Browse CompTIA Certification Guides

CompTIA N10-009 Cloud Concepts, VPCs & Service Models Guide

March 30, 2026

Study CompTIA N10-009 Cloud Concepts, VPCs & Service Models: key concepts, common traps, and exam decision cues.

On this page

Cloud questions in Network+ are still networking questions. CompTIA is usually testing whether you understand that virtual networks still need subnets, routes, gateways, policy boundaries, and controlled connectivity. The wrong answer often assumes that “cloud” means normal network design rules stop applying.

NFV: Network functions virtualization, replacing dedicated hardware appliances with virtualized network functions.

VPC: Virtual private cloud, a logically isolated virtual network built inside a cloud environment.

IaaS: Infrastructure as a service, where the provider exposes virtualized infrastructure such as compute, storage, and networking building blocks.

Multicloud: Using services from more than one cloud provider.

What CompTIA is really testing

The exam usually wants you to distinguish:

  • service models such as IaaS, PaaS, and SaaS
  • deployment models such as public, private, hybrid, and multicloud
  • virtual network boundaries from physical ones
  • cloud connectivity options from ordinary local switching

Separate service model from deployment model

Concept type Examples What it answers
service model IaaS, PaaS, SaaS how much of the stack the provider manages
deployment model public, private, hybrid, multicloud where workloads run and how environments are combined

CompTIA likes this distinction because candidates often mix them up.

Public, private, hybrid, and multicloud

Deployment model What Network+ usually wants you to notice
public cloud shared provider environment consumed by the customer
private cloud cloud-style environment dedicated to one organization
hybrid cloud workloads or services span on-premises and cloud environments
multicloud more than one cloud provider is in use

The exam often hides the right answer in one phrase such as “connected back to headquarters” or “runs across two providers.” That clue is about deployment shape, not IaaS versus SaaS.

A VPC is still a network

Even in the cloud, you still need to think about:

  • subnets
  • route paths
  • internet or private gateways
  • segmentation and access policy
  • connectivity back to other sites or environments

Hybrid path mental model

    flowchart LR
	  A["Branch or campus LAN"] --> B["VPN or private connectivity"]
	  B --> C["Cloud gateway"]
	  C --> D["VPC subnet A"]
	  C --> E["VPC subnet B"]

What to notice:

  • the cloud side still has gateways, routes, and segmented subnets
  • the branch still needs a real connectivity method
  • a hybrid answer is about how environments are linked, not about which service model the app uses

Small virtual-network example

1vpc:
2  cidr: 10.40.0.0/16
3  subnets:
4    - name: app
5      cidr: 10.40.10.0/24
6    - name: db
7      cidr: 10.40.20.0/24
8  branch-connectivity: site-to-site-vpn

What to notice:

  • the cloud environment still has address space and segmentation
  • a database subnet can be separated from an application subnet
  • the branch does not connect by magic; it needs a gateway or tunnel path

Where NFV fits

NFV belongs here because Network+ wants you to recognize that routers, firewalls, WAN optimizers, or load balancers do not have to be tied to one physical appliance. They can be delivered as virtual network functions inside a cloud or virtual environment.

That does not remove normal network logic. It only changes where the function runs.

Cloud networking still follows network logic

CompTIA often hides the right answer in one of these questions:

  • is this about where the workload runs, or about who manages the platform?
  • is this a virtual network boundary question, or a service-model question?
  • does the design still need routing, segmentation, and gateway control?

If you keep those distinctions clear, most cloud questions stop feeling abstract.

Support and troubleshooting cues

Clue in the question Strongest interpretation
“provider manages the finished app” likely SaaS
“customer manages virtual servers and subnets” likely IaaS
“on-premises and cloud are linked together” likely hybrid
“multiple providers are in use” likely multicloud
“virtualized router or firewall function” likely NFV

Common traps

  • treating service models as deployment models
  • assuming cloud removes the need for subnets, routes, or policy boundaries
  • confusing a virtual network with a generic application platform
  • forgetting that hybrid design still needs real connectivity between environments
  • assuming multicloud and hybrid mean the same thing

What strong answers usually do

  • separate “where it runs” from “who manages what”
  • treat a VPC or virtual network like a real network boundary
  • remember that cloud gateways, tunnels, and route rules still matter
  • choose the answer that preserves normal networking logic instead of bypassing it
  • separate “which provider manages what” from “which environments are connected”

Decision order that usually wins

  1. First decide whether the clue is about service model or deployment model.
  2. If the clue is how much the provider manages, think IaaS/PaaS/SaaS.
  3. If the clue is where workloads run across providers or environments, think public/private/hybrid/multicloud.
  4. Treat a VPC as a network boundary that still needs normal routing and segmentation logic.
  5. Network+ usually rewards separating cloud vocabulary from normal networking design instead of treating cloud as magic.

Quiz

Loading quiz…

Continue with 1.4 Ports, Protocols & Services to keep the domain flow intact.

Revised on Sunday, May 10, 2026
1.2 Devices & Roles
1.4 Ports, Protocols & Services