If you are looking for CompTIA Network Practice test questions, this article gives you an overview of the actual certification exam through free questions and answers. These CompTIA Network+ questions and answers have detailed explanations which solve your doubts about the exam objectives clearly.
CompTIA Network+ (N10-008) certification is the most popular certification exam which validates your skills in troubleshooting, configuring, and managing wired/wireless networks.
Domain : Networking Fundamentals
Q1 : Which network topology has the most physical connections per device?
A. Ring
B. Star
C. Bus
D. Mesh
Correct Answer: D
Explanation:
In a mesh topology, each device has a connection to the remaining devices in the network. It works with the formula of n(n-1)/2. For example, if you have 10 nodes in a mesh network, you will end up with 45 connections 10(10-1)/2, which can be calculated as 10(9) = 90/2 = 45.
Option A is incorrect. In a ring topology, each node has a maximum of two connections.
Option B is incorrect. In a star topology, each node is connected with a central point, which is a hub or switch. Therefore, each node has only one connection.
Option C is incorrect. Each node is connected to a running cable in a bus topology, which means that each node has only one connection.
Option D is correct. If the DHCP server is unavailable or unable to lease IP addresses to a client, the client uses the APIPA IP address by default.
Reference: To know more about the mesh topology, please refer to the doc below: https://www.bbc.co.uk/bitesize/guides/zr3yb82/revision/2#:~:text=In%20a%20mesh%20topology%20there,message%20towards%20its%20final%20destination
Domain : Networking Fundamentals
Q2 : On which layer of the OSI model does the TCP protocol work?
A. Application
B. Presentation
C. Transport
D. Physical
Correct Answer: C
Explanation:
The Transport layer is responsible for end-to-end communication. TCP and UDP protocols work on this layer.
Option A is incorrect. HTTP and FTP protocols work on the Application layer.
Option B is incorrect. SSL and SSH protocols work on the Presentation layer.
Option C is correct. The TCP protocol works on the Transport layer of the OSI model. UDP also works on the Transport layer of the OSI model.
Option D is incorrect. Wireless, hubs, and repeater work on the Physical layer of the OSI model.
Reference: To know more about the Transport layer, please refer to the doc
below: https://int0x33.medium.com/day-51-understanding-the-osi-model-f22d5f3df756
Domain : Networking Fundamentals
Q3 : Which layer of the OSI model provides a user interface to an application?
A. Application
B. Presentation
C. Transport
D. Session
Correct Answer: A
Explanation:
The Application layer of the OSI model provides a user interface to an application. This layer enables the applications being used by the users to communicate with the other entities. The applications interact with the Application layer when they need to communicate with other entities on the network.
Option A is correct. It is the Application layer used for interaction by the applications to interact with other entities on the network.
Option B is incorrect. The Presentation layer is responsible for presenting and processing data. Encryption is applied at this layer.
Option C is incorrect. The Transport layer is responsible for ensuring the delivery of the data packets.
Option D is incorrect. The Session layer is responsible for keeping the data from applications separate.
Reference: To know more about the Application layer, please refer to the doc below:https://int0x33.medium.com/day-51-understanding-the-osi-model-f22d5f3df756
Domain : Networking Fundamentals
Q4 : Which category of cable uses the frequency up to 250 MHz?
A. Category 5
B. Category 5e
C. Category 6
D. Category 6A
Correct Answer: C
Explanation:
The Category 6 cable works with up to 250 MHz frequency. It can process more data than the previous categories, such as Category 5.
Option A is incorrect. The Category 5 cable works with 100 MHz frequency.
Option B is incorrect. The Category 5e cable works with 100 MHz frequency.
Option C is correct. The Category 6 cable works with up to 250 MHz frequency.
Option D is incorrect. The Category 6e cable works with up to 500 MHz frequency.
Reference: To know more about the Category 6 cable, please refer to the doc below:https://www.blackbox.co.uk/gb-gb/page/43869/Resources/Technical-Resources/Black-Box-Explains/Copper-Cable/Category-5e-And-6#:~:text=The%20main%20difference%20between%20CAT5e,data%20at%20the%20same%20time.
Domain : Networking Fundamentals
Q5 : What is the correct definition for Southbound traffic?
A. It is traffic that goes out of the network
B. It is traffic that is shared between the devices in a network
C. It is traffic that enters a network from the Internet
D. It is traffic that stays only on the Internet and never enters a network
Correct Answer: C
Explanation:
Southbound traffic is the traffic that enters a network from the Internet. It is an ingress traffic.
Option A is incorrect. The traffic that goes out of the network is known as the Northbound traffic.
Option B is incorrect. The traffic that is shared between the devices in a network is known as East-West traffic.
Option C is correct. It is the type of traffic that is incoming from an external network like the Internet.
Option D is incorrect. There is no specific name for the traffic that stays on the Internet.
Reference: To know more about the Category 6 cable, please refer to the doc below:https://whatis.techtarget.com/definition/northbound-interface-southbound-interface#:~:text=A%20northbound%20interface%20is%20an,with%20a%20lower%2Dlevel%20component.
Domain : Networking Fundamentals
Q6 : Which layer of the Software-Defined Networking can contain a firewall?
A. Control layer
B. Application layer
C. Management plane
D. Infrastructure layer
Correct Answer: B
Explanation:
There are different layers in the Software-Defined Networking (SDN). The application layer contains the applications like firewall, intrusion detection system (IDS), and load balancer.
Option A is incorrect. The Control layer is responsible for managing the network traffic. It is considered to be the brain of SDN.
Option B is correct. A firewall is located in the Application layer of SDN.
Option C is incorrect. The Management plane is responsible for network configuration and monitoring.
Option D is incorrect. The Infrastructure layer contains the switches that handle the SDN traffic.
Reference: To know more about the Category 6 cable, please refer to the doc below:https://www.gavstech.com/software-defined-networking-sdn/
Domain : Networking Fundamentals
Q7 : Which of the following correctly describes the use of the Software as a Service (SaaS) cloud delivery model?
A. A Webserver hosted in the cloud
B. Use of Microsoft Office 365 using a Web browser
C. A virtual network in the cloud environment
D. A virtual machine running in a cloud environment
Correct Answer: B
Explanation:
The SaaS cloud delivery model is used for deploying applications. Access is granted to the users via a subscription model. Microsoft Office 365, when accessed via a Web browser, is an example of SaaS.
Option A is incorrect. A Webserver hosted in the cloud is an example of an Infrastructure as a Service (IaaS) cloud delivery model.
Option B is correct. The use of Office 365 using a Web browser is an example of a SaaS cloud delivery model.
Option C is incorrect. A virtual network in the cloud is an example of the IaaS cloud delivery model.
Option D is incorrect. A virtual machine running in the cloud is an example of an IaaS cloud delivery model.
Reference: To know more about the Category 6 cable, please refer to the doc below:https://patterns.arcitura.com/cloud-computing-patterns/basics/cloud-
Domain : Network Implementations
Q8 : You have created several network subnets and want to route traffic between them. Which of the following networking device should you use?
A. Layer 2 switch
B. Layer 3 switch
C. Hub
D. Bridge
Correct Answer: B
Explanation:
You need to use the Layer 3 switch that can route packets between different subnets in a network. It operates on Layer 3, which is the network layer.
Option A is incorrect. A Layer 2 switch does not have the routing capability. It has a single broadcast domain and can route packets within that domain only.
Option B is correct. A Layer 3 switch has the routing capability and uses multi-broadcast domains. It can route packets between different network subnets. It operates on the Network layer of the OSI model.
Option C is incorrect. A hub is a Layer 1 device and connects several network devices in a star topology.
Option D is incorrect. A bridge is a device that connects two similar networks. Each network represents a broadcast domain. A bridge keeps the broadcast traffic restricted within the network from one network and does not pass it on to the joined network.
Reference: To know more about the Layer 3 switch, please refer to the doc below:https://www.geeksforgeeks.org/difference-between-layer-2-and-layer-3-switches/
Domain : Network Implementations
Q9 : You have installed a new switch that can function at 10 Gbps speed. When you connect a system to this switch, you notice that it works only at 1 Gbps. The cable that you have used is CAT 6 that is 70 meters in length. You need to ensure that the switch and system operate at 10 Gbps speed. What should you do?
A. Set the network adapter in the system to Auto Configuration
B. Set the switch to operate in Auto Configuration mode
C. Change the cable to CAT 6a
D. Enable duplex mode on the network adapter in the system
Correct Answer: C
Explanation:
To make the system and switch work at 10 Gbps speed, you need to use a CAT 6a cable instead of the CAT 6 cable, which works up to 1 Gbps speed.
Option A is incorrect. When you set the network adapter with Auto-Configuration mode, it will match the speed of the switch. However, the switch can work at 10 Gbps. The system should also, but due to the speed limitation of the cable, it cannot.
Option B is incorrect. You do not need to set the switch to Auto Configuration mode. It is set to work with the highest speed unless limited by the cable or the connected system by default.
Option C is correct. A CAT 6 cable can work with a maximum of 1 Gbps speed. Even if the connected device can work at 10 Gbps, it will bring down the speed to 1 Gbps. The solution is to change the cable to CAT 6a, which can work at 10 Gbps speed.
Option D is incorrect. If the duplex mode were not enabled on the network adapter, the system would not operate at 1 Gbps speed.
Reference: To know more about the Layer 3 switch, please refer to the doc below:https://www.geeksforgeeks.org/difference-between-layer-2-and-layer-3-switches/
Domain : Network Implementations
Q10 : Which of the following is likely to occur due to a temperature change?
A. Refraction
B. Reflection
C. Attenuation
D. Latency
Correct Answer: A
Explanation:
Refraction is caused by the change in temperature, pressure, or vapor in the air. Refraction can cause the radio frequency waves to change directions.
Option A is correct. Refraction is caused by different atmospheric changes, like changes in temperature or vapor in the air. It can cause the loss of radio frequency signals of a wireless network.
Option B is incorrect. Reflection is when radio waves bounce off an obstacle, such as a metal. The bounced-off signals may interfere with the signals coming from the wireless router.
Option C is incorrect. Attenuation is the gradual loss of the wireless signals. It is the key element that limits the range of wireless signals.
Option D is incorrect. Latency is the time one or more packets take to reach from the source to the destination system. Latency is critical for time-sensitive applications like voice and video.
Reference: To know more about refraction, please refer to the doc below:https://www.linkedin.com/pulse/understand-wireless-refraction-less-than-minute-jacob-moran/
Domain : Network Implementations
Q11 : You are connected to a wireless network. As you move away from it, you lose connection with the wireless network. Which of the following caused the loss to occur?
A. Refraction
B. Reflection
C. Attenuation
D. Latency
Correct Answer: C
Explanation:
Attenuation is the gradual loss of wireless signals. It is the key element that limits the range of wireless signals.
Option A is incorrect. Refraction is caused by different atmospheric changes, like changes in temperature or vapor in the air. It can cause the loss of radio frequency signals of a wireless network.
Option B is incorrect. Reflection is when radio waves bounce off an obstacle, such as a metal. The bounced-off signals may interfere with the signals coming from the wireless router.
Option C is correct. Attenuation is the gradual loss of the wireless signals. It is the key element that limits the range of wireless signals. The closer you are to the wireless router or the access point, the stronger the signal and the less attenuation. However, as you move away from the wireless router or access point, the attenuation increases.
Option D is incorrect. Latency is the time one or more packets take to reach from the source to the destination system. Latency is critical for time-sensitive applications like voice and video.
Reference: To know more about attenuation, please refer to the doc below:https://www.comptia.org/content/guides/what-is-attenuation#:~:text=Attenuation%20is%20the%20loss%20of,to%20become%20distorted%20or%20indiscernible.
Domain : Network Implementations
Q12 : On your local system, you want to verify if the IP addresses are being resolved to the hardware addresses. Which command should you use for this purpose?
A. arp
B. netstat
C. nslookup
D. pathping
Correct Answer: A
Explanation:
The arp command is used to resolve the IP addresses to the hardware addresses. You need to use the arp -a command to meet this requirement.
Option A is correct. Each network device maintains an arp cache that maintains the mapping of an IP address of the device to its hardware or MAC address.
Option B is incorrect. The netstat command displays the protocol name, local IP address, and connection status with the remote system. For example, Established and Time_Wait are two different statuses that might be visible. One connection can have only one status.
Option C is incorrect. The nslookup command is used for troubleshooting DNS problems. You can verify the DNS servers for a particular host with this command.
Option D is incorrect. The pathping command is a combination of ping and tracert commands. It displays the path along with the ping statistics.
Reference: To know more about arp, please refer to the doc below:https://wiki.infinetwireless.com/pages/viewpage.action?pageId=10780967#:~:text=The%20%22arp%22%20command%20is%20used,for%20packet%20forwarding%20over%20LAN.
Domain : Network Implementations
Q13 : In a data center, what should be the optimal humidity?
A. 20 percent
B. 30 percent
C. 50 percent
D. 80 percent
Correct Answer: C
Explanation:
The optimal data center humidity should be around 50 percent. Humidity more than this will cause dampness that can cause electrical shorts.
Option A is incorrect. The humidity at 20 percent is considered low humidity that will cause static electricity to build up.
Option B is incorrect. The humidity at 30 percent is considered low humidity that will cause static electricity to build up.
Option C is correct. Humidity should be kept around or slightly above 50 percent. This is the optimal level of humidity.
Option D is incorrect. High-level of humidity at 80 percent will cause electrical shorts.
Reference: To know more about humidity, please refer to the doc below:https://wiki.infinetwireless.com/pages/viewpage.action?pageId=10780967#:~:text=The%20%22arp%22%20command%20is%20used,for%20packet%20forwarding%20over%20LAN.
Domain : Network Operations
Q14 : If packet size is less than 64 bytes, which of the following has occurred?
A. CRC errors
B. Giants
C. Runts
D. Encapsulation errors
Correct Answer: C
Explanation:
Packets that are smaller than 64 bytes are called runts. They can be caused due to several reasons, such as collisions, duplex mismatch, or a malfunctioning network adapter.
Option A is incorrect. CRC stands for Cycle Redundancy Check. When data is being sent to a destination, the sending devices calculate a value of the data, verified at the destination system. If these values don’t match, CRC errors occur.
Option B is incorrect. Giants are data packets larger than 64 bytes and can grow up to 9000 bytes in size.
Option C is correct. Runts are packets that are smaller than 64 bytes in size. They should never exist on the network. Some of the issues that can cause runts are bad network adapters or collisions.
Option D is incorrect. In data encapsulation, additional information is added to the header or trailers in a data packet. When encapsulation is performed, and if there is an error, it is known as encapsulation error.
Reference: To know more about humidity, please refer to the doc below:https://www.exfo.com/en/resources/glossary/runt-frame/
Domain : Network Operations
Q15 : Which of the following plans should be in place to authorize a router change on a network?
A. Business Continuity Plan
B. Disaster Recovery Plan
C. Incident Response Plan
D. Change Management Plan
Correct Answer: D
Explanation:
Changes can bring good or bad outcomes depending on what they are and how they are implemented. To control the ad hoc changes being implemented, a Change Management Plan is developed and adopted by an organization. It is used to authorize a change.
Option A is incorrect. A Business Continuity Plan is a capability that an organization develops to ensure that it can continue to function in a disaster. It is a document that needs to be ready before a disaster strikes.
Option B is incorrect. Disaster Recovery Plans are used to minimize the impact of a disaster. They need to be developed before the disaster strikes. It focuses on recovering the IT operations.
Option C is incorrect. An Incident Response Plan is used to define the procedures for handling a type of incident. The Incident Response Plan can include various types of incidents and the procedures to handle them.
Option D is correct. A Change Management Plan is a process of how changes are implemented in a network environment. Any change that needs to be implemented needs to be tested, approved, implemented, and documented.
Reference: To know more about Change Management Plan, please refer to the doc below:https://blog.bit.ai/change-management-plan/
Domain : Network Operations
Q16 : In a situation where a disaster strikes, you want to ensure the continuity of the IT operations. Which of the following plan should you use?
A. Business Continuity Plan
B. Disaster Recovery Plan
C. Incident Response Plan
D. Change Management Plan
Correct Answer: B
Explanation:
A Disaster Recovery Plan focuses on recovering the IT operations after a disaster strikes. It is part of the business continuity plan of an organization.
Option A is incorrect. A Business Continuity Plan is a capability that an organization develops to ensure that it can continue to function in a disaster. It is a document that needs to be ready before a disaster strikes.
Option B is correct. Disaster Recovery Plans are used to minimize the impact of a disaster. They need to be developed before the disaster strikes. It focuses on recovering the IT operations.
Option C is incorrect. An Incident Response Plan is used to define the procedures for handling a type of incident. The Incident Response Plan can include various types of incidents and the procedures to handle them.
Option D is incorrect. A Change Management Plan is a process of how changes are implemented in a network environment. Any change that needs to be implemented needs to be tested, approved, implemented, and documented.
Reference: To know more about the Disaster Recovery Plan, please refer to the doc below:http://www.differencebetween.net/business/difference-between-business-continuity-plan-and-disaster-recovery-plan/
Domain : Network Operations
Q17 : You want to define the process for account creation and resources accessible for the users who have joined the organization. Which of the following policy should you create?
A. Security Policy
B. Onboarding Policy
C. Acceptable Use Policy
D. Standard operating procedures
Correct Answer: B
Explanation:
A Security Policy defines how security should be implemented within an organization. It focuses on the network, data, and physical security.
Option A is incorrect. A Business Continuity Plan is a capability that an organization develops to ensure that it can continue to function in a disaster. It is a document that needs to be ready before a disaster strikes.
Option B is correct. An Onboarding Policy defines a consistent process for onboarding a new employee. Organizations usually define this process so that there is no issue in hiring new employees. For example, the employee needs a new network account, access to network resources, and training requirements. These are defined in the Onboarding Policy.
Option C is incorrect. An Acceptable Use Policy defines the dos and don’ts for the employees about the network, its devices, and services access. It defines the services allowed to be used and things that the employees should not do, such as accessing gambling Websites using the organization’s Internet connection.
Option D is incorrect. Standard Operating Procedures define the step-by-step instructions to perform a specific job.
Reference: To know more about Onboarding Policy, please refer to the doc below:https://kissflow.com/hr/employee-onboarding/employee-onboarding-guide/
Domain : Network Operations
Q18 : You manage a business that is heavily dependent on Internet connectivity. With recent multiple failures of Internet connectivity, you must use a new solution to ensure no downtime. Which of the following solution should you use?
A. Configure a hot site
B. Configure a cloud site
C. Configure two different connections with a single Internet Service Provider (ISP)
D. Configure Internet connectivity to two different ISPs
Correct Answer: D
Explanation:
The scenario has a requirement of preventing the downtime of Internet connectivity. Therefore, having Internet connectivity with two different ISPs should solve this problem. If one Internet connection from an ISP goes down, the second Internet should work as a backup. In short, you are configuring Internet connection redundancy.
Option A is incorrect. A hot site is built for business continuity that can immediately take over if the primary site goes down. However, having a hot site will be overkill in this situation as you will not shift to the hot site because an Internet connection fails.
Option B is correct. A cloud site has some of the redundant infrastructures of the primary site, which is your offsite or production site. However, the cloud site is used for redundancy purposes and does not serve well without Internet connectivity.
Option C is incorrect. Having two Internet connections from a single ISP provides partial redundancy and does not ensure full redundancy. If the ISP goes down, then you lose both the Internet connections.
Option D is incorrect. You should configure Internet connectivity from two ISPs. If one goes down, the other one should provide the backup connection.
Reference: To know more about diverse paths, please refer to the doc below:https://www.reddit.com/r/networking/comments/gj9n09/backup_internet_circuit_same_isp_as_primary_or/
Domain : Network Security
Q19 : You need to enable wireless access for the guests who visit your organization. You have a mandate to ensure that the guests cannot access the production wireless network, which should continue to run without modifications. They should also accept the Acceptable Use Policy (AUP) before granting access to the wireless network. Which of the following should meet your requirement?
A. Hide the SSID for the production wireless network and configure a captive portal for it
B. Create a new IP pool in the existing wireless network and restrict guests to them only
C. Create a separate wireless network and enable a captive portal
D. Enable captive portal for the production wireless network
Correct Answer: C
Explanation:
A captive portal is a web page displayed to the users before they are granted access to a wireless network. A captive portal usually contains an AUP that must be accepted before allowing access to the users.
Option A is incorrect as hiding the SSID and enabling a captive portal does not meet the requirement. The guest can discover the SSIDs. Configuring a captive portal will make modifications to the existing production wireless network.
Option B is incorrect as creating a new IP pool does not prevent the guests from connecting to the production wireless network.
Option C is correct as a new wireless network will segregate and prevent users from connecting to the main production wireless network. Enabling a captive portal will require the users to sign the AUP before they are granted access.
Option D is incorrect, as enabling a captive portal for the production network will require some modifications. Also, even though the guests and other users will be required to accept the AUP, it does not segregate the guest users from the production wireless network.
Reference: To know more about the captive portal, please refer to the doc below:https://en.wikipedia.org/wiki/Captive_portal#:~:text=A%20captive%20portal%20is%20a,broader%20access%20to%20network%20resources.&text=The%20captive%20portal%20is%20presented,server%20hosting%20the%20web%20page
Domain : Network Security
Q20 : An Internet-facing Linux server is being managed using Telnet by the network administrator. You want to ensure encrypted access to the server. Which protocol should you use instead?
A. RDP
B. SSH
C. SNMP
D. SMTP
Correct Answer: B
Explanation:
SSH is a protocol that uses encrypted channels to connect with the servers or systems that accept the SSH connection. It is a good replacement for Telnet that transfers information in cleartext.
Option A is incorrect as RDP is mainly used in the Windows environment.
Option B is correct as SSH uses encrypted channels for communication with the remote systems.
Option C is incorrect as SNMP is used for device monitoring in a network.
Option D is incorrect as SMTP is used for mail transfer.
Reference: To know more about the captive portal, please refer to the doc below:https://en.wikipedia.org/wiki/Secure_Shell
Domain : Network Security
Q21 : You need to implement a detective physical security control. Of the given choices, which of the following should you implement?
A. Firewall
B. CCTV Camera
C. Fences
D. Honeypot
Correct Answer: B
Explanation:
A detective control detects any unwanted event before it occurs. Physical control is physical in nature. The camera meets both criteria as it is physical in nature and detects people’s movement.
Option A is incorrect as a firewall is a preventive technical control. It prevents incidents from taking place and is a piece of technology.
Option B is correct as a camera detects the movements to ensure that no unauthorized individual can enter a specific location. It also captures actions, which means that it is detecting. However, it cannot prevent an incident from taking place.
Option C is incorrect as fences are preventive physical control. They prevent unauthorized individuals from entering a location.
Option D is incorrect as a honeypot captures the actions of an attacker and is technical in nature.
Reference: To know more about the physical detective control, please refer to the doc below:https://purplesec.us/security-controls/
Domain : Network Security
Q22 : If Remote Buffer Protocol (RBF) is being used while remotely connecting to a Linux system by sending raw pixel data, which of the following are you using?
A. VNC
B. RDP
C. SSH
D. HTTPS
Correct Answer: A
Explanation:
Virtual Network Computing (VNC) uses RBF for connecting to the remote system. It provides a similar experience to the RDP protocol that is used in the Windows environment. It sends the raw pixel data for graphics to be formulated on the remote system.
Option A is correct as VNC uses RBF to connect to the remote system and formulate graphics.
Option B is incorrect as RDP is mainly used in the Windows environment and does not use RBF. It uses graphic primitives.
Option C is incorrect as SSH connects only through the terminal window and does not send raw pixel data.
Option D is incorrect as HTTPS is not used for remote connections. It is mainly used for secure Web browsing.
Reference: To know more about Virtual Network Computing (VNC), please refer to the doc below:http://web.mit.edu/cdsdev/src/howitworks.html
Domain : Network Security
Q23 : You want to be able to troubleshoot an issue with a remote Linux server. However, the network does not allow incoming remote connections. Which of the following methods should be used to troubleshoot this issue?
A. VPN
B. RDP
C. SSH
D. SNMP
Correct Answer: A
Explanation:
In this case, the most suitable choice is VPN, Virtual Private Network. After connecting with the network, you can use SSH to connect with the Linux server. Once you establish the connectivity with the remote network, you can troubleshoot the issue with the server.
Option A is correct as VPN is used for remotely connecting with the networks. After the connection is established, the user can access the network services based on the permissions granted. In this scenario, after you connect to the remote network, you can use SSH to connect with the Linux server.
Option B is incorrect as RDP is mainly used in the Windows environment. Also, the network does not allow incoming remote connections.
Option C is incorrect as the SSH connection cannot be used directly with the Linux server as the network does not allow incoming remote connections.
Option D is incorrect as SNMP is mainly used for device monitoring on a network.
Reference: To know more about Virtual Network Computing (VNC), please refer to the doc below:https://www.cisco.com/c/en_in/products/security/vpn-endpoint-security-clients/what-is-vpn.html
Domain : Network Security
Q24 : You manage a Windows network that has locked down clients. Users cannot install anything on their systems as they are hardened using a baseline. Based on a requirement, a user needs to connect to a remote VPN server. Which of the following methods would be most appropriate?
A. Split-tunnel VPN
B. Full tunnel VPN
C. Client-less VPN
D. RDP Gateway
Correct Answer: C
Explanation: In this case,
Option A is incorrect as for split-tunnel VPN. You need to use a client. In the split-tunnel, the client is connected to the VPN server and can use the Internet as well.
Option B is incorrect as a full tunnel VPN connects to the VPN server, and then the client’s traffic is routed through the VPN connection.
Option C is correct as a client-less VPN does not require a VPN client to be installed. The users can use an HTTPS-enabled Web browser to connect to the VPN server.
Option D is incorrect as RDP Gateway does not use VPN. It can directly connect to the system remotely.
Reference: To know more about client-less VPN, please refer to the doc below:https://www.cisco.com/c/en_in/products/security/vpn-endpoint-security-clients/what-is-vpn.html
Domain : Network Troubleshooting
Q25 : When identifying a technical problem in a user’s system, which of the following tasks are you likely to perform to identify the problem?
A. Duplicate the problem
B. Question the obvious
C. Test a theory
D. Establish a plan of action
Correct Answer: A
Explanation:
In identifying the problem, multiple tasks need to be performed. These tasks gather information, question users, identify symptoms, determine if anything has changed, duplicate the problem, if possible, and approach multiple problems individually.
Option A is correct as you need to duplicate the problem to identify the problem step.
Option B is incorrect as the obvious task is performed in establishing a theory of probable cause step.
Option C is incorrect as testing a theory task is performed to test the theory to determine the cause step.
Option D is incorrect as establishing a plan of action is an independent step that occurs after testing the theory step.
Reference: To know more about troubleshooting steps, please refer to the doc below:https://www.dummies.com/programming/certification/comptia-troubleshooting-process-certification-exams/
Summary
By trying these free questions on CompTIA Network+ certification, you became very familiar with the core concepts of CompTIA Network+ certification. You can become more confident by trying the CompTIA Network practice tests which are available on our official whizlabs webpage.
Once you are able to identify your skill gaps through CompTIA mock tests, re-learn through video courses and keep practicing until you are fully confident to take up the actual exam. Keep learning !
- Top 10 Highest Paying Cloud Certifications in 2024 - March 1, 2023
- 12 AWS Certifications – Which One Should I Choose? - February 22, 2023
- 11 Kubernetes Security Best Practices you should follow in 2024 - May 30, 2022
- How to run Kubernetes on AWS – A detailed Guide! - May 30, 2022
- Free questions on CompTIA Network+ (N10-008) Certification Exam - April 13, 2022
- 30 Free Questions on Microsoft Azure AI Fundamentals (AI-900) - March 25, 2022
- How to Integrate Jenkins with GitHub? - March 22, 2022
- How to Create CI/CD Pipeline Inside Jenkins ? - March 22, 2022