CompTIA Security+ Practice Test of the Day 260703

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.2 (Explain common threat vectors and attack surfaces) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

Recommended read: Ultimate CompTIA Security+ Study Guide (2026)

CompTIA Security+ Practice Test of the Day 260703
10 questions • Single best answer
Question 1
A hospital's threat hunting team finds that clinicians were compromised after visiting a legitimate medical journal site that attackers had seeded with malware. The site was chosen because staff routinely browse it. Which attack technique does this describe?
    Question 2
    An employee at a logistics firm receives a text message claiming a package delivery failed and asking them to tap a link to reschedule. The link leads to a credential-harvesting page. Which social engineering vector is being used?
      Question 3
      A SOC analyst at a retailer notices staff reaching a fraudulent site at 'arnazon-shop.com' after mistyping a familiar shopping address. The lookalike domain mimics the real brand to steal logins. Which threat vector explains this?
        Question 4
        A finance clerk at a manufacturing company gets an email appearing to come from the CFO, urgently directing a wire transfer to a new vendor account. The sender's display name matches the CFO, but the domain is subtly altered. Which attack is most likely underway?
          Question 5
          A government agency is breached after attackers first compromised the managed service provider that administers its systems remotely. The provider's trusted access was then abused to reach the agency's network. Which attack surface did the adversary exploit?
            Question 6
            During an assessment, a penetration tester logs into several newly installed IP cameras using the manufacturer's published username and password, which were never changed. This grants immediate administrative control. Which weakness enabled the access?
              Question 7
              A critical infrastructure operator discovers malware entered an isolated control network after a technician plugged in a USB drive found in the parking lot. The air-gapped systems had no internet path. Which threat vector was used?
                Question 8
                A help desk agent at an insurance company receives a phone call from someone posing as an executive, pressuring them to reset a password immediately. The caller relies on urgency and authority to skip verification. Which social engineering technique is this?
                  Question 9
                  A cloud security team scanning an internet-facing server finds an exposed database that accepts connections from any address online. No firewall restricts which hosts can reach the listening service. Which attack surface should be prioritized for remediation?
                    Question 10
                    A security architect is comparing two monitoring approaches: one installs software on each endpoint, while the other collects data remotely without deploying anything on the host. The team wants to minimize the software footprint attackers could exploit. Which approach fits that goal?
                      Cybersecurity Acronyms Desk Mat

                      Tired of Googling acronyms while practicing/studying?
                      Keep them all under your keyboard.

                      📋 GET_THE_DESK_MAT

                      Take more CompTIA Security+ practice tests

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top