UDEMY CompTIA Network (N10-008) Practice Exam #5

Question 1

Which of the following applies to data as it travels from Layer 7 to Layer 1 of the OSI model?

De-encapsulation
Tunneling
Correct answer
Encapsulation
Tagging

Answer 1

OBJ-1.1: Data encapsulation and de-encapsulation in a computer network is a necessary process. Data encapsulation is performed at the sender side while the data packet is transmitted from source host to destination host. This is a process through which information is added to the data as it moved from layer 7 to layer 1 of the OSI model before the data is sent over the network to the receiver. De-encapsulation, on the other hand, in networking is performed at the receiver side or destination side as data moves from layer 1 to layer 7 of the OSI model.

As information travels up the layers of the OSI layer, information added from the sender’s encapsulation process is removed layer by layer. Tagging is used in 802.1q to identify ethernet traffic as part of a specific VLAN. This occurs at Layer 2 of the OSI model and remains at Layer 2 of the OSI model. Tunneling is the process by which VPN packets reach their intended destination. This normally occurs using the IPsec or TLS protocols, and occurs at Layer 2 of the OSI model.

Question 2

Which of the following components is used to describe the structure of a device subsystem using a hierarchical namespace containing all of the variables that may be set or read using SNMP?

Granular trap
MIB
OID
Verbose trap

Answer 2

OBJ-3.1: The Simple Network Management Protocol (SNMP) uses ports 161 and 162, and it is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks. The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID).

A unique objective identifier (OID) identifies a variable that can be read or set using the SNMP protocol. A trap is an asynchronous notification from the agent to the manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real-time, such as an alarming condition.

A granular trap contains a unique object identifier (OID) number and a value for that OID. A verbose trap may contain all the information about a given alert or event as its payload. A verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network.

Question 3

Your company’s corporate headquarters provided your branch office a portion of their Class C subnet to use at a new office location. You must allocate the minimum number of addresses using CIDR notation in order to accommodate each department’s needs. What is the correct CIDR notation for the Marketing department’s subnet which requires 11 devices?

/30
/28
/29
/27
/25
/26

Answer 3

OBJ-1.4: Since the Marketing department needs 11 devices plus a network ID and broadcast IP, it will require 13 IP addresses. The smallest subnet that can fit 13 IPs is a /28 (16 IPs). A /28 will borrow 4 host bits and assign those to the network portion of the subnet mask. This would create a subnet with 2^4 available host IP addresses, or 16 total IP addresses. Of the 16 IP addresses, there are 14 available for clients to use, one for the network ID, and one for the broadcast address.

Question 4

Which of the following is often used to allow one node to communicate with many other nodes, such as in DMVPN connections?

SDWAN
MPLS
mGRE
WLAN

Answer 4

OBJ-1.2: Multipoint GRE (mGRE) is a protocol that can be used to enable one node to communicate with many nodes by encapsulating layer 3 protocols to create tunnels over another network. The mGRE protocol is often used in Dynamic Multipoint VPN (DMVPN) connections.

Multiprotocol Label Switching (MPLS) is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows.

A software-defined wide area network (SDWAN) is a network that is abstracted from its hardware which creates a virtualized network overlay.

A wireless local area network (WLAN) is a wireless computer network that links two or more devices using wireless communication to form a local area network within a limited area such as a home, school, computer laboratory, campus, or office building.

Question 5

What is BEST used to perform a one-time temporary posture assessment in a NAC environment?

Non-persistent agent
Antivirus
Host-based firewall
Intrusion prevention system

Answer 5

OBJ-4.1: A non-persistent agent is used to access the device during a one-time check-in at login.

A persistent agent is agent software that resides on the client making the connection, and a non-persistent agent is software the client runs (usually from a browser) as they are connecting so the agent can perform the checks, but the software does not permanently stay with the client after they disconnect. This is beneficial in BYOD (Bring Your Own Device) policies.

Question 6

Which of the following must be combined with a threat to create risk?

Vulnerability
Malicious actor
Your answer is incorrect
Exploit
Mitigation

Answer 6

OBJ-4.1: A risk results from the combination of a threat and a vulnerability. A vulnerability is a weakness in a device, system, application, or process that might allow an attack to take place. A threat is an outside force that may exploit a vulnerability. Remember, a vulnerability is something internal to your organization’s security goals. Therefore, you can control, mitigate, or remediate a vulnerability. A threat is external to your organization’s security goals. A threat could be a malicious actor, a software exploit, a natural disaster, or other external factors. In the case of an insider threat, they are considered an external factor for threats and vulnerabilities since their goals lie outside your organization’s security goals.

Question 7

What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS/TACACS+?

802.3af
PKI
802.1q
802.1x

Answer 7

OBJ-4.1: 802.1x is the standard that is used for network authentication with RADIUS and TACACS+. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS or TACACS+ server.

Question 8

A home user ran a bandwidth speed test from their laptop and receive the following results:

Ping: 53ms

Download speed: 33.3 Mbps

Upload speed: 10.2 Mbps

Which of the following is the best interpretation of these results?

The website downloaded data at 33.3 Mbps and uploaded data at 10.2 Mbps
The laptop received data at 33.3 Mbps and sent data at 10.2 Mbps
The laptop took 53 ms to complete the bandwidth speed test
The laptop downloaded 33.3 MB of data and uploaded 10.2 MB of data

Answer 8

OBJ-5.3: This connection appears to be an asymmetric connection, like a cable modem or aDSL, since the download and upload speeds do not match. According to the bandwidth speed test results, the laptop received data at 33.3 Mbps when receiving the test file and uploaded the test file back to the server at a speed of 10.2 Mbps. The laptop had a latency of 53ms during the test, which is indicated by the ping test conducted as part of the bandwidth speed test. During a bandwidth speed test, the laptop will first conduct a ping test to the server to measure the latency of the connection. Next, the laptop will download a sample file from the server and then upload that same file back to the server. During the download and upload, the server measures the time it took to accurately calculate the throughput of the connection between the laptop and the server.

Question 9

Your company’s security policy states that its workstations must hide their internal IP addresses whenever they make a network request across the WAN. You have been asked to recommend a technology that would BEST implement this policy. Which of the following is the BEST solution for you to recommend?

NAT
OSPF
VPN
DMZ

Answer 9

OBJ-1.4: Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. Using NAT, you can have the internal IP address of each workstation mapped to a public IP address or port when it crosses the router to access the WAN.

A DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet.

A virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP).

Question 10

A technician receives a report that a VoIP phone is experiencing a “no network connectivity” error. The technician notices the Cat6a patch cable running from the back of the phone is routed behind the user’s rolling chair. The cable appears to have been rolled over numerous times by the user, and it looks flattened from the abuse. Which of the following is the most likely cause of the connectivity issues being experienced on the VoIP phone?

Improperly crimped cable
Excessive collisions
Cross-talk
Transmit and receive reversed

Answer 10

OBJ-5.2: Crosstalk is defined as an effect caused by the unintentional and undesired transmission (leakage) of a signal from one cable to another. Due to the abuse of the cable being run over repeatedly by the user’s chair, the cable’s shielding could have been damaged and the cable may no longer be made up of the same consistency. This can lead to crosstalk amongst the cable pairs, or even opens/shorts of the wires in those cable pairs.

Question 11

Which of the following components is used by an agent to send a single key-pair value about a significant event or condition that is occurring in real-time to a manager?

Granular trap
MIB
Verbose trap
OID

Answer 11

OBJ-3.1: The Simple Network Management Protocol (SNMP) uses ports 161 and 162, and it is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks.

A trap is an asynchronous notification from the agent to the manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real-time, such as an alarming condition.

A granular trap contains a unique object identifier (OID) number and a value for that OID.

A verbose trap may contain all the information about a given alert or event as its payload. A verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network.

A unique objective identifier (OID) identifies a variable that can be read or set using the SNMP protocol.

The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID).

Question 12

A network technician believes that a network appliance is suffering from extremely slow performance. A technician is troubleshooting the issue using a performance monitoring tool and receives the following results:

Avg % Processor Time = 10%
Avg Pages/Second = 0
Avg Disk Queue Length = 3

Based on the results, what might be causing this network appliance’s performance bottleneck?

NIC
Processor
Memory
Hard drive

Answer 12

OBJ-5.5: Based on the results, the hard drive (disk queue) is causing the performance bottleneck. Since the average processor is not over 50%, the pages/second (memory) is not heavily burdened, nor do we have any information or statistics about the NIC. Whenever the system is queuing data to the hard drive, it slows down the network appliance’s performance since the hard disk is much slower than the processor and onboard memory.

Question 13

Which protocol is used to establish a secure and encrypted VPN tunnel that can be initiated through a web browser?

SSL
PPP
IPsec
PPTP

Answer 13

OBJ-4.4: An SSL VPN is a type of virtual private network that uses the Secure Sockets Layer protocol in a standard web browser to provide secure, remote-access VPN capability. In modern browsers and servers, it is more common to use TLS (transport layer security) which is the successor to SSL.

Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network and is used heavily in virtual private networks, but not with web browser initiated ones.

The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks. Point-to-Point Protocol (PPP) is a TCP/IP protocol that is used to connect one computer system to another.

Question 14

You recently started a new job with Facebook as a network technician. You have been asked to connect several of their buildings together to form a larger network. All of the buildings are within walking distance of each other. What type of network are you creating?

PAN
CAN
LAN
WAN

Answer 14

OBJ-1.2: A campus area network (CAN) is a computer network that spans a limited geographic area. CANs interconnect multiple local area networks (LAN) within an educational or corporate campus. A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A wide area network (WAN) will typically cover a larger area geographically, such as a continent, a state, or a country.

Question 15

Which of the following describes a design where traffic is shared between multiple network servers to provide greater throughput and reliability?

Multiplexing
VLAN tagging
MPLS trunking
Load balancing

Answer 15

OBJ-3.3: Load balancing is a technique used to spread work across multiple computers, network links, or other devices.

Multiprotocol Label Switching is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows.

VLAN tagging is used to keep traffic from different networks separate when traversing shared links and devices within a network topology.

Multiplexing is the technology that is able to combine multiple communication signals together in order for them to traverse an otherwise single signal communication medium simultaneously.

Question 16

A network technician has configured a point-to-point interface on a router. Once the fiber optic cables have been run, though, the interface will not come up. The technician has cleaned the fiber connectors and used a fiber light meter to confirm that light passes in both directions without excessive loss. Which of the following is MOST likely the cause of this issue?

The bend radius has been exceeded
The connection is suffering from EMI
The cable is subject to cross-talk
There is a wavelength mismatch

Answer 16

OBJ-5.2: Wavelength mismatch occurs when two different transceivers are used at each end of the cable. For example, if one SFP uses a 1310nm transceiver and the other end uses a 850 nm transceiver, they will be unable to communicate properly and the link will remain down. Cross-talk and EMI do not affect fiber optic cables. Electromagnetic interference (EMI) occurs when electrical signals from the local environment outside of the binder are picked up by the copper pairs in a cable and introduce noise. Crosstalk occurs when a signal transmitted on one copper twisted pair in a bundle radiates and potentially interferes with and degrades the transmission on another pair. The bend radius is how sharply a cable can safely bend without causing damage by creating micro cracks on the glass fibers.

Question 17

Which of the following protocols is considered an external routing protocol?

EIGRP
OSPF
RIP
Correct answer
BGP

Answer 17

OBJ-2.2: Border Gateway Protocol is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems on the Internet. The Routing Information Protocol (RIP) is an Interior Gateway Protocol (IGP) designed to distribute routing information within an Autonomous System (AS). Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) designed as a link-state routing protocol and is based on the Shortest Path First (SPF) algorithm. Enhanced Interior Gateway Routing Protocol (EIGRP) is an Interior Gateway Protocol (IGP) designed as an advanced distance-vector routing protocol used on a computer network for automating routing decisions and configuration.

Question 18

You are troubleshooting a network connectivity issue on a student’s workstation at Dion Training. The wireless access point for the DionTraining network is set to not broadcast its network identifier. The student enters DIONTRAINING as the network name, then attempts to connect to this “Open” wireless access point. The student’s classmates have all been able to connect successfully to the network, but this workstation fails to successfully connect. Which of the following issues is indicated by this failure to connect?

Encryption protocol mismatch
Insufficient wireless coverage
Wrong SSID
Incorrect passphrase

Answer 18

OBJ-5.4: The service set identifier (SSID) is a natural language name used to identify a wireless network. If a network is manually configured and the incorrect SSID is entered, the device will be unable to connect to the network. In this scenario, the network name (SSID) is DionTraining, but the student entered DIONTRAINING instead. SSIDs are case sensitive, so DionTraining and DIONTRAINING would be considered two different networks. This indicates the wrong SSID was entered. Encryption protocols are used to protect WEP, WPA, and WPA2 wireless networks. WEP wireless networks utilize the RC4 encryption protocol. WPA wireless networks utilize the TKIP encryption protocol. WPA2 wireless networks utilize the AES encryption protocol, but they also can support the TKIP encryption protocol, as well. The network in this scenario was an “Open” network, which indicates it does not require an encryption protocol. If the wrong encryption protocol is used, the wireless client and the wireless access point will be unable to communicate. The passphrase in a wireless network serves as the password or network security key. If the incorrect passphrase was entered, you will receive an error such as “Network security key mismatch” and the wireless device will be unable to communicate with the wireless access point. The received signal strength indication (RSSI) is an estimated measure of the power level that a radio frequency client device is receiving from a wireless access point. If the RSSI is -90dB to -100dB, this indicates an extremely weak connection and insufficient wireless coverage in which the area the device is operating.

Question 19

Which of the following IEEE specifications describes the use of the spanning tree protocol (STP)?

802.3af
802.1d
802.3ad
802.1x

Answer 19

OBJ-2.3: The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard.

Link Aggregation Control Protocol or LACP is one element of an IEEE specification (802.3ad) that provides guidance on the practice of link aggregation for data connections.

The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.

Power over Ethernet (POE) is a technology that lets network cables carry electrical power. POE is defined in the IEEE 802.3af.

Question 20

You have just moved into a new apartment and need to get internet service installed. Your landlord has stated that you cannot drill any holes to install new cables into the apartment. Luckily, your apartment already has cable TV installed. Which of the following technologies should you utilize to get your internet installed in your apartment?

DOCSIS modem
DSL modem
Wireless router
Satellite mode

Answer 20

OBJ-1.2: DOCSIS (Data Over Cable Service Interface Specification) is an international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television system. Many cable television operators employ it to provide Internet access over their existing hybrid fiber-coaxial (HFC) infrastructure. Most people today call these cable modems, but technically, they are DOCSIS modems.

Question 21

Which of the following requires that all users, whether inside or outside the organization’s network, be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data?

Least privilege
Zero trust
Acceptable use policy
Defense in depth

Answer 21

OBJ-4.1: Zero-trust is a security framework that requires all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data.

Least privilege is the concept and practice of restricting access rights for users, accounts, and computing processes to only those resources absolutely required to perform routine, legitimate activities. Privilege itself refers to the authorization to bypass certain security restraints.

Defense in Depth is an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information.

An acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict the ways in which the network, website, or system may be used and sets guidelines as to how it should be used.

Question 22

Which of the following layers within software-defined networking determines how to route a data packet on the network?

Control layer
Management plane
Infrastructure layer
Application layer

Answer 22

OBJ-1.7: The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to.

The application layer focuses on the communication resource requests or information about the network.

The infrastructure layer contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements.

The management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations.

Question 23

Which of the following levels would a critical condition generate?

4
2
0
6

Answer 23

OBJ-3.1: The severity levels range from zero to seven, with zero being the most severe and seven being the least severe. Level 0 is used for an emergency and is considered the most severe condition because the system has become unstable.

Level 1 is used for an alert condition and means that there is a condition that should be corrected immediately.

Level 2 is used for a critical condition, and it means that there is a failure in the system’s primary application and it requires immediate attention.

Level 3 is used for an error condition, and it means that something is happening to the system that is preventing the proper function.

Level 4 is used for warning conditions and it may indicate that an error will occur if action is not taken soon.

Level 5 is used for notice conditions and it means that the events are unusual, but they are not error conditions.

Level 6 is used for information conditions and it is a normal operational message that requires no action.

Level 7 is used for debugging conditions and is just information that is useful to developers as they are debugging their networks and applications.

Question 24

You are conducting a port scan of an older server on your network to determine what services are being run on it. You find that ports 80 and 443 are open, but ports 20 and 21 are reported as closed. All other ports are reported as FILTERED. Based on this report, what can you determine about the server?

The server is running as a web server and is denying any other service requests

The server is behind a firewall and is blocked from receiving any traffic

The service is running an FTP server and it is denying any other service requests

The server is offline and not responding

Answer 24

OBJ-5.3: When a port scanner returns a result of CLOSED, it means the service denies the inbound traffic on that port. In this case, it denies FTP traffic on ports 20 and 21. This server runs a web server (port 80 and 443), but those are showing as OPEN and receiving traffic. The network firewall is blocking all the FILTERED ports.

Question 24

A technician added memory to a router, but the router refuses to recognize the new memory module. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. Which of the following is the MOST likely cause of this issue?

VTP
Driver update
CMOS
ESD

Answer 24

OBJ-5.5: The most likely cause is that the memory chips are faulty because they have suffered from electrostatic discharge (ESD) during the chips’ installation and movement. This question references a concept covered in-depth in your A+ curriculum but is considered fair game on the Network+ exam. It is also covered under the objectives for hardware failure on the Network+ exam and the objective for safety procedures.

Question 25

Your company has just installed a new web server that will allow inbound connections over port 80 from the internet while not accepting any connections from the internal network. You have been asked where to place the web server in the network architecture and configure the ACL rule to support the requirements. The current network architecture is segmented using a triple-homed firewall to create the following three zones:

ZONE INTERFACE, IP address

PUBLIC, eth0, 66.13.24.16/30

DMZ, eth1, 172.16.1.1/24

PRIVATE, eth2, 192.168.1.1/24

Based on the requirements and current network architecture above, where should you install the webserver and how should you configure it?

Put the server in the PUBLIC zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server’s IP

Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server’s IP

Put the server in the DMZ with an inbound rule from eth1 to eth0 that allows port 80 traffic to the server’s IP

Put the server in the PRIVATE zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server’s IP

Answer 25

OBJ-4.3: The web server should be placed into the DMZ, assigned an IP address in the 172.16.1.1/24 network, and create an inbound permit rule for port 80 in the ACL. Since the web server needs to be accessed from the internet (PUBLIC), you must configure the permit rule from eth0 (PUBLIC) to eth1 (DMZ). The web server should not be placed into the intranet (PRIVATE), since this will contain all our internal network clients and they should be blocked from accessing this web server according to the question. Most firewalls utilize an implicit deny policy, so all other ports from the eth0 will be blocked and all ports from eth2. If an implicit deny policy is not enabled, you can explicitly block those other ports using a deny rule within the ACLs.

Question 26

Your network administrator has handed you some documentation showing you which switch ports on a patch panel you need to connect with a CAT 5e patch cable for an upcoming network upgrade. What document are you MOST likely holding?

Logical network diagram
Process flow diagram
Inventory management plan
Physical network diagram

Answer 26

OBJ-3.2: A physical network diagram shows the actual physical arrangement of the components that make up the network, including cables and hardware. Typically, the diagram gives a bird’s eye view of the network in its physical space, like a floorplan. A network topology is the shape or structure of a network in a physical or logical format as depicted in a network diagram. Physical network topologies include the actual appearance of the network layout. Logical network topologies include the flow of data across the network. An inventory management plan is stored in a database to track the number of assets deployed, on order, or in storage. A process flow diagram illustrates the arrangement of the equipment and accessories required to carry out the specific process, including its stream connections, stream flow rates and compositions, and the operating conditions.