CompTIA Security+ Practice Test of the Day 092525

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 3.1 (Compare and contrast security implications of different architecture models) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 092525

10 questions • Single best answer

Question 1

A network team implements VLANs to separate the finance, HR, and engineering departments on the same physical switch infrastructure. Traffic between VLANs is controlled by firewall policies. Which network infrastructure concept is described?

A. Physical isolation (air gap) B. Software-defined networking C. Logical segmentation D. High availability

Question 2

A network engineer uses a centralized controller to programmatically configure routing and access control policies across all network switches and routers from a single dashboard, without manually logging into each device. Which network infrastructure concept is described?

A. Logical segmentation B. High availability C. Software-defined networking (SDN) D. Physical isolation

Question 3

A medical device manufacturer embeds a small computer within a pacemaker that monitors heart rhythm and adjusts pacing as needed. The device has no wireless connectivity and runs purpose-built firmware with no user-modifiable OS. Which architecture type BEST describes this device?

A. IoT B. RTOS C. Embedded system D. Containerization

Question 4

A company moves its CRM application from an on-premises server to a SaaS provider. The CISO notes that the company no longer manages the infrastructure but must still manage user access, data classification, and data governance. Which architecture consideration MOST directly supports this decision?

A. Scalability B. Inability to patch C. Risk transference D. High availability

Question 5

A security architect is evaluating an organization's OT environment and finds that the SCADA systems controlling a water treatment plant cannot be updated without a multi-week vendor engagement and potential production shutdown. Which architecture consideration does this represent?

A. Ease of deployment B. Inability to patch C. Scalability D. Risk transference

Question 6

A cloud architect designs a web application to automatically spin up additional server instances when CPU utilization exceeds 80% and terminate them when demand drops. The application maintains performance during peak loads without manual intervention. Which architecture consideration does this design address?

A. Resilience B. Scalability C. Ease of recovery D. Cost

Question 7

An organization requires that its financial application remain operational even if an entire data center fails. The architecture team deploys the application across two geographically separated data centers with automated failover so that no single failure causes an outage. Which architecture consideration is being addressed?

A. Scalability B. Ease of deployment C. High availability D. Responsiveness

Question 8

A security team discovers that when a decommissioned virtual machine's storage volume was reassigned to a new VM, the new tenant was able to recover fragments of the previous VM's database records from the uncleared volume. Which architecture security consideration does this expose?

A. VM escape B. Inability to patch C. Resource reuse D. Shared responsibility

Question 9

A security architect notes that running all services as functions in a serverless cloud environment means the organization has no access to the underlying OS, cannot install endpoint detection agents, and cannot monitor at the OS level. Which architecture consideration does this represent?

A. Scalability B. Risk transference C. Responsiveness D. Compute

Question 10

A security team evaluates whether to virtualize additional servers. They note that running 20 VMs on one physical host means that a hypervisor compromise could expose all 20 VMs simultaneously. Which virtualization architecture security concern does this represent?