CompTIA N10-009 Online Practice Questions and Exam Preparation

CompTIA N10-009 Online Questions & Answers

• Question 171:

  Which of the following describes a fully redundant network topology?

  A. Star
  B. Bus
  C. Mesh
  D. Ring
  C. Mesh

  ---

  Explanation

  A mesh topology provides full redundancy by connecting each node to every other node, creating multiple paths for data transmission. This ensures high availability and fault tolerance, as the failure of one link does not disrupt communication.

  Star, bus, and ring topologies have limited redundancy. Mesh networks are commonly used in critical environments where reliability is essential.

• Question 172:

  A network administrator needs to ensure all network ports use a security method that only permits authenticated devices.

  The solution must meet the following requirements:

  1. Reduced chance of spoofing.

  2. Centrally managed solution

  3. Auditable logs

  Which of the following technologies provides this functionality?

  A. MAC filtering
  B. Port security
  C. ACLs
  D. 802.1X
  D. 802.1X

  ---

  Explanation

  802.1X provides port-based network access control that requires authentication before a switch port grants full network access. It uses a supplicant (client), an authenticator (switch/AP), and an authentication server (commonly RADIUS) to validate credentials or certificates. This directly supports the requirements: it reduces spoofing compared with MAC-based controls because authentication can be identity- and certificate-based rather than relying on easily forged MAC addresses; it is centrally managed through AAA infrastructure and policy (users/devices/groups); and it produces auditable logs via the authentication server and network devices, enabling accountability and investigation. Network+ security objectives emphasize AAA, NAC, and strong access controls for both wired and wireless networks. MAC filtering and basic port security rely largely on MAC addresses and are susceptible to spoofing; they also tend to be harder to manage at scale and provide weaker centralized auditing. ACLs control traffic flows but do not authenticate endpoints at the port level, so they cannot ensure "only authenticated devices" can connect. Therefore, 802.1X is the technology that best meets all stated requirements.

• Question 173:

  A junior network administrator is auditing the company network and notices incrementing input errors on a long-range microwave interface.

  Which of the following is the most likely reason for the errors?

  A. The parabolic signal is misaligned.
  B. The omnidirectional signal is being jammed.
  C. The omnidirectional signal is not strong enough to receive properly.
  D. The parabolic signal uses improper routing protocols.
  A. The parabolic signal is misaligned.

• Question 174:

  A network administrator is reviewing a production web server and observes the following output from the netstat command:

  

  Which of the following actions should the network administrator take to harden the security of the web server?

  A. Disable the unused ports.
  B. Enforce access control lists.
  C. Perform content filtering.
  D. Set up a screened subnet.
  A. Disable the unused ports.

  ---

  Explanation

  The netstat output shows that multiple ports are open, including Telnet (23), FTP (20), and TFTP (69), which are potential security risks. Disabling unused ports minimizes the attack surface, reducing security vulnerabilities.

  Breakdown of Options:

  Option

  A. Disable the unused ports - Correct answer. Unused ports should be closed to prevent unauthorized access Option

  B. Enforce access control lists - ACLs help control access but do not disable unnecessary services Option

  C. Perform content filtering - Content filtering controls web traffic not port security Option

  D. Set up a screened subnet - A DMZ (screened subnet) improves security but does not address open portS

• Question 175:

  A technician is designing a cloud service solution that will accommodate the company's current size, compute capacity, and storage capacity.

  Which of the following cloud deployment models will fulfill these requirements?

  A. SaaS
  B. PaaS
  C. IaaS
  D. IaC
  C. IaaS

  ---

  Explanation

  Infrastructure as a Service (IaaS) provides scalable compute power, storage, and networking resources on demand. It is the best choice for a company that needs to customize its cloud solution based on size, compute capacity, and storage needs.

  IaaS Benefits:

  Provides virtual machines, storage, and networking resources.

  Scalable based on company needs.

  Reduces the need for physical infrastructure.

  Incorrect Options:

  Option A:

  SaaS (Software as a Service): Delivers software applications (e.g., Google Docs, Microsoft 365) but does not provide compute/storage infrastructure.

  Option B:

  PaaS (Platform as a Service): Provides a development environment for application deployment but not full infrastructure control.

  Option D:

  IaC (Infrastructure as Code): A methodology for automating infrastructure, not a cloud deployment model.

• Question 176:

  SIMULATION

  You are tasked with verifying the following requirements are met in order to ensure network security.

  Requirements:

  Datacenter

  - Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage

  - Provide a dedicated server to resolve IP addresses and hostnames correctly and handle port 53 traffic Building A

  - Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage

  - Provide devices to support 5 additional different office users

  -Add an additional mobile user

  -Replace the Telnet server with a more secure solution Screened subnet

  -Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage

  -Provide a server to handle external 80/443 traffic

  -Provide a server to handle port 20/21 traffic

  INSTRUCTIONS

  Drag and drop objects onto the appropriate locations. Objects can be used multiple times and not all placeholders need to be filled.

  Available objects are located in both the Servers and Devices tabs of the Drag and Drop menu.

  If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

  

  A. See explanation below.
  B. PlaceHolder
  C. PlaceHolder
  D. PlaceHolder
  A. See explanation below.

  ---

  Explanation

  Top left subnet - 206.208.134.0/28 Top right subnet - 10.72.63.0/28 Bottom subnet - 192.168.11.0/28

  Screened Subnet devices - Web server, FTP server Building A devices - SSH server top left, workstations on all 5 on the right, laptop on bottom left DataCenter devices - DNS server.

• Question 177:

  Which of the following combinations of single cables and transceivers will allow a server to have 40GB of network throughput? (Select two).

  A. SFP+
  B. SFP
  C. QSFP+
  D. Multimode
  E. Cat 6a
  F. Cat5e
  C. QSFP+
  D. Multimode

  ---

  Explanation

  QSFP+ is a transceiver type that supports 40Gb Ethernet by using four 10Gb lanes.

  It is commonly used with fiber optic cabling, including multimode fiber, for short-distance high-speed connections such as within data centers.

  SFP+ supports only 10Gb Ethernet.

  SFP supports 1Gb Ethernet.

  Cat 6a supports up to 10Gb Ethernet over copper.

  Cat 5e supports up to 1Gb Ethernet.

  Therefore, QSFP+ is the correct technology for 40Gb connectivity.

• Question 178:

  A network administrator wants to ensure that only authorized devices connect to switch ports.

  Which of the following should be enabled?

  A. Port security
  B. NAT
  C. DNS
  D. QoS
  A. Port security

  ---

  Explanation

  Port security is a feature on switches that restricts access to specific MAC addresses on a port. It prevents unauthorized devices from connecting to the network by allowing only predefined or dynamically learned MAC addresses. NAT handles address translation, DNS resolves domain names, and QoS manages traffic priority. Port security enhances network security by controlling physical access at the switch level.

• Question 179:

  Which of the following standards enables the use of an enterprise authentication for network access control?

  A. 802.1Q
  B. 802.1X
  C. 802.3bt
  D. 802.11h
  B. 802.1X

  ---

  Explanation

  802.1X provides port-based Network Access Control (NAC), requiring authentication (often through RADIUS) before granting access. This is the standard for enterprise authentication on both wired and wireless networks.

  Option A: 802.1Q defines VLAN trunking.

  Option C: 802.3bt defines higher-power PoE.

  Option D: 802.11h deals with spectrum management in wireless.

  References:

  Domain: Network Security -- NAC, 802.1X authentication.

• Question 180:

  Which of the following best describes the transmission format that occurs at the transport layer over connectionless communication?

  A. Datagram
  B. Segment
  C. Frames
  D. Packets
  A. Datagram

  ---

  Explanation

  At the transport layer, connectionless communication is typically handled using the User Datagram Protocol (UDP), which transmits data in units called datagrams. Unlike TCP, UDP does not establish a connection before sending data and does not guarantee delivery, making datagrams the correct term for the transmission format in this context.

  References:

  CompTIA Network+ Exam Objectives and official study guides.