Practice : CompTIA Network+ (N10-007)

A technician is connecting a NAS device to an Ethernet network. What technology will be used to encapsulate the frames?

Options are :

  • Fibre channel
  • iSCSI (Correct)

Answer : iSCSI

Explanation A NAS or a SAN will use either iSCSI or Fiber Channel. In this question, the NAS is connected to an Ethernet network. Therefore, iSCSI will most likely be used (Fiber Channel over Ethernet(FCoE) can be used but is less common).

A technician is installing a media converter that connects a newly-installed multimode connection to an existing CAT5e infrastructure. What media converter type should the technician use?

Options are :

  • Ethernet to coaxial
  • Fiber to Ethernet (Correct)
  • Fiber to coaxial
  • Multimode to single mode fiber

Answer : Fiber to Ethernet

Explanation A media converter changes one network connection type to another. In this case, we are converting multimode (fiber) to CAT5e (ethernet).

A network administrator received the following email from a user: 

Subject: Free smart phone

Dear user,
Please click the following link to get your free smart phone (

What should the administrator do to prevent all the employees from accessing the link in the email above, while still allowing them access to the domain

Options are :

  • Add to the browser's group policy block list. (Correct)
  • Add DENY TCP ANY EQ 8080 to the firewall ACL
  • Add DENY IP ANY ANY EQ 8080 to the intrusion detection system filter
  • Add to the load balancer

Answer : Add to the browser's group policy block list.

Explanation By adding the URL of the website to the browser's group policy block list (or black hole list), the specific site will be blocked from being accessed by the employees. If you used DENY TCP to the firewall ACL, you would block all access to the domain, blocking legitimate traffic as well as the possible malicious activity.

What protocol is designed to avoid loops on a Layer 2 network?

Options are :

  • OSPF
  • RIPv2
  • 802.1q
  • 802.1d (Correct)

Answer : 802.1d

Explanation The Spanning Tree Protocol is part of the 802.1d standard and avoids loops in the switching network (layer 2).

Barbara, an employee, has properly connected her personal wireless router to a network jack inside her office. The router is unable to get a DHCP address even though her corporate laptop can get a DHCP address when connected to the same jack. Barbara checked the router's configuration to ensure it is setup to obtain a DHCP address. Why is the router likely not getting a DHCP address?

Options are :

  • The administrator has enabled DHCP snooping on the network
  • The administrator is blocking DHCP requests that originate from access points
  • The administrator is blocking the wireless router's MAC address using MAC filtering
  • The Administrator has implemented a feature that only allows white-listed MAC addresses (Correct)

Answer : The Administrator has implemented a feature that only allows white-listed MAC addresses

Explanation White-listing specific MAC addresses is a security measure implemented by the administrator in order to grant access to a specific user only. It avoids a person with malicious intention to access the corporate network. Since the router has a different MAC address, it is being blocked from connecting to the wired network.

A technician suspects that the email system is slow due to excessive incoming SPAM. What should the technician do FIRST according to the troubleshooting methodology?

Options are :

  • Verify full system functionality
  • Block incoming email
  • Establish a plan of action
  • Gather information (Correct)

Answer : Gather information

Explanation After identifying the problem, the next step is to gather information. This can be from various sources such as (but not limited to) users, logs and IP addresses. After information has been gathered, the technician should establish a plan of action to resolve the issue.

A network administrator needs to install a border device on the network that will help ensure FTP commands are not being sent in traffic communicating on port 25. What device will allow for deep packet inspection?

Options are :

  • Layer 7 firewall (Correct)
  • Web proxy
  • Layer 3 switch
  • Protocol analyzer

Answer : Layer 7 firewall

Explanation Layer 7 firewalls are application-filtering firewalls. FTP traffic does not usually travel over port 25, and should travel over port 21.

There are two switches connected using both a CAT6 cable and a CAT5e cable. What problem may be occurring?

Options are :

  • Missing route
  • Autosensing ports
  • Improper cable types
  • Switching loop (Correct)

Answer : Switching loop

Explanation A switching loop is when there is more than one Layer 2 path between two endpoints. This can be prevented by using the STP (Spanning Tree Protocol).

A T1 line has lost connectivity to the ISP. The ISP has instructed the technician to place a loopback on a device connecting the T1 line to their central office. On which device will the technician implement the loopback?

Options are :

  • Channel remote module
  • Fiber optic modem
  • Channel service unit (Correct)
  • Digital subscriber line modem

Answer : Channel service unit

Explanation The CSU/DSU terminates a T1 line at the customer's site. Therefore, the CSU (Channel Service Unit) should have the loopback plug attached to test the connection.

An Amplitude Modulation (AM) radio station may have a detrimental effect on which service?

Options are :

  • DOCSIS (Correct)
  • Frame relay
  • Metro-Ethernet

Answer : DOCSIS

Explanation DOCSIS is how cable modems operate by sending radio frequency waves over coaxial cables. AM frequencies can interfere with DOCSIS. The other answers all rely on networks, such as fiber, which are immune to radio frequency interference.

What physical device provides the BEST security to a datacenter?

Options are :

  • Cipher lock
  • Thumbprint reader
  • Video monitoring
  • Mantrap (Correct)
  • Key pad

Answer : Mantrap

Explanation A mantrap allows you to enter one door and wait for it to close before entering another door. Video monitoring is a passive security feature while the thumbprint reader can be “tricked�.

Several users at an adjacent office building report connectivity issues after a new building was built in-between the two offices. The network technician has determined the adjacent office building is connected to the main office building via an 802.11ac bridge. The network technician logs into the AP and confirms the SSID, encryption, and channels are all correct. What is MOST likely the cause of this issue? 

Options are :

  • Device saturation
  • Antenna type
  • Bandwidth saturation
  • Interference (Correct)

Answer : Interference

Explanation The most likely reason is interference from the new building being placed between the signal path. By process of elimination: Device saturation involves too many devices with too few sources, antenna type restricts the direction for the data to travel and the bandwidth saturation occurs if too many devices are on one WAN link.

A user is receiving certificate errors in other languages in their web browser when trying to access the company's main intranet site. What is MOST likely the cause?

Options are :

  • DoS
  • Reflective DNS
  • Man-in-the-middle (Correct)
  • ARP poisoning

Answer : Man-in-the-middle

Explanation A man-in-the-middle attack is a general term for when a perpetrator positions himself in a conversation between a user and an application, either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is occurring.

A malicious user is blocking mobile devices from connecting to the Internet when other people are in the coffee shop. What is the malicious user implementing?

Options are :

  • Removing the AP from the classroom
  • ACL
  • Jamming (Correct)
  • Firewall
  • IPS

Answer : Jamming

Explanation Jamming is one of the many exploits used to compromise a wireless environment. It works by denying service to authorized users as legitimate traffic is jammed by the overwhelming frequencies of illegitimate traffic.

The network administrator noticed that the border router is having high network capacity loading during non-working hours. This load is causing web services outages. What is MOST likely the cause?

Options are :

  • Evil twin
  • Session hijacking
  • Distributed DoS (Correct)
  • ARP cache poisoning

Answer : Distributed DoS

Explanation Distributed Denial of Service (DDoS) is when a computer or multiple computers are compromised due to a network breach or virus attack. This kind of attack can impact the network and cause outages or slowness, if your workstation is affected and acting as part of a botnet.

While implementing wireless access points into the network, one building is having connectivity issues due to light fixtures being replaced in the ceiling, while all other buildings' connectivity is performing as expected. What should be changed on the access point for the building with connection issues?

Options are :

  • UTP patch cables
  • Antenna (Correct)
  • Power adapter
  • Security standard

Answer : Antenna

Explanation Since only one building is having the issue, it is likely an issue with the antenna having radio frequency interference.

A technician wants to update the organization's disaster recovery plans. What would allow network devices to be replaced quickly in the event of a device failure?

Options are :

  • Vendor documentation
  • Archives/backups (Correct)
  • Proper asset tagging and labeling
  • Network Baseline

Answer : Archives/backups

Explanation Having backups of the server data would allow for a quick recovery in the event of a device failure.

What type of equipment should be used for telecommunications equipment and have an open design?

Options are :

  • 2/4 post racks (Correct)
  • Rail racks
  • Vertical frame
  • Ladder racks

Answer : 2/4 post racks

Explanation The 2/4 post racks are open framed which are most common with telecommunication equipment.

QoS operates at which of the following OSI model layers?

Options are :

  • Layer 1
  • Layer 3 (Correct)
  • Layer 5
  • Layer 7

Answer : Layer 3

Explanation QoS occurs at both Layer 2 and Layer 3 of the OSI Model.

A network technician is selecting the best way to protect a branch office from as many different threats from the Internet as possible using a single device. What should meet the objective?

Options are :

  • Configure a network-based firewall
  • Configure a firewall with UTM (Correct)
  • Configure a host-based firewall
  • Configure a host-based intrusion detection system

Answer : Configure a firewall with UTM

Explanation Since this is a branch office and you want to protect yourself from as many threats as possible, using a Unified Threat Management firewall would be best. It will protect you from the most things using a single device. A network-based firewall protects everything on the other side of the Internet (your network). Host-based firewalls are great too but the network-based firewall is configured once to protect all devices.

After an employee connected one of the switch ports on a SOHO router to the wall jack in the office, other employees in the building started losing network connectivity. What could be implemented on the company’s switch to prevent this type of loss of connection?

Options are :

  • Loop prevention (Correct)
  • ARP inspections
  • DHCP snooping
  • MAC address filtering

Answer : Loop prevention

Explanation It appears the connection of the SOHO router to the company network has caused a loop in the network, causing the loss of connectivity to other users. If the company network implements a loop prevention mechanism, such as Spanning Tree Protocol (STP), this will prevent a loop from occurring.

A company is experiencing accessibility issues reaching services on a cloud-based system. What monitoring tools should be used to locate possible outages?

Options are :

  • Network analyzer (Correct)
  • Packet analyzer
  • Protocol analyzer
  • Network sniffer

Answer : Network analyzer

Explanation A network analyzer is a useful tool, helping you do things like track traffic and malicious usage on the network. A software tool like Wireshark is a network analyzer and protocol analyzer.

A technician has been given a list of requirements for a LAN in an older building using CAT6 cabling. What environmental conditions should be considered when deciding whether or not to use plenum-rated cables?

Options are :

  • Workstation models
  • Window placement
  • Floor composition
  • Ceiling airflow condition (Correct)

Answer : Ceiling airflow condition

Explanation In a large building, the ‘plenum’ is the space between floors used to circulate air through the building. This space is also an ideal place to run computer network cabling. However, in the event of fire in the building, the network cables can be very hazardous as they create a noxious gas when burnt.

A network engineer is designing a wireless network that uses multiple access points for complete coverage. What channel selection would result in the LEAST amount of interference between each access point?

Options are :

  • Adjacent access point should be assigned channels 1, 6, and 11 with a 20MHz channel width. (Correct)
  • Adjacent access points should be assigned channels 2, 6, and 10 with a 20MHz channel width.
  • Adjacent access points should be assigned channels 7 and 11 with a 40MHz channel width.
  • Adjacent access points should be assigned channels 8 and 11 with a 40MHz channel width

Answer : Adjacent access point should be assigned channels 1, 6, and 11 with a 20MHz channel width.

Explanation Because the overlapping signals are from access points that come from unrelated non-overlapping channels, the access points are least likely to interfere with each other. For Wireless B and G networks, you should always use channels 1, 6, and 11.

What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS/TACACS+?

Options are :

  • 802.1q
  • 802.3af
  • PKI
  • 802.1x (Correct)

Answer : 802.1x

Explanation 802.1x is the standard that is used for network authentication with RADIUS and TACACS+.

An offsite backup company involved in an investigation is not recycling outdated tapes. This is MOST likely due to:

Options are :

  • the process of discovery
  • a chain of custody breach
  • a data transport request
  • the notice of a legal hold (Correct)

Answer : the notice of a legal hold

Explanation A legal hold is a process that an organization uses to preserve all forms of relevant information when litigation is reasonably anticipated.

What infrastructure implementation is used to connect various circuits between remote locations?

Options are :

  • WAN (Correct)
  • PAN
  • WLAN
  • LAN

Answer : WAN

Explanation WAN because to connect various circuits between remote locations, a Wide Area is required. Local can only be within a limited small area and even smaller area for PAN.

An outside technician notices that a SOHO employee who is logged into the company VPN has an unexpected source IP address. What is the employee MOST likely using?

Options are :

  • Proxy server (Correct)
  • Least-cost routing
  • IPv6
  • VPN concentrator

Answer : Proxy server

Explanation Proxy servers are just different computers that serve as a hub where Internet requests are processed. When you are connected to a proxy, your computer sends request to that server and then returns your answers to the proxy server before forwarding the data to the requesting computer.

The Chief Information Officer (CIO) wants to improve the security of the company's data. What management control should be implemented to ensure employees are using encryption to transmit any sensitive information over the network?

Options are :

  • Policies (Correct)
  • VPN
  • Standards

Answer : Policies

Explanation Policies are plans that describe the goal of an established procedure (Acceptable use, Physical Security or VPN access), while the standards are the mechanisms implemented to achieve that goal. VPN and HTTPS are examples of standards.

A technician is attempting to resolve an issue with users on the network not being able to access websites. The technician pings the default gateway and DNS servers successfully. Pinging a website by URL is unsuccessful but using a known IP address is successful. What would resolve the issue?

Options are :

  • Update the HOST file with the URLs for all websites
  • Use NSLOOKUP to resolve URLs
  • Ensure ICMP messages can pass through the firewall
  • Enable port 53 on the firewall (Correct)

Answer : Enable port 53 on the firewall

Explanation Port 53 is used by DNS. The DNS Server is used to translate FQDN to IP addresses.

What provides accounting, authorization, and authentication via a centralized privileged database, as well as challenge/response and password encryption?

Options are :

  • Multifactor authentication
  • TACACS+ (Correct)
  • Network access control

Answer : TACACS+

Explanation TACACS+ is an AAA (accounting, authorization, and authentication) protocol to provide AAA services for access to routers, network access points, and other networking devices.

An SQL server needs several terabytes of disk space available to do an uncompressed backup of a database. What device would be the MOST cost efficient to use for this backup?

Options are :

  • iSCSI scan
  • FCoE SAN
  • NAS (Correct)
  • USB flash drive

Answer : NAS

Explanation A NAS is a Network Attached Storage device, typically a bunch of cheap hard disks and usually arranged in a RAID consisting of either SAS (serial attached SCSI) or SATA disks just like the ones in most desktops.

A network technician receives the following alert from a network device:

"High utilizations threshold exceeded on gi1/0/24 : current value 8463257.54"

What is being monitored to trigger the alarm?

Options are :

  • Speed and duplex mismatch
  • Interface link status (Correct)
  • Network device CPU
  • Network device memory

Answer : Interface link status

Explanation This is an error message that indicates that threshold of high utilization of network interface, in this case interface gi1/0/24, has been exceeded. The message has been triggered on the interface link status. (Note: gi1/0 would be a gigabyte interface.)

What is a document that is used in cyber forensics that lists everywhere evidence has been?

Options are :

  • Warrant
  • Legal document
  • Chain of custody (Correct)
  • Forensic report

Answer : Chain of custody

Explanation Chain of custody refers to documentation that identifies all changes in the control, handling, possession, ownership, or custody of a piece of evidence.

A technician has been troubleshooting a network problem, has determined the most likely cause of the issue, and implemented a solution. What is the NEXT step to be taken?

Options are :

  • Document the findings, actions, and outcomes
  • Duplicate the problem if possible
  • Verify system functionality (Correct)
  • Make an archival backup

Answer : Verify system functionality

Explanation Verifying system functionality occurs directly after the implementation of a solution. It is to ensure that your plan of action and your theory did in fact fix the problem. Documenting findings is the final step taken AFTER verifying the system.

After a recent breach, the security technician decides the company needs to analyze and aggregate its security logs. What system should be used?

Options are :

  • Event log
  • Syslog
  • SIEM (Correct)
  • SNMP

Answer : SIEM

Explanation Using a Security information and event management (SIEM) product, the security logs can be analyzed and aggregated. SIEM is a term for software products and services combining security information management (SIM) and security event management (SEM).

Users connecting to an SSID appear to be unable to authenticate to the captive portal. What is the cause of this issue?

Options are :

  • WPA2 security key
  • SSL certificates
  • RADIUS (Correct)

Answer : RADIUS

Explanation Captive portals usually rely on 802.1x, and 802.1x uses RADIUS for authentication.

In the past, a company has experienced several network breaches as a result of actions by their end-users. The company wants to prevent future breaches and tasks the security team to ensure the company's _________________ is up-to-date and enforced by all employees?

Options are :

  • Consent to monitor
  • Data classification document
  • Service level agreement
  • Acceptable use policy (Correct)

Answer : Acceptable use policy

Explanation Acceptable Use Policy is a set of rules or guidelines applied by the security team, which restricts ways on how a network can be used by its users. This agreed-upon set of principles dictates the correct behavior of users on the network.

A network technician must allow the use of HTTP traffic from the Internet over port 80 to an internal server running HTTP over port 81. What is this an example of?

Options are :

  • Dynamic DNS
  • Virtual Private Networking (VPN)
  • Dynamic NAT
  • Port Forwarding (Correct)

Answer : Port Forwarding

Explanation Port forwarding is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall.

A company has had several virus infections over the past few months. The infections were caused by vulnerabilities in the application versions that are being used. What should an administrator implement to prevent future outbreaks?

Options are :

  • Host-based intrusion detection systems
  • Acceptable use policies
  • Incident response team
  • Patch management (Correct)

Answer : Patch management

Explanation Since the viruses exploited known vulnerabilities, there should be patches available from the manufacturer/vendor. Based on this, proper patch management would prevent future outbreaks.

A technician just completed a new external website and setup access rules in the firewall. After some testing, only users outside the internal network can reach the site. The website responds to a ping from the internal network and resolves the proper public address. What can the technician do to fix this issue while causing internal users to route to the website using an internal IP address?

Options are :

  • Configure NAT on the firewall
  • Implement a split horizon DNS (Correct)
  • Place the server in the DMZ
  • Adjust the proper internal ACL

Answer : Implement a split horizon DNS

Explanation Split Domain Name System (Split DNS) is an implementation in which separate DNS servers are provided for internal and external networks as a means of security and privacy management.

What tool would a network technician use to troubleshoot a span of single-mode fiber cable?

Options are :

  • Punchdown tool
  • Spectrum analyzer
  • Ethernet tester
  • OTDR (Correct)

Answer : OTDR

Explanation The other answers are used with copper cables (like CAT5). An optical time-domain reflectometer (OTDR) is an optoelectronic instrument used to characterize an optical fiber. An OTDR is the optical equivalent of an electronic time domain reflectometer.

A company has implemented the capability to send all log files to a central location by utilizing an encrypted channel. The log files are sent to this location in order to be reviewed. A recent exploit has caused the company's encryption to become unsecure. What would be required to resolve the exploit?

Options are :

  • Utilize an FTP service
  • Install recommended updates (Correct)
  • Send all log files through SMTP
  • Configure the firewall to block port 22

Answer : Install recommended updates

Explanation If the encryption is unsecure, then we must look for encryption software updates or patches. If they are available, we must install them.

What network infrastructure implementations would be used to support files being transferred between Bluetooth-enabled smartphones?

Options are :

  • PAN (Correct)
  • LAN
  • WLAN
  • MAN

Answer : PAN

Explanation A personal area network (PAN) refers to the interconnection of information technology devices or gadgets within the environment of an individual user (typically within 10 meters).

A home user is configuring a wireless router and must decide which wireless standard to use. The user has many devices that require a lot of bandwidth and must be able to communicate at a far distance from the router. What standard will BEST meet the home user's requirements?

Options are :

  • 802.11a
  • 802.11b
  • 802.11g
  • 802.11n (Correct)

Answer : 802.11n

Explanation From the choices given, Wireless N (802.11n) will provide the most bandwidth to support the numerous devices on the network. If Wireless AC was an option, it would be the better answer.

A network technician determines that two dynamically-assigned workstations have duplicate IP addresses. What command should the technician use to correct this issue?

Options are :

  • ipconfig /all
  • ipconfig /dhcp
  • ipconfig /release; ipconfig /renew (Correct)
  • ipconfig /renew

Answer : ipconfig /release; ipconfig /renew

Explanation The first thing to do is to release that IP address using the command ipconfig /release. Next, the technician should dynamically reassign another IP address using the command ipconfig /renew.

A network technician wants to allow HTTP traffic through a stateless firewall. The company uses the network. What ACL should the technician configure?

Options are :



Explanation This will permit traffic from the internal network ( from any port to access the external network (any IP) to port 80 (HTTP).

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions