The Secret Of CompTIA N10-009 Preparation Labs

NEW QUESTION 1

A small, family-run business uses a single SOHO router to provide Internet and WiFi to its
employees At the start of a new week, employees come in and find their usual WiFi network is no longer available, and there is a new wireless network to which they cannot connect. Given that information, which of the following should have been done to avoid this situation'

• A. The device firmware should have been kept current.
• B. Unsecure protocols should have been disabled.
• C. Parental controls should have been enabled
• D. The default credentials should have been changed

Answer: D

Explanation:
The default credentials are the username and password that come with a device or service when it is first installed or configured. They are often easy to guess or find online, which makes them vulnerable to unauthorized access or attacks. The default credentials should be changed to something unique and strong as soon as possible to avoid this situation. If the default credentials were not changed, someone could have accessed the SOHO router and changed the WiFi settings without the employees’ knowledge. References: https://www.comptia.org/blog/network-security-basics-6-easy- ways-to-protect-your-network

NEW QUESTION 2

To comply with an industry regulation, all communication destined to a secure server should be logged and archived on a storage device. Which of the Mowing can be configured to fulfill this requirement?

• A. QoS traffic classification
• B. Port mirroring
• C. Flow control
• D. Link Aggregation Control Protocol

Answer: B

NEW QUESTION 3

Which of the following systems would MOST likely be found in a screened subnet?

• A. RADIUS
• B. FTP
• C. SQL
• D. LDAP

Answer: B

Explanation:
FTP (File Transfer Protocol) is a system that would most likely be found in a screened subnet. A screened subnet, or triple-homed firewall, is a network architecture where a single firewall is used with three network interfaces. It provides additional protection from outside cyber attacks by adding a perimeter network to isolate or separate the internal network from the public-facing internet1. A screened subnet typically hosts systems that need to be accessed by both internal and external users, such as web servers, email servers, or FTP servers. References: https://www.techtarget.com/searchsecurity/definition/screened- subnet#:~:text=A%20screened%20subnet%2C%20or%20triple-homed%20firewall%2C%20refers%20to,a%20perimeter%20network%20to%20isolate%20 or%20separate%20the 1

NEW QUESTION 4

Which of the following devices would be used to extend the range of a wireless network?

• A. A repeater
• B. A media converter
• C. A router
• D. A switch

Answer: A

Explanation:
A repeater is a device used to extend the range of a wireless network by receiving, amplifying, and retransmitting wireless signals. It is typically used to extend the range of a wireless network in a large area, such as an office building or a campus. Repeaters can also be used to connect multiple wireless networks together, allowing users to move seamlessly between networks. As stated in the CompTIA Network+ Study Manual, "a wireless repeater is used to extend the range of a wireless network by repeating the signal from one access point to another."

NEW QUESTION 5

A network engineer configured new firewalls with the correct configuration to be deployed to each remote branch. Unneeded services were disabled, and all firewall rules were applied successfully. Which of the following should the network engineer perform NEXT to ensure all the firewalls are hardened successfully?

• A. Ensure an implicit permit rule is enabled
• B. Configure the log settings on the firewalls to the central syslog server
• C. Update the firewalls with current firmware and software
• D. Use the same complex passwords on all firewalls

Answer: C

Explanation:
Updating the firewalls with current firmware and software is an important step to ensure all the firewalls are hardened successfully, as it can fix any known vulnerabilities or bugs and provide new features or enhancements. Enabling an implicit permit rule is not a good practice for firewall hardening, as it can allow unwanted traffic to pass through the firewall. Configuring the log settings on the firewalls to the central syslog server is a good practice for monitoring and auditing purposes, but it does not harden the firewalls themselves. Using the same complex passwords on all firewalls is not a good practice for password security, as it can increase the risk of compromise if one firewall is breached. References: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number: N10-006), Domain 3.0 Network Security, Objective 3.3 Given a scenario, implement network hardening techniques.

NEW QUESTION 6

A server application requires large amounts of data to be sent at a consistent rate. Which of the following should an engineer most likely configure to meet these requirements?

• A. Link speed
• B. Jumbo frames
• C. Switch Virtual Interface
• D. Spanning tree

Answer: B

Explanation:
Jumbo frames are Ethernet frames that have a payload size greater than the standard 1500 bytes. Jumbo frames can carry more data in each frame, which reduces the overhead and improves the throughput and efficiency of data transmission. Jumbo frames are commonly used in storage area networks (SANs), where large amounts of data need to be transferred between servers and storage devices

NEW QUESTION 7

Which of the following network types is composed of computers that can all communicate with one another with equal permissions and allows users to directly share what is on or
attached to their computers?

• A. Local area network
• B. Peer-to-peer network
• C. Client-server network
• D. Personal area network

Answer: B

Explanation:
A peer-to-peer network is a type of network in which each computer (or node) can communicate directly with any other node, without requiring a central server or authority. Each node can act as both a client and a server, and can share its own resources, such as files, printers, or internet connection, with other nodes. A peer-to-peer network allows users to directly access and exchange what is on or attached to their computers, with equal permissions and responsibilities

NEW QUESTION 8

Which of the following can be used to decrease latency during periods of high utilization of a firewall?

• A. Hot site
• B. NIC teaming
• C. HA pair
• D. VRRP

Answer: B

Explanation:
NIC Teaming, also known as load balancing and failover (LBFO), allows multiple network adapters on a computer to be placed into a team for the following purposes:
(https://www.bing.com/search?q=what+is+nic+teaming+used+for%3F&form=QBLH&sp=- 1&pq=what+is+nic+teaming+used+for&sc=10- 28&qs=n&sk=&cvid=13882A9A9B584D8099F4ABCAD034E821&ghsh=0&ghacc=0&ghpl=)

NEW QUESTION 9

Which of the following authentication protocols should be used when securing a basic wireless network? (Select two).

• A. WPA2
• B. RDP
• C. WPA
• D. SSL
• E. SNMP
• F. EAP

Answer: AF

Explanation:
WPA2 and EAP are two authentication protocols that can be used to secure a basic wireless network. WPA2 stands for Wi-Fi Protected Access 2 and it is a security standard that provides strong encryption and authentication for wireless networks. WPA2 supports two modes: personal and enterprise. In personal mode, WPA2 uses a pre-shared key (PSK) that is shared among all wireless devices. In enterprise mode, WPA2 uses an authentication server, such as a RADIUS server, to verify the identity of each wireless device. EAP stands for Extensible Authentication Protocol and it is a framework that allows different methods of authentication to be used over wireless networks. EAP works with WPA2 enterprise mode to provide more flexibility and security for wireless authentication. EAP supports various methods, such as EAP-TLS, EAP-FAST, PEAP, and LEAP, that use certificates, passwords, or tokens to authenticate wireless devices.

NEW QUESTION 10

Which of the following uses the destination IP address to forward packets?

• A. A bridge
• B. A Layer 2 switch
• C. A router
• D. A repeater

Answer: C

Explanation:
A router is a device that uses the destination IP address to forward packets between different networks. A bridge and a Layer 2 switch operate at the data link layer and use MAC addresses to forward frames within the same network. A repeater is a device that amplifies or regenerates signals at the physical layer.

NEW QUESTION 11

Which of the following is the NEXT step to perform network troubleshooting after identifying an issue?

• A. Implement a solution.
• B. Establish a theory.
• C. Escalate the issue.
• D. Document the findings.

Answer: B

Explanation:
1 Identify the Problem.
2 Develop a Theory. 3 Test the Theory.
4 Plan of Action.
5 Implement the Solution.
6 Verify System Functionality.
7 Document the Issue.

NEW QUESTION 12

A network technician is investigating an issue with a desktop that is not connecting to the network. The desktop was connecting successfully the previous day, and no changes were made to the environment. The technician locates the switchport where the device is connected and observes the LED status light on the switchport is not lit even though the desktop is turned on Other devices that arc plugged into the switch are connecting to the network successfully Which of the following is MOST likely the cause of the desktop not connecting?

• A. Transceiver mismatch
• B. VLAN mismatch
• C. Port security
• D. Damaged cable
• E. Duplex mismatch

Answer: D

Explanation:
A damaged cable is most likely the cause of the desktop not connecting to the network. A damaged cable can cause physical layer issues such as loss of signal, attenuation, interference, or crosstalk. These issues can prevent the desktop from establishing a link with the switch and result in the LED status light on the switchport being off. Other possible causes of physical layer issues are faulty connectors, ports, or transceivers. References: https://www.cisco.com/c/en/us/support/docs/lan- switching/ethernet/14119-37.html

NEW QUESTION 13

A network administrator is adding a new switch to the network. Which of the following network hardening techniques would be BEST to use once the switch is in production?

• A. Disable unneeded ports
• B. Disable SSH service
• C. Disable MAC filtering
• D. Disable port security

Answer: A

NEW QUESTION 14

A cafeteria is lacing lawsuits related to criminal internet access that was made over its guest network. The marketing team, however, insists on keeping the cafeteria phone number as the wireless passphrase. Which of the following actions would Improve wireless security while accommodating the marketing team and accepting the terms of use?

• A. Setting WLAN security to use EAP-TLS
• B. Deploying a captive portal tor user authentication
• C. Using geofencing to limit the area covered by the WLAN
• D. Configuring guest network isolation

Answer: B

Explanation:
A captive portal is a web page that is presented to a user before they are allowed to access a network. It is used to authenticate users and to ensure that all users have accepted the terms of use for the network. By deploying a captive portal, the cafeteria can require users to enter their phone number as the passphrase, while still providing an additional layer of security. Reference: CompTIA Network+ Study Guide, 8th Edition, page 182.

NEW QUESTION 15

Which of the following would be used to forward requests and replies between a DHCP server and client?

• A. Relay
• B. Lease
• C. Scope
• D. Range

Answer: B

NEW QUESTION 16

Which of the following protocols should be used when Layer 3 availability is of the highest concern?

• A. LACP
• B. LDAP
• C. FHRP
• D. DHCP

Answer: C

Explanation:
FHRP stands for First Hop Redundancy Protocol, which is a group of protocols that allow routers or switches to provide backup or failover for the default gateway in a network. FHRP ensures that the network traffic can reach its destination even if the primary gateway fails or becomes unavailable. Some examples of FHRP protocols are HSRP, VRRP, and GLBP.
References
✑ 1: CompTIA Network+ N10-008 Exam Subnetting Quiz, question 18
✑ 2: CompTIA Network+ N10-008 Certification Practice Test, question 9
✑ 3: CompTIA Network+ Study Guide: Exam N10-008, 5th Edition, page 263
✑ 4: CompTIA Network+ (N10-008) Practice Exam w/PBQ & Solution, question 5
✑ 5: What’s on the CompTIA Network+ 008 certification? | CompTIA, section 3.1

NEW QUESTION 17

After the A record of a public website was updated, some visitors were unable to access the website. Which of the following should be adjusted to address the issue?

• A. TTL
• B. MX
• C. TXT
• D. SOA

Answer: A

Explanation:
TTL (Time To Live) should be adjusted to address the issue of some visitors being unable to access the website after the A record was updated. TTL is a value that specifies how long a DNS record should be cached by DNS servers and clients before it expires and needs to be refreshed. If the TTL is too high, some DNS servers and clients may still use the old A record that points to the previous IP address of the website, resulting in connection failures. By lowering the TTL, the DNS servers and clients will update their cache more frequently and use the new A record that points to the current IP address of the website. References: https://www.cloudflare.com/learning/dns/dns-records/dns-ttl/

NEW QUESTION 18

Which of the following would be BEST suited for a long cable run with a 40Gbps bandwidth?

• A. Cat 5e
• B. Cat 6a
• C. Cat 7
• D. Cat 8

Answer: C

Explanation:
Cat 7 is a type of twisted-pair copper cable that supports up to 40 Gbps bandwidth and up to 100 meters cable length. Cat 7 is suitable for long cable runs that require high-speed data transmission. Cat 7 has better shielding and crosstalk prevention than lower categories of cables.
References: Network+ Study Guide Objective 1.5: Compare and contrast network cabling types, features and their purposes.

NEW QUESTION 19

A network administrator is downloading a large patch that will be uploaded to several enterprise switches simultaneously during the day's upgrade cycle. Which of the following should the administrator do to help ensure the upgrade process will be less likely to cause problems with the switches?

• A. Confirm the patch's MD5 hash prior to the upgrade
• B. Schedule the switches to reboot after an appropriate amount of time.
• C. Download each switch's current configuration before the upgrade
• D. Utilize FTP rather than TFTP to upload the patch

Answer: A

Explanation:
The network administrator should confirm the patch’s MD5 hash prior to the upgrade to help ensure the upgrade process will be less likely to cause problems with the switches. MD5 (Message Digest 5) is a cryptographic hash function that produces a 128-bit hash value for any given input. It can be used to verify the integrity and authenticity of a file by comparing its hash value with a known or expected value. If the hash values match, it means that the file has not been corrupted or tampered with during transmission or storage. If the hash values do not match, it means that the file may be damaged or malicious and should not be used for the upgrade. References: https://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/15292-scp.html

NEW QUESTION 20

An engineer is configuring redundant network links between switches. Which of the following should the engineer enable to prevent network stability issues?

• A. 802.1Q
• B. STP
• C. Flow control
• D. CSMA/CD

Answer: B

Explanation:
Spanning Tree Protocol (STP) should be enabled when configuring redundant network links between switches. STP ensures that only one active path is used at a time, preventing network loops and stability issues.
References:
✑ CompTIA Network+ Certification Study Guide

NEW QUESTION 21
......