CompTIA Network+ Practice Test (N10-009)

The correct answer is Cold site. A cold site supplies an empty but prepared facility with essential utilities (power, HVAC, cabling) where an organization can bring in its own equipment after a disaster. Because no servers, applications, or synchronized data are ready beforehand, significant time is required to install hardware, restore backups, and resume normal operations. Hot sites and warm sites already contain at least some operational hardware and more current data, enabling faster recovery, while cloud-based DR solutions typically host virtualized resources that can be brought online more quickly than a cold site.

The observed fluctuations in signal strength depicted by the Wi-Fi analyzer are most likely due to interference. Interference can be caused by numerous factors such as other wireless signals, electronic devices, or even physical barriers that disrupt or weaken the wireless signal. Choosing a less crowded channel or relocating the wireless access points can often reduce such interference. Incorrect answers include 'Faulty network card,' which would likely cause persistent, not fluctuating issues, and 'Inactive wireless SSID,' which would result in no connectivity rather than fluctuating signals. 'Exceeding bandwidth capacity' causes slow performance but does not cause signal strength fluctuations.

Class D is used exclusively for multicast communications. Class A, B, and C are primarily used for unicast addresses which represent single network interfaces, making them unsuitable for multicast purposes. Class E addresses are reserved for experimental purposes, also not intended for general multicast traffic.

ARP poisoning is performed by repeatedly sending forged ARP replies that bind the attacker's MAC address to the IP address of another device (commonly the gateway). Once the false mapping is cached, frames destined for that IP are delivered to the attacker, who can forward, modify, or drop them-creating a man-in-the-middle condition. MAC flooding (CAM-table overflow) overwhelms a switch with bogus MAC entries, encryption protects data rather than redirects it, and port-security configurations restrict device access; none of these describe how ARP poisoning functions.

The correct configuration to ensure a specific device always receives the same IP address is to use reservations. DHCP reservations bind a specific IP address to the MAC address of a device, guaranteeing that this device receives the same IP address each time it connects to the network. In contrast, exclusions are used to prevent certain IP addresses from being assigned from a scope; scope defines the entire range of possible IP addresses that can be assigned to devices; and lease time determines how long a device holds an IP address before it must renew its DHCP configuration.

A router's primary purpose at the network layer is to determine the best path for data packets to travel from one network to another based on the destination IP address. This involves examining each packet's header, determining where to send it next, and forwarding it toward its destination. Routers create routing tables that list routes to various network destinations and use protocols such as OSPF or EIGRP to dynamically exchange route information with other routers, adapting to changes in the network. While connecting different network segments, assigning IP addresses, or acting as a DHCP server might be functions associated with routers or other devices, these are not its primary roles at the network layer.

The MX (Mail Exchange) record is used in DNS to specify the mail servers responsible for receiving email messages on behalf of a domain. This record is essential for directing email traffic correctly to the organization's mail servers. The A record links a domain to an IP address for general queries but is not specific for mail servers. The CNAME record creates an alias for another domain name, not specifically used for mail servers. Lastly, the TXT record is used for providing arbitrary text about a host, commonly for security data like SPF or DKIM, not for mail server specification.

An SVI must be configured for each VLAN to enable routing between them. This requires assigning an IP address to each SVI that acts as the default gateway for the VLAN associated with it. Configuring an IP helper address, while useful for forwarding DHCP requests across networks, isn't specifically for routing between VLANs. Assigning an IP address to each physical interface or setting a native VLAN on a trunk link does not enable inter-VLAN routing.

Optical fiber cable is the best choice for this environment because it transmits data using pulses of light, making it completely immune to electromagnetic interference (EMI) and radio frequency interference (RFI). Unshielded Twisted Pair (UTP) is highly susceptible to EMI. While Coaxial and Shielded Twisted Pair (STP) offer more protection against EMI than UTP, they are still copper-based and not fully immune. Therefore, optical fiber provides the most reliable performance in high-EMI environments.

Accurate cable maps are crucial for efficient troubleshooting and management of the network. They assist in quick identification of connection points and paths, thereby reducing downtime and simplifying maintenance tasks. Incorrect maps can lead to confusion, increased troubleshooting times, and potential errors during network upgrades or repairs.

A directional antenna focuses radio-frequency energy into a narrower beam (higher gain), so more of the transmitted power is delivered in the desired direction. This increases usable range and helps reduce the impact of interference coming from, or leaking to, other directions. An omnidirectional antenna spreads its energy in all horizontal directions (roughly 360 °), providing broad area coverage but at a lower gain per direction.

802.11h addresses Dynamic Frequency Selection (DFS) and Transmit Power Control (TPC), which are crucial for minimizing interference and managing signal power in networks operating in the 5GHz band to comply with regulatory requirements. DFS allows devices to detect radar signals and switch to another channel if interference is detected, while TPC helps in adjusting the transmit power to the minimum needed to reach the intended receiver. This management aids in reducing interference with other devices and networks.

BGP is primarily used to manage how packets are routed across the Internet through the exchange of routing and reachability information among edge routers. This protocol enables ASs (autonomous systems) to determine the best route paths for inter-domain traffic, which enhances the efficiency and stability of the network. The incorrect answers mention concepts not directly related to the core functionality of BGP.

Attenuation refers to the loss of signal strength over distance, which is common in various networking scenarios-especially when long cable runs are involved. Recognizing attenuation allows technicians to identify when repeaters, higher-grade cabling, or shorter cable runs are needed, while ruling out other issues such as interference, collisions, or echo that have different causes and solutions.

The command show config is used specifically to display the current configuration of a network device, making it the correct choice for verifying changes. This command outputs the entire or parts of the current running configuration, which is essential in auditing and troubleshooting practices. Alternatives like show interface or show mac-address-table target specific data that, while useful for other troubleshooting aspects, do not provide comprehensive configuration details necessary for verifying entire device settings.

In situations where a server that provides name lookups is set to pass queries to other name servers, issues can arise if it cannot reach these external servers due to incorrect network configurations, such as improperly set firewall rules. These servers attempt to obtain name resolution from up-chain servers, and if isolated by network barriers, clients will experience domain lookup failures. Incorrect answers include: Disabling cache impacts performance by not storing lookup results, but doesn't inherently prevent lookups; issues caused by a rogue configuration protocol server affect network addressing, not name querying directly; enabling security extensions secures query responses and does not generally block outgoing queries unless misconfigured.

Network Functions Virtualization (NFV) is the correct answer because it provides the ability to manage network functions like VPNs and intrusion prevention systems as virtual services rather than through physical hardware. This technology directly addresses the need for scalability and reduction in operational expenses by allowing for the dynamic deployment and management of virtual network services. While SDN facilitates centralized management and efficiency, and MPLS optimizes data flow across the network, neither provides the functionality to virtualize network services in the manner that NFV does.

Version-control repositories such as Git store each revision of configuration files, record who made the change and when, and support branching, merging, and rollbacks. This collaborative history prevents accidental overwrites and provides an auditable trail-capabilities the other choices do not offer.

A Reverse lookup zone is responsible for mapping IP addresses to their corresponding domain names, which is the opposite of a forward lookup zone that maps domain names to IP addresses. This functionality is critical for various network tasks, including network troubleshooting, logging, and verifying the authenticity of email servers to help filter spam.

Multifactor authentication (MFA) is the correct choice because it requires two or more independent authentication factors. In this case, combining something the user knows (such as a password) with something the user has (such as a hardware token or a mobile device receiving a code) satisfies the MFA definition. Single-factor authentication uses only one factor, making it less secure. Biometric authentication typically involves only something the user is (such as a fingerprint) unless combined with an additional factor. Using a hardware token alone is still single-factor because it relies solely on something the user has.