If you are studying Network+ in 2026, you are studying the N10-009 blueprint — not the older N10-008. The two are similar in scope but N10-009 added meaningful coverage of Zero Trust, SD-WAN and SASE, IPv6 in practice (not just theory), Wi-Fi 6 and 6E, and cloud networking patterns. If your study materials predate June 2024, replace them or you will study for the wrong test.
This is an 8-week plan built from 500 questions in Certsly's N10-009 bank, calibrated to the published domain weights. It works for someone with basic IT or help-desk experience and zero formal networking background. If you already score 60 to 70 percent on Network+ practice tests, you can compress this plan to 4 to 5 weeks.
Why Network+ matters in 2026
Cloud networking did not kill the on-prem network — it made it more complex. Every mid-sized company in 2026 runs a hybrid environment: some workloads in AWS or Azure or GCP, some in a colocation data centre, an office network with Wi-Fi 6, several SaaS apps reached over zero-trust network access. Whoever runs that environment needs to know subnetting, VLANs, routing, firewalls, and the security primitives that knit it together.
Network+ is the credential that says you understand all of that at a vendor-neutral level. Cisco, Juniper, Aruba, and Palo Alto all certify their own kit, but their certs do not transfer cleanly between vendors. Network+ tests the underlying concepts — the things that are true regardless of whose box is in the rack. For hiring managers screening junior network or SOC engineers, Network+ is one of the most reliable resume signals because it is not gamed by easy multiple-choice cram courses (the performance-based questions weed out memorisers).
A second reason: Network+ is a stated prerequisite or “strongly preferred” for most Tier 1 NOC, help desk, and junior security analyst roles in the US, UK, and EU job markets. If you are applying for those roles without a vendor cert, Network+ is the cheapest credential that gets your resume past the first filter.
What N10-009 actually tests
Five domains. CompTIA publishes the weights as percentages of total scored questions:
| # | Domain | Weight | ~Questions |
|---|---|---|---|
| 1 | Networking Concepts | 23% | 21 |
| 2 | Network Implementation | 19% | 17 |
| 3 | Network Operations | 17% | 15 |
| 4 | Network Security | 20% | 18 |
| 5 | Network Troubleshooting | 21% | 19 |
The exam mixes multiple-choice with performance-based questions (PBQs) — interactive simulations where you drag cables to ports, label network diagrams, or troubleshoot a console. Most candidates see 3 to 6 PBQs and they consume disproportionate time (5 to 8 minutes each). Budget for that.
What is new in N10-009 vs N10-008
If you bought N10-008 study materials, here is what to update:
- Zero Trust networking — was a footnote in N10-008, now a full sub-objective. Expect questions on micro-segmentation, identity-based access, and the “never trust, always verify” principle.
- SD-WAN and SASE — explicit objectives now. Know the difference between SD-WAN (a network architecture) and SASE (network + security as a converged cloud service).
- Wi-Fi 6 and 6E — N10-008 stopped at Wi-Fi 5. N10-009 expects you to know 802.11ax features (OFDMA, target wake time, BSS colouring, the 6 GHz band).
- IPv6 in practice — not just “what is IPv6”, now scenario-based (“Which IPv6 address type is used for...?”).
- Cloud networking — VPC concepts, hybrid cloud connectivity (Direct Connect, ExpressRoute, Cloud Interconnect), cloud-native firewalls.
- Infrastructure as Code basics — Terraform and Ansible at a recognition level. You do not need to write code, you do need to know what they do.
Domain 1 — Networking Concepts (23%)
Foundations. If you skim this you will fail Domains 2 and 5 too.
What gets tested:
- OSI model layers 1 to 7 (memorise protocols at each layer, especially L3 to L7)
- TCP vs UDP, common port numbers (memorise these cold: 20/21 FTP, 22 SSH, 23 Telnet, 25 SMTP, 53 DNS, 67/68 DHCP, 69 TFTP, 80 HTTP, 110 POP3, 123 NTP, 143 IMAP, 161/162 SNMP, 389 LDAP, 443 HTTPS, 445 SMB, 514 Syslog, 636 LDAPS, 989/990 FTPS, 993 IMAPS, 3389 RDP)
- IPv4 subnetting — the single most-tested skill on the exam. Practice CIDR notation, subnet masks, broadcast addresses, usable host counts
- IPv6 address types: unicast (global, link-local fe80::/10, unique local fc00::/7), multicast, anycast
- Network topologies: star, mesh, hybrid, hub-and-spoke
- Cloud service models (IaaS, PaaS, SaaS) and cloud deployment models (public, private, hybrid, community)
Trap pattern we see most: subnetting questions where the obvious math gives a wrong answer because they are asking for usable hosts (subtract 2: network address + broadcast), not total addresses in the subnet. Always re-read the question for “usable” vs “total.” A /24 has 256 total addresses but 254 usable hosts.
Domain 2 — Network Implementation (19%)
Hands-on configuration concepts.
What gets tested:
- Routing: static vs dynamic, OSPF basics, EIGRP (still on the exam despite Cisco-only status), BGP basics for site-to-site connections
- Switching: VLANs (data, voice, management), 802.1Q tagging, native VLAN, trunk vs access ports
- Spanning Tree Protocol (STP, RSTP), root bridge election, port states
- Wireless deployment: standalone APs vs lightweight + wireless LAN controller (WLC), 2.4 vs 5 vs 6 GHz characteristics, channel widths
- Power over Ethernet: PoE / PoE+ / PoE++ wattage tiers (15.4W / 30W / 60W / 100W)
- Cable types: Cat5e, Cat6, Cat6a, Cat8 — bandwidth and distance limits, single-mode vs multi-mode fibre
Trap pattern: Cat6 vs Cat6a confusion. Cat6 supports 10 Gbps but only at 55 metres (full 100 metres is 1 Gbps). Cat6a supports 10 Gbps at the full 100 metres. The exam loves this distinction and will give you a scenario with a cable run that is “just over 55 metres” to test whether you reach for Cat6 (wrong) or Cat6a (right).
Domain 3 — Network Operations (17%)
How you run a network day-to-day.
What gets tested:
- Documentation: physical diagrams, logical diagrams, IP address management (IPAM), asset inventory, rack diagrams
- Disaster recovery: RTO vs RPO, cold/warm/hot sites, backup types (full, incremental, differential), 3-2-1 backup rule
- High availability: load balancing, NIC teaming, port aggregation (LACP), VRRP/HSRP
- Monitoring: SNMP versions, NetFlow vs sFlow, syslog severity levels (0 emergency through 7 debug)
- Change management process and rollback procedures
- Capacity planning and bandwidth management (QoS basics)
Trap pattern: RTO vs RPO swapping. RTO is the Recovery Time Objective (how long to be back online). RPO is the Recovery Point Objective (how much data loss is acceptable). If the question is about data, it is RPO. If it is about time, it is RTO. The exam will deliberately mix these up to test which you reach for first.
Domain 4 — Network Security (20%)
Heavy weight, and the new Zero Trust content lives here.
What gets tested:
- Authentication: 802.1X with RADIUS, EAP variants (EAP-TLS, PEAP, EAP-FAST), multi-factor authentication factors
- Zero Trust principles: continuous verification, least privilege, micro-segmentation, identity-based access
- Firewall types: stateless, stateful, next-generation (NGFW), web application firewall (WAF), and what each can and cannot inspect
- VPN types: site-to-site, remote-access, full tunnel vs split tunnel, IPsec vs SSL/TLS VPN
- Common attacks: ARP spoofing, MAC flooding, VLAN hopping, on-path (formerly MITM), DNS poisoning, DDoS, ransomware
- Network hardening: port security, DHCP snooping, dynamic ARP inspection (DAI), 802.1X port-based authentication, disabling unused services
Trap pattern: “MITM” is no longer on the exam — CompTIA replaced it with “on-path attack.” If you see MITM as an option, it is a distractor. CompTIA also retired terms like “whitelist/blacklist” in favour of “allow list/deny list.” Use the new terminology.
Domain 5 — Network Troubleshooting (21%)
The PBQ-heavy domain. Methodology matters as much as technical knowledge.
What gets tested:
- The 7-step CompTIA troubleshooting methodology — you must memorise the order
- Command-line tools (Windows and Linux):
ping,traceroute/tracert,ipconfig/ifconfig/ip a,nslookup/dig,netstat/ss,arp,route,nmap,tcpdump, Wireshark - Cable testing tools: cable tester, tone generator + probe, OTDR (fibre), TDR (copper), loopback adapter
- Common issues: bad cable, mismatched duplex, MTU mismatch, broadcast storm, IP address conflict, duplicate MAC
- Wireless troubleshooting: signal strength, interference, channel overlap (2.4 GHz: stay on channels 1, 6, 11), capacity vs coverage
Trap pattern: PBQs that ask you to drag-and-drop the troubleshooting steps in CompTIA's official order. Memorise this exact order:
- Identify the problem
- Establish a theory of probable cause
- Test the theory
- Establish a plan of action
- Implement the solution or escalate
- Verify full system functionality and implement preventive measures
- Document findings, actions, and lessons learned
The exam will dock you if you swap steps 5 and 6 or if you put “document findings” anywhere other than step 7.
Sample question walkthrough
Sample Question (Domain 1 — Subnetting)
A small office uses the network 192.168.50.0/26. How many usable host addresses does this subnet support, and what is the broadcast address?
- 64 usable hosts; broadcast 192.168.50.64
- 62 usable hosts; broadcast 192.168.50.63
- 30 usable hosts; broadcast 192.168.50.31
- 254 usable hosts; broadcast 192.168.50.255
Answer: B. A /26 has 6 host bits (32 − 26 = 6), giving 26 = 64 total addresses. Subtract 2 for network (192.168.50.0) and broadcast (192.168.50.63) and you have 62 usable hosts. A is wrong because it forgot to subtract 2. C is for /27 (32 host addresses). D is for /24 (256 total, 254 usable).
Notice the trap: option A gives you the total host count without subtracting the network and broadcast addresses. Subnetting questions reward speed and precision; train them with timed drills until you can answer this kind of question in under 45 seconds.
Network+ vs CCNA — which to do first?
CCNA (Cisco Certified Network Associate) is harder, deeper, and Cisco-specific. Network+ is vendor-neutral and broader but shallower per topic. Practical guidance:
- Do Network+ first if this is your first networking certification or you have no Cisco lab access. Network+ teaches the concepts you will need for CCNA at a less punishing pace.
- Skip Network+ and go directly to CCNA only if you have hands-on Cisco IOS experience or a structured Cisco lab. CCNA carries more weight on resumes for network engineering roles but it is a much bigger commitment (6 to 12 months of study, $300 exam, two-thirds of the test is hands-on lab simulations).
- Network+ is also a better path to security because Security+ shares more conceptual overlap with Network+ than with CCNA.
8-week study plan
| Week | Focus | Hours | Practice Qs |
|---|---|---|---|
| 1 | Domain 1: OSI, TCP/IP basics, ports | 8 | 50 |
| 2 | Domain 1: Subnetting drills + IPv6 | 10 | 50 |
| 3 | Domain 2: VLANs, switching, routing | 8 | 50 |
| 4 | Domain 2: Wireless, cabling, PoE | 8 | 50 |
| 5 | Domain 3: Operations, documentation, monitoring | 8 | 50 |
| 6 | Domain 4: Security, Zero Trust, VPNs, attacks | 10 | 75 |
| 7 | Domain 5: Troubleshooting methodology + CLI tools + PBQs | 10 | 75 |
| 8 | Two full 90-Q mock exams + weak-topic remediation | 8 | 180 (2 mocks + drills) |
Total commitment: ~70 hours over 8 weeks plus 500 practice questions and a Packet Tracer or GNS3 lab for hands-on PBQ practice.
Is Network+ worth it in 2026? Salary data
Network+ in 2026 sits in the bottom-third of starter IT salaries but the top-third of resume-pass-through rates. Median US salary for Network+ holders alone (no other certs, 1 to 3 years experience) is in the $58k to $72k range depending on metro. Stacked with Security+ and 2 years experience, the median rises to $72k to $88k. NOC/SOC analyst roles in major US metros typically post in the $65k to $80k range.
For comparison, CCNA holders earn $5k to $12k more on average but invest 2 to 3 times the study hours. ROI per study hour favours Network+ for early career, CCNA for mid career.
How to know you are ready
Score above 78 percent on full 90-question Certsly mocks (90-minute timer) consistently across two attempts. CompTIA's actual cut score is around 80 percent, but Certsly mocks calibrate slightly above exam difficulty. If you can do 78 percent on a Certsly mock with the timer running, you will comfortably hit 720 out of 900 on the real exam.
Second signal: can you answer a subnetting question in under 45 seconds without scratch paper? If yes, you are ready for the time pressure. If you need 2 minutes per subnetting question, do another week of drills before booking.
Common mistakes
- Skipping subnetting drills. It is the most-tested skill across the exam. Spend a full week on it if you are not fluent.
- Memorising without doing. Network+ rewards hands-on intuition. Spin up a free GNS3 or Packet Tracer lab and configure VLANs, OSPF, and ACLs.
- Studying N10-008 materials. They are cheap and outdated. Confirm every resource you use is dated 2024 or later and says N10-009 explicitly.
- Skimping on PBQs. They are worth 10 to 20 percent of your score and they consume time. Practice them with a timer.
- Not taking a timed full mock before exam day. The 90-minute pressure surprises people who only did untimed practice.
- Confusing similar acronyms. RTO vs RPO, OSPF vs EIGRP vs BGP, PEAP vs EAP-TLS, Cat6 vs Cat6a. CompTIA loves these distinctions. Build a flash-card deck.
Frequently asked questions
How many questions are on the CompTIA Network+ N10-009 exam?
N10-009 has up to 90 questions, a 90-minute time limit, a passing score of 720 out of 900 (roughly 80 percent), and a $358 registration fee. The mix is multiple-choice with 3 to 6 performance-based questions (PBQs) that simulate console configuration or network diagrams.
What is the N10-009 passing score?
The N10-009 passing score is 720 out of 900, which is approximately 80 percent. CompTIA does not publish the per-question raw weighting, so the safest readiness benchmark is consistently scoring above 78 percent on full-length practice exams.
When does N10-008 retire?
CompTIA gave N10-008 retirement notice in 2024. The official retirement date is December 2024, after which only N10-009 is available for new candidates. If you scheduled an N10-008 exam before retirement, your certification is still valid for the standard 3-year period.
Is CompTIA Network+ worth it in 2026?
Yes for early-career engineers, help-desk staff transitioning to network or security roles, and anyone targeting a junior NOC or SOC analyst position. Network+ is the second most-requested CompTIA cert on US job listings (after Security+) and average salaries for holders in 2026 fall in the $58k to $72k range. It is not worth it if you already hold a vendor cert at or above its level (CCNA, JNCIA-Junos, Aruba ACMA).
Should I take A+ before Network+?
Only if you have zero IT background. A+ covers hardware and operating systems plus a small networking section. Network+ assumes basic IT literacy and is independent of A+. Anyone with 6 months of help-desk experience can skip A+ and study directly for Network+.
Is N10-009 harder than N10-008?
It is similar in difficulty but broader in scope. N10-009 added explicit objectives for Zero Trust, SD-WAN, SASE, Wi-Fi 6/6E, and cloud networking patterns that N10-008 either skipped or footnoted. If you studied for N10-008, you will need to add about 10 to 15 hours of focused study on the new topics.
Ready to practise N10-009?
30 free N10-009 questions — no signup, no credit card. Full 500-question bank is $11.99 lifetime, or $9.99/month Pro unlocks N10-009 plus every other Certsly certification.