The Secret Of CompTIA N10-009 Test Question

NEW QUESTION 1

A network engineer configured new firewalls with the correct configuration to be deployed to each remote branch. Unneeded services were disabled, and all firewall rules were applied successfully. Which of the following should the network engineer perform NEXT to ensure all the firewalls are hardened successfully?

• A. Ensure an implicit permit rule is enabled
• B. Configure the log settings on the firewalls to the central syslog server
• C. Update the firewalls with current firmware and software
• D. Use the same complex passwords on all firewalls

Answer: C

Explanation:
Updating the firewalls with current firmware and software is an important step to ensure all the firewalls are hardened successfully, as it can fix any known vulnerabilities or bugs and provide new features or enhancements. Enabling an implicit permit rule is not a good practice for firewall hardening, as it can allow unwanted traffic to pass through the firewall. Configuring the log settings on the firewalls to the central syslog server is a good practice for monitoring and auditing purposes, but it does not harden the firewalls themselves. Using the same complex passwords on all firewalls is not a good practice for password security, as it can increase the risk of compromise if one firewall is breached. References: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number: N10-006), Domain 3.0 Network Security, Objective 3.3 Given a scenario, implement network hardening techniques.

NEW QUESTION 2

Which of the following protocols uses Dijkstra’s algorithm to calculate the LOWEST cost between routers?

• A. RIP
• B. OSPF
• C. BGP
• D. EIGRP

Answer: B

Explanation:
OSPF stands for Open Shortest Path First and is a link-state routing protocol that uses Dijkstra’s algorithm to calculate the lowest cost between routers. OSPF assigns a cost value to each link based on factors such as bandwidth, delay, or reliability, and builds a map of the network topology. OSPF then uses Dijkstra’s algorithm to find the shortest path from each router to every other router in the network1. RIP stands for Routing Information Protocol and is a distance-vector routing protocol that uses hop count as the metric to find the best path. BGP stands for Border Gateway Protocol and is a path-vector routing protocol that uses attributes such as AS path, local preference, or origin to select the best route. EIGRP stands for Enhanced Interior Gateway Routing Protocol and is a hybrid routing protocol that uses a composite metric based on bandwidth, delay, load, and reliability.
References: 1 Dijkstra’s algorithm - Wikipedia (https://en.wikipedia.org/wiki/Dijkstra%27s_algorithm)

NEW QUESTION 3

Which of the following bandwidth management techniques uses buffers al the client side to prevent TCP retransmissions from occurring when the ISP starts to drop packets of specific types that exceed the agreed traffic rate?

• A. Traffic shaping
• B. Traffic policing
• C. Traffic marking
• D. Traffic prioritization

Answer: D

NEW QUESTION 4

An attacker is attempting to find the password to a network by inputting common words and phrases in plaintext to the password prompt. Which of the following attack types BEST describes this action?

• A. Pass-the-hash attack
• B. Rainbow table attack
• C. Brute-force attack
• D. Dictionary attack

Answer: D

Explanation:
The attacker attempting to find the password to a network by inputting common words and phrases in plaintext to the password prompt is using a dictionary attack. References: CompTIA Network+ Certification Study Guide, Chapter 6: Network Attacks and Mitigation.

NEW QUESTION 5

Which of the following attacks encrypts user data and requires a proper backup implementation to recover?

• A. DDoS
• B. Phishing
• C. Ransomware
• D. MAC spoofing

Answer: C

Explanation:
Ransomware is a type of malware that encrypts user data and demands a ransom for its decryption. Ransomware can prevent users from accessing their files and applications, and cause data loss or corruption. A proper backup implementation is essential to recover from a ransomware attack, as it can help restore the encrypted data without paying the ransom or relying on the attackers’ decryption key. References: https://www.comptia.org/blog/what-is-ransomware

NEW QUESTION 6

A network administrator is implementing OSPF on all of a company’s network devices. Which of the following will MOST likely replace all the company’s hubs?

• A. A Layer 3 switch
• B. A proxy server
• C. A NGFW
• D. A WLAN controller

Answer: A

Explanation:
A Layer 3 switch will likely replace all the company's hubs when implementing OSPF on all of its network devices. A Layer 3 switch combines the functionality of a traditional Layer 2 switch with the routing capabilities of a router. By implementing OSPF on a Layer 3 switch, an organization can improve network performance and reduce the risk of network congestion. References: Network+ Certification Study Guide, Chapter 5: Network Security

NEW QUESTION 7

A systems administrator wants to use the least amount of equipment to segment two departments that nave cables terminating in the same room. Which of the following would allow this to occur?

• A. A load balancer
• B. A proxy server
• C. A Layer 3 switch
• D. A hub
• E. A Layer 7 firewall
• F. The RSSI was not strong enough on the link

Answer: D

NEW QUESTION 8

Which of the following can be used to limit the ability of devices to perform only HTTPS connections to an internet update server without exposing the devices to the public internet?

• A. Allow connections only to an internal proxy server.
• B. Deploy an IDS system and place it in line with the traffic.
• C. Create a screened network and move the devices to it.
• D. Use a host-based network firewall on each device.

Answer: A

Explanation:
An internal proxy server is a server that acts as an intermediary between internal devices and external servers on the internet. An internal proxy server can be used to limit the ability of devices to perform only HTTPS connections to an internet update server by filtering and forwarding the requests and responses based on predefined rules or policies. An internal proxy server can also prevent the devices from being exposed to the public internet by hiding their IP addresses and providing a layer of security and privacy.

NEW QUESTION 9

A network technician needs to ensure the company's external mail server can pass reverse lookup checks. Which of the following records would the technician MOST likely configure? (Choose Correct option and give explanation directly from CompTIA Network+ Study guide or documents)

• A. PTR
• B. AAAA
• C. SPF
• D. CNAME

Answer: A

Explanation:
A PTR (Pointer) record is used to map an IP address to a domain name, which is necessary for reverse lookup checks. Reverse lookup checks are performed by external mail servers to verify the identity of the sender of the email. By configuring a PTR record, the network technician can ensure that the company's external mail server can pass these checks. According to the CompTIA Network+ Study Guide, "A PTR record is used to map an IP address to a domain name, and it is often used for email authentication."

NEW QUESTION 10

A coffee shop owner hired a network consultant to provide recommendations for installing a new wireless network. The coffee shop customers expect high speeds even when the network is congested. Which of the following standards should the consultant recommend?

• A. 802.11ac
• B. 802.11ax
• C. 802.11g
• D. 802.11n

Answer: B

Explanation:
802.11ax is the latest and most advanced wireless standard, providing higher speeds, lower latency, and more capacity than previous standards. It also supports OFDMA, which allows multiple devices to share a channel and reduce congestion. The other options are older standards that have lower bandwidth, range, and efficiency than 802.11ax. Therefore, 802.11ax is the best option for the coffee shop owner who wants to provide high speeds even when the network is congested.

NEW QUESTION 11

A customer needs six usable IP addresses. Which of the following best meets this requirement?

• A. 255.255.255.128
• B. 255.255.255.192
• C. 255.255.255.224
• D. 255.255.255.240

Answer: C

NEW QUESTION 12

A technician is troubleshooting a wireless connectivity issue in a small office located in a high-rise building. Several APs are mounted in this office. The users report that the network connections frequently disconnect and reconnect throughout the day. Which of the following is the MOST likely cause of this issue?

• A. The AP association time is set too low
• B. EIRP needs to be boosted
• C. Channel overlap is occurring
• D. The RSSI is misreported

Answer: C

Explanation:
Channel overlap is a common cause of wireless connectivity issues, especially in high-density environments where multiple APs are operating on the same or adjacent frequencies. Channel overlap can cause interference, signal degradation, and performance loss for wireless devices. The AP association time, EIRP, and RSSI are not likely to cause frequent disconnects and reconnects for wireless users.

NEW QUESTION 13

A network consultant is installing a new wireless network with the following specifications:
5GHz
1,300Mbps 20/40/80MHz
Which of the following standards should the network consultant use?

• A. 802.11a
• B. 802.11ac
• C. 802.11b
• D. 802.11n

Answer: B

NEW QUESTION 14

Which of the following issues are present with RIPv2? (Select TWO).

• A. Route poisoning
• B. Time to converge
• C. Scalability
• D. Unicast
• E. Adjacent neighbors
• F. Maximum transmission unit

Answer: BC

Explanation:
The disadvantages of RIP (Routing Information Protocol) include the following.
---Outdated, insecure, and slow. This is your parents' protocol. It was a thing before the Web was born.
---The more well-known problem of the 15 hop limitation in which data must travel
---Convergence time is terrible for information propagation in a network
---Metrics. It determines the number of hops from source to destination, and gives no regard to other factors when determining the best path for data to travel
---Overhead. A good example would be routing tables. These are broadcast at half-minute intervals to other routers regardless of whether the data has changed or not. It's essentially like those old cartoons where the town guard in the walled city cries out, '10 o' the clock and all is well!'.
RIPv2 introduced more security and reduced broadcast traffic, which is relevant for some available answers here.

NEW QUESTION 15

Which of the following situations would require an engineer to configure subinterfaces?

• A. In a router-on-a-stick deployment with multiple VLANs
• B. In order to enable inter-VLAN routing on a multilayer switch
• C. When configuring VLAN trunk links between switches
• D. After connecting a router that does not support 802.1Q VLAN tags

Answer: A

Explanation:
A router-on-a-stick is a configuration that allows a single router interface to route traffic between multiple VLANs on a network1. A router-on-a-stick requires sub-interfaces to be configured on the router interface, one for each VLAN. Each sub-interface is assigned a VLAN ID and an IP address that belongs to the corresponding VLAN subnet. The router interface is connected to a switch port that is configured as a trunk port, which allows traffic from multiple VLANs to pass through. The router then performs inter-VLAN routing by forwarding packets between the sub-interfaces based on their destination IP addresses. Inter-VLAN routing is a process that allows devices on different VLANs to communicate with each other. Inter-VLAN routing can be performed by a router-on-a-stick configuration, as explained above, or by a multilayer switch that has routing capabilities. A multilayer switch does not require sub-interfaces to be configured for inter-VLAN routing; instead, it uses switch virtual interfaces (SVIs) that are associated with each VLAN. An SVI is a logical interface that represents a VLAN on a switch and has an IP address that belongs to the VLAN subnet. The switch then performs inter-VLAN routing by forwarding packets between the SVIs based on their destination IP addresses.
VLAN trunking is a method that allows traffic from multiple VLANs to be carried over a single link between switches or routers. VLAN trunking requires the use of a tagging protocol, such as 802.1Q, that adds a header to each frame that identifies its VLAN ID. VLAN trunking does not require sub-interfaces to be configured on the switches or routers; instead, it uses trunk ports that are configured to allow or deny traffic from specific VLANs. The switches or routers then forward packets between the trunk ports based on their VLAN IDs.
* 802.1Q is a standard that defines how VLAN tagging and trunking are performed on Ethernet networks.
* 802.1Q adds a 4-byte header to each frame that contains a 12-bit field for the VLAN ID and a 3-bit field for the priority level. 802.1Q does not require sub- interfaces to be configured on the switches or routers; instead, it uses trunk ports that are configured to support 802.1Q tagging and untagging. The switches or routers then forward packets between the trunk ports based on their VLAN IDs and priority levels.

NEW QUESTION 16

At which of the following OSI model layers would a technician find an IP header?

• A. Layer 1
• B. Layer 2
• C. Layer 3
• D. Layer 4

Answer: C

Explanation:
An IP header can be found at the third layer of the OSI model, also known as the network layer. This layer is responsible for logical addressing, routing, and forwarding of data packets.
References:
✑ CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 2: Network Models, p. 82

NEW QUESTION 17

A network administrator is looking for a solution to extend Layer 2 capabilities and replicate backups between sites. Which of the following is the best solution?

• A. Security Service Edge
• B. Data center interconnect
• C. Infrastructure as code
• D. Zero trust architecture

Answer: B

Explanation:
Data center interconnect (DCI) is a solution that allows Layer 2 connectivity and data replication between geographically dispersed data centers. DCI can be implemented using various technologies, such as optical networks, MPLS, VPNs, or Ethernet. DCI can provide benefits such as improved disaster recovery, load balancing, resource pooling, and cloud services.
References:
✑ Data Center Interconnect - CompTIA Network+ N10-008 Domain 1.4 - YouTube1
✑ CompTIA Network+ Certification Exam Objectives, page 92

NEW QUESTION 18

A corporation has a critical system that would cause unrecoverable damage to the brand if it was taken offline. Which of the following disaster recovery solutions should the corporation implement?

• A. Full backups
• B. Load balancing
• C. Hot site
• D. Snapshots

Answer: C

Explanation:
A hot site is the disaster recovery solution that the corporation should implement for its critical system that would cause unrecoverable damage to the brand if it was taken offline. A hot site is a fully operational backup site that can take over the primary site’s functions in case of a disaster or disruption. A hot site has all the necessary hardware, software, data, network connections, and personnel to resume normal operations with minimal downtime. A hot site is suitable for systems that require high availability and cannot afford any data loss or interruption. References: https://www.enterprisestorageforum.com/management/disaster-recovery-site/ 1

NEW QUESTION 19

Which of the following network cables involves bouncing light off of protective cladding?

• A. Twinaxial
• B. Coaxial
• C. Single-mode
• D. Multimode

Answer: D

Explanation:
Multimode fiber optic cables use multiple paths of light that bounce off the cladding, which is a layer of glass or plastic that surrounds the core of the cable. https://www.explainthatstuff.com/fiberoptics.html

NEW QUESTION 20

Which of the following technologies allows traffic to be sent through two different ISPs to increase performance?

• A. Fault tolerance
• B. Quality of service
• C. Load balancing
• D. Port aggregation

Answer: C

Explanation:
Load balancing is a technology that allows traffic to be sent through two different ISPs to increase performance. Load balancing is a process of distributing network traffic across multiple servers or links to optimize resource utilization, throughput, latency, and reliability. Load balancing can be implemented at different layers of the OSI model, such as layer 4 (transport) or layer 7 (application). Load balancing can also be used for outbound traffic by using multiple ISPs and routing protocols such as BGP (Border Gateway Protocol) to select the best path for each packet. References: https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/border-gateway-protocol-bgp/prod_white_paper0900aecd806c4eeb.html

NEW QUESTION 21
......