Try 10 focused CompTIA Network+ N10-010 questions on Networking Concepts, with explanations, then continue with IT Mastery.
Open the matching IT Mastery practice page for timed mocks, topic drills, progress tracking, explanations, and full practice.
Try CompTIA Network+ N10-010 on Web View full CompTIA Network+ N10-010 practice page
| Field | Detail |
|---|---|
| Exam route | CompTIA Network+ N10-010 |
| Topic area | Networking Concepts |
| Blueprint weight | 26% |
| Page purpose | Focused sample questions before returning to mixed practice |
Use this page to isolate Networking Concepts for CompTIA Network+ N10-010. Work through the 10 questions first, then review the explanations and return to mixed practice in IT Mastery.
| Pass | What to do | What to record |
|---|---|---|
| First attempt | Answer without checking the explanation first. | The fact, rule, calculation, or judgment point that controlled your answer. |
| Review | Read the explanation even when you were correct. | Why the best answer is stronger than the closest distractor. |
| Repair | Repeat only missed or uncertain items after a short break. | The pattern behind misses, not the answer letter. |
| Transfer | Return to mixed practice once the topic feels stable. | Whether the same skill holds up when the topic is no longer obvious. |
Blueprint context: 26% of the practice outline. A focused topic score can overstate readiness if you recognize the pattern too quickly, so use it as repair work before timed mixed sets.
These original IT Mastery practice questions are aligned to this topic area. Use them for self-assessment, scope review, and deciding what to drill next.
Topic: Networking Concepts
A network team is deploying an internal training video service. One server will send the same live stream to 200 subscribed conference-room displays. The goal is to avoid sending 200 separate copies while also avoiding delivery to devices that did not subscribe. Which traffic type best fits this requirement?
Options:
A. Broadcast
B. Unicast
C. Anycast
D. Multicast
Best answer: D
Explanation: Multicast is designed for one-to-many delivery when receivers explicitly join a group. It lets a sender transmit a single stream that the network can replicate only where needed for subscribed receivers. This fits live video, market data, or similar shared content where many clients need the same packets at the same time. Unicast would create a separate flow for each display, increasing bandwidth use. Broadcast would send traffic to every host in the broadcast domain, including devices that do not need the stream. Anycast is used to reach the nearest or best instance of a service, not to deliver one stream to many receivers.
Topic: Networking Concepts
A technician is troubleshooting a down uplink between an access switch in an IDF and a distribution switch in the MDF after a closet relocation. Both switches pass self-tests, but the uplink LEDs stay dark. Before replacing either switch, which installation fact should be verified first?
Options:
A. Media type, connector, transceiver, and distance compatibility
B. Native VLAN consistency on both switch ports
C. Default gateway assignment on the access switch
D. DHCP scope availability for client devices
Best answer: A
Explanation: Physical-layer symptoms should be validated against installation facts before assuming a device failure. For an uplink with no link light, the technician should verify that the installed media matches the transceivers and connectors, and that the cable run is within the supported distance for that media. For example, single-mode and multimode fiber, copper categories, SFP types, connector formats, and distance limits can prevent a link from coming up even when both switches are healthy. Higher-layer settings matter only after the physical link is established.
Topic: Networking Concepts
A company wants to allow normal HTTPS web browsing but block unsanctioned file-sharing applications that also use TCP 443. The rule must identify the application, not just the destination port or IP address. Which firewall configuration best meets this requirement?
Options:
A. Place an IDS sensor in alert-only mode
B. Create a traditional stateful rule denying TCP 443
C. Add a router ACL blocking known web ports
D. Enable application-aware inspection on an NGFW
Best answer: D
Explanation: A traditional firewall commonly makes decisions based on Layer 3 and Layer 4 details such as source, destination, protocol, port, and connection state. That is not enough when allowed and blocked traffic both use TCP 443. A next-generation firewall (NGFW) adds deeper inspection and application awareness, allowing policy decisions based on the actual application behavior rather than only the port number. In this scenario, the requirement is to allow general HTTPS while blocking specific file-sharing applications using the same port, so application-aware inspection is the deciding feature.
Topic: Networking Concepts
A company manages 35 branch switches with mostly identical VLAN and ACL requirements. Recent outages were traced to small manual configuration differences between sites, and an internal policy now requires proof that device configurations match an approved baseline. The network team has limited staff and must avoid unnecessary redesign. What is the best professional decision?
Options:
A. Track approved settings in a shared spreadsheet
B. Automate configuration management with drift and compliance checks
C. Replace the switches with a different hardware model
D. Use SNMP polling only for interface availability
Best answer: B
Explanation: Configuration drift occurs when device settings gradually differ from the approved standard, often because of manual changes, emergency fixes, or inconsistent deployment steps. In this scenario, the problem is not switch capacity or basic reachability; it is proving and maintaining consistency across many similar devices. Automating network configuration management with templates, source-controlled baselines, and compliance checks directly supports manageability and audit requirements. It can detect differences from the approved configuration and help the team apply consistent changes without redesigning the network. Basic monitoring can show that devices are up, but it does not verify that VLANs, ACLs, and other settings match policy.
Topic: Networking Concepts
A network technician is choosing an office architecture for a new two-floor site. The team wants redundancy, manageability, and traffic isolation, but the design should stay simple.
Exhibit: Design requirements
Users: 80 employees, 12 VoIP phones, guest Wi-Fi, IP cameras
Isolation: employees, voice, guests, and cameras must be separated
Redundancy: an IDF uplink failure must not disconnect a floor
Management: IT wants centralized switch and policy management
Constraint: no requirement for a fully redundant WAN edge
Which architecture best satisfies these requirements without unnecessary complexity?
Options:
A. Collapsed-core star with managed switches, VLANs, ACLs, and dual IDF uplinks
B. Full-mesh topology between all access switches and edge routers
C. Flat Layer 2 network with unmanaged switches and one shared subnet
D. Separate physical networks for employees, guests, voice, and cameras
Best answer: A
Explanation: A collapsed-core or hierarchical star design fits a small to midsize office when the requirements include manageable segmentation and limited redundancy. Managed access switches can connect back to a central MDF/core, while VLANs separate employee, voice, guest, and camera traffic. ACLs or firewall policies can control traffic between VLANs. Dual uplinks from each IDF switch provide protection from a single uplink failure without requiring every switch to connect to every other switch. Because the exhibit does not require a fully redundant WAN edge, adding full mesh or separate duplicated physical networks would add cost and operational complexity without matching the stated need.
Topic: Networking Concepts
A company must connect two branch routers across the public Internet. The network team wants the sites to exchange a dynamic routing protocol that uses multicast hellos, and all private application traffic must be protected from eavesdropping while crossing the Internet. Which configuration concept best meets these requirements?
Options:
A. Use IPSec ESP without a tunneling interface
B. Use IPSec AH with IKE between the routers
C. Run GRE only between the branch routers
D. Run GRE over IPSec ESP, using IKE for negotiation
Best answer: D
Explanation: GRE provides encapsulation for traffic such as multicast routing updates, but it does not encrypt traffic. IPSec ESP protects IP traffic by providing confidentiality and integrity, and IKE is used to negotiate keys and security associations for IPSec. In this scenario, the requirement has two parts: carry a dynamic routing protocol that uses multicast and protect private traffic across the Internet. GRE over IPSec ESP satisfies both parts. AH can provide integrity and authentication, but it does not encrypt the payload. ESP alone protects traffic, but without a tunnel mechanism such as GRE, it does not meet the multicast routing requirement as stated.
Topic: Networking Concepts
A technician is troubleshooting a wired laptop that cannot reach any internal resources after being moved to a different cubicle. The laptop shows IPv4 address 169.254.23.18/16, no default gateway, and DNS is blank. The user can successfully ping 127.0.0.1, and other users in the area are online. What is the best next action?
Options:
A. Troubleshoot DHCP connectivity for that switchport
B. Replace the laptop network adapter
C. Add a static route to the default gateway
D. Escalate for an Internet routing outage
Best answer: A
Explanation: An address in 169.254.0.0/16 is an APIPA address, which Windows and other systems can assign when DHCP fails. A successful ping to 127.0.0.1 confirms the local TCP/IP stack is responding, but it does not prove network connectivity beyond the host. Because the laptop has no default gateway or DNS settings and other users nearby are working, the best professional decision is to focus on the local DHCP path for that cubicle, such as the patch, switchport, VLAN assignment, DHCP relay, or lease renewal. Replacing hardware or investigating upstream routing ignores the strongest evidence: the host is self-assigned and missing DHCP-provided settings.
Topic: Networking Concepts
A company is moving a custom inventory application out of its aging server room. The network team must retain control of VM operating systems, IP addressing, security groups/firewall rules, and site-to-site VPN connectivity to the office. The business also wants to avoid buying replacement hardware and scale compute capacity during seasonal demand. Which cloud or virtualization model is the best professional decision?
Options:
A. On-premises private cloud
B. PaaS application hosting
C. SaaS application subscription
D. IaaS public cloud
Best answer: D
Explanation: Infrastructure as a Service (IaaS) best fits a custom application when the organization wants provider-managed physical infrastructure but still needs direct control over virtual machines, operating systems, IP addressing, VPN connectivity, and network security policy. The cloud provider is responsible for facilities, physical servers, and much of the virtualization platform, while the customer remains responsible for guest OS configuration, application management, and many network controls. This also supports elastic scaling without purchasing new hardware. PaaS and SaaS reduce operational responsibility further, but they also reduce visibility and control over the underlying OS or application stack.
Topic: Networking Concepts
A company is connecting six small branch offices to a data center. Requirements: all Internet-bound and inter-branch traffic must pass through the data center firewall, branch sites should not have direct links to each other, and the WAN design should minimize circuit costs and simplify management. Which topology is the best fit?
Options:
A. Hub-and-spoke
B. Spine-and-leaf
C. Full mesh
D. Star
Best answer: A
Explanation: A hub-and-spoke topology uses a central hub site that connects to multiple spoke sites. In this scenario, the data center is the hub, and each branch is a spoke. This design supports centralized firewall inspection, simpler WAN management, and lower circuit count than a mesh because branches do not need direct links to each other. A star can look similar physically, but in Network+ topology discussions, hub-and-spoke is the more precise WAN design term when remote sites connect through a central site for routing and policy enforcement. The key takeaway is that the traffic-flow requirement points to hub-and-spoke, not just the visual shape.
Topic: Networking Concepts
A user reports that a Windows laptop cannot reach any internal websites after connecting to the office Ethernet jack. The technician runs the following checks:
ipconfig /all
IPv4 Address . . . . . . . . . . : 169.254.42.18
Subnet Mask . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . :
DHCP Enabled . . . . . . . . . . : Yes
ping 127.0.0.1
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Which interpretation is best supported by the output?
Options:
A. The Ethernet adapter is using the loopback address as its IPv4 address.
B. The local TCP/IP stack works, but DHCP assignment failed.
C. The DNS server is unreachable due to a missing host record.
D. The default gateway rejected the laptop because of an ACL.
Best answer: B
Explanation: The output shows two important IPv4 address types. 127.0.0.1 is the loopback address, so a successful ping to it confirms the local TCP/IP stack is responding on the host. The assigned address 169.254.42.18 is in the APIPA range (169.254.0.0/16), which Windows commonly uses when DHCP is enabled but no DHCP lease is obtained. The missing default gateway also fits this condition. The best next troubleshooting direction would be DHCP path or service checks, such as link status, VLAN assignment, DHCP scope availability, or relay/IP helper configuration.
Use the CompTIA Network+ N10-010 Practice Test page for the full IT Mastery practice bank, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.
Try CompTIA Network+ N10-010 on Web View CompTIA Network+ N10-010 Practice Test
Use the full IT Mastery practice page above for the latest review links and practice page.