Try 10 focused CompTIA Network+ N10-009 questions on Network Operations, with explanations, then continue with IT Mastery.
Open the matching IT Mastery practice page for timed mocks, topic drills, progress tracking, explanations, and full practice.
Try CompTIA Network+ N10-009 on Web View full CompTIA Network+ N10-009 practice page
| Field | Detail |
|---|---|
| Exam route | CompTIA Network+ N10-009 |
| Topic area | Network Operations |
| Blueprint weight | 19% |
| Page purpose | Focused sample questions before returning to mixed practice |
Use this page to isolate Network Operations for CompTIA Network+ N10-009. Work through the 10 questions first, then review the explanations and return to mixed practice in IT Mastery.
| Pass | What to do | What to record |
|---|---|---|
| First attempt | Answer without checking the explanation first. | The fact, rule, calculation, or judgment point that controlled your answer. |
| Review | Read the explanation even when you were correct. | Why the best answer is stronger than the closest distractor. |
| Repair | Repeat only missed or uncertain items after a short break. | The pattern behind misses, not the answer letter. |
| Transfer | Return to mixed practice once the topic feels stable. | Whether the same skill holds up when the topic is no longer obvious. |
Blueprint context: 19% of the practice outline. A focused topic score can overstate readiness if you recognize the pattern too quickly, so use it as repair work before timed mixed sets.
These questions are original IT Mastery practice items aligned to this topic area. They are designed for self-assessment and are not official exam questions.
Topic: Network Operations
Which TWO of the following are NOT appropriate steps for verifying and documenting the successful completion of a network change? (Select TWO.)
Options:
A. Update network diagrams, inventories, and IP/VLAN documentation to reflect any new interfaces, routes, or addressing used by the change.
B. Record the final implemented configuration, including any deviations from the original plan, in the change ticket or configuration management system.
C. Delay all documentation updates until several unrelated changes have accumulated, to avoid wasting time on frequent small edits.
D. Perform functional testing of affected services against a predefined test plan before marking the change as complete.
E. Monitor key performance and error metrics, as well as alerts, for a defined period after the change to detect hidden issues.
F. Immediately close the change record as soon as the configuration command is entered on the device, without waiting for validation.
Correct answers: C and F
Explanation: Verifying and documenting a network change involves confirming that the change works as intended, does not introduce new issues, and is accurately reflected in your records. This typically includes structured testing, short-term monitoring, and prompt updates to diagrams and configuration repositories.
Testing should be done using a predefined test plan that includes the affected applications, critical paths, and rollback conditions. After the change is implemented, monitoring tools (such as SNMP dashboards, syslog, or flow data) should be reviewed for errors, unusual latency, or alerts over a defined observation period.
Once the change is confirmed successful, documentation must be updated promptly. This includes physical and logical diagrams, IP and VLAN assignments, device inventories, and the change ticket itself. The ticket should record the final configuration and any departures from the original plan so future technicians can understand what was deployed and why.
Topic: Network Operations
A company recently had an outage after a misconfiguration on a core switch. The networking manager is implementing stricter change control with configuration backups, templates, and versioning to improve disaster recovery and rollback. Which of the following practices should you AVOID? (Select TWO.)
Options:
A. Making urgent CLI changes directly on production devices and not updating the configuration repository as long as the network appears stable
B. Linking each committed configuration version in the repository to an approved change ticket and brief change description
C. Saving daily configuration backups from all network devices to a centralized repository with timestamps and device identifiers
D. Using a standardized, tested baseline template when deploying new switches and documenting any intentional deviations
E. Manually deleting all but the most recent configuration backup for each device to save storage space, without any defined retention policy
Correct answers: A and E
Explanation: Configuration backups, templates, and versioning are key parts of network operations and change control. Backups enable disaster recovery when hardware fails or a bad change is applied. Versioning tracks how configurations evolve over time so that you can roll back to a known-good state. Templates provide consistent, repeatable baselines that reduce configuration drift and human error across many devices.
Practices that bypass version control or aggressively delete older backups directly undermine these benefits. Without an accurate, historical record of configurations, rollback and root-cause analysis become much harder, and the organization is more vulnerable to outages and misconfigurations. In contrast, centralizing backups, using tested templates, and tying versions to change tickets all strengthen operational reliability and security.
Topic: Network Operations
A network technician observes a coworker verbally telling their corporate login password to another employee so that person can “check email” from the coworker’s account. According to typical security policies and escalation procedures, what should the technician do NEXT?
Options:
A. Quietly change the coworker’s password and write the new password on a note for them to keep in a desk drawer.
B. Ask the coworker to send the password to the technician so it can be checked for complexity and then changed later.
C. Report the behavior using the organization’s defined security or incident‑response/escalation process.
D. Do nothing because both users are employees and already trusted by the company.
Best answer: C
Explanation: Password sharing is a clear violation of most organizations’ acceptable use and security policies. When a technician observes this type of misuse, the correct response is to follow the documented escalation or incident‑response procedure—typically reporting the incident to a manager, security team, or help desk channel designated for security events.
Handling it informally, ignoring it, or further exposing passwords all conflict with the principle of least privilege and with standard audit and compliance requirements. The technician’s role is to protect the network and data by using approved processes, not by improvising their own response.
This aligns with Network+ Domain 3 (Network Operations), specifically applying network policies and following appropriate escalation paths when policy violations are observed.
Topic: Network Operations
A company recently discovered that a former contractor was still able to connect to the corporate VPN for two weeks after their contract ended, using saved credentials. Management asks the network team to strengthen onboarding/offboarding and password policies to reduce the risk of unauthorized network access in the future.
Which of the following actions/solutions will best address this issue or requirement? (Select TWO.)
Options:
A. Allow managers to maintain generic shared VPN accounts for temporary staff, documented in the acceptable use policy to reduce account-creation overhead.
B. Create a formal offboarding procedure that requires HR to notify IT before the last workday and mandates same-day disabling of all directory, email, and VPN accounts on the termination date.
C. Add a policy requiring users to store all company passwords in their web browser’s built-in password manager for convenience.
D. Configure the VPN gateway to lock a user account after 10 consecutive failed login attempts.
E. Update the password policy so that user passwords must be at least 14 characters long and cannot be reused for the last 10 password changes.
Correct answers: B and E
Explanation: This scenario focuses on improving network-related policies—particularly onboarding/offboarding and password policies—to prevent former users from retaining access. The problem was that a former contractor still had valid VPN credentials and their account had not been disabled promptly.
A robust offboarding policy ensures that accounts are disabled as soon as someone leaves, so no valid credentials remain. A strong password policy ensures that passwords are hard to guess or reuse, improving the overall security of network access. Together, these policies help reduce the risk of unauthorized VPN and internal network access by former employees or contractors.
Technical controls such as account lockout or convenience-focused rules like mandatory browser password storage may be useful in some contexts, but they do not specifically address the policy gaps highlighted in the scenario: timely account deprovisioning and strong, controlled password usage.
Topic: Network Operations
Which benefit of maintaining accurate, up-to-date network documentation is most important for day-to-day operations?
Options:
A. It removes the need to follow a formal change-management process.
B. It guarantees that no configuration errors will occur when devices are deployed.
C. It helps technicians quickly understand the network during troubleshooting, reducing time to resolve incidents.
D. It allows the organization to safely use weaker passwords because configurations are easier to review.
Best answer: C
Explanation: Accurate, up-to-date network documentation (such as diagrams, IP address plans, and device inventories) is a key operational tool. When something breaks, technicians can use these documents to quickly see which devices, links, VLANs, and IP ranges are involved. This shortens the time needed to isolate and fix issues, directly reducing downtime.
Beyond troubleshooting, good documentation supports audits by showing how the network is designed, which security controls are in place, and where devices are located. It also makes knowledge transfer easier: new staff can understand the environment without relying solely on informal explanations from senior technicians.
However, documentation does not replace other processes such as change management or security controls; it complements them by providing accurate information to base decisions on.
Topic: Network Operations
A network technician is reconfiguring a static IP address on a network printer that was recently moved to a different floor. The technician must make sure the new address is in the correct subnet for that floor and does not conflict with any existing static or reserved addresses. Which type of documentation should the technician consult FIRST to meet these requirements?
Options:
A. The site’s IP address plan
B. The physical network diagram showing cable runs and patch panels
C. The logical network diagram showing VLANs and routing paths
D. The hardware inventory list of network devices and printers
Best answer: A
Explanation: In day-to-day operations, technicians rely on different types of documentation for different purposes. When assigning or changing a static IP address, the main risks are putting the device in the wrong subnet or causing a duplicate IP conflict. The document specifically designed to track which subnets exist, how they are used, and which addresses are reserved or in use is the IP address plan.
An IP address plan usually includes information such as network IDs, subnet masks, default gateways, and defined ranges for DHCP pools, static assignments, and infrastructure devices. By checking this plan, the technician can choose an address that belongs to the correct subnet for that floor and is not already assigned or reserved. Other documentation types are very useful for troubleshooting and planning, but they do not provide the detailed address allocation information needed for this task.
Topic: Network Operations
A junior network technician notices that a user has shared their password with a coworker. The technician records the details and reports the incident to the information security team as specified in the company’s incident response documentation, without taking independent disciplinary action. This behavior BEST demonstrates which policy concept?
Options:
A. Implementing mandatory vacation requirements
B. Applying the principle of least privilege
C. Enforcing change management controls
D. Following the defined escalation chain of command
Best answer: D
Explanation: In a well-run network operations environment, staff are expected to follow documented policies and procedures, especially for security incidents. When a technician observes a clear policy violation such as password sharing, they should not invent their own response or impose ad hoc discipline. Instead, they should document what they saw and escalate through the predefined channels in the incident response or security policy.
The scenario emphasizes that the technician records the incident and reports it to the information security team as specified in the company’s documentation. This is a textbook example of following the defined escalation chain of command: the technician gathers facts and passes them to the responsible authority, rather than acting outside their role or skipping steps in the process.
Other concepts like least privilege, change management, and mandatory vacations are also important network policies, but they address different aspects of governance (access control, system changes, fraud detection) rather than the specific act of escalating an observed violation through the proper path.
Topic: Network Operations
An organization maintains accurate, centralized network diagrams, IP address inventories, and device configurations in a shared repository. This documentation is routinely used to speed up troubleshooting, support compliance audits, and onboard new technicians. Which operations principle is BEST illustrated by this practice?
Options:
A. Network segmentation and isolation
B. Effective documentation and knowledge management
C. High availability and redundancy
D. Defense in depth security layering
Best answer: B
Explanation: Accurate network documentation—such as diagrams, IP address plans, and device configuration records—provides a long-term foundation for running a stable network. When documentation is kept current and stored in a shared location, it becomes a central knowledge base.
This knowledge base speeds troubleshooting because technicians can quickly see how devices are connected, which VLANs and subnets exist, and what normal configurations look like. It also supports audits and compliance by giving auditors clear evidence of how the network is structured and what controls are in place. Finally, it improves knowledge transfer and reduces single points of failure in staff, because new or junior technicians can learn the environment without relying solely on one experienced engineer.
These benefits collectively describe the principle of effective documentation and knowledge management within network operations, not segmentation, redundancy, or layered security controls.
Topic: Network Operations
You are a junior network technician working after hours. You observe a coworker copying router configuration files to a personal cloud storage account and logging in to the firewall using a generic admin account. Company policy requires unique admin accounts and forbids storing configurations on personal services. Which of the following actions should you AVOID? (Select TWO.)
Options:
A. Ignore the behavior because the coworker is more senior and probably knows what they are doing.
B. Privately remind the coworker that policy requires unique admin accounts and approved storage locations for configurations, and suggest they follow the documented process.
C. Review the organization’s acceptable‑use and security policies to confirm the correct way to report what you observed.
D. Export copies of the same configurations to your own personal cloud account so you also have a convenient backup.
E. Document what you observed and report it to your supervisor or security team following the documented incident‑reporting process.
Correct answers: A and D
Explanation: In this scenario, you clearly observe two policy violations: storing configurations on a personal cloud service and using a generic shared admin account. Network and security policies typically require protecting configuration data and using individually traceable admin credentials. As a technician, you must not participate in, ignore, or conceal violations; instead, you should follow the organization’s documented escalation path.
Appropriate responses include confirming the correct procedure in written policy and reporting the issue through the official incident or supervisory channel. Additionally, a respectful reminder to the coworker about the policy can be helpful, provided you still follow formal reporting requirements. Actions that ignore or repeat the violation are unsafe and break policy.
Topic: Network Operations
A company runs VoIP calls between a branch office and headquarters over a WAN link. The SLA requires jitter below 30 ms and packet loss below 1% during business hours, but users report intermittent choppy audio. The network team already collects basic SNMP bandwidth statistics. Which monitoring configuration would be the MOST appropriate to reliably detect when the SLA is being violated?
Options:
A. Configure a simple ICMP ping from the branch router to the HQ router every 5 minutes and alert if a single ping fails.
B. Configure the monitoring system to measure latency, jitter, and packet loss on the WAN path and trigger alerts when jitter exceeds 30 ms or packet loss exceeds 1% over short (1–5 minute) intervals.
C. Create a bandwidth utilization threshold to alert when the WAN interface averages more than 95% utilization over a 24-hour period.
D. Set an SNMP alert when the WAN router CPU utilization exceeds 90% for more than 15 minutes during business hours.
Best answer: B
Explanation: For real-time applications like VoIP, performance issues are usually tied to latency, jitter, and packet loss rather than just raw bandwidth or device CPU. The SLA in this scenario explicitly defines acceptable jitter and packet loss values, so the monitoring strategy should measure exactly those metrics and generate alerts when they exceed the defined thresholds.
A good monitoring setup will use tools that can actively or passively measure end-to-end performance on the WAN path (for example, synthetic probes or flow/telemetry-derived measurements) and evaluate them over short intervals, such as 1–5 minutes. This allows the network team to detect brief periods of degraded quality that users experience as choppy audio, even if long-term averages still look normal.
By aligning thresholds with the SLA (jitter >30 ms, packet loss >1%) and sampling frequently enough, the team can both prove SLA violations and quickly correlate user complaints with observable network conditions, which supports troubleshooting and escalation to the service provider if needed.
Use the CompTIA Network+ N10-009 Practice Test page for the full IT Mastery route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.
Try CompTIA Network+ N10-009 on Web View CompTIA Network+ N10-009 Practice Test
Read the CompTIA Network+ N10-009 Cheat Sheet on Tech Exam Lexicon, then return to IT Mastery for timed practice.