Free N10-009 CompTIA Updates

The option that most directly secures sensitive information on the network is data-in-transit encryption. This ensures that data packets are unreadable to attackers who intercept them while moving across the network. Protocols such as TLS, HTTPS, IPsec, and SSH protect confidentiality and integrity of sensitive information.

B. Principle of least privilege (PoLP) secures access control but does not directly protect data in motion.

C. Role-based access control (RBAC) enforces permissions but again does not secure the data while transmitted.

D. Multifactor authentication (MFA) strengthens identity verification but does not directly protect the data itself once transmitted.

Thus, while all options contribute to overall security, encryption of data-in-transit most directly addresses protection of sensitive information on the network.

References (CompTIA Network+ N10-009):

Domain: Network Security — Encryption methods, confidentiality, data-in-transit protection.

SSH (Secure Shell) is a protocol used to securely connect to a remote server/system over a network. It operates on port 22 and provides encrypted communication, unlike Telnet which operates on port 23 and is not secure. TLS is used for securing HTTP connections (HTTPS) and operates on ports like 443, while RDP (Remote Desktop Protocol) is used for remote desktop connections and operates on port 3389.

When configuring a firewall, the first step is identifying which ports, protocols, and services are required for normal business operations. This ensures only legitimate traffic is allowed. After establishing the required rules, a default deny rule is added for security.

B. Deny all rule is important, but it should come after defining required rules.

C. VPN access is a service to configure, but only after determining baseline needs.

D. Outbound traffic policies are part of refinement, not the first consideration.

References (CompTIA Network+ N10-009):

Domain: Network Security — Firewall configuration, rule order, least privilege.

Link Layer Discovery Protocol (LLDP) is a network protocol used for discovering devices and their capabilities on a local area network, primarily at the data link layer (Layer 2). It helps in identifying the connected switch and the specific port to which a device is connected. When troubleshooting a VoIP handset connection, the technician can use LLDP to determine the exact switch and port where the handset is connected. This protocol is widely used in network management to facilitate the discovery of network topology and simplify troubleshooting.

Other options such as IKE (Internet Key Exchange), VLAN (Virtual LAN), and netstat (network statistics) are not suitable for identifying the switch and port information. IKE is used in setting up secure IPsec connections, VLAN is used for segmenting networks, and netstat provides information about active connections and listening ports on a host but not for discovering switch port details.