CompTIA N10-009 Exam Practice Test Instant Access

Question 1

A network administrator has been monitoring the company's servers to ensure that they are available. Which of the following should the administrator use for this task?

APacket capture

BData usage reports

CSNMP traps

DConfiguration monitoring

Answer : C

To monitor server availability, SNMP traps are the best choice. SNMP (Simple Network Management Protocol) allows devices to send alerts (traps) when certain conditions are met, such as server downtime or high resource usage.

Breakdown of Options:

A . Packet capture -- Capturing packets provides insights into network traffic but does not actively monitor server availability.

B . Data usage reports -- These analyze network traffic consumption but do not indicate whether a server is available or not.

C . SNMP traps -- Correct answer. SNMP traps notify administrators of server issues in real time.

D . Configuration monitoring -- This tracks configuration changes rather than availability.

CompTIA Network+ (N10-009) Official Study Guide -- Domain 2.3: Explain network monitoring concepts.

RFC 1157: Simple Network Management Protocol (SNMP)

Question 2

A network analyst is installing a wireless network in a corporate environment. Employees are required to use their domain identities and credentials to authenticate and connect to the WLAN. Which of the following actions should the analyst perform on the AP to fulfill the requirements?

AEnable MAC security.

BGenerate a PSK for each user.

CImplement WPS.

DSet up WPA3 protocol.

Answer : D

WPA3-Enterprise provides strong security and supports authentication using domain identities through a RADIUS server and 802.1X authentication. This is the best choice for a corporate environment requiring user-based authentication.

WPA3-Enterprise Benefits:

Uses 802.1X with EAP (Extensible Authentication Protocol) to authenticate users via a directory service (e.g., Active Directory).

Eliminates shared passwords (PSK) for authentication.

Provides strong encryption and resistance to brute-force attacks.

Incorrect Options:

A . Enable MAC Security:

MAC filtering is not secure because MAC addresses can be spoofed.

B . Generate a PSK for Each User:

Pre-shared keys (PSK) are used in WPA-Personal, not in an enterprise setting.

Does not scale well in corporate environments.

C . Implement WPS:

Wi-Fi Protected Setup (WPS) is a vulnerable security method meant for home users.

Not suitable for enterprise authentication.

CompTIA Network+ N10-009 Official Study Guide -- Chapter on Wireless Security and Authentication

Question 3

A network administrator needs to connect a department to a new network segment. They need to use a DHCP server located on another network. Which of the following can the administrator use to complete this task?

AIP Helper

BReservation

CExclusion

DScope

Answer : A

An IP Helper (IP Helper Address) allows DHCP requests to pass through routers and reach a DHCP server on another network.

DHCP broadcasts are not forwarded across routers by default, so an IP Helper Address is needed to relay the request.

This is crucial for large networks where a single DHCP server serves multiple subnets.

Option B (Reservation): Ensures a specific IP address is assigned to a MAC address but does not relay DHCP across networks.

Option C (Exclusion): Prevents specific IP addresses from being assigned, but does not help with DHCP relay.

Option D (Scope): Defines the range of IP addresses available for DHCP clients but does not assist in cross-network communication.

? Reference: CompTIA Network+ (N10-009) Official Study Guide -- Section: DHCP and IP Addressing

Question 4

Which of the following will allow secure, remote access to internal applications?

AVPN

BCDN

CSAN

DIDS

Answer : A

A Virtual Private Network (VPN) creates an encrypted connection between a remote user and an internal network, ensuring secure access to internal applications.

VPNs use encryption protocols like IPSec and SSL/TLS to protect data during transmission.

They are widely used for secure remote work, accessing company resources, and bypassing geographic restrictions.

Option B (CDN - Content Delivery Network): Used for speeding up website content delivery, not for remote access security.

Option C (SAN - Storage Area Network): Used for high-speed storage, unrelated to remote access.

Option D (IDS - Intrusion Detection System): Monitors for malicious activities but does not provide secure access to applications.

? Reference: CompTIA Network+ (N10-009) Official Study Guide -- Section: Secure Remote Access Technologies

Question 5

A network administrator recently updated configurations on a Layer 3 switch. Following the updates, users report being unable to reach a specific file server. Which of the following is the most likely cause?

AIncorrect ACLs

BSwitching loop

CDuplicate IP addresses

DWrong default route

Answer : A

*Since this issue occurred after a configuration change on a Layer 3 switch, the most likely cause is misconfigured ACLs (Access Control Lists).

*ACLs control which traffic is allowed or denied, so an incorrect ACL may be blocking access to the file server.

*Why not the other options?

*Switching loop (B): A switching loop occurs at Layer 2 (not Layer 3) and causes network-wide broadcast storms, not just loss of access to a file server.

*Duplicate IP addresses (C): This would cause connectivity issues for the devices with the conflict, but not necessarily prevent all users from accessing the file server.

*Wrong default route (D): The default route is used for traffic leaving the local network. If users are unable to access an internal file server, this is unlikely to be the issue.

CompTIA Network+ (N10-009) Official Guide -- Chapter 8: Network Access Control and ACLs

Question 6

A network administrator needs to fail over services to an off-site environment. This process will take four weeks to become fully operational. Which of the following DR (Disaster Recovery) concepts does this describe?

AHot site

BWarm site

CCold site

DActive-active approach

Answer : C

A cold site is a backup facility that provides infrastructure (such as power, cooling, and space) but does not have active IT resources installed. When a disaster occurs, IT teams must bring in and configure all necessary hardware and software before services can resume. This process can take weeks or longer---which matches the scenario described.

*Why not the other options?

*Hot site (A) -- A hot site is a fully operational backup facility with up-to-date data and pre-configured hardware, allowing almost instant failover (minutes to hours).

*Warm site (B) -- A warm site has pre-installed hardware and some software/configurations, but it requires some setup before becoming fully operational (hours to a few days).

*Active-active approach (D) -- This means that multiple sites run simultaneously with load balancing, ensuring no downtime in case of a failure.

CompTIA Network+ (N10-009) Official Guide -- Chapter 15: Business Continuity and Disaster Recovery

Question 7

Which of the following kinds of targeted attacks uses multiple computers or bots to request the same resource repeatedly?

AOn-path

BDDoS

CARP spoofing

DMAC flooding

Answer : B

A Distributed Denial of Service (DDoS) attack leverages multiple computers or bots (botnet) to flood a target system with requests, overwhelming its resources and making it unavailable to legitimate users. This is a common tactic used by attackers to disrupt services. The document explains:

''A DDoS (Distributed Denial of Service) attack involves multiple computers (often called bots) simultaneously sending requests to a single resource, overwhelming the system and causing a denial of service to legitimate users.''

CompTIA N10-009 CompTIA Network+ Certification Exam Practice Test