The Cybersecurity Trail

A path to cyber mastery

Comptia Security+ Practice Tests

CompTIA Security+ Practice Test of the Day 260322

ByThe Test Master

Mar 22, 2026 #CompTIA, #Security+

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 4.5 (Given a scenario, modify enterprise capabilities to enhance security) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

Recommended read: Ultimate CompTIA Security+ Study Guide (2026)

CompTIA Security+ Practice Test of the Day 260322
10 questions • Single best answer
Question 1
A network engineer at a healthcare organization is redesigning the perimeter network architecture to improve security for publicly accessible services. The organization hosts web servers and application servers that must be reachable from the internet, but the engineer needs to ensure that a compromised public-facing server cannot be used to directly access the internal network where sensitive patient records databases are stored. The engineer plans to create a separate network segment, managed by firewalls on both the internet-facing and internal-facing sides, where these public servers will reside.
    Question 2
    A SOC analyst at a regional bank is evaluating the organization's intrusion detection system configuration. The security vendor has proposed an enhancement that would allow the IDS to detect attacks by comparing incoming network traffic and packet payloads against a database of known attack patterns that must be regularly updated as new vulnerabilities are discovered and exploits are published. The analyst notes that this detection approach performs well against known threats but may fail to detect novel or zero-day attack techniques that have not yet been catalogued.
      Question 3
      A security administrator at a law firm is evaluating web filtering solutions to enforce acceptable use policies and block access to malicious content. The firm has recently expanded its remote work program, and a significant portion of attorneys now connect to the internet directly from home networks without routing traffic through the corporate headquarters. The administrator needs a solution that enforces consistent web filtering policies on corporate laptops regardless of the user's physical location — whether on-premises or working remotely from a home network.
        Question 4
        A security engineer at a large retail company has discovered that fraudulent emails appearing to originate from the company's own domain are being delivered to customers. Attackers have been spoofing the company's domain to send phishing messages that trick customers into clicking malicious links. The engineer has already implemented SPF and DKIM records in DNS, but now wants to add a mechanism that explicitly instructs receiving mail servers on how to handle messages that fail those checks — quarantining or rejecting them outright — while also enabling the organization to receive reports about authentication failures from mail providers worldwide.
          Question 5
          A security engineer at a government contractor is tasked with implementing a control to detect unauthorized changes to critical operating system files, configuration files, and application binaries on production servers that handle sensitive project data. The requirement stems from a compliance audit that identified an inability to detect tampering events on servers, whether caused by insiders, malware, or external attackers who have gained unauthorized access. The engineer needs a solution that maintains a cryptographic baseline of known-good file states and generates alerts whenever files are modified, added, or deleted outside of an approved change window.
            Question 6
            The CISO of a multinational manufacturing company is conducting a review of the organization's security architecture. The current endpoint security solution collects detailed telemetry from laptops and workstations — including process activity, file changes, and network connections — but operates in isolation and does not correlate endpoint data with signals from the network security infrastructure, cloud workloads, or the email security gateway. The CISO wants a unified platform that automatically correlates threat signals across endpoints, network, cloud, and email into a single investigation timeline to reduce dwell time and accelerate analyst response.
              Question 7
              An IT security manager at an insurance company is implementing a security control to prevent employees and malware-infected endpoints from communicating with known malicious domains, command-and-control (C2) infrastructure, and newly registered phishing sites. The manager wants a solution that intercepts requests at the name resolution stage — before any TCP connection is established to the destination — so that even malware attempting to beacon out to attacker-controlled infrastructure can be blocked during the initial lookup phase rather than after the connection is already established.
                Question 8
                A compliance officer at a healthcare organization has discovered two distinct data exfiltration patterns during a recent internal investigation: employees copying patient health information (PHI) to personal USB flash drives at their workstations, and staff members emailing spreadsheets containing Social Security numbers to personal webmail accounts. The organization needs a technical control that can inspect the content of files and communications in real time, recognize sensitive data based on predefined patterns and classifiers, and actively block unauthorized data transfer attempts at both the endpoint and the network boundary.
                  Question 9
                  A network security engineer at a large university is implementing a solution to ensure that all devices connecting to the campus wired and wireless network meet minimum security requirements before being granted access to production resources. The solution must evaluate each connecting device's posture — including OS patch level, antivirus signature currency, and local firewall status — at the time of connection. Devices that do not meet the requirements should be automatically redirected to a separate remediation VLAN where they can download updates, while fully compliant devices are granted access to the main campus network.
                    Question 10
                    A systems administrator at a financial services company is auditing legacy services still running on production servers. She discovers that remote server administration is being conducted over Telnet, which transmits all traffic — including credentials and commands — in cleartext across the network. Additionally, scheduled file transfers between internal servers are occurring over FTP, which also sends usernames, passwords, and file contents without encryption. The administrator must replace both protocols with secure, encrypted alternatives that are appropriate for their respective functions and are widely supported in modern enterprise environments.
                      Answered: 0/10
                      Desk Mat CTA Block
                      Cybersecurity Acronyms Desk Mat

                      Tired of Googling acronyms while practicing/studying?
                      Keep them all under your keyboard.

                      📋 GET_THE_DESK_MAT

                      Take more CompTIA Security+ practice tests

                      Related Post

                      Comptia Security+ Practice Tests

                      CompTIA Security+ Practice Test of the Day 260410

                      Comptia Security+ Practice Tests

                      CompTIA Security+ Practice Test of the Day 260409

                      Comptia Security+ Practice Tests

                      CompTIA Security+ Practice Test of the Day 260408

                      One thought on “CompTIA Security+ Practice Test of the Day 260322”

                      1. I appreciate how this test is framed around Subdomain 4.5. It’s a crucial skill for anyone in cybersecurity, and it’s nice to have a resource that allows us to practice daily.

                        Reply

                      Leave a Reply

                      Your email address will not be published. Required fields are marked *

                      You missed

                      EC-Council CEH Practice Tests

                      CEH v13 Domain 2.2 Practice Test 002

                      April 16, 2026 The Test Master
                      EC-Council CEH Practice Tests

                      CEH v13 Domain 2.1 Practice Test 002

                      April 16, 2026 The Test Master
                      EC-Council CEH Practice Tests

                      CEH v13 Domain 1.1 Practice Test 002

                      April 16, 2026 The Test Master
                      EC-Council CEH Practice Tests

                      CEH v13 Domain 9.1 Practice Test 001

                      April 16, 2026 The Test Master