CompTIA Security+ Practice Test of the Day 061825

Welcome to today’s practice test!

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

 

Results

QUIZ START

#1. A security administrator at a mid-sized company is reviewing user authentication settings. The administrator wants to enforce a policy where users are authenticated based on something they know and something they have. What type of authentication method is this?

A. Biometric authentication

B. Multifactor authentication

C. Single sign-on

D. Federated identity management

Previous

Next

#2. A company is moving its workloads to a cloud environment using an IaaS model. Which of the following is the company still responsible for securing?

A. Physical data center

B. Hypervisor

C. Guest operating systems

D. Cloud storage infrastructure

Previous

Next

#3. A security team is developing a plan to ensure business operations can continue during and after a disaster. What type of document are they creating?

A. Incident response plan

B. Business continuity plan

C. Disaster recovery plan

D. Acceptable use policy

Previous

Next

#4. A cloud administrator is managing a hybrid cloud environment. What is a primary challenge unique to hybrid cloud deployments?

A. Uniform policy enforcement

B. Physical hardware upgrades

C. Patch management

D. Vendor lock-in

Previous

Next

#5. A security team wants to verify the authenticity and integrity of software updates. Which cryptographic technique should they use?

A. Symmetric encryption

B. Hashing

C. Tokenization

D. Key stretching

Previous

Next

#6. A company enforces security policies that restrict application installation, limits user privileges, and applies system hardening. Which principle is primarily being followed?

A. Least functionality

B. Least privilege

C. Separation of duties

D. Role-based access control

Previous

Next

#7. An attacker is using fake DNS entries to redirect users to malicious websites. What type of attack is this?

A. Pharming

B. Smishing

C. Cross-site request forgery

D. Credential stuffing

Previous

Next

#8. A security analyst notices a system has been behaving unusually and finds a file named invoice.pdf.exe running in the background. What type of malware is most likely involved?

A. Worm

B. Keylogger

C. Trojan

D. Logic bomb

Previous

Next

#9. Scenario: A security team must monitor endpoint activity and detect advanced persistent threats across multiple hosts in a distributed environment. Choose the best tool for this use case:

A. Firewall

B. DLP

C. EDR

D. SIEM

Previous

Next

#10. A financial firm is implementing blockchain technology to record transactions. What primary security benefit does this provide?

A. Confidentiality

B. Availability

C. Non-repudiation

D. Obfuscation

Previous

Finish

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To view CompTIA Security+ practice tests on other days, click here.To view answers for today’s questions, expand the Answers accordion below.