CompTIA Security+ Practice Test of the Day 090825

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 1.4 (Explain the importance of using appropriate cryptographic solutions) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 090825

10 questions • Single best answer

Question 1

Two parties need to establish a shared symmetric encryption key over an untrusted network without any prior shared secrets. Which cryptographic method BEST enables this?

A. RSA digital signature B. Hashing C. Diffie-Hellman key exchange D. Salting

Question 2

A security policy requires all data on company laptops be encrypted at the disk level so that if a device is stolen and the drive removed, its contents remain unreadable. Which encryption level BEST describes this requirement?

A. File encryption B. Volume encryption C. Record encryption D. Full-disk encryption

Question 3

A developer creates a self-signed certificate for internal testing of a web application. Browsers display a security warning when users navigate to the site. Why do browsers warn users about self-signed certificates?

A. Self-signed certificates use weaker encryption algorithms than CA-issued certificates B. Self-signed certificates cannot be used with HTTPS connections C. Self-signed certificates are not trusted because they lack third-party validation by a recognized CA D. Self-signed certificates do not support subject alternative names

Question 4

A government agency requires that encryption keys protecting classified data be held by a trusted third party so authorized officials can recover them if an employee becomes unavailable or uncooperative. Which cryptographic concept describes this arrangement?

A. Key stretching B. Key escrow C. Root of trust D. Key management system

Question 5

A web developer needs a CA-signed certificate for a new company website. She generates a document containing her public key and domain identity information and submits it to the certificate authority for signing. Which document did she create?

A. Certificate revocation list B. Root certificate C. Certificate signing request D. OCSP response

Question 6

An auditing firm needs a record-keeping system where entries cannot be altered retroactively, each entry cryptographically references the previous one, and no single entity controls the data. Which technology BEST meets this requirement?

A. Key management system B. Hardware Security Module C. Digital signatures D. Blockchain

Question 7

A mobile device manufacturer isolates biometric processing and encryption key storage in a protected processor area that is separate from the main OS and inaccessible to most applications. Which component is described?

A. Trusted Platform Module (TPM) B. Hardware Security Module (HSM) C. Key management system D. Secure enclave

Question 8

A security team needs to verify that a certificate presented by a remote server was signed by a trusted CA and that the signing chain leads back to a root certificate they explicitly trust. Which PKI concept describes this chain of verification?

A. Key escrow B. Certificate revocation list C. Root of trust D. OCSP stapling

Question 9

An organization deploys a system allowing administrators to centrally generate, distribute, store, rotate, and revoke cryptographic keys across multiple applications and cloud environments. Which cryptographic tool BEST describes this system?

A. Hardware Security Module (HSM) B. Key management system C. Trusted Platform Module (TPM) D. Secure enclave

Question 10

A security engineer wants to verify that a message was sent by a specific party and that its contents were not altered in transit, without encrypting the message body itself. Which cryptographic technique BEST meets this need?

A. Symmetric encryption B. Salting C. Key escrow D. Digital signature

Tired of Googling acronyms while practicing/studying?
Keep them all under your keyboard.

📋 GET_THE_DESK_MAT

Take more CompTIA Security+ practice tests

CompTIA Security+ Practice Test of the Day 090825

Related Posts

Leave a Comment Cancel Reply