Try 10 focused CompTIA Server+ SK0-006 questions on Performance Management and Troubleshooting, with explanations, then continue with IT Mastery.
Open the matching IT Mastery practice page for timed mocks, topic drills, progress tracking, explanations, and full practice.
Try CompTIA Server+ SK0-006 on Web View full CompTIA Server+ SK0-006 practice page
| Field | Detail |
|---|---|
| Exam route | CompTIA Server+ SK0-006 |
| Topic area | Performance Management and Troubleshooting |
| Blueprint weight | 22% |
| Page purpose | Focused sample questions before returning to mixed practice |
Use this page to isolate Performance Management and Troubleshooting for CompTIA Server+ SK0-006. Work through the 10 questions first, then review the explanations and return to mixed practice in IT Mastery.
| Pass | What to do | What to record |
|---|---|---|
| First attempt | Answer without checking the explanation first. | The fact, rule, calculation, or judgment point that controlled your answer. |
| Review | Read the explanation even when you were correct. | Why the best answer is stronger than the closest distractor. |
| Repair | Repeat only missed or uncertain items after a short break. | The pattern behind misses, not the answer letter. |
| Transfer | Return to mixed practice once the topic feels stable. | Whether the same skill holds up when the topic is no longer obvious. |
Blueprint context: 22% of the practice outline. A focused topic score can overstate readiness if you recognize the pattern too quickly, so use it as repair work before timed mixed sets.
These original IT Mastery practice questions are aligned to this topic area. Use them for self-assessment, scope review, and deciding what to drill next.
Topic: Performance Management and Troubleshooting
A file server was moved to the server VLAN and must use DHCP reservations for address management. Users report intermittent failures when connecting to fs1.corp.example.com.
Exhibit:
DNS A record: fs1.corp.example.com -> 10.20.30.50
DHCP lease: FS1 MAC AA-AA-AA-AA-AA-AA -> 10.20.30.50
Switch alert: Duplicate IP 10.20.30.50 from MAC AA-AA-AA-AA-AA-AA and BB-BB-BB-BB-BB-BB
Asset note: Legacy test server uses a static address on the same VLAN
Which action is the BEST professional decision?
Options:
A. Change the DNS A record for FS1
B. Remove the duplicate static address and keep FS1 reserved
C. Add a hosts file entry on affected clients
D. Expand the DHCP scope for the server VLAN
Best answer: B
Explanation: The key evidence is the duplicate IP alert. DNS resolves fs1.corp.example.com to 10.20.30.50, and DHCP has correctly leased that same reserved address to FS1. The intermittent behavior occurs because another MAC address is also using 10.20.30.50, likely the legacy test server with a static configuration. The operational fix is to locate that device, remove or change the conflicting static address, and keep FS1 managed by its DHCP reservation. After the conflict is removed, normal DNS and ARP behavior should stabilize.
Changing DNS or client files treats name resolution as the problem, but the name is resolving to the intended address.
Topic: Performance Management and Troubleshooting
A file server fails to start its file-sharing service after a RAID controller replacement. Users report missing departmental shares, and a restore job fails because the target volume is unavailable. The team wants to avoid overwriting recoverable data.
Exhibit: Storage facts
RAID utility: Virtual Disk 1 = Foreign, Secured, Not Imported
Disk Management: Disk 2 = Unknown, Not initialized
Event log: Encrypted foreign configuration detected
Backup job: Restore failed - destination volume not found
Which implementation choice should the administrator perform first?
Options:
A. Run a file-level restore to a newly formatted volume.
B. Initialize Disk 2 and create a new data volume.
C. Disable OS volume encryption on the boot disk.
D. Import the secured foreign configuration using the saved controller encryption key.
Best answer: D
Explanation: The storage facts point to a controller-level encrypted RAID configuration, not a normal empty disk or an OS boot-volume encryption issue. A replacement RAID controller often sees existing arrays as foreign; if the array is also secured, it must be unlocked with the correct saved key before it can be imported and presented to the OS. Initializing the disk or formatting a replacement target can overwrite metadata and reduce recovery options. A restore may be needed later, but the first safe step is to make the original secured virtual disk available without destroying its existing layout.
Topic: Performance Management and Troubleshooting
A systems administrator restored an encrypted file share backup to a replacement server after a storage controller failure. The restore job completed, and users can browse folder names, but opening restored files returns “Access denied” or “Cannot decrypt file.”
Exhibit: Restore and access findings
| Check | Result |
|---|---|
| Backup integrity validation | Passed |
| Restored NTFS permissions | Match source server |
| File encryption certificate ID | EFS-CERT-8819 |
| Replacement server certificate store | EFS-CERT-4412 only |
| Application event log | No matching private key for encrypted file |
What is the most likely issue?
Options:
A. Disabled file sharing service
B. Encryption certificate/key mismatch
C. Corrupted backup media
D. Incorrect NTFS ACL inheritance
Best answer: B
Explanation: The symptoms point to an encryption mismatch: the data exists and permissions were restored, but the replacement server does not have the private key needed to decrypt the files. Encrypted file access depends on compatible protection state, such as the correct certificate, private key, key protector, or encryption key material. Because backup validation passed and folder browsing works, the problem is not general restore failure or share availability. The next operational focus would be recovering or importing the correct encryption key material from the original server, key escrow, or backup documentation.
Topic: Performance Management and Troubleshooting
A server administrator is investigating intermittent HTTP 500 errors in a load-balanced web application running on six application servers. CPU, memory, and disk metrics are near baseline, and there are no user lockout reports. The operations policy discourages interactive logons to production servers unless needed. Which evidence source should the administrator review first?
Options:
A. Storage array performance logs
B. Centralized application logs
C. Local security logs on the domain controller
D. Local system logs on one server
Best answer: B
Explanation: The issue is an application error occurring intermittently across a load-balanced server group. HTTP 500 responses usually require application-level evidence such as exception messages, request IDs, service errors, or dependency failures. Because the workload runs on six servers and policy discourages direct production logons, centralized application logs are the best first evidence source. They let the administrator correlate errors by time, node, and request without checking each server individually.
System logs are better for OS, driver, service-start, hardware, or kernel-level events. Security logs are better for authentication, authorization, audit, and access events. The key takeaway is to match the log source to both the symptom and the operational constraints.
Topic: Performance Management and Troubleshooting
A file server has user login failures and reports of missing files. Monitoring shows a successful login by a disabled admin account from an unfamiliar subnet, a new unapproved service listening on a high TCP port, and file-integrity hash changes on shared folders. The security team needs to preserve evidence while limiting possible lateral movement. Which implementation choice is best?
Options:
A. Move the server to a quarantine VLAN with restricted forensic access
B. Grant affected users temporary elevated share permissions
C. Reboot the server to clear the rogue service from memory
D. Delete the unapproved service and restore the missing files
Best answer: A
Explanation: The evidence points to a likely security incident, not a routine login or file-share problem: unauthorized account activity, a rogue service, integrity failures, and possible data loss. The best response is to contain the server without destroying evidence. Moving it to a quarantine VLAN or otherwise isolating it with tightly controlled forensic access reduces the chance of lateral movement, data exfiltration, or further tampering while allowing investigators to collect logs, memory, service state, and file-system evidence. Avoid actions that change the system state more than necessary before evidence is captured.
Topic: Performance Management and Troubleshooting
A systems administrator is reviewing an observability dashboard for a database VM that slows during normal business hours. The VM has no recent code or schema changes. Which implementation choice best addresses the resource pressure shown?
| Metric | Baseline | Current |
|---|---|---|
| CPU utilization | 45% | 52% |
| Memory utilization | 68% | 96% |
| Swap/page file activity | Minimal | Sustained |
| Disk latency | 8 ms | 10 ms |
| Network utilization | 20% | 25% |
Options:
A. Increase the VM memory allocation
B. Add another virtual CPU
C. Move the database to faster disks
D. Increase the virtual NIC bandwidth
Best answer: A
Explanation: Resource pressure is identified by comparing current metrics against a known baseline and looking for the resource that is both saturated and causing secondary symptoms. In this case, memory is at 96% and swap/page file activity is sustained. That means the system is using disk as an extension of RAM, which commonly causes application slowdowns even when disk latency itself is not unusually high. CPU, disk latency, and network utilization are close to their baseline values, so they do not point to the primary bottleneck. The best implementation choice is to rightsize the VM by increasing memory, assuming the hypervisor host has capacity.
Topic: Performance Management and Troubleshooting
A database reporting server becomes unresponsive every few days. Restarting the reporting service restores performance temporarily. Review the observability excerpt and identify the most likely software issue.
Exhibit: Service metrics and logs
Service: report-renderer
After service restart: RSS memory 1.2 GB
24 hours later: RSS memory 6.8 GB
48 hours later: RSS memory 13.9 GB
CPU: 18%-25% average
Disk errors: none
Recent patches: none
Log excerpt:
WARN allocation pressure rising
ERROR request failed: out of memory
INFO service restart completed successfully
Options:
A. Memory leak
B. Encryption mismatch
C. Patch failure
D. Corrupted files
Best answer: A
Explanation: The evidence points to a memory leak in the reporting service. Resident memory grows from 1.2 GB after restart to 13.9 GB after 48 hours while CPU remains moderate and disk errors are absent. The out-of-memory log entry matches resource exhaustion, and the temporary improvement after restarting the service is typical because the leaked memory is released when the process exits. Corrupted files would usually produce file read, checksum, application load, or integrity errors. Encryption mismatch would more likely show handshake, certificate, cipher, or decryption failures. Patch failure is not supported because the exhibit states there were no recent patches.
Topic: Performance Management and Troubleshooting
A database server became slow after a scheduled maintenance window. Users report timeouts, but the database service stays online. Review the exhibit and choose the most likely issue supported by the evidence.
Exhibit: Post-maintenance observations
Patch window: OS security updates + storage controller driver update
CPU utilization: 22% average
Memory utilization: 48% average
Network utilization: 18% average
Disk queue length: 36 average, previously 3
Avg. disk read latency: 185 ms, previously 12 ms
Event log: storport reset issued to \Device\RaidPort0
RAID controller: optimal, no failed drives
Options:
A. RAID drive failure
B. Memory leak in the database service
C. Storage controller driver issue
D. CPU resource pressure
Best answer: C
Explanation: The evidence points to a driver-related storage performance problem. The server slowed immediately after a maintenance window that included a storage controller driver update. CPU, memory, and network utilization are all moderate, so general resource pressure is not supported. The disk queue length and read latency increased sharply, and the event log shows storport resets to the RAID port. Because the RAID controller reports optimal health and no failed drives, the more likely issue is not a physical disk failure but a driver or controller I/O path problem introduced during patching. The best next step would be to review the updated driver, check vendor compatibility, and consider rollback or replacement with a supported version.
Topic: Performance Management and Troubleshooting
A backup server was moved to a new VLAN. Backup jobs fail only when targeting \\fs01.corp.example.com\backup; the same service account was used for testing.
Exhibit: Troubleshooting notes
NIC link: up, 10Gbps
IPv4: 10.20.30.45/24, gateway 10.20.30.1
DHCP lease: valid
ping 10.20.40.10: replies received
Test TCP 10.20.40.10:445: successful
nslookup fs01.corp.example.com: Non-existent domain
Access \\10.20.40.10\backup: successful
Which issue is most likely causing the backup failure?
Options:
A. Directory join failure on the backup server
B. Name resolution failure for the file server FQDN
C. SMB service unavailable on the file server
D. IP address conflict on the backup VLAN
Best answer: B
Explanation: The evidence points to a name resolution problem. Network connectivity is working because the backup server has a valid DHCP lease, the NIC link is up, ICMP replies return from the file server IP, and TCP port 445 is reachable. Resource access is also working because the service account can open the share by IP address. The failure appears only when using the FQDN, and nslookup returns a non-existent domain response for that name. That isolates the issue to DNS or the name record used by the backup job, not the file service, cabling, DHCP, or permissions.
Topic: Performance Management and Troubleshooting
A technician receives this rack-side report for a production virtualization host. Based on the exhibit, what is the most likely issue to investigate first?
Host: HV-03
Observation: high-pitched whine from rear PSU bay
Odor: burnt plastic near PSU area
Indicators: PSU 1 green; PSU 2 amber
Metrics: CPU temperature normal; fan speed normal
Storage: no RAID or SMART alerts
Options:
A. CPU cooling fan obstruction
B. Predictive disk failure
C. CMOS battery failure
D. Failing power supply module
Best answer: D
Explanation: Auditory and olfactory clues are important hardware troubleshooting signals. A high-pitched whine near the PSU bay can indicate a failing power supply component, and a burnt plastic smell suggests overheating or electrical failure. The amber PSU 2 indicator reinforces that the issue is localized to the redundant power supply path. Normal CPU temperature, normal fan speed, and no storage alerts make cooling or disk failure less likely. The safest server-management interpretation is to treat this as a power component fault and follow site procedures for isolating or replacing the affected PSU.
Use the CompTIA Server+ SK0-006 Practice Test page for the full IT Mastery practice bank, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.
Try CompTIA Server+ SK0-006 on Web View CompTIA Server+ SK0-006 Practice Test
Use the full IT Mastery practice page above for the latest review links and practice page.