CompTIA Network N10-008 Updated Dumps

Text Material Preview

N10-008 CompTIA Network+Exam exam dumps questions are the best material
for you to test all the related CompTIA exam topics. By using the N10-008 exam
dumps questions and practicing your skills, you can increase your confidence
and chances of passing the N10-008 exam.
Features of Dumpsinfo’s products
Instant Download
Free Update in 3 Months
Money back guarantee
PDF and Software
24/7 Customer Support
Besides, Dumpsinfo also provides unlimited access. You can get all
Dumpsinfo files at lowest price.
CompTIA Network+Exam N10-008 exam free dumps questions are available
below for you to study. 
Full version: N10-008 Exam Dumps Questions
1.Which of the following focuses on application delivery?
A. DaaS
B. laaS
C. SaaS
D. PaaS
Answer: C
Explanation:
SaaS is the cloud computing model that focuses on application delivery. SaaS stands for Software as
a Service, which is a cloud computing model that provides software applications over the internet.
SaaS allows customers to access and use software applications without installing or maintaining them
on their own devices or servers. SaaS offers advantages such as scalability, accessibility,
compatibility, and cost-effectiveness. Customers can use SaaS applications on demand and pay only
for what they use.
 1 / 33
https://www.dumpsinfo.com/unlimited-access/
https://www.dumpsinfo.com/exam/n10-008
Reference: [CompTIA Network+ Certification Exam Objectives], What Is Software as a Service
(SaaS)? | IBM
2.A technician is installing a cable modem in a SOHO.
Which of the following cable types will the technician MOST likely use to connect a modem to the
ISP?
A. Coaxial
B. Single-mode fiber
C. Cat 6e
D. Multimode fiber
Answer: A
Explanation:
Coaxial cable is a type of cable that consists of a central copper conductor surrounded by an
insulating layer and a braided metal shield. Coaxial cable is commonly used to connect a cable
modem to an ISP by transmitting data over cable television networks. Coaxial cable can support high
bandwidth and long distances with minimal interference or attenuation.
Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-
n10-008-exam-objectives-(2-0), https://www.techopedia.com/definition/4027/coaxial-cable
3.A technician is troubleshooting reports that a networked printer is unavailable. The printer's IP
address is configured with a DHCP reservation, but the address cannot be pinged from the print
server in the same subnet.
Which of the following is MOST likely the cause of me connectivity failure?
A. Incorrect VLAN
B. DNS failure
C. DHCP scope exhaustion
D. Incorrect gateway
Answer: D
4.A technician is investigating a SAN switch that has a high number of CRC errors.
Which of the following is the MOST likely cause of the errors?
A. Break in the fiber
B. Bad switch port
C. Mismatched duplex
D. Memory errors
Answer: B
Explanation:
A bad switch port is the most likely cause of CRC errors on a SAN switch. CRC stands for cyclic
redundancy check, which is a method of detecting errors in data transmission. A SAN switch is a
device that connects storage devices and servers in a storage area network (SAN), which is a high-
performance network that provides block-level access to data. A bad switch port can cause CRC
errors due to physical damage, faulty wiring, or misconfiguration. CRC errors can result in data
corruption or loss, which can affect the performance and availability of the SAN.
Reference: [CompTIA Network+ Certification Exam Objectives], What are CRC Errors and How Do I
Fix Them? | ITIGIC
5.A WAN technician reviews activity and identifies newly installed hardware that is causing outages
over an eight-hour period.
 2 / 33
https://www.dumpsinfo.com/
Which of the following should be considered FIRST?
A. Network performance baselines
B. VLAN assignments
C. Routing table
D. Device configuration review
Answer: D
6.A technician receives feedback that some users are experiencing high amounts of jitter while using
the wireless network. While troubleshooting the network, the technician uses the ping command with
the IP address of the default gateway and verifies large variations in latency. The technician thinks
the issue may be interference from other networks and non-802.11 devices.
Which of the following tools should the technician use to troubleshoot the issue?
A. NetFlow analyzer
B. Bandwidth analyzer
C. Protocol analyzer
D. Spectrum analyzer
Answer: D
Explanation:
A spectrum analyzer is a tool that measures the frequency and amplitude of signals in a wireless
network. It can be used to troubleshoot issues related to interference from other networks and
non-802.11 devices, such as microwave ovens or cordless phones, by identifying the sources and
levels of interference in the wireless spectrum. A spectrum analyzer can also help to optimize the
channel selection and placement of wireless access points.
Reference:
https://partners.comptia.org/docs/default-source/resources/comptia-network-n10-008-exam-
objectives-(2-0), https://www.flukenetworks.com/blog/cabling-chronicles/what-spectrum-analyzer-and-
how-do-you-use-it
7.A city has hired a new employee who needs to be able to work when traveling at home and at the
municipal sourcing of a neighboring city that snares services. The employee is issued a laptop, and a
technician needs to train the employee on the appropriate solutions for secure access to the network
from all the possible locations.
On which of the following solutions would the technician MOST likely train the employee?
A. Site-to-site VPNs between the two city locations and client-to-site software on the employee's
laptop tor all other remote access
B. Client-to-site VPNs between the travel locations and site-to-site software on the employee's laptop
for all other remote access
C. Client-to-site VPNs between the two city locations and site-to-site software on the employee's
laptop for all other remote access
D. Site-to-site VPNs between the home and city locations and site-to-site software on the employee's
laptop for all other remote access
Answer: A
Explanation:
The technician would most likely train the employee on using site-to-site VPNs between the two city
locations and client-to-site software on the employee’s laptop for all other remote access. A VPN
(Virtual Private Network) is a technology that creates a secure and encrypted tunnel over a public
network such as the Internet. It allows remote users or sites to access a private network as if they
were directly connected to it. A site-to-site VPN connects two or more networks, such as branch
offices or data centers, using a VPN gateway device at each site. A client-to-site VPN connects
individual users, such as mobile workers or telecommuters, using a VPN client software on their
 3 / 33
https://www.dumpsinfo.com/
devices. In this scenario, the employee needs to access the network from different locations, such as
home, travel, or another city. Therefore, the technician would train the employee on how to use site-to-
site VPNs to connect to the network from another city location that shares services, and how to use
client-to-site software to connect to the network from home or travel locations.
Reference: https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-
protocols/14106-how-vpn-works.html
8.A company is undergoing expansion but does not have sufficient rack space in its data center.
Which of the following would be BEST to allow the company to host its new equipment without a
major investment in facilities?
A. Using a colocation service
B. Using available rack space in branch offices
C. Using a flat network topology
D. Reorganizing the network rack and installing top-of-rack switching
Answer: A
Explanation:
A colocation service is a service that provides rack space, power, cooling, security, and connectivity
for a company’s network equipment in a data center. A colocation service can be used when a
companydoes not have sufficient rack space in its own data center and does not want to invest in
building or expanding its own facilities. By using a colocation service, a company can host its new
equipment in a professional and reliable environment without a major investment in facilities.
Reference: https://www.comptia.org/training/books/network-n10-008-study-guide (page 414)
9.A technician is consolidating a topology with multiple SSlDs into one unique SSiD deployment.
Which of the following features will be possible after this new configuration?
A. Seamless roaming
B. Basic service set
C. WPA
D. MU-MIMO
Answer: A
10.A network administrator is decommissioning a server.
Which of the following will the network administrator MOST likely consult?
A. Onboarding and off boarding policies
B. Business continuity plan
C. Password requirements
D. Change management documentation
Answer: D
11.A company is moving to a new building designed with a guest waiting area that has existing
network ports.
Which of the following practices would BEST secure the network?
A. Ensure all guests sign an NDA.
B. Disable unneeded switchports in the area.
C. Lower the radio strength to reduce Wi-Fi coverage in the waiting area.
D. Enable MAC filtering to block unknown hardware addresses.
Answer: B
Explanation:
 4 / 33
https://www.dumpsinfo.com/
One of the best practices to secure the network would be to disable unneeded switchports in the
guest waiting area. This will prevent unauthorized users from connecting to the network through these
ports. It's important to identify which switchports are not in use and disable them, as this will prevent
unauthorized access to the network.
Other practices such as ensuring all guests sign an NDA, lowering the radio strength to reduce Wi-Fi
coverage in the waiting area and enabling MAC filtering to block unknown hardware addresses are
not as effective in securing the network as disabling unneeded switchports. Enforcing an NDA with
guests may not stop a malicious user from attempting to access the network, reducing the radio
strength only limits the Wi-Fi coverage, and MAC filtering can be easily bypassed by hackers.
12.At which of the following OSI model layers does routing occur?
A. Data link
B. Transport
C. Physical
D. Network
Answer: D
13.An administrator would like to allow Windows clients from outside me office to access workstations
without using third-party software.
Which or the following access methods would meet this requirement?
A. Remote desktop gateway
B. Spit tunnel
C. Site-to-site VPN
D. VNC
Answer: A
Explanation:
To allow Windows clients from outside the office to access workstations without using third-party
software, the administrator can use the Remote Desktop Protocol (RDP). RDP is a built-in feature of
the Windows operating system that allows users to remotely connect to and control other Windows
computers over a network connection.
To use RDP, the administrator will need to enable the Remote Desktop feature on the workstations
that need to be accessed, and ensure that the appropriate firewall rules are in place to allow RDP
traffic to pass through. The administrator will also need to provide the remote users with the
necessary credentials to access the workstations.
Once RDP is set up and configured, the remote users can use the Remote Desktop client on their
own computers to connect to the workstations and access them as if they were physically present in
the office. This allows the administrator to provide remote access to the workstations without the need
for any additional software or third-party tools.
14.Which of the following is MOST likely to generate significant East-West traffic in a datacenter?
A. A backup of a large video presentation to cloud storage for archival purposes
B. A duplication of a hosted virtual server to another physical server for redundancy
C. A download of navigation data to a portable device for offline access
D. A query from an IoT device to a cloud-hosted server for a firmware update
Answer: B
Explanation:
East-West traffic refers to data flows between servers or devices within the same datacenter. When a
hosted virtual server is duplicated to another physical server for redundancy, it generates significant
East-West traffic as the data is replicated between the two servers.
 5 / 33
https://www.dumpsinfo.com/
Reference:
Network+ N10-008 Objectives: 3.3 Given a scenario, implement secure network architecture
concepts.
15.An administrator wants to increase the availability of a server that is connected to the office
network.
Which of the following allows for multiple NICs to share a single IP address and offers maximum
performance while providing fault tolerance in the event of a NIC failure?
A. Multipathing
B. Spanning Tree Protocol
C. First Hop Redundancy Protocol
D. Elasticity
Answer: A
Explanation:
Reference: https://docs.oracle.com/cd/E19455-01/806-6547/6jffv7oma/index.html
16.A security team would like to use a system in an isolated network to record the actions of potential
attackers.
Which of the following solutions is the security team implementing?
A. Perimeter network
B. Honeypot
C. Zero trust infrastructure
D. Network segmentation
Answer: B
Explanation:
The solution that the security team is implementing to record the actions of potential attackers in an
isolated network is a honeypot. A honeypot is a decoy system that simulates a real network or
service, but has no actual value or function. A honeypot is designed to attract and trap attackers who
try to infiltrate or compromise the network, and then monitor and analyze their behavior and
techniques. A honeypot can help the security team learn about the attackers’ motives, methods, and
tools, and improve their defense strategies accordingly.
Reference: CompTIA Network+ N10-008 Certification Study Guide, page 358; The Official CompTIA
Network+ Student Guide (Exam N10-008), page 14-1.
17.A network deployment engineer is deploying a new single-channel 10G optical connection.
Which of the following optics should the engineer MOST likely use to satisfy this requirement?
A. QSFP
B. QSFP+
C. SFP
D. SFP+
Answer: D
Explanation:
SFP+ is a type of optical transceiver that supports 10G single-channel transmission over fiber optic
cables. SFP+ stands for small form-factor pluggable plus, and it is compatible with SFP slots on
switches and routers.
18.A technician uses a badge to enter a security checkpoint on a corporate campus. An unknown
individual quickly walks in behind the technician without speaking.
 6 / 33
https://www.dumpsinfo.com/
Which of the following types of attacks did the technician experience?
A. Tailgating
B. Evil twin
C. On-path
D. Piggybacking
Answer: A
Explanation:
Tailgating is a type of physical security attack where an unauthorized person follows an authorized
person into a restricted area without their consent or knowledge. Tailgating can allow an attacker to
bypass security measures and gain access to sensitive information or resources. In this scenario, the
technician experienced tailgating when the unknown individual walked in behind the technician
without speaking. Piggybacking is similar to tailgating, but it involves the consent or cooperation of the
authorized person. Evil twin is a type of wireless network attack where an attacker sets up a rogue
access point that mimics a legitimate one. On-path is a type of network attack where an attacker
intercepts and modifies traffic between two parties.
Reference: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 3.2:
Given a scenario, use appropriate network hardening techniques.
19.A user calls the help desk to report being unable to reach a file server. The technician logs in to
the user's computer and verifies that pings fall to respond back when trying to reach the file server.
Which of the following would BEST help the technician verify whether the file server is reachable?
A. netstatB. ipconfig
C. nslookup
D. traceroute
Answer: D
Explanation:
Traceroute is a network diagnostic tool that allows you to trace the path that network packets take
from one device to another. By running traceroute to the file server, the technician can see the
sequence of devices and networks that the packets pass through on their way to the file server. This
can help the technician to determine if there is a problem with the network connection between the
user's computer and the file server, or if the issue is with the file server itself.
20.Which of the following routing protocols is BEST suited for use on a perimeter router?
A. OSPF
B. RIPv2
C. EIGRP
D. BGP
Answer: D
Explanation:
BGP stands for Border Gateway Protocol and it is used to exchange routing information between
autonomous systems (AS) on the Internet. A perimeter router is a router that connects an AS to
another AS or to the Internet. Therefore, BGP is the best suited routing protocol for a perimeter
router.
Reference: Network+ Study Guide Objective 2.4: Compare and contrast the characteristics of network
topologies, types and technologies.
21.Given the following output:
 7 / 33
https://www.dumpsinfo.com/
Which of the following attacks is this MOST likely an example of?
A. ARP poisoning
B. VLAN hopping
C. Rogue access point
D. Amplified DoS
Answer: A
Explanation:
The output is most likely an example of an ARP poisoning attack. ARP poisoning, also known as ARP
spoofing, is a type of attack that exploits the ARP protocol to associate a malicious device’s MAC
address with a legitimate IP address on a local area network. This allows the attacker to intercept,
modify, or redirect network traffic between two devices without their knowledge. The output shows
that there are multiple entries for the same IP address (192.168.1.1) with different MAC addresses in
the ARP cache of the device. This indicates that an attacker has sent fake ARP replies to trick the
device into believing that its MAC address is associated with the IP address of another device (such
as the default gateway).
Reference: https://www.cisco.com/c/en/us/about/security-center/arp-spoofing.html
22.A technician is connecting DSL for a new customer. After installing and connecting the on-
premises equipment, the technician verifies DSL synchronization. When connecting to a workstation,
however, the link LEDs on the workstation and modem do not light up.
Which of the following should the technician perform during troubleshooting?
A. Identify the switching loops between the modem and the workstation.
B. Check for asymmetrical routing on the modem.
C. Look for a rogue DHCP server on the network.
D. Replace the cable connecting the modem and the workstation.
Answer: D
Explanation:
If the link LEDs on the workstation and modem do not light up when connecting to a workstation, it
could indicate a problem with the cable connecting them. The cable could be damaged, defective, or
incompatible with the devices. A technician should replace the cable with a known good one and
check if the link LEDs light up. If not, the problem could be with the network interface cards (NICs) on
the workstation or modem.
Reference: https://www.comptia.org/blog/what-is-link-light
23.A network technician has determined the cause of a network disruption.
Which of the following is the NEXT step for the technician to perform?
A. Validate the findings in a top-to-bottom approach
B. Duplicate the issue, if possible
C. Establish a plan of action to resolve the issue
D. Document the findings and actions
Answer: C
 8 / 33
https://www.dumpsinfo.com/
24.1.A systems administrator needs to improve WiFi performance in a densely populated office tower
and use the latest standard. There is a mix of devices that use 2.4 GHz and 5 GHz.
Which of the following should the systems administrator select to meet this requirement?
A. 802.11ac
B. 802.11ax
C. 802.11g
D. 802.11n
Answer: B
Explanation:
25.A website administrator is concerned the company’s static website could be defaced by
hacktivists or used as a pivot point to attack internal systems.
Which of the following should a network security administrator recommend to assist with detecting
these activities?
A. Implement file integrity monitoring.
B. Change the default credentials.
C. Use SSL encryption.
D. Update the web-server software.
Answer: A
Explanation:
Implementing file integrity monitoring (FIM) would assist with detecting activities such as website
defacement or internal system attacks. FIM is a process that monitors and alerts on changes to files
or directories that are critical for security or functionality. FIM can help detect unauthorized
modifications, malware infections, data breaches, or configuration errors. FIM can also help with
compliance and auditing requirements.
Reference: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/what-is-
file-integrity-monitoring/
26.A company wants to implement a disaster recovery site for non-critical applications, which can
tolerate a short period of downtime.
Which of the following types of sites should the company implement to achieve this goal?
A. Hot
B. Cold
C. warm
D. Passive
Answer: C
Explanation:
The type of site that the company should implement for non-critical applications that can tolerate a
short period of downtime is a warm site. A warm site is a disaster recovery site that has some pre-
installed equipment and software, but not as much as a hot site, which is fully operational and ready
to take over the primary site’s functions in case of a disaster. A warm site requires some time and
effort to activate and synchronize with the primary site, but not as much as a cold site, which has no
equipment or software installed and requires a lot of configuration and testing. A passive site is not a
common term for a disaster recovery site, but it could refer to a site that only receives backups from
the primary site and does not actively participate in the network operations.
Reference: CompTIA Network+ N10-008 Certification Study Guide, page 347; The Official CompTIA
Network+ Student Guide (Exam N10-008), page 13-10.
27.An ISP configured an internet connection to provide 20Mbps, but actual data rates are occurring at
10Mbps and causing a significant delay in data transmission.
 9 / 33
https://www.dumpsinfo.com/
Which of the following specifications should the ISP check?
A. Throughput
B. Latency
C. Bandwidth
D. Jitter
Answer: A
Explanation:
Throughput is the actual amount of data that can be transferred over a network in a given time.
Throughput can be affected by various factors such as congestion, interference, errors, or hardware
limitations. If the throughput is lower than the configured internet connection speed, it can cause a
significant delay in data transmission. The ISP should check the throughput and identify the source of
the problem.
Reference: Network+ Study Guide Objective 2.2: Explain the concepts and characteristics of routing
and switching.
28.A customer calls the help desk to report that users are unable to access any network resources_
The issue started earlier in the day when an employee rearranged the wiring closet A technician goes
to the site but does not observe any obvious damage. The statistics output on the switch indicates
high CPI-J usage, and all the lights on the switch are blinking rapidly in unison_.
Which of the following is the most likely explanation for these symptoms?
A. The switch was rebooted and set to run in safe mode.
B. The line between the switch and the upstream router was removed
C. A cable was looped and created a broadcast storm.
D. A Cat 6 cable from the modem to the router was replaced with Cat 5e.
Answer: C
Explanation:
A cable was looped and created a broadcast storm is the most likely explanation for the symptoms of
high CPU usage and blinking lights on the switch. A cable loop is a situation where a switch port is
connected to anotherswitch port on the same switch or another switch, creating a circular path for
network traffic. A cable loop can cause a broadcast storm, which is a network phenomenon where a
large number of broadcast or multicast packets are flooded on the network, consuming bandwidth
and CPU resources. A broadcast storm can cause network congestion, performance degradation, or
failure. A cable loop can occur when an employee rearranges the wiring closet without proper
documentation or verification. A cable loop can be prevented or detected by using Spanning Tree
Protocol (STP) or loop detection features on the switch.
Reference: [CompTIA Network+ Certification Exam Objectives], What Is a Broadcast Storm? |
Definition & Examples | Forcepoint
29.A network technician is investigating an IP phone that does not register in the VoIP system
Although it received an IP address, it did not receive the necessary DHCP options The information
that is needed for the registration is distributes by the OHCP scope All other IP phones are working
properly.
Which of the following does the technician need to verify?
A. VLAN mismatch
B. Transceiver mismatch
C. Latency
D. DHCP exhaustion
Answer: A
Explanation:
A VLAN mismatch is the most likely reason why an IP phone does not receive the necessary DHCP
 10 / 33
https://www.dumpsinfo.com/
options for registration. A VLAN mismatch occurs when a device is connected to a switch port that
belongs to a different VLAN than the device’s intended VLAN. This can cause communication
problems or prevent access to network resources. For example, if an IP phone is connected to a
switch port that belongs to the data VLAN instead of the voice VLAN, it may not receive the DHCP
options that contain information such as the TFTP server address, the NTP server address, or the
default gateway address for the voice VLAN. These DHCP options are essential for the IP phone to
register with the VoIP system and function properly.
Reference: https://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-
communications-manager-callmanager/13979-dhcp-option-150-00.html
30.A network administrator installed an additional IDF during a building expansion project.
Which of the following documents need to be updated to reflect the change? (Select TWO).
A. Data loss prevention policy
B. BYOD policy
C. Acceptable use policy
D. Non-disclosure agreement
E. Disaster recovery plan
F. Physical network diagram
Answer: B, F
31.A network technician is manually configuring the network settings for a new device and is told the
network block is 192.168.0.0/20.
Which of the following subnets should the technician use?
A. 255.255.128.0
B. 255.255.192.0
C. 255.255.240.0
D. 255.255.248.0
Answer: C
Explanation:
A subnet mask is a binary number that indicates which bits of an IP address belong to the network
portion and which bits belong to the host portion. A slash notation (/n) indicates how many bits are
used for the network portion. A /20 notation means that 20 bits are used for the network portion and
12 bits are used for the host portion. To convert /20 to a dotted decimal notation, we need to write 20
ones followed by 12 zeros in binary and then divide them into four octets separated by dots. This
gives us 11111111.11111111.11110000.00000000 or 255.255.240.0 in decimal.
Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-
n10-008-exam-objectives-(2-0), https://www.techopedia.com/definition/950/subnet-mask
32.Users in a branch can access an ln-house database server, but II is taking too long to fetch
records. The analyst does not know whether the Issue is being caused by network latency.
Which of the following will the analyst MOST likely use to retrieve the metrics that are needed to
resolve this issue?
A. SNMP
B. Link state
C. Syslog
D. QoS
E. Traffic shaping
Answer: A
 11 / 33
https://www.dumpsinfo.com/
33.A network technician is configuring a wireless access point and wants to only allow company-
owned devices to associate with the network. The access point uses PSKs, and a network
authentication system does not exist on the network.
Which of the following should the technician implement?
A. Captive portal
B. Guest network isolation
C. MAC filtering
D. Geofencing
Answer: C
Explanation:
MAC filtering is a method of allowing only company-owned devices to associate with the network by
using their MAC addresses as identifiers. A MAC address is a unique identifier assigned to each
network interface card (NIC) by the manufacturer. MAC filtering can be configured on the wireless
access point to allow or deny access based on the MAC address of the device. This way, only
devices with known MAC addresses can connect to the network.
Reference: https://www.comptia.org/training/books/network-n10-008-study-guide (page 323)
34.Which of the following is the NEXT step to perform network troubleshooting after identifying an
issue?
A. Implement a solution.
B. Establish a theory.
C. Escalate the issue.
D. Document the findings.
Answer: B
Explanation:
1 Identify the Problem.
2 Develop a Theory.
3 Test the Theory.
4 Plan of Action.
5 Implement the Solution.
6 Verify System Functionality.
7 Document the Issue.
35.A network attack caused a network outage by wiping the configuration and logs of the border
firewall.
Which of the following sources, in an investigation to determine how the firewall was compromised,
can provide the MOST detailed data?
A. Syslog server messages
B. MIB of the attacked firewall
C. Network baseline reports
D. NetFlow aggregate data
Answer: A
36.A network administrator is setting up a new phone system and needs to define the location where
VoIP phones can download configuration files.
Which of the following DHCP services can be used to accomplish this task?
A. Scope options
B. Exclusion ranges
 12 / 33
https://www.dumpsinfo.com/
C. Lease time
D. Relay
Answer: A
Explanation:
To define the location where VoIP phones can download configuration files, the network administrator
can use scope options within the Dynamic Host Configuration Protocol (DHCP) service. Scope
options are a set of values that can be configured within a DHCP scope, which defines a range of IP
addresses that can be leased to clients on a network. One of the scope options that can be
configured is the option for the location of the configuration file server, which specifies the URL or IP
address of the server where the configuration files can be downloaded.
https://pbxbook.com/voip/dhcpcfg.html
37.A new office space is being designed. The network switches are up. but no services are running
yet A network engineer plugs in a laptop configured as a DHCP client to a switch.
Which of the following IP addresses should be assigned to the laptop?
A. 10.1.1.1
B. 169.254.1.128
C. 172 16 128 128
D. 192 168.0.1
Answer: B
Explanation:
When a DHCP client is connected to a network and no DHCP server is available, the client can
automatically configure a link-local address in the 169.254.0.0/16 range using the Automatic Private
IP Addressing (APIPA) feature. So, the correct answer is option B, 169.254.1.128. This is also known
as an APIPA address.
Reference: CompTIA Network+ Study Guide, Exam N10-007, Fourth Edition, by Todd Lammle
(Chapter 4: IP Addressing)
38.A company ranis out a largo event space and includes wireless internet access for each tenant.
Tenants reserve a two-hour window from the company each week, which includes a tenant-specific
SSID However, all users share the company's network hardware.
The network support team is receiving complaints from tenants that some users are unable to
 13 / 33
https://www.dumpsinfo.com/
connect to the wireless network Upon investigation, the support teams discovers a pattern indicating
that after a tenant with a particularly large attendance ends its sessions, tenants throughout the day
are unable to connect.
The following settings are common loall network configurations:
Which of the following actions would MOST likely reduce this Issue? (Select TWO).
A. Change to WPA encryption
B. Change the DNS server to 10.1.10.1.
C. Change the default gateway to 10.0.0.1.
D. Change the DHCP scope end to 10.1.10.250
E. Disable AP isolation
F. Change the subnet mask lo 255.255.255.192.
G. Reduce the DHCP lease time to four hours.
Answer: D, G
39.A network technician has multimode fiber optic cable available in an existing IDF.
Which of the following Ethernet standards should the technician use to connect the network switch to
the existing fiber?
A. 10GBaseT
B. 1000BaseT
C. 1000BaseSX
D. 1000BaseLX
Answer: C
Explanation:
1000BaseSX is an Ethernet standard that should be used to connect the network switch to the
existing multimode fiber optic cable. 1000BaseSX is a Gigabit Ethernet standard that uses short-
wavelength laser (850 nm) over multimode fiber optic cable. It can support distances up to 550
meters depending on the cable type and quality. It is suitable for short-range network segments such
as campus or building backbone networks.
Reference: https://www.cisco.com/c/en/us/products/collateral/interfaces-modules/gigabit-ethernet-
gbic-sfp-modules/product_data_sheet09186a008014cb5e.html
40.An international company is transferring its IT assets including a number of WAPs from the United
States to an office in Europe for deployment.
Which of the following considerations should the company research before Implementing the wireless
hardware?
A. WPA2 cipher
B. Regulatory Impacts
C. CDMA configuration
D. 802.11 standards
Answer: B
Explanation:
When transferring IT assets, including wireless access points (WAPs), from one country to another,
it's important to research the regulatory impacts of the move. Different countries have different
regulations and compliance requirements for wireless devices, such as frequency bands, power
levels, and encryption standards. Failing to comply with these regulations can result in fines or other
penalties.
41.Which of the following can be used to limit the ability of devices to perform only HTTPS
connections to an internet update server without exposing the devices to the public internet?
 14 / 33
https://www.dumpsinfo.com/
A. Allow connections only to an internal proxy server.
B. Deploy an IDS system and place it in line with the traffic.
C. Create a screened network and move the devices to it.
D. Use a host-based network firewall on each device.
Answer: A
Explanation:
An internal proxy server is a server that acts as an intermediary between internal devices and
external servers on the internet. An internal proxy server can be used to limit the ability of devices to
perform only HTTPS connections to an internet update server by filtering and forwarding the requests
and responses based on predefined rules or policies. An internal proxy server can also prevent the
devices from being exposed to the public internet by hiding their IP addresses and providing a layer of
security and privacy.
42.A network is secured and is only accessible via TLS and IPSec VPNs.
Which of the following would need to be present to allow a user to access network resources on a
laptop without logging in to the VPN application?
A. Site-to-site
B. Secure Shell
C. In-band management
D. Remote desktop connection
Answer: A
Explanation:
A site-to-site VPN is a type of VPN that connects two or more networks over the Internet using a
secure tunnel. A site-to-site VPN allows users to access network resources on a laptop without
logging in to the VPN application, as long as the laptop is connected to one of the networks in the
VPN. A site-to-site VPN is transparent to the users and does not require any additional software or
configuration on the client devices.
Reference: Network+ Study Guide Objective 3.4: Explain the purposes and use cases for VPNs.
43.11n is the best choice for setting up a wireless connection that utilizes MIMO on non-overlapping
channels. 802.11n is a wireless standard that offers faster speeds and longer range than previous
standards. 802.11n uses multiple-input multiple-output (MIMO) technology, which allows multiple
antennas to transmit and receive multiple spatial streams of data simultaneously. MIMO can improve
wireless performance, reliability, and capacity by exploiting multipath propagation and spatial
diversity. 802.11n also uses non-overlapping channels in both the 2.4 GHz and 5 GHz frequency
bands to avoid interference and increase bandwidth. Non-overlapping channels are channels that do
not share any part of their frequency spectrum with other channels.
Reference: [CompTIA Network+ Certification Exam Objectives], 802.11n - Wikipedia
44.A company is designing a SAN and would like to use STP as its medium for communication.
Which of the following protocols would BEST suit me company's needs?
A. SFTP
B. Fibre Channel
C. iSCSI
D. FTP
Answer: B
Explanation:
A SAN also employs a series of protocols enabling software to communicate or prepare data for
storage. The most common protocol is the Fibre Channel Protocol (FCP), which maps SCSI
 15 / 33
https://www.dumpsinfo.com/
commands over FC technology. The iSCSI SANs will employ an iSCSI protocol that maps SCSI
commands over TCP/IP.
STP (Spanning Tree Protocol) is a protocol used to prevent loops in Ethernet networks, and it is not a
medium for communication in a storage area network (SAN). However, Fibre Channel is a protocol
that is specifically designed for high-speed data transfer in SAN environments. It is a dedicated
channel technology that provides high throughput and low latency, making it ideal for SANs.
Therefore, Fibre Channel would be the best protocol for the company to use for its SAN. SFTP
(Secure File Transfer Protocol), iSCSI (Internet Small Computer System Interface), and FTP (File
Transfer Protocol) are protocols used for transferring files over a network and are not suitable for use
in a SAN environment.
45.A network engineer configured new firewalls with the correct configuration to be deployed to each
remote branch. Unneeded services were disabled, and all firewall rules were applied successfully.
Which of the following should the network engineer perform NEXT to ensure all the firewalls are
hardened successfully?
A. Ensure an implicit permit rule is enabled
B. Configure the log settings on the firewalls to the central syslog server
C. Update the firewalls with current firmware and software
D. Use the same complex passwords on all firewalls
Answer: C
Explanation:
Updating the firewalls with current firmware and software is an important step to ensure all the
firewalls are hardened successfully, as it can fix any known vulnerabilities or bugs and provide new
features or enhancements. Enabling an implicit permit rule is not a good practice for firewall
hardening, as it can allow unwanted traffic to pass through the firewall. Configuring the log settings on
the firewalls to the central syslog server is a good practice for monitoring and auditing purposes, but it
does not harden the firewalls themselves. Using the same complex passwords on all firewalls is not a
good practice for password security, as it can increase the risk of compromise if one firewall is
breached.
Reference: CompTIA Network+ Certification Exam Objectives Version 2.0 (Exam Number: N10-006),
Domain 3.0 Network Security, Objective 3.3 Given a scenario, implement network hardening
techniques.
46.Which of the following DNS records works as an alias to another record?
A. AAAA
B. CNAME
C. MX
D. SOA
Answer: B
Explanation:
The DNS record that works as an alias to another record is called CNAME (Canonical Name).
CNAME records are used to create an alias for a domain name that points to another domain name.
Reference:
CompTIA Network+ Certification Study Guide, Exam N10-007, Fourth Edition, Chapter 2: The OSI
Model and Networking Protocols, Objective 2.3: Given a scenario, implement and configure the
appropriate addressing schema.47.AGRE tunnel has been configured between two remote sites.
Which of the following features, when configured, ensures me GRE overhead does not affect
 16 / 33
https://www.dumpsinfo.com/
payload?
A. jumbo frames
B. Auto medium-dependent Interface
C. Interface crossover
D. Collision detection
Answer: A
Explanation:
One of the features that can be configured to ensure that GRE overhead does not affect payload is
A. jumbo frames. Jumbo frames are Ethernet frames that have a payload size larger than 1500 bytes,
which is the standard maximum transmission unit (MTU) for Ethernet. By using jumbo frames, more
data can be sent in each packet, reducing the overhead ratio and improving efficiency.
Auto medium-dependent interface (MDI), interface crossover, and collision detection are features
related to Ethernet physical layer connectivity, but they do not affect GRE overhead or payload.
48.Which of the following systems would MOST likely be found in a screened subnet?
A. RADIUS
B. FTP
C. SQL
D. LDAP
Answer: B
Explanation:
FTP (File Transfer Protocol) is a system that would most likely be found in a screened subnet. A
screened subnet, or triple-homed firewall, is a network architecture where a single firewall is used
with three network interfaces. It provides additional protection from outside cyber attacks by adding a
perimeter network to isolate or separate the internal network from the public-facing internet1. A
screened subnet typically hosts systems that need to be accessed by both internal and external
users, such as web servers, email servers, or FTP servers.
Reference: https://www.techtarget.com/searchsecurity/definition/screened-subnet#:~:text=A screened
subnet%2C or triple-homed firewall%2C refers to,a perimeter network to isolate or sepa rate the 1
49.A coffee shop owner hired a network consultant to provide recommendations for installing a new
wireless network. The coffee shop customers expect high speeds even when the network is
congested.
Which of the following standards should the consultant recommend?
A. 802.11ac
B. 802.11ax
C. 802.11g
D. 802.11n
Answer: B
Explanation:
50.Which of the following is used to track and document various types of known vulnerabilities?
A. CVE
B. Penetration testing
C. Zero-day
D. SIEM
E. Least privilege
Answer: A
Explanation:
CVE stands for Common Vulnerabilities and Exposures, which is a list of publicly disclosed
 17 / 33
https://www.dumpsinfo.com/
cybersecurity vulnerabilities that is free to search, use, and incorporate into products and services.
CVE provides a standardized identifier and description for each vulnerability, as well as references to
related sources of information. CVE helps to track and document various types of known
vulnerabilities and facilitates communication and coordination among security professionals.
Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-
n10-008-exam-objectives-(2-0), https://cve.mitre.org/cve/
51.An organization with one core and five distribution switches is transitioning from a star to a full-
mesh topology.
Which of the following is the number of additional network connections needed?
A. 5
B. 7
C. 10
D. 15
Answer: C
Explanation:
10 additional network connections are needed to transition from a star to a full-mesh topology. A star
topology is a network topology where each device is connected to a central device, such as a switch
or a hub. A full-mesh topology is a network topology where each device is directly connected to every
other device. The number of connections needed for a full-mesh topology can be calculated by the
formula n(n-1)/2, where n is the number of devices. In this case, there are six devices (one core and
five distribution switches), so the number of connections needed for a full-mesh topology is 6(6-1)/2 =
15. Since there are already five connections in the star topology (one from each distribution switch to
the core switch), the number of additional connections needed is 15 - 5 = 10.
Reference: https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-
rip/13788-3.html
52.A network administrator is investigating a network event that is causing all communication to stop.
The network administrator is unable to use SSH to connect to the switch but is able to gain access
using the serial console port.
While monitoring port statistics, the administrator sees the following:
Which of the following is MOST likely causing the network outage?
A. Duplicate IP address
B. High collisions
C. Asynchronous route
D. Switch loop
 18 / 33
https://www.dumpsinfo.com/
Answer: B
53.An IT technician installs five old switches in a network. In addition to the low port rates on these
switches, they also have improper network configurations. After three hours, the network becomes
overwhelmed by continuous traffic and eventually shuts down.
Which Of the following is causing the issue?
A. Broadcast storm
B. Collisions
C. IP settings
D. Routing loops
Answer: A
Explanation:
A broadcast storm is a situation where a network is flooded with broadcast packets, which are sent to
all devices on the network. This can consume bandwidth, cause congestion, and degrade
performance. A broadcast storm can be caused by improper network configurations, such as loops or
misconfigured switches. In this scenario, the old switches may have created loops or failed to filter
broadcast packets, resulting in a broadcast storm that overwhelmed the network.
Reference: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 2.4:
Given a scenario, use appropriate software tools to troubleshoot connectivity issues.
54.Which of the following would a network administrator configure to set NTP settings for a specific
subnet within DHCP?
A. Reservation
B. Lease time
C. Scope options
D. Exclusion range
Answer: C
Explanation:
The network administrator would configure scope options to set NTP settings for a specific subnet
within DHCP. Scope options are settings that apply to a range of IP addresses that are assigned by a
DHCP server. Scope options can include parameters such as default gateway, DNS server, and NTP
server. By configuring the NTP server option for a specific scope, the network administrator can
ensure that the devices in that subnet synchronize their clocks with the same time source.
Reference: CompTIA Network+ N10-008 Certification Study Guide, page 121; The Official CompTIA
Network+ Student Guide (Exam N10-008), page 5-11.
55.After installing a new wireless access point, an engineer tests the device and sees that it is not
performing at the rated speeds.
Which of the following should the engineer do to troubleshoot the issue? (Select two).
A. Ensure a bottleneck is not coming from other devices on the network.
B. Install the latest firmware for the device.
C. Create a new VLAN for the access point.
D. Make sure the SSID is not longer than 16 characters.
E. Configure the AP in autonomous mode.
F. Install a wireless LAN controller.
Answer: AB
Explanation:
One possible cause of poor wireless performance is a bottleneck in the network, which means that
other devices or applications are consuming too much bandwidth or resources and limiting the speed
 19 / 33
https://www.dumpsinfo.com/
of the wireless access point. To troubleshoot this issue, the engineer should ensure that there is no
congestion or interference from other devices on the network, such as wired clients, servers, routers,
switches, or other wireless access points. The engineer can use tools such as network analyzers,
bandwidth monitors, or ping tests to check the network traffic and latency12.
Another possible cause of poor wireless performance is outdated firmware on the device, which may
contain bugs or vulnerabilities that affect the functionality or security of the wireless access point. To
troubleshoot this issue, the engineer should install the latest firmware for the devicefrom the
manufacturer’s website or support portal. The engineer should follow the instructions carefully and
backup the configuration before updating the firmware. The engineer can also check the release
notes or changelog of the firmware to see if there are any improvements or fixes related to the
wireless performance3.
The other options are not relevant to troubleshooting poor wireless performance. Creating a new
VLAN for the access point may help with network segmentation or security, but it will not improve the
speed of the wireless connection. Making sure the SSID is not longer than 16 characters may help
with compatibility or readability, but it will not affect the wireless performance. Configuring the AP in
autonomous mode may give more control or flexibility to the engineer, but it will not enhance the
wireless speed. Installing a wireless LAN controller may help with managing multiple access points or
deploying advanced features, but it will not increase the wireless performance.
56.A network engineer needs to pass both data and telephony on an access port.
Which or the following features should be configured to meet this requirement?
A. VLAN
B. VoIP
C. VIP
D. VRRP
Answer: A
57.A technician is installing a high-density wireless network and wants to use an available frequency
that supports the maximum number of channels to reduce interference.
Which of the following standard 802.11 frequency ranges should the technician look for while
reviewing WAP specifications?
A. 2.4GHz
B. 5GHz
C. 6GHz
D. 900MHz
Answer: B
Explanation:
58.A technician is installing multiple UPS units in a major retail store. The technician is required to
keep track of all changes to new and old equipment.
Which of the following will allow the technician to record these changes?
A. Asset tags
B. A smart locker
C. An access control vestibule
D. A camera
Answer: A
Explanation:
Asset tags will allow the technician to record changes to new and old equipment when installing
multiple UPS units in a major retail store. Asset tags are labels or stickers that are attached to
physical assets such as computers, printers, servers, or UPS units. They usually contain information
 20 / 33
https://www.dumpsinfo.com/
such as asset name, serial number, barcode, QR code, or RFID chip that can be scanned or read by
an asset management system or software. Asset tags help track inventory, location, status,
maintenance, and ownership of assets.
Reference: https://www.camcode.com/asset-tags/asset-tagging-guide/
59.After a critical power issue, the network team was not receiving UPS status notifications. The
network team would like to be alerted on these status changes.
Which of the following would be BEST to use tor these notifications?
A. Traps
B. MB
C. NetFlow
D. Syslog
Answer: A
60.A network administrator needs to implement a solution to mediate access to the internet-.
Which of the following should the administrator most likely implement?
A. Router
B. Cloud gateway
C. proxy
D. Intrusion prevention system
Answer: C
Explanation:
A proxy is a solution that can mediate access to the internet. A proxy is a server that acts as an
intermediary between a client and a destination server on the internet. A proxy can perform various
functions, such as filtering, caching, logging, or modifying requests and responses. A proxy can help
improve network performance, security, and privacy by reducing bandwidth consumption, blocking
malicious or unwanted content, monitoring network activity, and hiding the client’s identity or location.
Reference: [CompTIA Network+ Certification Exam Objectives], What Is a Proxy Server? | Proxy
Server Definition | Avast
61. Reduce manual configuration on each system
62.A network requirement calls for segmenting departments into different networks. The campus
network is set up with users of each department in multiple buildings.
Which of the following should be configured to keep the design simple and efficient?
A. MDIX
B. Jumbo frames
C. Port tagging
D. Flow control
Answer: C
Explanation:
Port tagging is a technique that involves adding a tag or identifier to the frames or packets that belong
to a certain VLAN. A VLAN is a logical segment of a network that isolates traffic between different
groups of devices. Port tagging allows devices on different physical ports or switches to communicate
with each other as if they were on the same port or switch. Port tagging can help keep the design
simple and efficient by reducing the number of physical ports and switches needed to segment
departments into different networks.
Reference: https://www.comptia.org/blog/what-is-port-tagging
 21 / 33
https://www.dumpsinfo.com/
63.19.0.2 is a valid IP address configuration for the device that uses a static RFC1918 address for the
network and allows for a connection over NAT (Network Address Translation). RFC1918 addresses
are private IP addresses that are not routable on the public Internet and are used for internal
networks.
The RFC1918 address ranges are 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. NAT is a technique
that translates private IP addresses to public IP addresses when communicating with external
networks, such as the Internet. FE80::1 is an IPv6 link-local address that is not a static RFC1918
address and does not allow for a connection over NAT. 100.64.0.1 is an IPv4 address that belongs to
the shared address space range (100.64.0.0/10) that is used for carrier-grade NAT (CGN) between
service providers and subscribers, which is not a static RFC1918 address and does not allow for a
connection over NAT. 169.254.1.2 is an IPv4 link-local address that is automatically assigned by a
device when it cannot obtain an IP address from a DHCP server or manual configuration, which is not
a static RFC1918 address and does not allow for a connection over NAT. 224.0.0.12 is an IPv4
multicast address that is used for VRRP (Virtual Router Redundancy Protocol), which is not a static
RFC1918 address and does not allow for a connection over NAT.
64.A network technician is hired to review all the devices within a network and make
recommendations to improve network efficiency.
Which of the following should the technician do FIRST before reviewing and making any
recommendations?
A. Capture a network baseline
B. Perform an environmental review.
C. Read the network logs
D. Run a bandwidth test
Answer: A
Explanation:
Before making any recommendations, a network technician should first capture a network baseline,
which is a snapshot of the current performance of the network. This will give the technician a baseline
to compare against after any changes are made. According to the CompTIA Network+ Study Manual,
the technician should "capture the state of the network before making any changes and then compare
the performance after the changes have been made. This will provide an accurate baseline to
compare the performance of the network before and after the changes have been made."
65.A security vendor needs to add a note to the DNS to validate the ownership of a company domain
before services begin.
Which of the following records did the security company MOST likely ask the company to configure?
A. TXT
B. AAAA
C. CNAME
D. SRV
Answer: A
Explanation:
TXT stands for Text and is a type of DNS record that can store arbitrary text data associated with a
domain name. TXT records can be used for various purposes, such as verifying the ownership of a
domain, providing information about a domain, or implementing security mechanisms such as SPF
(Sender Policy Framework) or DKIM (DomainKeys Identified Mail). In this scenario, the security
company most likely asked the company to configure a TXT record with a specific value that can
prove the ownership of the domain. AAAA stands for IPv6 Address and is a type of DNS record that
maps a domain name to an IPv6 address. CNAME stands for Canonical Name and is a type of DNS
 22 / 33
https://www.dumpsinfo.com/
record thatmaps an alias name to another name. SRV stands for Service and is a type of DNS record
that specifies the location of a service on a network.
Reference: CompTIA Network+ Certification Exam Objectives Version 7.0 (N10-007), Objective 1.8:
Explain the purposes and use cases for advanced networking devices.
66.An application team is deploying a new application. The application team would like the network
team to monitor network performance and create alerts if fluctuations in the round-trip time occur for
that traffic.
Which of the following should the network team monitor to meet this requirement?
A. Bandwidth
B. Latency
C. Loss
D. Cyclic redundancy check
Answer: B
Explanation:
Latency, also known as round-trip time (RTT), is the time it takes for a data packet to travel from a
source to its destination and back again. It is a key indicator of network performance and can be used
to identify fluctuations that may impact the user experience of an application.
Bandwidth, loss, and cyclic redundancy check (CRC) are other important network performance
metrics, but they are not directly related to the application team's requirement to monitor for
fluctuations in RTT.
Reference:
CompTIA Network+ N10-008 Exam Objectives, Objective 1.6: Network Performance Monitoring
CompTIA Network+ N10-008 Study Guide, Chapter 10: Network Performance Monitoring and
Troubleshooting
Additional Notes:
The network team can use a variety of tools and techniques to monitor RTT, such as ping, traceroute,
and network monitoring software.
When setting up alerts, the network team should consider the acceptable range of RTT for the
application. They should also configure alerts to trigger at different levels of severity, so that they can
take prompt action to resolve any issues.
67.Which of the following refers to a weakness in a mechanism or technical process?
A. Vulnerability
B. Risk
C. Exploit
D. Threat
Answer: A
Explanation:
The term that refers to a weakness in a mechanism or technical process is vulnerability. A
vulnerability is a flaw or gap in a system’s security that can be exploited by an attacker to gain
unauthorized access, compromise data, or cause damage. A vulnerability can be caused by design
errors, configuration errors, software bugs, human errors, or environmental factors. For example, an
outdated software version that has known security holes is a vulnerability that can be exploited by
malware or hackers.
Reference: CompTIA Network+ N10-008 Certification Study Guide, page 342; The Official CompTIA
Network+ Student Guide (Exam N10-008), page 13-7.
68.A customer is adding fiber connectivity between adjacent buildings. A technician terminates the
 23 / 33
https://www.dumpsinfo.com/
multimode cable to the fiber patch panel. After the technician connects the fiber patch cable, the
indicator light does not come on.
Which of the following should a technician try first to troubleshoot this issue?
A. Reverse the fibers.
B. Reterminate the fibers.
C. Verify the fiber size.
D. Examine the cable runs for visual faults.
Answer: A
Explanation:
One of the most common causes of fiber connectivity issues is the reversal of the fibers. This means
that the transmit (TX) and receive (RX) ports on one end of the fiber link are not matched with the
corresponding ports on the other end. For example, if the TX port on one device is connected to the
TX port on another device, and the same for the RX ports, then the devices will not be able to
communicate with each other. This can result in no indicator light, no link, or no data transmission12.
To troubleshoot this issue, the technician should first try to reverse the fibers. This can be done by
swapping the connectors at one end of the fiber patch cable, or by using a crossover adapter or cable
that reverses the polarity of the fibers. The technician should then check if the indicator light comes
on and if the devices can communicate properly12.
The other options are not the first steps to troubleshoot this issue. Reterminating the fibers is a time-
consuming and costly process that should be done only if there is evidence of physical damage or
poor quality of the termination. Verifying the fiber size is not relevant in this scenario, as multimode
fiber is compatible with multimode fiber, and any mismatch in core diameter or bandwidth would result
in high attenuation, not complete loss of signal. Examining the cable runs for visual faults is a useful
technique, but it requires a special tool called a visual fault locator (VFL) that emits a visible red light
through the fiber and shows any breaks or bends along the cable. However, a VFL cannot detect
polarity issues or connector problems, so it is not sufficient to troubleshoot this issue
69.A technician is troubleshooting a wireless connectivity issue in a small office located in a high-rise
building. Several APs are mounted in this office. The users report that the network connections
frequently disconnect and reconnect throughout the day.
Which of the following is the MOST likely cause of this issue?
A. The AP association time is set too low
B. EIRP needs to be boosted
C. Channel overlap is occurring
D. The RSSI is misreported
Answer: C
Explanation:
Channel overlap is a common cause of wireless connectivity issues, especially in high-density
environments where multiple APs are operating on the same or adjacent frequencies. Channel
overlap can cause interference, signal degradation, and performance loss for wireless devices. The
AP association time, EIRP, and RSSI are not likely to cause frequent disconnects and reconnects for
wireless users.
70.Which of the following protocol types describes secure communication on port 443?
A. ICMP
B. UDP
C. TCP
D. IP
Answer: C
Explanation:
 24 / 33
https://www.dumpsinfo.com/
TCP is the protocol type that describes secure communication on port 443. TCP (Transmission
Control Protocol) is a connection-oriented protocol that provides reliable and ordered delivery of data
packets over an IP network. TCP uses port numbers to identify different applications or services on a
device. Port 443 is the default port for HTTPS (Hypertext Transfer Protocol Secure), which is an
extension of HTTP that uses SSL (Secure Sockets Layer) or TLS (Transport Layer Security)
encryption to protect data in transit between a web server and a web browser.
Reference: https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-
rip/13788-3.html
71.A network engineer needs to reduce the overhead of file transfers.
Which of the following configuration changes would accomplish that goal?
A. Link aggregation
B. Jumbo frames
C. Port security
D. Flow control
E. Lower FTP port
Answer: A
72.Which of the Mowing architectures reduces network latency by enforcing a limit on the number of
switching devices on the frame's path between any internal hosts?
A. Spine and leaf
B. Software-defined network
C. Three-tiered
D. Collapsed core
Answer: A
Explanation:
It does this by using a two-level hierarchy of switches, where the spine switches connect to the leaf
switches, which in turn connect to the end hosts. This reduces the number of hops a packet must take
from one host to another, thus reducing latency. According to the CompTIA Network+ N10-008 Exam
Guide, the Spine and Leaf topology is a modern architecture that is used to reduce latency in large
networks.
73.A network administrator is troubleshooting a connectivity performance issue. As part of the
troubleshooting process, the administrator performs a traceout from the client to the server, and also
from the server to the client. While comparing the outputs, the administrator notes they show different
hops between the hosts.
Which of the following BEST explains these findings?
A. Asymmetric routing
B. A routing loop
C. A switch loop
D. An incorrect gateway
Answer: C
74.An engineer is gathering data to determine the effectiveness of UPSs in use at remote retail
locations.
Which of the following statistics canthe engineer use to determine the availability of the remote
network equipment?
A. Uptime
 25 / 33
https://www.dumpsinfo.com/
B. NetFlow baseline
C. SNMP traps
D. Interface statistics
Answer: A
Explanation:
Uptime is a statistic that can be used to determine the availability of the remote network equipment.
Uptime is the amount of time that a device or system has been running without experiencing any
failures or disruptions. It is commonly expressed as a percentage of total time, such as 99.99%
uptime. By measuring the uptime of the network equipment at the remote retail locations, the
engineer can determine how reliable and available the equipment is.
75.A technician wants to install a WAP in the center of a room that provides service in a radius
surrounding a radio.
Which of the following antenna types should the AP utilize?
A. Omni
B. Directional
C. Yagi
D. Parabolic
Answer: A
Explanation:
An omni antenna should be used by the AP to provide service in a radius surrounding a radio. An
omni antenna is a type of antenna that has a 360-degree horizontal radiation pattern. It can provide
wireless coverage in all directions from the antenna with varying degrees of vertical coverage. It is
suitable for indoor environments where users are located around the AP1.
Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-
wlan/82068-omni-vs-direct.html 1
76.A network administrator wants to check all network connections and see the output in integer form.
Which of the following commands should the administrator run on the command line?
A. netstat
B. netstat -a
C. netstat ?e
D. netstat ?n
Answer: A
77.An organization is interested in purchasing a backup solution that supports the organization's
goals.
Which of the following concepts would specify the maximum duration that a given service can be
down before impacting operations?
A. MTTR
B. RTO
C. MTBF
D. RPO
Answer: B
Explanation:
The maximum duration that a given service can be down before it impacts operations is often referred
to as the Recovery Time Objective (RTO). RTO is a key consideration in any backup and disaster
recovery plan, as it determines how quickly the organization needs to be able to recover from a
disruption or failure. It is typically expressed in terms of time, and it helps to inform the design and
 26 / 33
https://www.dumpsinfo.com/
implementation of the backup solution. For example, if an organization has a critical service that must
be available 24/7, it may have a very low RTO, requiring that the service be restored within a matter
of minutes or even seconds. On the other hand, if the service can be down for a longer period of time
without significantly impacting operations, the organization may have a higher RTO. When selecting a
backup solution, it is important to consider the organization's RTO requirements and ensure that the
solution is capable of meeting those needs. A solution that does not meet the organization's RTO
requirements may not be sufficient to ensure the availability of critical services in the event of a
disruption or failure.
78.An engineer is using a tool to run an ICMP sweep of a network to find devices that are online.
When reviewing the results, the engineer notices a number of workstations that are currently verified
as being online are not listed in the report.
The tool was configured to scan using the following information:
Network address: 172.28.16.0
CIDR: /22
The engineer collected the following information from the client workstation:
IP address: 172.28.17.206
Subnet mask: 255.255.252.0
Which of the following MOST likely explains why the tool is failing to detect some workstations?
A. The scanned network range is incorrect.
B. The subnet mask on the client is misconfigured.
C. The workstation has a firewall enabled.
D. The tool is unable to scan remote networks.
Answer: C
Explanation:
A firewall is a device or software that filters and controls the incoming and outgoing network traffic
based on predefined rules. A firewall can block ICMP packets, which are used for ping and other
diagnostic tools. If the workstation has a firewall enabled, it may not respond to the ICMP sweep and
appear as offline. The engineer should check the firewall settings on the workstation and allow ICMP
traffic if needed.
Reference: Network+ Study Guide Objective 4.1: Given a scenario, use the appropriate tool.
79.A technician notices that equipment is being moved around and misplaced in the server room,
even though the room has locked doors and cabinets.
Which of the following would be the BEST solution to identify who is responsible?
A. Install motion detection
B. Install cameras.
C. Install tamper detection.
D. Hire a security guard.
Answer: B
Explanation:
Installing cameras in the server room is the best solution to identify who is responsible for the
equipment being moved and misplaced. Cameras provide a way to monitor the server room in real
time and can be used to identify suspicious activity. Additionally, they provide a way to review past
activity and allow you to review footage to determine who may be responsible for the misplacement of
equipment.
80.A network engineer performs the following tasks to increase server bandwidth:
Connects two network cables from the server to a switch stack
 27 / 33
https://www.dumpsinfo.com/
Configure LACP on the switchports
Verifies the correct configurations on the switch interfaces
Which of the following needs to be configured on the server?
A. Load balancing
B. Multipathing
C. NIC teaming
D. Clustering
Answer: C
Explanation:
NIC teaming is a technique that combines two or more network interface cards (NICs) on a server into
a single logical interface that can increase bandwidth, provide redundancy, and balance traffic. NIC
teaming can be configured with different modes and algorithms depending on the desired outcome.
Link Aggregation Control Protocol (LACP) is a protocol that enables NIC teaming by dynamically
bundling multiple links between two devices into one logical link.
Reference: https://partners.comptia.org/docs/default-source/resources/comptia-network-
n10-008-exam-objectives-(2-0), https://docs.microsoft.com/en-us/windows-
server/networking/technologies/nic-teaming/nic-teaming
81.A network technician 13 troubleshooting a specific port on a switch.
Which of the following commands should the technician use to see the port configuration?
A. show route
B. show Interface
C. show arp
D. show port
Answer: B
Explanation:
To see the configuration of a specific port on a switch, the network technician should use the "show
interface" command. This command provides detailed information about the interface, including the
current configuration, status, and statistics for the interface.
82.A network administrator is testing performance improvements by configuring channel bonding on
an 802.Hac AP. Although a site survey detected the majority of the 5GHz frequency spectrum was
idle, being used only by the company's WLAN and a nearby government radio system, the AP is not
allowing the administrator to manually configure a large portion of the 5GHz frequency range.
Which of the following would be BEST to configure for the WLAN being tested?
A. Upgrade the equipment to an AP that supports manual configuration of the ElRP power settings.
B. Switch to 802.11n. disable channel auto-selection, and enforce channel bonding on the
configuration.
C. Set up the AP to perform a dynamic selection of the frequency according to regulatory
requirements.
D. Deactivate the band 5GHz to avoid Interference with the government radio
Answer: C
83.A technician is consolidating a topology with multiple SSlDs into one unique SSID deployment.
Which of the following features will be possible after this new configuration?
A. Seamless roaming
B. Basic service set
C. WPA
D. MU-MIMO
 28 / 33
https://www.dumpsinfo.com/
Answer: A
84.Which of the following disasterrecovery metrics describes the average length of time a piece of
equipment can be expected to operate normally?
A. RPO
B. RTO
C. MTTR
D. MTBF
Answer: D
Explanation:
MTBF is the disaster recovery metric that describes the average length of time a piece of equipment
can be expected to operate normally. MTBF stands for mean time between failures, which is a
measure of the reliability and availability of a device or system. MTBF is calculated by dividing the
total operating time by the number of failures that occurred during that time. MTBF indicates how
often a device or system fails and how long it can run without interruption. A higher MTBF means a
lower failure rate and a longer operational life span.
Reference: [CompTIA Network+ Certification Exam Objectives], What Is Mean Time Between Failures
(MTBF)? | Definition & Examples | Forcepoint
85.A wireless network technician is receiving reports from some users who are unable to see both of
the corporate SSIDs on their mobile devices. A site survey was recently commissioned, and the
results verified acceptable RSSI from both APs in all user areas. The APs support modern wireless
standards and are all broadcasting their SSIDs.
The following table shows some of the current AP settings:
Which of the following changes would result in all of the user devices being capable of seeing both
corporate SSIDs?
A. Implementing the WPA2 Enterprise authentication standard
B. Implementing omnidirectional antennas for both APs
C. Configuring the highest power settings for both APs
D. Configuring both APs to use the 802.11ac wireless standard
Answer: D
Explanation:
The change that would result in all of the user devices being capable of seeing both corporate SSIDs
is configuring both APs to use the 802.11ac wireless standard. 802.11ac is a wireless standard that
operates in the 5 GHz frequency band and offers high data rates and performance. However, not all
wireless devices support 802.11ac, especially older ones that only operate in the 2.4 GHz frequency
band. In the table, AP1 uses 802.11b, which is an outdated wireless standard that operates in the 2.4
GHz frequency band and offers low data rates and performance. AP2 uses 802.11a, which is an older
wireless standard that operates in the 5 GHz frequency band and offers moderate data rates and
performance. Therefore, some user devices may not be able to see both SSIDs because they are
incompatible with either 802.11b or 802.11a. By configuring both APs to use 802.11ac, which is
 29 / 33
https://www.dumpsinfo.com/
backward compatible with previous wireless standards, all user devices should be able to see both
SSIDs.
Reference: CompTIA Network+ N10-008 Certification Study Guide, page 75; The Official CompTIA
Network+ Student Guide (Exam N10-008), page 2-18.
86.A sales team at a company uses a SaaS solution primarily for videoconferencing and a CRM
application that connects to a database server in the corporate data center.
Which of the following VPN solutions would allow secure, remote access for sales staff to the CRM
application without impacting videoconferencing traffic?
A. Clientless
B. Site-to-site
C. Split tunnel
D. Full tunnel
Answer: C
Explanation:
A split tunnel VPN solution would allow secure, remote access for sales staff to the CRM application
without impacting videoconferencing traffic. A VPN stands for virtual private network, which is a
secure connection between two or more devices over a public network, such as the internet. A VPN
encrypts and authenticates the data, ensuring its confidentiality and integrity. A split tunnel VPN is a
type of VPN that allows some traffic to go through the VPN tunnel, while other traffic goes directly to
the internet. This can improve performance and bandwidth utilization by reducing unnecessary
encryption and routing overhead. By using a split tunnel VPN, sales staff can access the CRM
application that connects to a database server in the corporate data center through the VPN tunnel,
while using online videoconferencing services through their local internet connection.
Reference: [CompTIA Network+ Certification Exam Objectives], What Is Split Tunneling? | NordVPN
87.A network technician is observing the behavior of an unmanaged switch when a new device is
added to the network and transmits data.
Which of the following BEST describes how the switch processes this information?
A. The data is flooded out of every port. including the one on which it came in.
B. The data is flooded out of every port but only in the VLAN where it is located.
C. The data is flooded out of every port, except the one on which it came in
D. The data is flooded out of every port, excluding the VLAN where it is located
Answer: C
Explanation:
The switch processes the data by flooding it out of every port, except the one on which it came in.
Flooding is a process where a switch sends a data frame to all ports except the source port when it
does not have an entry for the destination MAC address in its MAC address table. Flooding allows the
switch to learn the MAC addresses of the devices connected to its ports and update its MAC address
table accordingly. Flooding also ensures that the data frame reaches its intended destination, even if
the switch does not know its location.
Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-
protocol/10556-16.html
88.Which of the following indicates a computer has reached end-of-support?
A. The computer does not have any users.
B. The antivirus protection is expired.
C. The operating system license is expired.
D. No more patches or bug fixes are available indefinitely.
 30 / 33
https://www.dumpsinfo.com/
Answer: D
Explanation:
No more patches or bug fixes are available indefinitely. This indicates that a computer has reached
end-of-support, which means that the manufacturer or vendor of the hardware or software no longer
provides technical assistance, updates, or security fixes for the product12. This can expose the
computer to potential security risks and compatibility issues with newer technologies
89.A corporation is looking for a method to secure all traffic between a branch office and its data
center in order to provide a zero-touch experience for all staff members who work there.
Which of the following would BEST meet this requirement?
A. Site-to-site VPN
B. VNC
C. Remote desktop gateway
D. Virtual LANs
Answer: A
Explanation:
A site-to-site VPN is a method that creates a secure and encrypted connection between two internet
gateways, such as routers or firewalls, that belong to different networks1. A site-to-site VPN can
secure all traffic between a branch office and its data center by creating a virtual tunnel that protects
the data from interception or tampering. A site-to-site VPN can also provide a zero-touch experience
for all staff members who work there, as they do not need to install any software or configure any
settings on their devices to access the data center resources. They can simply use their local network
as if they were physically connected to the data center network.
VNC (Virtual Network Computing) is a method that allows remote access and control of a computer’s
desktop from another device over a network2. VNC can enable staff members to work remotely by
accessing their office computers from their home computers or mobile devices. However, VNC does
not secure all traffic between a branch office and its data center, as it only works at the application
layer and does not encrypt the network layer. VNC also does not provide a zero-touch experience for
staff members, as they need to install software and configure settings on both the host and the client
devices.
Remote desktop gateway is a method that allows remote access and control of a computer’s desktop
from another device over a network using the Remote Desktop Protocol (RDP). Remote desktop
gateway can also enable staff members to work remotely by accessing their office computers from
theirhome computers or mobile devices. However, remote desktop gateway does not secure all
traffic between a branch office and its data center, as it only works at the application layer and does
not encrypt the network layer. Remote desktop gateway also does not provide a zero-touch
experience for staff members, as they need to install software and configure settings on both the host
and the client devices.
Virtual LANs (VLANs) are methods that create logical subdivisions of a physical network based on
criteria such as function, department, or security level. VLANs can improve network performance,
security, and management by reducing broadcast domains, isolating traffic, and enforcing policies.
However, VLANs do not secure all traffic between a branch office and its data center, as they only
work at the data link layer and do not encrypt the network layer. VLANs also do not provide a zero-
touch experience for staff members, as they need to configure settings on their network devices to
join or leave a VLAN.
90.Which of the following provides guidance to an employee about restricting non-business access to
the company's videoconferencing solution?
A. Acceptable use policy
B. Data loss prevention
 31 / 33
https://www.dumpsinfo.com/
C. Remote access policy
D. Standard operating procedure
Answer: A
Explanation:
An acceptable use policy (AUP) is a set of rules that outline the proper and improper use of an
organization's resources, such as its videoconferencing solution. An AUP can provide guidance to
employees about what is expected of them when using the organization's videoconferencing solution,
including restricting non-business access to it.
91.A network administrator is setting up several loT devices on a new VLAN and wants to accomplish
the following
92.Which of the following DHCP settings would be used to ensure a device gets the same IP address
each time it is connected to the network?
A. Scope options
B. Reservation
C. Exclusion
D. Relay
E. Pool
Answer: A
93.Which of the following describes the BEST device to configure as a DHCP relay?
A. Bridge
B. Router
C. Layer 2 switch
D. Hub
Answer: B
Explanation:
Normally, routers do not forward broadcast traffic. This means that each broadcast domain must be
served by its own DHCP server. On a large network with multiple subnets, this would mean
provisioning and configuring many DHCP servers. To avoid this scenario, a DHCP relay agent can be
configured to provide forwarding of DHCP traffic between subnets. Routers that can provide this type
of forwarding are described as RFC 1542 compliant. The DHCP relay intercepts broadcast DHCP
frames, applies a unicast address for the appropriate DHCP server, and forwards them over the
interface for the subnet containing the server. The DHCP server can identify the original IP subnet
from the packet and offer a lease from the appropriate scope. The DHCP relay also performs the
reverse process of directing responses from the server to the appropriate client subnet.
94.Which of the following is the IEEE link cost for a Fast Ethernet interface in STP calculations?
A. 2
B. 4
C. 19
D. 100
Answer: D
Explanation:
The IEEE standard for link cost for a Fast Ethernet interface is 100, and for a Gigabit Ethernet
interface is 19. These values are based on the bandwidth of the interface, with lower values indicating
a higher-bandwidth interface.
 32 / 33
https://www.dumpsinfo.com/
95.A network administrator wants to improve the security of the management console on the
company's switches and ensure configuration changes made can be correlated to the administrator
who conformed them.
Which of the following should the network administrator implement?
A. Port security
B. Local authentication
C. TACACS+
D. Access control list
Answer: C
Explanation:
TACACS+ is a protocol that provides centralized authentication, authorization, and accounting (AAA)
for network devices and users. TACACS+ can help improve the security of the management console
on the company’s switches by verifying the identity and credentials of the administrators, enforcing
granular access policies and permissions, and logging the configuration changes made by each
administrator. This way, the network administrator can ensure only authorized and authenticated
users can access and modify the switch settings, and also track and correlate the changes made by
each user.
Reference: https://www.comptia.org/blog/what-is-tacacs
Powered by TCPDF (www.tcpdf.org)
 33 / 33
https://www.dumpsinfo.com/
http://www.tcpdf.org