Free Practice Questions for CompTIA N10-009 Exam

After implementing the solution, the immediate next step is to verify full system functionality. This confirms that the problem has been resolved and helps ensure no new issues have been introduced.

From Andrew Ramdayal’s guide:

“After the solution is implemented, test the system to ensure that it is fully operational, and the original problem has been resolved. Also, put in place any measures that could prevent the issue from recurring.”

An evil twin attack occurs when an attacker creates a fraudulent AP with an SSID very similar (or identical) to the legitimate one. Users may accidentally connect, allowing the attacker to capture traffic and credentials.

A. On-path is the consequence of connecting to the evil twin, not the initial attack itself.

B. Rogue AP is any unauthorized access point, but the key here is the malicious mimicry of a legitimate SSID — specifically an evil twin.

D. Tailgating is a physical social engineering attack, unrelated to Wi-Fi.

References (CompTIA Network+ N10-009):

Domain: Network Security — Wireless threats (rogue APs, evil twins).

Full duplex mode allows devices to send and receive data simultaneously, improving network performance and reducing congestion, which is critical for VoIP and video conferencing.

Breakdown of Options:

A. A VLAN with 100Mbps speed limits – VLANs segment traffic but limiting speeds to 100Mbps would worsen video performance.

B. An IP helper to direct VoIP traffic – IP helper is used for DHCP relay, not for VoIP optimization.

C. A smaller subnet mask – A smaller subnet reduces IP address availability but does not improve network performance.

D. Full duplex on all user ports – Correct answer. Full duplex eliminates collisions, allowing better VoIP and video performance.

Inconsistent arrival of RTP (Real-Time Protocol) packets indicates jitter or latency variation. A protocol analyzer (packet sniffer, e.g., Wireshark) can capture and analyze RTP streams, showing delay, jitter, and packet loss statistics.

A. Toner and probe locates cable runs, not packet analysis.

C. Cable tester checks wiring faults, not packet timing.

D. Spectrum reader is for identifying wireless interference, not analyzing RTP traffic.

References (CompTIA Network+ N10-009):

Domain: Network Troubleshooting — Protocol analyzers, VoIP troubleshooting, jitter analysis.

A toner probe, often referred to as a toner and probe kit, is the easiest and most effective tool for identifying individual cables in a bundle, especially in situations where the patch panel is not labeled. The toner sends an audible tone through the cable, and the probe detects the tone at the other end, allowing the technician to quickly identify the correct cable.

Functionality: The toner generates a tone that travels along the cable. When the probe is placed near the correct cable, it detects the tone and emits a sound.

Ease of Use: Toner probes are straightforward to use, even in environments with many cables, making them ideal for identifying cables in unlabeled patch panels.

Efficiency: This method is much faster and more reliable than manual tracing, especially in complex setups.

Network References:

CompTIA Network+ N10-007 Official Certification Guide: Details tools used for cable identification and troubleshooting.

Cisco Networking Academy: Provides training on using toner probes and other cable testing tools.

Network+ Certification All-in-One Exam Guide: Explains the use of different tools for network cable identification and management.

Comprehensive and Detailed Explanation (aligned to N10-009):

802.1X provides port-based Network Access Control (NAC), requiring authentication (often through RADIUS) before granting access. This is the standard for enterprise authentication on both wired and wireless networks.

A. 802.1Q defines VLAN trunking.

C. 802.3bt defines higher-power PoE.

D. 802.11h deals with spectrum management in wireless.

References (CompTIA Network+ N10-009):

Domain: Network Security — NAC, 802.1X authentication.

When extending a network beyond the primary equipment location, additional access/distribution switches are typically placed in an IDF (Intermediate Distribution Frame). Network+ (N10-009) infrastructure objectives differentiate between the MDF and IDF: the MDF is the main, central wiring/equipment location (often where core switches, routers, WAN demarcation, and main cross-connects reside). As a building grows or spans multiple floors/areas, an IDF is used as a secondary wiring closet to reduce cable runs, provide local switching, and aggregate user access connections back to the MDF using backbone cabling (often fiber). This supports scalability, cable management, and performance by keeping horizontal runs within recommended distance limits.

VPC (Virtual Private Cloud) is a cloud networking construct, not a physical wiring location. VXLAN is an overlay tunneling technology used in virtualized/data center networks, not where you physically install switches. The question specifically references extending the network beyond the primary equipment location, which is a classic use case for deploying an IDF to host additional switches closer to endpoint areas while uplinking back to the MDF.

A modern replacement for traditional remote-access VPN for users is SASE (Secure Access Service Edge). Network+ highlights trends in remote connectivity and security where organizations move away from backhauling all user traffic through a VPN concentrator and instead use cloud-delivered security and access controls closer to the user. SASE combines networking and security capabilities—commonly including ZTNA (Zero Trust Network Access), secure web gateway (SWG), CASB, firewall-as-a-service (FWaaS), and centralized policy enforcement—so remote users can securely access applications without relying on a classic “connect to the corporate network first” VPN model.

SD-WAN primarily optimizes connectivity between sites and to cloud services, often for branch networks; it’s not typically the direct replacement for remote user VPN access. Site-to-site VPN connects networks (locations) and is not intended for individual remote users. A reverse proxy can publish specific internal web applications externally and provide some security functions, but it does not replace VPN broadly for remote user access to multiple internal resources the way SASE/Zero Trust access solutions do. Therefore, SASE is the best answer as the likely replacement for traditional remote-access VPN.

Port 22 is used for Secure Shell (SSH), which enables encrypted remote login and command execution on network devices.

Port 23 = Telnet (unencrypted)

Port 80 = HTTP

Port 123 = NTP

From Andrew Ramdayal’s guide:

“SSH uses port 22 to provide secure command-line access to devices such as switches and routers. Unlike Telnet (port 23), SSH encrypts session traffic, making it the preferred method for remote administration.”

The issue is that more students have arrived on campus, meaning the available IP addresses are exhausted. To fix this, the administrator should increase the DHCP scope size to allow more devices to obtain IP addresses.

Breakdown of Options:

A. Enable IP helper – IP helper is used to forward DHCP requests across different subnets. However, the problem here is that the DHCP scope is full, not that requests are not reaching the server.

B. Change the subnet mask – The subnet mask determines the number of available hosts, but changing it without increasing the IP pool does not help.

C. Increase the scope size – Correct answer. Expanding the DHCP scope provides more IP addresses for assignment.

D. Add address exclusions – Exclusions reserve IP addresses, which would further reduce available addresses instead of solving the issue.