Welcome to today’s practice test!
This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.
These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.
Click the button below to start today’s practice exam.
Results
#1. A security administrator at a hybrid cloud organization is implementing multifactor authentication (MFA) for remote access. Which of the following combinations BEST meets MFA requirements?
#2. An attacker is attempting to exploit a web application by inserting OR ‘1’=’1′ into a login form. What type of attack is this?
#3. Which control type is being implemented when a company installs surveillance cameras and posts signage warning about monitoring?
#4. An analyst must recommend secure protocols for email transmission. Which combination BEST ensures secure email delivery and sender authenticity?
#5. A remote user is authenticated using SAML. Which component initiates the authentication request?
#6. A security engineer is setting up automated remediation based on alert thresholds. Which concept does this illustrate?
#7. A process in a virtual machine is found to be escaping its environment to access the host OS. What vulnerability is being exploited?
#8. An organization is planning to migrate its workload to a cloud provider. The CISO is concerned about vendor lock-in and risk transference. Which cloud deployment model best mitigates these concerns?
#9. A security manager wants to implement a control that alerts on unusual behavior but does not stop the action. Which control type best fits this need?
#10. An analyst in a SOC observes several failed login attempts across multiple accounts followed by successful logins to the same accounts from foreign IP addresses. What should be the analyst’s initial response?
Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.
To view CompTIA Security+ practice tests on other days, click here.To view answers and explanations for today’s questions, expand the Answers accordion below.
Answers
| Number | Answer | Explanation |
|---|---|---|
| 1 | A | MFA requires two or more different factor types (something you know, have, or are). Smart card (have) + fingerprint (are) qualifies. A and B use only “something you know,” and D uses only “something you are.” |
| 2 | C | Inserting OR '1'='1' tricks the SQL query into always returning true, potentially bypassing login checks — a classic SQL injection attack. |
| 3 | C | Cameras and signage deter bad actors. Detective finds incidents after the fact; corrective remediates them. Compensating is used in place of a required control when the original one isn’t feasible, but it still meets the intent and security level of the original. |
| 4 | B | SMTP with TLS secures the transmission; DKIM provides sender authenticity. SMTP + IMAP doesn’t provide data-in-transit encryption by default. POP3 is outdated; SPF helps with spoofing but not encryption. SNMP is for network devices, not email; S/MIME secures email content but not delivery path. |
| 5 | D | In SAML, it’s the Service Provider that initiates the request to the Identity Provider for authentication. |
| 6 | D | Orchestration integrates processes and automation to streamline responses, often in SOAR platforms. Data classification labels data by sensitivity; not related to automated response. Scripting involves writing code, but orchestration is broader (ties scripts into workflows). Anomaly detection identifies unusual behavior; it triggers alerts, but not automated remediation. |
| 7 | D | VM escape occurs when a guest VM interacts directly with the host, breaking isolation. |
| 8 | A | Multi-cloud uses multiple providers, reducing dependence on a single vendor and distributing risk. Private cloud avoids external vendors but doesn’t address vendor lock-in. (A single) Public cloud increases the risk of vendor lock-in. Hybrid cloud mixes private and public but may still rely heavily on one vendor. |
| 9 | B | Detective controls alert on incidents after they occur, enabling monitoring. Preventive controls block threat actions. Corrective controls attempt to remediate issues. Deterrent controls aim to discourage actions but don’t detect them. |
| 10 | C | Locking compromised accounts halts unauthorized access immediately. A disk wipe is extreme and may destroy forensic evidence. Disabling all outbound traffic affects business operations. Rebooting does not address the unauthorized access. |