CompTIA Network+ (N10-007)

What should be implemented to allow wireless network access for clients in the lobby using a password key?

Options are :

  • IPSec
  • Firewall
  • WPA2 (Correct)
  • RADIUS

Answer : WPA2

Explanation WPA2 allows the use of a preshared key for wireless network access.

When configuring a new server, a technician requests that an MX record be created in DNS for the new server, but the record was not entered properly. What was MOST likely installed that required an MX record to function properly?

Options are :

  • Firewall DMZ
  • Load balancer
  • FTP server
  • Mail server (Correct)

Answer : Mail server

Explanation A mail server is a computer with mail transfer agent (MTA) functions. Mail is exchanged between email servers running special software, which is built around standardized protocols for handling messages and their varied (multimedia) content. MX records are used in DNS servers to identify the mail servers.

A network technician has been tasked to provide a local office with wireless Internet access. The network technician had determined the users will need a wireless router that provides a maximum of 54Mbps of bandwidth while operating in the 2.4Ghz band. What type of wireless network should they utilize?

Options are :

  • 802.11b
  • 802.11g (Correct)
  • 802.11a
  • 802.11n

Answer : 802.11g

Explanation 802.11g provides transmission over short distances at up to 54Mbps in the 2.4GHz band. It’s also backwards compatible with 802.11b.

What allows network traffic to travel across several switches on several VLANs?

Options are :

  • Trunking (Correct)
  • VLAN assignments
  • VLAN ID
  • Port bonding

Answer : Trunking

Explanation VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol that propagates the definition of Virtual Local Area Networks (VLAN) on the whole local area network. To do this, VTP carries VLAN information to all the switches in a VTP domain. VTP advertisements can be sent over 802.1Q, and ISL trunks.

What device actively defends the network by detecting threats and shutting down ports or changing configurations to prevent attacks?

Options are :

  • Honeypot
  • Firewall
  • IDS
  • IPS (Correct)

Answer : IPS

Explanation Intrusion Protection Systems (IPS) can reconfigure themselves based on the threats experienced. Firewalls maintain a static configuration.

Patches have just been released by a third-party vendor to resolve a major vulnerability. There are over 100 critical devices that need to be updated. What action should be taken to ensure the patch is installed with minimal downtime?

Options are :

  • Test the patch in a lab environment and then install it in the production network during the next scheduled maintenance
  • Configure end points to automatically download and install the patches
  • Deploy the patch in a lab environment, quickly conduct testing, and then immediately install it in the production environment (Correct)
  • Download and install all patches in the production network during the next scheduled maintenance period

Answer : Deploy the patch in a lab environment, quickly conduct testing, and then immediately install it in the production environment

Explanation Patches should always be tested first. Once successfully tested, deployment to the production environment can then be accomplished.

A technician receives a report that a user’s workstation is experiencing no network connectivity. The technician investigates and notices the patch cable running from the back of the user’s VoIP phone is routed directly under the rolling chair and has been repeatedly smashed. What is the likely cause of the problem?

Options are :

  • Cross-talk (Correct)
  • Split pairs
  • Cable was not properly crimped
  • Excessive collisions

Answer : Cross-talk

Explanation Cross-talk and EMI occur when signals experience interference. Since the cable has been repeatedly run over, its shielding could be damaged since the cable is no longer made up of the same consistency and cross-talk could occur between the pairs.

A network technician must utilize multimode fiber to uplink a new networking device. What Ethernet standard could the technician utilize?

Options are :

  • 1000Base-T
  • 1000base-LR
  • 10GBase-SR (Correct)
  • 1000Base-FX

Answer : 10GBase-SR

Explanation 10Gbase-SR is a 10 Gigabit Ethernet LAN standard for operation over multi-mode fiber optic cable and short wavelength signaling. Remember, for the exam, "S is not single", meaning the ones that has a Base-S as part of its name designates it as a multimode fiber cable.

Jason is the network manager and is leading a project to deploy a SAN. He is working with the vendor's support technician to properly set up and configure the SAN on the network. To begin SAN I/O optimization, what should Jason need to provide to the vendor support technician?

Options are :

  • Asset management document
  • Baseline documents
  • Network diagrams (Correct)
  • Access to the data center

Answer : Network diagrams

Explanation A network diagram is a visual representation of network architecture. It maps out the structure of a network with a variety of different symbols and line connections. This information will be important when deploying a Storage Area Network (SAN).

An organization requires a second technician to verify changes before applying them to network devices. When checking the configuration of a network device, a technician determines that a coworker has improperly configured the AS number on the device. This would result to what?

Options are :

  • BGP routing issues (Correct)
  • Spanning tree ports in flooding mode
  • Reduced wireless network coverage
  • The OSPF not-so-stubby area is misconfigured

Answer : BGP routing issues

Explanation BGP (Border Gateway Protocol) is used to route data between autonomous systems (AS’s). A collection of networks that fall within the same administrative domain is called an autonomous system (AS). The routers within an AS use an interior gateway protocol, such as the Routing Information Protocol (RIP) or the Open Shortest Path First (OSPF) protocol, to exchange routing information among themselves.

The networking concept of split horizon is designed to prevent which of the following?

Options are :

  • Collisions
  • Duplicate addresses
  • Loops (Correct)
  • Large routing tables

Answer : Loops

Explanation In computer networking, split-horizon route advertisement is a method of preventing routing loops in distance-vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it was learned.

A network administrator recently set up a network computer lab and discovered some connectivity issues. The administrator is able to ping the fiber uplink interface, but none of the new PCs plugged into the switch respond to ICMP requests. What should the technician do next?

Options are :

  • Check if there are link lights on the ports (Correct)
  • Check to see if the uplink interface is configured correctly
  • Check the ports on the switch for full duplex
  • Check to see if port security is enabled

Answer : Check if there are link lights on the ports

Explanation By checking the link lights on the ports, the administrator can verify if there is any activity on the network, if the ports are enabled, and if the Layer 1 components are working correctly.

The network install is failing redundancy testing at the MDF. The traffic being transported is a mixture of multicast and unicast signals. What would BEST handle the rerouting caused by the disruption of service?

Options are :

  • Proxy server
  • Smart hub
  • Layer 2 switch
  • Layer 3 switch (Correct)

Answer : Layer 3 switch

Explanation A layer 3 switch is the best option because in addition to its capability of broadcast traffic reduction, it provides fault isolation and simplified security management. This is achieved through the use of IP address information to make routing decisions when managing traffic between LANs.

A technician has installed an 802.11n network and most users are able to see speeds of up to 300Mbps. There are few users who have an 802.11n network card but are unable to get speeds higher than 108Mbps. What should the technician do to fix the issue?

Options are :

  • Upgrade the OS version to 64-bit
  • Install a vulnerability patch
  • Roll back the firmware on WLAN card
  • Upgrade the WLAN card driver (Correct)

Answer : Upgrade the WLAN card driver

Explanation Wireless N networks can support up to 600Mbps with the proper software drivers for the network cards. Without them, they can only achieve 108Mbps since they cannot communicate with the increased data compression rates.

A company is selecting a fire suppression system for their new datacenter and wants to minimize the IT system recovery period in the event of a fire. What is the best choice for their new fire suppression system?

Options are :

  • Clean Gas (Correct)
  • Wet Pipe
  • Portable extinguishers
  • Dry Pipe

Answer : Clean Gas

Explanation Using a clean gas fire suppression system in datacenters is the best, since it minimizes the IT system recovery costs and prevents damage to the equipment. The clean gas extinguishes the fire faster and is more common in datacenter environments.

While troubleshooting, a technician notices that some clients using FTP still work and that pings to the local router and servers are working. The technician tries to ping all known nodes on the network and they reply positively, except for one of the servers. The technician notices that ping works only when the host name is used but not when FQDN is used. What server is MOST likely offline? 

Options are :

  • DNS server (Correct)
  • WINS server
  • DHCP server
  • Domain controller

Answer : DNS server

Explanation The DNS Server translates Fully Qualified Domain Names (FQDN) to IP addresses.

Which wireless characteristic does channel bonding improve?

Options are :

  • Coverage area
  • Signal strength
  • Encryption strength
  • Connection speed (Correct)

Answer : Connection speed

Explanation Channel Bonding is used to reduce redundancy or increase throughput, directly affecting the connection speed of a wireless connection. Signal strength only refers to the maximum transmitted power by an antenna.

A network engineer needs to set up a topology that will not fail if there is an outage on a single piece of the topology. However, the computers need to wait to talk on the network to avoid congestion. What topology would the engineer implement?

Options are :

  • Ring (Correct)
  • Mesh
  • Star
  • Bus

Answer : Ring

Explanation A ring topology is a local area network (LAN) in which the nodes (workstations or other devices) are connected in a closed loop configuration. Adjacent pairs of nodes are directly connected. Other pairs of nodes are indirectly connected, with data passing through one or more intermediate nodes.

As part of unified communications services, QoS must be implemented. DSCP and CoS map to which OSI layer?

Options are :

  • Layer 5
  • Layer 4
  • Layer 2 (Correct)
  • Layer 1

Answer : Layer 2

Explanation DSCP is a layer 3 packet and it is the most commonly used value for QoS of an IP packet (as it gives lots of flexibility). CoS, on the other hand, is a layer 2 packet. Based on the options given, only Layer 2 is correct.

A network technician discovers an issue with spanning tree on the core switch. Which step should the network technician perform NEXT when troubleshooting to resolve the issue?

Options are :

  • Test a theory to determine the cause
  • Identify the symptoms
  • Escalate to a senior technician
  • Establish a theory of probable cause (Correct)

Answer : Establish a theory of probable cause

Explanation If the technician has already discovered the issue, the symptoms have already been identified. Testing the theory comes after you have established a theory, which can only come once the issue has been discovered. Establishing a theory of probable cause allows you to continue with the next steps in troubleshooting the issue.

A network technician is assisting the company with developing a new business continuity plan. What would be an appropriate suggestion to add to the plan?

Options are :

  • Maintain up-to-date configuration backups
  • Perform reoccurring vulnerability scans
  • Physically secure all network equipment
  • Build redundant links between core devices (Correct)

Answer : Build redundant links between core devices

Explanation The business continuity plan focuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster. By keeping redundant links between core devices, critical business services can be kept running if one link is unavailable during a disaster.

A technician would like to track the improvement of the network infrastructure after upgrades. What should the technician implement to have an accurate comparison?

Options are :

  • Statement of work
  • Baseline (Correct)
  • Regression test
  • Speed test

Answer : Baseline

Explanation In networking, baseline refers to the standard level of performance of a certain device or the normal operating capacity for your whole network. High-quality documentation should include a baseline for network performance because you and your client need to know what “normal? looks like in order to detect problems before they develop into disasters.

An outside organization has completed a penetration test for a company. One of the items on the report is reflecting the ability to read SSL traffic from the web server. What is the MOST likely mitigation for this reported item?

Options are :

  • Install an IDS on the network
  • Implement a VPN for employees
  • Configure the firewall to block traffic on port 443
  • Ensure patches are deployed (Correct)

Answer : Ensure patches are deployed

Explanation A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be able to read SSL traffic, in a piece of software.

A client reports that half of the marketing department is unable to access network resources. The technician determines that the switch has failed and needs replacement. What would be the MOST helpful in regaining connectivity?

Options are :

  • VLAN configuration
  • Network Diagram
  • Configuration backup (Correct)
  • Router image

Answer : Configuration backup

Explanation If you have a configuration backup of the switch, a new piece of hardware (new switch) can be installed quickly and the configuration can be restored to the new switch.

What is a logical host on the network where unauthorized users are placed in which they still believe they're on the production network?

Options are :

  • VLAN
  • Honeypot (Correct)
  • Virtual Terminal
  • Virtual server

Answer : Honeypot

Explanation A honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts of unauthorized use of information systems. It acts as a decoy so that hackers think there on the production network, but they're actually not.

A company has a new offering to provide access to their product from a central location rather than clients internally hosting the product on the client network. The product contains sensitive corporate information that should not be accessible from one client to another. What is this an example of?

Options are :

  • Public SaaS
  • Community IaaS
  • Hybrid IaaS
  • Private SaaS (Correct)

Answer : Private SaaS

Explanation SaaS stands for Software as a Service. This is a cloud model whereby a service provider provides a software service and makes the service available to customers over the Internet. Examples of Saas include Microsoft Office 365, Microsoft Exchange Online, and Google Docs.

A user was moved from one cubicle in the office to a new one a few desks over. Now, they are reporting that their VoIP phone is randomly rebooting. When the network technician takes the VoIP phone and reconnects it in the old cubicle, it works without any issues. What is the cause of the problem?

Options are :

  • Bad UPS
  • Misconfigured DNS
  • Attenuation
  • Cable short (Correct)

Answer : Cable short

Explanation Since the VoIP phone works in one cubicle but not another one that is very close, it is likely the new cubicle has a short in the cable running to the network jack or from the jack to the VoIP phone. The network technician should test the new cubicle's network jack to ensure there isn't an issue with the wiring.

A company utilizes a patching server to regularly update its PCs. After the latest round of patching, all of the older PCs with non-gigabit Ethernet cards become disconnected from the network and now require a technician to fix the issue locally at each PC. What could be done to prevent this problem next time?

Options are :

  • Throttle the connection speed of the patching server to match older PCs
  • Disable automatic driver updates to PCs on the patching server (Correct)
  • Require the patching server to update the oldest PCs off hours
  • Enable automatic rebooting of the PCs after patching is completed

Answer : Disable automatic driver updates to PCs on the patching server

Explanation The most likely cause of this issue was a forced driver update being pushed from the update server to the older PCs, breaking their ability to use their network cards. It is best to disable automatic driver updates for PCs and have them tested first.

A network technician is troubleshooting connectivity problems between switches but suspects the ports are not properly labeled. What option will help to quickly identify the switches connected to each port?

Options are :

  • Enable a packet sniffer on each network device’s uplink port.
  • Enable a discovery protocol on the network devices. (Correct)
  • Configure TACACs+ on each network device
  • Configure each uplink to send LACP discovery units.

Answer : Enable a discovery protocol on the network devices.

Explanation By enabling a discovery protocol on the network devices, the technician will be able to get detailed information such as the IP addresses, system version, and the type of device information from supporting devices directly connected to the discovery protocol, therefore providing information about the specific routers.

A common technique used by malicious individuals to perform a man-in-the-middle attack on a wireless network is:

Options are :

  • ARP cache poisoning
  • Sessions hijacking
  • Creating an evil twin (Correct)
  • Amplified DNS attacks

Answer : Creating an evil twin

Explanation Evil Twin access points are the most common way to perform a man-in-the-middle attack on a wireless network.

A project lead is reviewing the statement of work for an upcoming project that is focused on identifying potential weaknesses in the organization’s internal and external network infrastructure. As part of the project, a team of external contractors will attempt to employ various attacks against the organization. The statement of work specifically addresses the utilization of an automated tool to probe network resources in an attempt to develop logical diagrams indicating weaknesses in the infrastructure. The scope of activity as described in the statement of work is an example of: 

Options are :

  • Social engineering
  • Vulnerability scanning
  • Session hijacking
  • Penetration testing (Correct)

Answer : Penetration testing

Explanation Penetration testing is the act of using a computer system, an individual network, or another application to find vulnerabilities that an attacker could use to compromise your systems. Penetration testing can also find endpoints with vulnerabilities which makes the attack surface greater.

A network engineer is conducting an assessment for a customer who wants to implement an 802.11n wireless network. Before the engineer can estimate the number of WAPs needed, it is important to reference the _______________.

Options are :

  • Network diagram
  • Network topology
  • Site survey (Correct)
  • PoE requirements

Answer : Site survey

Explanation Since it is a wireless network, a review of a site survey is necessary to determine any physical advantages and disadvantages. Network topology and network diagrams can be created once the site survey is complete and the location of the access points are determined.

A training class is being held in an auditorium. Hard-wired connections are required for all laptops that will be used. The network technician must add a switch to the room through which the laptops will connect for full network access. What must the technician configure on the switch port of both switches to create this setup properly?

Options are :

  • Trunk (Correct)
  • CIDR
  • DHCP
  • Split horizon

Answer : Trunk

Explanation We should use trunk ports to set up a VLAN for the laptops that will be used in the auditorium. A trunk port is assigned to carry traffic for all the VLANs that are accessible by a specific switch, a process known as trunking.

What media type would employ the DOCSIS standard in a residential Internet installation?

Options are :

  • DSL
  • Cellular
  • 3G/LTE
  • Fiber
  • Cable (Correct)

Answer : Cable

Explanation Cable uses DOCSIS (Data over Cable Service Interface Specifications). This allows high-speed data transfer over an existing cable TV system.

A network technician is troubleshooting a network connection error. When they ping the default gateway, they receive no reply. The default gateway is found to be functioning properly, but cannot connect to any of the workstations on the network. Which layer of the OSI model would the issue reside?

Options are :

  • Presentation
  • Transport
  • Session
  • Physical (Correct)

Answer : Physical

Explanation Ping requests occur at layer 3 (Network layer). Therefore, the problem could exist in layer 1 (physical), layer 2 (data link), or layer 3 (network). Since Physical (layer 1) is the only choice from layers 1-3 given, it must be the correct answer.

What should be considered when determining the coverage for a new implementation of 802.11n WLAN?

Options are :

  • Building material (Correct)
  • Temperature
  • Heatmap
  • Humidity

Answer : Building material

Explanation Some building materials are more dense than others. The denser the object, the more you will have a degradation of signal. For optimal signal, a LoS (Line of sight) of 25 feet or less is advised as well.

A technician is setting up a new network and wants to create redundant paths through the network. What should be implemented to prevent performance degradation?

Options are :

  • VLAN
  • Port mirroring
  • Spanning tree (Correct)
  • ARP inspection

Answer : Spanning tree

Explanation The Spanning Tree Protocol (STP) is a network protocol that builds a logical loop-free topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them.

A technician is configuring a managed switch and needs to enable 802.3af. What should the technician enable?

Options are :

  • Trunking
  • Port bonding
  • PoE (Correct)
  • VLAN

Answer : PoE

Explanation Power over Ethernet (PoE) is defined by the IEEE 802.3af and 802.3at standards.

A network technician is connecting three temporary office trailers with a point-to-multipoint microwave radio solution in a wooded area. The microwave radios are up and the network technician can ping devices in all office trailers, however, connectivity is sporadic. What is the cause of this issue?

Options are :

  • Latency
  • Interference (Correct)
  • Split horizon
  • Throttling

Answer : Interference

Explanation As a process of elimination, throttling slows down speed and latency slows down speed even further. Split horizon prevents loops so it only makes sense that interference is the choice. Also, interference causes drops in connections in many circumstances.

A network technician has designed a network consisting of an external Internet connection, a DMZ, an internal private network, and an administrative network. From which network segment should all routers and switches be configured to accept SSH connections?

Options are :

  • Administrative network allowing only admin access (Correct)
  • DMZ only allowing access from the segment with the servers
  • Internet connection to allow admin access from anywhere
  • Internal network since it is private

Answer : Administrative network allowing only admin access

Explanation Since the admin network is hidden behind firewalls (surrounding the DMZ), SSH connections from the admin network are inherently secure and therefore should be allowed to communicate with the other three networks.

A technician needs to add new features to existing hardware devices. What should be performed to add the new features?

Options are :

  • Firmware updates (Correct)
  • Cloning
  • Vulnerability patching
  • Changing to IPv6

Answer : Firmware updates

Explanation To add new features to existing hardware devices, updating the firmware is always a must to mitigate any vulnerabilities.

Lynne is a home user who would like to share music throughout the computers in her house using an external USB hard drive connected to a router that she purchased over a year ago. The manufacturer states that the router is capable of recognizing drives up to 4TB in size, but she cannot get her 3TB drive to show up on the network. What should Lynne do to fix this problem?

Options are :

  • Flash the latest firmware for her router (Correct)
  • Load the latest hardware drivers for her USB drive
  • Download the latest playback software for her music files
  • Install the latest OS on her computers

Answer : Flash the latest firmware for her router

Explanation Routers can be updated by conducting a firmware flash. This is similar to upgrading or patching your computer's operating system, or even updating a device driver. By flashing the firmware, it can provide the ability to communicate with newer devices.

A technician has punched down only the middle two pins (pins 4 and 5) on an Ethernet patch panel. The technician has cabled this port to be used with which of the following?

Options are :

  • 10baseT
  • 568B
  • 568A
  • POTS (Correct)

Answer : POTS

Explanation POTS is short for plain old telephone service. The technician was making a cable for a telephone to use, since it only requires two pins (send and receive).

What protocol uses label-switching routers and label-edge routers to forward traffic?

Options are :

  • BGP
  • MPLS (Correct)
  • IS-IS
  • OSPF

Answer : MPLS

Explanation Multi-protocol label switching (MPLS) is a mechanism used within computer network infrastructures to speed up the time it takes a data packet to flow from one node to another. The label-based switching mechanism enables the network packets to flow on any protocol.

A network technician is tasked with designing a firewall to improve security for an existing FTP server that is on the company network and is accessible from the Internet. Security personnel are concerned that the FTP server is compromised and is possibly being used as a platform to attack other company servers. What is the BEST way to mitigate this risk?

Options are :

  • Add an outbound ACL to the firewall
  • Change the FTP server to a more secure SFTP
  • Move the server to the company's DMZ (Correct)
  • Use the implicit deny of the firewall

Answer : Move the server to the company's DMZ

Explanation The DMZ is the subnetwork of a network that hosts public-facing servers and has additional security added to it.

A network administrator is configuring a VLAN across multiple switches. The administrator wants to configure the VLAN once and have that configuration propagate to all of the switches in the network. What should the administrator do?

Options are :

  • Configure the switches to utilize IGRP
  • Implement port bonding on the switches
  • Configure the switches to utilize STP
  • Configure the switches to utilize VTP (Correct)

Answer : Configure the switches to utilize VTP

Explanation VLAN Trunking Protocol (VTP) shares VLAN information to all switches in a network.

A technician needs to use SNMP to manage several legacy devices. The technician wants to ask a vendor for the specification that will provide SNMP monitoring of the devices. What will allow SNMP monitoring of the devices?

Options are :

  • SSH
  • SYSLOG
  • MIB (Correct)
  • MIMO

Answer : MIB

Explanation MIB stands for Management Information Base and is a collection of information which is organized hierarchically. The various pieces of information are accessed by a protocol, such as SNMP.

A system administrator has been tasked to ensure that the software team is not affecting the production software when developing enhancements. The software that is being updated is on a very short SDLC and enhancements must be developed rapidly. These enhancements must be approved before being deployed. What could mitigate production outages before the enhancements are deployed to the environment?

Options are :

  • Deploy an IPS on the production network
  • Implement ACLs that only allow management access to the enhancements
  • Move the software team's workstations to the DMZ
  • Implement an environment to test the enhancements (Correct)

Answer : Implement an environment to test the enhancements

Explanation Environments are controlled areas where system developers can build, distribute, install, configure, test, and execute systems that move through the Software Development Life Cycle (SDLC). The enhancements can be deployed and tested in a test environment before they are installed in the production environment.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions