Free N10-008 CompTIA Updates

• An access control list (ACL) is a set of rules that defines which traffic is allowed or denied on a network device, such as a router or a firewall12.
• An ACL can be used to filter traffic based on various criteria, such as source or destination IP address, port number, protocol, or time of day12.
• By implementing an ACL on the edge router of the network, the network administrator can block the unauthorized IP address from entering the secure part of the network every night at 8:00 pm12.
• This solution would address the concerns of the network administrator, as it would prevent the unauthorized IP address from accessing the critical server or any other resource on the secure network12.
• Changing the VLAN of the web server (A) or changing the server’s IP address (B) would not stop the unauthorized IP address from entering the network, as it could still scan the network for other open ports or vulnerabilities12.
• Instating a rule on the firewall connected to the web server (D) would only protect the web server, but not the rest of the secure network, from the unauthorized IP address12. References:
• CompTIA Network+ N10-008 Certification Study Guide, Chapter 4: Network Operations, Section 4.3: Network Security Devices and Technologies, pp. 212-213.
• Professor Messer’s CompTIA N10-008 Network+ Course, Section 4.3: Network Security Devices and Technologies, Video: Access Control Lists.

The difference between piggybacking and tailgaiting is that with piggybacking, the person is willfully and intentionally letting you in. In this particular case, the person caught the door before it closed, so it is tailgating.

Tailgating is a physical security attack that occurs when an unauthorized person follows an authorized person through a secured door or gate without their knowledge or consent. Tailgating can allow an attacker to bypass access control mechanisms and gain entry to restricted areas or resources. Tailgating can also pose a safety risk for the authorized person and other occupants of the facility.

Piggybacking is a physical security attack that occurs when an unauthorized person follows an authorized person through a secured door or gate with their knowledge or consent. Piggybacking can also allow an attacker to bypass access control mechanisms and gain entry to restricted areas or resources. Piggybacking can also violate security policies and compromise the accountability of the authorized person.

Shoulder surfing is a physical security attack that occurs when an unauthorized person observes or records an authorized person’s confidential information, such as passwords, PINs, or credit card numbers. Shoulder surfing can allow an attacker to steal credentials and access sensitive data or systems. Shoulder surfing can also violate privacy and confidentiality rights of the authorized person.

Phishing is a cyber security attack that occurs when an unauthorized person sends fraudulent emails or messages that appear to come from legitimate sources, such as banks, companies, or government agencies. Phishing can trick recipients into clicking on malicious links, opening malicious attachments, or providing personal or financial information. Phishing can allow an attacker to install malware, steal credentials, or perform identity theft. Phishing does not involve physical access to secured doors or gates.

• High availability refers to systems that are durable and likely to operate continuously without failure for a long time.
• Using a load balancer to distribute requests between production and cloud environments ensures that if one environment fails, the other can take over, thus providing high availability.

When adding a new wired IoT device that will only communicate with the HVAC system, it is best practice to configure a dedicated VLAN. This isolates the traffic between the IoT device and the HVAC system from the rest of the network, enhancing security and network efficiency.

References:

• CompTIA Network+ N10-008 Full Course for Beginners - Configuring SOHO Networks4
• Network+ (Plus) Certification | CompTIA IT Certifications