CompTIA Updated N10-009 Exam Questions and Answers by harun

The correct answer is 802.1X, which is an identity-based Network Access Control (NAC) framework emphasized in the CompTIA Network+ N10-009 objectives under network security and access control. 802.1X uses a policy-driven authentication process to determine whether a user or device is allowed network access based on verified credentials, such as usernames, passwords, or digital certificates.

802.1X operates using three main components: the supplicant (the client requesting access), the authenticator (the network device such as a switch or wireless access point), and the authentication server (typically a RADIUS server). Once the user’s identity is authenticated, predefined policies determine the level of access granted—full access, limited access, or denial. This makes 802.1X a cornerstone of zero trust and enterprise-grade NAC implementations.

A standard ACL controls traffic based on IP addresses and ports, not user identity. MAC filtering allows or denies access based on device MAC addresses, which can be easily spoofed and does not verify user identity. SSO (Single Sign-On) simplifies authentication across multiple systems but does not control network-layer access.

Network+ highlights 802.1X as a secure, scalable solution for enforcing identity-based network access policies in both wired and wireless environments.

Tailgating is a physical security breach where someone follows an authorized person into a restricted area without proper credentials. Once inside, the attacker can install rogue devices like unauthorized APs.

A. Evil twin is a wireless attack where an attacker sets up a fake AP.

B. Honeytrap is used to attract attackers for analysis.

C. Wardriving involves scanning for unsecured Wi-Fi networks while driving, not physical intrusion.

???? Reference:

CompTIA Network+ N10-009 Official Objectives: 4.2 – Identify common security threats and vulnerabilities.

On the first exhibit, the layout should be as follows

A screenshot of a computer AI-generated content may be incorrect.

A screenshot of a computer AI-generated content may be incorrect.

A screenshot of a computer AI-generated content may be incorrect.

A screenshot of a computer AI-generated content may be incorrect.

A screenshot of a computer AI-generated content may be incorrect.

Exhibit 2 as follows

Access Point Name AP2

A screenshot of a computer AI-generated content may be incorrect.

A screenshot of a computer AI-generated content may be incorrect.

A screenshot of a computer AI-generated content may be incorrect.

Exhibit 3 as follows

Access Point Name AP3

A screenshot of a computer AI-generated content may be incorrect.

A screenshot of a computer AI-generated content may be incorrect.

A screenshot of a computer AI-generated content may be incorrect.

X.509 certificates are most commonly associated with Public Key Infrastructure (PKI). These certificates are used for a variety of security functions, including digital signatures, encryption, and authentication.

PKI: X.509 certificates are a fundamental component of PKI, used to manage encryption keys and authenticate users and devices.

Digital Certificates: They are used to establish secure communications over networks, such as SSL/TLS for websites and secure email communication.

Authentication and Encryption: X.509 certificates provide the means to securely exchange keys and verify identities in various applications, ensuring data integrity and confidentiality.

Network References:

CompTIA Network+ N10-007 Official Certification Guide: Covers PKI and the role of X.509 certificates in network security.

Cisco Networking Academy: Provides training on PKI, certificates, and secure communications.

Network+ Certification All-in-One Exam Guide: Explains PKI, X.509 certificates, and their applications in securing network communications.