CompTIA Security+ Practice Test of the Day 260604

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 2.1 (Compare and contrast common threat actors and motivations) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260604

10 questions • Single best answer

Question 1

A hospital's security team detects repeated intrusion attempts using a freely downloaded automated tool, run by someone who clearly does not grasp the underlying exploit. The activity is noisy, poorly targeted, and contains no custom code. Which threat actor type best describes this individual?

A. Nation-state actor B. Unskilled attacker C. Organized crime D. Insider threat

Question 2

A defense contractor uncovers a stealthy, long-running campaign featuring custom malware, zero-day exploits, and patient lateral movement aimed at classified research. The operation shows near-unlimited funding and advanced tradecraft sustained over many months. Which actor is most likely responsible?

A. Hacktivist B. Script kiddie C. Nation-state actor D. Shadow IT

Question 3

After a manufacturing firm announces a controversial policy, a group defaces its public website with political slogans and leaks documents to embarrass leadership. The attackers seek publicity for their cause rather than profit. Which actor type does this represent?

A. Organized crime B. Hacktivist C. Insider threat D. Nation-state actor

Question 4

A departing employee at a logistics company copies sensitive client lists to a personal drive before resigning, using access legitimately granted for their job. No external breach occurred. Which threat actor category fits this situation?

A. Insider threat B. Unskilled attacker C. Organized crime D. Hacktivist

Question 5

A financial institution is targeted by a well-resourced criminal syndicate running ransomware-as-a-service purely to extort large payments. The group operates like a business, with developers, negotiators, and affiliates. Which actor type is described?

A. Hacktivist B. Nation-state actor C. Organized crime D. Shadow IT

Question 6

A SOC analyst discovers an unsanctioned cloud storage app that a marketing team deployed without IT approval, creating unmonitored risk. There is no malicious intent, but the deployment bypasses security controls. Which internal threat source does this describe?

A. Insider threat B. Shadow IT C. Hacktivist D. Unskilled attacker

Question 7

A penetration tester reviews an incident where attackers quietly stole a rival's proprietary designs to gain a market advantage, leaving systems untouched. The goal was secret intelligence gathering, not disruption or payment. Which motivation best fits?

A. Service disruption B. Espionage C. Financial gain D. Blackmail

Question 8

An analyst compares two adversaries: one uses recycled public tools, while the other develops custom zero-days and evades detection for months. The team must document what distinguishes these groups for a threat profile. Which actor attribute is being assessed?

A. Internal versus external origin B. Level of sophistication and capability C. Primary motivation D. Resources and funding

Question 9

A retailer's CISO investigates attackers who deployed ransomware and demanded cryptocurrency to restore encrypted systems. The intruders showed no political agenda and no interest in data secrecy. What primarily motivated this attack?

A. Espionage B. Philosophical beliefs C. Financial gain D. Revenge

Question 10

A recently terminated administrator at a utility company sabotages backups and deletes configurations out of personal grievance toward former managers. The act seeks retaliation rather than money or ideology. Which motivation is demonstrated?

A. Revenge B. Service disruption C. Financial gain D. Espionage

Tired of Googling acronyms while practicing/studying?
Keep them all under your keyboard.

📋 GET_THE_DESK_MAT

Take more CompTIA Security+ practice tests

CompTIA Security+ Practice Test of the Day 260604

Related Posts

Leave a Comment Cancel Reply