CompTIA Security+ Practice Test of the Day 052125

Welcome to today’s practice test!

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

 

Results

QUIZ START

#1. A security administrator at a mid-sized company is implementing a control to prevent unauthorized access to a secure server room. Which of the following would be considered a physical deterrent control?

Biometric scanner

Security guard patrol

Role-based access control

File integrity monitoring

Previous

Next

#2. An analyst in a SOC observes multiple failed login attempts from different countries within seconds. What should the analyst consider first?

Brute-force attack

Credential stuffing

Impossible travel

Phishing attack

Previous

Next

#3. An attacker is attempting to exploit a web application using the input ‘ OR ‘1’=’1. Which vulnerability is the attacker targeting?

Cross-site scripting (XSS)

Buffer overflow

SQL injection

Session hijacking

Previous

Next

#4. A developer is using Infrastructure as Code (IaC) to deploy cloud services. What is the primary benefit of using IaC from a security perspective?

Easier patching of vulnerabilities

Improved visibility into endpoint configurations

Enforced consistency and repeatability in deployments

Faster bandwidth allocation

Previous

Next

#5. An attacker intercepts data transmitted over a public Wi-Fi network using a rogue access point. Which attack technique is this?

On-path attack

Denial-of-service

Credential stuffing

DNS poisoning

Previous

Next

#6. A system administrator needs to enforce multi-factor authentication on an internal application. Which combination BEST satisfies MFA requirements?

Username + Password

Smart card + PIN

Password + Security questions

Fingerprint + Username

Previous

Next

#7. An enterprise is choosing a backup strategy for mission-critical applications. Which option supports least downtime and immediate failover?

Cold site

Warm site

Hot site

Remote journaling

Previous

Next

#8. A security engineer uses hashing to validate the integrity of log files. What ensures that identical data always produces the same hash?

Initialization vector

Entropy

Deterministic algorithm

Ofuscation

Previous

Next

#9. A company adopts a policy that all user permissions must be removed within one hour of termination. This is an example of:

Just-in-time access

De-provisioning

Federation

Sementation

Previous

Next

#10. A security analyst needs to validate that a system no longer contains a known vulnerability. What action should they take?

Run a penetration test

Conduct a vulnerability scan

Perform a rescanning

Review threat intelligence feeds

Previous

Finish

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To view CompTIA Security+ practice tests on other days, click here.

To view answers for today’s questions, expand the Answers accordion below.