct Answer: C
Creating a plan of action is the step of the troubleshooting methodology that would most likely include checking through each level of the OSI model after the problem has been identified. According to the web search results, the troubleshooting methodology consists of the following steps: 12
✑ Define the problem: Identify the symptoms and scope of the problem, and gather relevant information from users, devices, and logs.
✑ Establish a theory: Based on the information collected, hypothesize one or more possible causes of the problem, and rank them in order of probability.
✑ Test the theory: Test the most probable cause first, and if it is not confirmed, eliminate it and test the next one. Repeat this process until the root cause is found or a new theory is needed.
✑ Create a plan of action: Based on the confirmed cause, devise a solution that can resolve the problem with minimal impact and risk. The solution may involve checking through each level of the OSI model to ensure that all layers are functioning properly and that there are no configuration errors, physical damages, or logical inconsistencies34
✑ Implement the solution: Execute the plan of action, and monitor the results. If the problem is not solved, revert to the previous state and create a new plan of action.
✑ Verify functionality: Confirm that the problem is fully resolved and that the network is restored to normal operation. Perform preventive measures if possible to avoid recurrence of the problem.
✑ Document the findings: Record the problem description, the solution, and the outcome. Update any relevant documentation, such as network diagrams, policies, or procedures.
References1: Troubleshooting Methods for Cisco IP Networks 2: Troubleshooting Methodologies - CBT IT Certification Training 3: How to use the OSI Model to Troubleshoot Networks 4: How is the OSI model used in troubleshooting? – Sage-Answer

- (Topic 2)
A network administrator wants to improve the security of the management console on the company's switches and ensure configuration changes made can be correlated to the administrator who conformed them Which of the following should the network administrator implement?

1. A. Port security
2. B. Local authentication
3. C. TACACS+
4. D. Access control list

Correct Answer: C
TACACS+ is a protocol that provides centralized authentication, authorization, and accounting (AAA) for network devices and users. TACACS+ can help improve the security of the management console on the company’s switches by verifying the identity and credentials of the administrators, enforcing granular access policies and permissions, and logging the configuration changes made by each administrator. This way, the network administrator can ensure only authorized and authenticated users can access and modify the switch settings, and also track and correlate the changes made by each user. References: https://www.comptia.org/blog/what-is-tacacs

- (Topic 1)
Which of the following would be BEST to use to detect a MAC spoofing attack?

1. A. Internet Control Message Protocol
2. B. Reverse Address Resolution Protocol
3. C. Dynamic Host Configuration Protocol
4. D. Internet Message Access Protocol

Correct Answer: B
Reverse Address Resolution Protocol (RARP) is a protocol that allows a device to obtain its MAC address from its IP address. A MAC spoofing attack is an attack where a device pretends to have a different MAC address than its actual one. RARP can be used to detect a MAC spoofing attack by comparing the MAC address obtained from RARP with the MAC address obtained from other sources, such as ARP or DHCP. References: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam-objectives-(2-0), https://www.techopedia.com/definition/25597/reverse- address-resolution-protocol-rarp

- (Topic 3)
Which of the following layers is where TCP/IP port numbers identify which network application is receiving the packet and where it is applied?

1. A. 3
2. B. 4
3. C. 5
4. D. 6
5. E. 7

Correct Answer: B
Layer 4 is where TCP/IP port numbers identify which network application is receiving the packet and where it is applied. Layer 4 is also known as the transport layer in the TCP/IP model or the OSI model. The transport layer is responsible for providing reliable or unreliable end-to-end data transmission between hosts on a network. The transport layer uses port numbers to identify and multiplex different applications or processes that communicate over the network. Port numbers are 16-bit numbers that range from 0 to 65535 and are divided into three categories: well-known ports (0-1023), registered ports (1024-49151), and dynamic ports (49152-65535). Some examples of well-known port numbers are 80 for HTTP, 443 for HTTPS, and 25 for SMTP. References: [CompTIA Network+ Certification Exam Objectives], Transport Layer - an overview | ScienceDirect Topics