Welcome to today’s practice test!
This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.
These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.
Click the button below to start today’s practice exam.
Results
#1. A security analyst at a financial institution detects irregular outbound traffic on TCP port 443 from a user workstation. The traffic is encrypted and being sent to an unknown external IP address. What is the most likely explanation for this behavior?
#2. An organization implements time-of-day restrictions for access to its payroll system. What type of access control is this?
#3. A company is transitioning to a microservices architecture. Which of the following is the most critical security consideration for this model?
#4. Which cryptographic method is used to verify data integrity and authenticity but does not encrypt the data itself?
#5. A risk assessment reveals that an unpatched web server could be exploited, but the business decides not to act immediately due to budget constraints. What risk response strategy is this?
#6. A company is using a third-party SaaS application to handle customer data. What is the most critical concern from a security perspective?
#7. Which authentication factor is demonstrated by a smart card that must be inserted before system access?
#8. A company mandates annual phishing training for all employees. This is an example of which security governance element?
#9. A security administrator at a manufacturing firm needs to protect an embedded system that cannot be patched frequently. Which technique is most appropriate for securing the system?
#10. Which tool would best help a security analyst identify large volumes of outbound DNS queries to suspicious domains from a compromised host?
Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.
To view CompTIA Security+ practice tests on other days, click here.To view answers and explanations for today’s questions, expand the Answers accordion below.
Answers
| Number | Answer | Explanation |
|---|---|---|
| 1 | C | Encrypted outbound traffic on port 443 to an unknown IP often indicates C2 activity. Most organizations allow outbound HTTPS through their firewalls, so attackers abuse this. Legitimate browsing usually goes to known domains, and VPNs (virtual private networks) are typically registered or documented. |
| 2 | B | Rule-based access controls rely on specific rules, such as time or IP restrictions. Role-based is based on user roles, and discretionary allows owners to define access. |
| 3 | C | In microservices, secure APIs are essential to prevent lateral movement between services. |
| 4 | B | Digital signatures provide authentication and integrity, not confidentiality. Symmetric encryption encrypts data for confidentiality but does not provide authenticity or integrity on its own. Tokenization replaces sensitive data with tokens. It’s a data protection method, not a cryptographic verification tool. Steganography hides data within other media. It doesn’t verify integrity or authenticity. |
| 5 | C | Accepting a risk means acknowledging it without taking immediate action due to certain limitations, like budget constraints. |
| 6 | A | Knowing where data is stored is critical for legal and compliance reasons. Application speed affects performance, not security or compliance. User interface design impacts usability, not data protection. Licensing model relates to cost and usage terms, not security risks. |
| 7 | C | A smart card is a physical object, making it “something you have.” |
| 8 | D | Regular training increases security awareness and mitigates user-related risks. |
| 9 | D | For as long as it’s lightweight and compatible, a HIPS can be installed on an embedded system to provide real-time protection where frequent patching isn’t feasible. Decommissioning removes the system, which isn’t applicable here. Code obfuscation makes reverse engineering harder but doesn’t actively prevent intrusions. |
| 10 | B | A SIEM collects and correlates log data, including DNS traffic, to identify anomalies. Vulnerability scanner detects system weaknesses, not live DNS traffic patterns. Password cracker attempts to break passwords, unrelated to network traffic analysis. Port scanner identifies open ports, not DNS query behavior. |