CompTIA N10-009 Practice Test

Explanation:

Switches Operate at Multiple OSI Layers:

Layer 2 Switch (Traditional Switch) – Operates at the Data Link layer (Layer 2), using MAC addresses to forward frames.

Multilayer Switch (Layer 3 Switch) – Can also operate at the Network layer (Layer 3), performing routing functions (IP-based forwarding).

Some advanced switches (Layer 4-7 switches) even handle Transport to Application layer functions (e.g., load balancing, QoS).

Why Not the Other Options?

A) Hub – Only operates at Layer 1 (Physical), regenerating signals without intelligence.

C) Transceiver – A Layer 1 (Physical) device that converts signals (e.g., fiber to copper) but does not process higher-layer data.

D) Modem – Operates at Layer 1 (Physical), modulating/demodulating signals for transmission.

Reference:

CompTIA Network+ Objective 1.2 (OSI Model Layers & Devices)

Switches are the most versatile, with Layer 2+ capabilities, unlike hubs, modems, or transceivers.

Conclusion: A switch is the only device listed that can operate at multiple OSI layers (primarily Layer 2, but also Layer 3+ in advanced models).

Explanation:

Critical Environmental Factors for Equipment Installation:

A) Fire suppression system – Protects equipment from fire damage. Different types (e.g., water-based, gas-based) affect safety and hardware longevity.

C) Humidity control – Prevents static buildup (low humidity) and condensation/corrosion (high humidity), ensuring stable operation.

Why Not the Others?

B) UPS location – Important for power backup but is more about electrical infrastructure than environmental conditions.

D) Power load – A capacity planning issue, not an environmental factor.

E) Floor construction type – Relevant for weight distribution, but not a primary environmental concern like fire/humidity.

F) Proximity to MDF – Affects cable runs and latency, but not environmental conditions.

Reference:

CompTIA Network+ Objective 5.5 (Environmental Controls) – Highlights fire suppression, humidity, and temperature as key factors.

ASHRAE guidelines recommend humidity levels (40-60%) and proper fire suppression for data centers.

Conclusion: The two environmental factors are fire suppression and humidity control, as they directly impact equipment safety and performance in the installation environment.

Why IPsec is the Best Choice:

End-to-End Encryption – IPsec provides strong encryption (AES, 3DES) and authentication (HMAC, SHA) for all traffic between sites.

Tunnel & Transport Modes – Supports both encrypted tunnels (site-to-site VPNs) and host-to-host security.

Integrity & Confidentiality – Uses ESP (Encapsulating Security Payload) to prevent eavesdropping and tampering.

IKE (Internet Key Exchange) Integration – Often paired with IKEv2 for secure key exchange (though IKE alone is not a full solution).

Why the Others Are Less Secure:

A) VXLAN (Virtual Extensible LAN) – A Layer 2 overlay protocol for extending VLANs, but lacks built-in encryption (must rely on IPsec for security).

B) IKE (Internet Key Exchange) – Only negotiates encryption keys; not a complete VPN solution (IPsec uses IKE for key management).

C) GRE (Generic Routing Encapsulation) – A tunneling protocol but does not encrypt traffic (often paired with IPsec for security).

Best Practice:

IPsec VPNs are the industry standard for secure site-to-site connections.

GRE + IPsec is sometimes used when both tunneling and encryption are needed.

Reference:

CompTIA Network+ Objective 3.2 (Secure Network Protocols) – IPsec is explicitly listed for secure site-to-site VPNs.

RFC 4301 (IPsec Architecture) – Defines IPsec as the standard for encrypted IP communications.

B) The administrator configured an incorrect default gateway

Why This is the Best Answer:

Symptoms Match: Users report network outages (not just IP assignment failures). If the default gateway is wrong, devices get IPs but can’t reach outside networks (e.g., internet, other subnets).

Common DHCP Misconfiguration: The default gateway is a critical DHCP option (Option 3). If set incorrectly, clients lose routing functionality.

Timing Fits: Issues appeared after DHCP server deployment, pointing to a DHCP-related misconfiguration.

Why the Other Options Are Less Likely:

A) Not enough IP addresses → Would cause DHCP exhaustion errors (devices fail to get any IP), not general "network outages."

C) Not enough routes → Rarely a DHCP issue; routers handle routing tables, not DHCP servers.

D) Not enough MAC addresses → Nonsense—MAC addresses are burned into NICs, not "provisioned" by DHCP.

Troubleshooting Steps:

Check DHCP scope settings (especially Option 3: Router/Default Gateway).

Verify clients receive the correct gateway via ipconfig /all (Windows) or nmcli (Linux).

Test connectivity to the gateway (ping ).

Reference:

CompTIA Network+ Objective 1.6 (DHCP Services) – Highlights default gateway as a critical DHCP option.

Real-world DHCP issues often stem from wrong gateway/subnet mask/DNS settings.

Final Answer: B) Incorrect default gateway is the most probable cause.

B) Broadcast

Why Broadcast?

Definition: Broadcast traffic is sent to all devices on a local network segment.

How it works: Uses special destination addresses (like 255.255.255.255 in IPv4 or FF02::1 in IPv6).

Real-world examples:

ARP requests ("Who has this IP address?")

DHCP Discover messages (when a device first joins a network)

Why Not the Others?

A) Unicast

Goes to one specific device (e.g., loading a website).

Not sent to all nodes.

C) Multicast

Goes to multiple devices that choose to listen (e.g., video streaming).

Only reaches subscribed devices, not all nodes.

D) Anycast

Goes to the nearest device in a group (e.g., DNS queries).

Only one device responds, not all.

Key Point:

Broadcast is the only traffic type that every device on the local network must process.

Routers block broadcasts by default (they don’t forward them to other networks).

Reference:

CompTIA Network+ Objective 1.4 (IPv6 Concepts, Addressing Technologies)

Final Answer: B) Broadcast is the traffic type sent to all nodes on the network.

Explanation:

The scenario described in the question involves multiple systems sharing a single public IP address, which is most commonly associated with Port Address Translation (PAT), a specific type of Network Address Translation (NAT).

A. PAT (Port Address Translation):
PAT, also known as NAT overload, allows multiple devices on a private network to share a single public IP address by assigning each session a unique port number. When devices communicate with the internet, the PAT-enabled router translates the private IP addresses and ports to the single public IP address with different source ports. This is the most common method for enabling multiple systems to share one public IP address, especially in home and small business networks. For example, a router might map 192.168.1.10:12345 and 192.168.1.11:54321 to a public IP like 203.0.113.1 with different port numbers.

B.NAT (Network Address Translation):
NAT is a broader term that encompasses various methods of translating IP addresses, including one-to-one (static NAT) and one-to-many (PAT). While NAT can be used to allow multiple systems to share a public IP, the question specifies "most commonly associated," and PAT is the specific NAT variant used for this purpose in most cases, particularly in environments with limited public IP addresses.

C. VIP (Virtual IP):
A Virtual IP address is typically used in high-availability setups, such as load balancing or failover clusters, where a single IP address represents multiple servers for redundancy or load distribution. It is not primarily used for sharing a single public IP among multiple systems for internet access.

D. NAT64:
NAT64 is a specific mechanism used to allow IPv6-only devices to communicate with IPv4 networks by translating IPv6 addresses to IPv4 addresses. It is not commonly used for sharing a single public IPv4 address among multiple systems in the context of typical IPv4 networking.

Why PAT?
PAT is widely used in scenarios where organizations or households have a limited number of public IP addresses (often just one) and need to provide internet access to multiple internal devices. It is efficient, conserves public IP addresses, and is supported by most modern routers and firewalls. For example, in a typical home network, all devices (computers, phones, etc.) share the router’s single public IP address using PAT.

Reference:
CompTIA Network+ (N10-009) Exam Objectives:
Section 1.4 – "Explain the purposes and uses of network addressing and name resolution." This includes understanding NAT and PAT as methods for IP address translation.

Cisco Networking Academy:
PAT is described as a form of dynamic NAT that maps multiple private IP addresses to a single public IP address using different ports (often referred to as NAT overload).

RFC 2663:
Defines NAT and PAT, explaining how PAT enables multiple devices to share a single public IP address through port-based translation.

C) 255.255.255.224

Explanation:

To provide 6 usable IP addresses, we need a subnet with:

Total IPs: 8 (since 2³ = 8)

Usable IPs: 6 (subtracting network and broadcast addresses)

Subnet Mask: 255.255.255.224 (or /27 in CIDR notation)

Breakdown of Options:

A) 255.255.255.128 (/25)

Provides 126 usable IPs (too many for this need).

B) 255.255.255.192 (/26)

Provides 62 usable IPs (still too many).

C) 255.255.255.224 (/27) ✅ Correct Choice

Total IPs: 32

Usable IPs: 30 (but can be divided into smaller subnets if needed).

Smallest practical subnet for 6 hosts: A /29 (8 IPs, 6 usable) isn’t listed, so /27 is the closest fit.

D) 255.255.255.240 (/28)

Provides 14 usable IPs (more than needed).

Why /27 (255.255.255.224)?

While a /29 (8 IPs, 6 usable) would be ideal, it’s not an option here.

Among the choices, /27 is the smallest subnet that can accommodate 6 hosts without wasting too many addresses.

Reference:

CompTIA Network+ Objective 1.4 (IPv4 Subnetting)

Formula: Usable IPs = 2ⁿ - 2 (where n = host bits).

Final Answer: C) 255.255.255.224 is the best available option

Explanation:

Checking logs for recent changes is a critical part of the problem identification phase in troubleshooting.

This step involves gathering information about symptoms, reviewing logs, and identifying any recent modifications that could have caused the issue.

Why Not the Other Options?

B) Document the findings and outcomes
Occurs after resolving the issue (recording the solution, not diagnosing).

C) Test the theory to determine cause
Involves validating hypotheses (e.g., running tests), not reviewing logs.

D) Establish a plan of action
Focuses on solving the problem (e.g., rolling back changes), not investigating.

Troubleshooting Methodology (CompTIA Network+):

Identify the problem (logs, user reports, symptoms).

Establish a theory (hypothesize causes).

Test the theory (verify the root cause).

Plan and implement a solution.

Document findings.

Reference:
CompTIA Network+ Objective 5.1 (Troubleshooting Methodology)

Final Answer: A) Identify the problem includes checking logs for recent changes..

Explanation:

LLDP is a vendor-neutral protocol that allows network devices (like switches and VoIP phones) to advertise their identity, capabilities, and neighbors.

By checking the switch's LLDP information, the technician can:

Identify the specific switch port the VoIP handset is connected to.

View details like switch hostname, port ID, and VLAN assignments.

Why Not the Other Options?

B) IKE (Internet Key Exchange) – Used for IPsec VPN key management, unrelated to port mapping.

C) VLAN – While VLANs segment traffic, they don’t help locate a physical switch port.

D) netstat – Shows local network connections/routing tables, not switch-port mappings.

Reference:

CompTIA Network+ Objective 2.1 (Network Device Management Protocols) – LLDP is explicitly covered for topology discovery.

VoIP phones often use LLDP to auto-configure VLAN/port settings (e.g., for QoS).

Final Answer: A) LLDP is the correct tool to identify the switch and port.

Why Port Mirroring?

Passive IDS (Intrusion Detection System) requires a copy of network traffic to analyze without interfering with the flow.

Port Mirroring (SPAN - Switched Port Analyzer) duplicates traffic from one or more switch ports and sends it to a monitoring port (where the IDS is connected).

Key Benefits:

Non-intrusive (does not impact network performance).

Allows the IDS to inspect traffic in real-time.

Why Not the Others?

A) SNMP Trap – Used for device alerts/notifications, not traffic inspection.

C) Syslog Collection – Logs events (e.g., login attempts), but not raw network packets.

D) API Integration – Used for automation/configuration, not passive traffic monitoring.

How It Works:

The switch mirrors traffic (e.g., from a trunk port) to a designated monitoring port.

The IDS analyzes the copied traffic for anomalies.

Reference:

CompTIA Network+ Objective 3.1 (Network Monitoring Tools) – Port mirroring is the standard method for passive IDS deployment.

SPAN/RSPAN (Cisco) or Mirror Port (other vendors) are common implementations.

Final Answer: B) Port Mirroring is the correct method for passive IDS traffic inspection.