CompTIA Network+ N10-008 CompTIA Study Notes

A VLAN mismatch is the most likely reason why an IP phone does not receive the necessary DHCP options for registration. A VLAN mismatch occurs when a device is connected to a switch port that belongs to a different VLAN than the device’s intended VLAN. This can cause communication problems or prevent access to network resources. For example, if an IP phone is connected to a switch port that belongs to the data VLAN instead of the voice VLAN, it may not receive the DHCP options that contain information such as the TFTP server address, the NTP server address, or the default gateway address for the voice VLAN. These DHCP options are essential for the IP phone to register with the VoIP system and function properly. References:

Traffic policing is a mechanism that monitors the traffic in any network and enforces a bandwidth limit by discarding packets that exceed a certain rate1. This can reduce congestion and ensure fair allocation of bandwidth among different applications or users. However, discarding packets can also affect the performance and quality of some applications, especially those that are sensitive to packet loss, such as voice or video.

Traffic shaping is a congestion control mechanism that delays packets that exceed a certain rate instead of discarding them1. This can smooth out traffic bursts and avoid packet loss, but it also introduces latency and jitter. Traffic shaping can be beneficial for applications that can tolerate some delay but not packet loss, such as file transfers or streaming.

Traffic marking is a mechanism that assigns different priority levels to packets based on their type, source, destination, or other criteria2. This can help to differentiate between different classes of service and apply different policies or treatments to them. However, traffic marking does not enforce bandwidth limits by itself; it only provides information for other mechanisms to act upon.

Traffic classification is a process that identifies and categorizes packets based on their characteristics, such as protocol, port number, payload, or behavior. This can help to distinguish between different types of traffic and apply appropriate policies or actions to them. However, traffic classification does not enforce bandwidth limits by itself; it only provides input for other mechanisms to use.

Insider threat= insider threat is defined as the threat that an employee or a contractor will use his or her authorized access, wittingly or unwittingly, to do harm

Techniques to check if a connection was made by a human user, such as CAPTCHAs, are effective against automated attacks like:

• A. Brute-force: This attack method involves trying many passwords or passphrases with the hope of eventually guessing correctly.
• B. Dictionary: Similar to brute-force, this attack uses a list of words to attempt to guess passwords or encryption keys.

These techniques are not designed to protect against:

• C. On-path attack: Previously known as a man-in-the-middle attack, where the attacker intercepts communication between two parties.
• D. Phishing: A social engineering attack aiming to trick users into giving up sensitive information.
• E. Shoulder surfing: Direct observation techniques, such as looking over someone’s shoulder to get information.
• F. Evil twin: A rogue Wi-Fi access point that appears legitimate but is set up to eavesdrop on wireless communications.