CompTIA Security+ Practice Test of the Day 061025

Welcome to today’s practice test!

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

 

Results

QUIZ START

#1. A security administrator at a mid-sized company is conducting a gap analysis on the organization’s current security controls. The goal is to identify areas where existing controls do not meet the required compliance standards. Which of the following is the primary purpose of performing a gap analysis?

A. To assess the effectiveness of existing monitoring tools

B. To determine the residual risk after mitigation

C. To identify discrepancies between current and desired states

D. To develop encryption key management processes

Previous

Next

#2. An attacker is attempting to perform a credential replay attack against an enterprise network. Which of the following controls would be most effective at mitigating this attack?

A. Network segmentation

B. Mutual TLS authentication

C. Single sign-on

D. Using one-time passwords (OTP)

Previous

Next

#3. A security analyst in a SOC observes outbound DNS traffic directed to unexpected domains. Investigation reveals that malware is using DNS tunneling to exfiltrate data. Which of the following techniques should be implemented to block this activity?

A. Configure DNSSEC

B. Enable DNS filtering

C. Enforce 802.1X on all ports

D. Deploy DMARC records

Previous

Next

#4. A cloud administrator is configuring encryption for data stored in an IaaS environment. Which of the following should the administrator use to protect data at rest?

A. TLS

B. VPN

C. AES-256

D. HTTPS

Previous

Next

#5. An IT manager wants to implement a system to ensure that authorization policies are enforced consistently across all network resources and that access is granted based on dynamic policies. Which of the following concepts should be implemented?

A. Zero Trust Architecture

B. SAML federation

C. VPN with MFA

D. Attribute-based access control (ABAC)

Previous

Next

#6. An organization implements tokenization to protect sensitive payment data during transaction processing. Which of the following best describes tokenization?

A. Encrypting data with symmetric keys

B. Hashing sensitive data with a salt

C. Replacing sensitive data with a non-sensitive equivalent

D. Splitting data into multiple fragments

Previous

Next

#7. An engineer is configuring segmentation in a software-defined networking (SDN) environment. Which of the following components enforces security policies at the data plane?

A. Policy Engine

B. Policy Administrator

C. Policy Enforcement Point

D. Control Plane

Previous

Next

#8. A developer is tasked with ensuring the integrity of data transmitted between two web services. Which of the following techniques should be implemented?

A. Digital signatures

B. AES encryption

C. TLS VPN

D. Data masking

Previous

Next

#9. A security administrator wants to implement a passwordless authentication method using a smartphone app. Which of the following would BEST support this goal?

A. Security tokens

B. Certificate-based authentication

C. Push-based multifactor authentication

D. Static passwords

Previous

Next

#10. A security administrator is asked to secure the organization’s remote access. Select two controls that would BEST enhance remote access security

Select all that apply:

VPN with split tunneling

MFA

Public Wi-Fi restriction

Static IP assignment

SSO without MFA

Previous

Finish

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To view CompTIA Security+ practice tests on other days, click here.

To view answers for today’s questions, expand the Answers accordion below.