How hard is the CompTIA Network+ exam?
The CompTIA Network+ is an intermediate-level exam harder than A+ but easier than Security+. Most candidates need 4-8 weeks of dedicated study with some networking background or A+ certification. The exam covers networking concepts, infrastructure, operations, security, and troubleshooting across 90 questions in 90 minutes with a passing score of 720 out of 900.
The CompTIA Network+ N10-009 certification is the most widely recognized vendor-neutral networking certification and a standard qualification for network technicians, help desk professionals moving into networking, and entry-level network administrators. It validates foundational and intermediate networking skills that apply across all vendor platforms.
Network+ is required or preferred in IT support and network operations roles, is listed in the U.S. Department of Defense Directive 8570 for IAT Level I positions, and serves as a stepping stone to vendor-specific certifications like CCNA. The exam costs $369 USD and requires a passing score of 720 out of 900.
Exam Overview
| Detail | Information |
|---|---|
| Exam Code | N10-009 |
| Full Name | CompTIA Network+ |
| Number of Questions | Maximum 90 |
| Time Limit | 90 minutes |
| Passing Score | 720/900 |
| Cost | $369 USD |
| Prerequisites | A+ recommended; 9-12 months of networking experience |
| Validity | 3 years (renewed via CEUs or retaking) |
| Question Types | Multiple choice, drag-and-drop, performance-based |
The N10-009 exam covers five domains:
- Networking fundamentals (23%)
- Network implementations (19%)
- Network operations (17%)
- Network security (20%)
- Network troubleshooting (21%)
"Network+ represents the minimum baseline that networking professionals should possess before being trusted with live network equipment. Candidates who have memorized port numbers and OSI layers but have not actually configured a switch or traced a cable often struggle with the performance-based questions that require demonstrating practical skills." -- CompTIA authorized instructor community
Domain 1: Networking Fundamentals (23%)
OSI and TCP/IP Models
| OSI Layer | TCP/IP Layer | Protocols | PDU |
|---|---|---|---|
| Application (7) | Application | HTTP, HTTPS, DNS, SMTP, FTP | Data |
| Presentation (6) | Application | TLS/SSL, JPEG, MPEG | Data |
| Session (5) | Application | NetBIOS, SOCKS | Data |
| Transport (4) | Transport | TCP, UDP | Segment |
| Network (3) | Internet | IP, ICMP, IGMP | Packet |
| Data Link (2) | Network Access | Ethernet, Wi-Fi, PPP | Frame |
| Physical (1) | Network Access | Ethernet cabling, fiber, wireless | Bits |
IP Addressing and Subnetting
IPv4 subnetting is one of the most heavily tested topics on Network+. Candidates must calculate:
- Network address: First address in a subnet (all host bits are 0)
- Broadcast address: Last address in a subnet (all host bits are 1)
- Usable host range: All addresses between network and broadcast
- Number of subnets: 2^(number of subnet bits)
- Number of hosts: 2^(number of host bits) - 2
CIDR notation: /24 means 24 network bits and 8 host bits. Subnet mask is 255.255.255.0.
IPv6 address types:
- Global unicast: Public IPv6 addresses (starts with 2000::/3)
- Link-local: Automatically configured on every IPv6 interface (starts with FE80::/10)
- Unique local: Private IPv6 addresses (starts with FC00::/7)
- Multicast: One-to-many (starts with FF00::/8)
Common Ports and Protocols
| Port | Protocol | Service |
|---|---|---|
| 20/21 | TCP | FTP (data/control) |
| 22 | TCP | SSH |
| 23 | TCP | Telnet |
| 25 | TCP | SMTP |
| 53 | TCP/UDP | DNS |
| 67/68 | UDP | DHCP (server/client) |
| 80 | TCP | HTTP |
| 110 | TCP | POP3 |
| 143 | TCP | IMAP |
| 443 | TCP | HTTPS |
| 3389 | TCP | RDP |
Domain 2: Network Implementations (19%)
Network Devices and Their Functions
Hubs operate at Layer 1. All devices on a hub share the same collision domain. Obsolete in modern networks.
Switches operate at Layer 2. Use MAC address tables to forward frames only to the destination port. Each port is its own collision domain.
Routers operate at Layer 3. Route packets between different IP networks using routing tables.
Multilayer switches combine switching and routing functions, performing Layer 3 routing between VLANs.
Firewalls filter traffic based on rules. Can operate at multiple layers (stateful firewalls at Layer 4, NGFW at Layer 7).
Ethernet Standards
| Standard | Speed | Media | Max Distance |
|---|---|---|---|
| 100BASE-TX | 100 Mbps | Cat5e UTP | 100 meters |
| 1000BASE-T | 1 Gbps | Cat5e/Cat6 UTP | 100 meters |
| 10GBASE-T | 10 Gbps | Cat6a UTP | 100 meters |
| 1000BASE-SX | 1 Gbps | Multimode fiber | 550 meters |
| 1000BASE-LX | 1 Gbps | Single-mode fiber | 5 km |
| 10GBASE-SR | 10 Gbps | Multimode fiber | 300 meters |
Cable Types and Connectors
- UTP (Unshielded Twisted Pair): Cat5e, Cat6, Cat6a for Ethernet; RJ-45 connector
- STP (Shielded Twisted Pair): Additional shielding for high-interference environments
- Coaxial cable: Used for cable TV and cable internet (F-type connector)
- Single-mode fiber: Laser light source; long distances (20+ km); yellow jacket
- Multimode fiber: LED light source; shorter distances (<2 km); orange or aqua jacket
- Fiber connectors: SC, LC, ST, MTRJ
Domain 3: Network Operations (17%)
Documentation and Diagrams
Network+ tests understanding of network documentation types:
- Physical network diagrams: Show physical locations of devices and cable runs
- Logical network diagrams: Show IP addressing, VLANs, and routing relationships
- Wiring diagrams: Show cabling infrastructure in buildings
- Rack diagrams: Show equipment placement in server racks
- Site surveys: Document wireless coverage areas
High Availability Concepts
- SLA (Service Level Agreement): Defines the agreed uptime target (99.9% = 8.7 hours downtime/year; 99.99% = 52 minutes downtime/year)
- MTTR (Mean Time to Repair): Average time to restore service after failure
- MTBF (Mean Time Between Failures): Average operating time between failures
- RPO (Recovery Point Objective): Acceptable data loss in time
- RTO (Recovery Time Objective): Acceptable time to restore service
Network Monitoring
- SNMP: Collecting performance metrics from network devices
- Syslog: Collecting event logs from devices; UDP port 514
- NetFlow: Collecting IP traffic flow data for bandwidth analysis
- SNMP traps: Unsolicited alerts from devices when threshold is exceeded
Domain 4: Network Security (20%)
Network Attack Types
| Attack | Description |
|---|---|
| ARP spoofing | Sending forged ARP replies to redirect traffic |
| DNS poisoning | Injecting false DNS records to redirect users |
| DHCP starvation | Exhausting DHCP pool by requesting all addresses |
| Evil twin | Rogue AP mimicking legitimate SSID |
| On-path attack | Intercepting traffic between two communicating hosts |
| DoS/DDoS | Overwhelming resources with traffic |
| VLAN hopping | Accessing traffic on another VLAN (double tagging) |
Network Security Controls
- Port security: Limiting MAC addresses allowed on a switch port
- DHCP snooping: Preventing rogue DHCP servers
- Dynamic ARP inspection: Preventing ARP spoofing
- 802.1X: Port-based network access control with authentication
- VPN (IPsec, SSL/TLS): Encrypted tunnels for remote access and site-to-site connectivity
- Network segmentation: VLANs and ACLs to isolate sensitive systems
Domain 5: Network Troubleshooting (21%)
Systematic Troubleshooting Process
- Identify the problem: Gather information, duplicate the problem if possible
- Establish a theory: Hypothesize probable causes
- Test the theory: Use the simplest test first
- Establish an action plan: Plan the solution and consider impact
- Implement the solution
- Verify functionality: Test that the original problem is resolved
- Document the resolution
Common Troubleshooting Tools
| Tool | Layer | Purpose |
|---|---|---|
| Cable tester | Layer 1 | Verify cable wiring and continuity |
| Toner probe | Layer 1 | Trace cable runs in walls |
| OTDR | Layer 1 | Test fiber cable length and breaks |
| Wi-Fi analyzer | Layer 1-2 | Analyze wireless channels and signal strength |
| ping | Layer 3 | Test IP connectivity |
| traceroute / tracert | Layer 3 | Trace packet path to destination |
| nslookup / dig | Layer 7 | Test DNS resolution |
| netstat | Layer 4 | Show active connections and listening ports |
| Wireshark | All layers | Packet capture and protocol analysis |
Frequently Asked Questions
Is Network+ worth getting in 2025? Yes, Network+ remains valuable in 2025. It is recognized by employers globally, required for many U.S. government IT positions under DoD 8570, and serves as a proven stepping stone to more advanced certifications. For professionals working in IT support, network operations, or beginning a network engineering career, Network+ demonstrates a verified, vendor-neutral foundation that employers trust.
Should I get Network+ before CCNA? Network+ and CCNA serve different audiences. Network+ is vendor-neutral and broader but shallower; CCNA is Cisco-specific and deeper in networking topics. If your career goal involves Cisco environments or network engineering, CCNA provides more career value. If your goal is general IT or vendor-neutral networking knowledge (for government roles or multi-vendor environments), Network+ is the better choice. Many candidates do both.
How many hours of study are needed for Network+? Candidates with IT background (A+ or equivalent experience) typically need 60-100 hours of study. Those completely new to networking may need 120-150 hours. The official CompTIA CertMaster Learn course is approximately 40 hours. Adding practice exams and lab time brings most candidates to a passing level within 4-8 weeks of focused study.
References
- CompTIA. (2025). CompTIA Network+ N10-009 Exam Objectives. https://www.comptia.org/certifications/network
- Meyers, M. (2023). CompTIA Network+ Certification All-in-One Exam Guide, 9th Edition. McGraw-Hill.
- Dulaney, E. (2023). CompTIA Network+ N10-009 Study Guide. Sybex.
- Professor Messer. (2025). CompTIA Network+ N10-009 Course. https://www.professormesser.com/network-plus/
- CompTIA. (2025). DoD 8570/8140 Compliance. https://www.comptia.org/certifications/which-certification/dod-8570
- Jason Dion. (2025). CompTIA Network+ (N10-009) Study Guide. Udemy.