Which of the following is the BEST explanation that describes this scenario?

Packet analysis reveals multiple GET and POST requests from an internal host to a URL without
any response from the server. Which of the following is the BEST explanation that describes this
scenario?

Packet analysis reveals multiple GET and POST requests from an internal host to a URL without
any response from the server. Which of the following is the BEST explanation that describes this
scenario?

A.
Compromised system

B.
Smurf attack

C.
SQL injection attack

D.
Man-in-the-middle

Explanation:



Leave a Reply 15

Your email address will not be published. Required fields are marked *


Lesedi

Lesedi

Why isn’t the answer a Smurf attack?

Lawrence Edwards

Lawrence Edwards

The answer should be smurf attack, correct?

John

John

I think the answer is compromised host because it is saying the threat originated from an “internal host” whereas an external host would be the one launching a smurf attack against you. I assume this is from the POV of the admin.

James

James

Multiple GET/POST requests indicate attempts to communicate with an http server and in this case, the server is not responsive. This could indicate that the server has been compromised.

Robert Amarena

Robert Amarena

Yeah! Finally passed my network+ n10-006 exam on 17/Jan/2016!!! Scored 820/900! (The passing score is 720)

I completed my exam within 45 minutes, and reviewed all the flagged questions.

I dare to say that 80% of the regular questions are not difficult, but the simulations are not as easy as the regular questions, I think.

Some study materials that I learned: 1). Prof Messer Videos, 2). Mike Meyers’ Book, 3). PassLeader n10-006 dumps (it offers both pdf and vce files here: https://tr.im/ETc02), all questions are helpful for passing exam.

And, good luck for passing!

trent

trent

Hi

Mind sharing your dumps 🙂

Joe

Joe

why is it not D? Since the internal host is sending requests and not getting a reply maybe an attacker intercepted the requests and getting information.

Another Joe

Another Joe

It is not (D) because a man-in-the-middle attack has both incoming and outgoing requests. Since the only request traffic is from “an internal host”, it is a safe bet that we’re dealing with a (A) compromised system.

Jane Bomford

Jane Bomford

New N10-006 Exam Questions and Answers Updated Recently (8/April/2016):

NEW QUESTION 1
A company installs a new mail server. Which of the following DNS records need to be configured to allow the organization to receive email?

A. CNAME
B. MX
C. PTR
D. A

Answer: B

NEW QUESTION 2
Drag and Drop Question
Your company recently purchased a new building down the street from the existing office. For each of the tasks below, select the appropriate antenna type and encryption object for all wireless access point (AP).
1. Create an encrypted wireless connection between the two buildings that BEST controls signal propagation, while maximizing security.
2. Restrict the wireless signal generated by the access points (AP’s) inside Building 1, so that it minimizes broadcast beyond the building.
3. Maximize wireless coverage inside Building 1.
4. Building 1’s internal wireless network is for visitors only and must not require any special configuration on the visitor’s device to connect.
Image URL: examgod.com/plimages/85a892db4810_10C9E/21_thumb.jpg

Answer:
Image URL: examgod.com/plimages/85a892db4810_10C9E/22_thumb.jpg

NEW QUESTION 3
Drag and Drop Question
Build a T-658A Connection
Image URL: examgod.com/plimages/85a892db4810_10C9E/31_thumb.jpg

Answer:
Image URL: examgod.com/plimages/85a892db4810_10C9E/32_thumb.jpg

NEW QUESTION 4
The administrator modifies a rule on the firewall, and now all the FTP users cannot access the server any longer. The manager calls the administrator and asks what caused the extreme downtime for the server. In regards to the manager’s inquiry, which of the following did the administrator forget to do FIRST?

A. Submit a change request
B. Schedule a maintenance window
C. Provide notification of change to users
D. Document the changes

Answer: A

NEW QUESTION 5
A network administrator noticed that when one computer goes down, all the other computers in the office will not work. Which of the following topologies is in use?

A. Star
B. Ring
C. Hybrid
D. Bus
E. Mesh

Answer: D

NEW QUESTION 6
There has been an increased amount of successful social engineering attacks at a corporate office. Which of the following will reduce this attack in the near future?

A. Helpdesk training
B. Appropriate use policy
C. User awareness training
D. Personal Identifiable Information

Answer: C

NEW QUESTION 7
The human resource department has been moved to an area which is more than 60 meters away from the nearest IDF. In order to comply with the SLA which requires that 10Gb speeds be provided, which of the following media will need to utilized?

A. CAT6e
B. CAT5e
C. 802.11n
D. 802.11ac

Answer: A

NEW QUESTION 8
While troubleshooting, a technician notices that some clients using FTP still work and that pings to the local router and servers are working. The technician tries to ping all known nodes on the network and they reply positively, except for one of the servers. The technician notices that ping works only when the host name is used but not when FQDN is used. Which of the following servers is MOST likely down?

A. WINS server
B. Domain controller
C. DHCP server
D. DNS server

Answer: D

NEW QUESTION 9
An area to which access is controlled by retina scan is protected by which of the following security measure types?

A. Two-factor authentication
B. Biometric
C. Cipher locks
D. Optical reader
E. Proximity reader

Answer: B

NEW QUESTION 10
Which of the following ports should be allowed to provide access to certain VoIP applications?

A. 110
B. 139
C. 1720
D. 5060

Answer: D

NEW QUESTION 11
Which of the following should be used to ensure a specific device always receives the same IP address?

A. IP helper
B. Reservation
C. Address lease
D. DHCP scope
E. DHCP relay

Answer: B

NEW QUESTION 12
Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the cause of this issue?

A. WPA2 security key
B. SSL certificates
C. CSMA/CA
D. RADIUS

Answer: D

NEW QUESTION 13
A company owns four kiosks that are in close proximity within a shopping center. The owner is concerned about someone accessing the internet via the kiosk’s wireless network. Which of the following should be implemented to provide wireless access only to the employees working at the kiosk?

A. Firewall
B. Web filtering
C. MAC filtering
D. Host-based antivirus

Answer: C

NEW QUESTION 14
Which of the following applies to data as it travels from Layer 1 to Layer 7 of the OSI model?

A. Tagging
B. Encapsulation
C. Tunneling
D. De-encapsulation

Answer: D

NEW QUESTION 15
……

P.S. These New N10-006 Exam Questions Were Just Updated From The Real N10-006 Exam, You Can Get The Newest N10-006 Dumps In PDF And VCE From — http://bitly.com/n10-006-exam-dumps (1382q)

Good Luck !!!

Joe Circhirillo

Joe Circhirillo

New N10-006 Exam Questions and Answers Updated Recently (27/Dec/2016):

NEW QUESTION 1383
A network administrator set up a network computer lab and discovered connectivity issues. The administrator is able to ping the fiber uplink interface, but none of the new PCs plugged into the switch respond to ICMP requests. Which of the following should the administrator perform FIRST?

A. Check if there are link lights on the ports
B. Checkthe ports on the switch for full duplex
C. Check to see if port security is enabled
D. Check to see if the uplink interface is configured correctly

Answer: A

NEW QUESTION 1384
A user receives a new computer and now is unable to connect to a database using ODBC. Other users on the network are able to connect successfully. A technician is able to successfully ping the database server but still is unable to connect. Which of the following is the issue?

A. Missing IP routes on router
B. Wrong default gateway address
C. Software firewall is blocking ports
D. Failing network interface card

Answer: C

NEW QUESTION 1385
A network uses a centralized server to manage credentials for all network devices. Which of the following server types are MOST likely being used in this configuration? (Select two.)

A. DNS
B. DHCP
C. FTP
D. RADIUS
E. Kerberos
F. TACACS
G. Wireless controller

Answer: DF

NEW QUESTION 1386
A company suffers an outage due to a bad module in a core switch. Which of the following is the proper order of troubleshooting?

A. Gather information, start at the top of the OSI model, and work down.
B. Establish a plan of action to solve the problem.
C. Establish a theory, identify the problem, duplicate the problem, test the theory, and repeat.
D. Gather information, start at the bottom of the OSI model, and work up.

Answer: B

NEW QUESTION 1387
Which of the following is BEST used to perform a one-time temporary posture assessment in a NAC environment?

A. Intrusion prevention system
B. Host-based firewall
C. Non-persistent agent
D. Antivirus

Answer: C

NEW QUESTION 1388
A network technician has just run a new point-to point fiber link between two local routers, however, after the fiber has been plugged in on both ends, the interface will not come up. The technician has double- checked the interface configuration on both routers, both SFPs have been hard looped to confirm they are functioning, connectors on both ends of the links have been cleaned, and there is sufficient optical power. Which of the following is the cause of the issue?

A. Wavelength mismatch
B. Duplex mismatch
C. Distance limitations
D. Wrong IP address

Answer: A

NEW QUESTION 1389
Two switches are connected using both a CAT6 cable and a CAT5e cable. Which of the following problems is occurring?

A. Missing route
B. Autosensing ports
C. Improper cable types
D. Switching loop
E. Media mismatch

Answer: D

NEW QUESTION 1390
A network administrator has configured a new 100Mbs WAN circuit, but speed testing shows poor performance when downloading large files. The download initially reaches close to 100Mbps but begins to drop and show spikes in the downloads speeds over time. The administrator checks the router interface and sees the following:
– Router01#show interface eth 1/1
– GigabitEthernet 1/1 is up, line is up
– Hardware is GigabitEthernet, address is 000A.00BB.CC11
– Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx Member of L2 VLAN 1, port is untagged, port state is forwarding
Which of the following is MOST likely to resolve the issue?

A. Shutdown and then re-enable this interface
B. Reset the statistics counter for this interface
C. Remove default 802.1q tag and set to server VLAN
D. Apply egress port rate-shaping

Answer: C

NEW QUESTION 1391
Which of the following residential Internet medias would employ the DOCSIS standard?

A. Fiber
B. DSL
C. Cable
D. 3G/LTE
E. Cellular

Answer: C

NEW QUESTION 1392
Joe, a technician, terminates ends on a new copper cable for use between two legacy switches. When Joe connects the two switches together using the cable, they fail to establish a connection. Which of the following is MOST likely the issue?

A. The cable has exceeded bend radius limitations.
B. The cable is a straight through.
C. The cableis a cross over.
D. The cable has RJ-11 connectors instead of RJ-45.

Answer: B

NEW QUESTION 1393
A network technician has set up a firewall and entered only three rules allowing traffic on ports 21,110, and 25 to secure the network. Users are reporting they cannot access web pages using the URLs. Which of the following can the technician do to correct the situation?

A. Add a rule to the end allowing port 80 and 53.
B. Add a rule to the end allowing port 143 and 22.
C. Add a rule to the end allowing port 137 and 66.
D. Add a rule to the end allowing port 445 and 173.

Answer: A

NEW QUESTION 1394
A secondary datacenter in a remote location is used by a company. The cable management and power management are handled by the datacenter staff. The building security is also handled by the datacenter staff with little oversight. Which of the following should the network administrator do to adhere to best practices?

A. Secure the patch panels.
B. Ensure power monitoring is enabled.
C. Ensure rack security.
D. Secure the UPS units.

Answer: C

NEW QUESTION 1395
When network administrators observe an increased amount of web traffic without an increased number of financial transactions, the company is MOST likely experiencing which of the following attacks?

A. Bluejacking
B. ARP cache poisoning
C. Phishing
D. DoS

Answer: D

NEW QUESTION 1396
An administrator needs to install a centrally located firewall that needs to block specific incoming and outgoing IP addresses, without denying legitimate return traffic. Which of the following firewall types should the administrator install?

A. A host- based firewall
B. A network-based firewall
C. A host-based stateful firewall
D. A stateless network-based firewall

Answer: D

NEW QUESTION 1397
All scheduled work on production network equipment should be done during which of the following periods?

A. Maintenance window
B. Development life cycle
C. Down time
D. Business hours

Answer: A

NEW QUESTION 1398
A technician is installing a media converter that connects a newly installed multimode connection to an existing CAT5e infrastructure. Which of the following media converter types should the technician use?

A. Ethernet to coaxial
B. Fiber to Ethernet
C. Fiber to coaxial
D. Multimode to single mode fiber

Answer: B

NEW QUESTION 1399
Ann, a network administrator, is in the process of cleaning network switches for resale. Ann splashes the cleaning agent in her eye and needs to know the procedure of cleansing her eye. To which of the following should Ann refer?

A. EULA
B. MSDS
C. SLA
D. MOU

Answer: B

NEW QUESTION 1400
Which of the following transmission methods is used for network utilizing the 802.3 standard?

A. MAC
B. Synchronous
C. DSSS
D. Broadband
E. Baseband

Answer: A

NEW QUESTION 1401
Which of the following describes a design where traffic is shared between multiple network servers to provide greater throughput and reliability?

A. Load balancing
B. MPLS trunking
C. VLAN tagging
D. Multiplexing

Answer: A

NEW QUESTION 1402
……

P.S. These New N10-006 Exam Questions Were Just Updated From The Real N10-006 Exam, You Can Get The Newest N10-006 Dumps In PDF And VCE From — http://www.passleader.com/n10-006.html (1438q VCE and PDF)

Good Luck! Happy New Year!!!

Joe Circhirillo

Joe Circhirillo

BTW, that new 1438Q N10-006 Dumps Collection are Available here for Free:

https://doc.co/MaJp55

Best Regards!

Maciej Bierkus

Maciej Bierkus

[Update]

New N10-006 Exam Questions and Answers Updated Recently (4/Feb/2016):

NEW QUESTION 1439
A network technician has been tasked with connecting three 802.11a clients to an 802.11g access point that is configured for WEP and is within a (9m) line of sight from the client. The clients are unable to associate with the access point. Which of the following is MOST likely the cause of this issue?

A. Interference
B. Wrong frequency
C. Signal loss
D. Wrong Encryption

Answer: B
Explanation:
802.11a operates in the 5GHz band while 802.11g operates in the 2.4GHz band.

NEW QUESTION 1440
A web-based application is responding very slowly. The network administrator is looking at the following information from the transparent web proxy, which is configured in virtual-wire mode and is in the between the company’s network and the Internet.
Image URL: examgod.com/plimages/120a9f5fd4b8_C80C/passleader-n10-006-dumps-14401.jpg
Given the above information, which of the following is the layer of the OSI model at which the issue is occurring and the MOST likely reason it is occurring? (Select two.)

A. Layer 1
B. Layer 4
C. Layer 3
D. Layer 7
E. The application crashed
F. NO IP addresses on interfaces
G. Excessive TCP resets
H. Bad cable

Answer: CH

NEW QUESTION 1441
Which of the following is used to proxy client requests for IP configurations across different network segments?

A. DHCP relay
B. SOCKS
C. Teredo tunneling
D. Reverse proxy

Answer: A

NEW QUESTION 1442
Which of the following is the BEST way to prevent various types of security threats throughout the network on a routine basis?

A. Disaster recovery planning
B. User training and awareness
C. Penetration testing
D. Business continuity training

Answer: B

NEW QUESTION 1443
A network administrator is assigned an approved change request with a change window of 120 minutes. After 90 minutes, the change is stuck on step five of a five-step change. The network manager decides to initiate a rollback. Which of the following describes what the network administrator will do NEXT?

A. Return the system to step four since this was the last working step.
B. Request additional time since the change is near completion.
C. Leave the change as is and inform users of a workaround.
D. Return the system back to the original state before the change.

Answer: D

NEW QUESTION 1444
A network administrator was told by the Chef Information Officer (CIO) to set up a new office with a network that has redundancy. Which of the following topologies would the network administrator need to administer?

A. Hybrid
B. Bus
C. Mesh
D. Partial mesh
E. Star

Answer: C

NEW QUESTION 1445
An engineer is reviewing network logs on a management switch and discovers that, compared to previous reports, a large amount of traffic is coming from a particular node. Upon further investigation, the engineer determines traffic coming from the port in question is using points that indicate NAT is occurring somewhere downstream from that point. After conferring with another network manager, the team determines a user has added an unauthorized SOHO WLAN router to the network. Among the vulnerabilities that could result from such an action is the possibility of the user inadvertently connecting the LAN interface of the SOHO router into the LAN port coming from the corporate network. This configuration would MOST likely result in which of the following scenarios?

A. Excessive interface on the corporate LAN port
B. DHCP scope exhaustion
C. Evil twin stacks
D. Competing DHCP servers on a single LAN

Answer: C

NEW QUESTION 1446
An organization wants to improve its ability to detect infiltration of servers in a DMZ, IPS/IDS solutions are currently located on the edge between DMZ and Untrust, and DMZ and Trust. Which of the following can increase visibility inside the DMZ?

A. Layer 7 firewall
B. Honeypot
C. NAC server
D. Host-based firewalls in the DMZ

Answer: A

NEW QUESTION 1447
A technician receives a report that a user’s workstation is experiencing no network connectivity. The technician investigates and notices the patch cable running from the back of the user’s VoIP phone is routed directly under the rolling chair and has been smashes flat over time. Which of the following is the most likely cause of this issue?

A. Cross-talk
B. Electromagnetic interference
C. Excessive collisions
D. Split pairs

Answer: C

NEW QUESTION 1448
Which of the following tools would a network technician use to troubleshoot a span of single-mode fiber cable?

A. Punchdown tool
B. Spectrum analyzer
C. Ethernet tester
D. OTDR

Answer: B

NEW QUESTION 1449
A network technician has received reports of an Internet-based application that has stopped functioning. Employees reported that after updating the Internet browsers, the application began to fail. Many users rolled back the update, but this did not correct problem. Which of the following should the company do to reduce this type of action from affecting the network?

A. Implement a disaster recovery plan with a hot site to allow users to continue working.
B. Segment the network and create a test lab for all updates before deployment.
C. Verify the update hashes match those on the vendor’s website.
D. Coordinate the Internet Server update to coincide with the users’ updates.

Answer: B

NEW QUESTION 1450
A project lead is reviewing the statement of work for an upcoming project that is focused on identifying potential weaknesses in the organization’s internal and external network infrastructure. As part of the project, a team of external contractors will attempt to employ various attacks against the organization. The statement of work specifically addresses the utilization of an automated tool to probe network resources in an attempt to develop logical diagrams indication weaknesses in the infrastructure. The scope of activity as described in the statement of work is an example of:

A. session hijacking
B. vulnerability scanning
C. social engineering
D. penetration testing
E. friendly DoS

Answer: D

NEW QUESTION 1451
A network technician is selection the best way to protect a branch office from as many different threat from the Internet as possible using a single device. Which of the following actions would meet the objective?

A. Configure a network-based firewall.
B. Configure a firewall with UTM.
C. Configure a host-based firewall.

Answer: A

NEW QUESTION 1452
A network technician has been tasked to provide a local office with wireless Internet access. The network technician had determined the users will need a wireless router that provides a maximum of 54Mbps of bandwidth while operating in the 2.4Ghz band. Which of the following wireless standards will the network technician deploy?

A. 802.11a
B. 802.11b
C. 802.11g
D. 802.11n

Answer: C
Explanation:
802.11g provides transmission over short distances at up to 54Mbps in the 2.4GHz bands.
Incorrect Answers:
A: 802.11a provides transmission at up to 54Mbps but it operates in the 5GHz band.
B: 802.11b operates in the 2.4GHz band but only provides transmission at up to 11Mbps.
D: 802.11n operates in the 2.4GHz band but uses spatial multiplexing to provide transmission in excess of 54Mbps.

NEW QUESTION 1453
A technician is looking at an issue with a computer connecting to the network. The technician determines wire 3 of a UTP Ethernet cable run has a break in it. This computer was previously connected to the switch at 1Gbps throughput. This PC is a kiosk and does not need anything more than 50-60Mbps connection speed. Which of the following can the technician do to resolve the issue quickly?

A. Rewire both ends to have the wire on pin 6 remapped to pin 3.
Force the duplex and speed to 100Mbps full duplex.
B. Rewire both ends to have the wire on pin 6 remapped to pin 3.
Force the duplex and speed to 1000Mbps full duplex.
C. Rewire both ends to have the wire on pin 7 remapped to pin 3.
Force the duplex and speed to 100Mbps full duplex.
D. Rewire both ends to have the wire on pin 7 remapped to pin 3.
Force the duplex and speed to 1000Mbps full duplex.

Answer: D

NEW QUESTION 1454
Which of the following physical devices provides the BEST security to a datacenter?

A. Cipher lock
B. Thumbprint reader
C. Video monitoring
D. Mantrap
E. Key pad

Answer: D

NEW QUESTION 1455
……

P.S. These New N10-006 Exam Questions Were Just Updated From The Real N10-006 Exam, You Can Get The Newest N10-006 Dumps In PDF And VCE From — http://www.passleader.com/n10-006.html (1521q VCE and PDF)

Good Luck!

Maciej Bierkus

Maciej Bierkus

What’s more, that new 1521Q N10-006 Dumps Collection are Available here for Free:

https://doc.co/MaJp55

Best Regards!