CompTIA Security+ Practice Test of the Day 071925

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 1.2 (Summarize fundamental security concepts) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 071925

10 questions • Single best answer

Question 1

A cloud storage provider experiences a breach in which customer files are accessed by an unauthorized third party. No files were modified or deleted — only viewed. Which CIA triad principle was MOST directly violated?

A. Integrity B. Availability C. Confidentiality D. Non-repudiation

Question 2

An attacker intercepts financial transaction records during transmission and alters the dollar amounts before forwarding them to the destination server. The receiving system has no way to detect the modification. Which CIA triad principle was MOST directly violated?

A. Confidentiality B. Non-repudiation C. Availability D. Integrity

Question 3

A DDoS attack floods a hospital's patient management system with traffic, rendering it completely inaccessible to medical staff during a critical period. Which CIA triad principle was MOST directly impacted?

A. Confidentiality B. Non-repudiation C. Integrity D. Availability

Question 4

A financial services firm requires all wire transfer approvals to be digitally signed using each employee's private key. After a fraudulent transfer, the approving employee denies initiating it. Which security concept ensures the employee's denial can be refuted?

A. Authentication B. Non-repudiation C. Accounting D. Authorization

Question 5

A user logs into the company VPN with a username, password, and one-time code from a mobile authenticator. After login, the system records the login time, source IP address, and session duration. Which component of AAA does the session recording represent?

A. Authentication B. Authorization C. Accounting D. Non-repudiation

Question 6

A Zero Trust architecture requires every access request — regardless of whether it originates inside or outside the network — to pass through a component that evaluates it against policy rules and either grants or denies access. Which Zero Trust component BEST describes this function?

A. Policy administrator B. Policy enforcement point C. Threat scope reduction D. Adaptive identity

Question 7

A Zero Trust system analyzes device health, location, time of day, and behavioral patterns to dynamically adjust authentication requirements. A user connecting from an unrecognized device in a foreign country must complete additional verification steps. Which Zero Trust concept BEST describes this behavior?

A. Threat scope reduction B. Policy enforcement point C. Adaptive identity D. Implicit trust

Question 8

A security team deploys a simulated server on an isolated network segment that appears to contain sensitive financial data but is heavily monitored. Any connection attempt to this server is flagged as suspicious and triggers an alert. Which deception technology is described?

A. DNS sinkhole B. Honeytoken C. Honeynet D. Honeypot

Question 9

An office building uses a two-door entry system where a visitor badges through the first door, waits in an enclosed space while the first door closes and identity is verified, and only then may the second door open. Which physical security control is described?

A. Bollard B. Access control vestibule C. Security guard D. Proximity sensor

Question 10

A security team is hired to evaluate a healthcare organization's current security posture and identify the difference between its existing controls and the requirements mandated by HIPAA. Which security concept BEST describes this type of assessment?