CompTIA Security+ Practice Test of the Day 260503

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.5 (Explain the purpose of mitigation techniques used to secure the enterprise.) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260503

10 questions • Single best answer

Question 1

The CISO of a financial services firm learns that a compromised workstation in the customer service department was able to directly reach payment processing servers during a recent incident. To prevent future lateral movement, the network must be restructured so traffic between departments passes through a controlled chokepoint. Which mitigation technique BEST achieves this?

A. Isolation B. Encryption C. Segmentation D. Application allow listing

Question 2

A security engineer at a healthcare provider needs to prevent unauthorized software from executing on clinical workstations, where only a fixed set of approved applications should ever run. An employee recently installed an unapproved remote access tool that went undetected for weeks. Which mitigation technique BEST prevents this from recurring?

A. Host-based firewall B. Patching C. Monitoring D. Application allow list

Question 3

A SOC analyst confirms that a workstation has an active connection to a known command-and-control server and is exhibiting signs of malware infection. The system must be immediately contained while remaining powered on for forensic analysis. Which mitigation technique BEST describes this action?

A. Segmentation B. Decommissioning C. Isolation D. Configuration enforcement

Question 4

A vulnerability management team receives a critical advisory for a remote code execution flaw in a widely deployed web server, with a CVSS score of 9.8 and active exploitation confirmed in the wild. Which mitigation technique is the most direct way to eliminate this specific vulnerability?

A. Monitoring B. Encryption C. Patching D. Isolation

Question 5

A network administrator finds that internal database servers are reachable from any external IP on port 3306, and must restrict inbound connections to only a small set of authorized source IPs while dropping all others. Which control BEST accomplishes this?

A. Role-based access control (RBAC) B. Application allow list C. Least privilege D. Access control list (ACL)

Question 6

A systems administrator at a law firm discovers that a paralegal accessed confidential partner-level documents unrelated to their assigned cases using a standard user account. The administrator needs to enforce a principle that ensures all accounts receive only the permissions required for their specific job function. Which mitigation technique BEST describes this?

A. Segmentation B. Configuration enforcement C. Least privilege D. Access control list (ACL)

Question 7

A cloud security engineer discovers that a SaaS application stores sensitive customer records on database volumes that would be immediately readable if the storage media were physically removed or accessed by unauthorized cloud personnel. Which hardening technique BEST mitigates this specific risk?

A. Segmentation B. Monitoring C. Encryption D. Least privilege

Question 8

A security architect at a government contractor is designing a control that continuously collects and correlates logs from endpoints, servers, and network devices to identify anomalies such as impossible travel, concurrent session usage, and out-of-cycle logging. Which mitigation technique is being implemented?

A. Configuration enforcement B. Isolation C. Least privilege D. Monitoring

Question 9

A university security team finds that newly enrolled laptops have inconsistent firewall rules, unnecessary services enabled, and settings that vary based on who provisioned them. They need a control that automatically applies an approved security baseline to every device at enrollment and continuously verifies it has not drifted. Which mitigation technique BEST meets this requirement?

A. Patching B. Application allow list C. Configuration enforcement D. Decommissioning

Question 10

An IT governance team at a regional bank identifies several Windows Server 2008 systems still connected to the internal network that haven't been patched in years and can't be upgraded due to legacy application dependencies. The compliance team determines these systems pose an unacceptable residual risk. Which mitigation technique BEST describes the appropriate action?