×

Quiz Session - Attempts With Random Questions

CompTIA Network+ (N10-008) Exam Questions

Page 4 of 55

61.

Which file on a computer functions similarly to a DNS server?

  • hosts

  • domains

  • config

  • sites

Correct answer: hosts

The hosts file on a computer functions similarly to a Domain Name System (DNS) server. With a host file, you can map hostnames to an Internet Protocol (IP) address. While it is not commonly used today, it can be used in place of a DNS if necessary.

The names domains, config, and sites do not refer to files on the computer that work similarly to DNS.

62.

Of the following, which could end up being the result of nonstandard pinout creation in network cabling?

  • Splitting pairs in a cable

  • Using a 110 block

  • Using a 66 block

  • Not using a punch-down tool

Correct answer: Splitting pairs in a cable

Unshielded Twisted Pair (UTP) wiring contains eight copper leads organized into four pairs. A split pair is when these pairs are split so that one wire from each pair is paired with a wire from another. While this will work, it makes troubleshooting more complex. Split pairs are more likely with nonstandard pinouts because these nonstandard pinouts already "break the rules." Buying your cables precut will prevent this problem.

The choice between a 66 and 110 block has no impact on pinouts.

Punch-down tools, which are used to connect wires to these blocks, are also unrelated to non-standard pinouts.

63.

In the IEEE 802.1X standard, which of the following specifies how users will authenticate to a service?

  • EAP

  • SSO

  • Multi-factor authentication

  • TFA

Correct answer: EAP

An Extensible Authentication Protocol (EAP) is designed to authenticate a "supplicant" to an "authenticator" and create a shared session key. EAP works with IEEE 802.1X and expands on the protocols used by the Point-to-Point Protocol (PPP). Examples of EAP protocols include Flexible Authentication via Secure Tunneling (EAP-FAST), Message Digest 5 (EAP-MD5), and Transport Layer Security (EAP-TLS).

Single Sign-On (SSO) is an authentication scheme that allows users to log in once and then have access to a variety of services without logging in separately.

Multi-factor authentication involves the use of two or more authentication methods to access resources. Possible factors include:

  • Something you know
  • Something you have
  • Something you are

Two-Factor Authorization (TFA or 2FA) is a form of multi-factor authentication.

64.

How many watts does the 802.3af standard provide?

  • 15.4

  • 30

  • 11

  • 25.5

Correct answer: 15.4

The 802.3af standard is capable of providing up to 15.4 watts of power on the network and up to 44 volts. 802.3af is the standard for Power over Ethernet (PoE).

The answers 30 and 11 are incorrect.

The 802.3at standard is capable of providing up to 25.5 watts. 802.3at is the standard for Power over Ethernet Plus (PoE+).

65.

What term is used to describe interference between wires caused by one set of wires producing an electromagnetic field that impacts the function of another?

  • Crosstalk

  • Open

  • Echo

  • Short

Correct answer: Crosstalk

Crosstalk is interference between wires caused by one set of wires producing an electromagnetic field that impacts the function of another.

An open circuit is a break in a wire that stops current from flowing through a cable.

When cables of different thicknesses or compositions connect, electrons may not flow uniformly between them. This can cause echo.

A short circuit is when two wires touch that shouldn't. Since a current takes the path of least resistance, it will flow through the short rather than through the intended circuit.

66.

Which approach to support VLAN routing requires a Layer 3 switch?

  • IVR

  • ISL

  • 802.1Q

  • ROAS

Correct answer: IVR

Inter-Virtual Local Area Network (VLAN) Routing (IVR) is an approach to VLAN routing that requires a Layer 3 switch. Each VLAN can be connected to the routing engine of a Layer 3 switch using a Switched Virtual Interface (SVI). Layer 3 switches perform some or all functions of a router and can route traffic between VLANs on the switch.

Inter-Switch Link (ISL) is a Cisco-proprietary protocol used for VLAN tagging. ISL tags Ethernet frames to identify VLAN membership. ISL-enabled routers can then perform routing between VLANs.

802.1Q is a nonproprietary protocol similar to ISL.

Router On A Stick (ROAS) is a technique that uses subinterfaces on a single router interface to communicate with multiple VLANs on a switch. ROAS can be accomplished with either ISL or 802.1Q.

67.

Which of the following refers to the theoretical maximum rate at which data can be transmitted over a medium?

  • Speed

  • Throughput

  • Velocity

  • Pace

Correct answer: Speed

Speed is the theoretical maximum rate at which data can be transmitted over a medium. Speeds differ depending on industry standards. Ethernet Local Area Network (LAN) speeds are defined in 802.3 and wireless LAN speeds are defined in 802.11.

Throughput is the actual rate observed in a particular implementation. Throughput testers are used to determine the performance of network connections.

Velocity and pace are not used to describe network rates.

68.

Which of the following refers to a loss in wireless signal strength as it travels through some medium?

  • Attenuation

  • Interference

  • Deauthentication

  • Packet loss

Correct answer: Attenuation

Attenuation is the degradation of signal strength as it passes through a medium.

Interference is when radio signals mess with the operation of electrical circuits and can be solved using shielded cables or fiber optics.

Deauthentication occurs when a wireless attacker causes a user to lose connection to a wireless access point.

Packet loss refers to dropped packets on a network.

69.

Which tool is used for data aggregation, correlation, compliance, and forensic analysis?

  • SIEM

  • NMS

  • Syslog

  • SNMP

Correct answer: SIEM

A Security Information and Event Management (SIEM) software tool is used for data aggregation, correlation, compliance, and forensic analysis. Other purposes include compliance, retention, and alerts. SIEM is a combination of Security Information Management (SIM) and Security Event Management (SEM).

A Network Management System (NMS) collects data to monitor state changes, configuration changes, and performance anomalies in a network.

Syslog is used to collect and store information from network devices.

Simple Network Management Protocol (SNMP) is used to monitor devices as part of an NMS.

70.

Which of the following syslog severity levels should be addressed first?

  • Alert

  • Warning

  • Error

  • Critical

Correct answer: Alert

Syslog is a protocol used for the aggregation of device logs. Messages are sent from network devices to a syslog server. Of the potential answers, an alert severity should be addressed first. An alert message in syslog requires immediate action.

The syslog severity levels warning, error, and critical should all be given a lower priority than alert.

Syslog severity levels range from 0 to 7, with 0 being the most important:

  • 0 - Emergency - System is unusable
  • 1 - Alert - Action must be taken immediately
  • 2 - Critical - Critical conditions
  • 3 - Error - Error conditions
  • 4 - Warning - Warning conditions
  • 5 - Notice - Normal, but significant conditions
  • 6 - Informational - Informational messages
  • 7 - Debug - Debug-level messages

71.

Which of the following is a Layer 1 solution?

  • Media converter

  • Bridge

  • Switch

  • Router

Correct answer: Media converter

Media converters are used to transition from one transport medium to another, such as converting from fiber to Ethernet cable. This means that they operate at the Physical layer and are a Layer 1 solution.

Bridges, switches, and routers all work with MAC and IP addresses and operate at OSI levels 2 and above.

72.

A straight-through cable is used to connect which of the following?

  • Host to a switch

  • Switch to a switch

  • Hub to a hub

  • Hub to a switch

Correct answer: Host to a switch

A straight-through cable is used to connect a host to a switch or hub, or a router to a switch or hub.

A crossover cable, on the other hand, can be used to connect the following:

  • Switch to switch
  • Hub to hub
  • Host to host
  • Hub to switch
  • Router direct to host

73.

Of the following, which backup type is a read-only copy of the data set that is frozen at a point in time?

  • Snapshot

  • Incremental

  • Differential

  • Full

Correct answer: Snapshot

The four types of backup are:

  • Snapshot: This is a read-only copy of the data set that is frozen at a point in time.
  • Incremental: This only backs up data that has changed since the previous backup.
  • Differential: This is similar to an incremental backup in that it starts with a full backup and then subsequent backups only contain data that has changed. The difference is that it backs up all the data that has changed since the last full backup, as opposed to the last general backup.
  • Full: This is a backup of the whole data set.

74.

You are troubleshooting an issue using the Network+ troubleshooting methodology. You have tested a theory to determine probable cause and confirmed that your theory was, in fact, correct. What is the next step of the network troubleshooting methodology?

  • Establish a plan of action to resolve the problem

  • Implement a solution to resolve the problem

  • Document findings, actions, and outcomes

  • Share your theory with colleagues to validate it

Correct answer: Establish a plan of action to resolve the problem

Once you have tested a theory of probable cause and the theory is confirmed, the next step is establishing a plan of action to resolve the problem.

Implementing a solution and documenting findings, actions, and outcomes come later in the process.

Sharing your theory with others is not part of the network troubleshooting methodology.

The seven steps in the Network+ troubleshooting model are:

  • Identify the problem.
  • Establish a theory of probable cause.
  • Test the theory to determine cause.
  • Establish a plan of action to resolve the problem and identify potential effects.
  • Implement the solution or escalate as necessary.
  • Verify full system functionality and implement preventative measures if applicable.
  • Document findings, actions, outcomes, and lessons learned throughout the process.

75.

Although any frame over 1500 bytes technically qualifies as a jumbo frame, what is the typical size of a jumbo frame?

  • 9000 bytes

  • 5000 bytes

  • 3000 bytes

  • 2000 bytes

Correct answer: 9000 bytes

The default value for the Maximum Transmission Unit (MTU) size in Ethernet is 1500 bytes. Jumbo frames are frames larger than that, and they normally have a maximum size of 9000 bytes. Jumbo frames are commonly used in IP-based Small Computer System Interface (iSCSI) networks to consolidate data into a smaller number of packets. A misconfigured MTU size can cause network problems.

The other answers, 5000 bytes, 3000 bytes, and 2000 bytes, are incorrect and not typical for jumbo frame size.

76.

What is the term for a uniquely managed object in SNMP?

  • OID

  • MIB

  • UMO

  • MOU

Correct answer: OID

Object Identifier (OID) refers to a uniquely managed object that can be queried or configured in a Network Management System (NMS). OIDs are defined in a Management Information Base (MIB) in a Simple Network Management Protocol (SNMP) system. MIBs are provided by equipment vendors.

An MIB provides information about network devices to the NMS.

UMO is a fabricated term.

A Memorandum Of Understanding (MOU) is a draft agreement between two parties used prior to the establishment of a formal contract.

77.

Of the following, which technologies operate on the session layer of the Open Systems Interconnection (OSI) model?

  • RPC

  • HTTP

  • TCP

  • DNS

Correct answer: RPC

The Remote Procedure Call (RPC) involves a computer program calling a subroutine to reach out to another resource (computer) on the network for procedure execution. In this way, the RPC protocol creates and breaks down sessions between computers, thus operating on Layer 5.

Hypertext Transfer Protocol (HTTP) is an application layer protocol used to transfer information between computers. It is commonly used in web browsers. Transmission Control Protocol (TCP) is a transport layer protocol used to ensure the reliable transmission of network data. Domain Name System (DNS) works at the application layer, handling the domains that we use in browsing web traffic.

78.

What is the purpose of Spanning Tree Protocol (STP) in switched networks?

  • It prevents network loops

  • It filters bad packets

  • It routes networks based on MAC addresses

  • It replicates frames out to other ports for network monitoring

Correct answer: It prevents network loops

Spanning Tree Protocol (STP) is extremely important in switched networks because it stops network loops from occurring on Layer 2 networks with bridges or switches. It operates by closely monitoring the network for connections and links between switches and stops redundant communications between them.

A protocol analyzer like Wireshark may be used to filter bad packets or other errors for a report.

Network switches use MAC addresses to forward traffic.

Port mirroring is the process of replicating frames out to other ports for network monitoring.

79.

Your Network Management System (NMS) generates alarms based on Simple Network Management Protocol (SNMP) traps sent from network devices. However, you have noticed that there have been many temperature-related alarms that do not warrant investigation.

What is the BEST solution for decreasing the number of invalid alarms?

  • Modify thresholds

  • Add thresholds

  • Delete thresholds

  • Stop thresholds

Correct answer: Modify thresholds

If the temperature alarms received do not warrant investigation, then it makes sense to modify alarm thresholds to reflect appropriate temperature ranges. Only when a device exceeds an acceptable temperature range should it trigger an environmental alarm.

Adding thresholds would not solve the problem of excessive alarms.

Deleting or stopping thresholds would eliminate alarms, but then you would not be made aware of actual temperature issues.

80.

Which of the following IPS detection techniques is MOST LIKELY to identify a zero-day attack?

  • Anomaly-based

  • Signature-based

  • Policy-based

  • Rule-based

Correct answer: Anomaly-based detection

Anomaly-based detection identifies potential threats as deviations from the norm, therefore, it could detect a zero-day attack.

Signature-based detection can only identify known types of malware, so it cannot identify zero-day attacks.

Policy-based detection will only block traffic that violates corporate policy, and many types of attacks use approved protocols such as HTTPS.

Rule-based detection is not an IPS detection technique.

×