CompTIA N10-009 Practice Test

Why C. Access Point is Correct

An Access Point (AP) is a networking device that creates a wireless local area network (WLAN) by allowing multiple wireless devices to connect to it using Wi-Fi. It extends the network’s reach within a designated area, enabling devices such as laptops, smartphones, and IoT devices to connect without physical cables.

1. It acts as a bridge between wired and wireless segments of a network.
2. Provides the "extended footprint" by broadcasting the wireless signal so multiple devices can access the network in that designated range.
3. Common in enterprise, campus, and home environments where centralized WLAN management is needed.

Official Reference:

CompTIA Network+ N10-009 Exam Objectives: 2.4 Compare and contrast wireless networking protocols and configuration options.

CompTIA Network+ Study Guide: “Access points connect wireless devices to the wired LAN, extending connectivity to mobile devices within the wireless coverage area.”

Why the Other Options Are Incorrect

A. Router

1. A router directs traffic between different networks (e.g., between your home LAN and the Internet).
2. While many home routers include a built-in wireless AP, the router’s primary role is network routing, not extending a WLAN footprint for multiple devices.

B. Switch

1. A switch connects multiple devices on a wired LAN segment.
2. It does not provide wireless connectivity or extend WLAN coverage.
3. Switches operate at Layer 2 (Data Link) and sometimes Layer 3 for routing functions in enterprise networks, but they are not designed for wireless access.

D. Firewall

1. A firewall is a security device (hardware or software) that controls network traffic based on predetermined rules.
2. It does not provide wireless connectivity or extend WLAN coverage.
3. Its main role is to protect the network, not to provide access points for devices.

Key Exam Tip:

In CompTIA Network+ questions, when you see “extended footprint” and “multiple devices” in a WLAN context, think Access Point — unless the question specifically mentions routing between networks, in which case it might be a wireless router.

Explanation:

Wireless reflection causes multipath interference, where RF signals bounce off surfaces like glass or metal in a corporate environment, leading to signal distortion and dropped connections. This matches the issue of a device constantly dropping off the network due to severe Wi-Fi interference.

Why Other Options Are Incorrect

B. Too much wireless absorption: Absorption reduces signal strength but doesn’t typically cause interference leading to constant drops; it causes weak signals or dead zones.

C. Too many wireless repeaters: Repeaters may cause congestion or channel overlap, but the question specifies interference, not repeater issues.

D. Too many client connections: This leads to congestion and slower speeds, not interference causing a single device to drop off.

Reference:
The answer is based on CompTIA Network+ N10-009 Exam Objectives, Domain 2.0 (Network Implementation), Objective 2.3, which covers wireless interference sources like reflection causing multipath issues.

Explanation:

1. Understanding the Problem

The given network is 192.168.1.0/24 (subnet mask 255.255.255.0), which provides 256 total IP addresses (254 usable, since the first and last are reserved).

The administrator wants to divide this into two equal halves, meaning two subnets with 128 addresses each (126 usable per subnet).

2. Calculating the New Subnet Mask

To split a /24 into two equal subnets, we borrow 1 bit from the host portion, changing the subnet mask from:

Original: /24 (255.255.255.0) → 11111111.11111111.11111111.00000000
New: /25 (255.255.255.128) → 11111111.11111111.11111111.10000000

This creates two subnets:

192.168.1.0/25 (range: 192.168.1.0–192.168.1.127)
192.168.1.128/25 (range: 192.168.1.128–192.168.1.255)

3. Why Option D is Correct
255.255.255.128 is the subnet mask for /25, which splits the original /24 into two equal halves.

4. Why Other Options Are Incorrect

A) 255.255.0.0 (/16)
This is a Class B subnet mask, far larger than needed. It would allow 65,536 addresses, not two halves of a /24.

B) 255.255.254.0 (/23)
This merges two /24 networks (512 addresses), the opposite of dividing a single /24.

C) 255.255.255.0 (/24)
This is the original subnet mask, not a division. It provides one network, not two.

Official CompTIA Network+ Reference
This aligns with Objective 1.4 (Given a scenario, configure and verify IPv4 addressing) in the N10-009 exam objectives, which covers subnetting and CIDR notation.

Explanation:

✅ Why A. DNS Poisoning is Correct

DNS poisoning (also called DNS spoofing) is an attack in which an attacker corrupts the Domain Name System (DNS) cache or records, causing legitimate domain queries to resolve to malicious IP addresses.

1. When a user attempts to visit a legitimate company website (e.g., www.example.com), the poisoned DNS entry sends them to a completely different website — often controlled by the attacker.
2. This can be used for phishing, malware distribution, or credential theft.
3. The attack works by injecting false DNS records into a resolver’s cache, tricking systems into accepting them as authentic.

Official CompTIA Reference:

CompTIA Network+ N10-009 Exam Objective 4.3: "Explain common networking attacks" – DNS poisoning is explicitly listed as a method for redirecting traffic to malicious sites.

CompTIA Network+ Study Guide: “In DNS poisoning, attackers alter DNS records to redirect traffic from legitimate sites to fraudulent ones without the user’s knowledge.”

Why the Other Options Are Incorrect

B. Denial-of-Service (DoS)

1. DoS attacks flood a target system with traffic to make it unavailable.
2. They do not typically redirect users to a different website — they simply prevent access to the original site.

C. Social Engineering

1. Social engineering manipulates human behavior to gain access or information (e.g., phishing emails, pretexting).
2. While it might trick someone into clicking a malicious link, it is not an automated network-level redirection attack like DNS poisoning.

D. ARP Spoofing

1. ARP spoofing tricks devices on a local network into sending traffic to the attacker instead of the intended recipient by falsifying ARP messages.
2. While it can enable man-in-the-middle attacks and even redirection, it is limited to the local network and does not generally affect users accessing a public website via DNS resolution.

Key Exam Tip: When you see a question mentioning users being sent to the wrong site when using a legitimate URL, think DNS poisoning — it’s a textbook redirection attack at the DNS level.

Explanation:

The tracert (traceroute) command is used to trace the path that packets take from the user's laptop to the destination server, identifying each hop (router) along the way and measuring latency. Since the technician suspects a routing issue, tracert is the most appropriate tool to pinpoint where the connection fails or experiences delays, helping to diagnose routing problems between the laptop and the corporate server.

This aligns with CompTIA Network+ N10-009 Exam Objectives, Domain 4.0 (Network Troubleshooting), Objective 4.3, which includes troubleshooting network connectivity using tools like traceroute.

Why Other Options Are Incorrect

A. tcpdump: This command captures and analyzes network packets, useful for inspecting traffic details but not specifically for tracing routing paths. It’s less effective for identifying routing issues compared to tracert.

B. dig: This command queries DNS servers to resolve domain names to IP addresses. It’s useful for DNS issues but doesn’t help diagnose routing problems.

D. arp: The Address Resolution Protocol command displays or manages the ARP cache, mapping IP addresses to MAC addresses on the local network. It’s irrelevant for troubleshooting routing to a remote server.

Reference:

The answer is based on CompTIA Network+ N10-009 Exam Objectives, Domain 4.0 (Network Troubleshooting), Objective 4.3, which emphasizes using tools like traceroute (tracert) to troubleshoot network connectivity and routing issues.

Explanation:

1. Understanding the Question

The question asks about a dedicated link to a cloud environment that may not include encryption.

2. Why Option A (Direct Connect) is Correct

1. Direct Connect (AWS) / ExpressRoute (Azure) / similar services provide a private, dedicated connection between an on-premises network and a cloud provider.
2. It bypasses the public internet, offering low latency and high bandwidth.
3. Encryption is optional—since the link is physically private, some organizations rely on physical security rather than encryption.

CompTIA Network+ Reference: Covered under Objective 2.2 (Explain virtualization and cloud computing concepts).

3. Why Other Options Are Incorrect

B) Internet Gateway
A public-facing entry point for cloud environments (e.g., AWS Internet Gateway).
Not a dedicated link—traffic goes over the public internet.

C) Captive Portal
A web-based authentication page (e.g., in hotels or airports).
Unrelated to cloud connectivity.

D) VPN
Provides encrypted tunneling over the internet to connect to cloud environments.
The question specifies "may not include encryption," which rules out VPNs.

Final Answer:

A) Direct Connect is the correct answer because it provides a dedicated, private link to the cloud and does not require encryption by default.

Explanation:

Why D. Out of Band is Correct

Out-of-band (OOB) management is a method of managing network devices using a separate, dedicated network or IP address range that is independent from the production (in-band) network.

1. In OOB management, the management traffic is isolated from normal data traffic.
2. This means administrators connect to devices through a special management interface (e.g., dedicated Ethernet port or console server) that uses a different set of IP addresses.
3. It is often used for troubleshooting when the main network is down or for secure remote administration.

Example:
A network switch may have a dedicated management port configured with an IP from a management VLAN or subnet (e.g., 192.168.100.x), completely separate from the production VLAN.

CompTIA Network+ Reference:

CompTIA Network+ N10-009 Exam Objectives, 2.7: “Compare and contrast remote access methods” — Out-of-band management is listed as a secure management approach using dedicated channels and separate addressing.

CompTIA Network+ Study Guide: “OOB management uses a dedicated connection and separate IP addressing to configure and manage devices independently from the production network.”

Why the Other Options Are Incorrect

A. Console
The console port is a direct serial connection to the device for configuration.
It doesn’t use IP addresses at all — instead, it requires a physical cable connection.

B. Split Tunnel
Split tunneling is a VPN configuration that determines which traffic goes through the VPN and which goes directly to the internet.
It is unrelated to device management or separate IP addressing.

C. Jump Box
A jump box (or jump server) is a hardened system that admins use to connect to other devices in a secured network.
It still uses in-band addresses within the same network; it does not require a completely separate IP address set like OOB management.

Key Exam Tip:

If a question mentions “different set of IP addresses” and network management, it’s almost always referring to Out-of-Band management.

Explanation:

A toner (tone generator and probe) is the most effective tool for identifying the correct patch panel port in an unlabeled setup. The tone generator is connected to the wall jack in the office, sending a signal through the UTP cable. The probe is then used at the patch panel to detect the signal, identifying the corresponding port.

This method is quick and precise for tracing cables in a wiring closet, directly addressing the issue of an unlabeled patch panel. This aligns with CompTIA Network+ N10-009 Exam Objectives, Domain 4.0 (Network Troubleshooting), Objective 4.2, which includes using tools like toners for cable identification and troubleshooting.

Why Other Options Are Incorrect

B. Laptop: A laptop could be used to test connectivity after patching but cannot identify an unlabeled patch panel port without additional tools or prior labeling, making it ineffective for this task.

C. Cable tester: A cable tester verifies cable continuity, pin assignments, or faults but cannot trace a specific cable to an unlabeled port without additional functionality like a toner.

D. Visual fault locator: This tool is used for fiber optic cables to detect breaks or faults by emitting visible light. It’s irrelevant for UTP (copper) cables used in this scenario.

Reference:

The answer is based on CompTIA Network+ N10-009 Exam Objectives, Domain 4.0 (Network Troubleshooting), Objective 4.2, which covers the use of tools like tone generators for identifying and troubleshooting cabling issues.

Explanation:

1. Understanding the Requirements

The engineer wants to monitor all traffic between the switch and router without introducing latency.
The IDS (Intrusion Detection System) must see all packets without loss but should not be in-line (which would add latency).

2. Why Option D (Port Mirror) is Correct

Port Mirroring (SPAN - Switched Port Analyzer) copies all traffic from one or more switch ports to a monitoring port where the IDS is connected.

Advantages:
No latency – The IDS is not in-line; it only receives a copy of the traffic.
No packet loss – Modern switches can mirror traffic at near-full line rate.
Sees all packets – Unlike taps, port mirroring can be configured to capture both ingress and egress traffic.

CompTIA Network+ Reference: Covered under Objective 3.2 (Given a scenario, implement network hardening techniques) and Objective 4.3 (Explain the purpose of network services).

3. Why Other Options Are Incorrect

A) Use a network tap

A network tap is a hardware device that duplicates traffic, but:

1. May introduce minimal latency (some taps are passive, but active taps can).
2. More expensive and complex than port mirroring.
3. Not necessary here since the switch already supports port mirroring.

B) Use Nmap software

1. Nmap is a network scanner, not a traffic monitoring solution.
2. It cannot capture all packets in real-time like an IDS requires.

C) Use a protocol analyzer

1. A protocol analyzer (e.g., Wireshark) captures traffic but does not provide real-time IDS functionality.
2. It is a diagnostic tool, not a prevention/monitoring solution.

Explanation:

✅ Why A. Multitenancy is Correct

Multitenancy is a cloud computing architecture where a single instance of an application or service serves multiple customers (tenants) — in this case, both internal company users and third-party users.

1. Each tenant’s data is logically separated but resides in the same shared infrastructure.
2. This arrangement maximizes efficiency and scalability while ensuring isolation at the software level.
3. Cloud providers like AWS, Azure, and Google Cloud often use multitenant designs for SaaS applications, enabling different organizations to access the same app securely.

Example:
A CRM system hosted in the cloud is accessed by multiple organizations, each with its own data partition, but running on the same backend infrastructure.

Reference:

N10-009 Exam Objectives, 2.3: “Summarize cloud concepts and connectivity options” — multitenancy is explicitly listed as a key cloud concept.

CompTIA Network+ Study Guide: “Multitenancy allows multiple organizations to use the same application instance while keeping data isolated for each tenant.”

Why the Other Options Are Incorrect

B. VPC (Virtual Private Cloud)

A VPC is a logically isolated section of a public cloud where you can launch resources.
While a VPC provides network isolation, it does not inherently describe multiple tenants sharing an application.

C. NFV (Network Functions Virtualization)

NFV virtualizes network services (firewalls, load balancers, etc.) so they can run on commodity hardware instead of dedicated appliances.
It’s about network service deployment, not application hosting for multiple user groups.

D. SaaS (Software as a Service)

SaaS refers to delivering software over the internet without local installation.
While SaaS solutions often use multitenancy, SaaS is the delivery model, not the architectural concept of serving multiple tenants.

✅ Key Exam Tip:

If the question focuses on serving multiple groups securely within the same application infrastructure, the term is multitenancy. If it focuses on how the software is delivered, that’s SaaS.