N10-009日本語 無料問題集「CompTIA Network+ Certification Exam (N10-009日本語版)」
掃除機で損傷したケーブルの代わりに、新しく圧着された 26 フィート (8 メートル) の STP Cat 6 パッチ ケーブルが最近 1 つの部屋に設置されました。現在、その部屋のユーザーはネットワークに接続できません。ネットワーク技術者は、まず既存のケーブルをテストします。コア スイッチからフロアのアクセス スイッチまで伸びる 177 フィート (54 メートル) のケーブルは機能しており、アクセス スイッチからオフィスの壁のジャックまで伸びる 115 フィート (35 メートル) のケーブルも機能しています。ユーザーがネットワークに接続できない理由として最も可能性が高いのは次のどれですか。
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
ネットワーク管理者は、新しい企業オフィスのネットワークを構成する任務を負っています。オフィスは 2 つの建物で構成されており、物理的に接続されておらず、50 フィート離れています。構成は次の要件を満たす必要があります。
両方の建物のデバイスは
インターネットにアクセスできます。
セキュリティは、すべてのインターネットトラフィック
入場前に検査を受ける
ネットワーク。
デスクトップではトラフィックは表示されない
他のデバイス向け。
説明書
各場所に適切なネットワーク デバイスを選択します。該当する場合は、構成の更新が必要なデバイスの横にある虫眼鏡をクリックし、必要な変更を加えます。
すべてのデバイスが使用されるわけではありませんが、すべての場所を入力する必要があります。
いつでもシミュレーションの初期状態に戻したい場合は、「すべてリセット」ボタンをクリックしてください。
両方の建物のデバイスは
インターネットにアクセスできます。
セキュリティは、すべてのインターネットトラフィック
入場前に検査を受ける
ネットワーク。
デスクトップではトラフィックは表示されない
他のデバイス向け。
説明書
各場所に適切なネットワーク デバイスを選択します。該当する場合は、構成の更新が必要なデバイスの横にある虫眼鏡をクリックし、必要な変更を加えます。
すべてのデバイスが使用されるわけではありませんが、すべての場所を入力する必要があります。
いつでもシミュレーションの初期状態に戻したい場合は、「すべてリセット」ボタンをクリックしてください。
正解:
See the step by step complete solution below.
Explanation:
* Devices in both buildings should be able to access the Internet.
* Security insists that all Internet traffic be inspected before entering the network.
* Desktops should not see traffic destined for other devices.
Here is the corrected layout with explanation:
* Building A:
* Switch: Correctly placed to connect all desktops.
* Firewall: Correctly placed to inspect all incoming and outgoing traffic.
* Building B:
* Switch: Not needed. Instead, place a Wireless Access Point (WAP) to provide wireless connectivity for laptops and mobile devices.
* Between Buildings:
* Wireless Range Extender: Correctly placed to provide connectivity between the buildings wirelessly.
* Connection to the Internet:
* Router: Correctly placed to connect to the Internet and route traffic between the buildings and the Internet.
* Firewall: The firewall should be placed between the router and the internal network to inspect all traffic before it enters the network.
Corrected Setup:
* Top-left (Building A): Switch
* Bottom-left (Building A): Firewall (inspect traffic before it enters the network)
* Top-middle (Internet connection): Router
* Bottom-middle (between buildings): Wireless Range Extender
* Top-right (Building B): Wireless Access Point (WAP)
In this corrected setup, the WAP in Building B will connect wirelessly to the Wireless Range Extender, which is connected to the Router. The Router is connected to the Firewall to ensure all traffic is inspected before it enters the network.
Configuration for Wireless Range Extender:
* SSID: CORP
* Security Settings: WPA2 or WPA2 - Enterprise
* Key or Passphrase: [Enter a strong passphrase]
* Mode: [Set based on your network plan]
* Channel: [Set based on your network plan]
* Speed: Auto
* Duplex: Auto
With these settings, both buildings will have secure access to the Internet, and all traffic will be inspected by the firewall before entering the network. Desktops and other devices will not see traffic intended for others, maintaining the required security and privacy.
To configure the wireless range extender for security, follow these steps:
* SSID (Service Set Identifier):
* Ensure the SSID is set to "CORP" as shown in the exhibit.
* Security Settings:
* WPA2 or WPA2 - Enterprise: Choose one of these options for stronger security. WPA2- Enterprise provides more robust security with centralized authentication, which is ideal for a corporate environment.
* Key or Passphrase:
* If you select WPA2, enter a strong passphrase in the "Key or Passphrase" field.
* If you select WPA2 - Enterprise, you will need to configure additional settings for authentication servers, such as RADIUS, which is not shown in the exhibit.
* Wireless Mode and Channel:
* Set the appropriate mode and channel based on your network design and the environment to avoid interference. These settings are not specified in the exhibit, so set them according to your network plan.
* Wired Speed and Duplex:
* Set the speed to "Auto" unless you have specific requirements for 100 or 1000 Mbps.
* Set the duplex to "Auto" unless you need to specify half or full duplex based on your network equipment.
* Save Configuration:
* After making the necessary changes, click the "Save" button to apply the settings.
Here is how the configuration should look after adjustments:
* SSID: CORP
* Security Settings: WPA2 or WPA2 - Enterprise
* Key or Passphrase: [Enter a strong passphrase]
* Mode: [Set based on your network plan]
* Channel: [Set based on your network plan]
* Speed: Auto
* Duplex: Auto
Once these settings are configured, your wireless range extender will provide secure connectivity for devices in both buildings.
Firewall setting to to ensure complete compliance with the requirements and best security practices, consider the following adjustments and additions:
* DNS Rule: This rule allows DNS traffic from the internal network to any destination, which is fine.
* HTTPS Outbound: This rule allows HTTPS traffic from the internal network (assuming 192.169.0.1/24 is a typo and should be 192.168.0.1/24) to any destination, which is also good for secure web browsing.
* Management: This rule allows SSH access to the firewall for management purposes, which is necessary for administrative tasks.
* HTTPS Inbound: This rule denies inbound HTTPS traffic to the internal network, which is good unless you have a web server that needs to be accessible from the internet.
* HTTP Inbound: This rule denies inbound HTTP traffic to the internal network, which is correct for security purposes.
Suggested Additional Settings:
* Permit General Outbound Traffic: Allow general outbound traffic for web access, email, etc.
* Block All Other Traffic: Ensure that all other traffic is blocked to prevent unauthorized access.
Firewall Configuration Adjustments:
* Correct the Network Typo:
* Ensure that the subnet 192.169.0.1/24 is corrected to 192.168.0.1/24.
* Permit General Outbound Traffic:
* Rule Name: General Outbound
* Source: 192.168.0.1/24
* Destination: ANY
* Service: ANY
* Action: PERMIT
* Deny All Other Traffic:
* Rule Name: Block All
* Source: ANY
* Destination: ANY
* Service: ANY
* Action: DENY
Here is how your updated firewall settings should look:
Rule Name
Source
Destination
Service
Action
DNS Rule
192.168.0.1/24
ANY
DNS
PERMIT
HTTPS Outbound
192.168.0.1/24
ANY
HTTPS
PERMIT
Management
ANY
192.168.0.1/24
SSH
PERMIT
HTTPS Inbound
ANY
192.168.0.1/24
HTTPS
DENY
HTTP Inbound
ANY
192.168.0.1/24
HTTP
DENY
General Outbound
192.168.0.1/24
ANY
ANY
PERMIT
Block All
ANY
ANY
ANY
DENY
These settings ensure that:
* Internal devices can access DNS and HTTPS services externally.
* Management access via SSH is permitted.
* Inbound HTTP and HTTPS traffic is denied unless otherwise specified.
* General outbound traffic is allowed.
* All other traffic is blocked by default, ensuring a secure environment.
Make sure to save the settings after making these adjustments.
Explanation:
* Devices in both buildings should be able to access the Internet.
* Security insists that all Internet traffic be inspected before entering the network.
* Desktops should not see traffic destined for other devices.
Here is the corrected layout with explanation:
* Building A:
* Switch: Correctly placed to connect all desktops.
* Firewall: Correctly placed to inspect all incoming and outgoing traffic.
* Building B:
* Switch: Not needed. Instead, place a Wireless Access Point (WAP) to provide wireless connectivity for laptops and mobile devices.
* Between Buildings:
* Wireless Range Extender: Correctly placed to provide connectivity between the buildings wirelessly.
* Connection to the Internet:
* Router: Correctly placed to connect to the Internet and route traffic between the buildings and the Internet.
* Firewall: The firewall should be placed between the router and the internal network to inspect all traffic before it enters the network.
Corrected Setup:
* Top-left (Building A): Switch
* Bottom-left (Building A): Firewall (inspect traffic before it enters the network)
* Top-middle (Internet connection): Router
* Bottom-middle (between buildings): Wireless Range Extender
* Top-right (Building B): Wireless Access Point (WAP)
In this corrected setup, the WAP in Building B will connect wirelessly to the Wireless Range Extender, which is connected to the Router. The Router is connected to the Firewall to ensure all traffic is inspected before it enters the network.
Configuration for Wireless Range Extender:
* SSID: CORP
* Security Settings: WPA2 or WPA2 - Enterprise
* Key or Passphrase: [Enter a strong passphrase]
* Mode: [Set based on your network plan]
* Channel: [Set based on your network plan]
* Speed: Auto
* Duplex: Auto
With these settings, both buildings will have secure access to the Internet, and all traffic will be inspected by the firewall before entering the network. Desktops and other devices will not see traffic intended for others, maintaining the required security and privacy.
To configure the wireless range extender for security, follow these steps:
* SSID (Service Set Identifier):
* Ensure the SSID is set to "CORP" as shown in the exhibit.
* Security Settings:
* WPA2 or WPA2 - Enterprise: Choose one of these options for stronger security. WPA2- Enterprise provides more robust security with centralized authentication, which is ideal for a corporate environment.
* Key or Passphrase:
* If you select WPA2, enter a strong passphrase in the "Key or Passphrase" field.
* If you select WPA2 - Enterprise, you will need to configure additional settings for authentication servers, such as RADIUS, which is not shown in the exhibit.
* Wireless Mode and Channel:
* Set the appropriate mode and channel based on your network design and the environment to avoid interference. These settings are not specified in the exhibit, so set them according to your network plan.
* Wired Speed and Duplex:
* Set the speed to "Auto" unless you have specific requirements for 100 or 1000 Mbps.
* Set the duplex to "Auto" unless you need to specify half or full duplex based on your network equipment.
* Save Configuration:
* After making the necessary changes, click the "Save" button to apply the settings.
Here is how the configuration should look after adjustments:
* SSID: CORP
* Security Settings: WPA2 or WPA2 - Enterprise
* Key or Passphrase: [Enter a strong passphrase]
* Mode: [Set based on your network plan]
* Channel: [Set based on your network plan]
* Speed: Auto
* Duplex: Auto
Once these settings are configured, your wireless range extender will provide secure connectivity for devices in both buildings.
Firewall setting to to ensure complete compliance with the requirements and best security practices, consider the following adjustments and additions:
* DNS Rule: This rule allows DNS traffic from the internal network to any destination, which is fine.
* HTTPS Outbound: This rule allows HTTPS traffic from the internal network (assuming 192.169.0.1/24 is a typo and should be 192.168.0.1/24) to any destination, which is also good for secure web browsing.
* Management: This rule allows SSH access to the firewall for management purposes, which is necessary for administrative tasks.
* HTTPS Inbound: This rule denies inbound HTTPS traffic to the internal network, which is good unless you have a web server that needs to be accessible from the internet.
* HTTP Inbound: This rule denies inbound HTTP traffic to the internal network, which is correct for security purposes.
Suggested Additional Settings:
* Permit General Outbound Traffic: Allow general outbound traffic for web access, email, etc.
* Block All Other Traffic: Ensure that all other traffic is blocked to prevent unauthorized access.
Firewall Configuration Adjustments:
* Correct the Network Typo:
* Ensure that the subnet 192.169.0.1/24 is corrected to 192.168.0.1/24.
* Permit General Outbound Traffic:
* Rule Name: General Outbound
* Source: 192.168.0.1/24
* Destination: ANY
* Service: ANY
* Action: PERMIT
* Deny All Other Traffic:
* Rule Name: Block All
* Source: ANY
* Destination: ANY
* Service: ANY
* Action: DENY
Here is how your updated firewall settings should look:
Rule Name
Source
Destination
Service
Action
DNS Rule
192.168.0.1/24
ANY
DNS
PERMIT
HTTPS Outbound
192.168.0.1/24
ANY
HTTPS
PERMIT
Management
ANY
192.168.0.1/24
SSH
PERMIT
HTTPS Inbound
ANY
192.168.0.1/24
HTTPS
DENY
HTTP Inbound
ANY
192.168.0.1/24
HTTP
DENY
General Outbound
192.168.0.1/24
ANY
ANY
PERMIT
Block All
ANY
ANY
ANY
DENY
These settings ensure that:
* Internal devices can access DNS and HTTPS services externally.
* Management access via SSH is permitted.
* Inbound HTTP and HTTPS traffic is denied unless otherwise specified.
* General outbound traffic is allowed.
* All other traffic is blocked by default, ensuring a secure environment.
Make sure to save the settings after making these adjustments.
ネットワーク技術者は、顧客の SOHO ネットワークに関するいくつかの問題を解決する必要があります。
顧客は、一部のデバイスがネットワークに接続されていないが、他のデバイスは意図したとおりに動作しているようだと報告しています。
説明書
各デバイスとケーブルをクリックして、すべてのネットワーク コンポーネントのトラブルシューティングを行い、ケーブル テストの結果を確認します。
問題のあるコンポーネントを特定して適切なコンポーネントを診断し、各問題を修正するための解決策を提案します。
ケーブルテスト結果:
ケーブル1:
ケーブル2:
ケーブル3:
ケーブル4:
顧客は、一部のデバイスがネットワークに接続されていないが、他のデバイスは意図したとおりに動作しているようだと報告しています。
説明書
各デバイスとケーブルをクリックして、すべてのネットワーク コンポーネントのトラブルシューティングを行い、ケーブル テストの結果を確認します。
問題のあるコンポーネントを特定して適切なコンポーネントを診断し、各問題を修正するための解決策を提案します。
ケーブルテスト結果:
ケーブル1:
ケーブル2:
ケーブル3:
ケーブル4:
正解:
See the Explanation for detailed information on this simulation.
Explanation:
(Note: Ips will be change on each simulation task, so we have given example answer for the understanding) To troubleshoot all the network components and review the cable test results, you can use the following steps:
* Click on each device and cable to open its information window.
* Review the information and identify any problems or errors that may affect the network connectivity or performance.
* Diagnose the appropriate component(s) by identifying any components with a problem and recommend a solution to correct each problem.
* Fill in the remediation form using the drop-down menus provided.
Here is an example of how to fill in the remediation form for PC1:
* The component with a problem is PC1.
* The problem is Incorrect IP address.
* The solution is Change the IP address to 192.168.1.10.
You can use the same steps to fill in the remediation form for other components.
To enter commands in each device, you can use the following steps:
* Click on the device to open its terminal window.
* Enter the command ipconfig /all to display the IP configuration of the device, including its IP address, subnet mask, default gateway, and DNS servers.
* Enter the command ping <IP address> to test the connectivity and reachability to another device on the network by sending and receiving echo packets. Replace <IP address> with the IP address of the destination device, such as 192.168.1.1 for Core Switch 1.
* Enter the command tracert <IP address> to trace the route and measure the latency of packets from the device to another device on the network by sending and receiving packets withincreasing TTL values.
Replace <IP address> with the IP address of the destination device, such as 192.168.1.1 for Core Switch 1.
Here is an example of how to enter commands in PC1:
* Click on PC1 to open its terminal window.
* Enter the command ipconfig /all to display the IP configuration of PC1. You should see that PC1 has an incorrect IP address of 192.168.2.10, which belongs to VLAN 2 instead of VLAN 1.
* Enter the command ping 192.168.1.1 to test the connectivity to Core Switch 1. You should see that PC1 is unable to ping Core Switch 1 because they are on different subnets.
* Enter the command tracert 192.168.1.1 to trace the route to Core Switch 1. You should see that PC1 is unable to reach Core Switch 1 because there is no route between them.
You can use the same steps to enter commands in other devices, such as PC3, PC4, PC5, and Server 1.
Explanation:
(Note: Ips will be change on each simulation task, so we have given example answer for the understanding) To troubleshoot all the network components and review the cable test results, you can use the following steps:
* Click on each device and cable to open its information window.
* Review the information and identify any problems or errors that may affect the network connectivity or performance.
* Diagnose the appropriate component(s) by identifying any components with a problem and recommend a solution to correct each problem.
* Fill in the remediation form using the drop-down menus provided.
Here is an example of how to fill in the remediation form for PC1:
* The component with a problem is PC1.
* The problem is Incorrect IP address.
* The solution is Change the IP address to 192.168.1.10.
You can use the same steps to fill in the remediation form for other components.
To enter commands in each device, you can use the following steps:
* Click on the device to open its terminal window.
* Enter the command ipconfig /all to display the IP configuration of the device, including its IP address, subnet mask, default gateway, and DNS servers.
* Enter the command ping <IP address> to test the connectivity and reachability to another device on the network by sending and receiving echo packets. Replace <IP address> with the IP address of the destination device, such as 192.168.1.1 for Core Switch 1.
* Enter the command tracert <IP address> to trace the route and measure the latency of packets from the device to another device on the network by sending and receiving packets withincreasing TTL values.
Replace <IP address> with the IP address of the destination device, such as 192.168.1.1 for Core Switch 1.
Here is an example of how to enter commands in PC1:
* Click on PC1 to open its terminal window.
* Enter the command ipconfig /all to display the IP configuration of PC1. You should see that PC1 has an incorrect IP address of 192.168.2.10, which belongs to VLAN 2 instead of VLAN 1.
* Enter the command ping 192.168.1.1 to test the connectivity to Core Switch 1. You should see that PC1 is unable to ping Core Switch 1 because they are on different subnets.
* Enter the command tracert 192.168.1.1 to trace the route to Core Switch 1. You should see that PC1 is unable to reach Core Switch 1 because there is no route between them.
You can use the same steps to enter commands in other devices, such as PC3, PC4, PC5, and Server 1.