Quick Review purpose
This Quick Review is for candidates preparing for the real CompTIA Network+ (N10-009) exam. Use it to refresh high-yield concepts before moving into topic drills, mock exams, and detailed explanations.
This page is IT Mastery review support. It is not affiliated with CompTIA. For final scope decisions, compare your study plan against the current official CompTIA Network+ (N10-009) exam objectives.
How to use this before practice
- Review the tables first. They condense the most testable decision points.
- Mark weak areas. Do not reread everything equally; target gaps.
- Use original practice questions. Apply the concepts in scenario format.
- Review explanations, not just scores. Network+ questions often test why one answer is better than another.
- Return to this page after misses. Treat missed questions as signals for focused topic drills.
High-yield map for CompTIA Network+ (N10-009)
| Area | What to be able to decide quickly |
|---|
| Network models | Which layer is involved, what device/protocol belongs there, and which tool verifies it |
| IP addressing | IPv4 subnet size, default gateway logic, private/public ranges, IPv6 address types |
| Switching | VLANs, trunks, STP, port security, MAC learning, link aggregation |
| Routing | Static vs dynamic routing, default routes, NAT/PAT, route selection symptoms |
| Wireless | Bands, channels, interference, authentication, encryption, roaming, site-survey issues |
| Network services | DHCP, DNS, NTP, SNMP, syslog, directory services, load balancing |
| Infrastructure | Copper, fiber, transceivers, PoE, racks, power, environmental controls |
| Cloud and virtualization | Virtual switches, overlays, SDN, cloud networking, segmentation, elasticity |
| Security | AAA, ACLs, firewalls, VPNs, segmentation, hardening, attacks, monitoring |
| Operations | Change control, documentation, baselines, monitoring, incident response, backups |
| Troubleshooting | Follow a method, isolate layers, interpret symptoms, choose the best tool |
Core network models
OSI layer quick decisions
| Layer | Common items | Typical symptoms | Useful checks/tools |
|---|
| 7 Application | DNS, HTTP/S, SMTP, SMB, SNMP | App fails but network path works | nslookup, dig, browser errors, app logs |
| 6 Presentation | Encryption, encoding, compression | TLS/certificate or format issues | Certificate inspection, TLS settings |
| 5 Session | Session setup/teardown | Auth/session timeout problems | Logs, connection tracking |
| 4 Transport | TCP/UDP, ports, segmentation | Port blocked, TCP reset, UDP timeout | netstat, ss, packet capture |
| 3 Network | IP, routing, ICMP | Wrong gateway, no route, subnet issue | ping, traceroute, route table |
| 2 Data link | Ethernet, MAC, VLAN, STP | VLAN mismatch, loops, MAC issues | switch MAC table, interface status |
| 1 Physical | Cables, optics, RF, power | No link light, CRC errors, weak signal | cable tester, TDR/OTDR, link LEDs |
Common trap: Do not jump to DNS for every “cannot reach server” issue. First decide whether the client has an IP, a gateway, name resolution, and a usable path.
TCP/IP model shortcut
| TCP/IP layer | OSI relationship | Think of it as |
|---|
| Application | OSI 5–7 | User-facing services and protocols |
| Transport | OSI 4 | TCP/UDP ports and reliability |
| Internet | OSI 3 | IP addressing and routing |
| Network access | OSI 1–2 | Frames, MAC, cabling, switching |
Ports and protocols to know cold
| Protocol/service | Port or identifier | TCP/UDP | Exam-use decision |
|---|
| FTP control/data | 21 / 20 | TCP | Legacy file transfer; not encrypted |
| SSH / SFTP | 22 | TCP | Secure remote CLI and secure file transfer |
| Telnet | 23 | TCP | Insecure remote CLI |
| SMTP | 25 | TCP | Mail transfer between servers |
| DNS | 53 | UDP/TCP | Name resolution; TCP often for large replies/zone transfers |
| DHCP server/client | 67 / 68 | UDP | Automatic IP configuration |
| TFTP | 69 | UDP | Simple file transfer, often network device images/configs |
| HTTP | 80 | TCP | Unencrypted web |
| NTP | 123 | UDP | Time synchronization |
| SNMP | 161 / 162 | UDP | Monitoring and traps/informs |
| LDAP | 389 | TCP/UDP | Directory access |
| HTTPS | 443 | TCP | Encrypted web |
| SMB | 445 | TCP | Windows file/printer sharing |
| SMTPS / submission variants | 465 / 587 | TCP | Encrypted or authenticated mail submission scenarios |
| LDAPS | 636 | TCP | LDAP over TLS |
| IMAP / IMAPS | 143 / 993 | TCP | Mail retrieval, server-side mailbox |
| POP3 / POP3S | 110 / 995 | TCP | Mail retrieval, often download-oriented |
| RDP | 3389 | TCP/UDP | Remote desktop |
| SIP | 5060 / 5061 | TCP/UDP | VoIP signaling; 5061 commonly TLS |
| IPsec AH | IP protocol 51 | N/A | Integrity/authentication, no payload encryption |
| IPsec ESP | IP protocol 50 | N/A | Encryption and/or integrity |
| IKE / NAT-T | 500 / 4500 | UDP | IPsec negotiation and NAT traversal |
Common trap: Port numbers alone rarely answer the whole question. Combine the port with the scenario: encryption requirement, file-transfer type, remote access method, or monitoring need.
IPv4 addressing and subnetting
IPv4 ranges and special addresses
| Range/type | Address space | What it means |
|---|
| Private class A-style | 10.0.0.0/8 | Internal use, not routed on the public Internet |
| Private class B-style | 172.16.0.0/12 | Internal use; range is 172.16.0.0–172.31.255.255 |
| Private class C-style | 192.168.0.0/16 | Common small-network private space |
| APIPA/link-local | 169.254.0.0/16 | Client failed to obtain DHCP configuration |
| Loopback | 127.0.0.0/8 | Local host testing |
| Multicast | 224.0.0.0/4 | One-to-many delivery |
| Broadcast | 255.255.255.255 | Local broadcast |
| Default route | 0.0.0.0/0 | “Send unknown destinations here” |
\[
\text{Number of addresses} = 2^{(32 - \text{prefix length})}
\]\[
\text{Traditional usable host addresses} = 2^{(32 - \text{prefix length})} - 2
\]
The “minus 2” accounts for the network and broadcast addresses in traditional IPv4 subnets. Be aware that point-to-point and special-use cases may be handled differently, but exam subnetting questions usually expect the traditional calculation unless the scenario says otherwise.
Fast IPv4 subnet table
| CIDR | Mask | Block size in last octet | Total addresses | Traditional usable hosts |
|---|
| /24 | 255.255.255.0 | 256 | 256 | 254 |
| /25 | 255.255.255.128 | 128 | 128 | 126 |
| /26 | 255.255.255.192 | 64 | 64 | 62 |
| /27 | 255.255.255.224 | 32 | 32 | 30 |
| /28 | 255.255.255.240 | 16 | 16 | 14 |
| /29 | 255.255.255.248 | 8 | 8 | 6 |
| /30 | 255.255.255.252 | 4 | 4 | 2 |
Subnetting decision method
When given an IPv4/CIDR address:
- Find the block size. For /26, the last-octet block size is 64.
- List subnet starts. 0, 64, 128, 192.
- Place the host IP. Example: 192.168.1.70/26 is in the 64–127 block.
- Identify network and broadcast. Network is .64; broadcast is .127.
- Identify usable range. .65 through .126.
Common trap: If asked for “number of subnets,” confirm the original network size. If asked for “number of hosts,” use the host bits in the final subnet.
IPv6 essentials
| IPv6 type | Common prefix/example | What to know |
|---|
| Global unicast | 2000::/3 | Publicly routable IPv6 space |
| Link-local | fe80::/10 | Local segment only; required for many IPv6 functions |
| Unique local | fc00::/7, commonly fd00::/8 | Private/internal-style addressing |
| Multicast | ff00::/8 | IPv6 uses multicast instead of broadcast |
| Loopback | ::1 | Local host |
| Unspecified | :: | No address/unknown address |
| SLAAC | Router Advertisement based | Host self-configures address information |
| DHCPv6 | Stateful or stateless | Can assign addresses or provide options |
Key IPv6 reminders:
- IPv6 has no broadcast; it uses multicast.
- A common LAN prefix size is /64.
- Neighbor Discovery replaces many ARP-like IPv4 functions.
- Link-local addresses matter for local communication and routing-adjacent functions.
- Do not assume IPv6 means “no DHCP”; DHCPv6 may still be used.
Switching review
Switch behavior
| Concept | What it does | Common exam angle |
|---|
| MAC address table | Maps MAC addresses to switch ports | Unknown unicast flooding vs learned forwarding |
| Access port | Carries one VLAN for an endpoint | User placed in wrong VLAN |
| Trunk port | Carries multiple VLANs | Missing allowed VLAN or native VLAN mismatch |
| 802.1Q | VLAN tagging standard | Tagged frames across trunks |
| Native VLAN | Untagged VLAN on trunk | Security and mismatch issues |
| STP | Prevents Layer 2 loops | Blocked port may be normal, not broken |
| Port security | Restricts MAC addresses | Protects against unauthorized devices |
| Port mirroring/SPAN | Copies traffic to analyzer | Packet capture/IDS troubleshooting |
| LACP | Bundles links dynamically | Requires matching settings on both sides |
VLAN decision points
| Scenario | Likely issue |
|---|
| User gets IP from wrong subnet | Wrong access VLAN or DHCP scope mapping |
| Host can reach same VLAN but not other VLANs | Missing/incorrect default gateway or inter-VLAN routing |
| Some VLANs work across trunk but others do not | Allowed VLAN list or trunk configuration problem |
| Trunk forms but untagged traffic behaves oddly | Native VLAN mismatch |
| Broadcast storm or unstable MAC table | Layer 2 loop; STP problem |
Common trap: VLANs are Layer 2 segmentation. To communicate between VLANs, you need Layer 3 routing.
Routing review
Routing concepts
| Concept | What to remember |
|---|
| Default gateway | Host’s route to non-local networks |
| Default route | Router’s catch-all route, often 0.0.0.0/0 or ::/0 |
| Static route | Manually configured; predictable but less scalable |
| Dynamic routing | Routers exchange reachability information |
| Metric | Protocol-specific measure of path preference |
| Administrative preference/distance | Used when multiple routing sources know the same destination |
| Longest prefix match | More specific routes win over broader routes |
| NAT | Translates addresses |
| PAT | Many internal hosts share one or more external addresses via ports |
Routing protocol recognition
| Protocol | Type/use | High-yield distinction |
|---|
| RIP | Distance-vector IGP | Legacy/simple; hop-count based |
| OSPF | Link-state IGP | Common enterprise interior routing concept |
| EIGRP | Advanced distance-vector/hybrid style | Often seen in vendor-influenced environments |
| BGP | Path-vector EGP | Internet/large-scale interdomain routing |
Common trap: If two routes match, the longest prefix is usually the first decision. A /28 route is more specific than a /24 route.
NAT/PAT traps
| Symptom | Possible cause |
|---|
| Internal users reach Internet but inbound service fails | Missing port forwarding/static NAT/firewall rule |
| One inside host works, others do not | NAT pool exhaustion or rule mismatch |
| VPN traffic fails after NAT | NAT exemption or overlapping subnet issue |
| Application embeds IP addresses | NAT may break application behavior |
Wireless networking
Wi-Fi decision table
| Topic | What to know for N10-009 review |
|---|
| 2.4 GHz | Longer range, more interference, fewer non-overlapping channels |
| 5 GHz | More channels, less crowded, shorter range than 2.4 GHz in many environments |
| 6 GHz | Newer band support; requires compatible clients/APs |
| Channel overlap | Causes co-channel/adjacent-channel performance problems |
| Roaming | Client decisions, AP placement, signal overlap, authentication speed |
| Band steering | Encourages capable clients to use preferred bands |
| MIMO/OFDMA | Efficiency and throughput improvements in newer Wi-Fi generations |
| Captive portal | Web-based access acceptance/authentication |
| WPA2/WPA3-Personal | Pre-shared key style access |
| WPA2/WPA3-Enterprise | 802.1X/RADIUS-based authentication |
| SSID hiding | Not real security; do not rely on it |
Wireless troubleshooting patterns
| Symptom | Likely area to investigate |
|---|
| Good signal, poor throughput | Interference, channel congestion, client capability, oversubscription |
| Drops while moving | Roaming design, AP placement, power levels |
| Cannot authenticate | Wrong PSK, certificate issue, RADIUS/802.1X problem |
| IoT device will not connect | Band/security compatibility issue |
| Works near AP only | Attenuation, antenna placement, transmit power, obstruction |
| Intermittent voice issues | Jitter, roaming delay, QoS, RF congestion |
Common trap: Strong signal is not the same as clean RF. Interference and channel design can make a “strong” Wi-Fi connection perform poorly.
Network services
DHCP
DHCP commonly follows the DORA sequence:
- Discover
- Offer
- Request
- Acknowledge
| DHCP issue | What it suggests |
|---|
| 169.254.x.x address | DHCP failure or unreachable DHCP server |
| Wrong subnet address | Wrong VLAN, relay, or scope |
| Correct IP but wrong gateway | DHCP option issue |
| Some clients fail late in the day | Scope exhaustion or lease behavior |
| Remote VLAN cannot get DHCP | Missing/misconfigured DHCP relay/IP helper |
DNS
| DNS record | Purpose |
|---|
| A | Name to IPv4 address |
| AAAA | Name to IPv6 address |
| CNAME | Alias to canonical name |
| MX | Mail exchanger |
| NS | Authoritative name server |
| PTR | Reverse lookup |
| TXT | Text records; often verification and email security uses |
| SRV | Service location |
| DNS symptom | Likely interpretation |
|---|
| Can ping IP but not name | DNS resolution issue |
| One record wrong, others fine | Zone/record problem, not general connectivity |
| Internal name resolves externally | Split-horizon or DNS search/path issue |
| Intermittent stale answers | Caching/TTL issue |
| Reverse lookup fails | PTR zone/record missing |
Common trap: DNS failure can look like application failure. Test by IP address and name to separate path problems from name-resolution problems.
Monitoring and management services
| Service | Use |
|---|
| NTP | Time sync; critical for logs, certificates, Kerberos-style auth, investigations |
| SNMP | Device monitoring; SNMPv3 adds stronger security features |
| Syslog | Centralized log collection |
| NetFlow/IPFIX-style telemetry | Traffic flow visibility |
| RADIUS/TACACS+ | Centralized AAA for network access/admin access |
| LDAP/LDAPS | Directory queries |
| NTP + logs | Makes event timelines trustworthy |
Copper and fiber
| Medium | Use case | Key review point |
|---|
| UTP Ethernet | Common endpoint cabling | Susceptible to EMI compared with shielded options |
| STP Ethernet | Higher-interference environments | Shielding must be handled correctly |
| Plenum-rated cable | Air-handling spaces | Fire/smoke safety requirement scenario |
| Riser-rated cable | Vertical runs between floors | Building-cabling scenario |
| Single-mode fiber | Longer distance | Smaller core, laser-based optics |
| Multimode fiber | Shorter distance | Common within buildings/data centers |
| Coaxial | Cable broadband/legacy | Know connector/context clues |
Connectors and transceivers
| Item | Recognition |
|---|
| RJ45 | Twisted-pair Ethernet connector |
| LC | Small fiber connector, common in modern equipment |
| SC | Square push-pull fiber connector |
| ST | Bayonet-style fiber connector |
| MPO/MTP | Multi-fiber connector, high-density links |
| SFP | Modular transceiver form factor |
| SFP+ | Common for 10 Gb-class links |
| QSFP family | Higher-density/higher-throughput transceiver family |
| Tool | Best use |
|---|
| Cable tester | Wiremap, opens, shorts, miswires |
| Cable certifier | Validates cable performance against standards |
| Toner/probe | Trace copper cable paths |
| TDR | Locate copper cable faults by distance |
| OTDR | Locate fiber faults by distance |
| Loopback plug | Test port/interface transmit-receive path |
| Light meter | Fiber signal level testing |
| Punchdown tool | Terminate copper cabling |
| Crimper | Attach modular connectors |
Common trap: A link light does not prove the cable is certified for the required speed or quality. Intermittent errors may require better testing.
Network devices and architecture
| Device/concept | Function |
|---|
| Hub | Legacy multiport repeater; shared collision domain |
| Switch | Layer 2 forwarding based on MAC addresses |
| Multilayer switch | Switching plus Layer 3 routing features |
| Router | Connects IP networks |
| Firewall | Enforces traffic policy |
| IDS | Detects suspicious activity |
| IPS | Can block/prevent suspicious activity |
| Load balancer | Distributes client traffic across back-end services |
| Proxy | Intermediates client requests |
| VPN concentrator | Terminates VPN tunnels |
| Wireless LAN controller | Centralizes AP management |
| Access point | Provides wireless network access |
| Modem/ONT | Provider handoff for certain WAN services |
Architecture terms
| Term | Meaning |
|---|
| LAN | Local network |
| WAN | Wide area connectivity |
| WLAN | Wireless LAN |
| PAN | Personal area network |
| MAN | Metropolitan area network |
| CAN | Campus area network |
| SAN | Storage area network |
| DMZ | Segmented zone for externally accessible services |
| SOHO | Small office/home office |
| Data center | Centralized compute/network/storage facility |
| Spine-leaf | Data center switching design focused on predictable east-west traffic |
| Three-tier | Access, distribution, core design model |
Cloud, virtualization, and modern networking
| Concept | What to remember |
|---|
| Virtual switch | Software switching between VMs/hosts/networks |
| Virtual router/firewall | Network function implemented in software |
| SDN | Separates/centralizes control logic from forwarding behavior |
| Control plane | Makes forwarding decisions |
| Data plane | Forwards packets |
| Management plane | Configuration, monitoring, administration |
| Overlay | Virtual network built on top of another network |
| Underlay | Physical/logical network carrying overlay traffic |
| East-west traffic | Server-to-server/internal traffic |
| North-south traffic | Client-to-server or external-internal traffic |
| Cloud subnet | Logical segmentation in cloud network |
| Security group | Instance/interface-level filtering concept |
| Network ACL | Subnet/network-level filtering concept |
| Elasticity | Resources scale with demand |
| High availability | Design to reduce single points of failure |
Common trap: In cloud scenarios, “the firewall” may exist at several layers: instance host firewall, security group, subnet ACL, cloud route table, network virtual appliance, and on-prem firewall.
Security review
CIA and AAA
| Model | Components | Exam use |
|---|
| CIA | Confidentiality, Integrity, Availability | Classify security goals |
| AAA | Authentication, Authorization, Accounting | Identify, permit, and log user/device actions |
| Control | Best-fit use |
|---|
| 802.1X | Port-based network access control |
| RADIUS | Centralized authentication, common for network access |
| TACACS+ | Centralized device administration scenarios |
| MFA | Stronger identity proofing |
| RBAC | Permissions based on roles |
| Least privilege | Minimum required access |
| NAC | Assess/control devices before network access |
| PKI/certificates | Trust, encryption, device/user identity |
| Certificate revocation | Identify certificates that should no longer be trusted |
Firewalls, ACLs, and segmentation
| Control | Key distinction |
|---|
| Stateless ACL | Filters mainly on packet attributes without session awareness |
| Stateful firewall | Tracks connection state |
| NGFW | Adds application/user/content-aware features |
| WAF | Protects web applications at application layer |
| DMZ | Places public-facing systems in a controlled segment |
| Microsegmentation | Fine-grained internal segmentation |
| Zero trust concept | Verify explicitly; do not trust solely based on network location |
Common trap: An ACL rule order matters. A broad deny placed above a specific allow can break expected traffic.
VPNs and secure remote access
| VPN type | Typical use |
|---|
| Site-to-site VPN | Connect networks over an untrusted network |
| Client-to-site VPN | Remote user access |
| IPsec VPN | Network-layer tunnel/security |
| SSL/TLS VPN | Often remote-access/browser or client-based |
| Split tunnel | Only selected traffic uses VPN |
| Full tunnel | All client traffic uses VPN |
Common attacks and mitigations
| Attack/problem | What it targets | Useful mitigation |
|---|
| ARP poisoning | Local traffic redirection | Dynamic ARP inspection, segmentation, monitoring |
| Rogue DHCP | Client IP configuration | DHCP snooping, port security |
| VLAN hopping | VLAN separation | Disable unused trunks, set native VLAN carefully |
| MAC flooding | Switch CAM table | Port security |
| DNS poisoning | Name resolution trust | Secure DNS practices, monitoring |
| DoS/DDoS | Availability | Rate limiting, upstream filtering, redundancy |
| Evil twin AP | Wireless clients | WPA-Enterprise, user training, detection |
| Deauthentication attack | Wi-Fi availability | Modern protected management features where supported |
| Man-in-the-middle | Confidentiality/integrity | TLS, certificate validation, secure protocols |
| Credential attack | Identity systems | MFA, lockout policies, monitoring |
Network operations
Documentation and change control
| Item | Why it matters |
|---|
| Network diagrams | Faster troubleshooting and impact analysis |
| IP address management | Prevents duplicate IPs and undocumented subnets |
| Rack diagrams | Speeds physical work |
| Cable labels | Reduces outage risk during moves/changes |
| Baselines | Shows what “normal” looks like |
| Standard operating procedures | Makes operations repeatable |
| Change request | Documents proposed work and risk |
| Backout plan | Defines how to recover if change fails |
| Maintenance window | Reduces production impact |
| Post-change validation | Confirms the change achieved its goal |
Common trap: In scenario questions, the best technical action may not be the best operational action if change approval, risk, or documentation is missing.
Monitoring, logs, and baselines
| Data source | What it helps answer |
|---|
| Interface counters | Errors, drops, utilization |
| Syslog | Event history and device messages |
| SNMP polling | Device health and metrics |
| Flow data | Who is talking to whom, and how much |
| Packet capture | Exact packet behavior |
| Wireless controller logs | Roaming/auth/RF issues |
| Authentication logs | Login failures and access events |
| Environmental sensors | Temperature, humidity, power issues |
Power and environment
| Topic | Review point |
|---|
| UPS | Short-term power continuity and graceful shutdown |
| Generator | Longer-term backup power |
| PDU | Power distribution in racks |
| Redundant power supplies | Device-level resilience |
| HVAC | Temperature control |
| Hot/cold aisles | Data center airflow management |
| Grounding/bonding | Electrical safety and signal integrity |
| Fire suppression | Protects facility while limiting equipment damage |
Troubleshooting methodology
Use a structured approach instead of guessing.
flowchart TD
A[Identify the problem] --> B[Establish a theory]
B --> C[Test the theory]
C -->|Theory confirmed| D[Plan the fix]
C -->|Theory not confirmed| B
D --> E[Implement or escalate]
E --> F[Verify full functionality]
F --> G[Document findings and changes]
Symptom-to-layer shortcuts
| Symptom | Start with |
|---|
| No link light | Layer 1: cable, port, power, transceiver |
| Link up but no DHCP address | VLAN, DHCP server, relay, scope |
| IP address present but no off-subnet access | Default gateway, mask, routing |
| Can ping IP but not hostname | DNS |
| One application fails, others work | Port, service, firewall, application |
| Intermittent slowness | Errors, duplex, congestion, RF, CPU/memory |
| Only remote users affected | VPN, WAN, DNS split tunnel, authentication |
| Only one VLAN affected | SVI/router interface, ACL, DHCP scope, trunk |
| New change caused outage | Rollback/backout plan, compare change record |
| High latency but no packet loss | Congestion, routing path, QoS, WAN |
| Packet loss under load | Saturation, errors, drops, policing |
| VoIP choppy | Jitter, latency, packet loss, QoS, duplex/RF |
| Tool/command | Use |
|---|
ping | Basic reachability and latency |
traceroute / tracert | Path and hop behavior |
ipconfig / ifconfig / ip | Local IP configuration |
nslookup / dig | DNS testing |
arp | Local IP-to-MAC cache |
route / netstat -r | Routing table |
netstat / ss | Listening ports and sessions |
tcpdump / Wireshark | Packet capture/analysis |
nmap | Port scanning and service discovery |
| Cable tester | Physical copper validation |
| OTDR | Fiber fault location |
| Spectrum analyzer | RF interference analysis |
Common trap: ping failure does not always mean the host is down. ICMP may be blocked while TCP/UDP services still work.
Scenario decision rules
If a client cannot reach the Internet
Check in this order:
- Link status and Wi-Fi association.
- IP address, subnet mask/prefix, gateway, DNS.
- APIPA or duplicate IP indicators.
- Ping gateway.
- Ping known external IP.
- Resolve external hostname.
- Check firewall/proxy/VPN policy.
- Compare with another client in the same VLAN.
If a server is unreachable by name
| Test | Interpretation |
|---|
| Ping by IP succeeds | Path works; investigate DNS/application |
| Ping by IP fails | Investigate network path, firewall, host status |
| DNS resolves wrong IP | DNS record/cache issue |
| DNS resolves correctly but app fails | Port, service, TLS, firewall, app issue |
| Works internally but not externally | NAT, public DNS, firewall, DMZ routing |
If a VLAN change breaks access
Check:
- Access port VLAN assignment.
- Trunk allowed VLANs.
- Native VLAN mismatch.
- Inter-VLAN routing interface/SVI.
- DHCP scope and relay.
- ACL/firewall rules.
- Endpoint cached address or lease.
Check:
- Band and channel utilization.
- Co-channel and adjacent-channel interference.
- AP placement and power levels.
- Client density and capabilities.
- Roaming behavior.
- Authentication delays.
- QoS for voice/video.
- Non-Wi-Fi interference sources.
Common candidate mistakes
| Mistake | Better approach |
|---|
| Memorizing ports without use cases | Tie each port to service, security, and troubleshooting clues |
| Treating every failure as DNS | First separate link, IP, routing, DNS, and application |
| Forgetting the default gateway | Off-subnet communication depends on it |
| Confusing VLANs with subnets | VLANs are Layer 2; subnets are Layer 3 |
| Assuming strong Wi-Fi signal means good performance | Consider interference, channel overlap, and congestion |
| Ignoring rule order | Firewall/ACL order can change the result |
| Skipping documentation/change control | Operations questions often reward process discipline |
| Overlooking time sync | Bad time breaks logs, certificates, and authentication |
| Miscounting subnet hosts | Use host bits and subtract network/broadcast for traditional IPv4 |
| Picking the most advanced tool first | Choose the simplest tool that proves or disproves the theory |
What to drill after this Quick Review
Use IT Mastery practice to convert recognition into exam-speed decision-making. Prioritize:
- Subnetting topic drills until you can identify network, broadcast, and usable range quickly.
- Ports and protocol drills with scenario wording, not just flashcards.
- Troubleshooting questions that force layer isolation.
- Wireless scenarios involving interference, authentication, and roaming.
- Security controls where multiple answers are plausible.
- Mock exams only after targeted topic drills expose fewer gaps.
The best next step is to move into a CompTIA Network+ (N10-009) question bank with original practice questions and detailed explanations, then use missed questions to choose your next focused review topic.
Continue in IT Mastery
Use this Quick Review as a final concept map, then move into IT Mastery for focused topic drills, mixed practice sets, timed mock exams, and detailed explanations. The practice questions are original IT Mastery practice items; they are not official CompTIA questions, copied live-exam content, or exam dumps.