CompTIA · N10-009
CompTIA Network+ validates the skills needed to establish, maintain, and troubleshoot essential networks. It covers networking concepts, implementation, operations, security, and troubleshooting for junior network administrators.
Questions
699
Duration
90 minutes
Passing Score
720/900
Difficulty
AssociateLast Updated
Mar 2026
Use this N10-009 practice exam to prepare for CompTIA Network+ (N10-009) with realistic questions, detailed explanations, and focused study modes. The practice bank includes 699 questions for CompTIA N10-009, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to recurring topics such as Networking Concepts, Network Implementation, Network Operations, Network Security, and Network Troubleshooting. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
CompTIA Network+ (N10-009) validates the skills required to establish, maintain, and troubleshoot essential enterprise and small office/home office (SOHO) networks. The certification covers networking concepts including the OSI model and protocols, network implementation such as routing and switching, network operations including documentation and monitoring, network security with encryption and access controls, and troubleshooting methodologies. The N10-009 exam, launched June 20, 2024, includes a maximum of 90 questions (a mix of multiple-choice and performance-based questions) delivered over 90 minutes. This vendor-neutral certification prepares professionals to support networks across multiple platforms and is recognized by the U.S. Department of Defense (DoD 8140) and accredited by ANSI.
Network+ is designed for IT professionals pursuing roles as junior network administrators, network support technicians, network operations specialists, technical support specialists, and system administrators. The certification targets candidates with basic IT knowledge who are advancing into network-focused positions and those seeking to validate their hands-on networking experience. It serves as an ideal intermediate stepping stone for IT professionals who have completed CompTIA A+ and are looking to specialize in networking infrastructure and operations.
CompTIA recommends a minimum of 9 to 12 months of hands-on experience in a junior network administrator or network support technician role. While not strictly required, holding CompTIA A+ certification beforehand is strongly recommended as it provides foundational IT knowledge. Candidates should have practical experience with network configuration, basic troubleshooting, and familiarity with networking concepts including TCP/IP, DHCP, DNS, and network topologies. Hands-on experience with networking tools, switches, routers, and wireless access points is beneficial for success, particularly for the performance-based questions that simulate real-world network administration tasks.
The N10-009 exam contains a maximum of 90 scored questions delivered over 90 minutes. The exam combines multiple-choice questions (including single and multiple-response formats) with performance-based questions (PBQs) that require candidates to solve networking problems in a simulated IT environment. The exam uses a scaled scoring system with a range of 100-900, and a passing score is 720. The exam is administered through CompTIA's testing partners both online and at testing centers, with results available immediately upon completion. The test was launched on June 20, 2024, with an estimated retirement date around 2027.
CompTIA Network+ certification significantly enhances career prospects in networking and IT operations. Professionals holding Network+ certification typically earn approximately 20% more than non-certified peers, with entry-level salaries ranging from $50,000 to $65,000, compared to around $40,000 for non-certified individuals. Career paths include technical support specialist, network operations specialist, system administrator, and junior network administrator positions. The certification is recognized by the U.S. Department of Defense (DoD 8140) and accredited by ANSI, making it valuable for government and enterprise roles. As professionals gain experience with Network+, advancement opportunities include senior network administrator, systems engineer, and network architect positions, with system administrators earning median salaries around $90,000 and systems engineers averaging $130,000 annually. Unlike vendor-specific certifications, Network+ prepares professionals to support multi-vendor network environments, making it universally applicable across diverse IT infrastructures and organizations.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 699 questions.
Preview — answers shown1. A network technician at Tailspin Toys is investigating why BGP has not established a neighbor relationship between two routers. The routers are directly connected. The technician confirms that physical connectivity is fine. Which of the following characteristics of BGP is MOST likely relevant to diagnosing this issue? (Select two!)
Multiple correct answersExplanation
BGP uses TCP port 179 for establishing and maintaining neighbor sessions — if the TCP connection cannot be established (firewall blocking port 179, routing issue), the BGP session cannot form. This is critical to verify when troubleshooting BGP adjacency failures. BGP also requires explicit neighbor statements with the correct remote autonomous system number configured on each router. Unlike OSPF which discovers neighbors automatically via multicast, BGP peers must be manually configured with the neighbor IP address and remote AS number — a mismatch or missing configuration will prevent adjacency. BGP uses TCP port 179, not UDP — it is a reliable connection-oriented protocol. IP protocol number 89 belongs to OSPF, not BGP. eBGP peers use different AS numbers by definition — AS numbers do not need to match between eBGP peers (they must be different).
2. A technician is planning wireless coverage for a large office spanning the 2.4 GHz, 5 GHz, and 6 GHz bands. Which channel configuration represents best practices to minimize co-channel interference? (Select one!)
Explanation
In the 2.4 GHz band, only channels 1, 6, and 11 are non-overlapping in North America using 20 MHz channel width, providing three clean channels for deployment without co-channel interference. The 5 GHz band offers 25 or more non-overlapping channels depending on regulatory domain, all of which can be used to avoid interference. The 6 GHz band (available with Wi-Fi 6E) provides numerous additional non-overlapping channels with minimal congestion and no legacy devices. Using channels like 1, 3, 5, 7, 9, and 11 in 2.4 GHz creates overlapping adjacent channels that cause significant interference. Limiting deployment to only channel 6 in 2.4 GHz or a narrow range in 5 GHz unnecessarily restricts channel reuse and capacity. The 6 GHz band uses its own channel numbering scheme distinct from 2.4 and 5 GHz, and limiting to only 11 channels wastes available spectrum.
3. Contoso is deploying a VoIP solution and needs to choose the appropriate transport protocol. The application requires minimal latency and can tolerate some packet loss. Which characteristics make UDP the preferred choice over TCP for this scenario? (Select two!)
Multiple correct answersExplanation
UDP is connectionless and does not establish a connection before sending data, eliminating handshake overhead. UDP also lacks retransmission mechanisms, which reduces latency but means lost packets are not recovered. This makes UDP ideal for real-time applications like VoIP where speed is more critical than perfect reliability. TCP, not UDP, guarantees ordered delivery, performs error correction, and uses three-way handshakes.
4. Tailspin Toys is implementing port security on access switches to control unauthorized device connections. When a third device connects to a port configured for a maximum of 2 MAC addresses, the administrator wants the port to remain active for authorized devices, drop frames from the unauthorized device, and generate log messages. Which violation mode should be configured? (Select one!)
Explanation
Restrict - drops unauthorized frames, keeps port active, and logs violations is correct because it meets all three stated requirements: the port remains operational for authorized MAC addresses, frames from the unauthorized device are dropped, and the violation is logged via syslog and SNMP traps with the security violation counter incremented. Shutdown - err-disables the port is the default violation mode that completely disables the port when any violation occurs, requiring manual administrator intervention to recover—this disrupts authorized devices and fails the requirement to keep the port active. Protect - drops unauthorized frames silently with no logging drops frames from unauthorized devices and keeps the port active, but does NOT generate log messages or SNMP traps, failing the logging requirement. Recover is not a port security violation mode—errdisable recovery is a separate feature that automatically re-enables err-disabled ports after a configurable timeout period, used to recover from Shutdown mode violations.
5. Contoso is implementing 802.1X port-based authentication. A network engineer identifies three distinct roles in the authentication process: the endpoint requesting access, the switch enforcing the policy, and the server validating credentials. Which components fulfill each of these roles? (Select three!)
Multiple correct answersExplanation
802.1X authentication requires three components: the supplicant is the client software on the endpoint requesting network access, the authenticator is typically a switch or wireless AP that enforces port-based access control by blocking or allowing traffic, and the authentication server (usually RADIUS) validates the credentials presented by the supplicant and informs the authenticator of the result.
CompTIA A+ Core 1 (220-1101)
220-1101 · 700 questions
CompTIA A+ Core 2 (220-1102)
220-1102 · 700 questions
CompTIA Cloud+ (CV0-004)
CV0-004 · 700 questions
CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003)
CS0-003 · 700 questions
CompTIA Data+ (DA0-001)
DA0-001 · 700 questions
CompTIA DataSys+ (DS0-001)
DS0-001 · 700 questions
$17.99
One-time access to this exam