Free Practice Questions for CompTIA N10-009 Exam

The user’s inability to access the marketing department’s shared drives, despite having internet access, suggests a network segmentation issue. The most likely cause is an incorrect VLAN assignment. The computer is physically located on the accounting department floor, and the switchport is likely configured for the accounting VLAN, not the marketing VLAN. VLANs segment network traffic, and if the computer is in the wrong VLAN, it cannot communicate with the marketing department’s resources.

Why not Mismatched switchport duplex? Duplex mismatches cause performance issues (e.g., packet loss) but not specific access denials to shared drives.

Why not Misconfigured gateway settings? Incorrect gateway settings would prevent internet access, which the user has.

Why not SVI is assigned to the wrong IP address? A Switch Virtual Interface (SVI) with an incorrect IP address affects inter-VLAN routing, but this would likely impact multiple users, not just one.

The correct solution is a Content Delivery Network (CDN). A CDN caches web content (like images, videos, scripts) on distributed servers close to end users. This reduces latency, improves load times, and decreases the load on origin servers. For a business requiring high-speed access to media-rich content, a CDN is the most effective option.

B. SAN (Storage Area Network) is used for storage in a data center, not for distributing web content.

C. Firewall secures traffic but doesn’t accelerate content delivery.

D. Switches forward packets within a LAN, not globally distribute content.

By leveraging CDNs, businesses can handle large traffic volumes efficiently while improving user experience.

References (CompTIA Network+ N10-009):

Domain: Network Infrastructure — CDNs, caching, performance optimization.

VLAN hopping is an attack where an attacker crafts packets with multiple VLAN tags, allowing them to traverse VLAN boundaries improperly. This can result in gaining unauthorized access to network segments that are supposed to be isolated. The other options do not involve the use of multiple network tags. MAC flooding aims to overwhelm a switch’s MAC address table, DNS spoofing involves forging DNS responses, and ARP poisoning involves sending fake ARP messages.

VLAN hopping occurs when an attacker tricks a switch into believing the host is another switch by generating tagged frames or exploiting trunk negotiation (DTP). This allows the attacker to access traffic from multiple VLANs, potentially stealing sensitive data.

B. Evil twin is a rogue wireless AP attack, unrelated to switch impersonation.

C. DNS poisoning corrupts name resolution, not VLAN access.

D. ARP spoofing is a Layer 2 on-path attack, not masquerading as a switch.

References (CompTIA Network+ N10-009):

Domain: Network Security — VLAN hopping attacks, switch spoofing techniques.

The correct answer is Identify the problem, which is always the first step in the CompTIA Network+ N10-009 troubleshooting methodology. Before forming theories, creating action plans, or documenting outcomes, technicians must clearly understand what is happening, who is affected, and what symptoms are present.

In this scenario, the symptoms—inaccessible files and a changed wallpaper—are serious and potentially indicative of a security incident such as ransomware. However, at this stage, there is disagreement between the network administrator and the security analyst regarding the nature of the issue. That reinforces the need to begin with problem identification, which includes gathering information, determining the scope of impact, identifying recent changes, and assessing whether the incident is isolated or widespread.

Establishing a theory comes after the problem has been clearly defined. Creating a plan of action and documenting findings occur later in the process, once the issue has been confirmed and remediation steps are determined. Jumping ahead without properly identifying the problem could result in delayed containment or an incorrect response—especially critical in potential security incidents.

The Network+ objectives emphasize following the structured troubleshooting process precisely to reduce risk, prevent escalation, and ensure accurate resolution—particularly when malware or ransomware may be involved.

Routers determine the best route to a destination using longest prefix match. This means the router chooses the route entry with the most specific matching network prefix for the destination IP address. For example, if a routing table contains 10.1.0.0/16 and 10.1.2.0/24, a packet destined to 10.1.2.50 matches both entries, but the router prefers /24 because it is more specific (longer mask). Network+ (N10-009) routing fundamentals emphasize that route selection begins with prefix length specificity before considering other factors within the same prefix length (such as administrative distance and metric, depending on the platform).

“Shortest prefix match” is the opposite of correct behavior. “Routes learned from EIGRP” and “routes learned from OSPF” describe sources of routes, not the general selection rule routers use when multiple matching routes exist. Even if routes come from different protocols, the router still applies selection logic; the universal rule for matching destination networks is longest prefix match. Hence, option C is correct.

After implementing a solution and putting preventive measures in place, the next step is to verify that the system is functioning correctly. This ensures that the issue has been fully resolved.

=================

The CompTIA troubleshooting methodology includes steps like identifying the problem, establishing a theory of probable cause, testing the theory, creating a plan of action, implementing the solution, verifying functionality, and documenting findings. Establishing a theory involves analyzing the problem and considering possible causes, often by systematically checking each level of the OSI model (Physical, Data Link, Network, etc.) to pinpoint the root cause.

Why not Implement the solution? This step involves applying the fix, not analyzing the OSI model.

Why not Create a plan of action? This step focuses on planning the solution, not diagnosing the cause.

Why not Verify functionality? This step confirms the solution worked, not analyzing the OSI model.

UDP (User Datagram Protocol) is a connectionless protocol that does not provide built-in mechanisms for error detection, retransmission, or acknowledgments. If a UDP packet is lost in transit, the protocol itself does not handle retransmission. However, some applications using UDP (e.g., TFTP or custom streaming protocols) may implement their own mechanisms to detect packet loss and request retransmission if needed.

Why not A? The data link layer (Layer 2) handles frame-level errors within a single network segment, not end-to-end packet loss across networks.

Why not B? The IP TTL (Time to Live) field prevents routing loops by decrementing with each hop, but IP does not handle retransmission.

Why not C? UDP does not use acknowledgments, so the sender does not expect or receive them.

Quality of Service (QoS)is the best cost-effective solution. It prioritizes traffic based on application criticality. If the bandwidth is limited and only a few users are affected, prioritizing that application traffic can improve performance without needing costly bandwidth upgrades or direct connections.

Full duplex mode allows devices to send and receive data simultaneously, improving network performance and reducing congestion, which is critical for VoIP and video conferencing.

Breakdown of Options:

A. A VLAN with 100Mbps speed limits – VLANs segment traffic but limiting speeds to 100Mbps would worsen video performance.

B. An IP helper to direct VoIP traffic – IP helper is used for DHCP relay, not for VoIP optimization.

C. A smaller subnet mask – A smaller subnet reduces IP address availability but does not improve network performance.

D. Full duplex on all user ports – Correct answer. Full duplex eliminates collisions, allowing better VoIP and video performance.

PaaS (Platform as a Service) is best suited for application development because it provides a managed platform that includes the runtime environment, development frameworks, middleware, databases (often), and build/deployment tooling. In a PaaS model, the cloud provider manages the underlying infrastructure (servers, storage, networking, OS patching, and often the application runtime), allowing developers to focus on writing code, testing, and releasing applications quickly. This aligns with Network+ cloud concepts where service models are compared by responsibility: PaaS reduces operational overhead for the customer and accelerates development through standardized environments and automation.

Mobile access is a use case for remote access solutions (VPN, zero trust access, MDM), not specifically PaaS. An e-commerce site could be hosted using many models (IaaS, PaaS, SaaS), so it’s not the most specific match. Cloud-native software describes an architectural style (microservices, containers, managed services) and can be built using PaaS components, but it is broader than a single “use case” and is not as directly tied to the PaaS definition as application development is. Therefore, application development is the clearest and most accurate PaaS use case.

===========

Malware refers to any malicious software that can exfiltrate confidential data, including spyware, trojans, and rootkits. This fits the scenario where unauthorized data transfer is occurring.

Breakdown of Options:

A. Adware – Displays ads, does not typically steal data.

B. Ransomware – Encrypts files but does not exfiltrate data.

C. Darkware – Not a real cybersecurity term.

D. Malware – Correct answer. Malicious software is responsible for unauthorized data exfiltration.

The correct choice is B. Captive portal . This is the common setup used in places like libraries, hotels, airports, and cafés. A user first joins the wireless network, opens a browser, and is redirected to a web page where they must log in, accept terms, or enter provided credentials. Since the question specifically mentions authentication through HTTPS , that matches the behavior of a captive portal very closely.

The other options do not line up with the scenario. WPA3 is a wireless encryption and authentication standard, but it is not the same as a browser-based login page after connection. Single sign-on and SAML are identity and federation technologies used to simplify authentication across applications or services, not to provide the typical guest Wi-Fi web login experience.

The important clue is the sequence described in the question: first connect to Wi-Fi, then authenticate through a web page. That is exactly how a captive portal works. In many public-access wireless environments, the portal sits between the client and normal internet access until the user successfully authenticates or accepts the usage policy. For Network+ exam purposes, browser-based guest wireless authentication is most directly associated with a captive portal .