Practice Free N10-009 Exam Online Questions
Question #51
Which of the following tools uses ICMP to help determine whether a network host is reachable?
- A . tcpdump
- B . netstat
- C . nslookup
- D . ping
Correct Answer: D
D
Explanation:
Ping sends ICMP Echo Request packets and waits for Echo Replies to verify host reachability and measure round-trip time.
D
Explanation:
Ping sends ICMP Echo Request packets and waits for Echo Replies to verify host reachability and measure round-trip time.
Question #52
Which of the following protocols is used to send networking status messages between clients and servers?
- A . SSH
- B . DHCP
- C . NTP
- D . SNMP
Correct Answer: D
D
Explanation:
The correct answer is SNMP (Simple Network Management Protocol) because it is specifically designed to collect and transmit network management and status information between managed devices and management systems. According to CompTIA Network+ (N10-009) objectives, SNMP is used for monitoring and managing network devices such as routers, switches, servers, and printers.
SNMP operates using a manager-agent model. The SNMP manager (such as a network monitoring server) communicates with SNMP agents installed on network devices. Agents send traps and inform messages, which are unsolicited status alerts indicating events such as device failures, high CPU usage, or link outages. The manager can also poll agents to retrieve performance metrics and configuration details stored in the Management Information Base (MIB).
SSH (Option A) is used for secure remote administration. DHCP (Option B) dynamically assigns IP addresses. NTP (Option C) synchronizes time between devices. None of these protocols are designed for network status monitoring and alert messaging.
Therefore, SNMP is the correct protocol for sending networking status messages between devices and management systems.
Bottom of Form
D
Explanation:
The correct answer is SNMP (Simple Network Management Protocol) because it is specifically designed to collect and transmit network management and status information between managed devices and management systems. According to CompTIA Network+ (N10-009) objectives, SNMP is used for monitoring and managing network devices such as routers, switches, servers, and printers.
SNMP operates using a manager-agent model. The SNMP manager (such as a network monitoring server) communicates with SNMP agents installed on network devices. Agents send traps and inform messages, which are unsolicited status alerts indicating events such as device failures, high CPU usage, or link outages. The manager can also poll agents to retrieve performance metrics and configuration details stored in the Management Information Base (MIB).
SSH (Option A) is used for secure remote administration. DHCP (Option B) dynamically assigns IP addresses. NTP (Option C) synchronizes time between devices. None of these protocols are designed for network status monitoring and alert messaging.
Therefore, SNMP is the correct protocol for sending networking status messages between devices and management systems.
Bottom of Form
Question #53
A company is implementing a new internal network in which all devices use IPv6 addresses.
Which of the following routing protocols will be best for this setup?
- A . EIGRP
- B . OSPFv3
- C . BGP4
- D . iBGP
Correct Answer: B
B
Explanation:
For an internal network using IPv6, the best option listed is OSPFv3, which is the OSPF version designed to support IPv6 routing. In Network+ (N10-009) routing objectives, OSPF is a common interior gateway protocol (IGP) used within an organization (an autonomous system) to exchange routes dynamically and converge efficiently. OSPFv3 maintains the link-state approach of OSPF while adding IPv6 support, making it a strong fit for enterprise internal routing where multiple routers and subnets need dynamic path calculation and fast convergence.
BGP4 and iBGP are associated with BGP, primarily used for inter-domain routing on the internet and between large networks; while BGP can carry IPv6 (via MP-BGP), it is generally not the “best” default choice for a typical internal-only enterprise network unless there is a specific design reason. EIGRP can support IPv6 in some implementations, but Network+ typically emphasizes OSPF/OSPFv3 as the widely adopted, vendor-neutral IGP for IPv6 deployments. Given the options and the “best for this setup” wording, OSPFv3 is the most appropriate answer.
B
Explanation:
For an internal network using IPv6, the best option listed is OSPFv3, which is the OSPF version designed to support IPv6 routing. In Network+ (N10-009) routing objectives, OSPF is a common interior gateway protocol (IGP) used within an organization (an autonomous system) to exchange routes dynamically and converge efficiently. OSPFv3 maintains the link-state approach of OSPF while adding IPv6 support, making it a strong fit for enterprise internal routing where multiple routers and subnets need dynamic path calculation and fast convergence.
BGP4 and iBGP are associated with BGP, primarily used for inter-domain routing on the internet and between large networks; while BGP can carry IPv6 (via MP-BGP), it is generally not the “best” default choice for a typical internal-only enterprise network unless there is a specific design reason. EIGRP can support IPv6 in some implementations, but Network+ typically emphasizes OSPF/OSPFv3 as the widely adopted, vendor-neutral IGP for IPv6 deployments. Given the options and the “best for this setup” wording, OSPFv3 is the most appropriate answer.
Question #54
A user is unable to navigate to a website because the provided URL is not resolving to the correct IP address. Other users are able to navigate to the intended website without issue.
Which of the following is most likely causing this issue?
- A . Hosts file
- B . Self-signed certificate
- C . Nameserver record
- D . IP helper ANS
Correct Answer: A
A
Explanation:
Role of the Hosts File:
The hosts file is a local file on a computer that maps hostnames to IP addresses. It can be used to override DNS resolution by providing a static mapping of a hostname to an IP address.
Common Issues with the Hosts File:
If an incorrect IP address is mapped to a hostname in the hosts file, it can cause the computer to resolve the hostname to the wrong IP address. This can lead to navigation issues for specific websites while other users, relying on DNS, do not face the same problem.
Why Other Options are Less Likely:
Self-signed certificate: Relates to SSL/TLS and would cause a security warning, not a navigation failure.
Nameserver record: Affects all users, not just one.
IP helper: Used to forward DHCP requests and is unrelated to DNS resolution issues.
Troubleshooting Steps:
Check the hosts file on the affected user’s computer (C:WindowsSystem32driversetchosts on Windows or /etc/hosts on Unix/Linux).
Look for entries that map the problematic hostname to an incorrect IP address and correct or remove them.
Reference: CompTIA Network+ study materials and system administration documentation.
A
Explanation:
Role of the Hosts File:
The hosts file is a local file on a computer that maps hostnames to IP addresses. It can be used to override DNS resolution by providing a static mapping of a hostname to an IP address.
Common Issues with the Hosts File:
If an incorrect IP address is mapped to a hostname in the hosts file, it can cause the computer to resolve the hostname to the wrong IP address. This can lead to navigation issues for specific websites while other users, relying on DNS, do not face the same problem.
Why Other Options are Less Likely:
Self-signed certificate: Relates to SSL/TLS and would cause a security warning, not a navigation failure.
Nameserver record: Affects all users, not just one.
IP helper: Used to forward DHCP requests and is unrelated to DNS resolution issues.
Troubleshooting Steps:
Check the hosts file on the affected user’s computer (C:WindowsSystem32driversetchosts on Windows or /etc/hosts on Unix/Linux).
Look for entries that map the problematic hostname to an incorrect IP address and correct or remove them.
Reference: CompTIA Network+ study materials and system administration documentation.
Question #55
A network technician is attempting to harden a commercial switch that was recently purchased.
Which of the following hardening techniques best mitigates the use of publicly available information?
- A . Changing the default password
- B . Blocking inbound SSH connections
- C . Removing the gateway from the network configuration
- D . Restricting physical access to the switch
Correct Answer: A
A
Explanation:
Changing the default password is a fundamental step in device hardening, as default credentials are widely known and published online, posing a significant security risk if not updated. The document notes:
“Default passwords are often known by attackers and published on the internet. Changing them to unique, strong passwords is a critical first step in securing network devices against unauthorized access.”
A
Explanation:
Changing the default password is a fundamental step in device hardening, as default credentials are widely known and published online, posing a significant security risk if not updated. The document notes:
“Default passwords are often known by attackers and published on the internet. Changing them to unique, strong passwords is a critical first step in securing network devices against unauthorized access.”
Question #56
Which of the following most directly secures sensitive information on a network?
- A . Data-in-transit encryption
- B . Principle of least privilege
- C . Role-based access controls
- D . Multifactor authentication
Correct Answer: A
A
Explanation:
The option that most directly secures sensitive information on the network is data-in-transit encryption. This ensures that data packets are unreadable to attackers who intercept them while moving across the network. Protocols such as TLS, HTTPS, IPsec, and SSH protect confidentiality and integrity of sensitive information.
B. Principle of least privilege (PoLP) secures access control but does not directly protect data in motion.
C. Role-based access control (RBAC) enforces permissions but again does not secure the data while transmitted.
D. Multifactor authentication (MFA) strengthens identity verification but does not directly protect the data itself once transmitted.
Thus, while all options contribute to overall security, encryption of data-in-transit most directly addresses protection of sensitive information on the network.
Reference (CompTIA Network+ N10-009):
Domain: Network Security ― Encryption methods, confidentiality, data-in-transit protection.
A
Explanation:
The option that most directly secures sensitive information on the network is data-in-transit encryption. This ensures that data packets are unreadable to attackers who intercept them while moving across the network. Protocols such as TLS, HTTPS, IPsec, and SSH protect confidentiality and integrity of sensitive information.
B. Principle of least privilege (PoLP) secures access control but does not directly protect data in motion.
C. Role-based access control (RBAC) enforces permissions but again does not secure the data while transmitted.
D. Multifactor authentication (MFA) strengthens identity verification but does not directly protect the data itself once transmitted.
Thus, while all options contribute to overall security, encryption of data-in-transit most directly addresses protection of sensitive information on the network.
Reference (CompTIA Network+ N10-009):
Domain: Network Security ― Encryption methods, confidentiality, data-in-transit protection.
Question #57
A network administrator is creating a subnet that will include 45 separate hosts on a small private network within a large network architecture.
Which of the following options is the most efficient use of network addresses when assigning this network?
- A . 10.0.50.128/25
- B . 10.7.142.128/27
- C . 10.152.4.192/26
- D . 10.192.1.64/28
Correct Answer: C
C
Explanation:
For 45 hosts, the minimum subnet size must allow at least 46 usable addresses (1 each for network and broadcast addresses).
A /26 subnet provides 64 addresses, 62 usable ― suitable.
A /27 subnet gives only 30 usable ― insufficient.
A /25 offers 126 usable ― more than needed.
A /28 provides just 14 ― too small.
So, the most efficient subnet with minimal wastage is /26.
From Andrew Ramdayal’s guide:
“When designing subnets, always choose the smallest subnet mask that still accommodates all hosts. A /26 provides 62 usable host addresses, suitable for networks with about 50 hosts.”
C
Explanation:
For 45 hosts, the minimum subnet size must allow at least 46 usable addresses (1 each for network and broadcast addresses).
A /26 subnet provides 64 addresses, 62 usable ― suitable.
A /27 subnet gives only 30 usable ― insufficient.
A /25 offers 126 usable ― more than needed.
A /28 provides just 14 ― too small.
So, the most efficient subnet with minimal wastage is /26.
From Andrew Ramdayal’s guide:
“When designing subnets, always choose the smallest subnet mask that still accommodates all hosts. A /26 provides 62 usable host addresses, suitable for networks with about 50 hosts.”
Question #58
A firewall receives traffic on port 80 and forwards it to an internal server on port 88.
Which of the following technologies is being leveraged?
- A . TLS
- B . FHRP
- C . SSL
- D . PAT
Correct Answer: D
D
Explanation:
The correct answer is PAT (Port Address Translation). According to the CompTIA Network+ N10-009 objectives, PAT is a form of Network Address Translation (NAT) that allows multiple internal hosts― or services―to be mapped to a single public IP address using different port numbers. PAT can also translate destination port numbers, which is exactly what is occurring in this scenario.
In this case, the firewall receives incoming traffic on port 80 (commonly used for HTTP) and forwards it to an internal server listening on port 88. This process is often referred to as port forwarding, which is a practical implementation of PAT. The firewall rewrites the destination port and potentially the destination IP address so that external clients can access internal services without exposing internal addressing schemes.
The other options do not apply. TLS and SSL are encryption protocols used to secure data in transit; they do not perform port translation. FHRP (First Hop Redundancy Protocol), such as HSRP or VRRP, provides gateway redundancy and high availability, not traffic forwarding or port remapping.
The Network+ objectives emphasize understanding how firewalls and NAT technologies manipulate IP addresses and ports to enable secure access to internal resources. PAT is the technology that enables this functionality, making it the correct answer.
D
Explanation:
The correct answer is PAT (Port Address Translation). According to the CompTIA Network+ N10-009 objectives, PAT is a form of Network Address Translation (NAT) that allows multiple internal hosts― or services―to be mapped to a single public IP address using different port numbers. PAT can also translate destination port numbers, which is exactly what is occurring in this scenario.
In this case, the firewall receives incoming traffic on port 80 (commonly used for HTTP) and forwards it to an internal server listening on port 88. This process is often referred to as port forwarding, which is a practical implementation of PAT. The firewall rewrites the destination port and potentially the destination IP address so that external clients can access internal services without exposing internal addressing schemes.
The other options do not apply. TLS and SSL are encryption protocols used to secure data in transit; they do not perform port translation. FHRP (First Hop Redundancy Protocol), such as HSRP or VRRP, provides gateway redundancy and high availability, not traffic forwarding or port remapping.
The Network+ objectives emphasize understanding how firewalls and NAT technologies manipulate IP addresses and ports to enable secure access to internal resources. PAT is the technology that enables this functionality, making it the correct answer.
Question #59
Which of the following would most likely be utilized to implement encryption in transit when using HTTPS?
- A . SSH
- B . TLS
- C . SCADA
- D . RADIUS
Correct Answer: B
B
Explanation:
TLS (Transport Layer Security) is the protocol that provides encryption in transit for HTTPS. It ensures data is encrypted between the client (browser) and the web server, protecting it from interception or tampering.
B
Explanation:
TLS (Transport Layer Security) is the protocol that provides encryption in transit for HTTPS. It ensures data is encrypted between the client (browser) and the web server, protecting it from interception or tampering.
Question #60
Which of the following facilities is the best example of a warm site in the event of information system disruption?
- A . A combination of public and private cloud services to restore data
- B . A partial infrastructure, software, and data on site
- C . A full electrical infrastructure in place, but no customer devices on site
- D . A full infrastructure in place, but no current data on site
Correct Answer: D
D
Explanation:
A warm site typically has a full infrastructure ready, but it lacks the most up-to-date data or is not immediately operational. It requires some configuration or data restoration to become fully functional.
D
Explanation:
A warm site typically has a full infrastructure ready, but it lacks the most up-to-date data or is not immediately operational. It requires some configuration or data restoration to become fully functional.