CompTIA Network+ Practice Test (N10-009)
Use the form below to configure your CompTIA Network+ Practice Test (N10-009). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.

CompTIA Network+ N10-009 (V9) Information
The CompTIA Network+ N10-009 certification exam is a key credential for IT professionals specializing in network technologies and infrastructure. This exam assesses a candidate's ability to design, configure, manage, and troubleshoot wired and wireless network devices. Unlike more specialized certifications, the Network+ offers a broad foundation, making it ideal for early-career network technicians and administrators. It covers emerging technologies like cloud computing and virtualization, while also emphasizing traditional networking concepts and practices. By passing the N10-009 exam, candidates demonstrate their expertise in these areas, proving their readiness for roles such as network administrator, network field technician, and help desk technician.
The exam's content is divided into several key areas. Network architecture forms a significant part, where candidates must understand the design and implementation of functional networks, including network components and their roles in network services. Network security is also crucial, requiring knowledge of security concepts and protocols, as well as the skills to implement security features on network devices. The exam also tests on network operations and troubleshooting, focusing on monitoring tools, network performance optimization, and problem-solving techniques. Moreover, it includes newer areas like cloud computing and virtualization, reflecting the evolving nature of network technology. This wide-ranging scope ensures that professionals holding the Network+ certification are equipped to support and manage modern network environments effectively.
More reading:
Free CompTIA Network+ N10-009 (V9) Practice Test
Press start when you are ready, or press Change to modify any settings for the practice test.
- Questions: 20
- Time: Unlimited
- Included Topics:Networking ConceptsNetwork ImplementationNetwork OperationsNetwork SecurityNetwork Troubleshooting
A network administrator at a medium-sized enterprise plans to upgrade the firmware on several critical routers. To ensure a systematic approach compliant with best practices for network management, which of these actions should most appropriately initiate the change management process?
Submit a change request to the change advisory board (CAB) for review and approval
Directly implement the changes during a scheduled maintenance window
Start with a thorough risk assessment before proposing any specific actions
Informally discuss the change with colleagues to gather feedback before proceeding
Answer Description
Before making any significant changes to a network's infrastructure, the first step under the change management process should always start with submitting a change request. This action ensures that all necessary approvals are obtained, and all impacts are assessed before any changes are implemented, minimizing potential disruptions. Just discussing potential changes informally does not provide proper documentation or authorization. Implementing changes directly or beginning with a risk assessment, though important, skips the initial necessary step of formally recording and initiating the process through an official change request.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the role of a Change Advisory Board (CAB)?
Why is submitting a change request the first step in the process?
What is the benefit of following a formal change management process?
A company's disaster recovery team meets in a conference room to walk through the procedures of a disaster recovery plan after a simulated server failure. The team discusses their roles and the expected sequence of events without using any actual equipment or relocating to a backup site. Which of the following DR concepts does this scenario describe?
RPO validation
Full-scale exercise
Hot site cutover
Tabletop exercise
Answer Description
This scenario describes a tabletop exercise, which is a discussion-based session where team members meet to discuss their roles and walk through the steps of a disaster recovery plan in response to a simulated event. It does not involve physical relocation or actual system recovery. A full-scale exercise would involve a hands-on, physical run-through. A hot site cutover is the actual process of switching to a live backup site. RPO (Recovery Point Objective) is a metric that defines the acceptable amount of data loss, not a type of exercise.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of a tabletop exercise?
How does a full-scale exercise differ from a tabletop exercise?
What is RPO, and why is it not relevant to this scenario?
A network administrator is tasked with creating a strategy to maintain network configuration standards across a multinational company. The strategy should enable quick recovery and consistent configuration deployment after infrastructure failures. The administrator needs to choose a configuration type that is pre-tested and serves as a standard template for all deployments. What type of configuration should the administrator focus on?
Baseline/golden configuration
Backup configuration
Trial configuration
Development configuration
Answer Description
The correct answer is 'Baseline/golden configuration' because this refers to a benchmark configuration set that is known to work well under tested conditions and is used as a standard template to build new systems or restore existing systems after an outage. 'Development configuration' and 'Trial configuration' are not standard established terms in network management. 'Backup configuration' is used for recovery purposes and may not prescriptively be set as a standard template that is optimized and tested.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a baseline/golden configuration?
How does a baseline configuration differ from a backup configuration?
Why is consistency important in network configuration deployment?
Immediately after a routine server update, users report they can no longer connect to an application on the server. According to the CompTIA troubleshooting methodology, what is the most likely cause to investigate first?
The server's virtual LAN (VLAN) assignment was altered.
An unresolved hardware alert exists on the server.
A new network monitoring tool was installed.
Changes were made to the server's host-based firewall.
Answer Description
The CompTIA troubleshooting methodology emphasizes identifying what has changed as an early step. A server update is a significant change that can alter various configurations. Host-based firewall rules are frequently modified during operating system or application updates to enhance security, which can inadvertently block legitimate traffic. Therefore, checking for changes in the firewall configuration is the most logical first step. While other options could potentially cause connectivity issues, they are less directly associated with a recent server update compared to a firewall rule modification.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a host-based firewall?
How do server updates affect host-based firewall configurations?
What steps can be taken to confirm and resolve firewall-related issues after a server update?
Which of the following best describes the function of NAT?
Translates private IP addresses to a public IP address for internet access
Compresses data packets to reduce transmission time
Assigns IP addresses to devices within a local area network
Encapsulates network traffic to be sent over different protocols
Answer Description
Network Address Translation (NAT) allows multiple devices on a private network to access the internet using a single public IP address. This is crucial for conserving IP addresses and for allowing an entire network to communicate to the outside world using a simple, singular address. NAT modifies the IP addresses of outgoing packets from a private network to appear as though they are originating from the router’s public IP address to external hosts. The other options describe different technologies or concepts that are not directly related to the specific function of NAT.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is NAT important for conserving IP addresses?
What is the difference between NAT and DHCP?
How does NAT improve network security?
During a session where timely and reliable data delivery is critical, which OSI layer primarily ensures the controlled transmission of data, facilitating mechanisms for error detection and correction?
Network Layer
Physical Layer
Data Link Layer
Transport Layer
Answer Description
The Transport layer (Layer 4 of the OSI model) is responsible for providing mechanisms for data transfer sessions between hosts. It provides services such as connection-oriented data stream support, reliability, flow control, and error correction, all of which are essential for ensuring that data packets are transmitted reliably and in sequence. The Network layer primarily deals with logical addressing and routing, while the Data Link layer handles physical addressing, error notification, and ordered delivery of frames. The Physical layer deals with the transmission and reception of unstructured raw data over a network medium.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the primary function of the Transport layer in the OSI model?
How does the Transport layer handle error detection and correction?
What is the difference between TCP and UDP at the Transport layer?
Which of the following statements about Ethernet duplex modes is TRUE?
Half-duplex Ethernet is the only duplex mode supported by modern switched networks.
Full-duplex Ethernet uses CSMA/CD to prevent collisions.
Full-duplex Ethernet doubles the effective bandwidth of the link by allowing simultaneous transmission and reception.
Half-duplex Ethernet allows simultaneous transmission and reception on the link.
Answer Description
Ethernet can operate in either half-duplex or full-duplex mode. In half-duplex, a device can transmit or receive at any one time and relies on CSMA/CD to handle possible collisions. Full-duplex provides separate transmit and receive paths so both ends can send and receive simultaneously, eliminating collisions and effectively doubling the link's usable bandwidth. Because collisions cannot occur, CSMA/CD is disabled in full-duplex operation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is CSMA/CD and how does it work?
Why does full-duplex Ethernet eliminate collisions?
How does full-duplex mode double bandwidth in Ethernet?
Which of the following BEST describes the typical use case for a Twinaxial cable in a modern network environment?
Connecting switches and servers within the same data center
Long-distance optical network transmissions between cities
Wiring local area networks in office buildings
Deploying broadband Internet services in residential areas
Answer Description
Twinaxial cables are typically used for short-distance connections between switches and servers within the same data center. This is because they provide high-speed data transmission with low latency and low interference, which is ideal for environments requiring high bandwidth over short distances. Fiber optic cables, though capable of high-speed data transmission, are generally used for longer distances due to their ability to transmit data over kilometers without significant loss. Coaxial cables are more commonly used in broadband connections, like cable internet services, not within data centers for connecting switches and servers. UTP cables are used widely in local area networks but do not match the speed and shielding advantages of twinaxial cables for data center applications.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why are Twinaxial cables preferred for short-distance connections in data centers?
What are the key differences between Twinaxial cables and Fiber Optic cables?
How does Twinaxial cabling compare to UTP in terms of performance?
Which protocol is commonly used for accessing and managing directory services over an IP network?
DNS
HTTP
LDAP
SSH
Answer Description
LDAP (Lightweight Directory Access Protocol) is the correct answer because it is designed specifically for providing access to directory services over IP networks, making it a key tool in network administration for managing user identities and relations. LDAP typically operates on TCP port 389. DNS (Domain Name System), which operates on port 53, is primarily used for translating domain names into IP addresses. SSH (Secure Shell), which utilizes port 22, is used for secure remote logins and file transfers. HTTP (Hypertext Transfer Protocol), on port 80, is the foundation of data communication for the World Wide Web.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a directory service in the context of networking?
Why is TCP port 389 important for LDAP?
How does LDAP differ from DNS in terms of functionality?
A network designer is evaluating connector options for a new data center that demands high-density, high-speed fiber connections to support a significant amount of traffic. Which connector type is the BEST choice for meeting these specific requirements?
Local connector (LC)
Straight tip (ST)
Multi-fiber push on (MPO)
Subscriber connector (SC)
Answer Description
The Multi-fiber Push On (MPO) connector is the best choice for the scenario because it can combine up to 12 or more fibers in a single rectangular interface and is particularly designed for high-density and high-speed fiber optic connections, such as in data centers. Other connectors mentioned, like LC and SC, are typically used for single or dual fiber connections and would not offer the same level of density or simplified cable management as MPO in a data center environment.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What makes MPO connectors suitable for high-density environments?
How do MPO connectors differ from LC and SC connectors?
Why are high-speed fiber connections crucial for a modern data center?
Your company has implemented a new policy requiring all network devices to run the latest secure software. You must update a router with a patch that the manufacturer released to fix a recently disclosed vulnerability. Which step is most important to ensure the patch is applied correctly and does not disrupt service?
Read the manufacturer's release notes for the patch.
Verify that the patch is compatible with your router's model and current operating system.
Apply the patch during normal business hours to address issues quickly.
Restart the router immediately after installing the patch.
Answer Description
Before deploying any patch, you must verify that it is compatible with the exact router model and operating-system version in use. Applying an incompatible image can corrupt the device, cause unexpected reboots, or introduce new faults, negating the security benefit and creating downtime. Reading release notes, rebooting after installation, and choosing an appropriate maintenance window are all good practices, but they come after you have confirmed that the patch will work on the target hardware and software.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to verify patch compatibility with the router's hardware and OS?
What is the purpose of release notes for a patch?
Why shouldn't patches be applied during normal business hours?
Your company has implemented a new disaster recovery plan and you are tasked with conducting a validation test. What type of test would provide a detailed, realistic simulation of a disaster scenario without disrupting the actual data center operations?
Technical review
Documentation review
Full-scale test
Tabletop exercise
Answer Description
A tabletop exercise is the correct answer because it involves a comprehensive review of the disaster recovery plan with the key personnel without causing any operational disruptions. This type of test uses simulations presented to the staff to walk through the steps theoretically. It is useful for examining the theoretical response of a team to a disaster in a controlled setting. Full-scale tests, while thorough, involve a real-world application that can affect actual operations, making them unsuitable for scenarios where disruption is a concern. Technical review typically involves checking the technical aspects of a DR plan rather than a functional test of the plan. Documentation review alone, which focuses only on verifying the documents, does not provide a simulation of disaster response.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the benefits of a tabletop exercise compared to a full-scale test?
Who typically participates in a tabletop exercise?
How does a tabletop exercise differ from a technical or documentation review?
What is the primary function of an NS record in domain configuration?
To locate services like VoIP or instant messaging within the domain.
To direct email traffic to the appropriate mail servers.
To identify the authoritative servers maintaining a domain's records.
To map a domain alias to its canonical domain name.
Answer Description
An NS record designates the authoritative servers responsible for a domain's configurations, directing queries to the appropriate sources where detailed mappings are maintained. This facilitates domain management and ensures consistency in resolving queries. MX records direct mail traffic, CNAME records link an alias to a true name, and SRV records locate services — all these are important but functionally different from NS records.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'authoritative server' mean in the context of an NS record?
How are NS records different from CNAME records?
What happens if an NS record is misconfigured?
A network technician is tasked with deploying a new wireless network in a busy office space. The area is heavily congested with existing Wi-Fi networks operating on the 2.4 GHz band. To minimize interference and improve performance using common, widely-supported hardware, which frequency band should the technician primarily utilize?
2.4 GHz
6 GHz
5 GHz
3.6 GHz
Answer Description
The correct answer is '5 GHz'. In a crowded wireless environment where the 2.4 GHz band is saturated with signals from other networks and devices like microwaves and Bluetooth, the 5 GHz band is the best choice for deploying a new network. The 5 GHz band offers significantly more non-overlapping channels than the 2.4 GHz band, which drastically reduces co-channel and adjacent-channel interference, leading to better performance and stability. While the 6 GHz band (used by Wi-Fi 6E/7) offers even more channels and less congestion, it requires newer, more expensive client devices and access points, making 5 GHz the most practical and widely-supported choice for an immediate performance boost over 2.4 GHz. The 3.6 GHz frequency is not a standard band for IEEE 802.11 Wi-Fi networks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the main differences between the 2.4 GHz and 5 GHz frequency bands for Wi-Fi?
Why is the 6 GHz band not commonly used yet for Wi-Fi?
What are 'non-overlapping channels,' and why are they important for Wi-Fi performance?
A network administrator at a medium-sized enterprise is configuring an extended ACL on the main router to restrict access to a secure server subnet that hosts sensitive client data. The server network is 192.168.5.0/24. Only devices on the administration team's subnet, 10.10.10.0/24, should be able to reach this server network. Which of the following ACL statements accomplishes this requirement?
permit ip 10.10.10.0 0.0.0.255 192.168.5.0 0.0.0.255
permit ip 192.168.5.0 0.0.0.255 10.10.10.0 0.0.0.255
permit ip 10.10.10.0 0.0.0.255 any
permit ip any 192.168.5.0 0.0.0.255
Answer Description
An extended ACL entry must include the protocol keyword followed by the source and destination networks with their wildcard masks. The line "permit ip 10.10.10.0 0.0.0.255 192.168.5.0 0.0.0.255" allows any IP traffic originating from the 10.10.10.0/24 subnet to reach any host on the 192.168.5.0/24 subnet. Because an implicit "deny ip any any" follows the ACL, all other source networks are automatically blocked from reaching the server subnet. The other options either reverse the source and destination fields, permit all sources, or fail to limit the destination network, so they do not meet the requirement.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an extended ACL in networking?
What is the purpose of a wildcard mask in ACLs?
What does the implicit 'deny ip any any' rule mean in ACLs?
To prevent prolonged outages and to satisfy regulatory audit requirements, a network administrator is creating a policy for backing up the configurations of all routers and switches. Which of the following backup strategies BEST follows industry best practices for configuration management?
Configure the management platform to automatically archive the running configuration immediately after every authorized change.
Save the initial baseline configuration and update it only when hardware is permanently replaced.
Schedule automated configuration backups to occur only once per month during a planned maintenance window.
Perform manual backups only when a device experiences a failure that requires troubleshooting.
Answer Description
Industry and vendor guidance recommends capturing an automatic, event-driven backup immediately after each authorized configuration change. Doing so guarantees that the latest known-good state is available if a device fails, simplifies troubleshooting by providing a complete change history, and meets compliance requirements that mandate accurate configuration records. Periodic monthly backups, manual post-failure backups, or rarely updated baseline files leave significant gaps and may violate policy.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to back up configurations immediately after authorized changes?
What tools or platforms can be used to automate configuration backups?
What's the difference between event-driven backups and scheduled backups?
Which connection method allows administrators to perform remote command-line management of network devices over an IP network while encrypting both the authentication process and all session data end-to-end?
SSH
Telnet
Console (serial) connection
Web-based GUI
Answer Description
Secure Shell (SSH) creates an encrypted tunnel between the management workstation and the network device. This protects login credentials and subsequent command traffic from eavesdropping or tampering. Telnet sends data in plaintext, the console port does not traverse the IP network, and a browser-based GUI may or may not encrypt traffic depending on configuration but is not inherently command-line oriented.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is SSH and how does it encrypt data?
How does SSH compare to Telnet?
Why is using a browser-based GUI not ideal for command-line tasks?
A network administrator needs to configure a DNS record to associate a domain name with a mail server for their organization. Which DNS record type should they use to achieve this?
MX (Mail Exchange)
CNAME (Canonical Name)
A (Address)
TXT (Text)
Answer Description
The MX (Mail Exchange) record is used in DNS to specify the mail servers responsible for receiving email messages on behalf of a domain. This record is essential for directing email traffic correctly to the organization's mail servers. The A record links a domain to an IP address for general queries but is not specific for mail servers. The CNAME record creates an alias for another domain name, not specifically used for mail servers. Lastly, the TXT record is used for providing arbitrary text about a host, commonly for security data like SPF or DKIM, not for mail server specification.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are MX records used for in DNS?
How do MX records prioritize mail servers?
How are MX records different from A and CNAME records?
When configuring a network to include a diversity of device authentications, which characteristic differentiates TACACS+ most effectively from other authentication solutions?
It uses a simpler encryption method to decrease overhead.
It offers granular control over individual commands.
It automatically synchronizes user data across different platforms.
It utilizes UDP for more reliable communication.
Answer Description
TACACS+ provides granular control over individual commands, allowing network administrators to grant specific rights to users, making it distinct from other protocols that may only authenticate user access levels without such detailed control. This feature is particularly beneficial in environments that require precise user permissions or restrictions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is TACACS+?
How does TACACS+ enable granular control over commands?
What is the difference between TACACS+ and RADIUS?
In which Wi-Fi authentication mode do all users enter the same shared secret (passphrase) to gain access to the wireless LAN?
WPA/WPA2/WPA3 Personal (PSK)
WPA/WPA2/WPA3 Enterprise (802.1X)
Open (no authentication)
802.1X with EAP-TLS certificates
Answer Description
WPA-Personal, also called Pre-Shared Key (PSK) mode, relies on a single password that every authorized device must know. Because the passphrase is shared among all users, it is easy to deploy in homes and very small offices but offers weaker accountability and revocation than WPA/WPA2/WPA3-Enterprise, which authenticates each user individually through 802.1X and a RADIUS server. Open networks have no authentication at all, and 802.1X with EAP-TLS uses certificates per device rather than a shared secret.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is WPA-Personal (PSK) and how does it work?
How does WPA-Personal differ from WPA-Enterprise?
What is the role of RADIUS in WPA-Enterprise authentication?
That's It!
Looks like that's it! You can go back and review your answers or click the button below to grade your test.