Welcome to today’s practice test!
Today’s practice test is based on Domain 4.7 (Explain the importance of automation and orchestration related to secure operations.) from the CompTIA Security+ SY0-701 objectives.
This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.
These questions are not official exam questions, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.
Click the button below to start today’s practice exam.
Select all that apply:Results
#1. A security administrator at a financial institution wants to ensure that all newly created virtual machines are configured with a secure baseline automatically. Which of the following best addresses this requirement?
#2. An analyst in a SOC needs to streamline ticket generation for repeated malware alerts in the EDR system. What type of security solution would best meet this requirement?
#3. A DevOps team implements scripts that enforce tagging of cloud resources and alert on policy violations. Which automation benefit is MOST aligned with this?
#4. Which of the following is a potential downside of security automation if not properly managed?
#5. A cloud administrator wants to integrate their IAM system with automated deprovisioning. What should they prioritize?
#6. Which of the following is the BEST justification for adopting automation in incident response?
#7. Which of the following would MOST likely reduce manual workloads by streamlining repetitive tasks in a SOC?
#8. An IT department has trouble managing multiple custom automation scripts written over the years by different teams. Which concern does this scenario illustrate?
#9. You’re tasked with automating deactivation of accounts when users leave the company. Task: Select all appropriate automation steps: (Select all that apply)
#10. A company uses automated scripts to spin up new environments for each software deployment. This supports which DevSecOps goal?
Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.
To view CompTIA Security+ practice tests on other days, click here.To view answers and explanations for today’s questions, expand the Answers accordion below.
Answers
| Number | Answer | Explanation |
|---|---|---|
| 1 | B | IaC allows secure configurations to be automatically applied when new resources are provisioned. Manual scripts lack standardization and auditing. Configuration auditing is reactive. Scanning does not configure systems. |
| 2 | B | SOAR (Security Orchestration, Automation, and Response) platforms automate and orchestrate security workflows, including ticketing and escalation. SIEM focuses more on aggregation and correlation. NIDS and WAF are specific detection/protection tools. |
| 3 | A | The most direct and aligned benefit of implementing scripts that enforce tagging and alert on policy violations is the establishment of guard rails. These automated mechanisms serve to define and maintain the desired state and operational boundaries within your cloud environment, proactively preventing or quickly detecting non-compliance. The other options are more like byproducts. |
| 4 | C | Over-reliance on a single orchestrated process or tool introduces risk if it fails. Other options are benefits, not downsides. |
| 5 | D | APIs (application programming interfaces) allow systems like IAM to integrate with orchestration tools for automated user provisioning and deprovisioning. |
| 6 | C | Automation reduces variability in response actions, increasing consistency. It augments, not replaces, human analysts or SIEMs. |
| 7 | C | SOAR systems automate repetitive incident response actions, easing SOC burden. Other tools are valuable but not designed to streamline workflows. A jump server is a secure, hardened server used as an intermediary to access other servers or devices within a private network. Static code analysis is a method of analyzing source code (or compiled code) for potential vulnerabilities without actually executing the program. A vulnerability scanner automatically identifies security weaknesses or misconfigurations in networks, systems, and applications. |
| 8 | A | Technical debt stems from quick, uncoordinated solutions implemented now that create significant maintenance burden, inefficiencies, costs in the future. The proliferation of unmanaged, inconsistent custom scripts is an example of that debt. A lack of standardization is a cause of the problem, but it’s not the overarching concern (technical debt). The situation describes increased complexity, not its reduction. Guard rails are preventative controls. While their absence might contribute to the problem, the core issue described (caused by existing messy scripts) is the resulting technical debt. |
| 9 | A, C, D | These steps support automation: detecting HR triggers, disabling access, and tracking via IAM ticketing. Manual review and backups are unrelated. |
| 10 | C | Automation allows testing environments to be created as part of CI pipelines, enhancing security and development workflows. |