Free Practice Questions for CompTIA Network+ Certification

📚 Exam Guide

🔄 Last checked for updates April 8th, 2026

Study with 358 exam-style practice questions designed to help you prepare for the CompTIA Network+.

Random Questions

Practice with randomly mixed questions from all topics

Question MixAll Topics

FormatRandom Order

Domain Mode

Practice questions from a specific topic area

Select Domain

Quiz History

Exam Details

Key information about CompTIA Network+

Official study guide

View

Question formats CertSafari offers

Multiple choice
Ordering
Matching

Exam Topics & Skills Assessed

Skills measured (from the official study guide)

Domain 1: Networking concepts

Subdomain 1.1: OSI model layers

physical, data link, network, transport, session, presentation, application.

Subdomain 1.2: Networking appliances

routers, switches, firewalls, IDS/IPS, load balancers, proxies, NAS, SAN, and wireless devices.

Subdomain 1.3: Cloud concepts

NFV, VPC, network security groups, cloud gateways, deployment models (public, private, hybrid), service models (SaaS, IaaS, PaaS).

Subdomain 1.4: Ports and protocols

FTP, SFTP, SSH, Telnet, SMTP, DNS, DHCP, HTTP, HTTPS, SNMP, LDAP, RDP, SIP.

Subdomain 1.5: Traffic types

unicast, multicast, anycast, broadcast.

Subdomain 1.6: Transmission media

wireless (802.11, cellular, satellite), wired (fiber, coaxial, DAC).

Subdomain 1.7: Transceivers and connectors

SC, LC, ST, MPO, RJ11, RJ45, F-type, BNC.

Subdomain 1.8: Network topologies

mesh, hybrid, star/hub and spoke, spine and leaf, point-to-point, three-tier, and collapsed core.

Subdomain 1.9: IPv4 addressing

public vs. private, APIPA, RFC1918, loopback, subnetting (VLSM, CIDR), and address classes (A, B, C, D, E).

Domain 2: Network implementation

Subdomain 2.1: Routing technologies

static and dynamic routing (BGP, EIGRP, OSPF), route selection, NAT, PAT, FHRP, VIP, and subinterfaces.

Subdomain 2.2: Switching technologies

VLANs, interface configuration, spanning tree, MTU, and jumbo frames.

Subdomain 2.3: Wireless devices

channels, frequency options, SSID, network types, encryption, guest networks, authentication, antennas, and access points.

Subdomain 2.4: Physical installations

installation implications, power considerations, and environmental factors.

Domain 3: Network operations

Subdomain 3.1: Documentation

physical vs. logical diagrams, rack diagrams, cable maps, network diagrams, asset inventory, IPAM, SLA, and wireless surveys.

Subdomain 3.2: Life-cycle management

EOL, EOS, software management, and decommissioning.

Subdomain 3.3: Change management

request process tracking.

Subdomain 3.4: Configuration management

production, backup, baseline configurations.

Subdomain 3.5: Network monitoring

SNMP, flow data, packet capture, baseline metrics, log aggregation, API integration, and port mirroring.

Subdomain 3.6: Disaster recovery

RPO, RTO, MTTR, MTBF, cold/warm/hot sites, active-active/passive, and testing.

Subdomain 3.7: Network services

DHCP, SLAAC, DNS, NTP, PTP, and NTS.

Subdomain 3.8: Access and management

VPNs, SSH, GUI, API, and console.

Domain 4: Network security

Subdomain 4.1: Logical security

encryption (data in transit/rest), PKI, IAM, MFA, SSO, RADIUS, LDAP, SAML, TACACS+, time-based authentication, authorization, least privilege, role-based access control, and geofencing.

Subdomain 4.2: Physical security

cameras and locks.

Subdomain 4.3: Deception technologies

honeypot and honeynet.

Subdomain 4.4: Security terminology

risk, vulnerability, exploit, threat, and CIA triad.

Subdomain 4.5: Audits and compliance

data locality, PCI DSS, and GDPR.

Subdomain 4.6: Network segmentation

IoT, IIoT, SCADA, ICS, OT, guest, and BYOD.

Subdomain 4.7: Types of attacks

DoS/DDoS, VLAN hopping, MAC flooding, ARP poisoning/spoofing, DNS poisoning/spoofing, rogue devices/services, evil twin, on-path attack, and social engineering (phishing, dumpster diving, shoulder surfing, tailgating).

Subdomain 4.8: Security features and defense

device hardening, NAC, key management, ACL, URL/content filtering, trusted vs. untrusted zones, and screened subnet.

Domain 5: Network troubleshooting

Subdomain 5.1: Troubleshooting methodology

identifying the problem, establishing a theory, testing, planning, and implementing a solution, verifying functionality, and documenting findings.

Subdomain 5.2: Cabling and physical interface issues

cable issues (incorrect type, signal degradation, improper termination, TX/RX transposed), interface issues (increasing counters, port status), and hardware issues (PoE, transceiver mismatch, signal strength).

Subdomain 5.3: Network services issues

switching issues (STP, VLAN assignment, ACLs), routing issues (routing table and default routes), address pool exhaustion, and incorrect gateway/IP/subnet mask.

Subdomain 5.4: Performance issues

congestion, latency, packet loss, and wireless interference.

Subdomain 5.5: Tools and protocols

protocol analyzers, command line tools, cable testers, and Wi-Fi analyzers.

Techniques & products

OSI model

physical layer

data link layer

network layer

transport layer

session layer

presentation layer

application layer

routers

switches

firewalls

IDS/IPS

load balancers

proxies

NAS

SAN

wireless devices

NFV

VPC

network security groups

cloud gateways

public cloud

private cloud

hybrid cloud

SaaS

IaaS

PaaS

FTP

SFTP

SSH

Telnet

SMTP

DNS

DHCP

HTTP

HTTPS

SNMP

LDAP

RDP

SIP

unicast

multicast

anycast

broadcast

802.11

cellular

satellite

fiber

coaxial

DAC

SC connector

LC connector

ST connector

MPO connector

RJ11

RJ45

F-type connector

BNC connector

mesh topology

hybrid topology

star/hub and spoke

spine and leaf

point-to-point

three-tier architecture

collapsed core

IPv4 addressing

public IP

private IP

APIPA

RFC1918

loopback address

subnetting

VLSM

CIDR

address classes

static routing

dynamic routing

BGP

EIGRP

OSPF

route selection

NAT

PAT

FHRP

VIP

subinterfaces

VLANs

interface configuration

spanning tree

MTU

jumbo frames

wireless channels

frequency options

SSID

network types

encryption

guest networks

authentication

antennas

access points

physical installations

power considerations

environmental factors

physical diagrams

logical diagrams

rack diagrams

cable maps

network diagrams

asset inventory

IPAM

SLA

wireless surveys

EOL

EOS

software management

decommissioning

change management

request process tracking

configuration management

production configurations

backup configurations

baseline configurations

network monitoring

flow data

packet capture

baseline metrics

log aggregation

API integration

port mirroring

disaster recovery

RPO

RTO

MTTR

MTBF

cold sites

warm sites

hot sites

active-active

active-passive

disaster recovery testing

SLAAC

NTP

PTP

NTS

VPNs

GUI

API

console access

logical security

data in transit encryption

data at rest encryption

PKI

IAM

MFA

SSO

RADIUS

SAML

TACACS+

time-based authentication

authorization

least privilege

role-based access control

geofencing

physical security

cameras

locks

deception technologies

honeypot

honeynet

risk

vulnerability

exploit

threat

CIA triad

audits

compliance

data locality

PCI DSS

GDPR

network segmentation

IoT

IIoT

SCADA

ICS

guest networks

BYOD

DoS/DDoS

VLAN hopping

MAC flooding

ARP poisoning

ARP spoofing

DNS poisoning

DNS spoofing

rogue devices

rogue services

evil twin

on-path attack

social engineering

phishing

dumpster diving

shoulder surfing

tailgating

device hardening

NAC

key management

ACL

URL filtering

content filtering

trusted zones

untrusted zones

screened subnet

troubleshooting methodology

cable issues

physical interface issues

PoE

transceiver mismatch

signal strength

switching issues

routing issues

address pool exhaustion

incorrect gateway

incorrect IP

incorrect subnet mask

congestion

latency

packet loss

wireless interference

protocol analyzers

command line tools

cable testers

Wi-Fi analyzers

Start Practicing