Comptia: Exam Questions N10-009
Uploaded by
jamesryangdejesusComptia: Exam Questions N10-009
Uploaded by
jamesryangdejesusRecommend!!
Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
CompTIA
Exam Questions N10-009
CompTIA Network+ Exam
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
NEW QUESTION 1
- (Exam Topic 1)
A technician wants to deploy a new wireless network that comprises 30 WAPs installed throughout a
three-story office building. All the APs will broadcast the same SSID for client access. Which of the following BEST describes this deployment?
A. Extended service set
B. Basic service set
C. Unified service set
D. Independent basic service set
Answer: A
Explanation:
An extended service set (ESS) is a wireless network that consists of multiple access points (APs) that share the same SSID and are connected by a wired
network. An ESS allows wireless clients to roam seamlessly between different APs without losing connectivity. A basic service set (BSS) is a wireless network that
consists of a single AP and its associated clients. An independent basic service set (IBSS) is a wireless network that consists of a group of clients that
communicate directly without an AP. A unified service set is not a standard term for a wireless network. References:
https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam-objectives-(2-0),
https://en.wikipedia.org/wiki/Service_set_(802.11_network)
NEW QUESTION 2
- (Exam Topic 1)
Which of the following devices would be used to manage a corporate WLAN?
A. A wireless NAS
B. A wireless bridge
C. A wireless router
D. A wireless controller
Answer: D
Explanation:
A wireless controller is used to manage a corporate WLAN, providing centralized management and configuration of access points. References: CompTIA
Network+ Certification Study Guide, Chapter 8: Wireless Networks.
NEW QUESTION 3
- (Exam Topic 1)
An engineer notices some late collisions on a half-duplex link. The engineer verifies that the devices on both ends of the connection are configured for half duplex.
Which of the following is the MOST likely cause of this issue?
A. The link is improperly terminated
B. One of the devices is misconfigured
C. The cable length is excessive
D. One of the devices has a hardware issue
Answer: C
Explanation:
In a half-duplex link, devices can only send or receive data at one time, not simultaneously. Late collisions occur when devices transmit data at the same time after
waiting for a clear channel. One of the causes of late collisions is excessive cable length, which increases the propagation delay and makes it harder for devices to
detect collisions. The link termination, device configuration, and device hardware are not likely to cause late collisions on a half-duplex link.
NEW QUESTION 4
- (Exam Topic 1)
Wireless users are reporting intermittent internet connectivity. Connectivity is restored when the users disconnect and reconnect, utilizing the web authentication
process each time. The network administrator can see the devices connected to the APs at all times. Which of the following steps will MOST likely determine the
cause of the issue?
A. Verify the session time-out configuration on the captive portal settings
B. Check for encryption protocol mismatch on the client’s wireless settings
C. Confirm that a valid passphrase is being used during the web authentication
D. Investigate for a client’s disassociation caused by an evil twin AP
Answer: A
Explanation:
A captive portal is a web page that requires users to authenticate before they can access the internet. If the session time-out configuration is too short, users may
experience intermittent internet connectivity and have to reconnect using the web authentication process each time. The network administrator can verify the
session time-out configuration on the captive portal settings and adjust it if needed. References: CompTIA Network+ Certification Exam Objectives Version 2.0
(Exam Number: N10-006), Domain 1.0 Network Architecture, Objective 1.8 Explain the purposes and use cases for advanced networking devices.
NEW QUESTION 5
- (Exam Topic 1)
At which of the following OSI model layers would a technician find an IP header?
A. Layer 1
B. Layer 2
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
C. Layer 3
D. Layer 4
Answer: C
Explanation:
An IP header can be found at the third layer of the OSI model, also known as the network layer. This layer is responsible for logical addressing, routing, and
forwarding of data packets.
References:
CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 2: Network Models, p. 82
NEW QUESTION 6
- (Exam Topic 1)
An attacker is attempting to find the password to a network by inputting common words and phrases in plaintext to the password prompt. Which of the following
attack types BEST describes this action?
A. Pass-the-hash attack
B. Rainbow table attack
C. Brute-force attack
D. Dictionary attack
Answer: D
Explanation:
The attacker attempting to find the password to a network by inputting common words and phrases in plaintext to the password prompt is using a dictionary attack.
References: CompTIA Network+ Certification Study Guide, Chapter 6: Network Attacks and Mitigation.
NEW QUESTION 7
- (Exam Topic 1)
Access to a datacenter should be individually recorded by a card reader even when multiple employees enter the facility at the same time. Which of the following
allows the enforcement of this policy?
A. Motion detection
B. Access control vestibules
C. Smart lockers
D. Cameras
Answer: B
Explanation:
The most effective security mechanism against physical intrusions due to stolen credentials would likely be a combination of several of these options. However, of
the options provided, the most effective security mechanism would probably be an access control vestibule. An access control vestibule is a secure area that is
located between the outer perimeter of a facility and the inner secure area. It is designed to provide an additional layer of security by requiring that individuals pass
through a series of security checks before being allowed access to the secure area. This could include biometric authentication, access card readers, and motion
detection cameras.
Access control vestibules allow the enforcement of the policy that access to a datacenter should be individually recorded by a card reader even when multiple
employees enter the facility at the same time. An access control vestibule is a physical security device that consists of two doors with an interlocking mechanism.
Only one door can be opened at a time, and only one person can pass through each door. This prevents tailgating or piggybacking, where unauthorized persons
follow authorized persons into a secure area. An access control vestibule can also be integrated with a card reader or other authentication system to record each
individual’s access. References: https://www.boonedam.us/blog/what-are-access-control-vestibules
NEW QUESTION 8
- (Exam Topic 1)
A technician is installing a new fiber connection to a network device in a datacenter. The connection from the device to the switch also traverses a patch panel
connection. The chain of connections is in the following order:
Device
LC/LC patch cable Patch panel
Cross-connect fiber cable Patch panel
LC/LC patch cable Switch
The connection is not working. The technician has changed both patch cables with known working patch cables. The device had been tested and was working
properly before being installed. Which of the following is the MOST likely cause of the issue?
A. TX/RX is reversed
B. An incorrect cable was used
C. The device failed during installation
D. Attenuation is occurring
Answer: A
Explanation:
The most likely cause of the issue where the fiber connection from a device to a switch is not working is that the TX/RX (transmit/receive) is reversed. When
connecting fiber optic cables, it is important to ensure that the TX of one device is connected to the RX of the other device and vice versa. If the TX/RX is reversed,
data cannot be transmitted successfully.
References:
CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 5: Network Operations, Objective 5.1: Given a scenario, use appropriate
documentation and diagrams to manage the network.
NEW QUESTION 9
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
- (Exam Topic 1)
A technician is troubleshooting a wireless connectivity issue in a small office located in a high-rise building. Several APs are mounted in this office. The users
report that the network connections frequently disconnect and reconnect throughout the day. Which of the following is the MOST likely cause of this issue?
A. The AP association time is set too low
B. EIRP needs to be boosted
C. Channel overlap is occurring
D. The RSSI is misreported
Answer: C
Explanation:
Channel overlap is a common cause of wireless connectivity issues, especially in high-density environments where multiple APs are operating on the same or
adjacent frequencies. Channel overlap can cause interference, signal degradation, and performance loss for wireless devices. The AP association time, EIRP, and
RSSI are not likely to cause frequent disconnects and reconnects for wireless users.
NEW QUESTION 10
- (Exam Topic 1)
Several WIFI users are reporting the inability to connect to the network. WLAN users on the guest network are able to access all network resources without any
performance issues. The following table summarizes the findings after a site survey of the area in question:
Which of the following should a wireless technician do NEXT to troubleshoot this issue?
A. Reconfigure the channels to reduce overlap
B. Replace the omni antennas with directional antennas
C. Update the SSIDs on all the APs
D. Decrease power in AP 3 and AP 4
Answer: A
Explanation:
Based on the site survey table, we can see that AP 2, AP 3, and AP 4 are all broadcasting on the same channel, which can cause interference and affect
performance. Therefore, the next step a wireless technician should take to troubleshoot this issue is to reconfigure the channels to reduce overlap. This will help to
improve network performance and eliminate any interference.
References:
Network+ N10-007 Certification Exam Objectives, Objective 2.8: Given a scenario, troubleshoot common wireless problems and perform site surveys.
NEW QUESTION 10
- (Exam Topic 1)
A user tries to ping 192.168.1.100 from the command prompt on the 192.168.2.101 network but gets the following response: U.U.U.U. Which of the following
needs to be configured for these networks to reach each other?
A. Network address translation
B. Default gateway
C. Loopback
D. Routing protocol
Answer: B
Explanation:
A default gateway is a device that routes traffic from one network to another network, such as the Internet. A default gateway is usually configured on each host
device to specify the IP address of the router that connects the host’s network to other networks. In this case, the user’s device and the destination device are on
different networks (192.168.1.0/24 and 192.168.2.0/24), so the user needs to configure a default gateway on their device to reach the destination device.
References:
https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam-objectives-(2-0), https://www.techopedia.com/definition/25761/default-
gateway
NEW QUESTION 15
- (Exam Topic 1)
Which of the following can be used to centrally manage credentials for various types of administrative privileges on configured network devices?
A. SSO
B. TACACS+
C. Zero Trust
D. Separation of duties
E. Multifactor authentication
Answer: B
Explanation:
TACACS+ (Terminal Access Controller Access Control System Plus) can be used to centrally manage credentials for various types of administrative privileges on
configured network devices. This protocol separates authentication, authorization, and accounting (AAA) functions, providing more granular control over access to
network resources.
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
References:
Network+ N10-007 Certification Exam Objectives, Objective 4.2: Given a scenario, implement secure network administration principles.
NEW QUESTION 20
- (Exam Topic 1)
A technician is searching for a device that is connected to the network and has the device’s physical network address. Which of the following should the technician
review on the switch to locate the device’s network port?
A. IP route table
B. VLAN tag
C. MAC table
D. QoS tag
Answer: C
Explanation:
To locate a device's network port on a switch, a technician should review the switch's MAC address table. The MAC address table maintains a list of MAC
addresses of devices connected to each port on the switch. By checking the MAC address of the device in question, the technician can identify the port to which
the device is connected.
References: CompTIA Network+ Certification Study Guide, Sixth Edition by Glen E. Clarke
NEW QUESTION 25
- (Exam Topic 1)
Which of the following ports is commonly used by VoIP phones?
A. 20
B. 143
C. 445
D. 5060
Answer: D
Explanation:
TCP/UDP port 5060 is commonly used by VoIP phones. It is the default port for SIP (Session Initiation Protocol), which is a signaling protocol that establishes,
modifies, and terminates multimedia sessions over IP networks. SIP is widely used for VoIP applications such as voice and video calls. References:
https://www.voip-info.org/session-initiation-protocol/
NEW QUESTION 26
- (Exam Topic 1)
A technician needs to configure a Linux computer for network monitoring. The technician has the following information:
Linux computer details:
Switch mirror port details:
After connecting the Linux computer to the mirror port on the switch, which of the following commands should the technician run on the Linux computer?
A. ifconfig ecth0 promisc
B. ifconfig eth1 up
C. ifconfig eth0 10.1.2.3
D. ifconfig eth1 hw ether A1:B2:C3:D4:E5:F6
Answer: A
Explanation:
The ifconfig eth0 promisc command should be run on the Linux computer to enable promiscuous mode, which allows the computer to capture all network traffic
passing through the switch mirror port. References: CompTIA Network+ Certification Study Guide, Chapter 7: Network Devices.
NEW QUESTION 31
- (Exam Topic 1)
A company hired a technician to find all the devices connected within a network. Which of the following software tools would BEST assist the technician in
completing this task?
A. IP scanner
B. Terminal emulator
C. NetFlow analyzer
D. Port scanner
Answer: A
Explanation:
To find all devices connected within a network, a technician can use an IP scanner. An IP scanner sends a ping request to all IP addresses within a specified
range and then identifies the active devices that respond to the request.
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
NEW QUESTION 36
- (Exam Topic 1)
An engineer is configuring redundant network links between switches. Which of the following should the engineer enable to prevent network stability issues?
A. 802.1Q
B. STP
C. Flow control
D. CSMA/CD
Answer: B
Explanation:
Spanning Tree Protocol (STP) should be enabled when configuring redundant network links between switches. STP ensures that only one active path is used at a
time, preventing network loops and stability issues.
References:
CompTIA Network+ Certification Study Guide
NEW QUESTION 37
- (Exam Topic 1)
Which of the following routing protocols is used to exchange route information between public autonomous systems?
A. OSPF
B. BGP
C. EGRIP
D. RIP
Answer: B
Explanation:
BGP (Border Gateway Protocol) is a routing protocol used to exchange route information between public autonomous systems (AS). OSPF (Open Shortest Path
First), EGRIP (Enhanced Interior Gateway Routing Protocol), and RIP (Routing Information Protocol) are all used for internal routing within a single AS. Therefore,
BGP is the correct option to choose for this question.
References:
Network+ N10-007 Certification Exam Objectives, Objective 3.3: Given a scenario, configure and apply the appropriate routing protocol.
Cisco: Border Gateway Protocol (BGP) Overview
NEW QUESTION 39
- (Exam Topic 1)
A fiber link connecting two campus networks is broken. Which of the following tools should an engineer use to detect the exact break point of the fiber link?
A. OTDR
B. Tone generator
C. Fusion splicer
D. Cable tester
E. PoE injector
Answer: A
Explanation:
To detect the exact break point of a fiber link, an engineer should use an OTDR (Optical Time Domain Reflectometer). This device sends a series of pulses into
the fiber, measuring the time it takes for the pulses to reflect back, and can pinpoint the exact location of the break.
References:
Network+ N10-007 Certification Exam Objectives, Objective 2.5: Given a scenario, troubleshoot copper cable issues.
FS: OTDR (Optical Time Domain Reflectometer) Testing Principle and Applications
NEW QUESTION 43
- (Exam Topic 1)
An IT organization needs to optimize speeds for global content distribution and wants to reduce latency in high-density user locations. Which of the following
technologies BEST meets the organization’s requirements?
A. Load balancing
B. Geofencing
C. Public cloud
D. Content delivery network
E. Infrastructure as a service
Answer: D
Explanation:
A content delivery network (CDN) is a distributed network of servers that delivers web content to users based on their geographic location. By replicating content
across multiple servers in various locations, a CDN can optimize speed and reduce latency in high-density user locations.
NEW QUESTION 47
- (Exam Topic 1)
A technician is assisting a user who cannot connect to a network resource. The technician first checks for a link light. According to troubleshooting methodology,
this is an example of:
A. using a bottom-to-top approach.
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
B. establishing a plan of action.
C. documenting a finding.
D. questioning the obvious.
Answer: A
Explanation:
Using a bottom-to-top approach means starting from the physical layer and moving up the OSI model to troubleshoot a network problem. Checking for a link light is
a physical layer check that verifies the connectivity of the network cable and device. References:
https://www.professormesser.com/network-plus/n10-007/troubleshooting-methodologies-2/
NEW QUESTION 49
- (Exam Topic 1)
A systems administrator needs to improve WiFi performance in a densely populated office tower and use the latest standard. There is a mix of devices that use 2.4
GHz and 5 GHz. Which of the following should the
systems administrator select to meet this requirement?
A. 802.11ac
B. 802.11ax
C. 802.11g
D. 802.11n
Answer: B
Explanation:
* 802.11 ax is the latest WiFi standard that improves WiFi performance in densely populated environments and supports both 2.4 GHz and 5 GHz bands. 802.11ac
is the previous standard that only supports 5 GHz band. 802.11g and 802.11n are older standards that support 2.4 GHz band only or both bands respectively.
References:
https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam-objectives-(2-0),
https://www.techtarget.com/searchnetworking/tip/Whats-the-difference-between-80211ax-vs-80211ac
NEW QUESTION 51
- (Exam Topic 1)
Which of the following is MOST likely to generate significant East-West traffic in a datacenter?
A. A backup of a large video presentation to cloud storage for archival purposes
B. A duplication of a hosted virtual server to another physical server for redundancy
C. A download of navigation data to a portable device for offline access
D. A query from an IoT device to a cloud-hosted server for a firmware update
Answer: B
Explanation:
East-West traffic refers to data flows between servers or devices within the same datacenter. When a hosted virtual server is duplicated to another physical server
for redundancy, it generates significant East-West traffic as the data is replicated between the two servers. References:
Network+ N10-008 Objectives: 3.3 Given a scenario, implement secure network architecture concepts.
NEW QUESTION 52
- (Exam Topic 1)
Which of the following service models would MOST likely be used to replace on-premises servers with a cloud solution?
A. PaaS
B. IaaS
C. SaaS
D. Disaster recovery as a Service (DRaaS)
Answer: B
Explanation:
IaaS stands for Infrastructure as a Service, which is a cloud service model that provides virtualized computing resources over the Internet, such as servers,
storage, networking, and operating systems. IaaS allows customers to replace their on-premises servers with cloud servers that can be scaled up or down on
demand and pay only for what they use. PaaS stands for Platform as a Service, which provides customers with a cloud-based platform for developing, testing, and
deploying applications without managing the underlying infrastructure. SaaS stands for Software as a Service, which provides customers with access to cloud-
based software applications over the Internet without installing or maintaining them on their devices. Disaster recovery as a Service (DRaaS) is a type of cloud
service that provides customers with backup and recovery solutions for their data and applications in case of a disaster.
NEW QUESTION 54
- (Exam Topic 1)
Which of the following systems would MOST likely be found in a screened subnet?
A. RADIUS
B. FTP
C. SQL
D. LDAP
Answer: B
Explanation:
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
FTP (File Transfer Protocol) is a system that would most likely be found in a screened subnet. A screened subnet, or triple-homed firewall, is a network
architecture where a single firewall is used with three network interfaces. It provides additional protection from outside cyber attacks by adding a perimeter network
to
isolate or separate the internal network from the public-facing internet1. A screened subnet typically hosts systems that need to be accessed by both internal and
external users, such as web servers, email servers, or FTP servers. References:
https://www.techtarget.com/searchsecurity/definition/screened-subnet#:~:text=A%20screened%20subnet%2C%
1
NEW QUESTION 56
- (Exam Topic 1)
Which of the following connector types would have the MOST flexibility?
A. SFP
B. BNC
C. LC
D. RJ45
Answer: A
Explanation:
SFP (Small Form-factor Pluggable) is a connector type that has the most flexibility. It is a hot-swappable transceiver that can support different speeds, distances,
and media types depending on the module inserted. It can be used for both copper and fiber connections and supports various protocols such as Ethernet, Fibre
Channel, and SONET. References: https://www.fs.com/what-is-sfp-transceiver-aid-11.html
NEW QUESTION 61
- (Exam Topic 1)
A network engineer configured new firewalls with the correct configuration to be deployed to each remote branch. Unneeded services were disabled, and all
firewall rules were applied successfully. Which of the following should the network engineer perform NEXT to ensure all the firewalls are hardened successfully?
A. Ensure an implicit permit rule is enabled
B. Configure the log settings on the firewalls to the central syslog server
C. Update the firewalls with current firmware and software
D. Use the same complex passwords on all firewalls
Answer: C
Explanation:
Updating the firewalls with current firmware and software is an important step to ensure all the firewalls are hardened successfully, as it can fix any known
vulnerabilities or bugs and provide new features or enhancements. Enabling an implicit permit rule is not a good practice for firewall hardening, as it can allow
unwanted traffic to pass through the firewall. Configuring the log settings on the firewalls to the central syslog server is a good practice for monitoring and auditing
purposes, but it does not harden the firewalls themselves. Using the same complex passwords on all firewalls is not a good practice for password security, as it
can increase the risk of compromise if one firewall is breached. References: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number:
N10-006), Domain 3.0 Network Security, Objective 3.3 Given a scenario, implement network hardening techniques.
NEW QUESTION 65
- (Exam Topic 1)
A network administrator needs to query the NSs for a remote application. Which of the following commands would BEST help the administrator accomplish this
task?
A. dig
B. arp
C. show interface
D. hostname
Answer: A
Explanation:
The dig command is used to query the NSs for a remote application. It is a command-line tool that is commonly used to troubleshoot DNS issues. When used with
specific options, dig can be used to obtain information about domain names, IP addresses, and DNS records. References: Network+ Certification Study Guide,
Chapter 3: Network Infrastructure
NEW QUESTION 70
- (Exam Topic 2)
Which of the following uses the destination IP address to forward packets?
A. A bridge
B. A Layer 2 switch
C. A router
D. A repeater
Answer: C
Explanation:
A router is a device that uses the destination IP address to forward packets between different networks. A bridge and a Layer 2 switch operate at the data link layer
and use MAC addresses to forward frames within the same network. A repeater is a device that amplifies or regenerates signals at the physical layer.
NEW QUESTION 71
- (Exam Topic 2)
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
A business is using the local cable company to provide Internet access. Which of the following types of cabling will the cable company MOST likely use from the
demarcation point back to the central office?
A. Multimode
B. Cat 5e
C. RG-6
D. Cat 6
E. 100BASE-T
Answer: C
Explanation:
RG-6 is a type of coaxial cable that is commonly used by cable companies to provide Internet access from the demarcation point back to the central office. It has a
thicker conductor and better shielding than RG-59, which is another type of coaxial cable. Multimode and Cat 5e are types of fiber optic and twisted pair cables
respectively, which are not typically used by cable companies. Cat 6 and 100BASE-T are standards for twisted pair cables, not types of cabling.
NEW QUESTION 72
- (Exam Topic 2)
A network technician was troubleshooting an issue for a user who was being directed to cloned websites that were stealing credentials. The URLs were correct for
the websites but an incorrect IP address was revealed when the technician used ping on the user's PC After checking the is setting, the technician found the DNS
server address was incorrect Which of the following describes the issue?
A. Rogue DHCP server
B. Misconfigured HSRP
C. DNS poisoning
D. Exhausted IP scope
Answer: C
Explanation:
DNS poisoning is a type of attack that modifies the DNS records of a domain name to point to a malicious IP address instead of the legitimate one. This can result
in users being directed to cloned websites that are stealing credentials, even if they enter the correct URL for the website. The incorrect DNS server address on
the user’s PC could be a sign of DNS poisoning, as the attacker could have compromised the DNS server or spoofed its response to redirect the user’s queries.
References: https://www.comptia.org/blog/what-is-dns-poisoning
NEW QUESTION 74
- (Exam Topic 2)
A technician is troubleshooting a previously encountered issue. Which of the following should the technician reference to find what solution was implemented to
resolve the issue?
A. Standard operating procedures
B. Configuration baseline documents
C. Work instructions
D. Change management documentation
Answer: D
Explanation:
Change management documentation is a record of the changes that have been made to a system or process, including the reason, date, time, and impact of each
change. A technician can reference this documentation to find what solution was implemented to resolve a previously encountered issue, as well as any potential
side effects or dependencies of the change. References: https://www.comptia.org/blog/what-is-change-management
NEW QUESTION 76
- (Exam Topic 2)
There are two managed legacy switches running that cannot be replaced or upgraded. These switches do not support cryptographic functions, but they are
password protected. Which of the following should a network administrator configure to BEST prevent unauthorized access?
A. Enable a management access list
B. Disable access to unnecessary services.
C. Configure a stronger password for access
D. Disable access to remote management
E. Use an out-of-band access method.
Answer: E
Explanation:
Using an out-of-band access method is the best way to prevent unauthorized access to the legacy switches that do not support cryptographic functions. Out-of-
band access is a method of accessing a network device through a dedicated channel that is separate from the main network traffic. Out-of-band access can use
physical connections such as serial console ports or dial-up modems, or logical connections such as VPNs or firewalls. Out-of-band access provides more security
and reliability than in-band access, which uses the same network as the data traffic and may be vulnerable to attacks or failures. References:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/fundamentals/configuration/15mt/fundamentals-15-mt-book/
NEW QUESTION 81
- (Exam Topic 2)
A network technician is investigating an IP phone that does not register in the VoIP system Although it received an IP address, it did not receive the necessary
DHCP options The information that is needed for the registration is distributes by the OHCP scope All other IP phones are working properly. Which of the following
does the technician need to verify?
A. VLAN mismatch
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
B. Transceiver mismatch
C. Latency
D. DHCP exhaustion
Answer: A
Explanation:
A VLAN mismatch is the most likely reason why an IP phone does not receive the necessary DHCP options for registration. A VLAN mismatch occurs when a
device is connected to a switch port that belongs to a different VLAN than the device’s intended VLAN. This can cause communication problems or prevent
access to network resources. For example, if an IP phone is connected to a switch port that belongs to the data VLAN instead of the voice VLAN, it may not
receive the DHCP options that contain information such as the TFTP server address, the NTP server address, or the default gateway address for the voice VLAN.
These DHCP options are essential for the IP phone to register with the VoIP system and function properly. References:
https://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-c
NEW QUESTION 83
- (Exam Topic 2)
A network technician has multimode fiber optic cable available in an existing IDF. Which of the following Ethernet standards should the technician use to connect
the network switch to the existing fiber?
A. 10GBaseT
B. 1000BaseT
C. 1000BaseSX
D. 1000BaseLX
Answer: C
Explanation:
1000BaseSX is an Ethernet standard that should be used to connect the network switch to the existing multimode fiber optic cable. 1000BaseSX is a Gigabit
Ethernet standard that uses short-wavelength laser (850 nm) over multimode fiber optic cable. It can support distances up to 550 meters depending on the cable
type and quality. It is suitable for short-range network segments such as campus or building backbone networks. References:
https://www.cisco.com/c/en/us/products/collateral/interfaces-modules/gigabit-ethernet-gbic-sfp-modules/produc
NEW QUESTION 84
- (Exam Topic 2)
A network administrator is talking to different vendors about acquiring technology to support a new project for a large company. Which of the following documents
will MOST likely need to be signed before information about the project is shared?
A. BYOD policy
B. NDA
C. SLA
D. MOU
Answer: B
Explanation:
NDA stands for Non-Disclosure Agreement, which is a legal contract between two or more parties that outlines confidential material, knowledge, or information that
the parties wish to share with one another for certain purposes, but wish to restrict access to by others. A network administrator may need to sign an NDA before
sharing information about a new project with different vendors, as the project may involve sensitive or proprietary data that the company wants to protect from
competitors or unauthorized use. References: https://www.adobe.com/sign/esignature-resources/sign-nda.html
NEW QUESTION 89
- (Exam Topic 2)
A user reports a weak signal when walking 20ft (61 m) away from the WAP in one direction, but a strong signal when walking 20ft in the opposite direction The
technician has reviewed the configuration and confirmed the channel type is correct There is no jitter or latency on the connection Which of the following would be
the MOST likely cause of the issue?
A. Antenna type
B. Power levels
C. Frequency
D. Encryption type
Answer: A
Explanation:
The antenna type affects the signal strength and coverage of a WAP. Different types of antennas have different radiation patterns and gain, which determine how
far and wide the signal can reach. If the user experiences a weak signal in one direction but a strong signal in the opposite direction, it could mean that the antenna
type is not suitable for the desired coverage area. The technician should consider changing the antenna type to one that has a more balanced or directional
radiation pattern. References:
https://community.cisco.com/t5/wireless-small-business/wap200-poor-signal-strength/td-p/1565796
NEW QUESTION 91
- (Exam Topic 2)
Which of the following security devices would be BEST to use to provide mechanical access control to the MDF/IDF?
A. A smart card
B. A key fob
C. An employee badge
D. A door lock
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
Answer: D
Explanation:
A door lock would be the best security device to use to provide mechanical access control to the MDF/IDF. A door lock is a device that prevents unauthorized
access to a physical area by requiring a key, a code, a card, a biometric scan, or a combination of these factors to open it. A door lock can provide mechanical
access control to the MDF/IDF, which are rooms that house network equipment such as switches, routers, servers, or patch panels. A door lock can prevent
unauthorized persons from tampering with or stealing the network equipment or data. References:
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/DC_Infra2_5/DCInfra_6.html
NEW QUESTION 94
- (Exam Topic 2)
A local firm has hired a consulting company to clean up its IT infrastructure. The consulting company notices remote printing is accomplished by port forwarding via
publicly accessible IPs through the firm's firewall Which of the following would be the MOST appropriate way to enable secure remote printing?
A. SSH
B. VPN
C. Telnet
D. SSL
Answer: B
Explanation:
VPN (Virtual Private Network) is the most appropriate way to enable secure remote printing. VPN is a technology that creates a secure and encrypted tunnel over
a public network such as the Internet. It allows remote users or sites to access a private network as if they were directly connected to it. VPN can be used for
various purposes such as accessing corporate resources, bypassing geo-restrictions, or enhancing privacy and security. VPN can also be used for remote printing
by allowing users to connect to a printer on the private network and send print jobs securely over the VPN tunnel. References:
https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/14106-how-vpn-work
NEW QUESTION 98
- (Exam Topic 2)
A network field technician is installing and configuring a secure wireless network. The technician performs a site survey. Which of the following documents would
MOST likely be created as a result of the site survey?
A. Physical diagram
B. Heat map
C. Asset list
D. Device map
Answer: B
Explanation:
A heat map would most likely be created as a result of the site survey. A heat map is a graphical representation of the wireless signal strength and coverage in a
given area. It can show the location of APs, antennas, walls, obstacles, interference sources, and dead zones. It can help with planning, optimizing, and
troubleshooting wireless networks. References: https://www.netspotapp.com/what-is-a-wifi-heatmap.html
NEW QUESTION 99
- (Exam Topic 2)
A technician is troubleshooting a workstation's network connectivity and wants to confirm which switchport corresponds to the wall jack the PC is using Which of
the following concepts would BEST help the technician?
A. Consistent labeling
B. Change management
C. Standard work instructions
D. Inventory management
E. Network baseline
Answer: A
Explanation:
Consistent labeling would be the concept that would best help the technician to confirm which switchport corresponds to the wall jack the PC is using. Consistent
labeling is a practice of using standardized and descriptive labels for network devices, ports, cables, jacks, and other components. It can help with identifying,
locating, and troubleshooting network issues. For example, a technician can use consistent labeling to trace a cable from a PC to a wall jack, and then from a
patch panel to a switchport. References: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/DC_Infra2_5/DCInfra_6.html
NEW QUESTION 101
- (Exam Topic 2)
Given the following output:
Which of the following attacks is this MOST likely an example of?
A. ARP poisoning
B. VLAN hopping
C. Rogue access point
D. Amplified DoS
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
Answer: A
Explanation:
The output is most likely an example of an ARP poisoning attack. ARP poisoning, also known as ARP spoofing, is a type of attack that exploits the ARP protocol to
associate a malicious device’s MAC address with a legitimate IP address on a local area network. This allows the attacker to intercept, modify, or redirect network
traffic between two devices without their knowledge. The output shows that there are multiple entries for the same IP address (192.168.1.1) with different MAC
addresses in the ARP cache of the device. This indicates that an attacker has sent fake ARP replies to trick the device into believing that its MAC address is
associated with the IP address of another device (such as the default gateway). References: https://www.cisco.com/c/en/us/about/security-center/arp-
spoofing.html
NEW QUESTION 104
- (Exam Topic 2)
A network administrator decided to use SLAAC in an extensive IPv6 deployment to alleviate IP address management. The devices were properly connected into
the LAN but autoconfiguration of the IP address did not occur as expected. Which of the following should the network administrator verify?
A. The network gateway is configured to send router advertisements.
B. A DHCP server is present on the same broadcast domain as the clients.
C. The devices support dual stack on the network layer.
D. The local gateway supports anycast routing.
Answer: A
Explanation:
SLAAC (Stateless Address Autoconfiguration) is a method for IPv6 devices to automatically configure their IP addresses based on the network prefix advertised by
a router. The router sends periodic router advertisements (RAs) that contain the network prefix and other parameters for the devices to use. If the network gateway
is not configured to send RAs, then SLAAC will not work. A DHCP server is not needed for SLAAC, as the devices generate their own addresses without relying on
a server. Dual stack and anycast routing are not related to SLAAC.
NEW QUESTION 105
- (Exam Topic 2)
An organization with one core and five distribution switches is transitioning from a star to a full-mesh topology Which of the following is the number of additional
network connections needed?
A. 5
B. 7
C. 10
D. 15
Answer: C
Explanation:
10 additional network connections are needed to transition from a star to a full-mesh topology. A star topology is a network topology where each device is
connected to a central device, such as a switch or a hub. A full-mesh topology is a network topology where each device is directly connected to every other device.
The number of connections needed for a full-mesh topology can be calculated by the formula n(n-1)/2, where n is the number of devices. In this case, there are six
devices (one core and five distribution switches), so the number of connections needed for a full-mesh topology is 6(6-1)/2 = 15. Since there are already five
connections in the star topology (one from each distribution switch to the core switch), the number of additional connections needed is 15 - 5 = 10. References:
https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788-3.html
NEW QUESTION 109
- (Exam Topic 2)
A network administrator wants to improve the security of the management console on the company's switches and ensure configuration changes made can be
correlated to the administrator who conformed them Which of the following should the network administrator implement?
A. Port security
B. Local authentication
C. TACACS+
D. Access control list
Answer: C
Explanation:
TACACS+ is a protocol that provides centralized authentication, authorization, and accounting (AAA) for network devices and users. TACACS+ can help improve
the security of the management console on the company’s switches by verifying the identity and credentials of the administrators, enforcing granular access
policies and permissions, and logging the configuration changes made by each administrator. This way, the network administrator can ensure only authorized and
authenticated users can access and modify the switch settings, and also track and correlate the changes made by each user. References:
https://www.comptia.org/blog/what-is-tacacs
NEW QUESTION 111
- (Exam Topic 2)
A firewall administrator is implementing a rule that directs HTTP traffic to an internal server listening on a non-standard socket Which of the following types of rules
is the administrator implementing?
A. NAT
B. PAT
C. STP
D. SNAT
E. ARP
Answer: B
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
Explanation:
The firewall administrator is implementing a PAT (Port Address Translation) rule that directs HTTP traffic to an internal server listening on a non-standard socket.
PAT is a type of NAT (Network Address Translation) that allows multiple devices to share a single public IP address by using different port numbers. PAT can also
be used to redirect traffic from one port to another port on the same or different IP address. This can be useful for security or load balancing purposes. For
example, a firewall administrator can configure a PAT rule that redirects HTTP traffic (port 80) from the public IP address of the firewall to an internal server that
listens on a non-standard port (such as 8080) on its private IP address. References: https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-
nat/13772-12.html
NEW QUESTION 115
- (Exam Topic 2)
A network technician is configuring a new firewall for a company with the necessary access requirements to be allowed through the firewall. Which of the following
would normally be applied as the LAST rule in the firewall?
A. Secure SNMP
B. Port security
C. Implicit deny
D. DHCP snooping
Answer: C
Explanation:
Implicit deny is a firewall rule that blocks all traffic that is not explicitly allowed by other rules. Implicit deny is usually applied as the last rule in the firewall to ensure
that only the necessary access requirements are allowed through the firewall and that any unwanted or malicious traffic is rejected. Implicit deny can also provide a
default security policy and a baseline for auditing and logging purposes.
Secure SNMP is a protocol that allows network devices to send event messages to a centralized server or console for logging and analysis. Secure SNMP can be
used to monitor and manage the status, performance, and configuration of network devices. Secure SNMP can also help to detect and respond to potential
problems or faults on the network. However, secure SNMP is not a firewall rule; it is a network management protocol.
Port security is a feature that allows a switch to restrict the devices that can connect to a specific port based on their MAC addresses. Port security can help to
prevent unauthorized access, spoofing, or MAC flooding attacks on the switch. However, port security is not a firewall rule; it is a switch feature.
DHCP snooping is a feature that allows a switch to filter DHCP messages and prevent rogue DHCP servers from assigning IP addresses to devices on the
network. DHCP snooping can help to prevent IP address conflicts, spoofing, or denial-of-service attacks on the network. However, DHCP snooping is not a firewall
rule; it is a switch feature.
NEW QUESTION 116
- (Exam Topic 2)
Which of the following technologies allows traffic to be sent through two different ISPs to increase performance?
A. Fault tolerance
B. Quality of service
C. Load balancing
D. Port aggregation
Answer: C
Explanation:
Load balancing is a technology that allows traffic to be sent through two different ISPs to increase performance. Load balancing is a process of distributing network
traffic across multiple servers or links to optimize resource utilization, throughput, latency, and reliability. Load balancing can be implemented at different layers of
the OSI model, such as layer 4 (transport) or layer 7 (application). Load balancing can also be used for outbound traffic by using multiple ISPs and routing
protocols such as BGP (Border Gateway Protocol) to select the best path for each packet. References:
https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/border-gateway-protocol-bgp/prod_white_
NEW QUESTION 121
- (Exam Topic 2)
During the security audit of a financial firm the Chief Executive Officer (CEO) questions why there are three employees who perform very distinct functions on the
server. There is an administrator for creating users another for assigning the users lo groups and a third who is the only administrator to perform file rights
assignment Which of the following mitigation techniques is being applied'
A. Privileged user accounts
B. Role separation
C. Container administration
D. Job rotation
Answer: B
Explanation:
Role separation is a security principle that involves dividing the tasks and privileges for a specific business process among multiple users. This reduces the risk of
fraud and errors, as no one user has complete control over the process. In the scenario, there are three employees who perform very distinct functions on the
server, which is an example of role separation. References: https://hyperproof.io/resource/segregation-of-duties/
NEW QUESTION 122
- (Exam Topic 2)
A company that uses VoIP telephones is experiencing intermittent issues with one-way audio and dropped conversations The manufacturer says the system will
work if ping times are less than 50ms. The company has recorded the following ping times:
Which of the following is MOST likely causing the issue?
A. Attenuation
B. Latency
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
C. VLAN mismatch
D. Jitter
Answer: D
Explanation:
Jitter is most likely causing the issue of intermittent one-way audio and dropped conversations for the company that uses VoIP telephones. Jitter is a variation in
delay of packets arriving at the destination. It can
cause choppy or distorted audio quality for VoIP applications, especially over WAN links that have limited bandwidth and high latency. The recommended jitter for
VoIP is less than 10m1s. The company has recorded ping times that exceed 50ms, which indicates high jitter and latency on their network. References:
https://www.voip-info.org/voip-jitter/ 1
NEW QUESTION 123
- (Exam Topic 2)
A technician is connecting DSL for a new customer. After installing and connecting the on-premises equipment, the technician verifies DSL synchronization. When
connecting to a workstation, however, the link LEDs on the workstation and modem do not light up. Which of the following should the technician perform during
troubleshooting?
A. Identify the switching loops between the modem and the workstation.
B. Check for asymmetrical routing on the modem.
C. Look for a rogue DHCP server on the network.
D. Replace the cable connecting the modem and the workstation.
Answer: D
Explanation:
If the link LEDs on the workstation and modem do not light up when connecting to a workstation, it could indicate a problem with the cable connecting them. The
cable could be damaged, defective, or incompatible with the devices. A technician should replace the cable with a known good one and check if the link LEDs light
up. If not, the problem could be with the network interface cards (NICs) on the workstation or modem. References: https://www.comptia.org/blog/what-is-link-light
NEW QUESTION 128
- (Exam Topic 2)
Which of the following is MOST commonly used to address CVEs on network equipment and/or operating systems?
A. Vulnerability assessment
B. Factory reset
C. Firmware update
D. Screened subnet
Answer: C
Explanation:
Firmware is a type of software that controls the low-level functions of a hardware device, such as a router, switch, printer, or camera. Firmware updates are
patches or upgrades that fix bugs, improve performance, add features, or address security vulnerabilities in firmware. Firmware updates are commonly used to
address CVEs (Common Vulnerabilities and Exposures) on network equipment and operating systems, as CVEs are publicly known flaws that can be exploited by
attackers. References:
https://www.comptia.org/blog/what-is-firmware
NEW QUESTION 130
- (Exam Topic 3)
A technician is consolidating a topology with multiple SSlDs into one unique SSID deployment. Which of the following features will be possible after this new
configuration?
A. Seamless roaming
B. Basic service set
C. WPA
D. MU-MIMO
Answer: A
NEW QUESTION 135
- (Exam Topic 3)
Which of the following is used to elect an STP root?
A. A bridge ID
B. A bridge protocol data unit
C. Interface port priority
D. A switch's root port
Answer: B
Explanation:
"Using special STP frames known as bridge protocol data units (BPDUs), switches communicate with other switches to prevent loops from happening in the first
place. Configuration BPDUs establish the topology,
where one switch is elected root bridge and acts as the center of the STP universe. Each switch then uses the root bridge as a reference point to maintain a loop-
free topology."
NEW QUESTION 139
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
- (Exam Topic 3)
A company is reviewing ways to cut the overall cost of Its IT budget. A network technician suggests removing various computer programs from the IT budget and
only providing these programs on an as-needed basis. Which of the following models would meet this requirement?
A. Multitinency
B. laaS
C. SaaS
D. VPN
Answer: C
Explanation:
SaaS stands for Software as a Service and is a cloud computing model where software applications are hosted and delivered over the internet by a service
provider. SaaS can help the company cut the overall cost of its IT budget by eliminating the need to purchase, install, update, and maintain various computer
programs on its own devices. The company can access the programs on an as-needed basis and pay only for what it uses. Multitenancy is a feature of cloud
computing where multiple customers share the same physical or virtual resources. IaaS stands for Infrastructure as a Service and is a cloud computing model
where computing resources such as servers, storage, and networking are provided over the internet by a service provider. VPN stands for Virtual Private Network
and is a technology that creates a secure and encrypted connection over a public network.
References: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 1.9: Compare and contrast common network service types.
NEW QUESTION 140
- (Exam Topic 3)
An administrator is investigating reports of network slowness in a building. While looking at the uplink interface statistics In the switch's CLI, the administrator
discovers the uplink Is at 100% utilization However, the administrator is unsure how to Identify what traffic is causing the saturation. Which of the following tools
should the administrator utilize to identify the source and destination addresses of the traffic?
A. SNMP
B. Traps
C. Syslog
D. NetFlow
Answer: D
Explanation:
To identify the source and destination addresses of the traffic causing network saturation, the network administrator should use a network protocol analyzer that
supports the NetFlow protocol. NetFlow is a network protocol that collects IP traffic information as it enters or exits an interface and sends it to a NetFlow collector
for analysis. This data includes the source and destination addresses of the traffic, the ports used, and the number of bytes and packets transferred.
Therefore, the correct answer is option D, NetFlow.
Reference: CompTIA Network+ Study Guide, Exam N10-007, Fourth Edition, by Todd Lammle (Chapter 6: Network Devices)
NEW QUESTION 143
- (Exam Topic 3)
A network device needs to discover a server that can provide it with an IPv4 address. Which of the following does the device need to send the request to?
A. Default gateway
B. Broadcast address
C. Unicast address
D. Link local address
Answer: B
Explanation:
The DHCP client sends broadcast request packets to the network; the DHCP servers respond with broadcast packets that offer IP parameters, such as an IP
address for the client. After the client chooses the IP parameters, communication between the client and server is by unicast packets.
"When a DHCP client boots up, it automatically sends out a DHCP Discover UDP datagram to the broadcast address, 255.255.255.255. This DHCP Discover
message asks “Are there any DHCP servers out there?” The client can’t send unicast traffic yet, as it doesn’t have a valid IP address that can be used."
NEW QUESTION 147
- (Exam Topic 3)
A technician is checking network devices to look for opportunities to improve security Which of the following toots would BEST accomplish this task?
A. Wi-Fi analyzer
B. Protocol analyzer
C. Nmap
D. IP scanner
Answer: B
Explanation:
A protocol analyzer is a tool that can capture and analyze network traffic and identify security issues such as unauthorized devices, malicious packets, or
misconfigured settings.
A Wi-Fi analyzer is a tool that can measure the signal strength, interference, and channel usage of wireless networks, but it cannot provide detailed information
about network security.
Nmap and IP scanner are tools that can scan network hosts and ports for open services, vulnerabilities, or operating systems, but they cannot monitor network
traffic in real time.
NEW QUESTION 151
- (Exam Topic 3)
A technician manages a DHCP scope but needs to allocate a portion of the scope’s subnet for statically assigned devices. Which of the following DHCP concepts
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
would be BEST to use to prevent IP address conflicts?
A. Dynamic assignment
B. Exclusion range
C. Address reservation
D. IP helper
Answer: B
Explanation:
To prevent IP address conflicts when allocating a portion of a DHCP scope's subnet for statically assigned devices, it is recommended to use the concept of DHCP
exclusion ranges. DHCP exclusion ranges allow a DHCP administrator to specify a range of IP addresses within the scope that should not be assigned to DHCP
clients. This can be useful in situations where some devices on the network need to be assigned static IP addresses, as it ensures that the statically assigned
addresses do not overlap with addresses assigned by the DHCP server. To set up a DHCP exclusion range, the administrator needs to specify the start and end
IP addresses of the range, as well as the subnet mask. The DHCP server will then exclude the specified range of addresses from its pool of available addresses,
and will not assign them to DHCP clients. By using DHCP exclusion ranges, the technician can ensure that the statically assigned addresses do not conflict with
addresses assigned by the DHCP server, and can prevent IP address conflicts on the network.
Anthony Sequeira
"Another frequent configuration you might make in a DHCP implementation is to configure an exclusion range. This is a portion of the address pool that you never
want leased out to clients in the network. Perhaps you have numbered your servers 192.168.1.1–192.168.1.10. Because the servers are statically configured with
these addresses, you exclude these addresses from the 192.168.1.0/24 pool of addresses."
Mike Meyers
"Exclusion ranges represent an IP address or range of IP addresses from the pool of addresses that are not to be given out by the DHCP server. Exclusions
should be made for the static addresses manually configured on servers and router interfaces, so these IP addresses won’t be offered to DHCP clients."
NEW QUESTION 154
- (Exam Topic 3)
Several employees have expressed concerns about the company monitoring their internet activity when they are working from home. The company wants to
mitigate this issue and reassure employees that their private internet activity is not being monitored. Which of the following would satisfy company and employee
needs?
A. Split tunnel
B. Full tunnel
C. Site-to-site tunnel
D. Virtual desktop
Answer: A
Explanation:
Split tunnel is a configuration that allows a remote user to access both the local network and the Internet at the same time. In a split tunnel configuration, only
traffic destined for the corporate network is sent through the VPN tunnel, while all other traffic is sent directly to the Internet. This allows the remote user to access
the Internet without the company's VPN server being able to monitor or intercept their traffic. Using a split tunnel configuration can help the company to mitigate
employee concerns about internet activity being monitored and reassure employees that their private internet activity is not being monitored.
NEW QUESTION 158
- (Exam Topic 3)
A technician is investigating an issue with connectivity at customer's location. The technician confirms that users can access resources locally but not over the
internet The technician theorizes that the local router has failed and investigates further. The technician's testing results show that the route is functional: however,
users still are unable to reach resources on the internal. Which of the following describes what the technician should do NEXT?
A. Document the lessons learned
B. Escalate the issue
C. identify the symptoms.
D. Question users for additional information
Answer: C
Explanation:
According to the CompTIA Network+ troubleshooting model123, this is the first step in troubleshooting a
network problem. The technician should gather information about the current state of the network, such as error messages, device status, network topology, and
user feedback. This can help narrow down the scope of the problem and eliminate possible causes.
NEW QUESTION 161
- (Exam Topic 3)
A company has wireless APS that were deployed with 802.11g. A network engineer has noticed more frequent reports of wireless performance issues during the
lunch hour in comparison to the rest of the day. The engineer thinks bandwidth consumption will increase while users are on their breaks, but network utilization
logs do not show increased bandwidth numbers. Which Of the following would MOST likely resolve this issue?
A. Adding more wireless APS
B. Increasing power settings to expand coverage
C. Configuring the APS to be compatible with 802.1la
D. Changing the wireless channel used
Answer: C
Explanation:
* 802.11 g is an older wireless standard that operates in the 2.4 GHz frequency band and has a maximum data rate of 54 Mbps. 802.11a is a newer wireless
standard that operates in the 5 GHz frequency band and has a maximum data rate of 54 Mbps. By configuring the APS to be compatible with 802.11a, the network
engineer can reduce interference and congestion in the 2.4 GHz band and improve wireless performance.
References: Network+ Study Guide Objective 2.5: Implement network troubleshooting methodologies
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
NEW QUESTION 165
- (Exam Topic 3)
A network administrator notices excessive wireless traffic occurring on an access point after normal business hours. The access point is located on an exterior
wall. Which of the following should the administrator do to limit wireless access outside the building?
A. Set up a private VLAN.
B. Disable roaming on the WAP.
C. Change to a directional antenna.
D. Stop broadcasting of the SSID.
Answer: C
Explanation:
A directional antenna is a type of antenna that radiates or receives radio waves in a specific direction. This can help limit wireless access outside the building by
focusing the signal towards the intended area and reducing the signal strength in other directions. A private VLAN is a feature that isolates network devices within
a VLAN. Disabling roaming on the WAP prevents wireless clients from switching to another WAP when the signal is weak. Stopping broadcasting of the SSID
hides the network name from wireless clients, but does not prevent them from connecting if they know the SSID.
References: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 3.1: Given a scenario, install and configure wireless LAN
infrastructure and implement the appropriate technologies in support of wireless capable devices.
NEW QUESTION 169
- (Exam Topic 3)
A non-employee was able to enter a server room. Which of the following could have prevented this from happening?
A. A security camera
B. A biometric reader
C. OTP key fob
D. Employee training
Answer: B
Explanation:
A biometric reader is a device that scans a person’s physical characteristics, such as fingerprints, iris, or face, and compares them to a database of authorized
users. A biometric reader can be used to restrict access to a server room and prevent unauthorized entry. A biometric reader provides a high level of security and
cannot be easily bypassed or duplicated.
References: Network+ Study Guide Objective 5.1: Summarize the importance of physical security controls.
NEW QUESTION 173
- (Exam Topic 3)
Which of the following devices would be used to extend the range of a wireless network?
A. A repeater
B. A media converter
C. A router
D. A switch
Answer: A
Explanation:
A repeater is a device used to extend the range of a wireless network by receiving, amplifying, and retransmitting wireless signals. It is typically used to extend the
range of a wireless network in a large area, such as an office building or a campus. Repeaters can also be used to connect multiple wireless networks together,
allowing users to move seamlessly between networks. As stated in the CompTIA Network+ Study Manual, "a wireless repeater is used to extend the range of a
wireless network by repeating the signal from one access point to another."
NEW QUESTION 178
- (Exam Topic 3)
Which of the following would MOST likely utilize PoE?
A. A camera
B. A printer
C. A hub
D. A modem
Answer: A
Explanation:
A camera is most likely to utilize PoE (Power over Ethernet). PoE is a technology that allows electrical power to be delivered over Ethernet cables. It is used to
power a variety of devices, such as cameras, phones, access points, and other networking equipment.Cameras are particularly well-suited for PoE because they
are often installed in locations where it is difficult or impossible to run electrical power. By using PoE, cameras can be powered directly over the Ethernet cable,
eliminating the need for separate power cables and outlets.Other devices, such as printers, hubs, and modems, are less likely to utilize PoE because they typically
do not need to be powered over Ethernet. These devices are usually powered by AC (alternating current) power and are typically connected to a power outlet
rather than an Ethernet cable.
NEW QUESTION 182
- (Exam Topic 3)
A security vendor needs to add a note to the DNS to validate the ownership of a company domain before services begin. Which of the following records did the
security company MOST likely ask the company to configure?
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
A. TXT
B. AAAA
C. CNAME
D. SRV
Answer: A
Explanation:
TXT stands for Text and is a type of DNS record that can store arbitrary text data associated with a domain name. TXT records can be used for various purposes,
such as verifying the ownership of a domain, providing information about a domain, or implementing security mechanisms such as SPF (Sender Policy Framework)
or DKIM (DomainKeys Identified Mail). In this scenario, the security company most likely asked the company to configure a TXT record with a specific value that
can prove the ownership of the domain. AAAA stands for IPv6 Address and is a type of DNS record that maps a domain name to an IPv6 address. CNAME stands
for Canonical Name and is a type of DNS record that maps an alias name to another name. SRV stands for Service and is a type of DNS record that specifies the
location of a service on a network.
References: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 1.8: Explain the purposes and use cases for advanced networking
devices.
NEW QUESTION 186
- (Exam Topic 3)
Which of the following is an example of on-demand scalable hardware that is typically housed in the vendor's data center?
A. DaaS
B. IaaS
C. PaaS
D. SaaS
Answer: B
NEW QUESTION 188
- (Exam Topic 3)
A network is experiencing extreme latency when accessing a particular website. Which of the following commands will BEST help identify the issue?
A. ipconfig
B. netstat
C. tracert
D. ping
Answer: C
NEW QUESTION 190
- (Exam Topic 3)
A user from a remote office is reporting slow file transfers. Which of the following tools will an engineer MOST likely use to get detailed measurement data?
A. Packet capture
B. IPerf
C. SIEM log review
D. Internet speed test
Answer: B
Explanation:
An engineer will most likely use IPerf to get detailed measurement data about the user's slow file transfers. IPerf is a tool used for measuring network performance
and bandwidth, and it can be used to measure the speed and throughput of file transfers from the remote office. It can also provide detailed information about the
latency and jitter of the connection, which can be used to troubleshoot the slow file transfers. Reference: CompTIA Network+ Study Manual (Chapter 10, Page
214).
NEW QUESTION 192
- (Exam Topic 3)
An administrator needs to connect two laptops directly to each other using 802.11ac but does not have an AP available. Which of the following describes this
configuration?
A. Basic service set
B. Extended service set
C. Independent basic service set
D. MU-MIMO
Answer: C
NEW QUESTION 194
- (Exam Topic 3)
Which of the following commands can be used to display the IP address, subnet address, gateway address, and DNS address on a Windows computer?
A. netstat -a
B. ifconfig
C. ip addr
D. ipconfig /all
Answer: D
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
Explanation:
The ipconfig command is a utility that allows you to view and modify the network configuration of a Windows computer. By running the command "ipconfig /all", you
can view detailed information about the network configuration of your computer, including the IP address, subnet mask, default gateway, and DNS server
addresses.
Option A (netstat -a) is a command that displays active network connections and their status, but it does not display IP address or other network configuration
information. Option B (ifconfig) is a command used on Linux and Unix systems to view and modify network configuration, but it is not available on Windows. Option
C (ip addr) is a command used on Linux and Unix systems to view and modify network configuration, but it is not available on Windows.
NEW QUESTION 196
- (Exam Topic 3)
A user reports that a new VoIP phone works properly but the computer that is connected to the phone cannot access any network resources. Which of the
following MOST Likely needs to be configured correctly to provide network connectivity to the computer?
A. Port duplex settings
B. Port aggregation
C. ARP settings
D. VLAN tags
E. MDIX settings
Answer: D
Explanation:
VLAN (virtual LAN) tags are used to identify packets as belonging to a particular VLAN. VLANs are used to segment a network into logical sub-networks, and each
VLAN is assigned a unique VLAN tag. If the VLAN tag is not configured correctly, the computer may not be able to access network resources.
NEW QUESTION 199
- (Exam Topic 3)
All packets arriving at an interface need to be fully analyzed. Which of me following features should be used to enable monitoring of the packets?
A. LACP
B. Flow control
C. Port mirroring
D. NetFlow exporter
Answer: C
Explanation:
Port mirroring is a feature that can be used to enable monitoring of all packets arriving at an interface. This feature is used to direct a copy of all traffic passing
through the switch to a monitoring device, such as a network analyzer. This allows the switch to be monitored with the network analyzer in order to identify any
malicious or suspicious activity. Additionally, port mirroring can be used to troubleshoot network issues, such as latency or poor performance.
NEW QUESTION 203
- (Exam Topic 3)
Which of the following allows for an devices within a network to share a highly reliable time source?
A. NTP
B. SNMP
C. SIP
D. DNS
Answer: A
Explanation:
Network Time Protocol (NTP) is a protocol used to maintain a highly accurate and reliable clock time on all devices within a network. NTP works by synchronizing
the time of all the devices within a network to a single, highly accurate time source. This allows for the time of all the devices to be kept in sync with each other,
ensuring a consistent and reliable time source for all devices within the network.
NEW QUESTION 208
- (Exam Topic 3)
A public, wireless ISP mounts its access points on top of traffic signal poles. Fiber-optic cables are installed from a fiber switch through the ground and up the pole
to a fiber-copper media converter, and then connected to the AP. In one location, the switchport is showing sporadic link loss to the attached AP. A similar link loss
is not seen at the AP interface. The fiber-optic cable is moved to another unused switchport with a similar result. Which of the following steps should the assigned
technician complete NEXT?
A. Disable and enable the switchport.
B. Clean the fiber-optic cable ends.
C. Replace the media converter.
D. Replace the copper patch cord.
Answer: B
Explanation:
Fiber-optic cables are cables that use light signals to transmit data over long distances at high speeds.
Fiber-optic cables are sensitive to dirt, dust, moisture, or other contaminants that can interfere with the light signals and cause link loss or signal degradation. To
troubleshoot link loss issues with fiber-optic cables, one of the steps that should be completed next is to clean the fiber-optic cable ends with a lint-free cloth or a
specialized cleaning tool. Cleaning the fiber-optic cable ends can remove any dirt or debris that may be blocking or reflecting the light signals and restore the link
quality.
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
NEW QUESTION 210
- (Exam Topic 3)
A network administrator is getting reports of some internal users who cannot connect to network resources. The users slate they were able to connect last week,
but not today. No changes have been configured on the network devices or server during the last few weeks. Which of the following is the MOST likely cause of
the issue?
A. The client DHCP scope is fully utilized
B. The wired network is experiencing electrical interference
C. The captive portal is down and needs to be restarted
D. SNMP traps are being received
E. The packet counter on the router interface is high.
Answer: A
NEW QUESTION 212
- (Exam Topic 3)
A security administrator is trying to prevent incorrect IP addresses from being assigned to clients on the network. Which of the following would MOST likely prevent
this and allow the network to continue to operate?
A. Configuring DHCP snooping on the switch
B. Preventing broadcast messages leaving the client network
C. Blocking ports 67/68 on the client network
D. Enabling port security on access ports
Answer: A
Explanation:
To prevent incorrect IP addresses from being assigned to clients on the network and allow the network to continue to operate, the security administrator should
consider configuring DHCP (Dynamic Host Configuration Protocol) snooping on the switch. DHCP snooping is a security feature that is used to prevent
unauthorized DHCP servers from operating on a network. It works by allowing the switch to monitor and validate DHCP traffic on the network, ensuring that only
legitimate DHCP messages are forwarded to clients. This can help to prevent incorrect IP addresses from being assigned to clients, as it ensures that only
authorized DHCP servers are able to provide IP addresses to clients on the network.
NEW QUESTION 215
- (Exam Topic 3)
Which of the following is used to provide disaster recovery capabilities to spin up an critical devices using internet resources?
A. Cloud site
B. Hot site
C. Cold site
D. Warm site
Answer: A
NEW QUESTION 220
- (Exam Topic 3)
A user calls the IT department to report being unable to log in after locking the computer The user resets the password, but later in the day the user is again unable
to log in after locking the computer Which of the following attacks against the user IS MOST likely taking place?
A. Brute-force
B. On-path
C. Deauthentication
D. Phishing
Answer: A
NEW QUESTION 222
- (Exam Topic 3)
A network technician receives a report about a performance issue on a client PC that is connected to port 1/3 on a network switch. The technician observes the
following configuration output from the switch:
Which of the following is a cause of the issue on port 1/3?
A. Speed
B. Duplex
C. Errors
D. VLAN
Answer: A
NEW QUESTION 225
- (Exam Topic 3)
A network engineer is investigating reports of poor performance on a videoconferencing application. Upon reviewing the report, the engineer finds that available
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
bandwidth at the WAN connection is low.
Which Of the following is the MOST appropriate mechanism to handle this issue?
A. Traffic shaping
B. Flow control
C. NetFIow
D. Link aggregation
Answer: A
Explanation:
Traffic shaping is a congestion management method that regulates network data transfer by delaying the flow of less important or less desired packets1. Traffic
shaping can help to improve the performance of a videoconferencing application by prioritizing its packets over other types of traffic and smoothing out traffic
bursts. Traffic shaping can also help to avoid packet loss and ensure fair allocation of bandwidth among different applications or users.
Flow control is a mechanism that prevents a sender from overwhelming a receiver with more data than it can handle. Flow control can help to avoid buffer overflow
and data loss, but it does not prioritize different types of traffic or smooth out traffic bursts. Flow control operates at the data link layer or the transport layer, while
traffic shaping operates at the network layer or above.
NetFlow is a protocol that collects and analyzes network traffic data for monitoring and troubleshooting purposes2. NetFlow can help to identify the sources,
destinations, volumes, and types of traffic on a network, but it does not regulate or shape the traffic flow. NetFlow operates at the network layer or above.
Link aggregation is a technique that combines multiple physical links into one logical link for increased bandwidth, redundancy, and load balancing. Link
aggregation can help to improve the performance of a videoconferencing application by providing more available bandwidth at the WAN connection, but it does not
prioritize different types of traffic or smooth out traffic bursts. Link aggregation operates at the data link layer.
NEW QUESTION 229
- (Exam Topic 3)
A network technician needs to select an AP that will support at least 1.3Gbps and 5GHz only. Which of the following wireless standards must the AP support to
meet the requirements?
A. B
B. AC
C. AX
D. N
E. G
Answer: B
Explanation:
Wireless AC is a wireless standard that supports up to 1.3Gbps data rate and operates in the 5GHz frequency band only. Wireless AC is also backward compatible
with wireless A and N devices that use the 5GHz band. Wireless AC is suitable for high-performance applications such as HD video streaming and online gaming.
References: Network+ Study Guide Objective 2.2: Explain the purposes and properties of routing and switching. Subobjective: Wireless standards and their
characteristics.
NEW QUESTION 231
- (Exam Topic 3)
A Network engineer is investigating issues on a Layer 2 Switch. The department typically snares a Switchport during meetings for presentations, but atter the first
user Shares, no Other users can connect. Which Of the following is MOST likely related to this issue?
A. Spanning Tree Protocol is enabled on the switch.
B. VLAN trunking is enabled on the switch.
C. Port security is configured on the switch.
D. Dynamic ARP inspection is configured on the switch.
Answer: C
NEW QUESTION 233
- (Exam Topic 3)
Which of the following bandwidth management techniques uses buffers al the client side to prevent TCP retransmissions from occurring when the ISP starts to
drop packets of specific types that exceed the agreed traffic rate?
A. Traffic shaping
B. Traffic policing
C. Traffic marking
D. Traffic prioritization
Answer: D
NEW QUESTION 238
- (Exam Topic 3)
A large metropolitan city is looking to standardize the ability tor police department laptops to connect to the city government's VPN The city would like a wireless
solution that provides the largest coverage across the city with a minimal number of transmission towers Latency and overall bandwidth needs are not high
priorities. Which of the following would BEST meet the city's needs?
A. 5G
B. LTE
C. Wi-Fi 4
D. Wi-Fi 5
E. Wi-Fi 6
Answer: B
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
NEW QUESTION 240
- (Exam Topic 3)
An IT technician successfully connects to the corporate wireless network at a hank. While performing some tests, the technician observes that the physical
address of the DHCp server has changed even though the network connection has not been lost. Which of the following would BEST explain this change?
A. Server upgrade
B. Duplicate IP address
C. Scope exhaustion
D. Rogue server
Answer: D
Explanation:
A rogue server is a DHCP server on a network that is not under the administrative control of the network staff 1. It may provide incorrect IP addresses or other
network configuration information to devices on the network, causing them to lose connectivity or be vulnerable to attacks2. The physical address of the DHCP
server may change if a rogue server takes over the role of assigning IP addresses to devices on the network. This can be detected by monitoring DHCP traffic or
using tools such as RogueChecker2.
NEW QUESTION 242
- (Exam Topic 3)
Which of the following is an advanced distance vector routing protocol that automates routing tables and also uses some features of link-state routing protocols?
A. OSPF
B. RIP
C. EIGRP
D. BGP
Answer: C
Explanation:
EIGRP is an advanced distance vector routing protocol that is able to automatically update routing tables and also uses features of link-state routing protocols,
such as the ability to send updates about the current topology of the network. EIGRP also has the ability to use a variety of algorithms to determine the best route
for a packet to take, allowing for more efficient routing across the network.
NEW QUESTION 244
- (Exam Topic 3)
Which of the following is considered a physical security detection device?
A. Cameras
B. Biometric readers
C. Access control vestibules
D. Locking racks
Answer: A
NEW QUESTION 245
- (Exam Topic 3)
A network administrator wants to test the throughput of a new metro Ethernet circuit to verify that its
performance matches the requirements specified m the SLA. Which of the following would BEST help measure the throughput?
A. iPerf
B. Ping
C. NetFlow
D. Netstat
Answer: A
NEW QUESTION 250
- (Exam Topic 3)
A network administrator is trying to add network redundancy for the server farm. Which of the following can the network administrator configure to BEST provide
this capability?
A. VRRP
B. DNS
C. UPS
D. RPO
Answer: A
Explanation:
VRRP is an open standard protocol, which is used to provide redundancy in a network. It is a network layer protocol (protocol number-112). The number of routers
(group members) in a group acts as a virtual logical router which will be the default gateway of all the local hosts. If one router goes down, one of the other group
members can take place for the responsibilities for forwarding the traffic.
NEW QUESTION 251
- (Exam Topic 3)
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
A network engineer needs to create a subnet that has the capacity for five VLANs. with the following number of clients lo be allowed on each:
Which of the following is the SMALLEST subnet capable of this setup that also has the capacity to double the number of clients in the future?
A. 10.0.0.0/21
B. 10.0.0.0/22
C. 10.0.0.0/23
D. 10.0.0.0/24
Answer: B
NEW QUESTION 253
- (Exam Topic 3)
An employee working in a warehouse facility is experiencing interruptions in mobile applications while walking around the facility. According to a recent site survey,
the WLAN comprises autonomous APs that are directly connected to the internet, providing adequate signal coverage. Which of the following is the BEST solution
to improve network stability?
A. Implement client roaming using an extended service deployment employing a wireless controller.
B. Remove omnidirectional antennas and adopt a directional bridge.
C. Ensure all APs of the warehouse support MIMO and Wi-Fi 4.
D. Verify that the level of EIRP power settings is set to the maximum permitted by regulations.
Answer: A
Explanation:
Client roaming refers to the ability of a wireless device to seamlessly connect to a different access point (AP) as the user moves around the facility. This can help
to improve network stability and reduce interruptions in mobile applications. An extended service deployment is a type of wireless network configuration that uses
multiple APs to cover a large area, such as a warehouse facility. By using a wireless controller to manage the APs, the network can be better optimized for client
roaming, which can improve network stability.
"Roaming With multiple WAPs in an ESS, clients will connect to whichever WAP has the strongest signal. As clients move through the space covered by the
broadcast area, they will change WAP connections seamlessly, a process called roaming."
NEW QUESTION 256
- (Exam Topic 3)
While waking from the parking lot lo an access-controlled door an employee sees an authorized user open the door. Then the employee notices that another
person catches the door before It closes and goes inside Which of the following attacks Is taking place?
A. Tailgating
B. Pipgybacking
C. Shoulder surfing
D. Phisning
Answer: A
Explanation:
The difference between piggybacking and tailgaiting is that with piggybacking, the person is willfully and intentionally letting you in. In this particular case, the
person caught the door before it closed, so it is tailgating.
Tailgating is a physical security attack that occurs when an unauthorized person follows an authorized person through a secured door or gate without their
knowledge or consent. Tailgating can allow an attacker to bypass access control mechanisms and gain entry to restricted areas or resources. Tailgating can also
pose a safety risk for the authorized person and other occupants of the facility.
Piggybacking is a physical security attack that occurs when an unauthorized person follows an authorized person through a secured door or gate with their
knowledge or consent. Piggybacking can also allow an attacker to bypass access control mechanisms and gain entry to restricted areas or resources.
Piggybacking can also violate security policies and compromise the accountability of the authorized person.
Shoulder surfing is a physical security attack that occurs when an unauthorized person observes or records an authorized person’s confidential information, such
as passwords, PINs, or credit card numbers. Shoulder surfing can allow an attacker to steal credentials and access sensitive data or systems. Shoulder surfing
can also violate privacy and confidentiality rights of the authorized person.
Phishing is a cyber security attack that occurs when an unauthorized person sends fraudulent emails or messages that appear to come from legitimate sources,
such as banks, companies, or government agencies. Phishing can trick recipients into clicking on malicious links, opening malicious attachments, or providing
personal or financial information. Phishing can allow an attacker to install malware, steal credentials, or perform identity theft. Phishing does not involve physical
access to secured doors or gates.
NEW QUESTION 257
- (Exam Topic 3)
An engineer needs to restrict the database servers that are in the same subnet from communicating with each other. The database servers will still need to
communicate with the application servers in a different subnet. In some cases, the database servers will be clustered, and the servers will need to communicate
with other cluster members. Which of the following technologies will be BEST to use to implement this filtering without creating rules?
A. Private VLANs
B. Access control lists
C. Firewalls
D. Control plane policing
Answer: A
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
Explanation:
"Use private VLANs: Also known as port isolation, creating a private VLAN is a method of restricting switch ports (now called private ports) so that they can
communicate only with a particular uplink. The private VLAN usually has numerous private ports and only one uplink, which is usually connected to a router, or
firewall."
NEW QUESTION 259
- (Exam Topic 3)
A company's web server is hosted at a local ISP. This is an example of:
A. allocation.
B. an on-premises data center.
C. a branch office.
D. a cloud provider.
Answer: D
NEW QUESTION 263
- (Exam Topic 3)
Which of the following is used when a workstation sends a DHCP broadcast to a server on another LAN?
A. Reservation
B. Dynamic assignment
C. Helper address
D. DHCP offer
Answer: C
Explanation:
A helper address is an IP address that is configured on a router interface to forward DHCP broadcast messages to a DHCP server on another LAN. A DHCP
broadcast message is a message that a workstation sends when it needs to obtain an IP address from a DHCP server. Since broadcast messages are not routed
across different networks, a helper address is needed to relay the DHCP broadcast message to the DHCP server on another network. References:
https://www.comptia.org/training/books/network-n10-008-study-guide (page 199)
NEW QUESTION 265
- (Exam Topic 3)
Which of the following can have multiple VLAN interfaces?
A. Hub
B. Layer 3 switch
C. Bridge
D. Load balancer
Answer: B
NEW QUESTION 269
- (Exam Topic 3)
A building was recently remodeled in order to expand the front lobby. Some mobile users have been unable to connect to the available network jacks within the
new lobby, while others have had no issues. Which of the following is the MOST likely cause of the connectivity issues?
A. LACP
B. Port security
C. 802.11ax
D. Duplex settings
Answer: B
Explanation:
Port security is a feature that allows a network device to limit the number and type of MAC addresses that can access a port. Port security can prevent
unauthorized devices from connecting to the network through an available network jack. Therefore, port security is the most likely cause of the connectivity issues
for some mobile users in the new lobby.
NEW QUESTION 270
- (Exam Topic 3)
Which of the following BEST describes a spirt-tunnel client-to-server VPN connection?
A. The client sends an network traffic down the VPN tunnel
B. The client has two different IP addresses that can be connected to a remote site from two different ISPs to ensure availability
C. The client sends some network traffic down the VPN tunnel and other traffic to the local gateway.
D. The client connects to multiple remote sites at the same time
Answer: C
Explanation:
In a split-tunnel VPN, the client can access both the local network and the remote network simultaneously, with some network traffic sent through the VPN tunnel
and other traffic sent to the local gateway. This approach allows for more efficient use of bandwidth and reduces the load on the VPN server. It also allows the
client to continue accessing local resources while connected to the remote network.
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
NEW QUESTION 271
- (Exam Topic 3)
A technician is installing the Wi-Fi infrastructure for legacy industrial machinery at a warehouse. The equipment only supports 802.11a and 802.11b standards.
Speed of transmission is the top business requirement. Which of the following is the correct maximum speed for this scenario?
A. 11Mbps
B. 54Mbps
C. 128Mbps
D. 144Mbps
Answer: B
Explanation:
802.11b (Wi-Fi 1)
11 Mbps
100 meter maximum effective range 802.11a (Wi-Fi 2)
54 Mbps
50 meter maximum effective range
NEW QUESTION 276
- (Exam Topic 3)
Users are reporting intermittent Wi-Fi connectivity in specific parts of a building. Which of the following should the network administrator check FIRST when
troubleshooting this issue? (Select TWO).
A. Site survey
B. EIRP
C. AP placement
D. Captive portal
E. SSID assignment
F. AP association time
Answer: AC
Explanation:
This is a coverage issue. WAP placement and power need to be checked. Site survey should be done NEXT because it takes a while.
NEW QUESTION 279
- (Exam Topic 3)
A switch is connected to another switch. Incompatible hardware causes a surge in traffic on both switches. Which of the following configurations will cause traffic to
pause, allowing the switches to drain buffers?
A. Speed
B. Flow control
C. 802.1Q
D. Duplex
Answer: B
Explanation:
Flow control is a mechanism that allows a network device to regulate the amount of traffic it can receive or send. Flow control can help prevent congestion and
buffer overflow by sending pause frames or signals to the sender when the receiver’s buffer is full or nearly full. Flow control can cause traffic to pause, allowing
the switches to drain buffers and resume normal operation. Speed is a parameter that determines the data transfer rate of a network link. 802.1Q is a standard for
VLAN (Virtual Local Area Network) tagging, which allows multiple logical networks to share the same physical infrastructure. Duplex is a mode of communication
that determines how data is transmitted and received on a link. Full duplex allows simultaneous transmission and reception, while half duplex allows only one
direction at a time.
References: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 1.5: Compare and contrast network cabling types, standards and
speeds.
NEW QUESTION 281
- (Exam Topic 3)
A newly installed VoIP phone is not getting the DHCP IP address it needs to connect to the phone system. Which of the following tasks needs to be completed to
allow the phone to operate correctly?
A. Assign the phone's switchport to the correct VLAN
B. Statically assign the phone's gateway address.
C. Configure a route on the VoIP network router.
D. Implement a VoIP gateway
Answer: A
NEW QUESTION 284
- (Exam Topic 3)
Which of the following would be used to forward requests and replies between a DHCP server and client?
A. Relay
B. Lease
C. Scope
D. Range
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
Answer: A
NEW QUESTION 285
- (Exam Topic 3)
A network administrator is testing performance improvements by configuring channel bonding on an 802.Hac AP. Although a site survey detected the majority of
the 5GHz frequency spectrum was idle, being used only by the company's WLAN and a nearby government radio system, the AP is not allowing the administrator
to manually configure a large portion of the 5GHz frequency range. Which of the following would be BEST to configure for the WLAN being tested?
A. Upgrade the equipment to an AP that supports manual configuration of the ElRP power settings.
B. Switch to 802.11
C. disable channel auto-selection, and enforce channel bonding on the configuration.
D. Set up the AP to perform a dynamic selection of the frequency according to regulatory requirements.
E. Deactivate the band 5GHz to avoid Interference with the government radio
Answer: C
NEW QUESTION 286
- (Exam Topic 3)
Which of the following physical security methods Is the MOST effective to prevent tailgating?
A. Biometrics in an access control vestibule
B. IP cameras with motion detection
C. Smart lockers with tamper protection
D. Badge readers plus a PIN pad
Answer: A
Explanation:
Biometrics is a type of authentication that uses a person’s physical characteristics, such as fingerprints, iris, or face, to verify their identity. An access control
vestibule is a small room or area that separates two spaces and allows only one person to enter or exit at a time. Biometrics in an access control vestibule is the
most effective physical security method to prevent tailgating, which is the unauthorized entry of a person behind another person who has legitimate access.
References: Network+ Study Guide Objective 5.1: Summarize the importance of physical security controls.
NEW QUESTION 289
- (Exam Topic 3)
A network engineer receives the following when connecting to a switch to configure a port:
Which of the following is the MOST likely cause for the failure?
A. The network engineer is using the wrong protocol
B. The network engineer does not have permission to configure the device
C. SNMP has been secured with an ACL
D. The switchport the engineer is trying to configure is down
Answer: D
NEW QUESTION 292
- (Exam Topic 3)
A device is connected to a managed Layer 3 network switch. The MAC address of the device is known, but the static IP address assigned to the device is not.
Which of the following features of a Layer 3 network switch should be used to determine the IPv4 address of the device?
A. MAC table
B. Neighbor Discovery Protocol
C. ARP table
D. IPConfig
E. ACL table
Answer: C
Explanation:
The ARP table is a database that is used by a device to map MAC addresses to their corresponding IP addresses. When a device sends a packet to another
device on the same network, it uses the MAC address of the destination device to deliver the packet. The ARP table allows the device to determine the IP address
of the destination device based on its MAC address.
NEW QUESTION 293
- (Exam Topic 3)
A client who shares office space and an IT closet with another company recently reported connectivity issues throughout the network. Multiple third-party vendors
regularly perform on-site maintenance in the shared IT closet. Which of the following security techniques would BEST secure the physical networking equipment?
A. Disabling unneeded switchports
B. Implementing role-based access
C. Changing the default passwords
D. Configuring an access control list
Answer: B
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
Explanation:
Role-based access is a security technique that assigns permissions and privileges to users or groups based on their roles or functions within an organization. Role-
based access can help secure the physical networking equipment by limiting who can access, modify, or manage the devices in the shared IT closet. Only
authorized personnel with a valid role and credentials should be able to access the networking equipment. Disabling unneeded switchports is a security technique
that prevents unauthorized devices from connecting to the network by turning off unused ports on a switch. Changing the default passwords is a security technique
that prevents unauthorized access to network devices by replacing the factory-set passwords with strong and unique ones. Configuring an access control list is a
security technique that filters network traffic by allowing or denying packets based on criteria such as source and destination IP addresses, ports, or protocols.
References: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 3.2: Given a scenario, use appropriate network hardening
techniques.
NEW QUESTION 296
- (Exam Topic 3)
A network administrator received a report staling a critical vulnerability was detected on an application that is exposed to the internet. Which of the following Is the
appropriate NEXT step?
A. Check for the existence of a known exploit in order to assess the risk
B. Immediately shut down the vulnerable application server.
C. Install a network access control agent on the server.
D. Deploy a new server to host the application.
Answer: A
Explanation:
The appropriate next step in this situation would be to check for the existence of a known exploit in order to assess the risk. This is important because it will help
the network administrator determine the severity of the vulnerability and the potential impact it could have on the organization. Once the network administrator has
assessed the risk, they can then take appropriate action to address the vulnerability. This might include patching the application, deploying a new server to host
the application, or implementing other security measures to mitigate the risk. It is generally not advisable to immediately shut down the vulnerable application
server, as this could disrupt business operations and cause significant downtime. Similarly, installing a network access control agent on the server may not be the
most effective solution, as it would not address the underlying vulnerability.
NEW QUESTION 299
- (Exam Topic 3)
An engineer is using a tool to run an ICMP sweep of a network to find devices that are online. When reviewing the results, the engineer notices a number of
workstations that are currently verified as being online are not listed in the report.
The tool was configured to scan using the following information: Network address: 172.28.16.0
CIDR: /22
The engineer collected the following information from the client workstation: IP address: 172.28.17.206
Subnet mask: 255.255.252.0
Which of the following MOST likely explains why the tool is failing to detect some workstations?
A. The scanned network range is incorrect.
B. The subnet mask on the client is misconfigured.
C. The workstation has a firewall enabled.
D. The tool is unable to scan remote networks.
Answer: C
Explanation:
A firewall is a device or software that filters and controls the incoming and outgoing network traffic based on predefined rules. A firewall can block ICMP packets,
which are used for ping and other diagnostic tools. If the workstation has a firewall enabled, it may not respond to the ICMP sweep and appear as offline. The
engineer should check the firewall settings on the workstation and allow ICMP traffic if needed.
References: Network+ Study Guide Objective 4.1: Given a scenario, use the appropriate tool.
NEW QUESTION 301
- (Exam Topic 3)
A PC user who is on a local network reports very slow speeds when accessing files on the network server The user's PC Is connecting, but file downloads are very
slow when compared to other users' download speeds The PC's NIC should be capable of Gigabit Ethernet. Which of the following will MOST likely fix the issue?
A. Releasing and renewing the PC's IP address
B. Replacing the patch cable
C. Reseating the NIC inside the PC
D. Flushing the DNS cache
Answer: B
Explanation:
A slow download speed can be caused by a faulty patch cable, which is the cable used to connect the user's PC to the network server. If the patch cable is
damaged, the connection will be slower than expected, resulting in slow download speeds. Replacing the patch cable is the most likely solution to this issue, as it
will provide a new, reliable connection that should allow for faster download speeds.
NEW QUESTION 302
- (Exam Topic 3)
A network engineer is investigating reports of poor network performance. Upon reviewing a report, the engineer finds hundreds of CRC errors on an interface.
Which of the following is the MOST likely cause of these errors?
A. A bad wire on the Cat 5e cable
B. The wrong VLAN assignment to the switchport
C. A misconfigured QoS setting on the router
D. Both sides of the switch trunk set to full duplex
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
Answer: A
NEW QUESTION 307
- (Exam Topic 3)
Which of the following DHCP settings would be used to ensure a device gets the same IP address each time it is connected to the network?
A. Scope options
B. Reservation
C. Exclusion
D. Relay
E. Pool
Answer: A
NEW QUESTION 312
- (Exam Topic 3)
An attacker targeting a large company was able to inject malicious A records into internal name resolution servers. Which of the following attack types was MOST
likely used?
A. DNS poisoning
B. On-path
C. IP spoofing
D. Rogue DHCP
Answer: A
NEW QUESTION 315
- (Exam Topic 3)
Which of the following protocols uses Dijkstra’s algorithm to calculate the LOWEST cost between routers?
A. RIP
B. OSPF
C. BGP
D. EIGRP
Answer: B
Explanation:
OSPF stands for Open Shortest Path First and is a link-state routing protocol that uses Dijkstra’s algorithm to calculate the lowest cost between routers. OSPF
assigns a cost value to each link based on factors such as bandwidth, delay, or reliability, and builds a map of the network topology. OSPF then uses Dijkstra’s
algorithm to find the shortest path from each router to every other router in the network1. RIP stands for Routing Information Protocol and is a distance-vector
routing protocol that uses hop count as the metric to find the best path. BGP stands for Border Gateway Protocol and is a path-vector routing protocol that uses
attributes such as AS path, local preference, or origin to select the best route. EIGRP stands for Enhanced Interior Gateway Routing Protocol and is a hybrid
routing protocol that uses a composite metric based on bandwidth, delay, load, and reliability.
References: 1 Dijkstra’s algorithm - Wikipedia (https://en.wikipedia.org/wiki/Dijkstra%27s_algorithm)
NEW QUESTION 317
- (Exam Topic 3)
A false camera is installed outside a building to assist with physical security. Which of the following is the device assisting?
A. Detection
B. Recovery
C. Identification
D. Prevention
Answer: A
NEW QUESTION 322
- (Exam Topic 3)
Which of the following is MOST appropriate for enforcing bandwidth limits when the performance of an application is not affected by the use of buffering but is
heavily impacted by packet drops?
A. Traffic shaping
B. Traffic policing
C. Traffic marking
D. Traffic classification
Answer: B
Explanation:
Traffic policing is a mechanism that monitors the traffic in any network and enforces a bandwidth limit by discarding packets that exceed a certain rate1. This can
reduce congestion and ensure fair allocation of bandwidth among different applications or users. However, discarding packets can also affect the performance and
quality of some applications, especially those that are sensitive to packet loss, such as voice or video.
Traffic shaping is a congestion control mechanism that delays packets that exceed a certain rate instead of discarding them1. This can smooth out traffic bursts
and avoid packet loss, but it also introduces latency and jitter. Traffic shaping can be beneficial for applications that can tolerate some delay but not packet loss,
such as file transfers or streaming.
Traffic marking is a mechanism that assigns different priority levels to packets based on their type, source, destination, or other criteria2. This can help to
differentiate between different classes of service and apply different policies or treatments to them. However, traffic marking does not enforce bandwidth limits by
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
itself; it only provides information for other mechanisms to act upon.
Traffic classification is a process that identifies and categorizes packets based on their characteristics, such as protocol, port number, payload, or behavior. This
can help to distinguish between different types of traffic and apply appropriate policies or actions to them. However, traffic classification does not enforce
bandwidth limits by itself; it only provides input for other mechanisms to use.
NEW QUESTION 324
- (Exam Topic 3)
A security engineer is trying to determine whether an internal server was accessed by hosts on the internet. The internal server was shut down during the
investigation Which of the following will the engineer review to determine whether the internal server had an unauthorized access attempt?
A. The server's syslog
B. The NetFlow statistics
C. The firewall logs
D. The audit logs on the core switch
Answer: A
NEW QUESTION 329
- (Exam Topic 3)
A medical building offers patients Wi-Fi in the waiting room. Which of the following security features would be the BEST solution to provide secure connections and
keep the medical data protected?
A. Isolating the guest network
B. Securing SNMP
C. MAC filtering
D. Disabling unneeded switchports
Answer: A
NEW QUESTION 333
- (Exam Topic 3)
Which of the following is conducted frequently to maintain an updated list of a system's weaknesses?
A. Penetration test
B. Posture assessment
C. Risk assessment
D. Vulnerability scan
Answer: D
NEW QUESTION 335
- (Exam Topic 3)
Which of the following is the MOST appropriate use case for the deployment of a clientless VPN?
A. Secure web access to internal corporate resources.
B. Upgrade security via the use of an NFV technology
C. Connect two data centers across the internet.
D. Increase VPN availability by using a SDWAN technology.
Answer: A
NEW QUESTION 339
- (Exam Topic 3)
A security engineer is installing a new IOS on the network. The engineer has asked a network administrator to ensure all traffic entering and leaving the router
interface is available for the IDS. Which of the following should the network administrator do?
A. Install a network tap for the IDS
B. Configure ACLs to route traffic to the IDS.
C. Install an additional NIC into the IDS
D. Install a loopback adapter for the IDS.
E. Add an additional route on the router for the IDS.
Answer: A
Explanation:
a network tap is a way of connecting an IDS out of band, which means it does not interfere with the normal network traffic. A network tap allows you to view a copy
of the network traffic transmitted over the media being tapped.
NEW QUESTION 341
- (Exam Topic 3)
A cafeteria is lacing lawsuits related to criminal internet access that was made over its guest network. The marketing team, however, insists on keeping the
cafeteria phone number as the wireless passphrase. Which of the following actions would Improve wireless security while accommodating the marketing team and
accepting the terms of use?
A. Setting WLAN security to use EAP-TLS
B. Deploying a captive portal tor user authentication
C. Using geofencing to limit the area covered by the WLAN
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
D. Configuring guest network isolation
Answer: B
Explanation:
A captive portal is a web page that is presented to a user before they are allowed to access a network. It is used to authenticate users and to ensure that all users
have accepted the terms of use for the network. By deploying a captive portal, the cafeteria can require users to enter their phone number as the passphrase,
while still providing an additional layer of security. Reference: CompTIA Network+ Study Guide, 8th Edition, page 182.
NEW QUESTION 342
- (Exam Topic 3)
A company streams video to multiple devices across a campus. When this happens, several users report a degradation of network performance. Which of the
following would MOST likely address this issue?
A. Enable IGMP snooping on the switches.
B. Implement another DHCP server.
C. Reconfigure port tagging for the video traffic.
D. Change the SSID of the APs
Answer: A
NEW QUESTION 346
- (Exam Topic 3)
An organization would like to implement a disaster recovery strategy that does not require a facility agreement or idle hardware. Which of the following strategies
MOST likely meets the organization's requirements?
A. Cloud site
B. Cold site
C. Warm site
D. Hot site
Answer: A
Explanation:
A cloud site is a type of disaster recovery site that uses cloud computing services to provide backup and recovery of data and applications in the event of a
disaster1. A cloud site does not require a facility agreement or idle hardware, as the cloud provider manages the infrastructure and resources on demand. A cloud
site can also offer scalability, flexibility, and cost-effectiveness compared to other types of disaster recovery sites.
NEW QUESTION 348
- (Exam Topic 3)
A technician is tasked with setting up a mail server and a DNS server. The mail port should be secured and have the ability to transfer large files. Which of the
following ports should be opened? (Select TWO).
A. 22
B. 53
C. 110
D. 389
E. 995
F. 3389
Answer: BE
Explanation:
Port 53 is used for DNS, which is a service that translates domain names into IP addresses. Port 995 is used for POP3S, which is a protocol for receiving email
messages securely. POP3S supports large file transfers and encryption. Therefore, these two ports should be opened for the mail server and the DNS server
project
NEW QUESTION 351
- (Exam Topic 3)
A network administrator is given the network 80.87.78.0/26 for specific device assignments. Which of the following describes this network?
A. 80.87.78 0 - 80.87.78.14
B. 80.87.78 0 - 80.87.78.110
C. 80.87.78 1 - 80.87.78.62
D. 80.87.78.1 - 80.87.78.158
Answer: C
Explanation:
The network 80.87.78.0/26 is a Class A network with a subnet mask of /26, which means that it contains 26 bits of network information and 6 bits of host
information. The range of valid host addresses for this network is 80.87.78.1 to 80.87.78.62. Any addresses outside of this range are reserved for special purposes
or are not used.
NEW QUESTION 352
- (Exam Topic 3)
A small office has a wireless network with several access points that are used by mobile devices. Users occasionally report that the wireless connection drops or
becomes very slow. Reports confirm that this only happens when the devices are connected to the office wireless network. Which of the following is MOST likely
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
the cause?
A. The configuration of the encryption protocol
B. Interference from other devices
C. Insufficient bandwidth capacity
D. Duplicate SSIDs
Answer: B
Explanation:
Interference from other devices can cause wireless connection drops or slow performance. This can happen when devices use the same or overlapping frequency
channels as the wireless network, such as cordless phones, microwaves, Bluetooth devices, etc. To avoid interference, it is recommended to use non-overlapping
channels and avoid placing wireless access points near potential sources of interference. References: Network+ Study Guide Objective 2.1: Explain the purposes
and use cases for advanced network devices. Subobjective: Wireless controllers.
NEW QUESTION 355
- (Exam Topic 3)
Which of the following records can be used to track the number of changes on a DNS zone?
A. SOA
B. SRV
C. PTR
D. NS
Answer: A
Explanation:
The DNS ‘start of authority’ (SOA) record stores important information about a domain or zone such as the email address of the administrator, when the domain
was last updated, and how long the server should wait between refreshes. All DNS zones need an SOA record in order to conform to IETF standards. SOA
records are also important for zone transfers.
NEW QUESTION 357
- (Exam Topic 3)
A network administrator responds to a support ticket that was submitted by a customer who is having issues connecting to a website inside of the company
network The administrator verities that the customer could not connect to a website using a URL Which of the following troubleshooting steps would be BEST for
the administrator to take?
A. Check for certificate issues
B. Contact the ISP
C. Attempt to connect to the site via IP address
D. Check the NTP configuration.
Answer: C
Explanation:
The best option for the administrator to take would be to attempt to connect to the site via IP address. This will help to determine if the issue is related to the
website's DNS address or if the site itself is not accessible. Checking for certificate issues may be necessary, but this should be done after the administrator has
attempted to connect to the site via IP address. Contacting the ISP is unnecessary since the issue is related to the website inside of the company network, and
checking the NTP configuration is not relevant to this issue.
When a customer is having issues connecting to a website using a URL, one of the first troubleshooting steps a network administrator should take is attempting to
connect to the site using the IP address of the website. This will help to determine if the issue is related to a DNS resolution problem or a connectivity problem. If
the administrator is able to connect to the website using the IP address, then the issue may be related to a DNS problem. However, if the administrator is still
unable to connect, then the issue may be related to a connectivity problem. In either case, further troubleshooting steps will be necessary. Checking for certificate
issues or NTP configuration, and contacting the ISP would not be the BEST initial steps in this scenario.
NEW QUESTION 358
- (Exam Topic 3)
Which of the following protocols would enable a company to upgrade its internet connection by acquiring its own public IP prefixes and autonomous system
number?
A. EIGRP
B. BGP
C. IPv6
D. MPLS
Answer: B
Explanation:
BGP is a routing protocol that is used to exchange routing information between different autonomous systems (ASes) on the internet. An autonomous system is a
network or group of networks that is under the same administrative control and uses a common routing protocol. By acquiring its own public IP prefixes and
autonomous system number, a company can use BGP to advertise these prefixes to other ASes and establish its own internet connection. This would enable the
company to have more control over its internet connection and potentially improve its connectivity.EIGRP (Enhanced Interior Gateway Routing Protocol) is a
routing protocol used within a single autonomous system, so it would not be used to establish a connection to the internet. IPv6 is a version of the Internet Protocol
(IP) used to identify devices on a network. It is not a routing protocol and would not be used to establish an internet connection.MPLS (Multi-Protocol Label
Switching) is a networking technology that is used to route packets between different networks. It is not a routing protocol and would not be used to establish an
internet connection.
NEW QUESTION 360
- (Exam Topic 3)
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
A network administrator is investigating a network event that is causing all communication to stop. The network administrator is unable to use SSH to connect to
the switch but is able to gain access using the serial console port. While monitoring port statistics, the administrator sees the following:
Which of the following is MOST likely causing the network outage?
A. Duplicate IP address
B. High collisions
C. Asynchronous route
D. Switch loop
Answer: B
NEW QUESTION 363
- (Exam Topic 3)
A network administrator needs to monitor traffic on a specific port on a switch. Which of the following should the administrator configure to accomplish the task?
A. Port security
B. Port tagging
C. Port mirroring
D. Media access control
Answer: C
Explanation:
Port mirroring is a feature that allows a network technician to monitor traffic on a specific port on a switch by copying all the traffic from that port to another port
where a monitoring device is connected. Port mirroring can be used for troubleshooting, analysis, or security purposes, such as detecting network anomalies,
performance issues, or malicious activities. References:
https://www.comptia.org/training/books/network-n10-008-study-guide (page 156)
NEW QUESTION 365
- (Exam Topic 3)
Which of the following protocols can be used to change device configurations via encrypted and authenticated sessions? (Select TWO).
A. SNMPv3
B. SSh
C. Telnet
D. IPSec
E. ESP
F. Syslog
Answer: BD
NEW QUESTION 366
- (Exam Topic 3)
A network engineer is designing a wireless network that has the following requirements:
• Network speed must be higher than 100Mbps
• Must use the 2.4GHz and 5GHz bands
Which of the following 802.11 standards should the engineer select?
A. 802. lla
B. 802.11b
C. 802. 11g
D. 802.11 n
Answer: D
Explanation:
* 802.11 n is a wireless standard that supports up to 600 Mbps data rate and operates in both the 2.4 GHz and 5 GHz frequency bands. 802.11n uses multiple-
input multiple-output (MIMO) technology to increase the number of spatial streams and improve the wireless performance and range. 802.11n meets the
requirements of the wireless network design.
References: Network+ Study Guide Objective 1.6: Explain the functions of network services.
NEW QUESTION 370
......
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
Thank You for Trying Our Product
We offer two products:
1st - We have Practice Tests Software with Actual Exam Questions
2nd - Questons and Answers in PDF Format
N10-009 Practice Exam Features:
* N10-009 Questions and Answers Updated Frequently
* N10-009 Practice Questions Verified by Expert Senior Certified Staff
* N10-009 Most Realistic Questions that Guarantee you a Pass on Your FirstTry
* N10-009 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year
100% Actual & Verified — Instant Download, Please Click
Order The N10-009 Practice Test Here
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Powered by TCPDF (www.tcpdf.org)
You might also like
- Vendor: Comptia Exam Code: N10-008 Exam Name: Comptia Network+ N10-008 Certification100% (1)Vendor: Comptia Exam Code: N10-008 Exam Name: Comptia Network+ N10-008 Certification285 pages
- N10-009 CompTIA Network+ Exam Updated Dumps100% (2)N10-009 CompTIA Network+ Exam Updated Dumps28 pages
- Updated N10-007 Dumps PDF - CompTIA Network+ N10-007 Exam Question PDFNo ratings yetUpdated N10-007 Dumps PDF - CompTIA Network+ N10-007 Exam Question PDF9 pages
- 701-800 310440304-2016-New-N10-006-Exam-Dumps-For-Free-VCE-and-PDF-701-800No ratings yet701-800 310440304-2016-New-N10-006-Exam-Dumps-For-Free-VCE-and-PDF-701-80023 pages
- Updated n10 007 Dumps PDF Comptia Network n10 007 Exam Question PDF100% (5)Updated n10 007 Dumps PDF Comptia Network n10 007 Exam Question PDF32 pages
- Vendor: Comptia Exam Code: N10-008 Exam Name: Comptia Network+ N10-008 CertificationNo ratings yetVendor: Comptia Exam Code: N10-008 Exam Name: Comptia Network+ N10-008 Certification48 pages
- Ain Dumps 2023-Oct-20 by Harlan 269q VceNo ratings yetAin Dumps 2023-Oct-20 by Harlan 269q Vce43 pages
- Actual CompTIA N10-008 Exam Questions - KilltestNo ratings yetActual CompTIA N10-008 Exam Questions - Killtest62 pages
- Comptia.2passeasy.n10 008.exam - Prep.2023 Oct 22.by - Corey.390q.vceNo ratings yetComptia.2passeasy.n10 008.exam - Prep.2023 Oct 22.by - Corey.390q.vce8 pages
- CompTIA Network+ v1.0 (N10-008) - Full Access100% (1)CompTIA Network+ v1.0 (N10-008) - Full Access34 pages
- Comptia Pass4sure n10-008 Exam Dumps 2023-Jun-13 by Rock 190qNo ratings yetComptia Pass4sure n10-008 Exam Dumps 2023-Jun-13 by Rock 190q10 pages
- N10-008 Dumps Comptia Network+Exam: 100% Valid and Newest Version N10-008 Questions & Answers Shared by CertleaderNo ratings yetN10-008 Dumps Comptia Network+Exam: 100% Valid and Newest Version N10-008 Questions & Answers Shared by Certleader22 pages
- Comptia Certforall n10-008 Vce Download 2022-Oct-28 by Omar 149qNo ratings yetComptia Certforall n10-008 Vce Download 2022-Oct-28 by Omar 149q7 pages
- CompTIA Network+ Cert (N10-007) Practice ExamNo ratings yetCompTIA Network+ Cert (N10-007) Practice Exam26 pages
- CompTIA N10-007 Exam CompTIA Network CerNo ratings yetCompTIA N10-007 Exam CompTIA Network Cer8 pages
- Comptia Exambible n10-008 PDF Download 2023-Nov-07 by Toby 183q VceNo ratings yetComptia Exambible n10-008 PDF Download 2023-Nov-07 by Toby 183q Vce13 pages
- N10-008 Exam - Actual Q&as, Page 1 ExamTopics-RECENTNo ratings yetN10-008 Exam - Actual Q&as, Page 1 ExamTopics-RECENT456 pages
- CompTIA Network+ N10-007 Certification Practice QuestionpaperNo ratings yetCompTIA Network+ N10-007 Certification Practice Questionpaper5 pages
- CompTIA Network+ Cert (N10-007) Practice Exam100% (1)CompTIA Network+ Cert (N10-007) Practice Exam26 pages
- Comptia Network+ Certification Exam: Document Version: 1 .04 .11No ratings yetComptia Network+ Certification Exam: Document Version: 1 .04 .1129 pages
- CompTIA Network+ N10-008 Certification Practice QuestionsNo ratings yetCompTIA Network+ N10-008 Certification Practice Questions5 pages
- CompTIA Certkiller N10-006 v2015-03-28 by Veronica 124q PDFNo ratings yetCompTIA Certkiller N10-006 v2015-03-28 by Veronica 124q PDF61 pages
- N10-008 Dumps Comptia Network+Exam: 100% Valid and Newest Version N10-008 Questions & Answers Shared by CertleaderNo ratings yetN10-008 Dumps Comptia Network+Exam: 100% Valid and Newest Version N10-008 Questions & Answers Shared by Certleader42 pages
- N10-009 CompTIA Network+ Updated Dumps QuestionsNo ratings yetN10-009 CompTIA Network+ Updated Dumps Questions16 pages
- CompTIA ActualTests N10-006 v2016-06-08 by Navi 289qNo ratings yetCompTIA ActualTests N10-006 v2016-06-08 by Navi 289q145 pages
- Exampdf: Higher Quality, Better Service!No ratings yetExampdf: Higher Quality, Better Service!8 pages
- CompTIA.N10-008.vMay-2024.by .Akona .302qNo ratings yetCompTIA.N10-008.vMay-2024.by .Akona .302q106 pages
- Network+ N10-007 Practice Questions - Sample Questions - Training - CompTIANo ratings yetNetwork+ N10-007 Practice Questions - Sample Questions - Training - CompTIA3 pages
- Looking For Real Exam Questions For IT Certification Exams!No ratings yetLooking For Real Exam Questions For IT Certification Exams!48 pages
- Introduction To Networks Version 700 Modules 1 3 Basic Network Connectivity and Communications ExamNo ratings yetIntroduction To Networks Version 700 Modules 1 3 Basic Network Connectivity and Communications Exam23 pages
- The Complete Guide to Getting Certified Cisco CCNA 200-301: Complete Your CCNA Exam Training and Preparation with 400 Exam Level Practice QuestionFrom EverandThe Complete Guide to Getting Certified Cisco CCNA 200-301: Complete Your CCNA Exam Training and Preparation with 400 Exam Level Practice QuestionNo ratings yet
- Breaking The Ice With Strengths and ClassificationNo ratings yetBreaking The Ice With Strengths and Classification2 pages
- Team Leaders Training Manual PDF 02172021 2No ratings yetTeam Leaders Training Manual PDF 02172021 215 pages
- Huawei NetEngine5000E Core Router Chassis and FeaturesNo ratings yetHuawei NetEngine5000E Core Router Chassis and Features8 pages
- Configuration Guide For Yealink IP Phone & ElastixNo ratings yetConfiguration Guide For Yealink IP Phone & Elastix12 pages
- MikroTik RB750 - Basic Firewall & Security100% (1)MikroTik RB750 - Basic Firewall & Security21 pages
- LTE Outdoor CPE B2338-168 Product DescriptionNo ratings yetLTE Outdoor CPE B2338-168 Product Description30 pages
- 5571 PCC Release 1 - 7 - 2 Northbound Interface Guide FinalNo ratings yet5571 PCC Release 1 - 7 - 2 Northbound Interface Guide Final45 pages
- Vacon100 Flow Ethernet (Modbus TCP) With Modbus PollNo ratings yetVacon100 Flow Ethernet (Modbus TCP) With Modbus Poll6 pages
- Hot Standby Router Protocol (HSRP) One Picture SummaryNo ratings yetHot Standby Router Protocol (HSRP) One Picture Summary2 pages
- 350-401 Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) Updated DumpsNo ratings yet350-401 Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) Updated Dumps26 pages
- DHCP Protokolas: Paskirtis Ir KonfigūravimasNo ratings yetDHCP Protokolas: Paskirtis Ir Konfigūravimas13 pages
- DHCP Sim Troubleshooting - CCNA 200-125 Labs Simulator: You Can Download This Lab and Practice With Packet TracerNo ratings yetDHCP Sim Troubleshooting - CCNA 200-125 Labs Simulator: You Can Download This Lab and Practice With Packet Tracer8 pages
- Pass4Test: IT Certification Guaranteed, The Easy Way!No ratings yetPass4Test: IT Certification Guaranteed, The Easy Way!9 pages