CompTIA Security+ Practice Test of the Day 260705

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.4 (Given a scenario, analyze indicators of malicious activity) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

Recommended read: Ultimate CompTIA Security+ Study Guide (2026)

CompTIA Security+ Practice Test of the Day 260705
10 questions • Single best answer
Question 1
A SOC analyst at a regional hospital sees a user account log in from New York, then authenticate from Singapore twelve minutes later. Both sessions used valid credentials and succeeded. Which indicator BEST describes this activity?
    Question 2
    A threat hunter at a logistics company finds thousands of files renamed with a .locked extension alongside a note demanding cryptocurrency to restore access. Backups are encrypted and production systems are inaccessible. Which malware type is indicated?
      Question 3
      A network defender at an ISP observes a flood of DNS responses overwhelming a customer's server, though the customer never sent matching queries. Source addresses appear spoofed to the victim's IP. Which attack is occurring?
        Question 4
        A security engineer at a coffee-shop chain discovers a rogue device on the guest Wi-Fi silently relaying traffic between clients and the gateway. It intercepts and alters data in transit without either party noticing. Which attack is this?
          Question 5
          A SOC team at a university notices a single source trying one common password against thousands of different usernames, staying below lockout thresholds. Few accounts trigger alerts individually. Which password attack is indicated?
            Question 6
            An incident responder at a manufacturing firm finds a standard user account suddenly executing administrative commands and modifying protected system files. The account exploited a kernel flaw to gain elevated rights. Which activity does this indicate?
              Question 7
              A web application developer at an e-commerce startup finds log entries where a login field contains ' OR '1'='1 strings. The database then returned all user records in response. Which attack is indicated?
                Question 8
                A forensic analyst at a government agency investigating a breach finds that security event logs for a critical window are deleted, leaving gaps where entries should exist. This pattern suggests an attacker covering their tracks. Which indicator BEST describes this?
                  Question 9
                  A malware analyst at an MSSP examines a host where malicious processes are hidden from Task Manager and antivirus, operating with kernel-level access. Standard tools cannot detect the implant. Which malware type is indicated?
                    Question 10
                    A security architect at a bank reviews TLS logs showing sessions being forced from TLS 1.3 to an obsolete SSL version with weak ciphers. An attacker manipulated the handshake to weaken encryption. Which cryptographic attack is indicated?
                      Cybersecurity Acronyms Desk Mat

                      Tired of Googling acronyms while practicing/studying?
                      Keep them all under your keyboard.

                      📋 GET_THE_DESK_MAT

                      Take more CompTIA Security+ practice tests

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top