CompTIA N10-009 Practice Test
Prepare smarter and boost your chances of success with our CompTIA N10-009 Practice test. This test helps you assess your knowledge, pinpoint strengths, and target areas for improvement. Surveys and user data from multiple platforms show that individuals who use N10-009 practice exam are 40–50% more likely to pass on their first attempt.
Start practicing today and take the fast track to becoming CompTIA N10-009 certified.
13650 already prepared
Updated On : 11-Sep-2025365 Questions
4.8/5.0
Which of the following is most likely responsible for the security and handling of personal data in Europe?
A. GDPR
B. SCADA
C. SAML
D. PCI DSS
Why GDPR?
Purpose:
The GDPR is the primary EU law governing data privacy and security for individuals in Europe.
It regulates how organizations collect, store, process, and share personal data.
Key Requirements:
Data minimization (only collect what’s necessary).
Explicit consent from users.
Breach notifications within 72 hours.
Right to be forgotten (data deletion requests).
Why Not the Others?
B) SCADA – Industrial control systems (e.g., power plants), not data privacy laws.
C) SAML – A single sign-on (SSO) protocol, unrelated to legal data handling.
D) PCI DSS – A credit card security standard, not specific to EU personal data.
Reference:
CompTIA Security+ Objective 5.3 (Compliance) – GDPR is the EU’s data protection standard.
EU Regulation 2016/679 (GDPR’s legal text).
Final Answer: A) GDPR is responsible for personal data security in Europe.
A network administrator wants to configure a backup route in case the primary route fails. A dynamic routing protocol is not installed on the router. Which of the following routing features should the administrator choose to accomplish this task?
A. Neighbor adjacency
B. Link state flooding
C. Administrative distance
D. Hop count
Why Administrative Distance?
Purpose:
Administrative distance (AD) is used to prioritize routes when multiple paths to the same destination exist.
By configuring a static route with a higher AD (less preferred) than the primary route, it acts as a backup (floating static route).
How It Works:
Example:
Primary static route: ip route 192.168.1.0 255.255.255.0 10.1.1.1 (AD = 1 by default).
Backup static route: ip route 192.168.1.0 255.255.255.0 10.1.1.2 200 (AD = 200).
If the primary route fails, the backup route (with higher AD) takes over.
Why Not the Others?
A) Neighbor adjacency – Part of dynamic routing protocols (e.g., OSPF, EIGRP), which aren’t being used here.
B) Link state flooding – A dynamic routing process (e.g., OSPF), irrelevant for static routes.
D) Hop count – A metric used by RIP (dynamic protocol), not static backup routes.
Key Benefit:
No dynamic protocol needed – Uses static routes with AD for failover.
Reference:
CompTIA Network+ Objective 2.2 (Routing Metrics) – Administrative distance controls route preference.
Cisco’s Floating Static Route Guide confirms this method.
Final Answer: C) Administrative distance enables backup routes without dynamic routing.
Which of the following are the best device-hardening techniques for network security? (Select two).
A. Disabling unused ports
B. Performing regular scanning of unauthorized devices
C. Monitoring system logs for irregularities
D. Enabling logical security such as SSO
E. Changing default passwords
F. Ensuring least privilege concepts are in place
E. Changing default passwords
Why These Are the Best Choices?
A) Disabling unused ports
Reduces attack surface by closing unnecessary access points.
Prevents unauthorized devices from connecting to open ports.
E) Changing default passwords
Eliminates easy access for attackers (default credentials are widely known).
A foundational step in device hardening (e.g., routers, switches, IoT devices).
Why Not the Others?
B) Scanning for unauthorized devices – Important for detection, but not a hardening technique.
C) Monitoring system logs – A reactive security measure, not proactive hardening.
D) Enabling SSO – Improves authentication efficiency but doesn’t directly harden devices.
F) Least privilege – Critical for access control, but more about policies than device hardening.
Key Hardening Techniques:
Disable unused services/ports (e.g., Telnet, HTTP).
Change default credentials (prevents brute-force attacks).
Update firmware/patches (fixes vulnerabilities).
Reference:
CompTIA Security+ Objective 2.3 (Hardening Techniques) – Disabling ports and changing defaults are core practices.
NIST SP 800-123 (Guide to Server Hardening).
Final Answer: A & E are the best device-hardening techniques.
Which of the following network devices converts wireless signals to electronic signals?
A. Router
B. Firewall
C. Access point
D. Load balancer
Why an Access Point?
Function:
An access point (AP) converts wireless signals (Wi-Fi) into electronic signals (Ethernet) and vice versa.
Example: A laptop connects wirelessly to an AP, which then forwards traffic via wired Ethernet to the network.
Key Role:
Bridges wireless (RF) and wired (copper/fiber) networks.
Essential for Wi-Fi to LAN communication.
Why Not the Others?
A) Router – Routes traffic between networks (doesn’t handle wireless-to-wired conversion).
B) Firewall – Filters traffic for security (no signal conversion).
D) Load Balancer – Distributes traffic across servers (unrelated to wireless signals).
How It Works:
Wireless Device (e.g., phone) sends data via radio waves.
AP receives the signal, converts it to electrical Ethernet frames.
AP forwards frames to the wired network (switch/router).
Reference:
CompTIA Network+ Objective 2.4 (Wireless Technologies) – APs are the backbone of Wi-Fi-to-wired conversion.
IEEE 802.11 Standards define AP functionality.
Final Answer: C) Access Point converts wireless signals to electronic signals.
A network engineer performed a migration to a new mail server. The engineer changed the MX record, verified the change was accurate, and confirmed the new mail server was reachable via the IP address in the A record. However, users are not receiving email. Which of the following should the engineer have done to prevent the issue from occurring?
A. Change the email client configuration to match the MX record.
B. Reduce the TTL record prior to the MX record change.
C. Perform a DNS zone transfer prior to the MX record change.
D. Update the NS record to reflect the IP address change.
Why Reducing TTL Prevents Email Delivery Issues?
TTL (Time to Live) determines how long DNS records are cached by resolvers (e.g., ISPs, other mail servers).
Problem Scenario:
If the old MX record had a high TTL (e.g., 24 hours), some servers may still be using the cached old record, delaying email delivery to the new server.
Solution:
Reduce the TTL (e.g., to 300 seconds) before changing the MX record.
This ensures caches expire quickly, minimizing downtime during the transition.
Why Not the Others?
A) Change email client config – Clients use MX records automatically; manual changes aren’t needed.
C) DNS zone transfer – Syncs DNS data between servers but doesn’t affect caching.
D) Update NS record – Points to DNS servers, not mail servers (irrelevant here).
Steps to Avoid This Issue:
Days before migration: Lower TTL for the MX record.
After TTL expires globally: Update the MX record.
Verify: Use dig MX example.com or nslookup to confirm propagation.
Reference:
CompTIA Network+ Objective 1.6 (DNS Records) – TTL impacts DNS caching.
RFC 2181 (DNS TTL guidelines).
Final Answer: B) Reduce the TTL before changing the MX record to ensure smooth email migration.
An IT manager needs to connect ten sites in a mesh network. Each needs to be secured with reduced provisioning time. Which of the following technologies will best meet this requirement?
A. SD-WAN
B. VXLAN
C. VPN
D. NFV
Why SD-WAN is the Best Choice?
Mesh Network Support:
SD-WAN automatically establishes secure, encrypted tunnels between all sites in a full or partial mesh topology.
Eliminates manual VPN configuration between each pair of sites.
Reduced Provisioning Time:
Centralized management allows quick deployment of new sites.
Policies (e.g., security, QoS) are applied globally, not per-device.
Built-in Security:
Uses IPsec encryption by default for site-to-site links.
Integrates with next-gen firewalls (NGFW) and ZTNA (Zero Trust Network Access).
Why Not the Others?
B) VXLAN – A Layer 2 overlay for data centers (not WANs; no built-in security).
C) VPN – Requires manual setup per tunnel (10 sites = 45 tunnels; high provisioning time).
D) NFV (Network Functions Virtualization) – Virtualizes network services (e.g., firewalls) but doesn’t simplify mesh networking.
Reference:
CompTIA Network+ Objective 1.8 (SD-WAN) – Highlights auto-meshing and security.
Gartner SD-WAN Market Guide emphasizes reduced deployment complexity.
Final Answer: A) SD-WAN is the best technology for secure, low-effort mesh networking.
Following a fire in a data center, the cabling was replaced. Soon after, an administrator notices network issues. Which of the following are the most likely causes of the network issues? (Select two).
A. The switches are not the correct voltage.
B. The HVAC system was not verified as fully functional after the fire.
C. The VLAN database was not deleted before the equipment was brought back online.
D. The RJ45 cables were replaced with unshielded cables.
E. The wrong transceiver type was used for the new termination.
F. The new RJ45 cables are a higher category than the old ones.
E. The wrong transceiver type was used for the new termination.
Why These Are the Most Likely Causes?
D) Unshielded Cables (UTP instead of STP):
If the original installation used shielded twisted pair (STP) cables (common in data centers for EMI protection), replacing them with unshielded (UTP) cables can cause:
EMI/RFI interference (leading to packet loss or corruption).
Signal degradation in high-noise environments.
E) Wrong Transceiver Type:
Using incorrect transceivers (e.g., multimode instead of single-mode, or 1Gbps instead of 10Gbps) can cause:
Link failures (no connectivity).
Speed/duplex mismatches (performance issues).
Why Not the Others?
A) Switch voltage – Switches have standardized power (e.g., 110-240V); voltage mismatches are rare unless power infrastructure was damaged.
B) HVAC system – While HVAC is critical for cooling, it wouldn’t directly cause network issues (unless overheating shuts down devices).
C) VLAN database – VLANs are stored in switch configs (non-volatile); they wouldn’t disappear unless manually reset.
F) Higher-category cables – Using better cables (e.g., Cat 6A instead of Cat 5e) improves performance, not causes issues.
Key Troubleshooting Steps:
Verify cable type (STP vs. UTP) and test for EMI.
Check transceiver compatibility (e.g., SFP+ for 10Gbps, correct fiber type).
Inspect termination (e.g., proper RJ45 crimping, fiber polish).
Reference:
CompTIA Network+ Objective 5.3 (Troubleshooting Cabling Issues) – EMI and transceiver mismatches are common post-replacement problems.
TIA/EIA-568 Standards for shielded vs. unshielded cable use cases.
Final Answer: D & E are the most likely causes of network issues after cabling replacement.
A network administrator needs to connect two routers in a point-to-point configuration and conserve IP space. Which of the following subnets should the administrator use?
A. 724
B. /26
C. /28
D. /30
Explanation:
Using a /30 subnet mask is the most efficient way to conserve IP space for a point-to-point connection between two routers. A /30 subnet provides four IP addresses, two of which can be assigned to the router interfaces, one for the network address, and one for the broadcast address. This makes it ideal for point-to-point links where only two usable IP addresses are needed.References: CompTIA Network+ study materials and subnetting principles.
Which of the following steps in the troubleshooting methodology would be next after putting preventive measures in place?
A. Implement the solution.
B. Verify system functionality.
C. Establish a plan of action.
D. Test the theory to determine cause.
Why This is the Next Step?
Troubleshooting Methodology Flow:
Identify the problem (gather info, check logs).
Establish a theory (hypothesize cause).
Test the theory (confirm root cause).
Establish a plan of action (design fixes).
Implement the solution (apply the fix).
Verify functionality (ensure the issue is resolved).
Document findings and preventive measures (record solution).
After Preventive Measures:
The final step is to verify everything works and ensure no new issues arise.
Why Not the Others?
A) Implement the solution – Already done before preventive measures.
C) Establish a plan of action – Done before implementing the solution.
D) Test the theory – Done early in the process (before fixing).
Key Point:
Verification is the last step to confirm the fix and preventive measures worked.
Reference:
CompTIA Network+ Objective 5.1 (Troubleshooting Methodology) – Verification follows solution implementation.
Final Answer: B) Verify system functionality is the next step after preventive measures.
Which of the following is used to describe the average duration of an outage for a specific service?
A. RPO
B. MTTR
C. RTO
D. MTBF
Why MTTR?
Definition:
MTTR (Mean Time to Repair) measures the average time taken to fix a failure and restore a service.
It directly answers: "How long does this service typically stay down during an outage?
Example:
If a web server fails 3 times in a year, with outages lasting 10min, 30min, and 20min, the MTTR is 20min (average of the three).
Why Not the Others?
A) RPO (Recovery Point Objective) – Measures data loss (e.g., backup age), not outage duration.
C) RTO (Recovery Time Objective) – Defines the target time to restore service (a goal, not an average).
D) MTBF (Mean Time Between Failures) – Predicts how often failures occur, not how long they last.
Reference:
CompTIA Network+ Objective 4.4 (Disaster Recovery Metrics) – MTTR is explicitly for outage duration.
ITIL 4 defines MTTR as a critical incident management metric.
Final Answer: B) MTTR describes the average duration of an outage.
| Page 8 out of 37 Pages |
| N10-009 Practice Test | Previous |