CompTIA Security+ Practice Test of the Day 091125

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.1 (Compare and contrast common threat actors and motivations) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 091125

10 questions • Single best answer

Question 1

A threat intelligence report notes an attacker group conducting financial fraud against banks has a hierarchical command structure, uses custom-built malware, and reinvests profits into acquiring new tools and talent. Which threat actor type BEST describes this group?

A. Hacktivist B. Nation-state C. Organized crime D. Unskilled attacker

Question 2

An environmental activist group defaces oil company websites, leaks internal emails about environmental violations, and disrupts operations to draw public attention to environmental damage. The group makes no financial demands. Which threat actor type BEST describes this group?

A. Organized crime B. Nation-state C. Insider threat D. Hacktivist

Question 3

A former employee fired after a workplace dispute uses credentials from an old contractor account that was never disabled to access source code repositories and delete key project files. Which motivation BEST describes this insider threat actor?

A. Financial gain B. Espionage C. Revenge D. Blackmail

Question 4

A ransomware group encrypts a city government's systems and threatens to publicly release citizen data unless a $3 million ransom is paid by a specific deadline. Which motivation BEST describes this attacker?

A. Philosophical beliefs B. Espionage C. Blackmail D. War

Question 5

An IT administrator installs an unsanctioned cloud storage app on her workstation without IT approval to make her work easier, unknowingly creating a potential data exfiltration path. Which concept BEST describes her behavior from a threat perspective?

A. Insider threat B. Hacktivist C. Shadow IT D. Organized crime

Question 6

A threat actor launches coordinated attacks against a foreign nation's water treatment systems, power grid, and communications networks during an international conflict, aiming to weaken civilian infrastructure. Which motivation BEST describes this campaign?

A. Financial gain B. Disruption/chaos C. Espionage D. War

Question 7

A lone hacker publicly releases confidential internal communications from a pharmaceutical company, claiming it is concealing dangerous drug side effects. The hacker makes no financial demands and states the release is to expose wrongdoing for the public good. Which motivation BEST describes this attacker?

A. Revenge B. Financial gain C. Ethical D. Espionage

Question 8

A security analyst compares two threat actors: Actor A is a nation-state group with government funding and access to zero-day exploits; Actor B is a hacktivist using freely available tools. Which attribute differentiates these actors MOST significantly?

A. Internal vs external B. Motivation C. Resources/funding D. Legal exposure

Question 9

A cybersecurity researcher discovers an attacker purchased pre-written malware and a list of targets from a darknet forum, then launched attacks without modifying any code. Which threat actor type BEST describes this attacker?

A. Organized crime B. Hacktivist C. Nation-state D. Unskilled attacker

Question 10

A threat intelligence report notes the attacker's goal is not financial — they want to create fear, confusion, and loss of public confidence in government institutions by attacking critical services at unpredictable times. Which motivation BEST describes this attacker?