Special Summer Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > CompTIA > CompTIA Network+ > N10-009

N10-009 CompTIA Network+ Certification Exam Question and Answers

Question # 4

A systems administrator is configuring a new device to be added to the network. The administrator is planning to perform device hardening prior to connecting the device. Which of the following should the administrator do first?

A.

Update the network ACLs.

B.

Place the device in a screened subnet.

C.

Enable content filtering.

D.

Change the default admin passwords.

Full Access
Question # 5

A user connects to a corporate VPN via a web browser and is able to use TLS to access the internal financial system to input a time card. Which of the following best describes how the VPN is being used?

A.

Clientless

B.

Client-to-site

C.

Full tunnel

D.

Site-to-site

Full Access
Question # 6

An organizatin is struggling to get effective coverage using the wireless network. The organization wants to implement a solution that will allow for continous connectivity anywhere in the facility. Which of the following should the network administ rator suggest to ensure the best coverage?

A.

Implementing additional ad hoc access points

B.

Providing more Ethernet drops for user connections

C.

Deploying a mesh network in the building

D.

nl Changing the current frequency of the WI-FI

Full Access
Question # 7

Users usually useRDPto connect to aterminal serverwith hostnameTS19that points to10.0.100.19. However, usersrecently have been unable to connecttoTS19. The technicianpings 10.0.100.19and gets anunreachable error. Which of the following is themost likely cause?

A.

The users are on the wrong subnet.

B.

The DHCP server renewed the lease.

C.

The IP address was not reserved.

D.

The hostname was changed.

Full Access
Question # 8

A technician is designing a cloud service solution that will accommodate the company's current size, compute capacity, and storage capacity. Which of the following cloud deployment models will fulfill these requirements?

A.

SaaS

B.

PaaS

C.

IaaS

D.

IaC

Full Access
Question # 9

An organization hasfour departmentsthat each need access todifferent resourcesthatdo not overlap. Which of the following should a technicianconfigurein order toimplement and assign an ACL?

A.

VLAN

B.

DHCP

C.

VPN

D.

STP

Full Access
Question # 10

During a recent security assessment, an assessor attempts to obtain user credentials by pretending to be from the organization's help desk. Which of the following attacks is the assessor using?

A.

Social engineering

B.

Tailgating

C.

Shoulder surfing

D.

Smishing

E.

Evil twin

Full Access
Question # 11

An ISP provided a company with a pre-configured modem and five public static IP addresses. Which of the following does the company's firewall require to access the internet? (Select TWO).

A.

NTP server

B.

Default gateway

C.

The modem's IP address

D.

One static IP address

E.

DNS servers

F.

DHCP server

Full Access
Question # 12

After a company installed a new IPS, the network is experiencing speed degradation. A network administrator is troubleshooting the issue and runs a speed test. The results from the different network locations are as follows:

LocationSpeed DownSpeed Up

Wireless laptop4.8 Mbps47.1 Mbps

Wired desktop5.2 Mbps49.3 Mbps

Firewall48.8 Mbps49.5 Mbps

Which of the following is the most likely issue?

A.

Packet loss

B.

Bottlenecking

C.

Channel overlap

D.

Network congestion

Full Access
Question # 13

Asmall businessis deploying new phones, and some of the phones havefull HD videoconferencing features. TheChief Information Officer (CIO)is concerned that the network might not be able to handle the traffic if it reaches a certain threshold. Which of the following can the network engineer configure to help ease these concerns?

A.

A VLAN with 100Mbps speed limits

B.

An IP helper to direct VoIP traffic

C.

A smaller subnet mask

D.

Full duplex on all user ports

Full Access
Question # 14

To reduce costs and increase mobility, a Chief Technology Officer (CTO) wants to adopt cloud services for the organization and its affiliates. To reduce the impact for users, the CTO wants key services to run from the on-site data center and enterprise services to run in the cloud. Which of the following deployment models is the best choice for the organization?

A.

Public

B.

Hybrid

C.

SaaS

D.

Private

Full Access
Question # 15

A network administrator wants to increase network security by preventing client devices from communicating directly with each other on the same subnet. Which of the following technologies should be implemented?

A.

ACL

B.

Trunking

C.

Port security

D.

Private VLAN

Full Access
Question # 16

Which of the following technologies is thebest choicetolisten for requests and distribute user trafficacross web servers?

A.

Router

B.

Switch

C.

Firewall

D.

Load balancer

Full Access
Question # 17

An employee in a corporate office clicks on a link in an email that was forwarded to them. The employee is redirected to a splash page that says the page is restricted. Which of the following security solutions is most likely in place?

A.

DLP

B.

Captive portal

C.

Content filtering

D.

DNS sinkholing

Full Access
Question # 18

Which of the following allows a remote user to connect to the network?

A.

Command-line interface

B.

API gateway

C.

Client-to-site VPN

D.

Jump box

Full Access
Question # 19

Which of the following is an XML-based security concept that works by passing sensitve information about users, such as log-in information and attributes, to providers.

A.

IAM

B.

MFA

C.

RADIUS

D.

SAML

Full Access
Question # 20

You have been tasked with implementing an ACL on the router that will:

1. Permit the most commonly used secure remote access technologies from the management network to all other local network segments

2. Ensure the user subnet cannot use the most commonly used remote access technologies in the Linux and Windows Server segments.

3. Prohibit any traffic that has not been specifically allowed.

INSTRUCTIONS

Use the drop-downs to complete the ACL

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Full Access
Question # 21

Which of the following is a characteristic of the application layer?

A.

It relies upon other layers for packet delivery.

B.

It checks independently for packet loss.

C.

It encrypts data in transit.

D.

It performs address translation.

Full Access
Question # 22

A network administrator's device is experiencing severe Wi-Fi interference within the corporate headquarters causing the device to constantly drop off the network. Which of the following is most likely the cause of the issue?

A.

Too much wireless reflection

B.

Too much wireless absorption

C.

Too many wireless repeaters

D.

Too many client connections

Full Access
Question # 23

Which of the following allows a user toconnect to an isolated deviceon astand-alone network?

A.

Jump box

B.

API gateway

C.

Secure Shell (SSH)

D.

Clientless VPN

Full Access
Question # 24

A company is expanding to another floor in the same building. The network engineer configures a new switch with the same VLANs as the existing stack. When the network engineer connects the new switch to the existing stack, all users lose connectivity. Which of the following is the MOST likely reason?

A.

The new switch has unused ports disabled

B.

The new switch does not have a default gateway

C.

The new switch is connected to an access port

D.

The new switch is in a spanning tree loop

Full Access
Question # 25

Which of the following is the part of a disaster recovery (DR) plan that identifies the critical systems that should be recovered first after an incident?

A.

RTO

B.

SLA

C.

MTBF

D.

SIEM

Full Access
Question # 26

A network engineer needs to order cabling to connect two buildings within the same city. Which of the following media types should the network engineer use?

A.

Coaxial

B.

Twinaxial

C.

Single-mode fiber

D.

Cat 5

Full Access
Question # 27

Which of the following are the best device-hardening techniques for network security? (Select two).

A.

Disabling unused ports

B.

Performing regular scanning of unauthorized devices

C.

Monitoring system logs for irregularities

D.

Enabling logical security such as SSO

E.

Changing default passwords

F.

Ensuring least privilege concepts are in place

Full Access
Question # 28

A company is purchasing a40Gbps broadband connectionservice from an ISP. Which of the following shouldmost likelybe configured on the10G switchto take advantage of the new service?

A.

802.1Q tagging

B.

Jumbo frames

C.

Half duplex

D.

Link aggregation

Full Access
Question # 29

A customer calls the help desk to report issues connection to the internet. The customer can reach a local database server. A technician goes to the site and examines the configuration:

Which of the following is causing the user's issue?

A.

Incorrect DNS

B.

Unreachable gateway

C.

Failed root bridge

D.

Poor upstream routing

Full Access
Question # 30

You are tasked with verifying the following requirements are met in order to ensure network security.

Requirements:

Datacenter

Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage

Provide a dedicated server to resolve IP addresses and hostnames correctly and handle port 53 traffic

Building A

Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage

Provide devices to support 5 additional different office users

Add an additional mobile user

Replace the Telnet server with a more secure solution

Screened subnet

Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage

Provide a server to handle external 80/443 traffic

Provide a server to handle port 20/21 traffic

INSTRUCTIONS

Drag and drop objects onto the appropriate locations. Objects can be used multiple times and not all placeholders need to be filled.

Available objects are located in both the Servers and Devices tabs of the Drag & Drop menu.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Full Access
Question # 31

Which of the following would most likely be utilized to implement encryption in transit when using HTTPS?

A.

SSH

B.

TLS

C.

SCADA

D.

RADIUS

Full Access
Question # 32

Which of the following is a cost-effective advantage of a split-tunnel VPN?

A.

Web traffic is filtered through a web filter.

B.

More bandwidth is required on the company's internet connection.

C.

Monitoring detects insecure machines on the company’s network.

D.

Cloud-based traffic flows outside of the company's network.

Full Access
Question # 33

Which of the following allows for theinterception of trafficbetween the source and destination?

A.

Self-signed certificate

B.

VLAN hopping

C.

On-path attack

D.

Phishing

Full Access
Question # 34

Which of the following can support a jumbo frame?

A.

Access point

B.

Bridge

C.

Hub

D.

Switch

Full Access
Question # 35

Which of the following steps in the troubleshooting methodology comes after using a top-to-top buttom examination of the OSI model to determine cause?

A.

Test in the theory

B.

Establish a plan of action

C.

Verify full system functionality

D.

Identify the problem

Full Access
Question # 36

A user's desk has a workstation and an IP phone. The user is unable to browse the internet on the workstation, but the phone works. Which of the following configurations is required?

A.

Voice VLAN

B.

Native VLAN

C.

Data VLAN

D.

Trunk port

Full Access
Question # 37

A network engineer is setting up a new VoIP network for a customer. The current network is segmented only for computers and servers. No additional switch ports can be used in the new network. Which of the following does the engineer need to do to configure the network correctly? (Select TWO).

A.

Change network translation definitions

B.

Enable 802.1Q

C.

Implement a routing protocol

D.

Set up voice VLANs

E.

Reconfigure the DNS

F.

Place devices in the perimeter network

Full Access
Question # 38

A network engineer is designing a secure communication link between two sites. The entire data stream needs to remain confidential. Which of the following will achieve this goal?

A.

GRE

B.

IKE

C.

ESP

D.

AH

Full Access
Question # 39

A user is unable to navigate to a website because the provided URL is not resolving to the correct IP address. Other users are able to navigate to the intended website without issue. Which of the following is most likely causing this issue?

A.

Hosts file

B.

Self-signed certificate

C.

Nameserver record

D.

IP helperANS

Full Access
Question # 40

A company's marketing team created a new application and would like to create a DNS record for newapplication.comptia.org that always resolves to the same address as www.comptia.org. Which of the following records should the administrator use?

A.

SOA

B.

MX

C.

CNAME

D.

NS

Full Access
Question # 41

A network engineer performed a migration to a new mail server. The engineer changed the MX record, verified the change was accurate, and confirmed the new mail server was reachable via the IP address in the A record. However, users are not receiving email. Which of the following should the engineer have done to prevent the issue from occurring?

A.

Change the email client configuration to match the MX record.

B.

Reduce the TTL record prior to the MX record change.

C.

Perform a DNS zone transfer prior to the MX record change.

D.

Update the NS record to reflect the IP address change.

Full Access
Question # 42

A virtual machine has the following configuration:

•IPv4 address: 169.254.10.10

•Subnet mask: 255.255.0.0

The virtual machine can reach colocated systems but cannot reach external addresses on the Internet. Which of the following Is most likely the root cause?

A.

Thesubnet mask is incorrect.

B.

TheDHCP server is offline.

C.

TheIP address is an RFC1918 private address.

D.

TheDNS server is unreachable.

Full Access
Question # 43

A network administrator notices interference with industrial equipment in the 2.4GHz range. Which of the following technologies would most likely mitigate this issue? (Select two).

A.

Mesh network

B.

5GHz frequency

C.

Omnidirectional antenna

D.

Non-overlapping channel

E.

Captive portal

F.

Ad hoc network

Full Access
Question # 44

A technician is planning an equipement installation into a rack in a data center that practices hot aisle/cold aise ventilation. Which of the following directions should the equipement exhaust face when installed in the rack?

A.

Sides

B.

Top

C.

Front

D.

Rear

Full Access
Question # 45

Several users in an organization report connectivity issues and lag during a video meeting. The network administrator performs a tcpdump and observes increased retransmissions for other non-video applications on the network. Which of the following symptoms describes the users' reported issues?

A.

Latency

B.

Packet loss

C.

Bottlenecking

D.

Jitter

Full Access
Question # 46

Which of the following could provide a lightweight and private connection to a remote box?

A.

Site-to-site VPN

B.

Telnet

C.

Console

D.

Secure Shell

Full Access
Question # 47

A network administrator wants to configure a backup route in case the primary route fails. A dynamic routing protocol is not installed on the router. Which of the following routing features should the administrator choose to accomplish this task?

A.

Neighbor adjacency

B.

Link state flooding

C.

Administrative distance

D.

Hop count

Full Access
Question # 48

Which of the following is used to estimate the average life span of a device?

A.

RTO

B.

RPO

C.

MTBF

D.

MTTR

Full Access
Question # 49

A network administrator noticesuncommon communication between VMsonephemeral portson the same subnet. The administrator is concerned about thattraffic moving laterallywithin the network. Which of the following describes the type of traffic flow the administrator is analyzing?

A.

East-west

B.

Point-to-point

C.

Horizontal-scaling

D.

Hub-and-spoke

Full Access
Question # 50

Which of the following protocol ports should be used to securely transfer a file?

A.

22

B.

69

C.

80

D.

3389

Full Access
Question # 51

A user notifies a network administrator about losing access to a remote file server. The network administrator is able to ping the server and verifies the current firewall rules do not block access to the network fileshare. Which of the following tools wold help identify which ports are open on the remote file server?

A.

Dig

B.

Nmap

C.

Tracert

D.

nslookup

Full Access
Question # 52

A network engineer receives a vendor alert regarding a vulnerability in a router CPU. Which of the following should the engineer do to resolve the issue?

A.

Update the firmware.

B.

Replace the system board.

C.

Patch the OS.

D.

Isolate the system.

Full Access
Question # 53

Users at a satellite office are experiencing issues when using videoconferencing. Which of the following should a technician focus on first to rectify these issues?

A.

Quality of service

B.

Network signal

C.

Time to live

D.

Load balancing

Full Access
Question # 54

A user's home mesh wireless network is experiencing latency issues. A technician has:

•Performed a speed test.

•Rebooted the devices.

•Performed a site survey.

•Performed a wireless packet capture.

The technician reviews the following information:

The technician notices in the packet capture that frames were retransmitted. Which of the following is the most likely cause of the user's network issue?

A.

The SSIDs should not be the same.

B.

The network has too much overlap.

C.

The devices are incompatible with the mesh network.

D.

The nodes are underpowered.

Full Access
Question # 55

Which of the following is a company most likely enacting if an accountant for the company can only see the financial department's shared folders?

A.

General Data Protection Regulation

B.

Least privilege network access

C.

Acceptable use policy

D.

End user license agreement

Full Access
Question # 56

Which of the following best explains the role of confidentiality with regard to data at rest?

A.

Datacanbe accessedby anyone on the administrative network.

B.

Datacanbe accessedremotely with proper training.

C.

Datacanbe accessedafter privileged access Is granted.

D.

Datacanbe accessedafter verifying the hash.

Full Access
Question # 57

A network administrator is notified that a user cannot access resources on the network. The network administrator checks the physical connections to the workstation labeled User 3 and sees the Ethernet is properly connected. However, the network interface’s indicator lights are not blinking on either the computer or the switch. Which of the following Is the most likely cause?

A.

Theswitch failed.

B.

Thedefault gateway is wrong.

C.

Theport Is shut down.

D.

TheVLAN assignment is incorrect.

Full Access
Question # 58

Which of the following network traffic type is sent to all nodes on the network?

A.

Unicast

B.

Broadcast

C.

Multicast

D.

Anycast

Full Access
Question # 59

A network administrator needs to set up a multicast network for audio and video broadcasting. Which of the following networks would be the most appropriate for this application?

A.

172.16.0.0/24

B.

192.168.0.0/24

C.

224.0.0.0/24

D.

240.0.0.0/24

Full Access
Question # 60

A network administrator is planning to implement device monitoring to enhance network visibility. The security that the solution provides authentication and encryption. Which of the following meets these requirements?

A.

SIEM

B.

Syslog

C.

NetFlow

D.

SNMPv3

Full Access
Question # 61

A network technician needs to resolve some issues with a customer's SOHO network. The

customer reports that some of the PCs are not connecting to the network, while others

appear to be working as intended.

INSTRUCTIONS

Troubleshoot all the network components.

Review the cable test results first, then diagnose by clicking on the appropriate PC,

server, and Layer 2 switch.

Identify any components with a problem and recommend a solution to correct each

problem.

If at any time you would like to bring back

the initial state of the simulation, please

click the Reset All button.

Full Access
Question # 62

A network administrator is connecting two Layer 2 switches in a network. These switches must transfer data in multiple networks. Which of the following would fulfill this requirement?

A.

Jumbo frames

B.

802.1Q tagging

C.

Native VLAN

D.

Link aggregation

Full Access
Question # 63

A network administrator is configuring a network for a new site that will have 150 users. Within the next year, the site is expected to grow by ten users. Each user will have two IP addresses, one for a computer and one for a phone connected to the network. Which of the following classful IPv4 address ranges will be best-suited for the network?

A.

Class D

B.

Class B

C.

Class A

D.

Class C

Full Access
Question # 64

A network administrator has been tasked with configuring a network for a new corporate office. The office consists of two buildings, separated by 50 feet with no physical connectivity. The configuration must meet the following requirements:

. Devices in both buildings should be

able to access the Internet.

. Security insists that all Internet traffic

be inspected before entering the

network.

. Desktops should not see traffic

destined for other devices.

INSTRUCTIONS

Select the appropriate network device for each location. If applicable, click on the magnifying glass next to any device which may require configuration updates and make any necessary changes.

Not all devices will be used, but all locations should be filled.

If at any time you would like to bring back the initial state of the simulation, please

click the Reset All button.

Full Access
Question # 65

Which of the following steps of the troubleshooting methodology should a technician take to confirm a theory?

A.

Duplicate the problem.

B.

Identify the symptoms.

C.

Gather information.

D.

Determine any changes.

Full Access
Question # 66

Which of the following is most likely responsible for the security and handling of personal data in Europe?

A.

GDPR

B.

SCADA

C.

SAML

D.

PCI DSS

Full Access
Question # 67

An organization wants to ensure that incoming emails were sent from a trusted source. Which of the following DNS records is used to verify the source?

A.

TXT

B.

AAAA

C.

CNAME

D.

MX

Full Access
Question # 68

Anetwork administratoris reviewing aproduction web serverand observes the following output from thenetstatcommand:

Which of the followingactionsshould thenetwork administratortake toharden the securityof the web server?

A.

Disable the unused ports.

B.

Enforce access control lists.

C.

Perform content filtering.

D.

Set up a screened subnet.

Full Access
Question # 69

A network architect is implementing an off-premises computing facility and needs to ensure that operations will not be impacted by major outages. Which of the following should the architect consider?

A.

Hot site

B.

DCI

C.

Direct Connect

D.

Active-passive approach

Full Access
Question # 70

A systems administrator is investigating why users cannot reach a Linux web server with a browser but can ping the server IP. The server is online, the web server process is running, and the link to the switch is up. Which of the following commands should the administrator run on the server first?

A.

traceroute

B.

netstat

C.

tcpdump

D.

arp

Full Access
Question # 71

Which of the following requires network devices to be managed using a different set of IP addresses?

A.

Console

B.

Split tunnel

C.

Jump box

D.

Out of band

Full Access
Question # 72

Which of the following connectors provides console access to a switch?

A.

ST

B.

RJ45

C.

BNC

D.

SFP

Full Access
Question # 73

An administrator is configuring a switch that will be placed in an area of the office that is accessible to customers. Which of the following is the best way for the administrator to mitigate unknown devices from connecting to the network?

A.

SSE

B.

ACL

C.

Perimeter network

D.

802.1x

Full Access
Question # 74

Which of the following steps in the troubleshooting methodology includes checking logs for recent changes?

A.

Identify the problem.

B.

Document the findings and outcomes.

C.

Test the theory to determine cause.

D.

Establish a plan of action.

Full Access
Question # 75

A user's VoIP phone and workstation are connected through an inline cable. The user reports that the VoIP phone intermittently reboots, but the workstation is not having any network-related issues Which of the following is the most likely cause?

A.

The PoE power budget is exceeded.

B.

Port security is violated.

C.

The signal is degraded

D.

The Ethernet cable is not working

Full Access
Question # 76

A network technician needs to resolve some issues with a customer's SOHO network.

The customer reports that some of the devices are not connecting to the network, while others appear to work as intended.

INSTRUCTIONS

Troubleshoot all the network components and review the cable test results by Clicking on each device and cable.

Diagnose the appropriate component(s) by identifying any components with a problem and recommend a solution to correct each problem.

Cable Test Results:

Cable 1:

Cable 2:

Cable 3:

Cable 4:

Full Access
Question # 77

A network administrator is configuring a wireless network with an ESSID. Which of the following is a user benefit of ESSID compared to SSID?

A.

Stronger wireless connection

B.

Roaming between access points

C.

Advanced security

D.

Increased throughput

Full Access
Question # 78

A university is implementing anew campus wireless network. A network administrator needs to configure the network tosupport a large number of devicesandhigh-bandwidth demandsfrom students.

Which of the followingwireless technologiesshould the administrator consider for this scenario?

A.

Bluetooth

B.

Wi-Fi 6E

C.

5G

D.

LTE

Full Access
Question # 79

Which of the following is the next step to take after successfully testing a root cause theory?

A.

Determine resolution steps.

B.

Duplicate the problem in a lab.

C.

Present the theory for approval.

D.

Implement the solution to the problem.

Full Access
Question # 80

While troubleshooting a VoIP handset connection, a technician's laptop is able to successfully connect to network resources using the same port. The technician needs to identify the port on the switch. Which of the following should the technician use to determine the switch and port?

A.

LLDP

B.

IKE

C.

VLAN

D.

netstat

Full Access
Question # 81

A network administrator is configuring a network for a new site that will have 150 users. Within the next year, the site is expected to grow by ten users. Each user will have two IP addresses (one for a computer and one for a phone). Which of the following classful IPv4 address ranges will be best-suited for the network?

A.

Class D

B.

Class B

C.

Class A

D.

Class C

Full Access