CompTIA Security+ Practice Test of the Day 260704

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.3 (Explain various types of vulnerabilities) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

Recommended read: Ultimate CompTIA Security+ Study Guide (2026)

CompTIA Security+ Practice Test of the Day 260704
10 questions • Single best answer
Question 1
A cloud security engineer at a SaaS provider reviews a C application that copies user input into a fixed-size stack array without checking length. An attacker submits oversized input, overwriting adjacent memory and redirecting program execution. Which vulnerability is being exploited?
    Question 2
    A penetration tester finds that a script checks a file's permissions and then, moments later, acts on that file. By swapping the file between the check and the use, she gains unauthorized access. Which flaw does this exploit?
      Question 3
      An MSSP analyst observes exploitation of a flaw in a widely used library that the vendor has not yet acknowledged and for which no patch exists. Detection signatures do not recognize the activity. Which vulnerability type is this?
        Question 4
        A virtualization administrator at a hosting company learns that a tenant broke out of its guest instance and executed code directly on the underlying hypervisor. Other tenants on the same host are now at risk. Which vulnerability does this describe?
          Question 5
          A web application developer reviews logs showing input like ' OR '1'='1 submitted into a login field, which returned every user record. The application concatenates input directly into database queries. Which vulnerability is present?
            Question 6
            A SOC analyst at a retailer finds that attacker-supplied script stored in a product review executes in other shoppers' browsers when they open the page. Session cookies are being stolen as a result. Which vulnerability does this represent?
              Question 7
              A software vendor discovers that malicious code was inserted into a third-party build component it integrates, compromising customers who installed the release. The weakness originated upstream rather than in the vendor's own code. Which vulnerability category is this?
                Question 8
                A risk manager at a utility inventories firewalls that the manufacturer no longer supports with security patches. Replacements are budgeted but not yet deployed. Which vulnerability best describes these unsupported devices?
                  Question 9
                  A cloud auditor finds an object storage bucket set to public read, exposing sensitive files to the internet. No exploit was needed; the access setting was simply left insecure. Which vulnerability does this illustrate?
                    Question 10
                    A security engineer at a cloud provider discovers that memory pages freed by one virtual machine were reassigned to another without being cleared, leaking residual data. The tenants share the same physical host. Which vulnerability does this describe?
                      Cybersecurity Acronyms Desk Mat

                      Tired of Googling acronyms while practicing/studying?
                      Keep them all under your keyboard.

                      📋 GET_THE_DESK_MAT

                      Take more CompTIA Security+ practice tests

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top