CompTIA Security+ Practice Test of the Day 082725

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 5.6 (Given a scenario, implement security awareness practices) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 082725

10 questions • Single best answer

Question 1

A security team sends simulated phishing emails to all 3,000 employees every quarter. Employees who click embedded links are automatically redirected to a brief training module explaining how to identify phishing. Click rates are tracked over time. What security awareness activity is this?

A. Tabletop exercise B. Phishing campaign C. Situational awareness drill D. Security policy acknowledgement

Question 2

An employee discovers a USB drive in the company parking lot and plugs it into their work laptop out of curiosity. The drive contains malware that begins spreading within minutes. Which security awareness topic directly addresses this type of behavior?

A. Social engineering recognition B. Operational security C. Removable media and cables D. Password management

Question 3

A remote employee connects their laptop to a coffee shop's public Wi-Fi and accesses corporate email and internal collaboration tools without using the company VPN. The security awareness program should specifically address which risk area for this scenario?

A. Insider threat recognition B. Removable media handling C. Hybrid and remote work environment security D. Social engineering via phone

Question 4

An employee notices their colleague has been printing large volumes of sensitive customer records and taking them home in a personal bag after hours. The employee is unsure whether to act. What should the security awareness program have trained the employee to do?

A. Confront the colleague directly B. Ignore the behavior since the colleague has legitimate access to the data C. Report the behavior through the established security incident reporting channel D. Document the behavior privately and wait to see if it recurs

Question 5

A security awareness program teaches employees to hover over links before clicking to verify the actual URL, examine the sender's email address for subtle misspellings, and be suspicious of urgent requests for credentials or payment. What type of attack is this training designed to help employees recognize?

A. Removable media attacks B. Social engineering via phone C. Phishing attempts D. Insider threats

Question 6

An employee receives a suspicious email that appears to be from IT asking them to reset their credentials via an embedded link. Rather than clicking, the employee forwards the email to the security team's designated reporting mailbox. What security awareness process does the employee's action represent?

A. Phishing campaign execution B. Anomalous behavior recognition C. Responding to and reporting suspicious messages D. Security policy acknowledgement

Question 7

A company publishes an updated employee handbook with sections covering acceptable IT use, password requirements, how to identify social engineering, data handling expectations, and the process for reporting security incidents. What security awareness component does this represent?

A. Phishing simulation campaign B. Policy and handbook guidance C. Situational awareness training D. Recurring security monitoring

Question 8

An employee installs a free productivity application on their work laptop from the internet, not realizing the app includes data-collecting components that exfiltrate keystrokes and clipboard contents to a third-party server. The employee genuinely believed the software was helpful. What type of anomalous behavior does this represent?

A. Risky behavior B. Unexpected behavior C. Unintentional behavior D. Insider threat

Question 9

A company requires new employees to complete security awareness training during their first week. All employees must then complete updated training every six months, and additional training is required after any significant security incident. What security awareness training approach is described?

A. Development and execution phases only B. Phishing simulation and tabletop exercises C. Initial and recurring training D. Situational awareness and policy acknowledgement

Question 10

A security awareness program trains employees to recognize when coworkers exhibit unusual patterns — such as accessing systems at 2 AM, attempting to reach files outside their job scope, copying large data volumes before a planned resignation, or asking probing questions about network architecture. What security awareness training area does this address?

A. Social engineering recognition B. Operational security C. Password management D. Insider threat awareness

CompTIA Security+ Practice Test of the Day 082725

Related Posts

Leave a Comment Cancel Reply