N10-009 Free Practice Test

- (Topic 3)
An engineer is using a tool to run an ICMP sweep of a network to find devices that are online. When reviewing the results, the engineer notices a number of workstations that are currently verified as being online are not listed in the report.
The tool was configured to scan using the following information: Network address: 172.28.16.0
CIDR: /22
The engineer collected the following information from the client workstation: IP address: 172.28.17.206
Subnet mask: 255.255.252.0
Which of the following MOST likely explains why the tool is failing to detect some workstations?

1. A. The scanned network range is incorrect.
2. B. The subnet mask on the client is misconfigured.
3. C. The workstation has a firewall enabled.
4. D. The tool is unable to scan remote networks.

Correct Answer: C
A firewall is a device or software that filters and controls the incoming and outgoing network traffic based on predefined rules. A firewall can block ICMP packets, which are used for ping and other diagnostic tools. If the workstation has a firewall enabled, it may not respond to the ICMP sweep and appear as offline. The engineer should check the firewall settings on the workstation and allow ICMP traffic if needed.
References: Network+ Study Guide Objective 4.1: Given a scenario, use the appropriate tool.

- (Topic 3)
A network administrator received reports that a 40Gb connection is saturated. The only server the administrator can use for data collection in that location has a 10Gb connection to the network. Which of the following is the best method to use on the server to determine the source of the saturation?

1. A. Port mirroring
2. B. Log aggregation
3. C. Flow data
4. D. Packet capture

Correct Answer: C
Flow data is a summary of network traffic that can be used to monitor and analyze network performance, utilization, and security. Flow data can provide information such as source and destination IP addresses, ports, protocols, bytes, packets, and timestamps. Flow data can be collected using protocols such as NetFlow, sFlow, or IPFIX. Flow data can help identify the source of network saturation without requiring a full packet capture, which would be impractical on a 40Gb connection with a 10Gb server.
References:
✑ CompTIA Network+ N10-008 Certification Exam Objectives, page 51
✑ CompTIA Network+ N10-008 Cert Guide, Chapter 11: Switching Technologies2

- (Topic 3)
Which of the following is most likely to have the HIGHEST latency while being the most accessible?

1. A. Satellite
2. B. DSL
3. C. Cable
4. D. 4G

Correct Answer: A

- (Topic 3)
Which of the following is conducted frequently to maintain an updated list of a system's weaknesses?

1. A. Penetration test
2. B. Posture assessment
3. C. Risk assessment
4. D. Vulnerability scan

Correct Answer: D

- (Topic 3)
A security team updated a web server to require https:// in the URL. Although the IP address did not change, users report being unable to reach the site. Which of the following should the security team do to allow users to reach the server again?

1. A. Configure the switch port with the correct VLAN.
2. B. Configure inbound firewall rules to allow traffic to port 443.
3. C. Configure the router to include the subnet of the server.
4. D. Configure the server with a default route.

Correct Answer: B
One possible reason why users are unable to reach the site after the security team updated the web server to require https:// in the URL is that the firewall rules are blocking the traffic to port 443. Port 443 is the default port for HTTPS, which is the protocol that encrypts and secures the web communication. If the firewall rules do not allow inbound traffic to port 443, then users will not be able to access the web server using HTTPS12.
To troubleshoot this issue, the security team should configure inbound firewall rules to allow traffic to port 443. This can be done by using the firewall-cmd command on RHEL 8.2, which is a tool that manages firewalld, the default firewall service on RHEL. The command to add a rule to allow traffic to port 443 is:
firewall-cmd --permanent --add-port=443/tcp
The --permanent option makes the rule persistent across reboots, and the --add-port option specifies the port number and protocol (TCP) to allow. After adding the rule, the security
team should reload the firewalld service to apply the changes: firewall-cmd --reload
The security team can verify that the rule is active by using this command:
firewall-cmd --list-ports
The output should show 443/tcp among the ports that are allowed34.
The other options are not relevant to troubleshooting this issue. Configuring the switch port with the correct VLAN may help with network segmentation or isolation, but it will not affect the HTTPS protocol or port. Configuring the router to include the subnet of the server may help with network routing or connectivity, but it will not enable HTTPS communication. Configuring the server with a default route may help with network access or reachability, but it will not allow HTTPS traffic.