CompTIA Security+ Practice Test of the Day 260316

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 3.4 (Explain the importance of resilience and recovery in security architecture) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260316

10 questions • Single best answer

Question 1

A security architect at a regional bank is evaluating disaster recovery site options following a business impact analysis. The bank operates customer-facing online banking services that must be restored within 15 minutes in the event of a primary site failure. The architect is reviewing three candidate DR site types: one that maintains fully operational systems with near-real-time data synchronization, one that has hardware pre-installed but systems not fully configured, and one that is essentially an empty facility with only power and network connectivity. Given the 15-minute RTO requirement for the bank's critical online services, which DR site type is MOST appropriate?

A. Cold site B. Warm site C. Hot site D. Geographic dispersion

Question 2

A systems engineer at a streaming media company is designing the infrastructure for a new video delivery platform expected to serve millions of simultaneous users. Management requires that the platform remain fully operational even if one or more servers experience hardware failures. The engineer must choose between a load balancing configuration and a clustering configuration. The primary requirement is that traffic be distributed across multiple servers to prevent any single node from becoming overwhelmed, and that user sessions be automatically redirected to available servers if one goes offline. Which high availability technique MOST directly meets both requirements?

A. Load balancing B. Geographic dispersion C. Journaling D. Clustering

Question 3

A backup administrator at a legal services firm is reviewing the organization's backup strategy after a ransomware incident that encrypted both the production environment and the backup files stored on an adjacent network share. The incident response team determined that the attacker was able to reach the backups because they were stored on the same network segment as the production servers. The CISO has directed the administrator to redesign the backup architecture so that a future compromise of the production network cannot simultaneously destroy all backup copies. Which combination of backup practices BEST addresses the identified weaknesses?

A. Increasing backup frequency and enabling journaling on production servers B. Storing backups offsite and encrypting backup files C. Performing snapshots every 15 minutes and enabling replication to a secondary server on the same network D. Implementing parallel processing failover testing and deploying a UPS at the primary site

Question 4

The facilities manager at a critical data center is implementing a power resilience strategy for financial transaction processing systems that cannot tolerate even a momentary interruption. After consulting with the engineering team, the manager determines that two complementary technologies are needed: one that provides instantaneous power continuity during the gap between utility power loss and backup generation becoming available, and a second that can sustain full data center operations for an extended outage lasting many hours or even days. Which combination of technologies correctly addresses both requirements?

A. UPS for sustained power generation and generators for instantaneous bridging B. Generators for instantaneous bridging and UPS for sustained power generation C. UPS for instantaneous bridging and generators for sustained power generation D. Redundant UPS systems for both instantaneous bridging and sustained power generation

Question 5

The CISO of a large healthcare organization wants to evaluate the organization's ability to respond to a major ransomware incident without disrupting active clinical operations or activating real systems. The security team recommends an exercise that allows key stakeholders — including IT, legal, communications, and clinical leadership — to walk through the incident response process in a structured discussion format, identify gaps in the response plan, and validate decision-making procedures. The entire exercise must take place without deploying any actual technical infrastructure, switching over systems, or impacting live patient care workflows. Which type of resilience test BEST fits this description?

A. Parallel processing test B. Failover test C. Simulation D. Tabletop exercise

Question 6

A database architect at an e-commerce company is designing a high-availability strategy for the product catalog database and must satisfy two distinct requirements. First, any transaction that has been committed by the database engine must be fully recoverable in the event of a sudden system crash with no committed data loss. Second, data changes must be continuously propagated to a secondary database server that can serve read queries and assume the primary role if the main server becomes unavailable. Which pairing of technologies BEST satisfies the respective requirements described?

A. Journaling for crash recovery of committed transactions, and replication for secondary server synchronization B. Replication for crash recovery of committed transactions, and journaling for secondary server synchronization C. Snapshots for crash recovery of committed transactions, and replication for secondary server synchronization D. Journaling for both crash recovery and secondary server synchronization

Question 7

A cloud architect at a multinational financial services company is redesigning the organization's resilience strategy after a major flood caused a complete 18-hour outage of its primary cloud region. The cloud provider had all workloads running across three availability zones within the same metropolitan area, and all three were impacted by the same flood event. The architect must recommend a resilience strategy that would have prevented the full outage by ensuring no single regional disaster could simultaneously take down all infrastructure. Which strategy MOST directly addresses this specific risk?

A. Implementing hot standby servers within the same availability zone B. Deploying a multi-cloud strategy with all regions in the same metropolitan area C. Geographic dispersion of workloads across physically separate regions D. Increasing backup snapshot frequency to every 15 minutes

Question 8

A senior systems engineer at a financial institution is responsible for validating the disaster recovery plan for the organization's core payment processing platform. The DR plan specifies a secondary data center that can assume payment operations if the primary site fails. The engineer has been asked to conduct a test that will actually route live production traffic to the secondary site temporarily, verify that all payment integrations remain functional, confirm that the secondary site can sustain real transaction volumes, and then switch back to the primary site after validation is complete. Which type of DR test is being described?

A. Tabletop exercise B. Parallel processing test C. Failover test D. Simulation

Question 9

The chief architect of a SaaS company is reviewing the organization's cloud strategy after noting that all infrastructure runs exclusively on a single public cloud provider. The company's enterprise SLA guarantees 99.99% annual uptime, and the architect is concerned that a major provider outage — similar to several-hour incidents that have historically affected major cloud platforms — could breach this commitment and trigger financial penalties. To mitigate vendor-specific risks including regional outages, forced API changes, and service discontinuation, the architect proposes a specific resilience strategy. Which cloud strategy MOST directly addresses these vendor-specific risks?

A. Implementing load balancing across the current provider's availability zones B. Deploying a multi-cloud strategy that distributes workloads across two or more independent providers C. Increasing snapshot frequency to hourly intervals for all critical workloads D. Transitioning all workloads to an on-premises private data center

Question 10

A business continuity manager at a regional hospital is updating the continuity of operations plan following a tabletop exercise that revealed two critical gaps. First, the team discovered that when both the IT director and the senior network engineer are simultaneously unavailable during a crisis, no other staff member is trained or authorized to execute the firewall failover procedure. Second, the hospital's UPS systems were sized during original construction and have never been updated to account for new high-power imaging equipment added to the facility, meaning they cannot sustain critical systems long enough for the diesel generator to reach operating speed. These two identified gaps represent failures in which capacity planning dimensions, respectively?

A. Technology and infrastructure B. People and technology C. Infrastructure and people D. People and infrastructure

Desk Mat CTA Block

Tired of Googling acronyms while practicing/studying?
Keep them all under your keyboard.

📋 GET_THE_DESK_MAT

Take more CompTIA Security+ practice tests

CompTIA Security+ Practice Test of the Day 260316

ByThe Test Master

Related Post

CompTIA Security+ Practice Test of the Day 260410

CompTIA Security+ Practice Test of the Day 260409

CompTIA Security+ Practice Test of the Day 260408

Leave a Reply Cancel reply

You missed

CEH v13 Domain 7.1 Practice Test 002

CEH v13 Domain 6.1 Practice Test 002

CEH v13 Domain 5.3 Practice Test 002

CEH v13 Domain 5.2 Practice Test 002