CompTIA Security+ Practice Test of the Day 092725

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 3.2 (Given a scenario, apply security principles to secure enterprise infrastructure) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 092725

10 questions • Single best answer

Question 1

An IDS sensor is connected to a network tap and receives a mirrored copy of all traffic passing through a core switch. The sensor analyzes traffic and generates alerts but cannot drop packets or terminate connections. Which device deployment mode is described?

A. Inline / Active B. Agentless C. Passive / Tap mode D. Out-of-band management

Question 2

A security architect places web servers in a network zone that is accessible from the internet but separated from the internal corporate network by a firewall. Internal resources remain unreachable from this zone. Which network design concept is described?

A. Air gap B. Zero Trust C. DMZ D. SD-WAN

Question 3

A network appliance distributes incoming HTTPS requests across five web servers based on current server load, ensuring no single server is overwhelmed. It also terminates SSL at the appliance layer, decrypting traffic before forwarding it to backend servers. Which appliance is described?

A. Jump server B. Forward proxy C. IDS sensor D. Load balancer

Question 4

An organization deploys a single appliance that combines stateful firewall, IPS, antivirus, web content filtering, and VPN concentrator capabilities into one integrated device. Which network appliance type is described?

A. Next-generation firewall (NGFW) B. Web application firewall (WAF) C. Unified threat management (UTM) D. Stateless firewall

Question 5

A security engineer configures a firewall to fail-open during a hardware fault. When the firewall fails, all traffic is permitted without inspection, and business operations continue uninterrupted. Which failure mode behavior does this represent?

A. Fail-closed B. Active/passive failover C. Fail-open D. Stateful operation

Question 6

A company deploys a cloud-native architecture that routes all remote user traffic through a cloud-delivered security stack — including CASB, SWG, and Zero Trust network access — without backhauling traffic to a corporate data center. Which secure networking model is described?

A. SD-WAN B. SASE C. VPN D. TLS

Question 7

A network architect replaces dedicated MPLS circuits between branch offices and the data center with broadband internet links managed by a centralized software controller that selects optimal paths and applies QoS policies dynamically. Which technology is described?

A. SASE B. VPN C. SD-WAN D. TLS

Question 8

A security architect analyzes the attack surface of an internet-facing network. The team notes that each device placed at the perimeter — such as VPN concentrators, load balancers, and firewalls — represents a potential target. Minimizing exposed services reduces exploitable entry points. Which security principle guides device placement decisions?

A. Defense in depth B. Least functionality C. Attack surface reduction D. Zero Trust

Question 9

A server handles inbound HTTPS requests from external clients on behalf of multiple internal application servers. External clients connect to the appliance's IP, which then forwards requests to the appropriate backend server — shielding internal server addresses from the internet. Which device type is described?

A. Forward proxy B. Reverse proxy C. Jump server D. VPN concentrator

Question 10

A developer's application authenticates to a payment API over HTTPS. The connection negotiates a cipher suite, authenticates the server's identity via its certificate, and encrypts all transmitted cardholder data between the application and the payment service. Which protocol enables this secure communication?