CompTIA Security+ Practice Test of the Day 260608

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.5 (Explain the purpose of mitigation techniques used to secure the enterprise) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260608

10 questions • Single best answer

Question 1

A security administrator at a manufacturing firm divides the flat corporate network into separate zones so a breach in the office VLAN cannot reach the OT systems. Traffic between zones is tightly controlled. Which mitigation technique is applied?

A. Patching B. Segmentation C. Encryption D. Monitoring

Question 2

An administrator reviews permissions and ensures each employee can access only the resources strictly required for their role. Excess rights are removed across all accounts. Which mitigation technique does this represent?

A. Segmentation B. Isolation C. Decommissioning D. Least privilege

Question 3

To stop unauthorized programs, a team configures endpoints so only explicitly approved executables can launch. Anything not on the approved set is blocked by default. Which technique is in use?

A. Access control list B. Host-based firewall C. Application allow list D. Patching

Question 4

After a critical vulnerability is announced, an administrator promptly applies vendor-released fixes across all affected servers to close the flaw. The updates eliminate the exploitable weakness. Which mitigation technique is this?

A. Patching B. Hardening C. Isolation D. Segmentation

Question 5

When malware is detected on a workstation, the response team immediately disconnects it from all networks to contain the threat. The infected host can no longer communicate with other systems. Which mitigation technique does this describe?

A. Segmentation B. Decommissioning C. Monitoring D. Isolation

Question 6

An enterprise uses automated tooling to continuously verify endpoints comply with approved security settings and automatically corrects any drift. Devices that deviate are returned to the standard. Which mitigation technique is applied?

A. Patching B. Configuration enforcement C. Least privilege D. Encryption

Question 7

An organization formally retires obsolete servers by wiping their data, removing them from inventory, and securely disposing of the hardware. The systems are permanently taken out of service. Which mitigation technique does this represent?

A. Decommissioning B. Isolation C. Hardening D. Patching

Question 8

To control traffic at individual endpoints, an administrator enables software on each workstation that filters inbound and outbound connections per device. The rules apply locally rather than at the perimeter. Which mitigation technique is this?

A. Host-based intrusion prevention system B. Application allow list C. Host-based firewall D. Segmentation

Question 9

A hardening review finds unused services on a server, so the administrator turns off the unnecessary network ports and legacy protocols. Reducing these cuts the attack surface. Which hardening technique is applied?

A. Default password changes B. Encryption C. Installation of endpoint protection D. Disabling ports/protocols

Question 10

During deployment hardening, an administrator replaces every device's factory-set login credentials with strong unique values before connecting it to the network. This prevents trivial unauthorized access. Which hardening technique does this describe?

A. Application allow list B. Default password changes C. Configuration enforcement D. Host-based firewall

Tired of Googling acronyms while practicing/studying?
Keep them all under your keyboard.

📋 GET_THE_DESK_MAT

Take more CompTIA Security+ practice tests

CompTIA Security+ Practice Test of the Day 260608

Related Posts

Leave a Comment Cancel Reply