Welcome to today’s practice test!
This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.
These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.
Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.To view CompTIA Security+ practice tests on other days, click here.
Results
#1. A security administrator at a large enterprise is evaluating access control models for a new HR system. The goal is to restrict access based on job roles, ensuring that HR staff can access employee records but marketing staff cannot. Which access control model should be implemented?
#2. An attacker attempts to gather information by redirecting users from a legitimate-looking domain name to a fake website that steals credentials. Which type of attack is this?
#3. Which tool is best suited for identifying vulnerabilities in systems without exploiting them?
#4. A cybersecurity analyst notices repeated failed login attempts from the same IP address. Which type of attack is likely occurring?
#5. A company needs to ensure data stored on stolen laptops cannot be accessed. Which security control is most effective?
#6. Which of the following is a correctly ordered step in the incident response process?
#7. A systems engineer wants to ensure that cloud-deployed virtual machines are provisioned with secure baselines automatically. Which concept does this describe?
#8. You’re tasked with configuring network security to prevent unauthorized external access to sensitive database ports. Which three configurations would best reduce the attack surface?
Select all that apply: