Mock Test : CompTIA Network+ (N10-007)

OFDM, QAM and QPSK are all examples of what wireless technology?

Options are :

  • Modulation (Correct)
  • RF interference
  • Frequency
  • Spectrum

Answer : Modulation

Explanation Common types of modulation include Orthogonal frequency-division multiplexing (OFDM), Quadrature Amplitude Modulation (QAM), and Quadrature Phase-shift keying (PSK).

An administrator is upgrading the switches in the server room to support 10 Gbps of throughput. The switch will need to take advantage of the existing CAT6a lines that run to each server. What Ethernet standard should be used?

Options are :

  • 10GBaseSW
  • 10GBaseFX
  • 10GBaseT (Correct)
  • 10GBaseSR

Answer : 10GBaseT

Explanation CAT6a can reach speeds of 10 Gbps over 10GBaseT cables. The other cables listed are all fiber cables, and not CAT6a.

A company owns four kiosks that are in close proximity within a shopping center. The owner is concerned about someone accessing the Internet via the kiosk's wireless network. What should be implemented to provide wireless access only to the employees working at the kiosk?

Options are :

  • Web filtering
  • MAC filtering (Correct)
  • Host-based antivirus
  • Firewall

Answer : MAC filtering

Explanation MAC Filtering will control access to the network by restricting access to only certain devices.

A network technician is replacing a client’s security devices which protect their DMZ. The client has an application that allows external users to access the application remotely. After replacing the devices, the external users cannot connect remotely to the application. What is likely misconfigured and causing a problem?

Options are :

  • Content filler
  • DNS
  • Firewall (Correct)
  • DHCP

Answer : Firewall

Explanation A firewall is an integral part of a DMZ. If configured correctly, it can regulate exactly what traffic and users are allowed to access the server. This is different from a content filter because a content filter simply denies traffic to a user based on content, but not access to a server. If the firewall ruleset was not configured to allow external users to access the application remotely, the default condition is to "deny by default".

What transmission method is used for network utilizing the 802.3 standard?

Options are :

  • Synchronous
  • Broadband
  • Baseband
  • DSSS
  • MAC (Correct)

Answer : MAC

Explanation Media Access control (MAC) is used for wired Ethernet data links. 802.3 is the standard for Ethernet networks.

Your network security manager wants a monthly report of the security posture of all the assets on the network (e.g. workstations, servers, routers, switches, firewalls). The report should include any feature of a system or appliance that is missing a security patch, OS update, or other essential security feature, as well as its risk severity. What solution would work best to find this data?

Options are :

  • Penetration Scan
  • Vulnerability scanner (Correct)
  • Virus scan
  • Security policy

Answer : Vulnerability scanner

Explanation A vulnerability scanner is a computer program designed to assess computers, computer systems, networks, or applications for weaknesses. Most vulnerability scanners also create an itemized report of their findings after the scan.

A network technician needs to connect two switches. The technician needs a link between them that is capable of handling 10 Gbps of throughput. What type of media would be the BEST to meet this requirement?

Options are :

  • CAT5e cable
  • Fiber Optic cable (Correct)
  • Coax cable
  • CAT3 cable

Answer : Fiber Optic cable

Explanation To achieve 10 Gbps, you should use CAT 6a or a fiber cable. Since CAT6a isn't an option, fiber is the best answer here. CAT 5e can only operate up to 100 meters at 1 Gbps of speed.

What should a technician upgrade to if the existing wireless standard only allows for three non-overlapping channels and more non-overlapping channels are needed?

Options are :

  • 802.1q
  • 802.11b
  • 802.11n (Correct)
  • 802.11g

Answer : 802.11n

Explanation Wireless b and g only support 3 non-overlapping channels (1, 6, 11), but Wireless n supports 5 GHz spectrum which provides dozens of non-overlapping channels.

There has been an increased amount of successful social engineering attacks at a corporate office. What would reduce this attack in the near future?

Options are :

  • Helpdesk training
  • Personal Identifiable Information
  • Appropriate use policy
  • User awareness training (Correct)

Answer : User awareness training

Explanation Users are the biggest vulnerabilities in a network, therefore providing good user awareness training is crucial to obtaining good network security.

A technician added memory to a router, but that memory is never recognized by the router. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. What is the likely cause of this issue?

Options are :

  • Driver update
  • VTP
  • Halon particles
  • ESD (Correct)

Answer : ESD

Explanation The most likely cause is that the memory chips are bad, because they have suffered from electrostatic discharge (ESD) during the installation and movement of the chips.

Which of the following would be the BEST addition to a business continuity plan to protect the business from a catastrophic disaster such as a fire, tornado, or earthquake?

Options are :

  • Building generator
  • UPS and battery backups
  • Fire suppression systems
  • Hot sites or cold sites (Correct)

Answer : Hot sites or cold sites

Explanation Although all answers are adequate suggestions to aid in business continuity, the addition of a hot or cold site is the BEST option. A hot or cold site is a commercial service that provides all equipment and facilities to allow a computer or networking company to continue operations in the event of a catastrophic event. In the case that the building has been destroyed, the hot/cold site is the only option that will allow the business to continue their operations effectively.

A system administrator wants to verify that external IP addresses are unable to collect software versioning from servers on the network. What should the system administrator do to confirm the network is protected?

Options are :

  • Use nmap to query known ports
  • Review the ID3 logs on the network
  • Utilize netstat to locate active connections
  • Analyze packet captures (Correct)

Answer : Analyze packet captures

Explanation Captured packets show you the information that was travelling through certain files, etc. Packet sniffers detail the information they’ve received, so working through those would show if the external network shows or details software versions.

It has been determined by network operations that there is a severe bottleneck on the company's mesh topology network. The field technician has chosen to use log management and found that one router is making routing decisions slower than the others on the network. What is this an example of?

Options are :

  • Network device CPU issues (Correct)
  • Network device power issues
  • Storage area network issues
  • Delayed responses from RADIUS

Answer : Network device CPU issues

Explanation Routing decisions must be processed by the router, which relies on the networking device's CPU.

A network technician replaced a faulty Ethernet cable. The technician replaced one side of the patch in the incorrect part of the patch panel. Within a few minutes, the technician was informed that users were experiencing slow or no Internet connectivity all over the building. A broadcast storm has begun. After removing the replacement cable, what should the technician do next?

Options are :

  • Attempt to isolate the storm to the domain by rebooting the switch
  • Review labeling and logical network diagram documentation (Correct)
  • Replace the cable during the next maintenance window
  • Re-terminate all of the other Ethernet cables on the switch to isolate the issue

Answer : Review labeling and logical network diagram documentation

Explanation The technician will be able to see the domain architecture, the strength of user connections, and the relationships in those connections, therefore making it easy to reassign the patches. It is likely that something has been mislabeled, and his connection of that Ethernet cable caused a loop.

Mark is setting up a DHCP server on a LAN segment. What option should he NOT configure in the DHCP scope in order to allow hosts on that LAN segment using dynamic IP addresses and to be able to access the Internet and internal company servers?

Options are :

  • Subnet mask
  • Reservations (Correct)
  • Default gateway
  • DNS servers

Answer : Reservations

Explanation In order to effectively access the Internet, the DHCP must provide a default gateway, DNS server, and subnet mask to each client.

Tim is a network administrator who is setting up three additional switches in his test lab. While configuring the switches, he is verifying the connectivity but finds that when he pings one of the switches using its IP address, he receives "Destination Unreachable". What kind of issue is this?

Options are :

  • Misconfigured DNS settings
  • Misconfigured Split Horizon (Correct)
  • Denial of service attack
  • RADIUS authentication errors

Answer : Misconfigured Split Horizon

Explanation Split horizon is a method of preventing a routing loop in a network. If it is misconfigured, the switches would be unable to communicate with each other. None of the other answers provided would prevent communication between the switches.

An administrator is told they need to set up a space in the breakroom where employees can relax. So, the administrator sets up several televisions with interconnected video game systems in the breakroom. What type of network did the administrator setup?

Options are :

  • MAN
  • LAN (Correct)
  • CAN
  • WAN

Answer : LAN

Explanation Since this gaming network is within one room, it is considered a LAN. All the other answers require a larger geographical area.

A company has a network with three switches, each one with eight ports. The switches are connected to a router that has a hub with four computers plugged into its interface ports. How many broadcast domains are in this network?

Options are :

  • 28
  • 16
  • 1
  • 5
  • 2 (Correct)

Answer : 2

Explanation A broadcast domain is a logical division of a computer network in which all nodes can reach each other by broadcast at the data link layer. A broadcast domain can be within the same LAN segment or it can be bridged to other LAN segments. Routers break up broadcast domains, therefore there are two broadcast domains in this network - one for each side of the router (three switches in one and the hub in the second).

A network administrator has set up a firewall and entered only three rules allowing traffic on ports 21, 110, and 25 to secure the network. Now, users are reporting that they cannot access web pages using their URLs. What can the technician do to correct this?

Options are :

  • Add a rule to the end allowing port 143 and 22
  • Add a rule to the end allowing port 445 and 173
  • Add a rule to the end allowing port 137 and 66
  • Add a rule to the end allowing port 80 and 53 (Correct)

Answer : Add a rule to the end allowing port 80 and 53

Explanation Port 80 is used for HTTP traffic. It listens to the web client and port 53 is needed to reach the DNS servers to determine the IP address for a given URL or domain name.

What would provide the highest level of physical security for the client if they are concerned with theft of equipment from the datacenter?

Options are :

  • Magnetic key swipe
  • Man trap (Correct)
  • Cipher lock
  • Proximity reader

Answer : Man trap

Explanation A man trap will ensure that only a single authorized person can get in or out of the building at time. It provides the highest level of physical security among the choices given.

What is used to proxy client requests for IP configurations across different network segments?

Options are :

  • Reverse proxy
  • DHCP relay (Correct)
  • Teredo tunneling

Answer : DHCP relay

Explanation A DHCP client is an Internet host using DHCP to obtain configuration parameters such as an IP address. A DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay agents are used to forward requests and replies between clients and servers when they are not on the same physical subnet.

A network technician needs to troubleshoot a recently installed NIC. He decides to ping the local loopback address. What IPv4 address should he ping?

Options are :

  • (Correct)

Answer :

Explanation Loopback is a test signal sent to a network destination in order to diagnose problems.

What is MOST likely to use an RJ-11 connector to connect a computer to an ISP using a POTS line?

Options are :

  • Multilayer switch
  • Analog modem (Correct)
  • DOCSIS modem
  • Access point

Answer : Analog modem

Explanation An analog modem is a device that converts the computer's digital pulses to tones that can be carried over analog telephone lines, and vice versa. The other type of Internet connection that occurs over an RJ-11 (phone line) is DSL.

An end user receives a new computer and now is unable to connect to a database using ODBC. Other users are able to connect successfully, and the network technician is able to successfully ping the database server but still is unable to connect. What might have caused this issue?

Options are :

  • Missing IP routes on router
  • Wrong default gateway address
  • Failing network interface card
  • Software firewall is blocking ports (Correct)

Answer : Software firewall is blocking ports

Explanation A change in the firewall settings to allow access to the specified ports will fix the problem. It appears the default firewall on this new computer is blocking the port used to communicate with the database server.

What Ethernet feature will allow increased FCoE network throughput as long as all network devices recognize its specific size?

Options are :

  • Equal cost multipath
  • Quality of service
  • Jumbo frame (Correct)
  • TCP offloading
  • Frame relay

Answer : Jumbo frame

Explanation By allowing jumbo frames, network throughput can be increased.

A network technician is using telnet to connect to a router on a network that has been compromised. A new user and password has been added to the router with full rights. The technician is concerned that the regularly used administrator account has been compromised. After changing the password on all the networking devices, what should the technician do to prevent the password from being sniffed on the network again?

Options are :

  • Ensure the password is 10 characters, containing letters and numbers
  • Use SNMPv1 for all configurations involving the router
  • Only allow administrators to access routers using port 22 (Correct)
  • Copy all configurations to routers using TFTP for security

Answer : Only allow administrators to access routers using port 22

Explanation Port 22 uses SSH to authenticate a remote computer or user, or in this case, an administrator. Even if the router has been compromised, the new full rights user would not be able to access their new account without the SSH key, which could only be provided by a true administrator. Telnet uses port 23 and passes all information as unencrypted traffic on the network. Telnet should always be disabled for security reasons and SSH (which uses encryption) should be used instead.

A network technician has just received an email regarding a security issue detected on the company's standard web browser. What will MOST likely fix the issue?

Options are :

  • Driver update
  • Firmware update
  • Vulnerability patch (Correct)
  • OS update

Answer : Vulnerability patch

Explanation Since there is a security issue with the current web browser, it most likely needs to be updated with a vulnerability patch from the manufacturer. A vulnerability patch is a piece of software that fixes security issues.

A technician is testing a new web-based tool capable of generating automatic teller machine (ATM) cash and service availability reports. The web-based tool was developed by a consortium of financial institutions. What cloud delivery models and technologies are being used by the technician?

Options are :

  • Community (Correct)
  • SaaS
  • Public
  • PaaS

Answer : Community

Explanation A community or private delivery mode would work best. The community delivery mode sends out based on joint interests and limited enrollment. The private option is owned by the organization and they act as the provider and consumer equally.

A network technician has just run a new point-to-point fiber link between two local routers. After the fiber has been plugged in on both ends, the interface will not come up. The network technician has double-checked the interface configuration on both routers, both SFPs have been hard-looped to confirm they are functioning, connectors on both ends of the links have been cleaned, and there is sufficient power. What is the cause of the problem?

Options are :

  • Duplex mismatch
  • Wrong IP address
  • Distance limitations
  • Wavelength mismatch (Correct)

Answer : Wavelength mismatch

Explanation Wavelength mismatch is when two different transmitters at each end of the cable have either longer or shorter wavelengths. Both transmitters have to be identical on each end of the cable.

A network administrator is tasked with building a wireless network in a new building located right next door. The wireless clients should not have visibility to one another but should have visibility to the wired users. Users must seamlessly migrate between the buildings while maintaining a constant connection to the LAN. How should he configure the new wireless network in the new building?

Options are :

  • Use different SSIDs on different channels and VLANs
  • Use different SSIDs on the same channels with VLANs
  • Use the same SSIDs on same channels with AP isolation
  • Use the same SSIDs on different channels and AP isolation (Correct)

Answer : Use the same SSIDs on different channels and AP isolation

Explanation For users to be able to seamlessly migrate between the two buildings, both Access Points (AP) must use the same SSIDs. They must be on different channels though. Otherwise, interference could occur. Access Point (AP) isolation is a technique for preventing mobile devices connected to an AP from communicating directly with each other.

What anti-malware solution should be implemented to deter attackers from loading custom files onto a distributed target platform?

Options are :

  • Network-based anti-malware (Correct)
  • Signature-based anti-malware
  • Host-based anti-malware
  • Cloud-based anti-malware

Answer : Network-based anti-malware

Explanation The network-based anti-malware can keep the system secure by testing all communications to/from a distributed target platform.

Host1’s application generates a payload of 2500 bytes of data and sends it to Host2. When the application on Host2 receives the payload it will be:

Options are :

  • less than 2500 bytes due to decapsulation
  • more than 2500 bytes due to encapsulation
  • 1500 bytes due to the default MTU settings
  • 2500 bytes in size (Correct)

Answer : 2500 bytes in size

Explanation The payload is the data to be transmitted. The extra pieces added or removed during encapsulation are in addition to this payload size.

A network administrator updated an Internet server to evaluate some new features in the current release. A week after the update, the Internet server vendor warns that the latest release may have introduced a new vulnerability and a patch is in the works. What should the administrator do to mitigate this risk?

Options are :

  • Downgrade the server and defer the new feature testing (Correct)
  • Enable HIPS to protect the server until the patch is released
  • Utilize WAF to restrict malicious activity to the Internet server
  • Enable the host-based firewall on the Internet server

Answer : Downgrade the server and defer the new feature testing

Explanation Since the vendor stated that the new version introduces vulnerabilities in the environment, it is better to downgrade the server to the older and more secure version until a patch is available.

While monitoring the network, a technician notices that the network traffic to one of the servers is extremely high. What should the network technician utilize to verify if this is a concern?

Options are :

  • Network diagram
  • Log management
  • Real-time monitor
  • Network baseline (Correct)

Answer : Network baseline

Explanation High network traffic can be a sign of a possible attack conducted either by an insider or someone out of the network to steal relevant information. By reviewing the network baseline, the network technician can determine if the traffic is actually high and if any configurations of the network are out of baseline causing the issue.

An employee of a highly-secure company needs to use facial recognition in addition to username/password to successfully establish a VPN. What BEST describes this methodology?

Options are :

  • Federated identity
  • PKI
  • Biometric authentication
  • Two-factor authentication (Correct)

Answer : Two-factor authentication

Explanation This would classify best as two-factor authentication, since it requires "something you are" (face) and "something you know" (username/password) for successful authentication to occur.

What network infrastructure implementations would be used to connect two remote sales machines back to the main campus for all data and voice traffic?

Options are :

  • Multimode fiber (Correct)
  • MPLS
  • Satellite
  • Crossover cable

Answer : Multimode fiber

Explanation A crossover cable maxes at 300ft (cat5e) satellite works over line of sight technology and sometimes the signal isn’t great, and MPLS is based on a short path rather than a long path. Multimode fiber can carry different types of data signals over short distances without losing any integrity.

A technician is helping a SOHO determine where to install the server. What should they consider first?

Options are :

  • Environmental limitations (Correct)
  • Compatibility requirements
  • Cable length
  • Equipment limitations

Answer : Environmental limitations

Explanation SOHO stands for Small Office / Home Office. A SOHO network is typically a small network. Being a small network, it is unlikely that it will have a datacenter or even a dedicated server room. Therefore, they should consider the environmental limitations (power, space, and cooling) first.

The administrator would like to use the strongest encryption level possible using PSK without utilizing an additional authentication server. What encryption type should be implemented?

Options are :

  • WPA personal (Correct)
  • WPA2 Enterprise
  • WEP
  • MAC filtering

Answer : WPA personal

Explanation Since he wishes to use a pre-shared key and not require an authentication server, the most secure choice is WPA personal. WPA2 Enterprise is actually a more secure choice, but it requires a RADIUS authentication server to be used.

An administrator hosts all of the company's virtual servers internally. In the event of total server failure, the server images can be restored on a cloud provider and accessed through the VPN. What cloud services is the administrator using?

Options are :

  • Private Iaas
  • Community PaaS
  • Public Iaas (Correct)
  • Hybrid Saas

Answer : Public Iaas

Explanation Infrastructure as a Service (IaaS) is the foundation of cloud computing. Rather than purchasing or leasing space in expensive datacenter, labor, real estate, and all of the utilities to maintain and deploy computer servers, cloud networks, and storage, cloud buyers rent space in a virtual data center from an IaaS provider. They have access to the virtual data center via the Internet. This type of cloud computing provides the “raw materials? for IT, and users usually only pay for the resources they consume, including (but not limited to) CPU cores, RAM, hard disk or storage space, and data transfer. Since this cloud provider is available to all companies to use, much like Microsoft Azure or Amazon Web Services, this is an example of a Public IaaS or Public Cloud.

What concept is the MOST important for a company's long-term health in the event of a disaster?

Options are :

  • Uninterruptible power supplies
  • Vulnerability scanning
  • Offsite backups (Correct)
  • Implementing acceptable use policy

Answer : Offsite backups

Explanation In case of a disaster, you must protect your data. Some of the most common strategies for data protection include backups made to tape and sent offsite at regular intervals.

A user reports slow performance. A technician troubleshooting the issue uses a performance monitoring tool and receives the following results:

Avg. % Processor Time = 15%
Avg. Pages/Second = 5
Avg. Disk Queue Length = 1

Based on these results, what is the issue?

Options are :

  • Processor
  • Memory (Correct)
  • Hard drive
  • NIC

Answer : Memory

Explanation The processor reads data based on how much RAM is in a system. If it takes longer to access certain things, adding more RAM could help the processor work at a higher rate of speed. The Average Pages/Second at 5 is considered high in most cases, so additional RAM should be added to the machine.

A company wants to create highly-available datacenters. What will allow the company to continue to maintain an Internet presence at all sites in the event that a WAN circuit at their own site goes down?

Options are :

  • VRRP
  • Load balancer
  • OSPF
  • BGP (Correct)

Answer : BGP

Explanation If a WAN link goes down, BGP will route data through another WAN link if redundant WAN links are available.

A technician installs a new piece of hardware and now needs to add the device to the network management tool database. However, when adding the device to the tool using SNMP credentials, the tool cannot successfully interpret the results. What needs to be added to allow the network management tool to interpret the new device and control it using SNMP?

Options are :

  • TRAP
  • WALK
  • GET
  • MIB (Correct)

Answer : MIB

Explanation Management Information Base (MIB) is used for managing all entities on a network using Simple Network Management Protocol. It would allow whatever tool to correctly interpret the information received.

A network administrator needs to allow employees to upload files to a remote server. What port should be allowed through the firewall?

Options are :

  • 161
  • 20
  • 23
  • 21 (Correct)

Answer : 21

Explanation Port 21 or FTP (File Transfer Protocol) is used to transfer files between computers and servers. If you needed to use secure file transfer, you would use port 22 (SFTP).

A technician wants to implement a network for testing remote devices before allowing them to connect to the corporate network. What could the technician implement to meet this requirement?

Options are :

  • High availability
  • Quarantine (Correct)
  • Honeynet
  • MAN network

Answer : Quarantine

Explanation Quarantine is where devices that do not meet the standards for the regular network can be placed. In this area, they can be checked before connecting to the main network.

What is the network topology in which all nodes have point to point connections to all other nodes known as?

Options are :

  • Ring
  • Star
  • Mesh (Correct)
  • Bus

Answer : Mesh

Explanation A mesh network is a network topology in which each node relays data for the network.

A home user reports to a network technician that the Internet is slow. The network administrator discovers that multiple unknown devices are connected to the access point. What is MOST likely the cause?

Options are :

  • A successful WPS attack has occurred (Correct)
  • The user is experiencing ARP poisoning
  • The user is connected to a botnet
  • An evil twin has been implemented

Answer : A successful WPS attack has occurred

Explanation Successful WPS attacks happen when the default username/password etc. has not been changed or reconfigured on the router. If your default username/password hasn’t been changed, anybody can get into the settings and open the network. This is why additional unknown devices are on the network.

The corporate network uses a centralized server to manage credentials for all of its network devices. What type of server is MOST likely being used in this configuration?

Options are :

  • RADIUS (Correct)
  • DNS
  • FTP
  • Kerberos

Answer : RADIUS

Explanation RADIUS is used to centrally manage credentials for network devices. TACACS is an older username and logon system that uses authentication to determine access, while RADIUS combines authorization AND authentication. For this question, either RADIUS or TACACS would be an acceptable answer.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions