CompTIA Network+ Practice Test (N10-009)

In network monitoring, 'Scheduled' refers to the predefined planning and execution of network monitoring tasks at regular intervals. This systematic approach ensures consistent and proactive checks on network performance and health, such as traffic analysis or performance monitoring, essential for maintaining optimal network operations. Scheduled tasks are typically automated to occur at regular intervals, separating them from ad hoc tasks which are performed as needed. This distinction is key in network management, ensuring a balanced and well-maintained IT infrastructure.

While a cable tester can effectively detect electrical problems, such as discontinuities, shorts, or miswirings (crossed or reversed wires), it cannot directly determine signal degradation issues like attenuation or interference. These types of problems require more advanced analysis typically provided by a network analyzer, which can measure the quality of signal transmission and identify disturbances or signal loss over a network cable.

Open Shortest Path First (OSPF) is the best choice for an enterprise network spanning multiple geographic locations due to its support for large and complex topologies and its vendor-neutral specification, which ensures interoperability among different vendors' equipment. While EIGRP also supports large networks, it is less ideal in environments that require vendor interoperability since it is Cisco proprietary, potentially limiting its use with equipment from other vendors. BGP is generally used for Internet routing between autonomous systems rather than internal enterprise networks, and RIP's limitations in scalability make it unsuitable for large networks.

Central policy management allows for the centralized control and enforcement of policies within a software-defined network, streamlining configuration and compliance across the network. This enables administrators to apply policies from a single point, enhancing consistency and ease of management. The incorrect options are related network functions or strategies, but they do not define the role of central policy management in SDNs.

A self-signed certificate is primarily used to validate identity and enable encrypted connections without relying on external Certificate Authorities (CAs). Because it is generated and signed by the same organization or individual that uses it, a self-signed certificate is well suited for internal environments or testing scenarios where trust is already established. In public-facing situations, however, these certificates are less reliable because no third-party has verified the certificate holder's identity.

Single-mode fiber is the most suitable choice for this scenario because it provides a higher transmission rate and can cover long distances (beyond 100 meters) without signal degradation. Multimode fiber also supports high data rates but is typically used for shorter distances, such as connecting multiple adjacent racks in a datacenter. CAT5e and CAT6 cables are not feasible for lengths exceeding 100 meters as signal quality can degrade, especially at high data rates.

An IDS is typically positioned out of band to passively monitor network traffic. It analyzes traffic copies and sends alerts when suspicious activity is detected but does not actively block packets. An IPS, by contrast, is placed inline and can automatically take preventive actions-such as dropping or rejecting malicious packets-to stop the threat in real time. Therefore, the only statement that correctly distinguishes these roles is the option describing an IDS as passive (alert-only) and an IPS as active (blocking).

Private network addresses, as defined by RFC 1918, are used for internal networks and are not routable on the public internet. Assigning these addresses ensures the servers are isolated from direct external connections, enhancing security. Public network addresses are globally routable and would expose the servers to the internet. APIPA addresses are used as a fallback when a DHCP server is unavailable and are not suitable for a planned data center configuration. The term "Externally routable RFC 1918 addresses" is a contradiction, as these address ranges are specifically designated as non-routable on the global internet.

Single-mode fiber optic cable is ideal for long-distance communications, supporting distances over 10 kilometers with high bandwidth and minimal signal loss. Multimode fiber optic cable is designed for shorter distances, typically up to 2 kilometers, due to modal dispersion. Category 6 twisted pair cable and coaxial cable are also limited in distance and bandwidth compared to single-mode fiber, making them unsuitable for a 10-kilometer connection.

Channel width in wireless networking determines the range of frequencies that a wireless signal uses on a specific channel. A wider channel width allows for more data to be transmitted simultaneously, increasing throughput but potentially increasing interference with other channels if not managed properly. This concept is fundamental in optimizing the performance of wireless networks.

The correct answer specifies a specific range of IP addresses from 169.254.0.1 to 169.254.255.254, which are designated for automatic assignment by the host in the event that DHCP server communication is unsuccessful. This range is within the 169.254.0.0/16 subnet, reserved specifically for this purpose by networking standards to prevent IP conflicts with addresses assigned elsewhere.

This scenario describes a tabletop exercise, which is a discussion-based session where team members meet to discuss their roles and walk through the steps of a disaster recovery plan in response to a simulated event. It does not involve physical relocation or actual system recovery. A full-scale exercise would involve a hands-on, physical run-through. A hot site cutover is the actual process of switching to a live backup site. RPO (Recovery Point Objective) is a metric that defines the acceptable amount of data loss, not a type of exercise.

The primary purpose of the ping command is to test the reachability of a host on an IP network and measure the round-trip time for messages sent from the originating host to a destination computer. This is crucial for initially diagnosing connectivity issues. Answers involving speed testing or direct problem resolution are incorrect because ping does not measure network speed in terms of throughput and cannot resolve the problems itself; it merely checks connectivity and latency.

Port security is a layer 2 traffic control feature used mainly to limit the number of MAC addresses allowed on a single port. This prevents unauthorized devices from accessing the network and mitigates risks like MAC flooding. Limiting bandwidth does not relate directly to security, and monitoring traffic patterns and transmitting data securely are functions more closely associated with network monitors and encryption protocols, respectively.

Zero-touch provisioning (ZTP) enables network devices to be configured and deployed automatically without manual intervention, which reduces deployment time and potential human errors. It is particularly useful for scenarios involving multiple device deployments across various locations. While DHCP automates IP address assignment, it does not handle the full device-specific configurations, though it is often a component of the ZTP process. SNMP is predominantly used for network management and monitoring, not for initial device deployment. Manual configuration would be time-consuming and prone to errors, making it unsuitable for rapid, large-scale deployments.