CompTIA Security+ Practice Test of the Day 260501

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.3 (Explain various types of vulnerabilities) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260501

10 questions • Single best answer

Question 1

A security engineer at a financial institution is reviewing a code audit report for a legacy customer-facing application. The report identifies that a specific function reads user input into a fixed-size local buffer without checking the length of the incoming data. When testers submitted an oversized string, execution jumped to an attacker-controlled address, allowing arbitrary code to run with the privileges of the application process. Which vulnerability type does this BEST describe?

A. Memory injection B. Race condition C. Buffer overflow D. SQL injection

Question 2

An analyst reviewing web application logs for a healthcare portal notices that database error messages are being returned in HTTP responses. A submitted value in the username field reads: ' OR '1'='1. The application constructs SQL queries by concatenating raw user input directly into the query string. Which vulnerability is being exploited, and what is the MOST effective long-term remediation?

A. Cross-site scripting (XSS); implement a content security policy header B. Buffer overflow; add input length bounds checking in the authentication module C. SQL injection (SQLi); use parameterized queries or prepared statements D. Memory injection; apply address space layout randomization (ASLR)

Question 3

A web developer reports that users visiting a product review page are seeing unexpected pop-up alerts and being redirected to unknown sites. Investigation reveals that a prior user submitted a review containing a script tag with embedded JavaScript, which was saved to the database and is now rendered without output encoding on every page load. Which vulnerability type is this, and what distinguishes it from a reflected variant?

A. Reflected XSS; the payload is stored in the URL and only affects users who click a crafted link B. Stored XSS; the malicious script is persisted in the database and executes each time any user loads the affected page C. SQL injection; the script tag is injected through an unsanitized database query D. Stored XSS; the payload must be manually re-submitted by each victim to trigger execution

Question 4

A threat researcher is analyzing a post-incident report from a compromised enterprise HR application. The attacker, starting with a low-privileged user account, used a tool to insert a malicious dynamic link library (DLL) directly into the memory space of a process running with SYSTEM privileges. The injected code executed in the context of that privileged process, and no malicious files were written to disk. Which vulnerability type did the attacker leverage to escalate privileges?

A. Buffer overflow B. Memory injection C. Race condition D. Zero-day

Question 5

A developer at a cloud services company is reviewing a reported flaw in a file permission management module. The module first checks whether the requesting user has permission to access a file, then — after additional processing — opens and reads it. An attacker exploits this by replacing the target file with a symbolic link to a sensitive system file after the permission check passes but before the file is opened. Which vulnerability type does this represent?

A. Buffer overflow B. Memory injection C. Malicious update D. Race condition — time-of-check to time-of-use (TOCTOU)

Question 6

The CISO of a manufacturing company is briefed on an incident in which the company's industrial monitoring software automatically applied an update that began exfiltrating configuration data to an external IP address. Forensic investigation confirmed the vendor's distribution infrastructure was not breached — the malicious code was introduced during the vendor's own software build process before packaging. Which vulnerability type does this attack BEST represent?

A. Zero-day vulnerability B. OS-based vulnerability C. Malicious update D. Misconfiguration

Question 7

An IT auditor reviewing a newly deployed Linux web server finds that SSH is running on port 22 with root login enabled, password authentication permitted, and no IP-based ingress restrictions — all carried over from the default installation package. The server is publicly accessible from the internet and was placed in production without a pre-deployment security review. Which vulnerability type does this BEST represent?

A. Zero-day vulnerability in the SSH daemon B. OS-based vulnerability C. Memory injection risk D. Misconfiguration

Question 8

A corporate IT security team reviews a mobile device management (MDM) alert showing that an employee installed an application on a company-issued Android device from a third-party website rather than the Google Play Store. Installing the app required the user to enable a device setting that permits installation from unknown sources. The app is not signed by a recognized developer and was not vetted through Google's review process. Which mobile device vulnerability does this scenario MOST directly represent?

A. Jailbreaking B. Zero-day exploitation C. Side loading D. OS-based vulnerability

Question 9

A mobile security researcher discovers that a user's iPhone has been modified to remove Apple's code-signing restrictions, disable app sandboxing, and allow installation of apps from outside the App Store without certificate verification. The user reports performing this intentionally to access third-party tweaks unavailable through Apple's official channels. The researcher flags the device because multiple built-in iOS security controls that protect against malware are no longer functional. Which mobile device vulnerability does this BEST describe?

A. Side loading B. Malicious update C. Jailbreaking D. Misconfiguration

Question 10

A threat intelligence team receives a vendor advisory confirming a critical flaw in a widely deployed enterprise VPN client. The vendor acknowledges active exploitation in the wild and states that no patch is currently available. Several of the organization's remote access appliances are running the affected version. Which vulnerability type does this BEST describe, and what is the team's MOST appropriate immediate response?

A. Misconfiguration; harden VPN configuration settings and apply vendor security benchmarks B. OS-based vulnerability; upgrade the underlying operating system on the affected appliances C. Zero-day vulnerability; implement compensating controls such as network segmentation and enhanced monitoring while awaiting a vendor patch D. Malicious update; roll back the VPN client to the previously installed version immediately