CompTIA CompTIA Certifications N10-009 Questions & Answers

• Question 21:

  Which of the following, in addition to a password, can be asked of a user for MFA?

  A. PIN

  B. Favorite color

  C. Hard token

  D. Mother's maiden name

  Correct Answer: A

  MFA stands for Multi-Factor Authentication, which is a method of verifying the identity of a user by requiring two or more pieces of evidence that belong to different categories:

  something the user knows, something the user has, or something the user is. A password is something the user knows, and it is usually combined with another factor such as a PIN (Personal Identification Number) or a hard token (a physical

  device that generates a one- time code) that the user has. A favorite color or a mother's maiden name are not suitable for MFA, as they are also something the user knows and can be easily guessed or compromised.

• Question 22:

  Which of the following is required for hosts to receive DHCP addresses from a server that is located on a different subnet?

  A. DHCP scope

  B. DHCP snooping

  C. DHCP reservations

  D. DHCP relay

  Correct Answer: D

  A DHCP relay is a network device that forwards DHCP requests from clients on one subnet to a DHCP server on another subnet. This allows the DHCP server to assign IP addresses and other network configuration parameters to clients across different subnets. A DHCP scope is a range of IP addresses that a DHCP server can assign to clients. A DHCP snooping is a security feature that filters and validates DHCP messages on a switch. A DHCP reservation is a way to assign a specific IP address to a specific client based on its MAC address. References: Part 2 of the current page talks about DHCP relay and its functions. You can also find more information about DHCP relay on [this page].

• Question 23:

  Which of the following attacks utilizes a network packet that contains multiple network tags?

  A. MAC flooding

  B. VLAN hopping

  C. DNS spoofing

  D. ARP poisoning

  Correct Answer: B

• Question 24:

  A network consultant is setting up a new wireless infrastructure. The new infrastructure is primarily focused on supporting legacy equipment that does not support the newest standards. Which of the following frequency ranges will the consultant most likely have to support?

  A. 2.4GHz

  B. 5GHz

  C. 5.9GHz

  D. 6GHz

  Correct Answer: A

  The most likely frequency range that the network consultant will have to support is 2.4GHz. This is because the most common legacy wireless standards, 802.11b and 802.11g, use the 2.4GHz range1. IEEE 802.11a uses 5GHz exclusively,

  and 5.9GHz and 6GHz are not widely used by legacy equipment. Therefore, A. 2.4GHz is the correct answer.

  https://www.networkcomputing.com/networking/wireless-beginners-part-1-rf-and-waves

• Question 25:

  A network technician needs to use an RFC1918 IP space for a new office that only has a single public IP address. Which of the following subnets should the technician use for the LAN?

  A. 10.10.10.0/24

  B. 127.16.10.0/24

  C. 174.16.10.0/24

  D. 198.18.10.0/24

  Correct Answer: A

  The RFC1918 IP space is a set of private IP addresses that are not routable on the public Internet and can be used for internal networks. The RFC1918 IP space consists of three ranges: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/161 Out of the four options, only A. 10.10.10.0/24 belongs to one of these ranges, specifically the 10.0.0.0/8 range. Therefore, the technician should use this subnet for the LAN. References1: https://en.wikipedia.org/wiki/Private_network

• Question 26:

  A customer connects a firewall to an ISP router that translates traffic destined for the internet. The customer can connect to the internet but not to the remote site. Which of the following will verify the status of NAT?

  A. tcpdump

  B. nmap

  C. ipconfig

  D. tracert

  Correct Answer: A

  tcpdump is a command-line tool that can capture and analyze network traffic on a given interface. tcpdump can verify the status of NAT by showing the source and destination IP addresses of the packets before and after they pass through the ISP router that translates traffic destined for the internet. tcpdump can also show the NAT protocol and port numbers used by the router. nmap, ipconfig, and tracert are not suitable tools for verifying the status of NAT, as they do not show the IP address translation process.

• Question 27:

  A network technician is troubleshooting an issue that involves connecting to a server via SSH. The server has one network interface that does not support subinterfaces. The technician runs a command on the server and receives the following output:

  

  On the host, the technician runs another command and receives the following:

  

  Which of the following best explains the issue?

  A. A firewall is blocking access to the server.

  B. The server is plugged into a trunk port.

  C. The host does not have a route to the server.

  D. The server is not running the SSH daemon.

  Correct Answer: C

• Question 28:

  A global company has acquired a local company. The companies are geographically separate. The IP address ranges for the two companies are as follows:

  Global company: 10.0.0.0/16 Local company: 10.0.0.0/24

  Which of the following can the network engineer do to quickly connect the two companies?

  A. Assign static routing to advertise the local company's network.

  B. Assign an overlapping IP address range to both companies.

  C. Assign a new IP address range to the local company.

  D. Assign a NAT range to the local company.

  Correct Answer: C

  Assigning a new IP address range to the local company is the best option to quickly connect the two companies without causing any IP address conflicts or overlaps. This option requires reconfiguring the local company's network devices and updating the routing tables on both sides, but it avoids the need for any NAT or static routing solutions that may introduce additional complexity, cost, or performance issues12

• Question 29:

  A company wants to implement a disaster recovery site for non-critical applications, which can tolerate a short period of downtime. Which of the following types of sites should the company implement to achieve this goal?

  A. Hot

  B. Cold

  C. warm

  D. Passive

  Correct Answer: C

  The type of site that the company should implement for non-critical applications that can tolerate a short period of downtime is a warm site. A warm site is a disaster recovery site that has some pre-installed equipment and software, but not as much as a hot site, which is fully operational and ready to take over the primary site's functions in case of a disaster. A warm site requires some time and effort to activate and synchronize with the primary site, but not as much as a cold site, which has no equipment or software installed and requires a lot of configuration and testing. A passive site is not a common term for a disaster recovery site, but it could refer to a site that only receives backups from the primary site and does not actively participate in the network operations.

• Question 30:

  An organization has a guest network with a network IP range of 192.168.1.0/28 using a DHCP pool. One visitor reported difficulties connecting and configured a static IP address. Following this action, another visitor reported intermittent connection issues. Which of the following is the most likely reason?

  A. Address pool exhaustion

  B. Duplicate IP addresses

  C. Misconfigured default gateway

  D. Incorrect subnet mask

  Correct Answer: B

  A duplicate IP address occurs when two devices on the same network have the same IP address assigned to them. This can cause intermittent connection issues, as the network devices may not be able to distinguish between the two conflicting devices. A duplicate IP address can be caused by a visitor manually configuring a static IP address that is already in use by another device on the guest network. The network IP range of 192.168.1.0/28 has only 14 usable host addresses, so the chances of a duplicate IP address are higher than a larger network.