CompTIA Security+ Practice Test of the Day 260429

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.1 (Compare and contrast common threat actors and motivations) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260429

10 questions • Single best answer

Question 1

A SOC analyst at a regional electric utility is investigating a months-long intrusion that exhibits highly coordinated reconnaissance, custom-built malware, and exploitation of zero-day vulnerabilities in SCADA systems. The attacker demonstrates significant financial backing, advanced technical capability, and an apparent goal of gathering intelligence on critical infrastructure operations. Which threat actor type BEST describes this attacker?

A. Nation-state B. Organized crime C. Hacktivist D. Unskilled attacker

Question 2

An employee in a finance department has been downloading large volumes of sensitive financial records outside normal business hours and transmitting them to a personal cloud storage account. The employee holds legitimate access to these files as part of their job role, making traditional perimeter controls insufficient to detect or prevent the activity. Which threat actor category BEST describes this individual?

A. Shadow IT B. Insider threat C. Hacktivist D. Unskilled attacker

Question 3

A threat intelligence team is analyzing a wave of DDoS attacks and website defacements targeting a multinational oil company. The responsible group has publicly claimed the attacks are a protest against the company's environmental practices and has made no financial demands. Which motivation BEST describes this threat actor's primary driver?

A. Financial gain B. Blackmail C. Philosophical/political beliefs D. Espionage

Question 4

A company's web server is receiving repeated automated login attempts using exploit scripts downloaded from a public hacking forum. The attack shows no customization, no persistence mechanism, and no evidence of reconnaissance beyond a generic target list. Which threat actor type BEST describes the individual conducting this attack?

A. Nation-state B. Organized crime C. Insider threat D. Unskilled attacker

Question 5

A healthcare organization is struck by a ransomware attack that encrypts patient records and demands cryptocurrency payment for the decryption key. Post-incident analysis reveals the group used a widely available ransomware-as-a-service kit and simultaneously targeted multiple healthcare organizations in parallel. Which threat actor type and motivation BEST describe the attacker?

A. Organized crime motivated by financial gain B. Hacktivist motivated by philosophical/political beliefs C. Nation-state motivated by espionage D. Unskilled attacker motivated by disruption/chaos

Question 6

A security auditor discovers that a marketing team has been using an unauthorized cloud file-sharing service to collaborate with external agencies, completely bypassing the organization's approved platform and data governance controls. The employees were not acting maliciously but introduced unreviewed third-party services into the environment without IT knowledge or approval. Which threat actor category BEST describes this risk source?

A. Insider threat B. Shadow IT C. Hacktivist D. Nation-state

Question 7

A threat intelligence analyst is profiling an attack in which a rival company allegedly placed an operative inside an engineering firm as a contractor, who then spent three months quietly copying proprietary product blueprints and transmitting them to an external server. No systems were disrupted and no ransom was demanded. Which motivation BEST characterizes this threat actor's primary goal?

A. Service disruption B. Revenge C. Data exfiltration D. Blackmail

Question 8

During a threat modeling session, a security architect categorizes a threat actor who has no prior access to internal systems, must traverse the network perimeter to reach sensitive assets, and has no insider knowledge of the organization's architecture. Which attribute BEST classifies this actor?

A. Internal B. High level of sophistication/capability C. High resources/funding D. External

Question 9

A threat intelligence report compares two groups: one backed by a government with access to classified vulnerability research, dedicated development teams, and geopolitical objectives; and another that operates as a criminal enterprise using leased crimeware kits to maximize profit. Which attribute MOST clearly distinguishes the first group from the second?

A. The first group has significantly greater resources, funding, and level of sophistication B. The first group exclusively relies on phishing as its primary attack vector C. The second group always operates from inside the targeted organization D. The second group has higher resources and funding than the first

Question 10

An advanced persistent threat group has maintained covert access inside a government contractor's network for over a year, silently collecting classified project documentation without disrupting operations or making any financial demands. All indicators suggest the group's priority is remaining undetected while accumulating strategic information over time. Which motivation BEST describes this threat actor's primary goal?