Network Implementations for CompTIA Network+

This page covers the Network Implementations domain of the CompTIA Network+ certification. Network Implementation Master Cybersecurity offers 136 practice questions in this domain, drawn from the same content we use across our timed exam simulations. Below are five sample questions with full answer explanations.

Sample Practice Questions

  1. Question 1

    SIMULATION - A network technician replaced an access layer switch and needs to reconfigure it to allow the connected devices to connect to the correct networks. INSTRUCTIONS - Click on the appropriate port(s) on Switch 1 and Switch 3 to verify or reconfigure the correct settings: Ensure each device accesses only its correctly associated network. Disable all unused switchports. Require fault-tolerant connections between the switches. Only make necessary changes to complete the above requirements. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

    1. Question 2

      SIMULATION - A network administrator has been tasked with configuring a network for a new corporate office. The office consists of two buildings, separated by 50 feet with no physical connectivity. The configuration must meet the following requirements: Devices in both buildings should be able to access the Internet. Security insists that all Internet traffic be inspected before entering the network. Desktops should not see traffic destined for other devices. INSTRUCTIONS - Select the appropriate network device for each location. If applicable, click on the magnifying glass next to any device which may require configuration updates and make any necessary changes. Not all devices will be used, but all locations should be filled. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

      1. Question 3

        A network administrator wants to implement an authentication process for temporary access to an organization's network. Which of the following technologies would facilitate this process?
        1. A. Captive portal
        2. B. Enterprise authentication
        3. C. Ad hoc network
        4. D. WPA3
        Explanation

        The correct answer is: A. Captive portal.

        A captive portal intercepts a user's first web request after they associate with the wireless network and redirects them to a web page where they must authenticate - typically with one-time credentials or a self-registration form - which is the standard pattern for granting temporary access to visitors and short-term users. Enterprise authentication (B) ties access to a long-lived directory account and is heavier infrastructure than the temporary-access scenario warrants. An ad hoc network (C) is a peer-to-peer wireless mode for end devices and is not a controlled-access portal. WPA3 (D) is a wireless security protocol that secures the air interface, not an authentication portal for temporary users. The captive portal is the listed technology that fits temporary access.

      2. Question 4

        A network administrator is configuring a new switch and wants to connect two ports to the core switch to ensure redundancy. Which of the following configurations would meet this requirement?
        1. A. Full duplex
        2. B. 802.1Q tagging
        3. C. Native VLAN
        4. D. Link aggregation
        Explanation

        The correct answer is: D. Link aggregation.

        Link aggregation (LACP/EtherChannel) combines two physical ports between the new switch and the core switch into a single logical link, providing redundancy because the bundle survives any single link failure - and Spanning Tree treats the bundle as one link, so the configuration is loop-free without further effort. Full duplex (A) lets a single port transmit and receive simultaneously and does not provide redundancy across multiple ports. 802.1Q tagging (B) is a VLAN-trunking mechanism for carrying multiple VLANs on a link; it is not, by itself, a redundancy mechanism. Native VLAN (C) is a trunking concept for the untagged VLAN on a tagged trunk and likewise does not deliver redundancy. Link aggregation is the configuration that uses two ports for redundancy without creating a loop.

      3. Question 5

        Which of the following is a cost-effective advantage of a split-tunnel VPN?
        1. A. Web traffic is filtered through a web filler.
        2. B. More bandwidth is required on the company's internet connection.
        3. C. Monitoring detects insecure machines on the company's network.
        4. D. Cloud-based traffic flows outside of the company's network.
        Explanation

        The correct answer is: D. Cloud-based traffic flows outside of the company's network..

        The cost-effective advantage of a split-tunnel VPN is that traffic destined for cloud services and the public internet flows directly from the user's endpoint to the destination - outside the company's network - which reduces the bandwidth load (and therefore the cost) on the company's internet egress and VPN concentrator. Web traffic filtered through a web filter (A) is something a full tunnel typically enables (so corporate filters can inspect the user's web traffic) - the opposite of a split-tunnel benefit. More bandwidth required on the company's internet (B) is the cost of a full tunnel rather than a benefit of a split tunnel. Monitoring detects insecure machines on the company's network (C) is again a full-tunnel benefit, since split-tunnel traffic to the internet bypasses the company's monitoring. Cloud traffic flowing outside the company's network is the cost-effective benefit of split-tunneling.

      Other CompTIA Network+ domains

      Practice all 136 Network Implementations questions · Browse CompTIA Network+