Free Practice Questions for CompTIA N10-009 Exam

A toner probe, often referred to as a toner and probe kit, is the easiest and most effective tool for identifying individual cables in a bundle, especially in situations where the patch panel is not labeled. The toner sends an audible tone through the cable, and the probe detects the tone at the other end, allowing the technician to quickly identify the correct cable.

Functionality: The toner generates a tone that travels along the cable. When the probe is placed near the correct cable, it detects the tone and emits a sound.

Ease of Use: Toner probes are straightforward to use, even in environments with many cables, making them ideal for identifying cables in unlabeled patch panels.

Efficiency: This method is much faster and more reliable than manual tracing, especially in complex setups.

Network References:

CompTIA Network+ N10-007 Official Certification Guide: Details tools used for cable identification and troubleshooting.

Cisco Networking Academy: Provides training on using toner probes and other cable testing tools.

Network+ Certification All-in-One Exam Guide: Explains the use of different tools for network cable identification and management.

When a new VLAN is created, it typically exists on a different subnet. If DHCP servers are on a different VLAN, the network needs an IP helper address to forward DHCP requests correctly. Without it, clients in the new VLAN won’t receive an IP address.

Breakdown of Options:

A. Scope size – Increasing the DHCP scope would not resolve the issue if requests aren ' t reaching the server.

B. Address reservations – Reservations only assign specific addresses to devices; they do not fix DHCP communication issues.

C. Lease time – Changing the lease time does not impact DHCP functionality across VLANs.

D. IP helper – Correct answer. This forwards DHCP requests across VLANs to the DHCP server.

The correct solution is to configure the connecting ports as trunk ports. When connecting switches, the uplink ports must be configured to carry traffic for multiple VLANs (trunking), not just a single access VLAN. Without trunking, VLAN tags may be dropped, and traffic from hosts will not reach the rest of the network or internet.

B. STP cables is a misnomer — STP refers to Spanning Tree Protocol or Shielded Twisted Pair cables, neither of which solves this logical configuration issue.

C. PoE budget is irrelevant because switches and hosts in this context don’t require PoE.

D. Link aggregation (LACP, EtherChannel) is for increasing bandwidth/redundancy across multiple links, not required with a single cable.

By enabling trunking on the uplink ports, the switches can pass VLAN-tagged traffic, ensuring hosts connected to the new switch have access to the same resources as those on the existing switch.

References (CompTIA Network+ N10-009):

Domain: Network Troubleshooting — VLAN trunking, inter-switch connectivity.

To support 126 users, the subnet must provide at least 126 usable host addresses. In IPv4 subnetting, usable hosts are calculated as: (2^(host bits)) − 2, subtracting the network and broadcast addresses.

A /25 leaves 7 host bits (because 32 − 25 = 7). That yields 2^7 = 128 total addresses, and 128 − 2 = 126 usable—an exact fit and therefore the most efficient option listed.

A /24 provides 256 total addresses and 254 usable, which would waste more addresses than necessary. A /23 provides 512 total addresses and 510 usable—far more waste. A /26 leaves 6 host bits, giving 64 total addresses and 62 usable, which is not enough for 126 users.

The 10.2.2.0 address is within the private 10.0.0.0/8 range, so it’s appropriate for internal addressing. Therefore, 10.2.2.0/25 is the correct CIDR range for efficiently supporting 126 hosts.

DHCP snooping is a security feature on network switches that helps to prevent unauthorized (rogue) DHCP servers from assigning IP addresses to clients. By implementing DHCP snooping, the network administrator can restrict DHCP responses to authorized servers only, preventing unauthorized DHCP configurations, such as incorrect DNS IPs, from being assigned to clients. This helps prevent man-in-the-middle attacks where malicious actors misconfigure DNS to redirect users to fraudulent sites. (Reference: CompTIA Network+ Study Guide, Chapter on Network Security)

Definition of MAC Flooding:

MAC flooding is an attack where a malicious actor sends numerous fake MAC addresses to a switch, overwhelming its CAM table. The CAM table stores MAC addresses and their associated ports for efficient traffic forwarding.

Impact of MAC Flooding:

CAM Table Overflow: When the CAM table is full, the switch cannot learn new MAC addresses and is forced to broadcast traffic to all ports, leading to a degraded network performance and potential data interception.

Switch Behavior: The switch operates in a fail-open mode, treating the network as a hub, which can be exploited for eavesdropping on traffic.

Comparison with Other Attacks:

ARP Spoofing: Involves sending false ARP (Address Resolution Protocol) messages to associate the attacker ' s MAC address with the IP address of another device.

Evil Twin: Involves creating a rogue wireless access point that mimics a legitimate one to intercept data.

DNS Poisoning: Involves corrupting the DNS cache with false information to redirect traffic to malicious sites.

Preventive Measures:

Port Security: Configure port security on switches to limit the number of MAC addresses per port, preventing CAM table overflow.

Network Segmentation: Use VLANs to segment network traffic and limit the impact of such attacks.

If the three new employees can communicate with each other’s devices, that strongly suggests their local Layer 2/Layer 3 connectivity is working (same VLAN/subnet, switching is fine, and they have IP addressing that allows local communication). The fact that they cannot access company resources (often on other subnets, servers, or the internet via internal routing) points to a problem with how these new endpoints are being addressed or routed beyond their local segment.

The most likely shared root cause affecting only “new employees” is DHCP scope/pool configuration. If the DHCP pool is exhausted, mis-scoped, or handing out incorrect options (such as an incorrect default gateway, wrong subnet mask, or an address range tied to an isolated VLAN), users could still talk locally but fail to reach resources outside their subnet. Modifying the DHCP server pool (expanding the scope, correcting the scope network, or ensuring the correct options are assigned) would resolve this with minimal changes.

A gateway routing table issue would typically affect many users, not just three new ones. DNS misconfiguration on the router would more commonly cause name-resolution problems, not block all resource access (and wouldn’t be isolated to only new employees). A workstation firewall would not usually prevent access to “company resources” in a way that consistently affects three new devices while still allowing peer connectivity.

When dealing with troubleshooting and change management, the plan of action outlines the steps, risks, and mitigation strategies. A change advisory board (CAB) uses this documented plan to decide whether to approve the change.

A. Identify the problem is the first step in troubleshooting, not decision-making for CAB.

B. Develop a theory is diagnostic work, not planning.

C. Test the theory confirms causes but doesn’t provide actionable planning information.

References (CompTIA Network+ N10-009):

Domain: Network Operations — Change management, troubleshooting methodology, CAB processes.

Spanning Tree Protocol (STP) is designed to detect and prevent Layer 2 loops by blocking redundant paths. If loops are possible in the design, enabling STP ensures network stability.

B. Port security controls endpoint MAC addresses, not loops.

C. Speed limits address bandwidth, not loop prevention.

D. 802.1Q tagging allows VLAN separation but does not resolve loops.

References (CompTIA Network+ N10-009):

Domain: Network Operations — Loop prevention, spanning tree, switch design.

Verifying full system functionality occurs after implementing a fix. This step ensures the solution resolved the issue and that performance is back to expected levels. Comparing current throughput to baseline measurements is part of validation testing to confirm everything is within normal operational parameters.

A. Implement the solution applies the fix but does not confirm results.

C. Document findings happens at the end of troubleshooting.

D. Test the theory comes earlier, when trying to confirm the suspected cause.

References (CompTIA Network+ N10-009):

Domain: Network Troubleshooting — Troubleshooting methodology steps, baselines, verification testing.

An on-path attack (formerly known as a man-in-the-middle (MITM) attack) involves intercepting and potentially altering communications between two parties without their knowledge. This can be done via techniques like ARP poisoning, rogue access points, or SSL stripping.

Breakdown of Options:

A. Self-signed certificate – These are untrusted SSL certificates but do not intercept traffic.

B. VLAN hopping – VLAN hopping exploits VLAN misconfigurations but does not necessarily intercept communications.

C. On-path attack – Correct answer. This intercepts and modifies traffic between two endpoints.

D. Phishing – Phishing tricks users into revealing credentials rather than intercepting network traffic.

Screened Subnet devices – Web server, FTP server

Building A devices – SSH server top left, workstations on all 5 on the right, laptop on bottom left

DataCenter devices – DNS server.

A screenshot of a computer AI-generated content may be incorrect.

A screenshot of a computer AI-generated content may be incorrect.

A screenshot of a computer AI-generated content may be incorrect.

When a network interface ' s indicator lights are not blinking on either the computer or the switch, it suggests a physical layer issue. Here is the detailed reasoning:

Ethernet Properly Connected: The Ethernet cable is correctly connected, eliminating issues related to a loose or faulty cable.

No Indicator Lights: The absence of blinking indicator lights on both the computer and the switch typically points to the port being administratively shut down.

Switch Port Shut Down: In networking, a switch port can be administratively shut down, disabling it from passing any traffic. This state is configured by network administrators and can be verified and changed using the command-line interface (CLI) of the switch.

Command to Check and Enable Port:

bash

Copy code

Switch > enable

Switch# configure terminal

Switch(config)# interface [interface id]

Switch(config-if)# no shutdown

The command no shutdown re-enables the interface if it was previously disabled. This will restore the link and the indicator lights should start blinking, showing activity.

Basic Configuration Commands PDF, sections on interface configuration (e.g., shutdown, no shutdown)​​.

Understanding Tracert:

tracert (Traceroute in Windows) is a command-line tool used to trace the path that packets take from the source to the destination. It records the route (the specific gateways at each hop) and measures transit delays of packets across an IP network.

Output Analysis:

The output shows a series of IP addresses with corresponding round-trip times (RTTs) in milliseconds.

The asterisks (*) indicate that no response was received from those hops, which is typical for routers or firewalls that block ICMP packets used by tracert.

Comparison with Other Tools:

netstat: Displays network connections, routing tables, interface statistics, and more, but does not trace packet routes.

tcpdump: Captures network packets for analysis, used for detailed network traffic inspection.

nmap: A network scanning tool used to discover hosts and services on a network, not for tracing packet routes.

Usage:

tracert helps identify the path to a destination and locate points of failure or congestion in the network.