CompTIA Security+ Practice Test of the Day 260627

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 5.6 (Given a scenario, implement security awareness practices) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260627

10 questions • Single best answer

Question 1

A security program manager at a manufacturing firm launches simulated deceptive emails that mimic real attacks, then tracks who clicks. The goal is to measure and improve employee resistance over time. What activity is being conducted?

A. Penetration testing B. Phishing campaign C. Vulnerability scanning D. Red team exercise

Question 2

A SOC analyst trains staff to notice coworkers logging in at unusual hours, accessing systems outside their role, or moving large data sets. Employees are taught to report these signals. Which awareness focus is this?

A. Anomalous behavior recognition B. Phishing recognition C. Operational security D. Password management

Question 3

An organization wants awareness training that does not happen only at onboarding but repeats throughout the year to reinforce concepts. Leadership asks the team to schedule it periodically. Which training cadence is described?

A. Initial B. Ad hoc C. One-time D. Recurring

Question 4

A financial services firm notices an employee quietly copying sensitive client records to a personal drive before resigning. Awareness programs warn staff to watch for and report such activity from trusted users. Which threat is being addressed?

A. Insider threat B. Social engineering C. Shadow IT D. Advanced persistent threat

Question 5

A defense contractor bans plugging in unknown USB drives after one was found in the parking lot. Awareness materials teach employees the risks of attaching such devices. Which guidance area does this support?

A. Bring your own device B. Removable media and cables C. Clean desk policy D. Acceptable use of encryption

Question 6

A help desk receives a call from someone claiming to be a senior executive demanding an urgent reset and pressuring staff to skip verification. Awareness training teaches employees to recognize these manipulation tactics. What is being attempted?

A. Privilege escalation B. SQL injection C. Buffer overflow D. Social engineering

Question 7

A program manager advises employees not to post project details, travel plans, or org charts online because adversaries aggregate such fragments. The aim is denying attackers useful contextual information. Which practice is this?

A. Operational security B. Data masking C. Least privilege D. Network segmentation

Question 8

Awareness content at a hospital instructs staff to use long unique passphrases, avoid reuse across sites, and store them in an approved vault. The goal is reducing credential-based compromise. Which guidance topic is this?

A. Account lockout B. Multifactor authentication C. Single sign-on D. Password management

Question 9

Before rolling out training, a security team identifies knowledge gaps, defines objectives, and designs content tailored to each role. Only afterward do they deliver and measure it. Which phase of the awareness program is described?

A. Execution B. Monitoring C. Development D. Reporting

Question 10

After several training cycles, leadership wants proof the program works, so the team tracks phishing click rates, employee submission rates, and completion percentages over time. These figures guide future content. What is the team performing?