Free Practice Questions for CompTIA N10-009 Exam

TheSession Layer(Layer 5 of the OSI Model) is responsible for setting up, managing, and tearing down sessions between applications. It maintains dialog control and synchronizes data exchange between systems.

LDAP over SSL (LDAPS) uses port 636 to provide secure, encrypted authentication for directory services.

Breakdown of Options:

A. SMTP (Simple Mail Transfer Protocol) – Uses port 25, not 636.

B. Syslog – Uses port 514 (UDP), not 636.

C. TFTP (Trivial File Transfer Protocol) – Uses port 69 (UDP), not 636.

D. LDAPS (Lightweight Directory Access Protocol Secure) – ✅ Correct answer. Uses port 636 for secure directory authentication.

BGP (Border Gateway Protocol) uses attributes like AS path, origin, and MED (multi-exit discriminator) to determine the best path among multiple available routes.

From Andrew Ramdayal’s guide:

“BGP is the protocol underlying the global routing system of the internet. It is used for routing data between autonomous systems (ASes)... BGP uses a path vector mechanism and maintains a list of attributes for route selection.”

802.1X is a port-based network access control (PNAC) protocol that provides an authentication mechanism to devices wishing to connect to a LAN or WLAN. It is widely used for secure network access, ensuring that only authenticated devices can access the network, whether they are connecting via wired or wireless means. 802.1X works in conjunction with an authentication server, such as RADIUS, to validate the credentials of devices trying to connect.References: CompTIA Network+ study materials.

Nmap (Network Mapper) is a powerful network scanning tool used to discover hosts and services on a computer network. It can be used to identify which ports are open on a remote server, which can help diagnose access issues to services like a remote file server.

Port Scanning: Nmap can perform comprehensive port scans to determine which ports are open and what services are running on those ports.

Network Discovery: It provides detailed information about the host’s operating system, service versions, and network configuration.

Security Audits: Besides troubleshooting, Nmap is also used for security auditing and identifying potential vulnerabilities.

Network References:

CompTIA Network+ N10-007 Official Certification Guide: Covers network scanning tools and their uses.

Nmap Documentation: Official documentation provides extensive details on how to use Nmap for port scanning and network diagnostics.

Network+ Certification All-in-One Exam Guide: Discusses various network utilities, including Nmap, and their applications in network troubleshooting.

A large number of collisions and input errors typically indicates a duplex mismatch, such as when one device is set to full duplex and the other to half duplex. This leads to communication issues and poor performance. The document explains:

“Collisions and input errors are clear signs of duplex mismatches… typically caused when one device operates in half duplex while the other is in full duplex, causing performance and connectivity issues.”

Changing default admin passwords is a fundamental first step in device hardening to prevent unauthorized access.

Port 587 is the standard default port for sending email (SMTP) with TLS encryption, which is used to secure email transmissions between mail servers or between clients and mail servers. Allowing traffic over port 587 enables secure email sending while maintaining standard protocol usage. (Reference: CompTIA Network+ Study Guide, Chapter on Ports and Protocols)

Definition of a Rogue DHCP Server:

A rogue DHCP server is an unauthorized DHCP server on a network, which can assign IP addresses to devices without proper control, leading to IP address conflicts.

Impact of a Rogue DHCP Server:

IP Address Conflicts: Multiple devices may receive the same IP address from different DHCP servers, causing network connectivity issues.

Network Disruption: Devices may be assigned incorrect network configuration settings, disrupting network services and connectivity.

Comparison with Other Attacks:

DNS poisoning: Alters DNS records to redirect traffic to malicious sites, but does not cause IP address conflicts.

Social engineering: Involves manipulating individuals to gain unauthorized access or information, not directly related to IP address conflicts.

Denial-of-service (DoS): Floods a network or service with excessive traffic to disrupt operations, but does not cause duplicate IP addresses.

Prevention and Detection:

Implement network access control measures to prevent unauthorized devices from acting as DHCP servers.

Use DHCP snooping on switches to allow DHCP responses only from authorized DHCP servers.

A warm site is a compromise between a hot site and a cold site, providing a balance between cost and recovery time. It is partially equipped with the necessary hardware, software, and infrastructure, allowing for a quicker recovery compared to a cold site but at a lower cost than a hot site.

Recovery Time: Warm sites can be operational within hours to a day, making them suitable for non-critical applications that can tolerate short downtimes.

Cost-Effectiveness: Warm sites are more economical than hot sites as they do not require all systems to be fully operational at all times.

Network References:

CompTIA Network+ N10-007 Official Certification Guide: Discusses disaster recovery strategies and the different types of recovery sites.

Cisco Networking Academy: Provides training on disaster recovery planning and site selection.

Network+ Certification All-in-One Exam Guide: Explains the characteristics of hot, warm, and cold sites and their use cases in disaster recovery planning.

Warm sites offer a practical solution for maintaining business continuity for non-critical applications, balancing the need for availability with cost considerations.