Try 10 focused CompTIA A+ 220-1201 questions on Networking, with explanations, then continue with IT Mastery.
Open the matching IT Mastery practice page for timed mocks, topic drills, progress tracking, explanations, and full practice.
Try CompTIA A+ 220-1201 on Web View full CompTIA A+ 220-1201 practice page
| Field | Detail |
|---|---|
| Exam route | CompTIA A+ 220-1201 |
| Topic area | Networking |
| Blueprint weight | 20% |
| Page purpose | Focused sample questions before returning to mixed practice |
Use this page to isolate Networking for CompTIA A+ 220-1201. Work through the 10 questions first, then review the explanations and return to mixed practice in IT Mastery.
| Pass | What to do | What to record |
|---|---|---|
| First attempt | Answer without checking the explanation first. | The fact, rule, calculation, or judgment point that controlled your answer. |
| Review | Read the explanation even when you were correct. | Why the best answer is stronger than the closest distractor. |
| Repair | Repeat only missed or uncertain items after a short break. | The pattern behind misses, not the answer letter. |
| Transfer | Return to mixed practice once the topic feels stable. | Whether the same skill holds up when the topic is no longer obvious. |
Blueprint context: 20% of the practice outline. A focused topic score can overstate readiness if you recognize the pattern too quickly, so use it as repair work before timed mixed sets.
These questions are original IT Mastery practice items aligned to this topic area. They are designed for self-assessment and are not official exam questions.
Topic: Networking
A user connects a Bluetooth speaker to a laptop and places the speaker about 30 feet away in the next room. The audio frequently cuts out, even after the user has rebooted the laptop and updated the audio drivers. Which of the following is the BEST next step to resolve this issue?
Options:
A. Move the Bluetooth speaker closer so it is in the same room as the laptop with fewer obstacles between them.
B. Replace the laptop’s Wi-Fi card with a newer model that supports Wi-Fi 6.
C. Use Windows Device Manager to uninstall and reinstall the Bluetooth adapter.
D. Change the laptop’s Wi-Fi network from 2.4GHz to 5GHz to reduce interference.
Best answer: A
Explanation: Bluetooth is designed for short-range personal area networking, such as wireless audio, keyboards, and mice. Most consumer devices (Class 2) have an effective range of about 10 meters (around 30 feet) under ideal line-of-sight conditions. Walls, furniture, and other obstacles can significantly reduce that effective range.
In this scenario, the Bluetooth speaker is already roughly at the edge of typical consumer Bluetooth range and is placed in another room. The connection works close up but cuts out when the distance and obstructions increase. That behavior strongly indicates a range/obstruction problem, not a driver or Wi-Fi hardware fault.
The simplest and most appropriate next step is to move the speaker closer so that it is in the same room with fewer obstacles. This aligns with how Bluetooth is intended to be used for reliable wireless audio: short distances, minimal obstructions, and within the device’s class-rated range.
Topic: Networking
A remote employee often uses free public Wi‑Fi at airports and coffee shops. The company requires the use of a VPN for secure remote access. Which of the following recommendations is NOT appropriate for protecting the employee’s traffic on these untrusted networks?
Options:
A. Temporarily disable the VPN on public Wi‑Fi to improve performance because web sites already use HTTPS encryption.
B. Always connect to the VPN before accessing internal company resources over public Wi‑Fi.
C. Use a configuration that sends all network traffic through the VPN when working with sensitive company information on public Wi‑Fi.
D. Verify that the VPN client shows an active, encrypted tunnel before signing in to corporate applications.
Best answer: A
Explanation: A VPN (virtual private network) provides secure remote access by creating an encrypted tunnel between the user’s device and a trusted network, such as a company’s internal network. When using untrusted networks like public Wi‑Fi, this encrypted tunnel helps prevent eavesdropping, session hijacking, and other attacks that rely on reading or modifying data in transit.
Because the VPN encapsulates and encrypts the user’s traffic, attackers on the same Wi‑Fi network cannot easily see the contents of that traffic or which internal resources are being accessed. For this protection to work, the user must keep the VPN enabled and connected while using sensitive services over untrusted networks.
Disabling the VPN on public Wi‑Fi to “go faster” undermines the entire purpose of secure remote access. Even if some applications use HTTPS, the VPN adds an extra layer of protection, secures more types of traffic, and helps protect against misconfigurations or sites that are not fully encrypted.
Topic: Networking
A help-desk technician is training a new cashier on how customers can pay by holding their smartphones just a few centimeters from the store’s payment terminal. The technician also mentions that some speakers and headphones can start pairing when the user taps a phone against them. The cashier asks what wireless technology makes this possible and why the phone must be so close. Which explanation should the technician give?
Options:
A. It uses Wi-Fi Direct, which lets the payment terminal and phone communicate over a normal Wi-Fi network so the user can pay from anywhere in the store.
B. It uses Bluetooth, which provides several meters of range for wireless audio and data, and the long range is required so customers don’t have to stand close to the terminal.
C. It uses standard RFID badge technology, where the phone constantly broadcasts ID data so nearby readers can pick it up without needing to be very close.
D. It uses Near Field Communication, which works only at very short range (a few centimeters) for tap-to-pay and quick pairing, and the tiny range helps limit unauthorized access from a distance.
Best answer: D
Explanation: The scenario describes tap-to-pay at a checkout terminal and tap-to-pair with accessories, both of which are classic uses of Near Field Communication (NFC). NFC is a very short-range wireless technology (typically a few centimeters) built for simple, quick interactions like payments, pairing, and reading small data from tags.
Because NFC only works when devices are extremely close, users usually must physically tap or nearly touch their phone to the reader or accessory. This short distance is a practical security benefit: an attacker would have to be physically very close to eavesdrop or skim data, which is harder than with longer-range technologies like Bluetooth or Wi-Fi.
Bluetooth and Wi-Fi Direct support much longer ranges and higher data rates, making them better for audio streaming or file transfers, not for the intentional, physical tap behavior described. RFID badge systems are related to NFC technology but are typically described in the context of access cards or tags, not smartphone-based tap-to-pay and tap-to-pair as seen in everyday retail and consumer devices.
Topic: Networking
A small office admin currently connects from home to a Linux file server’s command line over the Internet using Telnet through the office router, which forwards TCP port 23 to the server. The connection works, but the owner wants encrypted remote terminal access without adding unnecessary complexity. Which change to the router configuration would BEST meet this goal?
Options:
A. Keep the TCP 23 port forward and additionally forward TCP port 21 to the server for FTP access.
B. Forward TCP port 443 to the server and use HTTPS-based remote desktop tools for management.
C. Change the port forward from TCP 23 to TCP 80 and manage the server using HTTP in a web browser.
D. Remove the TCP 23 port forward and instead forward TCP port 22 to the server for SSH access.
Best answer: D
Explanation: Telnet, which uses TCP port 23, sends all data—including usernames and passwords—in clear text. For remote administration over the Internet, this is a significant security risk.
SSH is the secure replacement for Telnet and uses TCP port 22 by default. SSH provides encrypted remote terminal sessions with essentially the same command-line management capabilities while protecting credentials and session data from eavesdropping. Changing the router’s port forward from TCP 23 to TCP 22 (and configuring the server to accept SSH) gives the admin secure remote shell access without introducing new, more complex tools or workflows.
Other ports mentioned—such as 21 for FTP, 80 for HTTP, and 443 for HTTPS—serve different purposes: file transfer and web access rather than straightforward secure command-line administration. They either remain unencrypted for management traffic (HTTP) or require additional software and configuration beyond what is needed for a simple secure terminal session (HTTPS remote desktop).
Topic: Networking
A junior technician is explaining the roles of devices in a SOHO network to a homeowner. Which of the following statements about the router, switch, and wireless access point is INCORRECT?
Options:
A. The router forwards traffic between the home network and the internet, often using NAT and basic firewall functions.
B. The wireless access point provides Wi-Fi connectivity and bridges wireless client devices onto the wired local network.
C. The wireless access point assigns unique public IP addresses from the ISP to each wireless client so they can bypass the router.
D. The network switch connects multiple wired devices on the same local network and forwards frames based on MAC addresses.
Best answer: C
Explanation: In a SOHO network, the router, switch, and wireless access point each have distinct roles.
The router connects the internal network to the internet and usually handles routing between the local subnet and the ISP, along with functions like NAT (Network Address Translation), DHCP for private IP addressing, and basic firewall rules.
The switch is used to connect multiple wired devices within the same local network. It operates primarily at Layer 2 of the OSI model, forwarding frames based on MAC addresses so that devices can communicate efficiently on the LAN.
The wireless access point (AP) adds Wi‑Fi capability by bridging wireless clients into the existing wired LAN. It does not normally manage the public IP address from the ISP or perform internet routing in a standard SOHO setup.
The statement that the wireless access point assigns public IP addresses from the ISP directly to each wireless client and lets them bypass the router is therefore incorrect and represents a misunderstanding of how SOHO networks are typically designed.
Topic: Networking
A small office is adding a single ceiling‑mounted Wi‑Fi 6 access point in a hallway where there is no electrical outlet. Their existing 24‑port gigabit switch does not support PoE, and they want to keep this switch and avoid hiring an electrician to pull new power. Which solution is the MOST appropriate to meet these requirements?
Options:
A. Install a PoE injector in the network closet between the existing switch and the access point
B. Replace the existing 24‑port switch with a new 24‑port PoE switch
C. Use a USB‑C power bank to power the access point and connect it to the existing switch with a long Ethernet cable
D. Install a powerline Ethernet adapter at the access point location and power the AP with a wall charger
Best answer: A
Explanation: Power over Ethernet (PoE) lets a network device such as a Wi‑Fi access point or IP phone receive both data and electrical power over the same Ethernet cable. This is especially useful when the device is installed where there is no convenient AC outlet, such as in ceilings or remote hallways.
In environments that already use a non‑PoE switch and only need to power a small number of devices, a PoE injector is often the best choice. The injector sits between the switch and the powered device, adding the correct DC power onto the Ethernet pair while passing data through transparently. This keeps costs low and avoids replacing working switch hardware.
A PoE switch combines the switch and PoE capabilities in one device, which is ideal when you have many PoE endpoints. However, it is usually more expensive and unnecessary when you only need to power one or two devices and are otherwise satisfied with the existing switch.
Topic: Networking
A 20-person accounting firm uses a single SOHO router and an on-premises email server. Employees report a sharp increase in spam and emails containing malicious links, and the owner wants better protection without replacing all user PCs. Which of the following actions will best address this issue/meet these requirements? (Select TWO.)
Options:
A. Configure all workstations to store files on a local file server instead of using cloud storage services.
B. Replace the existing unmanaged switch with a managed PoE switch to support future VoIP phones and VLANs.
C. Install a unified threat management (UTM) appliance between the ISP router and the internal switch to provide firewall, antivirus, and web filtering for all users.
D. Deploy a cloud-based spam gateway in front of the company’s email service to filter unwanted and malicious messages.
E. Add a load balancer in front of the web server to distribute incoming HTTP traffic evenly across multiple backend systems.
Correct answers: C and D
Explanation: This scenario is about improving email and internet security for a small business without replacing all client PCs. A spam gateway is dedicated to scanning inbound and outbound email for spam, phishing, and malware, removing many bad messages before users see them. A unified threat management (UTM) device consolidates multiple security services (firewall, antivirus, web filtering, intrusion detection) into a single appliance that protects all traffic passing through it.
Both adding a spam gateway and installing a UTM directly reduce the amount of spam and malicious links reaching users, while keeping costs and complexity reasonable for a SOHO environment.
In contrast to these email- and threat-focused devices, other appliances like load balancers and generic switches solve different problems such as performance and segmentation but do not address spam or malicious email links.
Topic: Networking
A 50-user small office has all employees watching the same 4Mbps training video hosted on an external website. Their 150Mbps internet link becomes saturated during the training. Management wants an internal device that will cache the video so it is downloaded from the internet only a few times, cutting external bandwidth for that video roughly in half. About how much external bandwidth will the video then use, and which type of device should they deploy to achieve this?
Options:
A. About 100Mbps, using a proxy server
B. About 50Mbps, using a spam gateway
C. About 0Mbps, using a unified threat management (UTM) appliance
D. About 100Mbps, using a load balancer
Best answer: A
Explanation: The total bandwidth for the training video is found by multiplying the number of users by the per-user stream rate: 50 users each at 4Mbps means about 200Mbps of video traffic. If an internal caching solution downloads the video from the internet only a few times instead of once per user, external traffic for that video can be cut roughly in half, down to about 100Mbps.
The network role that matches this requirement is a proxy server. A proxy server sits between clients and external web servers, often caching frequently requested content so that subsequent requests are served from the local cache rather than over the internet. This directly reduces external bandwidth usage while still allowing access to the content.
Other appliances like spam gateways, UTMs, and load balancers serve different roles (email filtering, security enforcement, or distributing traffic across servers) and do not primarily provide the web caching needed to solve this bandwidth problem in a SOHO or small-business environment.
Topic: Networking
Which of the following statements about common 802.11 wireless standards is NOT correct?
Options:
A. 802.11n can operate on either the 2.4GHz or 5GHz band, depending on how the device is implemented.
B. 802.11ax (Wi‑Fi 6) is designed to improve performance in dense environments by allowing many clients to share channels more efficiently.
C. A dual-band 802.11ax access point can usually provide backward compatibility for 802.11n clients on the same frequency band.
D. 802.11ac devices can operate on both the 2.4GHz and 5GHz bands.
Best answer: D
Explanation: Common Wi‑Fi standards differ in their supported frequency bands, speeds, and efficiency features.
802.11n can be implemented on 2.4GHz, 5GHz, or both, and significantly improved speeds compared to earlier standards, with theoretical maximums up to about 600Mbps when multiple spatial streams are used.
802.11ac (often called Wi‑Fi 5) is defined specifically for the 5GHz band and introduced wider channels and multi-user MIMO to reach gigabit-class speeds. When you see a router advertising both 2.4GHz and 5GHz with 802.11ac, the 2.4GHz side is usually using 802.11n, not 802.11ac.
802.11ax (Wi‑Fi 6) focuses heavily on efficiency in dense environments, using technologies such as OFDMA and improved scheduling so many devices can share the same channels more effectively. Dual-band 802.11ax access points are typically backward compatible with older 802.11 standards (like 802.11n) on each band, allowing mixed client types on the same network.
Topic: Networking
A small accounting office just replaced its aging router. Previously, each workstation had a manually configured IP address, subnet mask, gateway, and DNS settings, which led to frequent mistakes when new PCs or visiting laptops were added. The owner asks you to configure the network so that devices receive correct IP settings automatically when they connect, with no per-device configuration. Which type of service on the router should you enable to BEST meet this request?
Options:
A. File server
B. Web server
C. DNS server
D. DHCP server
Best answer: D
Explanation: The owner’s main problem is having to manually configure IP settings (IP address, subnet mask, default gateway, and DNS) on every device. This leads to human error and makes adding new or visiting devices time‑consuming.
A DHCP server is specifically designed to solve this problem. DHCP (Dynamic Host Configuration Protocol) automatically leases IP configuration information to clients when they join the network. When you enable the DHCP server feature on a SOHO router, wired and wireless clients can be set to “Obtain an IP address automatically” and will receive all necessary TCP/IP settings without manual input.
Other server roles like DNS, file, or web serve different purposes—name resolution, file sharing, or hosting websites—but they do not automate the assignment of IP configuration. Therefore, enabling the DHCP server on the router best meets the requirement for automatic addressing with no per‑device configuration.
Use the CompTIA A+ 220-1201 Practice Test page for the full IT Mastery route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.
Try CompTIA A+ 220-1201 on Web View CompTIA A+ 220-1201 Practice Test
Read the CompTIA A+ 220-1201 Cheat Sheet on Tech Exam Lexicon, then return to IT Mastery for timed practice.