CompTIA N10-009 - CompTIA Network+ Certification Exam

To support VoIP on a network with limited switchports, the engineer should configure voice VLANs and enable 802.1Q tagging. Voice VLANs allow VoIP traffic to be prioritized and isolated from data traffic even when sharing the same physical port. 802.1Q is used for VLAN tagging, enabling multiple VLANs over a single physical link.

From Andrew Ramdayal’s guide:

“Voice VLANs allow IP phones and computers to share the same physical switch port while keeping their traffic separate. 802.1Q is used to tag VLAN traffic so that it can be appropriately routed and prioritized.”

Introduction to Administrative Distance

Administrative distance (AD) is a value used by routers to rank routes from different routing protocols. AD represents the trustworthiness of the source of the route. Lower AD values are more preferred. If a router has multiple routes to a destination from different sources, it will choose the route with the lowest AD.

Static Routes and Backup Routes

When a dynamic routing protocol is not used, static routes can be employed. Static routes are manually configured routes. To ensure a backup route, multiple static routes to the same destination can be configured with different AD values.

Configuring Static Routes with Administrative Distance

The primary route is configured with a lower AD value, making it the preferred route. The backup route is configured with a higher AD value. In the event of the primary route failure, the router will then use the backup route.

Example Configuration:

plaintext

Copy code

ip route 192.168.1.0 255.255.255.0 10.0.0.1 1

ip route 192.168.1.0 255.255.255.0 10.0.0.2 10

In the above example, 192.168.1.0/24 is the destination network.

10.0.0.1 is the next-hop IP address for the primary route with an AD of 1.

10.0.0.2 is the next-hop IP address for the backup route with an AD of 10.

Verification:

After configuration, use the show ip route command to verify that the primary route is in use and the backup route is listed as a candidate for use if the primary route fails.

This is an example of Multi-Factor Authentication (MFA) because it requires:

Something you know (username/password)

Something you have (a phone-generated passcode)

Breakdown of Options:

A. SSO (Single Sign-On) – Allows one login for multiple services, but does not add a second authentication factor.

B. LDAP (Lightweight Directory Access Protocol) – Used for directory authentication, not MFA.

C. MFA (Multi-Factor Authentication) – ✅ Correct answer. Uses multiple authentication factors for better security.

D. SAML (Security Assertion Markup Language) – Used for federated identity management, not multi-factor authentication.

An IDS (Intrusion Detection System) is deployed out-of-band, meaning it passively monitors network traffic using a SPAN/mirror port or network tap. It detects and analyzes suspicious traffic without introducing latency since it does not sit in-line.

A. IPS (Intrusion Prevention System) is in-line and can block traffic but may add latency.

C. Load balancer distributes traffic across servers for performance and redundancy, not for threat detection.

D. Firewall filters traffic at the perimeter or internally; it can affect latency but does not provide the same in-depth attack analysis.

References (CompTIA Network+ N10-009):

Domain: Network Security — IDS vs. IPS, in-band vs. out-of-band monitoring, passive detection methods.

Microwaves are known to interfere with the 2.4GHz frequency, which is the same frequency used by many wireless networks. This can cause signal degradation and intermittent connectivity issues, especially if the WAP is placed near such devices.

=================

EIGRP(Enhanced Interior Gateway Routing Protocol) supports bothIPv4 and IPv6. While OSPFv3 is specific to IPv6 and RIPv2 only supports IPv4, EIGRP was extended to handle dual-stack environments efficiently.

The best answer is SNMP (Simple Network Management Protocol). SNMP enables monitoring of network devices (routers, switches, firewalls, servers) and provides performance data such as CPU usage, bandwidth utilization, and interface status. In this scenario, if SNMP monitoring had been in place, administrators would have received alerts that the router was overutilized before customers noticed outages.

A. Packet capture (e.g., Wireshark) is useful for deep troubleshooting but is reactive, not proactive, and not scalable for continuous monitoring.

C. Syslog collects log messages but generally does not provide proactive resource utilization metrics. It is complementary but not the best fit for this problem.

D. SIEM aggregates logs and security events for analysis, but the primary requirement here is performance and availability monitoring.

By implementing SNMP monitoring (and potentially integrating it with a network monitoring tool such as Nagios, PRTG, or SolarWinds), the organization can track utilization trends, set thresholds, and automatically generate alerts, thereby preventing downtime from going unnoticed.

References (CompTIA Network+ N10-009):

Domain: Network Operations — SNMP monitoring, proactive network performance management.

A content filter blocks access to specific websites based on category, URL, or keywords. This is the best solution to restrict gambling websites.

Breakdown of Options:

A. ACLs – Control network access, not specific web content.

B. Content filter – ✅ Correct answer. Used to block access to unwanted websites.

C. Port security – Prevents unauthorized device connections, not web traffic filtering.

D. Screened subnet – A DMZ isolates public-facing servers, not user restrictions.

Definition of RPO:

Recovery Point Objective (RPO) is a disaster recovery metric that describes the maximum acceptable amount of data loss measured in time. It indicates the point in time to which data must be recovered to resume normal operations after a disaster.

For example, if the RPO is set to 24 hours, then the business could tolerate losing up to 24 hours' worth of data in the event of a disruption.

Why RPO is Important:

RPO is critical for determining backup frequency and helps businesses decide how often they need to back up their data. A lower RPO means more frequent backups and less potential data loss.

Comparison with Other Metrics:

MTTR (Mean Time to Repair): Refers to the average time required to repair a system or component and return it to normal operation.

RTO (Recovery Time Objective): The maximum acceptable length of time that a computer, system, network, or application can be down after a failure or disaster occurs.

MTBF (Mean Time Between Failures): The predicted elapsed time between inherent failures of a system during operation.

How RPO is Used in Disaster Recovery:

Organizations establish RPOs to ensure that they can recover data within a timeframe that is acceptable to business operations. This involves creating a backup plan that meets the RPO requirements.