CompTIA N10-009 CompTIA Network+ Certification Exam Practice Test

Page: 1 / 14
Total 272 questions
Question 1

Which of the following typically uses compromised systems that become part of a bot network?



Answer : B

A DDoS (Distributed Denial of Service) attack is often launched from botnets --- networks of compromised systems (bots or zombies) under the control of an attacker. These devices flood the target with traffic to disrupt services.

A . Evil twin attack is a wireless spoofing method.

C . XML injection targets web applications.

D . Brute-force attacks repeatedly guess passwords but don't involve a botnet by default.


Question 2

A technician is implementing a new SD-WAN device with a default configuration. The technician receives a URL via email and connects the new device to the internet to complete the installation. Which of the following is this an example of?



Answer : B

This process describes Zero-touch provisioning (ZTP), where a device automatically pulls its configuration from a cloud controller or URL once connected to the internet. It's common in SD-WAN and modern network appliances.

A . SASE (Secure Access Service Edge) refers to cloud-delivered network security, not a provisioning method.

C . Infrastructure as code automates infrastructure deployment using code, but this scenario specifically fits ZTP.

D . Configuration management tracks and maintains system configurations but doesn't describe the installation process.

Reference:

CompTIA Network+ N10-009 Official Objectives: 4.3 -- Explain remote access methods and automation.


Question 3

Which of the following VPN types provides secure remote access to the network resources through a web portal?



Answer : B

Clientless VPNs allow users to access network resources through a secure web portal using a browser, with no VPN software needed. This is ideal for occasional access to internal resources via HTTPS.

A . Proxy is a gateway for accessing web content, not a VPN.

C . Site-to-site VPN connects entire networks, not individual users.

D . Direct Connect usually refers to dedicated cloud connections, not VPNs.


Question 4

A company is expanding to another floor in the same building. The network engineer configures a new switch with the same VLANs as the existing stack. When the network engineer connects the new switch to the existing stack, all users lose connectivity. Which of the following is the MOST likely reason?



Answer : D

This describes a Spanning Tree Protocol (STP) loop. If STP isn't correctly configured or a redundant link is added without STP protection, it causes broadcast storms and network outages.

A . Unused ports disabled would not affect the entire network.

B . Missing default gateway on a switch doesn't cause total network loss.

**C. Connecting a switch to an access port can cause VLAN mismatches, but not total connectivity loss unless a loop forms.

Reference:

CompTIA Network+ N10-009 Official Objectives: 3.6 -- Explain the characteristics of network topologies and types.


Question 5

A network technician receives a new ticket while working on another issue. The new ticket is critical to business operations. Which of the following documents should the technician reference to determine which ticket to complete first?



Answer : C

An SLA (Service Level Agreement) defines performance expectations, including response time, prioritization, and resolution time for services and support issues. It helps the technician determine which task has higher priority based on business impact.

A . NDA (Non-Disclosure Agreement) relates to confidentiality, not task prioritization.

B . AUP (Acceptable Use Policy) defines user behavior, not issue handling.

D . MOU (Memorandum of Understanding) outlines informal agreements and doesn't define ticket priorities.

Reference:

CompTIA Network+ N10-009 Official Objectives: 4.1 -- Compare and contrast common documentation types.


Question 6

A network engineer is setting up a new VoIP network for a customer. The current network is segmented only for computers and servers. No additional switch ports can be used in the new network. Which of the following does the engineer need to do to configure the network correctly? (Select TWO).



Answer : B, D

To support VoIP on the same physical ports used by computers:

B . Enable 802.1Q: This standard supports VLAN tagging, allowing voice and data traffic to share the same port using separate VLANs.

D . Set up voice VLANs: Separating voice traffic into its own VLAN improves QoS and manageability.

Other options are not directly related to configuring VoIP over existing ports:

A . Network translation definitions (NAT) are unrelated to switch-level VLAN configuration.

C . Routing protocols are not necessary at the switch level for VLAN setup.

E . DNS is not required for the switch or VLAN setup.

F . Perimeter network (DMZ) is used for public-facing servers, not VoIP VLANs.

Reference:

CompTIA Network+ N10-009 Official Objectives: 2.3 -- Given a scenario, configure and verify VLANs.

CompTIA Network+ N10-009 Official Objectives: 3.6 -- Explain the characteristics of network topologies and types.


Question 7

A company discovers on video surveillance recordings that an unauthorized person installed a rogue access point in its secure facility. Which of the following allowed the unauthorized person to do this?



Answer : D

Tailgating is a physical security breach where someone follows an authorized person into a restricted area without proper credentials. Once inside, the attacker can install rogue devices like unauthorized APs.

A . Evil twin is a wireless attack where an attacker sets up a fake AP.

B . Honeytrap is used to attract attackers for analysis.

C . Wardriving involves scanning for unsecured Wi-Fi networks while driving, not physical intrusion.

Reference:

CompTIA Network+ N10-009 Official Objectives: 4.2 -- Identify common security threats and vulnerabilities.


Page:    1 / 14   
Total 272 questions