CompTIA Security+ Practice Test of the Day 082825

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 1.1 (Compare and contrast various types of security controls) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 082825

10 questions • Single best answer

Question 1

A cloud security engineer deploys a web application firewall (WAF) in front of the company's customer portal to block SQL injection and XSS attacks before they reach the application layer. Which control category and type combination BEST describes the WAF?

A. Managerial / Preventive B. Technical / Detective C. Operational / Preventive D. Technical / Preventive

Question 2

A security manager creates a formal written policy mandating that HR verify employment history and criminal records for all new hires before system access is granted. The policy is board-approved and published in governance documentation. Which control category BEST describes this policy?

A. Technical B. Physical C. Managerial D. Operational

Question 3

A manufacturing plant surrounds its facility with an 8-foot chain-link fence topped with barbed wire. The security team notes the fence doesn't physically stop a determined attacker but makes unauthorized access visually obvious and psychologically discouraging. Which control type BEST describes the fence?

A. Preventive B. Deterrent C. Detective D. Corrective

Question 4

A network security team deploys an IDS that monitors east-west traffic between internal segments and generates alerts when anomalous patterns are observed, but takes no automated action to block traffic. Which control type BEST describes an IDS in this configuration?

A. Preventive B. Compensating C. Corrective D. Detective

Question 5

A ransomware attack encrypts files on a file server. After the threat is contained, the IR team restores the affected server from a clean backup, patches the exploited vulnerability, and verifies integrity before returning the system to production. Which control type BEST describes the backup restoration process?

A. Preventive B. Detective C. Compensating D. Corrective

Question 6

A critical OT environment runs legacy SCADA systems that cannot be patched due to vendor restrictions. The security team implements strict network segmentation, unidirectional data diodes, and 24/7 SOC monitoring as alternative safeguards. Which control type BEST describes these alternative measures?

A. Directive B. Deterrent C. Corrective D. Compensating

Question 7

A financial institution's acceptable use policy (AUP) prohibits employees from accessing personal email, social media, or streaming sites on corporate devices. Employees acknowledge the policy annually with a signature. Which control type BEST describes the AUP?

A. Preventive B. Detective C. Deterrent D. Directive

Question 8

An organization enables full-disk encryption on all employee laptops using a centrally managed key. If a device is lost or stolen, the stored data remains unreadable to anyone without the correct credentials. Which control category and type combination BEST describes full-disk encryption?

A. Physical / Corrective B. Operational / Preventive C. Technical / Preventive D. Technical / Corrective

Question 9

After a fire suppression system activates in a server room, IT staff follow documented recovery procedures to assess hardware damage, replace failed components, and restore systems from backup before returning services to production. Which control type BEST describes the documented recovery procedures?

A. Preventive B. Detective C. Compensating D. Corrective

Question 10

A SOC analyst reviews badge access logs and finds a data center entry at 2 AM by an employee whose role does not require after-hours access. An automated alert was generated and sent to the SOC team for investigation. Which control type is BEST represented by the badge access logging and alerting system?

A. Preventive B. Directive C. Corrective D. Detective

Tired of Googling acronyms while practicing/studying?
Keep them all under your keyboard.

📋 GET_THE_DESK_MAT

Take more CompTIA Security+ practice tests

CompTIA Security+ Practice Test of the Day 082825

Related Posts

Leave a Comment Cancel Reply