CompTIA Network+ (N10-009) Exam Questions

Page 1 of 55

1.

Which of the following BEST describes a network?

  • A group of interconnected computers

  • A switch with multiple ports

  • A connection between a router and a host

  • Two or more servers

Correct answer: A group of interconnected computers

A network is a group of interconnected computers. Standalone devices are not part of a network until they are connected in some way.

A switch with multiple ports would only be part of a network if it was properly connected.

A router connected to a single host would not constitute a network in the accepted sense. The host would need to connect to another device.

Two or more servers would not constitute a network unless connected to client devices.

2.

An organization is growing rapidly and, therefore, its Dynamic Host Configuration Protocol (DHCP) server is constantly handing out IP addresses to new employees as they start, and to new systems as they are added to the network. This rapid growth has resulted in the DHCP scope running out of IP addresses. What is this known as?

  • Exhausted DHCP scope

  • Rogue DHCP server

  • Exhausted address generation

  • Exhausted DNS scope

Correct answer: Exhausted DHCP Scope

When the Dynamic Host Configuration Protocol (DHCP) scope runs out of IP addresses to lease, this is known as an exhausted DHCP scope.

A rogue DHCP server occurs when a user brings in their own device (either maliciously or accidentally), which begins handing out DHCP leases.

Exhausted address generation and exhausted DNS scope are fabricated terms.

3.

Which approach to firewall rules defaults to a secure state?

  • Implicit deny

  • Explicit deny

  • Implicit permit

  • Explicit permit

Correct answer: Implicit deny

With implicit deny, traffic is blocked unless an exception is made (explicit permit).

This is more secure than explicit deny, where traffic is implicitly permitted and then certain ports/protocols are explicitly blocked by firewall rules.

Implicit permit and explicit permit are not firewall defaults.

4.

Which of the following is a tool designed to improve the throughput and efficiency of a switch?

  • Port channeling

  • Port security

  • Port tagging

  • Port spanning

Correct answer: Port channeling

Port bonding/channeling combines multiple physical ports into a single logical channel. By bundling multiple Fast Ethernet or Gigabit Ethernet ports into an aggregated logical link, you are able to achieve higher bandwidth and reduce processing overhead.

Port security protects against unauthorized physical connections to a switch port by only allowing systems with a particular MAC address to use that port. Port tagging/802.1Q adds a field to an Ethernet frame to identify the VLAN that the traffic is traveling over. Port mirroring/spanning copies traffic from one port to another, enabling it to be sniffed.

5.

An attacker has managed to compromise an organization's network and steal private customer data. This would be considered an attack on which of the following?

  • Confidentiality

  • Availability

  • Integrity

  • Non-repudiation

Correct answer: Confidentiality

A confidentiality attack is any attack that steals private data or compromises confidentiality.

Attacks on availability include things such as denial-of-service attacks, which render systems unavailable.

An attack on integrity would involve an attacker making unauthorized changes to files.

Non-repudiation refers to associating actions or changes with a specific person; it does not apply in this scenario.

6.

Which of the following is NOT a type of Simple Network Management Protocol (SNMP) message?

  • Alert

  • Get

  • Set

  • Trap

Correct answer: Alert

Alert is not a valid Simple Network Management Protocol (SNMP) message type. SNMP messages are broadly organized into three categories:

  • Get: Gets information from an SNMP-managed device
  • Set: Triggers an action or sets the value of a variable on a managed device
  • Trap: A message to the SNMP manager from one of the managed devices that indicates that a significant event has occurred on that device. This is the only type of SNMP message initiated by a managed device and not the SNMP manager.

7.

Which of the following is NOT part of a secure password policy?

  • Unlimited password life

  • Minimum password length

  • Restrictions on the use of proper names

  • No previously used passwords allowed

Correct answer: Unlimited password life

Limiting password validity to 60 or 90 days is good practice. Passwords should regularly expire and a password policy should require users to change passwords.

A password policy should include the following:

  • Education for end users
  • Strong password requirements, such as:
    • Minimum password length
    • Restrictions on the use of proper names
    • Password expiration
    • No previously used passwords allowed
    • No words spelled out completely within the password
    • The use of characters from the following groups:
      • Uppercase letters
      • Lowercase letters
      • Numbers
      • Special characters

8.

What is a DHCP lease?

  • A temporary assignment of an IP address to a client

  • A mapping of IP to MAC addresses

  • A parameter for IP addresses

  • The set of IP addresses that a DHCP server can assign to clients

Correct answer: A temporary assignment of an IP address to a client

A Dynamic Host Configuration Protocol (DHCP) lease temporarily assigns an Internet Protocol (IP) address to a client.

A DHCP reservation creates a mapping of an IP address to a Media Access Control (MAC) address (more permanent than a lease).

A DHCP option defines parameters for IP addresses.

A DHCP scope is the set of IP addresses that a DHCP server can assign to clients.

9.

Which of the following terms deals with CA, AIA, and CRL?

  • PKI

  • IoT

  • IAM

  • SSO

Correct answer: PKI

Public Key Infrastructure (PKI) is a collection of technologies, operations, and practices that include Certificate Authorities (CA), Authority Information Access (AIA), and Certificate Revocation Lists (CRL). PKI deals with the issuing of public and private certificates to enable secure Internet communication.

The Internet of Things (IoT) is a network of objects that can communicate using sensors and other technologies. IoT applications range from industrial automation to smart homes.

Identity and Access Management (IAM) is a broad term dealing with the control of access to an organization's data and resources.

Single sign-on (SSO) is a method for accessing multiple applications with one set of credentials.

10.

You are helping a user connect to a wireless network with the following information:

  • SSID: TelcoNetwork1
  • Passphrase: 18BF11190JQ

The user has entered the following information into their computer:

  • SSID: TelcoNetwork1
  • Passphrase: 18BF1190JQ

The user is still unable to successfully connect to the wireless network. What is likely the cause of this issue?

  • Wrong passphrase

  • Wrong SSID

  • Passphrase is too short

  • Passphrase has the wrong format

Correct answer: Wrong passphrase

The user entered 18BF1190JQ instead of 18BF11190JQ, making the passphrase useless. The user should have typed in 111 instead of 11.

The SSID the user entered is correct.

The passphrase length is not the issue.

The passphrase format is not the issue.

11.

The 802.11n wireless standard offers a maximum speed of which of the following?

  • 300 Mbps

  • 1 Gbps

  • 54 Mbps

  • 11 Mbps

Correct answer: 300 Mbps

The wireless standard 802.11n operates on both 2.4 GHz and 5 GHz bands, providing versatility as well as maximum throughput. The maximum speed for 802.11n is upwards of 300 Mbps, especially when using the more powerful 5 GHz band.

The maximum speed for IEEE 801.11ac is 1 Gbps.

The maximum speed for 802.11a and 802.11g is 54 Mbps.

The maximum speed for 802.11b is 11 Mbps.

12.

Which of the following is one of the three PRIMARY functions of a switch?

  • Address learning

  • MAC synchronization

  • Routing

  • Filtering

Correct answer: Address learning

As switches operate, they memorize the MAC addresses of all the devices they interface with. This data is stored in a forward/filter table which is initially empty until the switch is used, allowing it to collect and remember the MAC addresses.

MAC synchronization involves ensuring that devices have the same MAC address table to improve performance and reduce broadcasts. While switches forward traffic based on MAC addresses and populate this table, this is not one of the primary functions of a switch. Routing is performed at layer 3, while switches operate at layer 2. Filtering is typically performed based on IP addresses and content, which is also higher on the OSI model.

13.

View the passage to answer the following question.

Regarding a packet destined for 10.1.0.20, which next-hop IP address will the router end up directing the packet to?

  • 192.168.10.2

  • 10.3.0.5

  • 172.167.1.1

  • 10.5.2.5

Correct answer: 192.168.10.2

The router will direct the Internet Protocol (IP) packet to the next hop 192.168.10.2.

The usable host IP address range for each of the networks listed above are as follows:

  • 10.0.0.0/8 - 10.0.0.1 - 10.255.255.254
  • 10.1.0.0/16 - 10.1.0.1 - 10.1.255.254
  • 10.1.1.0/24 - 10.1.1.1 - 10.1.1.254
  • 0.0.0.0/0 - No usable host IP addresses

The first network 10.0.0.0/8 and the second network 10.1.0.0/16 both contain the destination address 10.1.0.20, so those are two possible answers. The third network 10.1.1.0/24 and the fourth network 0.0.0.0/0 do not contain the destination address 10.1.0.20.

The potential answers to the question would be 10.3.0.5 and 192.168.10.2. When routing an IP packet, a router looks for the value in its IP routing table with the longest matching prefix. The prefix length is the network portion of an IP address. The Classless Inter-Domain Routing (CIDR) notation for network 10.1.0.0/16 in row 2 indicates a network prefix length of 16 bits. This is a longer prefix than network 10.0.0.0/8 in row 1. The correct answer, then, is the next hop for the 10.1.0.0/16 network, which is 192.168.10.2.

In this case, the first two rows in the table match the intended IP address, but the second row is more specific. As a result, the packet will be routed to the next hop of 192.168.10.2.

The prefix length for the first row is 8 bits, which is shorter than the prefix length for the second row. So 10.3.0.5 is incorrect.

10.1.1.0/24 does not match the target address, since 10.1.0.0 is less than the lowest IP address in this range (10.1.1.0). So 172.167.1.1 is incorrect.

0.0.0.0 is the IP address of the default route, which is used as a fallback if a router's IP routing table does not contain any matches. So 10.5.2.5 is incorrect.

14.

Which of the following is NOT a value that a rogue DHCP server could assign to a device?

  • MAC address

  • IP address

  • Default gateway address

  • DNS server

Correct answer: MAC address

A computer's Media Access Control (MAC) address is assigned to its Network Interface Card (NIC) and is not managed by a Dynamic Host Configuration Protocol (DHCP) server.

A rogue DHCP server can assign IP addresses, default gateway addresses, subnet masks, and Domain Name Server (DNS) server addresses.

15.

Which of the following protocols is BEST suited to large enterprise networks and is meant to replace the older 802.1d/802.1w protocols?

  • SPB

  • STP

  • RSTP

  • SRP

Correct answer: SPB

Shortest Path Bridging (SPB) is an alternative to the Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP) which scales better to large networks.

SPB is based on the IEEE 801.1aq standard. The standard for STP is 802.1d, and for RSTP it is 802.1w.

SRP is a fabricated term.

16.

Which of the following protocols aggregates multiple physical links into a single logical channel to provide Layer 3 redundancy?

  • LACP

  • CARP

  • VRRP

  • GLBP

Correct answer: LACP

The Link Aggregation Control Protocol (LACP) aggregates multiple physical links into a single logical channel, which it makes available to a route processor.

Common Address Redundancy Protocol (CARP) is a First-Hop Redundancy Protocol (FHRP). It is used to provide redundancy to multiple devices using a virtual IP address.

Virtual Router Redundancy Protocol (VRRP) is another FHRP with a similar function as CARP.

Gateway Load Balancing Protocol (GLBP) is also an FHRP.

None of these FHRPs in the incorrect responses have anything to do with the aggregation of physical links into a logical channel.

17.

You accidentally used a crossover cable to connect a computer to a switch when you should have used a straight-through cable. However, even with this mistake, the connection is working perfectly. Which networking feature makes this possible?

  • Auto-MDIX

  • Link aggregation

  • Spanning Tree Protocol

  • LACP

Correct answer: Auto-MDIX

Automatic Medium-Dependent Interface Crossover (Auto-MDIX) is an Ethernet switch feature that eliminates the need to worry about using crossover vs. straight-through cables by automatically selecting which wire to use for sending and receiving data.

Link aggregation is the bundling of multiple network connections together.

Spanning Tree Protocol (STP) is used to eliminate loops in the network.

Link Aggregation Control Protocol (LACP) is used for link aggregation.

18.

Which of the following network errors addresses data integrity?

  • CRC errors

  • Giants

  • Runts

  • Encapsulation errors

Correct answer: CRC errors

Cyclic Redundancy Checks (CRCs) identify corruption of data in transit and protect data integrity.

Giants and runts are related to packet size.

Encapsulation errors deal with protocol mismatches at an interface.

19.

A user has plugged an Ethernet cable into the Network Interface Card (NIC) of their computer. At which level of the Open Systems Interconnection (OSI) model does a NIC operate?

  • Layer 2

  • Layer 3

  • Layer 5

  • Layer 7

Correct answer: Layer 2

A Network Interface Card (NIC) physically connects to wires, but it also works with MAC addresses, which are located at Layer 2, the data link layer of the OSI model. This makes it a Layer 2 system. Layer 2 handles such things as media access control and error checking.

Layer 3 is the network (or packet) layer, which deals with message forwarding and IP addressing. The session layer, or layer 5, sets up, manages, and breaks down sessions between devices. Users are most familiar with layer 7, the application layer, where their favorite email and browser programs reside.

20.

Microsoft has a utility that combines ping and traceroute, as well as some additional functions. What is the name of this utility?

  • pathping

  • arping

  • route

  • iptables

Correct answer: pathping

Microsoft has a utility called pathping that combines traceroute and ping as well as some additional features. The Linux equivalent is mtr.

The arping utility is a UNIX feature that functions the same as ping except it sends Address Resolution Protocol (ARP) frames instead of Internet Message Control Protocol (ICMP) packets.

The route utility allows you to display and edit the local system's routing table.

The iptables utility is a Linux feature that enables command-line control over IPv4 tables, which are rules that determine what happens when an IPv4 packet encounters a firewall.