CompTIA Network+ (N10-008) Exam Questions

Page 1 of 55

1.

You want to collect packet header data on the command line for future analysis and save the results in a file. Which of the following commands would accomplish this?

  • tcpdump -w outfile

  • tcpdump -f outfile

  • netstat -f outfile

  • netstat -w outfile

Correct answer: tcpdump -w outfile

The command tcpdump dumps packet headers, and the -w flag allows data to be written to a file (named outfile in the example).

The command tcpdump -f is used to print non-local IP addresses.

The command netstat prints information on current connections, not packet information.

2.

You are troubleshooting a network issue. You find that multiple switches are connected and configured in a way that causes a circular path to appear. What is the name of this type of issue?

  • Switching loop

  • Loopback interface

  • STP

  • Broadcast storm

Correct answer: Switching loop

A switching loop, also known as a bridging loop, occurs when you connect and configure multiple switches in a way that causes a circular path to appear.

A loopback interface is used for connectivity testing. The loopback can be established either mechanically or with software, and it is meant to prove whether traffic can be sent and received from a remote device. Switching loops are rare today because all switches use Spanning Tree Protocol (STP) to prevent loops from occurring. A broadcast storm is the result of one or more devices sending a nonstop flurry of broadcast frames to the network.

3.

You are working on a UNIX host and you need to find information about each router hop along a path from source to destination. Of the following, which command should you use to get this type of information?

  • traceroute

  • tracert

  • ping -t

  • ping -i

Correct answer: traceroute

The traceroute command on Linux maps the path of a packet from source to destination by pinging each router hop on that route and calculating the route-trip time for each hop. The traceroute command is typically used to identify the location of an unreachable router along a packet's route.

The tracert command provides a similar function on Windows.

The ping -t command starts a continuous ping. This command is used to determine the reachability of a remote device.

The ping command with the -i flag includes a Time-To-Live (TTL) value.

4.

A customer reports that when they try to access a known legitimate website, the browser points to a fake website. What do you suspect?

  • DNS spoofing

  • ARP poisoning

  • Website poisoning

  • IP spoofing

Correct answer: DNS spoofing

With Domain Name System (DNS) spoofing, a bad actor alters records in a DNS server, with the result that users may be sent to a fake website. DNS translates domain names into Internet Protocol (IP) addresses. The spoofed DNS record may be altered to point to an IP address for a malicious website.

Address Resolution Protocol (ARP) poisoning involves the alteration of ARP table data. ARP translates between IP addresses and Media Access Control (MAC) addresses.

Website poisoning is a fabricated term.

IP spoofing involves the impersonation of a device's IP address by a bad actor.

5.

Which cellular signal modulation technique breaks the frequency range into bands assigned to each cellular device?

  • FDMA

  • CDMA

  • TDMA

  • SDMA

Correct answer: FDMA

Frequency Division Multiple Access (FDMA) enables parallel transmission of signals by assigning each to a band of frequencies.

Code Division Multiple Access (CDMA) uses the entire spectrum for each call, assigning a unique code to each.

Time-Division Multiple Access (TDMA) divides time into slots and allows multiple different signals to use the same frequency.

SDMA is a fabricated term.

6.

When analyzing the performance of a device/chassis, which of the following is NOT an applicable metric?

  • Bandwidth

  • Temperature

  • CPU usage

  • Memory

Correct answer: Bandwidth

Bandwidth is a network metric. It is a measurement of how much data can be transmitted over a network connection.

The three performance metrics associated with a device/chassis are temperature, CPU usage, and memory.

Monitoring device temperature is important to maintain the device. When a device becomes too hot, its components can become damaged. Devices are normally air-cooled with fans, but some new technologies cool devices with water.

Central Processing Unit (CPU) usage should be monitored to ensure that it is not overused.

A device that has limited memory can affect system performance.

7.

 You want to prioritize real-time applications on your network. What is this process called?

  • QoS

  • Classification

  • Packet priorization

  • Congestion avoidance

Correct answer: QoS

Quality of Service (QoS) involves the prioritization of network traffic to ensure a desired performance level. QoS priorities may be real-time, high, medium, or low.

The classification of traffic types may be involved, but that is not the network term for this process.

Packet prioritization is involved, but it is an incorrect term.

Congestion avoidance is desirable and may be achieved by proper QoS.

8.

Which of the following is the MOST useful when setting up wireless networks?

  • Site survey report

  • Floor plan

  • Network diagram

  • Wiring diagram

Correct answer: Site survey report

A site survey report will identify the on-site conditions that might affect the placement of wireless routers.

Floor plans, wiring diagrams, and network diagrams can also be useful, but they may not include information such as obstructions that could block wireless signals like a site survey report.

9.

You have received a syslog message with a severity level of 0. What type of message would this be?

  • Emergency

  • Alert

  • Debug

  • Informational

Correct answer: Emergency

In syslog servers, a level 0 severity level is an emergency. These are the most severe error conditions, which render the system unusable. 

An alert is a severity level of 1, and these events require immediate attention.

Debug is severity level 7. Debugging messages include highly detailed information that is typically used in the troubleshooting process.

Informational has a severity level of 6; this is detailed information about the normal operation of a system.

Here are the syslog severity levels:

  • Level 0 - Emergency
  • Level 1 - Alert
  • Level 2 - Critical
  • Level 3 - Error
  • Level 4 - Warning
  • Level 5 - Notice
  • Level 6 - Informational
  • Level 7 - Debug

10.

On which of the following devices does each interface have its own broadcast domain?

  • Router

  • Hub

  • Access point

  • WAN link

Correct answer: Router

Each of a router's interfaces is a different broadcast domain.

This differs from a hub, where all ports are within the same broadcast domain.

An access point is a networking device that enables Wi-Fi devices to connect to a wired network.

A Wide Area Network (WAN) link is a connection for a network to forward data over long distances.

11.

Of the following, which is a specialized technology that takes physical hardware and abstracts it for a virtual server?

  • Hypervisor

  • Virtual NIC

  • Content switch

  • Supervisor

Correct answer: Hypervisor

Virtualization is made possible by hypervisors. A hypervisor is a specialized software that takes physical hardware and abstracts it for the virtual server.

Virtual Network Interface Cards (NICs) are used to provide network access to the virtual servers. Content switches are not specifically related to virtualization but rather are used for load balancing. Supervisor is a somewhat antiquated term referring to a computer operating system or kernel.

12.

Which type of SNMP message may be generated by an environmental monitor?

  • Trap

  • Get

  • Set

  • Alert

Correct answer: Trap

A trap message is an unsolicited message to a Simple Network Management Protocol (SNMP) manager from a managed device. It is the type of message that an environmental monitor would send to report an environmental issue.

Get and set messages are initiated by an SNMP manager.

Alert is not an SNMP message type.

13.

What is the maximum speed and transmission distance of 1000Base-TX?

  • 1000 Mbps, 100 meters

  • 100 Mbps, 100 meters

  • 1000 Mbps, 250 meters

  • 1000 Mbps, 150 meters

Correct answer: 1000 Mbps, 100 meters

1000Base-TX uses two pairs of CAT5e or higher cable, enabling it to carry 1000 Mbps or 1GB over a maximum distance of 100 meters.

100Base-TX has a maximum transmission speed of 100 Mbps and a maximum distance of 100 meters per segment.

The maximum transmission distance of 250 meters does not align with a common Ethernet cable type.

The maximum transmission distance of 150 meters does not align with a common Ethernet cable type.

14.

You are trying to communicate with a web server using HTTP, but it is not working. When you try to connect using HTTPS, you are able to connect successfully. What is the likely cause of this issue?

  • Port 80 is blocked.

  • Port 443 is blocked.

  • Content filtering is enabled.

  • You are on the wrong VLAN.

Correct answer: Port 80 is blocked.

Port 80 is the port used for Hypertext Transfer Protocol (HTTP), and the Secure version of Hypertext Transfer Protocol (HTTPS) uses port 443. Since HTTP is not a secure protocol, it is common for port 80 to be blocked, which would result in this scenario.

Port 443 would not be blocked if a connection through HTTPS were possible.

Content filtering is used to block sites that contain malware.

Virtual Local Area Network (VLAN) assignment would not explain why you can get to the internet with HTTPS but not HTTP.

15.

Which of the following is a message used by the Hot Standby Router Protocol (HSRP) to demonstrate that the active router is online?

  • Hello

  • Active

  • Standby

  • Heartbeat

Correct answer: Hello

The active router will send Hello messages to the standby router at regular intervals to demonstrate that it is online.

The terms active and standby refer to router types in the Hot Standby Router Protocol (HSRP). The third route type is virtual.

The term heartbeat is incorrect.

16.

Which of the following services would likely NOT require QoS?

  • Web research

  • Online gaming

  • Videoconferencing

  • Streaming media

Correct answer: Web browsing

Web research is not a highly critical time-bound service and would likely not have any requirement for Quality of Service (QoS) management.

Online gaming, videoconferencing, and streaming media are all services that might need the priority traffic management provided by QoS.

17.

Translate the following IP address to binary:

172.16.20.25

  • 10101100.00010000.00010100.00011001

  • 10101100.01110000.00010100.00011001

  • 10101100.00010000.00010101.00011011

  • 10101100.11010000.00010100.00011111

Correct answer: 10101100.00010000.00010100.00011001

The reverse of the binary-to-decimal process involves making comparisons against the chart below. For example, if the number is over 128, a 1 is placed at the beginning of the octet, then the remainder is compared against the chart again.

The decimal equivalent to 10101100.01110000.00010100.00011001 is 172.112.20.25.

The decimal equivalent to 10101100.00010000.00010101.00011011 is 172.16.21.27.

The decimal equivalent to 10101100.11010000.00010100.00011111 is 172.208.20.31.

Binary ValueDecimal Value
000000011
000000102
000001004
000010008
0001000016
0010000032
0100000064
10000000128

18.

Which of the following is a metric that should be minimized for high availability?

  • MTTR

  • MTTF

  • MTBF

  • MRTO

Correct answer: MTTR

Mean Time To Repair (MTTR) is the average time it takes to fix a failed component and should be minimized for high availability. Repairs and resolution should take place as quickly as possible.

Mean Time To Failure (MTTF) and Mean Time Between Failures (MTBF) are metrics that should be maximized. You want systems to remain operable as long as possible. MTTF measures the time before failure after initial use. MTBF measures the average time it takes to repair a resource over time.

MRTO is not a fabricated term.

19.

You believe that an issue exists at the Network layer of the Open Systems Interconnection (OSI) model. Which troubleshooting methodology is the MOST efficient in this situation?

  • Divide and conquer

  • Top-to-bottom

  • Bottom-to-top

  • Layer-based

Correct answer: Divide and conquer

Divide-and-conquer tests the function of a certain layer of the Open Systems Interconnection (OSI) model and moves up or down based on the results of the analysis. This is likely the most efficient approach if the troubleshooter has a theory about the potential cause of the issue.

Top-to-bottom troubleshooting begins with the application layer and works its way down.

The bottom-to-top troubleshooting methodology starts by validating the functionality of the physical layer and works its way up the OSI model.

Layer-based troubleshooting is a fabricated term.

20.

You are using a web browser to securely connect to the web management portal of your network monitoring application. Which remote access method are you likely using in this scenario?

  • HTTPS

  • HTTP

  • RDP

  • Telnet

Correct answer: HTTPS

When connecting to a system via a web browser, you will be using either Hypertext Transfer Protocol (HTTP) or its secure version, Hypertext Transfer Protocol Secure (HTTPS). The given scenario states that this is a secure connection, so the assumption can be made that HTTPS is being used.

HTTP is similar but insecure.

Remote Desktop Protocol (RDP) is used to access a remote computer as if you were sitting in front of it.

Telnet is an insecure remote access protocol.

You would not use Remote Desktop Protocol (RDP) or Telnet to securely access a web management portal via a web browser.