CertHead

CompTIA Network+ (N10-009) practice questions

887 exam-style questions across all 5 official exam domains, with full answer explanations. Try the samples below, then drill any domain.

Practice by domain

Sample questions

Question 1 · Difficulty 3/5

A network engineer is reviewing a protocol stack and notes that one layer is handling JPEG image compression and ASCII-to-EBCDIC character code translation before handing data to the layer below it. Which OSI layer is performing these functions? (Select the best answer.)
  1. Layer 7. Application
  2. Layer 5. Session
  3. Layer 4. Transport
  4. Layer 6. Presentation
Show answer & explanation

Correct answer: D

Layer 6. Presentation
Layer 6 (Presentation) is responsible for data formatting, translation between character sets (such as ASCII and EBCDIC), and compression/decompression of data formats such as JPEG or MPEG before passing the data to the Session layer below. Layer 7 (Application) provides network services directly to user applications (HTTP, FTP, SMTP) but does not perform encoding translation. Layer 5 (Session) manages communication sessions and synchronization checkpoints. Layer 4 (Transport) handles segmentation, flow control, and reliable delivery, it does not perform character translation or media compression.

Question 2 · Difficulty 3/5

A junior engineer asks why the company's core routers use OSPF rather than static routes. Which of the following is the most accurate explanation for choosing a dynamic routing protocol over static routes in a large, multi-path network? (Select the best answer.)
  1. Dynamic routing protocols encrypt routing updates, whereas static routes are transmitted in plaintext
  2. Dynamic routing protocols automatically update the routing table when topology changes occur, reducing administrative overhead and enabling convergence without manual intervention
  3. Static routes cannot be used in networks that run IPv4 and IPv6 simultaneously
  4. Dynamic routing protocols eliminate the need for a default gateway on end hosts
Show answer & explanation

Correct answer: B

Dynamic routing protocols automatically update the routing table when topology changes occur, reducing administrative overhead and enabling convergence without manual intervention
The primary advantage of dynamic routing protocols in large networks is automatic convergence, when a link or router fails, protocols such as OSPF detect the change and recalculate paths without administrator intervention, which would be impractical to replicate manually across hundreds of static routes. Dynamic routing protocols do not inherently encrypt routing updates; authentication is an optional feature separate from encryption. Static routes work perfectly in dual-stack environments using both ip route and ipv6 route commands. Dynamic routing has no effect on the default gateway configuration of end hosts, which is a parameter set independently on each host.

Question 3 · Difficulty 2/5

Which type of network diagram focuses exclusively on how devices are physically interconnected, showing the actual cables, physical ports, and hardware media types, without displaying IP addresses, VLANs, or routing protocol boundaries? (Select the best answer.)
  1. Layer 1 physical diagram
  2. Layer 2 logical diagram
  3. Layer 3 logical diagram
  4. Wireless heat map
Show answer & explanation

Correct answer: A

Layer 1 physical diagram
A Layer 1 (physical) diagram documents the tangible cabling and hardware connections between devices, port-to-port links, media type (fiber vs. copper), and connector locations, without any logical addressing or protocol information. A Layer 2 logical diagram adds switching constructs such as VLANs, trunk designations, and STP topology. A Layer 3 logical diagram adds IP subnets, routing protocol areas, and gateway addresses. A wireless heat map visualizes RF signal strength across a physical space and is not a general-purpose cabling diagram.

Question 4 · Difficulty 2/5

Which of the following IAM protocols separates the authentication and authorization functions into distinct services, making it the preferred choice when a network administrator needs granular, per-command authorization on Cisco network devices? (Select the best answer.)
  1. RADIUS
  2. LDAP
  3. TACACS+
  4. SAML
Show answer & explanation

Correct answer: C

TACACS+
TACACS+ (Terminal Access Controller Access-Control System Plus) separates authentication, authorization, and accounting (AAA) into three independent functions, allowing per-command authorization on Cisco IOS devices, a critical requirement for network device administration. RADIUS combines authentication and authorization in a single response and does not natively support per-command authorization. LDAP is a directory query protocol used to look up user attributes, not a full AAA framework for device command authorization. SAML is an XML-based federation protocol used for web-based Single Sign-On between identity providers and service providers, not device command control.

Question 5 · Difficulty 3/5

A network engineer has confirmed through testing that a misconfigured access control list (ACL) on a distribution-layer router is blocking HTTPS traffic to the corporate intranet. She now considers whether she has the authority and a rollback plan before making any changes. Which step of the Cisco seven-step troubleshooting methodology does this activity belong to? (Select the best answer.)
  1. Step 3. Test the Theory to Determine Cause
  2. Step 5. Implement the Solution or Escalate the Problem
  3. Step 4. Establish a Plan of Action to Resolve the Problem
  4. Step 6. Verify Full System Functionality and Implement Preventive Measures
Show answer & explanation

Correct answer: C

Step 4. Establish a Plan of Action to Resolve the Problem
Determining the scope of changes required, assessing authorization to proceed, and preparing a rollback plan are all activities that belong to Step 4 (Establish a Plan of Action). Step 3 was already completed when the engineer confirmed the ACL was the cause. Step 5 is the actual implementation of the fix (or escalation if she lacks authority). Step 6 occurs after implementation to confirm that all affected services are restored and to prevent recurrence.

Ready to test yourself for real?

The free quiz pulls live questions from the same banks — no account required.

Start the free quiz