CompTIA Updated N10-009 Exam Questions and Answers by raiden

Malware refers to any malicious software that can exfiltrate confidential data, including spyware, trojans, and rootkits. This fits the scenario where unauthorized data transfer is occurring.

Breakdown of Options:

A. Adware – Displays ads, does not typically steal data.

B. Ransomware – Encrypts files but does not exfiltrate data.

C. Darkware – Not a real cybersecurity term.

D. Malware – Correct answer. Malicious software is responsible for unauthorized data exfiltration.

X.509 certificates are most commonly associated with Public Key Infrastructure (PKI). These certificates are used for a variety of security functions, including digital signatures, encryption, and authentication.

PKI: X.509 certificates are a fundamental component of PKI, used to manage encryption keys and authenticate users and devices.

Digital Certificates: They are used to establish secure communications over networks, such as SSL/TLS for websites and secure email communication.

Authentication and Encryption: X.509 certificates provide the means to securely exchange keys and verify identities in various applications, ensuring data integrity and confidentiality.

Network References:

CompTIA Network+ N10-007 Official Certification Guide: Covers PKI and the role of X.509 certificates in network security.

Cisco Networking Academy: Provides training on PKI, certificates, and secure communications.

Network+ Certification All-in-One Exam Guide: Explains PKI, X.509 certificates, and their applications in securing network communications.

If a SQL server is allowing FTP access to all users, the most direct and best practice action is to disable unused services/ports on the server itself . Network+ (N10-009) security objectives emphasize host hardening and the principle of least functionality : only required services should be running and listening. If FTP is not required for the SQL server’s role, stopping and disabling the FTP service (and closing the associated ports on the host firewall) reduces the attack surface regardless of network firewall rules. This approach ensures the server cannot be reached via FTP even if it is placed on a different network segment or if upstream controls are misconfigured later.

Changing default passwords is important, but it does not address the unnecessary exposure of an unneeded service. Deleting NGFW rules that allow all FTP traffic could help at the perimeter, but it may unintentionally break legitimate FTP usage elsewhere and still doesn’t guarantee the server isn’t reachable from internal networks. Switch ACLs along SQL traffic paths are indirect and easy to misapply; they also add operational complexity and may not cover all access paths. The best “only required services are allowed” control is to disable the unused service/ports on the server .

===========