Which CompTIA Security+ subdomain would you like to practice for?
Note: Some Answer sections in the practice tests linked below use our older format, which is currently being updated for improved clarity and usability. You can still use them to reinforce your knowledge while we complete the transition.
| Domain/Subdomain | Exam Objective |
|---|---|
| Security+ Practice Test for Subdomain 1.1 #1 Security+ Practice Test for Subdomain 1.2 #2 | Compare and contrast various types of security controls. |
| Security+ Practice Test for Subdomain 1.2 #1 Security+ Practice Test for Subdomain 1.2 #2 | Summarize fundamental security concepts. |
| Security+ Practice Test for Subdomain 1.3 #1 Security+ Practice Test for Subdomain 1.3 #2 | Explain the importance of change management processes and the impact to security. |
| Security+ Practice Test for Subdomain 1.4 #1 Security+ Practice Test for Subdomain 1.4 #2 | Explain the importance of using appropriate cryptographic solutions. |
| Security+ Practice Test for Subdomain 2.1 #1 Security+ Practice Test for Subdomain 2.1 #2 | Compare and contrast common threat actors and motivations |
| Security+ Practice Test for Subdomain 2.2 #1 Security+ Practice Test for Subdomain 2.2 #2 | Explain common threat vectors and attack surfaces |
| Security+ Practice Test for Subdomain 2.3 #1 Security+ Practice Test for Subdomain 2.3 #2 | Explain various types of vulnerabilities |
| Security+ Practice Test for Subdomain 2.4 #1 Security+ Practice Test for Subdomain 2.4 #2 | Given a scenario, analyze indicators of malicious activity |
| Security+ Practice Test for Subdomain 2.5 #1 Security+ Practice Test for Subdomain 2.5 #2 | Explain the purpose of mitigation techniques used to secure the enterprise. |
| Security+ Practice Test for Subdomain 3.1 #1 Security+ Practice Test for Subdomain 3.1 #2 | Compare and contrast security implications of different architecture models |
| Security+ Practice Test for Subdomain 3.2 #1 Security+ Practice Test for Subdomain 3.2 #2 | Given a scenario, apply security principles to secure enterprise infrastructure |
| Security+ Practice Test for Subdomain 3.3 | Compare and contrast concepts and strategies to protect data |
| Security+ Practice Test for Subdomain 3.4 | Explain the importance of resilience and recovery in security architecture |
| Security+ Practice Test for Subdomain 4.1 | Given a scenario, apply common security techniques to computing resources |
| Security+ Practice Test for Subdomain 4.2 | Explain the security implications of proper hardware, software, and data asset management |
| Security+ Practice Test for Subdomain 4.3 #1 Security+ Practice Test for Subdomain 4.3 #2 | Explain various activities associated with vulnerability management |
| Security+ Practice Test for Subdomain 4.4 | Explain security alerting and monitoring concepts and tools |
| Security+ Practice Test for Subdomain 4.5 | Given a scenario, modify enterprise capabilities to enhance security |
| Security+ Practice Test for Subdomain 4.6 | Given a scenario, implement and maintain identity and access management |
| Security+ Practice Test for Subdomain 4.7 #1 Security+ Practice Test for Subdomain 4.7 #2 | Explain the importance of automation and orchestration related to secure operations |
| Security+ Practice Test for Subdomain 4.8 | Explain appropriate incident response activities |
| Security+ Practice Test for Subdomain 4.9 | Given a scenario, use data sources to support an investigation |
| Security+ Practice Test for Subdomain 5.1 | Summarize elements of effective security governanc |
| Security+ Practice Test for Subdomain 5.2 | Explain elements of the risk management process |
| Security+ Practice Test for Subdomain 5.3 | Explain the processes associated with third-party risk assessment and management |
| Security+ Practice Test for Subdomain 5.4 | Summarize elements of effective security compliance |
| Security+ Practice Test for Subdomain 5.5 | Explain types and purposes of audits and assessments |
| Security+ Practice Test for Subdomain 5.6 | Given a scenario, implement security awareness practices |