CompTIA N10-008 Practice Test Questions, Exam Dumps

Practice Exams:

View All

N10-008 CompTIA Practice Test Questions and Exam Dumps

Question No 1:

A systems administrator has been tasked with enhancing the wireless network performance in a high-density office environment within a multi-story building. The current network experiences slow speeds and interference due to the large number of users and wireless devices. There is a wide range of client devices connecting to the network, including legacy devices that operate on both the 2.4 GHz and 5 GHz frequency bands. To provide better speed, lower latency, and improved efficiency while supporting both frequency bands and maintaining compatibility with existing devices, which of the following wireless standards should the administrator implement?

A. 802.11ac
B. 802.11ax
C. 802.11g
D. 802.11n

Correct Answer: B. 802.11ax

Explanation:

The correct choice for improving WiFi performance in a densely populated environment while supporting both 2.4 GHz and 5 GHz bands is 802.11ax, also known as Wi-Fi 6.

802.11ax is the latest widely adopted wireless networking standard and was specifically designed to perform better in environments with high user density, such as office buildings, airports, or apartment complexes. One of its key advantages is the use of Orthogonal Frequency-Division Multiple Access (OFDMA), which allows multiple users to share a channel simultaneously, dramatically increasing efficiency and reducing latency.

Additionally, 802.11ax supports both the 2.4 GHz and 5 GHz frequency bands. This is important for backward compatibility with older devices that only support 2.4 GHz and for taking advantage of the faster, less congested 5 GHz spectrum. It also introduces Target Wake Time (TWT) to help reduce power consumption for client devices, which is especially beneficial in IoT-heavy environments.

Compared to earlier standards:

802.11ac (Wi-Fi 5) is fast and supports 5 GHz only but lacks the 2.4 GHz band support and high-density features of 802.11ax.
802.11n (Wi-Fi 4) supports both bands but offers lower throughput and lacks modern efficiency improvements.
802.11g is outdated, supports only 2.4 GHz, and provides significantly lower speeds and performance.

In conclusion, 802.11ax (Wi-Fi 6) is the best choice for a modern, high-density office tower due to its dual-band support, high efficiency, and advanced features that improve network performance under heavy load conditions.

Question No 2:

A network security administrator suspects that unauthorized devices may be attempting to impersonate legitimate devices on the internal network by changing their MAC (Media Access Control) addresses. This form of attack, known as MAC spoofing, can allow attackers to bypass network access controls or eavesdrop on traffic. To effectively detect and respond to this type of attack, which of the following protocols or tools would be the MOST appropriate to use?

A. Internet Control Message Protocol (ICMP)
B. Reverse Address Resolution Protocol (RARP)
C. Dynamic Host Configuration Protocol (DHCP)
D. Internet Message Access Protocol (IMAP)

Correct Answer: C. Dynamic Host Configuration Protocol (DHCP)

Explanation:

MAC spoofing is a technique where an attacker alters the Media Access Control address of their device to impersonate another device on the network. This is commonly done to bypass security measures such as MAC address filtering, gain unauthorized access, or intercept sensitive traffic.

To detect such attacks, the Dynamic Host Configuration Protocol (DHCP) can be a valuable tool. DHCP is responsible for assigning IP addresses to devices on a network based on their MAC addresses. When a device connects, it sends a DHCP request including its MAC address. A DHCP server or a DHCP snooping-enabled switch can monitor these requests and map MAC addresses to IP addresses.

By maintaining a DHCP lease table (a log of MAC-to-IP assignments), network administrators can detect anomalies such as:

A single MAC address requesting multiple IP addresses.
Frequent changes in MAC addresses associated with the same port.
Duplicate IP address assignments from different MAC addresses.

In many managed switches and enterprise networks, DHCP snooping and IP-MAC binding features help enforce consistency and alert administrators when unusual MAC behavior is detected.

Let’s briefly explain the incorrect options:

A. ICMP (Internet Control Message Protocol) is used for diagnostic functions like ping or traceroute, not for MAC address validation.
B. RARP (Reverse Address Resolution Protocol) is outdated and rarely used; it maps MAC addresses to IP addresses but doesn’t help with spoofing detection in modern networks.
D. IMAP (Internet Message Access Protocol) is related to email retrieval and has no role in network-level MAC detection.

Therefore, DHCP, particularly when combined with DHCP snooping or intrusion detection systems, is the best choice for detecting MAC spoofing attacks.

Question No 3:

A network technician is investigating complaints from users experiencing high jitter and inconsistent performance while connected to the wireless network. During diagnostics, the technician pings the default gateway and notices large fluctuations in latency, indicating possible wireless signal instability. Suspecting that interference from nearby wireless networks or other electronic devices operating outside the 802.11 standards (such as microwaves or cordless phones) may be contributing to the problem, which of the following tools would be the MOST appropriate to identify and analyze the source of interference?

A. NetFlow analyzer
B. Bandwidth analyzer
C. Protocol analyzer
D. Spectrum analyzer

Correct Answer: D. Spectrum analyzer

Explanation:

Wireless jitter—variation in signal latency—can often be attributed to RF (radio frequency) interference, especially in environments with a dense number of wireless networks or non-Wi-Fi devices operating in the same frequency bands (such as 2.4 GHz). To effectively troubleshoot this type of issue, a spectrum analyzer is the best tool.

A spectrum analyzer visually displays all RF activity within a frequency range, including both 802.11 (Wi-Fi) and non-802.11 sources. It allows technicians to:

Detect and identify interference from non-Wi-Fi devices like microwaves, Bluetooth devices, baby monitors, and wireless video transmitters.
Monitor competing Wi-Fi networks broadcasting on the same or overlapping channels.
Determine whether interference is intermittent or constant, helping isolate root causes.

This data can then be used to reconfigure access points (APs), change channels, or relocate equipment to avoid interference and optimize wireless performance.

Let’s clarify why the other options are less suitable:

A. NetFlow analyzer: Monitors IP traffic patterns and bandwidth usage but doesn't measure wireless signal interference or jitter causes.
B. Bandwidth analyzer: Assesses how much bandwidth is being used on the network, but it cannot detect RF interference.
C. Protocol analyzer (e.g., Wireshark): Captures and analyzes network packets. It’s excellent for protocol-level issues, but it doesn’t reveal physical layer problems like RF interference.

In summary, since the technician suspects physical-layer wireless interference as the cause of jitter, a spectrum analyzer is the most appropriate and effective tool for identifying and resolving the issue.

Question No 4:

Wireless users in an organization are reporting intermittent internet connectivity issues while connected to the wireless network. The issue is temporarily resolved when users disconnect and reconnect to the Wi-Fi network, which then triggers the captive web authentication process. Interestingly, the network administrator observes that affected devices remain connected to the access points (APs) throughout the issue. Given this behavior, which of the following troubleshooting steps would MOST LIKELY help determine the root cause of the connectivity problem?

A. Verify the session time-out configuration on the captive portal settings
B. Check for encryption protocol mismatch on the client’s wireless settings
C. Confirm that a valid passphrase is being used during the web authentication
D. Investigate for a client’s disassociation caused by an evil twin AP

Correct Answer: A. Verify the session time-out configuration on the captive portal settings

Explanation:

Captive portals are commonly used in wireless networks—especially in public, corporate, or guest environments—to authenticate users via a web-based login page before granting internet access. Once a user logs in, the network grants temporary access based on predefined session parameters.

In this scenario, users are intermittently losing internet access, but the access points still show the clients as connected. This suggests that the wireless connection is intact at Layer 2 (data link layer), but internet access at Layer 3 (network layer) is being restricted or dropped.

A likely cause is the session timeout setting on the captive portal. If the session expires due to an overly aggressive timeout value or idle timeout configuration, the client is forced to reauthenticate to regain access. However, because the user isn't disconnected from the AP, the issue can be confusing—it appears as if the connection is fine, but traffic is no longer routed to the internet.

Let’s evaluate the incorrect options:

B. Encryption protocol mismatch: Would cause connection failure, not intermittent connectivity once already connected.
C. Invalid passphrase: Also would prevent initial connection or web authentication, not affect ongoing sessions.
D. Evil twin AP: Might cause disconnections or redirection, but wouldn’t match the consistent pattern of needing to reauthenticate via a legitimate portal.

Therefore, the most probable cause—and the first thing to check—is the session timeout configuration on the captive portal.

Question No 5:

While entering a secured datacenter, a network administrator notices an unfamiliar individual closely following behind without using an access badge or authentication method. Recognizing the suspicious behavior, the administrator promptly stops the individual and redirects them to the security desk for verification. Which type of physical security breach did the administrator successfully prevent?

A. Evil twin
B. Tailgating
C. Piggybacking
D. Shoulder surfing

Correct Answer: B. Tailgating

Explanation:

Tailgating is a physical security breach where an unauthorized person gains access to a restricted area by closely following an authorized individual without providing their own credentials. This is often done by exploiting social engineering—taking advantage of the authorized person’s willingness to hold the door open or not confront someone appearing to have legitimate access.

In this scenario, the network administrator notices someone attempting to enter the datacenter by following closely behind. By stopping the person and directing them to the security desk, the administrator prevents an unauthorized entry, which is the very essence of tailgating.

Here’s how the other options compare:

A. Evil twin: This is a wireless attack where an attacker sets up a rogue Wi-Fi access point that mimics a legitimate one to trick users into connecting. It is not related to physical security or access to restricted spaces.
C. Piggybacking: Often used interchangeably with tailgating, but with a subtle difference—piggybacking usually implies that the authorized person knowingly allows the unauthorized person to enter. In contrast, tailgating happens without the authorized person's consent or awareness.
D. Shoulder surfing: Involves an attacker observing someone’s screen or keyboard to steal information like passwords or PINs. It is a form of visual hacking, not unauthorized physical access.

Physical security is a critical layer in overall cybersecurity. Datacenters often contain sensitive equipment and data, and preventing unauthorized access is essential to protecting the integrity, confidentiality, and availability of systems.

In summary, by stopping the unauthorized individual from following him into the secured area, the administrator effectively prevented a tailgating attack.

Question No 6:

A network administrator is troubleshooting reports of degraded network performance and observes that a high number of CRC (Cyclic Redundancy Check) errors are occurring during routine data transmission across the network. These errors indicate that data packets are being corrupted during transit. To effectively begin the troubleshooting process, at which layer of the OSI model should the administrator most likely focus their efforts?

A. Layer 1 – Physical
B. Layer 2 – Data Link
C. Layer 3 – Network
D. Layer 4 – Transport
E. Layer 5 – Session
F. Layer 6 – Presentation
G. Layer 7 – Application

Correct Answer: B. Layer 2 – Data Link

Explanation:

CRC (Cyclic Redundancy Check) errors occur when data is corrupted during transmission and does not match the checksum value calculated at the receiving end. CRC is a form of error detection that is used primarily at Layer 2 (Data Link Layer) of the OSI model. Network devices such as switches and network interface cards (NICs) use CRC to verify the integrity of Ethernet frames as they are transmitted across the network.

When the receiving device calculates the CRC value of the incoming frame and finds that it doesn't match the value included in the frame, it indicates that the data was corrupted during transmission, resulting in a CRC error. These errors can be caused by:

Faulty cables (especially when shielded improperly or damaged)
Bad ports on network switches or NICs
Electromagnetic interference
Improper termination or cabling standards

Although the physical medium (Layer 1) often contributes to the cause, the actual detection of the error via CRC occurs at Layer 2, which is why Layer 2 is the correct layer to begin troubleshooting. Tools like switch logs or interface statistics can help isolate which port or link is generating the CRC errors.

Here’s why the other layers are incorrect:

Layer 1 (Physical) deals with the transmission media, but it doesn’t perform CRC error detection.
Layers 3–7 handle logical addressing, data transport, sessions, and applications, and are not responsible for CRC error detection.

In summary, CRC errors are identified at Layer 2, and that’s where the administrator should begin troubleshooting to determine the root cause.

Question No 7:

A company has recently deployed 100 new virtual desktops (VMs) to accommodate additional users. Soon after, multiple users began reporting that their virtual desktop sessions are slow, laggy, or occasionally become unresponsive. Network diagnostics indicate minimal congestion, zero packet loss, and acceptable latency across the network infrastructure. To effectively identify the root cause of the performance issues affecting the virtual machines, which two system performance metrics should the administrator focus on? (Select TWO):

A. CPU usage
B. Memory
C. Temperature
D. Bandwidth
E. Latency
F. Jitter

Correct Answers: A. CPU usage and B. Memory

Explanation:

When many virtual machines (VMs) are deployed on a shared virtualized environment, the physical host's CPU and memory resources become critical performance bottlenecks. In this scenario, 100 new users have been added, and each is using a virtual desktop. If the underlying hypervisor or virtual infrastructure does not have adequate CPU cores or RAM, the VMs will experience slow performance, lag, and even freezing behavior.

1. CPU Usage:

High CPU utilization on the host machine can result in slow execution of processes across multiple VMs. When CPU resources are exhausted or overcommitted, the hypervisor must time-slice access among VMs, introducing delays. Monitoring host CPU usage will show whether the virtualization platform is under too much load.

2. Memory:

If the physical server lacks sufficient RAM, the hypervisor may rely on memory ballooning or disk swapping, which drastically reduces performance. VMs will appear sluggish, and applications will take longer to respond. Checking memory usage on the host will confirm if VMs are starved for memory resources.

Why the Other Options Are Incorrect:

C. Temperature: While overheating can affect hardware, it would usually trigger alerts or cause shutdowns, not just slow VM performance.
D. Bandwidth: The network was already verified to have no congestion, so it's unlikely to be the issue.
E. Latency & F. Jitter: These are network-level metrics and have already been ruled out in the problem statement as being within acceptable limits.

In conclusion, since the network is healthy but users are still experiencing sluggish virtual desktops, the most likely culprits are CPU and memory limitations on the virtualization host infrastructure.

Question No 8:

A network administrator discovers that client devices are unable to obtain IP addresses, and upon investigation, it is determined that the DHCP scope has been exhausted. The administrator wants to resolve this issue without having to create a new DHCP pool. Which of the following actions would be the MOST effective solution to resolve the problem?

A. Install load balancers
B. Install more switches
C. Decrease the number of VLANs
D. Reduce the lease time

Correct Answer: D. Reduce the lease time

Explanation:

In a DHCP (Dynamic Host Configuration Protocol) environment, a DHCP lease is a period of time during which a client device is assigned a specific IP address from the DHCP pool. When the lease expires, the address is returned to the pool and made available for other devices to use. If the DHCP scope is exhausted, this means that the available IP addresses have all been assigned, and no new devices can receive an IP address.

Reducing the lease time will allow IP addresses to be returned to the DHCP pool more frequently. This is particularly helpful in environments where devices join and leave the network regularly or where the number of devices fluctuates. By reducing the lease time, the administrator ensures that IP addresses are freed up sooner, which can help alleviate the issue without the need to expand the DHCP scope or create a new DHCP pool.

Here's why the other options are not ideal solutions:

A. Install load balancers: Load balancers are used to distribute traffic evenly across multiple servers or network paths. While load balancers improve network performance and reliability, they do not address issues with DHCP scope exhaustion, as they do not interact with DHCP services.
B. Install more switches: Adding switches helps increase network capacity by allowing more devices to physically connect to the network. However, this does not increase the number of IP addresses available in the DHCP pool, nor does it address the exhaustion issue directly.
C. Decrease the number of VLANs: VLANs help logically segment network traffic but do not directly impact the availability of IP addresses in the DHCP scope. In fact, reducing the number of VLANs could complicate the network design without resolving the DHCP issue.

Reducing the DHCP lease time will enable IP addresses to be reassigned more quickly, addressing the exhaustion issue without the need to expand the DHCP pool.

Question No 9:

An administrator is creating a script to periodically log the IPv6 and MAC addresses of all devices connected to a specific network segment. Which of the following switch features would be most helpful to assist in obtaining this information?

A. Spanning Tree Protocol
B. Neighbor Discovery Protocol
C. Link Aggregation Control Protocol
D. Address Resolution Protocol

Correct Answer: B. Neighbor Discovery Protocol

Explanation:

The Neighbor Discovery Protocol (NDP) is part of the IPv6 suite of protocols and operates at the Data Link Layer (Layer 2). NDP is crucial for performing several key functions in IPv6 networks, including the discovery of other devices on the same network segment and resolving IPv6 addresses to MAC addresses. Specifically, NDP uses Neighbor Solicitation and Neighbor Advertisement messages to discover devices and gather relevant information about their IPv6 addresses and MAC addresses.

In the context of the administrator's task—logging IPv6 and MAC addresses—NDP is the most suitable protocol because it allows for dynamic discovery of both types of addresses on the network. NDP replaces the traditional ARP (Address Resolution Protocol) used in IPv4 networks, which serves a similar purpose by mapping IPv4 addresses to MAC addresses.

Why the Other Options Are Incorrect:

A. Spanning Tree Protocol (STP): STP is a Layer 2 protocol used to prevent network loops in Ethernet networks by managing the topology of bridges and switches. While STP is essential for network stability, it does not assist with discovering IPv6 or MAC addresses.
C. Link Aggregation Control Protocol (LACP): LACP is used to combine multiple network connections into a single logical link to increase bandwidth and provide redundancy. It does not play a role in discovering device addresses (IPv6 or MAC).
D. Address Resolution Protocol (ARP): ARP is used in IPv4 networks to map IPv4 addresses to MAC addresses. While ARP serves a similar purpose to NDP in IPv4, it does not support IPv6, and NDP is the correct protocol for IPv6 address resolution.

To log both IPv6 and MAC addresses on a network segment, the administrator should use Neighbor Discovery Protocol (NDP), which is specifically designed for address resolution in IPv6 networks.