Try 10 focused CompTIA Network+ N10-009 questions on Networking Fundamentals, with explanations, then continue with IT Mastery.
Open the matching IT Mastery practice page for timed mocks, topic drills, progress tracking, explanations, and full practice.
Try CompTIA Network+ N10-009 on Web View full CompTIA Network+ N10-009 practice page
| Field | Detail |
|---|---|
| Exam route | CompTIA Network+ N10-009 |
| Topic area | Networking Fundamentals |
| Blueprint weight | 24% |
| Page purpose | Focused sample questions before returning to mixed practice |
Use this page to isolate Networking Fundamentals for CompTIA Network+ N10-009. Work through the 10 questions first, then review the explanations and return to mixed practice in IT Mastery.
| Pass | What to do | What to record |
|---|---|---|
| First attempt | Answer without checking the explanation first. | The fact, rule, calculation, or judgment point that controlled your answer. |
| Review | Read the explanation even when you were correct. | Why the best answer is stronger than the closest distractor. |
| Repair | Repeat only missed or uncertain items after a short break. | The pattern behind misses, not the answer letter. |
| Transfer | Return to mixed practice once the topic feels stable. | Whether the same skill holds up when the topic is no longer obvious. |
Blueprint context: 24% of the practice outline. A focused topic score can overstate readiness if you recognize the pattern too quickly, so use it as repair work before timed mixed sets.
These questions are original IT Mastery practice items aligned to this topic area. They are designed for self-assessment and are not official exam questions.
Topic: Networking Fundamentals
Which TWO of the following statements about wireless access points, wireless controllers, and cloud‑managed networking appliances are INCORRECT? (Select TWO.)
Options:
A. Autonomous (standalone) wireless access points contain both the data plane and control/management functions locally, so each AP must be configured individually unless additional tools are used.
B. A wireless access point primarily acts as a management-plane device and does not participate in forwarding user data frames between wireless clients and the wired network.
C. In a cloud-managed WLAN, all client data frames must be sent through the vendor’s cloud, so a WAN outage completely stops local wireless communication on the site.
D. In a controller-based WLAN, lightweight APs forward user traffic at the edge while the wireless controller centralizes configuration, authentication, and RF management for many APs.
E. Cloud-managed switches and APs typically keep user traffic forwarding locally on the LAN, even if they temporarily lose connectivity to the cloud management platform.
F. Wireless controllers help enforce consistent SSIDs, security policies, and VLAN mappings across many APs from a single management interface.
Correct answers: B and C
Explanation: Wireless access points (APs) are primarily data-plane devices: they transmit and receive user traffic between wireless clients and the wired network. In controller-based architectures, lightweight APs rely on a centralized wireless controller for most control and management-plane functions such as configuration, authentication integration, and RF optimization, while still forwarding user traffic. In cloud-managed networks, a cloud platform provides centralized management, monitoring, and configuration for many APs and switches, but the devices themselves usually continue to forward traffic locally even if cloud connectivity is interrupted.
The two incorrect statements are the ones that claim all cloud-managed client data must traverse the vendor’s cloud and that an AP is mainly a management-plane device that does not forward user frames. Both misrepresent the fundamental roles of the data and control planes in modern wireless and cloud-managed designs.
Topic: Networking Fundamentals
A junior technician is confused about how a switch and ARP work together the very first time one PC in a VLAN pings another PC in the same VLAN. PC-A (192.168.1.10) and PC-B (192.168.1.20) are connected to the same switch on the same VLAN, and both the switch’s MAC table and the PCs’ ARP caches are initially empty.
You need to explain the key Layer 2 steps that allow the first ping from PC-A to reach PC-B and get a reply. Which of the following actions/solutions will best address this issue or requirement? (Select TWO.)
Options:
A. When PC-B sends its unicast ARP reply, the switch learns PC-B’s MAC address on that port and forwards the frame only out the port associated with PC-A’s MAC entry.
B. When the switch powers on, it actively sends ARP requests out each port to discover and pre-populate its MAC address table before any hosts send traffic.
C. The switch floods PC-A’s initial ARP request frame out all other ports in the same VLAN, while learning PC-A’s MAC address on the ingress port.
D. The router connected to the VLAN answers the ARP request on behalf of PC-B and updates the switch with MAC-to-port mappings for both PCs.
E. PC-A uses ARP to learn the switch’s MAC address so it can send all frames to the switch, which then rewrites the destination MAC address for the final host.
F. Before forwarding the initial ARP request, the switch checks its MAC table for PC-B’s MAC and drops the frame if there is no existing entry for that destination.
Correct answers: A and C
Explanation: Within a single VLAN, Ethernet switches use a MAC address table to decide which port to use for a unicast frame. However, when communication happens for the first time, both the switch’s MAC table and the hosts’ ARP caches may be empty.
When PC-A first wants to ping PC-B by IP address, it needs to know PC-B’s MAC address. Because that mapping is not yet in PC-A’s ARP cache, PC-A sends an ARP request as a broadcast frame. The switch receives this broadcast, learns PC-A’s MAC address on the ingress port, and floods the broadcast frame out all other ports in that VLAN.
PC-B receives the ARP request and responds with an ARP reply, which is a unicast frame back to PC-A’s MAC address. When this reply enters the switch, the switch learns PC-B’s MAC address on that port, and then forwards the unicast frame only out the port where PC-A’s MAC address was previously learned. Now the switch’s MAC table has entries for both PCs, and subsequent unicast traffic between them can be forwarded directly without flooding.
This process illustrates two key ideas: MAC learning and unknown-unicast/broadcast flooding by the switch, and ARP’s role in mapping IP addresses to MAC addresses so hosts can communicate on the LAN.
Topic: Networking Fundamentals
A 60-person company currently uses a single on-premises hardware firewall at its main office. Many employees now work remotely and connect directly to SaaS applications over the internet. Management wants consistent web filtering and threat protection for both office and remote users, while avoiding new on-site hardware and minimizing ongoing infrastructure maintenance. Which type of network appliance deployment would BEST meet these goals?
Options:
A. Use a cloud-hosted security gateway/firewall service that is managed by the provider in its own cloud platform.
B. Install an additional hardware firewall at the main office and require remote users to VPN into the office for internet access.
C. Create separate virtual firewall appliances inside each SaaS provider’s environment to inspect user traffic to that specific service.
D. Deploy a virtual firewall appliance on the organization’s on-premises virtualization host at the main office.
Best answer: A
Explanation: This scenario focuses on where a network appliance resides and who manages the underlying platform. The company wants to extend consistent security controls (web filtering and threat protection) to both on-premises and remote users without adding more on-site hardware or increasing infrastructure management.
A cloud-hosted network appliance, such as a security gateway or firewall-as-a-service, runs in the provider’s cloud environment. The provider owns and operates the hardware and core platform, while the customer primarily manages policies and possibly user identities. Traffic from both office and remote users can be routed or tunneled to this service, achieving centralized, consistent protection without extra on-premises hardware.
On-premises physical and virtual appliances, in contrast, are located in the organization’s own facilities and must be fully managed by the organization (including updates, capacity, and redundancy). While virtual appliances remove dedicated hardware, they do not inherently reduce management effort and are less suited to directly protecting remote users who connect to cloud services without going through the corporate site.
The key distinction tested here is between on-premises appliances (physical or virtual) and cloud-hosted, provider-managed appliances, and how their placement and management responsibilities affect the design choice.
Topic: Networking Fundamentals
A network administrator is designing IPv4 and IPv6 addressing for a new, 300-user office. The environment will be dual stack and include client laptops, printers, IP cameras, and several public-facing servers. The company wants predictable addressing for infrastructure and servers while minimizing day-to-day administration for user devices.
Which of the following IP addressing approaches should the administrator NOT implement? (Select TWO.)
Options:
A. Configure all user laptops to use SLAAC for IPv6 and DHCPv4 for IPv4, with DNS servers supplied dynamically.
B. Configure public-facing web and email servers to obtain both IPv4 and IPv6 addresses dynamically via DHCP and SLAAC, without any static assignments or reservations.
C. Assign static IPv4 and IPv6 addresses to all servers and core network devices, while using DHCPv4 and SLAAC/DHCPv6 for user laptops.
D. Manually assign static IPv4 addresses to all 300 user laptops instead of deploying a DHCPv4 server.
E. Use DHCP reservations for IPv4 printers and IP cameras, and assign them static IPv6 addresses documented in the IP plan.
Correct answers: B and D
Explanation: This scenario focuses on choosing appropriate IP address assignment methods (DHCP, SLAAC, static) for different device types in a mid-sized, dual-stack enterprise network.
Static addressing is typically used for infrastructure and servers that must be consistently reachable and easy to reference in DNS and documentation. DHCP (for IPv4) and SLAAC and/or DHCPv6 (for IPv6) are preferred for large numbers of client devices because they reduce manual administrative work and help avoid address conflicts.
Manually assigning static IPv4 addresses to hundreds of laptops ignores the purpose of DHCP and creates a high risk of misconfiguration and conflicts. Similarly, allowing public-facing servers to obtain changing IP addresses via SLAAC or unmanaged DHCP undermines predictable DNS mappings and reliable external access.
Other options that mix static addressing for servers and infrastructure with dynamic addressing for clients reflect standard best practices for both IPv4 and IPv6 in small and medium-sized networks.
Topic: Networking Fundamentals
A network administrator is reviewing how several internal applications use transport-layer protocols. The goal is to follow best practices for reliability and performance.
Which of the following configuration decisions should the administrator AVOID? (Select TWO.)
Options:
A. Configuring VoIP RTP audio streams for office phones to use UDP
B. Configuring interactive SSH management sessions for servers to use TCP
C. Configuring database replication of financial records between data centers to use UDP for faster transfers
D. Configuring live video streaming for internal training broadcasts to use UDP
E. Configuring nightly bulk file backup jobs to use UDP instead of TCP to reduce overhead
Correct answers: C and E
Explanation: At the transport layer, TCP is a connection-oriented protocol that provides reliable, in-order delivery with acknowledgments, retransmissions, and flow control. This makes TCP ideal for applications where every byte must arrive correctly, such as file transfers and database replication.
UDP is connectionless and does not provide built-in reliability, ordering, or congestion control. It has lower overhead and is commonly used for real-time applications like VoIP and streaming, where low latency is more important than recovering every lost packet.
In this scenario, using UDP for critical, non-tolerant data (such as backups or financial database replication) is unsafe and breaks best practices. Using TCP for reliable transfers and UDP for real-time media aligns with common design patterns that balance reliability and performance.
Topic: Networking Fundamentals
A network technician is troubleshooting a user report that “web pages load very slowly or time out.” The technician uses the OSI model to record each check.
Exhibit:
| OSI layer check | Observation | Result |
|---|---|---|
| Layer 1 | Switch and NIC link LEDs solid, no interface errors | Pass |
| Layer 2 | MAC address appears in switch table, no excessive drops | Pass |
| Layer 3 | Stable pings to default gateway and web server IP | Pass |
| Layer 4 | TCP 443 sessions established, no firewall denies | Pass |
| Next step | ? | — |
Based on how the technician is using the OSI model in the exhibit, what is the PRIMARY advantage of this approach?
Options:
A. It allows the technician to skip lower-layer checks and immediately replace application servers when any issue is reported.
B. It ensures that only proprietary vendor-specific tools and commands can be used during troubleshooting.
C. It automatically maps IP addresses to MAC addresses without requiring any additional protocols or configuration.
D. It provides a structured, layer-by-layer framework that guides systematic troubleshooting from physical connectivity up to the application.
Best answer: D
Explanation: The exhibit shows the technician moving through the OSI model in order: Layer 1 (Physical) link LEDs and interface errors, Layer 2 (Data Link) MAC table and drops, Layer 3 (Network) pings to gateway and server IP, and Layer 4 (Transport) TCP 443 sessions and firewall logs. Each line in the table corresponds to a different OSI layer.
This illustrates one of the main purposes of the OSI and TCP/IP models: to provide a layered, vendor-neutral framework that helps technicians think about where a problem might be occurring. By checking each layer in sequence, the technician can narrow the problem domain. In the exhibit, layers 1–4 all pass, so the next logical step is to examine the application layer or related services.
These reference models do not perform functions like ARP or enforce use of proprietary tools. Instead, they give a common language and structure for describing and isolating network problems, which is exactly how they are being used in the exhibit.
Topic: Networking Fundamentals
Which statement BEST describes encapsulation in the OSI model when a PC sends data to a web server over the network?
Options:
A. The transport layer converts private IP addresses to public IP addresses before data is forwarded across the Internet.
B. Each OSI layer on the receiving web server removes its own header from the data as it passes to the next higher layer.
C. Each OSI layer on the sending PC adds its own header (and possibly trailer) to the data before passing it to the next lower layer.
D. The data link layer encrypts the payload from upper layers so that intermediate switches and routers cannot read it in transit.
Best answer: C
Explanation: Encapsulation is the process that occurs as data is prepared for transmission from a source device, such as a PC, to a destination, such as a web server. As the data moves from the application layer down through the OSI layers on the sending device, each layer adds its own protocol-specific header (and sometimes a trailer). This creates a Protocol Data Unit (PDU) appropriate for that layer: segments at the transport layer, packets at the network layer, frames at the data link layer, and bits at the physical layer.
When the data reaches the receiving device, the reverse process—decapsulation—occurs. Each OSI layer removes and interprets its corresponding header, passing the remaining payload up to the next higher layer until the original application data is delivered to the destination application.
Topic: Networking Fundamentals
A company deploys an internal IPTV service that streams the same live video feed to dozens of TVs across the building. Each TV explicitly joins a specific group address to receive the stream, and devices that do not join do not receive any of this traffic. Which type of traffic pattern does this scenario BEST describe?
Options:
A. Anycast
B. Multicast
C. Broadcast
D. Unicast
Best answer: B
Explanation: This scenario describes one sender delivering the same stream to multiple receivers that explicitly choose to participate by joining a group address. That is the classic use case for multicast.
With multicast, the source sends a single copy of each packet to a multicast group address. Network devices then replicate and forward that traffic only to interfaces where receivers have joined the group, which is bandwidth-efficient for applications like streaming media, IPTV, and some conferencing solutions.
In contrast, unicast communication is one-to-one. To send the same video to dozens of TVs using unicast, the server would have to maintain a separate stream for each TV, which consumes more bandwidth and server resources.
Broadcast traffic is one-to-all within a broadcast domain. Every host on that subnet receives and processes the frame (at least to the extent of discarding it if not needed). A common example is DHCP Discover, where a client broadcasts to find a DHCP server.
Anycast is one-to-nearest-one: multiple servers share the same IP, and routing delivers a client’s packets to the “closest” instance, commonly used for DNS or content distribution, not one-to-many streaming.
Typical modern networks therefore use:
Topic: Networking Fundamentals
A technician has deployed several virtual machines on a new virtualization host. Each VM has a valid static IP, subnet mask, and default gateway in the 192.168.50.0/24 network. All VMs on this host can successfully ping each other, but they cannot ping the default gateway or any physical servers on the LAN. The physical host itself can ping the gateway and all LAN devices without issue. Which of the following is the MOST likely cause of this problem?
Options:
A. The physical switchport connected to the host is configured for the wrong VLAN
B. The VMs are configured with an incorrect default gateway address
C. The virtual switch the VMs are attached to is not associated with the host’s physical NIC
D. A firewall on each guest OS is blocking all inbound and outbound ICMP traffic
Best answer: C
Explanation: In a virtualized environment, a virtual switch behaves like a software-based Layer 2 switch inside the host. Each VM connects to the network through a virtual NIC (vNIC) that is plugged into this virtual switch. For the VMs to reach the rest of the LAN, the virtual switch must be connected (uplinked) to a physical NIC that is, in turn, connected to the physical switch.
In this scenario, the VMs can reach each other, which confirms that their vNICs and the virtual switch are working internally. However, they cannot reach the default gateway or any physical servers, while the host itself has no problem reaching them. This strongly suggests that the virtual switch the VMs are attached to does not have an uplink to the physical NIC that the host OS is using for network access.
The fix is to associate the virtual switch with the correct physical NIC (or move the VMs to a virtual switch that already has an uplink), so VM traffic can leave the host and reach the external LAN and default gateway.
Topic: Networking Fundamentals
An administrator is planning the subnet 192.168.10.80/28 for a small group of devices.
Which TWO of the following statements about this subnet are correct? (Select TWO.)
Options:
A. The broadcast address of this subnet is 192.168.10.95.
B. 192.168.10.81 is not a valid host address in this subnet because it is the network address.
C. 192.168.10.96 is the last valid host address in this subnet.
D. The network address of this subnet is 192.168.10.80.
E. This subnet supports 32 usable host addresses.
Correct answers: A and D
Explanation: The CIDR notation /28 means the subnet mask is 255.255.255.240. In the fourth octet, this leaves 4 bits for host addresses, giving 2^4 = 16 total IP addresses per subnet.
Subnet “blocks” for /28 in the last octet increase in steps of 16: 0, 16, 32, 48, 64, 80, 96, and so on. The subnet that begins at 192.168.10.80 therefore includes addresses from 192.168.10.80 through 192.168.10.95.
In any IPv4 subnet, the first address in the range is the network address and the last address is the broadcast address. All addresses in between are usable host addresses. For 192.168.10.80/28, that makes:
Using this reasoning, you can quickly check which statements about network, broadcast, and host addresses are correct for a given IPv4 subnet.
Use the CompTIA Network+ N10-009 Practice Test page for the full IT Mastery route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.
Try CompTIA Network+ N10-009 on Web View CompTIA Network+ N10-009 Practice Test
Read the CompTIA Network+ N10-009 Cheat Sheet on Tech Exam Lexicon, then return to IT Mastery for timed practice.