CompTIA Security+ Practice Test of the Day 260428

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 1.4 (Explain the importance of using appropriate cryptographic solutions.) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260428

10 questions • Single best answer

Question 1

A security engineer at a financial institution needs to encrypt large volumes of transaction data quickly, using a single shared key for both encryption and decryption. Which cryptographic approach BEST meets this requirement?

A. Asymmetric encryption B. Symmetric encryption C. Hashing D. Key escrow

Question 2

A user obtains her colleague's public key from a directory and uses it to encrypt a sensitive message. Only the colleague can decrypt it. Which cryptographic concept is being applied?

A. Symmetric encryption B. Digital signature C. Asymmetric encryption D. Key stretching

Question 3

A software vendor digitally signs each software release using its private key. Customers verify the signature using the vendor's public key — confirming the software's origin and that it was not modified after signing. Which cryptographic concept is being applied?

A. Symmetric encryption B. Hashing C. Digital signature D. Key escrow

Question 4

A company stores only a fixed-length transformed value of each user's password in its database. When users log in, the system applies the same transformation to the entered password and compares the results — without ever storing the original password. Which cryptographic technique is being used?

A. Asymmetric encryption B. Symmetric encryption C. Key stretching D. Hashing

Question 5

Users with the same password have identical values stored in a database, making them vulnerable to precomputed rainbow table attacks. Adding a unique random value to each password before hashing would defeat this attack. Which technique is being recommended?

A. Key stretching B. Salting C. Tokenization D. Data masking

Question 6

A bank needs a tamper-resistant hardware device to securely generate, store, and manage private keys used for TLS certificate operations and code signing — ensuring keys never exist in software memory. Which cryptographic hardware BEST meets this requirement?

A. Trusted Platform Module (TPM) B. Secure enclave C. Hardware security module (HSM) D. Key management system

Question 7

A laptop uses full-disk encryption whose key is bound to the device's motherboard chip. If the hard drive is removed and placed in another machine, the data remains encrypted and inaccessible. Which hardware component enables this hardware-binding of the encryption key?

A. Hardware security module (HSM) B. Secure enclave C. Key management system D. Trusted Platform Module (TPM)

Question 8

A browser needs to verify whether a website's certificate has been revoked without downloading the full list of all revoked certificates from the issuing CA. Which certificate validation method provides an on-demand, real-time status check for a single certificate?

A. Certificate revocation list (CRL) B. Certificate signing request (CSR) C. Online Certificate Status Protocol (OCSP) D. Wildcard certificate

Question 9

An attacker embeds a secret message within the pixel values of an image file and emails it to an accomplice. The image appears to be a normal photograph. The recipient uses a tool to extract the hidden message. Which cryptographic obfuscation technique is being used?

A. Tokenization B. Data masking C. Encryption D. Steganography

Question 10

An organization deploys an internal CA to issue SSL certificates for internal services. All endpoints trust the internal CA's root certificate, which is installed in each device's trusted root store. Which PKI component serves as the foundational anchor of trust for all certificates issued within this hierarchy?

A. Certificate signing request (CSR) B. Root of trust C. Online Certificate Status Protocol (OCSP) D. Wildcard certificate

Tired of Googling acronyms while practicing/studying?
Keep them all under your keyboard.

📋 GET_THE_DESK_MAT

Take more CompTIA Security+ practice tests

CompTIA Security+ Practice Test of the Day 260428

Related Posts

Leave a Comment Cancel Reply