Use this cheat sheet for last-mile review, not first exposure. It works best after the lesson pages already make sense and you want the biggest Network+ distinctions on one screen before mixed review or exam day.
PBQ: Performance-based question that asks you to apply network logic instead of only recognizing a term.
SLAAC: Stateless address autoconfiguration, an IPv6 method where hosts build addresses from router advertisements.
CIDR: Prefix-length notation such as /27 or /64 used to describe a network boundary.
Fast lane picker
If the question is really about…
Go first to…
Strongest first move
devices, protocols, media, topologies, or IP behavior
flowchart TD
A["Read the requirement or symptom"] --> B["Classify it: path, service, security, or operations"]
B --> C["Name the layer or boundary that owns the clue"]
C --> D["Eliminate answers that act at the wrong layer"]
D --> E["Pick the simplest answer that directly fits the requirement"]
N10-009 answer sequence
Use this when the stem mixes path, service, security, or operations clues.
flowchart TD
S["Scenario"] --> L["Classify the layer"]
L --> B["Name the boundary that owns the clue"]
B --> R["Check routing, policy, or physical path"]
R --> V["Verify with the simplest direct fix"]
What to notice:
most Network+ misses start with bad classification, not a forgotten acronym
the wrong answer is often a real technology that acts too early, too late, or at the wrong boundary
the simplest direct fix is usually stronger than the fanciest one
Ports and protocols that matter
Service or protocol
Default port(s)
What the exam is usually testing
Easy confusion
SSH
22
secure remote administration
Telnet because both are terminal access
Telnet
23
insecure legacy remote access
SSH
DNS
53
name resolution
DHCP because both are basic network services
DHCP
67/68
address assignment and lease options
DNS
HTTP / HTTPS
80 / 443
web transport, secure vs insecure
TLS offload questions that sound like routing questions
SMTP
25
message transfer between mail systems
IMAP or POP3, which are mailbox retrieval
IMAP / POP3
143 / 110
mailbox retrieval behavior
SMTP
SNMP
161/162
monitoring and traps
Syslog because both support operations visibility
RADIUS
1812/1813
AAA for network access, common in Wi-Fi and NAC
TACACS+ because both support centralized AAA
TACACS+
49
device-administration AAA with strong command accounting
RADIUS
RDP
3389
remote desktop access
SSH or VNC
SIP
5060/5061
VoIP call setup
RTP, which carries media rather than signaling
High-confusion network pairs
Pair
Keep this distinction clear
switch vs router
a switch forwards inside a Layer 2 segment, a router moves traffic between Layer 3 networks
NAT vs PAT
NAT is the broader translation concept, PAT is many-to-one translation using ports
ACL vs firewall
ACLs are simpler stateless permit/deny rule sets, firewalls usually add deeper inspection and policy context
DHCP vs DNS
DHCP gives clients network configuration, DNS translates names into addresses
RTO vs RPO
RTO is acceptable restore time, RPO is acceptable data-loss window
MTTR vs MTBF
MTTR is average repair time, MTBF is average time between failures
out-of-band vs in-band management
out-of-band survives production path failure, in-band shares the normal network
latency vs packet loss
latency is delay, packet loss is missing data that usually forces retransmission
threat vs vulnerability
threat is the danger or actor, vulnerability is the weakness it can exploit
Addressing and path cues
Clue
What it usually means
Strongest first check
169.254.x.x
APIPA self-assigned IPv4 address
DHCP reachability or scope availability
127.0.0.1
local loopback only
application or local stack test, not network reachability
::1
local IPv6 loopback
same host-only meaning as 127.0.0.1
fe80::/10
IPv6 link-local
same-link communication, router not required for neighbor discovery
client reaches by IP but not hostname
naming problem, not routing first
DNS records, resolver path, split-horizon assumptions