N10-009 — CompTIA Network+ (N10-009) Exam Blueprint

Last revised: June 18, 2026

Practical exam blueprint for candidates preparing for CompTIA Network+ (N10-009), with readiness areas, scenario prompts, weak spots, and final-review checks.

How to Use This Exam Blueprint

Use this page as a practical readiness map for the CompTIA Network+ (N10-009) exam. It is organized around the major skills a Network+ candidate is expected to demonstrate: networking concepts, implementations, operations, security, and troubleshooting.

For each area, ask:

Can I explain the concept without notes?
Can I recognize it in a scenario?
Can I choose the best tool, protocol, device, or configuration approach?
Can I eliminate plausible but wrong answers?
Can I troubleshoot from symptoms instead of memorized definitions?

If an item feels familiar but you cannot apply it to a scenario, mark it for review.

Topic-Area Readiness Map

Readiness area	What to know	What “ready” looks like
Network fundamentals	OSI/TCP-IP models, encapsulation, ports, protocols, IP addressing, subnetting, routing, switching	You can map symptoms, devices, and protocols to the correct layer and explain traffic flow end to end
Network implementations	Ethernet, cabling, transceivers, switches, routers, wireless, VLANs, WAN, cloud, virtualization	You can select appropriate technologies for a business or troubleshooting scenario
Network operations	Monitoring, documentation, availability, backup, change control, disaster recovery, capacity, configuration management	You can identify what operational artifact, process, or metric is needed in a given situation
Network security	Authentication, authorization, segmentation, VPNs, wireless security, physical security, hardening, attacks, secure protocols	You can choose controls that reduce risk without breaking network functionality
Troubleshooting	Methodology, cable issues, DNS/DHCP failures, routing problems, wireless interference, latency, packet loss, tool selection	You can move from symptom to probable cause using the right command, tool, or test

High-Priority “Can You Do This?” Checklist

Before final review, you should be able to do the following without relying on answer memorization.

Core Networking Tasks

Explain the purpose of each OSI layer and identify where common devices and protocols operate.
Compare TCP and UDP using reliability, sequencing, acknowledgments, latency, and common use cases.
Match common ports to services such as DNS, DHCP, HTTP, HTTPS, SSH, RDP, SMTP, IMAP, POP3, SNMP, NTP, LDAP, and SMB.
Read IPv4 CIDR notation and determine network, broadcast, usable host range, and host capacity.
Identify when IPv6 link-local, global unicast, multicast, and loopback addresses are used.
Explain default gateway behavior and why hosts on different subnets need routing.
Distinguish routing, switching, bridging, NAT, PAT, and firewall filtering.
Explain what happens when a client obtains an address through DHCP.
Explain how DNS resolves names and when caching can cause confusing symptoms.
Interpret basic route table output and identify the default route.
Identify causes of latency, jitter, packet loss, duplex mismatch, and congestion.
Choose between copper, fiber, and wireless media based on distance, interference, speed, cost, and environment.

Implementation and Configuration Tasks

Choose an appropriate cable or connector for a scenario.
Identify where to use straight-through, crossover, rollover, console, patch, and fiber cabling concepts.
Compare multimode and single-mode fiber at a practical level.
Explain VLAN purpose and identify when a trunk port is required.
Distinguish access ports, trunk ports, native VLAN concepts, and inter-VLAN routing.
Explain link aggregation, redundancy, and loop-prevention goals.
Compare static routing, dynamic routing, and default routing.
Recognize routing protocol concepts such as administrative distance, metrics, convergence, and neighbor relationships.
Compare private WAN, broadband, cellular, satellite, and VPN connectivity choices.
Choose wireless standards, frequencies, channels, antennas, and security settings for a scenario.
Explain how virtualization, containers, cloud networking, and software-defined networking affect network design.
Identify where load balancers, proxies, IDS/IPS, firewalls, and VPN concentrators fit.

Operations and Security Tasks

Identify which network document is needed: topology diagram, rack diagram, IPAM record, asset inventory, baseline, or change record.
Choose appropriate monitoring methods, logs, metrics, alerts, and thresholds.
Explain SNMP, syslog, NetFlow-like flow data, packet capture, and event correlation at a practical level.
Distinguish backup, redundancy, high availability, fault tolerance, and disaster recovery.
Apply least privilege, segmentation, secure management, and hardening principles.
Compare authentication factors and common identity/access controls.
Identify secure versus insecure protocol choices.
Recognize common attack types and select appropriate mitigations.
Explain why physical security, environmental controls, and cable management matter.
Use a structured troubleshooting process instead of jumping to a fix.

Networking Concepts Checklist

Models, Encapsulation, and Traffic Flow

Skill	Check yourself
OSI model	Can you place hubs, switches, routers, firewalls, TCP, IP, Ethernet, DNS, and TLS at the appropriate conceptual layer?
TCP/IP model	Can you compare it with OSI without overfocusing on layer-number trivia?
Encapsulation	Can you describe data becoming segments, packets, frames, and bits?
Headers	Can you identify which header contains MAC addresses, IP addresses, and port numbers?
MTU and fragmentation	Can you explain why oversized packets can fail or require fragmentation?
Broadcast, multicast, unicast, anycast	Can you choose the correct traffic type for a scenario?
Client-server and peer-to-peer	Can you identify which model is being described?
North-south and east-west traffic	Can you distinguish user-to-data-center traffic from internal service-to-service traffic?

Common Ports and Protocols

You do not need to think like a port-number database, but you should recognize frequently tested services and whether they are secure, insecure, connection-oriented, or name/address related.

Service/protocol	What to know for readiness
DNS	Name resolution, records, recursive/authoritative roles, caching, common failure symptoms
DHCP	Address leasing, scopes, reservations, relay/IP helper concepts, APIPA symptom recognition
HTTP/HTTPS	Web traffic, secure transport, certificate-related symptoms
SSH/Telnet	Secure versus insecure remote administration
FTP/SFTP/TFTP	File transfer differences and security implications
SMTP/IMAP/POP3	Mail sending versus retrieval roles
SNMP	Monitoring, polling, traps/informs, community or credential security concerns
NTP	Time synchronization and why log correlation depends on it
LDAP/LDAPS	Directory access and secure directory communication
SMB	File sharing and Windows network resource access
RDP	Remote desktop access and exposure risk
SIP/RTP	VoIP signaling versus media concepts
Syslog	Centralized log forwarding and severity review
ICMP	Connectivity and diagnostic messages, not a transport protocol

TCP, UDP, and Transport Behavior

Concept	Ready means you can explain
TCP handshake	Why TCP is connection-oriented and how sessions are established
Reliability	Sequencing, acknowledgments, retransmission, and flow control
UDP behavior	Why UDP can be preferred for voice, video, DNS, or low-latency traffic
Ports	How source and destination ports identify application conversations
Ephemeral ports	Why client-side source ports are usually temporary
Stateful filtering	Why firewalls track sessions differently than stateless ACLs
Latency-sensitive traffic	Why retransmission may not help real-time applications

IPv4 Addressing and Subnetting

You should be able to work subnetting questions quickly and accurately.

Task	Ready check
CIDR interpretation	Given `/24`, `/26`, `/30`, etc., can you identify mask and host capacity?
Network ID	Can you determine the subnet address?
Broadcast address	Can you determine the last address in the subnet?
Usable range	Can you identify valid host addresses?
Same subnet check	Can you tell whether two hosts can communicate directly?
Default gateway	Can you identify the correct gateway address for a host?
Private addressing	Can you recognize private versus public IPv4 ranges?
APIPA/link-local	Can you recognize self-assigned addressing symptoms?
NAT/PAT	Can you explain why many internal hosts share a public address?

Subnetting formulas to know:

\[ \text{Number of addresses} = 2^{(32 - \text{prefix length})} \]\[ \text{Typical usable IPv4 hosts} = 2^{(32 - \text{prefix length})} - 2 \]

Use caution with special-purpose subnets in real environments. For exam readiness, focus on understanding the general method and recognizing scenario intent.

IPv6 Readiness

IPv6 concept	What to review
Address format	Hexadecimal groups, abbreviation rules, zero compression
Loopback	`::1`
Link-local	Used on local links; commonly starts with `fe80`
Global unicast	Routable IPv6 addressing concept
Multicast	IPv6 uses multicast heavily instead of broadcast
SLAAC	Automatic addressing concept
DHCPv6	Managed addressing or additional configuration details
Neighbor Discovery	IPv6 neighbor resolution and router discovery concepts
Dual stack	Running IPv4 and IPv6 together
Tunneling/transition	When IPv6 traffic crosses IPv4 infrastructure

Routing and Switching Concepts

Area	Can you do this?
MAC address learning	Explain how switches build and use MAC address tables
ARP	Explain how IPv4 hosts map IP addresses to MAC addresses
Default gateway	Explain why off-subnet traffic goes to a router
VLANs	Explain segmentation at Layer 2
Trunking	Explain carrying multiple VLANs between devices
Inter-VLAN routing	Explain how VLANs communicate through Layer 3
STP concepts	Explain why loops are dangerous and how loop prevention helps
Link aggregation	Explain bandwidth and redundancy benefits
Static routes	Identify when a manually configured route is appropriate
Dynamic routing	Explain why routing protocols exchange route information
Metrics	Explain why one route is preferred over another
Default route	Identify where unknown-destination traffic is sent
NAT/PAT	Explain inside/outside translation and port overload concepts

Network Implementation Checklist

Cables, Connectors, and Physical Media

Topic	Readiness check
Twisted pair copper	Know common Ethernet cabling use cases and interference concerns
Shielded vs unshielded	Choose based on EMI and environment
Plenum-rated cabling	Recognize fire-safety/environmental placement concerns
Fiber optic cabling	Know why fiber is used for distance, bandwidth, and EMI resistance
Single-mode vs multimode	Compare distance and typical use cases
Transceivers	Recognize modular optics and media conversion roles
Patch panels	Understand structured cabling and documentation needs
Punchdown blocks	Recognize termination in telecom/wiring areas
PoE	Know why power delivery over Ethernet matters for APs, phones, and cameras
Cable testing	Match tools to faults: continuity, pinout, attenuation, distance, or fiber light loss

Network Devices and Placement

Device	What to know
Switch	Layer 2 forwarding, VLANs, port security, trunks, access ports
Router	Layer 3 forwarding, default gateway, WAN edge, routing decisions
Firewall	Traffic filtering, stateful inspection, zones, rules, NAT, VPN termination
Wireless access point	802.11 access, SSIDs, channels, authentication/security
Wireless controller	Centralized AP management and policy
Load balancer	Distributes client traffic across back-end services
Proxy	Intermediary for clients or servers; can enforce policy or cache
IDS/IPS	Detection versus prevention placement and alerting
VPN concentrator	Secure remote or site-to-site tunnel aggregation
Modem/ONT	Service-provider handoff concepts
Media converter	Converts between media types, such as copper and fiber
VoIP phone	Depends on voice VLANs, PoE, QoS, and network availability

VLAN and Segmentation Checklist

Can you explain why VLANs reduce broadcast domains?
Can you identify when two hosts in different VLANs need routing?
Can you distinguish an access port from a trunk port?
Can you interpret a scenario where the wrong VLAN causes loss of connectivity?
Can you identify why voice VLANs are commonly used?
Can you explain how segmentation improves security and performance?
Can you recognize when firewall rules are needed between segments?
Can you identify management, guest, server, user, and IoT network separation scenarios?

Wireless Networking Checklist

Wireless topic	Ready means you can
Frequency bands	Compare 2.4 GHz, 5 GHz, and 6 GHz at a practical level
Channels	Recognize overlap, congestion, and channel-planning issues
SSID	Understand network identification and why hiding SSID is not strong security
BSSID	Recognize AP radio identity concepts
Roaming	Understand why clients move between APs and why poor design causes drops
Antennas	Compare omnidirectional and directional use cases
Signal strength	Identify weak signal, attenuation, and coverage gaps
Interference	Recognize microwave, Bluetooth, walls, metal, neighboring WLANs, and channel overlap issues
Authentication	Compare personal versus enterprise wireless authentication concepts
Encryption	Know why modern secure wireless encryption matters
Captive portal	Recognize guest-access workflow
Wireless survey	Understand predictive, active, and post-deployment validation concepts

WAN, Remote Access, and Internet Connectivity

Scenario	What to decide
Branch office connectivity	Dedicated circuit, broadband, VPN, cellular backup, SD-WAN-like overlay concepts
Remote worker	Client VPN, MFA, endpoint posture, split versus full tunnel implications
Site-to-site tunnel	Secure connectivity between networks over an untrusted path
Cloud connectivity	Public internet VPN, direct/private connectivity concept, route/security integration
Backup link	Failover behavior, monitoring, routing preference
High-latency link	Impact on voice, video, interactive apps, and timeouts
Multiple providers	Redundancy, routing, DNS, and failover considerations

Cloud, Virtualization, and Modern Network Concepts

Topic	Readiness check
Virtual switches	Understand switching inside a hypervisor or virtualized host
Virtual NICs	Recognize how VMs connect to networks
Containers	Understand that container networking may use bridges, overlays, and published ports
Overlay networks	Know why logical networks can run on top of physical networks
Software-defined networking	Separate control concepts from data forwarding concepts
Infrastructure as code	Recognize repeatable network provisioning and configuration management
Cloud VPC/VNet concepts	Understand isolated virtual networks, subnets, route tables, security controls
Security groups / network ACL concepts	Compare instance-level and subnet-level filtering at a conceptual level
Cloud load balancing	Distributes traffic to services across instances or zones
Cloud DNS	Managed name resolution and records
Hybrid connectivity	Connect on-premises networks to cloud networks securely
Microsegmentation	Fine-grained isolation of workloads or services

Network Operations Checklist

Documentation and Operational Artifacts

Artifact	When the exam may expect it
Physical topology diagram	You need device, cable, rack, and physical connection visibility
Logical topology diagram	You need VLANs, subnets, routing, security zones, and traffic flow
Rack diagram	You need physical placement, power, cabling, or data center troubleshooting
IP address management records	You need to prevent conflicts and track assignments
Asset inventory	You need lifecycle, ownership, support, warranty, or risk tracking
Network baseline	You need to know normal latency, utilization, errors, or throughput
Change record	You need accountability and rollback information
Standard operating procedure	You need repeatable execution of routine tasks
Runbook	You need step-by-step operational response guidance
Cable labels	You need fast tracing and reduced outage risk
Wireless heat map	You need coverage and interference evidence
Data flow diagram	You need to understand application communication and security boundaries

Monitoring, Metrics, and Logs

Monitoring item	What to recognize
Interface utilization	Congestion or capacity concerns
Interface errors/discards	Duplex, cabling, hardware, or congestion clues
CPU/memory	Overloaded network device symptoms
Latency	Delay between endpoints
Jitter	Variation in delay, especially relevant to voice/video
Packet loss	Drops caused by congestion, errors, bad links, or policy
Availability/uptime	Service health and outage tracking
SNMP polling	Periodic metric collection
SNMP traps/informs	Event-driven alerts
Syslog	Device event logging and centralized review
Flow data	Who is talking to whom, how much, and over which ports
Packet capture	Deep traffic inspection for difficult issues
Time synchronization	Required for accurate event correlation

Availability, Redundancy, and Recovery

Concept	Distinguish from
Backup	A copy used for restoration
Redundancy	Duplicate components or paths
High availability	Design that minimizes downtime
Fault tolerance	Continued operation despite component failure
Disaster recovery	Restoring service after major disruption
Business continuity	Keeping essential operations functioning
RPO	How much data loss is acceptable
RTO	How long restoration may take
Failover	Moving service to a standby path/system
Load balancing	Distributing traffic across active resources

RPO and RTO concept check:

RPO asks: “How much data can we afford to lose?”
RTO asks: “How long can the service be unavailable?”

Change, Configuration, and Governance

Can you identify why unauthorized changes cause outages?
Can you explain change request, approval, testing, implementation, validation, and rollback?
Can you choose a maintenance window for risky work?
Can you explain configuration backup and version control at a practical level?
Can you identify why baselines matter before and after a change?
Can you recognize when escalation is needed?
Can you distinguish a standard change from an emergency change conceptually?
Can you explain why documentation must be updated after implementation?

Network Security Checklist

Security Principles

Principle	Ready check
Least privilege	Can you reduce access to only what is required?
Defense in depth	Can you combine controls instead of relying on one device?
Segmentation	Can you isolate users, servers, guests, IoT, management, and sensitive systems?
Zero trust concepts	Can you explain verify-before-trust thinking at a high level?
Secure management	Can you choose SSH/HTTPS over insecure management protocols?
Hardening	Can you disable unused services, change defaults, and restrict admin access?
Authentication	Can you prove identity with appropriate factors?
Authorization	Can you determine what an authenticated user/device may do?
Accounting/auditing	Can you track activity through logs and records?

Network Access and Identity Controls

Control	What to know
MFA	Combines independent authentication factors
RADIUS/TACACS+ concepts	Centralized network authentication/authorization/accounting
802.1X	Port-based network access control concept
NAC	Determines whether devices should be allowed onto a network
Captive portal	Guest or user web-based access acceptance/authentication
Role-based access	Permissions based on assigned role
Just enough access	Avoids broad administrative rights
Certificate-based authentication	Uses certificates to establish identity/trust

Secure and Insecure Protocol Choices

Prefer	Avoid when security matters	Why
SSH	Telnet	Encrypted remote administration
HTTPS	HTTP	Encrypted web communication
SFTP/SCP	FTP	Secure file transfer
SNMPv3 conceptually	Older insecure SNMP configurations	Authentication/encryption support
LDAPS	LDAP without protection	Protects directory communication
Secure VPN	Plain remote exposure	Encrypted tunnel and access control

Threats and Attack Recognition

Threat or issue	Scenario cue	Likely mitigation direction
Phishing/social engineering	User tricked into revealing credentials	Awareness, MFA, reporting, filtering
Rogue DHCP server	Clients receive wrong gateway/DNS	DHCP snooping-like controls, switch security, investigation
DNS poisoning/spoofing	Users redirected to malicious destinations	Secure DNS practices, monitoring, cache clearing
ARP spoofing	Local traffic intercepted or redirected	Segmentation, inspection controls, static entries where appropriate
MAC flooding	Switch CAM table exhaustion behavior	Port security and monitoring
VLAN hopping	Unauthorized VLAN access attempt	Proper trunk/access configuration and hardening
Evil twin AP	Fake wireless network impersonates legitimate SSID	Enterprise authentication, user awareness, monitoring
Deauthentication attack	Wireless clients repeatedly disconnected	Wireless monitoring and secure WLAN design
DoS/DDoS	Service unavailable from traffic flood	Rate limiting, upstream protection, filtering, resilient design
Brute force	Repeated login attempts	Lockout, MFA, monitoring, strong passwords
Credential reuse	Same password compromised elsewhere	MFA, unique credentials, password policy
Insider misuse	Authorized user abuses access	Least privilege, logging, separation of duties

Firewall, ACL, and Segmentation Decision Checks

If the scenario says…	Think about…
“Allow only web traffic to a server”	Permit required ports, deny unnecessary access
“Users cannot reach a server after a rule change”	Source, destination, port, protocol, direction, rule order
“Guest Wi-Fi must not reach internal systems”	Segmentation, firewall policy, separate VLAN/subnet
“Admins need device management access”	Management VLAN, VPN, MFA, secure protocols, limited source addresses
“Database should only accept traffic from app servers”	East-west filtering and least privilege
“Rules are correct but traffic still fails”	Routing, NAT, statefulness, asymmetric path, local host firewall

Troubleshooting Checklist

Structured Troubleshooting Method

Know the sequence conceptually and use it in scenarios:

Identify the problem.
Establish a theory of probable cause.
Test the theory.
Establish a plan of action.
Implement the solution or escalate.
Verify full system functionality.
Document findings, actions, and outcomes.

Readiness cue: if an answer jumps to replacing hardware before gathering evidence, it is often not the best troubleshooting choice.

Tool and Command Selection

Tool/command	Best used for
`ping`	Basic reachability and latency clue using ICMP
`traceroute` / `tracert`	Path discovery and where traffic may stop
`ipconfig` / `ifconfig` / `ip`	Local IP address, gateway, DNS, interface details
`nslookup` / `dig`	DNS resolution testing
`arp`	Local IP-to-MAC mapping checks
`netstat` / `ss`	Listening ports and active connections
`route` / `ip route`	Local route table and default gateway
`tcpdump` / packet analyzer	Packet-level inspection
`nmap` conceptually	Port/service discovery when authorized
Cable tester	Pinout, continuity, opens, shorts
Toner/probe	Trace cable location
Loopback plug	Test network interface or port behavior
Optical power meter	Fiber signal strength/loss checks
Wi-Fi analyzer	Signal, channel, interference, and SSID visibility
Environmental monitor	Temperature, humidity, power, and facility conditions

Example command-review block:

ping <destination>
tracert <destination>        # Windows path test
traceroute <destination>     # Linux/macOS path test
ipconfig /all                # Windows IP, gateway, DNS, DHCP details
ip addr                      # Linux interface addressing
ip route                     # Linux route table
nslookup <hostname>
dig <hostname>
arp -a
netstat -ano                 # Windows connections/listeners
ss -tulpen                   # Linux listeners/connections

Symptom-to-Cause Readiness Table

Symptom	Likely areas to investigate
One host cannot reach anything	IP configuration, cable, switch port, VLAN, NIC, gateway
One host can reach local subnet but not internet	Default gateway, routing, firewall, DNS if only names fail
Host has self-assigned address	DHCP failure, VLAN issue, DHCP scope, relay issue, cable/switch problem
Can ping IP but not hostname	DNS server, DNS record, client DNS settings, cache
Some users affected, same VLAN	Switch, DHCP scope, ACL, gateway, local segment issue
All users at one site affected	WAN link, edge router/firewall, ISP/provider, power, routing
Wireless slow but wired fine	RF interference, channel overlap, weak signal, AP capacity, roaming
Voice calls choppy	Jitter, latency, packet loss, QoS, congestion
Intermittent drops	Bad cable, duplex mismatch, failing port, interference, power, loops
New VLAN cannot reach other networks	Trunking, allowed VLANs, inter-VLAN routing, gateway, ACL
Website unreachable externally	DNS, NAT, firewall rule, service down, route, certificate if HTTPS-specific
High interface errors	Cable, connector, transceiver, duplex/speed mismatch, hardware
Routing loop	Misconfiguration, route redistribution issue, incorrect static route
Duplicate IP	IPAM issue, static conflict, DHCP reservation/scope problem

Layered Troubleshooting Prompts

Layer focus	Questions to ask
Physical	Is the cable connected, correct, undamaged, and within expected distance? Are link lights present?
Data link	Is the port in the correct VLAN? Any MAC table, duplex, STP, or frame errors?
Network	Is the IP/mask/gateway correct? Is there a route? Is NAT involved?
Transport	Is the right port open? Is a firewall blocking TCP/UDP?
Application	Is DNS correct? Is the service running? Are credentials/certificates valid?

Calculation and Interpretation Checks

IPv4 Subnetting Quick Table

Prefix	Address block size	Typical usable hosts	Common readiness cue
/24	256	254	Standard small LAN
/25	128	126	Split a /24 into 2 subnets
/26	64	62	Smaller departments or segments
/27	32	30	Small network segment
/28	16	14	Small device group
/29	8	6	Very small segment
/30	4	2	Point-to-point-style IPv4 concept
/32	1	1 address	Single host route concept

Practice prompts:

Given 192.168.10.0/26, can you list the subnet ranges inside 192.168.10.0/24?
Given 10.1.5.77/28, can you find the network and broadcast address?
Given two IP/mask pairs, can you tell whether they are on the same subnet?
Given a required host count, can you choose an efficient prefix length?
Given a route table, can you identify the most specific matching route?

Wireless Channel and Frequency Checks

Prompt	Ready answer should include
2.4 GHz network is slow in an apartment building	Interference, limited non-overlapping channels, channel planning
5 GHz coverage is weaker through walls	Higher frequency has different propagation and attenuation behavior
Clients drop while moving	Roaming, AP placement, power levels, controller settings, authentication delay
Guest Wi-Fi must be isolated	Separate SSID, VLAN/subnet, firewall policy, captive portal if needed
Warehouse has dead zones	Site survey, antenna choice, AP placement, environmental obstacles

Throughput, Latency, and Capacity Checks

Concept	Can you distinguish it?
Bandwidth	Theoretical or provisioned capacity
Throughput	Actual achieved data rate
Latency	Time delay
Jitter	Variation in delay
Packet loss	Dropped traffic
Goodput	Useful application data after overhead
Bottleneck	Slowest constrained segment in the path
Oversubscription	More potential demand than guaranteed capacity

Scenario and Decision-Point Checks

Service Selection Scenarios

Scenario	Best decision focus
Users report “internet is down,” but they can ping public IPs	DNS troubleshooting
A new floor needs separate user and voice networks	VLANs, voice VLAN, DHCP scopes, QoS
A branch needs secure connectivity to headquarters	Site-to-site VPN or private WAN concept
A remote employee needs access to internal tools	Client VPN, MFA, endpoint security
A public web app must handle more requests	Load balancing, scaling, monitoring
A database should not be directly reachable by users	Segmentation and firewall rules
Logs from multiple devices need central review	Syslog/SIEM-like collection and time sync
Network changes keep causing outages	Change control, documentation, rollback, baselines
Wireless coverage is unreliable after office remodel	Site survey and RF analysis
Devices receive addresses from the wrong subnet	VLAN/DHCP relay/scope/rogue DHCP investigation

Troubleshooting Decision Path

    flowchart TD
	    A[User reports network problem] --> B{One user or many?}
	    B -->|One user| C[Check local link, IP config, VLAN, DNS]
	    B -->|Many users| D{Same area or different areas?}
	    D -->|Same area| E[Check switch, AP, VLAN, DHCP scope, local uplink]
	    D -->|Different areas| F[Check core routing, firewall, WAN, DNS, shared services]
	    C --> G{Can reach IP address?}
	    G -->|Yes, but not name| H[Focus on DNS]
	    G -->|No| I[Focus on IP, gateway, route, firewall, physical path]
	    E --> J[Verify recent changes and device health]
	    F --> J
	    H --> K[Verify fix and document]
	    I --> K
	    J --> K

“Best Answer” Judgment Prompts

If two answers seem correct	Prefer the answer that…
Both could fix the issue	Follows the troubleshooting method and verifies cause
Both are security controls	Applies least privilege with minimal disruption
Both improve availability	Addresses the stated failure mode
Both involve documentation	Matches the artifact to the task: topology, baseline, IPAM, change record
Both involve monitoring	Collects the metric or log that proves the issue
Both involve wireless	Addresses RF reality, not just SSID settings
Both involve routing	Uses the most specific and operationally appropriate route
Both involve cabling	Matches media, connector, distance, and environment

Common Weak Areas and Traps

Conceptual Traps

Confusing DNS failure with total connectivity failure.
Treating TCP and UDP as “secure” versus “insecure” instead of reliable versus connectionless behavior.
Forgetting that switches forward frames using MAC addresses, while routers forward packets using IP addresses.
Assuming VLANs can communicate without a Layer 3 device or service.
Confusing NAT with firewall filtering.
Thinking hidden SSID is strong wireless security.
Treating more AP power as the universal fix for wireless coverage.
Ignoring client device transmit power in wireless design.
Confusing bandwidth with throughput.
Confusing latency with jitter.
Assuming encryption automatically provides authorization.
Forgetting that time synchronization affects log correlation.
Choosing replacement before testing a theory.

Subnetting Traps

Misreading the prefix length.
Forgetting that block size changes by octet.
Including network and broadcast addresses as normal hosts in typical IPv4 subnet questions.
Choosing a subnet that does not provide enough usable host addresses.
Failing to identify whether two hosts are on the same subnet.
Overlooking the default gateway’s subnet.
Forgetting longest-prefix match when reading routes.

Security Traps

Opening broad firewall rules when a narrow rule would satisfy the requirement.
Allowing management access from user or guest networks.
Using insecure management protocols when secure alternatives are expected.
Treating guest Wi-Fi as safe without segmentation.
Forgetting physical security for network closets, ports, and devices.
Ignoring default credentials and unused services.
Confusing authentication with authorization.
Missing the role of logging and monitoring after prevention controls.

Troubleshooting Traps

Skipping recent changes.
Testing only by hostname and missing DNS as the issue.
Testing only from one client and assuming a sitewide outage.
Ignoring cable and physical-layer indicators.
Forgetting DHCP relay when clients in a remote VLAN cannot get addresses.
Misdiagnosing a firewall block as a routing issue.
Misdiagnosing a routing issue as a DNS issue.
Not verifying full functionality after a fix.
Not documenting the final cause and action.

Final-Week Review Checklist

Seven to Five Days Out

Revisit every weak topic area in this checklist.
Redo subnetting until you can solve common CIDR questions quickly.
Review common ports and protocols in scenario form, not just flashcards.
Practice reading routing, DNS, DHCP, and wireless symptoms.
Review cable types, connector types, transceivers, and tools.
Review VLAN, trunking, inter-VLAN routing, and segmentation scenarios.
Review wireless interference, channel planning, roaming, and authentication.
Review monitoring outputs, logs, metrics, and documentation artifacts.

Four to Two Days Out

Take a mixed practice set under timed conditions.
For each missed question, identify the reason: knowledge gap, misread wording, or poor elimination.
Create a one-page last-review sheet with ports, subnetting reminders, commands, and troubleshooting flow.
Practice tool-selection questions: cable tester versus toner, ping versus traceroute, DNS tool versus packet capture.
Review secure protocol replacements and remote access security.
Review change management and documentation scenarios.
Review high-availability and disaster recovery terms.

Day Before

Do light review only; avoid trying to learn large new topics.
Recheck subnetting shortcuts and common protocol roles.
Review the troubleshooting methodology.
Review your most common mistakes.
Prepare identification, appointment details, and exam logistics.
Sleep instead of cramming late.

Exam-Day Mindset

Read the scenario before looking for keywords.
Identify whether the question asks for the first step, best solution, likely cause, or most secure option.
Eliminate answers that are technically true but do not solve the stated problem.
Watch for scope: one user, one VLAN, one site, all users, wired only, wireless only, names only, IP only.
For troubleshooting questions, prefer evidence-based next steps.
Mark difficult questions and return if allowed by your exam interface.
Do not let one hard subnetting or command question consume too much time.

Practical Next Step

Use this checklist to label each area as ready, needs review, or needs practice. Then focus practice on scenario questions that force you to choose tools, interpret symptoms, apply subnetting, secure a design, or troubleshoot step by step for CompTIA Network+ (N10-009).

Study Plan

Scenario Guide