CompTIA Security+ Practice Test of the Day 050925

Welcome to today’s practice test!

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To view CompTIA Security+ practice tests on other days, click here.

 

Results

QUIZ START

#1. A security administrator at a financial services company is reviewing access logs and notices a large number of failed login attempts from multiple IP addresses attempting to authenticate against an internal server. Which of the following BEST describes the type of attack taking place?

Credential stuffing

Password spraying

Brute-force attack

Dictionary attack

Previous

Next

#2. An attacker is attempting to gain access to a secure facility by tailgating an employee who has badged in. Which of the following BEST describes a security control that can prevent this attack?

CCTV monitoring

Access control vestibule

Security guard patrols

Motion-activated lighting

Previous

Next

#3. A security analyst is tasked with protecting sensitive data stored in a cloud-based database. Which of the following techniques provides the MOST effective protection for data at rest?

TLS encryption

VPN tunneling

Database encryption

Tokenization

Previous

Next

#4. A system administrator is configuring a network to ensure that if the primary firewall fails, another device will immediately take over with no interruption to services. Which of the following concepts is being implemented?

Fail-open

Load balancing

High availability

Fault tolerance

Previous

Next

#5. An organization has implemented a policy requiring all new users to be granted only the minimum level of access needed to perform their job functions. Which of the following security principles is being enforced?

Need to know

Defense in depth

Separation of duties

Least privilege

Previous

Next

#6. A company’s security team wants to detect unusual user activities such as logging in from different geographic locations within a short timeframe. Which of the following tools or methods should they use?

Firewall logs

Antivirus software

User behavior analytics

Vulnerability scanning

Previous

Next

#7. A developer is implementing input validation on a web application to protect against injection attacks. Which of the following types of attacks is this MOST likely to mitigate?

DDoS

SQL injection

Cross-site request forgery (CSRF)

Buffer overflow

Previous

Next

#8. A network engineer is deploying 802.1X on all switches to enforce port-based network access control. Which of the following protocols is MOST likely being used for authentication in this setup?

SAML

RADIUS

LDAP

OAuth

Previous

Next

#9. A security operations center (SOC) analyst detects an unusually high number of DNS queries from a single endpoint. Upon inspection, they find encoded data in the subdomains of the DNS requests. Which of the following BEST describes this activity?

DNS amplification

Command and control

Data exfiltration

DNS poisoning

Previous

Next

#10. A company requires all partners to sign an agreement ensuring confidentiality and protection of shared proprietary information before any engagement begins. Which of the following BEST describes this type of agreement?

SLA

NDA

MOU

BPA

Previous

Finish