- (Topic 1)
Within the realm of network security, Zero Trust:

1. A. prevents attackers from moving laterally through a system.
2. B. allows a server to communicate with outside networks without a firewall.
3. C. block malicious software that is too new to be found in virus definitions.
4. D. stops infected files from being downloaded via websites.

Correct Answer: A
Zero Trust is a security framework that requires all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. Zero Trust prevents attackers from moving laterally through a system by applying granular policies and controls based on the principle of least privilege and by segmenting and encrypting data flows across the network. References: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008- exam-objectives-(2-0), https://www.crowdstrike.com/cybersecurity-101/zero-trust-security/

- (Topic 3)
A customer reports there is no access to resources following the replacement of switches. A technician goes to the site to examine the configuration and discovers redundant links between two switches. Which of the following is the reason the network is not functional?

1. A. The ARP cache has become corrupt.
2. B. CSMA/CD protocols have failed.
3. C. STP is not configured.
4. D. The switches are incompatible models

Correct Answer: C
The reason the network is not functional is that STP (Spanning Tree Protocol) is not configured on the switches. STP is a protocol that prevents loops in a network topology by blocking redundant links between switches. If STP is not enabled, the switches will forward broadcast frames endlessly, creating a broadcast storm that consumes network resources and disrupts communication. References: CompTIA Network+ N10-008 Certification Study Guide, page 67; The Official CompTIA Network+ Student Guide (Exam N10-008), page 2-14.

- (Topic 3)
Which of the following is the physical security mechanism that would MOST likely be used to enter a secure site?

1. A. A landing page
2. B. An access control vestibule
3. C. A smart locker
4. D. A firewall

Correct Answer: B
An access control vestibule is a physical security mechanism that consists of a small room or chamber with two doors, one leading to the outside and one leading to the secure site. The doors are controlled by an electronic system that verifies the identity and authorization of the person entering before allowing access to the next door. A landing page is a web page that appears when a user clicks on a link or advertisement. A smart locker is a physical security mechanism that allows users to store and retrieve items using a code or biometric authentication. A firewall is a network security device that monitors and filters incoming and outgoing traffic based on predefined rules. References: [CompTIA Network+ Certification Exam Objectives], Domain 4.0 Network Operations, Objective 4.1: Explain the importance of documentation and diagrams, Subobjective: Physical security devices (locks, cameras, etc.)

- (Topic 3)
An engineer was asked to update an MX record for an upcoming project. Which of the following server types is MOST likely to be in scope for the project?

1. A. Email
2. B. Web
3. C. File
4. D. Database

Correct Answer: A
An MX record is a type of DNS record that specifies the mail server responsible for accepting email messages on behalf of a domain name. Therefore, an engineer who needs to update an MX record is most likely working on an email server project

- (Topic 3)
A network administrator is concerned about a rainbow table being used to help access network resources. Which of the following must be addressed to reduce the likelihood of a rainbow table being effective?

1. A. Password policy
2. B. Remote access policy
3. C. Acceptable use policy
4. D. Data loss prevention policy

Correct Answer: A
A password policy must be addressed to reduce the likelihood of a rainbow table being effective. A rainbow table is a precomputed table of hashed passwords and their corresponding plaintext values. A rainbow table can be used to crack hashed passwords by performing a reverse lookup of the hash value in the table. A password policy is a set of rules and guidelines that define how passwords should be created, used, and managed in an organization. A password policy can help prevent rainbow table attacks by enforcing strong password requirements, such as length, complexity, expiration, and history. A strong password is one that is hard to guess or crack by using common methods such as brute force or dictionary attacks. References: [CompTIA Network+ Certification Exam Objectives], What Is Rainbow Table Attack? | Kaspersky, Password Policy Best Practices | Thycotic