Best CompTIA Network+ Cheat Sheet (Updated for N10-009 Exam)

Best CompTIA Network+ Cheat Sheet (Updated for N10-009 Exam)

You’ve made a brilliant decision aiming for the CompTIA Network+ certification. Given the deluge of information on networking and limited time to prepare for the examination, it can be frustrating to decide what aspects of Network+ are high-priority items to review.

Our CompTIA Network+ cheat sheet is handy as an overview or a refresher for this broad-based certification exam. This N10-009 cheat sheet serves as an excellent companion to our Security+ cheat sheet, which builds upon Network+, delving deeper into major networking topics than those briefly mentioned in our A+ cheat sheet.

Download a copy of this CompTIA Network+ cheat sheet here. When you’re ready, let’s dive in.

What Is CompTIA Network+ Certification

CompTIA Network+ is a vendor-neutral certification covering the fundamental knowledge and skills in essential computer networking functions over five domains. Although CCNA is more popular as an entry-level networking credential in some locations, Network+ lays the foundation for the ubiquitously in-demand Security+ cyber security certification. 

Its wide but shallow coverage is best suited for those preparing for a cyber security career who require a broad understanding of networking without the depth of a Network Engineer.

Successful candidates can explain basic data center, cloud, and virtual networking concepts, establish network connectivity by deploying wired and wireless devices, monitor and troubleshoot network performance, implement network security hardening techniques, configure common network services, and manage network documentation and infrastructure.

You’ll need to answer at most 90 questions, including both multiple-choice and performance-based, in this 90-minute examination and complete a survey after it ends. The passing score is 720 on a scale of 100–900. The exam costs $390 USD (see all pricing).

The latest exam code is N10-009. This version of the exam has been available since June 2024, and it will retire in 2027–2028. Compared with past Network+ versions, this updated exam includes a much greater overlap with Security+ topics.

Domains

Advancements in networking technologies and new threats to network security prompt updates to what constitutes a competent network administrator. Therefore, every three years, CompTIA updates the Network+ exam to highlight the most up-to-date industry needs in each focus area (Domain) of networking.

Here’s the latest breakdown of Network+ Domains:

DomainExam Weighting (%)
Networking Concepts23%
Network Implementation20%
Network Operations19%
Network Security14%
Network Troubleshooting24%

Without further ado, let’s explore each Domain and unpack the key concepts and acronyms you’ll encounter in the exam.

Networking Concepts

The following items are essential networking knowledge.

ConceptElaboration
OSI modelOpen Systems Interconnection:
1. Physical
2. Data Link
3. Network
4. Transport
5. Session
6. Presentation
7. Application
OSI model layer memory aid: Please Do Not Throw Sausage Pizza Away (alternatives)
LANLocal Area Network
SubnetShort for β€œsubnetwork,” a logical or physical subdivision of a larger network
RouterConnects β‰₯ 2 LANs to the Internet
SwitchConnect computers in LAN
FirewallSafeguards computers and networks against unauthorized access
ProxyGateway between users and Internet
NASNetwork-attached storage
SANStorage area network
APAccess point
IDSIntrusion detection system
IPSIntrusion prevention system
Load balancerDistributes traffic across servers
CDNContent Delivery Network
QoSQuality of service
TTLTime to live
Network security listSet of security rules applied to all devices on a subnet
Network security groupSet of security rules applied to a group of network devices
Internet gatewayAllows inbound and outbound connections between private subnets and public networks
Network address translation (NAT) gatewayAllows outbound connections from a private subnet to public network services while shielding it from inbound connections from outside
CloudConsiderations:
β€’ Scalability
β€’ Elasticity
β€’ Multitenancy

Deployment models:
β€’ Public
β€’ Private
β€’ Hybrid
VPNVirtual Private Network
Virtual Private Networks (VPNs)
Virtual Private Networks (VPNs)
ConceptElaboration
NFVNetwork function virtualization
VPCVirtual private cloud
SaaSSoftware as a Service
IaaSInfrastructure as a Service
PaaSPlatform as a Service
Direct ConnectYour on-premises infrastructure connects to a cloud provider’s network, bypassing the public Internet
Internet Protocol (IP)IPv4 and IPv6
Internet Control Message Protocol (ICMP)Most commonly used for ping packets
Transmission Control Protocol (TCP)Connection-oriented, SYN-ACK handshake
User Datagram Protocol (UDP)Connectionless, best-effort
IPv4 address32-bit number, consisting of four decimals from 0 to 255 separated by period (.), e.g., 192.168.1.1
IPv4 loopback/localhost127.0.0.1
Automatic Private IP Addressing (APIPA)/link-local169.254.x.x
Classless Inter-Domain Routing (CIDR)CIDR IPv4 addresses have a prefix; e.g., β€œ/24” in β€œ10.150.23.58/24” denotes a 255.255.255.0 subnet mask.
802.11 standardsFor Wi-Fi communication
802.3 standardsFor wired Ethernet networks
TransceiverCombined transmitter and receiver of signals
Form factorHardware specifications
TIA/EIA-568A1. White/green
2. Green
3. White/orange
4. Blue
5. White/blue
6. Orange
7. White/brown
8. Brown
TIA/EIA-568BSwap β€œgreen” and β€œorange” in TIA/EIA-568A
Single-mode vs. multimode(Optic fiber) Allowing one or multiple light modes to propagate
DACDirect attach copper
CoaxialF-type, BNC
BNCBayonet Neill–Concelman
Twinaxial/twinaxHas two inner conductors instead of one as in coaxial
Twisted pairRJ45, (RJ)11
(RJ)11Registered jack
STP/UTPShielded/Unshielded twisted pair
Fiber opticSC, ST, LC, FC, MT-RJ
SCSubscriber connector
STStraight tip
LCLocal connector
FCFibre Channel
Plenum-ratedFire-resistant cable; compare with riser-rated, non-plenum rated, and PVC
UTP categoryDefine speed and length of cables:
β€’ Cat 3
β€’ Cat 5
β€’ Cat 5e
β€’ Cat 6/6a
β€’ Cat 7
β€’ Cat 8
SFPSmall form-factor pluggable
QSFPQuad small form-factor pluggable
MPOMulti-fiber push on
Network topologyβ€’ Mesh
β€’ Hybrid
β€’ Star/hub-and-spoke
β€’ Spine and leaf
β€’ Point to point
Spine and Leaf Architecture
Spine and Leaf Architecture
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
Slider Image
ConceptElaboration
Three-tier hierarchical modelβ€’ Core
β€’ Distribution
β€’ Access
Collapsed coreCombine core and distribution layers
North-southTraffic moving between a private network and the outside world
East-westTraffic moving within an organization’s internal network
RFC1918IP addresses set aside for private networks
VLSMVariable Length Subnet Mask
Classless Inter-Domain Routing (CIDR)CIDR IPv4 addresses have a prefix; e.g., β€œ/24” in β€œ10.150.23.58/24” denotes a 255.255.255.0 subnet mask.
IPv4 address classesβ€’ Class A: 0.0.0.0 – 127.255.255.255
β€’ Class B: 128.0.0.0 – 191.255.255.255
β€’ Class C: 192.0.0.0 – 223.255.255.255
β€’ Class D: 224.0.0.0 – 239.255.255.255
β€’ Class E: 240.0.0.0 – 255.255.255.255
SD-WANSoftware-defined wide area network
SDNSoftware-defined networking
SD-WANSoftware-defined wide area network
IaCInfrastructure as Code
SASESecure Access Secure Edge
SSESecurity Service Edge
VXLANVirtual Extensible Local Area Network
ZTAZero trust architecture
DCIData center interconnect
GREGeneric Routing Encapsulation
IPSecInternet Protocol Security
AHAuthentication Header
ESPEncapsulating Security Payload
IKEInternet Key Exchange
Traffic typesβ€’ Unicast
β€’ Multicast
β€’ Anycast

Ports and Protocols

The following table lists the ports and protocols you must know to pass Network+.

Port number/sService nameDescription
20/21FTPFile Transfer Protocol
22SSH, SFTPSecure Shell, Secure File Transfer Protocol
23TelnetTelnet
25SMTPSimple Mail Transfer Protocol
53DNSDomain Name System
67/68DHCPDynamic Host Configuration Protocol 
69TFTPTrivial File Transfer Protocol 
80HTTPHypertext Transfer Protocol 
123NTPNetwork Time Protocol 
161/162SNMPSimple Network Management Protocol 
389LDAPLightweight Directory Access Protocol 
443HTTPSHypertext Transfer Protocol Secure 
445SMBServer Message Block 
514SyslogSyslog 
587SMTPSSimple Mail Transfer Protocol Secure 
636LDAPSLightweight Directory Access Protocol over SSL 
1433SQLBroadcast Structured Query Language (SQL) Server
3389RDPRemote Desktop Protocol
5060/5061SIPSession Initiation Protocol

The next Domain is about putting these basic concepts into practice.

Network Implementation

This Domain is all about networking hardware: routers, switches, wireless, and installation considerations.

ConceptElaboration
Static routingFix-value routing; no change at runtime unless manually edited
Dynamic routingRouters automatically adjust the paths that data packets take based on network conditions
BGPBorder Gateway Protocol
EIGRPEnhanced Interior Gateway Routing Protocol
OSPFOpen Shortest Path First
PATPort address translation
FHRPFirst Hop Redundancy Protocol
VIPVirtual IP
VLANVirtual Local Area Network
SVISwitch Virtual Interface
MTUMaximum transmission unit
SSIDService set identifier
BSSIDBasic service set identifier
ESSIDExtended service set identifier
WPA2/WPA3Wi-Fi Protected Access 2/3
Captive portalA webpage that appears upon connecting to a public Wi-Fi network, requiring action before granting full Internet access
Frequency optionsβ€’ 2.4GHz
β€’ 5GHz
β€’ 6GHz
Band steeringMaking Wi-Fi routers assign the optimal frequency band to a device based on its capabilities and network conditions
Network typesβ€’ Mesh networks
β€’ Ad hoc
β€’ Point to point
β€’ Infrastructure
PSKPre-shared key
IDFIntermediate distribution frame
MDFMain distribution frame
UPSUninterruptible power supply
PDUPower distribution unit
Port-side intakeCool air enters the switch through the side with the ports
Port-side exhaustHot air leaves the switch from the side with the ports
802.1Q taggingA standard that enables VLANs on Ethernet networks
Link aggregationCombining multiple physical network connections into a single logical link
Duplex switchingAble to transmit and receive data simultaneously or by taking turns doing so
STPSpanning Tree Protocol
Jumbo framesEthernet frames with a payload larger than the standard 1500 bytes, typically 9000 bytes

The next big task after building a network is to maintain itβ€”the scope of the next Domain.

Network Operations

Everything related to the smooth running and maintenance of computer networks is the main focus of this Domain.

ConceptElaboration
Asset inventoryA comprehensive list of all the assets belonging to or used by an organization, tangible and intangible
IPAMIP address management
SLAService-level agreement
Wireless survey/heat mapVisualization for analyzing and mapping Wi-Fi signal coverage and strength in an area
OSOperating system
EOLEnd-of-life
EOSEnd-of-support
MIBManagement information base
SIEMSecurity information and event management
SNMPSimple Network Management Protocol
High availabilityContinued operational performance with minimal downtime
Active-activeMultiple active components share the workload and can handle failures by redistributing traffic
Active-passiveRelying on a primary, active component backed up by a secondary, standby component
Tabletop exerciseDiscussion-based activity where participants simulate a disaster or emergency to test and improve plans, policies, and procedures
Validation testβ€œDoes this product do what the user needs it to do?”
DRDisaster recovery
RPORecovery point objective
RTORecovery time objective
MTTRMean time to repair
MTBFMean time between failures
BCPBusiness Continuity Plan
Cold sitePower, networking capability, and cooling; no servers or storage
Warm siteCold site plus storage hardware; still requires data transportation
Hot siteFully functional backup site with important data mirrored to it
Dynamic addressingAutomatic assignment of IP addresses to devices on a network typically using DHCP
Name resolutionConversion of human-readable domain names into the corresponding IP addresses using DNS
SLAACStateless address autoconfiguration
DNSSECDomain Name Security Extensions
NTSNetwork Time Security
PTPPrecision Time Protocol
DoHDNS over HTTPS
DoTDNS over TLS
Hosts fileMap hostnames to IP addresses using records such as A, AAAA, CNAME, etc.
AIPv4 address
AAAAIPv6 address
CNAMECanonical name
MXMail exchange
TXTText
NSNameserver
PTRPointer
ClientlessRemote users can securely access enterprise resources without traditional client software
Split tunnelPartial encryption of traffic
Full tunnelEncryption of all traffic
Jump box/hostSecure intermediary server for accessing and managing devices in a separate network
In-band managementSame network infrastructure for data traffic and management
Out-of-band managementUsing a separate, dedicated network for management
GUIGraphical user interface

A network administrator doesn’t cut the mustard if they only know how to keep a network running. The next Domain highlights the importance of keeping it secure as well.

Network Security

Maintaining the safety and security of computer networks is a vital component of being a competent professional in computer networking. This Domain doubles as an elementary introduction to cyber security.

ConceptElaboration
Data at restOn computer storage
Data in transitTraveling along cables or broadcasting wirelessly
RiskPotential for loss or damage
VulnerabilityA defect that creates an exploitable condition, making the system vulnerable to attacks
ExploitCode that takes advantage of a vulnerability in a system or software to gain unauthorized access
ThreatPotential danger that can harm your systems, data, or operations
Least privilegeOnly granting the minimum access necessary to perform actions
Honeypot/honeynetIndividual/connected devices inviting attacks to capture information
IAMIdentity and access management
MFAMultifactor authentication
SSOSingle sign-on
PKIPublic Key Infrastructure
SAMLSecurity Assertion Markup Language
CIAConfidentiality, Integrity, and Availability
RADIUSFor authentication, authorization, and accounting
TACACS+Terminal Access Controller Access Control System Plus
ICSIndustrial Control System
BYODBring Your Own Device
SCADASupervisory control and data acquisition
OTOperational technology
GDPRGeneral Data Protection Regulation
PCI DSSPayment Card Industry Data Security Standard
IoTInternet of Things
IIoTIndustrial Internet of Things
VLAN hoppingAttacker can move from one VLAN to another
Media Access Control (MAC) floodingDisplacing legitimate MAC entries, forcing data into broadcast mode
Address Resolution Protocol (ARP) poisoning/spoofingForged ARP messages to redirect traffic from the victim
DoSDenial-of-service
DDoSDistributed denial-of-service
DNS poisoningExploit known DNS vulnerabilities
DNS spoofingForged DNS data to redirect traffic to hacker
Evil twinFake Wi-Fi access point to trick people into choosing it over the genuine one
On-path attack/Man-in-the-middle (MITM) attackIntercept a two-party conversation for one’s advantage
Tools:
β€’ Ettercap
β€’ Wireshark
β€’ tcpdump
PhishingAttack by email; single target
Dumpster divingRecover information from trash
Shoulder surfingLook over someone’s shoulder, often with a recording device
TailgatingUnauthorized entity follows authorized party into secured premises
Device hardeningReducing the attack surface to secure a device
802.1XFor port-based network access control (PNAC)
MAC filteringControl network access by device MAC
NACNetwork access control
ACLAccess control list
Uniform Resource Locator (URL) filteringAllow/block website access by URL
Screened subnet (demilitarized zone, DMZ)Five components:
β€’ External network
β€’ External router
β€’ Perimeter network
β€’ Internal router
β€’ Internal network

Network Troubleshooting

Apply the six technical troubleshooting steps (same as A+) to networking problems. Familiarize yourself with common networking issues.

ConceptElaboration
On the β€œestablish theory” step in technical troubleshooting- Top-to-bottom/bottom-to-top
- OSI model
- Divide and conquer
On establishing a plan of actionIdentify the potential effects of the resolution
On documentationDocument also the lessons learned throughout the troubleshooting process
LLDPLink Layer Discovery Protocol
CDPCisco Discovery Protocol
Troubleshooting tools/protocolsSoftware tools:
β€’ Protocol analyzer
β€’ Command line
β€’ Speed tester
β€’ ping
β€’ traceroute/tracert
β€’ nslookup
β€’ tcpdump
β€’ dig
β€’ netstat
β€’ ip/ifconfig/ipconfig
β€’ arp
β€’ nmap

Hardware tools:
β€’ Toner
β€’ Cable tester
β€’ Taps
β€’ Wi-Fi analyzer
β€’ Visual fault locator

Basic networking device commands
β€’ show mac-address-table
β€’ show route
β€’ show interface
β€’ show config
β€’ show arp
β€’ show vlan
β€’ show power

CompTIA Network+ Cheat Sheet Conclusion

We hope this Network+ cheat sheet helps your learning or career journey. Check out our other articles on networking and learn how to pass Network+ on your first attempt.

To maximize your knowledge and exam preparation, take a look at our complete CompTIA Network+ Training Bundle (N10-009). For a one-time purchase, get access to 19 hours of video training, three full practice exams, over 300 flashcards, and more. Click the banner below. Or join the StationX Master’s Program for access to over 30,000 courses and labs, covering everything you need for a career in IT, Network Administration, or Cyber Security.

You can also purchase your exam voucher through StationX at a discounted price. We offer savings of up to 30% on CompTIA exam vouchers. See our voucher page for more details.

We wish you all the best on your exam!

This bundle contains:

Frequently Asked Questions

Guarantee Your Cyber Security Career with the StationX Master’s Program!

Get real work experience and a job guarantee in the StationX Master’s Program. Dive into tailored training, mentorship, and community support that accelerates your career.

  • Job Guarantee & Real Work Experience: Launch your cybersecurity career with guaranteed placement and hands-on experience within our Master’s Program.
  • 30,000+ Courses and Labs: Hands-on, comprehensive training covering all the skills you need to excel in any role in the field.
  • Pass Certification Exams: Resources and exam simulations that help you succeed with confidence.
  • Mentorship and Career Coaching: Personalized advice, resume help, and interview coaching to boost your career.
  • Community Access: Engage with a thriving community of peers and professionals for ongoing support.
  • Advanced Training for Real-World Skills: Courses and simulations designed for real job scenarios.
  • Exclusive Events and Networking: Join events and exclusive networking opportunities to expand your connections.

TAKE THE NEXT STEP IN YOUR CAREER TODAY!

  • Cassandra Lee

    Cassandra Lee is a Certified in Cybersecurity (CC) professional, freelance programmer, and former robotics operator. With a background in data science, web development, and journalism, she’s contributed to outlets like HuffPost and Ada Lovelace Day, and advocates passionately for women in STEM through writing, speaking, and mentorship. You can find Cassandra on LinkedIn and Linktree.

>

StationX Accelerator Pro

Enter your name and email below, and we’ll swiftly get you all the exciting details about our exclusive StationX Accelerator Pro Program. Stay tuned for more!

StationX Accelerator Premium

Enter your name and email below, and we’ll swiftly get you all the exciting details about our exclusive StationX Accelerator Premium Program. Stay tuned for more!

StationX Master's Program

Enter your name and email below, and we’ll swiftly get you all the exciting details about our exclusive StationX Master’s Program. Stay tuned for more!