Back to CompTIA Network+ N10-009 questions

Scenario-based practice

Hard Difficulty Questions

Practise CompTIA Network+ N10-009 practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

20
scenario questions
N10-009
exam code
CompTIA
vendor

Scenario guide

How to approach hard difficulty questions

These are the questions most candidates get wrong. They require connecting multiple concepts, reading tricky output, or knowing edge-case behaviour that isn't on most study cards. Practising them trains you to operate under uncertainty — a necessary skill on the real exam.

Quick answer

Hard Difficulty Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related N10-009 topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1hardmultiple choice
Read the full VPN explanation →

A network engineer has successfully established an IPsec site-to-site VPN tunnel between a branch office (10.0.1.0/24) and the main office (192.168.1.0/24). The tunnel status shows as active, and both sides can ping each other's tunnel interface IP addresses. However, users at the branch office cannot ping the main office server at 192.168.1.10, and the main office cannot ping the branch office server at 10.0.1.10. The firewall rules on both sides permit IPsec traffic and all internal traffic. What should the engineer check NEXT?

Question 2hardmultiple choice
Read the full DNS explanation →

A user reports intermittent inability to access websites. When the issue occurs, the user can ping external IP addresses (e.g., 8.8.8.8) but cannot ping domain names like google.com. The user's IP configuration shows a DNS server address of 8.8.8.8. What is the most likely cause?

Question 3hardmultiple choice
Review the full OSPF breakdown →

A network administrator is configuring OSPF on routers in a multi-area network. The administrator wants to ensure that a router in area 1 does not learn external routes (Type 5 LSAs) injected by an ASBR in area 0, but it must still learn inter-area routes (Type 3 LSAs). The administrator wants to reduce the routing table size. Which OSPF area type should be configured for area 1?

Question 4hardmultiple choice
Open the full BGP breakdown →

A network administrator is configuring BGP between two autonomous systems. Which BGP attribute is primarily used to influence inbound traffic to a particular AS?

Question 5hardmultiple choice
Full question →

A network administrator is configuring a monitoring system to collect metrics from network devices. The administrator needs to ensure that the monitoring system can automatically discover the devices and obtain detailed information about their configuration and status, such as interface descriptions and software versions. Which protocol is best suited for this purpose?

Question 6hardmultiple choice
Full question →

A network administrator wants to ensure that a critical file server is always reachable via a single IP address, even if the server's NIC fails. The server has a single NIC. Which technique should be used to provide high availability for this IP address?

A network administrator must monitor network devices using SNMP. The security policy mandates strong encryption for both authentication and data integrity. Which SNMP version and security level should be implemented?

Question 8hardmultiple choice
Study the full AAA explanation →

A network security administrator is configuring authentication for network devices and wants to use a protocol that supports separate encryption of the entire authentication packet. Which of the following protocols is designed to encrypt the entire authentication packet and is commonly used with AAA services?

Question 9hardmultiple choice
Full question →

A security analyst discovers that an attacker is sending large numbers of incomplete TCP connection requests to a server, causing the server to run out of resources and stop responding to legitimate requests. Which type of attack is this, and which mitigation should be implemented?

Question 10hardmultiple choice
Full question →

A network technician is troubleshooting an intermittent connectivity issue between two switches connected via fiber optic cable. The link status shows up/down flapping. The technician checks the optical power levels and finds they are within acceptable range. Which of the following is the most likely cause?

Question 11hardmultiple choice
Full question →

A security administrator is configuring a firewall to allow remote employees to access the company's internal web server (port 443) from the internet. The web server has an internal IP address of 10.0.0.5. The firewall has a public IP of 203.0.113.10. Which type of firewall rule should be created?

Question 12hardmultiple choice
Read the full DNS explanation →

A security analyst notices that a user's workstation is sending encrypted DNS queries to an external IP address over TCP port 853. This traffic is being used to establish a covert communication channel to bypass the company's security controls. Which technique is being employed?

Question 13hardmultiple choice
Read the full VPN explanation →

A user at a branch office reports that they cannot connect to a file server at the main office. The branch office connects to the main office via a site-to-site VPN, and the VPN tunnel shows as active. The user can ping the main office's default gateway but not the file server. Which of the following should the technician check NEXT?

Question 14hardmultiple choice
Open the full VLAN trunking answer →

A user on VLAN 10 reports that they cannot access a file server on VLAN 20. The user can ping the default gateway (interface on the router) and other devices within VLAN 10. The router has an 'ip helper-address' for DHCP but no static routes or dynamic routing configured for inter-VLAN routing. The file server is correctly configured with an IP address in VLAN 20. What is the most likely cause of the communication failure?

Question 15hardmultiple choice
Study the full IPv6 explanation →

An IPv6 address has the prefix 2001:db8::/32. Which of the following IP addresses belongs to the same prefix?

Question 16hardmultiple choice
Open the full VLAN trunking answer →

Users on a VLAN report intermittent network disconnections lasting a few seconds. The network technician checks the switch and notices a high number of CRC errors on the port connecting to the core switch. The cable test passes. What is the most likely cause?

Question 17hardmultiple choice
Full question →

A company wants to ensure that only authorized users can access the internal network by requiring both a password and a one-time code from a mobile app. This is an example of:

An NOC technician observes that the CPU usage on a core switch has been consistently above 90% for the past hour. Which SNMP operation should the technician use to monitor the CPU load over time with minimal network overhead?

Question 19hardmultiple choice
Read the full VPN explanation →

A security engineer is configuring a site-to-site VPN between two branch offices. The requirement is to encrypt all traffic between the two networks using IPsec. Which IPsec mode should be used to encrypt the entire IP packet including the original header?

Question 20hardmultiple choice
Study the full IPv6 explanation →

An engineer is configuring a network and needs to understand the default behavior of an IPv6 node. When an IPv6 interface is initialized, which type of address is automatically assigned without any configuration server?

These N10-009 practice questions are part of Courseiva's free CompTIA certification practice question bank. Courseiva provides original exam-style N10-009 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.