N10-009 · topic practice

Network Security practice questions

Use this page to practise Network Security questions for this certification. Focus on how the exam tests network security in scenario format — understanding the why behind each answer builds more durable knowledge than memorising options.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Network Security

What the exam tests

What to know about Network Security

Network Security questions on this certification test your ability to deploy and manage network security concepts in scenario-based situations.

Core Network Security concepts and how they apply in real-world cloud scenarios.

How to deploy network security correctly and verify the outcome.

Troubleshooting network security issues by interpreting error output and system state.

Cloud best practices and Network Security design trade-offs tested by this certification.

Watch out for

Common Network Security exam traps

  • Selecting the most expensive service when a simpler managed option meets the requirement.
  • Forgetting that cloud resources must be explicitly secured — defaults are rarely secure.
  • Choosing a global service fix when the issue is region-specific.
  • Overlooking cost implications of cross-region data transfer in architecture questions.

Practice set

Network Security questions

20 questions · select your answer, then reveal the explanation

A security analyst notices that an attacker is sending crafted packets with overlapping IP fragments to a target server, causing the server to crash. Which type of attack is described?

Question 2hardmultiple choice
Read the full NAT/PAT explanation →

A company wants to implement network access control that requires users to authenticate before gaining access to the network. The NAC solution uses a policy that checks for antivirus updates and OS patches. Which component enforces the policy?

A security auditor is reviewing firewall logs and notices repeated login attempts from a single external IP address to the company's SSH server. Which type of attack is likely occurring?

Question 4mediummultiple choice
Read the full Network Security explanation →

A network administrator wants to prevent unauthorized devices from connecting to the company's Ethernet ports. The company uses a centralized authentication server. Which IEEE standard should be implemented?

Question 5mediummultiple choice
Read the full Network Security explanation →

A security analyst notices that a web server is receiving a large number of ICMP echo reply packets from many different external hosts. The server did not send any echo requests. Which type of attack is most likely occurring?

A company wants to ensure that only authorized employee computers can connect to the wired network. Each computer must be authenticated before it is granted access to the network. Which technology is designed to provide this port-based authentication?

A security analyst notices that the company's web server is receiving a high volume of TCP SYN packets from a single source IP address, but the server is not completing the three-way handshake. Which type of attack is most likely occurring?

A security administrator is configuring a firewall to allow remote employees to access the company's internal web server (port 443) from the internet. The web server has an internal IP address of 10.0.0.5. The firewall has a public IP of 203.0.113.10. Which type of firewall rule should be created?

A security analyst is reviewing firewall logs and sees many incoming packets with a source IP address that matches the internal IP range of the company (10.0.0.0/8) arriving on the external interface. Which type of attack is likely being attempted?

Question 10hardmultiple choice
Read the full wireless explanation →

A security administrator is configuring a wireless network to use WPA3-Enterprise. Which authentication server protocol is required for WPA3-Enterprise?

Question 11hardmultiple choice
Read the full DHCP explanation →

A security analyst is reviewing DHCP server logs and notices that a single MAC address is sending an extremely high number of DHCP discover packets. The DHCP server is responding, but the client never sends a DHCP request. Which type of attack is most likely occurring?

Question 12mediummultiple choice
Read the full Network Security explanation →

A company is implementing 802.1X port-based authentication on its wired network to ensure only authorized devices can connect. Which of the following servers is required to authenticate users and devices?

Question 13mediummultiple choice
Read the full DHCP explanation →

A security analyst notices that the DHCP server is responding to a large number of DHCP Discover messages from a single MAC address, but that client never sends a DHCP Request to complete the lease. This pattern repeats continuously. Which type of attack is most likely occurring?

A company is implementing 802.1X port-based authentication on its wired network to control access. The network uses Active Directory for user accounts. Which type of server must be deployed to authenticate clients connecting to the switch ports?

Question 15mediummultiple choice
Read the full wireless explanation →

A company is deploying a wireless network that requires the highest level of security for client authentication. The network must use a RADIUS server. Which wireless security standard should be implemented?

A security analyst is investigating a potential breach. A network device shows logs indicating that it received packets with a source IP address belonging to the internal network range on its external (internet-facing) interface. This is a classic indication of which type of attack?

Question 17hardmultiple choice
Read the full DHCP explanation →

A security analyst is reviewing logs and finds that a single MAC address is rapidly requesting IP addresses from a DHCP server, each time with a different client ID. The DHCP server is exhausting its address pool. Which type of attack is occurring?

Question 18mediummultiple choice
Read the full Network Security explanation →

A network administrator is configuring a firewall to allow external users to securely access an internal web server. Which security technique should be used to place the web server in a separate, isolated network segment that is still accessible from the internet?

Question 19mediummultiple choice
Read the full Network Security explanation →

A network security analyst notices that the firewall is logging traffic on the external interface that has a source IP address of 10.0.1.5, which is within the internal network range. This is most likely the result of which type of attack?

An organization wants to implement a security solution that uses a cloud-based service to inspect all incoming web traffic for malware and policy violations before it reaches the internal network. This type of solution is known as a:

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Network Security sessions

Start a Network Security only practice session

Every question in these sessions is drawn from the Network Security domain — nothing else.

Related practice questions

Related N10-009 topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the N10-009 exam test about Network Security?
Network Security questions on this certification test your ability to deploy and manage network security concepts in scenario-based situations.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Network Security questions in a focused session?
Yes — the session launcher on this page draws every question from the Network Security domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other N10-009 topics?
Use the topic links above to move to related areas, or go back to the N10-009 question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the N10-009 exam covers. They are not copied from any real exam or dump site.