All About Breathing N10-008 Free Practice Exam

NEW QUESTION 1

A customer calls the help desk to report that users are unable to access any network resources_ The issue started earlier in the day when an employee rearranged the wiring closet A technician goes to the site but does not observe any obvious damage. The statistics output on the switch indicates high CPI-J usage, and all the lights on the switch are blinking rapidly in unison_ Which of the following is the most likely explanation for these symptoms?

• A. The switch was rebooted and set to run in safe mode.
• B. The line between the switch and the upstream router was removed
• C. A cable was looped and created a broadcast storm.
• D. A Cat 6 cable from the modem to the router was replaced with Cat 5e.

Answer: C

Explanation:
A cable was looped and created a broadcast storm is the most likely explanation for the symptoms of high CPU usage and blinking lights on the switch. A cable loop is a situation where a switch port is connected to another switch port on the same switch or another switch, creating a circular path for network traffic. A cable loop can cause a broadcast storm, which is a network phenomenon where a large number of broadcast or multicast packets are flooded on the network, consuming bandwidth and CPU resources. A broadcast storm can cause network congestion, performance degradation, or failure. A cable loop can occur when an employee rearranges the wiring closet without proper documentation or verification. A cable loop can be prevented or detected by using Spanning Tree Protocol (STP) or loop detection features on the switch. References: [CompTIA Network+ Certification Exam Objectives], What Is a Broadcast Storm? |
Definition & Examples | Forcepoint

NEW QUESTION 2

A network administrator is trying to create a subnet, which is the most efficient size possible, for 31 laptops. Which of the following network subnets would be best in this situation?

• A. 10.10.10.0/24
• B. 10.10.10.0/25
• C. 10.10.10.0/26
• D. 10.10.10.0/27

Answer: D

Explanation:
A /27 subnet mask has 32 IP addresses, of which 30 are usable for hosts. This is the smallest subnet that can accommodate 31 laptops, as the other options have either too few or too many IP addresses. A /27 subnet mask is equivalent to 255.255.255.224 in decimal notation, and has a wildcard mask of 0.0.0.31. The network address is 10.10.10.0, and the broadcast address is 10.10.10.31. The usable host range is 10.10.10.1 to 10.10.10.30.
References
1: Subnet Cheat Sheet – 24 Subnet Mask, 30, 26, 27, 29, and other IP Address CIDR Network References
2: IP Subnet Calculator

NEW QUESTION 3

Which of the following cables is the most appropriate to use when running bulk cables in ceilings?

• A. Plenum
• B. Coaxial
• C. Ethernet
• D. DAC

Answer: A

Explanation:
Plenum cable is the most appropriate to use when running bulk cables in ceilings because it is designed to meet fire safety standards and reduce the risk of toxic smoke in plenum spaces, which are areas with air flow above or below floors.

NEW QUESTION 4

On a network with redundant switches, a network administrator replaced one of the switches but was unable to get a connection with another switch. Which of the following should the administrator chock after successfully testing the cable that was wired for TIA/EIA-568A on both ends?

• A. If MDIX is enabled on the new switch
• B. If PoE is enabled
• C. If a plenum cable is being used
• D. If STP is disabled on the switches

Answer: A

Explanation:
Auto-MDIX (or medium dependent interface crossover) is a feature that automatically detects the type of cable connection and configures the interface accordingly
(i.e. straight-through or crossover). This ensures that the connection between the two switches is successful. This is referenced in the CompTIA Network+ Study Manual, page 519.

NEW QUESTION 5

Which of the following can be used to limit the ability of devices to perform only HTTPS connections to an internet update server without exposing the devices to the public internet?

• A. Allow connections only to an internal proxy server.
• B. Deploy an IDS system and place it in line with the traffic.
• C. Create a screened network and move the devices to it.
• D. Use a host-based network firewall on each device.

Answer: A

Explanation:
An internal proxy server is a server that acts as an intermediary between internal devices and external servers on the internet. An internal proxy server can be used to limit the ability of devices to perform only HTTPS connections to an internet update server by filtering and forwarding the requests and responses based on predefined rules or policies. An internal proxy server can also prevent the devices from being exposed to the public internet by hiding their IP addresses and providing a layer of security and privacy.

NEW QUESTION 6

After upgrading to a SOHO router that supports Wi-Fi 6, the user determines throughput has not increased. Which of the following is the MOST likely cause of the issue?

• A. The wireless router is using an incorrect antenna type.
• B. The user's workstation does not support 802.11 ax.
• C. The encryption protocol is mismatched
• D. The network is experiencing interference.

Answer: B

Explanation:
The user’s workstation does not support 802.11 ax, which is the technical name for Wi-Fi 6. Wi-Fi 6 is a new wireless standard that offers faster speeds, higher capacity, and lower latency than previous standards. However, to take advantage of these
benefits, both the router and the workstation need to support Wi-Fi 6. If the workstation only supports an older standard, such as 802.11 ac or Wi-Fi 5, then the throughput will not increase even if the router supports Wi-Fi 6. References: [CompTIA Network+ Certification Exam Objectives], What is Wi-Fi 6? Here’s what you need to know | PCWorld

NEW QUESTION 7

A junior network administrator is auditing the company network and notices incrementing input errors on a long-range microwave interface. Which of the following is the most likely reason for the errors?

• A. The parabolic signal is misaligned.
• B. The omnidirectional signal is being jammed.
• C. The omnidirectional signal is not strong enough to receive properly.
• D. The parabolic signal uses improper routing protocols.

Answer: A

Explanation:
A long-range microwave interface is a type of wireless communication that uses high- frequency radio waves to transmit and receive data over long distances. A long-range microwave interface typically uses a parabolic antenna, also known as a dish antenna, to focus the radio waves into a narrow beam that can travel farther and with less interference than an omnidirectional antenna, which radiates the radio waves in all directions1.
One of the most common causes of input errors on a long-range microwave interface is the misalignment of the parabolic antenna. Input errors are errors that occur when the receiver cannot properly decode or process the incoming signal. If the parabolic antenna is not aligned correctly with the transmitter, the receiver may not be able to capture the full strength of the signal, or it may pick up unwanted noise or interference from other sources. This can result in corrupted or lost data, which will increase the input error count23.
To troubleshoot this issue, the junior network administrator should check the alignment of the parabolic antenna and make sure it is pointing directly at the transmitter. The administrator can use tools such as a spectrum analyzer, a signal strength meter, or a path alignment tool to measure and adjust the signal quality and alignment of the antenna24. The other options are not likely reasons for the input errors on a long-range microwave interface. A long-range microwave interface does not use an omnidirectional signal, so it cannot be jammed or weakened by other sources. The parabolic signal does not depend on the routing protocols used by the network, so it cannot be affected by improper routing protocols.

NEW QUESTION 8

Which of the following TCP ports is used by the Windows OS for file sharing?

• A. 53
• B. 389
• C. 445
• D. 1433

Answer: C

Explanation:
TCP port 445 is used by the Windows OS for file sharing. It is also known as SMB (Server Message Block) or CIFS (Common Internet File System) and allows users to access files, printers, and other shared resources on a network. References: https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3

NEW QUESTION 9

A network engineer needs to enable device monitoring using authentication and encryption. Which of the following protocols offers this option?

• A. ESP
• B. SNMPv3
• C. NetFIow
• D. SSLv3

Answer: B

Explanation:
SNMPv3 is a protocol that offers device monitoring using authentication and encryption. SNMP stands for Simple Network Management Protocol, and it is a standard way of collecting and organizing information about network devices, such as routers, switches, servers, printers, and so on. SNMPv3 is the latest version of SNMP, and it provides enhanced security features, such as data integrity, data origin authentication, data confidentiality, and access control. SNMPv3 can use different algorithms to encrypt and authenticate the communication between the network management system and the
network devices12. References:
✑ Network Monitoring Tools – CompTIA Network+ N10-006 – 2.12
✑ CompTIA Network+ N10-008 Certification Exam Objectives, page 93

NEW QUESTION 10

A company is sending a switch to a remote site to be reused. An administrator needs to move the switch and ensure no network settings persist. Which of the following databases does the administrator need to delete?

• A. VLAN
• B. STP
• C. ARP
• D. Trunking

Answer: A

Explanation:
The VLAN database is the database that stores the VLAN configuration information on a switch, such as the VLAN IDs, names, and ports. The VLAN database is stored in a separate file from the switch configuration file, and it is not affected by the erase startup- config or reload commands. Therefore, to delete the VLAN database, the administrator needs to use a specific command, such as delete flash:vlan.dat or delete vlan.dat, depending on the switch model. Deleting the VLAN database will ensure that no network settings related to VLANs persist on the switch when it is moved to a remote site. References
✑ 1: CompTIA Network+ N10-008 Certification Study Guide, page 163
✑ 2: N10-008 CompTIA Network+ : 5.5 - Professor Messer IT Certification Training Courses
✑ 3: CompTIA Network+ (N10-008) Practice Exam w/PBQ & Solution, question 6

NEW QUESTION 11

A technician monitors a switch interface and notices it is not forwarding frames on a trunked port. However, the cable and interfaces are in working order. Which of the following is MOST likely the cause of the issue?

• A. STP policy
• B. Flow control
• C. 802.1Q configuration
• D. Frame size

Answer: C

Explanation:
802.1Q configuration is the most likely cause of the issue where a switch interface is not forwarding frames on a trunked port. 802.1Q is a standard that defines how to create and manage virtual LANs (VLANs) on a switched network. VLANs are logical segments of a network that group devices based on criteria such as function, department, or security level. VLANs can improve network performance, security, and manageability by reducing broadcast domains, isolating traffic, and enforcing policies. A trunked port is a switch port that can carry traffic from multiple VLANs over a single physical link by adding a VLAN tag to each frame. A VLAN tag is a 4-byte header that identifies the VLAN ID and priority of each frame. A trunked port requires 802.1Q configuration to specify which VLANs are allowed or disallowed on the port, and which VLAN is the native or untagged VLAN. If the 802.1Q configuration is incorrect or mismatched between switches, frames may be dropped or misrouted on the trunked port. References: [CompTIA Network+ Certification Exam Objectives], VLAN Trunking Protocol (VTP) Explained | NetworkLessons.com

NEW QUESTION 12

A network technician is troubleshooting a connection to a web server. The Technician Is unable to ping the server but is able to verify connectivity to the web service using Tenet. Which of the following protocols is being blocked by me firewall?

• A. UDP
• B. ARP
• C. ICMP
• D. TCP

Answer: C

Explanation:
ICMP (Internet Control Message Protocol) is a protocol that is used to send error and control messages between network devices, such as ping requests and replies. ICMP is being blocked by the firewall, which prevents the network technician from pinging the web server. TCP (Transmission Control Protocol) is a protocol that provides reliable and ordered delivery of data between network devices, such as web service requests and responses using HTTP (Hypertext Transfer Protocol). TCP is not being blocked by the firewall, which allows the network technician to verify connectivity to the web service using Telnet. UDP (User Datagram Protocol) is a protocol that provides fast and efficient delivery of data between network devices, but does not guarantee reliability or order. UDP is used for applications such as streaming media or online gaming. ARP (Address Resolution Protocol) is a protocol that resolves IP addresses to MAC addresses on a local network. References: [CompTIA Network+ Certification Exam Objectives], Domain 2.0 Networking Concepts, Objective 2.1: Compare and contrast OSI and TCP/IP models, Subobjective: TCP/IP model layers (Application/Transport/Internet/Network Interface)

NEW QUESTION 13

A network administrator is configuring a new switch and wants to connect two ports to the core switch to ensure redundancy. Which of the following configurations would meet this
requirement?

• A. Full duplex
• B. 802.1Q tagging
• C. Native VLAN
• D. Link aggregation

Answer: D

Explanation:
Link aggregation is a technique that allows multiple physical ports to be combined into a single logical channel, which provides increased bandwidth, load balancing, and redundancy. Link aggregation can be configured using protocols such as Link Aggregation Control Protocol (LACP) or static methods.
References
✑ Link aggregation is one of the common Ethernet switching features covered in Objective 2.3 of the CompTIA Network+ N10-008 certification exam1.
✑ Link aggregation can be used to connect two ports to the core switch to ensure redundancy23.
✑ Link aggregation can be configured using LACP or static methods23.
1: CompTIA Network+ Certification Exam Objectives, page 5 2: Interface Configurations – N10-008 CompTIA Network+ : 2.3 3: CompTIA Network+ N10-008 Cert Guide, Chapter 11, page 323

NEW QUESTION 14

Which of the following is the most secure connection used to inspect and provide controlled internet access when remote employees are connected to the corporate network?

• A. Site-to-site VPN
• B. Full-tunnel VPN
• C. Split-tunnel VPN
• D. SSH

Answer: B

Explanation:
A full-tunnel VPN is a type of virtual private network (VPN) that encrypts and routes all the traffic from the remote device to the corporate network, regardless of the destination or protocol. This provides a secure connection for the remote employees to access the corporate resources, as well as inspect and control the internet access through the corporate firewall and proxy servers. A full-tunnel VPN also prevents any leakage of sensitive data or exposure to malicious attacks from the public internet. A full-tunnel VPN is more secure than a split-tunnel VPN, which only encrypts and routes the traffic destined for the corporate network, while allowing the traffic for other destinations to bypass the VPN and use the local internet connection. A site-to-site VPN is a type of VPN that connects two or more networks, such as branch offices or data centers, over the internet. It is not suitable for connecting individual remote employees to the corporate network. SSH stands for Secure Shell, and it is a protocol that allows secure remote login and command execution over an encrypted channel. It is not a type of VPN, and it does not provide
controlled internet access. References: CompTIA Network+ N10-008 Cert Guide, Chapter 5, Section 5.3

NEW QUESTION 15

A network administrator walks into a datacenter and notices an unknown person is following closely. The administrator stops and directs the person to the security desk. Which of the following attacks did the network administrator prevent?

• A. Evil twin
• B. Tailgating
• C. Piggybacking
• D. Shoulder surfing

Answer: B

Explanation:
Tailgating is a physical security attack where an unauthorized person follows an authorized person into a restricted area without proper identification or authorization. The network administrator prevented this attack by stopping and directing the person to the security desk. References: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number: N10-006), Domain 3.0 Network Security, Objective 3.1 Compare and contrast risk-related concepts.

NEW QUESTION 16

A medical building offers patients Wi-Fi in the waiting room. Which of the following security
features would be the BEST solution to provide secure connections and keep the medical data protected?

• A. Isolating the guest network
• B. Securing SNMP
• C. MAC filtering
• D. Disabling unneeded switchports

Answer: A

NEW QUESTION 17

A network security engineer is investigating a potentially malicious Insider on the network. The network security engineer would like to view all traffic coming from the user's PC to the switch without interrupting any traffic or having any downtime. Which of the following should the network security engineer do?

• A. Turn on port security.
• B. Implement dynamic ARP inspection.
• C. Configure 802.1Q.
• D. Enable port mirroring.

Answer: D

Explanation:
Port mirroring is a feature that allows a network switch to copy the traffic from one or more ports to another port for monitoring purposes. Port mirroring can be used to analyze the network traffic from a specific source, destination, or protocol without affecting the normal operation of the network. Port mirroring can also help to detect and troubleshoot network problems, such as performance issues, security breaches, or policy violations.
The other options are not correct because they do not meet the requirements of the question. They are:
✑ Turn on port security. Port security is a feature that restricts the number and type
of devices that can connect to a switch port. Port security can help to prevent unauthorized access, MAC address spoofing, or MAC flooding attacks. However, port security does not allow the network security engineer to view the traffic from the user’s PC to the switch.
✑ Implement dynamic ARP inspection. Dynamic ARP inspection (DAI) is a feature
that validates the ARP packets on a network and prevents ARP spoofing attacks. DAI can help to protect the network from man-in-the-middle, denial-of-service, or data interception attacks. However, DAI does not allow the network security engineer to view the traffic from the user’s PC to the switch.
✑ Configure 802.1Q. 802.1Q is a standard that defines how to create and manage
virtual LANs (VLANs) on a network. VLANs can help to segment the network into logical groups based on function, security, or performance. However, 802.1Q does not allow the network security engineer to view the traffic from the user’s PC to the switch.
References1: Port Mirroring - an overview | ScienceDirect Topics2: Network+ (Plus) Certification | CompTIA IT Certifications3: Port Security - an overview | ScienceDirect Topics4: Dynamic ARP Inspection - an overview | ScienceDirect Topics5: 802.1Q - an overview | ScienceDirect Topics

NEW QUESTION 18
......