Practice Free N10-009 Exam Online Questions
Which of the following is used most often when implementing a secure VPN?
- A . IPSec
- B . GRE
- C . BGP
- D . SSH
A
Explanation:
The most common protocol for secure VPNs is IPsec (Internet Protocol Security). IPsec provides confidentiality, integrity, and authentication for VPN traffic, typically using ESP (Encapsulating Security Payload). It is used in both site-to-site and remote access VPNs.
B. GRE encapsulates traffic but does not provide encryption.
C. BGP is a routing protocol, not a VPN technology.
D. SSH can be used for secure tunneling but is not the standard for VPN deployment.
IPsec is the industry standard because it operates at Layer 3, securing IP traffic regardless of the application, making it highly versatile.
Reference (CompTIA Network+ N10-009):
Domain: Network Security ― VPN protocols, IPsec, ESP.
A network administrator recently upgraded a wireless infrastructure with new APs. Users report that when stationary, the wireless connection drops and reconnects every 20 to 30 seconds. While reviewing logs, the administrator notices the APs are changing channels.
Which of the following is the most likely reason for the service interruptions?
- A . Channel interference
- B . Roaming misconfiguration
- C . Network congestion
- D . Insufficient wireless coverage
A
Explanation:
If APs are changing channels frequently, it indicates automatic channel selection due to interference.
This can cause temporary disconnections as the APs switch frequencies.
Breakdown of Options:
A data center administrator is evaluating the use of jumbo frames within a storage environment.
Which of the following describes the best reason to use jumbo frames in the storage environment?
- A . To reduce device overhead
- B . To report on the current root switch in the STP
- C . To improve routing convergence
- D . To increase drive throughput
A
Explanation:
Jumbo frames are Ethernet frames with a payload greater than the standard 1,500 bytes. Using jumbo frames reduces the number of frames transmitted over the network, thereby reducing the overhead associated with frame headers and processing.
The document explains:
“Jumbo frames are used in storage networks to reduce device overhead by lowering the number of frames required for data transfer, which can increase overall throughput and performance.”
A network administrator needs a solution to isolate and potentially identify any threat actors that are attempting to breach the network.
Which of the following should the administrator implement to determine the type of attack used?
- A . MFA
- B . Screened subnet
- C . Captive portal
- D . Honeypot
D
Explanation:
A honeypot is specifically designed to attract, isolate, and observe malicious activity so defenders can learn how an attacker is operating and determine attack techniques. In the context of Network+ (N10-009) security objectives, honeypots (and broader deception technologies) are defensive controls used to detect reconnaissance and exploitation attempts by presenting a decoy system or service that appears legitimate. Because a honeypot should not receive normal production traffic, any interaction is suspicious, making it valuable for identifying threat actors, collecting indicators of compromise, and analyzing the attacker’s tools, commands, and behavior patterns. This supports the goal of understanding the type of attack used (for example, credential stuffing, exploitation attempts, lateral movement probes) while keeping the attacker away from real assets.
MFA strengthens authentication but does not provide a controlled environment to observe attacker techniques. A screened subnet (DMZ) is for segmentation of public-facing services and reducing exposure of internal systems, but it is not primarily used to “bait” and analyze attackers. A captive portal enforces user acknowledgement/authentication for network access; it is not a deception/analysis system. Therefore, honeypot is the best match.
Which of the following best describes the transmission format that occurs at the transport layer over connectionless communication?
- A . Datagram
- B . Segment
- C . Frames
- D . Packets
A
Explanation:
At the transport layer, connectionless communication is typically handled using the User Datagram Protocol (UDP), which transmits data in units called datagrams. Unlike TCP, UDP does not establish a connection before sending data and does not guarantee delivery, making datagrams the correct term for the transmission format in this context.
Reference: CompTIA Network+ Exam Objectives and official study guides.
A network technician is terminating a cable to a fiber patch panel in the MDF.
Which of the following connector types is most likely in use?
- A . F-type
- B . RJ11
- C . BNC
- D . SC
D
Explanation:
In a fiber patch panel, the SC (Subscriber Connector or Standard Connector) is commonly used because of its push-pull design and reliability in enterprise environments.
Breakdown of Options:
A network technician is terminating a cable to a fiber patch panel in the MDF.
Which of the following connector types is most likely in use?
- A . F-type
- B . RJ11
- C . BNC
- D . SC
D
Explanation:
In a fiber patch panel, the SC (Subscriber Connector or Standard Connector) is commonly used because of its push-pull design and reliability in enterprise environments.
Breakdown of Options:
An IT department asks a newly hired employee to use a personal laptop until the company can provide one.
Which of the following policies is most applicable to this situation?
- A . IAM
- B . BYOD
- C . DLP
- D . AUP
B
Explanation:
BYOD (Bring Your Own Device) policies define rules for using personal devices on the company network. Since the new employee is using a personal laptop, this policy applies.
Breakdown of Options:
A network administrator needs to connect a multimode fiber cable from the MDF to the server room. The administrator connects the cable to Switch 2, but there is no link light. The administrator tests the fiber and finds it does not have any issues. Swapping the connection to Switch 1 in a working port is successful, but the swapped connection does not work on Switch 2.
Which of the following should the administrator verify next?
- A . Fiber length
- B . Transceiver model
- C . Connector type
- D . Port speed
B
Explanation:
The most probable issue is with the transceiver model. Not all transceivers are compatible with multimode fiber, and the specific type (e.g., SFP, SFP+) and its wavelength must match the fiber cable type. If a port works on one switch but not the other with the same cable, this is a strong indicator of incompatible or faulty transceiver hardware.
Reference: Section 1.5 C Transmission Media and Transceivers C “Transceivers and Compatibility”
Which of the following steps of the troubleshooting methodology would most likely include checking through each level of the OSI model after the problem has been identified?
- A . Establish a theory.
- B . Implement the solution.
- C . Create a plan of action.
- D . Verify functionality.
A
Explanation:
The CompTIA troubleshooting methodology includes steps like identifying the problem, establishing a theory of probable cause, testing the theory, creating a plan of action, implementing the solution, verifying functionality, and documenting findings. Establishing a theory involves analyzing the problem and considering possible causes, often by systematically checking each level of the OSI model (Physical, Data Link, Network, etc.) to pinpoint the root cause.
Why not Implement the solution? This step involves applying the fix, not analyzing the OSI model.
Why not Create a plan of action? This step focuses on planning the solution, not diagnosing the cause.
Why not Verify functionality? This step confirms the solution worked, not analyzing the OSI model.
Reference: CompTIA Network+ N10-009 Objective 5.2: Explain the troubleshooting methodology. The CompTIA Network+ Study Guide (e.g., Chapter 13: Network Troubleshooting) details the troubleshooting steps, noting that establishing a theory often involves using the OSI model to systematically identify the cause of network issues.