CompTIA Security+ Practice Test of the Day 092325

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.5 (Explain the purpose of mitigation techniques used to secure the enterprise) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 092325

10 questions • Single best answer

Question 1

An audit finds that a network administrator's account has full read/write access to all file shares, databases, and cloud resources — even those unrelated to their role. A security engineer restricts the account to only the resources the administrator manages. Which mitigation principle was applied?

A. Segmentation B. Isolation C. Least privilege D. Configuration enforcement

Question 2

A SOC implements a SIEM that aggregates logs from all endpoints, firewalls, and cloud services. The system continuously analyzes events, correlates alerts, and notifies analysts of suspicious patterns in real time. Which mitigation technique does the SIEM primarily provide?

A. Patching B. Configuration enforcement C. Application allow list D. Monitoring

Question 3

A security engineer deploys a host-based intrusion prevention system (HIPS) on all servers. The HIPS monitors system calls and process behavior in real time, automatically blocking actions that match known attack patterns — such as process injection or unauthorized registry modifications. Which hardening technique is described?

A. Host-based firewall B. Installation of endpoint protection C. Host-based IPS D. Disabling ports/protocols

Question 4

A system administrator images new servers from a hardened baseline template, then enforces that template using a configuration management tool that detects and corrects any unauthorized changes within minutes of occurrence. Which mitigation technique is described?

A. Patching B. Monitoring C. Decommissioning D. Configuration enforcement

Question 5

A security team audits new servers and discovers each ships with a default admin account and password 'admin123'. The team immediately replaces all default credentials with unique, complex passwords before connecting the servers to the network. Which hardening technique is described?

A. Disabling ports/protocols B. Default password changes C. Configuration enforcement D. Removal of unnecessary software

Question 6

A security team discovers that new workstations ship with a preinstalled trial version of antivirus software, a manufacturer's app store client, and several utilities that the organization does not use. The team creates an imaged baseline with all third-party preinstalled software removed. Which hardening technique is described?

A. Default password changes B. Host-based firewall C. Removal of unnecessary software D. Application allow list

Question 7

A financial institution encrypts all data transmitted between branch offices and the data center using TLS, and encrypts all data stored in cloud databases at rest. Which mitigation technique is being applied to protect data confidentiality?

A. Patching B. Monitoring C. Encryption D. Segmentation

Question 8

A router has 14 open TCP ports. A security review reveals only 3 are needed for the router's role. The team closes the remaining 11 ports by disabling the associated services. Which mitigation goal does this BEST represent?

A. Enabling monitoring B. Enforcing least privilege C. Reducing the attack surface D. Providing encryption

Question 9

A network access control policy requires that all devices connecting to the corporate network authenticate using 802.1X before being granted network access. Unauthorized or non-compliant devices are placed in a quarantine VLAN. Which access control mitigation is described?

A. Application allow list B. Encryption C. Access control — ACL D. Segmentation

Question 10

A security engineer reviews file system permissions and finds that the web server process runs as root and has read/write access to system directories it does not need. The engineer changes the process to run as a low-privilege service account with access only to the web root directory. Which mitigation technique was applied?