Configuration management ensures network device configurations are controlled, documented, backed up, and consistent with intended standards. CompTIA Network+ N10-009 tests configuration backup methods, version control, and configuration drift — situations where device configurations diverge from documented standards over time. Configuration management is foundational for disaster recovery and troubleshooting.
Practice this topic
Every network device configuration should be backed up regularly and after any change. Methods: manual backup (copy running-config to TFTP/SCP server), automated tools (Rancid, OXIDIZED, SolarWinds NCM, Ansible), and cloud-based configuration management platforms. Configurations should be stored in a version control system (Git) that tracks every change — who changed what, when, and why.
Configuration comparison: regularly compare running configurations against baseline or 'golden' configurations to detect unauthorized or accidental changes. Configuration drift: configurations diverge from documented standards due to undocumented changes, troubleshooting shortcuts left in place, or manual fixes applied without formal change management.
Network automation tools eliminate manual, error-prone configuration tasks. Ansible: agentless automation — pushes configurations to devices via SSH; uses YAML playbooks. Puppet/Chef: agent-based configuration management (more common for servers than network devices). Python with Netmiko/NAPALM: scripted network configuration management. Terraform: Infrastructure as Code (IaC) for provisioning cloud and network resources.
Templates and golden configurations: standardized configurations applied to all devices of the same type — ensures consistency and reduces configuration errors. Golden config = the approved, tested, secure baseline configuration for a device type. New device deployment applies the golden config, then adds device-specific settings.
Manual configuration backup is sufficient for production networks
Manual backups are prone to being forgotten, especially during busy periods or emergencies. Automated backup tools run on schedule and after every change, ensuring configurations are always current
These questions are representative of what you will see on Network+ exams. The correct answer and explanation are shown immediately below each question.
A network administrator discovers that a switch's running configuration differs from the documented baseline. What is this condition called?
Explanation: Configuration drift occurs when a device's actual configuration diverges from the approved, documented baseline over time — often due to undocumented changes, troubleshooting entries left in place, or manual fixes applied without formal change management. Regular configuration audits compare running configs against the golden baseline to detect drift.
At minimum, back up configurations after every change. Best practice: automated backup triggered by changes (using SNMP config change traps or scheduled tools like OXIDIZED/RANCID), plus scheduled daily backups. Store backups in version control with at least 90 days of history. Test restoration from backup periodically to verify backups are usable.
Try free Configuration Management practice questions with explanations, topic links and progress tracking.