Welcome to today’s CompTIA Network+ practice test!
Today’s practice test is based on subdomain 1.3 (Summarize cloud concepts and connectivity options.) from the CompTIA Network+ N10-009 objectives.
This beginner-level practice test is inspired by the CompTIA Network+ (N10-009) exam and is designed to help you reinforce key networking concepts on a daily basis.
These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Network+ certification exam objectives. Use them to test your knowledge, identify areas for improvement, and build daily networking habits.
Click the button below to start today’s practice exam.
Results
#1. A network engineer is tasked with deploying a new environment for application testing. The requirement is for isolated cloud resources that cannot be accessed by other tenants but still use the provider’s infrastructure. Which solution best meets this requirement?
#2. A startup wants to quickly deploy a customer relationship management (CRM) application without maintaining any underlying servers or storage. Which cloud service model should be recommended?
#3. A financial institution has strict compliance requirements and decides to host all workloads internally while still utilizing cloud concepts such as automation and scalability. Which deployment model is being used?
#4. An enterprise uses AWS and connects to its environment through a dedicated high-bandwidth fiber link. Which connectivity option is being utilized?
#5. A company wants an on-demand development platform for building and deploying custom applications but does not want to manage the operating systems. Which cloud service model fits this need?
#6. Which cloud feature allows additional resources to be automatically added during high traffic and removed when demand decreases?
#7. A cloud administrator needs to ensure that traffic between cloud resources remains internal and does not traverse the internet. Which component should be configured?
#8. A company migrating workloads to a public cloud wants to keep its on-premises Active Directory authentication. What is the best connectivity method to ensure secure integration?
#9. A retailer uses multiple cloud providers and an on-premises data center. Which cloud deployment model does this describe?
#10. Which of the following best describes multitenancy in cloud computing?
Note: CompTIA and Network+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.
To view CompTIA Network+ practice tests on other days, click here.To view answers and explanations for today’s questions, expand the Answers accordion below.
Answers
| Number | Answer | Explanation |
|---|---|---|
| 1 | C | A network engineer is tasked with deploying a new environment for application testing. The requirement is for isolated cloud resources that cannot be accessed by other tenants but still use the provider’s infrastructure. Which solution best meets this requirement? A. Public cloud: While the resources are in a public cloud, “public cloud” is a general term and doesn’t inherently guarantee the specific logical isolation from other tenants on the same infrastructure that a VPC offers. Shared public cloud resources without specific isolation mechanisms might expose data to other tenants (though providers do implement security measures). B. Private cloud: A private cloud is an environment where the computing infrastructure is dedicated to a single organization. While it provides isolation, it typically means the organization owns or leases the underlying hardware, which contradicts “still use the provider’s infrastructure” in the context of a shared public cloud. C. Virtual private cloud (VPC) A Virtual Private Cloud (VPC) allows an organization to provision a logically isolated section of a public cloud where they can launch resources in a virtual network that they define. This provides the isolation and control of a private network while still leveraging the scalable and on-demand infrastructure of a public cloud provider. It perfectly fits the requirement for isolated resources not accessible by other tenants but using the provider’s infrastructure. D. Hybrid cloud: A hybrid cloud combines public and private cloud environments. While it’s a deployment model, it doesn’t specifically address the need for isolated resources within a shared public cloud provider’s infrastructure that a VPC provides. |
| 2 | A | A startup wants to quickly deploy a customer relationship management (CRM) application without maintaining any underlying servers or storage. Which cloud service model should be recommended? A. SaaS (Software as a Service) SaaS is the cloud service model where a vendor hosts applications and makes them available to customers over the internet. The customer simply uses the application (like a CRM) and doesn’t need to manage any underlying infrastructure, operating systems, or even application maintenance. This perfectly fits the startup’s need for quick deployment without maintaining servers or storage. B. IaaS (Infrastructure as a Service): IaaS provides virtualized computing resources (like virtual machines, storage, networks) over the internet. While it eliminates the need to buy and maintain physical hardware, the user is still responsible for managing virtual servers, including the operating system, applications, and middleware. This requires more maintenance than the startup desires. C. PaaS (Platform as a Service): PaaS provides a platform for developing, running, and managing applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. While it manages servers and storage for the platform, the user is still responsible for the application code itself. The startup can’t ‘quickly deploy’ the CRM this way. D. NFV (Network Function Virtualization): NFV is a concept that virtualizes network services (like firewalls, load balancers, routers) that traditionally run on proprietary hardware. It’s involves network infrastructure. It’s not a general application deployment model like CRM. |
| 3 | A | A financial institution has strict compliance requirements and decides to host all workloads internally while still utilizing cloud concepts such as automation and scalability. Which deployment model is being used? A. Private cloud A private cloud is a cloud computing environment where the infrastructure is dedicated to a single organization. It can be physically located on the company’s premises (on-premise private cloud) or hosted by a third-party service provider. The key characteristic is exclusive control and access by the organization, allowing them to meet strict compliance requirements while still leveraging cloud benefits like automation, self-service, and scalability within their own controlled environment. B. Public cloud: A public cloud is a cloud computing model where services are offered to multiple customers over the public internet by a third-party provider (e.g., AWS, Azure, Google Cloud). This model might not meet “strict compliance requirements” for hosting all workloads internally. C. Hybrid cloud: A hybrid cloud combines elements of both public and private clouds, allowing data and applications to be shared between them. While it offers flexibility, the scenario specifies “host all workloads internally” which points away from a hybrid model. D. Community cloud: A community cloud is a collaborative cloud environment shared by several organizations with common concerns (e.g., security, compliance, jurisdiction). While it offers some benefits for shared interests, it doesn’t fit the description of a single financial institution hosting all its workloads internally. |
| 4 | B | An enterprise uses AWS and connects to its environment through a dedicated high-bandwidth fiber link. Which connectivity option is being utilized? B. Direct Connect AWS Direct Connect is a cloud service solution that provides a dedicated, high-bandwidth, private network connection from a customer’s on-premises data center or office to AWS. This bypasses the public internet, offering consistent network performance, reduced latency, and increased security, which aligns perfectly with a “dedicated high-bandwidth fiber link” to AWS. A. VPN (Virtual Private Network): While VPNs provide secure connectivity over the internet, they are typically encrypted tunnels over the public internet and do not offer the “dedicated high-bandwidth fiber link” characteristics of Direct Connect. VPNs can use the internet as the underlying transport, which Direct Connect avoids for performance and security reasons. C. NAT Gateway: A NAT (Network Address Translation) Gateway allows instances in a private subnet to connect to the internet or other AWS services, but prevents the internet from initiating a connection with those instances. It’s a networking service for outbound internet access, not for connecting an on-premises environment to AWS via a dedicated link. D. Internet Gateway: An Internet Gateway is a horizontally scaled, redundant, and highly available AWS component that allows communication between instances in your VPC and the internet. It’s for public internet connectivity to and from a VPC, not a dedicated private link from an on-premises location. |
| 5 | C | A company wants an on-demand development platform for building and deploying custom applications but does not want to manage the operating systems. Which cloud service model fits this need? A. IaaS (Infrastructure as a Service): IaaS provides virtualized computing resources (like virtual machines, storage, networks). While it offers flexibility, the user is still responsible for managing the operating system, applications, and middleware. This contradicts the requirement of not managing operating systems. B. SaaS (Software as a Service): SaaS provides complete, ready-to-use applications over the internet (e.g., CRM, email services). The user only interacts with the application, with no management of underlying infrastructure or even the application code itself. This is for consuming a finished application, not building custom ones. C. PaaS (Platform as a Service) PaaS provides a complete development and deployment environment in the cloud, including the operating system, programming language execution environment, databases, and web servers. The user manages their applications and data, but the cloud provider handles the underlying infrastructure, including the operating systems. This perfectly fits the need for an “on-demand development platform” where the user “does not want to manage the operating systems.” D. NFV (Network Function Virtualization): NFV is a concept that virtualizes network services that traditionally run on proprietary hardware. It’s focused on network infrastructure and functions, not a general platform for application development. |
| 6 | B | Which cloud feature allows additional resources to be automatically added during high traffic and removed when demand decreases? A. Multitenancy: Multitenancy is an architecture where a single instance of a software application serves multiple customers (tenants). While a common cloud characteristic, it doesn’t describe the automatic addition/removal of resources based on demand. B: Elasticity: Elasticity is the cloud feature that allows resources to be automatically and dynamically added (scaled out/up) or removed (scaled in/down) in response to changes in demand (like high traffic or decreased demand). It’s about the automatic and rapid adjustment of resources. C. Scalability: Scalability is the capability of a system to handle a growing amount of work by adding resources. While elasticity leverages scalability, scalability itself doesn’t explicitly imply the automatic addition and removal based on demand fluctuations. A system can be scalable (designed to be expanded) but not elastic (automatically expands/contracts). The key word in the question is “automatically added… and removed when demand decreases.” D. NFV (Network Function Virtualization): NFV is the concept of virtualizing network services (like firewalls, routers, load balancers) from dedicated hardware appliances into software running on generic servers. It’s involves abstracting network functions, not the automatic scaling of general compute resources based on traffic. |
| 7 | C | A cloud administrator needs to ensure that traffic between cloud resources remains internal and does not traverse the internet. Which component should be configured? A. Internet gateway: An Internet Gateway is used to allow instances in a VPC to communicate with the internet. This is the opposite of what is required, as the goal is to avoid traversing the internet. B. NAT gateway: A NAT (Network Address Translation) gateway allows instances in a private subnet to connect to the internet or other AWS services (like S3) but prevents the internet from initiating a connection with those instances. It’s for controlled outbound internet access, not for internal private communication between cloud resources. C. VPC peering VPC peering (or equivalent in other cloud providers) allows you to connect two Virtual Private Clouds (VPCs) privately and directly. This creates a network connection between two VPCs so that they can communicate with each other as if they were in the same network, using private IP addresses. This ensures that traffic remains internal to the cloud provider’s network and does not traverse the internet. D. VPN (Virtual Private Network): While a VPN can create a secure tunnel, it’s typically used to connect an on-premises network to the cloud or for secure remote access over the internet. While some cloud providers offer VPN gateways for inter-VPC connectivity, VPC peering is generally preferred for direct, private, and higher-performance communication between VPCs within the same cloud provider’s infrastructure without using the internet as the transport. The question specifically asks for traffic to “remain internal and does not traverse the internet,” which VPC peering handles more directly for inter-VPC communication. |
| 8 | C | A company migrating workloads to a public cloud wants to keep its on-premises Active Directory authentication. What is the best connectivity method to ensure secure integration? A. Internet gateway: An Internet Gateway allows communication between a VPC and the internet. While necessary for general internet access for cloud resources, it does not provide the secure, private tunnel needed for sensitive Active Directory integration from on-premises. B. Direct Connect: AWS Direct Connect (or similar dedicated connections from other providers) provides a private, high-bandwidth fiber link between on-premises and the cloud. While it offers superior performance and security, it’s typically a more expensive and complex solution than a VPN and isn’t strictly necessary for just Active Directory integration, especially for initial or smaller deployments. A VPN is generally the “best” (most common, cost-effective, and secure enough) method for this specific integration. C. VPN (Virtual Private Network) A VPN is the most common and practical method for securely connecting an on-premises network (where Active Directory resides) to a public cloud environment over the internet. It creates an encrypted tunnel, ensuring that authentication traffic and other sensitive data remain confidential and integral while traversing the public network. This allows the cloud workloads to authenticate against the on-premises Active Directory securely. D. Cloud NAT gateway: A NAT (Network Address Translation) gateway allows instances in a private subnet to connect to the internet or other AWS services, but prevents the internet from initiating a connection with those instances. It’s for outbound internet access from private subnets, not for establishing a secure connection back to an on-premises network for authentication. |
| 9 | B | A retailer uses multiple cloud providers and an on-premises data center. Which cloud deployment model does this describe? A. Private: A private cloud is a cloud environment dedicated to a single organization, either on-premises or hosted by a third party. It doesn’t include the use of multiple external cloud providers in addition to on-premises. B. Hybrid A hybrid cloud deployment model combines two or more different cloud environments (e.g., public cloud, private cloud) and/or on-premises infrastructure. The key characteristic is that these distinct environments are connected, allowing data and applications to be shared and managed across them. A retailer using multiple public cloud providers and an on-premises data center perfectly fits this description. C. Public: A public cloud is offered by third-party providers over the public internet to multiple customers. While the retailer uses public clouds, the combination with multiple providers and an on-premises data center makes it a hybrid model, not just a public cloud. D. Community: A community cloud is shared by several organizations with common interests or compliance requirements. This scenario describes a single organization using various environments, not a shared one among multiple organizations. |
| 10 | B | Which of the following best describes multitenancy in cloud computing? A. A cloud service that scales based on demand: This describes elasticity or scalability, which are related benefits of cloud computing, but not the definition of multitenancy itself. B. Multiple customers sharing the same physical resources while remaining logically isolated Multitenancy is a core characteristic of public cloud computing. It means that a single instance of a software application or infrastructure (like a server, database, or network) serves multiple customers (tenants). Each tenant’s data and operations are kept separate and isolated from others, even though they are running on the same underlying physical hardware and software. C. A dedicated environment for a single tenant: This describes a single-tenant environment or a private cloud, which is the opposite of multitenancy. D. A hybrid deployment model: A hybrid deployment model combines multiple types of cloud environments (e.g., public and private). While a hybrid cloud might involve multitenancy in its public cloud component, “hybrid cloud” is a deployment model, not a description of multitenancy itself. |