CompTIA Security+ Practice Test of the Day 260317

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 4.1 (Given a scenario, apply common security techniques to computing resources) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260317

10 questions • Single best answer

Question 1

A security administrator at a mid-sized healthcare organization is tasked with improving the security posture of all Windows workstations across the enterprise. The current environment has inconsistent configurations — some systems have unnecessary services running, weak password policies, and outdated firewall rules. The administrator wants to ensure all systems start from a known-good configuration state and that future deployments maintain this level of security. Which action represents the FIRST step in implementing a secure baseline for the workstation fleet?

A. Deploy endpoint detection and response (EDR) on all workstations B. Establish a documented secure configuration standard for the workstation image C. Enroll all workstations in a mobile device management (MDM) solution D. Implement full-disk encryption on all workstations

Question 2

An analyst in a SOC at a manufacturing firm receives an alert that an unusual outbound connection was established from a network-attached temperature sensor in one of the production facilities. The device runs a real-time operating system (RTOS) and has not been updated since installation three years ago. Attempts to access the device management console reveal it is still using the factory-default username and password. Which hardening action would have MOST directly prevented unauthorized access to this IoT device?

A. Enabling full-disk encryption on the RTOS storage B. Enrolling the IoT device in a mobile device management (MDM) solution C. Changing the default credentials and disabling unused network services D. Placing the device in a sandboxed execution environment

Question 3

A retail company is evaluating how to provision smartphones for its 200-person field sales team. The CISO wants the company to retain full ownership and control over each device, including the ability to remotely wipe it, enforce application allow lists, and prevent personal app installation that has not been vetted by IT. The security and compliance requirements take priority over employee preferences for personal use. Which mobile deployment model BEST meets the CISO's requirements?

A. Bring Your Own Device (BYOD) B. Choose Your Own Device (CYOD) C. Corporate-Owned, Personally Enabled (COPE) D. Personal device with MDM containerization

Question 4

Your organization recently upgraded its enterprise wireless infrastructure across all office locations. The security team is reviewing authentication settings for the corporate Wi-Fi network after discovering the previous configuration used WPA2-Personal with a shared passphrase that had not been rotated in over two years. The team wants to deploy a solution that resists offline dictionary attacks against captured handshakes and ensures that even if a session key is compromised, previously recorded sessions remain protected. Which WPA3 feature BEST satisfies both of these requirements?

A. Enhanced Open (OWE) B. Simultaneous Authentication of Equals (SAE) C. Protected Management Frames (PMF) D. TKIP with AES fallback mode

Question 5

A penetration tester is assessing a web application used by a regional bank for online loan applications. During testing, she discovers that a text field labeled 'Account Number' passes user input directly to a backend database query without any sanitization or parameterization. By entering a specially crafted string into the field, she is able to retrieve records from tables she is not authorized to access. The bank's development team asks which secure coding practice, if implemented at the application layer, would have MOST directly prevented this vulnerability from being exploitable.

A. Secure cookie attributes B. Static code analysis during the CI/CD pipeline C. Input validation with parameterized queries D. Code signing of the web application binaries

Question 6

A security administrator at a large enterprise is reviewing managed switch configurations in the corporate data center. She discovers that all trunk ports are using VLAN 1 as the native VLAN, no unused ports have been disabled, and VLAN pruning has not been applied. She is concerned that an attacker who gains physical or logical access to a switch port could exploit these misconfigurations to send traffic into VLANs they are not authorized to access. Which switch hardening action MOST directly mitigates the risk of a double-tagging VLAN hopping attack?

A. Enabling Spanning Tree Protocol (STP) PortFast on all access ports B. Changing the native VLAN on trunk ports to an unused VLAN ID and disabling inactive ports C. Enabling 802.1X port-based authentication on all access ports D. Configuring port security with a maximum MAC address limit on each port

Question 7

Your organization recently migrated several application workloads to a public cloud provider. A security review reveals that multiple virtual machine instances are accessible via SSH directly from any IP address on the internet, using password-based authentication with no source IP restrictions in place. The team wants to implement the most effective hardening changes to protect these instances from unauthorized remote access while preserving the ability for authorized administrators to connect. Which combination of hardening actions BEST reduces the attack surface for these cloud-hosted instances?

A. Enable full-disk encryption and disable SSH on all instances B. Restrict SSH access using security groups to approved IP ranges and enforce key-based authentication C. Install a host-based intrusion prevention system (HIPS) and enable verbose SSH logging D. Place all instances behind a load balancer and enable cloud provider DDoS protection

Question 8

A financial services company issues corporate smartphones to all employees in customer-facing roles. The security policy requires device encryption, enforced passcode complexity, and the ability to remotely erase a device if it is reported lost or stolen. Following a trade conference, several employees reported their devices missing. The IT team discovered that three of the lost devices had never been enrolled in the company's mobile device management (MDM) solution. Which MDM capability would have MOST directly enabled the IT team to protect sensitive data on those missing devices?

A. Application allow listing enforced via MDM configuration profile B. Remote wipe initiated through the MDM management console C. Certificate-based Wi-Fi authentication policy enforcement D. Geofencing alerts triggered when a device leaves a defined perimeter

Question 9

A software development team at a government contractor recently suffered a supply chain attack in which an adversary compromised the organization's build server and replaced a legitimate internal tool binary with a malicious version containing embedded malware. The tampered file appeared identical to the original in name and size. Approximately 40 employees downloaded and executed the malicious binary before the substitution was discovered through anomalous network behavior. Which application security control, if implemented and enforced before execution, would have MOST directly allowed employees or their systems to detect that the binary had been tampered with?

A. Running static code analysis on the compiled binary before distribution B. Executing the binary in a sandbox environment prior to enterprise deployment C. Implementing code signing with a trusted internal certificate authority D. Enforcing input validation within the application's installer routine

Question 10

An analyst at a cybersecurity firm is evaluating the email security architecture of a legal services company that regularly receives documents and executable attachments from external clients and opposing counsel. The organization has experienced multiple malware incidents over the past year in which employees opened attachments that appeared legitimate but contained malicious macros or embedded scripts. The security team wants to implement a control that executes incoming attachments in an isolated, controlled environment to observe their behavior before they are delivered to end-user mailboxes. Which security control BEST describes this approach?

A. Data loss prevention (DLP) policy applied at the email gateway B. Content disarm and reconstruction (CDR) applied to all inbound attachments C. Sandboxing of inbound email attachments prior to delivery D. Application allow listing enforced on all endpoint workstations

Desk Mat CTA Block

Tired of Googling acronyms while practicing/studying?
Keep them all under your keyboard.

📋 GET_THE_DESK_MAT

Take more CompTIA Security+ practice tests

CompTIA Security+ Practice Test of the Day 260317

ByThe Test Master

Related Post

CompTIA Security+ Practice Test of the Day 260410

CompTIA Security+ Practice Test of the Day 260409

CompTIA Security+ Practice Test of the Day 260408

Leave a Reply Cancel reply

You missed

CEH v13 Domain 7.1 Practice Test 002

CEH v13 Domain 6.1 Practice Test 002

CEH v13 Domain 5.3 Practice Test 002

CEH v13 Domain 5.2 Practice Test 002