Brief Summary
This video provides a comprehensive review for the CompTIA Network+ N10-009 certification exam, featuring 100 practice questions covering various exam objectives. Andrew Ramdayal shares his expertise, offering detailed explanations for each question, including why certain answers are correct or incorrect.
- DHCP relay agents facilitate IP address assignment across different subnets from a single server.
- DNS record types, particularly A and AAAA records, map domain names to IPv4 and IPv6 addresses, respectively.
- Understanding the OSI model and associated protocols is crucial for the exam.
- IPS actively blocks threats, while IDS only detects them.
- IPsec is commonly used to establish secure VPN connections.
- NAT enhances network security by hiding internal IP addresses.
- Key port numbers, such as 22 for SSH and 443 for HTTPS, are essential knowledge.
- Subnetting and IP addressing are critical areas to master for the exam.
- Wireshark is a valuable tool for analyzing network-based attacks.
Introduction
The video is designed to help viewers prepare for certification exams like Network+ by providing 100 practice questions. These questions are spread across various exam objectives for the Network Plus n10-009 exam. Andrew Ramdayal, a seasoned instructor with over 20 years of experience and numerous certifications, will guide viewers through the questions. He encourages viewers to pause the video, answer the questions themselves, and then listen to his explanations.
Question 1: DHCP Relay Agents
The question asks about the importance of DHCP relay agents in a network. The correct answer is that they forward DHCP requests and responses between clients and servers across different subnets. DHCP relay agents are necessary when a DHCP server needs to assign IP addresses to devices on multiple subnets, as the DHCP server is typically bound to a single network. The DHCP server manages the lease time, not the relay agents. Relay agents are not backup DHCP services; a separate server is needed for that. A DHCP server can assign IP addresses to devices on the same subnet by default, without relay agents.
Question 2: DNS Record Types
The question focuses on which DNS record type maps a domain name to an IPv4 address. The answer is an A record. An AAAA record maps domain names to IPv6 addresses. MX records are used for mail exchange, pointing to the mail server's IP address or domain name. CNAME records are used to rename a domain name and do not involve IP addresses directly.
Question 3: Session Layer Protocol
The question asks which protocol is used by the session layer to manage communication sessions between network devices. The correct answer is RPC (Remote Procedure Call). HTTP, FTP, and SMTP operate at the application layer. It's important to understand which protocols operate at each layer of the OSI model.
Question 4: IPS vs. IDS
The question distinguishes between an IPS (Intrusion Prevention System) and an IDS (Intrusion Detection System). The key difference is that an IDS only detects potential threats, while an IPS blocks them. The video emphasizes the importance of knowing acronyms for the exam. An IPS does not primarily handle encryption, and both systems typically operate at the network layer.
Question 5: Secure VPN Protocol
The question asks which protocol is commonly used to establish a secure VPN connection. The answer is IPsec (Internet Protocol Security). IPsec encrypts VPN tunnels, providing a secure connection. HTTP is not secure, and while HTTPS can be used for SSL-based VPNs, IPsec is more common. FTP is for file transfer, and SMTP is for email, neither of which are used for VPNs.
Question 6: NAT Enhancement of Network Security
The question asks how NAT (Network Address Translation) enhances network security. NAT hides internal IP addresses from external networks, making it harder for hackers to directly access internal hosts. NAT does not assign static IP addresses, encrypt data packets, or increase network bandwidth.
Question 7: SSH Port
The question asks which port is commonly used by SSH (Secure Shell) for secure communications. The answer is port 22. Ports 20 and 21 are for FTP, and port 23 is for Telnet. SSH is a secure version of Telnet, used for secure command-line access to devices like routers and switches.
Question 8: Secure Web Traffic Port
The question asks which port is used to secure web traffic. The answer is 443, which is used for HTTPS (Hypertext Transfer Protocol Secure). Port 80 is for HTTP, port 23 is for Telnet, and port 110 is for POP3. HTTPS encrypts web traffic using TLS/SSL.
Question 9: Usable Host Addresses
The question involves determining the number of usable host addresses in a Class C network with a /24 subnet mask. A /24 subnet provides 256 addresses, but the first (0) and last (255) addresses are reserved for the network ID and broadcast address, respectively. Therefore, there are 254 usable host addresses.
Question 10: Network-Based Attack Analysis Tool
The question asks which tool is commonly used for analyzing and detecting network-based attacks. The answer is Wireshark, a protocol analyzer that allows users to see and analyze network traffic. Putty is used for Telnet and SSH connections, firewalls block traffic but don't analyze data, and intrusion prevention systems detect and stop attacks but don't provide detailed traffic analysis.
Question 11: DNS Record Types for Email Security
The question asks which of the following is not a DNS record type associated with email routing or email security. The answer is SRV (service record). MX records are used to locate email servers, SPF (Sender Policy Framework) secures emails, and TXT records are associated with email security.
Question 12: Cable Type for Long Distance
The question asks about the best cable type for a high-speed, long-distance link between two buildings, immune to interference. The answer is single-mode fiber. Coaxial cable and twisted pair are not immune to interference. Multimode fiber is suitable for short distances within a LAN, while single-mode fiber is designed for longer runs.
Question 13: Access Control Model for Government Agency
The question asks which access control model is most appropriate for a government agency requiring strict access control based on information sensitivity and user clearance. The answer is mandatory access control (MAC). Discretionary Access Control (DAC) gives users control over access, role-based access control (RBAC) grants access based on roles, and attribute-based access control (ABAC) uses specific attributes. MAC is used in high-security environments like the NSA and DOD.
Question 14: Single Public IP Address Representation
The question asks what allows a single public IP address to represent multiple private IP addresses by tracking traffic using different port numbers. The answer is port address translation (PAT). Dynamic DNS changes IP addresses based on domain names, VPNs connect across networks, and subnetting divides large networks.
Question 15: Distant Vector Routing Protocol
The question asks which of the following is a distant vector routing protocol used in smaller networks. The answer is RIP (Routing Information Protocol). FTP is for file transfer, STP (Spanning Tree Protocol) prevents switching loops, and OSPF (Open Shortest Path First) is a link-state routing protocol.
Question 16: Ethernet Cable Integrity Tool
The question asks which physical tool should a technician use to verify the integrity of an Ethernet cable. The answer is a cable tester. A cable crimper puts the head on the cable, a multimeter tests voltage, and a wire stripper removes the cable jacket.
Question 17: Multi-Port Network Appliance at Layer 2
The question describes a multi-port network appliance operating at Layer 2 of the OSI model, using MAC addresses to forward traffic. The answer is a switch. A hub operates at Layer 1, an access point is not primarily based on MAC addresses, and a router operates at Layer 3 using IP addresses.
Question 18: Troubleshooting Methodology - Next Step
The question presents a scenario where a network technician has confirmed consistent slow network performance across multiple devices. According to the CompTIA troubleshooting methodology, the next step should be to establish a theory of probable cause. Escalating, testing solutions, or documenting come later in the process.
Question 19: Restricting Access to Work-Related Websites
The question asks what a company should do to ensure employees only access work-related websites. The answer is to deploy a web proxy server with content filtering. Firewalls block specific ports, port mirroring monitors traffic, and router logging captures data but doesn't restrict access.
Question 20: Golden Configuration
The question asks what the golden configuration is in the context of network management. The answer is a baseline configuration that is saved and used to restore a device to a known stable state. It's not about maximum throughput, temporary configurations, or dynamic adjustments.
Question 21: Link State Routing Protocol
The question asks which of the following is a link-state routing protocol. The answer is OSPF (Open Shortest Path First). RIP (Routing Information Protocol) and BGP (Border Gateway Protocol) are distant vector protocols, and EIGRP (Enhanced Interior Gateway Routing Protocol) is a hybrid protocol.
Question 22: Path Vector Protocol for Interdomain Routing
The question asks which routing protocol is a path vector protocol primarily used for interdomain routing. The answer is BGP (Border Gateway Protocol). OSPF is used inside networks, and RIP and EIGRP are used inside networks as well.
Question 23: Preventing Sensitive Data Leakage
The question asks which method would be most effective to prevent employees from sending sensitive financial data outside the organization via email. The answer is to implement a DLP (Data Loss Prevention) system. Encryption doesn't stop sending, endpoint protection detects malware, and password policies don't prevent data leakage.
Question 24: Wireless Standard for Faster Speeds
The question asks which 802.11 standard is the best choice for faster speeds and better performance in a crowded environment. The answer is AC. It supports both 2.4 GHz and 5 GHz spectrums and offers faster speeds than older standards.
Question 25: Redirection to Malicious Websites
The question asks what is most likely the cause when users are redirected to malicious websites even when entering legitimate URLs. The answer is DNS cache poisoning. Man-in-the-middle attacks sniff data, ARP spoofing changes IP-to-MAC mappings, and DHCP starvation depletes IP addresses.
Question 26: EIGRP Backup Route
The question asks what term refers to the backup route that EIGRP uses. The answer is feasible successor. EIGRP creates redundant paths, and the feasible successor is the secondary option if the primary route fails.
Question 27: Temporary Network Access for Contractor
The question asks which authentication method would be best for a guest contractor needing temporary network access. The answer is assigning a unique temporary user account with an expiration date. This allows secure and limited access to necessary resources.
Question 28: OSI Model Layer for Data Segmentation
The question asks which layer of the OSI model is responsible for data segmentation. The answer is the transport layer. The physical layer deals with bits, the network layer with packets, and the data link layer with frames.
Question 29: Cloud Service Provider Hosting
The question describes a cloud service provider hosting applications from multiple clients on the same physical infrastructure. The term that best describes this type of environment is multi-tenancy. Virtualization is the whole thing, no Cloud structure is a single tency unless that cloud is like a private Cloud but public clouds are almost always multi-tenancy.
Question 30: Routing Protocol Minimizing Bandwidth Usage
The question asks which routing protocol minimizes bandwidth usage by sending updates only when there are changes in the network topology. The answer is EIGRP (Enhanced Interior Gateway Routing Protocol). It uses multicast and only pushes changes when something changes.
Question 31: Factors to Consider When Selecting a Rack Size
The question asks which factors should be considered when selecting a rack size for new server deployments. The answers are: number of servers and devices to be housed, cooling and airflow requirements, future expansion, and power consumption.
Question 32: Full Tunnel VPN Key Benefit
The question asks what is the key benefit of using a full tunnel VPN. The answer is it increases security by routing all traffic through the company's secure network.
Question 33: Analyzing MAC Address Table
The question involves analyzing a MAC address table to resolve a network issue. The correct answer is that the IP address 192.168.1.21 is assigned to two different MAC addresses on the same VLAN, indicating an IP conflict.
Question 34: Next Step After Implementing a Solution
The question asks what is the next step to take after implementing a solution to a network problem. The answer is to verify full system functionality.
Question 35: Mac Flooding Attack
The question asks what type of attack is likely responsible when a switch floods traffic to all ports due to an overload of fake addresses in its CAM table. The answer is a MAC flooding attack.
Question 36: Optimizing Storage Network
The question asks which technology would be the most efficient for optimizing a storage network to handle large amounts of data more efficiently. The answer is fiber channel.
Question 37: XML-Based Security Standard
The question asks which XML-based security standard allows sensitive user information to be exchanged between systems for authentication and authorization purposes. The answer is SAML (Security Assertion Markup Language).
Question 38: IP Configuration Purpose
The question asks about the purpose of the IP address 10.1.6.54.4/18 with the subnet mask 255.255.255.252. The answer is it is configured for a Point-to-Point link with another router.
Question 39: Firewall Object Subnet Mask
The question asks which subnet mask provides 30 usable host addresses. The answer is 255.255.255.224.
Question 40: Accessing a Failed Network Appliance
The question asks which method would most likely allow an administrator to access a network appliance that has failed to start up correctly and is not responding to standard management interfaces. The answer is establishing a console connection using a serial cable.
Question 41: Sharing a Single Public IP Address
The question asks which technology would best allow multiple devices to share a single public IP address. The answer is utilizing PAT (Port Address Translation).
Question 42: Identifying Weak Wi-Fi Signals
The question asks which tool should an administrator use to identify areas with weak Wi-Fi signals and adjust access point placement accordingly. The answer is a heat map.
Question 43: Monitoring Contents of Data Transmitted
The question asks which of the following tools would best meet the requirement of monitoring the contents of data transmitted between a secure network segment and the rest of the company's internal network to ensure no sensitive information is being leaked. The answer is DLP (Data Loss Prevention).
Question 44: Tracking Health and Performance of Devices
The question asks which of the following Solutions with best me this CIS log DCP server Port Marin or SNMP. The answer is SNMP (Simple Network Management Protocol).
Question 45: Redundancy and Increased Bandwidth
The question asks which of the following Technologies should the engineer use to ensure both links can simultaneously be used without creating a loop. The answer is lacp (Link Aggregation Control Protocol).
Question 46: Disaster Recovery Metrics
The question asks which of the following metrics would best help the team evaluate these factors is it RPO and RTO mttf mttr SLA. The answer is RPO and RTO (Recovery Point Objective and Recovery Time Objective).
Question 47: VPN Configuration for Remote Employees
The question asks which VPN configuration would best achieve this split full tunnel VPN VPN with IP secer site to site. The answer is split VPN.
Question 48: Configuration for Switchboard to Connect
The question asks which of the configuration would be most appropriate for the switchboard to connect is it it enabled Port Marin configur a port as a trunk Port configure as an access port disabled Port security. The answer is configure as an access port.
Question 49: Distribute Traffic Across Multiple Servers
The question asks which of the following Technologies would best meet this vland port Marin trunin or load balancer. The answer is load balancer.
Question 50: Troubleshooting Methodology
The question asks what step of the troubleshooting methodology is the administrator currently performing. The answer is identifying the problem.
Question 51: Ports to Disable to Enhance Security
The question asks which of the following ports should the administrator consider disabling to enhance security. The answer is 21 and 23.
Question 52: Identify the Port on the Switch
The question asks which of the following method would best help the administ identifi the port on the switch review the switch Mac address table run a packet capture in workstation use port maror reboot the workstation. The answer is review the switch Mac address table.
Question 53: Identify the Correct Port
The question asks which of the following would best help the technician identify the correct Port now you have a variety of protocols here if even if you don't know the answer truly this is a very unique protocol and. The answer is lldp (Link Layer Discovery Protocol).
Question 54: Fiber Optic Cable
The question asks which of the following fiber optic cable is most likely being use multi mode single mode copper or coax. The answer is multi mode.
Question 55: Technologies Associated with an x.509
The question asks which technology issu an x.509 certificates and that is is a pki or a public key infrastructure. The answer is pki (Public Key Infrastructure).
Question 56: Port Numbers for Encrypted Logins
The question asks which of the following port numbers should the administrator use for encrypted logins 23 161 22 or 80. The answer is 22.
Question 57: Identify the Path the Traffic is Taken
The question asks what command do you use so if you want to identify so if you go to the command promp right now on a Windows machine and you use the command trace route space Google or as we say in Windows Tracer space google.com it'll tell you the path and all the routers it is taken. The answer is trace route.
Question 58: Data Transmission Methods
The question asks which of the following data transmission methods is designed to send a single packet to a specific recipient out of many potential receivers unicast broadcast ARP and multicast. The answer is unicast.
Question 59: Transmission Method
The question asks which of the following transmission method would best ensure that only the subscriber receives the video so in this one it's one server sending out to many not all the devices so in this particular one you would have a unicast which is a on to many connection unicast is one to one broadcast is one to all the people on the network and tcp's transmission control protocol this allows you to check and re check the uh any kind of errors in the packet error connection remember TCP is generally compared to UDP that's not what they're talking about here. The answer is multicast.
Question 60: Virtual Machines to Communicate Across Different Networks
The question asks which of the following Technologies is better allow the administrator to implement the router in the hypervisor not n NV nfv VLAN trunkin or Bridging the virtual lick Nick. The answer is nfv (Network Functions Virtualization).
Question 61: Secondary Site
The question asks which of the disasters St would meet this cold warm hot clown backup. The answer is hot sight.
Question 62: Maximum Termal Disposition
The question asks which of the following setups should the manager Implement if the terminal can't pronounce that word is the highest concern by the way don't laugh at me guys don't don't laugh I'll be honest with you guys I didn't I learned how to speak correct directly until I was about uh in fifth grade fourth grade all right so I had to take special education classes and that a speech impediment for most of my uh for not most of my life but since I was very young so onto today it's kind of hard to pronounce certain words for me uh but 99% of my vocabulary is good now just took a while to get there all right so let's go back to this we're talking about they're looking at a data center server room and they want to make sure that they manage heat correctly now what is the highest concern hot aisle cold aisle configuration active passive configuration red aisle blue aisle North Side Southside. The answer is hot aisle cold aisle configuration.
Question 63: Lost Connection to the Telephone System
The question asks which of the following troubleshooting steps should it perform first so remember keyword is first upgrade the firware on the network switches perform it fact for a reset on the vi System review the call logs on the vi server check the physical connection on the phone. The answer is check the physical connection on the phone.
Question 64: Fiber Patch Panel
The question asks which of the following connectors is most likely to be used on the fiber patch panel RJ45 LC BNC DB9. The answer is LC.
Question 65: DNS Records
The question asks what type of DNS record should the administrator use now if you took the course we did create one of these records you must first have an a record for it and then you're going to create an alias record also known as a cname record or chronological name this is mail server this points the domain to an IP or computer to IP a pointer record is a reverse of the a record this is an IP to a name versus name to IP so C name or Alias. The answer is cname.
Question 66: Consistent IP Address
The question asks which of the following should the administrator configure to ensure the file server has a consistent IP address. The answer is reservation.
Question 67: Microwave
The question asks which of the following frequency bands is most likely affected by microwave so basically which one of these things is most likely affected by microwave signals if you study Wireless you already know when it comes to wireless we're not talking things like phones and stuff like that um is 2.4 2.4 is heavily affected in fact if you're in a big building right now you live an apartment building uh use the 5 GHz Spectrum you'll generally know there's less interference H it you should get basically a better connection uh on that so go with 5 GHz but they want something that's what's effective at microwave and six we're not going to 2.4 is a lot then everything else is generally okay. The answer is 2.4 GHz.
Question 68: High Availability and Full Tolerance
The question asks which of the following topologies would best meet the company's requirement so in this one they're looking at if one of the connection fails they can still communicate so which one has redundant connection well a star is one connection a bus is also one connection a mesh has redundant connection as everything connects to everything and a ring is actually if a connection feel FS a ring the entire ring can drop. The answer is mesh.
Question 69: Simple and Costeffective Network
The question asks which of the following topologies should the business choose star mesh star ring and boss now you notice it particularly says here that we want a centralized switch so if you're using a central switch you want to make sure that you implement a our Network a mesh is when all devices connect to each other a ring does not use a centralized switch and a bus basically has a single cable and people uh go off the cable best answer here is a star Network now all the networks that we have set up today especially on wired Network I'm talking about almost all of it is basically star networks the only time you really use a mesh is when you have like Wang connections connecting multiple sites together. The answer is star.
Question 70: Unusual Traffic on the Network
The question asks which of the following is most likely occurring VLAN Hopton Mac flood and Arps proof and dhp starvation now we want to review a couple things from the question the packets are tagged with multiple Network tags and they're trying to manipulate segmentation so with that in mind what they're trying to do is hop the VLAN so generally when you segment to network with vlans one of the best ways to segment network is with vlans traffic from VLAN a should never enter traffic in VLAN B unless they start tagging the traffic and confusing the switch what they're doing is they're hopping over they're allowing what I said you shouldn't do you shouldn't go from A to B unless the administrator allows it so VLAN hoopen it's a kind of an attack where they're basically getting data and sending data across multiple networks or across the different vlans this is not Mac flooding this is flooding the cam table or the or the MAC address tables uh ARB spoofing this is changing Mac addresses on on the Mac address table on this is changing the IP to MAC address tables that's that's the AR table datp starvation is when they suck up all the datp server addresses so no one get gets any any particular address. The answer is VLAN Hopton.
Question 71: Prioritize Traffic Based on Its Type
The question asks which of the following techniques should the engineer Implement to prioritize web to prioritize traffic based on its type now you want to remember that when you implement vo in a network that voice quote unquote voice data is going to compete with normal data dat or data data so for example in your network right now you may be surfing the internet downloading the file watching watching some movies but then you pick up on your phone you got a viip call and you want to make sure that when somebody has a viip call going on there is no delay of packets it's okay to download a file and wait for the packets to arrive not as quick or not instant but it is not acceptable for your voice to be broken up so we want to prioritize our voice data over our data data the protocol that allows us to do that is
