Comptia: Exam Questions N10-009

Recommend!!
Get the Full N10-009 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/N10-009-exam-dumps.html (111 New Questions)
CompTIA
Exam Questions N10-009
CompTIA Network+ Exam
Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full N10-009 dumps in VCE and PDF From SurePassExam
NEW QUESTION 1
- (Topic 3)
A network technician is attempting to harden a commercial switch that was recently purchased. Which of the following hardening techniques best mitigates the use
of publicly available information?
A. Changing the default password

B. Blocking inbound SSH connections
C. Removing the gateway from the network configuration
D. Restricting physical access to the switch
Answer: A
Explanation:
Changing the default password is a hardening technique that best mitigates the use of publicly available information, such as vendor documentation, online
forums, or hacking tools, that may reveal the default credentials of a commercial switch. By changing the default password to a strong and unique one, the network
technician can prevent unauthorized access to the switch configuration and management. References:
? Network Hardening - N10-008 CompTIA Network+ : 4.3 - YouTube1
? CompTIA Network+ Certification Exam Objectives, page 151
NEW QUESTION 2
- (Topic 3)
Which of the following would most likely affect design considerations when building out an IDF?
A. The source panel amperage

B. The fire suppression system
C. The humidity levels
D. The cable transmission speeds
Answer: B
Explanation:
The fire suppression system is a design consideration when building out an IDF because it can affect the safety and reliability of the network equipment and
cabling. A fire suppression system is a system that detects and extinguishes fires in a building, using water, gas, or chemicals. Depending on the type of fire
suppression system, it can have different impacts on the IDF design, such as:
? Water-based systems, such as sprinklers, can damage the network equipment and cabling if they are activated by a fire or a false alarm. Therefore, the IDF
should be designed to protect the equipment and cabling from water exposure, such as using waterproof cabinets, drip pans, and conduits.
? Gas-based systems, such as clean agent systems, can displace the oxygen in the IDF and cause suffocation for anyone inside. Therefore, the IDF should be
designed to allow for ventilation and air circulation, as well as warning signs and alarms to alert anyone in the IDF before the gas is released.
? Chemical-based systems, such as dry chemical systems, can leave a residue on the network equipment and cabling that can affect their performance and
lifespan. Therefore, the IDF should be designed to minimize the contact between the chemical and the equipment and cabling, as well as provide a means for
cleaning and restoring them after a fire.
The other options are not correct because:
? The source panel amperage is not a design consideration when building out an IDF, as it is determined by the electrical circuit and the power needs of the
network equipment and cabling. The source panel amperage does not affect the layout, location, or protection of the IDF.
? The humidity levels are not a design consideration when building out an IDF, as they are controlled by the HVAC system and the ventilation of the IDF. The
humidity levels do not affect the layout, location, or protection of the IDF.
? The cable transmission speeds are not a design consideration when building out an IDF, as they are determined by the type and quality of the network cabling
and the network equipment. The cable transmission speeds do not affect the layout, location, or protection of the IDF.
NEW QUESTION 3
- (Topic 3)
Which of the following compromises internet-connected devices and makes them vulnerable to becoming part of a botnet? (Select TWO).
A. Deauthentication attack
B. Malware infection
C. IP spoofing
D. Firmware corruption
E. Use of default credentials
F. Dictionary attack
Answer: BE
NEW QUESTION 4
- (Topic 3)
During an incident, an analyst sends reports regularly to the investigation and leadership teams. Which of the following best describes how Pll should be
safeguarded during an incident?
A. Implement data encryption and store the data so only the company has access.
B. Ensure permissions are limited to the investigation team and encrypt the data.
C. Implement data encryption and create a standardized procedure for deleting data that is no longer needed.
D. Ensure the permissions are open only to the company.
Answer: C
Explanation:
PII stands for Personally Identifiable Information, which is any data that can be used to identify, contact, or locate a specific individual, such as name, address,
phone number, email, social security number, and so on. PII should be safeguarded during an incident to protect the privacy and security of the individuals
involved, and to comply with the legal and ethical obligations of the organization. One way to safeguard PII during an incident is to implement data encryption,

which is a process of transforming data into an unreadable format that can only be accessed by authorized parties who have the decryption key. Data encryption
can prevent unauthorized access, modification, or disclosure of PII by malicious actors or third parties. Another way to safeguard PII during an incident is to create
a standardized procedure for deleting data that is no longer needed, such as after the incident is resolved or the investigation is completed. Deleting data that is no
longer needed can reduce the risk of data breaches, data leaks, or data theft, and can also save storage space and resources. A standardized procedure for
deleting data can ensure that the data is erased securely and completely, and that the deletion process is documented and audited.
References
? 1: CompTIA Network+ N10-008 Certification Study Guide, page 304-305
? 2: CompTIA Network+ N10-008 Exam Subnetting Quiz, question 13
? 3: CompTIA Network+ N10-008 Certification Practice Test, question 5
? 4: Data Encryption – N10-008 CompTIA Network+ : 3.1
NEW QUESTION 5
- (Topic 3)
A PC and a network server have no network connectivity, and a help desk technician is attempting to resolve the issue. The technician plans to run a constant ping
command from a Windows workstation while testing various possible reasons for the connectivity issue. Which of the following should the technician use?
A. ping —w
B. ping -i
C. ping —s
D. ping —t
Answer: D
Explanation:
ping -t is an option for the ping command in Windows that allows the user to send continuous ping requests to a target until stopped by pressing Ctrl-C. This can
help the technician run a constant ping command while testing various possible reasons for the connectivity issue. ping -w is an option for the ping command in
Windows that allows the user to specify a timeout value in milliseconds for each ping request. ping -i is an option for the ping command in Linux that allows the
user to specify the time interval in seconds between each ping request. ping -s is an option for the ping command in Linux that allows the user to specify the size of
the data payload in bytes for each ping request.
References: How to Use the Ping Command in Windows - Lifewire (https://www.lifewire.com/ping-command-2618099)
NEW QUESTION 6
- (Topic 3)
A network administrator needs to create an SVI on a Layer 3-capable device to separate voice and data traffic. Which of the following best explains this use case?
A. A physical interface used for trunking logical ports

B. A physical interface used for management access
C. A logical interface used for the routing of VLANs
D. A logical interface used when the number of physical ports is insufficient
Answer: C
Explanation:
An SVI, or switched virtual interface, is a logical interface that is created on a Layer 3- capable device, such as a multilayer switch or a router. An SVI is associated
with a VLAN and can be used to route traffic between different VLANs on the same device or across multiple devices. An SVI can also provide management
access, security features, and quality of service (QoS) for the VLAN. An SVI is different from a physical interface, which is a port that connects to a physical device
or network. A physical interface can be used for trunking, which is a method of carrying multiple VLANs over a single link, or for connecting to a single VLAN. An
SVI is also different from a subinterface, which is a logical division of a physical interface that can be assigned to different VLANs.
References:
? VLANs and Trunking – N10-008 CompTIA Network+ : 2.11
? Switched Virtual Interfaces – N10-008 CompTIA Network+ : 2.22
NEW QUESTION 7
- (Topic 3)
A company's publicly accessible servers are connected to a switch between the company's ISP-connected router and the firewall in front of the company network.
The firewall is stateful, and the router is running an ACL. Which of the following best describes the area between the router and the firewall?
A. Untrusted zone
B. Screened subnet
C. Trusted zone
D. Private VLAN
Answer: B
Explanation:
A screened subnet is a network segment that is isolated from both the internal and external networks by firewalls or routers. It is used to host publicly accessible
servers that need some protection from external attacks, but also need to be separated from the internal network for security reasons.
References
? 1: Seven-Second Subnetting – N10-008 CompTIA Network+ : 1.4
? 2: CompTIA Network+ Study Guide: Exam N10-008, 5th Edition, page 56
NEW QUESTION 8
- (Topic 3)
A network administrator is given the network 80.87.78.0/26 for specific device assignments. Which of the following describes this network?
A. 80.87.78 0 - 80.87.78.14
B. 80.87.78 0 - 80.87.78.110
C. 80.87.78 1 - 80.87.78.62

D. 80.87.78.1 - 80.87.78.158
Answer: C
Explanation:
The network 80.87.78.0/26 is a Class A network with a subnet mask of /26, which means that it contains 26 bits of network information and 6 bits of host
information.
The range of valid host addresses for this network is 80.87.78.1 to 80.87.78.62. Any addresses outside of this range are reserved for special purposes or are not
used.
NEW QUESTION 9
- (Topic 3)
Which of the following types of attacks can be used to gain credentials by setting up rogue APs with identical corporate SSIDs?
A. VLAN hopping
B. Evil twin
C. DNS poisoning
D. Social engineering
Answer: B
NEW QUESTION 10
- (Topic 3)
A technician is expanding a wireless network and adding new access points. The company requires that each access point broadcast the same SSID. Which of the
following should the technician implement for this requirement?
A. MIMO
B. Roaming
C. Channel bonding
D. Extended service set
Answer: D
Explanation:
An extended service set (ESS) is a wireless network that consists of two or more access points (APs) that share the same SSID and are connected by a
distribution system, such as a switch or a router. An ESS allows wireless clients to roam seamlessly between different APs without losing connectivity or changing
network settings. An ESS can also increase the coverage area and capacity of a wireless network
NEW QUESTION 10
- (Topic 3)
A network administrator is trying to create a subnet, which is the most efficient size possible, for 31 laptops. Which of the following network subnets would be best
in this situation?
A. 10.10.10.0/24
B. 10.10.10.0/25
C. 10.10.10.0/26
D. 10.10.10.0/27
Answer: D
Explanation:
A /27 subnet mask has 32 IP addresses, of which 30 are usable for hosts. This is the smallest subnet that can accommodate 31 laptops, as the other options have
either too few or too many IP addresses. A /27 subnet mask is equivalent to 255.255.255.224 in decimal notation, and has a wildcard mask of 0.0.0.31. The
network address is 10.10.10.0, and the broadcast address is 10.10.10.31. The usable host range is 10.10.10.1 to 10.10.10.30.
References
1: Subnet Cheat Sheet – 24 Subnet Mask, 30, 26, 27, 29, and other IP Address CIDR Network References
2: IP Subnet Calculator
NEW QUESTION 11
- (Topic 3)
A network engineer needs to create a subnet that has the capacity for five VLANs. with the following number of clients lo be allowed on each:
Which of the following is the SMALLEST subnet capable of this setup that also has the capacity to double the number of clients in the future?
A. 10.0.0.0/21
B. 10.0.0.0/22
C. 10.0.0.0/23
D. 10.0.0.0/24

Answer: B
NEW QUESTION 14
- (Topic 3)
A customer is adding fiber connectivity between adjacent buildings. A technician terminates the multimode cable to the fiber patch panel. After the technician
connects the fiber patch cable, the indicator light
does not come on. Which of the following should a technician try first to troubleshoot this issue?
A. Reverse the fibers.

B. Reterminate the fibers.
C. Verify the fiber size.
D. Examine the cable runs for visual faults.
Answer: A
Explanation:
One of the most common causes of fiber connectivity issues is the reversal of the fibers. This means that the transmit (TX) and receive (RX) ports on one end of
the fiber link are not matched with the corresponding ports on the other end. For example, if the TX port on one device is connected to the TX port on another
device, and the same for the RX ports, then the devices will not be able to communicate with each other. This can result in no indicator light, no link, or no data
transmission12.
To troubleshoot this issue, the technician should first try to reverse the fibers. This can be done by swapping the connectors at one end of the fiber patch cable, or
by using a crossover adapter or cable that reverses the polarity of the fibers. The technician should then check if the indicator light comes on and if the devices can
communicate properly12. The other options are not the first steps to troubleshoot this issue. Reterminating the fibers is a time-consuming and costly process that
should be done only if there is evidence of physical damage or poor quality of the termination. Verifying the fiber size is not relevant in this scenario, as multimode
fiber is compatible with multimode fiber, and any mismatch in core diameter or bandwidth would result in high attenuation, not complete loss of signal. Examining
the cable runs for visual faults is a useful technique, but it requires a special tool called a visual fault locator (VFL) that emits a visible red light through the fiber and
shows any breaks or bends along the cable. However, a VFL cannot detect polarity issues or connector problems, so it is not sufficient to troubleshoot this issue
NEW QUESTION 16
- (Topic 3)
A Wi-Fi network was recently deployed in a new, multilevel budding. Several issues are now being reported related to latency and drops in coverage. Which of the
following is the FIRST step to troubleshoot the issues?
A. Perform a site survey.

B. Review the AP placement
C. Monitor channel utilization.
D. Test cable attenuation.
Answer: A
NEW QUESTION 19
- (Topic 3)
Which of the following technologies would MOST likely De used to prevent the loss of connection between a virtual server and network storage devices?
A. Multipathing
B. VRRP
C. Port aggregation
D. NIC teaming
Answer: D
Explanation:
NIC teaming is a technology that allows multiple network interface cards (NICs) to work together as a single logical interface, providing redundancy and load
balancing. This can prevent the loss of connection between a virtual server and network storage devices if one of the NICs fails or becomes disconnected.
References: [CompTIA Network+ Certification Exam Objectives], Domain 2.0 Networking Concepts, Objective 2.5: Explain the purposes and use cases for
advanced networking devices, Subobjective: NIC bonding/teaming
NEW QUESTION 24
- (Topic 3)
Which of the following is an advantage of using the cloud as a redundant data center?
A. The process of changing cloud providers is easy.

B. Better security for company data is provided.
C. The initial capital expenses are lower.
D. The need for backups is eliminated.
Answer: C
Explanation:
Using the cloud as a redundant data center means that the company does not need to invest in building and maintaining a physical backup site, which can be
costly and time- consuming. Instead, the company can pay for the cloud services as needed, which can reduce the initial capital expenses and operational costs.
However, this does not mean that the other options are true. Changing cloud providers may not be easy due to compatibility, contractual, or regulatory issues.
Security for company data may not be better in the cloud, depending on the cloud provider’s policies and practices. The need for backups is not eliminated, as the
cloud data still needs to be protected from loss, corruption, or unauthorized access.
References:
? Part 1 of current page talks about how Bing is your AI-powered copilot for the web and provides various examples of how it can help you with different tasks,
such as writing a joke, creating a table, or summarizing research. However, it does not mention anything about using the cloud as a redundant data center.
? Part 2 of current page shows the search results for “ai powered search bing chat”, which include web, image, and news results. However, none of these results
seem to be relevant to the question, as they are mostly about Bing’s features, products, or announcements, not about cloud computing or data centers.

? Therefore, I cannot find the answer or the explanation from the current page. I have to use my own knowledge and information from other sources to verify the
answer and provide a short but comprehensive explanation. I will cite these sources using numerical references.
? : CompTIA Network+ Certification Exam Objectives, Version 8.0, Domain 3.0: Network Operations, Objective 3.4: Given a scenario, use appropriate resources to
support configuration management, Subobjective 3.4.2: Cloud-based configuration management, https://www.comptia.jp/pdf/comptia-network-n10-008-exam-
objectives.pdf
? : Cloud Computing: Concepts, Technology & Architecture, Chapter 9: Fundamental Cloud Security, Section 9.1: Cloud Security Threats,
https://ptgmedia.pearsoncmg.com/images/9780133387520/samplepages/9780133 387520.pdf
? : Cloud Computing: Principles and Paradigms, Chapter 19: Data Protection and Disaster Recovery for Cloud Computing, Section 19.1: Introduction,
https://onlinelibrary.wiley.com/doi/pdf/10.1002/9780470940105.ch19
NEW QUESTION 26
- (Topic 3)
Which of the following documents is MOST likely to be associated with identifying and documenting critical applications?
A. Software development life-cycle policy

B. User acceptance testing plan
C. Change management policy
D. Business continuity plan
Answer: D
Explanation:
A business continuity plan (BCP) is a document that outlines the procedures and strategies to ensure the continuity of critical business functions in the event of a
disaster or disruption. A BCP is most likely to be associated with identifying and documenting critical applications that are essential for the organization’s
operations and recovery. A BCP also defines the roles and responsibilities of the staff, the backup and restore processes, the communication channels, and the
testing and maintenance schedules.
References: Network+ Study Guide Objective 5.2: Explain disaster recovery and business continuity concepts.
NEW QUESTION 28
- (Topic 3)
A security engineer is trying to connect cameras to a 12-port PoE switch, but only eight cameras turn on. Which of the following should the engineer check first?
A. Ethernet cable type

B. Voltage
C. Transceiver compatibility
D. DHCP addressing
Answer: B
Explanation:
The most likely reason why only eight cameras turn on is that the PoE switch does not
have enough power budget to supply all 12 cameras. The engineer should check the voltage and wattage ratings of the PoE switch and the cameras, and make
sure they are compatible and sufficient. The Ethernet cable type, transceiver compatibility, and DHCP addressing are less likely to cause this problem, as they
would affect the data transmission rather than the power delivery.
References:
? CompTIA Network+ N10-008 Certification Study Guide, page 181
? CompTIA Network+ N10-008 Cert Guide, Deluxe Edition, page 352
? PoE Troubleshooting: The Common PoE Errors and Solutions3
NEW QUESTION 32
- (Topic 3)
While troubleshooting a network, a VoIP systems engineer discovers a significant inconsistency in the amount of time required for data to reach its destination and
return. Which of the following terms best describes this issue?
A. Bandwidth
B. Latency
C. Jitter
D. Throughput
Answer: C
Explanation:
Jitter is the variation in the delay of data packets over a network. It is caused by factors such as network congestion, routing changes, packet loss, or improper
queuing. Jitter affects the quality of VoIP calls because it can cause gaps, distortion, or out-of-order delivery of voice data. Jitter can be measured by the difference
between the expected and actual arrival times of packets2. To reduce jitter, VoIP systems use buffers to store and reorder packets before playing them back.
However, too much buffering can also increase latency, which is the total time it takes for data to travel from one point to another3.
References2 - VoIP Troubleshooting: 5 Fixes for Common Connection Issues - Nextiva3 - Troubleshooting VoIP — Is it You or the Network? - PingPlotter
NEW QUESTION 37
- (Topic 3)
An engineer recently decided to upgrade the firmware on a router. During the upgrade, the help desk received calls about a network outage, and a critical ticket
was opened. The network manager would like to create a policy to prevent this from happening in the future. Which of the following documents should the
manager create?
A. Change management
B. incident response
C. Standard operating procedure
D. System life cycle

Answer: A
NEW QUESTION 40
- (Topic 3)
A bank installed a new smart TV to stream online video services, but the smart TV was not able to connect to the branch Wi-Fi. The next day. a technician was
able to connect the TV to the Wi-Fi, but a bank laptop lost network access at the same time. Which of the following is the MOST likely cause?
A. DHCP scope exhaustion

B. AP configuration reset
C. Hidden SSID
D. Channel overlap
Answer: A
Explanation:
DHCP scope exhaustion is the situation when a DHCP server runs out of available IP addresses to assign to clients. DHCP stands for Dynamic Host
Configuration Protocol, which is a network protocol that automatically assigns IP addresses and other configuration parameters to clients on a network. A DHCP
scope is a range of IP addresses that a DHCP server can distribute to clients. If the DHCP scope is exhausted, new clients will not be able to obtain an IP address
and connect to the network. This can explain why the smart TV was not able to connect to the branch Wi-Fi on the first day, and why the bank laptop lost network
access on the next day when the TV was connected. The technician should either increase the size of the DHCP scope or reduce the lease time of the IP
addresses to avoid DHCP scope exhaustion. References: [CompTIA Network+ Certification Exam Objectives], DHCP Scope Exhaustion - What Is It? How Do You
Fix It?
NEW QUESTION 43
- (Topic 3)
Which of the following devices Is used to configure and centrally manage access points Installed at different locations?
A. Wireless controller
B. Load balancer
C. Proxy server
D. VPN concentrator
Answer: A
Explanation:
Access points (APs) can be configured and centrally managed using a wireless LAN controller (WLC). A WLC is a device that connects to multiple APs and
provides centralized management and control of those APs. The WLC can be used to configure settings such as wireless network parameters, security settings,
and quality of service (QoS) policies. Additionally, the WLC can be used to monitor the status of connected APs, track client connections, and gather statistics on
network usage. Some vendors such as Cisco, Aruba, Ruckus, etc. provide wireless LAN controllers as part of their wireless networking solutions.
NEW QUESTION 47
- (Topic 3)
A customer reports there is no access to resources following the replacement of switches. A technician goes to the site to examine the configuration and discovers
redundant links between two switches. Which of the following is the reason the network is not functional?
A. The ARP cache has become corrupt.

B. CSMA/CD protocols have failed.
C. STP is not configured.
D. The switches are incompatible models
Answer: C
Explanation:
The reason the network is not functional is that STP (Spanning Tree Protocol) is not configured on the switches. STP is a protocol that prevents loops in a network
topology by blocking redundant links between switches. If STP is not enabled, the switches will forward broadcast frames endlessly, creating a broadcast storm
that consumes network resources and disrupts communication. References: CompTIA Network+ N10-008 Certification Study Guide, page 67; The Official
CompTIA Network+ Student Guide (Exam N10-008), page 2-14.
NEW QUESTION 51
- (Topic 3)
An ISP is providing Internet to a retail store and has terminated its point of connection using a standard Cat 6 pin-out Which of me following terminations should
the technician use when running a cable from the ISP's port lo the front desk?
A. F-type connector
B. TIA/E1A-56S-B
C. LC
D. SC
Answer: B
Explanation:
The termination that the technician should use when running a cable from the ISP’s port to the front desk is B. TIA/EIA-568-B. This is a standard pin-out for Cat 6
cables that is used for Ethernet and other network physical layers1. It specifies how to arrange the eight wires in an RJ45 connector, which is a common type of
connector for network cables.
NEW QUESTION 55
- (Topic 3)

Users are reporting poor wireless performance in some areas of an industrial plant The wireless controller is measuring a tow EIRP value compared to me
recommendations noted on me most recent site survey. Which of the following should be verified or replaced for the EIRP value to meet the site survey's
specifications? (Select TWO).
A. AP transmit power
B. Channel utilization
C. Signal loss
D. Update ARP tables
E. Antenna gain
F. AP association time
Answer: AE
Explanation:
? AP transmit power: You should check if your APs have sufficient power output and adjust them if needed. You should also make sure they are not exceeding
regulatory limits for your region.
? Antenna gain: You should check if your antennas have adequate gain for your coverage area and replace them if needed. You should also make sure they are
aligned properly and not obstructed by any objects.
In the scenario described, the wireless controller is measuring a low EIRP value compared to the recommendations noted in the most recent site survey. EIRP is
the combination of the power transmitted by the access point and the antenna gain. Therefore, to increase the EIRP value to meet the site survey's specifications,
the administrator should verify or replace the AP transmit power (option A) and the antenna gain (option E). This can be achieved by adjusting the transmit power
settings on the AP or by replacing the AP's antenna with one that has a higher gain
NEW QUESTION 59
- (Topic 3)
Network traffic is being compromised by DNS poisoning every time a company's router is connected to the internet. The network team detects a non-authorized
DNS server being assigned to the network clients and remediates the incident by setting a trusted DNS server, but the issue occurs again after internet exposure.
Which of the following best practices should be implemented on the router?
A. Change the device's default password.

B. Disable router advertisement guard.
C. Activate control plane policing.
D. Disable unneeded network services.
Answer: A
NEW QUESTION 63
- (Topic 3)
The Chief Executive Officer of a company wants to ensure business operations are not disrupted in the event of a disaster. The solution must have fully redundant
equipment, real-time synchronization, and zero data loss. Which Of the following should be prepared?
A. Cloud site
B. Warm site
C. Hot site
D. Cold site
Answer: C
Explanation:
A hot site is a backup site that is fully equipped and ready to take over the operations of the primary site in the event of a disaster. A hot site has real-time
synchronization with the primary site and can provide zero data loss. A hot site is the most expensive and reliable option for disaster recovery.
References: Network+ Study Guide Objective 5.3: Explain common scanning, monitoring and patching processes and summarize their expected outputs.
NEW QUESTION 65
- (Topic 3)
In which of the following components do routing protocols belong in a software-defined network?
A. Infrastructure layer
B. Control layer
C. Application layer
D. Management plane
Answer: B
Explanation:
A software-defined network (SDN) is a network architecture that decouples the control plane from the data plane and centralizes the network intelligence in a
software controller. The control plane is the part of the network that makes decisions about how to route traffic, while the data plane is the part of the network that
forwards traffic based on the control plane’s instructions. The control layer is the layer in an SDN that contains the controller and the routing protocols that
communicate with the network devices. The control layer is responsible for managing and configuring the network devices and providing them with the necessary
information to forward traffic. References: https://www.comptia.org/training/books/network-n10-008-study-guide (page 378)
NEW QUESTION 68
- (Topic 3)
Which of the following routing technologies is used to prevent network failure at the gateway by protecting data traffic from a failed router?
A. BGP
B. OSPF
C. EIGRP
D. FHRP

Answer: D
Explanation:
FHRP stands for First Hop Redundancy Protocol, and it is a group of protocols that allow routers to work together to provide backup or failover for the default
gateway in a network. FHRP can prevent network failure at the gateway by protecting data traffic from a failed router and ensuring that there is always an active
router to forward packets. Some examples of FHRP protocols are HSRP, VRRP, and GLBP12.
References: 1: CompTIA Network+ N10-008 Cert Guide - Chapter 13: Routing Protocols32: First Hop Redundancy Protocols (FHRP) Explained4
NEW QUESTION 70
- (Topic 3)
Due to space constraints in an IDF, a network administrator can only a do a single switch to
accommodate three data networks. The administrator needs a configuration that will allow each device to access its expected network without additional
connections. The configuration must also allow each device to access the rest of the network. Which of the following should the administrator do to meet these
requirements? (Select TWO).
A. Untag the three VLANs across the uplink

B. Tag an individual VLAN across the uplink
C. Untag an individual VLAN per device port
D. Tag an individual VLAN per device port
E. Tag the three VLANs across the uplink.
F. Tag the three VLANs per device port.
Answer: AC
Explanation:
To achieve this, you should do two things:
? Tag the three VLANs across the uplink port that connects to another switch or router. This will allow data packets from different VLANs to cross over into other
networks.
? Untag an individual VLAN per device port that connects to an end device. This will assign each device to its expected network without additional connections.
NEW QUESTION 74
- (Topic 3)
A technician is troubleshooting reports that a networked printer is unavailable. The printer's IP address is configured with a DHCP reservation, but the address
cannot be pinged from the print server in the same subnet. Which of the following is MOST likely the cause of me connectivity failure?
A. Incorrect VLAN
B. DNS failure
C. DHCP scope exhaustion
D. Incorrect gateway
Answer: D
NEW QUESTION 78
- (Topic 3)
A network administrator installed an additional IDF during a building expansion project. Which of the following documents need to be updated to reflect the
change? (Select TWO).
A. Data loss prevention policy

B. BYOD policy
C. Acceptable use policy
D. Non-disclosure agreement
E. Disaster recovery plan
F. Physical network diagram
Answer: AF
NEW QUESTION 83
- (Topic 3)
Which of the following is the IEEE link cost for a Fast Ethernet interface in STP calculations?
A. 2
B. 4
C. 19
D. 100
Answer: D
Explanation:
The IEEE standard for link cost for a Fast Ethernet interface is 100, and for a Gigabit Ethernet interface is 19. These values are based on the bandwidth of the
interface, with lower values indicating a higher-bandwidth interface.
NEW QUESTION 86
- (Topic 3)
A technician received a report that some users in a large, 30-floor building are having intermittent connectivity issues. Users on each floor have stable connectivity,
but do not have connectivity to other floors. Which of the following devices is MOST likely causing the issue?
A. User devices
B. Edge devices

C. Access switch
D. Core switch
Answer: D
Explanation:
A core switch is the most likely device causing the issue where users on each floor have stable connectivity, but do not have connectivity to other floors. A core
switch is a high-performance switch that connects multiple access switches in a network. An access switch is a switch that connects end devices, such as
computers and printers, to the network. A core switch acts as the backbone of the network, providing interconnection and routing between different subnets or
VLANs. If the core switch is malfunctioning or misconfigured, it can prevent communication between different segments of the network, resulting in intermittent
connectivity issues. References: [CompTIA Network+ Certification Exam Objectives], Core Switch vs Access Switch: What Are the Differences?
NEW QUESTION 87
- (Topic 3)
A wireless technician is working to upgrade the wireless infrastructure for a company. The company currently uses the 802.11g wireless standard on all access
points. The company requires backward compatibility and is requesting the least expensive solution. Which of the following should the technician recommend to
the company?
A. 802.11a
B. 802.11ac
C. 802Hax
D. 802.11n
Answer: D
Explanation:
* 802.11n is a wireless standard that supports data rates up to 600 Mbps and operates in both 2.4 GHz and 5 GHz frequency bands. 802.11n is backward
compatible with 802.11g, which operates only in 2.4 GHz band. 802.11n is the least expensive solution that can upgrade the wireless infrastructure for the
company, as it does not require replacing all the access points or wireless devices
NEW QUESTION 91
- (Topic 3)
While setting up a new workstation, a technician discovers that the network connection is only 100 full duplex (FD), although it is connected to a gigabit switch.
While reviewing the interface information in the switch CLI, the technician notes the port is operating at IOOFD but Shows many RX and TX errors. The technician
moves the computer to another switchport and experiences the same issues.
Which of the following is MOST likely the cause of the low data rate and port errors?
A. Bad switch ports

B. Duplex issues
C. Cable length
D. Incorrect pinout
Answer: B
NEW QUESTION 93
- (Topic 3)
A network technician has determined the cause of a network disruption. Which of the following is the NEXT step for the technician to perform?
A. Validate the findings in a top-to-bottom approach

B. Duplicate the issue, if possible
C. Establish a plan of action to resolve the issue
D. Document the findings and actions
Answer: C
NEW QUESTION 97
- (Topic 3)
A technician is deploying a new SSID for an industrial control system. The control devices require the network to use encryption that employs TKIP and a
symmetrical password to connect. Which of the following should the technician configure to ensure compatibility with the control devices?
A. WPA2-Enterprise
B. WPA-Enterprise
C. WPA-PSK
D. WPA2-PSK
Answer: C
Explanation:
"WPA uses Temporal Key Integrity Protocol (TKIP) for enhanced encryption. TKIP uses RC4 for the encryption algorithm, and the CompTIA Network+ exam may
reference TKIP-RC4 in a discussion of wireless."
" WPA2 uses Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) for integrity checking and Advanced Encryption Standard
(AES) for encryption. On the Network+ exam, you might find this referenced as simply CCMP-AES"
NEW QUESTION 98
- (Topic 3)
Which of the following ports is a secure protocol?
A. 20

B. 23
C. 443
D. 445
Answer: C
Explanation:
This is the port number for HTTPS, which stands for Hypertext Transfer Protocol Secure. HTTPS is a secure version of HTTP, which is the protocol used to
communicate between web browsers and web servers. HTTPS encrypts the data sent and received using SSL/TLS, which are cryptographic protocols that provide
authentication, confidentiality, and integrity. HTTPS is commonly used for online transactions, such as banking and shopping, where security and privacy are
important
NEW QUESTION 102

SIMULATION - (Topic 3)
A network technician was recently onboarded to a company. A manager has
tasked the technician with documenting the network and has provided the technician With partial information from previous documentation.
Instructions:
Click on each switch to perform a network discovery by entering commands into the terminal. Fill in the missing information using drop-down menus provided.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
(Note: Ips will be change on each simulation task, so we have given example answer for the understanding)
To perform a network discovery by entering commands into the terminal, you can use the following steps:
? Click on each switch to open its terminal window.
? Enter the command show ip interface brief to display the IP addresses and statuses of the switch interfaces.
? Enter the command show vlan brief to display the VLAN configurations and assignments of the switch interfaces.
? Enter the command show cdp neighbors to display the information about the neighboring devices that are connected to the switch.
? Fill in the missing information in the diagram using the drop-down menus provided. Here is an example of how to fill in the missing information for Core Switch 1:
? The IP address of Core Switch 1 is 192.168.1.1.
? The VLAN configuration of Core Switch 1 is VLAN 1: 192.168.1.0/24, VLAN 2: 192.168.2.0/24, VLAN 3: 192.168.3.0/24.
? The neighboring devices of Core Switch 1 are Access Switch 1 and Access Switch 2.
? The interfaces that connect Core Switch 1 to Access Switch 1 are GigabitEthernet0/1 and GigabitEthernet0/2.
? The interfaces that connect Core Switch 1 to Access Switch 2 are GigabitEthernet0/3 and GigabitEthernet0/4.
You can use the same steps to fill in the missing information for Access Switch 1 and Access Switch 2.
NEW QUESTION 105

- (Topic 3)
After installing a new wireless access point, an engineer tests the device and sees that it is not performing at the rated speeds. Which of the following should the
engineer do to troubleshoot the issue? (Select two).
A. Ensure a bottleneck is not coming from other devices on the network.

B. Install the latest firmware for the device.
C. Create a new VLAN for the access point.
D. Make sure the SSID is not longer than 16 characters.

E. Configure the AP in autonomous mode.

F. Install a wireless LAN controller.
Answer: AB
Explanation:
One possible cause of poor wireless performance is a bottleneck in the network, which means that other devices or applications are consuming too much
bandwidth or resources and limiting the speed of the wireless access point. To troubleshoot this issue, the engineer should ensure that there is no congestion or
interference from other devices on the network, such as wired clients, servers, routers, switches, or other wireless access points. The engineer can use tools such
as network analyzers, bandwidth monitors, or ping tests to check the network traffic and latency12.
Another possible cause of poor wireless performance is outdated firmware on the device, which may contain bugs or vulnerabilities that affect the functionality or
security of the wireless access point. To troubleshoot this issue, the engineer should install the latest firmware for the device from the manufacturer’s website or
support portal. The engineer should follow the instructions carefully and backup the configuration before updating the firmware. The engineer can also check the
release notes or changelog of the firmware to see if there are any improvements or fixes related to the wireless performance3 .
The other options are not relevant to troubleshooting poor wireless performance. Creating a new VLAN for the access point may help with network segmentation or
security, but it will not improve the speed of the wireless connection. Making sure the SSID is not longer than 16 characters may help with compatibility or
readability, but it will not affect the wireless performance. Configuring the AP in autonomous mode may give more control or flexibility to the engineer, but it will not
enhance the wireless speed. Installing a wireless LAN controller may help with managing multiple access points or deploying advanced features, but it will not
increase the wireless performance.
NEW QUESTION 107

- (Topic 3)
Which of the following should be used to manage outside cables that need to be routed to various multimode uplinks?
A. Fiber distribution panel

B. 110 punchdown block
C. PDU
D. TIA/EIA-568A patch bay
E. Cat 6 patch panel
Answer: A
Explanation:
A fiber distribution panel is a device that provides a central location for connecting and managing fiber optic cables and optical modules. It can support various
types and speeds of fiber optic links, including multimode uplinks. Therefore, a fiber distribution panel should be used to manage outside cables that need to be
routed to various multimode uplinks.
NEW QUESTION 112

- (Topic 3)
Which of the following would be BEST suited for a long cable run with a 40Gbps bandwidth?
A. Cat 5e
B. Cat 6a
C. Cat 7
D. Cat 8
Answer: C
Explanation:
Cat 7 is a type of twisted-pair copper cable that supports up to 40 Gbps bandwidth and up to 100 meters cable length. Cat 7 is suitable for long cable runs that
require high-speed data transmission. Cat 7 has better shielding and crosstalk prevention than lower categories of cables.
References: Network+ Study Guide Objective 1.5: Compare and contrast network cabling types, features and their purposes.
NEW QUESTION 117

- (Topic 3)
Which of the following network cables involves bouncing light off of protective cladding?
A. Twinaxial
B. Coaxial
C. Single-mode
D. Multimode
Answer: D
Explanation:
Multimode fiber optic cables use multiple paths of light that bounce off the cladding, which is a layer of glass or plastic that surrounds the core of the cable.
https://www.explainthatstuff.com/fiberoptics.html
NEW QUESTION 119

- (Topic 3)
A Chief Executive Officer and a network administrator came to an agreement With a vendor to purchase new equipment for the data center A document was
drafted so all parties would be Informed about the scope of the project before It started. Which of the following terms BEST describes the document used?
A. Contract
B. Project charter
C. Memorandum of understanding
D. Non-disclosure agreement
Answer: B

Explanation:
The document used to inform all parties about the scope of the project before it starts is likely a project charter.
A project charter is a document that outlines the key aspects of a project, including the project's objectives, scope, stakeholders, and resources. It serves as a
formal agreement between the project team and the stakeholders, and helps to define the project's goals and constraints.
A project charter typically includes information about the project's scope, including the specific deliverables that are expected and any constraints or limitations that
may impact the project. It may also include details about the project team and stakeholders, the project schedule and budget, and the roles and responsibilities of
each party.
By creating a project charter, the Chief Executive Officer and the network administrator can ensure that all parties involved in the project have a clear
understanding of the project's goals and objectives, and can help to prevent misunderstandings or miscommunications during the project.
What is in a project charter?
A project charter is a formal short document that states a project exists and provides project managers with written authority to begin work. A project charter
document describes a project to create a shared understanding of its goals, objectives and resource requirements before the project is scoped out in detail.
What are the 5 elements of the project charter?
What Are the Contents of a Project Charter? A project charter should always include an overview, an outline of scope, an approximate schedule, a budget
estimate, anticipated risks, and key stakeholders
NEW QUESTION 122

- (Topic 3)
The lack of a formal process to grant network permissions to different profiles of employees and contractors is leading to an increasing number of security
incidents Non-uniform and overly permissive network accesses are being granted. Which of the following would be the MOST appropriate method to improve the
security of the environment?
A. Change the default permissions to implicit deny

B. Configure uniform ACLs to employees and NAC for contractors.
C. Deploy an RDP server to centralize the access to the network
D. Implement role-based access control
Answer: D
Explanation:
The most appropriate method to improve the security of the environment would be to implement role-based access control (RBAC). With RBAC, users are granted
access to the network based on their role within the organization. This allows for more granular access control, as different roles may require different levels of
access. Additionally, this ensures that users only have access to the resources they need and no more. This helps to reduce the risk of unauthorized access or
misuse of the network. References and further information can be found in the CompTIA Network+ Study Manual, Chapter 8, Access Control.
RBAC is a method of restricting network access based on the roles of individual users within the organization. With RBAC, users are granted access only to the
resources they need to perform their specific job functions. This approach reduces the risk of unauthorized access, provides greater visibility into user activity, and
simplifies network management. Changing the default permissions to implicit deny may improve security, but it could also cause issues for legitimate users who
require access to specific resources. Configuring uniform ACLs and NAC for contractors is a step in the right direction, but it may not be enough to address the
overall lack of a formal process for granting network permissions. Deploying an RDP server to centralize access to the network is not a viable solution, as it would
not address the root cause of the security incidents.
Therefore, the most appropriate option is to implement role-based access control. Reference: CompTIA Network+ Study Guide, Fourth Edition, Chapter 7, section
7.4.
NEW QUESTION 127

- (Topic 3)
A firewall administrator observes log entries of traffic being allowed to a web server on port 80 and port 443. The policy for this server is to only allow traffic on port
443. The firewall administrator needs to investigate how this change occurred to prevent a reoccurrence. Which of the following should the firewall administrator do
next?
A. Consult the firewall audit logs.

B. Change the policy to allow port 80.
C. Remove the server object from the firewall policy.
D. Check the network baseline.
Answer: A
Explanation:
Firewall audit logs are records of the changes made to the firewall configuration, policies, and rules. They can help the firewall administrator to track who, when,
and what changes were made to the firewall, and identify any unauthorized or erroneous modifications that could cause security issues or network outages. By
consulting the firewall audit logs, the firewall administrator can investigate how the change that allowed traffic on port 80 to the web server occurred, and prevent it
from happening again
NEW QUESTION 128

- (Topic 3)
A network client is trying to connect to the wrong TCP port. Which of the following responses would the client MOST likely receive?
A. RST
B. FIN
C. ICMP Time Exceeded
D. Redirect
Answer: A
NEW QUESTION 131

- (Topic 3)
A network administrator wants to test the throughput of a new metro Ethernet circuit to verify that its performance matches the requirements specified m the SLA.
Which of the following would BEST help measure the throughput?
A. iPerf

B. Ping
C. NetFlow
D. Netstat
Answer: A
NEW QUESTION 135

- (Topic 3)
An employee working in a warehouse facility is experiencing interruptions in mobile applications while walking around the facility. According to a recent site survey,
the WLAN comprises autonomous APs that are directly connected to the internet, providing adequate signal coverage. Which of the following is the BEST solution
to improve network stability?
A. Implement client roaming using an extended service deployment employing a wireless controller.
B. Remove omnidirectional antennas and adopt a directional bridge.
C. Ensure all APs of the warehouse support MIMO and Wi-Fi 4.
D. Verify that the level of EIRP power settings is set to the maximum permitted by regulations.
Answer: A
Explanation:
Client roaming refers to the ability of a wireless device to seamlessly connect to a different access point (AP) as the user moves around the facility. This can help
to improve network stability and reduce interruptions in mobile applications. An extended service deployment is a type of wireless network configuration that uses
multiple APs to cover a large area, such as a warehouse facility. By using a wireless controller to manage the APs, the network can be better optimized for client
roaming, which can improve network stability.
"Roaming With multiple WAPs in an ESS, clients will connect to whichever WAP has the strongest signal. As clients move through the space covered by the
broadcast area, they will change WAP connections seamlessly, a process called roaming."
NEW QUESTION 140

- (Topic 3)
A network engineer is troubleshooting application connectivity issues between a server and a client. The network engineer needs to view the certificate exchange
between the two hosts. Which of the following tools should the network engineer use?
A. dig
B. tcpdump
C. nmap
D. traceroute
Answer: B
Explanation:
tcpdump is a tool that can capture and analyze network traffic, including the certificate exchange between two hosts. It can display the contents of packets, such as
the SSL/TLS handshake, which involves the exchange of certificates. dig is a tool that can query DNS servers for domain name information. nmap is a tool that
can scan ports and services on a network. traceroute is a tool that can show the path and hops between a source and a destination.
NEW QUESTION 141

- (Topic 3)
Which of the following layers of the OSI model has new protocols activated when a user moves from a wireless to a wired connection?
A. Data link
B. Network
C. Transport
D. Session
Answer: A
Explanation:
"The Data Link layer also determines how data is placed on the wire by using an access method. The wired access method, carrier-sense multiple access with
collision detection (CSMA/CD), was once used by all wired Ethernet networks, but is automatically disabled on switched full-duplex links, which have been the
norm for decades. Carrier- sense multiple access with collision avoidance (CSMA/CA) is used by wireless networks, in a similar fashion."
NEW QUESTION 143

- (Topic 3)
An administrator is setting up a multicast server on a network, but the firewall seems to be dropping the traffic. After logging in to the device, me administrator sees
me following entries:
Which of the following firewall rules is MOST likely causing the issue?
A. Rule 1
B. Rule 2
C. Rule 3
D. Rule 4

Answer: A
NEW QUESTION 144

- (Topic 3)
Which of the following types of data center architectures will MOST likely be used in a large SDN and can be extended beyond the data center?
A. iSCSI
B. FCoE
C. Three-tiered network
D. Spine and leaf
E. Top-of-rack switching
Answer: D
Explanation:
The type of data center architecture that will most likely be used in a large SDN and can be extended beyond the data center is spine and leaf. Spine and leaf is a
network topology that consists of two layers of switches: spine switches and leaf switches. Spine switches are interconnected to each other and form the core of
the network, while leaf switches are connected to each spine switch and form the access layer of the network. Spine and leaf topology provides high scalability,
performance, and flexibility for data center networks, especially for SDN (Software Defined Networking) environments that require dynamic traffic flows and
virtualization. References: CompTIA Network+ N10-008 Certification Study Guide, page 16; The Official CompTIA Network+ Student Guide (Exam N10-008), page
1-9.
NEW QUESTION 145

- (Topic 3)
Which of the following disaster recovery metrics describes the average length of time a piece of equipment can be expected to operate normally?
A. RPO
B. RTO
C. MTTR
D. MTBF
Answer: D
Explanation:
MTBF is the disaster recovery metric that describes the average length of time a piece of equipment can be expected to operate normally. MTBF stands for mean
time between failures, which is a measure of the reliability and availability of a device or system. MTBF is calculated by dividing the total operating time by the
number of failures that occurred during that time. MTBF indicates how often a device or system fails and how long it can run without interruption. A higher MTBF
means a lower failure rate and a longer operational life span. References: [CompTIA Network+ Certification Exam Objectives], What Is Mean Time Between
Failures (MTBF)? | Definition & Examples | Forcepoint
NEW QUESTION 149

- (Topic 3)
A company has wireless APS that were deployed with 802.11g. A network engineer has noticed more frequent reports of wireless performance issues during the
lunch hour in comparison to the rest of the day. The engineer thinks bandwidth consumption will increase while users are on their breaks, but network utilization
logs do not show increased bandwidth numbers. Which Of the following would MOST likely resolve this issue?
A. Adding more wireless APS

B. Increasing power settings to expand coverage
C. Configuring the APS to be compatible with 802.1la
D. Changing the wireless channel used
Answer: C
Explanation:
* 802.11g is an older wireless standard that operates in the 2.4 GHz frequency band and has a maximum data rate of 54 Mbps. 802.11a is a newer wireless
standard that operates in the 5 GHz frequency band and has a maximum data rate of 54 Mbps. By configuring the APS to be compatible with 802.11a, the network
engineer can reduce interference and congestion in the 2.4 GHz band and improve wireless performance.
References: Network+ Study Guide Objective 2.5: Implement network troubleshooting methodologies
NEW QUESTION 153

- (Topic 3)
A network administrator is troubleshooting a connectivity performance issue. As part of the troubleshooting process, the administrator performs a traceout from the
client to the server, and also from the server to the client. While comparing the outputs, the administrator notes they show different hops between the hosts. Which
of the following BEST explains these findings?
A. Asymmetric routing
B. A routing loop
C. A switch loop
D. An incorrect gateway
Answer: C
NEW QUESTION 156

- (Topic 3)
Which of the following would be used to enforce and schedule critical updates with supervisory approval and include backup plans in case of failure?
A. Business continuity plan

B. Onboarding and offboarding policies

C. Acceptable use policy

D. System life cycle
E. Change management
Answer: A
NEW QUESTION 158

- (Topic 3)
A security team updated a web server to require https:// in the URL. Although the IP address did not change, users report being unable to reach the site. Which of
the following should the security team do to allow users to reach the server again?
A. Configure the switch port with the correct VLAN.

B. Configure inbound firewall rules to allow traffic to port 443.
C. Configure the router to include the subnet of the server.
D. Configure the server with a default route.
Answer: B
Explanation:
One possible reason why users are unable to reach the site after the security team updated the web server to require https:// in the URL is that the firewall rules
are blocking the traffic to port 443. Port 443 is the default port for HTTPS, which is the protocol that encrypts and secures the web communication. If the firewall
rules do not allow inbound traffic to port 443, then users will not be able to access the web server using HTTPS12.
To troubleshoot this issue, the security team should configure inbound firewall rules to allow traffic to port 443. This can be done by using the firewall-cmd
command on RHEL 8.2, which is a tool that manages firewalld, the default firewall service on RHEL. The command to add a rule to allow traffic to port 443 is:
firewall-cmd --permanent --add-port=443/tcp
The --permanent option makes the rule persistent across reboots, and the --add-port option specifies the port number and protocol (TCP) to allow. After adding the
rule, the security
team should reload the firewalld service to apply the changes: firewall-cmd --reload
The security team can verify that the rule is active by using this command:
firewall-cmd --list-ports
The output should show 443/tcp among the ports that are allowed34.
The other options are not relevant to troubleshooting this issue. Configuring the switch port with the correct VLAN may help with network segmentation or isolation,
but it will not affect the HTTPS protocol or port. Configuring the router to include the subnet of the server may help with network routing or connectivity, but it will
not enable HTTPS communication. Configuring the server with a default route may help with network access or reachability, but it will not allow HTTPS traffic.
NEW QUESTION 160

- (Topic 3)
A network technician needs to select an AP that will support at least 1.3Gbps and 5GHz only. Which of the following wireless standards must the AP support to
meet the requirements?
A. B
B. AC
C. AX
D. N
E. G
Answer: B
Explanation:
Wireless AC is a wireless standard that supports up to 1.3Gbps data rate and operates in the 5GHz frequency band only. Wireless AC is also backward compatible
with wireless A and N devices that use the 5GHz band. Wireless AC is suitable for high-performance applications such as HD video streaming and online gaming.
References: Network+ Study Guide Objective 2.2: Explain the purposes and properties of routing and switching. Subobjective: Wireless standards and their
characteristics.
NEW QUESTION 162

- (Topic 3)
A network technician is troubleshooting an issue that involves connecting to a server via SSH. The server has one network interface that does not support
subinterfaces. The technician
runs a command on the server and receives the following output:
On the host, the technician runs another command and receives the following:
Which of the following best explains the issue?
A. A firewall is blocking access to the server.

B. The server is plugged into a trunk port.
C. The host does not have a route to the server.
D. The server is not running the SSH daemon.

Answer: C
NEW QUESTION 166

- (Topic 3)
During a recent security audit, a contracted penetration tester discovered the organization uses a number of insecure protocols. Which of the following ports should
be disallowed so only encrypted protocols are allowed? (Select TWO).
A. 22
B. 23
C. 69
D. 443
E. 587
F. 8080
Answer: BC
NEW QUESTION 167

- (Topic 3)
An infrastructure company is implementing a cabling solution to connect sites on multiple continents. Which of the following cable types should the company use
for this project?
A. Cat 7
B. Single-mode
C. Multimode
D. Cat 6
Answer: B
Explanation:
Single-mode fiber is a type of optical fiber that has a small core diameter and allows only one mode of light to propagate. This reduces signal attenuation and
increases transmission distance, making it suitable for long-distance communication networks.
Single-mode fiber can carry data over thousands of kilometers without requiring repeaters or amplifiers. Single-mode fiber is also immune to electromagnetic
interference and has a higher bandwidth than multimode fiber. Therefore, single-mode fiber is the best cable type for connecting sites on multiple continents.
References: [CompTIA Network+ Certification Exam Objectives], [Single-mode optical fiber - Wikipedia]
Single-mode fiber optic cable uses a single ray of light to transmit data. This allows it to achieve very low attenuation and high bandwidth.
Multimode fiber optic cable uses multiple rays of light to transmit data. This results in higher attenuation and lower bandwidth than single-mode cable.
Twisted pair copper cable uses two insulated copper wires to transmit data. It is less expensive than fiber optic cable, but it has higher attenuation and lower
bandwidth. When choosing a cable type for a long-distance application, it is important to consider the following factors:
? Attenuation: The amount of signal loss that occurs over the length of the cable.
? Bandwidth: The amount of data that can be transmitted over the cable per second.
? Cost: The cost of the cable and installation.
Single-mode fiber optic cable is the best choice for long-distance applications because it
has the lowest attenuation and highest bandwidth of any cable type. However, it is also the most expensive cable type.
NEW QUESTION 168

- (Topic 3)
A network administrator received a report staling a critical vulnerability was detected on an application that is exposed to the internet. Which of the following Is the
appropriate NEXT step?
A. Check for the existence of a known exploit in order to assess the risk
B. Immediately shut down the vulnerable application server.
C. Install a network access control agent on the server.
D. Deploy a new server to host the application.
Answer: A
Explanation:
The appropriate next step in this situation would be to check for the existence of a known exploit in order to assess the risk. This is important because it will help
the network administrator determine the severity of the vulnerability and the potential impact it could have on the organization. Once the network administrator has
assessed the risk, they can then take appropriate action to address the vulnerability. This might include patching the application, deploying a new server to host
the application, or implementing other security measures to mitigate the risk. It is generally not advisable to immediately shut down the vulnerable application
server, as this could disrupt business operations and cause significant downtime. Similarly, installing a network access control agent on the server may not be the
most effective solution, as it would not address the underlying vulnerability.
NEW QUESTION 169

- (Topic 3)
Which of the following is a requirement when certifying a network cabling as Cat 7?
A. Ensure the patch panel is certified for the same category.

B. Limit 10Gb transmissions to 180ft (55m).
C. Use F-type connectors on the network terminations.
D. Ensure the termination standard is TIA/EIA-568-A.
Answer: D
Explanation:
Category 7 (Cat 7) is a cabling standard that supports 10GBASE-T Ethernet connections up to 100 meters (328 feet). In order for a cabling system to be certified
as Cat 7, all components, including the patch panel, must meet the TIA/EIA-568-A standard. This standard requires the use of shielded cables with F-type
connectors for the network terminations. Reference: CompTIA Network+ Study Manual, 8th Edition, page 158.

NEW QUESTION 174

- (Topic 3)
Which of the following is a valid alternative to maintain a deployed proxy technology while saving physical space in the data center by moving the network service
to the virtualization infrastructure?
A. NFV
B. SDWAN
C. Networking as code
D. VIP
Answer: A
Explanation:
The valid alternative to maintain a deployed proxy technology while saving physical space in the data center by moving the network service to the virtualization
infrastructure is NFV (Network Function Virtualization). NFV is a technique that allows network functions, such as proxies, firewalls, routers, or load balancers, to
be implemented as software applications running on virtual machines or containers. NFV reduces the need for dedicated hardware devices and improves
scalability and flexibility of network
services. References: CompTIA Network+ N10-008 Certification Study Guide, page 440; The Official CompTIA Network+ Student Guide (Exam N10-008), page
16-11.
NFV can be used to virtualize a wide variety of network functions, including proxy servers. By virtualizing proxy servers, organizations can save physical space in
the data center and
improve the scalability and efficiency of their networks.
To virtualize a proxy server using NFV, an organization would need to deploy a virtualization platform, such as VMware ESXi or Microsoft Hyper-V. The
organization would then need to install a virtual proxy server appliance on the virtualization platform.
Once the virtual proxy server appliance is installed, it can be configured and used just like a physical proxy server.
NFV is a relatively new technology, but it is quickly gaining popularity as organizations look for ways to improve the efficiency and scalability of their networks.
NEW QUESTION 175

- (Topic 3)
After installing a series of Cat 8 keystones, a data center architect notices higher than normal interference during tests. Which of the following steps should the
architect
take to troubleshoot the issue?
A. Check to see if the end connections were wrapped in copper tape before terminating.
B. Use passthrough modular crimping plugs instead of traditional crimping plugs.
C. Connect the RX/TX wires to different pins.
D. Run a speed test on a device that can only achieve 100Mbps speeds.
Answer: A
Explanation:
Cat 8 keystones are shielded to prevent interference from external sources, but they also require proper grounding to avoid interference from within the cable.
Wrapping the end connections with copper tape before terminating them is one way to ensure a good ground connection and reduce interference. Using
passthrough modular crimping plugs, connecting the RX/TX wires to different pins, or running a speed test on a slow device are not relevant or effective steps to
troubleshoot the issue.
References:
? CompTIA Network+ N10-008 Certification Study Guide, page 191
? CompTIA Network+ N10-008 Cert Guide, Deluxe Edition, page 362
? CAT8 RJ45 Keystone Problem : r/HomeNetworking2
? How to Terminate Cat8 Shielded Keystone Jacks3
NEW QUESTION 176

- (Topic 3)
A technician is consolidating a topology with multiple SSlDs into one unique SSiD deployment. Which of the following features will be possible after this new
configuration?
A. Seamless roaming
B. Basic service set
C. WPA
D. MU-MIMO
Answer: A
NEW QUESTION 177

- (Topic 3)
Following the implementation of a BYOO policy. some users in a high-density environment report slowness over the wireless connection. Some wireless controller
reports indicate high latency and airtime contention. Which of the following is the most probable root cause?
A. The AP is configured with 2.4GHz frequency, which the new personal devices do not support.
B. The AP is configured with 2.4GHz frequency without band-steering capabilities.
C. The AP is configured with 5Ghz frequency with band-steering capabiäties.
D. The AP is configured with 5Ghz frequenc
E. which the new personal devices do not support
Answer: B
Explanation:
Band-steering is a feature that allows an AP to steer dual-band capable clients to the less congested 5GHz frequency, leaving the 2.4GHz frequency for legacy
clients. Without band- steering, the AP may have more clients competing for the same channel on the 2.4GHz frequency, resulting in high latency and airtime

contention.
References:
? According to the CompTIA Network+ Certification Exam Objectives, one of the topics covered in the exam is “Given a scenario, use appropriate wireless
technologies and configurations”. One of the subtopics is “Band steering” 1.
? According to the PoliFi: Airtime Policy Enforcement for WiFi paper, “Band steering allows the access point to disable the 2.4 GHz band from probing the client
device, so it responds only to the 5 GHz band, reducing the congestion on the 2.4 GHz band while taking advantage of the faster 5GHz band to improve user’s
network experience.” 2.
? According to the Aruba Air Slice Tech Brief, “Air Slice minimizes airtime contention and efficiently groups Wi-Fi 6 and non-Wi-Fi 6 client devices to guarantee bit
rate, and provide bounded latency and jitter simultaneously.” 3.
NEW QUESTION 178

- (Topic 3)
Which of the following is a benefit of the spine-and-leaf network topology?
A. Increased network security

B. Stable network latency
C. Simplified network management
D. Eliminated need for inter-VLAN routing
Answer: A
NEW QUESTION 180

- (Topic 3)
Which of the following can be used to identify users after an action has occurred?
A. Access control vestibule

B. Cameras
C. Asset tag
D. Motion detectors
Answer: B
Explanation:
Cameras can be used to identify users after an action has occurred by recording their faces, clothing, or other distinctive features. Cameras are often used as a
deterrent and a forensic tool for security purposes. Access control vestibules, asset tags, and motion detectors are not effective in identifying users, but rather in
controlling access, tracking assets, and detecting movement.
References:
CompTIA Network+ N10-008 Certification Exam Objectives, Domain 5.0: Network Security, Subobjective 5.1: Summarize the importance of physical security
controls, page 231 CompTIA Network+ Certification All-in-One Exam Guide, Eighth Edition (Exam N10-008), Chapter 18: Network Security, Section: Physical
Security, page 7372
NEW QUESTION 181

- (Topic 3)
While using a secure conference call connection over a corporate VPN, a user moves from a cellular connection to a hotel wireless network. Although the wireless
connection and the VPN show a connected status, no network connectivity is present. Which of the following is the most likely cause of this issue?
A. MAC filtering is configured on the wireless connection.

B. The VPN and the WLAN connection have an encryption protocol mismatch.
C. The WLAN is using a captive portal that requires further authentication.
D. Wireless client isolation is enforced on the WLAN settings.
Answer: C
Explanation:
A captive portal is a web page that is displayed to newly connected users of a Wi-Fi network before they are granted broader access to network resources. Captive
portals are commonly used to present a landing or log-in page which may require authentication, payment, acceptance of an end-user license agreement,
acceptable use policy, survey completion, or other valid credentials that both the host and user agree to adhere by123
A possible cause of the issue is that the user has not completed the captive portal authentication process, which prevents the VPN from establishing a secure
connection over the Wi-Fi network. The user may need to open a web browser and follow the instructions on the captive portal page to gain full access to the
internet.
NEW QUESTION 182

- (Topic 3)
Which of the following would be used to forward requests and replies between a DHCP server and client?
A. Relay
B. Lease
C. Scope
D. Range
Answer: B
NEW QUESTION 183

- (Topic 3)
Which of the following situations would require an engineer to configure subinterfaces?
A. In a router-on-a-stick deployment with multiple VLANs

B. In order to enable inter-VLAN routing on a multilayer switch

C. When configuring VLAN trunk links between switches

D. After connecting a router that does not support 802.1Q VLAN tags
Answer: A
Explanation:
A router-on-a-stick is a configuration that allows a single router interface to route traffic between multiple VLANs on a network1. A router-on-a-stick requires sub-
interfaces to be configured on the router interface, one for each VLAN. Each sub-interface is assigned a VLAN ID and an IP address that belongs to the
corresponding VLAN subnet. The router interface is connected to a switch port that is configured as a trunk port, which allows traffic from multiple VLANs to pass
through. The router then performs inter-VLAN routing by forwarding packets between the sub-interfaces based on their destination IP addresses. Inter-VLAN
routing is a process that allows devices on different VLANs to communicate with each other. Inter-VLAN routing can be performed by a router-on-a-stick
configuration, as explained above, or by a multilayer switch that has routing capabilities. A multilayer switch does not require sub-interfaces to be configured for
inter-VLAN routing; instead, it uses switch virtual interfaces (SVIs) that are associated with each VLAN. An SVI is a logical interface that represents a VLAN on a
switch and has an IP address that belongs to the VLAN subnet. The switch then performs inter-VLAN routing by forwarding packets between the SVIs based on
their destination IP addresses.
VLAN trunking is a method that allows traffic from multiple VLANs to be carried over a single link between switches or routers. VLAN trunking requires the use of a
tagging protocol, such as 802.1Q, that adds a header to each frame that identifies its VLAN ID. VLAN trunking does not require sub-interfaces to be configured on
the switches or routers; instead, it uses trunk ports that are configured to allow or deny traffic from specific VLANs. The switches or routers then forward packets
between the trunk ports based on their VLAN IDs.
* 802.1Q is a standard that defines how VLAN tagging and trunking are performed on Ethernet networks.
* 802.1Q adds a 4-byte header to each frame that contains a 12-bit field for the VLAN ID and a 3-bit field for the priority level. 802.1Q does not require sub-
interfaces to be configured on the switches or routers; instead, it uses trunk ports that are configured to support 802.1Q tagging and untagging. The switches or
routers then forward packets between the trunk ports based on their VLAN IDs and priority levels.
NEW QUESTION 187

- (Topic 3)
A network technician is responding to an issue with a local company. To which of the following documents should the network technician refer to determine the
scope of the issue?
A. MTTR
B. MOU
C. NDA
D. SLA
Answer: D
Explanation:
SLA stands for Service Level Agreement, and it is a contract that defines the expectations and responsibilities between a service provider and a customer. SLA
can specify the quality, availability, and performance metrics of the service, as well as the penalties for non-compliance and the procedures for resolving issues.
SLA can help the network technician determine the scope of the issue by providing the baseline and target values for the service, the escalation process and
contacts, and the service credits or remedies for the customer45.
CompTIA Network+ N10-008 Cert Guide - Chapter 15: Network Troubleshooting Methodology35: What is a Service Level Agreement (SLA)? | ITIL | AXELOS
NEW QUESTION 191

- (Topic 3)
An ISP is unable to provide services to a user in a remote area through cable and DSL. Which of the following is the NEXT best solution to provide services
without adding external infrastructure?
A. Fiber
B. Leased line
C. Satellite
D. Metro optical
Answer: C
Explanation:
If an ISP is unable to provide services to a user in a remote area through cable and DSL, the next best solution to provide services without adding external
infrastructure would likely be satellite. Satellite is a wireless communication technology that uses a network of satellites orbiting the Earth to transmit and receive
data. It is well-suited for providing connectivity to remote or rural areas where other types of infrastructure may not be available or may be cost-prohibitive to install.
NEW QUESTION 193

- (Topic 3)
Which of the following protocols should be used when Layer 3 availability is of the highest concern?
A. LACP
B. LDAP
C. FHRP
D. DHCP
Answer: C
Explanation:
FHRP stands for First Hop Redundancy Protocol, which is a group of protocols that allow routers or switches to provide backup or failover for the default gateway
in a network. FHRP ensures that the network traffic can reach its destination even if the primary gateway fails or becomes unavailable. Some examples of FHRP
protocols are HSRP, VRRP, and GLBP.
References
? 2: CompTIA Network+ N10-008 Certification Practice Test, question 9
? 3: CompTIA Network+ Study Guide: Exam N10-008, 5th Edition, page 263
? 4: CompTIA Network+ (N10-008) Practice Exam w/PBQ & Solution, question 5

? 5: What’s on the CompTIA Network+ 008 certification? | CompTIA, section 3.1
NEW QUESTION 196

- (Topic 3)
An attacker sends more connection requests than a server can handle, causing the server to crash- Which of the following types of attacks is this an example of?
A. ARP poisoning
B. Denial-of-service
C. MAC flooding
D. On-path
Answer: B
Explanation:
A denial-of-service (DoS) attack is an example of an attack where an attacker sends more connection requests than a server can handle, causing the server to
crash. A DoS attack is a type of cyberattack that aims to disrupt the normal functioning of a network service or resource by overwhelming it with excessive or
malformed traffic. A DoS attack can prevent legitimate users from accessing the service or resource, resulting in degraded performance, unavailability, or data
loss. A DoS attack can target various network layers, protocols, or components, such as servers, routers, firewalls, or applications. References: [CompTIA
Network+ Certification Exam Objectives], What Is a Denial-of-Service (DoS) Attack? | Cisco
NEW QUESTION 200

- (Topic 3)
Which of the following steps of the troubleshooting methodology would most likely include checking through each level of the OSI model after the problem has
been identified?
A. Establish a theory.
B. Implement the solution.
C. Create a plan of action.
D. Verify functionality.
Answer: C
Explanation:
Creating a plan of action is the step of the troubleshooting methodology that would most likely include checking through each level of the OSI model after the
problem has been identified. According to the web search results, the troubleshooting methodology consists of the following steps: 12
? Define the problem: Identify the symptoms and scope of the problem, and gather relevant information from users, devices, and logs.
? Establish a theory: Based on the information collected, hypothesize one or more possible causes of the problem, and rank them in order of probability.
? Test the theory: Test the most probable cause first, and if it is not confirmed, eliminate it and test the next one. Repeat this process until the root cause is found
or a new theory is needed.
? Create a plan of action: Based on the confirmed cause, devise a solution that can resolve the problem with minimal impact and risk. The solution may involve
checking through each level of the OSI model to ensure that all layers are functioning properly and that there are no configuration errors, physical damages, or
logical inconsistencies34
? Implement the solution: Execute the plan of action, and monitor the results. If the problem is not solved, revert to the previous state and create a new plan of
action.
? Verify functionality: Confirm that the problem is fully resolved and that the network is restored to normal operation. Perform preventive measures if possible to
avoid recurrence of the problem.
? Document the findings: Record the problem description, the solution, and the outcome. Update any relevant documentation, such as network diagrams, policies,
or procedures.
References1: Troubleshooting Methods for Cisco IP Networks 2: Troubleshooting Methodologies - CBT IT Certification Training 3: How to use the OSI Model to
Troubleshoot Networks 4: How is the OSI model used in troubleshooting? – Sage-Answer
NEW QUESTION 203

- (Topic 3)
A technician uses a badge to enter a security checkpoint on a corporate campus. An unknown individual quickly walks in behind the technician without speaking.
Which of the following types of attacks did the technician experience?
A. Tailgating
B. Evil twin
C. On-path
D. Piggybacking
Answer: A
Explanation:
Tailgating is a type of physical security attack where an unauthorized person follows an authorized person into a restricted area without their consent or
knowledge. Tailgating can allow an attacker to bypass security measures and gain access to sensitive information or resources. In this scenario, the technician
experienced tailgating when the unknown individual walked in behind the technician without speaking. Piggybacking is similar to tailgating, but it involves the
consent or cooperation of the authorized person. Evil twin is a type of wireless network attack where an attacker sets up a rogue access point that mimics
a legitimate one. On-path is a type of network attack where an attacker intercepts and modifies traffic between two parties.
References: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 3.2: Given a scenario, use appropriate network hardening
techniques.
NEW QUESTION 206

- (Topic 3)
Which of the following describes when an active exploit is used to gain access to a network?
A. Penetration testing
B. Vulnerability testing
C. Risk assessment

D. Posture assessment
E. Baseline testing
Answer: A
Explanation:
Penetration testing is a type of security testing that is used to assess the security of a system or network by actively exploiting known vulnerabilities. It is used to
simulate an attack on the system and identify any weaknesses that may be exploited by malicious actors. As stated in the CompTIA Security+ Study Guide,
"penetration testing is a type of security assessment that attempts to gain unauthorized access to networks and systems by exploiting security vulnerabilities."
NEW QUESTION 208

- (Topic 3)
A network security administrator needs to monitor the contents of data sent between a secure network and the rest of the company. Which of the following
monitoring methods will accomplish this task?
A. Port mirroring
B. Flow data
C. Syslog entries
D. SNMP traps
Answer: A
Explanation:
Port mirroring is a method of monitoring network traffic by copying the data packets from one port to another port on the same switch or router. This allows the
network security administrator to analyze the contents of the data sent between different networks without affecting the performance or security of the original
traffic. Port mirroring can be configured to capture all traffic or only specific types of traffic, such as VLANs, protocols, or IP addresses.
References:
? Port Mirroring - CompTIA Network+ N10-008 Domain 3.1 - YouTube1
NEW QUESTION 212

- (Topic 3)
A network technician 13 troubleshooting a network issue for employees who have reported Issues with speed when accessing a server in another subnet. The
server is in another building that is 410ft (125m) away from the employees' building. The 10GBASE-T connection between the two buildings uses Cat 5e. Which of
the following BEST explains the speed issue?
A. The connection type is not rated for that distance

B. A broadcast storm is occurring on the subnet.
C. The cable run has interference on it
D. The connection should be made using a Cat 6 cable
Answer: D
Explanation:
The 10GBASE-T connection between the two buildings uses Cat 5e, which is not rated for a distance of 410ft (125m). According to the CompTIA Network+ Study
Manual, for 10GBASE-T connections, "Cat 5e is rated for up to 55m, Cat 6a is rated for 100m, and Cat 7 is rated for 150m." Therefore, the speed issue is likely
due to the fact that the connection type is not rated for the distance between the two buildings. To resolve the issue, the technician should consider using a Cat 6a
or Cat 7 cable to increase the distance the connection is rated for.
NEW QUESTION 217

- (Topic 3)
Which of the following types of connections would need to be set up to provide access from the internal network to an external network so multiple satellite offices
can communicate securely using various ports and protocols?
A. Client-to-site VPN
B. Clientless VPN
C. RDP
D. Site-to-site VPN
E. SSH
Answer: D
NEW QUESTION 219

- (Topic 3)
A large metropolitan city is looking to standardize the ability tor police department laptops to connect to the city government's VPN The city would like a wireless
solution that provides the largest coverage across the city with a minimal number of transmission towers Latency and overall bandwidth needs are not high
priorities. Which of the following would BEST meet the city's needs?
A. 5G
B. LTE
C. Wi-Fi 4
D. Wi-Fi 5
E. Wi-Fi 6
Answer: B
NEW QUESTION 223

- (Topic 3)

A PC user who is on a local network reports very slow speeds when accessing files on the network server The user's PC Is connecting, but file downloads are very
slow when compared to other users' download speeds The PC's NIC should be capable of Gigabit Ethernet. Which of the following will MOST likely fix the issue?
A. Releasing and renewing the PC's IP address

B. Replacing the patch cable
C. Reseating the NIC inside the PC
D. Flushing the DNS cache
Answer: B
Explanation:
A slow download speed can be caused by a faulty patch cable, which is the cable used to connect the user's PC to the network server. If the patch cable is
damaged, the connection will be slower than expected, resulting in slow download speeds. Replacing the patch cable is the most likely solution to this issue, as it
will provide a new, reliable connection that should allow for faster download speeds.
NEW QUESTION 224

- (Topic 3)
A customer has an attached USB printer that needs to be shared with other users. The desktop team set up printer sharing. Now, the network technician needs to
obtain the necessary information about the PC and share it with other users so they can connect to the printer. Which of the following commands should the
technician use to get the required information? (Select TWO).
A. arp
B. route
C. netstat
D. tcpdump
E. hostname
F. ipconfig
Answer: EF
Explanation:
The hostname and ipconfig commands should be used to get the required information about the PC and share it with other users so they can connect to the
printer. The hostname command displays the name of the computer on a network. The ipconfig command displays the IP configuration of the computer, including
its IP address, subnet mask, default gateway, and DNS servers. These information are necessary for other users to locate and connect to the shared printer on the
network. For example, other users can use the UNC path \\hostname\printername or \\ipaddress\printername to access the shared printer. References: [CompTIA
Network+ Certification Exam Objectives], How to Share a Printer in Windows 10
NEW QUESTION 226

- (Topic 3)
A network administrator is looking for a solution to extend Layer 2 capabilities and replicate backups between sites. Which of the following is the best solution?
A. Security Service Edge

B. Data center interconnect
C. Infrastructure as code
D. Zero trust architecture
Answer: B
Explanation:
Data center interconnect (DCI) is a solution that allows Layer 2 connectivity and data replication between geographically dispersed data centers. DCI can be
implemented using various technologies, such as optical networks, MPLS, VPNs, or Ethernet. DCI can provide benefits such as improved disaster recovery, load
balancing, resource pooling, and cloud services.
References:
? Data Center Interconnect - CompTIA Network+ N10-008 Domain 1.4 - YouTube1
NEW QUESTION 228

- (Topic 3)
A network architect needs to create a wireless field network to provide reliable service to public safety vehicles. Which of the following types of networks is the best
solution?
A. Mesh
B. Ad hoc
C. Point-to-point
D. Infrastructure
Answer: A
Explanation:
A mesh network is the best solution for creating a wireless field network to provide reliable service to public safety vehicles. A mesh network is a type of wireless
network that consists of multiple nodes that communicate with each other directly or through intermediate nodes, forming a web-like topology. A mesh network
does not rely on a central access point or router, but rather on the cooperation and coordination of the nodes themselves. A mesh network has several advantages
for public safety applications, such as12:
? High availability and resilience: A mesh network can automatically route around failures or congestion, ensuring that the network remains operational even if
some nodes are damaged or disconnected. A mesh network can also self-heal and self- configure, adapting to changes in the network topology or environment.
? Extended coverage and scalability: A mesh network can extend the wireless signal beyond the range of a single node, by using other nodes as relays or
repeaters. A mesh network can also accommodate more nodes and devices, by adding more links and paths between them.
? Low cost and easy deployment: A mesh network can reduce the cost and complexity of installing and maintaining a wireless infrastructure, by eliminating the
need for expensive cabling, towers, or antennas. A mesh network can also be deployed quickly and flexibly, by simply adding or removing nodes as needed.
A mesh network is especially suitable for public safety vehicles, because it can provide reliable wireless communication in challenging scenarios, such as12:

? Disaster response: A mesh network can be deployed rapidly in areas where the existing wireless infrastructure is damaged or unavailable, such as after an
earthquake, flood, or fire. A mesh network can also support emergency services, such as fire fighting, search and rescue, or medical assistance, by enabling data,
voice, and video transmission among the responders and command centers.
? Mobile surveillance: A mesh network can enable real-time monitoring and control of public safety vehicles, such as police cars, ambulances, or drones, by
providing high-bandwidth and low-latency wireless connectivity. A mesh network can also support video streaming, location tracking, remote sensing, or analytics
applications for public safety purposes.
? Event management: A mesh network can enhance the security and efficiency of large-scale events, such as concerts, festivals, or parades, by providing wireless
coverage and capacity for the event organizers and participants. A mesh network can also support crowd management, traffic control, or public announcement
applications for event management.
The other options are not the best solutions for creating a wireless field network to provide reliable service to public safety vehicles. An ad hoc network is a type of
wireless network that consists of devices that communicate with each other directly without any central coordination or infrastructure. An ad hoc network is simple
and flexible, but it has limited scalability and performance3. A point-to-point network is a type of wireless network that consists of two devices that communicate
with each other over a single link. A point-to- point network is fast and secure, but it has limited coverage and functionality. An infrastructure network is a type of
wireless network that consists of devices that communicate with each other through an access point or router. An infrastructure network is stable and robust, but it
has high cost and complexity.
NEW QUESTION 232

- (Topic 3)
A divide-and-conquer approach is a troubleshooting method that involves breaking a complex problem into smaller and more manageable parts, and then testing
each part to isolate the cause of the problem. In this scenario, the technician is using a divide-and- conquer approach by pinging the default gateway and DNS
server of the workstation, which are two possible sources of connectivity issues. By pinging these devices, the technician can determine if the problem is related to
the local network or the external network.
Which of the following most likely requires the use of subinterfaces?
A. A router with only one available LAN port

B. A firewall performing deep packet inspection
C. A hub utilizing jumbo frames
D. A switch using Spanning Tree Protocol
Answer: A
Explanation:
Subinterfaces are logical divisions of a physical interface that allow a router to communicate with multiple networks using a single LAN port. Subinterfaces can
have different IP addresses, VLANs, and routing protocols. They are useful for reducing the number of physical interfaces and cables needed, as well as improving
network performance and security.
References:
? Subinterfaces - CompTIA Network+ N10-008 Domain 1.21 - YouTube1
NEW QUESTION 233

- (Topic 3)
A junior network engineer is trying to change the native network ID to a non-default value that can then be applied consistently throughout the network
environment. Which of the following
issues is the engineer attempting to prevent?
A. DDoS
B. ARP spoofing
C. VLAN hopping
D. Rogue DHCP
Answer: C
Explanation:
VLAN hopping is a type of network attack where an attacker can send or receive traffic from a VLAN that they are not supposed to access. VLAN hopping can
allow an attacker to bypass security policies, access sensitive data, or launch other attacks on the network. VLAN hopping can be performed using two methods:
double tagging and switch spoofing1.
Double tagging is where the attacker sends a frame with two VLAN tags, one for the native VLAN and one for the target VLAN. The native VLAN is the VLAN that
is used for untagged traffic on a trunk port. If the attacker’s access port is in the same VLAN as the native VLAN, the switch will accept the frame and forward it on
the trunk port. The switch will remove the first tag, which is the native VLAN, and send the frame with the second tag, which is the target VLAN. The frame will then
reach the target VLAN and be processed by the devices in that VLAN.
Switch spoofing is where the attacker sends Dynamic Trunking Protocol (DTP) packets and tries to negotiate a trunk with the switch. DTP is a Cisco protocol that
allows switches to automatically form trunks between them. If the switch’s port is configured with the default dynamic auto or dynamic desirable mode, it will
accept the DTP packets and form a trunk with the attacker. The attacker will then have access to all VLANs on the trunk.
To prevent VLAN hopping, the junior network engineer is trying to change the native network ID to a non-default value that can then be applied consistently
throughout the network environment. This means that the engineer is changing the VLAN that is used for untagged traffic on the trunk ports to a different VLAN
than the default VLAN 1. This will prevent double tagging attacks, as the attacker’s access port will not be in the same VLAN as the native VLAN, and the switch
will not accept the frames with two tags. The engineer should also disable DTP on the trunk ports and use the switchport nonegotiate command to prevent switch
spoofing attacks2.
ReferencesVLAN Hopping - NetworkLessons.comVLAN Hopping on Native VLAN - Cisco Community
NEW QUESTION 236

- (Topic 3)
After router and device configurations are applied, internet access is not possible. Which of the following is the most likely cause?
A. The Ethernet interface was configured with an incorrect IP address.

B. The router was configured with an incorrect loopback address.
C. The router was configured with an incorrect default gateway.
D. The serial interface was configured with the incorrect subnet mas

Answer: C
Explanation:
The default gateway is the IP address of the router that connects a network to the internet or another network. The default gateway is usually configured on the
devices that need to access the internet or other networks, such as PCs, servers, or routers. If the router was configured with an incorrect default gateway, it would
not be able to forward packets to the correct destination, and internet access would not be possible.
The other options are not the most likely causes of the issue. The Ethernet interface is the physical port that connects a device to a network using a cable. If the
Ethernet interface was configured with an incorrect IP address, it would cause a problem with the local network connectivity, not the internet access. The loopback
address is a special IP address that refers to the device itself, usually used for testing or troubleshooting purposes. If the router was configured with an incorrect
loopback address, it would not affect the internet access, as the loopback address is not used for routing packets to other networks. The serial interface is another
type of physical port that connects a device to a network using a serial cable, often used for WAN connections. If the serial interface was configured with the
incorrect subnet mask, it would cause a problem with the WAN connectivity, not the internet access, as the subnet mask is used to determine the network and host
portions of an IP address.
ReferencesWhat is a Default Gateway? | HowStuffWorksWhat is an Ethernet Interface? - Definition from TechopediaWhat is a Loopback Address? - Definition
from TechopediaWhat is a Serial Interface? - Definition from Techopedia
NEW QUESTION 239

- (Topic 3)
Which of the following use cases would justify the deployment of an mGRE hub-and-spoke topology?
A. An increase in network security using encryption and packet encapsulation

B. A network expansion caused by an increase in the number of branch locations to the headquarters
C. A mandatory requirement to increase the deployment of an SDWAN network
D. An improvement in network efficiency by increasing the useful packet payload
Answer: B
Explanation:
mGRE (Multipoint GRE) is a type of GRE (Generic Routing Encapsulation) tunnel that allows a single interface to support multiple tunnel endpoints, instead of
having to configure a separate point-to-point tunnel for each destination. mGRE simplifies the configuration and management of large-scale VPN networks, such
as DMVPN (Dynamic Multipoint VPN), which is a Cisco technology that uses mGRE, NHRP (Next Hop Resolution Protocol), and IPsec to create secure and
dynamic VPN connections between a hub and multiple spokes1.
A network expansion caused by an increase in the number of branch locations to the headquarters would justify the deployment of an mGRE hub-and-spoke
topology, because it would reduce the complexity and overhead of configuring and maintaining multiple point- to-point tunnels between the hub and each spoke.
mGRE would also enable spoke-to- spoke communication without having to go through the hub, which would improve the network performance and efficiency23.
The other options are not directly related to the use case of mGRE hub-and-spoke topology. An increase in network security using encryption and packet
encapsulation can be achieved by using IPsec, which is a separate protocol that can be applied to any type of GRE tunnel, not just mGRE. A mandatory
requirement to increase the deployment of an SDWAN network can be met by using various technologies and vendors, not necessarily mGRE or DMVPN. An
improvement in network efficiency by increasing the useful packet payload can be achieved by using various techniques, such as compression, fragmentation, or
QoS, not specifically mGRE.
ReferencesUnderstanding Cisco Dynamic Multipoint VPN - DMVPN, mGRE, NHRPMGRE Easy Steps - Cisco CommunityWhat is DMVPN (Dynamic Multipoint
VPN), NHRP, mGRE and How to configu - Cisco Community
NEW QUESTION 242

- (Topic 3)
A network consultant is installing a new wireless network with the following specifications:
5GHz
1,300Mbps 20/40/80MHz
Which of the following standards should the network consultant use?
A. 802.11a
B. 802.11ac
C. 802.11b
D. 802.11n
Answer: B
NEW QUESTION 246

- (Topic 3)
A network administrator walks into a data center and notices an unknown person is following closely. The administrator stops and directs the person to the security
desk.
Which of the following attacks did the network administrator prevent?
A. Evil twin
B. Tailgating
C. Piggybacking
D. Shoulder surfing
Answer: B
Explanation:
Tailgating is a type of physical security attack in which an unauthorized person follows an authorized person into a restricted area, such as a data center, without
proper identification or authentication. Tailgating can allow attackers to access sensitive data, equipment, or network resources, or to plant malicious devices or
software. The network administrator prevented tailgating by stopping and directing the unknown person to the security desk, where they would have to verify their
identity and purpose.
ReferencesDigital Threats and Cyberattacks at the Network LevelNetwork attacks and how to prevent them

NEW QUESTION 248

- (Topic 3)
A technician reviews a network performance report and finds a high level of collisions happening on the network. At which of the following layers of the OSI model
would these collisions be found?
A. Layer 1
B. Layer 3
C. Layer 4
D. Layer 7
Answer: A
Explanation:
Collisions occur when two or more devices try to transmit signals on the same physical medium at the same time. This causes interference and data loss.
Collisions can only happen at the physical layer of the OSI model, which is responsible for transmitting and receiving raw bits over a physical medium such as a
cable or a wireless channel. The physical layer does not have any mechanism to prevent or resolve collisions. Therefore, higher layers of the OSI model, such as
the data link layer, need to implement protocols to detect and recover from collisions, such as CSMA/CD for Ethernet networks. ReferencesCollision in computer
networkingData Link Layer | Layer 2 | The OSI-Model
NEW QUESTION 249

- (Topic 3)
A network technician is configuring a wireless network that consists of multiple APS for better coverage and allows roaming between the APS. Which of the
following types of SSIDs should the technician configure?
A. Basic Service Set

B. Independent Basic Service Set
C. Extended Service Set
D. Distribution System Service
Answer: C
Explanation:
An extended service set (ESS) is a type of SSID that allows multiple access points (APs) to share the same SSID and provide seamless roaming for wireless
clients. An ESS consists of two or more basic service sets (BSSs), which are individual APs with their own SSIDs. A distribution system (DS), such as a wired
Ethernet LAN, connects the BSSs and enables data transfer between them. A wireless client can associate with any AP in the ESS and move from one BSS to
another without losing connectivity or reauthenticating.
References:
? CompTIA Network+ N10-008 Certification Exam Objectives, page 51
? CompTIA Network+ Cert Guide: Wireless Networking, page 12
NEW QUESTION 252

- (Topic 3)
Which of the following ports should a network administrator enable for encrypted log-in to a network switch?
A. 22
B. 23
C. 80
D. 123
Answer: A
Explanation:
Port 22 is used by Secure Shell (SSH), which is a protocol that provides a secure and encrypted method for remote access to hosts by using public-key
cryptography and challenge-response authentication. SSH can be used to log in to a network switch and configure it without exposing the credentials or
commands to eavesdropping or tampering. Port 23 is used by Telnet, which is an insecure and plaintext protocol for remote access. Port 80 is used by HTTP,
which is a protocol for web communication. Port 123 is used by NTP, which is a protocol for time synchronization
NEW QUESTION 255

- (Topic 3)
A non-employee was able to enter a server room. Which of the following could have prevented this from happening?
A. A security camera
B. A biometric reader
C. OTP key fob
D. Employee training
Answer: B
Explanation:
A biometric reader is a device that scans a person’s physical characteristics, such as fingerprints, iris, or face, and compares them to a database of authorized
users. A biometric reader can be used to restrict access to a server room and prevent unauthorized entry. A biometric reader provides a high level of security and
cannot be easily bypassed or duplicated.
References: Network+ Study Guide Objective 5.1: Summarize the importance of physical security controls.
NEW QUESTION 257

- (Topic 3)
A network administrator needs to create a way to redirect a network resource that has been on the local network but is now hosted as a SaaS solution. Which of

the following
records should be used to accomplish the task?
A. TXT
B. AAA
C. PTR
D. CNAME
Answer: D
Explanation:
CNAME stands for Canonical Name, and it is a type of DNS record that creates an alias for another domain name. A CNAME record can be used to redirect a
network resource that has been moved to a different location, such as a SaaS solution. For example, if a web server that was previously hosted on the local
network with the domain name www.example.com is now hosted by a SaaS provider with the domain name www.saasprovider.com, a CNAME record can be
created to point www.example.com to www.saasprovider.com. This way, the users can still access the web server using the original domain name, and the DNS
server will resolve it to the new domain name. References
? CNAME is one of the common DNS record types covered in Objective 1.6 of the
CompTIA Network+ N10-008 certification exam1.
? CNAME can be used to redirect a network resource that has been moved to a different location23.
? CNAME creates an alias for another domain name23.
1: CompTIA Network+ Certification Exam Objectives, page 4 2: DNS Record Types – N10- 008 CompTIA Network+ : 1.6 3: The Official CompTIA Network+
Student Guide (Exam N10-008), Chapter 1, page 32
NEW QUESTION 261

- (Topic 3)
A computer engineer needs to ensure that only a specific workstation can connect to port 1 on a switch. Which of the following features should the engineer
configure on the switch interface?
A. Port tagging
B. Port security
C. Port mirroring
D. Port aggregation
Answer: B
Explanation:
Port security is a feature that can be configured on a switch interface to limit and identify the MAC addresses of workstations that are allowed to connect to that
specific port. This can help ensure that only a specific workstation (or workstations) can connect to the interface. According to the CompTIA Network+ Study
Manual, “Port security can be used to specify which MAC addresses are allowed to connect to a particular switch port. If a port security violation is detected, the
switch can take a number of different actions, such as shutting down the port, sending an SNMP trap, or sending an email alert.”
NEW QUESTION 262

- (Topic 3)
A network administrator is deploying a new switch and wants to make sure that the default priority value was set for a spanning tree. Which of the following values
would the network administrator expect to see?
A. 4096
B. 8192
C. 32768
D. 36684
Answer: C
Explanation:
The default priority value for spanning tree is 32768, regardless of the STP version (legacy STP, RSTP, MSTP, Per-VLAN STP, Per-VLAN RSTP). This value can
be modified by the network administrator to influence the root bridge election. The priority value must be set in increments of 4096, which is the minimum unit of
change for the priority value. https://community.cisco.com/t5/switching/spanning-tree-default-priorities/td-p/3304365
NEW QUESTION 264

- (Topic 3)
Switch 3 was recently added lo an existing stack to extend connectivity to various parts of the network. After the update, new employees were not able to print to
the main networked copiers from then workstations. Following are the port configurations for the switch stack in question:

Which of the following should be configured to resolve the issue? (Select TWO).
A. Enable the printer ports on Switch 3.

B. Reconfigure the duplex settings on the printer ports on Switch 3.
C. Reconfigure the VLAN on an printer ports to VLAN 20.
D. Enable all ports that are shut down on me stack.
E. Reconfigure the VLAN on the printer ports on Switch 3.
F. Enable wireless APs on Switch 3.
Answer: AE
NEW QUESTION 268

- (Topic 3)
A network administrator needs to add access points to the network because coverage in some areas is improper. Which of the following should the administrator
do first?
A. Interference analysis
B. Wireless survey
C. Traffic analysis
D. Packet capture
Answer: B
Explanation:
A wireless survey is the first step that a network administrator should do before adding access points to the network. A wireless survey is a process of collecting
data about the wireless environment, such as signal strength, channel usage, interference, and coverage. A wireless survey can help the network administrator to
determine the optimal locations and configurations for the access points to provide the best possible coverage and performance for the wireless network. A
wireless survey can also help to identify and troubleshoot any issues that may cause improper coverage in some areas.
https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/116057-site-survey-guidelines-wlan-00.html
NEW QUESTION 273

- (Topic 3)
Which of the following would be increased by adding encryption to data communication across the network?
A. Availability
B. Integrity
C. Accountability
D. Confidentiality
Answer: D
Explanation:
Confidentiality is the property of preventing unauthorized access or disclosure of data. Encryption is a method of transforming data into an unreadable format that
can only be decrypted by authorized parties who have the correct key. Encryption can increase the confidentiality of data communication across the network by
making it harder for attackers to intercept or eavesdrop on the data. References: Network+ Study Guide
Objective 4.1: Summarize the purposes of physical security devices. Subobjective: Encryption.

NEW QUESTION 278

- (Topic 3)
Which of the following would be used to indicate when unauthorized access to physical internal hardware has occurred?
A. Motion detectors
B. Radio frequency identification tags
C. Tamper evident seal
D. Locking racks
Answer: C
Explanation:
A tamper evident seal is a device or material that provides a visible indication of unauthorized access to physical internal hardware. Tamper evident seals can be
stickers, labels, tapes, locks, or seals that are designed to break, tear, or change color when someone tries to open, remove, or tamper with them. Tamper evident
seals can help deter and detect physical security breaches, such as theft, vandalism, or sabotage of hardware devices12. Tamper evident seals can also provide
evidence for forensic analysis and legal action3.
References
1 - What Is Hardware Security? Definition, Threats, and Best Practices 2 - Device Physical Security Guideline | Information Security Office
3 - What is unauthorized physical access? – Heimduo
NEW QUESTION 283

- (Topic 3)
A network technician is implementing a solution that will allow end users to gain access to multiple applications after logging on. Which of the following
authentication methods would allow this type of access?
A. SSO
B. LDAP
C. EAP
D. TACACS+
Answer: A
NEW QUESTION 285

- (Topic 3)
An international company is transferring its IT assets including a number of WAPs from the United States to an office in Europe for deployment. Which of the
following considerations should the company research before Implementing the wireless hardware?
A. WPA2 cipher
B. Regulatory Impacts
C. CDMA configuration
D. 802.11 standards
Answer: B
Explanation:
When transferring IT assets, including wireless access points (WAPs), from one country to another, it's important to research the regulatory impacts of the move.
Different countries have different regulations and compliance requirements for wireless devices, such as frequency bands, power levels, and encryption standards.
Failing to comply with these regulations can result in fines or other penalties.
NEW QUESTION 288

- (Topic 3)
A network administrator needs to set up a file server to allow user access. The organization uses DHCP to assign IP addresses. Which of the following is the best
solution for the administrator to set up?
A. A separate scope for the file server using a 132 subnet

B. A reservation for the server based on the MAC address
C. A static IP address within the DHCP IP range
D. A SLAAC for the server
Answer: B
Explanation:
A reservation for the server based on the MAC address means that the DHCP server will assign a specific IP address to the file server every time it requests one,
based on its MAC address. This way, the file server will have a consistent IP address that users can access, without the need to manually configure it or use a
separate scope. A reservation also ensures that the IP address of the file server will not be given to any other device by the DHCP server
NEW QUESTION 291

- (Topic 3)
A customer needs to distribute Ethernet to multiple computers in an office. The customer would like to use non-proprietary standards. Which of the following blocks
does the technician need to install?
? 110
? 66
A. BiX
B. Krone
Answer: A

Explanation:
A 110 block is a type of punch-down block that is used to terminate twisted-pair cables in Ethernet networks. It is a non-proprietary standard that is widely used in
structured cabling systems for voice and data applications. A 110 block can support up to 100 MHz of bandwidth and can be used with Cat 3, Cat 5, Cat 5e, and
Cat 6 cables12.
A 66 block is another type of punch-down block that is mainly used for telephone wiring. It is an older and less reliable standard than the 110 block and does not
support high-speed data transmission3. A BiX block is a proprietary punch-down block that is developed by NORDX/CDT and is mostly used in Canada. It can
support up to 250 MHz of bandwidth and can be used with Cat 5e and Cat 6 cables4. A Krone block is another proprietary punch-down block that is developed by
ADC Krone and is mostly used in Europe. It can support up to 100 MHz of bandwidth and can be used with Cat 5 and Cat 5e cables. Therefore, the best option for
the customer who wants to use non-proprietary standards is the 110 block.
NEW QUESTION 294

- (Topic 3)
A company wants to implement a disaster recovery site for non-critical applications, which can tolerate a short period of downtime. Which of the following types of
sites should the company implement to achieve this goal?
A. Hot
B. Cold
C. warm
D. Passive
Answer: C
Explanation:
The type of site that the company should implement for non-critical applications that can tolerate a short period of downtime is a warm site. A warm site is a
disaster recovery site that has some pre-installed equipment and software, but not as much as a hot site, which is fully operational and ready to take over the
primary site’s functions in case of a disaster. A warm site requires some time and effort to activate and synchronize with the primary site, but not as much as a
cold site, which has no equipment or software installed and requires a lot of configuration and testing. A passive site is not a common term for a disaster recovery
site, but it could refer to a site that only receives backups from the primary site and does not actively participate in the network operations. References: CompTIA
Network+ N10- 008 Certification Study Guide, page 347; The Official CompTIA Network+ Student Guide (Exam N10-008), page 13-10.
NEW QUESTION 297

- (Topic 3)
A network technician is investigating why a core switch is logging excessive amounts of data to the syslog server. The running configuration of the switch showed
the following logging information:
Which of the following changes should the technician make to BEST fix the issue?
A. Update the logging host IP

B. Change lo asynchronous logging.
C. Stop logging SSH events.
D. Adjust the logging level.
Answer: D
Explanation:
The logging level is set to debugging, which is the most verbose and detailed level of logging. This means that the switch will send a lot of information to the syslog
server, which can cause excessive network traffic and storage consumption. To fix the issue, the technician should adjust the logging level to a lower value, such
as informational or warning, which will reduce the amount of data logged
NEW QUESTION 298

- (Topic 3)
A technician is troubleshooting a user's connectivity issues and finds that the computer's IP address was changed to 169.254.0.1.
Which of the following is the most likely reason?
A. Two or more computers have the same IP address in the ARP table.
B. The computer automatically set this address because the DHCP was not available.
C. The computer was set up to perform as an NTP server.
D. The computer is on a VPN and is the first to obtain a different IP address in that network.
Answer: B
Explanation:
IP addresses beginning with 169.254. are called link-local addresses or APIPA (Automatic Private IP Addressing)1. They are assigned by the computer itself when
it cannot reach a DHCP server to obtain a valid IP address from the network2. This can happen for several reasons, such as a faulty router, a misconfigured
network, or a disconnected cable3.
To troubleshoot this issue, the technician should check the network settings, the router configuration, and the physical connection of the computer. The technician
should also try to renew the IP address by using the command ipconfig /renew in Windows or dhclient in Linux. If the problem persists, the technician may need to
contact the network administrator or the ISP for further assistance.
NEW QUESTION 303

......

Thank You for Trying Our Product
We offer two products:
1st - We have Practice Tests Software with Actual Exam Questions
2nd - Questons and Answers in PDF Format
N10-009 Practice Exam Features:
* N10-009 Questions and Answers Updated Frequently
* N10-009 Practice Questions Verified by Expert Senior Certified Staff
* N10-009 Most Realistic Questions that Guarantee you a Pass on Your FirstTry
* N10-009 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year
100% Actual & Verified — Instant Download, Please Click

Order The N10-009 Practice Test Here

Powered by TCPDF (www.tcpdf.org)

Comptia: Exam Questions N10-009

Uploaded by

Copyright:

Available Formats

Comptia: Exam Questions N10-009

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Comptia: Exam Questions N10-009

Uploaded by

Copyright:

Available Formats

Recommend!!

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. Changing the default password

A. The source panel amperage

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. A physical interface used for trunking logical ports

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. Reverse the fibers.

A. Perform a site survey.

A. The process of changing cloud providers is easy.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. Software development life-cycle policy

A. Ethernet cable type

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. DHCP scope exhaustion

A. The ARP cache has become corrupt.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. Change the device's default password.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. Untag the three VLANs across the uplink

A. Data loss prevention policy

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. Bad switch ports

A. Validate the findings in a top-to-bottom approach

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 102

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 105

A. Ensure a bottleneck is not coming from other devices on the network.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

E. Configure the AP in autonomous mode.

NEW QUESTION 107

A. Fiber distribution panel

NEW QUESTION 112

NEW QUESTION 117

NEW QUESTION 119

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 122

A. Change the default permissions to implicit deny

NEW QUESTION 127

A. Consult the firewall audit logs.

NEW QUESTION 128

NEW QUESTION 131

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 135

NEW QUESTION 140

NEW QUESTION 141

NEW QUESTION 143

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 144

NEW QUESTION 145

NEW QUESTION 149

A. Adding more wireless APS

NEW QUESTION 153

NEW QUESTION 156

A. Business continuity plan

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

C. Acceptable use policy