CompTIA Security+ Practice Test of the Day 061625

Welcome to today’s practice test!

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

 

Results

QUIZ START

#1. A security administrator at a financial institution notices an increase in phishing emails targeting employees. Which of the following would BEST help mitigate this threat?

A. Disable all external email communication

B. Implement DMARC and user awareness training

C. Deploy a next-generation firewall

D. Restrict USB port access on all endpoints

Previous

Next

#2. A security engineer needs to implement a secure method for exchanging keys over an insecure channel. Which solution should be used?

A. SHA-256

B. Diffie-Hellman

C. RSA with MD5

D. DES in ECB mode

Previous

Next

#3. Which of the following BEST describes a compensating control?

A. Prevents unauthorized access

B. Detects malicious activity

C. Serves as an alternative control when the primary cannot be used

D. Physically restricts access to secure areas

Previous

Next

#4. A security engineer configures a web application to use a wildcard certificate. What is the PRIMARY benefit?

A. Lower CPU usage during TLS negotiation

B. Supports multiple domains with a single certificate

C. Allows subdomain coverage with one certificate

D. Enables OCSP stapling

Previous

Next

#5. You are reviewing logs to identify a potential insider threat. Which activities MOST likely indicate insider threats? (Select all that apply):

Select all that apply:

A. External IP address detection

B. Off-hours activity spikes

C. Data transfer to external drives

D. System scan alerts

E. Concurrent access from multiple hosts

Previous

Next

#6. A security administrator at a healthcare organization needs to ensure that unauthorized personnel cannot tailgate into secure areas. Which of the following would be the MOST effective physical control?

A. Access control vestibule

B. Bollards

C. Security camera

D. Proximity badge

Previous

Next

#7. A security engineer is implementing Zero Trust in a hybrid cloud environment. Which of the following is a key component of this model?

A. Implicit trust within the data plane

B. Trust but verify policies

C. Role-based access control (RBAC)

D. Policy-driven access control via a policy engine

Previous

Next

#8. A company has been hit with ransomware that encrypted its file server. Which of the following mitigation techniques would BEST reduce the impact of future incidents?

A. Implement DLP

B. Segment the network

C. Conduct regular patching

D. Maintain encrypted, offline backups

Previous

Next

#9. A system administrator is deploying a mobile device management (MDM) solution. Which of the following deployment models allows users to select from a list of approved personal devices?

A. BYOD

B. COPE

C. CYOD

D. MAM

Previous

Next

#10. An attacker is impersonating a trusted vendor via a fake website designed to capture login credentials. What type of attack is this?

A. Typosquatting

B. Pharming

C. Phishing

D. Credential stuffing

Previous

Finish

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To view CompTIA Security+ practice tests on other days, click here.To view answers for today’s questions, expand the Answers accordion below.