CompTIA Network+ (N10-009) Study Guide — Subnetting, OSI, and What Actually Wins
Network+ is the cert that makes everything else easier. Master subnetting, the OSI model, and routing fundamentals — here's a 5-week plan plus the topics CompTIA loves to ambush candidates with.
If you can only afford the time and money for one networking certification, make it Network+. It's the cert that translates directly into job titles (NOC tech, junior network admin, field engineer), the one that makes Security+ feel half as hard, and the one that's universally recognized regardless of vendor stack. The current exam is N10-009, which replaced N10-008 in mid-2024.
This guide breaks down what's tested, what gets candidates stuck, and the fastest path through it.
Exam structure
- 90 questions in 90 minutes
- Multiple choice plus performance-based questions (PBQs)
- Passing score: 720 / 900
- Five domains, weighted as follows:
| Domain | Weight |
|---|---|
| 1. Networking Concepts | 23% |
| 2. Network Implementation | 20% |
| 3. Network Operations | 19% |
| 4. Network Security | 14% |
| 5. Network Troubleshooting | 24% |
Notice that troubleshooting is the heaviest domain — same pattern as A+ and Security+. CompTIA exams are scenario-heavy by design.
Subnetting: the make-or-break skill
Subnetting is the single skill that separates Network+ passers from Network+ failures. You will see between 6 and 12 subnetting questions on the exam, and several of them will be PBQs that drop you into a fill-in-the-blank network plan.
You need to be able to do all of the following without a calculator, in under 60 seconds each:
- Convert any CIDR notation to a subnet mask and back. /24 = 255.255.255.0, /26 = 255.255.255.192, /30 = 255.255.255.252.
- Calculate the number of usable hosts. /26 has 62 usable hosts (64 − 2).
- Identify the network address, broadcast address, and first/last usable IP for any given IP/CIDR.
- Subnet a /24 into 8 equal /27 subnets and list the network addresses.
- VLSM — variable-length subnet masking. Given "I need 50 hosts, 25 hosts, and 10 hosts on three subnets out of 192.168.1.0/24," carve them out efficiently.
The trick that gets you there: memorize the powers of 2 up to 8 (2, 4, 8, 16, 32, 64, 128, 256) and the corresponding mask octet values (255 minus the count, e.g., 256−4 = 252). Practice 10 subnetting problems a day for two weeks and you'll never miss one again.
The OSI model — and how the exam uses it
You'll memorize the seven layers (Physical, Data Link, Network, Transport, Session, Presentation, Application) the first day and still get tested on them weekly. The exam doesn't ask "what is layer 4?" It asks: "A user reports the application opens but doesn't show data. The server is responding. Which layer is the most likely cause?"
Build a table that maps each layer to:
- Devices — hub at L1, switch at L2, router at L3, load balancer at L4–L7, firewall at L3 or L7 depending on type.
- Protocols — Ethernet at L2, IP at L3, TCP/UDP at L4, TLS at L5/L6, HTTP/DNS/SSH at L7.
- Failure modes — cable broken (L1), switch loop (L2), routing loop or wrong gateway (L3), port blocked (L4), session timeout (L5).
When a PBQ asks you to "drag the troubleshooting step to the correct OSI layer," the table is your cheat code.
Routing protocols and what to actually know
CompTIA tests routing protocols at a conceptual level — they don't expect you to configure OSPF on a real router. You need to know:
- Distance vector vs link state — RIP (DV, hop count, max 15) vs OSPF (LS, cost, fast convergence).
- Interior vs exterior — OSPF is interior; BGP is exterior, used between autonomous systems.
- EIGRP — Cisco-proprietary, advanced distance-vector with link-state characteristics.
- Administrative distance — directly connected (0), static (1), EIGRP (90), OSPF (110), RIP (120). The lower the AD, the more trusted the route.
- Convergence — how fast the network agrees on a topology. OSPF and EIGRP fast, RIP slow.
Network security topics that surprise candidates
Security is "only" 14% of the exam, but the questions are scenario-heavy and many candidates miss them. Lock down:
- Authentication protocols — RADIUS (UDP 1812/1813), TACACS+ (TCP 49), Kerberos (TCP/UDP 88), LDAP (TCP 389) and LDAPS (TCP 636).
- Network attacks — ARP poisoning, MAC flooding, DHCP starvation, rogue AP, evil twin, on-path / MITM, DDoS variants.
- Mitigations — port security, DHCP snooping, dynamic ARP inspection, 802.1X, NAC, segmentation.
- VPN types — site-to-site vs remote access; IPsec (tunnel vs transport mode), SSL/TLS VPN.
- Firewall types — stateless, stateful, next-gen (NGFW), WAF, UTM. Know what each layer 4 vs 7 actually means in firewall context.
A 5-week plan
Assumes ~10 hours/week. Add a week if you've never touched a network before; subtract one if you have A+ already.
Week 1: Concepts + cabling
OSI model, TCP/IP model, ports/protocols, physical media (Cat 5e/6/6a, fiber single-mode vs multimode, connectors). Build flashcards for every port number on the official objectives.
Week 2: IP addressing + subnetting (the heavy week)
IPv4 classes (legacy but still tested), CIDR, private RFC 1918 ranges, APIPA, IPv6 (link-local, unique local, global unicast — and abbreviation rules). Daily subnetting practice — at least 10 problems. By Friday you should be doing /28 subnetting in your head.
Week 3: Network implementation
Switching (VLANs, trunking, STP, port aggregation), routing protocols, wireless (802.11 standards, channels, MIMO, MU-MIMO), basic Wi-Fi survey concepts. PBQ practice on routing tables.
Week 4: Operations + security
Documentation, change management, monitoring (SNMP, NetFlow, syslog), high availability (load balancing, failover, clustering), security topics from the section above.
Week 5: Troubleshooting + practice exams
Drill the seven-step CompTIA troubleshooting method. Take two full-length practice exams under timed conditions. Review every wrong answer. Book the real exam when you score 80%+ on a practice.
Pitfalls
- Underestimating subnetting. It's not optional. If you can't do it in your head, you will fail.
- Confusing TCP and UDP ports. DNS uses both — UDP 53 for queries, TCP 53 for zone transfers. RADIUS is UDP. TACACS+ is TCP. Memorize.
- Skipping IPv6. It's only ~5% of the exam but it's high-yield because most candidates skip it.
- Treating Wi-Fi as an afterthought. N10-009 increased the wireless content. Channels, bands, encryption (WPA2 vs WPA3), and survey concepts all show up.
After Network+
The natural progressions:
- Security path → CompTIA Security+. Combined with A+ and Network+ this is the "CompTIA trifecta."
- Cisco path → CCNA. Real router/switch CLI, harder than Network+ but vendor-specific and recognized by network-team hiring managers.
- Cloud path → AWS Cloud Practitioner or Solutions Architect Associate. Network+ makes both noticeably easier.
- Sysadmin path → Linux+ or RHCSA. Knowing how networks behave from the kernel up is rare and valuable.
Frequently asked questions
Network+ or CCNA — which should I take first?
Network+ first if you don't already work in networking. It's vendor-neutral, broader, and cheaper. CCNA is the deep dive that makes sense once you're sure networking is your career.
Is Network+ harder than Security+?
Different hard. Network+ has more concrete, calculate-the-answer content (subnetting, AD values, port numbers). Security+ has more conceptual, scenario-judgment content. People who like math tend to find Network+ easier; people who like reasoning tend to find Security+ easier.
How much does Network+ cost in 2026?
The voucher is around $369 USD from CompTIA. Bundled training packages or academic discounts can drop it to ~$300.
Does Network+ require A+?
No, but A+ helps. CompTIA recommends 9–12 months of networking experience before Network+, but the exam can be passed by self-study without that.
How long is Network+ valid?
Three years from the day you pass. You can renew with continuing education units (CEUs), by passing a higher CompTIA cert (Security+, CySA+, etc.), or by re-taking the latest version.
Test where you stand. Run a free trial on CompTIA Network+ — the first 30 questions are on the house.