CompTIA Security+ Practice Test of the Day 052325

Welcome to today’s practice test!

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

 

Results

QUIZ START

#1. A security administrator at a mid-sized financial institution notices a spike in outbound traffic from a development server to a known malicious IP address. Upon investigation, the administrator finds the server was running an outdated CMS with a known SQL injection vulnerability. What type of threat actor is most likely involved in this attack?

A. Nation-state

B. Insider threat

C. Script kiddie

D. Hacktivist

Previous

Next

#2. An analyst in a SOC is reviewing the security of a hybrid cloud environment and recommends implementing a unified solution for internet access control, cloud security, and remote worker access. Which architecture best supports this recommendation?

A. VPN concentrator

B. Secure Access Service Edge (SASE)

C. Web Application Firewall (WAF)

D. SD-WAN

Previous

Next

#3. Scenario: A security engineer needs to apply least privilege to a new database administrator account. The engineer must enforce rules that prevent changes to system-level settings while allowing full access to database tables and views. Task: Choose the best access control model for this scenario:

A. Mandatory Access Control (MAC)

B. Discretionary Access Control (DAC)

C. Role-Based Access Control (RBAC)

D. Attribute-Based Access Control (ABAC)

Previous

Next

#4. A network engineer wants to ensure email messages are not altered in transit and that the sender cannot deny having sent them. Which of the following solutions should the engineer implement?

A. AES encryption

B. Digital signatures

C. Obfuscation

D. Steganography

Previous

Next

#5. A company identifies a security risk but determines the cost to mitigate it exceeds the potential impact. Instead, the company decides to monitor the risk. Which risk response strategy is the company using?

Transfer

Avoid

Accept

Mitigate

Previous

Next

#6. An attacker is attempting to breach an enterprise wireless network using a brute-force method to guess the pre-shared key. The company uses WPA3 encryption. Which feature of WPA3 helps defend against this attack?

A. Dynamic WEP

B. Simultaneous Authentication of Equals (SAE)

C. TKIP

D. RC4 stream cipher

Previous

Next

#7. An analyst in a SOC observes a single user account attempting multiple logins from different geolocations within seconds. What should be the next step?

A. Block the account temporarily

B. Ignore the alert

C. Change the user's password

D. Reboot the system

Previous

Next

#8. Scenario: You are tasked with segmenting a network to protect sensitive HR data and minimize exposure from other business units. Task: Choose the best segmentation technique:

A. VLAN

B. Air-gapping

C. DMZ

D. Port forwarding

Previous

Next

#9. A healthcare provider is subject to regulations that require safeguarding patient records. What type of data classification is this?

A. Trade secret

B. Regulated data

C. Public data

D. Proprietary data

Previous

Next

#10. An organization requires users to authenticate using both a password and a physical token. Which authentication type is being used?

A. Single sign-on

B. Multifactor authentication

C. Federation

D. Biometrics

Previous

Finish

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To view CompTIA Security+ practice tests on other days, click here.To view answers for today’s questions, expand the Answers accordion below.