CERTMASTER COMPTIA NETWORK CERTIFIED QUALITY EXAM
ACTUAL 2025/26 FINAL ASSESSMENT WITH VERIFIED
QUESTIONS AND 100% ACCURATE ANSWERS.
MFA is an authentication system that requires the user to submit
at least two separate element - --ANSWERS---A team of
network consultants is configuring an Internet of Things (iot)
network. The team is considering network topologies in the
context of the iot devices being used, which are all within 100
meters of one another, are battery-powered, and communicate
via the Zigbee protocol. Recommend a network topology that will
save power, scale easily to thousands of iot sensor devices while
saving power by cooperating with nearby devices.
Mesh
Star
Bus
Ring
Mesh networks provide excellent redundancy, because other
routes, via intermediary devices, are available between locations
if a link failure occurs.
In a star topology, each endpoint node is connected to a central
forwarding node, such as a hub, switch, or router. The central
node mediates communications between the endpoints.
A physical bus topology is a shared access topology, meaning
that all nodes share the bandwidth of the media. All nodes attach
directly to a single cable segment via cable taps.
In a physical ring topology, each node is wired to its neighbor in a
closed loop. A node receives a transmission from its upstream
neighbor and passes it to its downstream neighbor until the
transmission reaches its intended destination
How can an ipv4 host send packets to all addresses in a
particular subnet?
,Using a unicast packet, addressed to the IP address of the
destination host
Send packets to the closest node in a group
By sending a packet to the network or subnet's last possible IP
address according to the last octet
Sending packets to subscribed nodes
A broadcast address is used to send packets to groups of
addresses that share a broadcast domain. This groups together
devices on the same switch, or on the same VLAN.
Unicast packets are addressed to a single receiving IP. They are
received by the target only.
Anycast addressing routes packets to the closest node in a
target group, balancing load, and improving failover. Anycasting
provides routing efficiency.
Multicast addressing allows a list of addresses in a predefined
range to join a multicast group and receive packets targeted at
that multiclass group. - --ANSWERS---PBQ 2
The WAN gateway is connected directly to the Internet through
its WAN port. The home access point (AP) connects directly to
the gateways LAN1 port via the home aps WAN port. Per the
client's request, the technician will start subnetting at x.x.x.1 with
the WAN gateway and home AP. The WAN gateway does not
require a static route or forwarding, and the technician must
enable the DHCP to allow the gateway to obtain IP addresses
from the ISP. However, the technician should set the WAN
gateway with a static IP with 0 as the fourth octet.
The technician will configure the home AP mostly as is usual for
a home setup, with DHCP enabled. A static IP will be configured
for the home router in the x.x.x.1 subnet starting at x.x.1.1 for the
router. Static routing is not required, but it should forward traffic
to the server. VLAN2, representing the office network, will be
configured to the unused LAN4 port, which will connect directly
,to the WAN port of the office router. The office router will share a
subnet with the home AP, with DHCP disabled and a static route
set directly to the home AP for address resolution. A static IP
will have to be configured on the office router for this, as well.
The technician should place the office server in the DMZ of the
x.x.x.2 subnet to allow home devices in and while still
maintaining invisibility of home devices to the office devices. The
office router will forward traffic through to the home AP. The
office server will then serve as the domain controller for the
wired office network.
A security analyst is looking at attacks against unencrypted
Neighbor Discovery (ND) protocol. What is the attacker most
likely trying to accomplish?
ARP cache poisoning
VLAN hopping
Evil twin
Layer 2 spoofing
While ipv6 does not use ARP, it is also vulnerable to layer 2
spoofing if the unencrypted Neighbor Discovery (ND) protocol is
used.
ARP spoofing, or ARP cache poisoning, is a common means of
perpetrating an on-path attack. ARP has no security, all devices
are in the same broadcast domain as the rogue host trust
communications.
VLAN hopping is an attack designed to send traffic to a VLAN
other than the one the host system is in. This exploits the native
VLAN feature of 802.1Q.
A rogue AP masquerading as a legitimate one is called an evil
twin. An evil twin might advertise a similar network name (SSID)
to the legitimate one. - --ANSWERS---A network engineer has
configured a network with a tiered mesh topology with multiple
redundant links, causing an entire switch segment to become
, unusable until being reset. What layer 2 protocol packages data
into bridge protocol data unit (BPDU) multicast frames and
routes based on a ranked hierarchy of switches in order to
prevent loops?
Neighbor Discovery Protocol (NDP)
Spanning Tree Protocol (STP)
Address Resolution Protocol (ARP)
Routing information protocol (RIP)
The spanning tree protocol (STP) allows bridges or switches to
organize themselves into a hierarchy. Each switch determines
the shortest path to the root bridge by exchanging information
with other switches. STP information is packaged as bridge
protocol data unit (BPDU) multicast frames.
The Neighbor Discovery (ND) protocol performs some of the
functions on an ipv6 network that ARP and ICMP perform under
ipv4, such as address autoconfiguration, redirection, prefix
discovery, and local address resolution.
The TCP/IP suite includes the Address Resolution Protocol (ARP)
to perform the task of resolving an IP address to a hardware
address.
The Routing Information Protocol (RIP) is a distance vector
routing protocol. It operates on the application layer, not the data
link layer
A network engineer is troubleshooting a packet loss issue on a
small corporate Internet of Things (iot) network. The issue began
occurring after a legacy device was added to the network, and
the engineer has noted that the MTU size on the router is less
than the default 1500, at 750 MTU. Propose a likely cause of the
packet loss by the legacy device.
The legacy device is not compatible with the networks routing
protocols
The legacy device is too many hops displaced from the router
ACTUAL 2025/26 FINAL ASSESSMENT WITH VERIFIED
QUESTIONS AND 100% ACCURATE ANSWERS.
MFA is an authentication system that requires the user to submit
at least two separate element - --ANSWERS---A team of
network consultants is configuring an Internet of Things (iot)
network. The team is considering network topologies in the
context of the iot devices being used, which are all within 100
meters of one another, are battery-powered, and communicate
via the Zigbee protocol. Recommend a network topology that will
save power, scale easily to thousands of iot sensor devices while
saving power by cooperating with nearby devices.
Mesh
Star
Bus
Ring
Mesh networks provide excellent redundancy, because other
routes, via intermediary devices, are available between locations
if a link failure occurs.
In a star topology, each endpoint node is connected to a central
forwarding node, such as a hub, switch, or router. The central
node mediates communications between the endpoints.
A physical bus topology is a shared access topology, meaning
that all nodes share the bandwidth of the media. All nodes attach
directly to a single cable segment via cable taps.
In a physical ring topology, each node is wired to its neighbor in a
closed loop. A node receives a transmission from its upstream
neighbor and passes it to its downstream neighbor until the
transmission reaches its intended destination
How can an ipv4 host send packets to all addresses in a
particular subnet?
,Using a unicast packet, addressed to the IP address of the
destination host
Send packets to the closest node in a group
By sending a packet to the network or subnet's last possible IP
address according to the last octet
Sending packets to subscribed nodes
A broadcast address is used to send packets to groups of
addresses that share a broadcast domain. This groups together
devices on the same switch, or on the same VLAN.
Unicast packets are addressed to a single receiving IP. They are
received by the target only.
Anycast addressing routes packets to the closest node in a
target group, balancing load, and improving failover. Anycasting
provides routing efficiency.
Multicast addressing allows a list of addresses in a predefined
range to join a multicast group and receive packets targeted at
that multiclass group. - --ANSWERS---PBQ 2
The WAN gateway is connected directly to the Internet through
its WAN port. The home access point (AP) connects directly to
the gateways LAN1 port via the home aps WAN port. Per the
client's request, the technician will start subnetting at x.x.x.1 with
the WAN gateway and home AP. The WAN gateway does not
require a static route or forwarding, and the technician must
enable the DHCP to allow the gateway to obtain IP addresses
from the ISP. However, the technician should set the WAN
gateway with a static IP with 0 as the fourth octet.
The technician will configure the home AP mostly as is usual for
a home setup, with DHCP enabled. A static IP will be configured
for the home router in the x.x.x.1 subnet starting at x.x.1.1 for the
router. Static routing is not required, but it should forward traffic
to the server. VLAN2, representing the office network, will be
configured to the unused LAN4 port, which will connect directly
,to the WAN port of the office router. The office router will share a
subnet with the home AP, with DHCP disabled and a static route
set directly to the home AP for address resolution. A static IP
will have to be configured on the office router for this, as well.
The technician should place the office server in the DMZ of the
x.x.x.2 subnet to allow home devices in and while still
maintaining invisibility of home devices to the office devices. The
office router will forward traffic through to the home AP. The
office server will then serve as the domain controller for the
wired office network.
A security analyst is looking at attacks against unencrypted
Neighbor Discovery (ND) protocol. What is the attacker most
likely trying to accomplish?
ARP cache poisoning
VLAN hopping
Evil twin
Layer 2 spoofing
While ipv6 does not use ARP, it is also vulnerable to layer 2
spoofing if the unencrypted Neighbor Discovery (ND) protocol is
used.
ARP spoofing, or ARP cache poisoning, is a common means of
perpetrating an on-path attack. ARP has no security, all devices
are in the same broadcast domain as the rogue host trust
communications.
VLAN hopping is an attack designed to send traffic to a VLAN
other than the one the host system is in. This exploits the native
VLAN feature of 802.1Q.
A rogue AP masquerading as a legitimate one is called an evil
twin. An evil twin might advertise a similar network name (SSID)
to the legitimate one. - --ANSWERS---A network engineer has
configured a network with a tiered mesh topology with multiple
redundant links, causing an entire switch segment to become
, unusable until being reset. What layer 2 protocol packages data
into bridge protocol data unit (BPDU) multicast frames and
routes based on a ranked hierarchy of switches in order to
prevent loops?
Neighbor Discovery Protocol (NDP)
Spanning Tree Protocol (STP)
Address Resolution Protocol (ARP)
Routing information protocol (RIP)
The spanning tree protocol (STP) allows bridges or switches to
organize themselves into a hierarchy. Each switch determines
the shortest path to the root bridge by exchanging information
with other switches. STP information is packaged as bridge
protocol data unit (BPDU) multicast frames.
The Neighbor Discovery (ND) protocol performs some of the
functions on an ipv6 network that ARP and ICMP perform under
ipv4, such as address autoconfiguration, redirection, prefix
discovery, and local address resolution.
The TCP/IP suite includes the Address Resolution Protocol (ARP)
to perform the task of resolving an IP address to a hardware
address.
The Routing Information Protocol (RIP) is a distance vector
routing protocol. It operates on the application layer, not the data
link layer
A network engineer is troubleshooting a packet loss issue on a
small corporate Internet of Things (iot) network. The issue began
occurring after a legacy device was added to the network, and
the engineer has noted that the MTU size on the router is less
than the default 1500, at 750 MTU. Propose a likely cause of the
packet loss by the legacy device.
The legacy device is not compatible with the networks routing
protocols
The legacy device is too many hops displaced from the router
