NetworkingNetwork+

Network Baseline for CompTIA Network+ N10-009

A network baseline documents normal performance levels across key metrics, providing a reference point for identifying deviations that indicate problems. CompTIA Network+ N10-009 tests baseline concepts as part of Network Operations. Without a baseline, it's impossible to determine whether current performance is normal or degraded — 'slow' is relative without knowing what fast looks like for that specific environment.

6 min

2 sections · 7 exam key points

1 practice questions

Establishing a Baseline

A network baseline captures metrics during normal, healthy operations: bandwidth utilization per link, CPU and memory usage per device, interface error rates, average latency to key destinations, typical packet loss, and common traffic patterns. Baseline collection should span multiple time periods — different times of day, days of week, and business seasons — to capture natural variation.

When to capture baselines: after initial deployment (establishes 'normal' before changes). After significant changes (upgrades, new applications, topology changes). Periodically (quarterly or annually to account for organic growth and change). Baselines become stale over time as the network evolves — regular updates are important.

Using Baselines for Troubleshooting

Deviation from baseline triggers investigation. If interface utilization is normally 30% but spikes to 95% at 2am, that warrants investigation — it could be a backup job, malware, or a rogue device. Baselines provide context: a 10ms ping to the server is fine if baseline is 5ms (slight increase), but concerning if baseline is 1ms (10x increase).

Trending: analyzing baseline data over time reveals capacity issues before they cause problems. If interface utilization grows 5% each month, capacity planning can predict when to upgrade. Anomaly detection: monitoring systems compare real-time metrics against the baseline and alert when significant deviations occur. Modern tools use machine learning to automatically identify anomalous patterns.

Key exam facts — Network+

Baseline = documented normal performance metrics captured during healthy operations
Capture baselines after deployment, after major changes, and periodically
Baselines enable anomaly detection — deviations from normal trigger investigation
Trending analysis of baseline data enables capacity planning
Baselines become stale — update after significant changes
Metrics to baseline: utilization, CPU/memory, latency, errors, packet loss
Without baselines, 'slow' or 'high' has no reference point

Common exam traps

A baseline only needs to be captured once

Baselines must be updated after major changes (new applications, topology changes, growth) because 'normal' evolves. An outdated baseline may cause false alarms or miss real problems by comparing against obsolete normal values

Practice questions — Network Baseline

These questions are representative of what you will see on Network+ exams. The correct answer and explanation are shown immediately below each question.

Q1.After deploying a new ERP application, the network team notices CPU utilization on the core router is consistently 70% compared to the previous 25% baseline. What should the team do first?

A.Update the baseline to reflect the new normal, then investigate if further increase occurs

B.Immediately replace the router

C.Disable the ERP application

D.No action needed — baselines are informational only

Explanation: After a major change (ERP deployment), the team should first understand why CPU increased (the new application's traffic patterns). After confirming the increase is expected and acceptable, they should update the baseline to reflect the new normal. If the increase is unexpected, investigation is warranted. Immediately replacing hardware or disabling the application before investigation is premature.

Frequently asked questions — Network Baseline

What tools capture network baseline data?

SNMP-based monitoring (PRTG, Zabbix, Nagios) collects device metrics. NetFlow analyzers (ntopng, SolarWinds NTA) capture traffic baselines. Packet capture tools (Wireshark) for protocol-level baselines. Synthetic monitoring (simulated transactions) establishes application performance baselines. The data should be stored in a time-series database (InfluxDB, Graphite) for trending and historical comparison.

Practice this topic

Network+practice questions

Test yourself on Network Baseline

JT Exams routes you to questions in your exact weak areas — automatically, after every session.

Free practice test Start 7-Day Free Trial

No credit card · Cancel anytime