200+ Free CompTIA Network+ Practice Questions

Pass your CompTIA Network+ Certification (N10-009) exam on the first try — instant access, no signup required.

✓ No registration✓ No credit card✓ No hidden fees✓ Start practicing immediately

~70-75% Pass Rate

200+ Questions

100% Free

1 / 10

Question 1

Score: 0/0

Which layer of the OSI model is responsible for logical addressing and routing packets between networks?

Data Link layer

Network layer

Transport layer

Session layer

to track

2026 Statistics

Key Facts: CompTIA Network+ Exam

720/900

Passing Score

CompTIA

Up to 90 Q

Exam Questions

CompTIA N10-009

60-80 hrs

Study Time

Recommended

$67,770

Median Admin Salary

BLS 2024

$369

Exam Fee

CompTIA

3 years

Certification Valid

CompTIA (CE required)

CompTIA Network+ (N10-009) requires a passing score of 720 out of 900. The exam has up to 90 questions (multiple choice and performance-based) in 90 minutes. The five domains are: Networking Concepts (23%), Network Implementation (19%), Network Operations (17%), Network Security (20%), and Network Troubleshooting (21%). It is DoD 8140 approved and recommended for network administrator roles with a median salary of $67,770 (BLS 2024).

Sample CompTIA Network+ Practice Questions

Try these sample questions to test your CompTIA Network+ exam readiness. Each question includes a detailed explanation. Start the interactive quiz above for the full 200+ question experience with AI tutoring.

1Which layer of the OSI model is responsible for logical addressing and routing packets between networks?

A.Data Link layer

B.Network layer

C.Transport layer

D.Session layer

Explanation: The Network layer (Layer 3) handles logical addressing (IP addresses) and determines the best path for data to travel between different networks. Routers operate at this layer to forward packets based on IP addresses. The Data Link layer handles physical addressing (MAC), while the Transport layer manages end-to-end communication.

2A network administrator needs to allow only HTTPS traffic into the network while blocking all other inbound connections. Which TCP port must be permitted?

A.Port 80

B.Port 443

C.Port 8080

D.Port 8443

Explanation: HTTPS (HTTP Secure) uses TCP port 443. Port 80 is for unencrypted HTTP traffic. Ports 8080 and 8443 are common alternative HTTP/HTTPS ports but are not the standard well-known ports. Allowing only port 443 ensures encrypted web traffic while blocking everything else.

3Which of the following IP addresses belongs to the 192.168.10.0/24 network?

A.192.168.11.1

B.192.168.9.254

C.192.168.10.200

D.192.168.100.1

Explanation: The /24 subnet mask (255.255.255.0) means only the first three octets define the network. All hosts in 192.168.10.0/24 must have the first three octets as 192.168.10. Only 192.168.10.200 matches. The other addresses (192.168.11.1, 192.168.9.254, 192.168.100.1) are on different /24 networks.

4A technician is configuring a server with an IPv6 address. The address FE80::1/64 is assigned. What type of IPv6 address is this?

A.Global unicast address

B.Link-local address

C.Multicast address

D.Loopback address

Explanation: IPv6 addresses starting with FE80::/10 (FE80 through FEBF) are link-local addresses. These are automatically configured on all IPv6-enabled interfaces and are only valid within a single network segment — they cannot be routed. Global unicast addresses begin with 2000::/3, multicast begins with FF00::/8, and the loopback address is ::1/128.

5Which protocol automatically assigns IP addresses, subnet masks, default gateways, and DNS server addresses to client devices?

A.ARP

B.DHCP

C.DNS

D.ICMP

Explanation: DHCP (Dynamic Host Configuration Protocol) automatically provides IP configuration to clients including IP address, subnet mask, default gateway, DNS servers, and lease time. ARP resolves IP addresses to MAC addresses. DNS resolves hostnames to IP addresses. ICMP is used for network diagnostics (ping, traceroute) and error reporting.

6A company is planning to migrate its on-premises servers to a cloud environment where each customer's workload runs on dedicated hardware that is not shared with other customers. Which cloud deployment model best describes this?

A.Public cloud

B.Community cloud

C.Private cloud

D.Hybrid cloud

Explanation: A private cloud provides dedicated infrastructure that is not shared with other organizations. Resources are provisioned exclusively for one organization, either on-premises or hosted by a third party. Public clouds share infrastructure among multiple tenants. A community cloud is shared among organizations with similar requirements. A hybrid cloud combines public and private cloud models.

7Which OSI model layer is responsible for establishing, maintaining, and terminating sessions between applications?

A.Transport layer

B.Presentation layer

C.Session layer

D.Application layer

Explanation: The Session layer (Layer 5) manages dialog control between applications, including establishing, maintaining, and gracefully terminating sessions. It handles synchronization and checkpointing. The Transport layer (Layer 4) provides reliable end-to-end data transfer. The Presentation layer (Layer 6) handles data formatting, encryption, and compression.

8A network engineer needs to subnet 192.168.1.0/24 into subnets with at least 30 usable host addresses each. Which subnet mask should be used?

A./25 (255.255.255.128)

B./26 (255.255.255.192)

C./27 (255.255.255.224)

D./28 (255.255.255.240)

Explanation: A /27 subnet has 2^5 = 32 total addresses, providing 32 - 2 = 30 usable host addresses (subtracting network and broadcast addresses). A /28 gives only 14 usable hosts, which is too few. A /26 provides 62 usable hosts, and /25 provides 126 usable hosts — both work but waste address space if exactly 30 are needed.

9Which protocol operates at the Application layer and is used to securely transfer files between a client and a server using an encrypted connection?

A.FTP

B.TFTP

C.SFTP

D.SCP only

Explanation: SFTP (SSH File Transfer Protocol) provides secure file transfer over an encrypted SSH connection on TCP port 22. Regular FTP (ports 20/21) transmits data in plaintext and is insecure. TFTP (port 69) uses UDP and has no authentication. While SCP also uses SSH, SFTP provides a more complete file management protocol with directory listings and file manipulation.

10A company's DNS server returns the IP address 192.0.2.1 when queried for www.example.com. An employee reports that the website is unreachable. Which DNS record type maps a hostname to an IPv4 address?

A.AAAA record

B.CNAME record

C.A record

D.MX record

Explanation: An A (Address) record maps a hostname to a 32-bit IPv4 address. AAAA records map hostnames to 128-bit IPv6 addresses. CNAME (Canonical Name) records create aliases pointing to another hostname. MX (Mail Exchange) records specify mail servers responsible for receiving email for a domain.

About the CompTIA Network+ Exam

The CompTIA Network+ (N10-009) certification validates the skills needed to design, configure, manage, and troubleshoot wired and wireless networks. It is vendor-neutral, DoD 8140 approved, and recommended as the second certification after CompTIA A+. Updated in 2024, it adds cloud networking, network automation, zero trust, SASE, and SD-WAN concepts.

Questions

90 scored questions

Time Limit

90 minutes

Passing Score

720/900

Exam Fee

$369 (CompTIA / Pearson VUE)

CompTIA Network+ Exam Content Outline

23%

Networking Concepts

OSI and TCP/IP models, IP addressing (IPv4/IPv6), subnetting, CIDR, routing protocols (OSPF, BGP, EIGRP), switching concepts (VLANs, STP, trunking), cloud networking (IaaS, PaaS, SaaS), SD-WAN, SASE

19%

Network Implementation

Wired and wireless standards (802.11ax/Wi-Fi 6E), copper and fiber cabling, network hardware (routers, switches, firewalls, APs), VLAN configuration, static and dynamic routing, DNS, DHCP, NTP

17%

Network Operations

Network monitoring (SNMP, NetFlow, syslog), documentation and diagrams, change management, backup and recovery, high availability, disaster recovery, remote access (VPN, RDP, SSH)

20%

Network Security

Zero Trust architecture, SASE, network attacks (DDoS, VLAN hopping, ARP spoofing, on-path attacks), firewalls (stateful vs stateless), IDS/IPS, network segmentation, PKI and certificates, AAA (RADIUS, TACACS+), wireless security (WPA3)

21%

Network Troubleshooting

Systematic troubleshooting methodology, wired and wireless issues, IP connectivity problems, command-line tools (ping, traceroute, nslookup, netstat, arp, ipconfig/ifconfig, tcpdump, Wireshark), fiber and copper testing

How to Pass the CompTIA Network+ Exam

What You Need to Know

Passing score: 720/900
Exam length: 90 questions
Time limit: 90 minutes
Exam fee: $369

Keys to Passing

Complete 500+ practice questions
Score 80%+ consistently before scheduling
Focus on highest-weighted sections
Use our AI tutor for tough concepts

CompTIA Network+ Study Tips from Top Performers

1Master subnetting before exam day — Network+ has performance-based questions requiring you to calculate subnet masks, CIDR ranges, and valid host addresses under time pressure

2Know the OSI model layers by heart (Physical, Data Link, Network, Transport, Session, Presentation, Application) and which protocols operate at each layer — multiple questions target this

3Study the Network Troubleshooting domain (21%) systematically — know the 7-step troubleshooting methodology and the specific commands (ping, traceroute, nslookup, netstat, arp) for diagnosing issues

4Understand Zero Trust and SASE concepts — these are new to N10-009 and reflect real-world enterprise security trends

5Learn wireless standards: 802.11a/b/g/n/ac/ax frequencies, channels, and speeds; WPA3 vs WPA2 security; and common wireless interference issues

6Complete 200+ practice questions and score 80%+ consistently before scheduling, paying special attention to performance-based question types

Frequently Asked Questions

What is the CompTIA Network+ passing score?

The CompTIA Network+ (N10-009) exam requires a passing score of 720 out of 900. The exam has up to 90 questions — a mix of multiple-choice (single and multiple answer) and performance-based questions (simulations, drag-and-drop) — with a 90-minute time limit. CompTIA uses scaled scoring, so the exact number of correct answers needed varies based on the difficulty of your specific question set.

How hard is the CompTIA Network+ exam?

Network+ is considered a mid-level IT certification — harder than A+ but easier than Security+ or CCNA. Industry estimates place the pass rate at 70–75% for well-prepared candidates. The performance-based questions (simulations) are the most challenging component, requiring hands-on subnetting and troubleshooting skills. Candidates with A+ certification and 9–12 months of networking experience are typically well-prepared. Plan for 60–80 hours of study.

What changed in the N10-009 update?

The N10-009 exam (released June 2024) updated content to reflect modern networking environments: added cloud networking (IaaS, PaaS, SaaS), network automation and orchestration, Zero Trust architecture, SASE (Secure Access Service Edge), SD-WAN, Wi-Fi 6E (802.11ax), and expanded wireless troubleshooting. Security weight increased slightly. The N10-008 exam retired in December 2024.

How is Network+ different from CCNA?

Network+ is vendor-neutral and covers broad networking concepts across multiple platforms (Cisco, Juniper, HP, cloud). CCNA is vendor-specific (Cisco) and goes deeper into Cisco CLI, configuration, and troubleshooting. Network+ is a better first networking cert for those new to IT; CCNA is better for those targeting Cisco-heavy environments. Network+ is also significantly less expensive ($369 vs. $330–$395 per attempt) and shorter (90 min vs. 120 min).

What jobs can I get with CompTIA Network+?

Network+ qualifies you for: Network Administrator ($55–80K), Network Support Technician ($45–65K), IT Analyst ($50–75K), Systems Administrator ($60–85K), and Help Desk Technician II ($45–60K). The median salary for network and computer systems administrators is $67,770 (BLS 2024). It's DoD 8140 approved, making it valuable for government and defense contractor positions.