CompTIA Security+ Practice Test of the Day 071225

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.1 (Compare and contrast common threat actors and motivations) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 071225

10 questions • Single best answer

Question 1

A threat intelligence report describes a well-funded attacker group with significant resources and expertise that has targeted energy infrastructure across multiple countries for years, gathering intelligence on grid vulnerabilities for strategic advantage. Which threat actor type BEST describes this group?

A. Hacktivist B. Organized crime C. Nation-state D. Insider threat

Question 2

An attacker launches a web defacement attack against a government website using a freely available exploitation toolkit from a hacking forum. The attacker has limited technical knowledge and relies entirely on pre-built tools they do not fully understand. Which threat actor type BEST describes this attacker?

A. Nation-state B. Unskilled attacker C. Hacktivist D. Organized crime

Question 3

A group of politically motivated attackers breaches a petroleum company's website and replaces the homepage with messages condemning fossil fuel use. The group takes public credit and demands the company commit to renewable energy. Which threat actor type BEST describes this group?

A. Insider threat B. Organized crime C. Nation-state D. Hacktivist

Question 4

A disgruntled employee who just learned they are being laid off uses still-active administrator credentials to delete critical production database records before their last day. Which threat actor type BEST describes this individual?

A. Unskilled attacker B. Nation-state C. Shadow IT D. Insider threat

Question 5

A cybercriminal organization encrypts a hospital's patient records and demands $2 million in cryptocurrency for the decryption key, threatening to publish the data if payment is not received. Which motivation BEST describes this attacker?

A. Espionage B. Service disruption C. Financial gain D. Philosophical beliefs

Question 6

A foreign intelligence agency compromises a defense contractor's network over 18 months, quietly exfiltrating blueprints for next-generation military aircraft without the contractor's knowledge. Which threat actor motivation BEST describes this activity?

A. Financial gain B. Espionage C. Service disruption D. Revenge

Question 7

A competitor pays an attacker to infiltrate a pharmaceutical company's R&D network and exfiltrate clinical trial data and drug formulation documents, which are then delivered directly to the competitor. Which threat actor motivation BEST describes this campaign?

A. Espionage B. Service disruption C. Financial gain D. Data exfiltration

Question 8

During a geopolitical crisis, an attacker associated with a rival nation floods a country's financial exchange servers with traffic, halting trading for several hours. The attack appears coordinated with diplomatic tensions. Which motivation BEST describes this attack?

A. Financial gain B. Espionage C. Service disruption D. Blackmail

Question 9

An attacker exfiltrates 50,000 customer records from an e-commerce company and threatens to release them publicly unless the company pays $500,000 in cryptocurrency within 72 hours. Which motivation BEST describes this threat actor?

A. Data exfiltration B. Revenge C. Espionage D. Blackmail

Question 10

A threat intelligence report compares two groups: Group A has government-sponsored funding and access to zero-day exploits with teams of specialists. Group B uses free hacking toolkits and targets known vulnerabilities. Which attribute MOST clearly distinguishes Group A from Group B?