How many questions is the Network+ N10-009 exam and how long is it?

The N10-009 exam has a maximum of 90 questions and a 90-minute time limit. Questions are multiple-choice (single and multiple response) plus performance-based questions (PBQs).

How long should I study for Network+?

With around 9–12 months of networking exposure, most candidates need 4–8 weeks of focused study. Our 4-week plan assumes about 10–12 hours per week.

Does N10-009 include performance-based questions?

Yes. Alongside multiple-choice items, the exam includes performance-based questions such as drag-and-drop and simulations.

How hard is the Network+ exam?

It is an entry-to-intermediate infrastructure exam. The hardest parts for most candidates are subnetting, the OSI model, and troubleshooting scenarios — all of which reward hands-on practice over memorization.

CompTIA Network+ (N10-009) Study Guide — Domains, Plan & Cheat Sheet

Q: Are these practice questions real exam questions?

No. Every question is original, written against the publicly available N10-009 objectives and checked against primary sources. Real exam content is under CompTIA's NDA; using leaked dumps can void your certification.

Exam at a glance

The CompTIA Network+ (N10-009) validates that you can design, configure, manage, and troubleshoot wired and wireless networks. Here are the numbers that shape how you should study.

Questions

90 max

Time limit

90 minutes

Passing score

720 / 100–900

Question types

MCQ + PBQs

Because there can be up to 90 questions in 90 minutes, pacing matters — that's roughly a minute per item, and the performance-based questions (drag-and-drop and simulations) eat more time than a multiple-choice question. The exam is weighted across five domains, and Troubleshooting (24%) and Networking Concepts (23%) together make up nearly half the exam, so they deserve the most study time.

Domains & weighting

Networking Concepts Domain 123% Network Implementation Domain 220% Network Operations Domain 319% Network Security Domain 414% Network Troubleshooting Domain 524%

Where to spend your hours: a sensible split mirrors the weights — most time on Troubleshooting and Networking Concepts, least on Security (which overlaps heavily with Security+ if you study that next).

The five domains

What each domain covers, plus one explained, sourced sample question so you can see the depth the exam expects. Expand a domain to dig in.

1Networking ConceptsThe conceptual foundation — addressing, the OSI model, ports & protocols23%

OSI model (7 layers)Ports & protocolsTCP vs UDPIPv4 & subnetting (CIDR/VLSM)RFC 1918 & APIPAIPv6 basicsTopologies & architecturesCloud (IaaS/PaaS/SaaS)SDN · SD-WAN · VXLAN · SASE · zero trust

SAMPLE · DOMAIN 1 → 1.7 IPv4 ADDRESSING Verified · 3 sources

Which of the following is a private IPv4 address as defined by RFC 1918?

A8.8.8.8Public, internet-routable space (a well-known public DNS resolver) — not RFC 1918.Public

B172.16.5.10172.16.0.0–172.31.255.255 (172.16.0.0/12) is reserved as private by RFC 1918.Correct

C169.254.7.1169.254.0.0/16 is link-local (APIPA, Microsoft's name for RFC 3927) — reserved, but not RFC 1918.Trap (APIPA)

D200.1.1.1Falls in public, internet-routable space.Public

RFC 1918 §3 (IETF) · IANA IPv4 Special-Purpose Registry · RFC 3927 — checked against all three.

Practice these concepts

2Network ImplementationBuilding it — routing, switching, wireless, and cabling20%

Routing (static/dynamic, OSPF, BGP)NAT & FHRPVLANs & 802.1Q trunkingSTPLink aggregationPoE (802.3af/at/bt)802.11 wireless (WPA2/WPA3)Copper & fiber cablingTransceivers & connectors

SAMPLE · DOMAIN 2 → 2.3 WIRELESS SECURITY Sourced

Which wireless security standard provides the strongest protection for a modern Wi-Fi network?

AWEPRC4/IV scheme broken long ago — crackable in minutes. Fully obsolete.Obsolete

BWPA2-PSK (AES)Strong for years, but vulnerable to offline dictionary attacks on the PSK. Good, not best.Trap

CWPA3 (SAE)SAE (Simultaneous Authentication of Equals) resists offline cracking — the current strongest option.Correct

DOpen / no encryptionAnyone nearby can read the traffic. The weakest possible choice.No security

Wi-Fi Alliance WPA3 specification · N10-009 Obj 2.3.

Practice these concepts

3Network OperationsKeeping it running — documentation, monitoring, availability19%

Change management & SLAsBaselines & diagramsIPAMSNMP · syslog · flow dataRPO / RTOMTTR / MTBFHA & active/passive failoverBackupsNTP · DNS · DHCP

SAMPLE · DOMAIN 3 → 3.3 DR METRICS Sourced

A continuity plan must define the maximum amount of data, measured in time, the organization can afford to lose in an outage. Which metric is this?

ARTO — Recovery Time ObjectiveHow long you can be down before recovering — a time-to-restore target, not data loss.Trap

BRPO — Recovery Point ObjectiveMaximum acceptable data loss expressed as time — it sets your backup frequency.Correct

CMTTR — Mean Time To RepairAverage time to fix a failed component — a maintainability metric.Wrong metric

DMTBF — Mean Time Between FailuresPredicts how long a component runs before failing — a reliability metric.Wrong metric

RPO = acceptable data loss (time); RTO = acceptable downtime · N10-009 Obj 3.3.

Practice these concepts

4Network SecurityDefending it — concepts, attacks, hardening, access control14%

CIA triadZero trust · defense in depthAAANAC & 802.1XSegmentation & ACLsDoS/DDoS · on-pathARP/DNS poisoningVLAN hopping · MAC floodingSocial engineeringVPN & IPsec

SAMPLE · DOMAIN 4 → 4.2 ATTACK TYPES Sourced

An attacker sends forged ARP replies so hosts map the gateway's IP to the attacker's MAC, intercepting traffic. What is this attack?

ADNS poisoningCorrupts name-to-IP resolution. This attack manipulates IP-to-MAC mappings instead.Wrong layer

BARP spoofing / poisoning (on-path)Forged ARP replies poison hosts' caches so traffic flows through the attacker — a classic on-path setup.Correct

CVLAN hoppingUses tagging/double-tagging to reach another VLAN — it doesn't forge ARP mappings.Different attack

DMAC floodingOverflows the switch CAM table to force flooding. Related to switching, but not ARP forgery.Trap

Forged ARP replies = ARP spoofing enabling on-path interception · N10-009 Obj 4.2.

Practice these concepts

5Network TroubleshootingFixing it — methodology, cabling, services, tools24%

7-step methodologyCabling & EMI · CRC errorsDuplex/speed mismatchDHCP & APIPADNS & default gatewaySubnet mask issuesping · traceroute · ipconfignslookup/dig · netstattcpdump / Wireshark

SAMPLE · DOMAIN 5 → 5.3 TROUBLESHOOTING TOOLS Sourced

A user reports a remote site is slow. You want to see each hop along the path and find where latency jumps. Which tool?

Atraceroute / tracertLists each router hop and the latency to it, pinpointing where delay is introduced.Correct

BpingConfirms reachability and round-trip time to the destination — but not the per-hop path.Trap

CnslookupQueries DNS records; it doesn't trace a network path.Wrong tool

DipconfigShows local IP settings — nothing about the path to a remote site.Wrong tool

traceroute shows per-hop path and latency · N10-009 Obj 5.3.

Practice these concepts

A 4-week study plan

A realistic schedule at roughly 10–12 hours per week. Adjust to your experience — but keep the heaviest weeks on Troubleshooting and Networking Concepts, since they're the biggest slices of the exam.

Week 1

Networking Concepts (Domain 1)

OSI model, ports & protocols, TCP vs UDP, and subnetting until CIDR/VLSM feels automatic. Read every answer explanation — even on questions you get right.

Week 2

Implementation & Operations (Domains 2–3)

Switching (VLANs, STP, PoE), routing basics, wireless and cabling; then monitoring (SNMP, syslog), and DR metrics (RPO/RTO, MTTR/MTBF).

Week 3

Security & Troubleshooting (Domains 4–5)

Security concepts and attack types, then the 7-step methodology and the tools (ping, traceroute, ipconfig, nslookup). Practice reading symptoms → cause.

Week 4

Full tests & weak-spot drilling

Take full practice tests under timed conditions, use the per-domain breakdown to find weak areas, and re-drill them. Keep the last days light.

Learn the concept, not the letter. The exam rewards applying ideas to scenarios. When you miss a question, read why each wrong option is wrong — that's where the real learning is.

Cheat sheet

The reference tables worth memorizing cold — ports, subnetting, and the OSI model. Bookmark this.

Common ports & protocols

Port	Protocol	Purpose
20 / 21	FTP	File transfer (data / control)
22	SSH / SFTP	Encrypted remote shell & file transfer
23	Telnet	Remote shell — cleartext, insecure
25	SMTP	Sending email
53	DNS	Name resolution (TCP & UDP)
67 / 68	DHCP	Automatic IP configuration
80	HTTP	Web (unencrypted)
123	NTP	Time synchronization
143	IMAP	Retrieving email (server-side)
161 / 162	SNMP	Device monitoring & traps
389	LDAP	Directory services
443	HTTPS	Web (TLS-encrypted)
445	SMB	Windows file sharing
3389	RDP	Remote desktop (Windows)

Subnetting quick reference

CIDR	Subnet mask	Usable hosts
/24	255.255.255.0	254
/25	255.255.255.128	126
/26	255.255.255.192	62
/27	255.255.255.224	30
/28	255.255.255.240	14
/29	255.255.255.248	6
/30	255.255.255.252	2

Usable hosts = 2ⁿ − 2, where n is the number of host bits (subtract the network and broadcast addresses).

The OSI model

Layer	Name	Examples
7	Application	HTTP, DNS, SMTP
6	Presentation	TLS, encoding, compression
5	Session	Session setup & teardown
4	Transport	TCP, UDP, ports
3	Network	IP, routers, ICMP
2	Data Link	Ethernet, MAC, switches
1	Physical	Cables, connectors, signals

CompTIA's 7-step troubleshooting methodology

#	Step
1	Identify the problem
2	Establish a theory of probable cause
3	Test the theory to determine cause
4	Establish a plan of action
5	Implement the solution (or escalate)
6	Verify full system functionality
7	Document findings, actions, and outcomes

Frequently asked questions

How many questions is the exam, and how long?

Up to 90 questions in 90 minutes — about a minute each. Expect multiple-choice (single and multiple response) plus performance-based questions (drag-and-drop and simulations), which take longer, so manage your pace.

What's the passing score?

720 on a scale of 100–900. It's a scaled score, not a simple percentage, so treat ~80% on practice tests as a confident range rather than an exact cut line.

How long should I study?

With roughly 9–12 months of networking exposure (CompTIA suggests A+ or equivalent), most candidates need 4–8 weeks of focused study. The 4-week plan above assumes about 10–12 hours per week.

How hard is the Network+?

It's an entry-to-intermediate infrastructure exam. The parts most people find hardest — subnetting, the OSI model, and troubleshooting scenarios — reward hands-on practice over memorization, which is exactly what these practice tests are built for.

Are these practice questions real exam questions?

No — and that's deliberate. Every question is original, written against the public N10-009 objectives and checked against primary sources. Real exam content is under CompTIA's NDA; using leaked "dumps" can get your certification revoked.

How this guide is sourced. Domain names and weights, the question count, time limit, passing score, and question formats are taken from CompTIA's publicly published N10-009 exam objectives and official exam details. Every sample question is checked against primary references (RFC, IANA, IEEE, and Wi-Fi Alliance documentation), with the source shown on each. This is an independent study resource — certpracticelab is not affiliated with or endorsed by CompTIA.

CompTIA — Network+ (N10-009) certification & exam details · comptia.org
CompTIA — Network+ (N10-009) exam objectives (PDF) · official objectives

CompTIA Network+ (N10-009) Study Guide

Exam at a glance

Domains & weighting

The five domains

A 4-week study plan

Readiness checklist

Domain 1 · Networking Concepts

Domain 2 · Network Implementation

Domain 3 · Network Operations

Domain 4 · Network Security

Domain 5 · Network Troubleshooting

Cheat sheet

Common ports & protocols

Subnetting quick reference

The OSI model

CompTIA's 7-step troubleshooting methodology

Frequently asked questions

You've reviewed the map — now find your weak spots.