CompTIA Security+ Practice Test of the Day 260424

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 1.1 (Compare and contrast various types of security controls) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260424

10 questions • Single best answer

Question 1

An IT auditor reviewing a healthcare company's security program categorizes controls into groups based on how they are implemented. Firewalls and ACLs fall into one group; security policies and risk assessments fall into another; guards and fences fall into a third. Which three categories are represented, respectively?

A. Preventive, detective, corrective B. Technical, managerial, physical C. Operational, technical, managerial D. Physical, technical, operational

Question 2

A network engineer configures a firewall to block all inbound traffic on port 23 (Telnet) and restricts outbound connections to only approved destination IPs. Which control type does this firewall configuration represent?

A. Detective B. Corrective C. Preventive D. Compensating

Question 3

A company places signs at its data center entrance warning that the area is monitored, all access is logged, and unauthorized entry will result in prosecution. No technical enforcement occurs at the sign location itself. Which control type do these signs represent?

A. Preventive B. Deterrent C. Directive D. Detective

Question 4

A SIEM platform aggregates logs from all network devices and alerts the security team whenever a single user account attempts to authenticate to 10 or more systems within a 5-minute window. Which control type does this SIEM alerting function represent?

A. Preventive B. Corrective C. Compensating D. Detective

Question 5

After a malware infection is identified on a workstation, the incident response team isolates the device, runs an antivirus scan to remove the malware, and restores the system from a clean backup. Which control type describes these post-incident actions?

A. Preventive B. Deterrent C. Corrective D. Directive

Question 6

A legacy industrial control system cannot be patched because the vendor no longer supports its OS. Rather than immediately replacing it, the security team places it in an isolated network segment with no internet access and blocks all unsolicited inbound connections. Which control type does this represent?

A. Directive B. Detective C. Preventive D. Compensating

Question 7

A company publishes a policy requiring all employees to lock their workstations when stepping away and mandates completion of an annual security awareness training course. Which control type do these policy requirements represent?

A. Deterrent B. Preventive C. Directive D. Detective

Question 8

A data center installs anti-ram barriers in the parking lot, deploys motion-activated lighting around the perimeter, and requires all visitors to pass through an access control vestibule before entering the facility. Which security control category encompasses all of these measures?

A. Technical B. Operational C. Managerial D. Physical

Question 9

A CISO conducts an annual risk assessment, updates the organization's information security policies to reflect new regulatory requirements, and establishes a compliance monitoring program. Which control category do these governance-focused activities represent?

A. Technical B. Operational C. Physical D. Managerial

Question 10

A bank deploys a CCTV system that records all activity in the trading floor and server room. When unauthorized access is suspected, the recordings are used to identify what occurred and who was responsible. Which control category AND type does this CCTV system represent?

A. Technical and preventive B. Physical and corrective C. Physical and detective D. Operational and detective

Tired of Googling acronyms while practicing/studying?
Keep them all under your keyboard.

📋 GET_THE_DESK_MAT

Take more CompTIA Security+ practice tests

CompTIA Security+ Practice Test of the Day 260424

Related Posts

Leave a Comment Cancel Reply