Practice Free N10-008 Exam Online Questions
Question #101
A network engineer is designing a wireless network that has the following requirements:
• Network speed must be higher than 100Mbps
• Must use the 2.4GHz and 5GHz bands
Which of the following 802.11 standards should the engineer select?
- A . 802. lla
- B . 802.11b
- C . 802. 11g
- D . 802.11 n
Correct Answer: D
D
Explanation:
D
Explanation:
Question #102
A new computer that was connected to the network reported an error of an identical IP address with another computer. Both computers were configured for SLAAC.
Which of the following is causing the error?
- A . Rogue DHCP server
- B . Duplicate MAC addresses
- C . Incorrect router advertisement
- D . Wrong VLAN assignment
Correct Answer: B
B
Explanation:
SLAAC (Stateless Address Autoconfiguration) is a method used by devices in an IPv6 network to configure their own IP addresses automatically using the link-local address and the network prefix that are advertised by routers. An error stating that there is an identical IP address already in use could occur if two devices on the network have duplicate MAC addresses. Since IPv6 addresses generated by SLAAC include the MAC address in the EUI-64 format, duplicate MAC addresses would result in identical IPv6 addresses. Options such as rogue DHCP server, incorrect router advertisement, and wrong VLAN assignment do not typically result in duplicate IP address conflicts under SLAAC since the address configuration is primarily derived from the MAC address.
B
Explanation:
SLAAC (Stateless Address Autoconfiguration) is a method used by devices in an IPv6 network to configure their own IP addresses automatically using the link-local address and the network prefix that are advertised by routers. An error stating that there is an identical IP address already in use could occur if two devices on the network have duplicate MAC addresses. Since IPv6 addresses generated by SLAAC include the MAC address in the EUI-64 format, duplicate MAC addresses would result in identical IPv6 addresses. Options such as rogue DHCP server, incorrect router advertisement, and wrong VLAN assignment do not typically result in duplicate IP address conflicts under SLAAC since the address configuration is primarily derived from the MAC address.
Question #103
A network technician needs to select an AP that will support at least 1.3Gbps and 5GHz only.
Which of the following wireless standards must the AP support to meet the requirements?
- A . B
- B . AC
- C . AX
- D . N
- E . G
Correct Answer: B
B
Explanation:
Wireless AC is a wireless standard that supports up to 1.3Gbps data rate and operates in the 5GHz frequency band only. Wireless AC is also backward compatible with wireless A and N devices that use the 5GHz band. Wireless AC is suitable for high-performance applications such as HD video streaming and online gaming.
Reference: Network+ Study Guide Objective 2.2: Explain the purposes and properties of routing and switching. Subobjective: Wireless standards and their characteristics.
B
Explanation:
Wireless AC is a wireless standard that supports up to 1.3Gbps data rate and operates in the 5GHz frequency band only. Wireless AC is also backward compatible with wireless A and N devices that use the 5GHz band. Wireless AC is suitable for high-performance applications such as HD video streaming and online gaming.
Reference: Network+ Study Guide Objective 2.2: Explain the purposes and properties of routing and switching. Subobjective: Wireless standards and their characteristics.
Question #104
A network technician is troubleshooting a new web server connectivity issue.
The network technician discovers the following on the support ticket
• The server’s IP address can be pinged from the client PCs,
• Access to the web resource works correctly when on the server’s console.
• No clients can access the servers data via URL.
• The server does not have a firewall configured
• No ACLs are preventing connectivity from the client’s network.
• All services on the server are operating normally, which was confirmed by the server team.
Which of the following actions will resolve the issue?
- A . Reset port security on the switchport connecting the server.
- B . Adjust the web server’s NTP settings to match the client settings.
- C . Configure A records for the web server.
- D . Install the correct MIB on the web server
Correct Answer: C
C
Explanation:
The problem is likely related to DNS resolution, as the clients are able to ping the server’s IP address but not access the web resource via URL. The other answers do not address this issue. Configuring A records for the web server will ensure that clients are able to access the web resource via its domain name.
C
Explanation:
The problem is likely related to DNS resolution, as the clients are able to ping the server’s IP address but not access the web resource via URL. The other answers do not address this issue. Configuring A records for the web server will ensure that clients are able to access the web resource via its domain name.
Question #105
An IT technician successfully connects to the corporate wireless network at a hank. While performing some tests, the technician observes that the physical address of the DHCp server has changed even though the network connection has not been lost.
Which of the following would BEST explain this change?
- A . Server upgrade
- B . Duplicate IP address
- C . Scope exhaustion
- D . Rogue server
Correct Answer: D
D
Explanation:
A rogue server is a DHCP server on a network that is not under the administrative control of the network staff1. It may provide incorrect IP addresses or other network configuration information to devices on the network, causing them to lose connectivity or be vulnerable to attacks2. The physical address of the DHCP server may change if a rogue server takes over the role of assigning IP addresses to devices on the network. This can be detected by monitoring DHCP traffic or using tools such as RogueChecker2.
D
Explanation:
A rogue server is a DHCP server on a network that is not under the administrative control of the network staff1. It may provide incorrect IP addresses or other network configuration information to devices on the network, causing them to lose connectivity or be vulnerable to attacks2. The physical address of the DHCP server may change if a rogue server takes over the role of assigning IP addresses to devices on the network. This can be detected by monitoring DHCP traffic or using tools such as RogueChecker2.
Question #106
Which of the following is the MOST appropriate use case for the deployment of a clientless VPN?
- A . Secure web access to internal corporate resources.
- B . Upgrade security via the use of an NFV technology
- C . Connect two data centers across the internet.
- D . Increase VPN availability by using a SDWAN technology.
Correct Answer: A
A
Explanation:
A clientless VPN is a type of VPN that does not require a dedicated software client to be installed on the user’s device. Instead, it uses a web browser as the VPN client and provides secure access to web-based applications or resources12.
A clientless VPN is suitable for scenarios where the user needs to access internal corporate resources that are web-based, such as intranet sites, webmail, or web portals12. This way, the user does not need to install or configure any additional software, and the VPN connection is established through the browser’s SSL/TLS encryption12.
A clientless VPN is not suitable for scenarios where the user needs to access non-web-based applications or resources, such as file shares, remote desktops, or network printers12. For these scenarios, a full VPN client is required, which can create a secure tunnel for all network traffic from the user’s device12.
Therefore, option A is the most appropriate use case for the deployment of a clientless VPN, as it provides secure web access to internal corporate resources.
The other options are not relevant to the use case of a clientless VPN, as they involve different types of VPN technologies or scenarios.
Option B is incorrect because NFV (Network Function Virtualization) is a technology that virtualizes network functions, such as firewalls, routers, or load balancers, and runs them on software platforms instead of dedicated hardware devices3. NFV can improve security by reducing the attack surface, simplifying management, and enabling rapid deployment of security updates3. However, NFV is not a type of VPN, and it does not provide secure access to internal corporate resources.
Option C is incorrect because connecting two data centers across the internet requires a site-to-site VPN, which is a type of VPN that creates a secure tunnel between two or more network locations, such as branch offices or data centers. A site-to-site VPN allows the network devices at each location to communicate with each other as if they were on the same local network. A site-to-site VPN requires a VPN gateway at each location, which can be a router, firewall, or VPN appliance. A site-to-site VPN is not a clientless VPN, and it does not involve web browsers or web-based applications. Option D is incorrect because increasing VPN availability by using a SDWAN (Software-Defined Wide Area Network) technology is not a use case for a clientless VPN, but rather a benefit of using a SDWAN technology. A SDWAN is a technology that uses software to dynamically route network traffic over multiple WAN links, such as broadband, LTE, or MPLS. A SDWAN can improve VPN availability by providing redundancy, load balancing, and failover for VPN connections. A SDWAN can also simplify VPN deployment and management by using centralized policies and automation. However, a SDWAN is not a type of VPN, and it does not provide secure access to internal corporate resources.
Reference: CompTIA Network+ N10-008 Study Guide, Chapter 7, Section 7.1, “VPN Concepts”, page 381-382.
: Professor Messer’s CompTIA N10-008 Network+ Course Notes, Section 7.1, “VPN Concepts”, page 58.
: CompTIA Network+ N10-008 Study Guide, Chapter 5, Section 5.2, “NFV”, page 264-265.
: Professor Messer’s CompTIA N10-008 Network+ Course Notes, Section 5.2, “NFV”, page 38.
: CompTIA Network+ N10-008 Study Guide, Chapter 7, Section 7.1, “VPN Concepts”, page 383-384.
: Professor Messer’s CompTIA N10-008 Network+ Course Notes, Section 7.1, “VPN Concepts”, page 59.
: CompTIA Network+ N10-008 Study Guide, Chapter 5, Section 5.3, “SDWAN”, page 266-267.
: Professor Messer’s CompTIA N10-008 Network+ Course Notes, Section 5.3, “SDWAN”, page 39.
A
Explanation:
A clientless VPN is a type of VPN that does not require a dedicated software client to be installed on the user’s device. Instead, it uses a web browser as the VPN client and provides secure access to web-based applications or resources12.
A clientless VPN is suitable for scenarios where the user needs to access internal corporate resources that are web-based, such as intranet sites, webmail, or web portals12. This way, the user does not need to install or configure any additional software, and the VPN connection is established through the browser’s SSL/TLS encryption12.
A clientless VPN is not suitable for scenarios where the user needs to access non-web-based applications or resources, such as file shares, remote desktops, or network printers12. For these scenarios, a full VPN client is required, which can create a secure tunnel for all network traffic from the user’s device12.
Therefore, option A is the most appropriate use case for the deployment of a clientless VPN, as it provides secure web access to internal corporate resources.
The other options are not relevant to the use case of a clientless VPN, as they involve different types of VPN technologies or scenarios.
Option B is incorrect because NFV (Network Function Virtualization) is a technology that virtualizes network functions, such as firewalls, routers, or load balancers, and runs them on software platforms instead of dedicated hardware devices3. NFV can improve security by reducing the attack surface, simplifying management, and enabling rapid deployment of security updates3. However, NFV is not a type of VPN, and it does not provide secure access to internal corporate resources.
Option C is incorrect because connecting two data centers across the internet requires a site-to-site VPN, which is a type of VPN that creates a secure tunnel between two or more network locations, such as branch offices or data centers. A site-to-site VPN allows the network devices at each location to communicate with each other as if they were on the same local network. A site-to-site VPN requires a VPN gateway at each location, which can be a router, firewall, or VPN appliance. A site-to-site VPN is not a clientless VPN, and it does not involve web browsers or web-based applications. Option D is incorrect because increasing VPN availability by using a SDWAN (Software-Defined Wide Area Network) technology is not a use case for a clientless VPN, but rather a benefit of using a SDWAN technology. A SDWAN is a technology that uses software to dynamically route network traffic over multiple WAN links, such as broadband, LTE, or MPLS. A SDWAN can improve VPN availability by providing redundancy, load balancing, and failover for VPN connections. A SDWAN can also simplify VPN deployment and management by using centralized policies and automation. However, a SDWAN is not a type of VPN, and it does not provide secure access to internal corporate resources.
Reference: CompTIA Network+ N10-008 Study Guide, Chapter 7, Section 7.1, “VPN Concepts”, page 381-382.
: Professor Messer’s CompTIA N10-008 Network+ Course Notes, Section 7.1, “VPN Concepts”, page 58.
: CompTIA Network+ N10-008 Study Guide, Chapter 5, Section 5.2, “NFV”, page 264-265.
: Professor Messer’s CompTIA N10-008 Network+ Course Notes, Section 5.2, “NFV”, page 38.
: CompTIA Network+ N10-008 Study Guide, Chapter 7, Section 7.1, “VPN Concepts”, page 383-384.
: Professor Messer’s CompTIA N10-008 Network+ Course Notes, Section 7.1, “VPN Concepts”, page 59.
: CompTIA Network+ N10-008 Study Guide, Chapter 5, Section 5.3, “SDWAN”, page 266-267.
: Professor Messer’s CompTIA N10-008 Network+ Course Notes, Section 5.3, “SDWAN”, page 39.
Question #107
A network administrator received a report staling a critical vulnerability was detected on an application that is exposed to the internet.
Which of the following Is the appropriate NEXT step?
- A . Check for the existence of a known exploit in order to assess the risk
- B . Immediately shut down the vulnerable application server.
- C . Install a network access control agent on the server.
- D . Deploy a new server to host the application.
Correct Answer: A
A
Explanation:
The appropriate next step in this situation would be to check for the existence of a known exploit in order to assess the risk. This is important because it will help the network administrator determine the severity of the vulnerability and the potential impact it could have on the organization. Once the network administrator has assessed the risk, they can then take appropriate action to address the vulnerability. This might include patching the application, deploying a new server to host the application, or implementing other security measures to mitigate the risk. It is generally not advisable to immediately shut down the vulnerable application server, as this could disrupt business operations and cause significant downtime. Similarly, installing a network access control agent on the server may not be the most effective solution, as it would not address the underlying vulnerability.
A
Explanation:
The appropriate next step in this situation would be to check for the existence of a known exploit in order to assess the risk. This is important because it will help the network administrator determine the severity of the vulnerability and the potential impact it could have on the organization. Once the network administrator has assessed the risk, they can then take appropriate action to address the vulnerability. This might include patching the application, deploying a new server to host the application, or implementing other security measures to mitigate the risk. It is generally not advisable to immediately shut down the vulnerable application server, as this could disrupt business operations and cause significant downtime. Similarly, installing a network access control agent on the server may not be the most effective solution, as it would not address the underlying vulnerability.
Question #108
Which of the following, in addition to a password, can be asked of a user for MFA?
- A . PIN
- B . Favorite color
- C . Hard token
- D . Mother’s maiden name
Correct Answer: A
A
Explanation:
MFA stands for Multi-Factor Authentication, which is a method of verifying the identity of a user by requiring two or more pieces of evidence that belong to different categories: something the user knows, something the user has, or something the user is. A password is something the user knows, and it is usually combined with another factor such as a PIN (Personal Identification Number) or a hard token (a physical device that generates a one-time code) that the user has. A favorite color or a mother’s maiden name are not suitable for MFA, as they are also something the user knows and can be easily guessed or compromised.
Reference
1: Multi-Factor Authentication C N10-008 CompTIA Network+: 3.1
2: CompTIA Network+ Certification Exam Objectives, page 13
3: CompTIA Network+ N10-008 Certification Study Guide, page 250
4: CompTIA Network+ N10-008 Exam Subnetting Quiz, question 14
A
Explanation:
MFA stands for Multi-Factor Authentication, which is a method of verifying the identity of a user by requiring two or more pieces of evidence that belong to different categories: something the user knows, something the user has, or something the user is. A password is something the user knows, and it is usually combined with another factor such as a PIN (Personal Identification Number) or a hard token (a physical device that generates a one-time code) that the user has. A favorite color or a mother’s maiden name are not suitable for MFA, as they are also something the user knows and can be easily guessed or compromised.
Reference
1: Multi-Factor Authentication C N10-008 CompTIA Network+: 3.1
2: CompTIA Network+ Certification Exam Objectives, page 13
3: CompTIA Network+ N10-008 Certification Study Guide, page 250
4: CompTIA Network+ N10-008 Exam Subnetting Quiz, question 14
Question #109
A PC user who is on a local network reports very slow speeds when accessing files on the network server The user’s PC Is connecting, but file downloads are very slow when compared to other users’ download speeds The PC’s NIC should be capable of Gigabit Ethernet.
Which of the following will MOST likely fix the issue?
- A . Releasing and renewing the PC’s IP address
- B . Replacing the patch cable
- C . Reseating the NIC inside the PC
- D . Flushing the DNS cache
Correct Answer: B
B
Explanation:
A slow download speed can be caused by a faulty patch cable, which is the cable used to connect the user’s PC to the network server. If the patch cable is damaged, the connection will be slower than expected, resulting in slow download speeds. Replacing the patch cable is the most likely solution to this issue, as it will provide a new, reliable connection that should allow for faster download speeds.
B
Explanation:
A slow download speed can be caused by a faulty patch cable, which is the cable used to connect the user’s PC to the network server. If the patch cable is damaged, the connection will be slower than expected, resulting in slow download speeds. Replacing the patch cable is the most likely solution to this issue, as it will provide a new, reliable connection that should allow for faster download speeds.
Question #110
A network administrator needs to set up a file server to allow user access. The organization uses DHCP to assign IP addresses.
Which of the following is the best solution for the administrator to set up?
- A . A separate scope for the file server using a 132 subnet
- B . A reservation for the server based on the MAC address
- C . A static IP address within the DHCP IP range
- D . A SLAAC for the server
Correct Answer: B
B
Explanation:
A reservation for the server based on the MAC address means that the DHCP server will assign a specific IP address to the file server every time it requests one, based on its MAC address. This way, the file server will have a consistent IP address that users can access, without the need to manually configure it or use a separate scope. A reservation also ensures that the IP address of the file server will not be given to any other device by the DHCP server
B
Explanation:
A reservation for the server based on the MAC address means that the DHCP server will assign a specific IP address to the file server every time it requests one, based on its MAC address. This way, the file server will have a consistent IP address that users can access, without the need to manually configure it or use a separate scope. A reservation also ensures that the IP address of the file server will not be given to any other device by the DHCP server