Add to collection(s) Add to saved
  1. No category
Uploaded by Mr. Mosi

N10-007 Exam Simulation 2

advertisement 
4/18/22, 4:07 PM
N10-007 Exam Simulation
QBank Quiz April 18, 2022
Question #1 of 200
Test ID: 205855163
Question ID: 1289281
Your organization has several wireless access points located in the building. Access point usage is based on department membership. Many users report that they are able to
see multiple access points. You research this issue and discover that their computers are not connecting to the appropriate access point due to an SSID mismatch. You must
ensure that the computers connect to the correct access point if that access point is available. Computers should be able to connect to other access points only if their main
access point is down. What should you do?
A) Configure the preferred wireless network on the user's computer.
B) Reduce the signal strength on the wireless access points.
C) Ensure that the wireless access points in close proximity use different channels.
D) Configure MAC filtering on the wireless access points.
Explanation
You should configure the preferred wireless network on the user's computer. After this is completed, the user's computer will automatically connect to the preferred wireless
network if it is available. If a computer is connected to the wrong SSID, you need to change to the correct access point and then set that access point as the preferred network.
You should not reduce the signal strength on the wireless access points. This could possible cause some users to be unable to connect to their access point.
You should not configure MAC filtering on the wireless access points. Because the scenario specifically states that computers should be able to connect to other access points,
you would have to ensure that the MAC address of all possible computers are configured on every access point. MAC filtering is a security mechanism that only allows
connections that match the ACL.
You should not ensure that the wireless access points in close proximity use different channels. This would have no effect on which access point the computers use. Each
frequency has different channels that can be used. If the client attempts to connect to an access point using an incorrect channel, the connection will be unsuccessful. The
channel used by the clients and the access point must be the same.
Keep in mind that you should not user overlapping channels when implementing access points that use the same frequency. For each frequency, there is a certain number of
non-overlapping channels that you should use.
If you implement wireless networks, you may want to include a wireless analyzer as part of your toolkit. A wireless analyzer can identify problems such as signal loss,
overlapping or mismatched channels, unacceptable signal to noise ratios, rogue APs, and power levels.
For the Network+ exam, you also need to understand the following wireless issues:
Untested updates - Any updates to wireless network devices should be thoroughly tested before deployment on the network. This includes any firmware updates.
Open networks - Open networks are commonly deployed in public areas, such as libraries, coffee shops, and retail establishments, to provide a service to customers.
However, you should use extreme caution when using open, unsecured networks as any communication can be intercepted and read. Companies should adopt a policy that
clearly states whether personnel can connect to open networks using company-issued devices, including laptops, cell phones, and other mobile devices.
Wrong antenna type - Antenna types can affect the area that a wireless signal will cover. Unidirectional antennas only transmit in a single direction, while omnidirectional
antennas transmit in a defined radius from the antenna placement. In both cases, you should ensure that the wireless access point is placed in an area where the antenna
type will be most effective.
Incompatibilities - Incompatibilities usually occur when you deploy a device, update, or application that is incompatible with the clients on your wireless network. It may be
necessary to roll back the update, remove the application, or reconfigure the device. If you deploy devices, updates, or applications in a testing environment first, you should
be able to discover these issues before live deployment.
Multiple in, multiple out (MIMO) - MIMO is deployed in 802.11n wireless networks. It uses separate antennas for outgoing and incoming transmissions. MIMO increases
reliability and throughput.
Access point (AP) configurations
Lightweight Access Point Protocol (LWAPP) - LWAPP is a protocol that allows a wireless LAN controller (WAC) to manage and control multiple wireless access points.
Control And Provisioning of Wireless Access Points (CAPWAP) is a newer alternative to LWAPP.
Thin vs thick - Thick access points handle a wide array of tasks in software, each a separate IP address wired directly into Ethernet switches, If WLAN controller is
deployed, the access points no longer have to handle as many tasks because they can be handed off to the WLAN controller. When a WLAN controller is used, the APs
are referred to as thin APs.
Objective:
Network Troubleshooting and Tools
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
1/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Sub-Objective:
Given a scenario, troubleshoot common wireless connectivity and performance issues.
References:
Unified Wireless Network: Troubleshoot Client Issues, http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a00809d45a2.shtml#c1
Question #2 of 200
Question ID: 1289119
You need to deploy a fiber distribution panel offer for datacenter, remote office, or local area networking use. Which of the following features are NOT important for such uses?
(Choose all that apply.)
A) Cable storage
B) Cable termination
C) Support for GBIC connectors
D) Cable splices
E) Support for SFP+
F) Bulkhead adapters and receptacles
Explanation
Support for SFP+ and for GBIC connectors is not important for such uses. These two options represent connectors used at endpoints, such as routers, switches, and network
interfaces, not connectors or functions present in FDPs themselves.
GBIC connectors are used for end-point termination at a device interface of some kind. They are neither typically used nor necessary on a fiber distribution panel.
SFP+ stands for the enhanced, or plus, version of the small form-factor (hot) pluggable (or SFP) fiber optic connector. Such connectors are used for endpoint connections, not in
FDPs where no optical-to-digital or digital-to-optical conversion need necessarily occur.
A fiber distribution panel (FDP), also known as a fiber optic distribution panel, offers the following for datacenter, remote office, or local area networking use:
Cable termination - FDPs usually provide a common point for terminating fiber optic cables so that they may be connected to fiber optic terminal equipment, such as
switches, routers, and network interfaces of all kinds.
Bulkhead adapters and receptacles - In an FDP, distribution pigtails with their single connectors (the other end will be spliced to another fiber optic cable coming either from
off or on the current premises) are routed through cable distribution trays or cable management trays and will be terminated in bulkhead adapters and attendant receptacles.
Cable splices - FDPs provide facilities for mounting and protecting fiber optic cable splices, including clamps and mounts to secure spliced cables. They may also include
one or more splice trays, where spliced cross- or pass-through fiber optic connections may be stored. Splice trays also usually house the splice chips used to create
necessary fiber optic cable splices on location.
Cable storage - FDPs usually include cable reels for storing pigtails and patch cables, and may include other cable storage space and options as well. Often, splice tray(s)
and extra cable storage is provided at the bottom of an FDP chassis.
FDPs offer fiber optic cable management, cable routing, and cable control for high-density fiber optic deployments. In particular, FDPs generally provide space for fiber optic
cable termination, fiber optic cable storage (for pigtails and patch cables), fiber optic cable splices (up into the hundreds, depending on the specific FDP under consideration or
in use), and access to bulkhead adapters and receptacles for fiber optic cables.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
ADC Fiber Optic Panel FL2000 Series User Manual, https://www.manualsdir.com/manuals/32543/adc-fiber-optic-panel-fl2000-series.html
Question #3 of 200
Question ID: 1289081
You have been hired as a network administrator for a large corporation. This network includes a large number of switches that must be identically configured. In the past, this
information has been configured manually. You want to automatically propagate the VLAN information to all switches on the LAN. What should you use? (Choose two.)
A) VTP
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
2/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
B) STP
C) 802.1q
D) link aggregation
Explanation
To automatically propagate VLAN information to all switches on the LAN, you should use VLAN Trunking Protocol (VTP), which is also referred to as 802.1q. VTP configuration
will prevent the VLAN information from having to be manually configured on all of the switches. VTP allows two switches to share VLAN information. One of the VLANs is called
a native VLAN, also referred to a default VLAN. Frames belonging to the native VLAN are sent unaltered over the trunk with no tags. However, to distinguish other VLANs from
one another, the remaining VLANs are tagged.
The native VLAN will default to VLAN 1. To separate out any of your user traffic from your network management traffic, you may want to change the native VLAN number to be
some other value. Changing your native VLAN is a common mitigation technique.
The VTP information is carried over a trunk connection that is implemented based on the 802.1q standard. This allows traffic for multiple VLANs to travel over a single
connection.
Link aggregation combines multiple physical connections into a single logical connection, thereby alleviating congestion on the physical connections.
Spanning Tree Protocol (STP) is used to prevent loops by blocking data from flowing over one or more switch ports.
There are two types of STP: spanning tree (802.1d) and rapid spanning tree (802.1w). 802.1d is an older standard that was designed when a minute or more of lost connectivity
was considered acceptable downtime. In Layer 3 switching, switching now competes with routed solutions where protocols such as Open Shortest Path First (OSPF) and
Enhanced Interior Gateway Routing Protocol (EIGRP) provide an alternate path in less time. A layer 3 switch is the best option when you need to re-route multicast and unicast
communication caused by a disruption of service when a network is failing redundancy at the main distribution frame (MDF).
The 802.1w protocol was developed to improve performance. 802.1w bridges are fully distributed while 802.1d switches agree on a root port. This root port acts differently than
the other switches and is responsible for the network's connectivity.
802.1w defines roles for the ports and a new bridge protocol data unit (BPDU) format, which introduces the proposal/agreement mechanism. BPDU's handling and convergence
is different in each protocol. 802.1w introduces these new features:
Rapid Transition To Forwarding State - includes new Edge Ports and Link Types variables.
Uplink Fast - distinguishes between port roles and uses alternate ports.
By default, unknown unicast and multicast traffic is flooded to all Layer 2 ports in a VLAN. This unknown traffic flooding can be prevented by blocking unicast or multicast traffic
on the switch ports. However, keep in mind that there may be cases in which you need to use unicast or multicast traffic.
You can also configure forwarding and blocking on a switch port. If you configure forwarding, certain types of traffic based on the rules you configure will be forwarded to a
certain port. If you configure blocking, certain types of traffic can be blocked from a switch port.
For the Network+ exam, you also need to understand Link Aggregation Control Protocol (LACP), also referred to as 802.3ad. LACP supports automatic link configuration and
prevents an individual link from becoming a single point of failure. With this protocol, traffic is forwarded to a different link if a link fails.
You can manually or automatically assign the IP address for the switch. Automatic configuration uses a DHCP server to obtain the IP address and all other information that you
have configured the DHCP server to assign. The DHCP server does not have to be on the same subnetwork as the switch. If you manually configure the IP address, you need
to ensure that all settings are correct. Switches should be given their own IP address and default gateway to use so that they can be remotely managed.
For IP address assignment for devices attached to the switch, some switches can also be configured to act as a DHCP server and assign IP addresses to attached devices.
However, you must ensure that the DHCP ranges that are configured on the switch do not overlap the ranges on other DHCP servers. Otherwise, you may have a single IP
address assigned to multiple hosts on the network, thereby affecting communication.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 4: Ethernet Technology, Ethernet Switch Features
Question #4 of 200
Question ID: 1289126
You are working on several wiring projects. You have multiple connectors but must ensure that you have enough of each type to support the projects. Match the connectors on
the left to the cable types on the right. Move the correct items from the left column to the column on the right to match the connector with the correct cable type.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
3/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
{UCMS id=5077518904197120 type=Activity}
Explanation
The following is the correct matching for connectors and cable types:
BNC - coaxial cable
SC - fiber-optic cable
RJ-45 - twisted-pair cable
Coaxial cable can also use an F-connector. Fiber-optic cable can also use an ST or LC connector. Twisted-pair cable can also use an RJ-11 connector. For twisted pair cable, an
RJ-11 connector is used in telephone deployments and an RJ-45 connector is used in network deployments.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Media
Question #5 of 200
Question ID: 1289292
You are troubleshooting a connectivity problem with a computer named Computer1 on a network that has a router with the IP address 192.168.10.1. The network uses a nonsubnetted Class C IP address range. Computer1 is configured with an IP address of 192.168.10.255 and a default gateway address of 192.168.10.1. The computers on the
network are configured with the subnet mask 255.255.255.0. Computer1 cannot connect to the other nodes on the network. The link lights on Computer1's network interface
card (NIC) are lit.
What is most likely causing the connectivity problem?
A) Computer1's IP address
B) the subnet mask used on the network
C) the router's IP address
D) Computer1's default gateway address
E) Computer1's NIC
Explanation
Of the choices listed, Computer1's IP address is most likely causing its connectivity problem. Computer1 is configured with the broadcast address for the network, and thus
cannot communicate on the network. The network address 192.168.10.1 with a subnet mask of 255.255.255.0 can also be represented as 192.168.10.1/24. The slash (/)
character and the number that follows it represent the network prefix, which indicates the number of bits in an IP address that are used for the network address. In this scenario,
the first three octets are used as the network address and the last octet is used for host addresses because it is a class C address range. Therefore, the router's network
address is 192.168.10 and its host address is 1. IP addresses from 192.168.10.1 through 192.168.10.254 are valid host addresses on the network. In this scenario, the address
192.168.10.0 is the network ID for the network.
The following example illustrates the use of the network prefix. On a network with a host address of 192.168.100.1/24, IP addresses from 192.168.100.1 through
192.168.100.254 are valid host address on the network, and the address 192.168.100.0 is the network ID. The IP address 192.168.100.255/24 is the broadcast address for this
network.
In an IP address with the network prefix /8, the first eight bits of the IP address are used as the network address. For example, in the host address 10.11.1.1/8, the address
10.0.0.0/8 is the network ID and the address 10.11.1.1 is the host address. In an IP address with the network prefix /16, the first 16 bits of the IP address are used as the
network address. For example, the network ID for the IP address 140.10.20.21 is 140.10.0.0, and the host address is 20.21.
Because the link lights on Computer1's NIC are lit, the NIC is not likely to be causing the connectivity problem in this scenario.
Computer1's default gateway address is the IP address for the router on the network, which indicates that Computer1's default gateway address is correctly configured.
The router's IP address is a valid address on the network, and the computers on the network are configured with the subnet mask 255.255.255.0, which is the correct subnet
mask for a non-subnetted Class C IP address range.
Objective:
Network Troubleshooting and Tools
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
4/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
What is a Broadcast Address?, http://www.tech-faq.com/broadcast-address.shtml
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #6 of 200
Question ID: 1123374
Users on your network have access to the Internet. As more users access the Internet, bandwidth starts to diminish, causing Web pages to load slowly. After looking at the Web
server logs, you have noticed that many of the same Web sites are being accessed by multiple users.
What should you do to improve your company's Internet bandwidth?
A) Implement an HTTP proxy server.
B) Implement a WINS server.
C) Implement an IP proxy server.
D) Implement a DNS server.
Explanation
Proxy servers fulfill requests on the behalf of others. There are several kinds of proxy servers, including HTTP proxy, IP proxy, and FTP proxy. An HTTP proxy server is placed
between the clients and the Internet. Frequently accessed files are placed in the cache on this server. When a client requests a file that is in the proxy cache, it will be
downloaded from the proxy server rather than from the source, potentially lowering bandwidth usage. A proxy server can be configured to retrieve the originals of frequently
requested files during low Internet usage hours so that content does not become outdated.
A DNS server provides a centralized database of domain name-to-IP address resolutions on a server or servers that other computers on a network can use for name resolution.
A WINS server is used to resolve NetBIOS names to IP addresses on Microsoft Windows networks.
An IP proxy server hides the local IP addresses of the private network, using one global IP address instead. All communication directed outside the local network is done using
this one IP address.
Objective:
Infrastructure
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
Working with Proxy Servers, https://technet.microsoft.com/en-us/library/cc939852.aspx
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Specialized Network Devices, Proxy Servers
Question #7 of 200
Question ID: 1289284
A user has just returned from a week-long conference. While attending the conference, the user connected their work laptop to both the hotel Wi-Fi and the conference Wi-Fi.
Now the user cannot connect to the company's Wi-Fi. What is most likely the issue?
A) Wrong SSID
B) Frequency mismatch
C) Latency
D) Jitter
Explanation
The most likely issue is an incorrect Service Set Identifier (SSID). Most wireless devices remember the previous SSID, even if you move to a new network, so you should always
check the SSID when troubleshooting. Also, it is very easy for a user to select the wrong SSID. They may not have the correct password or passphrase, and they may type in
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
5/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
the SSID name incorrectly. Checking for the correct SSID is often the first step to wireless troubleshooting. On most devices, you can set the device to remember an SSID and
its credentials. However, if the SSID or the credentials change, the device will be unable to automatically log in to the wireless network.
Jitter is the variance in latency rates. In a wireless network, jitter is commonly the result of diffraction, reflection or absorption. Different network segments may have different
factors that affect latency. When the rate of latency is inconsistent, it can cause service issues in latency-sensitive applications such as banking, e-commerce, and gaming. The
symptom of jitter is fluctuating transmission speeds.
Latency is the time it takes for network data to travel between the sender and the recipient. As wireless networks are slower than wired networks, latency is an inherent issue in
wireless networks. You can test and compare the latency of your wired and wireless connections network by using the ping command. The time= notation in the result tells you
the latency of that connection.
Frequency mismatch occurs when one device is operating at 2.4GHz and another device is operating at 5GHz. Both (or all) devices must be on the same frequency to
communicate. One solution to ensure coverage for all devices is to have one access point operating at 2.4 GHz and another operating at 5 GHz. You could differentiate the
access points by including the frequency in the SSID, such as MyNetwork2.4 and MyNetwork5. If you must operate two wireless access points in close proximity on the same
frequency, you can configure the wireless access points to use different channels.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wireless connectivity and performance issues.
References:
Should You Change the Default Name (SSID) of a Wireless Router?, https://www.lifewire.com/changing-default-name-ssid-wireless-router-816568
Question #8 of 200
Question ID: 1289199
To segregate employee traffic and guest traffic on your wireless network, you have decided to implement a plan whereby guest traffic is quarantined in a separate part of the
network. All employees have company-issued devices. What can you implement to ensure that only employees have access to the non-quarantined areas of the wireless
network?
A) TKIP-RC4
B) Shared or open authentication
C) MAC filtering
D) WPA
Explanation
Media Access Control (MAC) filtering allows the administrator to restrict device access to the network based on the MAC address associated with the Network Interface Card
(NIC) on that device. The administrator can set up a permission list (filter) on the router where only devices with specific MAC addresses are allowed on the network. A MAC
address is uniquely associated with a NIC, and is analogous to a Vehicle Identification Number (VIN) on an automobile. In essence, the MAC address is the serial number of the
NIC.
Shared authentication and open authentication were the two insecure methods of authentication utilized under Wired Equivalent Privacy (WEP). Neither of these allows you to
limit access to certain areas of the network.
Authentication for wireless can be configured to OSA or open system authentication (no authentication), shared key authentication (SKA), pre-shared key (PSK), or 802.1x/EAP.
An open wireless network does not require any form of authentication. Wireless OSA does not use an encryption key. Under SKA, all of the clients used the same key, making
the key very vulnerable to being cracked.
Temporal Key Integrity Protocol-Rivest Cipher 4 (TKIP-RC4) is an encryption method that was designed to provide security enhancements to wireless networks using WEP.
WEP was an extremely weak encryption standard. TKIP added a key distribution method whereby each transmission had its own encryption key, an authentication method to
verify message integrity, and an encryption method called RC4 (Rivest Cipher 4). WEP is based on RC4, but was poorly designed and used a too-short IV of only 24 bits instead
of the standard 64 bits used by RC4.
Wi-Fi Protected Access (WPA) was an interim security improvement over WEP. WPA was later replaced by Wi-Fi Protected Access version 2 (WPA2), which is the most secure
option for encrypting wireless.
Objective:
Network Security
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
6/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Sub-Objective:
Given a scenario, secure a basic wireless network.
References:
https://www.linksys.com/us/support-article?articleNum=140065
Question #9 of 200
Question ID: 1123494
Which condition might indicate that a network is undergoing a DoS attack?
A) a significant decrease in network traffic
B) a significant increase in network traffic
C) a slight decrease in network traffic
D) a slight increase in network traffic
Explanation
A significant increase in network traffic, often referred to as a traffic spike, might indicate that a network is undergoing a denial-of-service (DoS) attack, which occurs when a
hacker floods a network with requests. Virtualization can help to prevent DoS attacks. Performance baselines can help to determine if you are undergoing a DoS attack.
A DoS attack prevents authorized users from accessing resources they are authorized to use. An example of a DoS attack is one that brings down an e-commerce Web site to
prevent or deny usage to legitimate customers.
A significant decrease in traffic might indicate a problem with network connectivity or network hardware, or it might indicate a non-DoS hacker attack. Networks with slightly
fluctuating traffic levels are probably operating normally.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
Denial of service, http://searchsoftwarequality.techtarget.com/sDefinition/0,,sid92_gci213591,00.html
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Categories of Network Attacks
Question #10 of 200
Question ID: 1289267
You have been hired as a network consultant by a company. You discover that the network's signal strength greatly weakens as traffic travels over the network medium due to
absorption and scattering. What is the term for this tendency?
A) Harmonic distortion
B) EMI
C) Refraction
D) Intermodulation distortion
E) Attenuation
Explanation
In networking, attenuation is the term for a loss of signal strength as data travels over the network medium (cable). The attenuation rate is often the deciding factor when
selecting the medium to use for a particular length of network cable. Attenuation is also referred to a decibel (Db) loss.
For example, unshielded twisted-pair (UTP) cable has the greatest susceptibility to attenuation. This is why the maximum recommended segment length for UTP is limited to
100 meters (328 feet). ThinNet cable, on the other hand, has less susceptibility to attenuation; the signal can travel a distance of 185 meters (607 feet) before being adversely
affected by attenuation.
The opposite of attenuation is amplification. If you want to create a network that extends beyond the normally acceptable length of a particular cable type, you would need to
install a signal amplifier. In networking terms, this amplifier is called a "repeater."
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
7/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
All networks have a distance limitation based on the type of cable or wireless frequency that is used. If you attempt to go over this limitation is a single cable run without using a
repeater, signal attenuation will occur. Use repeaters to increase the distance for wired networks. For wireless networks, you should move the connecting device closer to the
wireless access point.
Electromagnetic interference (EMI) occurs when objects, such as fluorescent lighting, interfere with transmission over copper cabling. Radio frequency interference (RFI) occurs
when objects, such as cordless phones, interfere with transmission over wireless radio frequencies.
Crosstalk is a specialized type of EMI caused by parallel runs of twisted-pair cables. The only solution to this problem is to change the path of the cables.
Near end - Near-end crosstalk (NEXT) measures the ability of the cable to resist crosstalk. Most commercial cabling will give you the minimum NEXT values that are
guaranteed.
Far end - Far-end crosstalk (FEXT) measures interference between two pairs of a cable measured at the other end of the cable with respect to the interfering transmitter.
EMI affects cable placement. You should arrange cables to minimize interference. Ideally, Ethernet cables should not be placed close to high voltage cables, generators, motors,
or radio transmitters.
Refraction is the bending of waves as they pass from one medium to another, due to a change in their speed. Harmonic distortion is the distortion of a wave by unwanted
multiples of an original frequency, causing interruptions to the way the wave form behaves in electrical circuits, or sounds. Intermodulation distortion occurs when two different
frequencies are simultaneously passed through an amplifier
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Attenuation, http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci211613,00.html
Question #11 of 200
Question ID: 1289253
As a new network technician, you have been given a flash drive that contains several commands that you will use on a regular basis. You need to match the command to their
purpose.
Move the correct items from the left column to the column on the right to match the commands to their purpose.
{UCMS id=5175882110992384 type=Activity}
Explanation
The following commands have the following purposes
ping - tests connectivity to a remote host
ipconfig - displays network configuration settings for the local computer
nslookup - verifies entries on a DNS server
nbtstat - diagnoses problems with NetBIOS name resolution
You should understand the purpose of these common troubleshooting tools. You should also familiarize yourself with the proper command syntax for these commands.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
Using the ping command, http://technet.microsoft.com/en-us/library/cc737478(v=ws.10).aspx
Ipconfig, https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/ipconfig
Nbtstat, http://technet.microsoft.com/en-us/library/cc940106.aspx
Using nslookup.exe, http://support.microsoft.com/kb/200525
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
8/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #12 of 200
Question ID: 1289306
A new user is reporting a “Destination Host Unreachable” message. What is the most likely culprit?
A) Incorrect gateway
B) Rogue DHCP server
C) Incorrect time
D) Untrusted SSL certificate
Explanation
If you get a “Destination Host Unreachable” message, the most likely culprit is an incorrect gateway. Make sure the local machine and the default gateway are on the same
subnet. If what is entered as the gateway IP address is actually the IP address of the LAN side of the router, you will see a “Request timed out” message.
Incorrect time is not the issue in this scenario. The Network Time Protocol (NTP) uses UDP port 123 and is subject to a Denial of Service (DoS) attack. When the time is not
properly synchronized throughout the network, a multitude of issues can occur, including files and transactions with the incorrect time stamp. You can correct time issue by
selecting the Google time server time.google.com
An untrusted SSL certificate message can occur when the SSL certificate was not signed or issued by an organization that is trusted by the browser. The most common of these
errors is caused by a website using a trusted certificate, but it is missing one or more intermediate certificates.
A rogue DHCP server can be placed on the network through malicious intent or inadvertently through a virtual machine whose NIC is bridged with the physical machine’s NIC.
Rogue DHCP servers play a big role in man-in-the-middle attacks. However, DHCP servers do not affect communication with remote hosts, which is the issue in the scenario.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
Troubleshooting IP Default Gateway issues, https://community.extremenetworks.com/extreme/topics/troubleshooting_ip_default_gateway_issues-4aikf
Question #13 of 200
Question ID: 1289176
Your company has decided to implement an acceptable use policy (AUP) that must be distributed to all users. You have been asked to write the preliminary policy to submit for
management approval. What is defined in this policy?
A) which users require access to certain company data
B) which method administrators should use to back up network data
C) how users are allowed to employ company hardware
D) the sensitivity of company data
Explanation
An acceptable use policy (AUP) defines how users are allowed to employ company hardware. For example, an acceptable use policy, which is sometimes referred to as a use
policy, might answer the following questions: Are employees allowed to store personal files on company computers? Are employees allowed to play network games on breaks?
Are employees allowed to "surf the Web" after hours?
An information policy defines the sensitivity of a company's data. In part, a security policy defines separation of duties, which determines who needs access to certain company
information. Other security policies may be implemented to protect specific resources and define minimum security requirements for specific devices. A backup policy defines
the procedure that administrators should use to back up company information. While companies are able to monitor personnel activities, it is always best if the employer obtains
a consent to monitoring. If you do not ask personnel to consent to monitoring, you need to implement a no expectation of privacy policy that is prominently displayed on the
company intranet, email, and other areas.
A network policy outlines rules for computer network access, explains how policies are enforced, and lays out some of the basic architecture of the network.
Objective:
Network Operations
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
9/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Sub-Objective:
Identify policies and best practices.
References:
Acceptable Use Policy, http://www.sans.org/resources/policies/Acceptable_Use_Policy.pdf
CompTIA Network+ N10-007 Cert Guide, Chapter 13: Network Policies and Best Practices, Policies
Question #14 of 200
Question ID: 1289248
You are issued a network technician toolkit that contains several tools. Match the tools on the left to the descriptions on the right. Move the correct items from the left column to
the column on the right to match the tools with the descriptions.
{UCMS id=6216343172939776 type=Activity}
Explanation
The tools and descriptions are as follows:
Cable tester - Verifies that a cable is good
Crimper - Attaches media connectors to the ends of the cable
Loopback plug - Echoes signals over a port to ensure it is working properly
Multimeter - Includes a voltmeter, an ohmmeter, and an ammeter to measure voltage, current, and resistance, respectively
Punchdown tool - Attaches cable to a patch panel
Toner probe - Includes a tone generator and a tone locater to locate the ends of a cable
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Network+ Hardware Tools, http://blogs.getcertifiedgetahead.com/network-hardware-tools/
Question #15 of 200
Question ID: 1289246
You need to determine the length of a network cable. Which device should you use?
A) a tone generator
B) a crossover cable
C) a TDR
D) a hardware loopback
Explanation
You can use a time domain reflectometer (TDR) to determine the length of a network cable. A TDR sends an electric pulse through a cable and measures the time required for
the pulse to return. The TDR can then use this information to calculate the length of the cable. If the cable length calculated by the TDR is shorter than the expected length, then
you can reasonably deduce that there is a break in the cable. TDRs can detect a variety of cable problems, including short circuits, open circuits, splices, cable breaks, and taps.
You can use a crossover cable to connect the sending pins in one device directly to the receiving pins in another device. Crossover cables can be used to connect the network
interface cards (NICs) of two computers directly into a two-computer network. Crossover cables are also used to connect two hubs. You cannot use a crossover cable to
determine the length of a network cable. A hardware loopback is a plug that connects the sending and receiving pins on a connector for troubleshooting purposes. It is often
referred to as a loopback plug. For example, you can use a hardware loopback in conjunction with diagnostic software to determine whether a NIC is properly transferring data
signals. You can use a tone generator and a tone locator to trace network cables. You connect the tone generator to one end of a network cable, and then you use the tone
locator to determine where the other end of the network cable is located. A tone generator is sometimes referred to as a fox, and a tone locator is sometimes referred to as a
hound.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
10/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
What is a TDR?, http://www.tessco.com/yts/resourcecenter/pdfs/whatisatdr.pdf
TDR Tutorial - Introduction to Time Domain Reflectometry, http://tscm.com/riprcop.html
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #16 of 200
Question ID: 1289299
You administer a network for your company that has three subnets. The network is configured as depicted in the following exhibit:
You recently installed a computer named Unit1 on the network, and you configured Unit1 with the IP address 200.10.1.2/24. The user on Unit1 reports that he cannot use
Domain Name System (DNS) names to contact any computers on the network. The user also reports that he can only contact other computers on the 200.10.1.0/24 subnet; he
cannot connect to computers on the 200.10.2.0/24 subnet or the 200.10.3.0/24 subnet. You review the TCP/IP settings on Unit1 and discover that a default gateway address is
not configured. You want to configure a default gateway address on Unit1 so that the user can connect to the DNS server and to computers on the other subnets in the network.
Which address should you configure as the default gateway address?
A) 200.10.1.0/24
B) 200.10.3.1/24
C) 200.10.2.0/24
D) 200.10.2.2/24
E) 200.10.1.1/24
F) 200.10.3.3/24
G) 200.10.2.1/24
Explanation
You should configure the IP address 200.10.1.1/24 as the default gateway address. The default gateway address is the IP address of the side of RouterA nearest the client
device. Note that some computers do not support the /24 network prefix notation. In these cases, you would specify the default gateway of 200.10.1.1 and the subnet mask that
corresponds to the /24 network prefix, which is 255.255.255.0. An incorrect IP configuration or default gateway address will cause communication problems.
Wrong subnet mask - If a client computer's subnet mask is configured incorrectly, the client will be unable to communicate with devices outside the local network. You should
configure the appropriate subnet mask on the client device to fix this problem.
Wrong gateway - If a client computer's default gateway is configuration incorrectly, the client will be unable to communicate with devices outside the local network. You
should configure the appropriate default gateway on the client device to fix this problem.
Duplicate IP address - If a duplicate IP address is used on a network, both devices using that IP address will have trouble communicating. If the devices are configured with
static IP addresses, you will need to reconfigure one of the devices with another IP address. If the devices are configured with dynamic IP addresses, you can use the
ipconfig or ifconfig commands to release the IP address.
A router is a multi-homed device that accepts data packets from local subnets and forwards those data packets to other subnets. In this scenario, RouterA is connected to
subnet 200.10.1.0/24 and 200.10.2.0/24. Unit1 is on the 200.10.1.0/24 network, and Router A's interface 200.10.1.1/24 is also on the 200.10.1.0/24 subnet. The default gateway
for a computer is usually the local interface address for a router connected to the computer's subnet. The Unit1 computer should therefore be configured with the default
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
11/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
gateway address 200.10.1.1/24. If a computer cannot find a host on a local subnet, or if the destination host address is not in a local routing table on the computer, then the
computer will send data to the default gateway.
The IP address 200.10.1.0/24 is the network ID for SubnetA on the network. The IP address 200.10.2.0/24 is the network ID for SubnetB on the network. These addresses are
the subnet masks for their respective subnets, rather than default gateway addresses.
The IP address 200.10.2.1/24 is the address of RouterA's SubnetB adapter. The IP address 200.10.2.2/24 is the address of RouterB's SubnetB adapter, and the IP address
200.10.3.1/24 is the address for RouterB's SubnetC adapter. The first two addresses can be used as default gateway addresses for SubnetB, and the third address can be used
as the default gateway for SubnetC.
The IP address 200.10.3.3/24 is the IP address of the DNS server. You should configure Unit1 to contact the DNS server at its IP address of 200.10.3.3/24 after the default
gateway address is properly configured. The DNS server will enable the user on Unit1 to use DNS names rather than IP addresses to contact computers on the network
because the DNS server will resolve DNS names to IP addresses. If you configured Unit1 with a default gateway address other than 200.10.1.1/24, then Unit1 would not be able
to connect to the DNS server or computers on the other subnets because Unit1 would not be able to locate RouterA to forward data.
The DNS server can be placed anywhere on the network to service the requests of the computers on the network. For example, you could move the DNS server to the
200.10.2.0 subnet. If you move the DNS server to this subnet, then you must change the IP address to a valid, unused IP address on the subnet, such as 200.10.2.5/24. You
also need to change the DNS server's IP address configured for all the computers on the network that use the DNS server for domain name-to-IP address resolution. For
example, you should change the DNS server's IP address that is configured on the Unit1 computer to the DNS server's new address, so that Unit1 will be able to use the DNS
server for name resolution.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
Chapter 13: Network Troubleshooting, http://www.cisco.com/en/US/docs/voice_ip_comm/bts/5.0/troubleshooting/guide/13tg01.htmlb
Question #17 of 200
Question ID: 1123329
You need to perform some administrative maintenance on a Cisco router. You decide to connect your notebook computer to the console port on the router. Which type of cable
should you use?
A) crossover cable
B) rollover cable
C) patch cable
D) straight-through cable
Explanation
You should use a rollover cable to connect to the console port on any Cisco device. The pin configuration for a rollover cable is easy to remember because of the cable name.
The cable pin configuration is "rolled over" so that pin 1 on end 1 matches pin 8 on end 2, pin 2 on end 1 matches pin 7 on end 2, and so on, until a complete reversal is made.
In other words, the wires are in reverse order on opposite ends.
A crossover cable connects two legacy or non-MDIX compliant devices, such as two computers, two hubs, or two switches.
A patch cable and a straight-through cable are the same thing. This is the standard cable used to connect networking devices.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
Roll-over Cables, http://www.2000trainers.com/cisco-ccna-06/create-rollover-cable/
How to Identify an RJ-45 Rollover Cable, http://www.cisco.com/en/US/docs/cable/cmts/ubr10012/installation/guide/u10kcbl.html#wp1006093
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Media
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
12/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #18 of 200
Question ID: 1123509
What is the difference between an exploit and a vulnerability?
A) The two terms are interchangeable
B) An exploit is a flaw, and a vulnerability takes advantage of that flaw
C) A vulnerability is a flaw, and an exploit takes advantage of that flaw
D) An exploit is a threat, and a vulnerability is a flaw.
Explanation
When comparing exploits vs. vulnerabilities, a vulnerability is a flaw or weakness, and an exploit takes advantage of that flaw. As examples, a vulnerability could be a section of
code in an application that fails to validate user input against a range of acceptable values. The exploit would be the active use of that failure to validate to introduce malicious
data, such as an SQL injection attack.
A threat is the likelihood that an event is going to occur.
The terms exploit and vulnerability are not interchangeable.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
The difference between an exploit and vulnerability, http://www.livehacking.com/2012/11/20/the-difference-between-an-expoit-and-vulnerability/
Question #19 of 200
Question ID: 1289108
You have two wireless networks in your building. The wireless networks do not overlap. Both of them use Wi-Fi Protected Access (WPA).
You want to ensure that no unauthorized wireless access points are established. What should you do?
A) Disable SSID broadcast for the two wireless networks.
B) Change the two wireless networks to WEP.
C) Periodically complete a site survey.
D) Change the two wireless networks to WPA2.
Explanation
You should periodically complete a site survey to ensure that no unauthorized wireless access points are established. Site surveys generally produce information on the types of
systems in use, the protocols in use, and other critical information. You need to ensure that hackers cannot use site surveys to obtain this information. To protect against
unauthorized site surveys, you should change the default Service Set Identifier (SSID) and disable SSID broadcast. Immediately upon discovering an unauthorized wireless
access point using a site survey, you should physically locate the device and disconnect it. An unauthorized wireless access point is often referred to as a rogue access point
(AP).
You should not change the two wireless networks to WPA2 to ensure that no unauthorized wireless access points are established. This would increase the security for the two
networks and prevent hackers from accessing the networks. However, it would not prevent an attacker from setting up a new wireless access point.
You should not change the two wireless networks to WEP. WEP is less secure than WPA or WPA2.
You should not disable SSID broadcast for the two wireless networks to ensure that no unauthorized wireless access points are established. The reason you disable SSID
broadcast is to protect a wireless network from hackers and to prevent unauthorized site surveys. Disabling the SSID broadcast on your existing networks CANNOT prevent the
establishment of new wireless access points. The only way to prevent unauthorized wireless access point from being established is to periodically perform a site survey.
For the Network+ exam, you need to protect against the following wireless attacks or issues:
Evil twin - occurs when a wireless access point that is not under your control is used to perform a hijacking attack. It is set up to look just like a valid network, including the
same Set Service Identifier (SSID) and other settings.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
13/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Rogue access point (AP) - occurs when a wireless attack that is not under your control is connected to your network. With these devices, they are not set up to look just like
your network. This attack preys on users' failure to ensure that an access point is valid. You can perform a site survey to detect rogue APs.
War driving - occurs when attackers seek out a Wi-Fi network with a mobile device or laptop while driving a vehicle. You can lower the signal strength to help protect against
this attack. You should also turn off the broadcasting of the SSID and use WPA or WPA2 authentication.
War chalking - occurs when attackers place Wi-Fi network information on the outside walls of buildings. Keep an eye out for this type of information by periodically inspecting
the outside of your facilities.
Bluejacking - the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices. Turning off Bluetooth when not in use is the best protection against this.
Bluesnarfing - the unauthorized access of information from a wireless device through a Bluetooth connection. Once again, turning off Bluetooth when not in use is the best
protection against this.
WPA/WEP/WPS attacks - Any attacks against wireless protocols can usually be prevented by using a higher level of encryption or incorporating RADIUS authentication.
Wired Equivalent Privacy (WEP) should be avoided because even its highest level of encryption has been successfully broken. Wi-Fi Protected Setup (WPS) allow users to
easily secure a wireless home network but is susceptible to brute force attacks. Wi-Fi Protected Access (WPA) is more secure than WEP and WPS. WPA2 provides better
security than WPA.
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, implement the appropriate wireless technologies and configurations.
References:
Six Steps to a Wireless Site Survey, http://www.computerworld.com/s/article/9004641/Six_steps_to_a_wireless_site_survey
Wireless Site Survey FAQ, http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e9a96.shtml
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless LANs, Securing Wireless LANs
Question #20 of 200
Question ID: 1123464
Which of the following restrictions or requirements for a privileged user agreement does NOT adhere to best practices by clearly delineating the role and responsibility of those
who manage computers, systems, networks, or accounts and other information resources?
A) All privileged access shall be monitored and logged, and such access explained when needed.
B) Privileged access may only be used to perform assigned job duties.
C) Only those who sign the agreement will be granted privileged access.
D) Privileged access may only be used to grant, change, or deny access, privilege, or resources to other users for
authorized actions.
E) A user with privileged access may obtain account and password information from another user at will.
F) Those granted privileged access must complete security awareness training
Explanation
With the greatest powers to create, configure and manage systems and security, privileged users make the rules and set the conditions that all other users must follow on
systems and networks. This calls for extreme care, constant vigilance, and respect for ethics, confidentiality, and the responsibilities of the role. Not even privileged users should
be able to obtain account and password information from another user at will. Personnel must be trained to never give their credentials to anyone.
All of the other options are appropriate regarding privileged accounts. The basic rule of privileged access is that only those who take responsibility for their actions and agree to
the privileged user agreement, referred to as a Privileged User Agreement (PUA), will be granted such access.
Privileged access may only be used to perform assigned job duties. This statement enunciates the principal that privileged access is a duty to be carried out in strict accordance
with the requirements of the job at hand, as well as in compliance with best security practice, ethics, and good governance.
By documenting all actions that privileged users undertake, they may be held to account for their privileged actions at any time. Transparency is the key to proper security.
Use of privilege to establish, alter, or deny access, privileges, or resources for others should occur in keeping with the dictates of the job and one's employer's instructions, in
keeping with best security practice, ethics, and good governance.
Privileged users should understand and accept the consequences of their uses of privilege and fully understand the potential for loss, damage, or harm that can follow in the
wake of errors or mistakes.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
14/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Network Operations
Sub-Objective:
Identify policies and best practices.
References:
Security for Privileged Users https://security.arizona.edu/elevprivtraining
Model Privileged Access Agreement https://security.berkeley.edu/model-privileged-access-agreement
CompTIA Network+ N10-007 Cert Guide, Chapter 13: Network Policies and Best Practices, Best Practices
Question #21 of 200
Question ID: 1289304
You originally configured a redundant server with a static IP address, and it has been offline for some time. When you power the server up to performs some tests, what might
be an unexpected consequence?
A) Names not resolving
B) Incorrect host-based firewall settings
C) Duplicate IP addresses
D) Blocked TCP/UDP ports
Explanation
The consequence may be duplicate IP addresses. Duplicate IP addresses can occur when a DHCP server “thinks” an IP address is available. For example, a client machine
requests an IP address, and the DHCP server issues an address listed as available from the pool of addresses. A conflict may occur if a dormant machine comes back online
with an IP address that the DHCP server thought was expired and added back into the pool.
Names not resolving occurs when you enter a URL that you know to be valid, and the Domain Name System (DNS) does not provide the corresponding IP address for that
server. IP addresses, not the URLs we enter into the browser, are used to locate machines throughout a LAN or over the Internet. DNS provides the translation of URLs to IP
addresses and vice versa, known as name resolution. This would not be an issue because the server should still be able to communicate with the DNS server.
Incorrect host-based firewall settings present security risks. Host-based firewalls are often configured by untrained users, and only protect a single machine. Once that hostbased firewall has been breached, the device on which the host-based firewall is installed is at risk. The configuration of the firewall should be fine as it is a host-based firewall,
meaning it is installed on the server.
Blocked TCP/UDP ports are often necessary to protect the network from insecure protocols that are easily exploited by hackers. Ports that are often blocked include TCP port
23 (Telnet), TCP port 21 (FTP), TCP/UDP port 53 (DNS, as a post-attack exit port), and UDP port 161 (SNMP). Blocked TCP/UDP ports were likely configured based on security
policies and should not be changed unless you are authorized to do so.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
Detect and Avoid IP Address Conflicts, https://technet.microsoft.com/en-us/library/ff606371.aspx
Question #22 of 200
Question ID: 1123290
Your company has decided to implement a wireless network. The wireless network users must be able to connect to resources on your internal network, including file, print, and
DHCP services. All wireless clients will run the Windows operating system.
What should you implement? (Choose all that apply.)
A) APIPA
B) Static IP addresses
C) A wireless access point
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
15/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
D) Infrastructure mode
E) Ad hoc mode
Explanation
Infrastructure mode allows wireless computers to connect to a LAN, WAN, or the Internet. This means that infrastructure mode wireless computers can access all computers on
the LAN, WAN, and Internet. Infrastructure mode is much more expensive to implement than ad hoc mode because you must configure wireless access points. While
infrastructure mode is harder to set up and configure, it is much easier to manage than ad hoc mode.
Ad hoc mode allows wireless computers to be configured much more quickly than infrastructure mode. Ad hoc mode wireless computers all participate in the same network. This
means that the ad hoc wireless computers can access each other, but cannot access network resources on a LAN, WAN, or Internet. Ad hoc mode is much cheaper than
infrastructure mode to implement. In addition, it is easy to set up and configure and can provide better performance than infrastructure mode. However, it is difficult to manage
an ad hoc mode wireless network.
Static IP addresses should not be implemented because the corporate network contains a DHCP server. APIPA should not be used for the same reason. In addition, APIPA is
utilized only if a DHCP server is not found.
Objective:
Networking Concepts
Sub-Objective:
Compare and contrast the characteristics of network topologies, types and technologies.
References:
A Guide to Ad-Hoc Mode in Networking, https://www.lifewire.com/ad-hoc-mode-in-wireless-networking-816560
Wireless LANs: Extending the Reach of a LAN, http://www.ciscopress.com/articles/article.asp?p=1156068&seqNum=4
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless LANs, Introducing Wireless LANs
Question #23 of 200
Question ID: 1289144
You connect a home computer to a BRI ISDN line. The Bandwidth On Demand Interoperability Group (BONDING) protocol is used to combine the channels.
What is the maximum data transfer rate of the B channels?
A) 44.736 Mbps
B) 1.544 Mbps
C) 128 Kbps
D) 56 Kbps
Explanation
Each B channel in a Basic Rate Interface (BRI) Integrated Services Digital Network (ISDN) connection can provide a maximum data transfer rate of 64 kilobits per second
(Kbps). A BRI ISDN line provides a total of two bearer (B) channels, which can be combined by the bonding protocol to provide a total maximum data transfer rate of 128 Kbps.
A BRI ISDN line also provides a single delta (D) channel, which is used to transfer connection control data. A BRI ISDN D channel operates at a data transfer rate of 16 Kbps.
BRI ISDN is sometimes referred to as 2B+D ISDN because BRI ISDN provides two B channels and one D channel.
The V.90 analog modem standard is a modem standard that is accepted worldwide. This technology is often referred to as dial-up access. In theory, a V.90 analog modem can
provide a maximum data transfer rate of 56 Kbps. However, an analog modem rarely achieves the maximum data transfer rate due to factors such as line noise and the distance
between the modem and the telephone company's Point of Presence (POP). T1 connections and Primary Rate Interface (PRI) ISDN connections provide a data transfer rate of
1.544 megabits per second (Mbps). PRI ISDN, which is sometimes referred to as 23B+D ISDN, provides twenty-three 64-Kbps B channels and a 64-Kbps D channel for a total
data transfer rate of 1.544 Mbps. A T3 connection provides a data transfer rate of 44.736 Mbps.
Objective:
Infrastructure
Sub-Objective:
Compare and contrast WAN technologies.
References:
Integrated Digital Services Network Primer, http://www.ciscopress.com/articles/article.asp?p=29737
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
16/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
CompTIA Network+ N10-007 Cert Guide, Chapter 7: Wide Area Networks (WANs), WAN Technologies
Question #24 of 200
Question ID: 1289270
You need to solve a traffic problem occurring on a large Ethernet network. Within this large segment, the accounting department is flooding the network with a high volume of
data, which causes the entire network to slow down. Which device is a quick and low-cost solution to isolating the accounting department?
A) bridge
B) router
C) gateway
D) repeater
Explanation
A bridge provides a quick and low-cost solution for dividing a network into different segments for the purposes of reducing network traffic. Bridges work by building routing tables
based on MAC addresses. These routing tables enable bridges to determine which packets need to pass through the bridge to another segment, versus which packets should
stay on the local segment. In this scenario, the Accounting department is currently sharing the bandwidth of the entire segment. Using a bridge to place this department on its
own segment means the traffic of this segment will stay on the local segment, thus reducing the overall traffic of the network. Only packets destined for other segments will pass
through the bridge.
A bridge is not an optimal choice for reducing intersegment traffic. In such a case, a router or gateway would be a better choice.
A router is used to connect networks that are dissimilar in either topology or Internet Protocol (IP) address. It could be used in this scenario, but it would not be a low-cost
solution.
A gateway is used to connect networks that use different protocols.
A repeater is used to extend the length of network beyond the cable's maximum segment distance. It takes a received frame's signal and regenerates it to all other ports on the
repeater.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Router vs. Switch, http://compnetworking.about.com/od/homenetworkhardware/f/routervsswitch.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 43: Network Troubleshooting
Question #25 of 200
Question ID: 1289083
Which media-access method does the 802.11 standard specify for wireless networks?
A) Token-passing
B) Demand priority
C) CSMA/CD
D) CSMA/CA
Explanation
The IEEE 802.11 standard, which is the main standard for wireless LANs, specifies using Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) for its media access
method. Like an Ethernet network, which uses Carrier Sense Multiple Access/Collision Detection (CSMA/CD), wireless adapter cards "sense," or listen, for network traffic before
transmitting. If the network is free of traffic, the station will send its data.
However, unlike an Ethernet network, wireless network cards cannot send and receive transmissions at the same time, which means that they cannot detect a collision. Instead,
the sending station will wait for an acknowledgement packet (ACK) to be sent by the destination computer, verifying that the data was received. If, after a random amount of
time, an acknowledgement has not been received, the sending station will retransmit the data. The 802.11 standard also refers to CSMA/CA as Distributed Coordination
Function (DCF).
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
17/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Carrier Sense Multiple Access/Collision Detection (CSMA/CD) computers compete for the right to send data. In CSMA/CD, when a collision occurs, the computers sending the
data wait a random amount of time before attempting to retransmit the data.
Token-passing access methods allow only the one computer that has the token to transmit data, meaning there is no contention for media access.
Demand priority is an 802.12 standard known as 100VG-AnyLAN. It operates at 100 Mbps. In the event of contention on the network, the higher-priority data is given access
first.
Other network theories and concepts you must understand for the Network+ exam include modulation techniques and numbering systems:
Modulation techniques - Modulation is the process of encoding source data onto a continuous carrier signal frequency.
Multiplexing - Multiplexing allows multiple communications sessions to share the same physical medium.
De-multiplexing - De-multiplexing separates 2 or more multiplexing channels.
Analog and digital techniques - With analog, transmission of data is done in the form of continuous waveforms. With digital, the transmission of discrete data uses two
distinct electric states: '1' for "on" and '0' for "off".
Time-division multiplexing (TDM) - TDM supports different communication sessions (for example, different telephone conversations in a telephony network) on the same
physical medium by causing the sessions to take turns.
Numbering systems - Binary, hexadecimal, and octal refer to different number systems. In the decimal system, you use ten different symbols: 0, 1, 2, 3, 4, 5, 6, 7, 8, and 9.
In a binary number system, you use only two symbols to represent numbers: 0 and 1. The hexadecimal system uses sixteen symbols to represent numbers: 0, 1, 2, 3, 4, 5,
6, 7, 8, 9, A, B, C, D, E, and F. Octal uses eight symbols to represent all the quantities: 0, 1, 2, 3, 4, 5, 6, and 7.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
References:
802.11 Medium Access Methods, http://www.wi-fiplanet.com/tutorials/article.php/1548381
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless Technologies, Introducing Wireless LANs
Question #26 of 200
Question ID: 1123359
You are setting up your company's VoIP infrastructure. One remote office location has audio problems when placing or receiving calls. At times, speech quality is poor, or there
is a noticeable and distinct echo for call audio. In troubleshooting a possible system configuration issue, which of the following possibilities do you want to eliminate first?
A) Echo cancellation has been misconfigured or has not been applied.
B) Check to make sure system updates have been applied.
C) The call terminates on an analog endpoint.
D) Compression mode setting differs between caller and receiver devices.
E) H.323 protocol support has not been selected.
Explanation
You should first determine whether the call terminates on an analog endpoint. Dealing with audio quality issues on Voice over Internet Protocol (VoIP) is an occasional necessity.
But before digging into the usual troubleshooting routine, it is essential to establish if the problem call or connection terminates on VoIP equipment on both sides. If one end of a
call terminates on an analog endpoint, occasional audio problems are inevitable.
Non-VoIP equipment cannot provide routine compression, echo cancellation, and sound quality enhancements. When a call terminates on an analog endpoint, this is really
nothing to troubleshoot (aside from replacing the analog endpoint). So that possibility should be eliminated first before troubleshooting commences.
All of the other steps should be verified after you ensure that both endpoints are VoIP, not analog.
If echo cancellation is misconfigured or not enabled, echoes are far more likely on VoIP calls. But these two steps apply only if the call is VoIP from end-to-end.
Ideally, both ends of a VoIP call should use the same compression mode settings, because that offers the best assurance for the highest possible signal quality.
The H.323 protocol is the most widely used protocol for packet voice communications. Its selection versus other voice protocols, such as SIP, does not significantly affect call
quality and echo one way or other.
On any kind of software system, checking to make sure updates have been applied is a time-honored best practice for system management. However, such updates may have
nothing to do with call quality if one end of the call terminates on an analog endpoint.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
18/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Infrastructure
Sub-Objective:
Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them.
References:
Avaya IP Office Troubleshooting: VoIP Calls Echo or Have Poor Speech Quality, http://www.carrollcommunications.com/ipoffice_troubleshoot/8.html
H.323 and SIP Integration, https://www.cisco.com/en/US/tech/tk652/tk701/technologies_white_paper09186a0080092947.shtml
CompTIA Network+ N10-007 Cert Guide, Chapter 4: Ethernet Technology, Ethernet Switch Features
Question #27 of 200
Question ID: 1289217
Your organization has several VLANs implemented on its network. The VLANs operate across several switches. What do all users on a VLAN have in common?
A) Collision domain
B) Broadcast domain
C) TCP/IP subnet
D) Cable segment
Explanation
VLANs place users from many locations into the same broadcast domain. A single VLAN can span multiple physical LAN segments, collision domains, and TCP/IP segments.
VLANs can be based on work function, common applications or protocols, department, or other logical groupings. VLAN assignment is configured at the switch for each device
that is connected to the switch. VLANs enable many users at many locations to be in the same broadcast domain. Remember, routers define broadcast domains, and because
switches are Layer 2 devices, they do not segment broadcast domains; instead, they segment collision domains.
VLANs span multiple collision domains, subnets, and cable segments, so users would not have these aspects of the network in common. IEEE 802.1Q is the networking
standard that supports VLANs on an Ethernet network. Broadcast domains can be created using switches or routers.
Objective:
Network Security
Sub-Objective:
Explain common mitigation techniques and their purposes.
References:
VLANs Defined, http://docwiki.cisco.com/wiki/LAN_Switching_and_VLANs#VLANs_Defined
CompTIA Network+ N10-007 Cert Guide, Chapter 4 Ethernet Technology, Ethernet Switch Features
Question #28 of 200
Question ID: 1123575
You have been hired as a network technician. As part of your technician's kit, you have been issued a basic digital multimeter with no extra probes. What is the primary function
of this device?
A) connects RJ-45 jacks to an Ethernet cable
B) measures the light signal energy
C) measures the temperature of a chip on motherboard
D) tests voltage
Explanation
A digital multimeter is a tool that can test voltage. For example, you can use a digital multimeter to test the voltage output of a power supply or to test for breakage in a
telephone or Ethernet cable. To use a digital multimeter to measure light signals or temperatures, you will need a light signal probe or temperature probe.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
19/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A wire crimper is used to connect an RJ-45 connector to an Ethernet cable. An optical tester tool measures the amount of light signal energy being emitted from an optical cable.
It is similar to a cable tester that is used for twisted-pair cable. This can also be referred to as a light meter.
A digital infrared thermometer measures the temperature of a chip or motherboard system chassis.
A punchdown tool is used to attach network wires to a punchdown block. A loopback adapter is used to test the functionality of a network port.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #29 of 200
Question ID: 1289271
You need to create a cable that will allow you to get a link light on your network interface card (NIC) when the NIC is not plugged into a hub or switch. Which type of cable should
you use?
A) crossover cable
B) straight-through cable
C) loopback cable
D) rollover cable
Explanation
You should use a loopback cable. A loopback cable is used to test the network function of the NIC by allowing it to send and receive network communication with itself.
A crossover cable connects two legacy or non-MDIX compliant devices, such as two computers, two hubs, or two switches.
A patch cable and a straight-through cable are the same thing. This is the standard cable used to connect networking devices.
You should not use a rollover cable. A rollover cable connects the console port on any Cisco device. The pin configuration for a rollover cable is easy to remember because of
the cable name. The cable pin configuration is "rolled over" so that pin 1 on end 1 is pin 8 on the other, pin 2 on end 1 is pin 7 on the other, and so on until a complete reversal is
made. The wires are in reverse order on opposite ends.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Loopback cable, http://www.ortizonline.com/publications/april2004/loopback.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #30 of 200
Question ID: 1289302
A network contains 150 Windows client computers that all receive their IP configuration from a DHCP server. The network is divided into two subnets. The network administrator
decides to move a client computer from one subnet to another. After moving the client, the computer is having trouble communicating on the network. You suspect that the client
computer is using an IP address from the old subnet. You need to run the appropriate commands to ensure that the client computer receives a new IP address.
Select the appropriate command(s) from the left and place them in the appropriate order on the left. Only select commands that are necessary for the scenario. The scenario
may include one or more commands. Order is important.
{UCMS id=5166797584072704 type=Activity}
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
20/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
For this scenario, you need to release and renew the DHCP lease for the client computer. You do this by running the following commands:
ipconfig /release
ipconfig /renew
The ipconfig /all command will display all the TCP/IP settings for the computers.
The ipconfig /flushdns command removes the contents of the computer's DNS cache.
The ipconfig /registerdns command registers the computer's DNS host name with the DNS server.
The ipconfig /displaydns command displays the contents of the computer's DNS cache.
The ipconfig /showclassid command will display the DHCP class ID assigned to the client computer.
The ipconfig /setclassid command will configure the DHCP class ID for the client computer.
You should only select commands needed for the scenario. In some cases, only a single command may be necessary.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
Ipconfig, https://technet.microsoft.com/en-us/library/bb490921.aspx
Question #31 of 200
Question ID: 1123376
Your company has decided to implement unified communication. You have been asked to implement a VoIP network. You need to connect the VoIP network to your company's
PBX. What should you implement?
A) UC server
B) DSCP
C) multicast
D) QoS
E) unicast
F) UC gateway
Explanation
You should implement a unified communication (UC) gateway to connect the VoIP network to your company's PBX.
Unified communications include VoIP, video, real-time services, quality of service (QoS), and UC devices. VoIP allows you to transmit voice communications over an IP network.
Real-time services include instant messaging, presence information, voice, mobility features, conferencing services, desktop sharing, data sharing, call control, and speech
recognition. Real-time services support both multicast and unicast communications. In unicast, one packet is transmitted to only one destination at a time. On the other hand,
multicast sends packets to multiple destinations which is represented by a group address.
QoS allows you to give priority to communications based on different factors, including IP address, protocol, and so on. It includes Differentiated Services Code Point (DCSP)
and Class of Service (COS). DCSP is a field in an IP packet that enables different levels of service to be assigned to network traffic. COS manages traffic in a network by
grouping similar types of traffic together and treating each type as a class with its own level of service priority.
UC devices include UC servers, UC devices, and UC gateways. UC servers are responsible for managing the UC communications. UC devices help transport and monitor UC.
UC gateways connect VoIP networks to other types of networks, such as PBX networks.
For VoIP implementations, you also need to understand VoIP private branch exchange (PBX) and VoIP gateway. A VoIP PBX is a device where voice traffic is encapsulated
inside data packets for transmission across a data network. A VoIP PBX operates between a VoIP network and a traditional telephone network. A VoIP gateway is a device that
converts telephony traffic into IP for transmission over a data network.
Objective:
Infrastructure
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
21/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Voice over IP Protocols and Components
Question #32 of 200
Question ID: 1123240
Which of the following indicates the largest number of bytes allowed in a frame?
A) CSMA/CD
B) MTU
C) CSMA/CA
D) PDU
Explanation
Maximum transmission units (MTUs) indicate the largest number of bytes allowed in a frame. If the MTU size is reduced, network performance is affected. Also, if the MTU is too
large, a packet may be rejected by the device receiving the packet.
Carrier Sense Multiple Access/Collision Detection (CSMA/CD) is a feature of Ethernet switches that slows down the traffic on wired networks when bottlenecks occur. It uses
rules to determine how network devices should respond when two devices attempt to use a data channel simultaneously and a collision occurs.
Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) is a feature that creates a collision-free communication channel between the transmitting device and the receiver.
A protocol data unit (PDU) is the term for a package of data (encapsulated data) as it travels through the OSI layers. Depending on the layer, the PDU will have a different name,
such as "frame" and "packet." The name of the PDU indicates the layer and the type of information in the encapsulation.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
References:
MTU Size Issues, https://www.networkworld.com/article/2224654/cisco-subnet/mtu-size-issues.html
Question #33 of 200
Question ID: 1289225
You installed a network in a company executive's home office to allow her to securely access the corporate network and work from home. It has worked properly for three
months, but now she says that it is broken. What should you do first to troubleshoot this problem?
A) Establish a plan of action.
B) Identify the problem.
C) Establish a theory of probable cause.
D) Test the theory to determine cause.
Explanation
According to the general troubleshooting strategy, the first thing you should do when troubleshooting a problem is to identify the problem. This includes gathering information,
duplicating the problem, questioning users, identifying symptoms, determining if anything has changed, and approaching multiple problems individually. The user's statement
that the network is "broken" does not clarify whether there is an issue with hardware or software, with user error, or with an external vendor such as the network service provider.
If a user complains that he is unable to access a server or printer resource on the network, you should first ask if the user is able to access any network resources. This will
perhaps help to narrow your search from the entire network to a single device. The troubleshooting order according to the CompTIA Network+ blueprint is as follows:
1. Identify the problem.
Gather information.
Duplicate the problem, if possible.
Question users.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
22/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Identify symptoms.
Determine if anything has changed.
Approach multiple problems individually.
1. Establish a theory of probable cause.
Question the obvious.
Consider multiple approaches.
Top-to-bottom/bottom-to-top OSI model
Divide and conquer
1. Test the theory to determine cause.
Once theory is confirmed, determine next steps to resolve problem.
If theory is not confirmed, re-establish new theory or escalate.
1. Establish a plan of action to resolve the problem and identify potential effects,
2. Implement the solution or escalate as necessary,
3. Verify full system functionality and if applicable implement preventive measures.
4. Document findings, actions, and outcomes.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Explain the network troubleshooting methodology.
References:
CompTIA.org - Network+ N10-007 Exam Objectives (Objective 5.1)
Question #34 of 200
Question ID: 1123399
You are a network administrator for a company that maintains LANs in Los Angeles and Paris. You want to use PPTP to create a VPN connection between the LAN in Paris and
the LAN in Los Angeles. A PPTP server has been configured on each LAN.
Which protocol should you use to establish a connection between the PPTP servers?
A) PPP
B) HTTP
C) SLIP
D) Telnet
Explanation
Of the choices presented, you should use Point-to-Point Protocol (PPP) to establish a connection between the Point-to-Point Tunneling Protocol (PPTP) server in Los Angeles
and the PPTP server in Paris. You can use PPP to transmit TCP/IP network communications over point-to-point connections. PPP can also be used to transmit other network
protocols, such as Network Basic Input/Output System Extended User Interface (NetBEUI) and Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX). PPP
supports error checking and automatic configuration of network protocol parameters. Multilink PPP is a communications protocol that enables a computer to use two PPP ports
to provide greater bandwidth.
PPTP is an extension of PPP that was created by Microsoft to establish virtual private network (VPN) connections. To create a VPN connection between the two computers in
this scenario, you should first establish a PPP connection between the PPTP server in Los Angeles and the PPTP server in Paris. Then, you should establish a PPTP
connection through the PPP connection. Note that PPP is not used to establish a VPN connection. PPP acts as a carrier for PPTP, which is used to establish a VPN connection.
Serial Line Internet Protocol (SLIP) is an older point-to-point protocol that enables the transmission of TCP/IP communications over a serial connection. SLIP only supports
TCP/IP, and SLIP does not support error checking or automatic configuration of network protocol parameters. You cannot use SLIP to establish a VPN connection. Hypertext
Transfer Protocol (HTTP) is used to transmit Web pages. Telnet is used to establish a console session with a remote host on a TCP/IP network. You cannot use HTTP or Telnet
to establish a VPN connection.
Objective:
Infrastructure
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
23/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Sub-Objective:
Compare and contrast WAN technologies.
References:
PPP, http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci214311,00.html
Question #35 of 200
Question ID: 1123507
Which of the following attacks directs user traffic to a malicious web site without any outside communication from an attacker?
A) DNS poisoning
B) Ransomware
C) Phishing
D) ARP poisoning
Explanation
DNS poisoning, also known as DNS cache poisoning, can direct user traffic to a malicious web site. The attack is accomplished by inserting a bogus record in the DNS server
cache, redirecting traffic from the "good" web site to the malicious web site.
Phishing is the action of sending out an email that is designed to trick the user into giving up their personal information. That information is then exploited by criminal. Phishing
emails appear to come from legitimate companies, and when the user clicks on a link in the email, the user is directed to a website that appears authentic. The user then fills in
account information, which is captured by the criminal. However, this attacks requires outside communication from the attacker of some sort.
Address Resolution Protocol (ARP) poisoning occurs when an attacker sends counterfeit messages on the network, resulting in the replacement of a legitimate user's MAC
address with the attacker's MAC address. Once that happens, the attacker will begin receiving traffic destined for the legitimate user.
Ransomware is an attack that holds a computer hostage until the user pays a fee. The attacks often begin as an urgent email, where the user is directed to click a link or open a
document to resolve the issue. Once the user completes the action, malicious software is installed on the user's computer, often locking the user out of the system until a fee is
paid.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
3 Common DNS Attacks and How to Fight Them, https://www.calyptix.com/top-threats/3-common-dns-attacks-and-how-to-fight-them/
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Categories of Network Attacks
Question #36 of 200
Question ID: 1289158
Which of the following types of backups would back up data that has NOT been changed since the last backup?
A) System snapshot
B) Full backup
C) Incremental backup
D) Differential backup
Explanation
Full backups backup all of the files on a system, regardless of whether the data has been changed or not. While full backups provide the protection in case of a failure, they take
the most time and require the most storage resources to accomplish. A full backup resets the archive bit, which is the indicator in file attributes that tells the OS whether or not
the file needs to be backed up. When a file is created or modified, the archive bit is “set” or turned on.
Differential backups look at the archive bit and back up all data whose archive bit is set. Differential backups do not reset the archive bit. If, for example, a full back up is
performed on Sunday, a differential backup performed on Monday night will back up all of Monday’s new files and modifications, without resetting the archive bit. A differential
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
24/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
backup performed on Tuesday night will back up all of Monday’s new/modified files as well as all of Tuesday’s new/modified files. Wednesday night’s backup will process
changes from Monday, Tuesday and Wednesday. To restore data, the administrator would restore the full backup and the most recent differential backup.
Incremental backups look at the archive bit and back up all data whose archive bit is set. Unlike differential backups, however, incremental backups reset the archive bit. If, for
example, a full back up is performed on Sunday, an incremental backup performed on Monday night will back up all of Monday’s new files and modifications, while resetting the
archive bit. An incremental backup performed on Tuesday night will only backup all of Tuesday’s new/modified files and reset the archive bit. Wednesday night’s backup will
process Wednesday’s changes and reset the archive bit. To restore data, the administrator would restore the full backup and each of the incremental backups.
Snapshots create a system image at a given point in time. While they can be considered a form of backup, snapshots are not concerned with archive bits and capture the entire
system state.
Objective:
Network Operations
Sub-Objective:
Compare and contrast business continuity and disaster recovery concepts.
References:
Tips & Tricks for Better Business Backup and Recovery for World Backup Day, https://www.acronis.com/en-us/blog/posts/tips-tricks-better-business-backup-and-recovery-worldbackup-day
CompTIA Network+ N10-007 Cert Guide, Chapter 9: Network Optimization, High Availability
Question #37 of 200
Question ID: 1289141
What should you implement to isolate two of the devices that are located on a storage area network (SAN) fabric containing eight devices?
A) virtual SAN
B) HBA allocation
C) VLAN
D) SAN snapshots
Explanation
You should implement a virtual storage area network (vSAN) to isolate two of the devices that are located on a SAN fabric containing eight devices. A vSAN is a collection of
ports from a set of connected Fibre Channel switches that form a virtual fabric. You can partition ports within a single switch into multiple VSANs, despite sharing hardware
resources.
Do not confuse a vSAN with virtual storage. In recent years, virtual storage solutions like Microsoft's SkyDrive and Amazon's CloudDrive have been developed to provide online
storage and sharing of data.
SAN snapshots are a type of SAN backup. SAN snapshots do not use typical backup methods.
Host bus adapter (HBA) allocation is a method for allocating resources in a SAN. HBA allocation uses either soft zoning or persistent binding. Soft zoning allows resources to be
moved. Persistent bonding links resources with a specific logical unit number (LUN).
A virtual LAN (VLAN) is created using switches. Device isolation on a SAN fabric does not require a VLAN.
Your SAN may need to include redundant storage solutions to ensure that data is always available. For the Network+ exam, you need to understand the following concepts:
iSCSI - allows you to send SCSI commands over an IP-based network. It also can be used to connect a networked attached storage (NAS) device to an Ethernet network.
To improve the performance of data transfers over iSCSI switches, you should set the maximum transmission unit (MTU) to 9000 on the each of the participants in the
vSAN.
Jumbo Frame - an Ethernet frame with a payload greater than the standard MTU of 1,500 bytes. It supports at least 1 Gbps and can be as large as 9,000 bytes.
Fibre Channel - transmits data between computer devices at data rates of up to 4 Gbps (with 10 Gbps coming in the future). While it can use fiber optic or coaxial cabling, it
provides the best distance (approximately 10 km) using fiber optic cabling.
Network attached storage (NAS) - provides both storage and a file system. This is often contrasted with SAN (Storage Area Network), which provides only block-based
storage and leaves file system concerns with the client. It uses file-based protocols such as UNIX's NFS, Microsoft's Server Message Block/Common Internet File System
(SMB/CIFS), Apple's AFP, or Novell Netware's NCP. This would be the most cost efficient solution for a SQL server that needs several terabytes of disk space available to
do an uncompressed backup of a database.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
25/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Infrastructure
Sub-Objective:
Explain the purposes of virtualization and network storage technologies.
References:
Virtual storage area network (VSAN), http://searchstorage.techtarget.com/definition/virtual-storage-area-network
Question #38 of 200
Question ID: 1289057
You use a computer on a TCP/IP network to transfer data through well-known TCP port 80.
Which protocol is most likely being used to transfer data?
A) FTP
B) HTTP
C) SMTP
D) POP3
Explanation
Hypertext Transfer Protocol (HTTP) is assigned to the well-known Transmission Control Protocol (TCP) port 80, so you are most likely using HTTP to transfer data. HTTP is
used to transfer data between Web browsers and Web servers on a TCP/IP network. HTTP is a stateless protocol, which means that neither the server nor the client collect or
maintain information about one another. HTTP works at the Application layer (Layer 7) of the OSI model.
HTTP 1.1 improved the performance of HTTP by adding persistent connections and Web browser caching. With HTTP 1.0, a Web client had to establish a connection to a Web
server for each object on a Web page. Under HTTP 1.0, if a Web page named index.htm had 100 objects, then a Web client would need to establish 100 connections with a
Web browser to download the index.htm Web page. Under HTTP 1.1, a Web client only needs to establish a single connection to download index.htm. HTTP 1.1 also provides
Web page caching, which enables Web browsers to locally store frequently viewed Web pages. HTTP 1.1 performs approximately 50 percent more efficiently because of
connection persistence and Web page caching.
File Transfer Protocol (FTP) uses the well-known TCP ports 20 and 21. FTP is used to transfer data between FTP clients and FTP servers on a TCP/IP network. FTP works at
the Application layer of the OSI model.
Post Office Protocol 3 (POP3) uses well-known TCP port 110. POP3 is used to transfer e-mail messages from e-mail servers to e-mail clients. POP3 works at the Application
layer of the ISO model.
Simple Mail Transfer Protocol (SMTP) uses well-known TCP port 25. SMTP is used to transfer e-mail messages among e-mail servers and to transfer e-mail messages from email clients to e-mail servers. SMTP works at the Application layer of the OSI model.
Protocols can use either User Datagram (UDP) or TCP to communicate. UDP is connectionless, while TCP is connection-oriented.
For the Network+ exam, you need to know the following protocols and their default ports:
FTP – 20, 21
SSH, SFTP – 22
TELNET – 23
SMTP – 25
DNS – 53
DHCP – 67, 68
TFTP – 69
HTTP – 80
POP3 – 110
NTP – 123
NetBIOS – 137–139
IMAP – 143
SNMP – 161
LDAP – 389
HTTPS – 443
SMB – 445
LDAPS – 636
H.323 – 1720
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
26/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
MGCP – 2427/2727
RDP – 3389
RTP – 5004/5005
SIP – 5060/5061
Objective:
Networking Concepts
Sub-Objective:
Explain the purposes and uses of ports and protocols.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, Table 2-1 Application Layer Protocols/Applications
Computer Network Glossary - Port Number: Ports 50-99, http://compnetworking.about.com/od/tcpip/l/blports_gl50.htm
Question #39 of 200
Question ID: 1289273
You are connecting a switch to a router. You just made a cable with each end configured differently, one 568A and the other 568B. When you plug in the cable, the devices
cannot communicate. What is the most likely cause?
A) Incorrect cable type
B) Open/short
C) Jitter
D) Bent pins
Explanation
You have an incorrect cable type. You made a crossover cable when you needed a straight-through cable. In general, a straight-through cable is used when you are connecting
two different pieces of equipment, as in a computer and a switch or a router and a switch. The straight-through cable has matching 568A or 568B connectors, but not both. A
crossover cable is used when you are connecting two like pieces of equipment, such as two routers. A crossover cable will have one end configured as 568A and the other as
568B.
A rollover cable is wired differently from either a crossover cable or a straight-through cable. A rollover cable connects a computer to console port of a router or switch. The cable
pin configuration is "rolled over" so that pin 1 on end 1 matches pin 8 on end 2, pin 2 on end 1 matches pin 7 on end 2, and so on, until a complete reversal is made. In other
words, the wires are in reverse order on opposite ends.
Some newer routers and switches have an auto-sense connection type that will allow you to use either type of cable. However, it is always better to use the appropriate cable
just in case you are dealing with legacy devices that do not auto-sense.
Jitter is the variance in latency rates. Different network segments may have different factors that affect latency. When the rate of latency is inconsistent, it can cause service
issues in latency-sensitive applications like banking, e-commerce, and gaming.
Bent pins can occur when someone tries to “jam” an RJ-45 jack (or other cable, like a USB cable) into a port. If the damaged pins are on the jack, it is easier to cut off the
damaged jack and replace it. If the damaged pins are in a wall port or NIC, you should replace the wall port or NIC. If the damaged pins are in a switch or router port, you are
most likely out of luck. You can no longer use the port. If you do not have extra unused ports, it will be necessary to purchase a new router or switch.
If you are having network connectivity issues on your LAN, you should check the cables for open/short conditions. An open condition would indicate that there is a break in the
cable somewhere. A short means that the wires are connecting at some point where they are not supposed to connect.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
The Difference Between Straight Through, Crossover, And Rollover Cables, http://learn-networking.com/network-design/the-difference-between-straight-through-crossover-androllover-cables
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
27/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #40 of 200
Question ID: 1289286
You are shopping for a new wireless access point. The access point will be mounted to the wall. With which one of these should you be concerned during the selection process?
A) Incorrect antenna type
B) Wrong passphrase
C) Security type mismatch
D) Incorrect antenna placement
Explanation
You should be concerned with incorrect antenna placement during the selection process. Antenna placement can cause issues with Wi-Fi performance. Check the
manufacturer’s placement recommendation – some wireless access points are designed for wall mounting, while others are designed for ceiling mounts. Also, placing a wireless
access point near metal ductwork, larger metallic lamps, on top of a ceiling panel, or next to a thick wall can cause performance issues.
It is important to verify that you do not have a security type mismatch. To connect to a wireless network, the client device must be set to use the same security type as the
access point. Access point security types include open and WEP (both to be avoided if at all possible), WPA/TKIP, WPA/AES, and WPA2/AES. This is not the first concern you
should have when mounting an access point to a wall, as this is a access point configuration issue, not a setup issue.
Choosing the incorrect antenna type can cause many performance issues. A parabolic or dish antenna is best for longer distance site-to-site transmissions, as it is a
unidirectional antenna. A Yagi antenna is similar to, but less powerful than, a parabolic antenna. Like a parabolic antenna, it is also unidirectional. A dipole antenna will have
dishes pointed in opposite directions, and is bidirectional. A vertical antenna is omnidirectional, and loses power in relation to the distance between the receiver and the
transmitter. The antenna type should be fine if you mount the antenna in the appropriate location.
It is very easy for the user to enter the wrong passphrase. Passwords and passphrases are case sensitive, and the number/letter/symbol combinations are easy to miskey.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wireless connectivity and performance issues.
References:
10 Huge Wi-Fi Antenna Mistake, https://7signal.com/10-wi-fi-antenna-placement-mistakes/
Question #41 of 200
Question ID: 1123401
Which type of Internet connection is NOT limited by proximity to an ISP, and consequently has the highest latency?
A) Wireless
B) Satellite
C) Copper
D) Fiber-optic
Explanation
Satellite Internet connections are available anywhere you can place a satellite dish, and are not limited by how close the subscriber is to an ISP. Satellite speeds are slower
compared to other delivery media, and satellite transmissions are affected by latency due to the distance the signals must travel.
Copper wire can be found as a transmission medium in unshielded twisted pair (UTP), shielded twisted pair (STP), or coaxial cable. While coaxial cables can have segment
lengths up 1 km, UTP and STP are limited to 100 meters. Copper remains the primary transmission medium for last-mile connections in the US.
Fiber-optic cable is available as a transmission media in two main types: single-mode fiber (SMF) and multi-mode fiber (MMF). MMF segments can be up to 600 meters, while
SMF segments (10GBASE-ER) can be 40KM. Longer distances for SMF are underdevelopment at this writing.
Wireless broadband requires you to be within a certain range of a provider's point of presence, such as a cell tower or antenna. Wireless broadband is currently classified as 4G,
or 4th Generation. 4G speeds, currently 16-17 Mbps, are 10 times faster than 3G. 3G and 4G have speed limitations, but they do not suffer from the latency issues one
experiences with satellite.
Objective:
Infrastructure
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
28/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Sub-Objective:
Compare and contrast WAN technologies.
References:
Understanding Fixed Wireless vs. Satellite, http://www.highspeedlink.net/understanding-fixed-wireless-vs-satellite/
Question #42 of 200
Question ID: 1123396
Your company consists of 75 employees. Your company has entered into a partnership with another company that is located across the country. Your company's users must be
able to connect to the partner's network quickly and reliably. Support for voice, data, and imaging transmissions and a dedicated 24-hour link are required. Your solution must be
as inexpensive as possible while providing enough bandwidth for your company's employees.
What should you implement?
A) FDDI
B) T1
C) ATM
D) POTS
E) ISDN
Explanation
T1 lines can provide fast, digital connections of up to 1.544 Mbps, transmitting voice, data, and video. A T1 line also provides a dedicated connection, which means that it
provides a 24-hour link. A T1 line is more expensive than a dial-up connection using Plain Old Telephone Service (POTS) or an Integrated Services Digital Network (ISDN)
connection, but this company needs enough bandwidth to accommodate its 75 users, which justifies the additional cost. If the full bandwidth of the T1 proves too costly or
unnecessary, fractional T1 is available. With a fractional T1, you can subscribe to one or more of the 24 available channels at a lower cost than T1.
Asynchronous Transfer Mode (ATM) is a high-speed, cell-switching link type transmitting up to 2,488 Mbps. ATM requires expensive equipment to implement. Therefore, it is a
costly alternative and is typically used by Internet backbones. The size of a cell in ATM is 53 bytes: a 48-byte payload and a 5-byte header.
Fiber Distributed Data Interface (FDDI) is a high-speed, Token Ring network that uses fiber-optic cable transmitting up to 100 Mbps. Although it does offer speed, it is limited to a
ring distance of 100 kilometers, or 62 miles. Even if distance were not a factor, the fiber medium makes this alternative too costly.
Integrated Services Digital Network (ISDN) provides a direct, point-to-point digital connection at a speed of up to 2 Mbps. Usually, speeds of 128 Kbps are seen with ISDN.
However, because it is a dial-up connection, it would not provide a dedicated 24-hour link.
Objective:
Infrastructure
Sub-Objective:
Compare and contrast WAN technologies.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 7: Wide Area Networks (WANs), WAN Technologies
Question #43 of 200
Question ID: 1289148
You upgrade the operating system on several servers on your network. Which change management documentation should you revise? (Choose all that apply.)
A) physical network diagram
B) wiring schematic
C) network baseline
D) logical network diagram
Explanation
You should revise the physical network diagram and the network baseline when you upgrade the operating system on several servers on your network. The physical network
diagram includes cable lengths and types, server names, IP addresses, server roles, network equipment locations, server operating system versions, and number of network
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
29/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
users. A network baseline includes performance statistics for your network. Both of these documents are affected when the operating system on a server is changed. Network
diagrams are also referred to as network maps.
You should not revise the logical network diagram. The logical network diagram includes server roles, domain architecture, protocols used, and trust relationships. Upgrading a
server's operating system does not affect the logical network diagram.
You should not revise the wiring schematic. The wiring schematic emphasizes the flow of the network. It includes equipment symbols and lines that indicate the flow. Upgrading
the server's operating system will not affect the wiring schematic.
Objective:
Network Operations
Sub-Objective:
Given a scenario, use appropriate documentation and diagrams to manage the network.
References:
Configuration Management Documentation, http://www.examcollection.com/certification-training/network-plus-configuration-management-documentation.html
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Network Documentation
Question #44 of 200
Question ID: 1123370
What is the main purpose of a VPN concentrator?
A) to provide dynamic IP addresses
B) to terminate the VPN tunnels
C) to manage Internet requests and cache Web content
D) to resolve host names and IP addresses
Explanation
The main purpose of a VPN concentrator is to terminate the VPN tunnels.
The main purpose of a DNS server is to resolve host names and IP addresses.
The main purpose of a DHCP server is to provide dynamic IP addresses.
The main purpose of a proxy server is to manage Internet requests and cache Web content.
Objective:
Infrastructure
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Specialized Network Devices
Question #45 of 200
Question ID: 1289172
You need to create an encrypted remote terminal connection with a UNIX computer. Which protocol should you use?
A) FTP
B) SSH
C) Telnet
D) SCP
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
30/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Secure Shell (SSH) is used to create an encrypted remote terminal connection with a UNIX computer. File Transfer Protocol (FTP) is used to transfer files on a TCP/IP network.
FTP transmits data in clear text. Secure Copy (SCP) enables users to transfer files over a secure connection. Telnet is a protocol that enables a user to establish terminal
connections with UNIX computers. Telnet transmits data in clear text. To fully harden your network, you should use the following secure protocols:
SSH - secure alternative to Telnet.
SNMPv3 - secure alternative to SNMPv1 and v2.
TLS/SSL - used with different protocols, including FTP and HTTP, to secure transactions.
SFTP - secure alternative to FTP. It uses TLS/SSL.
HTTPS - secure alternative to HTTP, It uses TLS/SSL.
IPsec - used on virtual private networks (VPNs) to encrypt traffic.
For the Network+ exam, you also need to understand the following anti-malware software:
Host-based - Host-based anti-malware software is installed at the local host, although its updates may be managed from a central location. Host-based anti-malware
protects only the device on which it is installed.
Cloud/server-based - Cloud- or server-based anti-malware protects all components located on the cloud or server.
Network-based - Network-based anti-malware protects the entire network. In some case, a small client component will need to be installed on the network hosts to ensure
that the network-based software can communicate with all hosts on the network.
Objective:
Network Operations
Sub-Objective:
Given a scenario, use remote access methods.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, The Purpose of Reference Models
Question #46 of 200
Question ID: 1289169
You have decided to implement ISAKMP. What is provided by this technology?
A) a Citrix protocol used in application server environments
B) a Microsoft protocol that establishes sessions with other computers
C) a protocol that encapsulates PPP within Ethernet frames
D) a protocol that works with IPSec to establish a secure session
Explanation
Internet Security Association and Key Management Protocol (ISAKMP) is a protocol that works with IPSec to establish a secure session. Remote Desktop Protocol (RDP) is a
Microsoft protocol that establishes sessions with other computers.
Point-to-Point Protocol over Ethernet (PPPoE) is a protocol that encapsulates PPP within Ethernet frames.
Independent Computing Architecture (ICA) is a Citrix protocol used in application server environments.
Objective:
Network Operations
Sub-Objective:
Given a scenario, use remote access methods.
References:
Internet Security Association and Key Management Protocol, http://en.wikipedia.org/wiki/ISAKMP
Question #47 of 200
Question ID: 1289114
You have been asked to implement a protocol that will manage the fully qualified domain name (FQDN) to IP address mappings. Which protocol should you implement?
A) DNS
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
31/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
B) WINS
C) SSH
D) DHCP
Explanation
Domain Name System (DNS) is the protocol that will manage the FQDN to IP address mappings. DNS works at the Application layer of the OSI model. The DNS database will
include the following record types:
Host (A) record for IPv4
Host (AAAA) record for IPv6
Pointer (PTR) record
Canonical name (CNAME) record
Mail exchanger (MX) record
Name server (NS) record
Dynamic Host Configuration Protocol (DHCP) is the protocol that dynamically assigns IP addresses to clients on a network. DHCP works at the Application layer of the OSI
model.
Windows Internet Name Services (WINS) is the protocol that manages NetBIOS name to IP address mappings. WINS is used only on Windows networks. WINS uses the
BOOTP protocol and operates at the Application layer of the OSI model.
Secure Shell (SSH) is a protocol that allows data to be securely exchanged between two devices. SSH works at the Presentation layer of the OSI model.
Objective:
Networking Concepts
Sub-Objective:
Explain the functions of network services.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Specialized Network Devices
Cisco Support: Understanding the Domain Name System, http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00800c5e03.shtml
Question #48 of 200
Question ID: 1123569
You administer a LAN that uses TCP/IP as its network communications protocol. You want to view the number of UDP packets that will be sent to SERVER_1 from CLIENT_A.
Which tool should you use to view this information?
A) Monitor.nlm
B) a hardware loopback
C) Performance Monitor
D) a protocol analyzer
Explanation
You should use a protocol analyzer to view the number of User Datagram Protocol (UDP) packets sent from CLIENT_A to SERVER_1. A protocol analyzer is software that
enables you to view information about the network communications protocols that are used on a network. You can also use a protocol analyzer to determine the Web sites that
are being visited by network users and to alert you if network interface cards (NICs) are jabbering. A jabbering NIC should be replaced because it continually sends data and
saturates the network with data packets.
A hardware loopback is required to determine whether a NIC is sending and receiving data. You connect the hardware loopback to the external port of the NIC. Then, you use
diagnostic software to evaluate whether the NIC is functioning.
Performance Monitor is a tool provided by Windows that allows you to view software and operating system (OS) performance metrics. Monitor.nlm, which is analogous to
Performance Monitor, is used on Novell NetWare networks.
Objective:
Network Troubleshooting and Tools
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
32/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #49 of 200
Question ID: 1289181
Which of the following statements is UNLIKELY to appear in an organization's safety policies and procedures for its networking equipment?
A) Exercise caution when working around electrical equipment.
B) Look for simpler, more approachable alternatives to technician's manuals online.
C) Arrange for assistance or lifts when moving heavy equipment.
D) Always use insulated tools.
E) Wear appropriate safety equipment.
F) Keep all work areas clean, uncluttered, and organized.
Explanation
The essence of stating and practicing proper safety procedures and policies is doing things by the book. Because looking for simpler, more approachable alternatives to
technician’s manuals online encourages readers to skip the book quite literally, it is completely at odds with this approach.
Keeping work areas clean, uncluttered and organized not only minimizes the potential for accident or mishaps, it also promotes productivity. It also ensures that confidential
information is not left out in the open for prying eyes. This makes it a cornerstone for best safety practice and policy.
Wearing appropriate safety equipment means exercising due diligence in the workplace. It is another best safety practice when working with and around electrical equipment.
Using insulated tools minimizes the risk of shock or injury when working around electrical equipment. It should be automatic for those who work in such environs, but an explicit
policy/requirement simply emphasizes how important this is for safety.
Moving heavy equipment always carries a risk of damage to the gear or injury to those who work with it. That is why arranging for assistance, mechanical or from a sufficient
number of co-workers is an absolute must.
Electricity is dangerous and can be life-threatening (or -ending). It is absolutely essential to exercise caution when working in or around electrical gear.
Objective:
Network Operations
Sub-Objective:
Identify policies and best practices.
References:
OSHA Electrical Safety in the Workplace (PDF) https://www.osha.gov/dte/grant_materials/fy09/sh-18794-09/electrical_safety_manual.pdf
Electrical Safety Program (DOCX) EMC Insurance https://www.emcins.com/assets/docs/lossControl/Electrical%20Safety%20Program.docx
CompTIA Network+ N10-007 Cert Guide, Chapter 13: Network Policies and Best Practices, Policies
Question #50 of 200
Question ID: 1123310
Which of the following is a security implication if your company uses a public cloud deployment?
A) Surges in demand require that company resources will need to be adjusted accordingly.
B) Other tenants can gain physical access to the resources that store your company's data.
C) Security issues are the sole responsibility of the company's personnel.
D) The local ISP and power grid can impact the availability of resources stored on the cloud.
Explanation
When using a public cloud deployment, other tenants can gain physical access to the resources that store your company's data.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
33/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
All of the other statements are security implications of implementing a private cloud, not a public cloud.
For the Network+ exam, you need to understand the different security methods and considerations for each cloud deployment. In most cases, a private cloud will have the
opposite security implications and considerations from public cloud. For example, with a private cloud, you retain complete physical control of the data. But with public cloud, the
physical control of the data rests with the cloud provider.
The relationship between the local and cloud resources is also important. Personnel will need to understand the transfer of data between local and cloud resources and how the
availability of local resources can affect the cloud deployment.
Objective:
Networking Concepts
Sub-Objective:
Summarize cloud concepts and their purposes.
References:
Security implications of public vs. private clouds, https://www.zdnet.com/article/security-implications-of-public-vs-private-clouds/
Question #51 of 200
Question ID: 1289235
You administer computers on an Ethernet 100BaseTX network, which uses the TCP/IP network communications protocol. The network uses an unsubnetted Class A IP address
range. A computer on the network named Admin1 has the IP address 12.10.100.3, and a computer on the network named Marketing1 is configured with the IP address
12.10.100.4. Both computers are configured with the subnet mask 255.0.0.0 and the default gateway address 12.10.100.5. The network is connected to the Internet.
RemoteWkst is a computer on a remote network that is connected to the Internet. Normally, Marketing1 and Admin1 can connect to RemoteWkst.
You recently discovered that Marketing1 can connect to Admin1 and Admin1 can connect to Marketing1, but neither of these computers can connect to RemoteWkst. You
suspect that there is a problem with one of the routers between RemoteWkst and the network you administer.
Which TCP/IP utility should you use to troubleshoot this connectivity problem?
A) the arp utility
B) the ipconfig utility
C) the nslookup utility
D) the tracert utility
Explanation
To test the routers between your network and RemoteWkst, you should use the tracert utility. To use the tracert utility, you should type the tracert command at a command
prompt and either an IP address or a Domain Name System (DNS) name variable after the command, as in the following example: tracert dnsname or tracert ipaddress.
The tracert utility will then display the IP address and DNS name of every node that a data packet passes through on its way to the remote computer. The tracert command will
also display the time required for a data packet to travel through each node, and an error message if a router on the path is experiencing problems. In this scenario, the tracert
command will display an error message if a router is experiencing a problem between either Admin1 or Marketing1 and RemoteWkst. If you receive a Request Timed Out
message from tracert when you trace the route to external resources, it is possible that the firewall is blocking echo reply in and echo request out messages. You would need to
reconfigure the firewall to allow these messages. The traceroute command is the Linux equivalent of the tracert command.
The Address Resolution Protocol (ARP) is used in TCP/IP to resolve media access control (MAC) addresses to IP addresses. MAC addresses are configured on each NIC on
an Ethernet network so that the nodes can be identified on the network. ARP enables the MAC addressing that Ethernet requires to interoperate with the IP addressing that
TCP/IP requires. You can use the arp utility to view and manage the ARP cache on a computer. The ARP cache contains the IP address-to-MAC address resolutions on a
computer. To use the arp utility, you can issue the arp command with various switches at a command prompt. An example of the output of the arp -a command is shown in the
following exhibit:
You can use the ipconfig utility to view IP configurations, such as IP address, subnet mask and default gateway. You can also use the ipconfig utility to release and renew DHCP
leases. You can issue the ipconfig command with various switches at a command prompt. The ipconfig utility will show that Admin1 and Marketing1 are configured with valid IP
addresses on the network and a valid subnet mask. The ifconfig command is the Linux equivalent of the ipconfig command.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
34/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
You can use the nslookup utility to troubleshoot problems with DNS on computers that support the utility, such as Windows Server computers. You can issue the nslookup
command with various switches and variables, shown in the following exhibit:
For example, suppose you can connect to a remote computer by using the remote computer's IP address, but you cannot connect to the same remote computer by using its
host name. In this situation, you can use the nslookup utility to troubleshoot the DNS name resolution problem. The dig utility is the UNIX equivalent to the nslookup utility. Both
these tools can be used to resolve the FQDN of a Web server.
For the Network+ exam, you also need to understand the show mac address-table command that is used to display information about the MAC address table on a Cisco device.
The parameters that can be used with this command are as follows:
You will only be able to run this command on a Cisco device.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #52 of 200
Question ID: 1289165
You are a network administrator for a Windows Server 2012 domain. Recently, you have noticed network performance issues when Microsoft operating systems and
applications release new service packs or updates. All server and client computers are configured to automatically download and install any updates. You need to deploy a
solution that will reduce the network performance issues when these updates are released. What should you do?
A) Deploy a centralized Windows Software Update Services server that will download and deploy the updates, and deploy a
group policy that ensures that all servers and clients obtain their updates from the centralized server.
B) Change the configuration of all computers to check for updates but wait for the user to download and install them.
C) Change the configuration of all computers to never check for updates.
D) Change the configuration of all computers to download updates but wait for the user to install.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
35/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Explanation
You should deploy a centralized Windows Software Update Services (WSUS) server that will download and deploy the updates and deploy a group policy that ensures that all
servers and clients obtain their updates from the centralized server. The WSUS server will download all the updates needed for clients and servers. This means that an update
will only need to be downloaded once from the Internet. By using a group policy, you can configure the server and client computers to obtain the updates from the centralized
server. This will allow you to configure the day and time that servers and clients will check for updates. Therefore, you can deploy the updates during off-peak times and
minimize network performance issues due to updates.
Changing the configuration of the computers to never check for updates will cause security and performance issues for your computers. You need to deploy any updates from
operating system and application vendors.
Changing the configuration of all computers to download updates but wait for the user to install will not reduce network performance issues because all the computers will still be
downloading the updates from the Internet. All of the clients and servers downloading their updates separately is probably what is causing the network performance issues. In
addition, it is never good to leave update installation in the hands of users.
Changing the configuration of all computers to check for updates but wait for the user to download and install them will not reduce network performance issues when released.
In this solution, all the computers would still be separately downloading the updates. Also, this solution relies on the users to approve the download and installation of the
updates.
For the Network+ exam, you need to understand the following issues as they relate to applying patches and updates:
OS updates - Operating system (OS) updates come in many forms. Service packs are usually fully tested by the vendor and contain all updates and hotfixes since the last
service pack. Hotfixes are released to fix an urgent issue and are not tested as stringently as service packs. Other updates can be released periodically to fix minor issues
and are usually tested a bit more than hotfixes, but not as much as service packs. However, you should still test any OS updates in a lab environment BEFORE you deploy
them in the live server and client computers.
Firmware updates - Firmware updates involve updates to the firmware running on ROM chips in devices, including routers, switches, mobile phones, and computers.
Driver updates - Driver updates are released by device or component vendors, including video cards and network cards. Make sure to install the driver that is appropriate for
your OS version.
Feature changes/updates - Feature changes or updates are released by OS and application vendors to provide users with additional functionality. Only deploy those
features that your users need, because the features will require storage space.
Major vs minor updates - While both major and minor updates should be deployed, you should read the documentation that comes with the update to see if your
organization considers it to be major or minor. What the vendor may consider major, the vendor may only consider minor. Deploy any major updates as quickly as possible.
Vulnerability patches - A vulnerability patch is usually a security patch. These patches are usually very important to prevent security breaches or exploitation of the
vulnerability.
Upgrading vs downgrading - Upgrading is the process is installing the next version of an OS or application. Downgrading is the process of reverting to a previous version of
an OS or application. If available with your operating system, you should implement some sort of system restore program to create a savepoint before you install a new OS
or application version. This will allow you to easily revert back to the previous version using the savepoint you created.
Configuration backup - A full backup is suggested before you install any patches, hotfixes, service packs, new OS versions, or any other update. However, many OSs now
offer a system restore program that will create savepoints. This process is usually much faster than a full backup. Also, restoring a savepoint is much quicker when
compared to the restore time of a backup.
Objective:
Network Operations
Sub-Objective:
Explain common scanning, monitoring and patching processes and summarize their expected outputs.
References:
Windows Server Update Services, https://technet.microsoft.com/en-us/windowsserver/bb332157.aspx
Question #53 of 200
Question ID: 1289192
Which of the following relies on credentials stored and authenticated on the device being used?
A) Local authentication
B) RADIUS
C) Certificates
D) Kerberos
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
36/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
In the case of local authentication, the credentials are stored on the device being used (a local device), not on a remote server. Local authentication is accomplished by the user
providing credentials (typically a user name and password) and verifying those credentials against a local database.
Certificates are issued by a certificate authority (CA) and are used to validate the owner’s identity. Normally, the certificate contains the owner’s name, public key, and the
certificate expiration date, as well as additional information about the owner.
Kerberos is an authentication protocol that uses a third-party server (a key distribution center or KDC) to provide authentication between a client and a server. A client sends an
authentication request to the KDC. The KDC contacts the Active Directory server, which authenticates the user and the user’s authorized groups. The KDC replies to the client
with a ticket granting ticket (TGT) containing a session key and the groups authorized for the user. The TGT basically is a “proof of identity”. The client caches that TGT. If the
client wants access to a server, the client sends the name of the server, the TGT, and an authentication key to the Active Directory server. The Active Directory server checks
with the KDC to ensure the key’s validity and sends the client a service ticket to share with the server. The server validates the service ticket and grants access to the client.
Again, this scenario first requires full network authentication.
Remote Authentication Dial-In User Service (RADIUS) servers handle both authentication and authorization. RADIUS was originally designed for dial-up networking and
validates the credentials of a remote user against a stored database. If the validation is successful, the user is granted access (authorization) to network resources. RADIUS
servers are not local devices.
Objective:
Network Security
Sub-Objective:
Explain authentication and access controls.
References:
Authentication, http://searchsecurity.techtarget.com/definition/authentication
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Remote-Access Security
Question #54 of 200
Question ID: 1123589
While reviewing recent performance reports from your network devices, you notice that there are a high number of corrupt packets reaching a router named Router34. What is
most likely happening to them?
A) The packets are being forwarded to the next router upstream.
B) The packets are causing the duplexing method to change.
C) The packets are causing the interface to reset.
D) The packets are being dropped.
Explanation
Corrupt packets are being dropped. Packet drops occur for a variety of reasons, including packet corruption, speed mismatch, and duplex mismatch. Corrupt packets are not
forwarded by network devices. An interface only resets when a power outage occurs or when an administrator initiates a reset. Packets cannot change the duplexing method.
However, a packet that uses a different duplexing than is the network supports is usually dropped.
As a network technician, you should perform interface monitoring. This includes being able to read errors and determine their cause, understand network utilization reports,
determine discards and packet drops and their cause, perform interface resets, and ensure speed and duplex settings are appropriately configured.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Troubleshooting packet drops, https://support.f5.com/kb/en-us/solutions/public/10000/100/sol10191.html
Question #55 of 200
Question ID: 1123549
You instruct a user to issues the ipconfig command with the /release and /renew options. In which two situations would it be appropriate to ask a user to do this? (Choose two.)
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
37/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A) when no IP helper address has been configured on the router between the client and the DHCP server
B) when the result of running the ipconfig /all command indicates a 169.254.163.6 address
C) when the no ip directed-broadcast command has been issued in the router interface local to the client, and no IP helper
address has been configured on the router between the client and the DHCP server
D) when recent scope changes have been made on the DHCP server
Explanation
It would it be appropriate to issue the ipconfig command with the /release and /renew options when the result of running the ipconfig /all command indicates a 169.254.163.6
address, or when recent scope changes have been made on the DHCP server. When a computer has an address in the 169.254.0.0 network, it indicates that the computer has
not been issued an address from the DHCP server. Instead, the computer has utilized Automatic Private IP Addressing (APIPA) to issue itself an address. If the reason for this
assignment is a temporary problem with the DHCP server or some other transitory network problem, issuing the ipconfig /release command followed by the ipconfig /renew
command could allow the computer to receive the address from the DHCP sever.
Similarly, if changes have been made to the settings on the DHCP server, such as a change in the scope options (such as gateway or DNS server), issuing this pair of
commands would update the DHCP client with the new settings when this address is renewed.
These commands will have no effect if no IP helper address has been configured on the router between the client and the DHCP server. An IP helper address can be configured
on the local interface of a router when no DHCP server exists on that subnet and you would like to allow the router to forward DHCP DISCOVER packets to the DHCP server on
a remote subnet. DHCP DISCOVER packets are broadcast, and routers do not pass on broadcast traffic by default. These commands will have no effect if the no ip directedbroadcast command has been issued in the router interface that is local to the client, and no IP helper address has been configured on the router between the client and the
DHCP server. The no ip directed-broadcast command instructs the router to deny broadcast traffic, which is the default behavior. Under those conditions, the command will not
result in finding the DHCP server or receiving an address.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
Cisco IOS IP Application Command Reference: ip directed-broadcast,
http://www.cisco.com/en/US/docs/ios/ipapp/command/reference/iap_i1.html#wp1052696http://www.cisco.com/en/US/docs/ios/ipapp/command/reference/iap_i1.html#wp1053151
Cisco IOS IP Application Command Reference: ip helper-address,
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #56 of 200
Question ID: 1289216
What is another term for a demilitarized zone (DMZ)?
A) dual-homed firewall
B) screened host
C) screened subnet
D) virtual private network (VPN)
Explanation
A screened subnet is another term for a demilitarized zone (DMZ). Two firewalls are used in this configuration: one firewall resides between the public network and DMZ, and
the other resides between the DMZ and private network. A DMZ is a separate network segment that contains Internet-accessible servers, which is separated from the Internet
and the rest of the private network by a firewall. A system administrator would deploy a Web server on a DMZ if the Web server needed to be separated from other networked
servers. The general standpoint behind a DMZ is that all the systems on the DMZ can be compromised because the DMZ can be accessed from the Internet. An e-mail server
and FTP server could also be located on a DMZ. If you locate the e-mail server on the private network, you could place an e-mail proxy on the DMZ. An extranet is similar to a
DMZ, but is only accessible to partners or clients. Firewall architectures include bastion hosts, dual-homed firewalls, screened hosts, and screened subnets.
A screened host is a firewall that resides between the router that connects a network to the Internet and the private network. The router acts as a screening device, and the
firewall is the screen host.
A dual-homed firewall is one that has two network interfaces: one interface connects to the Internet, and the other connects to the private network.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
38/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A virtual private network (VPN) is not a physical network. As its name implies, it is a virtual network that allows users connecting over the Internet to access private network
resources while providing the maximum level of security. An encrypted VPN connection should be used to ensure the privacy and integrity of data that is transmitted between
entities over a public network, whether those entities are clients, servers, firewalls, or other network hardware. A VPN can use a tunneling protocol, such as IPSec.
Objective:
Network Security
Sub-Objective:
Explain common mitigation techniques and their purposes.
References:
Demilitarized Zone in Computer Networking, http://compnetworking.about.com/cs/networksecurity/g/bldef_dmz.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Firewalls
Question #57 of 200
Question ID: 1123555
You need to obtain the current protocol statistics and port connections for Windows and UNIX/Linux computers. Which tool should you use?
A) netstat
B) ping
C) tracert
D) nbtstat
Explanation
Netstat is a TCP/IP utility that you can use to determine the computer's inbound and outbound TCP/IP connections. It displays current connections and their listening ports.
Ping is a Windows and UNIX/Linux command that is used to test a connection between two computers.
Issuing nbtstat at a Windows command prompt will show NetBIOS information.
Issuing tracert at a Windows command prompt will trace the route a packet takes from the source computer to the destination host.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
Netstat, http://searchnetworking.techtarget.com/sDefinition/0,sid7_gci1270289,00.html
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #58 of 200
Question ID: 1123321
You manage a network for your organization. The network contains one DNS server and three routers. You are setting up a new DHCP server.
You configure separate scopes for each subnet on your network. The routers are configured to forward DHCP requests. You need to ensure that DHCP clients receive the
appropriate settings using the least administrative effort. What else should you do? (Choose all that apply.)
A) Configure the DNS server as a scope option for each scope.
B) Configure each router as a server option.
C) Configure the DNS server as a server option.
D) Configure each router as a scope option for its appropriate scope.
Explanation
You should configure the DNS server as a server option. This will ensure that all DHCP clients receive the DNS server settings.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
39/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
You should also configure each router as a scope option for its appropriate scope. Each scope will have a different router or default gateway. For this reason, router or default
gateway information must be configured at the scope level. If you configure this option at the server level, all the clients would receive the same router configuration, which
would not work because you have three different subnets.
You should not configure the DNS server as a scope options for each scope. This would require more administrative effort than is necessary.
You should not configure each router as a server option. This would cause all the devices to receive the same router or default gateway information. Because the network has
three subnets, the clients could use any of the three routers, depending on their location in the network.
Objective:
Networking Concepts
Sub-Objective:
Explain the functions of network services.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Specialized Network Devices
Question #59 of 200
Question ID: 1289305
Users are unable to log in to the network. When you examine the authentication server, you see that CPU usage is almost 100%. What is most likely the issue?
A) Names not resolving
B) Incorrect gateway
C) Unresponsive service
D) Expired IP addresses
Explanation
Most likely, you have an unresponsive service that is tying up resources. In Services on a Windows computer, find the unresponsive service and note the name of the service. In
an elevated command prompt, enter "sc queryex servicename" and get the process ID (PID). Then, kill the process using "taskkill /f /pid" followed by the PID in question. If the
PID were 1687, for example, the command would be taskkill /f /pid 1687.
Expired IP addresses occur when a client computer has been offline for a period of time, is brought back on line, and uses an IP address whose lease has expired. To resolve
the problem on a Windows computer, issue an “ipconfig /release” command, followed by “ipconfig /renew”. This will unbind the IP address from the client machine, and the
DHCP server will issue a new IP address. Expired IP addresses would cause connectivity issues but not resource usage issues.
Names not resolving occurs when you enter a URL that you know to be valid, and the Domain Name System (DNS) server is not providing the corresponding IP address for that
server. IP addresses, not the URLs we enter into the browser, are used to locate machines throughout a LAN or over the Internet. DNS provides the translation from URL to IP
address, known as name resolution. Names not resolving would cause connectivity issues but not resource usage issues.
If you get a “Destination Host Unreachable” message, the most likely culprit is an incorrect gateway. Make sure the local machine and the default gateway are on the same
subnet. If the gateway IP address is actually the IP address of the LAN side of the router, you will see a “Request timed out” message. This would result in connectivity issues
but not resource usage issues.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
How To Kill A Windows Service Which Is Stuck At Stopping, https://support.4it.com.au/article/how-to-kill-a-windows-service-which-is-stuck-at-stopping/
Question #60 of 200
Question ID: 1289252
You have been hired as an IT technician. You have been given a kit that contains the tools shown in the exhibit.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
40/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
You need to identify the tools shown. Match each tool name on the left with the appropriate exhibit name on the right.
{UCMS id=5681585384849408 type=Activity}
Explanation
The tool names are matched as follows:
Exhibit A - wire crimper
Exhibit B - cable stripper
Exhibit C - tone generator and probe
Exhibit D - multimeter
Exhibit E - cable tester
Exhibit F - loopback plug
Exhibit G - punchdown tool
A wire crimper is used to terminate the ends of a cable and attach the connector. A cable stripper is used to remove the outer plastic from the wiring. A tone generator and probe
is used to locate the ends of a cable. A multimeter is used to measure electric current, voltage, and usually resistance, typically over several ranges of value. A cable tester is
used to test the wiring of a cable. A loopback plug is used to test a computer port. A punchdown tool is used to connect a cable into a punch down block or patch panel.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Network+ Hardware Tools, http://blogs.getcertifiedgetahead.com/network-hardware-tools/
Question #61 of 200
Question ID: 1289213
Your company implements a honeypot as intrusion prevention. Management is concerned that this honeypot would be considered entrapment and has asked you to ensure that
entrapment does not occur. Which situation should you prevent?
A) downloads on a honeypot
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
41/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
B) open services on a honeypot
C) open ports on a honeypot
D) Web browsing on a honeypot
Explanation
You should prevent downloads on a honeypot. Allowing downloads on a honeypot is a possible example of entrapment if it is used to make formal trespassing charges.
Entrapment occurs when a hacker is tricked into performing an illegal activity. Entrapment is illegal.
Opening port and services and allowing Web browsing on a honeypot are not examples of entrapments. They are enticements. Enticement allows the administrator to monitor
activity to increase security and perhaps trace the attack. Enticement is legal. A honeynet is a group of honeypots that work together.
Objective:
Network Security
Sub-Objective:
Explain common mitigation techniques and their purposes.
References:
Honeypot (computing), https://en.wikipedia.org/wiki/Honeypot_(computing)
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Defending Against Attacks
Question #62 of 200
Question ID: 1123288
Your company's WAN connects networks in New York, Atlanta, Dallas, and Boston. Each city is directly connected to every other city.
Which physical topology is used for your WAN?
A) Mesh
B) Ring
C) Star
D) Bus
Explanation
In a mesh topology, every device has a dedicated connection to every other device using a series of point-to-point connections. In the case of a WAN, a mesh topology connects
each individual network to each other network in an intranetwork. This type of topology is very expensive because of its redundant links, but it provides a high level of fault
tolerance. Therefore, it is typically seen in a WAN environment where fault tolerance is a major concern.
The following table lists the advantages and disadvantages of the different network topologies:
Objective:
Networking Concepts
Sub-Objective:
Compare and contrast the characteristics of network topologies, types and technologies.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
42/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
References:
Novell's Networking Primer, http://www.novell.com/info/primer/prim08.html
CompTIA Network+ N10-007 Cert Guide, Chapter 1: Computer Network Fundamentals, Networks Defined by Topology
Question #63 of 200
Question ID: 1123299
Your company is researching different wireless antennas. Antennas that you research are high-gain antennas. Which statement describes a property of high-gain antennas?
A) High-gain antennas provide a wide coverage area.
B) High-gain antennas avoid multipath distortion.
C) High-gain antennas provide a small vertical beamwidth.
D) High-gain antennas are best suited for point-to-multipoint bridging.
Explanation
A high-gain antenna has a small vertical beamwidth.
The beamwidth parameter of the antenna defines the angle of the radio signal radiated. The angle of radiation of the signal is defined in degrees. The antenna properties include
the gain, beamwidth, and transmission angle.
Antennas with higher gain have less beamwidth than antennas with lower gain. The high-gain antennas have very narrow beamwidth. For example, typical 6-dBi patch antenna
has a 65-degree beamwidth, but the 21-dBi parabolic dish antenna has a 12-degree radiation pattern.
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, implement the appropriate wireless technologies and configurations.
References:
Cisco Aironet Antennas and Accessories Reference Guide, https://www.cisco.com/c/en/us/products/collateral/wireless/aironet-antennasaccessories/product_data_sheet09186a008008883b.html
Deploying License-Free Wireless Wide-Area Networks, http://www.ciscopress.com/articles/article.asp?p=31731&seqNum=4
Question #64 of 200
Question ID: 1289294
The network diagram is shown in the following image:
The workstations on the network cannot connect to the Internet. You can ping the router from the Internet. The workstations and server can connect to each other. Where is the
problem most likely to exist?
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
43/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A) between the server and the workstations
B) between the router and the server
C) between the server and the network
D) between the router and the Internet
Explanation
Because the workstations and the server can connect to each other, you know that all the configurations are correct within the local area network (LAN). Because you can ping
the router from the Internet, you know that one side of the router is functioning properly. This leaves the connection between the router and the server as the most likely source
of the problem. The problem could be either on the server side of the router or on the server itself. It will require more troubleshooting to locate the exact source of the problem.
Some of the potential connectivity issues you should be able to identify for the Network+ exam include the following:
Incorrect interface/interface misconfiguration - If the interface is incorrectly configured, then traffic will not pass through that interface properly. Often the easiest way to test
and interface is to use the ping command or a loopback tester. If you connect a router to a multiplexer but cannot access the router's interface even though the signal level is
good, it is most likely that the wrong wavelength as demuxed from the multiplexer.
Interface errors - Interface errors are usually dependent upon the device and vendor. You should consult the device's operation manual to determine what the interface error
means. In most cases, vendors have an online knowledge base that you can search.
Simultaneous wired/wireless connections - Some organizations have both wired and wireless networks in use. Client computers, though, should connect to only one of these
types of networks. If you want to use a wired connection, you should plug into that network. If a wireless network is in range, your computer may attempt to connect to the
wireless network as well if you have enabled the connect automatically feature.
Discovering neighboring devices/nodes - Most devices have the ability to discover neighboring devices or nodes by using the appropriate routing protocol. It may be
necessary to enable multiple routing protocols based on the types of devices to which you must connect.
Port configuration - Each switch port is a single collision domain. If you improperly configure the ports, then communication on the appropriate domain may not be possible.
VLAN assignment - This problem occurs when configuring the VLAN assignment on a client computer or device. Each VLAN is a separate collision domain. Make sure that
client computers are configured with the appropriate VLAN to ensure that they can communicate within the collision domain. If a device is attached to an incorrect VLAN, it
will not respond to network communication even through the link activity light is on.
End-to-end connectivity is a process whereby you troubleshoot connectivity issues from the host experiencing the connection problem all the way through the network. You
should always start at the local host and proceed through the network, through routers and other devices, to the destination. Any connectivity problem could be at the host, the
remote host, or anywhere in between. Following a logical process will ensure that the exact issue will be located.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
Chapter 13: Network Troubleshooting, http://www.cisco.com/en/US/docs/voice_ip_comm/bts/5.0/troubleshooting/guide/13tg01.html
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #65 of 200
Question ID: 1289215
Which term is most commonly used to describe equipment that creates a demilitarized zone (DMZ)?
A) firewall
B) router
C) passive hub
D) active hub
Explanation
A firewall is used to create a demilitarized zone (DMZ). A DMZ is a zone located between a company's internal network and the Internet that usually contains servers that the
public will be accessing. The DMZ implementation provides an extra security precaution to protect the resources on the company's internal network. Usually two firewalls are
used to create a DMZ. One firewall resides between the public network and DMZ, and another firewall resides between the DMZ and private network. All publicly accessible
servers should be placed on the DMZ, including servers that personnel must remotely access.
A router is used to create individual subnetworks on an Ethernet network. Routers operate at the Network layer of the OSI model. While a firewall can also be a router, it is
referred to as a firewall when it functions to create a DMZ. An active hub is used to connect devices in a star topology.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
44/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
An active hub has circuitry that allows signal regeneration.
A passive hub connects devices in a star topology, but it does not provide any signal regeneration.
A firewall is classified as a rule-based access control device. Rules are configured on the firewall to allow or deny packet passage from one network to another. In most cases,
the access control list (ACL) for a firewall will include an implicit deny rule at the end that will deny all connections that do not meet the requirements of the other configured
rules. An allow rule grants users access. A block rule denies users access. An implicit deny rule should be placed after the allow and block rules. The configuration of the rules is
one of the biggest concerns for a firewall, because the rules can be very complex.
Misconfiguration can easily lead to security breaches. Filters are created according to the company's security policy. To provide maximum file security, firewalls should not run
the Network Information System (NIS) file system. Compilers should be deleted from firewalls.
Objective:
Network Security
Sub-Objective:
Explain common mitigation techniques and their purposes.
References:
Demilitarized Zone, http://compnetworking.about.com/cs/networksecurity/g/bldef_dmz.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Firewalls
Question #66 of 200
Question ID: 1123363
You need to connect wireless devices to a wired local area network. Which device should you implement?
A) Gateway
B) Wireless NIC
C) Access Point
D) CSU/DSU
Explanation
An access point is either a software or hardware component that acts as a transceiver for wireless devices, connecting them to a wired local area network (LAN). It serves a
similar function as a distribution center sending and receiving signals to and from computers on the network. Stations, or computers, placed too far from the access point will be
unable to communicate with the network. A wireless network that employs access points is said to be operating in infrastructure mode. However, wireless networks can also be
set up with just a few stations and wireless network cards. This is known as ad-hoc mode. Ad-hoc mode networks can be set up quickly; however, all of the stations must be
within a 300-foot radius to communicate. A mesh network may use a combination of wireless access points while allowing some devices to connect using ad-hoc mode.
Organizational wireless access points usually provide more connections and a wider range of transmission than small office/home office wireless routers.
A gateway is used to connect networks that use different protocols.
A Channel Service Unit/Digital Service Unit (CSU/DSU) is a device typically required by leased lines, such as T1 lines, to terminate their media connection to your LAN.
A wireless network interface card (NIC) is designed specifically for wireless networks. It is the piece of hardware that enables wireless communication for a computer.
Keep in mind that wireless access point (WAP) placement is very important. WAP placement varies based on the environment in which the WAP is placed. WAPs should be
centrally placed to ensure that the maximum number of devices can use it. Also, you should consider the other devices in the area, such as cordless telephones, that can cause
interference. Placement is particularly important if more than one WAP is implemented in the same area. It may be necessary to configure WAPs that are in close proximity to
use different channels.
For the Network+ exam, you also need to understand device density, roaming, and wireless controllers. Device density is the ratio of users to access points. The performance of
the network could be adversely affected if too many users are connected to a single wireless access point. An overlap of coverage between access points is advisable to allow
uninterrupted roaming from one wireless network coverage area to another. However, those overlapping coverage areas should not use overlapping frequencies.
A wireless controller is a centralized device that can be used to manage multiple wireless access points. You need to understand VLAN pooling and Light Weight Access Point
Protocol (LWAPP). VLAN pooling assigns IP addresses to wireless clients from a pool of IP subnets and their associated VLANs. The protocols used to communicate between
an access point and a wireless control is either the older Lightweight Access Point Protocol (LWAPP) or the more current Control And Provisioning of Wireless Access Points
(CAPWAP).
A wireless bridge is a wireless access point that allows wireless devices to connect to a wired network.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
45/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Multi-user MIMO (MU-MIMO) is a set of advanced multiple in, multiple out (MIMO) technologies where the available antennas are spread over a multitude of independent
access points and independent radio terminals. Each has one or multiple antennas. In contrast, single-user MIMO considers a single multi-antenna transmitter communicating
with a single multi-antenna receiver. MIMO is used in 802.11n to allow the wireless network to reach higher speeds.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them.
References:
Wireless Access Point, http://compnetworking.about.com/cs/wireless/g/bldef_ap.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless Technologies, Deploying Wireless LANs
Question #67 of 200
Question ID: 1289177
Which suppression methods are recommended for a fire in a facility that involves paper, laminates, and wooden furniture? (Choose two.)
A) Water
B) Soda acid
C) Halon
D) Dry powder
Explanation
Water or soda acid should be used to suppress a fire that has wood products, laminates, and paper as its elements. The suppression method should be based on the type of fire
in the facility. The suppression substance should interfere with the elements of the fire. For example, soda acid removed the fuel, while water reduces the temperature. Water or
soda acid are used to extinguish class A fires. Electrical wiring and distribution boxes are the most probable cause of fires in data centers. Class C fire suppression agents, such
as halon or carbon dioxide, are used when the fire involves electrical equipment and wires. They can also be used to suppress Class B fires that include liquids, such as
petroleum products and coolants. Never use water on a Class B fire.
The production of halon gas was banned in 1987. Halon causes damage to the ozone layer and is harmful to humans. Halocarbon agents or inert gas agents can be
replacements for halon in gas-discharge fire extinguishing systems. Carbon dioxide, which is used to extinguish class B and class C fires, eliminates oxygen. It is harmful to
humans and should be used in unattended facilities.
Dry powder is a suppression method for a fire that has magnesium, sodium, or potassium as its elements. Dry powder extinguishes class D fires and is the only suppression
method for combustible metals. It is important to select the appropriate fire suppression system. Some systems will remove oxygen from a room. Therefore, they are harmful to
humans.
For the Network+ exam, you also need to understand the importance of heating, ventilation, and air conditioning (HVAC) systems. Because computer and network equipment
generates a lot of heat, you need to ensure that you implement an HVAC solution that can keep rooms and equipment properly cooled. Equipment rooms and data centers need
their own HVAC system that is separate from the rest of the building. You also need to understand emergency procedures. The building layout should be documented with all
safety/emergency exits noted. A fire escape plan should be written, with appropriate personnel training occurring at least annually. Entrances/exits should be configured
appropriately as fail open in the event of a fire. Fail close should only be used when a physical security breach has occurred. An emergency alert system should be implemented
to ensure that personnel are appropriately alerted when an emergency occurs.
Objective:
Network Operations
Sub-Objective:
Identify policies and best practices.
References:
Classes of fires: A, B, C, D, K, http://www.falckproductions.com/resources/fire-safety-and-firewatch/classes-of-fire-a-b-c-d-and-k/
Question #68 of 200
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
Question ID: 1289266
46/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
The network you administer is a Fast Ethernet network. Wall outlets are connected to patch panels by 90-meter cables. Patch panels are connected to switches by 5-meter
cables. The network uses Category 5 unshielded twisted-pair (CAT 5 UTP) cable.
You use a 15-meter patch cable to connect a server named Shipping to a wall outlet. You connect the Shipping computer to the network, start the computer, and properly
configure it. However, clients cannot connect to the Shipping server. Clients can connect to other servers on the network. What will most likely solve the connection problem?
A) replacing the CAT 5 UTP with CAT 1 UTP
B) replacing the CAT 5 UTP with CAT 3 UTP
C) replacing the 15-meter patch cable with a 3-meter patch cable
D) replacing the 15-meter patch cable with a 10-meter patch cable
Explanation
On a Fast Ethernet network that uses unshielded twisted-pair (UTP) cables, such as a 100BaseTX Ethernet network, the maximum length of the cable between a computer and
a switch or hub is 100 meters. In this scenario, the total length of cable between the Shipping server and the switch is 110 meters. You can solve the connection problem in this
scenario by replacing the 15-meter patch cable that connects the Shipping server to the wall outlet with a patch cable that is no more than 5 meters in length. Db loss in cabling
(also called attenuation) occurs because the voltage decays slowly as the current travels the length of the cable. If you replace the 15-meter patch cable with a 10-meter patch
cable, then the connectivity problem will still occur because the overall cable length between the server and the switch will still exceed 100 meters.
The following diagram illustrates the recommended cabling lengths for twisted-pair Ethernet.
The switch and patch panel are usually located within a telecommunications closet. A basic patch panel does not normally contribute any networking services; it simply serves
as a junction box between the switch and the various nodes on the network. A patch panel provides a convenient interface from which you can arrange and rearrange
connections between the switch and the nodes.
Distance issues are caused when cable lengths exceed the maximum distance allowed by a particular media type. Ensure that your cable runs do not exceed the maximum
distance allowed. Repeaters could also be used to prevent this problem.
A 100BaseTX Ethernet network requires at least CAT 5 UTP cable. CAT 1 and CAT 3 UTP cannot support signaling on a 100BaseTX network. If you replaced all of the cable on
the network with lower-grade cable, then none of the computers would be able to connect to the network. Physical connectivity problems include the following:
Bad connectors
Bad wiring
Open circuits or short circuits
Split cables
Transmit (TX)/Receive (RX) ends reversed
Cable placement
EMI/Interference
Cross-talk
Db loss and attenuation
Distance limitations
Incorrect termination (mismatched standards)
Split pairs
Bad SFP/GBIC (cable or transceiver)
Often network cable testers can identify any of the above problems.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
47/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #69 of 200
Question ID: 1123469
What is a physical barrier that acts as the first line of defense against an intruder?
A) a lock
B) a fence
C) a mantrap
D) a turnstile
Explanation
Fencing acts as the first line of defense against casual trespassers and potential intruders, but fencing should be complemented with other physical security controls, such as
guards and dogs, to maintain the security of the facility. A fence height of 6 to 7 feet is considered ideal for preventing intruders from climbing over the fence. In addition to being
a barrier to trespassers, the fence can also control crowds. A fence height of 3 to 4 feet acts as a protection against casual trespassers. For critical areas, the fence should be at
least 8 feet high with three strands of barbed wire.
Locks are an example of physical security controls. An organization can use locks to prevent unauthorized access or to induce a delay in the process of a security breach. Locks
should be used in combination with other security controls to guard the facility infrastructure and its critical resources. Locks usually do not serve as the first line of defense
against intruders. Keypads and cipher locks are steadily increasing in use because the code to unlock can be changed whenever needed. In some cases, you can also
customize the codes that will work so that individual users can be issued their own code. This allows you to track who enters a building or area of a building.
Turnstiles and mantraps do not serve as the first line of defense against an intruder. A turnstile is a type of gate that allows movement in a single direction at a time.
A mantrap refers to a set of double doors usually monitored by a security guard. Another type of physical barrier is a bollard, which restricts vehicle traffic from entering an area,
but does not prevent physical intrusion by people.
Objective:
Network Security
Sub-Objective:
Summarize the purposes of physical security devices.
References:
Fence, http://en.wikipedia.org/wiki/Fence
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Categories of Network Attacks
Question #70 of 200
Question ID: 1289139
You are explaining the function of a multi-layer switch to several junior administrators. On which data can multi-layer switches make routing decisions? (Choose all that apply.)
A) IP address
B) protocol
C) port number
D) MAC address
Explanation
A multi-layer switch, which operates at Layers 2, 3, and 4 of the OSI model, can make routing decisions based on the following criteria:
MAC address - a Data Link layer (Layer 2) function
IP address - a Network layer (Layer 3) function
Protocol - a Network layer (Layer 3) function
Port number - a Transport layer (Layer 4) function
A multi-layer switch has 24 collision domains.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
48/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
You can also purchase switches that offer services at only one layer of the OSI model. Layer 2 switches only route based on the MAC address. Layer 3 switches route based on
the IP address or protocol. Layer 4 switches only route based on the port number.
Objective:
Infrastructure
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
LAN Switching and Switch Types, http://www.tech-faq.com/lan-switching-and-switch-types.shtml
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Network Infrastructure Devices
Question #71 of 200
Question ID: 1289113
An administrator would like to integrate DNS and DHCP so that each is aware of changes in the other. Which of the following would be the best method for him to do this?
A) MAC reservations
B) ARP table
C) IPAM
D) DHCP relay
Explanation
IP Address Management (IPAM) allows integration of DNS and DHCP so that each is aware of the changes in the other. IPAM allows for the discovery of servers associated with
an IP address infrastructure responsibilities on the network and the ability to manage those servers from a central point. Some things that IPAM can allow a network
administrator to manage include:
IP address availability - how many unassigned IP addresses exists
Subnet identification, subnet size, and which subnet is associated with which segment
Static/dynamic status for each subnet address
Default routers that the various network devices use.
IP address host name
IP address and associated hardware
ARP tables show the relationship of IP address to MAC address. But they cannot be used for DNS and DHCP integration.
MAC reservations allow you to permanently assign an IP address to the MAC address of a specific device. Web servers, mail servers, copiers, printers, wireless access points,
and projectors are all examples of devices that can benefit from having a permanently-assigned IP address. For each such device, a reservation (exclusion) would be made so
that the IP address is removed from (reserved) the pool of available IP addresses.
A DHCP relay agent is installed on routers to ensure that DHCP packets can be forwarded to different subnets.
Objective:
Networking Concepts
Sub-Objective:
Explain the functions of network services.
References:
What is a DDI solution and why do you need one?, https://www.nokia.com/en_int/blog/what-ddi-solution-and-why-do-you-need-one
Question #72 of 200
Question ID: 1289063
A network technician contacts you regarding what he believes is suspicious behavior on the network. He has noticed communication over TCP port 123 between his computer
and a server on the Internet. Which protocol is causing this communication?
A) SSH
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
49/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
B) NTP
C) FTP
D) SMTP
Explanation
Network Time Protocol (NTP) communicates over TCP port 123. It is responsible for synchronizing the clock settings on a computer. Proper clock synchronization is vital for
many directory service applications. Communication over TCP port 123 is not a reason to be alarmed. NTP works at the Application layers of the OSI model.
File Transfer Protocol (FTP) communicates over TCP ports 20 and 21 to transfer files. Secure Shell (SSH) communicates over TCP port 22 to allow secure data transfer. Simple
Mail Transfer Protocol (SMTP) communicates over TCP port 25 to transfer e-mail messages.
For the Network+ exam, you need to know the following protocols and their default ports:
FTP – 20, 21
SSH, SFTP – 22
TELNET – 23
SMTP – 25
DNS – 53
DHCP – 67, 68
TFTP – 69
HTTP – 80
POP3 – 110
NTP – 123
NetBIOS – 137–139
IMAP – 143
SNMP – 161
LDAP – 389
HTTPS – 443
SMB – 445
LDAPS – 636
H.323 – 1720
MGCP – 2427/2727
RDP – 3389
RTP – 5004/5005
SIP – 5060/5061
Objective:
Networking Concepts
Sub-Objective:
Explain the purposes and uses of ports and protocols.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, Table 2-1 Application Layer Protocols/Applications
Computer Network Glossary - Port Number: Ports 100-149, http://compnetworking.about.com/od/tcpip/l/blports_gl100.htm
Network Time Protocol, http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci283988,00.html
Question #73 of 200
Question ID: 1289247
Your company has recently replaced all the shielded twisted pair (STP) and unshielded twisted pair (UTP) cable with fiber optic cable. You need to purchase a device to
determine the length of the cables used on your network. Which tool do you need?
A) butt set
B) toner probe
C) TDR
D) OTDR
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
50/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
An optical time domain reflectometer (OTDR) can be used to determine the length of the cables used on a fiber optic network. A time domain reflectometer (TDR) determines
the length of shielded twisted-pair (STP), unshielded twisted-pair (UTP), or coaxial cables.
A butt set is used to test telephone lines. A toner probe is used to identify a single cable on the network. It is the best tool to use to locate a bad CAT5 cable.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
TDR vs. OTDR, http://www.zostrich.com/Monitoring_PDF/tdrvsotdr.pdf
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #74 of 200
Question ID: 1123233
You have several switches and routers on your company's network. The switches are not experiencing any problems. However, one of the routers is not correctly routing packets
based on IP addresses. At which layer of the OSI model does the problem device operate?
A) Data Link
B) Session
C) Transport
D) Network
E) Physical
Explanation
Routers operate at the Network layer (Layer 3) of the OSI networking model. They use source and destination addresses, which are located at the Network layer, to route
packets. On the other hand, switches use MAC addresses, which are located at the Data Link layer (Layer 2), to forward frames. An example of an issue that occurs at the
Network layer is when computers are connected to the same switch but receive error messages and cannot communicate.
The Session layer (Layer 5) starts, maintains, and stops sessions between applications on different network devices.
The Physical layer (Layer 1) provides the functions to establish and maintain the physical link between network devices.
The Transport layer (Layer 4) of the OSI model segments and reassembles data into a data stream and provides reliable and unreliable end-to-end data transmission.
Objective:
Networking Concepts
Sub-Objective:
Explain devices, applications, protocols and services at their appropriate OSI layers.
References:
Network router, http://www.tech-faq.com/network-router.shtml
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, The Purpose of Reference Models, Layer 3: The Network Layer
Question #75 of 200
Question ID: 1289288
You are moving several wireless access points to an outdoor location for a special event. What should be the primary concern to ensure a positive experience for attendees?
A) Signal-to-noise ratio
B) Power levels
C) Incorrect antenna placement
D) Overcapacity
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
51/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Explanation
The primary concern should be the power levels. You may need to boost the power levels. By nature, wireless access points have greater coverage areas outdoors. Boosting
the power level will provide a better experience for the event attendees. Power levels can affect wireless network performance.
Overcapacity is an issue in wireless performance but usually is not the primary concern. The proliferation of wireless devices will put an enormous drain on a wireless network
originally designed for a few devices. In today’s environment, the network may need to provide service to tablet computers, smartphones, personal performance monitors, and
smart watches in addition to the few laptops the network was originally designed to support. Always determine the number of expected devices to ensure that you provide
adequate connections.
The signal-to-noise ratio (SNR) is the relationship between the strength of the wireless signal compared to the amount of background interference (noise). SNR is measured in
decibels (dB). Devices such as microwaves, cordless phones, wireless cameras, and fluorescent lights are all contributors. When using a Wi-Fi analyzer, any SNR below 25dB
is considered poor, while a reading above 41db is considered excellent. In outside spaces, SNR is not usually an issue.
Incorrect antenna placement can cause issues with Wi-Fi performance. Placing a wireless access point near metal ductwork, larger metallic lamps, on top of a ceiling panel, or
next to a thick wall can cause performance issues. Also, check the manufacturer’s placement recommendation – some wireless access points are designed for wall mounting,
while others are designed for ceiling mounts. Antenna placement is not an issue in outdoor spaces as it is indoors.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wireless connectivity and performance issues.
References:
How to Fix Wi-Fi Range Issues in Windows 10, https://windowsreport.com/wi-fi-range-windows-10/
Question #76 of 200
Question ID: 1289140
You have decided to implement a firewall between your company's network and the Internet. What does a firewall software solution typically provide? (Choose three.)
A) L2 cache
B) IP proxy services
C) HTTP proxy services
D) packet filtering
E) L1 cache
Explanation
Of the listed services, a firewall software solution typically provides packet filtering, Hypertext Transfer Protocol (HTTP) proxy services, and Internet Protocol (IP) proxy services.
These three services can also be obtained as separate products.
With packet filtering, data packets can either be allowed or denied entry into a network based on certain specified factors, such as the TCP port number or the IP address of the
sending host. HTTP proxy services typically include Web page caching, which enables Web pages to be stored on an HTTP proxy server and retrieved from the proxy server
rather than from the Internet; thus, HTTP proxy services can improve Web browsing performance. IP proxy services typically include the ability to present a single IP address to
the Internet on behalf of all hosts on a private network. IP proxy services enable private IP addresses to be used on the private network, and IP proxy services protect the
internal network-addressing scheme from malicious users on the Internet.
Firewall software solutions do not involve Level 1 (L1) or Level 2 (L2) cache. L1 cache is cache memory that resides on a central processing unit (CPU). L2 cache is cache
memory that resides on a system board near the CPU. Cache memory is a small amount of memory that is very fast and interfaces with the slower RAM on a system board to
help increase the rate at which data flows between RAM and the CPU.
For the Network+ exam, you must understand the following firewall types:
Host-based - This firewall is installed on a specific host and only protects the host on which it is installed. This is the best solution if you need to protect laptops or desktop
computers from external threats.
Network-based - This firewall is installed on the network and protects all devices that are on the network that it controls.
Application aware/context aware - This firewall is designed to manage application and Web 2.0 traffic. This type allows fine-tuning the rules rather than just configuring allow
or deny rules.
Small office/home office firewall - This firewall is easier to configure than most enterprise firewalls and often only involves a software component that you install on a network
host.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
52/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Unified Threat Management (UTM) - This device bundles multiple security functions into a single physical or logical device. Features included could be IPS, IDS, anti-virus,
anti-malware, anti-spam, NAT, and other functions.
Objective:
Infrastructure
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
Introduction to Firewalls, http://netsecurity.about.com/od/hackertools/a/aa072004.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Firewalls
Question #77 of 200
Question ID: 1289244
You have decided to implement a network protocol analyzer on your company's network. Which job is NOT performed by this tool?
A) identify source and destination of communication
B) detect active viruses or malware on the network
C) provide network activity statistics
D) identify the types of traffic on the network
Explanation
A network protocol analyzer does not detect active viruses or malware on the network. Most network protocol analyzers provide the following functions:
Provide network activity statistics.
Identify source and destination of communication.
Identify the types of traffic on the network.
Detect unusual level of traffic.
Detect specific pattern characteristics.
A network protocol analyzer can determine if passwords are being transmitted over the network in clear text. It can also be used to read the contents of any File Transfer
Protocol (FTP) packet, including an FTP GET request. WireShark is a commercial network protocol analyzer. For the Network+ exam, you also need to understand the following
troubleshooting tools:
Speed test sites - These sites are used to determine the speed of your Internet connection. They are a great method to help you see if you are getting the speed promised
by your Internet service provider (ISP). For a list of possible sites to use, please see http://pcsupport.about.com/od/toolsofthetrade/tp/internet-speed-test.htm,
Looking glass sites - These sites view routing information from a server's perspective using Border
Gateway Protocol (BGP) routes. For a list of possible looking glass servers, please see http://www.bgp4.as/looking-glasses.
Wi-Fi analyzer - These tools are used to analyze the signal strength of your wireless access points. For a list of possible FREE Wi-Fi analyzers for laptops or mobile devices,
please see http://open-tube.com/free-wifi-analyzers-for-laptops-mobile-devices/
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
Network analyzer, http://searchnetworking.techtarget.com/sDefinition/0,sid7_gci1196637,00.html
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #78 of 200
Question ID: 1289066
You administer a 100BaseTX Ethernet network that is configured to use the TCP/IP network communications protocol. You have installed a firewall between the network and the
Internet. Currently ports 80, 20, and 21 are open on the firewall.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
53/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
You want to allow only SMTP and POP3 communications between the network and the Internet.
Which configurations should you make on the firewall?
A) Close port 80 only.
B) Close ports 20, 21, and 80, and open ports 25 and 110.
C) Close ports 21 and 80, and open port 110.
D) Close ports 20 and 21, and open port 25.
Explanation
Currently, ports 80, 20, and 21 are open in the firewall. Port 80 is the port that is used to transfer Hypertext Transfer Protocol (HTTP) messages. HTTP is the protocol that is
used to transport Web pages on the Internet. Ports 20 and 21 are used by File Transfer Protocol (FTP), a protocol that can transfer data files on the Internet. An FTP server
listens for requests on port 21 and establishes connections with FTP clients on port 20. In this scenario, you should close ports 20, 21, and 80 to prevent HTTP and FTP traffic.
Simple Mail Transfer Protocol (SMTP) is used to transfer e-mail messages between e-mail servers on the Internet. SMTP uses port 25. Post Office Protocol 3 (POP3) is used by
e-mail clients to retrieve messages from e-mail servers. POP3 uses port 110. In this scenario, you should open ports 25 and 110.
For the Network+ exam, you need to know the following protocols and their default ports:
FTP – 20, 21
SSH, SFTP – 22
TELNET – 23
SMTP – 25
DNS – 53
DHCP – 67, 68
TFTP – 69
HTTP – 80
POP3 – 110
NTP – 123
NetBIOS – 137–139
IMAP – 143
SNMP – 161
LDAP – 389
HTTPS – 443
SMB – 445
LDAPS – 636
H.323 – 1720
MGCP – 2427/2727
RDP – 3389
RTP – 5004/5005
SIP – 5060/5061
Objective:
Networking Concepts
Sub-Objective:
Explain the purposes and uses of ports and protocols.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, Table 2-1 Application Layer Protocols/Applications
Computer Network Glossary - Port Number: Ports 50-99, http://compnetworking.about.com/od/tcpip/l/blports_gl50.htm
Computer Network Glossary - Port Number: Ports 10-49, http://compnetworking.about.com/od/tcpip/l/blports_gl10.htm
Computer Network Glossary - Port Number: Ports 100-149, http://compnetworking.about.com/od/tcpip/l/blports_gl100.htm
Question #79 of 200
Question ID: 1123284
Which of these would a hospital group use to connect its various neighborhood offices to the main facility when all are located within the same city or region?
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
54/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A) LAN
B) WAN
C) MAN
D) WLAN
Explanation
A metropolitan area network (MAN) would be used by the hospital to connect its various neighborhood offices to the main facility when all are located within the same city or
region. MANs connect several LANS together in an area roughly the size of a city.
A local area network (LAN) covers a small geographic area. Typically, a LAN is confined to a campus, a single building, a floor of a building, or an area with in a building.
A wireless local area network (WLAN) is limited in size by the area(s) served by the access point(s).
A wide area network (WAN) uses routers (or a collection of routers) to connect LANs that are dispersed over a large geographic area. An example would be a company with
office locations in Boston, Miami, Chicago, Dallas, Denver, and San Francisco. Each office has its own LAN, and routers are used to provide connections between the offices. By
building the WAN, the offices can share resources and data.
Objective:
Networking Concepts
Sub-Objective:
Compare and contrast the characteristics of network topologies, types and technologies.
References:
Difference Between LAN, WAN and MAN, http://blog.systoolsgroup.com/types-of-networks/
Question #80 of 200
Question ID: 1289201
Which malicious software relies on other applications to execute and infect the system?
A) a logic bomb
B) a Trojan horse
C) a virus
D) a worm
Explanation
A virus is malicious software (malware) that relies upon other application programs to execute and infect a system. The main criterion for classifying a piece of executable code
as a virus is whether it spreads itself by means of hosts. The host could be any application or file on the system. A virus infects a system by replicating itself through application
hosts. Viruses usually include a replication mechanism and an activation mechanism designed with a particular objective in mind. Some of the different types of viruses are:
Stealth virus: It hides the changes it makes as it replicates. Stealth viruses often intercept disk access requests.
Self-garbling virus: It formats its own code to prevent antivirus software from detecting it.
Polymorphic virus: It can produce multiple operational copies of itself.
Multipart virus: It can infect system files and boot sectors of a computer system.
Macro virus: It generally infects the system by attaching itself to MS-Office applications.
Boot sector virus: It infects the master boot record of the system and is spread via infected floppy disks
Compression virus: It decompresses itself on execution but otherwise resides normally in a system.
Viruses usually spread via infected disks (such as floppy disks, CDs, and removable disks), through e-mail, or via infected programs. Executable files should be filtered from email to prevent virus propagation. If you receive an e-mail regarding the transmission of a virus, you should contact your system administrator to see if the e-mail is valid and find
out any steps you should take. The systems administrator should investigate the validity of the e-mail. Virus hoaxes can create as much damage as real viruses because the
hoaxes result in forwarded e-mails that clog systems, and can result in confidential information being disclosed.
The standard security best practices for mitigating risks from malicious programs, such as viruses, worms and Trojans, include implementing antivirus software, using hostbased intrusion detection system, and setting limits on application sharing and execution.
A worm does not require the support of application programs to be executed and is a self-contained program capable of executing and replicating on its own. Typically, a worm is
spread by e-mails, transmission control protocols (TCP's), and disk drives. Worms replicate on their own. A worm can distribute itself without having to attach to a host file.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
55/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A logic bomb implies a dormant program that is triggered following a specific action by the user or after a certain interval of time. The primary difference between logic bombs,
viruses, and worms is that a logic bomb is triggered when specific conditions are met. An example of a logic bomb is a program that starts deleting files when a certain user ID is
deleted.
A Trojan horse is malware that is disguised as a useful utility, but has malicious code embedded. When the disguised utility is run, the Trojan horse performs malicious activities
in the background and provides a useful utility at the front end. Trojan horses use covert channels to perform malicious activities, such as deleting system files and planting a
back door into a system.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
Virus, http://compnetworking.about.com/cs/worldwideweb/g/bldef_virus.htm
Question #81 of 200
Question ID: 1289101
Which wireless communications mode enables wireless devices to communicate directly with each other?
A) ad hoc
B) tunnel
C) infrastructure
D) transport
Explanation
Ad hoc is a wireless communications mode that enables wireless devices to communicate directly with each other. The wireless networking technology is sometimes referred to
as Wi-Fi.
In infrastructure mode, wireless devices must communicate through wireless access points. Transport and tunnel modes are provided by Internet Protocol Security (IPSec) to
securely transmit Internet Protocol (IP) packets.
Objective:
Networking Concepts
Sub-Objective:
Compare and contrast the characteristics of network topologies, types and technologies.
References:
Ad-hoc mode, http://compnetworking.about.com/cs/wirelessfaqs/f/adhocwireless.htm
Wireless LANs: Extending the Reach of a LAN, http://www.ciscopress.com/articles/article.asp?p=1156068&seqNum=4
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless LANs, Introducing Wireless LANs
Question #82 of 200
Question ID: 1289245
Your manager suspects that your network is under attack. You have been asked to provide information regarding traffic flow and statistical information for your network. Which
tool should you use?
A) port scanner
B) protocol analyzer
C) vulnerability test
D) penetration test
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
56/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A protocol analyzer provides information regarding traffic flow and statistical information for your network. A protocol analyzer is also referred to as a network analyzer or packet
sniffer. None of the other tools can provide this information. A port scanner provides a list of open ports and services on your network. A penetration test determines whether
network security is properly configured to rebuff hacker attacks. A vulnerability test checks your network for known vulnerabilities and provides methods for protection against the
vulnerabilities.
For the Network+ exam, you also need to understand the following troubleshooting tools:
Speed test sites - These sites are used to determine the speed of your Internet connection. They are a great method to help you see if you are getting the speed promised
by your Internet service provider (ISP). For a list of possible sites to use, please see http://pcsupport.about.com/od/toolsofthetrade/tp/internet-speed-test.htm,
Looking glass sites - These sites view routing information from a server's perspective using Border
Gateway Protocol (BGP) routes. For a list of possible looking glass servers, please see http://www.bgp4.as/looking-glasses.
Wi-Fi analyzer - These tools are used to analyze the signal strength of your wireless access points. For a list of possible FREE Wi-Fi analyzers for laptops or mobile devices,
please see http://open-tube.com/free-wifi-analyzers-for-laptops-mobile-devices/
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
Network Analysis and Optimization Techniques: Physical health analysis, http://technet.microsoft.com/en-us/library/bb726961.aspx#EKAA
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #83 of 200
Question ID: 1289084
While designing an IPv6 addressing scheme for your network, you decide to use EUI for the host portion of each node’s address. You need to derive a 64-bit EUI address for the
hosts on your network as part of the overall IPv6 address for each node. What should you do?
A) Use the host’s MAC address preceded by 16 zero bits at the beginning.
B) Use the host’s MAC address with FFFE inserted in the middle, and invert the seventh most significant bit in the MAC
address.
C) Use the host’s MAC address with all 1s (FFFF) inserted in the middle.
D) Use the host’s MAC address, and repeat the first two bytes of that address at the end.
E) Use the host’s MAC address with FFFE inserted in the middle.
Explanation
To derive a 64-bit Extended Unique Identifier (EUI) address, also referred to as EUI64, you need to use the host's MAC address with FFFE inserted in the middle and the
seventh most significant bit inverted in the MAC address.
EUI-64 is defined in RFC2373. It allows a host to assign itself a unique 64-bit IPv6 interface identifier. This uniquely identifies individual IPv6 hosts on a network and eliminates
the need for manual address configuration or use of DHCP.
The EUI-64 method is comprised of the final half an IPv6 network address. The full address is 128 bits, split into a 64-bit network address, and a 64-bit host address. Because a
MAC address is 48 bits long, it must first be transformed into a 64-bit string for IPv6 use. The proper formula for creating an EUI-64 host address involves splitting the MAC
address in half, inserting the hexadecimal value FFFE in the middle, and inverting the 7th most significant bit of the MAC address. The rationale for this bit inversion is fully
explained in section 2.5.1 of RFC 2373.
If you began with a network address of 2012:ABCD::/64 and a MAC address 1111:2222:3333, you would split the MAC address into 1111:22 and 22:3333 and put FFFE in the
middle, which makes the initial value 1111:22FF:FE22:3333.
Next, you must invert the seventh most significant bit in the MAC address. The seventh bit occurs in the left-most two numbers of the MAC address 0x11. In binary, this
translates to 00010001 (the seventh bit is bolded for easy visual identification). Inverting that bit produces the value 00010011, which equals 0x13. Thus, the combined string
1111:22FF:FE22:3333 would be changed to 1311:22FF:FE22:3333 to produce the EUI-64 host ID.
Finally, you would precede that value with the network ID, producing 2012:ABCD::1311:22FF:FE22:3333. This is the complete network address for this example node.
EUI-64 is also known as IPv6 autoconfiguration. Given a known network address and a MAC address, it permits a node to generate its own unique IPv6 address without using
DHCPv6. Like its IPv4 counterpart DHCP, DHCPv6 provides network nodes that request IP addresses with such addresses, identifies, groups. It also manages IPv6 addresses
within specific ranges under its control, including granting, renewing, and revoking address leases and managing IPv6 configuration data for DNS/DNSv6 and other network
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
57/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
services. When you are using EUI-64 for automatic address generation, all subnets must be /64 (the least significant half of the total IPv6 address). EUI-64 works equally well to
create the host portion for link local (reachable within a local segment) or global unicast (reached on the Internet) IPv6 network addresses.
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, configure the appropriate IP addressing components.
References:
RFC 2373, http://tools.ietf.org/html/rfc2373#section-2.5.1
Cisco Learning Network Modified EUI-64, https://learningnetwork.cisco.com/thread/61508
Question #84 of 200
Question ID: 1289122
The cable used on your network is shown in the exhibit.
Which transmission medium is shown in the exhibit?
A) STP
B) UTP
C) Coaxial
D) Fiber-optic
Explanation
Coaxial cable has two conductors. These two conductors share the same axis, providing the derivation of the name "coaxial." The inner conductor is covered by foam insulation.
This insulation is covered by a braided metal shielding that protects the signal from crosstalk. A second conductor covers the shielding, which is covered by a non-conducting
plastic encasement, providing protection for the cable.
Coaxial cable comes in two varieties: ThinNet and ThickNet. ThinNet cable is .64 centimeters (.25 inches) thick and carries signals up to 185 meters (607 feet). ThickNet is 1.27
centimeters (.5 inches) thick and carries signals up to 500 meters (1,640 feet).
Shielded twisted pair (STP) cable is shown in the following exhibit:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
58/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Note the layer of shielding in the exhibit. This is the key to distinguishing between UTP and STP cable. Due to the shielding, STP can support higher transmission rates over
longer distances than UTP. STP is typically used in a Token Ring network.
The following is a table of network media comparisons:
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Media
Question #85 of 200
Question ID: 1289120
You are deploying fiber optic links and connections on a local area network. You need to ensure proper and efficient data communications. Which of the following transceiver or
fiber optics characteristics are essential? (Choose all that apply.)
A) duplex cables
B) full duplex
C) simplex cables
D) multimode
E) single-mode
F) half duplex
Explanation
The following transceiver or fiber optics characteristics are essential:
Multimode - Multimode cable makes use of thicker, graded light-conducting fibers that are cheaper to make and terminate, and that use cheaper and less precise light
emitting and receiving elements in their transceivers. They are more limited in the distances such cables can span (but can still cover hundreds of meters) and are wellsuited for LAN applications.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
59/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Full duplex - Full-duplex communications means that both parties may transmit and receive simultaneously over a communications link. Because LAN applications require
simultaneous, two-way communications, full duplex is needed.
Duplex cables - Duplex cables incorporate two fibers, so that one may be used to send data for receipt by another party, while that other party may use the other fiber to
send data for receipt by the first party. Thus, this supports simultaneous, two-way communications and is well-suited for LAN applications.
In general, data communications for networking requires rapid, simultaneous two-way communications between a pair of nodes. Among other things, this means that fiber optic
transceivers must be bidirectional (that is, able to both send and receive signals, though not necessarily on the same fiber optic cable strand). The best way to think about
choosing necessary characteristics is to consider how various options do or do not support such capabilities.
The only outlier for this rubric is the distinction between single-mode and multimode fiber optic cable. This is a case where single-mode is uniquely suited for long-haul (10 km or
more) cable runs, and because of cost and complexity factors, is unlikely to be used for LAN applications. Half-duplex mode permits communication in only one direction at a
time. For this reason, full-duplex mode, which permits simultaneous communication for both send and receive in a fiber optic transceiver, is always the right choice for network
applications. Because simplex cables can only support half-duplex communications at best (if not one-way per cable only), duplex cables are also the right choice for network
communications.
Single-mode cable makes use of very thin, very pure light-conducting fibers that are more expensive to make and much more expensive to terminate than multimode cables. For
that added expense and complexity, they provide the ability to run cables for 10 – 100 km per segment without difficulty. This makes them unlikely to be used for LAN
applications, where cost is a major factor.
Half-duplex communications means that while one party is transmitting, the other party to a connection can only receive until that transmission ends. Then the line may be idle,
or either party can commence further transmission (but only one at a time). LAN applications require simultaneous, two-way communications
Simplex cables are best used for one-way transmission of data from a sender to a receiver. Because this precludes simultaneous transmission and reception by two parties,
simplex cables do not work well for LAN applications.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
An Introduction to Simplex and Duplex Fiber Optic Cable, https://medium.com/@bilby_yang/an-introduction-to-simplex-and-duplex-fiber-optic-cable-5b4a0ebca940
Introduction about Fiber Optic Transceivers, http://www.sopto.com/st/module-knowledge/introduction-about-fiber-optic-transceivers
Question #86 of 200
Question ID: 1123372
Which system or device detects network intrusion attempts and controls access to the network for the intruders?
A) IPS
B) IDS
C) VPN
D) firewall
Explanation
An intrusion prevention system (IPS) detects network intrusion attempts and controls access to the network for the intruders. An IPS is an improvement over an intrusion
detection system (IDS) because an IPS actually prevents intrusion.
A firewall is a device that is configured to allow or prevent certain communication based on preconfigured filters. A firewall can protect a computer or network from unwanted
intrusion using these filters. However, any communication not specifically defined in the filters is either allowed or denied. Firewalls are not used to detect and prevent network
intrusion. Firewalls are used to keep a private network secure from intruders trying to access it from the public network. Firewalls control the flow of traffic into a network by
filtering packets based on their type or their destination addresses. Only legitimate packets pass through the firewall. For example, a firewall can be configured to deny access
based on TCP port number or the IP address of the sender. A firewall can be hardware-based, software-based, or a combination of both. Scanning services are used to verify
updates on a firewall. A firewall provides packet filtering. A firewall can admit packets to a network or deny a packet admission to a network based on several criteria, including
the domain name and the IP address of the host that sent the data packets to the network. The packet-filtering functionality of a firewall and the HTTP proxy server functionality
of an HTTP proxy server, as well as other functionality, is often bundled into a single product that is referred to as either a firewall or a proxy server. In its simplest form, however,
a firewall only provides packet-filtering services. Packet filtering is also referred to as content filtering. A packet or content filter can be configured based on IP address, MAC
address, port number, protocol used, and other factors.
An IDS only detects the intrusion and logs the intrusion or notifies the appropriate personnel.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
60/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A virtual private network (VPN) is a private network that users can connect to over a public network.
Objective:
Infrastructure
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
What are the Different Types of Intrusion Prevention?, http://www.wisegeek.com/what-are-the-different-types-of-intrusion-prevention.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Intrusion Detection and Prevention
Question #87 of 200
Question ID: 1123262
Host A wants to communicate with Host B as shown in the following network exhibit:
Which three statements are true? (Choose three. Each answer is part of the solution.)
A) Host A will send a frame with the destination MAC address of the router.
B) Host A will send an ARP request for the router's MAC address.
C) The switch will forward the frame to the router.
D) The switch will forward the frame to Host B.
E) Host A will send an ARP request for Host B's MAC address.
F) Host A will send a frame with the destination MAC address of Host B.
Explanation
Host A will send out an ARP request for the MAC address of Host B. Host A will then send a data frame to the switch with a destination MAC address of Host B. Finally, the
switch will forward the frame to Host B.
Host A and Host B are connected to the same subnet, 192.168.1.32 /27, and are thus within the same VLAN. For this reason, traffic between the two hosts does not need to be
sent to their default gateway to be routed. Hosts are able to ARP and build unicast frames for hosts on the same subnet. The switch will receive the frame and forward it to the
appropriate host based on a MAC address table lookup. The router is not involved in this scenario.
Host A will not send an ARP request for the router's MAC address because routing is not required between hosts on the same subnet.
Host A will not send a frame with the destination MAC address of the router because routing is not required between hosts on the same subnet.
The switch will not forward the frame to the router because routing is not required between hosts on the same subnet.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
References:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
61/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Routing Basics, http://docwiki.cisco.com/wiki/Routing_Basics
Question #88 of 200
Question ID: 1289098
You have been hired as a contractor to implement a small office home office (SOHO) network for a small business. While gathering the requirements and constraints regarding
the network, you decide to implement two subnets on the network.
What are valid reasons for implementing subnets on an IP network? (Choose two.)
A) to reduce congestion by increasing network media bandwidth
B) to reduce congestion by decreasing network traffic
C) to configure a greater number of hosts
D) to increase network security
E) to use more than one server on each segment of an IP LAN
Explanation
The subnet mask enables TCP/IP to find the destination host's location on either the local network or a remote location.
Subnets are used for the following reasons:
to expand the network
to reduce congestion
to reduce CPU use
to isolate network problems
to improve security
to allow combinations of media, because each subnet can support a different medium
Keep in mind that the first step in designing any network, including a SOHO network, is to gather the requirements and constraints of the network. These requirements and
constraints will then guide you in how to design the network and in what hardware and software must be purchased. Make sure to fully document all requirements, as these are
vital to proper design.
In addition, you should document the size of the area to be networked, including possible cable lengths. This will ensure that you will select the appropriate network medium.
The documentation will affect the device requirements and may limit the device types that you can implement.
Compatibility requirements with existing hardware, software, and business needs should be documented to ensure interoperability. Equipment limitations should also be noted
as these may affect purchase decisions.
Finally, you should document any environment limitations. This includes heating/air-conditioning, humidity, and power considerations. Computer and network hardware can
generate a lot of heat, resulting in problems for current HVAC systems. Also, this hardware may require more power than the electricity system is capable of providing.
SOHO networks do not generally use any specialized hardware that is not implemented in LANs or WANs. It is important that you understand all hardware limitations, including
maximum cable lengths and other limiting factors.
When implementing SOHO networks, you need to have a clear understanding of the following concepts:
List of requirements - This list will guide you to select the appropriate network media, devices, and services. The best way to ensure that this list is comprehensive is to
interview different personnel for their opinions. Also, you need to assess the facility that will contain the network. The facility itself may cause certain requirements or
restrictions to be in place.
Device types/requirements - Once you document the network requirements, these requirements will help you to determine which devices you need on your network. If you
need to divide your network into areas of traffic isolation, you may want to implement a switch. Otherwise, you may simply need a router. Keep in mind that you should
document availability and speed needs so that you can ensure that the network you implement can support them.
Environment limitations - Record any environment limitations. Is the location dusty? Is it dry or humid? What about the HVAC considerations? Also, you should check for
electrical outlets and any electromagnetic or radio interference that exists. When determining where to install a server, you should first consider environmental limitations
because servers will have definite cooling needs.
Equipment limitations - Does any of the current or planned equipment have connection limitations, performance limitations, or any other limiting factor? For example, routers
only support a certain number of connections. It may be better to purchase a router with more connections just to ensure that the network is capable of growth, even if this
means increasing the budget.
Compatibility requirements - You must ensure that any devices, equipment, or media are compatible with the network and its hosts. You should analyze all of the computers
and devices currently in use, no matter how insignificant they are.
Wired/wireless considerations - You need to determine if you want to use a wired network, a wireless network, or both. Perform a site survey to determine if there are other
wireless networks in the area, which will affect your choice of wireless frequency and channel. You should also document any objects that will cause electromagnetic and
radio frequency interference.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
62/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Security considerations - Document any security issues that you expect. Of course, this includes virus and malware issues, but it goes so much further than that. Will you
allow guest access to the network? Will you allow personnel to use personal mobile devices or flash drives? Can closets that will contain network devices be locked? Is
there a secure room to contain the servers?
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, configure the appropriate IP addressing components.
References:
Cisco Support: IP Addressing and Subnetting for New Users, http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml
Question #89 of 200
Question ID: 1123438
You need to configure IPSec to digitally sign and encapsulate each packet within another packet. Which of the following should you implement?
A) ESP protocol in transport mode
B) AH protocol in transport mode
C) AH protocol in tunnel mode
D) ESP protocol in tunnel mode
Explanation
Internet Protocol Security (IPSec) can be used in tunnel mode with the Authentication Header (AH) protocol to digitally sign and encapsulate each packet sent from the network
within another packet. A tunnel is a network communications construct that transports encapsulated packets. AH does not really protect the packet information. Therefore, a
simple packet sniffer can still read the packet contents.
IPSec can be used in transport mode with AH to digitally sign and encrypt packets sent between two hosts. AH provides an authentication security mechanism. Transport mode
does not encapsulate packets within other packets. Encapsulating Security Payload (ESP) can be used with IPSec to encrypt IPSec packets. ESP is not used to digitally sign
packet headers. ESP works in tunnel mode and transport mode. ESP protects the packet information using encryption.
Objective:
Network Operations
Sub-Objective:
Given a scenario, use remote access methods.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Virtual Private Networks
Question #90 of 200
Question ID: 1289171
You administer a LAN. You want to encrypt TCP/IP communications on the LAN. The protocol that you use for encryption should be able to encrypt entire data packets, and the
protocol should be able to operate in both tunnel mode and transport mode. Which protocol should you use to encrypt data on the network?
A) Kerberos
B) IPSec
C) L2TP
D) IPX
Explanation
You should use Internet Protocol Security (IPSec) to encrypt the data packets on the network that you administer. IPSec can encrypt data packets transported on a TCP/IP
network by using either tunnel mode or transport mode. In transport mode, IPSec encrypts only the part of an IP data packet used by the Transport layer. In tunnel mode, IPSec
encrypts entire IP packets. IPSec uses several technologies to encrypt data, including the following: Diffie-Hellman key exchange, Data Encryption Standard (DES), bulk
encryption, and digital certificates.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
63/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Internetwork Packet Exchange (IPX) is a routing and addressing protocol that is native to Novell NetWare operating systems before NetWare 5. Layer 2 Tunneling Protocol
(L2TP) is a virtual private network (VPN) protocol that is used to establish a secure tunnel between two LANs through a published network such as the Internet. The L2TP VPN
protocol can carry several network communications protocols on a tunnel, including TCP/IP and IPX/SPX. The L2TP protocol can create a tunnel through several different kinds
of networks, including TCP/IP, Frame Relay, and X.25.Kerberos is an authentication protocol that is used to determine whether users should be allowed to gain access to a
network or network resources. Windows 2000 operating systems and above support Kerberos and the NT LAN Manager (NTLM) authentication protocols; NTLM is also known
as Windows NT Challenge/Response. On a Windows 2000 or above network, Kerberos is used for authentication between Windows computers. The NTLM authentication
protocol is used for authentication between a down-level computer, such as a Windows 9x or Windows NT computer, and more current versions of the Windows operating
system.
Objective:
Network Operations
Sub-Objective:
Given a scenario, use remote access methods.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Virtual Private Networks
Question #91 of 200
Question ID: 1123602
A user named Luther reports that he cannot log on to the network from his workstation. You attempt to use your administrator credentials to log on to the network from Luther's
computer, but you cannot. Both you and Luther can log on to the network from your workstation. Your workstation and Luther's workstation are connected to the same hub.
What is most likely causing the connectivity problem on Luther's workstation?
A) Luther is typing an incorrect password when he attempts to log on to the network from his workstation.
B) Luther is typing an incorrect user name when he attempts to log on to the network from his workstation.
C) The hub that connects Luther's workstation to the network is defective.
D) The NIC in Luther's workstation is defective.
Explanation
In this scenario, neither you nor Luther can log on to the network from his computer. However, both of you can log on to the network from your computer. Thus, you can assume
that the network interface card (NIC) in Luther's computer is defective. If Luther were unable to log on to the network from his computer, but you were able to log on to the
network from his computer, then you could assume that Luther was supplying either an incorrect user name or password or both.
One of the most common logon problems can be attributed to the caps lock feature. When the caps lock feature is enabled, then all alphabetical characters typed without the
shift key being pressed appear in upper case. Most network operating systems require case-sensitive passwords. Therefore, the password system and the password SYSTEM
are considered different passwords by the operating system.
Both your computer and Luther's computer are connected to the same hub. If the hub were defective, then neither you nor Luther would be able to log on to the network from
either computer.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Chapter 13: Network Troubleshooting, http://www.cisco.com/en/US/docs/voice_ip_comm/bts/5.0/troubleshooting/guide/13tg01.html
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #92 of 200
Question ID: 1123561
Your network is experiencing a problem that a technician suspects is concerning a Cisco router. The technician provides you the following command results:
1 14.0.0.2 4 msec 4 msec 4 msec 2 63.0.0.3 20 msec 16 msec 16 msec 3 33.0.0.4 16 msec * 16 msec
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
64/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Which Cisco command produced the results you were given?
A) ping
B) extended ping
C) traceroute
D) tracert
Explanation
The output displayed is a part of the output from executing the traceroute command on a Cisco router. The traceroute command finds the path a packet takes while being
transmitted to a remote destination. It is also used to track down routing loops or errors in a network. Each of the following numbered sections represents a router being
traversed and the time the packet took to go through the router:
1 14.0.0.2 4 msec 4 msec 4 msec 2 63.0.0.3 20 msec 16 msec 16 msec 3 33.0.0.4 16 msec * 16 msec
The output would not be displayed by the ping command. This command is used to test connectivity to a remote IP address. The output from the ping command is as follows:
router1# ping 10.201.1.11Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 10.201.1.11, timeout is 2 seconds:.....Success rate
is 0 percent (0/5)The ping in this output was unsuccessful, as indicated by the message Success rate is 0 percent.
The output would not be displayed by the tracert command. The tracert command is used by Windows operating systems, not the Cisco command-line interface. However, the
purpose of the tracert command is similar to the Cisco traceroute utility, which is to test the connectivity or "reachability" of a network device or host. The tracert command uses
Internet Control Message Protocol (ICMP).
The output would not be displayed by the extended version of the ping command. This command can be issued on the router to test connectivity between two remote routers. A
remote execution means that you are not executing the command from either of the two routers you are interested in testing, but from a third router. To execute an extended
ping, enter the ping command from the privileged EXEC command line without specifying the target IP address. The command takes the router into configuration mode, where
you can define various parameters, including the destination and target IP addresses, for example:
Protocol [ip]:Target IP address: 10.10.10.1Repeat count [5]:Datagram size [100]:Timeout in seconds [2]:Extended commands [n]: ySource address
or interface: 12.1.10.2 Type of service [0]:Set DF bit in IP header? [no]:Validate reply data? [no]:Data pattern [0xABCD]:Loose, Strict,
Record, Timestamp, Verbose[none]:Sweep range of sizes [n]:Type escape sequence to abort.
Each line is a menu question allowing you to either accept the default setting (in parenthesis) of the ping, or to apply a different setting. The real value of this command is that
you can test connectivity between two remote routers without being physically present at those routers, as would be required with the standard version of the ping command.
For the Network+ exam, you also need to understand the pathping command. The parameters that can be used with this command are as follows:
This command produces results that are similar to the ping and tracert commands.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
Cisco IOS Command Fundamentals Reference, Release 12.4: ping, http://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_m1.html#wp1013837
Using the Extended ping and Extended traceroute Commands, http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f22.shtml
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #93 of 200
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
Question ID: 1289277
65/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
You have discovered that hackers are gaining access to your WEP wireless network. After researching, you discover that the hackers are using war-driving methods. You need
to protect against this type of attack.
What should you do? (Choose all that apply.)
A) Configure the network to use authenticated access only.
B) Change the default SSID.
C) Configure the WEP protocol to use a 128-bit key.
D) Disable SSID broadcast.
Explanation
You should complete the following steps to protect against war-driving attacks:
Change the default SSID.
Disable SSID broadcast.
Configure the network to use authenticated access only.
You should not configure the WEP protocol to use a 128-bit key. In recent years, WEP has been proven to be an ineffective security protocol for wireless networks, regardless of
whether you use low or high encryption. It is a protocol that is very easy to crack using a brute force attack.
Some other suggested steps include the following:
Implement Wi-Fi Protected Access (WPA) or WPA2 instead of WEP.
Reduce the access point's signal strength.
Use MAC filtering.
War driving is a method of discovering 802.11 wireless networks by driving around and looking for open wireless networks. NetStumbler is a common war-driving tool.
For the Network+ exam, you need to understand the following wireless security concepts and how to harden the wireless network: WEP, WPA/WPA2, TKIP, AES, 802.1x,
TLS/TTLS, and MAC filtering.
WEP - You should avoid this protocol because it is easy to crack. Instead you should use WPA or WPA2. WEP uses a 64-bit (low encryption mode) or 128-bit (high
encryption mode) key.
WPA/WPA2 - WPA uses Temporal Key Integrity Protocol (TKIP) while WPA2 is capable of using TKIP or the more Advanced Encryption Standard (AES) algorithm. WPA was
created as a more secure alternative to WEP. WPA2 is stronger than WPA but requires more processing power. Use WPA2 if all the devices are capable of it because it
provides the maximum protection. The only time that using WPA would be sufficient is when your access point or other devices are not capable of supporting WPA2.
Enterprise - This version of WPA2 uses security certificates and requires the use of a Remote Authentication Dial-In User Service (RADIUS) authentication server.
Personal - This version of WPA2 provides adequate protection for a small office or home network.
802.1x is an authentication method that can be used on both wired and wireless LANS. An 802.1x client attaches to an 802.1x supplicant (a wireless router or switch), which
then forwards the request to an authenticator (a RADIUS server). Transport Layer Security (TLS) and Tunneled Transport Layer Security (TTLS) can be implemented with EAP.
TLS requires a client certificate, while TTLS does not. TTLS uses a tunnel to connect the server to the client.MAC filtering allows or denies a wireless connection based on the
client's Media Access Control (MAC) address. The most popular form of MAC filtering will only allow connections to devices that are contained in the list. In this case, you must
add any new devices specifically to the MAC filter list on the access point to allow the devices to connect. In contrast, you can configure a deny list, which specifically denies
connections to devices with the MAC addresses listed. This form of MAC filtering is not used as much.
Let's look at an example regarding MAC filtering. Suppose encrypted wireless access points are used at a retail location for inventory and price verification. If the retail location is
located in a mall, unauthorized access to the wireless network could be a constant problem. If a finite known number of approved mobile devices are allowed to access the
store's wireless network, the best security method to implements on the access points would be MAC filtering whereby only those specifically allowed devices would be able to
connect.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wireless connectivity and performance issues.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless Technologies, Securing Wireless LANs
Question #94 of 200
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
Question ID: 1289193
66/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Which of these is NOT an example of multifactor authentication?
A) Username and password
B) Smart card and password
C) PIN and iris scan
D) Signature dynamics and geolocation
Explanation
Username and password is not an example of multifactor authentication. Because both of these factors are something you know, a single factor of authentication is used here.
All of the other options are considered multifactor authentication because they include authentication factors of two different types. Multifactor authentication combines two or
more of the following:
Something you know is the most common type of authentication. Passwords, personal identification numbers (PINs), mother’s maiden name, color of your first car, the name
of your first boss, and the name of your favorite teacher are all examples of something you know.
Authentication by something you have would be implemented using an item that you have in your possession, such as a smart card, key fob, or USB dongle.
Something you are would be biometric authentication. Fingerprints, iris and retina scans, and even voice-prints can be used to authenticate your identity.
Somewhere you are provides location-based authentication. There are several ways to do this, including getting the GPS coordinates of a cell phone, the location of a cell
tower, or an IP address. For example, a company can examine an incoming IP address. If it is identified as originating in a foreign country, authentication fails.
Something you do is based on the way you perform a particular action. One example is keyboard cadence or the way you type a word or phrase. Signature dynamics is
another example of something you do. Even if an attacker guesses your password, he or she will not be able to type or write it in the exact same manner that you do.
Objective:
Network Security
Sub-Objective:
Explain authentication and access controls.
References:
Multifactor authentication (MFA), http://searchsecurity.techtarget.com/definition/multifactor-authentication-MFA
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Remote-Access Security
Question #95 of 200
Question ID: 1289152
You have been handed a document that details the steps to take to update the network drivers. Which type of change management document do you have?
A) policies
B) procedures
C) baselines
D) regulations
Explanation
Procedures set forth the steps that must be taken to enforce the network owner's policies, including updating the network drivers. Procedures tell how to achieve the desired
results. Baselines are primarily used to identify performance issues. They are actually performance statistics gathered for comparative purposes. By establishing a performance
baseline, you can ensure that performance issues are identified much easier in the future.
Policies set forth the network rules, including the who, what, and when of the rules. Policies tell what the rules are, who is covered by the rule, and when the rule applies.
Regulations are governmental guidelines that are written by federal or state agencies based on the laws passed by federal or state government. Regulations are established by
entities outside the network owner.
For the Network+ exam, you also need to understand the following standard business documents:
Service level agreement (SLA) - defines the minimum level of service that will be provided. An SLA is often implemented between an Internet service provider (ISP) and the
company obtaining services from the ISP.
Memorandum of Understanding (MOU) - defines the roles and parameters of an agreement between two parties. It is often not a legally binding document. Some companies
will use MOUs to define services within the organization, such as the services that will be provided by the IT department.
Master Service Agreement (MSA) - specifies payment terms, product warranties, intellectual property ownership, dispute resolution, and other aspects between two parties.
It will be used to govern all future statements of work (SOWs) between the two parties.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
67/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Statement of work (SOW) - defines the activities, deliverables, and timeline that a vendor must provide for the specified work for a client. For example, an SOW would be
used if a company contracts with a third party to improve the availability of the customer's services and applications, enabling the customer to minimize downtime to a few
hours per quarter.
Objective:
Network Operations
Sub-Objective:
Given a scenario, use appropriate documentation and diagrams to manage the network.
References:
The Key Difference Between a Policy, Process, & Procedure (and Why it Matters For Your Business!), https://www.sweetprocess.com/what-are-the-differences-between-apolicy-a-process-and-a-procedure-why-knowing-this-is-the-key-to-scaling-and-automating-your-business/
Question #96 of 200
Question ID: 1289067
You need to provide terminal emulation and remote login capability for one of the servers on your network. Which Process/Application layer protocol should you use?
A) SMTP
B) TFTP
C) Tracert
D) FTP
E) Telnet
Explanation
Telnet is a user command and an underlying TCP/IP protocol for accessing remote hosts. The HTTP and FTP protocols allow you to request specific files from remote hosts
without having to log on as a user of that host computer. The Telnet protocol, however, allows you to log on as a regular user with the associated privileges that you have been
granted to the specific application and data on that host. In other words, you appear to be locally attached to the remote system.
The Telnet command syntax is as follows:
telnet abcdef.com [port #]
This results in a logon screen with user ID and password prompts.
Telnet is most likely to be used by program developers and anyone who has a need to use specific applications or data located on a particular host computer. A subset of the
Telnet protocol is also used in other application protocols, such as FTP and SMTP.
File Transfer Protocol (FTP) is a useful and powerful tool for the general user. FTP allows a user to upload and download files between local and remote hosts. Anonymous FTP
access is commonly available at many sites to allow users access to public files without establishing an account. Users will often be required to enter their e-mail address as a
password.
Trivial File Transfer Protocol (TFTP) is a simple protocol used to transfer files. It is used to move files between machines on different networks implementing UDP. It lacks most
of the features of FTP and only provides the services of reading and writing files and sending mail to and from a remote server.
Simple Mail Transport Protocol (SMTP) is an application protocol, so it operates at the top layer of the OSI model (Layer 7). SMTP is the default protocol for sending e-mail in
Microsoft operating systems. POP3 and IMAP are the most popular protocols for receiving e-mail protocols. SMTP provides client and server functions and works with the
Internet and UNIX. It is used to send and receive messages.
Traceroute or Tracert identifies the route that packets take between your computer and a host. Traceroute is a utility that records the route across the Internet that the packets
take to reach the specified host. It also calculates and displays the amount of time each hop took.
You should keep in mind that TCP connections provide large data size manageability using segmentation and error recovery for all application-layer protocols.
The following protocols are considered unsecure:
TELNET
HTTP
SLIP
FTP
TFTP
SNMPv1 and SNMPv2
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
68/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
If you use any of these protocols, you should use a version that includes SSL or some other cryptography. For example, secure shell (SSH) is a secure alternative to Telnet.
For the Network+ exam, you must understand the following vulnerabilities:
Unnecessary running services - Disable all unnecessary services on every device. Hackers will search for all used services and attempt to employ known vulnerabilities for
those services.
Open ports - Close all ports that are not used. Hackers can also use these open ports to break into your network.
Unpatched/legacy systems - Older systems provide an easy target to hackers, especially those with unsupported operating systems or applications. For example, Windows
XP is no longer supported by Microsoft. Service packs and updates are no longer issued for this operating system. You should get rid of legacy systems that run software
that is no longer supported by the vendor or else you should find a way to isolate them from the rest of the network.
Unencrypted channels - Unencrypted channels are paths along which data can be intercepted. While it would adversely affect the performance of the network to encrypt
every single channel, you should encrypt every single channel through which confidential or private data is sent.
Clear text credentials - Some protocols send credentials over the network in clear text. This allows an attacker to intercept the communications to obtain the credential
information. You should eliminate the use of any protocols that use clear text credentials by replacing them with more secure protocols.
TEMPEST/RF emanation - Tempest studied the susceptibility of some devices to emit electromagnetic radiation (EMR) in a manner that can be used to reconstruct
intelligible data. Radio frequency information can be captured in a similar manner. You should use shielding to protect against these vulnerabilities.
Objective:
Networking Concepts
Sub-Objective:
Explain devices, applications, protocols and services at their appropriate OSI layers.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, Table 2-1 Application Layer Protocols/Applications
What is Telnet?, http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci213116,00.html
Question #97 of 200
Question ID: 1123289
Your company needs to deploy a wireless network to allow users to connect to the network using mobile devices. You are concerned that the radio signal will not cover the
amount of area you need. Another technician instructs you to research the angle of radiation of the wireless access point's antenna. Which term is used to refer to this?
A) bandwidth
B) beamwidth
C) sensitivity
D) gain
Explanation
The term used to refer to the angle of radiation of an antenna is beamwidth.
There are many differences between the types of antennas that you can use, including beamwidth, gain, transmission angle, and frequency. The beamwidth parameter of the
antenna defines the angle of the radio signal radiated. The angle of radiation of the signal is defined in degrees. Antenna properties include the gain, beamwidth, and
transmission angle. The gain is a measure of how much of the input power is concentrated in a particular direction.
Antennas with higher gain have less beamwidth than antennas with lower gain. The high-gain antennas have a very narrow beamwidth.
For example, typical 6-dBi patch antenna has a 65-degree beamwidth, but the 21-dBi parabolic dish antenna has a 12-degree radiation pattern.
You also need to understand signal strength. In most wireless access points, you can adjust the signal strength. This feature is particularly useful if you want to prevent the
signal from reaching outside a building. Then you would adjust (lower) the signal strength and possibly change the access point placement to prevent the signal from reaching
there. The coverage of the signal depends on the type of access point you are deploying, the location where it is deployed, and the frequency used.
Objective:
Networking Concepts
Sub-Objective:
Compare and contrast the characteristics of network topologies, types and technologies.
References:
Cisco Aironet Antennas and Accessories, https://www.cisco.com/c/en/us/products/collateral/wireless/aironet-antennas-accessories/product_data_sheet09186a008008883b.html
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
69/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Deploying License-Free Wireless Wide-Area Networks, http://www.ciscopress.com/articles/article.asp?p=31731&seqNum=4
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless LANs, Introducing Wireless LANs
Question #98 of 200
Question ID: 1123348
You need to implement a data center for your company. In this data center, you plan to implement inter-rack connections that are limited to 25 meters (82 feet). Which Ethernet
standard should you implement?
A) 1000Base-CX
B) 100Base-FX
C) 1000Base-TX
D) 100Base-T4
Explanation
1000Base-CX is designed for wiring closets. It has a transmission rate of 1,000 Mbps and a maximum segment length of 25 meters (82 feet).
100Base-FX is the IEEE standard for a fiber-optic Fast Ethernet network topology. This standard transmits at 100 Mbps over a baseband connection, and uses fiber-optic cable
as the transferring medium. It has a maximum segment distance of 2 kilometers (1.24 miles).
10BaseF is the 10 Mbps version for Ethernet over fiber-optic cable.
100Base-T4 is one of the Fast Ethernet standards. It consists of four pairs of unshielded twisted-pair (UTP) Category 3, 4 or 5 copper wiring. It has a maximum segment length
of 100 meters (328 feet) and a maximum transmission rate of 100 Mbps.
1000Base-TX is one of the Fast Ethernet topologies. It transmits 500 Mbps on each of four wire pairs. It requires more expensive Category 6 copper cabling.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
1000BaseCX, http://www.thenetworkencyclopedia.com/d2.asp?ref=2157
Question #99 of 200
Question ID: 1123443
Your company periodically exchanges confidential information with a third party via a single server at each company. Management has recently become concerned that
communications between the two servers have been intercepted and read. You have been asked to ensure that messages between the two authenticated computers are
encrypted to prevent attackers from reading the messages. Which protocol should you use?
A) DNS
B) TFTP
C) TLS
D) UDP
Explanation
Transport Layer Security (TLS) encrypts the messages transmitted between two authenticated computers, preventing third parties from reading the messages. TLS is the
protocol being used when Secure Sockets Layer (SSL) is implemented. TLS works at the Transport layer of the OSI model.
Domain Name System (DNS) is a database that translates a computer's fully qualified domain name (FQDN) to its IP address. DNS works at the Application layer of the OSI
model. A DNS database stores canonical records.
Trivial File Transfer Protocol (TFTP) is a connectionless version of the File Transfer Protocol (FTP). TFTP transfers files between a client and a server. TFTP works at the
Application layer of the OSI model.
User Datagram Protocol (UDP) is part of the TCP/IP protocol suite. UDP provides connectionless communication. UDP works at Transport layer of the OSI model. It uses
datagrams for communication.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
70/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Network Operations
Sub-Objective:
Given a scenario, use remote access methods.
References:
What is Transport Layer Security?, http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci557332,00.html
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Virtual Private Networks
Question #100 of 200
Question ID: 1123617
You are installing a second wireless access point in your office. When you place the second wireless access point, you notice it is experiencing interference intermittently. You
want to prevent the interference. Which method would NOT prevent interference?
A) Move the new wireless access point.
B) Decrease the signal strength of the new wireless access point.
C) Change the channel used on the new wireless access point.
D) Increase the signal strength of the new wireless access point.
Explanation
You should NOT increase the signal strength of the new wireless access point. This would probably increase the interference. Decreasing the signal or power strength can
ensure that the wireless LAN does not extend beyond a certain area.
You could move the new wireless access point, change the channel used on the new wireless access point, or decrease the signal strength of the new wireless access point.
One other method for preventing wireless interference is changing the wireless telephone used. The scenario only stated that intermittent interference was occurring. It did not
state what was causing the interference.
Another potential wireless issue is the wrong antenna type. Antenna types can affect the area that a wireless signal will cover. Unidirectional antennas only transmit in a single
direction, while omnidirectional antennas transmit in a defined radius from the antenna placement. In both cases, you should ensure that the wireless access point is placed in
an area where the antenna type will be most effective.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wireless connectivity and performance issues.
References:
HowTo: Prevent Wireless Interference, http://www.networkwebcams.com/ip-camera-learning-center/2008/05/09/howto-prevent-wireless-interference/
CompTIA Network+ N10-006 Cert Guide, Chapter 8: Wireless Technologies, Deploying Wireless LANs
Question #101 of 200
Question ID: 1289136
Your network contains four segments. You need to connect two or more of the LAN segments together. Which network devices can you use? (Choose four.)
A) Hub
B) Switch
C) Repeater
D) Bridge
E) Router
F) Wireless Access Point
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
71/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Bridges, switches, and routers can be used to connect multiple LAN segments. For the Network+ exam, you need to understand the placement of these devices. Bridges,
switches, and routers are implemented on the perimeters of segments or subnetworks and are used to connect those segments together.
Bridges and switches operate at the Data Link layer, using the Media Access Control (MAC) address for sending packets to their destination.
Routers operate at the Network layer by using IP addresses to route packets to their destination along the most efficient path. Backbone routers are the open shortest path first
(OSPF) routers that are in Area zero. Area zero is considered the backbone of an OSPF network. Internal routers are located in a single area within a single OSPF autonomous
system. Area border routers (ABRs) are located in more than one area within a single OSPF autonomous system. Autonomous system border routers (ASBRs) connect multiple
OSPF autonomous systems. A load balancer can be used to balance the workload between routers if more than one router is connected to a subnetwork. Load balancers can
also be used with other devices to perform the same function.
A Wireless Access Point (WAP) is essentially a translational bridge. One side is commonly connected to the wired LAN and the other side communicates using IEEE 802.11b
with a wireless connection. WAPs are not Physical layer devices like hubs or repeaters. They selectively transmit traffic based upon MAC addresses. A WAP can also function
as a repeater. WAPs are placed in the center of an area to which you want to provide wireless access.
Hubs act as a central connection point for network devices on one network segment. They work at the Physical layer. The primary reason for choosing a switch over a hub is
bandwidth needs. Switches can greatly improve network performance because switches do not broadcast the packets they receive. Hubs broadcast the packets they receive to
all available ports on the hub, thereby increasing network traffic. Hubs, like routers and switches, are placed on the perimeter of a single segment and only control the traffic on
that segment.
Both switches and hubs support the same protocols. Hubs are cheaper than switches, but can result in higher costs over time when you consider the potential for issues with
lower bandwidth. Both switches and hubs support different types of nodes.
Repeaters are used to extend the length of network beyond the cable's maximum segment distance. They take a received frame's signal and regenerate it to all other ports on
the repeater. They also work at the Physical layer. A repeater regenerates the signal to all other ports on the device, thereby extending the length of the network beyond the
maximum cable segment. Repeaters are placed on a network at the point where the cable segment will exceed the maximum segment distance.
You may also need to understand network bridges, which operate at the OSI Data Link layer. They divide a network into segments, keeping the appearance of one segment to
the upper-layer protocols. Using MAC addresses, bridges determine which traffic should pass through the bridge and which traffic should remain on the local segment. Keeping
local traffic local can increase network performance.
Bridges can be used to perform the following functions:
Expand the length of a segment
Provide for an increased number of computers on the network
Reduce traffic bottlenecks resulting from an excessive number of attached computers
Split an overloaded network into two separate networks, reducing the amount of traffic on each segment and making each network more efficient
Link different types of physical media, such as twisted-pair and coaxial Ethernet
Another device that you may need to understand is a Multistation Access Unit (MAU), which is also abbreviated as MSAU. This term is synonymous with a passive "hub" in a
Token Ring network. A MAU is a multiport device that connects the computers in a physical star topology that functions as a logical ring.
Gateways allow two computers with no protocols in common to communicate. An analog modem converts analog signals transmitted over telephone cabling into digital signals
used by computers and computer networks.
A concept that you need to understand is traffic shaping, also known as packet shaping. A packet shaper delays data packets to bring them into compliance with a desired traffic
profile. Packet shaping optimizes or guarantees performance and improves latency. The most common type of packet shaping is application-based traffic shaping. An example
of this is P2P bandwidth throttling. Many application protocols use encryption to circumvent application-based traffic shaping. Another type of packet shaping is route-based
traffic shaping that is conducted based on previous-hop or next-hop information.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them.
References:
Router, http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci212924,00.html
Router vs. Switch, http://compnetworking.about.com/od/homenetworkhardware/f/routervsswitch.htm
Switch, http://searchtelecom.techtarget.com/sDefinition/0,,sid103_gci213079,00.html
Bridge, http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci211705,00.html
Wireless access points, http://compnetworking.about.com/cs/wireless/g/bldef_ap.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Network Infrastructure Devices
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
72/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #102 of 200
Question ID: 1123314
Which of the following can be manipulated to reduce network traffic?
A) increased lease time
B) NTP
C) MAC reservations
D) lower TTL
Explanation
Lease time can be manipulated to reduce network traffic. Lease time is the amount of time a device maintains the IP address assigned by the DHCP server. With Windows, the
default lease time is 8 days. Lease times may be adjusted. As an example, if the network configuration seldom changes and you have a large number of IP addresses, you
might consider increasing the lease time. The justification for doing so is that every lease must be renewed, and those renewals increase network traffic. Increasing the duration
of the lease reduces the amount of network traffic required for lease renewal.
MAC reservations allow you to permanently assign an IP address to the MAC address of a specific device. Web servers, mail servers, copiers, printers, wireless access points,
and projectors are all examples of devices that can benefit from having a permanently assigned IP address. For each such device, a reservation (exclusion) would be made so
that the IP address is removed from (reserved) the pool of available IP addresses. Once a reservation is made, that device always uses that same address. But configuring MA
reservations will not affect network traffic as much as increasing the lease time.
Time To Live (TTL) specifies the length of time that a DNS name server must cache the name. By default, the TTL is 60 minutes, but it may be modified in the DNS Management
Console. Longer TTLs are best for more permanent records, such as MX records, DKIM/SPF records, and TXT records. A lower TTL would mean additional network traffic.
Network Time Protocol (NTP) is used to synchronize the clocks of computers on the network. Synchronization of time is important in areas such as event logs, billing services, ecommerce, banking, and HIPAA Security Rules. Implementing NTP would actually increase network traffic.
Objective:
Networking Concepts
Sub-Objective:
Explain the functions of network services.
References:
What is DHCP Lease Time & What Should I Set it To?, http://homenetworkadmin.com/dhcp-lease-time/
Question #103 of 200
Question ID: 1289180
Which four of the following statements explains why training employees about proper licensing and use of an organization's software and hardware is important? (Choose four.)
A) To avoid liability from violating license rules or restrictions
B) To prevent unauthorized or improper consumption of licenses
C) To make effective use of automated license management
D) To comply with license restrictions or limitations
E) To practice good organizational ethics and governance
F) To promote minimal consumption of licenses
Explanation
Training employees about proper licensing and use of an organization’s software and hardware includes the following:
To prevent unauthorized or improper consumption of licenses
To avoid liability from violating license rules or restrictions
To comply with license restrictions or limitations
To practice good organizational ethics and governance
While promoting minimal consumption of licenses can be good for the bottom line, it has nothing to do with honoring or disregarding licensing restrictions. Minimal licensing
consumption is usually an IT department issue, not an issue for other employees.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
73/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Making effective use of automated license management can check to ensure that licensing restrictions are observed and complied with, but has nothing to do with honoring or
disregarding them. Automated licensing is usually an IT department issue.
Objective:
Network Operations
Sub-Objective:
Identify policies and best practices.
References:
Making Sense of Software Licensing https://www.techsoup.org/support/articles-and-how-tos/making-sense-of-software-licensing
TLDRLegal-Software Licenses Explained in Plain English https://tldrlegal.com/
A simple guide to understanding software licensing (Microsoft, PDF) http://download.microsoft.com/documents/australia/licensing/licenseguide.pdf
CompTIA Network+ N10-007 Cert Guide, Chapter 13: Network Policies and Best Practices, Best Practices
Question #104 of 200
Question ID: 1123241
Which of the following options are relevant to network segmentation when using switches? (Choose all that apply.)
A) ARP tables
B) Tagging and untagging ports
C) VLANs
D) MAC address tables
Explanation
Virtual local area networks (VLANs) allow you to segment a network and isolate traffic to different segments. Each segment (such as Sales, Administration, Manufacturing, or
Accounting) can become its own VLAN. VLANs are created by tagging and untagging ports on a switch. A trunk port, which serves as the connection between switches, tags the
VLAN traffic. An access port, which is the connection to an end device, does not tag. Port tagging and VLANs are not used in unsegmented networks.
MAC address tables contain the MAC address of any device on the network and the corresponding port on the switch to which it is attached. In instances where a VLAN is
implemented, the MAC address table will also have the associated VLAN for that port. However, MAC address tables alone do not provide the network segmentation.
ARP tables show the relationship of IP addresses to MAC addresses and are located on most devices. While they help the devices may routing decisions, they do not provide
network segmentation.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
References:
Fundamentals of 802.1Q VLAN Tagging, https://documentation.meraki.com/zGeneral_Administration/Tools_and_Troubleshooting/Fundamentals_of_802.1Q_VLAN_Tagging
Question #105 of 200
Question ID: 1289055
You are analyzing communication over your network. You have captured all the packets sent to and from a server on your network. You need to filter the packet capture to only
IMAP4 protocol communications. Which port does this protocol use?
A) UDP port 143
B) UDP port 25
C) TCP port 143
D) UDP port 110
E) TCP port 25
F) TCP port 110
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
74/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Explanation
Internet Message Access Protocol version 4 (IMAP4) is an Internet protocol for e-mail retrieval that uses TCP port 143. IMAP4 works at the Application layer of the OSI model.
Post Office Protocol version 3 (POP3) is an e-mail message retrieval protocol that uses TCP port 110. Simple Mail Transfer Protocol (SMTP) is an e-mail message protocol that
uses TCP port 25. POP3 and SMTP work at the Application layer of the OSI model.
These protocols are connection-oriented protocols, and therefore require the use of TCP. UDP is a connectionless protocol. The TCP header implements flags, while the UDP
header does not. The Internet Protocol (IP) is the communications protocol for relaying data across networks. Its routing function enables internetworking, and essentially
establishes the Internet.
For the Network+ exam, you need to know the following protocols and their default ports:
FTP – 20, 21
SSH, SFTP – 22
TELNET – 23
SMTP – 25
DNS – 53
DHCP – 67, 68
TFTP – 69
HTTP – 80
POP3 – 110
NTP – 123
NetBIOS – 137–139
IMAP – 143
SNMP – 161
LDAP – 389
HTTPS – 443
SMB – 445
LDAPS – 636
H.323 – 1720
MGCP – 2427/2727
RDP – 3389
RTP – 5004/5005
SIP – 5060/5061
Objective:
Networking Concepts
Sub-Objective:
Explain the purposes and uses of ports and protocols.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, Table 2-1 Application Layer Protocols/Applications
Computer Network Glossary - Port Number: Ports 100-149, http://compnetworking.about.com/od/tcpip/l/blports_gl100.htm
Question #106 of 200
Question ID: 1123461
Which four of the following objectives best describe the kinds of protection that data loss prevention systems seek to provide or deliver? (Choose four.)
A) Blocking unauthorized data transit
B) Encrypting of data in motion
C) Promoting data breaches
D) Encrypting of data at rest
E) Establishing identity or role-based access controls
F) Preserving competitive advantage
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
75/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Data loss prevention (DLP), often called data leak protection, focuses on ways to prevent sensitive, proprietary, private, or confidential information from unauthorized disclosure.
DLP concentrates on identity management and authentication to establish who is trying to access what, or uses role-based access controls (RBAC) to limit access to data. DLP
also depends on keeping sensitive information inaccessible to all but authorized parties, which means encrypting data both in motion (being transmitted) or at rest (in storage
anywhere). Finally, DLP's mission is to block any kind of unauthorized data transit, including in email, on a USB drive, and as a file copy.
While preserving competitive advantage may be a benefit of data leak protection, it is not an objective or stated purpose for this technology.
Promoting data breaches means making it easier for data to leak or for unauthorized access and disclosure to occur. It is directly contrary to data loss prevention.
Objective:
Network Operations
Sub-Objective:
Identify policies and best practices.
References:
Understanding Data Loss Prevention (DLP) http://www.tomsitpro.com/articles/what-is-data-loss-prevention-dlp,2-473.html
Understanding DLP http://www.infosectoday.com/Articles/DLP/Understanding_DLP.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 13: Network Policies and Best Practices, Policies
Question #107 of 200
Question ID: 1289159
Which option is a critical metric in preventive maintenance that would allow you to schedule the replacement of a component at a convenient time, as opposed to waiting for the
component to fail at an inopportune time?
A) MTTR
B) SLA requirements
C) MTBF
D) Load balancer
Explanation
Mean Time Between Failures (MTBF) is the average, or mean, time between failures on a device or system. It is an expression of reliability. Generally speaking, it the average
length of time that something will work before it is likely to fail. Good preventive maintenance policies would replace a device, such as a power supply, as the time in service
approaches MTBF.
Mean Time To Recover (MTTR) is the average, or mean, time that it takes to recover, or restore, a system. In terms of a backup, for example, the term would refer to the time
needed to restore a system from a full, full + incremental, or full + differential backup. The term can also be applied to full system failure, or hardware component failure such as
a hard drive, RAM or power supply.
Service level agreement (SLA) requirements determine what the vendor who provides technology services is obligated to provide to the customer. Items that are outlined in the
SLA can include response time, repair time, network reliability expectations, escalation protocols, dispute resolution and more. Often the terms MTBF and MTTR may be
included in an SLA.
A load balancer can be used to divert incoming web traffic, based on content, to specific servers. This will reduce the workload on the primary server. The destination server is
determined by data in transport layer or application layer protocols. Distribution can be based on a number of algorithms, such as round robin, weighted round robin, least
number of connections, or shortest response time.
Objective:
Network Operations
Sub-Objective:
Compare and contrast business continuity and disaster recovery concepts.
References:
Mean Time Between Failures and Mean Time To Repair, https://www.opservices.com/mttr-and-mtbf/
CompTIA Network+ N10-007 Cert Guide, Chapter 9: Network Optimization, High Availability
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
76/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #108 of 200
Question ID: 1123634
You are nearing the completion of a project that involves implementing a new network infrastructure and upgrading the operating systems running on your network servers.
Currently, static IP addresses and HOSTS files are used. The upgrade has included implementing DNS, implementing DHCP, and moving servers and other resources to a new
location with new IP addresses. However, now you cannot access the resources that were moved using their host names from any of the client workstations. You can access
them by their IP addresses. What should you do first?
A) Delete the HOSTS file on each workstation.
B) Import the workstations' names and address mappings to DNS.
C) Configure DHCP to supply a different range of IP addresses to the workstations.
D) Enable NetBIOS over TCP/IP.
Explanation
Workstations read entries in their HOSTS files before making requests to DNS. In this scenario, this behavior would cause the workstation to use the incorrect IP address when
attempting to access a server by its host name. For example, suppose an FTP server with an original IP address of 172.35.2.100 and the host name ftp.domain.com was moved
and its address changed to 172.25.2.300. When a user typed in the URL for the server in a browser, the client would search its HOSTS file and find an entry for ftp.domain.com
at IP address 172.35.2.100. It would then attempt to contact the server using IP address 172.35.2.100, which is the wrong IP address. However, if you delete the HOSTS file, or
remove the entry for the server, the workstation will search DNS to resolve the server's host name when it does not find an entry for the server the local HOSTS file.
Enabling NetBIOS over TCP/IP would not allow you to access hosts using their host names. NetBIOS allows you to browse for resources using Windows machine names.
Importing the workstations' names and address mappings to DNS is not necessary for clients to connect to the servers. However, if the wrong DNS information in configured,
devices will be unable to properly resolve a DNS name. The device or host will need to be reconfigured with the correct DNS information.
Configuring DHCP to supply a different range of IP addresses to the workstations is also not necessary. DHCP seems to be configured properly given that the clients have
connectivity and can access resources using IP addresses. If the DHCP server in configured incorrectly, hosts will be obtaining incorrect IP information from this server. This
could include incorrect IP address, subnet mask, default gateway, and even DNS server information. While a DHCP server makes it much easier to configure client's with their
IP configuration information, a misconfigured component within the DHCP lease can cause communication problems from all DHCP clients.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
LMHOSTS or HOSTS file: What is the difference?, http://www.tek-tips.com/faqs.cfm?fid=807
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #109 of 200
Question ID: 1123498
Which hacker attack can be perpetrated by hijacking a communications session between a Web browser and a Web server?
A) brute force
B) MITM
C) SYN Attack
D) Ping of Death
Explanation
A man-in-the-middle (MITM) attack can be perpetrated by hijacking a communications session between a Web browser and a Web server. When a Web browser submits
information to a Web server through a form, a hacker might be able to gain sensitive information, such as credit card numbers.
A brute force attack occurs when a hacker tries every possible combination to break a code such as an encryption key or a password. A brute force attack can be used to break
into a system that is secured with discretionary access lists (DACs). If a hacker identifies a valid user name and password on a DAC network, then the hacker can log in by
using those credentials and can be assigned access to resources based on DAC settings.
A Ping of Death is a denial-of-service (DoS) attack that occurs when a hacker sends multiple Internet Control Message Protocol (ICMP) messages to a network to attempt to
overwhelm servers.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
77/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A SYN attack occurs when a hacker exploits the Transmission Control Protocol (TCP) triple handshake.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Categories of Network Attacks
Question #110 of 200
Question ID: 1289218
You have been hired as the network administrator. The company's network consists of several subnetworks located in various locations across the southeast United States. You
want to deploy switches across the different locations so that you can implement virtual local area networks (VLANs). What is the primary benefit of this implementation?
A) Users can be grouped by their work functions, by shared applications or protocols, or by department, regardless of their
geographical location.
B) Users in a single geographical location can be micro-segmented.
C) Users are grouped by their geographical locations.
D) VLANs provide switchless networking using virtual addresses.
Explanation
VLANs place users from many locations into the same broadcast domain. A single VLAN can span multiple physical LAN segments. VLANs can be based on work function,
common applications or protocols, departments, or other logical groupings. An example of a work function VLAN would be grouping all executives into the same broadcast
domain.
The three main benefits of VLANs are security, segmentation, and flexibility. Flexibility and segmentation are important because today's networking environment is no longer
limited to a single location. With multiple district, branch, and home offices, traditional LANs are very inefficient. VLANs address these issues by allowing users to be grouped by
functions, common applications, departments, and various other logical groupings. However, whichever criterion you use to group VLANs, you should be consistent throughout
the network.
VLANs improve security by controlling broadcasts and forcing upper-layer security checks so that all devices cannot communicate using Layer 2 alone. A VLAN's primary
purpose is not to provide micro-segmentation for a single geographic location. VLANs do not provide switchless networking using virtual addresses, and VLANs can be grouped
by multiple criteria, not just by their physical location. Note that each switch port is assigned to a single VLAN.
Objective:
Network Security
Sub-Objective:
Explain common mitigation techniques and their purposes.
References:
VLANs Defined, http://docwiki.cisco.com/wiki/LAN_Switching_and_VLANs#VLANs_Defined
CompTIA Network+ N10-007 Cert Guide, Chapter 4 Ethernet Technology, Ethernet Switch Features
Question #111 of 200
Question ID: 1289259
You are using the ipconfig tool to troubleshoot a problem with a wireless host. The results are shown below: Adapter address: 00-10-4B-DE-F5-D8IP address:
192.168.1.40Subnet mask: 255.255.255.0Default gateway: 0.0.0.0You can access services on the local network from the host, but you cannot access the Internet.
What is the most likely cause of the problem?
A) incorrect IP address
B) incorrect subnet mask
C) missing default gateway
D) invalid Ethernet adapter
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
78/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Explanation
A default gateway must be specified for a host for it to connect to hosts outside the local network. This address is the address of the router interface on the local segment that
forwards data to other networks. On small networks, the default gateway is the address of the router that connects the local network to the Internet. You should ensure that the
default gateway is correctly configured for the interface that is on the local subnet. A wrong default gateway will have the same result as a missing default gateway: packets will
not be able to leave the local subnet.
From the output of the ipconfig utility, you can see that no default gateway is configured for the host. You must configure the proper default gateway for the host. This can be
done manually or using DHCP to automatically assign the appropriate addressing information.
The IP address, subnet mask, and Ethernet adapter are all valid in this scenario.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Chapter 12: Network Troubleshooting, http://www.cisco.com/en/US/docs/voice_ip_comm/bts/5.0/troubleshooting/guide/13tg01.html
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #112 of 200
Question ID: 1289095
You are the network administrator for your company. Recently, the company has decided to locate a small branch office in another state. You have decided to allocate a portion
of the private IP address range to use at the new branch office.
You assign the branch office the 192.168.103.0/24 IP address range. When you set up the new network, you need to configure separate subnets for each department in the
branch office. You should allocate the addresses using CIDR notation such that each department has the minimum number of IP addresses. The departments require the
following numbers of hosts on their subnets:
Administrative - 4
Sales - 54
Marketing - 27
Research - 12
After you select the appropriate CIDR notation for each department, you must identify the unused portion of the subnet (identified as "Remainder"). Select the appropriate CIDR
from the left, and drag it to the network on the right to which it applies. Then select the appropriate CIDR from the left for the unused portion of the network, and drag it to the
Remainder field on the right. Not all CIDR notation options will be used.
{UCMS id=5741983630884864 type=Activity}
Explanation
The following allocations should be made for the networks:
Administrative - /29
Sales - /26
Marketing - /27
Research - /28
Remainder - /25
For the Administrative network, the /29 designation will support up to 6 hosts.
For the Sales network, the /26 designation will support up to 62 hosts.
For the Marketing network, the /27 designation will support up to 30 hosts.
For the Research network, the /28 designation will support up to 14 hosts.
A total of 112 IP addresses will be used by the departments. The Remainder group uses a /25 notation, which supports up to 126 hosts.
Objective:
Networking Concepts
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
79/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Sub-Objective:
Given a scenario, configure the appropriate IP addressing components.
References:
CIDR Notation Explained Simply, http://phpfunk.com/uncategorized/cidr-notation-explained-simply/
Understanding IP Addresses, Subnets, and CIDR Notation for Networking, https://www.digitalocean.com/community/tutorials/understanding-ip-addresses-subnets-and-cidrnotation-for-networking
CompTIA Network+ N10-007 Cert Guide, Chapter 5: IPv4 and IPv6 Addresses, IPv4 Addressing
Question #113 of 200
Question ID: 1149625
Which of the following attacks tricks the user in to giving up personal information?
A) Brute force
B) Ransomware
C) Deauthentication
D) Phishing
Explanation
Phishing is the action of sending out an email that is designed to trick the user into giving up personal information. That information is then exploited by criminal. Phishing emails
appear to come from legitimate companies, and when the user clicks on a link in the email, the user is directed to a website that appears authentic. The user then fills in account
information, which is captured by the criminal.
All of the other attacks can take place without the user's knowledge, and therefore do not rely on tricking the user into taking an action that reveals personal information.
Deauthentication attacks disassociate a user with a wireless access point, forcing them to retransmit their login credentials.
A brute force attack attempts to guess the user's password. This attack differs from a dictionary attack by using additional (random) character combinations, often numbering in
the millions. This attack takes significantly more time than a dictionary attack.
Ransomware holds a computer hostage until the user pays a fee. The attacks often begin as an urgent email, where the user is directed to click a link or open a document to
resolve the issue. Once the user completes the action, malicious software is installed on the user's computer, often locking the user out of the system until a fee is paid.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
What Is Phishing?, http://www.phishing.org/what-is-phishing
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Categories of Network Attacks
Question #114 of 200
Question ID: 1289128
You are setting up a 10-Mbps SOHO network at a residence. What is the lowest category or level of UTP cable that you should use as transmission medium for a small LAN
communicating in the 10-Mbps range?
A) Category 3
B) Category 1
C) Category 5
D) Category 4
E) Category 2
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
80/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Although you could use Category 3 or Category 5 cable for the LAN, Category 3 is the lowest category cable that you could use for the LAN.
Category 1 and Category 2 cable have maximum transmission rates of only 4 Mbps, so they would not be suitable for a 10-Mbps network.
UTP transmission rates are listed below:
Category 1 - up to 4 Mbps
Category 2 - up to 4 Mbps
Category 3 - up to 10 Mbps
Category 4 - up to 16 Mbps
Category 5 - up to 100 Mbps
Category 5e - up to 1000 Mbps
Category 6 - up to 1000 Mbps or 1 Gbps
Category 6a – up to 10 Gbps
Category 7 – up to 10 Gbps
Category 1 wiring consists of two pairs of twisted copper wire. It is rated for voice grade, not data communication. It is the oldest UTP wiring and is used for communication on
the Public Switched Telephone Network (PSTN).
Category 2 wiring consists of four pairs of twisted copper wire and is suitable for data communications of up to 4 Mbps.
Category 3 wiring consists of four pairs of twisted copper wire with three twists per foot. It is suitable for 10-Mbps data communication, and has been used widely in 10-Mbps
Ethernet networks.
Category 4 wiring consists of four pairs of twisted copper wire, and is rated for 16 Mbps. It was designed with 16-Mbps Token Ring networks in mind.
Category 5 wiring consists of four twisted pairs of copper wire terminated by RJ-45 connectors. Category 5 cabling can support frequencies of up to 100 MHz and speeds of up
to 1,000 Mbps. It can be used for ATM, Token Ring, 1000Base-T, 100Base-T, and 10Base-T networking.
Category 6 wiring consists of four twisted pairs of copper wire terminated by RJ-45 connectors. It can supports speed of up to 1 Gbps or 1,000 Mbps. Category 6a wiring
supports speed of up to 10 Gbps or 10,000 Mbps.
Category 7 wiring consists of four twisted pairs of copper wire terminated by RJ-45 connectors. It supports speed of up to 10 Gbps or 10,000 Mbps.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Media
Question #115 of 200
Question ID: 1289232
You install a network analyzer to capture your network's traffic as part of your company's security policy. Later, you examine the captured packets and discover that the only
packets that were captured are from Subnet 1. You need to capture packets from all four subnets on your network. Two routers are used on your network.
What could you do? (Choose two. Each answer is a complete solution.)
A) Install a port scanner.
B) Install the network analyzer on a router.
C) Install the network analyzer on the firewall.
D) Install the network analyzer on all four subnets.
E) Install a distributed network analyzer.
Explanation
You could either install the network analyzer on all four subnets, or install a distributed network analyzer. Standard network analyzers only capture packets on the local subnet.
To capture packets on a multi-subnet network, you could install the network analyzer on all four subnets. Alternatively, you could purchase a network analyzer that can capture
all packets across the subnets. Typically, a distributed network analyzer consists of a dedicated workstation network analyzer installed on one subnets and software probes
installed on the other subnets.
You should not install a port scanner. A port scanner reports which ports and services are being used on your network.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
81/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
You should not install the network analyzer on a router. This will only allow you to capture packets on the subnets connected to the router. The scenario indicates that there are
two routers on your network.
You would need to install the network analyzer on both routers.
You should not install the network analyzer on the firewall. This will only allow you to capture packets on the subnets connected to the firewall.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
Network Monitoring Tools, http://www.slac.stanford.edu/xorg/nmtf/nmtf-tools.html
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #116 of 200
Question ID: 1123379
You have been asked to research the different firewall types and make recommendations on which type(s) to implement on your company's network. You need to document how
the firewalls affect network performance. Which type of firewall most detrimentally affects network performance?
A) packet-filtering firewall
B) stateful firewall
C) application-level proxy firewall
D) circuit-level proxy firewall
Explanation
An application-level proxy firewall most detrimentally affects network performance because it requires more processing per packet.
The packet-filtering firewall provides high performance. Stateful and circuit-level proxy firewalls, while slower than packet-filtering firewalls, offer better performance than
application-level firewalls.
Kernel proxy firewalls offer better performance than application-level firewalls.
An application-level firewall, or Layer 7 firewall, creates a virtual circuit between the firewall clients. Each protocol has its own dedicated portion of the firewall that is concerned
only with how to properly filter that protocol's data. Unlike a circuit-level firewall, an application-level firewall does not examine the IP address and port of the data packet. Often,
these types of firewalls are implemented as a proxy server.
A proxy-based firewall provides greater network isolation than a stateful firewall. A stateful firewall provides greater throughput and performance than a proxy-based firewall. In
addition, a stateful firewall provides some dynamic rule configuration with the use of the state table.
Objective:
Infrastructure
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
Firewall Q&A, http://www.vicomsoft.com/knowledge/reference/firewalls1.html
Types of firewalls, http://searchnetworking.techtarget.com/generic/0,295582,sid7_gci1282044,00.html
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Firewalls
Question #117 of 200
Question ID: 1123352
You are implementing a SOHO network for a small business. The business owner has asked that you implement a 1 gigabit per second (Gbps) network. Which Ethernet
standard specifies a data transfer rate of 1 Gbps?
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
82/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A) 10BaseT
B) 10Base2
C) 100BaseFX
D) 1000BaseT
Explanation
The 1000BaseT Gigabit Ethernet standard specifies a maximum data transfer rate of 1 Gbps. Category 5 unshielded twisted-pair (CAT5 UTP) cable and RJ-45 connectors are
typically used on 1000BaseT Ethernet networks.
The 10Base2 Ethernet standard specifies a data transfer rate of 10 megabits per second (Mbps), RG-58 coaxial cable, and BNC connectors.
The 10BaseT Ethernet standard specifies a data transfer rate of 10 Mbps. CAT3 UTP cable or better is required on 10BaseT Ethernet networks, and RJ-45 connectors are used
to connect devices to a 10BaseT Ethernet network. 100BaseT is the 100-Mbps version of 10BaseT and requires CAT5 or higher UTP cabling. 10GBaseT is the 10-Gbps version
of this specification and requires CAT6a or higher UTP cabling.
The 100BaseFX Fast Ethernet standard specifies a data transfer rate of 100 Mbps, fiber-optic cable, and fiber-optic cable connectors, such as ST or SC connectors.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
1000BaseT, http://docwiki.cisco.com/wiki/Ethernet_Technologies#1000Base-T
Question #118 of 200
Question ID: 1289129
You need to connect a computer to a 100BaseTX Fast Ethernet network. Which of the two following elements are required? (Choose two.)
A) BNC T connectors
B) RJ-11 connectors
C) CAT5 UTP cable
D) fiber-optic cable
E) RJ-45 connectors
F) RG-59 cable
Explanation
Among the available choices, you should use Category 5 unshielded twisted-pair (CAT5 UTP) cable and RJ-45 connectors to connect a computer to a 100BaseTX Ethernet
network. On a 100BaseTX network, you can use two pairs of either CAT5 UTP or Type 1 shielded twisted-pair (STP) cable. RJ-45 connectors are typically used to connect
computers to a 100BaseTX network.
Although an RJ-45 connector is similar in appearance to a standard RJ-11 telephone connector, an RJ-45 connector is wider than an RJ-11 connector. Additionally, an RJ-45
connector supports eight wires, whereas an RJ-11 connector supports up to six wires. An RJ-11 connector is used to connect an analog modem to a regular phone line.
RG-59 coaxial cable and BNC connectors, including BNC barrel connectors and BNC T connectors, are used on 10Base2 Ethernet networks. BNC terminating resistors are also
required on both ends of the 10Base2 bus to prevent signals from bouncing back into the cable and corrupting data.
RG-6 is also a possible coaxial cable option. RG-6 has a wider core and can be used for longer distances than RG-58. RG-6 can handle runs up to 1,000 feet, while RG-59 is
limited to 750 feet. The other main difference between the two cable types is loss of signal, and RG-6 provides a lower signal loss than rg-59.
Fiber-optic cable, such as 62.5/125 multimode cable and 8/125 single-mode cable, is used on some types of Ethernet networks, such as 10BaseFB Ethernet and 100BaseFX
Fast Ethernet networks.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
83/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
References:
802.3 Ethernet Standards, https://www.informit.com/articles/article.aspx?p=1358404&seqNum=4
Question #119 of 200
Question ID: 1289301
Users are reporting Internet connectivity issues. After researching, you discover that the routing protocols in use on your network are experiencing routing loops. You must
prevent this from happening. What should you do?
A) Test all of the routing interfaces to determine which is experiencing problems.
B) Reconfigure your routers so that only a single routing protocol is used throughout the network.
C) Replace the routers on your network.
D) Implement split horizon.
Explanation
You should implement split horizon to prevent routing loops. Split-horizon route advertisement prevents routing loops in distance-vector routing protocols by prohibiting a router
from advertising a route back onto the interface from which it was learned. None of the other options would solve the routing loop issue.
For the Network+ exam, you must understand the following common WAN issues:
Loss of internet connectivity - Before you contact your Internet service provider (ISP), you need to troubleshoot the problem to determine if the problem is with internal
devices or cabling. Once you have tested all internal equipment, you should contact your ISP if you are still having problems.
Interface errors - Interface errors occur when a single interface has trouble communicating over the network. An interface error could be due to a bad cable or bad interface.
Always try using a known good cable first to see if the error is resolved. If not, you probably have a bad or misconfigured interface. You may need to consult logs and vendor
documentation to fix the issue.
DNS issues - DNS is used to resolve DNS names to IP addresses so that resources can be accessed by their DNS host name rather than their IP address. If a new external
Web site is configured and only external users can access it, you may need to implement split horizon DNS. DNSSEC is a suite of security extensions that can be
implemented in DNS. If you implement a proxy server, the proxy server information needs to be entered properly in the DNS zone.
Interference - If you discover WAN interference, you need to determine what is causing the interference. Once that is determined, you should take measures to prevent the
interference.
Router configurations - Routers must be configured properly to successfully route packets through the network. For example, if a technician improperly configures the
autonomous system (AS) number of the device, you will experience Border Gateway Protocol (BGP) routing issues.
Customer premise equipment - Equipment that is considered to be the customer's responsibility includes the smart jack/NIU, demarc, local loop, CSU/DSU, and copper line
drivers/repeaters. You can use standard testing equipment and command-line tools to troubleshoot the network to determine which equipment is causing the problem so that
it can be replaced.
Company security policy - Throttling sets the upload and download data transfer rates. Blocking blocks certain types of traffic. Fair access policy/utilization limits ensure that
any one resource, user, or group does not utilize more than their fair share of the Internet access.
Satellite issues - The main issues with satellite connections is latency. If satellite does not offer the bandwidth needed, you need to research other possible WAN
connections that you can implement.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
Split horizon, http://www.webopedia.com/TERM/S/split_horizon.html
Question #120 of 200
Question ID: 1289262
During a recent troubleshooting incident, you discovered a problem with some network transmission media. The communication over the media was distorted. Which issue most
likely caused this problem?
A) ESD
B) Attenuation
C) EMI
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
84/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
D) Crosstalk
Explanation
Electromagnetic interference (EMI) is interference in the operation of other electrical devices caused by electromagnets, which distorts the signal. Electromagnetic fields can be
found in large industrial equipment or smaller equipment such as air conditioners and heaters. If you move network devices to new locations and then start experiencing
performance problems, you should examine the new location to see if EMI is causing the problem.
EMI can affect network communications through the network cabling. The source of the EMI is often difficult to find. One simple method you can use to locate an EMI source is
to place a compass close to the suspected EMI source, looking for unusual needle movements. Once the source of the EMI is found, there are two possible solutions. The first is
to move the existing cable away from the EMI source. The second is to replace the existing cabling with shielded cabling or fiber-optic cabling, which are resistant to EMI.
Cross-talk is a specialized type of EMI caused by parallel runs of twisted-pair cables. The only solution to this problem is to change the path of the cables. Near-end crosstalk
(NEXT) measures the ability of the cable to resist crosstalk. Most commercial cabling will give you the minimum NEXT values that are guaranteed. Far-end crosstalk (FEXT)
measures interference between two pairs of a cable measured at the other end of the cable with respect to the interfering transmitter.
Db loss in cabling, or attenuation, occurs because the voltage decays slowly as the current travels the length of the cable. Therefore, the longer the cable run, the more Db loss
occurs. The loss is predictable based on cable length. You should either decrease the cable length or install repeaters to reduce Db loss. To avoid distance problems, ensure
that your cable runs do not exceed the maximum distance allowed. Repeaters could also be used to prevent this problem.
Other physical connectivity problems include the following:
Bad connectors - If you suspect that a connector is damaged or nonfunctional, you should replace the connector. Often it is much easier to replace the entire cable rather
than the connector. However, for long cable runs that extend over a long distance, you should replace the connector so that the cable will not have to be re-routed.
Bad wiring - If you suspect that a cable is damaged or nonfunctional, you should replace the cable. Always ensure that the new cable is functional before using it to replace
the known-bad cable. For example, if you notice that the link light on a wired device's NIC does not illuminate but it works if you connect to a different RJ-45 port, the
problem is probably with the wiring.
Open or short circuits - An open circuit is usually the result of a broken cable or improper termination. This causes an incomplete connection and complete failure of the
electric current. A short circuit occurs when there is unwanted contact with the cabling. This results in the current following an unwanted path, which could cause overheating
or burning.
Split cables - This is similar to bad wiring but is much easier to diagnose because the cable is actually cut. An open circuit can be the direct result of this issue.
TX/RX reversed - A straight-through cable has the same transmit (Tx) or receive (Rx) leads at each end, while they are reversed at one end in a crossover cable. A straightthrough cable connects dissimilar devices, while a crossover cable connects like devices. If you use a crossover cable in the wrong location on the network, the device will
be unable to connect to the network. You should replace the cable with the correct type. Some switches support medium dependent interface crossover (MDIX), which
allows a switch port to properly configure its leads as Tx or Rx. However, if a network device does not support MDIX, you must use the appropriate cable (that is, a
crossover cable). If loss of connection occurs, you are using the wrong cable or have the switch leads configured incorrectly.
Incorrect termination (mismatched standards) - Incorrect termination occurs when the cabling connectors are configured with the wrong individual pin in the connector
sockets on crossover or straight-through cables.
Split pairs - A split pair is a wiring error where two wires of a twisted pair are instead connected using two wires from different pairs. It most commonly occurs when a punchdown block is wired incorrectly or when RJ-45 connectors are crimped onto the wrong wires. In both of these situations, you will need to rewrite the block or connector.
Bad SFP/GBIC (cable or transceiver) - Switches can include gigabit interface converter (GBIC) and small form-factor pluggable (SFP) modules. If one of these modules
goes bad, you can either replace it if possible. Otherwise, the switch will have to be replaced. To determine if the module has failed, you need to use an LC loopback tester.
Often network cable testers can identify any of the above problems.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
What is Electromagnetic interference?, http://www.wisegeek.com/what-is-electromagnetic-interference.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #121 of 200
Question ID: 1123382
Which of these devices can perform router functions?
A) Wireless controller
B) IDS
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
85/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
C) Multi-layer switch
D) Proxy server
Explanation
A multi-layer switch, in addition to working at the Data Link layer (Layer 2), also performs many Layer 3 router functions. When ports on a multi-layer switch are configured as
Layer 2 ports, traffic will be routed based on the MAC address. When ports are configured as Layer 3 ports, traffic will be routed based on IP addresses. Multi-layer switches
have the ability to route packets between virtual local area networks (VLANs).
Wireless controllers provide centralized management of wireless access points. Without wireless controllers, each access point must be configured individually.
An intrusion detection system (IDS) contrasts with an intrusion prevention system (IPS). When comparing IDS/IPS, IDS is essentially a warning system that provides notification
of an intrusion, while IPS is more active and can stop an attack while it is taking place. An IDS does not route traffic.
A proxy server can provide caching services to reduce the amount of internet traffic from the gateway.
Objective:
Infrastructure
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
What is the difference between a router and a Layer 3 switch?, http://searchnetworking.techtarget.com/answer/What-is-the-difference-between-a-router-and-a-Layer-3-switch
Question #122 of 200
Question ID: 1123318
What is the purpose of a pointer (PTR) DNS record?
A) It maps a domain name to an e-mail server.
B) It contains an alias for an existing A record.
C) It maps a hostname to an IPv6 address.
D) It maps a hostname to an IPv4 address.
E) It maps an IP address to a hostname.
F) It contains information regarding a particular DNS zone's start of authority.
Explanation
A pointer (PTR) record maps an IP address to a hostname.
A host or address (A) record maps a hostname to an IPv4 address. An AAAA record maps a hostname to an IPv6 address. A mail exchange (MX) record maps a domain name
to an e-mail server. A canonical name (CNAME) record contains an alias for an existing A record. A start of authority (SOA) record contains information regarding a particular
DNS zone's start of authority.
A Domain Name System (DNS) server is the authority for a DNS zone, which contains DNS records. DNS servers allow users to request access to devices using either the
devices' hostname or IP address. A DNS server stores fully qualified domain name (FQDN) to IP address mappings. This server allows clients to use the easier-to-remember
FQDNs to access remote devices.
Dynamic DNS is an implementation of DNS that allows real-time updates to DNS records. With Dynamic DNS (DDNS), devices can automatically update their DNS records or
allow a DHCP server to implement the updates on behalf of the DNS client.
Objective:
Networking Concepts
Sub-Objective:
Explain the functions of network services.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Specialized Network Devices
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
86/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #123 of 200
Question ID: 1289137
Your company has recently leased the office next door to the one currently being used. Both offices will be used. The current office has a Cat 6 network installed. The new office
has a fiber network installed.
You need to connect the networks of the two offices. Which device should you use?
A) CSU/DSU
B) gateway
C) modem
D) media converter
Explanation
A media converter should be used to connect the networks of the two offices because they use two different types of media. Media converters work on the Physical layer of the
OSI model.
A gateway allows two computers with no protocols in common to communicate.
A Channel Service Unit/Digital Service Unit (CSU/DSU) is a device typically required by leased lines, such as T1 lines, to terminate their media connection to your LAN.
A modem converts computer signals to travel over telephone and cable lines.
Types of media converters include the following:
Single-mode fiber to Ethernet
Multi-mode fiber to Ethernet
Fiber to coaxial
Single-mode fiber to multi-mode fiber
You should understand the placement of these devices for the Network+ exam. Media converters are placed where two different types of media meet. A gateway is placed
where two different types of computers meet. A CSU/DSU is placed where the leased line meets your local network. An internal modem is installed in the device that needs the
ability to make calls, while an external modem is installed near the device needing that ability and connected to it and the telephone line.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them.
References:
Ether Fiber Media Converter, http://www.tech-faq.com/ethernet-fiber-media-converter.html
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Media
Question #124 of 200
Question ID: 1289079
You need to implement Spanning Tree Protocol (STP) to prevent network loops when more than one path can be used. Which two devices could you deploy? (Choose two.)
A) hubs
B) bridges
C) routers
D) switches
Explanation
You could deploy bridges or switches, which use STP to prevent loops in the network when more than one path can be used. STP uses the Spanning Tree Algorithm (STA) to
help a switch or bridge by allowing only one active path at a time. STP can prevent network congestion and broadcast storms.
Routers and hubs do not use STP.
There are two types of STP: spanning tree (802.1d) and rapid spanning tree (802.1w). 802.1d is an older standard that was designed when a minute or more of lost connectivity
was considered acceptable downtime. In Layer 3 switching, switching now competes with routed solutions where protocols such as Open Shortest Path First (OSPF) and
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
87/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Enhanced Interior Gateway Routing Protocol (EIGRP) provide an alternate path in less time. You can implement a layer 3 switch and virtual LANs (VLANs) to limit the amount of
broadcast traffic on a network and allow different segments to communicate with each other.
The 802.1w protocol was developed to improve performance. 802.1w bridges are fully distributed, while 802.1d switches agree on a root port. This root port acts differently than
the other switches and is responsible for the network's connectivity.
802.1w defines roles for the ports and a new bridge protocol data unit (BPDU) format, which introduces the proposal/agreement mechanism. BPDU's handling and convergence
is different in each protocol. 802.1w introduces these new features:
Rapid Transition To Forwarding State - includes new Edge Ports and Link Types variables.
Uplink Fast - distinguishes between port roles and uses alternate ports.
By default, unknown unicast and multicast traffic is flooded to all Layer 2 ports in a VLAN. This unknown traffic flooding can be prevented by blocking unicast or multicast traffic
on the switch ports. However, keep in mind that there may be times when you need to use unicast or multicast traffic.
You can also configure forwarding and blocking on a switch port. If you configure forwarding, certain types of traffic based on the rules you configure will be forwarded to a
certain port. If you configure blocking, certain types of traffic can be blocked from a switch port.
For the Network+ exam, you also need to understand Link Aggregation Control Protocol (LACP), also referred to as 802.3ad. LACP supports automatic link configuration and
prevents an individual link from becoming a single point of failure. With this protocol, traffic is forwarded to a different link if a link fails.
You can manually or automatically assign the IP address for the switch. Automatic configuration uses a DHCP server to obtain the IP address and all other information that you
have configured the DHCP server to assign. The DHCP server does not have to be on the same subnetwork as the switch. If you manually configure the IP address, you need
to ensure that all settings are correct. Switches should be given their own IP address and default gateway to use so that they can be remotely managed.
For IP address assignment for devices attached to the switch, some switches can also be configured to act as a DHCP server and assign IP addresses to attached devices.
However, you must ensure that the DHCP ranges configured on the switch do not overlap the ranges configured on other DHCP servers. Otherwise, you may have a single IP
address assigned to multiple hosts on the network, thereby affecting communication.
For switches, you also need to understand Power over Ethernet (PoE), Defined by the IEEE 802.3af and 802.3at standards. PoE allows an Ethernet switch to provide power to
an attached device by applying power to the same wires in a UTP cable that are used to transmit and receive data. PoE+ is an enhanced version of PoE that provides more
power and better reliability. PoE+ is most commonly deployed in enterprise networks, while PoE is usually sufficient for small business or home networks.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 4: Ethernet Technology, Ethernet Switch Features
Preventing Network Loops with Spanning-Tree Protocol, http://www.petri.co.il/csc_preventing_network_loops_with_stp_8021d.htm
Question #125 of 200
Question ID: 1289198
You need to deploy 802.1x authentication that supports client-side digital certificates for authentication with access points. Which technology should you deploy?
A) Cisco LEAP
B) EAP-TLS
C) EAP-PEAP
D) WEP
Explanation
Extensible Authentication Protocol with Transport Layer Security (EAP-TLS) authentication supports client-side digital certificates for authentication with access points. You can
configure Cisco Aironet wireless clients with digital certificates for authentication with EAP-TLS authentication. The Cisco EAP-TLS authentication type can be configured on
wireless clients that run Windows. If the wireless clients are working with other operating systems, a third-party software package must be installed to support EAP-TLS
authentication. The EAP-TLS authentication type operates with a dynamic session-based WEP key. The dynamic session-based WEP key encrypts data with the key that is
generated from the RADIUS authentication server or the client adapter. EAP-TLS uses Public Key Infrastructure (PKI) for encryption of data over the RF channel. You integrate
the EAP-TLS authentication type with the use of Lightweight Directory Access Protocol (LDAP) for server-based authentication.
WEP authentication does not work with client-side digital certificates. In WEP authentication, the client must be authenticated using the WEP key.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
88/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
EAP-PEAP authentication does not work with wireless access points. EAP-PEAP works with RADIUS servers.
Cisco LEAP authentication does not work with client-side digital certificates. Both sides of the communication using Cisco LEAP share a per-session, per-user encryption key,
not a digital certificate.
For the Network+ exam, you also need to understand Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling (EAP-FAST) and Protected Extensible
Authentication Protocol (PEAP). PEAP will form an encrypted TLS tunnel using a certificate on the server. After the tunnel has been formed, PEAP will authenticate the client
using EAP within the outer tunnel. EAP-FAST is Cisco’s alternative to PEAP.
Objective:
Network Security
Sub-Objective:
Given a scenario, secure a basic wireless network.
References:
802.1x Offers Authentication and Key Management > 802.1x not the whole solution, http://www.wi-fiplanet.com/tutorials/article.php/1041171
Wireless Security, http://www.ciscopress.com/articles/article.asp?p=177383&seqNum=6
Question #126 of 200
Question ID: 1289060
Match the protocol from the left with the default port it uses on the right. Move the correct items from the left column to the column on the right to match the protocol with the
correct default port.
{UCMS id=5689560602247168 type=Activity}
Explanation
The protocols given use these default ports:
Port 20 - FTP
Port 23 - Telnet
Port 25 - SMTP
Port 53 - DNS
Port 80 - HTTP
FTP also uses port 21, but it was not listed in this scenario.
Protocols can use either User Datagram (UDP) or TCP to communicate. UDP is connectionless, while TCP is connection-oriented.
For the Network+ exam, you need to know the following protocols and their default ports:
FTP – 20, 21
SSH, SFTP – 22
TELNET – 23
SMTP – 25
DNS – 53
DHCP – 67, 68
TFTP – 69
HTTP – 80
POP3 – 110
NTP – 123
NetBIOS – 137–139
IMAP – 143
SNMP – 161
LDAP – 389
HTTPS – 443
SMB – 445
LDAPS – 636
H.323 – 1720
MGCP – 2427/2727
RDP – 3389
RTP – 5004/5005
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
89/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
SIP – 5060/5061
Objective:
Networking Concepts
Sub-Objective:
Explain the purposes and uses of ports and protocols.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, Table 2-1 Application Layer Protocols/Applications
List of TCP and UDP Port Numbers, http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Question #127 of 200
Question ID: 1123520
You have recently moved several servers that contain confidential information onto a DMZ. What is the most likely valid reason for doing this?
A) bandwidth improvement for all confidential information transactions
B) isolation of all confidential transactions
C) encryption of all confidential transaction
D) compliance with federal and state regulations
Explanation
The most likely valid reason for moving servers that contain confidential information onto a demilitarized zone (DMZ) is compliance with federal and state regulations.
Placing the servers that contain confidential information onto a DMZ will not isolate all confidential transactions because all users on the other subnets will still need to access
the confidential information.
Placing the servers that contain confidential information onto a DMZ will not encrypt all the confidential transactions. This would require that you employ data encryption while
data is at rest and as it is transmitted.
Placing servers that contain confidential information onto a DMZ will not improve bandwidth for all confidential information transactions. As a matter of fact, because the servers
will be isolated on a separate network, transactions with those assets may actually cause performance to degrade. Any transactions would need to cross the firewall into the
DMZ, thereby slowing does the transaction speed.
Objective:
Network Security
Sub-Objective:
Explain common mitigation techniques and their purposes.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Specialized Network Devices
Question #128 of 200
Question ID: 1123650
You recently built a virtual network for testing purposes that is parallel to your existing network. When users attempt to log on to the existing network, they get a different IP
address than expected. In addition, some users report receiving a duplicate IP address error. What could be the issue?
A) Incorrect netmask
B) Rogue DHCP server
C) Incorrect host-based firewall settings
D) Exhausted DHCP scope
Explanation
A Dynamic Host Configuration Protocol (DHCP) server is used to distribute IP addresses. DHCP is the network service used to assign IP address, subnet mask, default
gateway, and DNS server addresses to devices as the boot onto the network. Because users are getting different IP addresses than expected and some have received a
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
90/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
duplication IP address, the issue is probably a rogue DHCP server. A rogue DHCP server can be placed on the network through malicious intent or inadvertently through a
virtual machine. Rogue DHCP servers play a big role in man-in-the-middle attacks.
Exhausted DHCP scope occurs when the DHCP server no longer has any available IP addresses to issue. This may occur as the result of a DHCP starvation attack, a type of
Denial of Service (DoS) attack. If the available IP addresses in the DHCP pool are all assigned, a legitimate user will be denied access to the network. If the DHCP is exhausted,
computers will be unable to lease an IP address. Symptoms of exhausted DHCP scope includes error messages on DHCP leases and computers using APIPA addresses.
An incorrect netmask can cause routing and performance issues, but will not cause duplicate IP address errors. In classless interdomain routing (CIDR) notation, the netmask
follows the IP address, beginning with the slash. As an example, in the IP address 172.16.0.0/16, the netmask is /16. The netmask determines the subnet to which the IP
address belongs, and the size of the subnet.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
How a Rogue DHCP Server Works, https://www.plixer.com/blog/detect-network-threats/how-a-rogue-dhcp-server-works/
Question #129 of 200
Question ID: 1289196
You are creating a wireless network for your company. You need to implement a wireless protocol that provides maximum security to protect against wireless attack. However,
you must provide support for older wireless clients. Which protocol should you choose?
A) WPA
B) WPA2
C) WAP
D) WEP
Explanation
You should implement Wi-Fi Protected Access (WPA). WPA was created to fix core problems with WEP. WPA is designed to work with older wireless clients while implementing
the 802.11i standard.
Wireless Application Protocol (WAP) is the default protocol used by most wireless networks and devices. However, because WAP can access Web pages and scripts, there is
great opportunity for malicious code to damage a system. WAP is considered the weakest wireless protocol.
Wired Equivalent Privacy (WEP) is the security standard for wireless networks and devices that uses encryption to protect data. However, WEP does have weaknesses and is
not as secure as WPA or WPA2. Wired Equivalent Privacy (WEP) should be avoided because even its highest level of encryption has been successfully broken.
Wi-Fi Protected Access 2 (WPA2) completely implements the 802.11i standard. Therefore, it does not support the use of older wireless cards. Identification and WPA2 are
considered the best combination for securing a wireless network. WPA2 is much stronger than WPA. In addition, you can implement WPA2 with Temporal Key Integrity Protocol
(TKIP), also referred to as TKIP-RC4, or Advanced Encryption Standard (AES), also referred to as CCMP-AES, to provide greater security. WPA2-AES is stronger than WPA2TKIP.
For the Network+ exam, you need to protect against the following wireless attacks or issues:
Evil twin - occurs when a wireless access point that is not under your control is used to perform a hijacking attack. It is set up to look just like a valid network, including the
same Set Service Identifier (SSID) and other settings.
Rogue access point (AP) - occurs when a wireless attack that is not under your control is connected to your network. With these devices, they are not set up to look just like
your network. This attack preys on users' failure to ensure that an access point is valid. You can perform a site survey to detect rogue APs.
War driving - occurs when attackers seek out a Wi-Fi network with a mobile device or laptop while driving a vehicle. You can lower the signal strength to help protect against
this attack. You should also turn off the broadcasting of the SSID and use WPA or WPA2 authentication.
War chalking - occurs when attackers place Wi-Fi network information on the outside walls of buildings. Keep an eye out for this type of information by periodically inspecting
the outside of your facilities.
Bluejacking - the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices. Turning off Bluetooth when not in use is the best protection against this.
Bluesnarfing - the unauthorized access of information from a wireless device through a Bluetooth connection. Once again, turning off Bluetooth when not in use is the best
protection against this.
WPA/WEP/WPS attacks - Any attacks against wireless protocols can usually be prevented by using a higher level of encryption or incorporating RADIUS authentication.
Wired Equivalent Privacy (WEP) should be avoided. Wi-Fi Protected Setup (WPS) allow users to easily secure a wireless home network but is susceptible to brute force
attacks. Wi-Fi Protected Access (WPA) is more secure than WEP and WPS. WPA2 provides better security than WPA.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
91/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Network Security
Sub-Objective:
Given a scenario, secure a basic wireless network.
References:
HTG Explains: The Difference Between WEP, WPA, and WPA2 Wireless Encryption (and Why It Matters), http://www.howtogeek.com/167783/htg-explains-the-differencebetween-wep-wpa-and-wpa2-wireless-encryption-and-why-it-matters/
WAP: Broken Promises or Wrong Expectations?, http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_6-2/wap.html
Wireless Security, http://www.ciscopress.com/articles/article.asp?p=177383&seqNum=6
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless LANs, Securing Wireless LANs
Question #130 of 200
Question ID: 1289109
Your company wants to implement a WLAN. You are researching the different wireless options and want to implement the WLAN technologies that are least affected by
multipath distortion. Which WLAN transmission technologies are least affected by multipath distortion? (Choose two.)
A) 802.11b
B) 802.11g
C) 802.11a
D) Wi-Fi
Explanation
The 802.11a and 802.11g Wireless Local Area Network (WLAN) transmission technologies are least affected by multipart distortion. Multipath distortion is caused by the
reflection of radio frequency (RF) signal on surfaces while traveling between the transmitter and the receiver. These reflected signals reach the receiver with delay. This is also
known as inter-symbol interference. This delayed signal adds distortion to the original signal that is directly sent to the antenna system of the receiver.
802.11a and 802.11g WLAN devices use Orthogonal Frequency Division Multiplexing (OFDM) modulation for transmission. Each 802.11a channel utilizes an RF bandwidth of 20
MHz in OFDM modulation. This 20-MHz channel is split into 52 channels with 300-KHz smaller sub-carriers, of which 48 are used for data transmission. The access point
transmits the same data in the different frequency channels. When the data is sent on multiple frequencies instead of single frequency, the RF signal is less susceptible to the
inter-symbol interference. This is because there is less probability that two signals will use the same sub-carrier frequency channel for transmission.
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, implement the appropriate wireless technologies and configurations.
References:
802.11 IEEE wireless LAN standards, https://www.webopedia.com/TERM/8/802_11.html
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless LANs, Introducing Wireless LANs
Question #131 of 200
Question ID: 1123490
You want to ensure that the sender of the message or network transmission is authenticated, and not an imposter or a phishing attempt. Which method will provide the highest
level of origin authentication?
A) WPA
B) CCMP-AES
C) TKIP-RC4
D) Preshared key
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
92/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Counter Mode with Cypher Block Chaining (CBC) Media Access Control Protocol - Advanced Encryption Standard (CCMP-AES) provides greater security over wireless
networks through CBC MAC, ensuring that incoming packets are indeed coming from the stated source. It also provides fast encryption using AES, which encrypts blocks of
data instead of individual bits.
In a wireless network, a preshared key (PSK) is an encryption method used with WPA Personal or WPA2 personal. PSK is appropriate for small office-home office (SOHO)
networks. A user will request access to the wireless network, supply a passphrase, which is then used with the Service Set Identifier (SSID) to generate a unique encryption key.
PSK is not as secure as CCMP-AES.
Temporal Key Integrity Protocol-Rivest Cipher 4 (TKIP-RC4) is an encryption method that was designed to provide security enhancements to wireless networks using Wired
Equivalent Protocol (WEP). WEP was an extremely weak encryption standard. TKIP added a key distribution method whereby each transmission had its own encryption key, an
authentication method to verify message integrity, and an encryption method called RC4. However, TKIP-RC4 is not as secure as CCMP-AES.
Wi-Fi Protected Access (WPA) was an interim security improvement over WEP. WPA was later replaced by Wi-Fi Protected Access version 2 (WPA2). WPA-2 uses AES to
encrypt wireless communications. Using complex authentication will prevent unauthorized entities from guessing credentials easily.
Objective:
Network Security
Sub-Objective:
Given a scenario, secure a basic wireless network.
References:
AES-CCMP, https://docs.microsoft.com/en-us/windows-hardware/drivers/network/aes-ccmp
Question #132 of 200
Question ID: 1123587
You are a desktop administrator for Nutex Corporation. Your organization uses Ethernet cable to connect network resources. A user reports that he is unable to access network
resources on his portable computer. The portable computer is connected to the company's network using an Ethernet cable. When you test the cable using a time domain
reflectometer (TDR), the signal returns too soon. What should you do?
A) Re-route the network cable.
B) Replace the network adapter.
C) Reinstall the network adapter.
D) Replace the network cable.
Explanation
You should replace the network cable. As stated in the scenario, the TDR shows that signal returns too early, which implies that there is a breakage in the network cable.
Therefore, you should replace the cable to fix the problem.
You should not reinstall the network adapter. The TDR shows that the signal returns too early which implies that there is a breakage in the network cable. Reinstalling the
network adapter will not fix the problem. You should only reinstall the network adapter if you discover an issue with the adapter's driver.
You should not replace the network adapter. This is required if Device Manager cannot detect a network adapter plugged in the computer or if the network adapter is faulty.
You should not re-route the network cable. This would be a problem if interference were occurring. Re-routing cable further from the interference source usually can fix the
problem. Cables can also be enclosed in a protective shield to prevent interference. It is also necessary to re-route a network cable if it lies across the floor. Routing network
cable across the floor can cause tripping hazards and can result in cable breakage from the constant pressure of being walked on.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
TDR circuit, http://www.epanorama.net/circuits/tdr.html
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
93/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #133 of 200
Question ID: 1123387
Your company owns a single physical server. You need to ensure that Web services are hosted in a Linux environment while Active Directory services are hosted in a Windows
environment. In addition, you need to ensure that these services are hosted on different broadcast domains. What should you do?
A) Implement virtual desktops and switches.
B) Implement virtual desktops and servers.
C) Implement virtual servers and switches.
D) Implement virtual servers and PBXs.
Explanation
You should implement virtual servers and switches. Implementing virtual servers would allow you to host a Linux environment for Web services and a Windows environment for
Active Directory services on the same physical server. Implementing virtual switches will allow you to host the services on different broadcast domains.
You should not implement virtual desktops. Virtual desktops allow you to implement a uniform user environment.
You should not implement virtual PBXs. A virtual PBX allows you to outsource your telephony service to a service provider. This is an example of software as a service (SaaS).
A virtual PBX is usually a Voice over IP (VoIP) solution.
When considering virtualization solutions, keep in mind that onsite services reside at your organization's corporate location or branch facility. Offsite services are provided by
service providers usually in cases where the leasing organization does not have the means to implement its own data center. When a service provider provides these networking
services, it is referred to as Network as a Service (NaaS).
Objective:
Infrastructure
Sub-Objective:
Explain the purposes of virtualization and network storage technologies.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3 Network Components, Virtual Network Devices
Question #134 of 200
Question ID: 1123247
Which protocol is categorized as an Exterior Gateway Protocol (EGP)?
A) BGP
B) RIP
C) IS-IS
D) OSPF
Explanation
Border Gateway Protocol (BGP) is categorized as an EGP. An EGP is used between autonomous networks. BGP uses an algorithm to determine the quickest route between
networks. When a company needs to implement highly available data centers, BGP allows a company to continue to maintain an Internet presence at all data center sites in the
event that a WAN circuit at one site goes down.
Routing Information Protocol (RIP), Intermediate System to Intermediate System (IS-IS), and Open Shortest Path First (OSPF) are categorized as Interior Gateway Protocols
(IGPs). RIPv2 was developed to address the deficiencies of RIP and includes support for Classless Inter-Domain Routing (CIDR). RIP is considered a distance-vector protocol.
OSPF is a link-state protocol. BGP is a hybrid protocol.
Enhanced Interior Gateway Routing Protocol (EIGRP) is an IGP. EIGRP is a distance-vector protocol.
All of the routing protocols mentioned can be used in IPv4/IPv6 networks.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
94/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 6: Routing IP Packets, Routing Protocol Examples
Question #135 of 200
Question ID: 1123234
You suspect that there is a problem with addressing that allows data to be sent throughout your network. Which addressing method is used at the OSI Network layer to allow
this?
A) Physical device addressing
B) Link-state addressing
C) Distance vector addressing
D) Logical network addressing
Explanation
Although the OSI Data Link layer (Layer 2) uses MAC, or physical device, addressing, the Network layer (Layer 3) uses logical network addressing. This logical address is
defined by the protocol's addressing scheme. For example, an IPv4 TCP/IP address is composed of 32 bits, divided into four sets of decimal numbers divided by periods. An IPX
address is a combination of an 8-digit hexadecimal number, which is assigned by the network administrator, and a 12-digit MAC address, separated by a colon.
Service addressing is the other addressing method used by the OSI Network layer. It is used to identify a specific upper-layer process or protocol. A service address is also
known as a port or socket.
Objective:
Networking Concepts
Sub-Objective:
Explain devices, applications, protocols and services at their appropriate OSI layers.
References:
The OSI Model's Seven Layers Defined and Functions Explained, http://support.microsoft.com/default.aspx/kb/103884
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, The Purpose of Reference Models, Layer 2: The Data Link Layer
Question #136 of 200
Question ID: 1289123
You must propose a cabling scheme for your company's new location. Several departments are located on the same floor with a maximum distance of 61 meters (200 feet)
between departments. You want a relatively easy, low-cost installation with simple connections.
Which type of cabling would you propose?
A) Twisted-pair
B) ThickNet
C) Fiber-optic
D) ThinNet
Explanation
Twisted-pair cabling is the least expensive cabling media. Because unshielded twisted-pair (UTP) is commonly used in telephone systems, it is mass-produced, making it
inexpensive and widely available. In addition, twisted-pair cabling is very easy to work with, meaning that very little training is required for its installation.
As in telephone systems, twisted-pair cabling uses Registered Jack (RJ) connectors to connect cables to components. Computer networks use the larger RJ-45 connectors,
which are very similar to the commonly known RJ-11 connectors used in telephone systems; this adds to the simplicity of installing twisted-pair.
Twisted-pair has a maximum length of 100 meters (328 feet), which will work for the company in the scenario because the offices are located within 61 meters (200 feet) of each
other. It is important to note that twisted-pair is the networking-cable type most susceptible to attenuation, which is why its maximum distance is 100 meters (328 feet).
The following is a table of network media comparisons:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
95/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
CCNA: Network Media Types > Twisted-Pair Cable, http://www.ciscopress.com/articles/article.asp?p=31276
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Media
Question #137 of 200
Question ID: 1289103
For a new office space, you have been asked to choose a best cost solution for providing wireless network access for up to 60 employees. Your boss has informed you that
there will be mix of 802.11n and 802.11ac devices in use. The maximum distance from the WAP to any user is 150 ft (~46M). Which kind of wireless access point should you
buy?
A) 802.11b
B) 802.11ac
C) 802.11g
D) 802.11a
E) 802.11n
Explanation
You should buy a 802.11n wireless access point (WAP). The critical factors at work here are compatibility and maximum distance (indoor range). 802.11ac is backward
compatible with 802.11n, so 802.11ac and 802.11n devices may communicate with a WAP of either kind. The maximum indoor range for 802.11n is 70m or 230ft, while that for
802.11ac is 35m or 115 ft. Thus, only 802.11n will work.
802.11a's indoor range is identical to that for 802.11ac (35 m or 115 ft).
802.11b is not compatible with 802.11n or 802.11ac. Also its indoor range is identical to that for 802.11ac (35 m or 115 ft).
802.11g is not compatible with 802.11n or 802.11ac. Its indoor range is also too short at 38 m or 125 ft.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
96/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
802.11ac would ordinarily be the best choice for deployment because of its ability to support multiple simultaneous users, wide data channels, and higher data rates. But the
distance and cost limitations preclude its use (802.11ac's indoor range is 35m or 115 ft).
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, implement the appropriate wireless technologies and configurations.
References:
Wireless Wi-Fi 802.11 a, b, g, n, ac …, https://www.geckoandfly.com/10041/wireless-wifi-802-11-abgn-router-range-and-distance-comparison/
Question #138 of 200
Question ID: 1289070
Recently, you have noticed that segments of data are arriving at their destination with errors. You need to examine the appropriate OSI layer for the reliable delivery of segments
without error. Which OSI layer is responsible for this?
A) Transport
B) Application
C) Data Link
D) Network
Explanation
The Transport layer is responsible for the reliable delivery of segments without error. This means that the Transport layer is not only responsible for making sure that segments
of data are delivered, but also for ensuring that segments of data arrive without error. The Transport layer uses segment sequencing to put any incorrectly ordered segments into
the correct sequence.
The layers of the OSI model, along with their layer numbers, are shown below:
Layer 1 – Physical layer
Layer 2 – Data Link layer
Layer 3 – Network layer
Layer 4 – Transport layer
Layer 5 – Session layer
Layer 6 – Presentation layer
Layer 7 – Application layer
Objective:
Networking Concepts
Sub-Objective:
Explain devices, applications, protocols and services at their appropriate OSI layers.
References:
The OSI Models Seven Layers Defined and Functions Explained, http://support.microsoft.com/default.aspx/kb/103884
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, The Purpose of Reference Models, Layer 4: The Transport Layer
Question #139 of 200
Question ID: 1123460
Which four of the following elements are most likely to appear in a well-designed password policy that explains requirements for formulating secure passwords? (Choose four.)
A) one or more special characters
B) spouse's birthday
C) 12 characters or longer
D) pet's name
E) one or more numbers
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
97/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
F) mix of upper and lower case characters
Explanation
The strongest passwords are long, and include a mix of upper and lower case alphabetic characters, along with one or more numbers and special characters (such as !@#$%
and so forth). For this scenario, the following options are correct:
12 characters or longer
mix of upper and lower case characters
one or more numbers
one or more special characters
A pet's name is one of the most frequently cited elements of personal information that turns up on bad or weak password lists.
Like a pet's name, a spouse's birthday is another frequently cited element of personal information that turns up on bad or weak password lists.
Modern technology and ubiquitous Internet access make it easy for users to be equipped with and use an online password generator and secure password safe. Such tools
randomly generate passwords of any length desired, chock-full of numbers and special characters and filtered to avoid including dictionary terms or substrings. Best security
practice is to recommend their use, and to set a good example by using them yourself.
Objective:
Network Operations
Sub-Objective:
Identify policies and best practices.
References:
The Importance of Using Strong Passwords MSDN https://msdn.microsoft.com/en-us/library/ms851492(v=winembedded.11).aspx
Password Protection Policy (SANS) https://www.sans.org/security-resources/policies/general/pdf/password-protection-policy
CompTIA Network+ N10-007 Cert Guide, Chapter 13: Network Policies and Best Practices, Policies
Question #140 of 200
Question ID: 1289289
You are the network admin at a small college. For most of the day, your school's wireless network performs as it should. Between classes, however, performance is abysmally
slow. What is the most likely cause?
A) Channel overlap
B) Overcapacity
C) Signal-to-noise ratio
D) Refraction
Explanation
You should look at overcapacity. Overcapacity is an issue in wireless performance. The proliferation of wireless devices will put an enormous drain on a wireless network
originally designed for a few devices. In today’s environment, the network may need to provide service to tablet computers, smartphones, personal performance monitors, and
smart watches, in addition to the few laptops the network was originally designed to support. From the symptoms being described, more students are connecting their devices
between classes, causing the performance of the network to degrade.
Refraction “bends” the signal as it passes through, or the signal curves as it tries to go around the object. Think of a stick where part of the stick is in the water and part of the
stick is out of the water. The stick appears ‘‘bent” because the water causes refraction of the image. If refraction were the issue, the problem would be throughout the day, not
just at certain times.
Channel overlap can cause performance issues. Even though 11 channels are available in the US, there is a high degree of overlap. When using multiple wireless access points
in 2.4 GHz mode, set the channels at 1, 6, and 11 to provide the best coverage. If this were the issue, the problem would be throughout the day, not just at certain times.
The signal-to-noise ratio (SNR) is the relationship between the strength of the wireless signal compared to the amount of background interference (noise). SNR is measured in
decibels (dB). Devices such as microwaves, cordless phones, wireless cameras, and fluorescent lights are all contributors. When using a Wi-Fi analyzer, any SNR below 25dB
is considered poor, while a reading above 41db is considered excellent. If this were the issue, the problem would be throughout the day, not just at certain times.
Objective:
Network Troubleshooting and Tools
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
98/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Sub-Objective:
Given a scenario, troubleshoot common wireless connectivity and performance issues.
References:
4 More Incredibly Common Reasons Your Wifi Performance is Awful, https://www.securedgenetworks.com/blog/4-more-incredibly-common-reasons-your-wifi-performance-isawful
Question #141 of 200
Question ID: 1289085
A company procedure calls for using the IPv4 and IPv6 loopback addresses as part of the troubleshooting process. Which of the following explanations best represents the
purpose of this tool?
A) To provide an IP address that is always available even in the absence of a network
B) To provide an IP address for testing the local IP stack without a physical network connection
C) To provide an IP address for testing the local IP stack through the network interface
D) To provide an IP address to determine minimum round-trip performance for packets
E) To provide an IP address to check interface drivers and hardware
Explanation
Though using the loopback address invariably returns PING round-trip times of 0, its purpose is to test the local IP stack, not to demonstrate or deliver minimum or best-possible
round-trip performance. The following graphic shows the output from pinging the loopback:
The loopback address can also be pinged using the address 127.0.0.1. Note the zero values throughout for both IPv4 and IPv6 PINGs. That's because there's no networking
hardware involved, and the round trip times are usually too short to measure.
The loopback address is defined for both IPv4, where it applies to any address of the form 127.x.x.x, and to IPv6, where it takes the form ::1 (all zeroes with a 1 in the final bit
position). The purpose of the loopback address is to provide a mechanism for testing the functionality of IP stack software, independent of hardware. That is, despite its formal
designation as “the loopback interface,” the loopback address has no hardware associated with it nor is it physically connected to any network. Using the loopback address
simulates sending and receiving packets up and down the IP stack without accessing anything external outside of that software.
The purpose of the loopback address is NOT to provide an IP address that is always available. This is because the IP stack might be faulty, corrupt, or malfunctioning.
The purpose of the loopback address is NOT to provide an IP address for testing the location IP stack through the network interface because loopback does not interact with any
physical hardware. Loopback works completely independent of any hardware or network connection.
The purpose of the loopback address is NOT to provide an IP address to determine minimum round-trip performance for packets because the loopback address does not
interact with the network in any way.
The purpose of the loopback address is NOT to provide an IP address to check interface drivers and hardware because it does not interact with physical hardware in any way.
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, configure the appropriate IP addressing components.
References:
loopback address, https://www.webopedia.com/TERM/L/loopback_address.html
Loopback Address, https://www.techopedia.com/definition/2440/loopback-address
Question #142 of 200
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
Question ID: 1123357
99/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
One of your branch offices is located on two non-adjacent floors in an office building. You have been given permission to route a communications link between the two floors
using existing conduit in the building's elevator shaft. Your current cabling plan calls for TP wiring on each of the two floors, but the distance between them is more than 90
meters. You need to interconnect the two floors using fiber optic cable in the cheapest manner possible. Which of the following should you deploy between the wiring centers on
each floor?
A) Modems
B) Hubs
C) Media converters
D) Firewalls
E) Routers
F) Switches
Explanation
You should deploy media converters between the wiring centers on each floor. By definition, a media converter maintains network characteristics, but permits dissimilar media to
be linked together. A pair of media converters that can interlink TP (RJ-45) cables and some kind of standard fiber-optic interface would be a good solution for this scenario.
They would permit you to use a single- or multi-mode duplex fiber optic cable to bridge the gap between floors in your office building. Multi-mode makes the most sense here
because it is cheaper to purchase and install.
A router is a device that examines the contents of data packets transmitted within or across networks. Routers determine if a source and destination are on the same network, or
whether data must be transferred from one network to another, either between locally available network segments, or across a wide-area link to access other, more distant
networks. Routers usually handle multiple sets of network connections, and can interconnect TP and fiber media. Routers are often expensive and complex devices. For this
reason, a pair of fiber interfaces for two routers (one on each floor) could easily cost twice as much as a pair of media converters. A router would be overkill for a persistent floorto-floor interconnect like the one described in the scenario.
A firewall is a software-based service that is used to maintain security on a private network by blocking unauthorized access to or from private networks. Firewalls generally work
to prevent unauthorized users or software from gaining access to private networks connected to the Internet, and to enforce an organization's acceptable use policies when
users on the private network access the Internet. A firewall is not used to interlink dissimilar networking media.
A switch is a high-speed networking device that receives incoming data packets from one of its ports and directs them to a destination port for local area network access. A
switch will redirect traffic bound outside the local area to a router for forward through an appropriate WAN interface. A switch can interlink TP and fiber-optic ports, but such
connections add significant costs to those devices. Like the router, a switch would be overkill for a persistent floor-to-floor interconnect like the one described in the scenario.
Likewise, a pair of fiber-optic interfaces for two switches (one for each floor) could also cost twice as much as a pair of media converters.
A hub is like a simple-minded switch in that it relays communication data. But instead of directing incoming traffic out of one targeted port (like a switch does) a hub copies data
packets to all of its ports. Because hubs do not typically permit TP ports to communicate with fiber-optic ports, and vice-versa, a hub is an unlikely choice for tying the two floors
of the building together.
A modem is a network device that modulates and demodulates (its name comes from the first letters of each of those two words: "mo" from modulate and "dem" from
demodulate) analog carrier signals for sending and receiving digital information. In the early days of networking, modems were used to provide remote communications across
the public telephone network. These days, they are most commonly used over broadband networks like those for CATV. A modem cannot be used to interlink TP and fiber-optic
network links.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Media
Media Converter https://www.techopedia.com/definition/20651/media-converter-network-hardware
Router https://www.techopedia.com/definition/2277/router
Firewall https://www.techopedia.com/definition/5355/firewall
Networking switch https://www.techopedia.com/definition/2306/switch-networking
Hub https://www.techopedia.com/definition/26350/hub-networking
Modem https://www.techopedia.com/definition/24118/modem
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
100/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #143 of 200
Question ID: 1123471
Which of the following controls can be used as a deterrent, an authentication method, or documentation?
A) Biometrics
B) Key fob
C) Video surveillance
D) Badges
Explanation
Video surveillance can serve as a deterrent, an authentication method, or documentation. It is important to choose the right type of equipment for the business environment. For
example, do you need infra-red cameras for low-light situations? Do you need motion detection that would only activate recording when there is movement? How many cameras
do you need? How would you place them to provide sufficient coverage and eliminate blind spots? Video surveillance is usually considered a detective physical security control.
By saving and storing the information recorded, it acts as documentation.
Requirements that personnel wear badges can be a deterrent against breaches of physical security and can also provide authentication, but badges do not assist with
documentation.
A key fob can assist with authentication by being a "something you have" authentication factor. Credentials are embedded in the key fob. When the key fob is placed next to a
sensor, access is either granted or denied based on the credentials. Other items similar in function to a key fob are smart cards and USB dongles. Key fobs do not really act as a
deterrent, nor do they provide any documentation. In some key fob implementations, documentation is provided using access logs that record all transactions.
Biometrics is an authentication method, but it would not provide documentation of an event. Biometrics is a "something you are" authentication factor. Fingerprints, iris and retina
scans, and voice prints can be used to authenticate your identity.
Objective:
Network Security
Sub-Objective:
Summarize the purposes of physical security devices.
References:
Physical security, access control and surveillance moving into 2017, http://www.securitynewsdesk.com/physical-security-access-control-and-surveillance-moving-into-2017/
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Defending Against Attacks
Question #144 of 200
Question ID: 1123259
You have decided to implement frame tagging in a port-based switching network. What does this technique ensure?
A) that the VLANs are implemented based on port
B) that the VLANs are implemented based on protocol
C) that the VLANs are implemented based on subnet
D) that a single VLAN can be distributed across multiple switches
Explanation
Frame tagging in a port-based switching network will ensure that a single VLAN can be distributed across multiple switches.
Frame tagging in a port-based switching network does not ensure that the VLANS are implemented based on protocol. To do this, you should implement protocol-based
switches.
Frame tagging in a port-based switching network does not ensure that the VLANs are implemented based on subnet. To do this, you should implement subnet-based switches.
Frame tagging in a port-based switching network does not ensure that the VLANS are implemented based on port. Port-based switches do this without frame tagging.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
101/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 4: Ethernet Technology, Ethernet Switch Features
Question #145 of 200
Question ID: 1123229
You are responsible for ensuring that unnecessary protocols are not running on your network. You need to determine which protocols operate at the Transport layer of the OSI
model. Which of the following protocols should you list? (Choose two.)
A) HTTP
B) TCP
C) IPX
D) UDP
E) IP
Explanation
Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) both operate at the Transport layer of the Open Systems Interconnection (OSI) model. Because the
Transport layer is the fourth layer in the OSI model, it is sometimes referred to as Layer 4.
Protocols that operate at the Transport layer provide transport services to higher-layer protocols, such as Hypertext Transfer Protocol (HTTP) and Trivial File Transfer Protocol
(TFTP). TCP reliably delivers a stream of bytes in order from a program on one computer to another program on another computer. TCP is the protocol that major Internet
applications rely on, such as the World Wide Web, email, remote administration and file transfer. TCP is a connection-oriented protocol. UDP, on the other hand, is a
connectionless protocol.
HTTP is an Application layer (Layer 7) protocol that uses the connection-oriented services of TCP, and TFTP is an Application layer protocol that uses the connectionless
services of UDP. HTTP is the primary service used on the World Wide Web. HTTPS is a secure version of the HTTP protocol.
Internet Protocol (IP) is a connectionless protocol in the TCP/IP protocol suite. Internetwork Packet Exchange (IPX) is a connectionless protocol in the IPX/SPX protocol suite. IP
and IPX operate at the Network layer of the OSI model (Layer 3) and provide routing and addressing services for nodes on a network. Internet Control Message Protocol (ICMP)
is an error-reporting protocol that also operates at the Network layer.
Objective:
Networking Concepts
Sub-Objective:
Explain devices, applications, protocols and services at their appropriate OSI layers.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, The Purpose of Reference Models, Layer 1: The Physical Layer
TCP/IP and OSI Network Models, http://www.speedguide.net/read_articles.php?id=120
Question #146 of 200
Question ID: 1289072
You are the network administrator for your company. As part of your job, you must understand how data is transmitted through the different OSI layers. Move the OSI layers from
the left column to the right column, and place them in the correct order, starting with Layer 1 at the top.
{UCMS id=5110048852279296 type=Activity}
Explanation
The correct order for the layers in the OSI model is as follows:
Layer 1 - Physical
Layer 2 - Data Link
Layer 3 - Network
Layer 4 - Transport
Layer 5 - Session
Layer 6 - Presentation
Layer 7 - Application
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
102/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Networking Concepts
Sub-Objective:
Explain devices, applications, protocols and services at their appropriate OSI layers.
References:
OSI Model, http://en.wikipedia.org/wiki/OSI_model
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model
Question #147 of 200
Question ID: 1302414
You want to configure a firewall and filter packets on a Linux system. Which command would you use?
A) nslookup
B) iptables
C) tcpdump
D) ifconfig
Explanation
The iptables Linux command allows you to control a firewall and filter packets. Filtering can be performed using packet type, packet source/destination, or target.
The tcpdump command allows you to analyze wired or wireless network traffic on a Linux system. For example, to examine POP3 traffic on the wired NIC, you would use this
command:
sudo tcpdump -I eth0 -nn -s0 -v port 110
The nslookup command is used to query the DNS server. The nslookup command with a domain name will return the A record. The nslookup with an IP address will return the
ptr record.
Ifconfig is the counterpart to the Windows ipconfig command, and provides information about the network interface card. Ifconfig functions much the same way as ipconfig, but it
does not provide information on wireless adapters. To retrieve information about wireless adapters on a non-Windows system, use the iwconfig command.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
Chapter 17: iptables, https://www.centos.org/docs/rhel-rg-en-3/s1-iptables-options.html
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #148 of 200
Question ID: 1123502
Which social engineering attack is typically considered the most dangerous?
A) dumpster diving
B) Trojan horse
C) social engineering
D) physical penetration
Explanation
Physical penetration is a social engineering attack that is typically considered the most dangerous attack that a targeted hacker can use. A targeted hacker chooses a specific
organization or target to attack. In a physical penetration attack, a targeted hacker enters the premises of an organization and gains access to computer systems or plugs a
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
103/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
laptop computer into an organization's internal network. A physical penetration attack is considered the most dangerous type of targeted hacker attack because computer
network equipment is typically not well protected inside an organization's physical location.
In a dumpster diving attack, a hacker searches through an organization's trash for sensitive information, such as user names, passwords, and documents that were intended to
be kept secret.
A social engineering attack occurs when a hacker pretends to be a member of an organization in an attempt to gain sensitive information about an organization's network or
operations. A hacker can perform social engineering by using methods such as instant messaging, the telephone, and face-to-face communications. Employees should be
trained to require some form of identification before giving sensitive information about a company to a stranger. To protect your network against social engineering attacks, you
should enforce the security policy, provide user education, and limit available information.
A Trojan horse is a malicious program typically sent as an e-mail attachment that appears to the end user as a benign application. A Trojan horse can be programmed to send
sensitive information to a hacker.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
Two methodologies for physical penetration testing using social engineering, http://doc.utwente.nl/69064/1/Pentesting_methodology.pdf
Question #149 of 200
Question ID: 1289156
You have two Web servers, named WebSrv1 and WebSrv2. You need to configure the Web servers so that they share the Web request load equally. What should you do?
A) Implement an active/passive cluster.
B) Implement an active/active cluster.
C) Implement Quality of Service (QoS).
D) Implement traffic shaping.
Explanation
You should implement an active/active cluster. This will ensure that the two Web servers share the Web request load equally. An active/active cluster is also known as a loadbalancing cluster.
You should not implement traffic shaping. Traffic shaping is a specialized type of Quality of Service (QoS) feature where traffic from each host is monitored. When traffic from the
host is too high, packets are then queued. Traffic shaping can also define how much bandwidth can be used by different protocols on the network.
You should not implement QoS. QoS provides varying levels of network bandwidth based on the traffic type. Each traffic type has its own queue. Each traffic type queue is given
its own priority. Traffic types with a higher priority are preferred over lower priority traffic types.
You should not implement an active/passive cluster. This will ensure that one of the Web servers handled the Web request load. If the active server fails, then the passive server
will take over the Web request load. An active/passive cluster is also known as a failover cluster. Active/passive clusters provide better performance, availability, and scalability.
All of these technologies help with performance optimization.
High availability is an important concern regarding Web servers. Operating Web servers in a cluster environment could improve availability. Providing two identical Web servers
would improve availability and provide redundancy. High availability is designed to keep system running in the event of a disaster.
Objective:
Network Operations
Sub-Objective:
Compare and contrast business continuity and disaster recovery concepts.
References:
Server Cluster Overview, https://technet.microsoft.com/en-us/library/cc759183.aspx
CompTIA Network+ N10-007 Cert Guide, Chapter 9: Network Optimization, High Availability
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
104/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #150 of 200
Question ID: 1123270
Management has decided to implement a small private network for guests. The network will consist of Windows 7 computers that will only be able to access the other computers
on the private network. You recommend that the small private network use APIPA addresses. Which is the following is a valid APIPA address?
A) 172.16.4.36
B) 10.1.1.131
C) 192.168.16.45
D) 169.254.2.120
Explanation
The 169.254.2.120 address is a valid Automatic Private IP Addressing (APIPA) address. By default, Windows XP and Windows 7 client computers are configured to use an
APIPA address if the DHCP server does down. The addresses in the APIPA range are 169.254.0.0 through 169.254.255.255. These addresses are not routable and are
therefore only usable on the local subnet.
The other addresses are all part of the three private IP address ranges, as shown below:
10.0.0.0 through 10.255.255.255
172.16.0.0 through 172.31.255.255
192.168.0.0 through 192.168.255.255
To prevent the use of APIPA addresses, you should change the default settings on the Alternate Configuration tab of the Internet Protocol Version 4 Properties dialog box. On
this tab, you can specifically configure a static IP address that the computer can use.
Private IP addresses can only be used on the private network. To connect to the Internet, computers that use private IP addresses with need some sort of Network Address
Translation (NAT) service. Public IP addresses allow computers to communicate on the Internet without t using the single public address of the NAT server.
A challenge with basic NAT, however, is that it provides a one-to-one mapping of inside local addresses to inside global addresses, meaning that a company would need as
many publicly routable IP addresses as it had internal devices needing IP addresses. Many routers support Port Address Translation (PAT), which allows multiple inside local
addresses to share a single inside global address (a single publicly routable IP address).
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, configure the appropriate IP addressing components.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 5: IPv4 and IPv6 Addresses, Assigning IPv4 Addresses
Advanced IP Addressing, http://www.ciscopress.com/articles/article.asp?p=174107&seqNum=5
Question #151 of 200
Question ID: 1123252
You are configuring a new small office home office (SOHO) at a small insurance office. After documenting the network requirements, you decide to use Network Address
Translation (NAT) so that only one public address will be needed. You want to use the IANA-designated private IP address range that provides host IP addresses with a
maximum of 16 bits.
What is a valid host IP address in this range?
A) 11.0.1.0
B) 192.168.0.1
C) 172.30.250.10
D) 10.251.250.100
Explanation
Of the IP addresses listed, 192.168.0.1 is a valid host address within the range of IANA-designated private IP addresses that provide a maximum of 16 bits per host address.
The IP address 11.0.1.0 is a public, or external, IP address.
The Internet Engineering Task Force (IETF) is a working group that creates standards for the Internet. The IETF is divided into a number of smaller committees, including the
Internet Assigned Numbers Association (IANA), which decides how the IP address space is used. The IANA has reserved three address spaces for private or internal IP
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
105/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
addressing. Internal IP addresses are never assigned by the IANA for use on the public Internet. The private IP address ranges are as follows: 10.0.0.0/8, 172.16.0.0/12, and
192.168.0.0/16. Note that the number after the slash (/) character is referred to as the network address prefix, which indicates the number of bits in the network address.
Private IP addresses in the range 192.168.0.0/16 can be used as a Class B address space with a 16-bit network address and a 16-bit host address, or they can be subnetted
into Class C addresses. Valid host IP addresses in this address space range from 192.168.0.1 through 192.168.255.254. The first 16 bits in the address correspond to the
network address and the last 16 bits in the address correspond to the host address.
The internal IP address range 10.0.0.0/8 provides IP addresses with an 8-bit network address and a 24-bit host address. The first 8 bits of a 10.0.0.0/8 internal IP address
correspond to the network address, and the last 24 bits correspond to the host address. Valid host IP addresses in this address space range from 10.0.0.1 through
10.255.255.254. The address 10.251.250.100 is a valid host IP address in this range.
The 172.16.0.0/12 private IP address range provides a 12-bit network address and a 20-bit host address. IP addresses in the range of 172.16.0.1 through 172.31.255.254 are
valid host IP addresses for this address space; the first 12 bits correspond to the network address, and the last 20 bits correspond to the host address. The IP address
172.30.250.10 is a valid host IP address in the range 172.16.0.0/12.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 5: IPv4 and IPv6 Addresses, IPv4 Addressing
What is a Private IP Address?, http://compnetworking.about.com/od/workingwithipaddresses/f/privateipaddr.htm
Question #152 of 200
Question ID: 1123385
Which of these devices or functions works at Layer 7?
A) Content filter
B) NGFW
C) VoIP gateway
D) VoIP PBX
Explanation
A Next Generation Firewall (NGFW) works at Layer 7, the Application layer. It includes traditional firewall functionality with an Application layer firewall. It enforces security
policies at the port, protocol, and application levels. A traditional firewall that allows HTTP traffic on port 80 may also permit an SQL injection attack embedded in a properly
formed HTTP request. An Application-layer firewall would perform a more intensive examination of the traffic instead of just allowing traffic on a given port. In this example, even
though HTTP traffic on port 80 is allowed on a traditional firewall, the Application layer firewall would look for an SQL injection attack and block the data.
A Voice over IP Private Branch Exchange (VoIP PBX) allows a company to use a single public-facing telephone number while having individual "extensions" for employees in a
VoIP phone system. A VoIP PBX could be considered analogous to Network Address Translation (NAT) on a router.
A VoIP gateway provides the interface between an IP network and the Public Switched Telephone Network (PSTN). As an example, for inbound calls, the VoIP gateway would
convert telephony traffic into packets for routing over an IP network.
Content filters are typically part of firewalls and allow the administrator to block objectionable content or content that may be deemed inappropriate for the situation.
Objective:
Infrastructure
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
Next-generation firewall (NGFW), http://searchsecurity.techtarget.com/definition/next-generation-firewall-NGFW
Question #153 of 200
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
Question ID: 1123550
106/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
You need to verify a network's transmission speed. Which tool should you use?
A) throughput tester
B) bit-error rate tester
C) connectivity software
D) loopback plug
Explanation
A throughput tester is best used to verify a network's transmission speed.
Connectivity software is any type of software that allows you to remotely connect to a network. Microsoft's proprietary Remote Desktop Protocol (RDP) and Remote Desktop
Connection (RDC) are both types of connectivity software.
Bit-error rate tester is a tool that contains a pattern generator and error detector to determine the bit-error rate.
A loopback plug is a device that is plugged into a network port to determine if the port is functional.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #154 of 200
Question ID: 1123236
As a network administrator, you understand that there are many types of addresses used in networks, including Data Link layer addresses and network addresses. You need to
explain to a new network technician the difference between these two types of addresses.
What is the most significant difference?
A) Data Link layer addresses refer to logical devices, whereas network addresses refer to physical devices.
B) Data Link layer addresses use fewer bytes of memory than network addresses.
C) The Data Link layer address of a device is configured by the network administrator, whereas the network address is set
by the IEEE.
D) Data Link layer addresses are MAC addresses for unique identification, whereas network addresses are a Network layer
component.
Explanation
The most significant difference between Data Link layer addresses and network addresses is that network addresses are a Network layer component (Layer 3), and Data Link
addresses are MAC addresses (Layer 2) used for unique identification. Network addresses refer to logical networks, whereas Data Link addresses define an actual physical
address assigned to a network interface card (NIC).
Data Link layer addresses define the physical device, and network addresses define the logical device.
Data Link layer addresses (MAC addresses) are 48 bits, and a TCP/IP network address is 32 bits (IPv4) or 128 bits (IPv6). This is not a significant difference.
The network address is configured by the network administrator. The first six hexadecimal digits of the Data Link (MAC) address are specified by the IEEE according to the NIC's
vendor ID; this is known as the Organizationally Unique Identifier (OUI).
Objective:
Networking Concepts
Sub-Objective:
Explain devices, applications, protocols and services at their appropriate OSI layers.
References:
TCP/IP and OSI Network Models, http://www.speedguide.net/read_articles.php?id=120
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
107/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
CompTIA Network+ N10-007 Cert Guide, Chapter 2: The OSI Reference Model, The Purpose of Reference Models, Layer 2: The Data Link Layer
Question #155 of 200
Question ID: 1289227
You are a system administrator. A user calls you complaining that every time she tries to log on to the network, she gets an error message. Other users are not having any
problems. Which question is best to ask first when attempting to troubleshoot the problem?
A) Which error message do you receive?
B) How much memory is installed in your computer?
C) What is your username and password?
D) Have you rebooted your computer?
Explanation
Knowing the exact error message would be the best first step in solving this problem. The message itself may point to the cause of the problem. Information pertaining to the
amount of memory, the user name and password, and whether the computer has been rebooted could be useful in other scenarios. This type of information would not enable
you to determine the problem in this scenario.
The troubleshooting order according to the CompTIA Network+ blueprint is as follows:
1. Identify the problem.
Gather information.
Duplicate the problem, if possible.
Question users.
Identify symptoms.
Determine if anything has changed.
Approach multiple problems individually.
1. Establish a theory of probable cause.
Question the obvious.
Consider multiple approaches.
Top-to-bottom/bottom-to-top OSI model
Divide and conquer
1. Test the theory to determine cause.
Once theory is confirmed, determine next steps to resolve problem.
If theory is not confirmed, re-establish new theory or escalate.
1. Establish a plan of action to resolve the problem and identify potential effects,
2. Implement the solution or escalate as necessary,
3. Verify full system functionality and if applicable implement preventive measures.
4. Document findings, actions, and outcomes.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Explain the network troubleshooting methodology.
References:
CompTIA.org - Network+ N10-007 Exam Objectives (Objective 5.1)
Question #156 of 200
Question ID: 1289272
A user is complaining about poor network connectivity. Upon examining the workstation, you notice it is connected to a patch cable that your new network technician made
earlier in the week. You suspect there is interference between two pairs in the cable. What is the most likely culprit for the connectivity issue?
A) EMI
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
108/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
B) Crosstalk
C) Latency
D) Damaged cables
Explanation
Because you suspect interference between two pairs in the cable, the most likely culprit for the issue is crosstalk. Crosstalk occurs when the data signal on one cable “hops” to
another cable. This issue is most often found in unshielded twisted pair (UTP) cabling, particularly when the ends of the cable that feed into the RJ-45 jack are too long. Those
types of connection issues are common with cables made by new employees. Solutions include purchasing professionally assembled cables, rerouting cables, adding new RJ45 connections, and upgrading to a higher grade of cable, such as CAT6 or CAT7.
Latency is the time it takes for network data to travel between the sender and the recipient. Different network media have different latency rates. For example, fiber has a latency
of 18ms, cable (coax) connections have 26ms latency, DSL has 44ms latency, and satellite Internet has 638ms latency. In addition, the network load on specific equipment, such
as routers and switches, can impact data transmission and increase the latency.
Electromagnetic interference (EMI) is most often caused by running unshielded twisted pair (UTP) network cables too close to devices that cause interference, like microwaves,
elevators, and fluorescent lights. If you cannot reroute cables, consider using shielded twisted pair (STP) or fiber-optic cable. EMI is not likely because you suspect the
interference is within the cable, which is crosstalk not EMI.
Damaged cables can present several different symptoms. When you plug a damaged cable into a switch or a NIC, you should get a connectivity light. If you plug a cable into a
Windows computer and you get a “No Connection” message, the cable is most likely damaged. Damaged cables can also cause dropped, intermittent, or slow connections. A
cable where the wires are broken somewhere, or the jack is failing might work if you move the cable around, indicating a damaged cable. If any of these issues occur, you
should replace the cable. Damaged cables is not the likely problem because you state in the scenario that you suspect interference between two pairs in the cable.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Crosstalk, http://sourcedaddy.com/networking/crosstalk.html
Question #157 of 200
Question ID: 1123384
Which would be the best device to provide multiple security functions in a central location?
A) Multi-layer switch
B) UTM appliance
C) Load balancer
D) Layer 7 firewall
Explanation
A Unified Threat Management (UTM) appliance would be the best device to provide multiple security functions in a central location. UTM appliances incorporate multiple security
and performance functions in one device. Some of those services can include load balancing, email security, URL filtration, and wireless security.
A multi-layer switch, in addition to working at the Data Link layer (Layer 2), also performs many Layer 3 router functions. When ports on a multi-layer switch are configured as
Layer 2 ports, traffic is routed based on the MAC address. When ports are configured as Layer 3 ports, traffic is routed based on IP addresses. Multi-layer switches have the
ability to route packets between VLANs.
A load balancer can be used to divert incoming web traffic to specific servers based on its content, reducing the workload on the primary server. The destination server is
determined by data in Transport layer or Application layer protocols. Traffic distribution can be based on a number of algorithms, such as round robin, weighted round robin,
least number of connections, or shortest response time.
A Layer 7 firewall or Next Generation Firewall (NGFW) combines traditional firewall functionality with an Application layer firewall. A traditional firewall that allows HTTP traffic on
port 80 may also permit an SQL injection attack embedded in a properly formed HTTP request. An Application layer firewall would perform a more intensive examination of the
traffic instead of just allowing the traffic on a given port. In this example, even though HTTP traffic on port 80 is allowed on a traditional firewall, the Application layer firewall
would look for an SQL injection attack, and block the data.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
109/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Infrastructure
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
The Difference Between a Next Generation Firewall and a UTM Appliance, https://www.volico.com/the-difference-between-a-next-generation-firewall-and-a-utm-appliance
Question #158 of 200
Question ID: 1123547
A user is complaining that she cannot log on to the network server. What specific steps should you take to locate the problem? (Choose three.)
A) Ask the user reporting the problem to reboot her workstation.
B) Ping the server.
C) Reboot the network server.
D) Have a user on a remote segment try to log on to the server.
E) Have a user on the local segment try to log on to the server.
Explanation
A logical first place to start troubleshooting would be to determine if the condition is network-wide or workstation specific. Have other similar users both on local segments and
remote segments attempt to perform the same actions. You should also verify that connectivity with the server can be established. You can do this by pinging the server.
Rebooting the network server or the user's workstation are not good first steps in attempting to resolve the problem.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
Chapter 12: Network Troubleshooting, http://www.cisco.com/en/US/docs/voice_ip_comm/bts/5.0/troubleshooting/guide/13tg01.html
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #159 of 200
Question ID: 1289200
Which attack involves the use of multiple computers with the purpose of denying legitimate access to a critical server?
A) distributed denial-of-service (DDoS) attack
B) denial-of-service (DoS) attack
C) land attack
D) Ping of Death attack
Explanation
Distributed denial-of-service (DDoS) attacks are an extension of the denial-of-service (DoS) attack. In DDoS, the attacker uses multiple computers to target a critical server and
deny access to the legitimate users. The primary components of a DDoS attack are the client, the masters or handlers, the slaves, and the target system. The initial phase of the
DDoS attack involves using numerous computers referred to as slaves and planting backdoors in the slaves that are controlled by master controllers. Handlers are the systems
that instruct the slaves to launch an attack against a target host. Slaves are typically systems that have been compromised through backdoors, such as Trojans, and are not
aware of their participation in the attack. Masters or handlers are systems on which the attacker has been able to gain administrative access. The primary problem with DDoS is
that it addresses the issues related to the availability of critical resources instead of confidentiality and integrity issues. Therefore, it is difficult to detect DDoS attacks by using
security technologies such as SSL and PKI. To detect the use of zombies in a DDoS attack, you should examine the firewall logs. Both zombies and botnets can be used in a
DDoS attack. Launching a traditional DoS attack might not disrupt a critical server operation. Launching a DDoS attack can bring down the critical server because the server is
being overwhelmed by processing multiple requests until it ceases to be functional. Trinoo and tribal flow network (TFN) are examples of DDoS tools.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
110/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A land attack involves sending a spoofed TCP SYN packet with the target host's IP address and an open port as both the source and the destination to the target host on an
open port. The land attack causes the system to either freeze or crash because the computer continuously replies to itself.
A Ping of Death is another type of DoS attack that involves flooding target computers with oversized packets, exceeding the acceptable size during the process of reassembly,
and causing the target computer to either freeze or crash. Other denial-of-service attacks, referred to as smurf and fraggle, deny access to legitimate users by causing a system
to either freeze or crash.
A denial-of-service (DoS) attack is an attack on a computer system or network that causes loss of service to users. The DoS attack floods the target system with unwanted
requests. It causes the loss of network connectivity and services by consuming the bandwidth of the target network or overloading the computational resources of the target
system. The primary difference between DoS and DDoS is that in DoS, a particular port or service is targeted by a single system and in DDoS, the same process is
accomplished by multiple computers. There are other types of denial-of-service attacks such as buffer overflows, where a process attempts to store more data in a buffer than
amount of memory allocated for it, causing the system to freeze or crash.
For the Network+ exam, you need to understand the following about DoS attacks:
Distributed DoS - carried out using multiple computers that are referred to as botnets. This attack will cause a traffic spike and is a coordinated attack so that all the botnets
participate in the attack.
Reflective/amplified - uses potentially legitimate third-party component to send the attack traffic to a victim, hiding the attackers' identity. The attackers send packets to the
reflector servers with a source IP address set to their victim's IP, indirectly overwhelming the victim with the response packets. Domain Name System (DNS) and Network
Time Protocol (NTP) servers are particularly susceptible to this attack.
Smurfing - a DDoS attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim's spoofed source IP are broadcast to a
computer network using an IP Broadcast address. The target of the attack is flooded with packets, causing performance to decline.
Friendly/unintentional DoS - a DoS attack that is carried out by devices that have legitimate access to the attacked server. This can occur as part of a DDoS where the
legitimate device is a botnet. It could also occur when a user inadvertently causes a DoS attack due to initializing multiple requests that hang up the server.
Physical attack - an attack where an attacker attacks a device in such a way as to permanently put it out of commission. Also referred to as permanent DoS, this attack may
involve affecting the firmware or infecting the device with malware.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Categories of Network Attacks
Question #160 of 200
Question ID: 1289261
Your network is shown in the following image:
Workstations A4 and A5 were recently added to the network. Since the clients have been added, the network has been running very slowly. Which two conditions could be
causing this problem? (Choose two.)
A) You have exceeded your network server access limits.
B) You exceeded the maximum number of computers allowed on the network.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
111/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
C) A connector is loose.
D) The bus network might be missing a terminator.
Explanation
The exhibit shows a bus network, which must be properly terminated. If it is not properly terminated, the entire network segment will run slowly due to signal reflection. A loose
connector will also cause signal reflection.
The server access limits and the maximum number of computers have not been exceeded.
Incorrect termination (mismatched standards) can occur when the cabling connectors are configured with the wrong individual pin in the connector sockets.
Straight-through - With this type of cable, each pin connects to the same pin on the opposite side. This cabling is used when connecting unlike devices, such as connecting
a router to a hub, connecting a computer to a switch, or connecting a LAN port to a switch, hub, or computer.
Crossover - With this type of cable, some of the internal wires cross over each other by switching the orange-white and green-white wires, and then the orange and green
wires. This cabling is used when connecting like devices, such as connecting a computer to a router, connecting a computer to a computer, or connecting a router to a
router.
For the Network+ exam, you must also understand these common copper cable issues:
Shorts - Shorts occur when two copper connectors touch each other, resulting in current flowing through that short because the short has lower resistance. Use a cable
tester to determine if a short has occurred.
Opens - Opens occur when there is a break or improper termination in the cabling that prevent current from flowing through a circuit. Use a cable tester to determine if an
open has occurred.
Bad connector - A bad connector will cause a connection to be unsuccessful. You can either replace the entire cable or replace the connector, depending on the length of
run. For example, it is often easier to replace the connection on a longer cable (over 25 feet or so). But for smaller, more common cables, it can be easier to replace the
cable and then replace its connector later.
Bad wiring - Bad wiring, like a bad connector, will cause a connection to be unsuccessful. If the wiring is the problem, it is best to just replace the cable.
Split pairs - A split pair is a wiring error where two wires of a twisted pair are instead connected using two wires from different pairs. It most commonly occurs when a punchdown block is wired incorrectly or when RJ-45 connectors are crimped onto the wrong wires. In both of these situations, you will need to rewrite the block or connector.
Tx/Rx reversed - A straight-through cable has the same transmit (Tx) or receive (Rx) leads at each end, while they are reversed at one end in a crossover cable. A straightthrough cable connects dissimilar devices, while a crossover cable connects like devices. If you use a crossover cable in the wrong location on the network, the device will
be unable to connect to the network. You should replace the cable with the correct type. Some switches support medium dependent interface crossover (MDIX), which
allows a switch port to properly configure its leads as Tx or Rx. However, if a network device does not support MDIX, you must use the appropriate cable (that is, a
crossover cable). If loss of connection occurs, you are using the wrong cable or have the switch leads configured incorrectly.
Bad SFP/GBIC module (cable or transceiver) - Switches can include gigabit interface converter (GBIC) and small form-factor pluggable (SFP) modules. If one of these
modules goes bad, you can either replace it if possible. Otherwise, the switch will have to be replaced. To determine if the module has failed, you need to use an LC
loopback tester.
Copper cabling can also be affected by EMI/RFI, cross-talk, cable mis-placement, signal attenuation, and distance limitations.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Chapter 13: Network Troubleshooting, http://www.cisco.com/en/US/docs/voice_ip_comm/bts/5.0/troubleshooting/guide/13tg01.html
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #161 of 200
Question ID: 1289211
You have expanded the number of nodes on your network and have added a second 24-port switch. The new switch is in place and has sufficient port capacity for another six
nodes in the future. What should you do to increase the security of the switch?
A) Use secure protocols
B) Upgrade firmware
C) Install patches and updates
D) Disable unused ports
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
112/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Explanation
Disabling unused ports is an excellent way to secure a switch. You should only enable designated active ports needed for network connections. As an example, if you have a 24port switch, but only 18 of those are needed for connected hosts, you should set the status of the other six ports to “disabled.”
Upgrading firmware is one way to ensure that the network component is performing properly, or to the current standard. Firmware differs from a driver. A driver allows the
hardware communicate with an operating system, such as Windows 10, Linux, or OSX. Firmware is the software that allows the hardware device to operate. A simplified
example of one aspect of firmware would be the line of instruction on the NIC that causes the green light to blink when network traffic is present.
Using secure protocols is paramount to network security. In SOHO networks, routers (as an example) are shipped with insecure protocols, such as WEP, enabled. While WEP is
the easiest for consumer or novice to use while getting the network up and running, it is inherently insecure and should be disabled in favor of a more secure protocol such as
WPA2.
Installing patches and updates to the network hardware will ensure that the firmware is up to date and that any remedies to known security issues will be corrected.
Objective:
Network Security
Sub-Objective:
Given a scenario, implement network device hardening.
References:
Cisco Networking Academy's Introduction to Basic Switching Concepts and Configuration, http://www.ciscopress.com/articles/article.asp?p=2181836&seqNum=7
Question #162 of 200
Question ID: 1289096
Your company’s network has recently switched to using only IPv6 addresses. You need to understand the types of addresses used on the network. Match the IPv6 addresses on
the left with the IPv6 address type to which each belongs. Each address will only match to a single address type, and each address type will only have a single address.
{UCMS id=5709141895020544 type=Activity}
Explanation
The IPv6 address types should be matched with the given IPv6 addresses as follows:
APIPA - fe80::/10
Private - fc00::/7
Loopback - ::1/128
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, configure the appropriate IP addressing components.
References:
IPv6 address, https://en.wikipedia.org/wiki/IPv6_address
CompTIA Network+ N10-007 Cert Guide, Chapter 5: IPv4 and IPv6 Addresses, IP Version 6
Question #163 of 200
Question ID: 1289265
The network you administer is organized according to the following image:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
113/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
ElliotA, KateB, and PayR are workstations. FileSrv is a file server, and WebSrv is a Web server. FRW1 and FRW2 are firewalls. WebSrv is on a demilitarized zone (DMZ) that is
maintained between the two firewalls. Router1 connects the network to the Internet. Remote users on the Internet connect to WebSrv, and some remote users on the Internet
are allowed to gain access to files on FileSrv.
Users report a network connectivity problem, so you test network connectivity. ElliotA can connect to KateB and FileSrv. KateB can connect to WebSrv. WebSrv can connect to
PayR and FileSrv. FileSrv cannot connect to Router1, but FileSrv can connect to FRW1 and FRW2. Internet users can connect to Router1, but they cannot connect to WebSrv.
What is most likely causing the connectivity problem on the network?
A) Router1 is overloaded with network traffic.
B) The port on Hub1 that connects FileSrv to the hub is not able to send or receive data.
C) The cable that connects Router1 to FRW2 is not properly connected to FRW2.
D) Router1's connection to the Internet is down.
E) FRW1 is configured with an invalid IP address.
Explanation
The most likely cause of the network connectivity problem in this scenario is that the cable that connects Router1 to FRW2 is not properly connected to FRW2. If the cable is not
properly connected, then users on the Internet will be able to contact Router1, but they will not be able to gain access to resources on WebSrv. Also, computers on the network
will be able contact one another and the firewalls, but they will not be able to contact Router1 or connect to the Internet. Potential issues with the cable are a bad connector, bad
internal wiring, a split (a physical cut in the cable), or a termination problem.
Bad connector - If you suspect that a connector is bad on a short cable, it may be easier to replace the entire cable than one connector. However, for long cable runs that
extend over a long distance, you should replace the connector so that the cable will not have to be re-routed.
Bad wiring - If you suspect that the cable itself is damaged or nonfunctional, you should always replace the cable.
Split cables - This is similar to bad wiring but is much easier to diagnose because the cable is actually cut. An open circuit can be the direct result of this issue.
Incorrect termination - This occurs when the cabling connectors are configured with the wrong individual pin in the connector sockets, or when a twisted pair cable is wired
as a split pair.
Straight-through - With this type of cable, each pin should connect to the same pin on the opposite side. This cabling is used when connecting unlike devices, such as
connecting a router to a hub, a computer to a switch, or a LAN port to a switch, hub, or computer.
Crossover - With this type of cable, some of the internal wires should cross over each other by switching the orange-white and green-white wires, and then the orange and
green wires. This cabling is used when connecting like devices, such as connecting a computer to a router, a computer to a computer, or a router to a router.
TX/RX reversal is another kind of cabling error. A straight-through cable has the same transmit (Tx) or receive (Rx) leads at each end, while they are reversed at one end in a
crossover cable. A straight-through cable connects dissimilar devices, while a crossover cable connects like devices. If you use a crossover cable in the wrong location on the
network, the device will be unable to connect to the network. You should replace the cable with the correct type. Some switches support medium dependent interface crossover
(MDIX). This allows a switch port to match its leads to the cable you have used. However, if a network device does not support MDIX, you must use an appropriate cable (that is,
a crossover cable) to allow its Tx leads to connect to the Rx leads on a connected device. If loss of connection occurs, you are using the wrong cable or have the switch leads
configured incorrectly.
A split pair is a wiring error where two wires of a twisted pair are instead connected using two wires from different pairs. It most commonly occurs when a punch-down block is
wired incorrectly or when RJ-45 connectors are crimped onto the wrong wires. In both of these situations, you will need to rewrite the block or connector. Open circuits or short
circuits could also cause loss of connection.
An open circuit is usually the result of a broken cable or improper termination. This causes an incomplete connection and complete failure of the electric current.
A short circuit occurs when there is unwanted contact with the cabling. This results in the current following an unwanted path, which could cause overheating or burning.
If the network connectivity problem were caused by an invalid IP address on FRW1, then users on the Internet would be able to gain access to WebSrv, but FileSrv would not be
able to connect to FRW1, FRW2, WebSrv, or the Internet. If the port on Hub1 that connects FileSrv were not able to send or receive data, then Internet users would be able to
gain access to WebSrv, but KateB would not be able to contact WebSrv, and ElliotA would not be able to contact FileSrv. If Router1 were not connected to the Internet, then
Internet users would not be able to connect to Router1 and users on the network would not be able to connect to the Internet. If Router1 were overloaded with network traffic,
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
114/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
then Router1 would probably be slower than usual. However, users on the Internet would be able to connect to WebSrv and computers on the network would be able to connect
to WebSrv and the Internet. Other common issues with cabling include a bad SFP/GBIC module, cable placement issues, attenuation, distance limitations, EMI and RMI, and
cross-talk.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Chapter 13: Network Troubleshooting, http://www.cisco.com/en/US/docs/voice_ip_comm/bts/5.0/troubleshooting/guide/13tg01.html
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #164 of 200
Question ID: 1289142
Which WAN technology offers the highest potential bandwidth?
A) E3
B) T3
C) OC-3
D) Frame Relay
E) FDDI
Explanation
OC stands for optical carrier. OCx levels are a set of transmission rates as specified by Synchronous Optical Network (SONET) for implementations over fiber-optic cable. The
base rate is OC-1, which has a maximum throughput of 51.84 Mbps. OC-3 has a bandwidth potential of 155.52 Mbps. The following are transmission rates of other common
WAN technologies:
BRI ISDN - up to 128 Kbps
PRI ISDN - up to 1.544 Mbps (over T1)
T1 - up to 1.544 Mbps
Frame Relay - up to 1.544 Mbps
E1 - up to 2.048 Mbps
E3 - up to 34.368 Mbps
T3 - up to 44.736 Mbps
OC-1 - up to 51.84 Mbps
FDDI - up to 100 Mbps
OC-3 - up to 155.52 Mbps
ATM - up to 622 Mbps
OC-12 - up to 622.08 Mbps
OC-24 - up to 1244.16 Mbps
OC-192 - up to 9953.28 Mbps
You need to understand the following WAN technologies for the Network+ exam:
OCX - includes speeds up to 51.84 Mbps for OC-1, 155.52 Mbps for OC-3, and 622.08 Mbps for OC-12. This network uses fiber optic cabling. All OCX networks are packetswitched networks.
ATM - allows speeds up to 622 Mbps. This network uses UTP or STP. ATM is a packet-switched network.
Frame relay - allows speed up to 1.544 Mbps. This network uses UTP/STP, coaxial, or fiber-optic cabling. All frame relay networks are packet-switched networks.
Objective:
Infrastructure
Sub-Objective:
Compare and contrast WAN technologies.
References:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
115/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
OC3 Explained, http://ezinearticles.com/?OC3-Explained&id=328879
CompTIA Network+ N10-007 Cert Guide, Chapter 7: Wide Area Networks (WANs), WAN Technologies
Question #165 of 200
Question ID: 1123433
Which action would you perform to look for candidates for exploitation across an information system?
A) Patch management
B) Vulnerability scanning
C) Log reviewing
D) Port scanning
Explanation
Vulnerability scanning looks for areas that are candidates for exploitation (weak spots) in networks, operating systems, applications, and equipment. Vulnerability scans can also
identify the effectiveness of in-place systems designed to prevent those exploits.
Log reviewing is the process of studying the event logs and looking for patterns or key triggers (such as a failed logon) that would indicate a potential problem. As an example, in
the Windows OS you could look for event codes 525-537 or 539, which are indicative of a failed login attempt.
Patches are updates to operating systems and applications. Patch management is the process of applying those updates, auditing for installation, and verifying that the most
current patch has been applied. While some patches address performance features, they are more often associated with correcting security issues.
Port scanning examines ports (0-65535) to determine if they are available for traffic (open) or blocked (closed). A company may want to enable port 80 for HTTP traffic, but
disable ports 20/21 to block FTP traffic. While open ports may be candidates for exploitation, port scanning does not provide the level of information that vulnerability scanning
does.
Objective:
Network Operations
Sub-Objective:
Explain common scanning, monitoring and patching processes and summarize their expected outputs.
References:
Vulnerability Scanning vs. Penetration Testing, https://www.secureworks.com/blog/vulnerability-scanning-vs-penetration-testing
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Defending Against Attacks
Question #166 of 200
Question ID: 1123557
You are the network administrator for your company's network. All servers run Windows Server 2008. All workstations run Windows 7. The network diagram is shown in the
following exhibit:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
116/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Workstation A2 cannot connect to Server B. Workstation B2 can connect to Server B. Workstation A2 can connect to Server A. Which command should you run from
Workstation A2 to test the connection from Workstation A2 to Server B?
A) ping 137.17.0.2
B) ping 137.17.0.1
C) ipconfig 137.17.0.1
D) tracert 137.17.0.2
Explanation
The IP address for Server B is 137.17.0.1; therefore, the ping 137.17.0.1 command will test the communication between Workstation A2 and Server B. The ping 137.17.0.2
command will not test the communication between Workstation A2 and Server B because 137.17.0.2 is Workstation B1's IP address.
The tracert 137.17.0.2 command will trace the number of router hops between Workstation A2 and Workstation B1. Using the tracert command is more resource-intensive than
using the ping command.
The ipconfig 137.17.0.1 command has an invalid command-line argument. The ipconfig command cannot be used to test communications between computers.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #167 of 200
Question ID: 1289089
Currently, your company uses IPv4 across its enterprise. Your company is considering using IPv6 instead of IPv4. Which improvements does IPv6 provide over IPv4? (Choose
two.)
A) The IP header options allow more efficient forwarding and less rigid length limits.
B) The IP address size is increased from 64 bits to 128 bits with simpler auto-configuration of addresses.
C) Some header fields have been dropped or made optional.
D) Header fields have been made mandatory to reduce processing requirements.
E) A new type of address is used to deliver a packet to a specific address node.
F) The IP address size increased from 128 bits to 156 bits with simpler auto-configuration of addresses.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
117/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Explanation
IPv6 (version 6), or IPng (next generation), offers the following improvements over IPv4:
The IP address size increases from 32 bits to 128 bits.
Some of the header fields have been dropped.
Version 6 has less rigid length limits and the ability to introduce new options.
Packets will indicate particular traffic type.
Support will be provided for data integrity and confidentiality.
The IPv6 header is 40 fixed bytes and has eight fields of information.
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, configure the appropriate IP addressing components.
References:
IPv4 or IPv6 - Myths and Realities, http://www.ciscopress.com/articles/article.asp?p=1215643
Cisco Press article: Internet Addressing and Routing First Step, http://www.ciscopress.com/articles/article.asp?p=348253&seqNum=7
CompTIA Network+ N10-007 Cert Guide, Chapter 5: IPv4 and IPv6 Addresses, IP Version 6
Question #168 of 200
Question ID: 1123249
Which metric is used by the Routing Information Protocol (RIP) Version 2 protocol to determine the network path?
A) delay
B) hop count
C) convergence
D) bandwidth
Explanation
Both Versions 1 and 2 of RIP use hop count as the primary metric to determine the most desirable network path. A metric is a variable value assigned to routes and is a
mechanism used by routers to choose the best path when there are multiple routes to the same destination. Each router traversed by a packet from the source to the destination
constitutes one hop. The lower the hop count, the higher the preference given to that path. Using RIP, the hop count is limited to 15 hops. Any router beyond this number of hops
is marked as unreachable.
RIP does not use delay as its primary metric. Delay refers to the time an Internet Protocol (IP) packet takes to travel from source to destination. Some dynamic protocols, such
as Interior Gateway Routing Protocol (IGRP), use delay in combination with other parameters to determine the best path to the destination.
RIP does not use bandwidth as its primary metric. Bandwidth refers to the maximum attainable throughput on a link. This metric is used as a part of the metric calculation by
some routing protocols, such as IGRP and Enhanced IGRP (EIGRP).
RIP does not use convergence as its primary metric. Convergence ensures that the status of a set of routers has the same knowledge of the surrounding network topology. The
goal of convergence is to ensure that data is transmitted at a steady state. Link-state protocols provide faster convergence than distance-vector protocols. EIGRP provides
faster convergence than OSPF, but OSPF provides faster convergence than RIP. When convergence on a routed network occurs, all routers learn the route to all connected
networks.
RIP v1, RIP v2, and IGRP are considered distance vector protocols. Open Shortest Path First (OSPF) is a link-state protocol. EIGRP is a balanced hybrid routing protocol, also
referred to as an advanced distance vector protocol.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 6: Routing IP Packets, Routing Protocol Examples
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
118/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
TCP/IP Routing Information Protocol, http://www.tcpipguide.com/free/t_TCPIPRoutingInformationProtocolRIPRIP2andRIPng.htm
Question #169 of 200
Question ID: 1123331
Your organization has both UTP and STP cabling available for wiring a new building. What is the main difference in the physical composition of these cables?
A) Number of twists in the wires
B) Separators between the wire pairs
C) Shielding
D) Wire gauge
Explanation
Shielded twisted-pair (STP) cable is identical to unshielded twisted-pair (UTP) cable except for the shielding that encloses the twisted pairs in STP. This metallic shield protects
the cable from interference caused by fluorescent light fixtures, motors, and other electromagnetic interference (EMI) sources. STP cable can be used in any implementation
where UTP is used, but it is generally only used when shielding from EMI is required because it is more expensive than UTP cable.
Fiber-optic cable is also NOT affected by EMI. Either STP or fiber-optic cable should be used around light fixtures.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
CCNA: Network Media Types, http://www.ciscopress.com/articles/article.asp?p=31276&seqNum=1
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Media
Question #170 of 200
Question ID: 1289112
Your company needs to be able to provide employees access to a suite of applications. However, you do not want the employees to install a local copy of the applications.
Which method should you use to deploy the suite of applications?
A) PaaS
B) IaaS
C) SaaS
D) virtualization
Explanation
You should use Software as a Service (SaaS) to deploy the suite of applications. This will ensure on-demand, online access to the suite without the need for local installation.
Another example of this type of cloud computing deployment is when a company needs to give employees access to a database but cannot invest in any more servers. WebMail
is an example of this cloud computing type.
Virtualization hosts one or more operating systems (OSs) within the memory of a single physical host computer. This mechanism allows virtually any OS to operate on any
hardware and allows multiple OSs to work simultaneously on the same hardware. Virtualization would not be the best choice here because it would limit the number of users
who could access the application suite. In addition, the performance of the virtual machine would decline as more users simultaneously access the application suite.
Platform as a Service (PaaS) is not the best choice here. PaaS is a platform that provides not only a deployment platform but also a value added solution stack and an
application development platform. It provides customers with an operating system that is easy to configure. It is on-demand computing for customers.
Infrastructure as a Service (IaaS) is not the best choice in this situation. IaaS is a platform that provides computer and server infrastructure typically provided as a virtualization
environment. The platform would provide the ability for consumers to scale their infrastructure up or down by domain and pay for the resources consumed. This cloud computing
model provides the greatest flexibility but requires a greater setup and maintenance overhead than the other cloud computing models.
A part of the Network+ exam, CompTIA cover three main cloud models: SaaS, PaaS, and IaaS. The security control that is lost when using cloud computing is physical control
of the data. The main difference between virtualization and cloud computing is location and ownership of the physical components. When virtualization is used, a computer uses
its own devices to set up a virtual machine. When cloud computing is used, a company pays for access to another company's devices.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
119/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Other cloud technologies that you need to be familiar with include:
Private cloud - a cloud infrastructure operated solely for a single organization that can be managed internally or by a third party and host internally or externally.
Public cloud - when the cloud is rendered over a network that is open for public use.
Community cloud - shares infrastructure between several organizations from a specific community that can be managed internally or by a third party and hosted internally or
externally.
Hybrid cloud - two or more clouds (private, public, or community) that retain unique names but are bound together, offering the benefits of multiple deployment models.
You also need to understand the following virtualization technologies: virtual switches, virtual routers, virtual firewall, virtual versus physical NICs, and software defined
networking. Virtual devices perform the same functions as their physical counterparts. However, keep in mind that virtual devices share the resources of the physical device on
which they are deployed. Therefore, with each new virtual device deployed, the performance of all the virtual devices deployed on that physical device degrades. While virtual
NICs can make it appear that a machine has multiple NICs, each virtual device will still share only a single physical NIC, possibly causing performance issues. If you have a
single physical computer configured with multiple virtual machines, you may want to install separate physical NICs for each virtual machine for increased throughput and load
balancing.
Objective:
Networking Concepts
Sub-Objective:
Summarize cloud concepts and their purposes.
References:
Could Computing Basic, http://cloudcomputingtechnologybasics.blogspot.com/2011/05/cloud-computing-comparing-saas-paas-and.html
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Virtual Network Devices
Question #171 of 200
Question ID: 1123614
You have implemented a new 802.11b 2.4-GHz WLAN. Which of the following devices can cause interference with this network? (Choose all that apply.)
A) electrical wiring
B) cable TV cabling
C) cordless phones
D) microwave ovens
Explanation
Microwave ovens can cause interference for 802.11b wireless local area networks (WLANs) that operate in the 2.4-GHz frequency band. Microwave ovens operate at the 2.45GHz frequency band, and can cause interference when used in areas where 802.11b WLANs are deployed. Cordless phones can also cause interference. Typically these
cordless phones use a higher transmitting power than the access points and can create a lot of noise in 802.11b WLANs. To avoid the interference from cordless phones, you
can change either the location of access points or the location of the cordless phones. You can use the cordless phones that operate at 900MHz frequency band to avoid
interference with 802.11b WLANs. Most medical equipment that uses radio frequencies operates in the 2.4-GHz ISM frequency band. Therefore, when doing a site survey, you
must consider the interference by microwave ovens, cordless phones, and other devices that operate in the 2.4-GHz ISM frequency band, and you should plan the positions of
the access points according to these devices to avoid interference.
Pools of water, trees, and construction materials, such as steel and wood, may absorb the radio frequency signals from 802.11b 2.4-GHz WLANs. Objects with water content
should be avoided to prevent signal absorption problems.
Cable TV cabling and electrical wiring do not cause interference with 802.11b WLANs.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wireless connectivity and performance issues.
References:
Introduction to Wireless LANs, http://www.ciscopress.com/articles/article.asp?p=791594&seqNum=3
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless Technologies, Deploying Wireless LANs
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
120/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #172 of 200
Question ID: 1289135
Your company is deploying a VoIP system on its premises at three locations. The internal VoIP system must communicate with the existing PSTN network. Which device will be
necessary to permit network-based calls to access the PSTN, and for PSTN-based calls to access the network?
A) IP-ISDN adapter
B) IP-PBX adapter gateway
C) VoIP-PSTN gateway
D) PBX system
E) Internet modem
Explanation
The company must deploy one or more VoIP-PSTN gateways. These devices establish the routing of calls to the existing PSTN network. Such gateways connect to the PSTN
network through T1/E1/J1, ISDN, or FXO interfaces.
IP-PBX adapters permit VoIP devices to interact with PBX-based devices for calling. They do not support communications with the existing PSTN network.
IP-ISDN adapters permit VoIP devices to interact with ISDN-based PBX systems. Like IP-PBX adapters, IP-ISDN adapters do not support communications with the existing
PSTN network.
An Internet modem permits local Wi-Fi or Ethernet devices to communicate with devices on other IP networks across a WAN or broadband link. Internet modems do not support
communications with the existing PSTN network.
A PBX or private branch exchange system provides support for private, in-house telephony. Such systems can (and usually do) connect to the existing PSTN, but they do not in
and of themselves support communications with a PSTN.
PBX systems are closely linked with the PSDN network, but existing PBX systems can also be migrated to VoIP using suitable adapters. A VoIP adapter used in combination
with a PBX system constitutes an IP-PBX adapter that may be used to interface a PBX with an IP network and its VoIP devices. IP-ISDN fills the same role for ISDN-based PBX
systems, where and IP-ISDN adapter may be used to interface an ISDN-PBX with an IP network and its VoIP devices.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them.
References:
Typical VoIP Deployment Example http://what-when-how.com/voip/typical-voip-deployment-example/
Question #173 of 200
Question ID: 1289127
You will have a very small wiring closet for your routers. While the company will use fiber-optic cabling, you would like to use the smallest form connector to conserve space. The
connector you plan to use should be roughly half the size of the other connectors. Which fiber-optic connector should you use?
A) ST
B) BNC
C) LC
D) SC
Explanation
A Lucent Connector (LC) fiber-optic connector is roughly half the size of other fiber-optic connectors. Its smaller form allows for more space in the wiring closet. An LC connector
resembles the following exhibit:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
121/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
The SC connector is a square, plug-in connector used with fiber-optic cable. It is a popular choice in 100Base-FX implementations. SC stands for square connector. The SC
connector uses a push to snap on and a push to snap off technology. It is larger than an LC connector. An SC connector resembles the following exhibit:
There are two types of SC connectors: ultra physical contact (UPC) and angled physical contact (APC). APC connectors feature an 8-degree angle, while UPC connectors have
no angle. UPC adapters are blue, while APC adapters are green.
The ST connector is a round, bayonet type of connector used with fiber-optic cable, which uses a twist on-twist off technology. The ST stands for straight tip, which refers to the
white tip at the end of the connector. It is larger than an LC connector. An ST connector resembles the following exhibit:
A BNC connector is used to connect a 10Base2 (ThinNet) cable to a computer or network device. It is also used to terminate DS3 connections in a telecommunications facility. It
is not used by fiber-optic cable. A BNC connector resembles the following exhibit:
Another connector that is used with fiber-optic cabling is the Mechanical Transfer Registered Jack (MTRJ) connector. It more closely resembles the RJ-45 connector used in
UTP and STP cabling. An MTRJ connector resembles the following exhibit:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
122/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
RJ-45 connectors are used to connect unshielded twisted-pair (UTP) and shielded twisted-pair (STP) cable to hubs, network interface cards (NICs), and various other twistedpair networking devices. RJ-45 connectors are shaped like RJ-11 connectors, only larger. They use an 8-pin connector that house eight (four pair) wires. Registered Jack (RJ)
connectors use a small tab to lock the connector in place. An RJ-45 connector resembles the following exhibit:
An RJ-11 connector is typically used to connect two pairs of UTP wiring to a voice-grade telephone system. They are smaller than RJ-45 connectors. An RJ-11 connector
resembles the following exhibit:
An RJ-48C connector at first glance will look exactly like an RJ-45 connector. However, on close examination, a technician will notice that the wires are in a different order. It is
mostly commonly used for T1 data lines for longer distances and when exposed to the environment. To protect the integrity of the signal, RJ48 wirings use STP cabling.
A DB-9 connector, also referred to as an RS-232 connector, is a serial connector. A DB-9 connector resembles the following exhibit:
Another serial connector is a DB-25 connector. A DB-25 cable resembles the following exhibit:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
123/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A UTP coupler is a small block for connecting two UTP cables to form a longer one. An RJ-45 UTP coupler is shown in the following exhibit:
A BNC coupler works like a UTP coupler, only for BNC cables not UTP cables. A BNC couple is shown in the following exhibit:
An F connector, also referred to as F-type connector, is a connector for coaxial cable. An F connector is shown in the following exhibit:
An FC connector is used in fiber-optic networks. It has a threaded body that is useful in environments where vibrations occur. An FC connector is shown in the following exhibit:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
124/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A fiber coupler, like a UTP and BNC coupler, is used to attach two separate fiber optic cables. Fiber couplers match the particular type of fiber-optic connector that you use.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, deploy the appropriate cabling solution.
References:
LC Connector, http://encyclopedia2.thefreedictionary.com/LC+connector
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Media
Question #174 of 200
Question ID: 1289075
Which option allows you to define which protocols are allowed to traverse the router, whether the traffic is inbound or outbound?
A) Software-defined networking
B) Distributed switching
C) Access control lists
D) Packet switching
Explanation
An access control list (ACL) allows you to define which types of traffic are allowed into or out of the network on a protocol-by-protocol basis. ACLs can also be configured based
on port number, MAC address, IP address, and other criteria.
Distributed switching allows a host to select from a pool of switches.
It is critical that you know the difference between packet-switched and circuit-switched networks. Packet-switched networks break the traffic into small parcels. Depending on the
layer at which they reside, those parcels are called packets. Each packet contains, among other things, the destination address. The receiving router uses that destination
address to forward the packet to the next router.
Circuit-switched networks require that a connection be established between the sender and the receiver. Once a connection is made (meaning that a circuit is formed), the data
is routed from the sender to the receiver.
Software-defined networks (SDNs) allow a network administrator to direct and prioritize traffic, and connections, over virtual switches, from a centralized console. SDNs can
control the access to switches and routers but do not have anything to do with allowing traffic to traverse a switch or router.
Objective:
Networking Concepts
Sub-Objective:
Explain the concepts and characteristics of routing and switching.
References:
Access Control Lists: Overview and Guidelines, https://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfacls.html
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
125/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #175 of 200
Question ID: 1289087
You need to assign a virtual IP address to an Internet server. What are valid reasons for doing so? (Choose all that apply.)
A) To provide a generic address for immediate access
B) To permit the same address to access multiple domain names
C) To permit multiple servers to share the same address
D) To permit a single network interface to service multiple incoming service requests
E) To eliminate host dependencies on specific, individual network interfaces
Explanation
Usually abbreviated VIPA, a virtual IP address is a single IP address that may be shared among multiple domain names or servers. By assigning a virtual IP address to a host, it
no longer needs to depend on specific individual network interfaces. Incoming packets target the host’s VIPA, but all are routed through to actual, specific network interfaces.
VIPA thus helps to provide load balancing for incoming traffic, where switches or routers behind the scenes can distribute them evenly among a pool of available network
interfaces.
Although a VIPA does provide a kind of generic address for multiple domain names or servers, it does not guarantee immediate access. Access will always depend on queue
depth and latency of the receiving switch or router that handles and forwards incoming service requests.
A VIPA does not permit a single network interface to service multiple incoming service requests. A single network interface can only service one incoming service request at a
time. The VIPA allows a device to hand off incoming service requests quickly to multiple network interfaces, thereby giving the appearance of multiplicity, but this does NOT
mean a single network interface can handle more than one incoming request at a time. Fast serialization is not equivalent to parallel processing.
A primary advantage of VIPA is to eliminate host dependencies on specific, individual network interfaces.
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, configure the appropriate IP addressing components.
References:
Virtual IP address, http://tools.ietf.org/html/rfc2373#section-2.5.1
Virtual IP address, https://www.pcmag.com/encyclopedia/term/53922/virtual-ip-address
Question #176 of 200
Question ID: 1289307
A new file server is configured to allow personnel within the company to store files. Users are reporting that they cannot upload files to the file server. What might be the areas
you should examine? (Choose two.)
A) Blocked TCP/UDP ports
B) Incorrect ACL settings
C) Hardware failure
D) Duplicate IP addresses
Explanation
The areas you should examine are blocked TCP/UDP ports and incorrect ACL settings. Blocked TCP/UDP ports are often necessary to protect the network from insecure
protocols that are easily exploited by hackers. Ports that are often blocked include TCP port 23 (Telnet), TCP port 21 (FTP), TCP/UDP port 53 (DNS, as a post-attack exit port)
and UDP port 161 (SNMP).
For ACLs on routers and firewalls, incorrect ACL settings would allow or prevent transmission of network traffic (inbound or outbound). ACL settings on file servers can allow or
deny access to the folders.
Duplicate IP addresses can occur when a DHCP server “thinks” an IP address is available. For example, a client machine requests an IP address, and the DHCP server issues
an address listed as available from the pool of addresses. A conflict may occur if a dormant machine comes back online, with an IP address that the DHCP server thought was
expired and added back into the pool.
Hardware failure could be the NIC, cable, port on a switch, the switch itself, a port on the router of the router itself, to name a few. You would first ping 127.0.0.1 to determine if
the client machine is communicating with the NIC. Ping the default gateway, then the router, and then a tracert to a website to identify the faulty piece of equipment.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
126/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
Securing risky network ports, https://www.csoonline.com/article/3191531/network-security/securing-risky-network-ports.html
Access Control List Explained with Examples, https://www.computernetworkingnotes.com/ccna-study-guide/access-control-list-explained-with-examples.html
Question #177 of 200
Question ID: 1123529
You are implementing several switches on your network. The network contains client computers that run both Internet Protocol (IP) and Internetwork Packet Exchange (IPX). To
increase network efficiency, you need to configure the switches so that the two different types of traffic are isolated. Which type of virtual local area network (VLAN) should you
implement?
A) frame-tagging VLAN
B) port-based VLAN
C) subnet-based VLAN
D) protocol-based VLAN
Explanation
You should implement a protocol-based VLAN. This will allow you to isolate the IP and IPX traffic. With protocol-based VLANs, each VLAN is configured to support a single
protocol.
A port-based VLAN is not used to isolate IP and IPX traffic. With this type of VLAN, each port on the switch is assigned to a VLAN. Devices attached to that port automatically
becomes members of that VLAN.
A subnet-based VLAN is not used to isolate IP and IPX traffic. With this type of VLAN, each subnet on your network is assigned to a VLAN. Devices are part of a subnet based
on the subnet to which the device's IP address belongs.
A frame-tagging VLAN is not used to isolate IP and IPX traffic. A frame-tagging VLAN is a type of port-based VLAN that uses frame tagging to allow VLANs to be spread across
multiple switches.
Objective:
Network Security
Sub-Objective:
Explain common mitigation techniques and their purposes.
References:
Overview of VLANs (Virtual LANs), https://www.alliedtelesis.com/sites/default/files/overview_vlans.pdf
CompTIA Network+ N10-007 Cert Guide, Chapter 4 Ethernet Technology, Ethernet Switch Features
Question #178 of 200
Question ID: 1123504
What attack is also considered to be a social engineering attack?
A) a Trojan horse
B) an e-mail hoax
C) a logic bomb
D) a backdoor
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
127/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
An e-mail hoax is also referred to as a social engineering attack. An e-mail hoax is an e-mail message that contains a false warning about a potential virus infection. As wellmeaning users forward an e-mail hoax to other users, resulting in increased e-mail traffic that can seriously deplete the amount of bandwidth available on a network. Most
network-bound viruses are spread by e-mail. Social engineering attacks are those attacks that rely on personnel to reveal information that will allow an attack to be carried out.
The best defense against social engineering attacks is security training.
A logic bomb is a program that is designed to destroy network resources when a specified event occurs. A backdoor is an unguarded pathway into a network. A Trojan horse is
a program that seems innocuous but contains malicious code that can damage network resources or provide hackers with a pathway into a network.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
Social engineering, https://www.incapsula.com/web-application-security/social-engineering-attack.html
Question #179 of 200
Question ID: 1289269
You are a network administrator. A user named Wendy uses a computer named Client1. Wendy reports that she cannot connect to other computers on the 100BaseTX Ethernet
network that is depicted in the following exhibit:
You test Client1 and the other computers connected to Hub A and Hub B, and you determine that only Wendy cannot connect to the network.
What is most likely causing the connectivity problem in this scenario?
A) A broadcast storm is emanating from the NIC in Client4.
B) The NIC in Client1 is defective.
C) Hub A is defective.
D) Hub B is defective.
Explanation
The most likely cause of the connectivity problem described in this scenario is that the network interface card (NIC) in Client1 is defective. Wendy uses Client1, and Wendy is
the only employee who cannot connect to the network. When Wendy reported her problem with network connectivity, you tested her computer. Then, you determined the scope
of the problem by testing the other computers on the network. That test revealed that the problem was most likely related only to Wendy's computer.
If HubA were defective, then the computers connected to HubA would probably not be able to connect to the network. If HubB were defective, then the computers connected to
HubB would probably not be able to connect to the network. A NIC produces a broadcast storm when it becomes defective and sends a continuous stream of data packets on
the network, which can cause network performance to degrade. A broadcast storm can also cause a network to stop responding. If the NIC in Client4 were producing a
broadcast storm, then network performance would deteriorate or none of the computers on the network would be able to connect to the network.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
128/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Chapter 13: Network Troubleshooting, http://www.cisco.com/en/US/docs/voice_ip_comm/bts/5.0/troubleshooting/guide/13tg01.html
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #180 of 200
Question ID: 1289094
Your company’s enterprise includes multiple subnets, each of them using a different addressing class. Match the IP addresses on the left with the IP Address Class/Type on the
right.
{UCMS id=5631435736088576 type=Activity}
Explanation
The IP addresses should be matched with the IP address classes in the following manner:
Class A Public - 77.24.16.74
Class A Private - 10.6.55.44
Class B Public - 143.91.63.19
Class B Private - 172.20.5.5
Class C Public - 204.29.83.91
Class C Private - 192.168.103.213
APIPA - 169.254.43.31
Class A addresses are in the 0.0.0.0 through 126.255.255.255 range. Class B addresses are in the 128.0.0.0 through 191.255.255.255 range. Class C addresses are in the
192.0.0.0 through 223.255.255.255 range.
There are three reserved private IP address ranges:
Class A - 10.0.0.0 through 10.255.255.255
Class B - 172.16.0.0 through 172.31.255.255
Class C - 192.168.0.0 through 192.168.255.255
Automatic Private IP Addressing (APIPA) addresses are in the 169.254.0.0 through 169.254.255.255 range
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, configure the appropriate IP addressing components.
References:
IP4 Address Classes, http://compnetworking.about.com/od/workingwithipaddresses/l/aa042400b.htm
Question #181 of 200
Question ID: 1289154
Your client is experiencing what appears to be a decrease in network throughput. However, the symptoms the client is reporting to you are not detailed enough for you to
diagnose the issue and make a recommendation. What will best assist you in pinpointing the bottleneck the next time it occurs?
A) Network configuration and performance baselines
B) Wiring and port locations
C) Standard operating procedures/work instructions
D) Rack diagrams
Explanation
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
129/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Network configuration and performance baselines are parts of the network documentation that assist with troubleshooting. In particular, performance baselines show how the
network performs under typical loads, in terms of bandwidth used, packets dropped, throughput, or other metrics, for a given period of time. Later, when network issues occur,
such as a perceived drop in network speed, the administrator can compare current conditions to the previously recorded baseline.
Standard operating procedures/work instructions represent key documents used to manage the network. While the two documents are related, they each have a different
purpose. Standard operating procedures (SOPs) indicate what is to be done, as well as the responsible party. The work instructions describe how to execute the task identified
in the SOP, but would not identify an active issue with throughput.
Rack diagrams depict the placement of network equipment, such as routers, switches, hubs, patch panels, and servers, in a standard 19” rack. Rack diagrams are particularly
useful when planning server rooms and networking closets as the diagrams allow the engineer to determine the proper placement of equipment prior to the physical buildout.
They also serve as a tool to help locate equipment for maintenance or repair, but not to identify an active issue with throughput.
Wiring and port locations should be a critical component of the network documentation. This documentation facilitates troubleshooting connectivity by not only identifying the IP
or MAC address where the problem is located, but also the physical location of the problem. Wiring and port locations will not help you research performance issues until after
the network configuration and performance baselines examined and compared to current performance.
Objective:
Network Operations
Sub-Objective:
Given a scenario, use appropriate documentation and diagrams to manage the network.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Network Documentation
How to set a network performance baseline for network monitoring, https://searchnetworking.techtarget.com/How-to-set-a-network-performance-baseline-for-network-monitoring
Question #182 of 200
Question ID: 1289097
Your company’s enterprise includes multiple subnets, each of which uses a different addressing class. Match the IPv4 addresses on the left with the IPv4 address type that
describes it. Each address will only match to a single address type, and each address type will only match a single address.
{UCMS id=5718560221429760 type=Activity}
Explanation
The IPv4 address types should be matched with the given IPv4 addresses as follows:
Class A - 12.174.25.98
Class B - 162.58.123.84
Class C - 219.214.211.167
APIPA - 169.254.1.1
Private - 172.16.2.3
Loopback - 127.0.0.1
Multicast - 225.47.72.63
Objective:
Networking Concepts
Sub-Objective:
Given a scenario, configure the appropriate IP addressing components.
References:
IPv4 Addressing, https://technet.microsoft.com/en-us/library/dd379547(v=ws.10).aspx
CompTIA Network+ N10-007 Cert Guide, Chapter 5: IPv4 and IPv6 Addresses
Question #183 of 200
Question ID: 1289263
You have been called to troubleshoot a workstation problem in the oldest building on your company's corporate campus. The network workstations in that building are unreliable.
When the room lights are on, connectivity is lost, but when the room lights are off, the network is functional. Upon arrival, you quickly survey the work environment. You observe
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
130/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
the following conditions:
Lighting consists mainly of fluorescent lights.
Temperature is 65 degrees Fahrenheit (18 degrees Celsius).
Humidity is 75%.
Employees own space heaters, but they are not using them.
Electrical outlets appear outdated.
What is most likely causing the loss of connectivity?
A) Fluorescent lighting in the room
B) Low temperature
C) Voltage fluctuation in the outlets
D) Defective network hubs
Explanation
Because the loss of connectivity is only occurring when the fluorescent lights are turned on, it points to electromagnetic interference (EMI) being emitted by fluorescent lighting.
EMI is essentially electrical noise that is picked up on the network cable. EMI from fluorescent lights can corrupt data; therefore, you should consider your choice of network
cable carefully if you must place the cable near fluorescent lights. Ideally, network equipment should be maintained at a room temperature of 70 degrees Fahrenheit (21 degrees
Celsius). However, even lower-than-ideal temperatures would not affect equipment.
Defective network hubs would not cause fluctuating connectivity problems. Rather, connectivity would be permanently lost until the problem hub is replaced. A bad switch
module would also cause loss of connection. Switches can include gigabit interface converter (GBIC) and small form-factor pluggable (SFP) modules. If one of these modules
goes bad, you can either replace it if possible. Otherwise, the switch will have to be replaced. To determine if the module has failed, you need to use an LC loopback tester.
Voltage fluctuation in the outlets would not affect network connectivity. Instead, computers rebooting, computer power supply failures, or temporary loss of power could result
from voltage fluctuation. EMI affects cable placement. Cable placement issues may vary depending on the type of media (twisted pair, coaxial, or fiber) used. You should avoid
running cables near objects that may cause problems with the cabling. You should arrange cables to minimize interference. Ideally, Ethernet cables should not be placed close
to high voltage cables, generators, motors, or radio transmitters. Often using shielded cabling will prevent this problem. You could also move the interfering device or the cable.
Cross-talk is a specialized type of EMI caused by parallel runs of twisted-pair cables. The only solution to this problem is to change the path of the cables. Near-end crosstalk
(NEXT) measures the ability of the cable to resist crosstalk. Most commercial cabling will give you the minimum NEXT values that are guaranteed. Far-end crosstalk (FEXT)
measures interference between two pairs of a cable measured at the other end of the cable with respect to the interfering transmitter.
Other physical connectivity problems include the following:
Bad connectors - If you suspect that a connector is damaged or nonfunctional, you should replace the connector. Often it is much easier to replace the entire cable rather
than the connector. However, for long cable runs that extend over a long distance, you should replace the connector so that the cable will not have to be re-routed.
Bad wiring - If you suspect that a cable is damaged or nonfunctional, you should replace the cable. Always ensure that the new cable is functional before using it to replace
the known-bad cable.
Open or short circuits - An open circuit is usually the result of a broken cable or improper termination. This causes an incomplete connection and complete failure of the
electric current. A short circuit occurs when there is unwanted contact with the cabling. This results in the current following an unwanted path, which could cause overheating
or burning.
Split cables - The cable is actually cut. An open circuit can be the direct result of this issue.
Db loss - Db loss in cabling occurs because the voltage decays slowly as the current travels the length of the cable. Therefore, the longer the cable run, the more Db loss
occurs. The loss is predictable based on cable length. You should either decrease the cable length or install repeaters to reduce Db loss.
TX/RX reversed - A straight-through cable has the same transmit (Tx) or receive (Rx) leads at each end, while they are reversed at one end in a crossover cable. A straightthrough cable connects dissimilar devices, while a crossover cable connects like devices. If you use a crossover cable in the wrong location on the network, the device will
be unable to connect to the network. You should replace the cable with the correct type. Some switches support medium dependent interface crossover (MDIX), which
allows a switch port to properly configure its leads as Tx or Rx. However, if a network device does not support MDIX, you must use the appropriate cable (that is, a
crossover cable). If loss of connection occurs, you are using the wrong cable or have the switch leads configured incorrectly.
Distance - This issue is caused when cable lengths exceed the maximum distance allowed by a particular media type. Ensure that your cable runs do not exceed the
maximum distance allowed. Repeaters could also be used to prevent this problem.
Incorrect termination (mismatched standards) - Incorrect termination occurs when the cabling connectors are configured with the wrong individual pin in the connector
sockets.
Straight-through - With this type of cable, each pin connects to the same pin on the opposite side. This cabling is used when connecting unlike devices, such as
connecting a router to a hub, connecting a computer to a switch, or connecting a LAN port to a switch, hub, or computer.
Crossover - With this type of cable, some of the internal wires cross over each other by switching the orange-white and green-white wires, and then the orange and
green wires. This cabling is used when connecting like devices, such as connecting a computer to a router, connecting a computer to a computer, or connecting a router
to a router.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
131/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Split pairs - A split pair is a wiring error where two wires of a twisted pair are instead connected using two wires from different pairs. It most commonly occurs when a punchdown block is wired incorrectly or when RJ-45 connectors are crimped onto the wrong wires. In both of these situations, you will need to rewrite the block or connector.
Often network cable testers can identify any of the above problems.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common wired connectivity and performance issues.
References:
Choosing an Optimal Location for Your Data Center: Electromagnetic Interference, http://www.ciscopress.com/articles/article.asp?p=417091
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #184 of 200
Question ID: 1289293
You are the network administrator for your company. One of your trainees configured the company's network. However, the network is not working. You ran the ipconfig
command on Host A and found that the subnet mask on Host A is not properly configured. The network is shown in the following image:
Which subnet mask should you configure on Host A to solve the problem?
A) 255.255.0.0
B) 255.255.192.0
C) 255.255.240.0
D) 255.255.254.0
Explanation
According to the diagram in this scenario, the IP address configured on Host A is 172.32.2.3 and the broadcast address is 172.32.3.255. If the broadcast address for this
network is 172.32.3.255, then the network ID of the next subnet in the series of subnets created by the mask is 172.32.4.0. Because the gateway address (which must be in the
same subnet as the hosts) is 172.32.2.1, it indicates that the subnet that contains the three addresses (IP address, gateway and broadcast address) has a network ID of
172.32.2.0. The mask must be 255.255.254.0. It would yield the following subnet IDs:
172.32.0.0
172.32.2.0
172.32.4.0
172.32.6.0
…and so on.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
132/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
The mask could not be 255.255.0.0. This is a standard class B mask, and when used the broadcast address would be 172.32.255.255, not 172.32.3.255.
The mask could not be 255.255.240.0. This would create an interval of 16 between subnets in the third octet, which would yield the following subnet IDs:
172.32.0.0
172.32.16.0
172.32.32.0
…and so on.
If this were the case, the broadcast address for these addresses' subnet would be 172.32.15.255, not 172.32.3.255.
The mask could not be 255.255.192.0. This would create an interval between subnets of 64 in the third octet, which would yield the following subnet IDs:
172.32.0.0
172.32.64.0
172.32.128.0
…and so on.
If this were the case, the broadcast address for the subnet hosting these addresses would be 172.32.63.255, not 172.32.3.255.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, troubleshoot common network service issues.
References:
Understanding IP Addresses, http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#ustand_ip_add
CompTIA Network+ N10-007 Cert Guide, Chapter 14: Network Troubleshooting
Question #185 of 200
Question ID: 1289185
In the context of physical security, which statement related to security guard personnel is most appropriate?
A) Security guard personnel act as the last line of defense in securing the facility infrastructure.
B) Security guard personnel are a cost effective countermeasure to reduce physical security risk.
C) Security guard personnel are one of the administrative controls in a layered security architecture.
D) Security guard personnel are the most expensive countermeasure for reducing the physical security risk.
Explanation
Security guard personnel are the most expensive countermeasure used to reduce physical security risks. The cost of hiring, training, and maintaining them can easily outweigh
the benefits. Security guard personnel, in combination with other physical security controls and technical controls such as fences, gates, lighting, dogs, CCTVs, alarms, and
intrusion detection systems, act as the first line of defense in maintaining the security of a facility infrastructure . Security guards are the best protection against piggybacking.
Mantraps also provide protection against piggybacking. The last line of defense is the remaining workforce of the company, excluding the security guards, in a layered security
architecture. Personnel are an example of physical security controls and not administrative controls.
Objective:
Network Security
Sub-Objective:
Summarize the purposes of physical security devices.
References:
Security Guards, http://homesecurity.about.com/od/homesecurity/a/Security-Guards.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Categories of Network Attacks
Question #186 of 200
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
Question ID: 1123378
133/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
A consultant recommends that your company implements an appliance firewall. To which type of firewall is this referring?
A) hardware
B) software
C) embedded
D) application
Explanation
A hardware firewall is also referred to as an appliance firewall. Appliance firewalls are often designed as stand-alone black box solutions that can be plugged in to a network and
operated with minimal configuration and maintenance.
An application firewall is typically integrated into another type of firewall to filter traffic that is traveling at the Application layer of the Open Systems Interconnection (OSI) model.
An embedded firewall is typically implemented as a component of a hardware device, such as a switch or a router.
A software firewall is a program that runs within an operating system, such as Linux, Unix, or Windows 2000. If you set up a subnet with computers that use peer-to-peer
communication, a software firewall is probably the best firewall solution.
Firewalls can be used to create demilitarized zones (DMZs). A DMZ is a network segment placed between an internal network and a public network, such as the Internet.
Typically, either one or two firewalls are used to create a DMZ. A DMZ with a firewall on each end is typically more secure than a single-firewall DMZ. However, a DMZ
implemented with one firewall connected to a public network, a private network and a DMZ segment is cheaper to implement than a DMZ implemented with two firewalls.
Objective:
Infrastructure
Sub-Objective:
Explain the purposes and use cases for advanced networking devices.
References:
Chapter 6: Firewalls, http://service.real.com/help/library/guides/helixuniversalproxy/htmfiles/firewall.htm
Introduction to firewalls: Types of firewalls, http://searchnetworking.techtarget.com/generic/0,295582,sid7_gci1282044,00.html
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Firewalls
Question #187 of 200
Question ID: 1123389
Which device or feature provides a bridge between the physical environment and the virtual environment?
A) Virtual firewall
B) Virtual router
C) Hypervisor
D) Virtual NIC
Explanation
A virtual network interface card (NIC) operates within the virtual environment. In common practice, it is bridged to the physical NIC on the host system so the virtual machine can
communicate with another network segment or the Internet.
A hypervisor (or virtual machine monitor) provides supervisory and management functions on a machine (host) on which one or more virtual machines are deployed.
Hypervisors are categorized as Type 1, which installed on the "bare metal," or Type 2, which are installed on top of the operating system as an application. Examples of Type 1
include KVM for Linux and Microsoft's Hyper-V Server 2012. Examples of Type 2 hypervisors include VMware Workstation and OracleBox.
Virtual firewalls provide the same function as regular firewalls, but provide them in a virtual environment.
Virtual routers provide the same router functions as physical routers, but a virtual environment. Virtual routers are software based and do not require physical hardware.
Objective:
Infrastructure
Sub-Objective:
Explain the purposes of virtualization and network storage technologies.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
134/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
References:
Virtualizing a Network Card, https://www.usenix.org/legacy/publications/library/proceedings/usenix01/sugerman/sugerman_html/node5.html
Question #188 of 200
Question ID: 1289145
Which of the following uses cells that are equally sized at 53 bytes each?
A) PPPoE
B) DMVPN
C) SIP trunk
D) ATM
Explanation
Asynchronous Transfer Mode (ATM) is a network transmission model used in voice, video, and data communications that uses equally sized cells that are all 53 bytes long. The
equal length of the data packets supports very high data rates. ATM is deployed in Optical Carrier (OC) backbone network segments.
Point-to-Point Protocol over Ethernet (PPPoE) encapsulates Point-to-Point Protocol (PPP) frames over Ethernet. It is typically used in DSL to allow subscribers on Ethernet
networks to connect over DSL modems.
Dynamic Multiport Virtual Private Network (DMVPN) allows an organization to exchange data over a secure network of VPNs, without having to route the data through the
organization’s primary VPN router. In essence, a DMVPN creates a mesh VPN topology.
Session Initialization Protocol (SIP) trunking is used in Voice over IP telephony. The SIP trunk connects the incoming gateway with the customer’s Private Branch Exchange
(PBX).
Objective:
Infrastructure
Sub-Objective:
Compare and contrast WAN technologies.
References:
ATM In Computer Networks: History And Basic Concepts, https://fossbytes.com/atm-asynchronous-transfer-mode-history-basic-concepts/
Question #189 of 200
Question ID: 1289178
Management has decided to renovate a portion of the office. You have been asked to relocate several computers and other network devices in the renovation area to another
part of the building. After relocating the computers and devices, you document the new location. What is the term used to describe the actions you took?
A) SLA
B) NAC
C) asset management
D) baseline
Explanation
Asset management involves documenting information regarding the company assets, including location, user, IP address, and other information. Asset management is part of
the network documentation that must be maintained. A service level agreement (SLA) is an agreement from a service provider that details the level of service that will be
maintained. Network access control (NAC) is a method whereby an organization implements rules for security for devices that connect to the network. The rules include all
requirements for any device to connect to the network. If a device is compliant, it is given access to the network. If it is not, it will be quarantined from the rest of the network. A
baseline is a performance measurement against which all future measurements are compared. Without a baseline, you have no way of knowing if performance is improving or
degrading. For the Network+ exam, you also need to understand the following documentation:
IP address utilization - You should always track your IP usage, particularly if you implement a network with multiple subnets. Two devices on the same network cannot use
the same IP address, even if you implement private IP addresses. Carefully document your IP address usage to ensure communication. Implementing a DHCP server on
your network is the best way to do this. At any time, you will be able to view IP address utilization from the DHCP server.
Vendor documentation - Retain all vendor documentation for all devices, including computers. When it comes to configuration management, vendor documentation can aid
you in ensuring that you purchase hardware that is compatible with the device or computer. In many cases, vendor documentation can be found online. But this isn't always
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
135/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
the case, especially with older, legacy hardware.
For the Network+ exam, you also need to understand the on-boarding and off-boarding of mobile devices. Mobile devices are increasingly being used on corporate networks.
Companies must consider the impact of these devices and create the appropriate policies for their use. Formal on-boarding procedures should be developed and should include
minimum security requirements for the devices. Companies should implement some sort of mobile device management (MDM), which would allow you to manage mobile
devices from a central management console. MDM would allow you to on-board and off-board mobile devices quickly and easily.
Objective:
Network Operations
Sub-Objective:
Identify policies and best practices.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Network Documentation
Question #190 of 200
Question ID: 1289146
Which of these is NOT associated with data conversion between the ISP and the customer premise equipment?
A) ATM
B) Smart jack
C) Demarcation point
D) CSU/DSU
Explanation
Asynchronous Transfer Mode (ATM) is NOT associated with data conversion between the ISP and the customer premise equipment. It is a network transmission model used in
voice, video, and data communications. ATM uses equally sized cells that are all 53 bytes long. The equal length of the data packets supports very high data rates. ATM is
deployed in Optical Carrier (OC) backbone network segments.
All of the other options are associated with data conversion between the ISP and the customer's on-premises equipment.
A demarcation point is where the division is made between the service responsibilities of the ISP and the service responsibilities of the customer. It is often located at the
CSU/DSU or smart jack. When a network problem occurs, the demarcation point will determine which party is responsible for fixing it, such as the customer or the ISP.
A Channel Service Unit/Data Service Unit (CSU/DSU) is a device that connects a router to a digital circuit, such as a T1 line. The CSU/DSU converts the signal from a wide area
network into frames for a local area network.
A smart jack typically provides the conversion between a telecommunications T1 line and the customer’s network. Smart jacks can also provide an alarm if the communications
link is broken, diagnostic services such as loopback, or even act as a repeater.
Objective:
Infrastructure
Sub-Objective:
Compare and contrast WAN technologies.
References:
ATM In Computer Networks: History And Basic Concepts, https://fossbytes.com/atm-asynchronous-transfer-mode-history-basic-concepts/
Question #191 of 200
Question ID: 1123556
You are the network administrator for your company's network. All servers run Windows Server 2008. All workstations run Windows 7. The network diagram is shown in the
following exhibit:
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
136/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Workstation A2 is experiencing delays accessing Server B. Which utility should you run from Workstation A2 to determine the source of the slowdown?
A) ping
B) netstat
C) ipconfig
D) tracert
Explanation
The tracert utility will provide a listing of all routers through which data from Workstation A2 must pass on its way to Server B. If there are any problems along the way, they will
show up in the output from the tracert command.
The ping utility is used to determine whether a specific IP address is accessible. It works by sending a packet to the specified address and waiting for a reply. The ping utility is
used primarily to troubleshoot Internet connections. It would not be useful in determining the source of the slowdown in this scenario. However, it can be used to troubleshoot
connectivity to specific devices.
Netstat is a TCP/IP utility that you can use to determine the computer's inbound and outbound TCP/IP connections. It displays current connections and their listening ports. It
cannot be used to troubleshoot this problem.
The ipconfig utility is used to display currently assigned TCP/IP network settings, such as IP address, subnet mask, and default gateway, on Windows computers. It can be run
from a command prompt. When issued with the /all switch, ipconfig displays detailed information. It cannot be used to troubleshoot this problem.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #192 of 200
Question ID: 1123367
You are setting up an 802.11a wireless network in an office environment that includes three wireless access points. The wireless access points are at least 15 meters apart and
are configured for automatic channel setting. Each time you turn the wireless access points on, they all choose the same channel. You need to ensure that the access points
choose separate channels to prevent interference, using the least amount of administrative effort.
What should you do?
A) Start each wireless access point at a separate time.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
137/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
B) Increase the distance between the wireless access points to at least 20 meters.
C) Manually configure each of the access points to use channels 1, 6, and 11, respectively.
D) Reduce the signal strength on each access point.
Explanation
You should start each wireless access point at a separate time. This will allow each access point to select a channel. Then, when the next access point is booted, it will detect
the other access points' channels and use another channel besides the ones detected. 802.11a wireless access points have eight available non-overlapping channels: 36, 40,
44, 48, 52, 56, 60, and 64.
802.11a products need to be configured for automatic channel selection. Therefore, you cannot manually configure the channel. With the automatic channel selection feature,
802.11a wireless access points can detect other access points and configure their channel accordingly. This is the reason that it is important to start 802.11a wireless access
points at a separate time. The suggested range for 802.11a wireless access points is 30 meters in an open space, and 10 meters in an office environment.
You should not increase the distance between the wireless access points to at least 20 meters. For 802.11a wireless access points, the suggested distance in an office
environment is 10 meters.
You should not manually configure each of the access points to use channels 1, 6, and 11, respectively. These are the non-overlapping channels used by 802.11b and 802.11g
devices. You should alternate between these three channels when using 802.11b or 802.11g wireless access points. The suggested range for 802.11b and 802.11g wireless
access points is 120 meters in an open space and 30 meters in an office environment.
You should not reduce the signal strength on each access point. This would require more administrative effort than is necessary to fix your problem. In addition, reducing the
signal strength could cause problems for some wireless clients that are now outside the new range. It is much simpler to turn the wireless access points on at different times.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 8: Wireless Technologies, Introducing Wireless LANs
Question #193 of 200
Question ID: 1289203
What typically enables a social engineering attack to occur? (Choose two.)
A) believable language
B) encryption
C) gullibility
D) the deletion of key files
Explanation
Gullibility, believable language, and the good intentions of users typically enable a social engineering attack to occur. An example of a social engineering attack is an e-mail
hoax, which is an e-mail message that indicates the possibility of virus infection. An e-mail hoax contains a message that uses believable language to trick users into believing
the hoax. In the text of an e-mail hoax, users are typically instructed to forward the message to as many others as possible, which is how an e-mail hoax replicates. Sometimes,
an e-mail hoax will direct users to delete key system files, an action that can seriously damage an operating system installation. Another bomb caused by an e-mail hoax is
increased use of bandwidth, which results when users on a network forward a hoax to other users.
Social engineering attacks do not typically use encryption.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
Hacker tactics prey on gullible, curious, https://searchsecurity.techtarget.com/news/537875/Hacker-tactics-prey-on-gullible-curious
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
138/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Question #194 of 200
Question ID: 1123499
What can be used by a hacker to implement a social engineering attack on a network?
A) a remote control package
B) a telephone
C) a multimeter
D) a packet sniffer
Explanation
A telephone can be used by a hacker to implement a social engineering attack in which the hacker attempts to gain critical network information through social interaction with
company employees. For example, a hacker might call a user on a network and ask for a user name and password. If the user is not properly trained, then the user might
provide his or her user name and password to the hacker.
Dumpster diving is another social engineering method that is carried out by stealing information from a company's trash disposal. To prevent dumpster diving, destroy all paper
and other media that are not required.
A multimeter is a device that can be used to test electrical circuits.
A remote control package is a software package that enables a remote user to control a computer. Back Orifice and PCAnywhere are examples of remote control packages.
A packet sniffer is a computer or device that can gather all of the network traffic from a network medium. A hacker can then analyze any captured clear text packets in an
attempt to obtain critical network information.
Objective:
Network Security
Sub-Objective:
Summarize common networking attacks.
References:
How to Defend your Network Against Social Engineers, http://www.windowsecurity.com/articles/social_engineers.html
Question #195 of 200
Question ID: 1123531
Which of the following would be used to help defend against a man-in-the-middle attack?
A) Flood guard
B) Root guard
C) BPDU guard
D) DHCP snooping
Explanation
DHCP snooping prevents an unauthorized DHCP server from issuing IP addresses to clients. The unauthorized or rogue DHCP server is often used in man-in-the-middle
attacks. A trusted server is identified on a specific switch port by configuring the DHCP Snooping Trust State. This allows DHCP traffic to flow through the port. A DHCP server
attached to a port that does not have a properly configured trust state will have its traffic blocked.
Current Web communications can also be secured against eavesdropping, hijacking, and man-in-the-middle (MitM) attacks through mutual certificate authentication via
Transport Layer Security (TLS). The encryption negotiated by TLS between a Web client and Web server provides protection against eavesdropping and hijacking, and the
mutual authentication using certificates that provides protection against MitM attacks.
Bridge Protocol Data Unit (BPDU) guard works with Spanning Tree Protocol (STP) and PortFast. When a switch receives a BPDU, the BPDU guard disables the port on which
PortFast has been configured. It prevents looping, not man-in-the-middle attacks.
Flood guard establishes the maximum number of MAC addresses that can be seen by an interface. The switch monitors the traffic on the interface. If the network gets flooded
with MAC addresses, the flood monitor can intervene by disabling ports and filtering out traffic. Denial of Service (DoS) attacks may use traffic flooding to deny valid users the
ability to interact with resources at an acceptable level, pace, or throughput. It prevents DoS flooding attacks, not man-in-the-middle attacks.
Root guard protects the integrity of the root bridge in a spanning-tree environment. Root guard ensures that the switch you designate as the root bridge remains in that role until
changed by an administrator. It is the same thing as a BPDU guard, which prevents looping.
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
139/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Objective:
Network Security
Sub-Objective:
Explain common mitigation techniques and their purposes.
References:
Five Things To Know About DHCP Snooping, http://packetpushers.net/five-things-to-know-about-dhcp-snooping/
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Defense Against Attacks
Question #196 of 200
Question ID: 1123285
Which of these has helped reduce wiring, weight, and cost in industrial applications?
A) PAN
B) SAN
C) CAN
D) MAN
Explanation
A controller area network (CAN) is used in industrial applications, originally in automotive systems. It replaces bulky wiring systems, reducing weight and cost. A CAN builds a
network between controllers, allowing them to share information. A railway application, for example, might be a sensor that detects whether or not a door is closed, and locks the
brakes until the sensor indicates the door is closed.
A storage area network (SAN) creates a network among a pool of storage devices. It may be thought of as a RAID array that uses network connections as opposed to data
cables. The SAN pool appears as a single drive letter to the client.
A personal area network (PAN) is a network of devices that are in close proximity to a person, no more than a couple of meters away. Devices that can be part of PANs include
wireless headphones, wearable technology, and printers.
A metropolitan area network (MAN) connects several LANS together in an area roughly the size of a city. An example of a MAN might be a large hospital with several satellite
offices in various neighborhoods around the city.
CAN can also mean campus area network. This type of network encompasses a large campus that is usually located within a several block radius. This type of CAN connects
several LANs into a single CAN. Then multiple CANs can be connected using a MAN or WAN.
Objective:
Networking Concepts
Sub-Objective:
Compare and contrast the characteristics of network topologies, types and technologies.
References:
Controller Area Network (CAN) Overview, http://www.ni.com/white-paper/2732/en/es
Question #197 of 200
Question ID: 1123365
You want to install a device between your company's private network and the Internet that will prevent users on the Internet from transferring HTTP messages into the
company's network.
Which device should you install?
A) a hub
B) a router
C) a bridge
D) a firewall
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
140/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Explanation
You should install a firewall between the Internet and your company's private network. A firewall can provide packet-filtering services for a network. Data packets can be allowed
or denied entry to or from a network based on several criteria, including the Transmission Control Protocol (TCP) port number and the IP address of the sending host. In this
scenario, you can configure the firewall to deny access to packets from the Internet that are sent through TCP port 80, which is the well-known TCP port for Hypertext Transfer
Protocol (HTTP) messages.
A bridge is a device that can divide a network into two segments. A network divided by a bridge appears to be a single network to devices and applications that operate at a
higher level than the bridge. You normally use a bridge to divide a network to optimize network traffic. A hub, which is often referred to as a repeater or a repeating hub, acts as
a concentration point for network connections on networks that use the star physical topology. A router connects two or more subnets and enables computers on a subnet to
send data to remote subnets; although some routers provide packet-filtering capabilities, packet filtering is not a guaranteed capability with a router.
Objective:
Infrastructure
Sub-Objective:
Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them.
References:
Introduction to Firewalls, http://netsecurity.about.com/od/hackertools/a/aa072004.htm
CompTIA Network+ N10-007 Cert Guide, Chapter 12: Network Security, Firewalls
Question #198 of 200
Question ID: 1123422
Which of the following would be the best recovery solution in the event that a network segment is unavailable?
A) Dual power supplies
B) Power generators
C) Battery backup/UPS
D) Redundant circuits
Explanation
Redundant circuits would be the best recovery solution in the event that a network segment becomes unavailable. The redundant circuit can provide a backup route if a NIC,
cable, router, or switch fails. You can create a redundant circuit buy installing an additional NIC in a computer and connecting the second NIC to a different port on another
switch.
Battery backups or uninterruptable power supplies (UPSs) provide temporary power to a limited number of systems. UPSs are designed to provide enough power to allow an
orderly shutdown of a system in the event of a power failure.
Power generators activate when there is a loss of power. Power generators are usually gasoline or diesel engines, and will run as long as they have fuel and do not break down.
They provide power for much longer periods of time than a battery backup or UPS.
Dual power supplies provide redundancy in the event of a failure of one of the power supply units internally within a computer. The failure of the power supply on a missioncritical server can be catastrophic. Equipping such a server with a dual power supply will provide redundancy and increase uptime.
Objective:
Network Operations
Sub-Objective:
Compare and contrast business continuity and disaster recovery concepts.
References:
Build Redundancy into Your LAN/WAN, http://www.itprotoday.com/management-mobility/build-redundancy-your-lanwan
CompTIA Network+ N10-007 Cert Guide, Chapter 9: Network Optimization, High Availability
Question #199 of 200
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
Question ID: 1289233
141/142
4/18/22, 4:07 PM
N10-007 Exam Simulation
Your Windows 7 computer is located on a TCP/IP network that uses DHCP. You want your computer to release its lease on the TCP/IP configuration that it received from the
DHCP server. Which command should you issue to release the configurations?
A) the tracert command
B) the arp command
C) the ping command
D) the ipconfig command
Explanation
You should issue the ipconfig command with the /release switch to release your computer's lease on the TCP/IP configuration that it received from the Dynamic Host
Configuration Protocol (DHCP) server. If other computers cannot locate your computer on the network, then you might need to renew the DHCP lease for your TCP/IP
configuration. You can renew the lease by issuing the ipconfig /renew command at a command prompt.
You can use the ping command to determine whether another computer is connected to a TCP/IP network. You can ping a computer by IP address or by DNS host name.
You can use the arp command to view the Address Resolution Protocol (ARP) cache and to view and configure other information about ARP on your computer.
You can use the tracert command on a Microsoft Windows computer to determine the route that a data packet takes as it travels through the network. The traceroute command
is the Linux equivalent of the tracert command.
Objective:
Network Troubleshooting and Tools
Sub-Objective:
Given a scenario, use the appropriate tool.
References:
CompTIA Network+ N10-007 Cert Guide, Chapter 11: Network Management, Maintenance Tools
Question #200 of 200
Question ID: 1289117
Match the description on the left with the DNS resource record on the right.
{UCMS id=4880775042301952 type=Activity}
Explanation
The DNS resource record types are as follows:
A - Maps a host name to an IPv4 address
AAAA - Maps a host name to an IPv6 address
CNAME - Maps an additional host name to an existing host record
MX - Maps a mail server name to a domain
PTR - Maps an IP address to a host name
Objective:
Networking Concepts
Sub-Objective:
Explain the functions of network services.
References:
List of DNS Record Types, http://en.wikipedia.org/wiki/List_of_DNS_record_types
CompTIA Network+ N10-007 Cert Guide, Chapter 3: Network Components, Specialized Network Devices
https://www.knowledgehub.com/education/test/print/61961268?testId=205855163
142/142
Related documents
Chapter 10
Chapter 10
Answers to End-of-Chapter Materials
Answers to End-of-Chapter Materials
Chapter 7 Due Name:_____________________________________ 1.
Chapter 7 Due Name:_____________________________________ 1.
fifth generation
fifth generation
Computer Networking By Brian Bogue
Computer Networking By Brian Bogue
Download
advertisement