Pre-Summer Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > CompTIA > CompTIA Network+ > N10-009

N10-009 CompTIA Network+ Certification Exam Question and Answers

Question # 4

A company is upgrading its wireless network. Currently, each AP broadcasts a wireless LAN name depending on the location in the building. Which of the following configurations allows a single wireless LAN name to be broadcast across the entire building?

A.

ESSID

B.

Wireless mesh

C.

Band steering

D.

WPA3

Full Access
Question # 5

A technician is deploying new networking hardware for company branch offices. The bridge priority must be properly set. Which of the following should the technician configure?

A.

Spanning tree protocol

B.

Jumbo frames

C.

Perimeter network

D.

Port security

Full Access
Question # 6

Which of the following facilities is the best example of a warm site in the event of information system disruption?

A.

A combination of public and private cloud services to restore data

B.

A partial infrastructure, software, and data on site

C.

A full electrical infrastructure in place, but no customer devices on site

D.

A full infrastructure in place, but no current data on site

Full Access
Question # 7

Which of the following is most likely responsible for the security and handling of personal data in Europe?

A.

GDPR

B.

SCADA

C.

SAML

D.

PCI DSS

Full Access
Question # 8

Users are reporting latency on the network. The network engineer notes the following:

Confirms the only change was a new network switch

Confirms all users are experiencing latency

Thinks the issue is a network loop caused by the lower bridge ID of the new switch

Which of the following describes the next step in the troubleshooting methodology?

A.

Identify the problem.

B.

Test the theory.

C.

Implement the solution.

D.

Verify full system functionality.

Full Access
Question # 9

A company wants to implement data loss prevention by restricting user access to social media platforms and personal cloud storage on workstations. Which of the following types of filtering should the company deploy to achieve these goals?

A.

Port

B.

DNS

C.

MAC

D.

Content

Full Access
Question # 10

Ten new laptops are added to an existing network, and they can only communicate with one another. An administrator reviews documentation and sees the following:

Subnet: 10.8.100.1/24

Scope: 10.8.100.50 – 10.8.100.150

Reservation: 10.8.100.151 – 10.8.100.175

A technician scans the network and receives the following results:

IP addresses used: 10.8.100.45 – 10.8.100.175

Which of the following should be done to ensure connectivity on all laptops?

A.

Increase the scope to 10.8.100.35 – 10.8.100.150

B.

Increase the scope to 10.8.100.40 – 10.8.100.150

C.

Increase the scope to 10.8.100.40 – 10.8.100.175

D.

Increase the scope to 10.8.100.50 – 10.8.100.175

Full Access
Question # 11

A wireless technician wants to implement a technology that will allow user devices to automatically navigate to the best available frequency standard. Which of the following technologies should the technician use?

A.

Band steering

B.

Wireless LAN controller

C.

Directional antenna

D.

Autonomous access point

Full Access
Question # 12

A network engineer configures an application server so that it automatically adjusts resource allocation as demand changes. This server will host a new application and demand is not predictable. Which of the following concepts does this scenario demonstrate?

A.

Scalability

B.

Software as a Service

C.

Hybrid cloud

D.

Elasticity

Full Access
Question # 13

Which of the following involves an attacker traversing from one part of a network to another part that should be inaccessible?

A.

MAC flooding

B.

DNS poisoning

C.

VLAN hopping

D.

ARP spoofing

Full Access
Question # 14

A systems administrator needs to connect two laptops to a printer via Wi-Fi. The office does not have access points and cannot purchase any. Which of the following wireless network types best fulfills this requirement?

A.

Mesh

B.

Infrastructure

C.

Ad hoc

D.

Point-to-point

Full Access
Question # 15

Two network switches at different locations are connected via fiber-optic cable at a distance of 10 miles (16 km). The duplex fiber-optic patch cord between the patch panel and switch is accidentally pinched, stopping connectivity between the two switches. A network technician replaces the broken cable with a new, single-mode patch cord. However, connectivity between both switches is still down and the link lights are still off. Which of the following actions should the technician perform first?

A.

Replace the fiber-optic transceiver in the switch

B.

Log in to the switch to shut down and re-enable the switchport

C.

Transpose the two fiber connectors at one end of the new patch cord

D.

Swap the single-mode fiber patch cord with a multimode fiber patch cord

Full Access
Question # 16

A technician is planning an equipment installation into a rack in a data center that practices hot aisle/cold aisle ventilation. Which of the following directions should the equipment exhaust face when installed in the rack?

A.

Sides

B.

Top

C.

Front

D.

Rear

Full Access
Question # 17

Which of the following network traffic type is sent to all nodes on the network?

A.

Unicast

B.

Broadcast

C.

Multicast

D.

Anycast

Full Access
Question # 18

A network analyst is installing a wireless network in a corporate environment. Employees are required to use their domain identities and credentials to authenticate and connect to the WLAN. Which of the following actions should the analyst perform on the AP to fulfill the requirements?

A.

Enable MAC security.

B.

Generate a PSK for each user.

C.

Implement WPS.

D.

Set up WPA3 protocol.

Full Access
Question # 19

Which of the following provides an opportunity for an on-path attack?

A.

Phishing

B.

Dumpster diving

C.

Evil twin

D.

Tailgating

Full Access
Question # 20

Which of the following will allow secure, remote access to internal applications?

A.

VPN

B.

CDN

C.

SAN

D.

IDS

Full Access
Question # 21

You are tasked with verifying the following requirements are met in order to ensure network security.

Requirements:

Datacenter

Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage

Provide a dedicated server to resolve IP addresses and hostnames correctly and handle port 53 traffic

Building A

Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage

Provide devices to support 5 additional different office users

Add an additional mobile user

Replace the Telnet server with a more secure solution

Screened subnet

Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage

Provide a server to handle external 80/443 traffic

Provide a server to handle port 20/21 traffic

INSTRUCTIONS

Drag and drop objects onto the appropriate locations. Objects can be used multiple times and not all placeholders need to be filled.

Available objects are located in both the Servers and Devices tabs of the Drag & Drop menu.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Full Access
Question # 22

You have been tasked with implementing an ACL on the router that will:

1. Permit the most commonly used secure remote access technologies from the management network to all other local network segments

2. Ensure the user subnet cannot use the most commonly used remote access technologies in the Linux and Windows Server segments.

3. Prohibit any traffic that has not been specifically allowed.

INSTRUCTIONS

Use the drop-downs to complete the ACL

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Full Access
Question # 23

A network administrator needs to change where the outside DNS records are hosted. Which of the following records should the administrator change the registrar to accomplish this task?

A.

NS

B.

SOA

C.

PTR

D.

CNAME

Full Access
Question # 24

A company security policy requires all network traffic from remote employees ' corporate laptops to use the company’s VPN. Which of the following network access methods best describes this scenario?

A.

Clientless VPN

B.

Full-tunnel

C.

Site-to-site tunnel

D.

Split-tunnel

Full Access
Question # 25

A customer calls the help desk to report that resources are no longer reachable. The resources were available before network changes were made. The technician verifies the report, investigates, and discovers that a new logical layout is segmenting the network using tagging. Which of the following appliances most likely needs to be reviewed to restore the connections?

A.

Access point

B.

Firewall

C.

Switch

D.

Load balancer

Full Access
Question # 26

Which of the following terms describes the capability in a public cloud to add or remove compute resources based on need?

A.

Scalability

B.

Availability

C.

Elasticity

D.

Multitenancy

Full Access
Question # 27

A newly opened retail shop uses a combination of new tablets, PCs, printers, and legacy card readers. Which of the following wireless encryption types is the most secure and compatible?

A.

WPA3

B.

WPA2

C.

WPA2/WPA3 mixed mode

D.

WPA/WPA2 mixed mode

Full Access
Question # 28

Which of the following best describes a group of devices that is used to lure unsuspecting attackers and to study the attackers ' activities?

A.

Geofencing

B.

Honeynet

C.

Jumpbox

D.

Screened subnet

Full Access
Question # 29

A support engineer is troubleshooting a network outage that is affecting 3,000 users. The engineer has isolated the issue to the internet firewall. Packet captures confirm that the firewall is blocking the traffic. Which of the following is the next step in troubleshooting?

A.

Implement the solution or escalate as necessary

B.

Create a plan of action to resolve the issue and identify potential effects

C.

Establish a theory of probable cause

D.

Document findings, actions, outcomes, and lessons learned throughout the process

Full Access
Question # 30

Which of the following is associated with avoidance, acceptance, mitigation, and transfer?

A.

Risk

B.

Exploit

C.

Threat

D.

Vulnerability

Full Access
Question # 31

Which of the following cloud service models most likely requires the greatest up-front expense by the customer when migrating a data center to the cloud?

A.

Infrastructure as a service

B.

Software as a service

C.

Platform as a service

D.

Network as a service

Full Access
Question # 32

Which of the following can be used when a server at a remote site is physically unreachable?

A.

OOB management

B.

Crash cart

C.

Jump box

D.

Console

Full Access
Question # 33

A network engineer adds a tunnel for a new branch network. Which of the following ensures that all data is encrypted inside the tunnel?

A.

ESP

B.

SSH

C.

GRE

D.

IKE

Full Access
Question # 34

An administrator is troubleshooting a Layer 3 communication issue between the web server and the database server. The administrator finds the following information:

Device

IP

Subnet

Gateway

Firewall

192.168.1.1

255.255.255.0

1.2.3.4

Web server

192.168.1.50

255.255.255.0

192.168.1.1

Database server

192.168.1.201

255.255.255.128

192.168.1.1

Which of the following corrects the communication issue?

A.

Changing the subnet on the database server to 255.255.255.0

B.

Changing the subnet on the firewall to 255.255.255.128

C.

Changing the default gateway on the database server to 1.2.3.4

D.

Changing the IP address on the database server to 192.168.1.150

E.

Changing the gateway on the firewall to 192.168.1.1

Full Access
Question # 35

Which of the following is the most likely reason an insurance brokerage would enforce VPN usage?

A.

To encrypt sensitive data in transit

B.

To secure the endpoint

C.

To maintain contractual agreements

D.

To comply with data retentin requirements

Full Access
Question # 36

A company implements a video streaming solution that will play on all computers that have joined a particular group, but router ACLs are blocking the traffic. Which of the following is the most appropriate IP address that will be allowed in the ACL?

A.

127.0.0.1

B.

172.17.1.1

C.

224.0.0.1

D.

240.0.0.1

Full Access
Question # 37

A company has observed increased user traffic to gambling websites and wants to limit this behavior on work computers. Which of the following should the company most likely implement?

A.

ACLs

B.

Content filter

C.

Port security

D.

Screened subnet

Full Access
Question # 38

An IT department is considering implementing a SIEM solution to improve network security. The department wants to ensure that the SIEM system is able to ingest and analyze logs from all of the company’s core devices. Which of the following is the most important consideration when selecting a SIEM solution?

A.

Easy to manage

B.

Cost

C.

Compatibility

D.

Features

Full Access
Question # 39

An administrator is configuring a switch that will be placed in an area of the office that is accessible to customers. Which of the following is the best way for the administrator to mitigate unknown devices from connecting to the network?

A.

SSE

B.

ACL

C.

Perimeter network

D.

802.1x

Full Access
Question # 40

A network rack has four servers and four switches with dual power supplies. Only one intelligent PDU is installed in the rack. Which of the following is the reason to add a second PDU?

A.

Power redundancy

B.

Failed PSU monitoring

C.

Surge protection

D.

Electricity conservation

Full Access
Question # 41

A network administrator suspects users are being sent to malware sites that are posing as legitimate sites. The network administrator investigates and discovers that user workstations are configured with incorrect DNS IP addresses. Which of the following should the network administrator implement to prevent this from happening again?

A.

Dynamic ARP inspection

B.

Access control lists

C.

DHCP snooping

D.

Port security

Full Access
Question # 42

An organization requires the ability to send encrypted email messages to a partner from an email server that is hosted on premises. The organization prefers to use the standard default ports when creating firewall rules. Which of the following ports should be open to satisfy the requirements?

A.

110

B.

143

C.

587

D.

636

Full Access
Question # 43

Newly crimped 26ft (8m) STP Cat 6 patch cables were recently installed in one room to replace cables that were damaged by a vacuum cleaner. Now, users in that room are unable to connect to the network. A network technician tests the existing cables first. The 177ft (54m) cable that runs from the core switch to the access switch on the floor is working, as is the 115ft (35m) cable run from the access switch to the wall jack in the office. Which of the following is the most likely reason the users cannot connect to the network?

A.

Mixed UTP and STP cables are being used.

B.

The patch cables are not plenum rated.

C.

The cable distance is exceeded.

D.

An incorrect pinout on the patch cable is being used.

Full Access
Question # 44

A network engineer is troubleshooting connectivity for a newly installed server on an existing VLAN. The engineer reviews the following output:

C:\ > ipconfig

IP Address: 192.168.100.225

Mask: 255.255.255.224

Gateway: 192.168.100.254

Router# show ip route

C 192.168.100.0/24 is directly connected, GigabitEthernet0/0

Which of the following describes the issue?

A.

The server has an incorrect subnet mask

B.

There is a duplicate IP address on the network

C.

The DHCP address pool is exhausted

D.

The router is missing a default route

Full Access
Question # 45

A network administrator installs new cabling to connect new computers and access points. After deploying the equipment, the administrator notices a few of the devices are not connecting properly. The administrator moves the devices to a different port, but it does not resolve the issue. Which of the following should the administrator verify next?

A.

Power budget

B.

Device requirements

C.

Port status

D.

Cable termination

Full Access
Question # 46

To reduce costs and increase mobility, a Chief Technology Officer (CTO) wants to adopt cloud services for the organization and its affiliates. To reduce the impact for users, the CTO wants key services to run from the on-site data center and enterprise services to run in the cloud. Which of the following deployment models is the best choice for the organization?

A.

Public

B.

Hybrid

C.

SaaS

D.

Private

Full Access
Question # 47

A customer needs six usable IP addresses. Which of the following best meets this requirement?

A.

255.255.255.128

B.

255.255.255.192

C.

255.255.255.224

D.

255.255.255.240

Full Access
Question # 48

A network administrator needs to monitor data from recently installed firewalls in multiple locations. Which of the following solutions would best meet the administrator ' s needs?

A.

IDS

B.

IPS

C.

SIEM

D.

SNMPv2

Full Access
Question # 49

Which of the following, in addition to a password, can be asked of a user for MFA?

A.

PIN

B.

Favorite color

C.

Hard token

D.

Mother’s maiden name

Full Access
Question # 50

Which of the following best describes a characteristic of a DNS poisoning attack?

A.

DNS address records are edited and changed on a DNS server.

B.

An attacker sets up a malicious DNS server in place of a legitimate server.

C.

DNS client requests are intercepted and false responses are returned.

D.

False DNS records are injected into cache on a DNS server.

Full Access
Question # 51

Which of the following is the MOST appropriate solution to extend the network to a building located across the street from the main facility?

A.

Multimode fiber

B.

802.11ac wireless bridge

C.

Cat 6 copper

D.

Loopback adapter

Full Access
Question # 52

Which of the following is a cost-effective advantage of a split-tunnel VPN?

A.

Web traffic is filtered through a web filter.

B.

More bandwidth is required on the company ' s internet connection.

C.

Monitoring detects insecure machines on the company’s network.

D.

Cloud-based traffic flows outside of the company ' s network.

Full Access
Question # 53

Which of the following is the most closely associated with segmenting compute resources within a single cloud account?

A.

Network security group

B.

laaS

C.

VPC

D.

Hybrid cloud

Full Access
Question # 54

A systems administrator is looking for operating system information, running services, and network ports that are available on a server. Which of the following software tools should the administrator use to accomplish this task?

A.

Nmap

B.

Traceroute

C.

Netstat

D.

Ping

Full Access
Question # 55

Which of the following is a company most likely enacting if an accountant for the company can only see the financial department ' s shared folders?

A.

General Data Protection Regulation

B.

Least privilege network access

C.

Acceptable use policy

D.

End user license agreement

Full Access
Question # 56

A network administrator is configuring a wireless network with an ESSID. Which of the following is a user benefit of ESSID compared to SSID?

A.

Stronger wireless connection

B.

Roaming between access points

C.

Advanced security

D.

Increased throughput

Full Access
Question # 57

Which of the following allows for the interception of traffic between the source and destination?

A.

Self-signed certificate

B.

VLAN hopping

C.

On-path attack

D.

Phishing

Full Access
Question # 58

Which of the following cloud deployment models is most commonly associated with multitenancy and is generally offered by a service provider?

A.

Private

B.

Community

C.

Public

D.

Hybrid

Full Access
Question # 59

A network administrator is trying to troubleshoot an issue with a newly installed switch that is not connecting to the network. The administrator logs on to the switch and observes collisions on the interface. Which of the following is most likely the issue?

A.

Wrong speed

B.

Jumbo frames enabled

C.

Incorrect VLAN

D.

Duplex mismatch

Full Access
Question # 60

A VoIP phone is plugged in to a port but cannot receive calls. Which of the following needs to be done on the port to address the issue?

A.

Trunk all VLANs on the port.

B.

Configure the native VLAN.

C.

Tag the traffic to voice VLAN.

D.

Disable VLANs.

Full Access
Question # 61

Which of the following types of connectors allows the transmission of network data through a coaxial cable?

A.

SC

B.

MPO

C.

BNC

D.

RJ11

Full Access
Question # 62

While troubleshooting a VoIP handset connection, a technician ' s laptop is able to successfully connect to network resources using the same port. The technician needs to identify the port on the switch. Which of the following should the technician use to determine the switch and port?

A.

LLDP

B.

IKE

C.

VLAN

D.

netstat

Full Access
Question # 63

A government entity wants to implement technology that can block websites based on country code. Which of the following will best enable this requirement?

A.

URL filtering

B.

Content filtering

C.

DNS poisoning

D.

MAC filtering

Full Access
Question # 64

A network engineer deploys ten new virtual servers and configures the NICs. Which of the following should the engineer update?

A.

Asset inventory

B.

Warranty support

C.

Rack diagrams

D.

IP address management

Full Access
Question # 65

A technician is troubleshooting wireless connectivity near a break room. Whenever a user turns on the microwave, connectivity to the user ' s laptop is lost. Which of the following frequency bands is the laptop most likely using?

A.

2.4GHz

B.

5GHz

C.

6GHz

D.

900MHz

Full Access
Question # 66

Which of the following allows a network administrator to analyze attacks coming from the internet without affecting latency?

A.

IPS

B.

IDS

C.

Load balancer

D.

Firewall

Full Access
Question # 67

Which of the following best describes the amount of time between a disruptive event and the point that affected resources need to be back to fully functional status?

A.

RTO

B.

MTBF

C.

RPO

D.

MTTR

Full Access
Question # 68

A company ' s network is experiencing high latency and packet loss during peak hours. Network monitoring tools show increased traffic on a switch. Which of the following should a network technician implement to reduce the network congestion and improve performance?

A.

Load balancing

B.

Port mirroring

C.

Quality of Service

D.

Spanning Tree Protocol

Full Access
Question # 69

Which of the following standards enables the use of an enterprise authentication for network access control?

A.

802.1Q

B.

802.1X

C.

802.3bt

D.

802.11h

Full Access
Question # 70

Which of the following routing technologies uses an attribute list for path selection?

A.

BGP

B.

RIP

C.

EIGRP

D.

OSPF

Full Access
Question # 71

A network administrator is planning to implement device monitoring to enhance network visibility. The security that the solution provides authentication and encryption. Which of the following meets these requirements?

A.

SIEM

B.

Syslog

C.

NetFlow

D.

SNMPv3

Full Access
Question # 72

A network manager connects two switches together and uses two connecting links. Which of the following configurations will prevent Layer 2 loops?

A.

802.1Q tagging

B.

Full duplex

C.

Link aggregation

D.

QoS

Full Access
Question # 73

A network engineer discovers network traffic that is sending confidential information to an unauthorized and unknown destination. Which of the following best describes the cause of this network traffic?

A.

Adware

B.

Ransomware

C.

Darkware

D.

Malware

Full Access
Question # 74

Which of the following is the most likely benefit of installing server equipment in a rack?

A.

Simplified troubleshooting process

B.

Decreased power consumption

C.

Improved network performance

D.

Increased compute density

Full Access
Question # 75

A network engineer needs to change, update, and control APs remotely, with real-time visibility over HTTPS. Which of the following will best allow these actions?

A.

Web interface

B.

Command line

C.

SNMP console

D.

API gateway

Full Access
Question # 76

Which of the following allows an organization to map multiple internal devices to a single external-facing IP address?

A.

NAT

B.

BGP

C.

OSPF

D.

FHRP

Full Access
Question # 77

A Chief Information Officer wants a DR solution that runs only after a failure of the primary site and can be brought online quickly once recent backups are imported. Which of the following DR site solutions meets these requirements?

A.

Cold

B.

Warm

C.

Active

D.

Hot

Full Access
Question # 78

Which of the following attacks can cause users who are attempting to access a company website to be directed to an entirely different website?

A.

DNS poisoning

B.

Denial-of-service

C.

Social engineering

D.

ARP spoofing

Full Access
Question # 79

Which of the following allows a user to connect to an isolated device on a stand-alone network?

A.

Jump box

B.

API gateway

C.

Secure Shell (SSH)

D.

Clientless VPN

Full Access
Question # 80

Which of the following network access methods is used to securely access resources, such as a corporate cloud or network, as if they were directly connected?

A.

Jump box/host

B.

Secure Shell

C.

Client-to-site VPN

D.

GRE tunnel

Full Access
Question # 81

Which of the following ports is a secure protocol?

A.

20

B.

23

C.

443

D.

445

Full Access
Question # 82

Which of the following kinds of targeted attacks uses multiple computers or bots to request the same resource repeatedly?

A.

On-path

B.

DDoS

C.

ARP spoofing

D.

MAC flooding

Full Access
Question # 83

Which of the following is an advantage of using an IDS over an IPS?

A.

An IDS requires less processing power to analyze traffic.

B.

An IDS is less disruptive during the initial deployment of the technology.

C.

An IDS is easier to restrict access.

D.

An IDS is more accurate due to fewer false positives.

Full Access
Question # 84

Which of the following is most closely associated with a dedicated link to a cloud environment and may not include encryption?

A.

Direct Connect

B.

Internet gateway

C.

Captive portal

D.

VPN

Full Access
Question # 85

A network technician needs to configure IP addressing in a Class C network with eight subnets total:

Three subnets for 60 hosts

Three subnets for 15 hosts

Two subnets for seven hosts

Which of the following solutions should the technician use to accomplish this task?

A.

CIDR

B.

APIPA

C.

VLSM

D.

RFC 1918

Full Access
Question # 86

An organizatin is struggling to get effective coverage using the wireless network. The organization wants to implement a solution that will allow for continous connectivity anywhere in the facility. Which of the following should the network administ rator suggest to ensure the best coverage?

A.

Implementing additional ad hoc access points

B.

Providing more Ethernet drops for user connections

C.

Deploying a mesh network in the building

D.

nl Changing the current frequency of the WI-FI

Full Access
Question # 87

A customer wants to cache commonly used content to reduce the number of full page downloads from the internet. Which of the following should the network administrator recommend?

A.

Proxy server

B.

Load balancer

C.

Open relay

D.

Code repository

Full Access
Question # 88

A technician needs to identify a computer on the network that is reportedly downloading unauthorized content. Which of the following should the technician use?

A.

Anomaly alerts

B.

Port mirroring

C.

Performance monitoring

D.

Packet capture

Full Access
Question # 89

A network administrator is unable to ping a remote server from a newly connected workstation that has been added to the network. Ping to 127.0.0.1 on the workstation is failing. Which of the following should the administrator perform to diagnose the problem?

A.

Verify the NIC interface status.

B.

Verify the network is not congested.

C.

Verify the router is not dropping packets.

D.

Verify that DNS is resolving correctly.

Full Access
Question # 90

Which of the following does a full-tunnel VPN provide?

A.

Lower bandwidth requirements

B.

The ability to reset local computer passwords

C.

Corporate Inspection of all networktraffic

D.

Access to blocked sites

Full Access
Question # 91

A user reports issues connecting to the network via an Ethernet Cat 6 cable. A network technician examines the cable and notices that it is terminated properly, but the color code is incorrect. Which of the following steps should the technician take next to troubleshoot this issue?

A.

Implement a fiber cable.

B.

Replace the Ethernet cable.

C.

Change the switchport speed.

D.

Use a cable tester.

Full Access
Question # 92

A network administrator notices uncommon communication between VMs on ephemeral ports on the same subnet. The administrator is concerned about that traffic moving laterally within the network. Which of the following describes the type of traffic flow the administrator is analyzing?

A.

East-west

B.

Point-to-point

C.

Horizontal-scaling

D.

Hub-and-spoke

Full Access
Question # 93

A network technician is troubleshooting a web application ' s poor performance. The office has two internet links that share the traffic load. Which of the following tools should the technician use to determine which link is being used for the web application?

A.

netstat

B.

nslookup

C.

ping

D.

tracert

Full Access
Question # 94

A client wants to increase overall security after a recent breach. Which of the following would be best to implement? (Select two.)

A.

Least privilege network access

B.

Dynamic inventeries

C.

Central policy management

D.

Zero-touch provisioning

E.

Configuration drift prevention

F.

Subnet range limits

Full Access
Question # 95

A technician is plugging an Ethernet cable into a switch to bring a new device online, but the device is not showing an active network connection. Previously, another technician turned off unused switchports as part of device hardening. Which of the following describes the port status?

A.

Error disabled

B.

Idle

C.

Suspended

D.

Administratively down

Full Access
Question # 96

A network administrator manages multiple computers and notices that three computers are no longer communicating with the network. Which of the following commands best identifies whether other devices are restricting packet traffic?

A.

ipconfig

B.

traceroute

C.

nmap

D.

ping

Full Access
Question # 97

Which of the following is created to illustrate the effectiveness of wireless networking coverage in a building?

A.

Logical diagram

B.

Layer 3 network diagram

C.

Service-level agreement

D.

Heat map

Full Access
Question # 98

Users at a satellite office are experiencing issues when using videoconferencing. Which of the following should a technician focus on first to rectify these issues?

A.

Quality of service

B.

Network signal

C.

Time to live

D.

Load balancing

Full Access
Question # 99

A network administrator prepares a VLAN for a new office while planning for minimal IP address waste. The new office will have approximately 800 workstations. Which of the following network schemes meets the requirements?

A.

10.0.100.0/22

B.

172.16.8.0/23

C.

172.16.15.0/20

D.

192.168.4.0/21

Full Access
Question # 100

A network administrator deployed wireless networking in the office area. When users visit the outdoor patio and try to download emails with large attachments or stream training videos, they notice buffering issues. Which of the following is the most likely cause?

A.

Network congestion

B.

Wireless interference

C.

Signal degradation

D.

Client disassociation

Full Access
Question # 101

A network engineer needs to correlate findings and receive alerts if there are brute force attacks, DDoS attacks, or port scanning happening within their network. Which of the following network monitoring technologies should the engineer implement?

A.

Packet capture

B.

SNMPv3

C.

SIEM

D.

Syslog collector

Full Access
Question # 102

A network administrator is troubleshooting a connectivity issue between two devices on two different subnets. The administrator verifies that both devices can successfully ping other devices on the same subnet. Which of the following is the most likely cause of the connectivity issue?

A.

Incorrect default gateway

B.

Faulty Ethernet cable

C.

Wrong duplex settings

D.

VLAN mismatch

Full Access
Question # 103

Which of the following protocols provides remote access utilizing port 22?

A.

SSH

B.

Telnet

C.

TLS

D.

RDP

Full Access
Question # 104

A technician needs to quickly set up a network with five wireless devices. Which of the following network types should the technician configure to accomplish this task?

A.

Ad hoc

B.

Spine and leaf

C.

Point to point

D.

Mesh

Full Access
Question # 105

A network technician receives a ticket from an employee who is working on PC 1 but is unable to connect to the database server. The technician pings the database server from PC 1, but the request times out. After reviewing the utilization of Switch 1 and Switch 2, the technician finds high CPU utilization and sees that the MAC table is continuously changing.

INSTRUCTIONS

Configure Switch 1 and Switch 2 to remediate the employee ' s issue. Then, validate connectivity between PC 1 and the database server.

Switch 1 and Switch 2 are already in configuration mode. Type help to view a list of available commands.

Full Access
Question # 106

Which of the following describes the best reason for using BGP?

A.

Preventing a loop within a LAN

B.

Improving reconvergence times

C.

Exchanging router updates with a different ISP

D.

Sharing routes with a Layer 3 switch

Full Access
Question # 107

A secure communication link needs to be configured between data centers via the internet. The data centers are located in different regions. Which of the following is the best protocol for the network administrator to use?

A.

DCI

B.

GRE

C.

VXLAN

D.

IPSec

Full Access
Question # 108

Which of the following is an XML-based security concept that works by passing sensitive information about users, such as login information and attributes, to providers?

A.

IAM

B.

MFA

C.

RADIUS

D.

SAML

Full Access
Question # 109

A network administrator installs wireless access points (APs) inside an industrial warehouse. A wireless survey shows a large amount of electromagnetic interference. Which of the following cable types should the administrator use to connect the APs to the switch?

A.

UTP

B.

STP

C.

Multimode

D.

Single-mode

Full Access
Question # 110

Which of the following must be implemented to securely connect a company ' s headquarters with a branch location?

A.

Split-tunnel VPN

B.

Clientless VPN

C.

Full-tunnel VPN

D.

Site-to-site VPN

Full Access
Question # 111

A network engineer must determine which ports are currently established from a client device. Given the following:

Active Connections

Proto Local Address Foreign Address State

TCP 10.203.10.11:3389 207.141.201.10:65278 ESTABLISHED

TCP 10.203.10.11:49678 168.63.129.16:32526 ESTABLISHED

TCP 10.203.10.11:49688 168.63.129.16:http ESTABLISHED

TCP 10.203.10.11:49701 168.63.129.16:32526 ESTABLISHED

TCP 10.203.10.11:52502 20.190.135.17:https TIME_WAIT

TCP 10.203.10.11:52554 168.63.129.16:http TIME_WAIT

Which of the following commands was used to produce the output?

A.

nslookup

B.

dig

C.

nmap

D.

netstat

Full Access
Question # 112

A detective is investigating an identity theft case in which the target had an RFID-protected payment card issued and compromised in the same day. The only place the target claims to have used the card was at a local convenience store. The detective notices a video camera at the store is placed in such a way that customers ' credentials can be seen when they pay. Which of the following best explains this social engineering technique?

A.

Shoulder surfing

B.

Impersonation

C.

Vishing

D.

Tailgating

Full Access
Question # 113

An administrator is setting up an SNMP server for use in the enterprise network and needs to create device IDs within a MIB. Which of the following describes the function of a MIB?

A.

DHCP relay device

B.

Policy enforcement point

C.

Definition file for event translation

D.

Network access controller

Full Access
Question # 114

Which of the following requires network devices to be managed using a different set of IP addresses?

A.

Console

B.

Split tunnel

C.

Jump box

D.

Out of band

Full Access
Question # 115

Which of the following is used to estimate the average life span of a device?

A.

RTO

B.

RPO

C.

MTBF

D.

MTTR

Full Access
Question # 116

A network administrator is implementing security zones for each department. Which of the following should the administrator use to accomplish this task?

A.

ACLs

B.

Port security

C.

Content filtering

D.

NAC

Full Access
Question # 117

A company receives a cease-and-desist order from its ISP regarding prohibited torrent activity. Which of the following should be implemented to comply with the cease-and-desist order?

A.

MAC security

B.

Content filtering

C.

Screened subnet

D.

Perimeter network

Full Access
Question # 118

A network administrator wants to increase network security by preventing client devices from communicating directly with each other on the same subnet. Which of the following technologies should be implemented?

A.

ACL

B.

Trunking

C.

Port security

D.

Private VLAN

Full Access
Question # 119

A network technician needs to resolve some issues with a customer ' s SOHO network. The

customer reports that some of the PCs are not connecting to the network, while others

appear to be working as intended.

INSTRUCTIONS

Troubleshoot all the network components.

Review the cable test results first, then diagnose by clicking on the appropriate PC,

server, and Layer 2 switch.

Identify any components with a problem and recommend a solution to correct each

problem.

If at any time you would like to bring back

the initial state of the simulation, please

click the Reset All button.

Full Access
Question # 120

While deploying a new fleet of computers on a DHCP network, a network administrator notices that new computers cannot connect to the internet. Which of the following is most likely the problem?

A.

Incorrect default gateway

B.

Address pool exhaustion

C.

Duplicate IP address

D.

Incorrect subnet mask

Full Access
Question # 121

A network technician is working on a PC with a faulty NIC. The host is connected to a switch with secured ports. After testing the connection cables and using a known-good NIC, the host is still unable to connect to the network. Which of the following is causing the connection issue?

A.

MAC address of the new card

B.

BPDU guard settings

C.

Link aggregation settings

D.

PoE power budget

Full Access
Question # 122

Which of the following disaster recovery concepts is calculated by dividing the total hours of operation by the total number of units?

A.

MTTR

B.

MTBF

C.

RPO

D.

RTO

Full Access
Question # 123

A network administrator is configuring a network for a new site that will have 150 users. Within the next year, the site is expected to grow by ten users. Each user will have two IP addresses (one for a computer and one for a phone). Which of the following classful IPv4 address ranges will be best-suited for the network?

A.

Class D

B.

Class B

C.

Class A

D.

Class C

Full Access
Question # 124

A customer recently moved into a new office and notices that some wall plates are not working and are not properly labeled Which of the following tools would be best to identify the proper wiring in the IDF?

A.

Toner and probe

B.

Cable tester

C.

Visual fault locator

D.

Network tap

Full Access
Question # 125

A network administrator is setting up two new firewalls for redundancy and needs to implement a redundant internet connection. Which of the following routing technologies will the administrator most likely use?

A.

EIGRP

B.

RIPv2

C.

OSPF

D.

BGP

Full Access
Question # 126

Which of the following attacks utilizes a network packet that contains multiple network tags?

A.

MAC flooding

B.

VLAN hopping

C.

DNS spoofing

D.

ARP poisoning

Full Access
Question # 127

A company recently implemented a videoconferencing system that utilizes large amounts of bandwidth. Users start reporting slow internet speeds and an overall decrease in network performance. Which of the following are most likely the causes of the network performance issues? (Select two)

A.

DNS misconfiguration

B.

Inadequate network security

C.

Malware or a virus

D.

Outdated software

E.

Incorrect QoS settings

F.

Network congestion

Full Access
Question # 128

Which of the following is the best way to securely access a network appliance from an external location?

A.

RDP

B.

Telnet

C.

FTPS

D.

SSH

Full Access
Question # 129

Which of the following is the most cost-effective way for a network administrator to establish a persistent, secure connection between two facilities?

A.

Site-to-site VPN

B.

GRE tunnel

C.

VXLAN

D.

Dedicated line

Full Access
Question # 130

An IT department asks a newly hired employee to use a personal laptop until the company can provide one. Which of the following policies is most applicable to this situation?

A.

IAM

B.

BYOD

C.

DLP

D.

AUP

Full Access
Question # 131

A network technician sets up a computer on the accounting department floor for a user from the marketing department. The user reports that they cannot access the marketing department’s shared drives but can access the internet. Which of the following is the most likely cause of this issue?

A.

Mismatched switchport duplex

B.

Misconfigured gateway settings

C.

Incorrect VLAN assignment

D.

SVI is assigned to the wrong IP address

Full Access
Question # 132

A company is implementing a wireless solution in a high-density environment. Which of the following 802.11 standards is used when a company is concerned about device saturation and converage?

A.

802.11ac

B.

802.11ax

C.

802.11g

D.

802.11n

Full Access
Question # 133

Which of the following is the correct order of components in a bottom-up approach for the three-tier hierarchical model?

A.

Access, distribution, and core

B.

Core, root, and distribution

C.

Core, spine, and leaf

D.

Access, core, and roof

Full Access
Question # 134

A network administrator must implement a feature that supports redundancy and scaling on the switches at the distribution layer of the network. Which of the following is the best option?

A.

VLAN assignment

B.

Spanning tree

C.

Port speed

D.

Full duplex

Full Access
Question # 135

A network engineer needs to deploy an access point at a remote office so that it will not communicate back to the wireless LAN controller. Which of the following deployment methods must the engineer use to accomplish this task?

A.

Lightweight

B.

Autonomous

C.

Mesh

D.

Ad hoc

Full Access
Question # 136

Which of the following protocol ports should be used to securely transfer a file?

A.

22

B.

69

C.

80

D.

3389

Full Access
Question # 137

After extremely high temperatures cause a power outage, the servers automatically shut down, even though the UPSs for the servers still have hours of battery life. Which of the following should a technician recommend?

A.

Include backup power for air-conditioning units

B.

Configure door locks to automatically lock during power outages

C.

Increase UPS battery size

D.

Add an IoT-enabled thermostat

Full Access
Question # 138

A network engineer is designing an internal network that needs to support both IPv4 and IPv6 routing. Which of the following routing protocols is capable of supporting both IPv4 and IPv6?

A.

OSPFv3

B.

RIPv2

C.

BGP

D.

EIGRP

Full Access
Question # 139

The leadership team is updated on the results of an approved change request after a breach. Which of the following troubleshooting methodology steps is described in this example?

A.

Establishing a theory of probable cause

B.

Implementing the solution or escalating as necessary

C.

Documenting findings, actions, outcomes, and lessons learned throughout the process

D.

Establishing a plan of action to resolve the problem and identifying potential effects

Full Access
Question # 140

A network administrator needs to locate a specific AP using a spectrum analyzer to complete an 802.11ax device migration. Which of the following should display on the analyzer to locate the AP?

A.

SSID

B.

RSSI

C.

Channel number

D.

BSSID

Full Access
Question # 141

Which of the following is used to redistribute traffic between one source and multiple servers that run the same service?

A.

Router

B.

Switch

C.

Firewall

D.

Load balancer

Full Access
Question # 142

Which of the following is an example of a split-tunnel VPN?

A.

Only public resources are accessed through the user’s internet connection.

B.

Encrypted resources are accessed through separate tunnels.

C.

All corporate and public resources are accessed through routing to on-site servers.

D.

ACLs are used to balance network traffic through different connections.

Full Access
Question # 143

A network administrator receives a ticket from a user. The user reports that they cannot access any websites and that they have already checked everything on their computer. Which of the following is the first action the administrator should take?

A.

Divide and conquer.

B.

Establish a theory of probable cause.

C.

Question the user.

D.

Document the findings.

Full Access
Question # 144

A network technician is troubleshooting network latency and has determined the issue to be occuring two network switches( Switch10 and Switch11). Symptoms reported included poor video performance and slow file copying. Given the following informtion:

Which of the following should the technician most likely do to resolve the issue?

A.

Disable automatic negotiation on Switch11.

B.

Modify Switch10 MTU value to 1500.

C.

Configure STP on both switches.

D.

Change the native VLAN on the ports.

Full Access
Question # 145

Which of the following cloud platform technology characteristics would a quantum computing host most likely prioritize?

A.

Scalability

B.

Elasticity

C.

Multitenancy

D.

Cost

Full Access
Question # 146

Which of the following is enforced through legislation?

A.

AUP

B.

GDPR

C.

Code of conduct

D.

EULA

Full Access
Question # 147

A firewall administrator is mapping a server ' s internal IP address to an external IP address for public use. Which of the following is the name of this function?

A.

NAT

B.

VIP

C.

PAT

D.

BGP

Full Access
Question # 148

A virtual machine has the following configuration:

•IPv4 address: 169.254.10.10

•Subnet mask: 255.255.0.0

The virtual machine can reach colocated systems but cannot reach external addresses on the Internet. Which of the following Is most likely the root cause?

A.

Thesubnet mask is incorrect.

B.

TheDHCP server is offline.

C.

TheIP address is an RFC1918 private address.

D.

TheDNS server is unreachable.

Full Access
Question # 149

Which of the following connectors allows a singular QSFP transceiver to have several physical connections?

A.

RJ45

B.

ST

C.

LC

D.

MPO

Full Access
Question # 150

Which of the following layers in the OSI model is responsible for establishing, maintaining, and terminating connections between nodes?

A.

Physical

B.

Network

C.

Session

D.

Transport

Full Access
Question # 151

Which of the following routing protocols needs to have an autonomous system set in order to establish communication with neighbor devices?

A.

OSPF

B.

EIGRP

C.

FHRP

D.

RIP

Full Access
Question # 152

Which of the following should an installer orient a port-side exhaust to when installing equipment?

A.

The patch panel

B.

The front of the IDF

C.

The warm aisle

D.

The administrator console

Full Access
Question # 153

A network technician needs to install patch cords from the UTP patch panel to the access switch for a newly occupied set of offices. The patch panel is not labeled for easy jack identification. Which of the following tools provides the easiest way to identify the appropriate patch panel port?

A.

Toner

B.

Laptop

C.

Cable tester

D.

Visual fault locator

Full Access
Question # 154

Which of the following is the final step in the ticket management process?

A.

Escalating to senior management

B.

Performing functional and non-functional testing

C.

Documenting findings, outcomes, and lessons learned

D.

Establishing a detailed action plan

Full Access
Question # 155

A technician is troubleshooting a user ' s laptop that is unable to connect to a corporate server. The technician thinks the issue pertains to routing. Which of the following commands should the technician use to identify the issue?

A.

tcpdump

B.

dig

C.

tracert

D.

arp

Full Access
Question # 156

A user tries to visit a website, but instead of the intended site, the page displays vmw.cba.com. Which of the following should be done to reach the correct website?

A.

Modify the CNAME record

B.

Update the PTR record

C.

Change the NTP settings

D.

Delete the TXT record

Full Access
Question # 157

Users are experiencing significant lag while connecting to a cloud-based application during peak hours. An examination of the network reveals that the bandwidth is being heavily utilized. Further analysis shows that only a few users are using the application at any given time. Which of the following is the most cost-effective solution for this issue?

A.

Limit the number of users who can access the application.

B.

Lease a Direct Connect connection to the cloud service provider.

C.

Implement QoS to prioritize application traffic.

D.

Use a CDN to service the application.

Full Access
Question # 158

A network administrator upgraded the wireless access points and wants to implement a configuration that will give users higher speed and less channel overlap based on device compatibility. Which of the following will accomplish this goal?

A.

802.1X

B.

MIMO

C.

ESSID

D.

Band steering

Full Access
Question # 159

Which of the following devices functions mainly at the data link layer of the OSI model and is used to connect a fiber-optic cable to a network interface?

A.

SC

B.

DAC

C.

SFP transceiver

D.

Twinaxial cable

Full Access
Question # 160

A network technician is troubleshooting a faulty NIC and tests the theory. Which of the following should the technician do next?

A.

Develop a theory.

B.

Establish a plan of action.

C.

Implement the solution.

D.

Document the findings.

Full Access
Question # 161

Which of the following impacts the availability of a web-based customer portal?

A.

MAC flooding

B.

ARP spoofing

C.

DoS

D.

Rogue devices

Full Access
Question # 162

A network technician is designing a LAN for a new facility. The company is expecting more than 300 devices to connect to the network. Which of the following masks will provide the most efficient subnet?

A.

255.255.0.0

B.

255.255.192.0

C.

255.255.254.0

D.

255.255.255.254

Full Access
Question # 163

A junior network administrator is auditing the company network and notices incrementing input errors on a long-range microwave interface. Which of the following is the most likely reason for the errors?

A.

The parabolic signal is misaligned.

B.

The omnidirectional signal is being jammed.

C.

The omnidirectional signal is not strong enough to receive properly.

D.

The parabolic signal uses improper routing protocols.

Full Access
Question # 164

After a networking intern plugged in a switch, a significant number of users in a building lost connectivity. Which of the following is the most likely root cause?

A.

VTP update

B.

Port security issue

C.

LLDP misconfiguration

D.

Native VLAN mismatch

Full Access
Question # 165

Which of the following indicates a computer has reached end-of-support?

A.

The computer does not have any users.

B.

The antivirus protection is expired.

C.

The operating system license is expired.

D.

No more patches or bug fixes are available indefinitely.

Full Access
Question # 166

Which of the following would describe a data recovery goal?

A.

MTBF

B.

RPO

C.

BCP

D.

MTTR

Full Access