CompTIA Security+ SY0-701 - Free Practice Quiz

Question 1 of 60

According to CompTIA Security+ SY0-701, which CIA triad component ensures that authorized users can access information and systems when needed?

A Availability B Confidentiality C Integrity D Non-repudiation

1 / 60

Question 2 of 60

Which type of malware disguises itself as a legitimate program while containing hidden malicious functionality?

A Trojan horse B Virus C Spyware D Worm

2 / 60

Question 3 of 60

Which type of certificate is used by websites to prove their identity and enable HTTPS connections, issued by a trusted Certificate Authority?

A TLS/SSL server certificate B Client certificate C Code signing certificate D Email signing certificate

3 / 60

Question 4 of 60

Which type of attack involves an attacker gaining unauthorized access to a system by exploiting a buffer overflow to overwrite the return address and redirect code execution?

A Buffer overflow exploit B Cross-site scripting C SQL injection D Directory traversal

4 / 60

Question 5 of 60

Which type of social engineering attack uses fraudulent emails that appear to come from a trusted source to trick recipients into clicking malicious links or providing credentials?

A Phishing B Vishing C Smishing D Tailgating

5 / 60

Question 6 of 60

Which cryptographic function takes an input of any size and produces a fixed-length output that cannot be reversed to obtain the original input?

A Hashing B Asymmetric encryption C Digital signature D Symmetric encryption

6 / 60

Question 7 of 60

Which Security+ SY0-701 concept describes the practice of granting users ONLY the access rights required to perform their specific job duties?

A Least privilege B Mandatory vacation C Need to know D Separation of duties

7 / 60

Question 8 of 60

According to Security+ SY0-701, which protocol provides centralized Authentication, Authorization, and Accounting (AAA) services for network access control?

A RADIUS B LDAP C Kerberos D SAML

8 / 60

Question 9 of 60

Which of the following BEST describes a vulnerability in the context of Security+ SY0-701?

A A weakness in a system that can be exploited by a threat B A potential danger that could exploit a weakness C The likelihood of an event causing harm D A safeguard implemented to reduce risk

9 / 60

Question 10 of 60

A security administrator wants to ensure that users cannot install unauthorized software on company workstations. Which control BEST achieves this?

A Application allowlisting / whitelisting B Full disk encryption C Regular vulnerability scanning D Strong password policy

10 / 60

Question 11 of 60

An organization requires that all laptops encrypt their hard drives so that lost or stolen devices cannot have their data read. Which technology MOST directly fulfills this requirement?

A Full Disk Encryption (FDE) with BitLocker or FileVault B Network Access Control (NAC) C VPN client software D Antivirus software

11 / 60

Question 12 of 60

Which Security+ SY0-701 concept describes the process of proving that a specific action was performed by a specific party â€” making it impossible for them to deny the action later?

A Non-repudiation B Authentication C Authorization D Auditing

12 / 60

Question 13 of 60

A technician notices that a network switch port shows an unusually high number of MAC address entries in its table, causing the switch to flood traffic to all ports. Which attack is MOST likely occurring?

A MAC flooding attack B ARP poisoning C DNS spoofing D VLAN hopping

13 / 60

Question 14 of 60

Which term describes an attack where an adversary intercepts and potentially alters communications between two parties without their knowledge?

A Man-in-the-middle (MitM) attack B SQL injection C Cross-site scripting D Replay attack

14 / 60

Question 15 of 60

Which DHCP attack allows a rogue server to assign incorrect IP configuration to clients, potentially redirecting traffic through an attacker-controlled gateway?

A Rogue DHCP server attack B IP spoofing C DNS hijacking D ARP poisoning

15 / 60

Question 16 of 60

A technician hardening a new server removes all unnecessary services, disables unused ports, and deletes default accounts. Which security practice does this BEST describe?

A Patch management B Incident response C Network segmentation D System hardening / secure baseline configuration

16 / 60

Question 17 of 60

Which authentication method requires users to provide two forms of identification from different authentication factor categories?

A RADIUS authentication B Single Sign-On (SSO) C Password complexity policy D Multi-Factor Authentication (MFA)

17 / 60

Question 18 of 60

Which physical security control uses biometrics and requires a single authorized person to pass through before the next person can enter, preventing tailgating?

A Bollards B Security camera C Barbed wire fence D Mantrap / airlock

18 / 60

Question 19 of 60

According to Security+ SY0-701, which type of agreement defines the expected level of service between a service provider and a customer, including metrics such as uptime and response time?

A Memorandum of Understanding (MOU) B Non-Disclosure Agreement (NDA) C Business Associate Agreement (BAA) D Service Level Agreement (SLA)

19 / 60

Question 20 of 60

Which type of attack attempts to guess passwords by systematically trying every possible combination of characters?

A Dictionary attack B Credential stuffing C Rainbow table attack D Brute-force attack

20 / 60

Question 21 of 60

According to Security+ SY0-701, which type of malware encrypts a victim's files and demands payment for the decryption key?

A Rootkit B Spyware C Adware D Ransomware

21 / 60

Question 22 of 60

According to Security+ SY0-701, which network service translates human-readable domain names (e.g., www.example.com) into IP addresses?

A DHCP B SNMP C NTP D DNS

22 / 60

Question 23 of 60

Which Security+ SY0-701 term refers to a weakness in a system that has been discovered by researchers or attackers but for which no vendor patch yet exists?

A Known vulnerability B False positive C Exploit D Zero-day vulnerability

23 / 60

Question 24 of 60

An organization wants to prevent data leakage by monitoring and controlling what data employees can copy to USB drives or send via email. Which security solution BEST provides this capability?

A Intrusion Detection System (IDS) B Web Application Firewall (WAF) C Security Information and Event Management (SIEM) D Data Loss Prevention (DLP)

24 / 60

Question 25 of 60

Which network protocol operates at Layer 3 of the OSI model and is responsible for logical addressing and routing of packets between networks?

A ARP B TCP (Transmission Control Protocol) C Ethernet D IP (Internet Protocol)

25 / 60

Question 26 of 60

Which type of backup copies only the data that has changed since the LAST FULL backup, regardless of intervening backups?

A Incremental backup B Full backup C Snapshot backup D Differential backup

26 / 60

Question 27 of 60

A security analyst reviews SIEM logs and identifies that a user account logged in at 2:00 AM, downloaded 500MB of data, and logged out. The user's normal pattern is 9AM-5PM logins with minimal data access. Which security capability identifies this as suspicious?

A Signature-based detection B Firewall rule analysis C Vulnerability scanning D Behavioral / anomaly-based detection

27 / 60

Question 28 of 60

Which type of vulnerability scan authenticates to target systems to provide more thorough results including missing patches and configuration weaknesses?

A External scan B Unauthenticated scan C Passive scan D Credentialed / authenticated scan

28 / 60

Question 29 of 60

A security analyst configures a firewall rule to block all inbound traffic on port 23. Which service does this PRIMARILY prevent?

A SMTP B SSH C FTP D Telnet

29 / 60

Question 30 of 60

A user receives a phone call from someone claiming to be IT support who asks for their password to fix an urgent problem. Which social engineering technique is this?

A Spear phishing B Baiting C Tailgating D Vishing (voice phishing)

30 / 60

Question 31 of 60

Which type of email security control uses cryptographic authentication to verify that an email originates from an authorized sender for a given domain?

A Spam filtering B Email content scanning C DMARC (Domain-based Message Authentication, Reporting, and Conformance) D Email archiving

31 / 60

Question 32 of 60

Which Security+ SY0-701 term describes software that secretly monitors user activity and collects information without the user's knowledge?

A Adware B Ransomware C Spyware D Worm

32 / 60

Question 33 of 60

Which Windows tool provides a centralized view of system events, application errors, and security audit logs?

A Device Manager B Task Manager C Event Viewer D Registry Editor

33 / 60

Question 34 of 60

Which type of access control model grants access based on predefined roles assigned to users based on their job functions?

A Discretionary Access Control (DAC) B Mandatory Access Control (MAC) C Role-Based Access Control (RBAC) D Attribute-Based Access Control (ABAC)

34 / 60

Question 35 of 60

Which physical security control uses camera recordings to provide evidence of unauthorized access or security incidents after they occur?

A Motion sensor B Security guard C CCTV / video surveillance D Access control badge system

35 / 60

Question 36 of 60

Which concept requires that no single employee has enough access to commit and conceal fraud, by splitting critical tasks among multiple people?

A Least privilege B Job rotation C Separation of duties D Defense in depth

36 / 60

Question 37 of 60

In the context of Security+ SY0-701, which term describes the process of verifying that a user is who they claim to be?

A Auditing B Authorization C Authentication D Accounting

37 / 60

Question 38 of 60

Which vulnerability management step involves applying patches and configuration changes to eliminate or reduce identified vulnerabilities?

A Discovery B Prioritization C Remediation D Reporting

38 / 60

Question 39 of 60

According to Security+ SY0-701, which disaster recovery metric defines the maximum amount of time a business function can be offline before causing unacceptable harm?

A Recovery Point Objective (RPO) B Mean Time to Repair (MTTR) C Recovery Time Objective (RTO) D Service Level Agreement (SLA)

39 / 60

Question 40 of 60

An organization uses Kerberos for network authentication. Which component issues ticket-granting tickets (TGTs) after verifying user credentials?

A Ticket-Granting Server (TGS) B Resource server C Key Distribution Center (KDC) Authentication Server (AS) D Certificate Authority (CA)

40 / 60

Question 41 of 60

Which type of network device monitors traffic and generates alerts when suspicious activity is detected but does NOT actively block traffic?

A Next-Generation Firewall (NGFW) B Intrusion Prevention System (IPS) C Intrusion Detection System (IDS) D Web Application Firewall (WAF)

41 / 60

Question 42 of 60

An organization deploys a honeypot on its network. What is the PRIMARY purpose of this security tool?

A Encrypting sensitive data at rest B Providing redundant network connectivity C Attracting and detecting attackers by simulating vulnerable systems D Blocking malware from entering the network

42 / 60

Question 43 of 60

A security technician discovers that a workstation is generating excessive DNS queries to unusual domains at regular intervals. Which threat does this MOST likely indicate?

A DNS cache poisoning B Port scanning C DNS tunneling / C2 beaconing D BGP hijacking

43 / 60

Question 44 of 60

Which type of network attack floods a target with TCP SYN packets without completing the three-way handshake, exhausting the target's connection table?

A Ping of death B Smurf attack C SYN flood D Teardrop attack

44 / 60

Question 45 of 60

Which concept describes the use of multiple security layers so that if one control fails, others continue to protect the asset?

A Separation of duties B Least privilege C Defense in depth D Security through obscurity

45 / 60

Question 46 of 60

Which protocol provides secure, encrypted remote access to network devices and is the recommended replacement for Telnet?

A FTP B SSH (Secure Shell) C HTTP D TFTP

46 / 60

Question 47 of 60

An employee working at a cafÃ© notices a stranger positioned directly behind them, watching them type their banking password on their laptop screen. Which social engineering attack is this?

A Pretexting â€” the attacker fabricates a believable scenario (pretext) to manipulate the target into revealing information or performing an action B Shoulder surfing â€” directly observing a target's screen or keyboard to capture sensitive information such as passwords, PINs, or confidential data C Tailgating â€” an unauthorized person physically follows an authorized employee through a secured entrance without using their own credentials D Baiting â€” leaving infected USB drives or other media in public places in hopes that a target will connect the device to their system

47 / 60

Question 48 of 60

According to Security+ SY0-701, which control type is implemented AFTER an incident to restore systems to normal operation?

A Preventive control B Corrective control C Detective control D Deterrent control

48 / 60

Question 49 of 60

Which wireless encryption protocol, launched in 2018, provides the strongest protection for modern Wi-Fi networks and is recommended for new deployments?

A WPA2-PSK B WPA3 C WEP D WPA-TKIP

49 / 60

Question 50 of 60

A security team implements a policy requiring employees to take mandatory one-week vacations. Which security goal does this PRIMARILY achieve?

A Reducing employee burnout B Detecting fraud through job rotation and mandatory leave C Testing backup staffing D Ensuring compliance with labor laws

50 / 60

Question 51 of 60

Which risk response strategy involves purchasing cyber-insurance to shift the financial impact of a security incident to a third party?

A Risk avoidance B Risk transfer C Risk acceptance D Risk mitigation

51 / 60

Question 52 of 60

Which protocol encrypts web traffic between a browser and a web server, indicated by 'https://' in the URL?

A FTP B HTTP over TLS (HTTPS) C SFTP D SMTP

52 / 60

Question 53 of 60

Which security document defines the acceptable use of organizational IT resources and the consequences for violations?

A Business Continuity Plan (BCP) B Acceptable Use Policy (AUP) C Incident Response Plan (IRP) D Change Management Policy

53 / 60

Question 54 of 60

Which type of network scan identifies open ports and services running on target hosts?

A Vulnerability scan B Port scan C Log analysis D Password audit

54 / 60

Question 55 of 60

Which tool is commonly used to analyze network traffic by capturing and displaying packet contents, enabling security analysts to inspect protocols and detect anomalies?

A Nmap B Wireshark C Nessus D Metasploit

55 / 60

Question 56 of 60

A user reports receiving an email with a suspicious attachment. The security team wants to execute the attachment in a controlled environment to observe its behavior safely. Which tool or technique does this describe?

A Static analysis B Sandboxing / dynamic malware analysis C Antivirus scanning D File quarantine

56 / 60

Question 57 of 60

According to Security+ SY0-701, which control type is PRIMARILY focused on discouraging potential attackers before an attack occurs?

A Detective control B Deterrent control C Corrective control D Compensating control

57 / 60

Question 58 of 60

Which term describes the process of confirming that a recovered system or data matches its pre-incident state through hash comparison?

A Chain of custody B Integrity verification C Evidence preservation D Forensic imaging

58 / 60

Question 59 of 60

An organization assigns an employee the role of 'Backup Operator' which grants specific rights to back up and restore files without granting full administrator access. This BEST illustrates which security concept?

A Separation of duties B Least privilege applied through role-based access control C Defense in depth D Mandatory Access Control

59 / 60

Question 60 of 60

Which network segmentation technology creates logical broadcast domains within a physical network, isolating traffic between groups of hosts?

A Network Address Translation (NAT) B VLAN (Virtual Local Area Network) C VPN (Virtual Private Network) D DMZ (Demilitarized Zone)

60 / 60

CompTIA Security+ SY0-701 Beginner Quiz