CompTIA Security+ Practice Test of the Day 060225

Welcome to today’s practice test!

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

 

Results

QUIZ START

#1. A security administrator at a financial firm is implementing access controls for sensitive data. The data includes customer financial records, which should only be viewed by authorized personnel and not modified. What type of access control model should the administrator implement?

A. Discretionary Access Control (DAC)

B. Mandatory Access Control (MAC)

C. Role-Based Access Control (RBAC)

D. Attribute-Based Access Control (ABAC)

Next

#2. An attacker is performing a credential stuffing attack on a web portal. What control can best mitigate this type of attack?

A. CAPTCHA

B. IP whitelisting

C. Password complexity requirements

D. Rate limiting

Previous

Next

#3. An analyst in a SOC observes unusual activity: a host in the finance subnet is communicating with an IP address in a known malicious IP list. What should be the first step?

A. Block the IP address on the firewall

B. Shut down the host immediately

C. Alert the finance department

D. Isolate the host from the network

Previous

Next

#4. A cloud engineer is setting up a multi-cloud environment. Which of the following is most important for ensuring consistent access control across all providers?

A. Using shared encryption keys

B. Implementing Single Sign-On (SSO)

C. Setting up separate identity providers per cloud

D. Applying unique IAM policies for each cloud

Previous

Next

#5. An attacker exploits a race condition vulnerability. What type of attack did they most likely perform?

A. Cross-site scripting

B. Time-of-check to time-of-use

C. Privilege escalation

D. On-path attack

Previous

Next

#6. A security engineer is hardening an IoT device. Which of the following practices would be most effective?

A. Installing an antivirus

B. Disabling unused ports and protocols

C. Encrypting the hard drive

D. Enabling remote access for admin accounts

Previous

Next

#7. A network technician wants to ensure all DNS traffic is inspected for malicious domains. Which tool or method is most appropriate?

A. IDS

B. DNS sinkhole

C. Port scanner

D. Vulnerability scanner

Previous

Next

#8. A user reports a phishing email requesting their login credentials. What should be the organization’s immediate response?

A. Disable the user’s account

B. Launch a penetration test

C. Add the sender to the allow list

D. Submit the email to the incident response team

Previous

Next

#9. An attacker sends a crafted packet with a spoofed IP address that overwhelms a server. What type of attack is being used?

A. DNS spoofing

B. Reflected DDoS

C. ARP poisoning

D. Replay attack

Previous

Next

#10. Scenario: You’re an incident responder in an enterprise using a SIEM platform. You’re investigating alerts for brute force attempts on the VPN.

Select all that apply:

A. DNS logs

B. VPN logs

C. Web proxy logs

D. Firewall logs

E. Authentication logs

F. Patch management logs

Previous

Finish

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To view CompTIA Security+ practice tests on other days, click here.To view answers for today’s questions, expand the Answers accordion below.