CompTIA CNX-001 Exam Practice Test Instant Access

Question 1

A network administrator is configuring firewall rules to lock down the network from outside attacks. Which of the following should the administrator configure to create the most strict set of rules?

AURL filtering

BFile blocking

CNetwork security group

DAllow List

Answer : D

By explicitly permitting only known, approved traffic and blocking everything else by default, an allow-list policy enforces the strictest firewall posture.

Question 2

A network administrator must connect a remote building at a manufacturing plant to the main building via a wireless connection. Which of the following should the administrator choose to get the greatest possible range from the wireless connection? (Choose two.)

A2.4GHz

B5GHz

C6GHz

DOmnidirectional antenna

EPatch antenna

FBuilt-in antenna

Answer : A, E

2.4 GHz: The lower-frequency 2.4 GHz band propagates farther and better penetrates obstacles than 5 GHz or 6 GHz, giving you greater link distance.

Patch antenna: A directional (patch) antenna focuses RF energy into a narrow beam, maximizing gain and range between two fixed points -- the best for a long-haul wireless link.

Question 3

A company is experiencing numerous network issues and decides to expand its support team. The new junior employees will need to be onboarded in the shortest time possible and be able to troubleshoot issues with minimal assistance. Which of the following should the company create to achieve this goal?

AStatement of work documenting what each junior employee should do when troubleshooting

BClearly documented runbooks for networking issues and knowledge base articles

CPhysical and logical network diagrams of the entire networking infrastructure

DA mentor program for guiding each junior employee until they are familiar with the networking infrastructure

Answer : B

Runbooks provide step-by-step troubleshooting procedures, and a solid knowledge base captures known issues and resolutions. Together they let new team members ramp up quickly and resolve common network problems with minimal hand-holding.

Question 4

A network architect is designing a solution to secure the organization's applications based on the security policy. The requirements are:

Users must authenticate using one set of credentials.

External users must be located in authorized sites.

Session timeouts must be enforced.

Network access requirements should be changed as needed.

Which of the following best meet these requirements? (Choose two.)

ARole-based access

BSingle sign-on

CStatic IP allocation

DMultifactor authentication

EConditional access policy

FRisk-based authentication

Answer : B, E

Single sign-on: Provides users with one set of credentials for authentication across all applications, simplifying access and reducing password fatigue.

Conditional access policy: Enforces location-based restrictions for external users, configurable session timeouts, and dynamic network access controls that can be updated as requirements evolve.

Question 5

A company is transitioning from on premises to a hybrid environment. Due to regulatory standards, the company needs to achieve a high level of reliability and high availability for the connection between its data center and the cloud provider. Which of the following solutions best meets the requirements?

AEstablish a Direct Connect with the cloud provider and peer to two different VPCs in the cloud network.

BEstablish a Direct Connect with the cloud provider and a redundant connection with a VPN over the internet.

CEstablish two Direct Connect connections to the cloud provider using two different suppliers.

DEstablish a VPN with two tunnels to a transit gateway at the cloud provider.

Answer : C

By provisioning two dedicated Direct Connect circuits from separate carriers (diverse physical paths and providers), you achieve a true highly available, fault-tolerant link that meets stringent reliability and regulatory requirements without relying on the public internet.

Question 6

A network security administrator needs to set up a solution to:

Gather all data from log files in a single location.

Correlate the data to generate alerts.

Which of the following should the administrator implement?

ASyslog

BEvent log monitoring

CLog management

DSIEM

Answer : D

A Security Information and Event Management system centralizes log collection from disparate sources and applies correlation rules to generate actionable alerts.

Question 7

An outage occurred after a software upgrade on core switching. A network administrator thinks that the firmware installed had a bug. Which of the following should the network administrator do next?

AEstablish a plan of action to resolve the issue.

BTest the theory to determine cause.
Document lessons learned.

DImplement the solution.

Answer : B

Before taking corrective action, you need to verify that the new firmware is indeed the root cause, such as by rolling back to the previous version in a controlled test or reproducing the failure in a lab, so you're sure your fix addresses the actual problem.

CompTIA CloudNetX Certification CNX-001 Exam Practice Test