CompTIA Security+ Practice Test of the Day 052025

Welcome to today’s practice test!

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

 

Results

QUIZ START

#1. A security administrator at a mid-sized company observes that several employees received emails that appear to be from the IT department, asking them to confirm their passwords through a link. The link directs users to a page that mimics the company’s login portal. What type of threat vector is being used?

Watering hole attack

Typosquatting

Spear phishing

Pretexting

Previous

Next

#2. An analyst in a SOC notices repeated DNS queries from a single internal host querying known malicious domains. Which technique is most effective in blocking this behavior?

URL filtering

DNS sinkholing

Geofencing

Port security

Previous

Next

#3. A company needs to ensure emails sent between executives are encrypted and signed to verify sender identity and prevent tampering. Which two cryptographic functions meet this need?

Hashing and salting

Digital signature and symmetric encryption

Digital signature and asymmetric encryption

Obfuscation and key stretching

Previous

Next

#4. A cloud administrator configures access so that users can only access specific systems during work hours and must authenticate using MFA. Which two access control methods are being enforced?

Discretionary and rule-based

Time-based and attribute-based

Mandatory and role-based

Least privilege and discretionary

Previous

Next

#5. A security team identifies an application that appears normal but installs a hidden process which disables endpoint protection and exfiltrates files. Which malware type is most likely involved?

Worm

Ransomware

Rootkit

Trojan

Previous

Next

#6. A company implements a policy requiring dual-person approval before releasing payroll funds. This is an example of which security control type?

Technical control

Preventive control

Corrective control

Detective control

Previous

Next

#7. A DevOps team uses infrastructure as code (IaC) to deploy configurations consistently across environments. Which risk does this approach primarily help reduce?

Credential reuse

Insider threat

Configuration drift

Lateral movement

Previous

Next

#8. An auditor asks to see logs from the previous year to verify that proper access controls were maintained. Which principle supports the ability to provide these logs?

Chain of custody

Retention policy

Role-based access

Incident response

Previous

Next

#9. A technician installs a host-based intrusion prevention system (HIPS) on all desktops. Which feature does this provide beyond traditional antivirus software?

User behavior analytics

Signature updates

Behavior-based detection

Patch management

Previous

Next

#10. A company uses ALE and ARO to calculate the potential annual cost of a data breach. Which risk management strategy is the company applying?

Qualitative analysis

Threat modeling

Quantitative analysis

Vulnerability assessment

Previous

Finish

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To view CompTIA Security+ practice tests on other days, click here.

To view answers for today’s questions, expand the Answers accordion below.