CompTIA Security+ Practice Test of the Day 060425

Welcome to today’s practice test!

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

 

Results

QUIZ START

#1. A security administrator at a mid-sized company needs to restrict access to a legacy web application to internal IP addresses only. Which of the following should be implemented to meet this requirement?

A. Web application firewall

B. Network access control

C. IP allow list on the application firewall

D. VLAN segmentation

Previous

Next

#2. An attacker is attempting to execute a time-of-use attack on a shared resource within an application. Which mitigation technique would best address this vulnerability?

A. Input validation

B. Race condition checks

C. Patch management

D. Encryption

Previous

Next

#3. An analyst in a SOC observes multiple failed login attempts followed by a successful login from a foreign IP. Which indicator best suggests an account compromise?

A. Excessive resource consumption

B. Impossible travel

C. Blocked content

D. Out-of-cycle logging

Previous

Next

#4. A company plans to use symmetric encryption for internal file transfers. Which key management practice is most critical in this scenario?

A. Use of certificate revocation lists

B. Secure key exchange

C. Certificate signing request generation

D. OCSP stapling

Previous

Next

#5. A security administrator is configuring a DMARC policy to enhance email security. What is the primary goal of this implementation?

A. Encrypt outbound email

B. Authenticate the sender’s domain

C. Prevent spam filters from blocking email

D. Route emails through a secure tunnel

Previous

Next

#6. A company is evaluating different cloud providers. Which agreement ensures the provider meets minimum uptime and response time commitments?

A. MOU

B. SLA

C. NDA

D. BPA

Previous

Next

#7. An attacker has successfully exploited a SQL injection vulnerability. Which of the following was most likely lacking in the application?

A. Proper logging

B. Input sanitization

C. Encrypted database

D. Session timeout

Previous

Next

#8. A technician is setting up wireless access using WPA3. Which feature of WPA3 enhances resistance to offline password attacks?

A. TKIP

B. PSK

C. SAE

D. WPS

Previous

Next

#9. A data center experiences a power outage, but systems remain online. What component is most likely responsible for this resilience?

A. RAID 5

B. SD-WAN

C. Load balancer

D. UPS

Previous

Next

#10. You are responsible for securing access to the internal payroll system. Users must authenticate using a token and a password. Access should be granted only during business hours, and permissions must be based on the user’s job role.

A. Implement RBAC

B. Enforce time-of-day access restrictions

C. Require multifactor authentication

D. Use discretionary access control

E. Configure biometric login

Previous

Finish

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To view CompTIA Security+ practice tests on other days, click here.To view answers for today’s questions, expand the Answers accordion below.