CompTIA N+

A systems administrator needs to improve WiFi performance in a densely populated office tower and use the latest standard. There is a mix of devices that use 2.4 GHz and 5 GHz. Which of the following should the systems administrator select to meet this requirement?

A. 802.11ac

B. 802.11ax

C. 802.11g

D. 802.11n

A systems administrator needs to improve WiFi performance in a densely populated office tower and use the latest standard. There is a mix of devices that use 2.4 GHz and 5 GHz. Which of the following should the systems administrator select to meet this requirement?

A. 802.11ac

B. 802.11ax

C. 802.11g

D. 802.11n

Correct Answer: B

Section: Explanation: 802.11ax is the latest WiFi standard that improves WiFi performance in densely populated environments and supports both 2.4 GHz and 5 GHz bands. 802.11ac is the previous standard that only supports 5 GHz band. 802.11g and 802.11n are older standards that support 2.4 GHz band only or both bands respectively. Reference: , https://www.techtarget.com/searchnetworking/tip/Whats-the-difference-between-80211ax-vs- 80211ac

Which of the following would be BEST to use to detect a MAC spoofing attack?

A. Internet Control Message Protocol

B. Reverse Address Resolution Protocol

C. Dynamic Host Configuration Protocol

D. Internet Message Access Protocol

Correct Answer: B

Section: Explanation: Reverse Address Resolution Protocol (RARP) is a protocol that allows a device to obtain its MAC address from its IP address. A MAC spoofing attack is an attack where a device pretends to have a different MAC address than its actual one. RARP can be used to detect a MAC spoofing attack by comparing the MAC address obtained from RARP with the MAC address obtained from other sources, such as ARP or DHCP. Reference: , https://www.techopedia.com/definition/25597/reverse-address-resolution-protocol-rarp

A technician receives feedback that some users are experiencing high amounts of jitter while using the wireless network. While troubleshooting the network, the technician uses the ping command with the IP address of the default gateway and verifies large variations in latency. The technician thinks the issue may be interference from other networks and non-802.11 devices. Which of the following tools should the technician use to troubleshoot the issue?

A. NetFlow analyzer

B. Bandwidth analyzer

C. Protocol analyzer

D. Spectrum analyzer

Correct Answer: D

Section: Explanation: A spectrum analyzer is a tool that measures the frequency and amplitude of signals in a wireless network. It can be used to troubleshoot issues related to interference from other networks and non- 802.11 devices, such as microwave ovens or cordless phones, by identifying the sources and levels of interference in the wireless spectrum. A spectrum analyzer can also help to optimize the channel selection and placement of wireless access points. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0), https://www.flukenetworks.com/blog/cabling-chronicles/what-spectrum-analyzer- and-how-do-you-use-it

Wireless users are reporting intermittent internet connectivity. Connectivity is restored when the users disconnect and reconnect, utilizing the web authentication process each time. The network administrator can see the devices connected to the APs at all times. Which of the following steps will MOST likely determine the cause of the issue?

A. Verify the session time-out configuration on the captive portal settings

B. Check for encryption protocol mismatch on the client’s wireless settings

C. Confirm that a valid passphrase is being used during the web authentication

D. Investigate for a client’s disassociation caused by an evil twin AP

Correct Answer: A

Section: Explanation: A captive portal is a web page that requires users to authenticate before they can access the internet. If the session time-out configuration is too short, users may experience intermittent internet connectivity and have to reconnect using the web authentication process each time. The network administrator can verify the session time-out configuration on the captive portal settings and adjust it if needed. Reference: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number: N10-006), Domain 1.0 Network Architecture, Objective 1.8 Explain the purposes and use cases for advanced networking devices.

A network administrator walks into a datacenter and notices an unknown person is following closely. The administrator stops and directs the person to the security desk. Which of the following attacks did the network administrator prevent?

A. Evil twin

B. Tailgating

C. Piggybacking

D. Shoulder surfing

Correct Answer: B

Section: Explanation: Tailgating is a physical security attack where an unauthorized person follows an authorized person into a restricted area without proper identification or authorization. The network administrator prevented this attack by stopping and directing the person to the security desk. Reference: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number: N10-006), Domain 3.0 Network Security, Objective 3.1 Compare and contrast risk-related concepts.

A network is experiencing a number of CRC errors during normal network communication. At which of the following layers of the OSI model will the administrator MOST likely start to troubleshoot?

A. Layer 1

B. Layer 2

C. Layer 3

D. Layer 4

E. Layer 5

F. Layer 6

G. Layer 7

Correct Answer: A

Section: Explanation: CRC errors are cyclic redundancy check errors that occur when data is corrupted during transmission. CRC errors are usually caused by physical layer issues such as faulty cables, connectors, ports, or interference. The network administrator will most likely start to troubleshoot at layer 1 of the OSI model, which is the physical layer that deals with the transmission of bits over a medium. Reference: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number: N10-006), Domain 4.0 Network Troubleshooting and Tools, Objective 4.1 Given a scenario, implement network troubleshooting methodology

A client recently added 100 users who are using VMs. All users have since reported slow or unresponsive desktops. Reports show minimal network congestion, zero packet loss, and acceptable packet delay. Which of the following metrics will MOST accurately show the underlying performance issues? (Choose two.)

A. CPU usage

B. Memory

C. Temperature

D. Bandwidth

E. Latency

F. Jitter

Correct Answer: A, B

Section: Explanation

Client devices cannot enter a network, and the network administrator determines the DHCP scope is exhausted. The administrator wants to avoid creating a new DHCP pool. Which of the following can the administrator perform to resolve the issue?

A. Install load balancers

B. Install more switches

C. Decrease the number of VLANs

D. Reduce the lease time

Correct Answer: D

Section: Explanation: To resolve the issue of DHCP scope exhaustion without creating a new DHCP pool, the administrator can reduce the lease time. By decreasing the lease time, the IP addresses assigned by DHCP will be released back to the DHCP scope more quickly, allowing them to be assigned to new devices. Reference: CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 2: The OSI Model and Networking Protocols, Objective 2.3: Given a scenario, implement and configure the appropriate addressing schema. https://www.networkcomputing.com/data-centers/10-tips-optimizing-dhcp-performanc

An administrator is writing a script to periodically log the IPv6 and MAC addresses of all the devices on a network segment. Which of the following switch features will MOST likely be used to assist with this task?

A. Spanning Tree Protocol

B. Neighbor Discovery Protocol

C. Link Aggregation Control Protocol

D. Address Resolution Protocol

Correct Answer: B

Section: Explanation: Short The switch feature that is most likely to be used to assist with logging IPv6 and MAC addresses of devices on a network segment is Neighbor Discovery Protocol (NDP). NDP is used by IPv6 to discover and maintain information about other nodes on the network, including their IPv6 and MAC addresses. By periodically querying NDP, the administrator can log this information for auditing purposes. Reference: CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 2: The OSI Model and Networking Protocols, Objective 2.1: Compare and contrast TCP and UDP ports, protocols, and their purposes.

Which of the following DNS records works as an alias to another record?

A. AAAA

B. CNAME

C. MX

D. SOA

Correct Answer: B

Section: Explanation: The DNS record that works as an alias to another record is called CNAME (Canonical Name). CNAME records are used to create an alias for a domain name that points to another domain name. Reference: CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 2: The OSI Model and Networking Protocols, Objective 2.3: Given a scenario, implement and configure the appropriate addressing schema.

A company built a new building at its headquarters location. The new building is connected to the company’s LAN via fiber-optic cable. Multiple users in the new building are unable to access the company’s intranet site via their web browser, but they are able to access internet sites. Which of the following describes how the network administrator can resolve this issue?

A. Correct the DNS server entries in the DHCP scope

B. Correct the external firewall gateway address

C. Correct the NTP server settings on the clients

D. Correct a TFTP Issue on the company’s server

Correct Answer: A

Section: Explanation: If multiple users in a new building are unable to access the company’s intranet site via their web browser but are able to access internet sites, the network administrator can resolve this issue by correcting the DNS server entries in the DHCP scope. The DHCP scope is responsible for assigning IP addresses and DNS server addresses to clients. If the DNS server entries are incorrect, clients will not be able to access intranet sites. Reference: CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 4: Network Implementations, Objective 4.4: Explain the purpose and properties of DHCP.

A technician is installing a new fiber connection to a network device in a datacenter. The connection from the device to the switch also traverses a patch panel connection. The chain of connections is in the following order:

Device LC/LC patch cable Patch panel Cross-connect fiber cable Patch panel LC/LC patch cable Switch The connection is not working. The technician has changed both patch cables with known working patch cables.

The device had been tested and was working properly before being installed. Which of the following is the MOST likely cause of the issue?

A. TX/RX is reversed

B. An incorrect cable was used

C. The device failed during installation

D. Attenuation is occurring

Correct Answer: A

Section: Explanation: The most likely cause of the issue where the fiber connection from a device to a switch is not working is that the TX/RX (transmit/receive) is reversed. When connecting fiber optic cables, it is important to ensure that the TX of one device is connected to the RX of the other device and vice versa. If the TX/RX is reversed, data cannot be transmitted successfully. Reference: CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 5: Network Operations, Objective 5.1: Given a scenario, use appropriate documentation and diagrams to manage the network

A technician is searching for a device that is connected to the network and has the device’s physical network address. Which of the following should the technician review on the switch to locate the device’s network port?

A. IP route table

B. VLAN tag

C. MAC table

D. QoS tag

Correct Answer: C

Section: Explanation: To locate a device's network port on a switch, a technician should review the switch's MAC address table. The MAC address table maintains a list of MAC addresses of devices connected to each port on the switch. By checking the MAC address of the device in question, the technician can identify the port to which the device is connected. Reference: CompTIA Network+ Certification Study Guide, Sixth Edition by Glen E. Clarke

Which of the following provides redundancy on a file server to ensure the server is still connected to a LAN even in the event of a port failure on a switch?

A. NIC teaming

B. Load balancer

C. RAID array

D. PDUs

Correct Answer: A

Section: Explanation: NIC teaming, also known as network interface card teaming or link aggregation, allows multiple network interface cards to be grouped together to provide redundancy and increased throughput. In the event of a port failure on a switch, NIC teaming ensures that the file server remains connected to the LAN by automatically switching to another network interface card. Reference: CompTIA Network+ Certification Study Guide, Sixth Edition by Glen E. Clarke

An IT organization needs to optimize speeds for global content distribution and wants to reduce latency in high-density user locations. Which of the following technologies BEST meets the organization’s requirements?

A. Load balancing

B. Geofencing

C. Public cloud

D. Content delivery network

E. Infrastructure as a service

Correct Answer: D

Section: Explanation: A content delivery network (CDN) is a distributed network of servers that delivers web content to users based on their geographic location. By replicating content across multiple servers in various locations, a CDN can optimize speed and reduce latency in high-density user locations

A user reports being unable to access network resources after making some changes in the office. Which of the following should a network technician do FIRST?

A. Check the system’s IP address

B. Do a ping test against the servers

C. Reseat the cables into the back of the PC

D. Ask what changes were made

Correct Answer: D

Section: Explanation: When a user reports being unable to access network resources after making some changes, the network technician should first ask the user what changes were made. This information can help the technician identify the cause of the issue and determine the appropriate course of action. Reference: CompTIA Network+ Certification Study Guide, Sixth Edition by Glen E. Clarke

A new cabling certification is being requested every time a network technician rebuilds one end of a Cat 6 (vendor-certified) cable to create a crossover connection that is used to connect switches. Which of the following would address this issue by allowing the use of the original cable?

A. CSMA/CD

B. LACP

C. PoE+

D. MDIX

Correct Answer: D

Section: Explanation: MDIX (medium-dependent interface crossover) is a feature that allows network devices to automatically detect and configure the appropriate cabling type, eliminating the need for crossover cables. By enabling MDIX on the switches, a technician can use the original Cat 6 cable to create a crossover connection. Reference: CompTIA Network+ Certification Study Guide, Sixth Edition by Glen E. Clarke

A company hired a technician to find all the devices connected within a network. Which of the following software tools would BEST assist the technician in completing this task?

A. IP scanner

B. Terminal emulator

C. NetFlow analyzer

D. Port scanner

Correct Answer: A

Section: Explanation: To find all devices connected within a network, a technician can use an IP scanner. An IP scanner sends a ping request to all IP addresses within a specified range and then identifies the active devices that respond to the request.

A technician is installing a high-density wireless network and wants to use an available frequency that supports the maximum number of channels to reduce interference. Which of the following standard 802.11 frequency ranges should the technician look for while reviewing WAP specifications?

A. 2.4GHz

B. 5GHz

C. 6GHz

D. 900MHz

Correct Answer: B

Section: Explanation: 802.11a/b/g/n/ac wireless networks operate in two frequency ranges: 2.4 GHz and 5 GHz. The 5 GHz frequency range supports more channels than the 2.4 GHz frequency range, making it a better choice for highdensity wireless networks. Reference: CompTIA Network+ Certification Study Guide, Sixth Edition by Glen E. Clarke

A technician is configuring a network switch to be used in a publicly accessible location. Which of the following should the technician configure on the switch to prevent unintended connections?

A. DHCP snooping

B. Geofencing

C. Port security

D. Secure SNMP

Correct Answer: C

Section: Explanation: Port security is a feature that restricts input to a switch port by limiting and identifying MAC addresses of the devices allowed to access the port. This prevents unintended connections from unauthorized devices or spoofed MAC addresses. Port security can also be configured to take actions such as shutting down the port or sending an alert when a violation occurs. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0),

Which of the following is used to track and document various types of known vulnerabilities?

A. CVE

B. Penetration testing

C. Zero-day

D. SIEM E. Least privilege

Correct Answer: A

Section: Explanation: CVE stands for Common Vulnerabilities and Exposures, which is a list of publicly disclosed cybersecurity vulnerabilities that is free to search, use, and incorporate into products and services. CVE provides a standardized identifier and description for each vulnerability, as well as references to related sources of information. CVE helps to track and document various types of known vulnerabilities and facilitates communication and coordination among security professionals. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008- exam-objectives-(2-0), https://cve.mitre.org/cve/

The network administrator is informed that a user’s email password is frequently hacked by brute- force programs. Which of the following policies should the network administrator implements to BEST mitigate this issue? (Choose two.)

A. Captive portal

B. Two-factor authentication

C. Complex passwords

D. Geofencing

E. Role-based access

F. Explicit deny

Correct Answer: B, C

Section: Explanation: Two-factor authentication (2FA) is a method of verifying a user’s identity by requiring two pieces of evidence, such as something the user knows (e.g., a password) and something the user has (e.g., a token or a smartphone). 2FA adds an extra layer of security that makes it harder for hackers to access a user’s account by brute-force programs. Complex passwords are passwords that are long, random, and use a combination of uppercase and lowercase letters, numbers, and symbols. Complex passwords are more resistant to brute-force attacks than simple or common passwords. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0), https://www.csoonline.com/article/3225913/what-is-two-factor-authentication- 2fa-how-to-enable-it-and-whyyou-should.html,

A network engineer performs the following tasks to increase server bandwidth: Connects two network cables from the server to a switch stack Configure LACP on the switchports Verifies the correct configurations on the switch interfaces Which of the following needs to be configured on the server?

A. Load balancing

B. Multipathing

C. NIC teaming

D. Clustering

Correct Answer: C

Section: Explanation: NIC teaming is a technique that combines two or more network interface cards (NICs) on a server into a single logical interface that can increase bandwidth, provide redundancy, and balance traffic. NIC teaming can be configured with different modes and algorithms depending on the desired outcome. Link Aggregation Control Protocol (LACP) is a protocol that enables NIC teaming by dynamically bundling multiple links between two devices into one logical link. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0),

A network technician is manually configuring the network settings for a new device and is told the network block is 192.168.0.0/20. Which of the following subnets should the technician use?

A. 255.255.128.0

B. 255.255.192.0

C. 255.255.240.0

D. 255.255.248.0

Correct Answer: C

Section: Explanation: A subnet mask is a binary number that indicates which bits of an IP address belong to the network portion and which bits belong to the host portion. A slash notation (/n) indicates how many bits are used for the network portion. A /20 notation means that 20 bits are used for the network portion and 12 bits are used for the host portion. To convert /20 to a dotted decimal notation, we need to write 20 ones followed by 12 zeros in binary and then divide them into four octets separated by dots. This gives us 11111111.11111111.11110000.00000000 or 255.255.240.0 in decimal. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0), https://www.techopedia.com/definition/950/subnet-mask

Which of the following is the LARGEST MTU for a standard Ethernet frame?

A. 1452

B. 1492

C. 1500

D. 2304

Correct Answer: C

Section: Explanation: The maximum transmission unit (MTU) is the largest size of a data packet that can be transmitted over a network. A standard Ethernet frame supports an MTU of 1500 bytes, which is the default value for most Ethernet networks. Larger MTUs are possible with jumbo frames, but they are not widely supported and may cause fragmentation or compatibility issues. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0), https://en.wikipedia.org/wiki/Maximum_transmission_unit

Given the following information:

[image]

Which of the following command-line tools would generate this output?

A. netstat

B. arp

C. dig

D. tracert

Correct Answer: D

Section: Explanation: Tracert is a command-line tool that traces the route of a packet from a source to a destination and displays the number of hops and the round-trip time for each hop. The output shown in the question is an example of a tracert output, which shows five hops with their IP addresses and hostnames (if available) and three latency measurements for each hop in milliseconds. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0), https://www.lumen.com/help/en-us/network/traceroute/understanding-the- traceroute-output.html

According to troubleshooting methodology, which of the following should the technician do NEXT after determining the most likely probable cause of an issue?

A. Establish a plan of action to resolve the issue and identify potential effects

B. Verify full system functionality and, if applicable, implement preventive measures

C. Implement the solution or escalate as necessary

D. Test the theory to determine the cause

Correct Answer: A

Section: Explanation: According to troubleshooting methodology, after determining the most likely probable cause of an issue, the next step is to establish a plan of action to resolve the issue and identify potential effects. This step involves defining the steps needed to implement a solution, considering the possible consequences of each step, and obtaining approval from relevant stakeholders if necessary. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008- exam-objectives-(2-0), https://www.comptia.org/blog/the-comptia-guide-to-it-troubleshooting

Which of the following BEST describes a network appliance that warns of unapproved devices that are accessing the network?

A. Firewall

B. AP

C. Proxy server

D. IDS

Correct Answer: D

Section: Explanation: IDS stands for intrusion detection system, which is a network appliance that monitors network traffic and alerts administrators of any suspicious or malicious activity. An IDS can warn of unapproved devices that are accessing the network by detecting anomalies, signatures, or behaviors that indicate unauthorized access attempts or attacks. Reference: , https://www.cisco.com/c/en/us/products/security/what-is-an-intrusion-detection-system-ids.html

A technician is installing a cable modem in a SOHO. Which of the following cable types will the technician MOST likely use to connect a modem to the ISP?

A. Coaxial

B. Single-mode fiber

C. Cat 6e

D. Multimode fiber

Correct Answer: A

Section: Explanation: Coaxial cable is a type of cable that consists of a central copper conductor surrounded by an insulating layer and a braided metal shield. Coaxial cable is commonly used to connect a cable modem to an ISP by transmitting data over cable television networks. Coaxial cable can support high bandwidth and long distances with minimal interference or attenuation. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0), https://www.techopedia.com/definition/4027/coaxial-cable

A network technician is reviewing the interface counters on a router interface. The technician is attempting to confirm a cable issue. Given the following information:

[image]

Which of the following metrics confirms there is a cabling issue?

A. Last cleared

B. Number of packets output

C. CRCs

D. Giants

E. Multicasts

Correct Answer: C

Section: Explanation: CRC stands for Cyclic Redundancy Check, and it is a type of error-detecting code used to detect accidental changes to raw data. If the CRC count is increasing on a particular interface, it indicates that there might be an issue with the cabling, which is causing data corruption. Reference: Network+ N10-008 Objectives: 2.1 Given a scenario, troubleshoot common physical connectivity issues.

Which of the following is the physical topology for an Ethernet LAN?

A. Bus

B. Ring

C. Mesh

D. Star

Correct Answer: D

Section: Explanation: In a star topology, all devices on a network connect to a central hub or switch, which acts as a common connection point. Ethernet LANs typically use a star topology, with each device connected to a central switch. Reference: Network+ N10-008 Objectives: 2.2 Explain common logical network topologies and their characteristics.

An IT director is setting up new disaster and HA policies for a company. Limited downtime is critical to operations. To meet corporate requirements, the director set up two different datacenters across the country that will stay current on data and applications. In the event of an outage, the company can immediately switch from one datacenter to another. Which of the following does this BEST describe?

A. A warm site

B. Data mirroring

C. Multipathing

D. Load balancing

E. A hot site

Correct Answer: E

Section: Explanation: A hot site is a fully redundant site that can take over operations immediately if the primary site goes down. In this scenario, the company has set up two different datacenters across the country that are current on data and applications, and they can immediately switch from one datacenter to another in case of an outage. Reference: Network+ N10-008 Objectives: 1.5 Compare and contrast disaster recovery concepts and methodologies.

The management team needs to ensure unnecessary modifications to the corporate network are not permitted and version control is maintained. Which of the following documents would BEST support this?

A. An incident response plan

B. A business continuity plan

C. A change management policy

D. An acceptable use policy

Correct Answer: C

Section: Explanation: A change management policy is a document that outlines the procedures and guidelines for making changes to a network or system, including how changes are approved, tested, and implemented. By following a change management policy, organizations can ensure that unnecessary modifications to the network are not permitted and version control is maintained. Reference: Network+ N10-008 Objectives: 1.6 Given a scenario, implement network configuration and change management best practices.

Which of the following is MOST likely to generate significant East-West traffic in a datacenter?

A. A backup of a large video presentation to cloud storage for archival purposes

B. A duplication of a hosted virtual server to another physical server for redundancy

C. A download of navigation data to a portable device for offline access

D. A query from an IoT device to a cloud-hosted server for a firmware update

Correct Answer: B

Section: Explanation: East-West traffic refers to data flows between servers or devices within the same datacenter. When a hosted virtual server is duplicated to another physical server for redundancy, it generates significant East-West traffic as the data is replicated between the two servers. Reference: Network+ N10-008 Objectives: 3.3 Given a scenario, implement secure network architecture concepts.

A technician is troubleshooting a network switch that seems to stop responding to requests intermittently whenever the logging level is set for debugging. Which of the following metrics should the technician check to begin troubleshooting the issue?

A. Audit logs

B. CPU utilization

C. CRC errors

D. Jitter

Correct Answer: B

Section: Explanation: CPU utilization is a metric that measures the percentage of time a CPU spends executing instructions. When the logging level is set for debugging, the router may generate a large amount of logging data, which can increase CPU utilization and cause the router to stop responding to requests intermittently. Reference: Network+ N10-008 Objectives: 2.1 Given a scenario, troubleshoot common physical connectivity issues

A technician wants to deploy a new wireless network that comprises 30 WAPs installed throughout a three-story office building. All the APs will broadcast the same SSID for client access. Which of the following BEST describes this deployment?

A. Extended service set

B. Basic service set

C. Unified service set

D. Independent basic service set

Correct Answer: A

Section: Explanation: An extended service set (ESS) is a wireless network that consists of multiple access points (APs) that share the same SSID and are connected by a wired network. An ESS allows wireless clients to roam seamlessly between different APs without losing connectivity. A basic service set (BSS) is a wireless network that consists of a single AP and its associated clients. An independent basic service set (IBSS) is a wireless network that consists of a group of clients that communicate directly without an AP. A unified service set is not a standard term for a wireless network. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0), https://en.wikipedia.org/wiki/Service_set_(802.11_network)

A user tries to ping 192.168.1.100 from the command prompt on the 192.168.2.101 network but gets the following response: U.U.U.U. Which of the following needs to be configured for these networks to reach each other?

A. Network address translation

B. Default gateway

C. Loopback

D. Routing protocol

Correct Answer: B

Section: Explanation: A default gateway is a device that routes traffic from one network to another network, such as the Internet. A default gateway is usually configured on each host device to specify the IP address of the router that connects the host’s network to other networks. In this case, the user’s device and the destination device are on different networks (192.168.1.0/24 and 192.168.2.0/24), so the user needs to configure a default gateway on their device to reach the destination device. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0), https://www.techopedia.com/definition/25761/default-gateway

A branch of a company recently switched to a new ISP. The network engineer was given a new IP range to assign. The ISP assigned 196.26.4.0/26, and the branch gateway router now has the following configurations on the interface that peers to the ISP:

[image]

The network engineer observes that all users have lost Internet connectivity. Which of the following describes the issue?

A. The incorrect subnet mask was configured

B. The incorrect gateway was configured

C. The incorrect IP address was configured

D. The incorrect interface was configured

Correct Answer: C

Section: Explanation: The IP address configured on the router interface is 196.26.4.1/26, which belongs to the IP range assigned by the ISP (196.26.4.0/26). However, this IP address is not valid for this interface because it is the network address of the subnet, which cannot be assigned to any host device. The network address is the first address of a subnet that identifies the subnet itself. The valid IP addresses for this subnet are from 196.26.4.1 to 196.26.4.62, excluding the network address (196.26.4.0) and the broadcast address (196.26.4.63). The router interface should be configured with a valid IP address within this range to restore Internet connectivity for all users. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam- objectives-(2-0), https://www.techopedia.com/definition/24136/network-address

Within the realm of network security, Zero Trust:

A. prevents attackers from moving laterally through a system.

B. allows a server to communicate with outside networks without a firewall.

C. block malicious software that is too new to be found in virus definitions.

D. stops infected files from being downloaded via websites

Correct Answer: A

Section: Explanation: Zero Trust is a security framework that requires all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. Zero Trust prevents attackers from moving laterally through a system by applying granular policies and controls based on the principle of least privilege and by segmenting and encrypting data flows across the network. Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008- exam-objectives-(2-0), https://www.crowdstrike.com/cybersecurity-101/zero-trust-security/

Which of the following service models would MOST likely be used to replace on-premises servers with a cloud solution?

A. PaaS

B. IaaS

C. SaaS

D. Disaster recovery as a Service (DRaaS)

Correct Answer: B

Section: Explanation: IaaS stands for Infrastructure as a Service, which is a cloud service model that provides virtualized computing resources over the Internet, such as servers, storage, networking, and operating systems. IaaS allows customers to replace their on-premises servers with cloud servers that can be scaled up or down on demand and pay only for what they use. PaaS stands for Platform as a Service, which provides customers with a cloud-based platform for developing, testing, and deploying applications without managing the underlying infrastructure. SaaS stands for Software as a Service, which provides customers with access to cloud-based software applications over the Internet without installing or maintaining them on their devices. Disaster recovery as a Service (DRaaS) is a type of cloud service that provides customers with backup and recovery solutions for their data and applications in case of a disaster

Which of the following factors should be considered when evaluating a firewall to protect a datacenter’s east-west traffic?

A. Replication traffic between an on-premises server and a remote backup facility

B. Traffic between VMs running on different hosts

C. Concurrent connections generated by Internet DDoS attacks

D. VPN traffic from remote offices to the datacenter’s VMs

Correct Answer: B

Section: Explanation: When evaluating a firewall to protect a datacenter’s east-west traffic, it is important to consider traffic between VMs running on different hosts. This type of traffic is referred to as east-west traffic and is often protected by internal firewalls. By implementing firewalls, an organization can protect their internal network against threats such as lateral movement, which can be caused by attackers who have breached a perimeter firewall. Reference: Network+ Certification Study Guide, Chapter 5: Network Security

Which of the following is used to prioritize Internet usage per application and per user on the network?

A. Bandwidth management

B. Load balance routing

C. Border Gateway Protocol

D. Administrative distance

Correct Answer: A

Section: Explanation: Bandwidth management is used to prioritize Internet usage per application and per user on the network. This allows an organization to allocate network resources to mission-critical applications and users, while limiting the bandwidth available to non-business-critical applications. Reference: Network+ Certification Study Guide, Chapter 2: Network Operations

A network administrator needs to query the NSs for a remote application. Which of the following commands would BEST help the administrator accomplish this task?

A. dig

B. arp

C. show interface

D. hostname

Correct Answer: A

Section: Explanation: The dig command is used to query the NSs for a remote application. It is a command-line tool that is commonly used to troubleshoot DNS issues. When used with specific options, dig can be used to obtain information about domain names, IP addresses, and DNS records. Reference: Network+ Certification Study Guide, Chapter 3: Network Infrastructure

Which of the following would MOST likely be used to review previous upgrades to a system?

A. Business continuity plan

B. Change management

C. System life cycle

D. Standard operating procedures

Correct Answer: B

Section: Explanation: Change management is the process of reviewing previous upgrades to a system. It is a systematic approach to managing changes to an organization's IT systems and infrastructure. Change management involves the assessment of potential risks associated with a change, as well as the identification of any necessary resources required to implement the change. Reference: Network+ Certification Study Guide, Chapter 8: Network Troubleshooting

A technician is deploying a new switch model and would like to add it to the existing network monitoring software. The technician wants to know what metrics can be gathered from a given switch. Which of the following should the technician utilize for the switch?

A. MIB

B. Trap

C. Syslog

D. Audit log

Correct Answer: A

Section: Explanation: To determine what metrics can be gathered from a given switch, a technician should utilize the Management Information Base (MIB). The MIB is a database of network management information that is used to manage and monitor network devices. It contains information about device configuration, status, and performance. Reference: Network+ Certification Study Guide, Chapter 5: Network Security

A network device is configured to send critical events to a syslog server; however, the following alerts are not being received: Severity 5 LINK-UPDOWN: Interface 1/1, changed state to down Severity 5 LINK-UPDOWN: Interface 1/3, changed state to down Which of the following describes the reason why the events are not being received?

A. The network device is not configured to log that level to the syslog server

B. The network device was down and could not send the event

C. The syslog server is not compatible with the network device

D. The syslog server did not have the correct MIB loaded to receive the message

Correct Answer: A

Section: Explanation: The reason why the alerts are not being received is that the network device is not configured to log that level to the syslog server. The severity level for the events may need to be adjusted in order for them to be sent to the syslog server. Reference: Network+ Certification Study Guide, Chapter 8: Network Troubleshooting

A network administrator is implementing OSPF on all of a company’s network devices. Which of the following will MOST likely replace all the company’s hubs?

A. A Layer 3 switch

B. A proxy server

C. A NGFW

D. A WLAN controller

Correct Answer: A

Section: Explanation: A Layer 3 switch will likely replace all the company's hubs when implementing OSPF on all of its network devices. A Layer 3 switch combines the functionality of a traditional Layer 2 switch with the routing capabilities of a router. By implementing OSPF on a Layer 3 switch, an organization can improve network performance and reduce the risk of network congestion. Reference: Network+ Certification Study Guide, Chapter 5: Network Security

A network administrator discovers that users in an adjacent building are connecting to the company’s guest wireless network to download inappropriate material. Which of the following can the administrator do to MOST easily mitigate this issue?

A. Reduce the wireless power levels

B. Adjust the wireless channels

C. Enable wireless client isolation

D. Enable wireless port security

Correct Answer: A

Section: Explanation: Reducing the wireless power levels can limit the range of the guest wireless network and prevent users in an adjacent building from connecting to it. Adjusting the wireless channels or enabling wireless client isolation will not affect the signal strength or coverage of the guest network. Enabling wireless port security will not work on a guest network that does not use authentication or MAC address filtering. Reference: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number: N10-006), Domain 2.0 Network Operations, Objective 2.5 Given a scenario, implement appropriate wireless configuration settings; Guest WiFi Security - Cisco Umbrella

A network administrator is designing a new datacenter in a different region that will need to communicate to the old datacenter with a secure connection. Which of the following access methods would provide the BEST security for this new datacenter?

A. Virtual network computing

B. Secure Socket Shell

C. In-band connection

D. Site-to-site VPN

Correct Answer: D

Section: Explanation: Site-to-site VPN provides the best security for connecting a new datacenter to an old one because it creates a secure tunnel between the two locations, protecting data in transit. Reference: CompTIA Network+ Certification Study Guide, Chapter 5: Network Security.

An attacker is attempting to find the password to a network by inputting common words and phrases in plaintext to the password prompt. Which of the following attack types BEST describes this action?

A. Pass-the-hash attack

B. Rainbow table attack

C. Brute-force attack

D. Dictionary attack

Correct Answer: D

Section: Explanation: The attacker attempting to find the password to a network by inputting common words and phrases in plaintext to the password prompt is using a dictionary attack. Reference: CompTIA Network+ Certification Study Guide, Chapter 6: Network Attacks and Mitigation

Which of the following technologies provides a failover mechanism for the default gateway?

A. FHRP

B. LACP

C. OSPF

D. STP

Correct Answer: A

Section: Explanation: First Hop Redundancy Protocol (FHRP) provides a failover mechanism for the default gateway, allowing a backup gateway to take over if the primary gateway fails. Reference: CompTIA Network+ Certification Study Guide, Chapter 4: Infrastructure.

The following configuration is applied to a DHCP server connected to a VPN concentrator:

[image]

There are 300 non-concurrent sales representatives who log in for one hour a day to upload reports, and 252 of these representatives are able to connect to the VPN without any Issues. The remaining sales representatives cannot connect to the VPN over the course of the day. Which of the following can be done to resolve the issue without utilizing additional resources?

A. Decrease the lease duration

B. Reboot the DHCP server

C. Install a new VPN concentrator

D. Configure a new router

Correct Answer: A

Section: Explanation: Decreasing the lease duration on the DHCP server will cause clients to renew their IP address leases more frequently, freeing up IP addresses for other clients to use. Reference: CompTIA Network+ Certification Study Guide, Chapter 3: IP Addressing.

A technician needs to configure a Linux computer for network monitoring. The technician has the following information:

Linux computer details: [image] Switch mirror port details: [image]

After connecting the Linux computer to the mirror port on the switch, which of the following commands should the technician run on the Linux computer?

A. ifconfig ecth0 promisc

B. ifconfig eth1 up

C. ifconfig eth0 10.1.2.3

D. ifconfig eth1 hw ether A1:B2:C3:D4:E5:F6

Correct Answer: A

Section: Explanation: The ifconfig eth0 promisc command should be run on the Linux computer to enable promiscuous mode, which allows the computer to capture all network traffic passing through the switch mirror port. Reference: CompTIA Network+ Certification Study Guide, Chapter 7: Network Devices.

A network engineer is investigating reports of poor network performance. Upon reviewing a device configuration, the engineer finds that duplex settings are mismatched on both ends. Which of the following would be the MOST likely result of this finding?

A. Increased CRC errors

B. Increased giants and runts

C. Increased switching loops

D. Increased device temperature

Correct Answer: A

Section: Explanation: Mismatched duplex settings can cause an increase in CRC errors, which are errors in data transmission that can result in corrupted data. Reference: CompTIA Network+ Certification Study Guide, Chapter 4: Infrastructure.

Which of the following devices would be used to manage a corporate WLAN?

A. A wireless NAS

B. A wireless bridge

C. A wireless router

D. A wireless controller

Correct Answer: D

Section: Explanation: A wireless controller is used to manage a corporate WLAN, providing centralized management and configuration of access points. Reference: CompTIA Network+ Certification Study Guide, Chapter 8: Wireless Networks.

Which of the following types of devices can provide content filtering and threat protection, and manage multiple IPSec site-to-site connections?

A. Layer 3 switch

B. VPN headend

C. Next-generation firewall

D. Proxy server

E. Intrusion prevention

Correct Answer: C

Section: Explanation: Next-generation firewalls can provide content filtering and threat protection, and can manage multiple IPSec site-to-site connections. Reference: CompTIA Network+ Certification Study Guide, Chapter 5: Network Security.

An engineer notices some late collisions on a half-duplex link. The engineer verifies that the devices on both ends of the connection are configured for half duplex. Which of the following is the MOST likely cause of this issue?

A. The link is improperly terminated

B. One of the devices is misconfigured

C. The cable length is excessive

D. One of the devices has a hardware issue

Correct Answer: C

Section: Explanation: In a half-duplex link, devices can only send or receive data at one time, not simultaneously. Late collisions occur when devices transmit data at the same time after waiting for a clear channel. One of the causes of late collisions is excessive cable length, which increases the propagation delay and makes it harder for devices to detect collisions. The link termination, device configuration, and device hardware are not likely to cause late collisions on a half-duplex link.

A network administrator is configuring a load balancer for two systems. Which of the following must the administrator configure to ensure connectivity during a failover?

A. VIP

B. NAT

C. APIPA

D. IPv6 tunneling

E. Broadcast IP

Correct Answer: A

Section: Explanation: A virtual IP (VIP) address must be configured to ensure connectivity during a failover. A VIP address is a single IP address that is assigned to a group of servers or network devices. When one device fails, traffic is automatically rerouted to the remaining devices, and the VIP address is reassigned to the backup device, allowing clients to continue to access the service without interruption. Reference: CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 6: Network Servers, p. 300

A technician is troubleshooting a wireless connectivity issue in a small office located in a high-rise building. Several APs are mounted in this office. The users report that the network connections frequently disconnect and reconnect throughout the day. Which of the following is the MOST likely cause of this issue?

A. The AP association time is set too low

B. EIRP needs to be boosted

C. Channel overlap is occurring

D. The RSSI is misreported

Correct Answer: C

Section: Explanation: Channel overlap is a common cause of wireless connectivity issues, especially in high-density environments where multiple APs are operating on the same or adjacent frequencies. Channel overlap can cause interference, signal degradation, and performance loss for wireless devices. The AP association time, EIRP, and RSSI are not likely to cause frequent disconnects and reconnects for wireless users.

A network engineer configured new firewalls with the correct configuration to be deployed to each remote branch. Unneeded services were disabled, and all firewall rules were applied successfully. Which of the following should the network engineer perform NEXT to ensure all the firewalls are hardened successfully?

A. Ensure an implicit permit rule is enabled

B. Configure the log settings on the firewalls to the central syslog server

C. Update the firewalls with current firmware and software

D. Use the same complex passwords on all firewalls

Correct Answer: C

Section: Explanation: Updating the firewalls with current firmware and software is an important step to ensure all the firewalls are hardened successfully, as it can fix any known vulnerabilities or bugs and provide new features or enhancements. Enabling an implicit permit rule is not a good practice for firewall hardening, as it can allow unwanted traffic to pass through the firewall. Configuring the log settings on the firewalls to the central syslog server is a good practice for monitoring and auditing purposes, but it does not harden the firewalls themselves. Using the same complex passwords on all firewalls is not a good practice for password security, as it can increase the risk of compromise if one firewall is breached. Reference: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number: N10-006), Domain 3.0 Network Security, Objective 3.3 Given a scenario, implement network hardening techniques

At which of the following OSI model layers would a technician find an IP header?

A. Layer 1

B. Layer 2

C. Layer 3

D. Layer 4

Correct Answer: C

Section:Explanation: An IP header can be found at the third layer of the OSI model, also known as the network layer. This layer is responsible for logical addressing, routing, and forwarding of data packets. Reference: CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 2: Network Models, p. 82

An engineer is configuring redundant network links between switches. Which of the following should the engineer enable to prevent network stability issues?

A. 802.1Q

B. STP

C. Flow control

D. CSMA/CD

Correct Answer: B

Section: Explanation: Spanning Tree Protocol (STP) should be enabled when configuring redundant network links between switches. STP ensures that only one active path is used at a time, preventing network loops and stability issues. Reference: CompTIA Network+ Certification Study Guide

Several WIFI users are reporting the inability to connect to the network. WLAN users on the guest network are able to access all network resources without any performance issues. The following table summarizes the findings after a site survey of the area in question:

[image]

Which of the following should a wireless technician do NEXT to troubleshoot this issue?

A. Reconfigure the channels to reduce overlap

B. Replace the omni antennas with directional antennas

C. Update the SSIDs on all the APs

D. Decrease power in AP 3 and AP 4

Correct Answer: A

Section: Explanation: Based on the site survey table, we can see that AP 2, AP 3, and AP 4 are all broadcasting on the same channel, which can cause interference and affect performance. Therefore, the next step a wireless technician should take to troubleshoot this issue is to reconfigure the channels to reduce overlap. This will help to improve network performance and eliminate any interference. Reference: Network+ N10-007 Certification Exam Objectives, Objective 2.8: Given a scenario, troubleshoot common wireless problems and perform site surveys.

Which of the following routing protocols is used to exchange route information between public autonomous systems?

A. OSPF

B. BGP

C. EGRIP

D. RIP

Correct Answer: B

Section: Explanation: BGP (Border Gateway Protocol) is a routing protocol used to exchange route information between public autonomous systems (AS). OSPF (Open Shortest Path First), EGRIP (Enhanced Interior Gateway Routing Protocol), and RIP (Routing Information Protocol) are all used for internal routing within a single AS. Therefore, BGP is the correct option to choose for this question. Reference: Network+ N10-007 Certification Exam Objectives, Objective 3.3: Given a scenario, configure and apply the appropriate routing protocol. Cisco: Border Gateway Protocol (BGP) Overview

A fiber link connecting two campus networks is broken. Which of the following tools should an engineer use to detect the exact break point of the fiber link?

A. OTDR

B. Tone generator

C. Fusion splicer

D. Cable tester

E. PoE injector

Correct Answer: A

Section: Explanation: To detect the exact break point of a fiber link, an engineer should use an OTDR (Optical Time Domain Reflectometer). This device sends a series of pulses into the fiber, measuring the time it takes for the pulses to reflect back, and can pinpoint the exact location of the break. Reference: Network+ N10-007 Certification Exam Objectives, Objective 2.5: Given a scenario, troubleshoot copper cable issues. FS: OTDR (Optical Time Domain Reflectometer) Testing Principle and Applications

Which of the following can be used to centrally manage credentials for various types of administrative privileges on configured network devices?

A. SSO

B. TACACS+

C. Zero Trust

D. Separation of duties

E. Multifactor authentication

Correct Answer: B

Section: Explanation: TACACS+ (Terminal Access Controller Access Control System Plus) can be used to centrally manage credentials for various types of administrative privileges on configured network devices. This protocol separates authentication, authorization, and accounting (AAA) functions, providing more granular control over access to network resources. Reference: Network+ N10-007 Certification Exam Objectives, Objective 4.2: Given a scenario, implement secure network administration principles

A network technician is installing new software on a Windows-based server in a different geographical location. Which of the following would be BEST for the technician to use to perform this task?

A. RDP

B. SSH

C. FTP

D. DNS

Correct Answer: A

Section: Explanation: RDP (Remote Desktop Protocol) is the best option for a network technician to use when installing new software on a Windows-based server in a different geographical location. This protocol allows the technician to connect to the server remotely and control it as if they were physically present. Reference: Network+ N10-007 Certification Exam Objectives, Objective 2.2: Given a scenario, implement the appropriate network-based security and troubleshoot common connectivity issues.

Branch users are experiencing issues with videoconferencing. Which of the following will the company MOST likely configure to improve performance for these applications?

A. Link Aggregation Control Protocol

B. Dynamic routing

C. Quality of service

D. Network load balancer E. Static IP addresses

Correct Answer: C

Section: Explanation: To improve performance for videoconferencing, the company should configure Quality of Service (QoS). This technology allows for the prioritization of network traffic, ensuring that videoconferencing traffic is given higher priority and therefore better performance. Link Aggregation Control Protocol (LACP), Dynamic routing, Network load balancer, and Static IP addresses are not directly related to improving performance for videoconferencing. Reference: Network+ N10-007 Certification Exam Objectives, Objective 2.6: Given a scenario, implement and configure the appropriate wireless security and implement the appropriate QoS concepts.

A technician is assisting a user who cannot connect to a network resource. The technician first checks for a link light. According to troubleshooting methodology, this is an example of:

A. using a bottom-to-top approach.

B. establishing a plan of action.

C. documenting a finding.

D. questioning the obvious.

Correct Answer: A

Section: Explanation: Using a bottom-to-top approach means starting from the physical layer and moving up the OSI model to troubleshoot a network problem. Checking for a link light is a physical layer check that verifies the connectivity of the network cable and device. Reference: https://www.professormesser.com/network-plus/n10-007/troubleshooting-methodologies-2/

Which of the following transceiver types can support up to 40Gbps?

A. SFP+

B. QSFP+

C. QSFP

D. SFP

Correct Answer: B

Section: Explanation: QSFP+ is a transceiver type that can support up to 40Gbps. It stands for Quad Small Form-factor Pluggable Plus and uses four lanes of data to achieve high-speed transmission. It is commonly used for data center and high-performance computing applications. Reference:

Which of the following TCP ports is used by the Windows OS for file sharing?

A. 53

B. 389

C. 445

D. 1433

Correct Answer: C

Section: Explanation: TCP port 445 is used by the Windows OS for file sharing. It is also known as SMB (Server Message Block) or CIFS (Common Internet File System) and allows users to access files, printers, and other shared resources on a network. Reference:

A network administrator redesigned the positioning of the APs to create adjacent areas of wireless coverage. After project validation, some users still report poor connectivity when their devices maintain an association to a distanced AP. Which of the following should the network administrator check FIRST?

A. Validate the roaming settings on the APs and WLAN clients

B. Verify that the AP antenna type is correct for the new layout

C. Check to see if MU-MIMO was properly activated on the APs

D. Deactivate the 2.4GHz band on the APS

Correct Answer: A

Section: Explanation: The network administrator should check the roaming settings on the APs and WLAN clients first. Roaming is the process of switching from one AP to another without losing connectivity. If the roaming settings are not configured properly, some users may experience poor connectivity when their devices stay connected to a distant AP instead of switching to a closer one. Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/82068-roam- faq.html

Which of the following connector types would have the MOST flexibility?

A. SFP

B. BNC

C. LC

D. RJ45

Correct Answer: A

Section: Explanation: SFP (Small Form-factor Pluggable) is a connector type that has the most flexibility. It is a hot- swappable transceiver that can support different speeds, distances, and media types depending on the module inserted. It can be used for both copper and fiber connections and supports various protocols such as Ethernet, Fibre Channel, and SONET. Reference: https://www.fs.com/what-is-sfp- transceiver-aid-11.html

Which of the following ports is commonly used by VoIP phones?

A. 20

B. 143

C. 445

D. 5060

Correct Answer: D

Section: Explanation: TCP/UDP port 5060 is commonly used by VoIP phones. It is the default port for SIP (Session Initiation Protocol), which is a signaling protocol that establishes, modifies, and terminates multimedia sessions over IP networks. SIP is widely used for VoIP applications such as voice and video calls. Reference: https://www.voip-info.org/session-initiation-protocol/

A network engineer is investigating reports of poor network performance. Upon reviewing a report, the engineer finds that jitter at the office is greater than 10ms on the only WAN connection available. Which of the following would be MOST affected by this statistic?

A. A VoIP sales call with a customer

B. An in-office video call with a coworker

C. Routing table from the ISP

D. Firewall CPU processing time

Correct Answer: A

Section: Explanation: A VoIP sales call with a customer would be most affected by jitter greater than 10ms on the WAN connection. Jitter is the variation in delay of packets arriving at the destination. It can cause choppy or distorted audio quality for VoIP applications, especially over WAN links that have limited bandwidth and high latency. The recommended jitter for VoIP is less than 10ms. Reference: https://www.voip-info.org/voip-jitter/

A network technician needs to ensure outside users are unable to telnet into any of the servers at the datacenter. Which of the following ports should be blocked when checking firewall configuration?

A. 22

B. 23

C. 80

D. 3389

E. 8080

Correct Answer: B

Section: Explanation: Port 23 should be blocked when checking firewall configuration to prevent outside users from telnetting into any of the servers at the datacenter. Port 23 is the default port for Telnet, which is an insecure protocol that allows remote access to servers and network devices. Telnet sends data in clear text, which can be easily intercepted and compromised by attackers. A more secure alternative is SSH, which uses port 22 and encrypts data. Reference: https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788-3.html

A technician is writing documentation regarding a company’s server farm. The technician needs to confirm the server name for all Linux servers. Which of the following commands should the technician run?

A. ipconfig

B. nslookup

C. arp

D. route

Correct Answer: B

Section: Explanation: The nslookup command should be run to confirm the server name for all Linux servers. Nslookup is a tool that queries DNS servers to resolve hostnames to IP addresses or vice versa. It can also provide other information about DNS records, such as MX, NS, SOA, etc. By running nslookup with the IP address of a Linux server, the technician can obtain its hostname. Reference: https://www.howtogeek.com/663056/how-to-use-the-nslookup-command-on-linux/

A technician is connecting multiple switches to create a large network for a new office. The switches are unmanaged Layer 2 switches with multiple connections between each pair. The network is experiencing an extreme amount of latency. Which of the following is MOST likely occurring?

A. Ethernet collisions

B. A DDoS attack

C. A broadcast storm

D. Routing loops

Correct Answer: C

Section: Explanation: A broadcast storm is most likely occurring when connecting multiple unmanaged Layer 2 switches with multiple connections between each pair. A broadcast storm is a situation where broadcast packets flood a network segment and consume all the available bandwidth. It can be caused by loops in the network topology, where broadcast packets are endlessly forwarded by switches without any loop prevention mechanism. Unmanaged switches do not support features such as Spanning Tree Protocol (STP) or Rapid Spanning Tree Protocol (RSTP) that can detect and block loops. Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/10556-16.html

A store owner would like to have secure wireless access available for both business equipment and patron use. Which of the following features should be configured to allow different wireless access through the same equipment?

A. MIMO

B. TKIP

C. LTE

D. SSID

Correct Answer: D

Section: Explanation: SSID (Service Set Identifier) is a feature that should be configured to allow different wireless access through the same equipment. SSID is the name of a wireless network that identifies it from other networks in the same area. A wireless access point (AP) can support multiple SSIDs with different security settings and network policies. For example, a store owner can create one SSID for business equipment and another SSID for patron use, and assign different passwords, VLANs, and QoS levels for each SSID. Reference:

Which of the following systems would MOST likely be found in a screened subnet?

A. RADIUS

B. FTP

C. SQL

D. LDAP

Correct Answer: B

Section: Explanation: FTP (File Transfer Protocol) is a system that would most likely be found in a screened subnet. A screened subnet, or triple-homed firewall, is a network architecture where a single firewall is used with three network interfaces. It provides additional protection from outside cyber attacks by adding a perimeter network to isolate or separate the internal network from the public-facing internet1. A screened subnet typically hosts systems that need to be accessed by both internal and external users, such as web servers, email servers, or FTP servers. Reference:

Which of the following would need to be configured to ensure a device with a specific MAC address is always assigned the same IP address from DHCP?

A. Scope options

B. Reservation

C. Dynamic assignment

D. Exclusion

E. Static assignment

Correct Answer: B

Section: Explanation: A reservation should be configured to ensure a device with a specific MAC address is always assigned the same IP address from DHCP. A reservation is a feature of DHCP that allows an administrator to assign a fixed IP address to a device based on its MAC address. This way, the device will always receive the same IP address from the DHCP server, even if it is powered off or disconnected from the network for a long time. Reference:

Access to a datacenter should be individually recorded by a card reader even when multiple employees enter the facility at the same time. Which of the following allows the enforcement of this policy?

A. Motion detection

B. Access control vestibules

C. Smart lockers

D. Cameras

Correct Answer: B

Section: Explanation: The most effective security mechanism against physical intrusions due to stolen credentials would likely be a combination of several of these options. However, of the options provided, the most effective security mechanism would probably be an access control vestibule. An access control vestibule is a secure area that is located between the outer perimeter of a facility and the inner secure area. It is designed to provide an additional layer of security by requiring that individuals pass through a series of security checks before being allowed access to the secure area. This could include biometric authentication, access card readers, and motion detection cameras. Access control vestibules allow the enforcement of the policy that access to a datacenter should be individually recorded by a card reader even when multiple employees enter the facility at the same time. An access control vestibule is a physical security device that consists of two doors with an interlocking mechanism. Only one door can be opened at a time, and only one person can pass through each door. This prevents tailgating or piggybacking, where unauthorized persons follow authorized persons into a secure area. An access control vestibule can also be integrated with a card reader or other authentication system to record each individual’s access. Reference: https://www.boonedam.us/blog/what-are-access-control-vestibules

A workstation is configured with the following network details:

[image]

Software on the workstation needs to send a query to the local subnet broadcast address. To which of the following addresses should the software be configured to send the query?

A. 10.1.2.0

B. 10.1.2.1

C. 10.1.2.23

D. 10.1.2.255

E. 10.1.2.31

Correct Answer: D

Section: Explanation: The software on the workstation should be configured to send the query to 10.1.2.255, which is the local subnet broadcast address. A broadcast address is a special address that allows a device to send a message to all devices on the same subnet. It is usually derived by setting all the host bits to 1 in the network address. In this case, the network address is 10.1.2.0/27, which has 27 network bits and 5 host bits. By setting all the host bits to 1, we get 10.1.2.31 as the broadcast address in decimal notation, or 10.1.2.255 in dotted decimal notation. Reference: https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788-3.html

After the A record of a public website was updated, some visitors were unable to access the website. Which of the following should be adjusted to address the issue?

A. TTL

B. MX

C. TXT

D. SOA

Correct Answer: A

Section: Explanation: TTL (Time To Live) should be adjusted to address the issue of some visitors being unable to access the website after the A record was updated. TTL is a value that specifies how long a DNS record should be cached by DNS servers and clients before it expires and needs to be refreshed. If the TTL is too high, some DNS servers and clients may still use the old A record that points to the previous IP address of the website, resulting in connection failures. By lowering the TTL, the DNS servers and clients will update their cache more frequently and use the new A record that points to the current IP address of the website. Reference: https://www.cloudflare.com/learning/dns/dns-records/dns-ttl/

A network administrator is installing a wireless network at a client’s office. Which of the following IEEE 802.11 standards would be BEST to use for multiple simultaneous client access?

A. CDMA

B. CSMA/CD

C. CSMA/CA

D. GSM

Correct Answer: C

Section: Explanation: CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) is an IEEE 802.11 standard that would be best to use for multiple simultaneous client access on a wireless network. CSMA/CA is a media access control method that allows multiple devices to share the same wireless channel without causing collisions or interference. It works by having each device sense the channel before transmitting data and waiting for an acknowledgment from the receiver after each transmission. If the channel is busy or no acknowledgment is received, the device will back off and retry later with a random delay. Reference:

A technician is installing multiple UPS units in a major retail store. The technician is required to keep track of all changes to new and old equipment. Which of the following will allow the technician to record these changes?

A. Asset tags

B. A smart locker

C. An access control vestibule

D. A camera

Correct Answer: A

Section: Explanation: Asset tags will allow the technician to record changes to new and old equipment when installing multiple UPS units in a major retail store. Asset tags are labels or stickers that are attached to physical assets such as computers, printers, servers, or UPS units. They usually contain information such as asset name, serial number, barcode, QR code, or RFID chip that can be scanned or read by an asset management system or software. Asset tags help track inventory, location, status, maintenance, and ownership of assets. Reference:

A website administrator is concerned the company’s static website could be defaced by hacktivists or used as a pivot point to attack internal systems. Which of the following should a network security administrator recommend to assist with detecting these activities?

A. Implement file integrity monitoring.

B. Change the default credentials.

C. Use SSL encryption.

D. Update the web-server software.

Correct Answer: A

Section: Explanation: Implementing file integrity monitoring (FIM) would assist with detecting activities such as website defacement or internal system attacks. FIM is a process that monitors and alerts on changes to files or directories that are critical for security or functionality. FIM can help detect unauthorized modifications, malware infections, data breaches, or configuration errors. FIM can also help with compliance and auditing requirements. Reference: Topic 2, Exam Pool B

A technician wants to install a WAP in the center of a room that provides service in a radius surrounding a radio. Which of the following antenna types should the AP utilize?

A. Omni

B. Directional

C. Yagi

D. Parabolic

Correct Answer: A

Section: Explanation: An omni antenna should be used by the AP to provide service in a radius surrounding a radio. An omni antenna is a type of antenna that has a 360-degree horizontal radiation pattern. It can provide wireless coverage in all directions from the antenna with varying degrees of vertical coverage. It is suitable for indoor environments where users are located around the AP1. Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/82068-omni-vs- direct.html 1

A network field technician is installing and configuring a secure wireless network. The technician performs a site survey. Which of the following documents would MOST likely be created as a result of the site survey?

A. Physical diagram

B. Heat map

C. Asset list

D. Device map

Correct Answer: B

Section: Explanation: A heat map would most likely be created as a result of the site survey. A heat map is a graphical representation of the wireless signal strength and coverage in a given area. It can show the location of APs, antennas, walls, obstacles, interference sources, and dead zones. It can help with planning, optimizing, and troubleshooting wireless networks. Reference: https://www.netspotapp.com/what- is-a-wifi-heatmap.html

A wireless network was installed in a warehouse for employees to scan crates with a wireless handheld scanner. The wireless network was placed in the corner of the building near the ceiling for maximum coverage However users in the offices adjacent lo the warehouse have noticed a large amount of signal overlap from the new network Additionally warehouse employees report difficulty connecting to the wireless network from the other side of the building; however they have no issues when Ihey are near the antenna Which of the following is MOST likely the cause?

A. The wireless signal is being refracted by the warehouse's windows

B. The antenna's power level was set too high and is overlapping

C. An omnidirectional antenna was used instead of a unidirectional antenna

D. The wireless access points are using channels from the 5GHz spectrum

Correct Answer: C

Section: Explanation: An omnidirectional antenna was used instead of a unidirectional antenna, which is most likely the cause of the wireless network issues. An omnidirectional antenna provides wireless coverage in all directions from the antenna, which can cause signal overlap with adjacent offices and interference with other wireless networks. A unidirectional antenna, on the other hand, provides wireless coverage in a specific direction from the antenna, which can reduce signal overlap and interference and increase signal range and quality. A unidirectional antenna would be more suitable for a warehouse environment where users are located on one side of the building1. Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/82068-omni-vs- direct.html 1

An organization with one core and five distribution switches is transitioning from a star to a full-mesh topology Which of the following is the number of additional network connections needed?

A. 5

B. 7

C. 10

D. 15

Correct Answer: C

Section: Explanation: 10 additional network connections are needed to transition from a star to a full-mesh topology. A star topology is a network topology where each device is connected to a central device, such as a switch or a hub. A full-mesh topology is a network topology where each device is directly connected to every other device. The number of connections needed for a full-mesh topology can be calculated by the formula n(n-1)/2, where n is the number of devices. In this case, there are six devices (one core and five distribution switches), so the number of connections needed for a full-mesh topology is 6(6-1)/2 = 15. Since there are already five connections in the star topology (one from each distribution switch to the core switch), the number of additional connections needed is 15 - 5 = 10. Reference:

A network technician is investigating an issue with a desktop that is not connecting to the network. The desktop was connecting successfully the previous day, and no changes were made to the environment. The technician locates the switchport where the device is connected and observes the LED status light on the switchport is not lit even though the desktop is turned on Other devices that arc plugged into the switch are connecting to the network successfully Which of the following is MOST likely the cause of the desktop not connecting?

A. Transceiver mismatch

B. VLAN mismatch

C. Port security

D. Damaged cable

E. Duplex mismatch

Correct Answer: D

Section: Explanation: A damaged cable is most likely the cause of the desktop not connecting to the network. A damaged cable can cause physical layer issues such as loss of signal, attenuation, interference, or crosstalk. These issues can prevent the desktop from establishing a link with the switch and result in the LED status light on the switchport being off. Other possible causes of physical layer issues are faulty connectors, ports, or transceivers. Reference:

A network technician has multimode fiber optic cable available in an existing IDF. Which of the following Ethernet standards should the technician use to connect the network switch to the existing fiber?

A. 10GBaseT

B. 1000BaseT

C. 1000BaseSX

D. 1000BaseLX

Correct Answer: C

Section: Explanation: 1000BaseSX is an Ethernet standard that should be used to connect the network switch to the existing multimode fiber optic cable. 1000BaseSX is a Gigabit Ethernet standard that uses short- wavelength laser (850 nm) over multimode fiber optic cable. It can support distances up to 550 meters depending on the cable type and quality. It is suitable for short-range network segments such as campus or building backbone networks. Reference:

An ARP request is broadcasted and sends the following request. ''Who is 192.168.1.200? Tell 192.168.1.55'' At which of the following layers of the OSI model does this request operate?

A. Application

B. Data link

C. Transport

D. Network

E. Session

Correct Answer: B

Section: Explanation: An ARP request operates at the data link layer of the OSI model. ARP (Address Resolution Protocol) is a protocol that maps IP addresses to MAC addresses on a local area network. It allows devices to communicate with each other without knowing their MAC addresses beforehand. ARP operates at the data link layer (layer 2) of the OSI model, which is responsible for framing and addressing data packets on a physical medium. Reference:

Which of the following technologies allows traffic to be sent through two different ISPs to increase performance?

A. Fault tolerance

B. Quality of service

C. Load balancing

D. Port aggregation

Correct Answer: C

Section: Explanation: Load balancing is a technology that allows traffic to be sent through two different ISPs to increase performance. Load balancing is a process of distributing network traffic across multiple servers or links to optimize resource utilization, throughput, latency, and reliability. Load balancing can be implemented at different layers of the OSI model, such as layer 4 (transport) or layer 7 (application). Load balancing can also be used for outbound traffic by using multiple ISPs and routing protocols such as BGP (Border Gateway Protocol) to select the best path for each packet. Reference:

A network technician is observing the behavior of an unmanaged switch when a new device is added to the network and transmits dat

A. Which of the following BEST describes how the switch processes this information?

B. The data is flooded out of every port. including the one on which it came in.

C. The data is flooded out of every port but only in the VLAN where it is located.

D. The data is flooded out of every port, except the one on which it came in

E. The data is flooded out of every port, excluding the VLAN where it is located

Correct Answer: C

Section:Explanation: The switch processes the data by flooding it out of every port, except the one on which it came in. Flooding is a process where a switch sends a data frame to all ports except the source port when it does not have an entry for the destination MAC address in its MAC address table. Flooding allows the switch to learn the MAC addresses of the devices connected to its ports and update its MAC address table accordingly. Flooding also ensures that the data frame reaches its intended destination, even if the switch does not know its location. Reference:

There are two managed legacy switches running that cannot be replaced or upgraded. These switches do not support cryptographic functions, but they are password protected. Which of the following should a network administrator configure to BEST prevent unauthorized access?

A. Enable a management access list

B. Disable access to unnecessary services.

C. Configure a stronger password for access

D. Disable access to remote management

E. Use an out-of-band access method.

Correct Answer: E

Section: Explanation: Using an out-of-band access method is the best way to prevent unauthorized access to the legacy switches that do not support cryptographic functions. Out-of-band access is a method of accessing a network device through a dedicated channel that is separate from the main network traffic. Out-of- band access can use physical connections such as serial console ports or dial-up modems, or logical connections such as VPNs or firewalls. Out-of-band access provides more security and reliability than in-band access, which uses the same network as the data traffic and may be vulnerable to attacks or failures. Reference:

A network engineer is designing a new secure wireless network. The engineer has been given the following requirements: 1 Must not use plaintext passwords 2 Must be certificate based

Must be vendor neutral Which of the following methods should the engineer select?

A. TWP-RC4

B. CCMP-AES

C. EAP-TLS

D. WPA2

Correct Answer: C

Section: Explanation: EAP-TLS is the method that should be selected to meet the requirements for designing a new secure wireless network. EAP-TLS (Extensible Authentication Protocol - Transport Layer Security) is an authentication protocol that uses X.509 digital certificates for both clients and servers. It provides strong security and mutual authentication by using TLS encryption and public key cryptography. It does not use plaintext passwords or shared secrets that can be compromised or guessed. It is also an open standard that is vendor neutral and supported by most wireless devices1. Reference: https://www.securew2.com/blog/what-is-eap-tls 1

A lab environment hosts Internet-facing web servers and other experimental machines, which technicians use for various tasks A technician installs software on one of the web servers to allow communication to the company's file server, but it is unable to connect to it Other machines in the building are able to retrieve files from the file server. Which of the following is the MOST likely reason the web server cannot retrieve the files, and what should be done to resolve the problem?

A. The lab environment's IDS is blocking the network traffic 1 he technician can whitelist the new application in the IDS

B. The lab environment is located in the DM2, and traffic to the LAN zone is denied by default. The technician can move the computer to another zone or request an exception from the administrator.

C. The lab environment has lost connectivity to the company router, and the switch needs to be rebooted. The technician can get the key to the wiring closet and manually restart the switch

D. The lab environment is currently set up with hubs instead of switches, and the requests are getting bounced back The technician can submit a request for upgraded equipment to management.

Correct Answer: B

Section: Explanation: The lab environment is located in the DMZ, and traffic to the LAN zone is denied by default. This is the most likely reason why the web server cannot retrieve files from the file server, and the technician can either move the computer to another zone or request an exception from the administrator to resolve the problem. A DMZ (Demilitarized Zone) is a network segment that separates the internal network (LAN) from the external network (Internet). It usually hosts public- facing servers such as web servers, email servers, or FTP servers that need to be accessed by both internal and external users. A firewall is used to control the traffic between the DMZ and the LAN zones, and usually denies traffic from the DMZ to the LAN by default for security reasons. Therefore, if a web server in the DMZ needs to communicate with a file server in the LAN, it would need a special rule or permission from the firewall administrator. Reference: https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html

A technician is deploying a low-density wireless network and is contending with multiple types of building materials. Which of the following wireless frequencies would allow for the LEAST signal attenuation?

A. 2.4GHz

B. 5GHz

C. 850MHz

D. 900MHZ

Correct Answer: A

Section: Explanation: 2.4GHz is the wireless frequency that would allow for the least signal attenuation when deploying a low-density wireless network with multiple types of building materials. Signal attenuation is the loss of signal strength or quality as it travels through a medium or over a distance. Signal attenuation can be affected by various factors such as distance, interference, reflection, refraction, diffraction, scattering, or absorption. Generally, lower frequencies have less signal attenuation than higher frequencies because they can penetrate obstacles better and travel farther. Therefore, 2.4GHz would have less signal attenuation than 5GHz, 850MHz, or 900MHz. Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/82068-omni-vs- direct.htm