Practice Free N10-008 Exam Online Questions
Question #161
Which of the following is used to provide networking capability for VMs at Layer 2 of the OSI model?
- A . VPN
- B . VRRP
- C . vSwitch
- D . VIP
Correct Answer: C
C
Explanation:
A vSwitch (virtual switch) is a software-based switch that provides networking capability for VMs (virtual machines) at Layer 2 of the OSI model. It connects the VMs to each other or to external networks using virtual NICs (network interface cards). A VPN (virtual private network) is a technology that creates a secure tunnel over a public network for remote access or site-to-site connectivity. VRRP (Virtual Router Redundancy Protocol) is a protocol that provides high availability for routers by creating a virtual router with multiple physical routers. A VIP (virtual IP) is an IP address that can be shared by multiple servers or devices for load balancing or failover purposes.
C
Explanation:
A vSwitch (virtual switch) is a software-based switch that provides networking capability for VMs (virtual machines) at Layer 2 of the OSI model. It connects the VMs to each other or to external networks using virtual NICs (network interface cards). A VPN (virtual private network) is a technology that creates a secure tunnel over a public network for remote access or site-to-site connectivity. VRRP (Virtual Router Redundancy Protocol) is a protocol that provides high availability for routers by creating a virtual router with multiple physical routers. A VIP (virtual IP) is an IP address that can be shared by multiple servers or devices for load balancing or failover purposes.
Question #162
A corporation is looking for a method to secure all traffic between a branch office and its data center in order to provide a zero-touch experience for all staff members who work there.
Which of the following would BEST meet this requirement?
- A . Site-to-site VPN
- B . VNC
- C . Remote desktop gateway
- D . Virtual LANs
Correct Answer: A
A
Explanation:
A site-to-site VPN is a method that creates a secure and encrypted connection between two internet gateways, such as routers or firewalls, that belong to different networks1. A site-to-site VPN can secure all traffic between a branch office and its data center by creating a virtual tunnel that protects the data from interception or tampering. A site-to-site VPN can also provide a zero-touch experience for all staff members who work there, as they do not need to install any software or configure any settings on their devices to access the data center resources. They can simply use their local network as if they were physically connected to the data center network.
VNC (Virtual Network Computing) is a method that allows remote access and control of a computer’s desktop from another device over a network2. VNC can enable staff members to work remotely by accessing their office computers from their home computers or mobile devices. However, VNC does not secure all traffic between a branch office and its data center, as it only works at the application layer and does not encrypt the network layer. VNC also does not provide a zero-touch experience for staff members, as they need to install software and configure settings on both the host and the client devices.
Remote desktop gateway is a method that allows remote access and control of a computer’s desktop from another device over a network using the Remote Desktop Protocol (RDP). Remote desktop gateway can also enable staff members to work remotely by accessing their office computers from their home computers or mobile devices. However, remote desktop gateway does not secure all traffic between a branch office and its data center, as it only works at the application layer and does not encrypt the network layer. Remote desktop gateway also does not provide a zero-touch experience for staff members, as they need to install software and configure settings on both the host and the client devices.
Virtual LANs (VLANs) are methods that create logical subdivisions of a physical network based on criteria such as function, department, or security level. VLANs can improve network performance, security, and management by reducing broadcast domains, isolating traffic, and enforcing policies. However, VLANs do not secure all traffic between a branch office and its data center, as they only work at the data link layer and do not encrypt the network layer. VLANs also do not provide a zero-touch experience for staff members, as they need to configure settings on their network devices to join or leave a VLAN.
A
Explanation:
A site-to-site VPN is a method that creates a secure and encrypted connection between two internet gateways, such as routers or firewalls, that belong to different networks1. A site-to-site VPN can secure all traffic between a branch office and its data center by creating a virtual tunnel that protects the data from interception or tampering. A site-to-site VPN can also provide a zero-touch experience for all staff members who work there, as they do not need to install any software or configure any settings on their devices to access the data center resources. They can simply use their local network as if they were physically connected to the data center network.
VNC (Virtual Network Computing) is a method that allows remote access and control of a computer’s desktop from another device over a network2. VNC can enable staff members to work remotely by accessing their office computers from their home computers or mobile devices. However, VNC does not secure all traffic between a branch office and its data center, as it only works at the application layer and does not encrypt the network layer. VNC also does not provide a zero-touch experience for staff members, as they need to install software and configure settings on both the host and the client devices.
Remote desktop gateway is a method that allows remote access and control of a computer’s desktop from another device over a network using the Remote Desktop Protocol (RDP). Remote desktop gateway can also enable staff members to work remotely by accessing their office computers from their home computers or mobile devices. However, remote desktop gateway does not secure all traffic between a branch office and its data center, as it only works at the application layer and does not encrypt the network layer. Remote desktop gateway also does not provide a zero-touch experience for staff members, as they need to install software and configure settings on both the host and the client devices.
Virtual LANs (VLANs) are methods that create logical subdivisions of a physical network based on criteria such as function, department, or security level. VLANs can improve network performance, security, and management by reducing broadcast domains, isolating traffic, and enforcing policies. However, VLANs do not secure all traffic between a branch office and its data center, as they only work at the data link layer and do not encrypt the network layer. VLANs also do not provide a zero-touch experience for staff members, as they need to configure settings on their network devices to join or leave a VLAN.
Question #163
Which of the following attacks encrypts user data and requires a proper backup implementation to recover?
- A . DDoS
- B . Phishing
- C . Ransomware
- D . MAC spoofing
Correct Answer: C
C
Explanation:
Ransomware is a type of malware that encrypts user data and demands a ransom for its decryption. Ransomware can prevent users from accessing their files and applications, and cause data loss or corruption. A proper backup implementation is essential to recover from a ransomware attack, as it can help restore the encrypted data without paying the ransom or relying on the attackers’ decryption key.
Reference: https://www.comptia.org/blog/what-is-ransomware
C
Explanation:
Ransomware is a type of malware that encrypts user data and demands a ransom for its decryption. Ransomware can prevent users from accessing their files and applications, and cause data loss or corruption. A proper backup implementation is essential to recover from a ransomware attack, as it can help restore the encrypted data without paying the ransom or relying on the attackers’ decryption key.
Reference: https://www.comptia.org/blog/what-is-ransomware
Question #164
Which of the following protocols can be used to change device configurations via encrypted and
authenticated sessions? (Select TWO).
- A . SNMPv3
- B . SSh
- C . Telnet
- D . IPSec
- E . ESP
- F . Syslog
Correct Answer: A B
A B
Explanation:
The end user can access local network shares and intranet pages, which means that the IP address and the subnet mask are configured correctly and the network interface is working properly. However, the end user is unable to access the internet or remote resources, which means that there is a problem with the name resolution or the routing of the traffic.
The gateway address is responsible for routing the traffic to the destination network, which could be on the internet or another subnet. If the gateway address is incorrect, the end user would not be able to reach any network outside the local subnet.
The DNS servers are responsible for resolving the domain names to the IP addresses, which are needed to communicate with the internet or remote resources. If the DNS servers are incorrect, the end user would not be able to resolve the names of the websites or servers they want to access. Therefore, the most likely cause of the connectivity issue is that the DNS servers need to be reconfigured with the correct addresses.
Reference:
CompTIA Network+ N10-008 Study Guide, Chapter 2: Network Protocols and Services, Section 2.2:
TCP/IP Suite, p. 76-77
Network+ N10-008 Practice Test, Question 359
CompTIA Network+ (N10-008) Performance-based Questions (PBQs), Part 1, 1:36
A B
Explanation:
The end user can access local network shares and intranet pages, which means that the IP address and the subnet mask are configured correctly and the network interface is working properly. However, the end user is unable to access the internet or remote resources, which means that there is a problem with the name resolution or the routing of the traffic.
The gateway address is responsible for routing the traffic to the destination network, which could be on the internet or another subnet. If the gateway address is incorrect, the end user would not be able to reach any network outside the local subnet.
The DNS servers are responsible for resolving the domain names to the IP addresses, which are needed to communicate with the internet or remote resources. If the DNS servers are incorrect, the end user would not be able to resolve the names of the websites or servers they want to access. Therefore, the most likely cause of the connectivity issue is that the DNS servers need to be reconfigured with the correct addresses.
Reference:
CompTIA Network+ N10-008 Study Guide, Chapter 2: Network Protocols and Services, Section 2.2:
TCP/IP Suite, p. 76-77
Network+ N10-008 Practice Test, Question 359
CompTIA Network+ (N10-008) Performance-based Questions (PBQs), Part 1, 1:36
Question #165
A customer called the help desk to report a network issue. The customer recently added a hub between the switch and the router in order to duplicate the traffic flow to a logging device. After adding the hub, all the Other network components that were connected to the switch slowed more than expected.
Which Of the following is the MOST likely cause Of the issue?
- A . Duplex mismatch
- B . Flow control failure
- C . STP malfunction
- D . 802.1Q disabled
Correct Answer: A
A
Explanation:
A duplex mismatch is a situation where two devices on a network have different duplex settings, such as full-duplex or half-duplex. Full-duplex means that a device can send and receive data simultaneously, while half-duplex means that a device can only send or receive data at a time. A duplex mismatch can cause performance issues, such as collisions, errors, or slow throughput. In this scenario, the customer added a hub between the switch and the router. A hub is a device that operates at half-duplex and broadcasts all traffic to all ports. A switch and a router are devices that operate at full-duplex and forward traffic to specific ports. Therefore, adding a hub between the switch and the router can cause a duplex mismatch and slow down all the other network components that were connected to the switch.
Reference: https://www.comparitech.com/net-admin/hub-vs-switch-vs-router/ https://www.cisco.com/c/en/us/support/docs/lan-switching/ethernet/10561-3.html
A
Explanation:
A duplex mismatch is a situation where two devices on a network have different duplex settings, such as full-duplex or half-duplex. Full-duplex means that a device can send and receive data simultaneously, while half-duplex means that a device can only send or receive data at a time. A duplex mismatch can cause performance issues, such as collisions, errors, or slow throughput. In this scenario, the customer added a hub between the switch and the router. A hub is a device that operates at half-duplex and broadcasts all traffic to all ports. A switch and a router are devices that operate at full-duplex and forward traffic to specific ports. Therefore, adding a hub between the switch and the router can cause a duplex mismatch and slow down all the other network components that were connected to the switch.
Reference: https://www.comparitech.com/net-admin/hub-vs-switch-vs-router/ https://www.cisco.com/c/en/us/support/docs/lan-switching/ethernet/10561-3.html
Question #166
Which of the following would be BEST to install to find and block any malicious users within a network?
- A . IDS
- B . IPS
- C . SCADA
- D . ICS
Correct Answer: B
B
Explanation:
IPS takes action itself to block the attempted intrusion or otherwise remediate the incident. IDS is designed to only provide an alert about a potential incident, which enables a security operations center (SOC) analyst to investigate the event and determine whether it requires further action.
B
Explanation:
IPS takes action itself to block the attempted intrusion or otherwise remediate the incident. IDS is designed to only provide an alert about a potential incident, which enables a security operations center (SOC) analyst to investigate the event and determine whether it requires further action.
Question #167
A customer is having issues accessing local resources on the network. A technician questions the user and discovers that a small switch had been taken out of storage and installed so that additional devices could be connected in the room. The technician runs the ping command from the PC to the network server and does not find any issues. However, data transfers to the server are slow, and the transfer appears to be locked up at times.
Which of the following is the most likely cause of the issue?
- A . Duplexing mismatch
- B . Reversed TX/RX pinouts
- C . Cable crosstalk
- D . Failed transceiver
Correct Answer: A
A
Explanation:
A duplex mismatch is the most probable cause of the issues described, where the network connection experiences slow data transfers and intermittent lockups. This occurs when one device in a network connection operates in full-duplex mode and the other in half-duplex, leading to collisions and performance issues. In the scenario provided, the small switch taken from storage may not have been configured to match the duplex settings of the existing network, resulting in these data transfer issues. Other options like reversed TX/RX pinouts, cable crosstalk, or a failed transceiver would typically result in complete connection failures or consistent degradation, not intermittent issues as described.
A
Explanation:
A duplex mismatch is the most probable cause of the issues described, where the network connection experiences slow data transfers and intermittent lockups. This occurs when one device in a network connection operates in full-duplex mode and the other in half-duplex, leading to collisions and performance issues. In the scenario provided, the small switch taken from storage may not have been configured to match the duplex settings of the existing network, resulting in these data transfer issues. Other options like reversed TX/RX pinouts, cable crosstalk, or a failed transceiver would typically result in complete connection failures or consistent degradation, not intermittent issues as described.
Question #168
A Wi-Fi network was recently deployed in a new, multilevel budding. Several issues are now being reported related to latency and drops in coverage.
Which of the following is the FIRST step to troubleshoot the issues?
- A . Perform a site survey.
- B . Review the AP placement
- C . Monitor channel utilization.
- D . Test cable attenuation.
Correct Answer: A
A
Explanation:
A site survey is a process of testing and documenting the wireless coverage, performance, and interference in a specific area12.
A site survey can help identify the optimal locations, orientations, and configurations for the wireless access points (APs), antennas, and other devices12.
A site survey can also help troubleshoot issues related to latency and drops in coverage, by measuring the signal strength, noise level, channel utilization, and other factors that affect the wireless network quality12.
A site survey is usually performed before deploying a wireless network, but it can also be done after the deployment to verify the network performance or to diagnose any problems12.
A site survey is the FIRST step to troubleshoot the issues in this scenario, because it can provide a comprehensive overview of the wireless network status and reveal any potential causes of the issues12.
The other options are not the first step to troubleshoot the issues, because they are either more specific or less effective than a site survey:
B. Reviewing the AP placement is a part of a site survey, but it is not enough to troubleshoot the issues, because it does not account for other factors, such as interference, channel utilization, or signal attenuation12.
C. Monitoring channel utilization is a way to check the amount of traffic and congestion on a wireless channel, which can affect the latency and throughput of the wireless network3. However, it is not the first step to troubleshoot the issues, because it does not provide information about the signal strength, noise level, or AP placement12.
D. Testing cable attenuation is a way to measure the loss of signal power as it travels through a cable, which can affect the wireless network performance4. However, it is not the first step to troubleshoot the issues, because it only applies to the wired part of the network, and it does not account for other factors, such as interference, channel utilization, or AP placement12.
Reference:
1: Wireless Troubleshooting C N10-008 CompTIA Network+: 5.4
2: CompTIA Network+ N10-008 Full Course for Beginners – Wireless Troubleshooting
3: Channel Utilization – N10-008 CompTIA Network+: 3.3
4: Cable Testing – N10-008 CompTIA Network+: 1.3
A
Explanation:
A site survey is a process of testing and documenting the wireless coverage, performance, and interference in a specific area12.
A site survey can help identify the optimal locations, orientations, and configurations for the wireless access points (APs), antennas, and other devices12.
A site survey can also help troubleshoot issues related to latency and drops in coverage, by measuring the signal strength, noise level, channel utilization, and other factors that affect the wireless network quality12.
A site survey is usually performed before deploying a wireless network, but it can also be done after the deployment to verify the network performance or to diagnose any problems12.
A site survey is the FIRST step to troubleshoot the issues in this scenario, because it can provide a comprehensive overview of the wireless network status and reveal any potential causes of the issues12.
The other options are not the first step to troubleshoot the issues, because they are either more specific or less effective than a site survey:
B. Reviewing the AP placement is a part of a site survey, but it is not enough to troubleshoot the issues, because it does not account for other factors, such as interference, channel utilization, or signal attenuation12.
C. Monitoring channel utilization is a way to check the amount of traffic and congestion on a wireless channel, which can affect the latency and throughput of the wireless network3. However, it is not the first step to troubleshoot the issues, because it does not provide information about the signal strength, noise level, or AP placement12.
D. Testing cable attenuation is a way to measure the loss of signal power as it travels through a cable, which can affect the wireless network performance4. However, it is not the first step to troubleshoot the issues, because it only applies to the wired part of the network, and it does not account for other factors, such as interference, channel utilization, or AP placement12.
Reference:
1: Wireless Troubleshooting C N10-008 CompTIA Network+: 5.4
2: CompTIA Network+ N10-008 Full Course for Beginners – Wireless Troubleshooting
3: Channel Utilization – N10-008 CompTIA Network+: 3.3
4: Cable Testing – N10-008 CompTIA Network+: 1.3
Question #169
An application team is deploying a new application. The application team would like the network team to monitor network performance and create alerts if fluctuations in the round-trip time occur for that traffic.
Which of the following should the network team monitor to meet this requirement?
- A . Bandwidth
- B . Latency
- C . Loss
- D . Cyclic redundancy check
Correct Answer: B
B
Explanation:
Latency, also known as round-trip time (RTT), is the time it takes for a data packet to travel from a source to its destination and back again. It is a key indicator of network performance and can be used to identify fluctuations that may impact the user experience of an application.
Bandwidth, loss, and cyclic redundancy check (CRC) are other important network performance metrics, but they are not directly related to the application team’s requirement to monitor for fluctuations in RTT.
Reference: CompTIA Network+ N10-008 Exam Objectives, Objective 1.6: Network Performance Monitoring
CompTIA Network+ N10-008 Study Guide, Chapter 10: Network Performance Monitoring and Troubleshooting
Additional Notes:
The network team can use a variety of tools and techniques to monitor RTT, such as ping, traceroute, and network monitoring software.
When setting up alerts, the network team should consider the acceptable range of RTT for the application. They should also configure alerts to trigger at different levels of severity, so that they can take prompt action to resolve any issues.
B
Explanation:
Latency, also known as round-trip time (RTT), is the time it takes for a data packet to travel from a source to its destination and back again. It is a key indicator of network performance and can be used to identify fluctuations that may impact the user experience of an application.
Bandwidth, loss, and cyclic redundancy check (CRC) are other important network performance metrics, but they are not directly related to the application team’s requirement to monitor for fluctuations in RTT.
Reference: CompTIA Network+ N10-008 Exam Objectives, Objective 1.6: Network Performance Monitoring
CompTIA Network+ N10-008 Study Guide, Chapter 10: Network Performance Monitoring and Troubleshooting
Additional Notes:
The network team can use a variety of tools and techniques to monitor RTT, such as ping, traceroute, and network monitoring software.
When setting up alerts, the network team should consider the acceptable range of RTT for the application. They should also configure alerts to trigger at different levels of severity, so that they can take prompt action to resolve any issues.
Question #170
An engineer recently decided to upgrade the firmware on a router. During the upgrade, the help desk received calls about a network outage, and a critical ticket was opened. The network manager would like to create a policy to prevent this from happening in the future.
Which of the following documents should the manager create?
- A . Change management
- B . incident response
- C . Standard operating procedure
- D . System life cycle
Correct Answer: A
A
Explanation:
Change management is an IT practice that aims to minimize disruptions to IT services while making changes to critical systems and services12.
A change is defined as adding, modifying, or removing anything that could have a direct or indirect effect on services1.
Change management involves planning, testing, communicating, and implementing changes in a controlled and coordinated manner2.
Change management can help prevent network outages and other incidents by ensuring that changes are properly assessed, approved, and documented before they are executed2. Incident response, on the other hand, is the process of detecting and responding to security incidents, such as cyberattacks or data breaches3.
Incident response focuses on the technical aspects of analyzing and containing an incident, while incident management deals with the broader impact of an incident on the business, such as communications, media handling, escalations, and reporting3.
Standard operating procedure (SOP) is a set of instructions that describes how to perform a routine or repetitive task.
SOPs are useful for ensuring consistency, quality, and compliance in various operations, but they are not specific to change management.
System life cycle is a model that describes the phases of development, operation, and maintenance of a system, such as a software application or a hardware device.
System life cycle can help guide the design, testing, deployment, and improvement of a system, but it does not address the issues of change management, such as minimizing disruptions and risks. Therefore, the best document for the network manager to create to prevent future network outages caused by firmware upgrades is a change management policy.
Reference: Change management types | Atlassian
Incident Management vs. Incident Response ― What’s the Difference? – DZone 10 Top change management best practices | Atlassian
[What is a Standard Operating Procedure (SOP) and How to Write It]
A
Explanation:
Change management is an IT practice that aims to minimize disruptions to IT services while making changes to critical systems and services12.
A change is defined as adding, modifying, or removing anything that could have a direct or indirect effect on services1.
Change management involves planning, testing, communicating, and implementing changes in a controlled and coordinated manner2.
Change management can help prevent network outages and other incidents by ensuring that changes are properly assessed, approved, and documented before they are executed2. Incident response, on the other hand, is the process of detecting and responding to security incidents, such as cyberattacks or data breaches3.
Incident response focuses on the technical aspects of analyzing and containing an incident, while incident management deals with the broader impact of an incident on the business, such as communications, media handling, escalations, and reporting3.
Standard operating procedure (SOP) is a set of instructions that describes how to perform a routine or repetitive task.
SOPs are useful for ensuring consistency, quality, and compliance in various operations, but they are not specific to change management.
System life cycle is a model that describes the phases of development, operation, and maintenance of a system, such as a software application or a hardware device.
System life cycle can help guide the design, testing, deployment, and improvement of a system, but it does not address the issues of change management, such as minimizing disruptions and risks. Therefore, the best document for the network manager to create to prevent future network outages caused by firmware upgrades is a change management policy.
Reference: Change management types | Atlassian
Incident Management vs. Incident Response ― What’s the Difference? – DZone 10 Top change management best practices | Atlassian
[What is a Standard Operating Procedure (SOP) and How to Write It]