Passed Exam Today N10-009

AnAccess Control List (ACL)configured on theedge firewallis the correct and most effective solution tofilter inbound traffic. The administrator can allow TCP port 443 (HTTPS) and deny all other traffic. This is a classic firewall configuration for securing public-facing servers.

The loopback address 127.0.0.1 is used to test the TCP/IP stack of the local machine. Pinging this address confirms whether the local system ' s networking stack is functioning correctly.

=================

DNS poisoning (also commonly called DNS cache poisoning) is characterized by inserting fraudulent DNS data into a resolver’s cache so that subsequent queries return incorrect IP mappings. Option D describes this precisely: false DNS records are injected into a DNS server’s cache, causing users to be redirected to attacker-controlled destinations even when they request a legitimate hostname. This aligns with Network+ security objectives covering common network attacks targeting name resolution and trust relationships. Editing authoritative DNS records on a DNS server (A) implies direct compromise or unauthorized administrative change, which is a different scenario than cache poisoning. Setting up a malicious DNS server in place of a legitimate server (B) is closer to DNS hijacking or rogue DNS configuration rather than cache poisoning. Intercepting client requests and returning false responses (C) describes man-in-the-middle style spoofing on the wire; while related, the defining “poisoning” trait is the persistence created by corrupting the cache so the bad answer continues to be served. For defensive relevance in Network+ scope, cache poisoning highlights the importance of DNS security controls such as source port randomization, transaction ID entropy, and DNSSEC validation where applicable.

If the user cannot communicate with 192.168.10.1, they might be on a different subnet. Changing the subnet mask to 255.255.255.0 ensures the user and the file server are in the same subnet.

Breakdown of Options:

A. Changing the IPv4 address to 192.168.10.1 – This would conflict with the server ' s IP.

B. Changing the subnet mask to 255.255.255.0 – ✅ Correct answer. Ensures both the user and the server are on the same subnet.

C. Changing the DNS servers – DNS does not affect local network connectivity.

D. Changing the physical address – The MAC address does not impact subnet communication.