CompTIA Network+ Practice Test for Subdomain 4.3 #02

By /

Welcome to today’s CompTIA Network+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 4.3 (Given a scenario, apply network security features, defense techniques, and solutions) from the CompTIA Network+ N10-009 objectives.

This beginner-level practice test is inspired by the CompTIA Network+ (N10-009) exam and is designed to help you reinforce key networking concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Network+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Network+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Network+ practice tests based on specific domains/subdomains, click that link.

Recommended read: Ultimate CompTIA Network+ Study Guide (2026)

CompTIA Network+ Practice Test for Subdomain 4.3 #02
10 questions • Single best answer
Question 1
A security administrator at a university wants to ensure that only authorized devices can connect to the campus wired network. When a student plugs in a laptop, the switch should verify the device's credentials with a central authentication server before granting network access. Which technology should the administrator implement?
    Question 2
    A technician is configuring a new access layer switch at a small office. Management wants to prevent unauthorized devices from connecting to any switch port. The technician is asked to configure each port so that if an unknown device connects and exceeds one allowed MAC address, the port automatically shuts down. Which feature should the technician configure?
      Question 3
      A network administrator at a manufacturing company wants to prevent workstations in the 192.168.10.0/24 subnet from accessing the payroll server at 10.0.5.50 over any port. Traffic from all other subnets to the payroll server should remain unaffected. Which security mechanism should the administrator use to enforce this restriction?
        Question 4
        Your organization is deploying a publicly accessible web server that must be reachable from the internet while protecting the internal corporate network from unauthorized access. A network architect recommends placing the web server in a specific network zone. Which zone is most appropriate for this deployment?
          Question 5
          A junior network engineer performs an initial review of a newly installed network switch before connecting it to the production environment. The engineer discovers that the device still uses the factory-default credentials for both the administrative and read-only accounts. Which device hardening step should the engineer take immediately?
            Question 6
            The IT team at a logistics company wants to block employees from accessing streaming media sites and social networking platforms during work hours to conserve bandwidth and improve productivity. The solution must apply to all devices on the corporate network without requiring software installed on each endpoint. Which solution should the team implement?
              Question 7
              A network administrator conducting a security audit at a regional bank discovers that 40 of 48 switch ports in the data center are connected to production servers, while the remaining 8 ports have no connected devices and are in their default enabled state. What should the administrator do to reduce the attack surface on the switch?
                Question 8
                A network security team at a healthcare provider is reviewing the organization's PKI infrastructure. They discover that several TLS certificates used on internal servers have expired, and private keys for some certificates are stored in plain text on shared network drives. Which key management practice should the team prioritize to address the most critical security risk?
                  Question 9
                  A help desk analyst receives a ticket from a branch office manager reporting that a newly added network printer cannot connect to the wireless network, even though it has the correct SSID and passphrase configured. Nearby laptops connect without issue. The analyst checks the wireless controller and finds the printer's MAC address is not listed in an approved table. Which wireless security feature is preventing the printer from connecting?
                    Question 10
                    A network architect at a software firm is designing the firewall policy between two network segments. The segment containing development workstations and internal application servers is classified as one zone, while the segment facing the internet is classified as another. Traffic from the internal segment can initiate connections outbound, but connections initiated from the internet-facing segment toward internal resources must be blocked by default. Which zone classification model is being described?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top