CompTIA  N10-009  Network+  Exam Dumps and Practice Test Questions Set 6 Q101-120

Visit here for our full CompTIA N10-009 exam dumps and practice test questions.

Question 101

A network engineer wants to prevent unauthorized devices from sending DHCP responses on a network. Which feature should be enabled?

A) DHCP snooping
B) Port security
C) STP
D) VLAN trunking

Answer: A) DHCP snooping

Explanation:

A) DHCP snooping is a security feature used on switches to ensure that DHCP messages are received only from trusted servers. When enabled, the switch intercepts DHCP messages and allows only responses from trusted sources, preventing unauthorized devices from assigning IP addresses to clients. This protects the network from rogue DHCP servers that could provide incorrect IP configuration, default gateways, or DNS servers, which can result in network attacks such as man-in-the-middle exploits or denial-of-service scenarios. The feature maintains a binding table mapping MAC addresses, IP addresses, and the associated switch port, which is used to validate traffic and enforce security policies. DHCP snooping also works in combination with IP Source Guard and Dynamic ARP Inspection to protect the network from malicious or misconfigured devices. By enforcing that only designated DHCP servers can respond to clients, DHCP snooping ensures network reliability, proper address allocation, and mitigates the risk of traffic interception. In large enterprise networks, this feature is essential for maintaining secure IP management and preventing unauthorized network access.

B) Port security restricts access to a switch port based on MAC addresses. While it can prevent unknown devices from transmitting traffic on a port, it does not prevent a rogue DHCP server from sending IP assignments. Port security enforces endpoint-level access control but does not validate the source of DHCP responses. Therefore, it cannot fully prevent unauthorized DHCP activity, making it insufficient for the scenario described.

C) STP (Spanning Tree Protocol) is designed to prevent loops in layer-two networks with redundant links. While it is critical for network stability, it does not validate DHCP messages or protect against rogue servers. STP controls the topology by selectively blocking or forwarding certain ports but provides no mechanism for securing IP address allocation, so it is not relevant to preventing unauthorized DHCP responses.

D) VLAN trunking allows multiple VLANs to be transported over a single link between switches. While essential for traffic segmentation, VLAN trunking does not enforce DHCP security or restrict unauthorized server responses. Trunking only defines which VLANs traverse a link; it does not control DHCP message validation or prevent rogue devices from distributing IP addresses.

DHCP snooping specifically enforces trust between clients and DHCP servers, blocks unauthorized responses, maintains a binding table for validation, and ensures proper network operation, making it the correct choice.

Question 102

A network administrator wants to combine multiple physical links between switches to increase bandwidth and provide redundancy. Which protocol should be implemented?

A) Link Aggregation Control Protocol (LACP)
B) VLAN
C) STP
D) Port security

Answer: A) Link Aggregation Control Protocol (LACP)

Explanation:

A) LACP enables multiple physical links between devices to be combined into a single logical interface. This increases bandwidth by distributing traffic across all member interfaces, improving throughput for high-demand connections such as server uplinks or inter-switch links. LACP also provides redundancy—if one link fails, the remaining links continue to carry traffic, maintaining connectivity and preventing downtime. LACP dynamically negotiates the aggregation between devices to ensure proper configuration and compatibility, reducing misconfigurations and ensuring consistent network operation. Additionally, it supports load-balancing algorithms based on MAC addresses, IP addresses, or sessions, optimizing traffic distribution. LACP is widely used in enterprise and data center environments where high availability, fault tolerance, and performance are critical. By using multiple links as a single logical channel, it achieves scalability, redundancy, and efficient utilization of available physical bandwidth.

B) VLANs logically segment network traffic into separate broadcast domains for isolation and security. While VLANs reduce broadcast traffic and improve management, they do not aggregate physical links or provide redundancy. VLANs focus on traffic segmentation rather than bandwidth optimization, so they do not address the requirement of combining links for higher throughput.

C) STP prevents loops in layer-two networks by selectively blocking redundant paths. While essential for stability in networks with redundant links, STP does not aggregate links or increase bandwidth. In fact, STP may block redundant paths that could otherwise carry traffic, which is contrary to the goal of link aggregation.

D) Port security limits which MAC addresses can connect to a switch port, preventing unauthorized devices from accessing the network. While it enhances security, port security does not provide link aggregation or increased throughput. It is focused on device-level access control rather than performance optimization, so it does not meet the requirements for combining physical links.

LACP is the only solution that combines multiple links for increased bandwidth while providing redundancy and dynamic negotiation, making it the correct choice.

Question 103

 A network engineer wants to capture traffic from specific switch ports to analyze performance and troubleshoot issues without affecting network operations. Which feature should be enabled?

A) SPAN/mirror port
B) VLAN trunking
C) STP
D) DHCP snooping

Answer: A) SPAN/mirror port

Explanation:

A) SPAN (Switched Port Analyzer) or mirror port allows a switch to duplicate traffic from designated source ports or VLANs to a monitoring port. This enables network engineers to capture traffic using tools like Wireshark without disrupting normal network operations. SPAN is valuable for troubleshooting, performance monitoring, and detecting anomalies or security threats. By passively copying traffic instead of interrupting it, SPAN ensures that users and applications are unaffected while administrators gain visibility into packet contents, flow patterns, and potential errors. SPAN can be configured for multiple source ports, VLANs, or both, providing flexible monitoring for specific segments of the network. This is particularly useful in environments with critical applications or high-density deployments where packet loss, latency, or congestion needs to be analyzed. Administrators can use SPAN for real-time or historical analysis, allowing them to isolate performance issues, optimize configurations, and maintain network stability while ensuring continuous operations.

B) VLAN trunking transports multiple VLANs over a single link between switches. While trunking enables logical segmentation and efficient traffic transport, it does not provide a mechanism for duplicating traffic to a monitoring port. Trunking is concerned with traffic delivery, not visibility or analysis, so it cannot be used for troubleshooting performance at the port level.

C) STP prevents loops in layer-two networks by selectively blocking redundant paths to maintain a loop-free topology. While critical for network stability, STP does not allow traffic to be copied for analysis. STP controls port states for loop prevention but does not provide monitoring capabilities, so it cannot meet the requirement for traffic capture.

D) DHCP snooping secures IP address assignment by validating messages from trusted DHCP servers. While important for protecting IP configurations, it does not provide general traffic visibility or allow packet capture for performance analysis. DHCP snooping is limited to DHCP traffic validation and does not offer the monitoring capabilities provided by SPAN.

SPAN or mirror ports allow passive traffic capture for analysis without interrupting operations, providing visibility, troubleshooting capabilities, and performance monitoring, making it the correct choice.

Question 104

A technician wants to reduce wireless interference and improve throughput for clients in a crowded office environment. Which action would be most effective?

A) Move clients to the 5 GHz band
B) Increase DHCP lease time
C) Enable Telnet on the access point
D) Reduce MTU size

Answer: A) Move clients to the 5 GHz band

Explanation:

A) The 5 GHz band provides more non-overlapping channels and experiences less interference than the 2.4 GHz band. In high-density environments, many devices share the 2.4 GHz spectrum, including cordless phones, microwaves, and neighboring Wi-Fi networks, causing co-channel and adjacent-channel interference. By moving clients to 5 GHz, administrators can reduce congestion, improve data rates, and enhance reliability for bandwidth-intensive applications like VoIP, video conferencing, and large file transfers. Although the 5 GHz band has shorter range due to higher frequency attenuation, careful access point placement ensures coverage while mitigating interference. Using 5 GHz allows for better channel reuse, improved client separation, and reduced packet collisions, directly addressing the root cause of slow wireless performance in crowded areas.

B) Increasing DHCP lease time reduces how frequently clients request IP addresses but has no impact on wireless signal quality, interference, or congestion. While useful for reducing DHCP traffic, it does not improve wireless throughput or RF performance in a dense environment.

C) Enabling Telnet on an access point allows remote configuration but does not affect the performance or interference experienced by wireless clients. Management protocols do not improve throughput or reduce RF congestion, making Telnet irrelevant to this scenario.

D) Reducing MTU size changes the maximum packet size that can be transmitted over the network. While MTU adjustments may reduce fragmentation, they do not address interference, congestion, or co-channel issues in wireless networks. MTU tuning alone will not significantly improve throughput in high-density areas.

Moving clients to the 5 GHz band directly reduces interference, increases available channels, and improves throughput, making it the correct choice.

Question 105

A network engineer needs to segment a network into smaller broadcast domains to improve performance and security. Which technology should be deployed?

A) VLANs
B) LACP
C) STP
D) Port security

Answer: A) VLANs

Explanation:

A) VLANs create logical broadcast domains within a physical network. Each VLAN isolates broadcast traffic, reducing unnecessary traffic and improving overall network performance. VLANs also enhance security by preventing devices in different VLANs from communicating unless explicitly routed or allowed by access control policies. For example, finance, marketing, and engineering departments can each have their own VLAN, preventing sensitive information from being accessible across departments. VLANs allow administrators to move devices between VLANs without rewiring physical connections, offering flexibility and scalability. They also enable the implementation of quality-of-service policies, traffic monitoring, and inter-VLAN routing for controlled communication. VLANs operate at the data-link layer, maintaining isolated broadcast domains while supporting centralized network management. This segmentation optimizes performance, reduces congestion, and ensures security in large-scale networks.

B) LACP aggregates multiple physical links to increase bandwidth and provide redundancy. While beneficial for throughput and fault tolerance, it does not create separate broadcast domains or isolate traffic between groups of devices. LACP optimizes link-level performance but does not segment networks, so it does not meet the requirement.

C) STP prevents loops in layer-two networks with redundant links. While essential for stability, it does not create broadcast domains or improve performance through traffic segmentation. STP ensures loop-free topology but does not isolate devices or control broadcast traffic.

D) Port security restricts access based on MAC addresses to prevent unauthorized devices from connecting. While important for endpoint security, it does not segment networks or reduce broadcast domains. Port security enforces access control but does not improve network performance through logical separation.

VLANs are the correct solution because they provide logical segmentation, reduce broadcast traffic, enhance security, and improve network performance, meeting the requirements of the scenario.

Question 106

A network engineer wants to prevent broadcast storms caused by redundant paths in a Layer 2 network. Which protocol should be implemented?

A) Spanning Tree Protocol (STP)
B) VLAN trunking
C) DHCP snooping
D) Port security

Answer: A) Spanning Tree Protocol (STP)

Explanation:

A) Spanning Tree Protocol (STP) is specifically designed to prevent broadcast storms in Layer 2 networks by detecting and managing redundant paths. In networks with redundant links, loops can form, causing frames to circulate indefinitely, which results in broadcast storms that degrade network performance and can potentially take down the network. STP dynamically identifies redundant paths and selectively places some ports in a blocking state while keeping others in forwarding mode. This ensures a loop-free topology while still providing redundancy in case of a link failure. STP recalculates the topology when changes occur, allowing traffic to reroute seamlessly if a primary path fails. By managing redundancy intelligently, STP ensures network stability and reliability without removing the benefit of backup paths. It operates at the data-link layer and integrates with VLANs to provide per-VLAN STP in larger networks, offering granular loop prevention while maintaining flexibility for network expansion and redundancy.

B) VLAN trunking allows multiple VLANs to be transported over a single physical link. While trunking is essential for logical network segmentation and efficient transport of multiple VLANs, it does not prevent loops or broadcast storms. Trunking facilitates communication between VLANs but has no mechanism to detect or block redundant paths, making it ineffective for loop prevention.

C) DHCP snooping validates DHCP messages from trusted servers and prevents rogue DHCP servers from assigning incorrect IP addresses. While this protects IP address allocation and prevents man-in-the-middle attacks via rogue DHCP servers, it does not detect loops or control redundant paths in the network. DHCP snooping secures Layer 3 IP assignments but does not operate on broadcast frames or manage Layer 2 topology.

D) Port security restricts access to switch ports based on known MAC addresses. While this prevents unauthorized devices from connecting, it does not prevent broadcast storms or manage redundant links. Port security protects endpoint access but has no role in topology management or loop prevention.

STP directly addresses the risk of broadcast storms by blocking redundant paths while maintaining redundancy for failover, making it the correct choice for ensuring network stability in Layer 2 networks.

Question 107

A network engineer wants to combine multiple physical links between two switches to increase bandwidth and provide redundancy. Which protocol should be implemented?

A) Link Aggregation Control Protocol (LACP)
B) VLAN
C) STP
D) Port security

Answer: A) Link Aggregation Control Protocol (LACP)

Explanation:

A) Link Aggregation Control Protocol (LACP) allows multiple physical links to be combined into a single logical interface, effectively increasing bandwidth by spreading traffic across all links. This aggregation improves throughput for high-demand applications such as server uplinks, data center interconnects, and backbone links. LACP also provides redundancy—if one physical link fails, the remaining links continue to carry traffic, preventing network downtime. LACP dynamically negotiates compatible links between devices and monitors the health of aggregated links, ensuring proper operation and reducing the risk of misconfiguration. Load-balancing algorithms within LACP optimize traffic distribution based on MAC addresses, IP addresses, or session information, maximizing efficiency and minimizing congestion. In enterprise networks and data centers, LACP is widely adopted to provide both increased performance and fault tolerance without requiring additional administrative overhead. By combining multiple physical links into one logical connection, LACP enhances bandwidth, ensures redundancy, and provides resilience in case of link failure.

B) VLANs provide logical segmentation of networks into separate broadcast domains. While VLANs improve security and reduce broadcast traffic, they do not increase link bandwidth or provide redundancy across physical interfaces. VLANs operate at Layer 2 to isolate traffic logically rather than optimizing link-level performance.

C) STP prevents loops in Layer 2 networks by selectively blocking redundant links. While it ensures a loop-free topology, it does not aggregate multiple links to increase bandwidth. In fact, STP intentionally blocks redundant paths, which is the opposite of the goal of link aggregation.

D) Port security limits access to switch ports based on known MAC addresses, preventing unauthorized devices from connecting. While enhancing security, port security does not provide additional bandwidth, combine links, or provide redundancy. It is focused on controlling device access rather than performance optimization.

LACP provides both increased bandwidth and redundancy while dynamically managing link health and traffic distribution, making it the correct choice.

Question 108

A network administrator wants to capture traffic from specific switch ports to troubleshoot network issues without disrupting operations. Which feature should be implemented?

A) SPAN/mirror port
B) VLAN trunking
C) STP
D) DHCP snooping

Answer: A) SPAN/mirror port

Explanation:

A) SPAN, or Switched Port Analyzer, allows traffic from selected switch ports or VLANs to be mirrored to a designated monitoring port. This enables network engineers to capture and analyze network traffic using tools like Wireshark without disrupting normal operations. SPAN provides visibility into packet flows, helps identify performance bottlenecks, detect malicious activity, and troubleshoot network connectivity issues. It supports monitoring multiple source ports or VLANs simultaneously, allowing comprehensive traffic analysis in complex network environments. By passively duplicating traffic, SPAN ensures users and applications are unaffected, making it suitable for high-availability networks. Administrators can analyze latency, packet loss, and traffic patterns to optimize network performance, plan capacity upgrades, or identify misconfigurations. SPAN is widely used in enterprise environments where maintaining operational continuity while diagnosing network issues is critical.

B) VLAN trunking allows multiple VLANs to be transmitted over a single link between switches. While trunking is essential for traffic segregation and transport, it does not replicate traffic for analysis. Trunking focuses on forwarding VLAN traffic rather than monitoring or troubleshooting network behavior.

C) STP prevents loops in Layer 2 networks by blocking redundant paths while maintaining a loop-free topology. Although vital for stability, STP does not provide the ability to mirror traffic for monitoring purposes. It manages port states and network topology but offers no insight into packet contents or performance metrics.

D) DHCP snooping validates DHCP messages from trusted servers and blocks unauthorized IP assignment. While important for IP security, DHCP snooping only monitors DHCP traffic and does not provide general network traffic visibility. It cannot be used to analyze performance or troubleshoot non-DHCP-related issues.

SPAN/mirror ports provide passive, real-time traffic capture for analysis and troubleshooting without interrupting normal operations, making it the correct choice.

Question 109

A network engineer needs to isolate multicast traffic so that only devices requesting it receive the data. Which feature should be enabled?

A) IGMP snooping
B) VLAN trunking
C) STP
D) DHCP snooping

Answer: A) IGMP snooping

Explanation:

A) IGMP snooping monitors Internet Group Management Protocol messages sent between hosts and multicast routers. By listening to join and leave messages, switches can forward multicast traffic only to ports where devices have requested membership in a multicast group. This prevents unnecessary flooding of multicast traffic to ports that do not require it, optimizing bandwidth usage and reducing congestion. IGMP snooping is critical in environments with video streaming, IPTV, or other multicast-dependent applications where network efficiency and performance are essential. Without IGMP snooping, multicast traffic would be broadcast to all ports in the VLAN, potentially overwhelming clients and degrading network performance. IGMP snooping dynamically maintains forwarding tables, allowing multicast traffic to reach only interested devices, improving efficiency and reducing wasted network resources.

B) VLAN trunking allows multiple VLANs to share a single physical link. While trunking is essential for transporting segmented traffic between switches, it does not selectively forward multicast traffic based on group membership. Trunking does not prevent multicast flooding to uninterested ports.

C) STP prevents loops in Layer 2 networks by selectively blocking redundant links. While essential for network stability, STP does not control multicast traffic forwarding. It manages topology rather than optimizing traffic delivery.

D) DHCP snooping secures IP address allocation by validating DHCP messages from trusted servers. While important for network security, it does not manage multicast traffic or ensure delivery only to requesting devices. DHCP snooping is limited to DHCP traffic and cannot optimize multicast delivery.

IGMP snooping selectively forwards multicast traffic only to interested devices, reducing congestion and optimizing bandwidth, making it the correct choice.

Question 110

A network administrator wants to provide secure remote access for employees working from home. Which solution should be deployed?

A) Remote VPN
B) Public Wi-Fi
C) Static routing
D) NAT

Answer: A) Remote VPN

Explanation:

A) A remote VPN (Virtual Private Network) establishes a secure, encrypted connection between a remote user and the corporate network over an untrusted network such as the Internet. This ensures confidentiality, data integrity, and authentication, allowing employees to access internal resources like file servers, email, and intranet applications safely. VPNs use tunneling protocols to encapsulate traffic, preventing interception or tampering, and often include multi-factor authentication and certificate-based security to validate users and devices. Remote VPNs are scalable, supporting multiple simultaneous connections and enabling centralized management to enforce access policies. This solution mitigates risks associated with using public networks, protects sensitive corporate data, and maintains productivity for remote employees.

B) Public Wi-Fi provides internet connectivity but is untrusted and insecure. Without additional encryption or authentication, communications over public Wi-Fi are vulnerable to interception, man-in-the-middle attacks, and data theft. Using public Wi-Fi alone does not secure corporate network access.

C) Static routing defines predetermined paths between network devices but does not provide encryption, authentication, or secure remote access. While it controls routing within networks, it is not suitable for remote connectivity over untrusted networks.

D) NAT (Network Address Translation) translates private IP addresses to public addresses to facilitate external communication. While NAT enables Internet access, it does not provide encryption, authentication, or secure remote access to internal resources. NAT alone does not secure data between remote employees and the corporate network.

Remote VPN provides encrypted, authenticated, and secure access for remote employees, protecting sensitive data and ensuring reliable connectivity, making it the correct choice.

Question 111

A network engineer wants to segment a large network into smaller broadcast domains to reduce congestion and improve security. Which technology should be implemented?

A) VLANs
B) LACP
C) STP
D) Port security

Answer: A) VLANs

Explanation

A) VLANs, or Virtual Local Area Networks, provide logical segmentation of a network into smaller broadcast domains. Each VLAN isolates broadcast traffic, ensuring that broadcast messages from one group of devices do not overwhelm the entire network. This reduces congestion, improves overall network performance, and enhances security by limiting communication to devices within the same VLAN unless inter-VLAN routing is explicitly configured. VLANs allow administrators to segment users based on departments, functions, or security requirements, creating logical groupings without requiring additional physical infrastructure. This flexibility is particularly useful in large networks where managing broadcast traffic and enforcing access controls are critical. VLANs also facilitate easier monitoring and troubleshooting by isolating traffic flows. They can operate on Layer 2 with switches and are often paired with Layer 3 routing for controlled communication between VLANs. By deploying VLANs, administrators can achieve scalable, high-performance, and secure networks while maintaining efficient management and flexibility for device mobility.

B) LACP aggregates multiple physical links between switches into a single logical connection to increase bandwidth and provide redundancy. While beneficial for throughput and link-level resilience, LACP does not segment the network or reduce broadcast domains. Its primary function is to optimize traffic flow across multiple links rather than isolate traffic between user groups.

C) STP (Spanning Tree Protocol) prevents loops in Layer 2 networks with redundant paths. While essential for network stability, STP does not create broadcast domains or isolate traffic. It only manages redundancy and ensures a loop-free topology but cannot reduce congestion caused by unnecessary broadcast traffic within a network.

D) Port security limits access to switch ports by allowing only specific MAC addresses to connect. While this enhances endpoint security by preventing unauthorized devices from connecting, it does not segment the network into broadcast domains or reduce congestion. Port security controls access but does not manage traffic flows between groups of devices.

VLANs are the only solution that provides logical segmentation of networks, improves performance by reducing broadcast traffic, and enhances security through isolation of user groups, making them the correct choice.

Question 112

A network engineer wants to provide secure encrypted communication over the internet for remote employees accessing the corporate network. Which solution is most appropriate?

A) Remote VPN
B) Public Wi-Fi
C) Static routing
D) NAT

Answer: A) Remote VPN

Explanation:

A) A remote VPN (Virtual Private Network) establishes an encrypted and authenticated tunnel between a remote client and the corporate network over an untrusted medium such as the Internet. This ensures confidentiality, integrity, and authentication of data, allowing employees to securely access internal resources like file servers, email, and intranet services. VPNs use tunneling protocols such as IPsec, SSL/TLS, or L2TP to encapsulate data, preventing interception or tampering by unauthorized entities. Remote VPN solutions often include multi-factor authentication, certificate-based authentication, and endpoint verification to ensure that only authorized users and devices can connect. VPNs also support centralized management for access control, logging, and policy enforcement, making them scalable for large organizations. They provide secure connectivity from home, hotels, or any remote location, maintaining productivity without exposing sensitive information. Remote VPN is the industry-standard solution for enabling secure remote work while protecting corporate networks from threats such as eavesdropping or man-in-the-middle attacks.

B) Public Wi-Fi provides internet access in untrusted environments but does not provide any encryption or authentication to secure corporate network access. Data transmitted over public Wi-Fi can be intercepted or modified by malicious actors. Without a VPN or similar encryption method, remote employees are at high risk of exposing sensitive information.

C) Static routing defines predetermined paths for traffic within a network. While useful for internal routing decisions, static routing does not provide encryption, authentication, or secure remote connectivity. It is not designed for securing data over untrusted networks, making it unsuitable for remote access scenarios.

D) NAT (Network Address Translation) translates private IP addresses to public addresses, allowing devices to communicate over the internet. While NAT facilitates connectivity, it does not encrypt traffic or provide authentication. NAT alone does not secure remote communication or protect sensitive corporate resources from interception.

A remote VPN provides end-to-end encryption, user authentication, and secure access to corporate resources over the internet, making it the correct choice.

Question 113

A network engineer wants to prevent unauthorized devices from connecting to the network while allowing legitimate endpoint changes without manual configuration. Which solution should be used?

A) Port security with sticky MAC addresses
B) VLAN trunking
C) STP
D) DHCP snooping

Answer: A) Port security with sticky MAC addresses

Explanation:

A) Port security with sticky MAC addresses dynamically learns the MAC addresses of devices connected to a switch port and stores them in the running configuration. This allows only authorized devices to transmit traffic on that port. If an unauthorized device connects, the switch can take actions such as shutting down the port, blocking traffic, or generating alerts. Sticky MAC addresses are particularly useful in environments where devices may move between ports, as they allow legitimate devices to be automatically recognized without requiring manual configuration. This solution provides strong endpoint security while maintaining operational flexibility, reducing administrative overhead, and preventing network breaches from rogue devices. Sticky MAC port security works alongside features such as DHCP snooping and dynamic ARP inspection to create a layered security approach that protects network resources while allowing legitimate endpoint mobility.

B) VLAN trunking allows multiple VLANs to share a single link between switches. While useful for transporting segmented traffic, trunking does not authenticate connected devices or prevent unauthorized access. It addresses logical separation of traffic rather than endpoint security.

C) STP prevents loops in Layer 2 networks by blocking redundant paths. While essential for network stability, STP does not validate device connections or control unauthorized access. It manages topology, not port-level device authentication.

D) DHCP snooping validates DHCP server responses to prevent rogue IP assignments. While important for securing IP address allocation, it does not prevent unauthorized devices from connecting to the network. DHCP snooping only monitors DHCP messages, not all traffic on a port.

Port security with sticky MAC addresses provides dynamic device validation, prevents unauthorized connections, and supports legitimate endpoint mobility, making it the correct choice.

Question 114

A network administrator wants to forward multicast traffic only to devices that request it to reduce unnecessary bandwidth usage. Which feature should be implemented?

A) IGMP snooping
B) VLAN trunking
C) STP
D) DHCP snooping

Answer: A) IGMP snooping

Explanation:

A) IGMP snooping monitors Internet Group Management Protocol messages between hosts and multicast routers. By listening to join and leave requests, switches can forward multicast traffic only to ports where devices have explicitly requested it. This prevents multicast traffic from being flooded to all ports in a VLAN, reducing unnecessary bandwidth consumption and optimizing network performance. IGMP snooping is especially important in environments with IPTV, video streaming, or other multicast-dependent applications. It maintains forwarding tables dynamically, ensuring multicast packets reach only interested devices, improving efficiency and minimizing congestion. By controlling multicast delivery, IGMP snooping allows administrators to manage large-scale networks effectively, ensuring quality of service for latency-sensitive applications while conserving network resources.

B) VLAN trunking transports multiple VLANs across a single link. While it segments traffic, it does not selectively forward multicast traffic. Trunking alone cannot reduce multicast flooding to uninterested devices, as it operates at the VLAN level rather than analyzing multicast group membership.

C) STP prevents loops in Layer 2 networks by blocking redundant paths to maintain a loop-free topology. While critical for stability, STP does not manage multicast forwarding or limit delivery to requesting devices. Its purpose is topology control rather than traffic optimization.

D) DHCP snooping protects IP address allocation by validating DHCP messages from trusted servers. While important for network security, DHCP snooping does not affect multicast traffic delivery. It ensures legitimate IP assignments but does not control which devices receive multicast streams.

IGMP snooping is specifically designed to forward multicast traffic only to devices that request it, reducing congestion and optimizing bandwidth usage, making it the correct choice.

Question 115

A technician needs to measure maximum throughput, packet loss, and jitter between two endpoints to troubleshoot VoIP performance issues. Which tool should be used?

A) iPerf
B) Netstat
C) ARP
D) Traceroute

Answer: A) iPerf

Explanation:

A) iPerf is a network performance testing tool that allows engineers to measure throughput, packet loss, latency, and jitter between two endpoints. These metrics are critical for troubleshooting VoIP and other real-time applications, which require low latency and minimal packet loss. iPerf generates traffic streams over TCP or UDP to simulate real network conditions, providing precise measurements of network performance. It supports configurable parameters such as parallel streams, test duration, and window sizes to emulate different scenarios. By running iPerf between a client and server, administrators can identify bottlenecks, optimize routing, configure quality-of-service policies, and validate network capacity for latency-sensitive applications. iPerf’s repeatable and accurate results make it an ideal tool for performance testing in enterprise and service provider environments, ensuring VoIP calls maintain acceptable quality and minimizing degradation.

B) Netstat displays active connections, listening ports, and routing tables on a host. While useful for monitoring current sessions, it does not measure network performance metrics like throughput, jitter, or packet loss. Netstat cannot simulate traffic, so it is not suitable for evaluating VoIP performance.

C) ARP resolves IP addresses to MAC addresses on a local network. ARP is a link-layer protocol and does not measure throughput, jitter, or packet loss. It cannot simulate traffic between endpoints or provide performance metrics required for VoIP troubleshooting.

D) Traceroute identifies the path packets take between devices and measures per-hop latency. While helpful for diagnosing routing issues, traceroute does not measure sustained throughput, jitter, or packet loss under load conditions. It provides a snapshot of the path but not comprehensive performance data.

iPerf is the only tool that generates test traffic and provides accurate measurements of throughput, packet loss, and jitter, making it the correct choice for troubleshooting VoIP performance.

Question 116

 A network administrator wants to prevent unauthorized DHCP servers from issuing IP addresses in the network. Which feature should be enabled?

A) DHCP snooping
B) Port security
C) STP
D) VLAN trunking

Answer: A) DHCP snooping

Explanation:

A) DHCP snooping is a Layer 2 security feature that prevents unauthorized devices from operating as DHCP servers on a network. It inspects DHCP messages and only allows those from trusted ports, typically connected to legitimate DHCP servers, to pass through. DHCP snooping also builds and maintains a DHCP binding table, mapping each client’s MAC address, IP address, and port. This ensures that clients receive valid IP addresses and prevents attacks such as rogue servers assigning incorrect gateways, DNS servers, or IP configurations. By blocking unauthorized DHCP responses, DHCP snooping mitigates man-in-the-middle attacks, IP conflicts, and service disruption. It can also work with other security mechanisms like IP Source Guard and Dynamic ARP Inspection to prevent traffic spoofing. In enterprise networks, enabling DHCP snooping ensures the reliability of IP assignment, prevents network misconfigurations, and maintains secure communication between clients and legitimate DHCP servers.

B) Port security limits access to switch ports based on MAC addresses. While port security prevents unauthorized devices from connecting to a port, it does not validate DHCP responses or prevent rogue DHCP servers from sending IP addresses to clients. Port security enforces endpoint control but does not provide IP allocation validation. Therefore, it is not sufficient to prevent DHCP attacks.

C) STP (Spanning Tree Protocol) prevents Layer 2 loops in networks with redundant paths. While STP is critical for maintaining a stable network topology, it does not monitor DHCP messages or prevent unauthorized DHCP servers from distributing IP addresses. STP addresses loop prevention, not DHCP security, making it irrelevant for this scenario.

D) VLAN trunking allows multiple VLANs to share a single link between switches. While trunking is essential for carrying multiple VLAN traffic, it does not authenticate DHCP servers or prevent rogue DHCP messages. Trunking only transports VLAN traffic and does not enforce DHCP security policies.

DHCP snooping is specifically designed to protect the network from rogue DHCP servers by validating IP address assignments and preventing unauthorized devices from distributing IP configurations, making it the correct choice.

Question 117

A network engineer wants to forward multicast traffic only to ports that have devices requesting it. Which feature should be enabled?

A) IGMP snooping
B) VLAN trunking
C) STP
D) DHCP snooping

Answer: A) IGMP snooping

Explanation:

A) IGMP snooping monitors Internet Group Management Protocol (IGMP) messages between hosts and multicast routers. By observing join and leave messages, switches can forward multicast traffic only to ports with devices that have explicitly requested membership in a multicast group. This prevents multicast traffic from being sent to all ports in the VLAN, which would otherwise waste bandwidth and create congestion. IGMP snooping is essential in environments with IPTV, video streaming, or other multicast-dependent applications. It dynamically maintains a table of ports requiring multicast traffic, ensuring efficient delivery and conserving network resources. By reducing unnecessary flooding, IGMP snooping improves performance, prevents network congestion, and maintains quality of service for latency-sensitive applications. Network administrators benefit from controlled multicast delivery and reduced impact on unrelated traffic.

B) VLAN trunking allows multiple VLANs to share a single link between switches. While trunking supports VLAN transport and segmentation, it does not analyze multicast group membership or selectively forward traffic. Trunking alone cannot prevent multicast flooding to uninterested ports, so it does not meet the requirement for optimizing multicast delivery.

C) STP prevents loops in Layer 2 networks by blocking redundant paths while maintaining a loop-free topology. While important for network stability, STP does not manage multicast traffic or limit delivery to devices requesting it. STP ensures topology stability but cannot optimize multicast forwarding.

D) DHCP snooping validates DHCP messages and blocks rogue DHCP servers. While useful for IP security, it does not control multicast traffic or ensure delivery only to requesting devices. DHCP snooping is limited to monitoring DHCP traffic and does not interact with multicast group communication.

IGMP snooping is specifically designed to forward multicast traffic only to interested devices, improving efficiency and reducing unnecessary bandwidth usage, making it the correct choice.

Question 118

A technician needs to capture network traffic from specific switch ports to troubleshoot performance issues without affecting operations. Which feature should be used?

A) SPAN/mirror port
B) VLAN trunking
C) STP
D) DHCP snooping

Answer: A) SPAN/mirror port

Explanation:

A) SPAN (Switched Port Analyzer) or mirror port allows traffic from one or more source ports or VLANs to be copied to a designated monitoring port. This enables administrators to capture and analyze traffic using tools such as Wireshark without interrupting normal network operations. SPAN is particularly useful for troubleshooting performance issues, detecting anomalies, analyzing packet flows, and identifying misconfigurations. It supports monitoring multiple source ports or VLANs, providing flexibility in complex network environments. By passively duplicating traffic, SPAN ensures the network continues to operate normally while giving full visibility into packet contents. Administrators can measure latency, packet loss, throughput, and other metrics to diagnose issues accurately. SPAN is widely used in enterprise networks where maintaining uptime during troubleshooting is critical.

B) VLAN trunking transports multiple VLANs over a single link but does not replicate traffic to a monitoring port. While trunking is essential for network segmentation and communication, it cannot capture traffic for analysis. Trunking is concerned with delivery rather than visibility or troubleshooting.

C) STP prevents loops in Layer 2 networks by selectively blocking redundant paths. While vital for stability, STP does not duplicate or monitor traffic. It only controls the active topology to prevent broadcast storms and loops, so it cannot be used for performance troubleshooting.

D) DHCP snooping validates DHCP server responses to prevent rogue IP assignments. While important for IP security, DHCP snooping is limited to monitoring DHCP traffic only and does not provide visibility into general network traffic for troubleshooting purposes.

SPAN/mirror ports allow passive monitoring of traffic, enabling detailed analysis of network performance without disrupting normal operations, making it the correct choice.

Question 119

A network administrator wants to combine multiple physical links between two switches to increase bandwidth and provide redundancy. Which protocol should be implemented?

A) Link Aggregation Control Protocol (LACP)
B) VLAN
C) STP
D) Port security

Answer: A) Link Aggregation Control Protocol (LACP)

Explanation:

A) LACP allows multiple physical links between switches to be logically combined into a single interface. This provides increased bandwidth by distributing traffic across all member links, improving throughput for high-demand applications like server uplinks and backbone connections. LACP also provides redundancy; if one link fails, the remaining links continue to carry traffic, ensuring network reliability. It dynamically negotiates which links to aggregate, preventing misconfigurations and ensuring all combined links are compatible. Load-balancing algorithms distribute traffic efficiently across the links based on MAC addresses, IP addresses, or session information. LACP is widely deployed in enterprise and data center networks to optimize both performance and resilience while minimizing administrative overhead. By combining multiple links, LACP maximizes available physical bandwidth and ensures continuous operation even in case of individual link failures.

B) VLANs segment networks into separate broadcast domains but do not aggregate physical links or increase bandwidth. While VLANs improve security and performance through isolation, they do not combine multiple physical interfaces for redundancy or throughput optimization.

C) STP prevents Layer 2 loops by blocking redundant paths. While essential for network stability, it does not increase link capacity or aggregate physical links. In fact, STP can block links that could otherwise carry traffic, so it is not suitable for bandwidth aggregation.

D) Port security restricts access to switch ports based on MAC addresses, preventing unauthorized devices from connecting. While enhancing security, port security does not provide redundancy or combine multiple links, making it irrelevant for bandwidth optimization.

LACP provides both increased throughput and link-level redundancy with dynamic management, making it the correct choice.

Question 120

A network engineer wants to reduce wireless interference in a high-density office environment to improve throughput. Which action is most effective?

A) Move clients to the 5 GHz band
B) Increase DHCP lease time
C) Enable Telnet on the access point
D) Reduce MTU size

Answer: A) Move clients to the 5 GHz band

Explanation:

A) Moving clients to the 5 GHz band reduces interference and improves throughput in high-density environments. The 2.4 GHz band is crowded with devices such as Wi-Fi networks, Bluetooth devices, and microwaves, causing co-channel and adjacent-channel interference. The 5 GHz band offers more non-overlapping channels, higher data rates, and less interference. Although the range of 5 GHz signals is shorter due to higher frequency attenuation, careful access point placement ensures adequate coverage. Using the 5 GHz band allows for better performance for bandwidth-intensive applications like video conferencing, VoIP, and large file transfers. In high-density environments, this reduces congestion, minimizes collisions, and improves network reliability. Proper planning and channel allocation maximize the benefits of 5 GHz, creating a more stable and high-performance wireless network.

B) Increasing DHCP lease time reduces how frequently devices request IP addresses, but it does not impact wireless interference, congestion, or throughput. It only affects IP address management, not RF performance.

C) Enabling Telnet on the access point allows remote administration but does not influence client performance or reduce interference. Management protocols do not optimize RF conditions or bandwidth utilization.

D) Reducing MTU size changes the maximum transmission unit for packets. While it can reduce fragmentation in some scenarios, it does not address RF interference, co-channel congestion, or bandwidth limitations. MTU adjustments alone are insufficient to improve wireless performance in dense environments.

Moving clients to the 5 GHz band directly addresses interference and congestion, increasing throughput and reliability, making it the correct choice.