CompTIA Network+ Practice Questions: Security

9 free, exam-style CompTIA Network+ (N10-009) practice questions covering Security. Each question shows the correct answer and a clear explanation. Ready for the real thing? Take the full timed quiz below.

🚀 Take the full CompTIA Network+ quiz 📘 CompTIA Network+ study guide

Q1. What does DHCP Snooping help prevent?

Explanation: DHCP Snooping is a security feature that filters untrusted DHCP messages on the network, preventing rogue DHCP servers from assigning incorrect IP configurations and potentially intercepting network traffic. Learn more.

Q2. Which firewall type operates at Layer 7 of the OSI model?

Explanation: Proxy firewalls inspect application-layer (Layer 7) data like HTTP headers. Learn more.

Q3. What is the primary purpose of 802.1X authentication?

Explanation: 802.1X uses RADIUS servers to authenticate devices before granting network access. Learn more.

Q4. Which security concept uses deception techniques to detect attackers?

Explanation: A honeypot is a decoy system or resource designed to attract cyber attackers. By interacting with the honeypot, attackers reveal their tactics, which helps security professionals analyze threats and improve defenses. Learn more.

Q5. A network administrator wants to implement a security measure that inspects network traffic content and blocks known malware signatures. Which type of device is BEST suited for this?

Explanation: NGFWs and UTM (Unified Threat Management) devices provide advanced security features including deep packet inspection, intrusion prevention (IPS), and anti-malware capabilities, operating beyond simple packet filtering. Learn more.

Q6. A company wants to provide secure remote access for its employees to the corporate network. Which technology is commonly used for this purpose?

Explanation: A VPN (Virtual Private Network) creates an encrypted tunnel over a public network (like the internet), allowing remote users to securely access resources on the private corporate network as if they were directly connected. Learn more.

Q7. Which of the following is an example of a denial-of-service (DoS) attack?

Explanation: A DoS attack aims to make a machine or network resource unavailable to its intended users by disrupting services. A common method is to flood the target with superfluous requests, overloading its capacity. Learn more.

Q8. Which of the following is a common use case for a DMZ (Demilitarized Zone) in a network architecture?

Explanation: A DMZ is a perimeter network that exposes an organization's external-facing services to an untrusted network, usually the internet. Publicly accessible servers (e.g., web, email, DNS) are placed here, isolated from the internal LAN. Learn more.

Q9. A company is experiencing slow internet performance. A network technician checks the firewall logs and notices a very high number of connection attempts from a single external IP address to multiple ports on their web server. This is MOST likely an indication of what?

Explanation: A high number of connection attempts from a single IP to many different ports on a target server is a common pattern for port scanning, where an attacker is trying to identify open ports and services that might be vulnerable. Learn more.

More CompTIA Network+ practice topics