- A
Ensure the native VLAN is the same on both switches
Why wrong: A native VLAN mismatch would cause issues with untagged traffic, but it would not selectively block a single VLAN.
- B
Verify that VLAN 30 is included in the allowed VLAN list on both switches
Trunk ports can have a configured list of allowed VLANs. If VLAN 30 is not permitted, its traffic will not pass.
- C
Check the trunk encapsulation type on both switches
Why wrong: Trunk encapsulation is usually fixed to 802.1Q; a mismatch is rare and would affect all VLAN traffic, not just one.
- D
Confirm that port security is not enabled on the trunk interfaces
Why wrong: Port security filters by MAC address, not by VLAN, and would not explain why only VLAN 30 is blocked.
Quick Answer
The correct answer is to verify that VLAN 30 is included in the allowed VLAN list on both switches. This is because a trunk link can be operational for some VLANs while blocking others if the allowed VLAN list has been manually restricted; by default, a trunk permits all VLANs, but once an administrator configures an allowed list, any omitted VLAN is denied traffic. On the CompTIA Network+ N10-009 exam, this scenario tests your understanding of trunk configuration and the common oversight of forgetting to add a newly created VLAN to the allowed list—a frequent trap where candidates assume a working trunk automatically passes all VLANs. Remember that the "allowed VLAN" list acts as a whitelist, not a blacklist, so if VLAN 30 isn't explicitly permitted, it’s blocked. A useful memory tip is "If it’s not allowed, it’s disallowed."
N10-009 Network Implementation Practice Question
This N10-009 practice question tests your understanding of network implementation. The scenario asks you to isolate a root cause — eliminate options that address a different problem before choosing. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.
A network administrator is configuring a trunk link between two switches. The link is up, but devices on VLAN 30 cannot communicate across the trunk. Devices on VLAN 10 and 20 can communicate. What should the administrator verify?
Answer choices
Why each option matters
Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.
Correct answer & explanation
Verify that VLAN 30 is included in the allowed VLAN list on both switches
The trunk link is operational for VLANs 10 and 20 but not for VLAN 30, which indicates that VLAN 30 is likely not permitted on the trunk. By default, a trunk allows all VLANs, but if an administrator has manually configured an allowed VLAN list, VLAN 30 may have been omitted. Verifying that VLAN 30 is included in the allowed VLAN list on both switches will resolve the issue.
Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Answer analysis
Option-by-option breakdown
For each option: why learners choose it and why it is or isn't the right answer here.
- ✗
Ensure the native VLAN is the same on both switches
Why it's wrong here
A native VLAN mismatch would cause issues with untagged traffic, but it would not selectively block a single VLAN.
- ✓
Verify that VLAN 30 is included in the allowed VLAN list on both switches
- ✗
Check the trunk encapsulation type on both switches
- ✗
Confirm that port security is not enabled on the trunk interfaces
Why it's wrong here
Port security filters by MAC address, not by VLAN, and would not explain why only VLAN 30 is blocked.
Common exam traps
Common exam trap: answer the scenario, not the keyword
The trap here is that candidates often confuse native VLAN mismatch (which causes spanning-tree or BPDU issues) with a missing allowed VLAN, or they assume encapsulation must be checked even though the trunk is already operational for other VLANs.
Detailed technical explanation
How to think about this question
On Cisco switches, the 'switchport trunk allowed vlan' command controls which VLANs are permitted to traverse the trunk. If VLAN 30 is not in the allowed list, frames from that VLAN are dropped at the egress port. A common real-world scenario is when a new VLAN is added to the network but the trunk configuration is not updated, causing connectivity failures only for that specific VLAN.
KKey Concepts to Remember
- Read the scenario before looking for a memorised answer.
- Find the constraint that changes the correct option.
- Eliminate answers that are true in general but not in this case.
TExam Day Tips
- Watch for words such as best, first, most likely and least administrative effort.
- Review why wrong options are wrong, not only why the correct option is correct.
Key takeaway
Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Real-world example
How this comes up in practice
A help-desk technician troubleshoots why a newly connected PC cannot reach shared printers on the same floor. The cable is good, the switch port is active, but the PC is in VLAN 20 and the printers are in VLAN 10. The uplink trunk only allows VLAN 10. A trunk being up does not mean every VLAN crosses it.
What to study next
Got this wrong? Here's your next step.
Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.
- →
Network Implementation — study guide chapter
Learn the concepts, then practise the questions
- →
Network Implementation practice questions
Targeted practice on this topic area only
- →
All N10-009 questions
520 questions across all exam domains
- →
CompTIA Network+ N10-009 study guide
Full concept coverage aligned to exam objectives
- →
N10-009 practice test guide
How to use practice tests most effectively before exam day
Related practice questions
Related N10-009 practice-question pages
Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.
Networking Concepts practice questions
Practise N10-009 questions linked to Networking Concepts.
Network Implementation practice questions
Practise N10-009 questions linked to Network Implementation.
Network Operations practice questions
Practise N10-009 questions linked to Network Operations.
Network Security practice questions
Practise N10-009 questions linked to Network Security.
Network Troubleshooting practice questions
Practise N10-009 questions linked to Network Troubleshooting.
Network+ network fundamentals practice questions
Practise N10-009 questions linked to Network+ network fundamentals.
Practice this exam
Start a free N10-009 practice session
Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.
FAQ
Questions learners often ask
What does this N10-009 question test?
Network Implementation — This question tests Network Implementation — Read the scenario before looking for a memorised answer..
What is the correct answer to this question?
The correct answer is: Verify that VLAN 30 is included in the allowed VLAN list on both switches — The trunk link is operational for VLANs 10 and 20 but not for VLAN 30, which indicates that VLAN 30 is likely not permitted on the trunk. By default, a trunk allows all VLANs, but if an administrator has manually configured an allowed VLAN list, VLAN 30 may have been omitted. Verifying that VLAN 30 is included in the allowed VLAN list on both switches will resolve the issue.
What should I do if I get this N10-009 question wrong?
Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.
What is the key concept behind this question?
Read the scenario before looking for a memorised answer.
About these practice questions
Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →
Same concept, more angles
2 more ways this is tested on N10-009
These questions test the same concept from different angles. Work through them to make sure you can recognise it however the exam phrases it.
Variation 1. A network administrator configures VLAN 10 (Sales) and VLAN 20 (Engineering) on a switch. The switch is connected to a router via a trunk interface for inter-VLAN routing. Users in VLAN 10 can reach the router and external networks, but users in VLAN 20 cannot communicate outside their VLAN. The router's subinterface for VLAN 20 is configured correctly with an IP address and encapsulation dot1Q 20. What is the MOST likely cause of the issue?
medium- A.A: The switchport mode for VLAN 20 is set to access
- ✓ B.B: VLAN 20 is not allowed on the trunk
- C.C: The router needs to be rebooted to apply the subinterface configuration
- D.D: The native VLAN on the trunk is misconfigured
Why B: The router's subinterface for VLAN 20 is correctly configured, so the issue lies on the switch side. If VLAN 20 is not explicitly allowed on the trunk interface connecting the switch to the router, frames from VLAN 20 will be dropped by the switch, preventing inter-VLAN routing. The default trunk allowed VLAN list often includes only VLAN 1, so VLAN 20 must be added with the 'switchport trunk allowed vlan add 20' command.
Variation 2. A network administrator connects two switches with a trunk link that is configured to allow all VLANs. Workstations in VLAN 10 can communicate across the switches, but workstations in VLAN 20 cannot. Both VLANs are configured on the first switch. What is the most likely cause of the issue?
medium- A.The native VLAN is mismatched on the two switches.
- ✓ B.VLAN 20 is not created on the second switch.
- C.The trunk uses ISL instead of 802.1Q.
- D.The default gateway is missing for VLAN 20.
Why B: VLAN 20 is configured on the first switch but not on the second switch. Even though the trunk link allows all VLANs, the second switch must have VLAN 20 created in its VLAN database for traffic to be forwarded. Without the VLAN existing on the second switch, frames tagged for VLAN 20 are dropped at the receiving switch because there is no corresponding VLAN interface or forwarding table entry.
Keep practising
More N10-009 practice questions
- Which layer of the OSI model is responsible for logical addressing and routing of packets between networks?
- Users in VLAN 10 cannot obtain IP addresses from a DHCP server located in VLAN 20. The router has an ip helper-address c…
- Which of the following is a characteristic of a Layer 2 network switch?
- Which of the following network devices operates primarily at Layer 2 of the OSI model and uses MAC addresses to forward…
- Which of the following is a characteristic of UDP when compared to TCP?
- Which of the following IPv6 addresses is a valid link-local address?
Last reviewed: Jun 11, 2026
This N10-009 practice question is part of Courseiva's free CompTIA certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the N10-009 exam.
Question Discussion
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
Sign in to join the discussion.