CompTIA Network+ (N10-009) Practice Questions

This option is incorrect as managing network security policies is typically handled by a firewall or security appliance, not a DHCP server.

This option is incorrect because providing wireless access points is a function of wireless access point hardware, not related to DHCP servers.

This option is incorrect since routing network traffic is the responsibility of routers, not DHCP servers.

UDP (User Datagram Protocol) is also a transport layer protocol, but it is not the only option, and therefore not the only correct answer here.

HTTP (Hypertext Transfer Protocol) operates at the application layer, not the transport layer, and thus is incorrect.

IP (Internet Protocol) operates at the network layer of the OSI model, so it is not a transport layer protocol and is incorrect.

This describes network aggregation, not subnetting.

This relates to network performance but does not define subnetting.

Random assignment of IP addresses does not relate to the structured approach of subnetting.

A switch operates at the data link layer and connects devices within the same network but does not route traffic between different networks.

A hub is a basic networking device that connects multiple computers in a network but does not have the capability to route traffic between networks.

A modem is used to modulate and demodulate signals for internet access but does not connect multiple networks or route traffic between them.

The 5 GHz frequency band is less prone to interference, making this option incorrect.

The 900 MHz frequency band is not commonly used in modern wireless networks, making this option incorrect.

The 60 GHz frequency band is typically used for high-speed data transfer over short distances, not commonly used in general wireless networks.

The maximum length for a standard Ethernet cable is actually 100 meters, not 50 meters.

Ethernet cables cannot exceed 100 meters in length; 150 meters would lead to signal loss.

A length of 200 meters is beyond the maximum allowed for Ethernet cables, leading to performance issues.

VLANs do help in managing broadcast domains, but this is not the only or primary benefit.

While VLANs can aid in management, stating this alone does not capture the main advantages of VLANs.

VLANs typically lead to cost savings by optimizing existing infrastructure rather than increasing costs.

In a ring topology, devices are connected in a closed loop, not to a central hub.

In a bus topology, all devices share a single communication line, not a central hub.

In a mesh topology, devices are interconnected in a way that allows for multiple pathways, not relying on a central point.

'traceroute' is used to trace the path packets take to a network host, but it does not test reachability directly like 'ping'.

'nslookup' is used for querying DNS to obtain domain name or IP address mapping, not for testing reachability.

'netstat' is used for network statistics and does not test the reachability of a host.

This does not describe a man-in-the-middle attack, which involves intercepting communication rather than infecting a single device.

While man-in-the-middle attacks can occur over wireless networks, they are not limited to them, making this description incorrect.

Phishing is a different type of attack that typically involves tricking users into providing sensitive information, not intercepting communication.

This option is incorrect because the OSI model does not focus on speed but on standardization of communication.

This option is incorrect as the OSI model's primary focus is on standardizing communication rather than providing security measures.

This option is incorrect since the OSI model is not concerned with hardware resource management but with communication protocols.

Stateful firewalls maintain the state of active connections and filter traffic based on the state of the connection, rather than solely on IP addresses.

Application-layer firewalls inspect traffic at the application level and are not focused on filtering based on network layer IP addresses.

Circuit-level gateways operate at the session layer and manage connections but do not filter traffic based on IP addresses at the network layer.

A network switch does not function as a firewall; its purpose is to facilitate communication within a network.|

A network switch does not amplify signals; it operates at the data link layer to switch data between devices.|

A network switch typically does not provide wireless connectivity; that function is performed by a wireless access point.

Dynamic IP addresses can be private or public, but they are not specifically assigned to private networks.

Static IP addresses can also be private or public, and do not exclusively denote private network addresses.

Loopback addresses are used for testing and communication within the same device, not for devices on a private network.

FTP (File Transfer Protocol) is not secure as it transfers data in plain text, making it vulnerable to interception.

HTTP (Hypertext Transfer Protocol) is used for transferring web pages and is not secure; it does not encrypt data during transmission.

TFTP (Trivial File Transfer Protocol) is a simple protocol for transferring files but does not provide security or encryption.

This statement is incorrect as NAT does not inherently block traffic; it translates addresses and can allow or deny traffic based on configuration.

This is incorrect because NAT does not perform encryption; it is focused on address translation rather than securing data.

This is incorrect as NAT does not inherently increase data transfer speeds; it mainly serves the purpose of address translation.

The maximum number of hosts in a /24 subnet is 254, not 255.

The number of hosts in a /24 subnet is not 512; it is limited to 254 usable addresses.

A /24 subnet does not limit the number of hosts to 128; it allows for a maximum of 254 usable addresses.

Caching web content can improve load times but is not the primary use case for a proxy server.

While remote access can be facilitated by a proxy, it is not a common use case.

Blocking websites is a function of some proxy servers, but it is not the primary or most common use case.

In a star topology, all devices are connected to a central hub or switch, not to each other directly.

In a bus topology, all devices share a single communication line, which does not provide direct connections between them.

In a ring topology, devices are connected in a circular fashion, with each device connected to two others, not to every device directly.

This statement is incorrect because the MTU is not used for error checking; it is about packet size.

This statement is incorrect because the MTU directly affects how efficiently data is transmitted over a network.

This is incorrect as the MTU is relevant for both wired and wireless networks and affects all types of data transmission.

This is incorrect as a VPN typically can reduce internet speed due to encryption overhead.

While a VPN can enhance privacy, it does not inherently block malware.

This is incorrect; managing network traffic is not a primary function of a VPN.

The Application Layer does not handle encryption; it is primarily focused on application-level protocols and user interfaces.

The Transport Layer is responsible for end-to-end communication and data flow control, not encryption.

The Network Layer deals with routing and forwarding data packets, but does not involve encryption and decryption processes.

Fiber optic cables are less affected by electromagnetic interference, but this is not their main advantage over copper.

While fiber optic cables are generally more durable and lightweight than copper, this is not the primary reason for their advantage in networking.

Copper cables tend to be more cost-effective for short distances, making this statement incorrect regarding the main advantage of fiber optics.

IMAP (Internet Message Access Protocol) is used for retrieving and managing emails, not for sending them.

POP3 (Post Office Protocol) is also used for retrieving emails from a server, not for sending them.

FTP (File Transfer Protocol) is not used for email transmission, but rather for transferring files between computers.

The term 'Single Service Identifier' is not a recognized term in wireless networking.

'Standard Set Identifier' is incorrect as it does not accurately describe SSID.

The term 'Secure Service Identifier' is misleading and does not reflect the actual meaning of SSID.

A router directs traffic between networks but does not translate domain names into IP addresses.

A firewall is used for network security, filtering incoming and outgoing traffic, not for translating domain names.

A switch operates at the data link layer to connect devices within a network but does not translate domain names into IP addresses.

A private IP address is not accessible over the internet, but it is still used within local networks, which is the opposite of what public IP addresses do.

Public IP addresses are routable over the internet, while private IP addresses are not, making this statement incorrect.

Both public and private IP addresses can be dynamic; this statement is misleading.

The 'netstat -r' command is used to display the routing table on Unix-like systems, but not specifically for Windows.

The 'ipconfig' command is used to display network configuration details, not the routing table.

The 'tracert' command is used to trace the path of packets to a destination, not to display the routing table.

This describes the function of a router, not a network bridge.

This is a function of a network repeater, not a bridge.

This describes the function of a wireless access point, not a network bridge.

This option does not accurately represent the acronym QoS.

This option misrepresents QoS, confusing it with security concepts.

This option does not relate to the meaning of QoS in networking.

This option describes caching but does not capture the primary role of a proxy server.

This option misrepresents the function of a proxy server, which does not provide direct access but rather manages requests.

While some proxies can offer encryption, this is not their primary role; their main function is to act as intermediaries for traffic management.

SNMP (Simple Network Management Protocol) is used for network management, not time synchronization.

HTTP (Hypertext Transfer Protocol) is used for transferring web pages, not for time synchronization.

FTP (File Transfer Protocol) is used for transferring files, not for time synchronization.

Latency is not about the speed of transfer but rather the time it takes for data to reach its destination.

This describes bandwidth, not latency.

This concept relates to network traffic and packet rate, not latency.

A router operates at Layer 3 of the OSI model, dealing with IP addresses rather than MAC addresses.

A hub operates at Layer 1 of the OSI model and does not forward frames based on MAC addresses.

While a bridge also operates at Layer 2, it is not as commonly used for frame forwarding as a switch.

This describes a function of a transceiver, not a repeater.

While filtering can be a part of signal processing, it is not the primary function of a repeater.

This function is typically performed by a bridge or a router, not a repeater.

Netstat is a command-line tool that provides information about network connections, but it does not analyze traffic in detail like Wireshark.

Ping is used to test the reachability of a host on a network, but it does not analyze network traffic or diagnose issues in the same way as Wireshark.

Traceroute is useful for diagnosing the path packets take to reach a destination, but it does not analyze traffic or provide detailed packet information like Wireshark.

UDP does not establish a connection, making it connectionless and potentially less reliable than TCP.

This statement is incorrect as TCP is connection-oriented while UDP is connectionless, having different transmission methods.

While TCP may be slower due to its connection-oriented nature, it is not accurate to say it's faster, as UDP is generally faster due to lack of connection setup and error correction.

Improving internet speed is not the primary function of a DMZ, making this answer incorrect.|

No security measure can eliminate all threats entirely; the purpose of a DMZ is to reduce risk, not eliminate it.|

A DMZ is not primarily designed for backup purposes; it focuses on security and access control.

This option does not correctly define the acronym 'VPN.'

This option incorrectly modifies the acronym 'VPN' and does not represent its actual meaning.

This option is incorrect as it does not represent the function or definition of a VPN.

This type of attack involves intercepting and altering communication between two parties, not overwhelming a service.

Phishing attacks are designed to trick users into revealing sensitive information, not to overwhelm networks or services.

A Brute Force attack is aimed at gaining unauthorized access by trying various combinations, rather than overwhelming a network.

This is incorrect because an access point does not enhance wired connections, it enables wireless connectivity.

This is incorrect as firewalls are separate security devices, not functions of access points.

This is incorrect since while it may handle some traffic management, it does not specifically manage bandwidth itself.

ARP is used for mapping an IP address to a MAC address, not for obtaining an IP address.

ICMP is used for error messaging and operational queries, not for obtaining IP addresses.

FTP is used for transferring files over a network, not for obtaining IP addresses.

This statement is incorrect; usually, unmanaged switches are less expensive due to their lack of advanced features and capabilities.

Unmanaged switches do not support remote configuration, which is a key feature of managed switches.

This is incorrect; managed switches are generally used in enterprise environments, while unmanaged switches are often used in home or small office setups.

The Network Layer is primarily responsible for routing and forwarding packets, not ensuring reliable data transfer.

The Data Link Layer deals with node-to-node data transfer and error detection, but it does not provide end-to-end reliability.

The Application Layer is responsible for providing network services to applications, not for ensuring reliable data transfer.

The localhost address is an alias for the loopback address but does not describe its purpose.

Public IP addresses are used for external communication, not for testing or routing traffic back to the device.

A subnet address is used to identify a subnetwork but does not relate to the concept of a loopback address.

Coaxial cables are better than twisted pairs but still not as effective as fiber optics regarding speed and interference.

Twisted pair cables are more susceptible to electromagnetic interference than fiber optic cables, making them less ideal for high-speed internet connections.

While Ethernet cables can be used for high-speed internet, they are typically copper cables and thus more susceptible to interference than fiber optic cables.

A network aggregator does not typically store data; its main role is to consolidate and manage data streams for transmission.

While security may be a consideration, encryption is not the primary function of a network aggregator.

Routing is not a primary function of a network aggregator; its main role is to aggregate data streams.

Multicast addresses are used for groups of recipients, not a single recipient.

Anycast addresses are assigned to multiple interfaces, but packets are routed to the nearest one, not a single recipient.

IPv6 does not have a broadcast address type; it uses multicast instead.

This is not a recognized term in the context of routing protocols.

This is not an accurate definition of RIP in routing.

This term does not exist in the context of routing protocols.

The main purpose of NAC is focused on security and access control, rather than directly optimizing user experience.

While monitoring network traffic can be a function of network management, it is not the primary purpose of implementing a NAC solution.

Compliance can be a benefit of NAC, but the main purpose is to control access to the network itself.

This is not the role of a topology diagram, which focuses on the arrangement of components rather than their performance.

While it may show devices, its primary purpose is to illustrate their connections rather than just listing them.

Although a topology diagram can help in assessing vulnerabilities, its main purpose is to represent the network structure, not to identify security issues.

HTTP is a protocol for transferring data but does not secure that data.

FTP (File Transfer Protocol) is used for transferring files and does not provide secure communication.

SMTP (Simple Mail Transfer Protocol) is used for sending emails and does not inherently secure connections.

Long lease times can lead to potential IP conflicts and inefficient use of IP addresses in a dynamic environment.

This statement is incorrect as lease time directly affects how IP addresses are assigned and recycled, impacting overall network efficiency.

This statement is incorrect because DHCP lease time is relevant for both wired and wireless connections, affecting how IP addresses are managed across the entire network.

A records are used to point a domain to an IP address, not to alias one domain to another.

MX records are used for mail exchange servers and do not serve the purpose of aliasing domain names.

TXT records are used to store text information for various purposes and do not alias domain names.

This option is incorrect as it misstates the acronym's meaning.

This option is incorrect as it misstates the acronym's meaning.

This option is incorrect as it misstates the acronym's meaning.

This option is incorrect because a load balancer does not primarily focus on data storage; its main function is traffic distribution.

While security is important in networking, end-to-end encryption is not the main function of a load balancer.

Although load balancers can monitor server health, this is a supportive function and not their main purpose, which is traffic distribution.

'ifconfig' is primarily used in Unix/Linux systems, but it is not available by default in Windows.

'ping' is used to test connectivity to a network host and does not display IP configuration.

'traceroute' is used to trace the path packets take to a network host, not for displaying IP configuration.

A CDN primarily focuses on delivering content efficiently, while encryption is typically handled by other protocols or services.

While a CDN can help manage traffic, its main role is to cache and deliver content rather than increase server capacity directly.

This is incorrect because CDNs can deliver various types of content, including images, scripts, and other web assets, not just video.

An IDS primarily detects and alerts on potential intrusions but does not actively prevent unauthorized access like a firewall does.

A proxy server acts as an intermediary for requests from clients seeking resources from other servers, but it does not inherently prevent unauthorized access.

A VPN encrypts internet connections to secure data transmission, but it does not monitor traffic for unauthorized access like a firewall does.

Enhancing network speed is not a purpose of STP; it primarily focuses on preventing loops.

While STP can help maintain redundancy, its primary purpose is to prevent loops in the network.

Managing IP address allocation is not related to STP; this is typically handled by protocols like DHCP.

End-to-end communication is primarily the function of the Transport Layer.

Routing of packets is managed by the Network Layer, not the Data Link Layer.

Encryption is typically handled at higher layers, not specifically by the Data Link Layer.

WEP does not use a pre-shared key for authentication and is considered outdated and insecure.

WPA3 uses a more advanced method for authentication, which is not based solely on a pre-shared key.

WPA2-Enterprise uses an authentication server and is not based on a pre-shared key.

A NIC does not affect the processing speed of a computer; it is used for network connectivity.

A NIC does not provide storage; it is specifically designed for network communication.

While a NIC can play a role in security, its primary function is to facilitate networking, not to manage security.

HTTP is primarily used for transferring web pages and is not suitable for real-time messaging in chat applications.

SMTP (Simple Mail Transfer Protocol) is used for sending emails, not for real-time messaging in chat applications.

While WebSocket is used for real-time communication, it is not specifically a protocol designed for chat applications like XMPP is.

ARP is not used for routing; it operates at the local network level to resolve addresses.

ARP does not encrypt data; it simply resolves addresses for packet delivery.

ARP is not related to congestion control; its function is strictly for address resolution.

Ring topology connects all devices in a circular format, which is different from star-bus.

Mesh topology connects each device to every other device, which is not the same as star-bus.

Tree topology is a hierarchical structure, not a combination of star and bus topologies like star-bus.

This is not the primary function of a MAC address table; switches operate at the data link layer and primarily deal with MAC addresses within the same network.

The MAC address table does not monitor speed; it simply stores addresses to facilitate frame delivery.

While switches can have security features, the MAC address table itself does not block devices; it only tracks connected MAC addresses.

Ping is used to test the reachability of a host on a network, not to trace the route.

Netstat is used for network statistics and to display network connections, not to trace routes.

The route command is used to view and manipulate the IP routing table, not to trace packet routes.

P2P networks are defined by their lack of a central server, operating instead on a decentralized model.

P2P networks can scale well as more peers join, unlike centralized networks which can face bottlenecks.

P2P networks often face security challenges due to their decentralized nature, which can be exploited.

Stateful firewalls are generally considered more secure as they can make informed decisions based on the state of the connection.

Stateful firewalls can work with various protocols, not just TCP.

Stateless firewalls do not maintain session tables; they inspect each packet in isolation.

This statement describes data encryption, not the role of an IDS.

This function is typically performed by a firewall, not an IDS.

While an IDS does log activity, its primary role is detecting suspicious behavior rather than just logging.

SSL is used to secure communications but does not create a private network; instead, it secures data in transit.

Firewalls are used to monitor and control incoming and outgoing network traffic but do not create private networks.

Encryption secures data but does not establish a private network; it protects information rather than creating a connection.

A hub does connect devices, but this statement does not highlight the key difference in data transmission between a switch and a hub.

While a switch operates at the data link layer, this statement does not directly address the difference in data transmission.

This statement is incorrect; a switch is generally more efficient than a hub because it reduces network traffic by sending data only to the intended recipient.

Binary Gateway Process is not a recognized term in networking and does not relate to BGP's function.

Basic Gateway Protocol is incorrect terminology; it does not accurately describe BGP.

Broadband Gateway Protocol is not related to BGP and does not reflect its purpose in routing.

Wi-Fi 4 does support 5 GHz but is not as efficient in data rates as Wi-Fi 5.

Bluetooth operates at a different frequency (2.4 GHz) and is not primarily designed for high data rates like Wi-Fi standards.

While Wi-Fi 6 also operates at 5 GHz and supports higher data rates, the question specifically asks for the standard, which is Wi-Fi 5 (802.11ac).

Link aggregation does not primarily aim to reduce latency; its main focus is on bandwidth and redundancy.

While link aggregation may aid in management, its primary purpose is not simplification but rather increasing bandwidth and reliability.

Link aggregation does not involve increasing the number of IP addresses; it focuses on combining connections for better performance.

A dynamic IP address is indeed assigned by a server, but it is not the correct answer to the question about the difference between the two types.|

This statement is incorrect because static IP addresses can be used for any device that requires a permanent address, not just mobile devices.|

This is incorrect; security is not inherently tied to whether an IP address is static or dynamic.

The Transport Layer (Layer 4) is responsible for end-to-end communication and flow control, not session management.

The Network Layer (Layer 3) deals with the routing of data packets between devices, not managing sessions.

The Presentation Layer (Layer 6) is responsible for translating data formats and encryption, but does not manage sessions.

Network monitoring is a part of security management but does not define access control rules.

Bandwidth management is a separate function and not the primary purpose of network policies in NAC systems.

Encryption is important for securing data, but it is not the main role of network policies in a NAC system.

Blocking unwanted traffic is not the primary function of a caching proxy, which focuses on storing and delivering cached content.

While proxies can provide anonymity, this is not related to their function in caching web content.

Data compression is not a function of caching proxies; their main role is to store and deliver cached content.

This is not the main role of a DNS server; email traffic management is handled by mail servers using MX records.

DNS does not provide encryption; it's primarily for resolving domain names, while encryption is handled by protocols like HTTPS.

DNS servers do not host websites; they only resolve domain names to the IP addresses of the servers that host the content.

This type of network does not use a central server; instead, each device can act as both a client and a server.

A mesh network consists of interconnected devices that communicate directly with each other, without a central server.

A bus network connects all devices to a single communication line without a centralized management system.

A routing table does not manage firewall rules; it focuses on routing data packets.

A routing table does not store all IP addresses; it only contains routes to various networks.

This process is handled by DNS, not the routing table.

A switch operates primarily at Layer 2 and is used for switching frames within the same network segment, not routing between networks.

A hub is a Layer 1 device that transmits data packets regardless of their destination and does not perform any routing.

A bridge operates at Layer 2 and is used to connect two or more network segments, but it does not route between different networks.

Encryption is not a function of an ACL; it is primarily concerned with traffic filtering.

Monitoring performance is not the role of an ACL; it focuses on access control rather than performance metrics.

IP address assignment is the responsibility of DHCP, not ACLs, which are used for access control.

Telnet is an insecure protocol that does not encrypt data, making it unsuitable for secure remote administration.

RDP is primarily used for remote desktop access rather than general system administration and management of devices.

SNMP is used for network management and monitoring rather than direct remote system administration.

This statement is incorrect as 802.1X is focused on network access control, not encryption.

This is incorrect; 802.1X does not relate to internet speed but rather to authentication for network access.

This statement is incorrect as 802.1X is for authentication and security, not for performance enhancement.

XSS attacks focus on injecting malicious scripts into web pages, rather than exploiting vulnerabilities in the database itself.

DoS attacks aim to make a service unavailable but do not exploit web application vulnerabilities for unauthorized access.

Session Hijacking involves stealing session tokens but does not specifically exploit vulnerabilities in web applications to gain access.

ICMP is not used for transmitting user data; it focuses on error reporting and network diagnostics.

ICMP does not establish connections; it is used for error reporting and network information.

ICMP does not provide encryption; its function is related to error messages and network diagnostics.

A unicast address identifies a single device, not all devices on the local network.

A multicast address targets a specific group of devices, not all devices on the local network.

A subnet address identifies a range of addresses within a network, but does not specifically identify all devices.

A gateway does not serve the purpose of data storage; it facilitates communication between different networks.|

This is incorrect; a gateway connects different networks, while a switch connects devices within the same network.|

While security may be a function of some gateways, their primary role is not encryption but enabling interoperability between networks.|

SSL (Secure Sockets Layer) is a predecessor to TLS but is not used as a standalone protocol for securing HTTP traffic today.

FTP (File Transfer Protocol) is used for transferring files and does not secure HTTP traffic.

SMTP (Simple Mail Transfer Protocol) is used for sending emails, not for securing HTTP traffic.

A static IP address is manually configured, not assigned through APIPA.

APIPA addresses are not routable on the internet and cannot serve as gateways.

APIPA is not related to network security; it simply facilitates local communication.

This is not a recognized term in wireless networking; it does not define SSID.

This is incorrect as SSID does not refer to a 'Secure Signal Identifier.'

This is not the correct definition of SSID in the context of wireless networking.

A star network connects all devices to a central hub, which can create a single point of failure.

A bus network relies on a single central cable, making it less reliable compared to a mesh topology.

A ring network connects devices in a circular fashion, but if one connection fails, it can disrupt the entire network, unlike a mesh network.

This is incorrect because VLANs do not inherently increase data transmission speeds; they primarily serve to organize and manage network traffic.

While redundancy can be a feature of a well-designed network, it is not the main purpose of VLANs.

Although VLANs can help with management by segmenting networks, their main purpose is specifically to separate broadcast domains.

SMTP (Simple Mail Transfer Protocol) is used for sending emails, not for time synchronization.|

HTTP (Hypertext Transfer Protocol) is used for transferring web pages, not for time synchronization.|

FTP (File Transfer Protocol) is used for transferring files, not for time synchronization.|

This statement is incorrect because 'ping' can be used on both local and wide area networks to check connectivity.

This is incorrect; 'ping' measures latency, not bandwidth.

This is false, as 'ping' does not provide hardware information, only connectivity status.

The acronym 'NAT' does not stand for that, and it is not related to the concept described.

The acronym 'NAT' does not stand for that, and it is not related to the concept described.

The acronym 'NAT' does not stand for that, and it is not related to the concept described.

The Transport Layer is responsible for end-to-end communication and data flow control, not routing between networks.

The Data Link Layer is responsible for node-to-node data transfer and error detection/correction in the physical layer, not routing.

The Application Layer is focused on application-level protocols and interfaces, not on routing packets between networks.