CompTIA Security+ Practice Test (SY0-701)
Use the form below to configure your CompTIA Security+ Practice Test (SY0-701). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-90 questions and set a time limit.

CompTIA Security+ SY0-701 Information
CompTIA Security+ Certification Exam Overview
The CompTIA Security+ certification is a vendor-neutral credential that validates foundational security skills and knowledge. The current version of the exam is SY0-701. The SY0-701 exam is a computer-based test that consists of up to 90 questions, with a duration of 90 minutes. Candidates must achieve a minimum passing score of 750 points on a scale of 100-900.
Question Types on the Security+ Exam
The Security+ exam includes two primary types of questions:
- Multiple-Choice/Multiple-Selection Questions: These questions require candidates to select one or more correct answers from a list of options.
- Performance-Based Questions (PBQs): These questions involve solving problems in a simulated IT environment, such as command prompt or networking environments. PBQs are also featured in other CompTIA exams, like A+ and Network+.
Exam Prerequisites
CompTIA does not enforce any prerequisites for the Security+ exam. However, it is recommended that candidates have the CompTIA Network+ certification and at least two years of experience in IT administration with a focus on security. Additionally, CompTIA suggests that candidates be at least 13 years old.
Security+ Exam Domains
The SY0-701 exam focuses on five primary domains:
- General Security Concepts (12%)
- Threats, Vulnerabilities, and Mitigations (22%)
- Security Architecture (18%)
- Security Operations (28%)
- Security Program Management and Oversight (20%)
These domains are detailed in the exam objectives, which outline the scope of the test, including domain weighting, test objectives, and example topics.
Exam Renewal Policy
The Security+ certification, along with other CompTIA certifications, must be renewed every three years. The bridge exam scheme was retired on December 31, 2010. Post-January 1, 2011, all new certifications are valid for three years from the date of certification. Renewal can be achieved by passing the latest version of the exam or through the Continuing Education (CE) program. This program allows candidates to keep their skills current through various activities that demonstrate industry knowledge.
Testing Centers
CompTIA exams, including Security+, are available exclusively through Pearson VUE testing centers since July 9, 2012. Exams can be scheduled online, by phone, or at the testing center. Candidates can choose between in-person exams at Pearson VUE centers or online testing.
The CompTIA Security+ certification ensures that IT professionals possess the essential security skills and knowledge required to protect and manage today's increasingly complex IT environments.
More reading:
Scroll down to see your responses and detailed results
Free CompTIA Security+ SY0-701 Practice Test
Press start when you are ready, or press Change to modify any settings for the practice test.
- Questions: 15
- Time: Unlimited
- Included Topics:General Security ConceptsThreats, Vulnerabilities, and MitigationsSecurity ArchitectureSecurity OperationsSecurity Program Management and Oversight
Which of the following actions best contributes to securing a server by adhering to the principle of disabling ports/protocols?
Closing ports that are not in use by network services.
Keeping all ports open to ensure full functionality.
Implementing complex passwords for all user accounts.
Changing port numbers for common services to non-standard values.
Answer Description
Closing unused ports on a server helps to minimize the attack surface by ensuring that only necessary network services are accessible. This effectively reduces the number of entry points available to an attacker. Keeping unused ports open does not contribute to security, as it unnecessarily exposes the server to potential exploitation. Switching port numbers can obscure services but does not decrease the attack surface. Using complex passwords is good practice for account security but does not pertain to network services and port/protocol security.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to close unused ports on a server?
What are some common network services that typically use specific ports?
What is the difference between port obscurity and security?
Which of the following options represents a common practice in the hardening of computing systems to enhance security?
Allowing unrestricted root access to all users for convenience
Using vendor-supplied default passwords for all devices
Updating systems regularly
Disabling the firewall on all servers
Answer Description
Updating systems regularly is a hardening technique that involves applying patches to operating systems and applications to protect against known vulnerabilities. Disabling firewalls or allowing root access would decrease system security, while using default passwords is against security best practices as they are often easily guessable.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are system patches and why are they important?
What does it mean to harden a computing system?
Why is it dangerous to use default passwords?
Allow lists are a security measure that permits only approved entities to access resources.
True
False
Answer Description
Allow lists specify which entities are permitted access, enhancing security by restricting unauthorized access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are allow lists and how do they work?
What are some advantages of using allow lists over deny lists?
How do I create an effective allow list?
An organization wants to enhance server security by implementing a hardware device that can securely generate and manage cryptographic keys and offload cryptographic operations from the servers, thereby improving performance and security. Which of the following would BEST meet this requirement?
TPM
Key Management System
Secure Enclave
Hardware Security Module
Answer Description
A Hardware Security Module (HSM) is a dedicated hardware device designed to securely generate, store, and manage cryptographic keys and perform cryptographic operations. By offloading these tasks from servers, HSMs improve both security and performance in enterprise environments.
A TPM is a hardware chip embedded on a computer's motherboard, primarily used to store cryptographic keys and ensure platform integrity, but it's not designed to offload cryptographic processing from servers.
A Secure Enclave is a secure area within a processor for executing sensitive code, commonly found in mobile devices; it does not function as a separate hardware device for server cryptographic operations.
A Key Management System typically refers to software solutions for managing cryptographic keys' lifecycle but does not provide hardware-based processing capabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What exactly is a Hardware Security Module (HSM)?
How does a TPM differ from an HSM?
What role does a Key Management System (KMS) play in security?
An attacker is attempting to extract sensitive information from a company's employee by impersonating a trusted individual over the phone. What is this type of social engineering attack called?
Impersonation
Vishing
Phishing
Business email compromise
Answer Description
Vishing is a type of social engineering attack where an attacker uses the telephone system, often pretending to be a trusted entity, to extract sensitive information from a target. Phishing is similar but primarily occurs through email or other electronic communication. Impersonation could be part of a vishing attack but is a broader term that doesn't specify the method of communication. Business email compromise is an attack targeted at companies to gain access to company information or assets, typically through deception via email.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What techniques are commonly used in vishing attacks?
How does vishing differ from phishing and smishing?
What are some preventative measures against vishing attacks?
A company is implementing a web content filtering solution to prevent employees from accessing undesirable websites during work hours. What is the BEST approach that the company should employ to ensure maximum effectiveness of the filtering solution?
Using a localized hosts file on each computer to block specific website IPs
Implementing a centralized proxy for content categorization and filtering
Distributing client-side browser extensions to categorize and block content
Depending on employees to self-categorize and avoid undesired content
Answer Description
The correct answer is Implementing a centralized proxy for content categorization and filtering. This method is most effective as it centralizes the control over internet traffic, allowing the organization to maintain comprehensive oversight over web content access. A centralized proxy can analyze and categorize content dynamically, applying company-wide controls and filters based on the established policy. Other methods, like client-side scripting or relying solely on client configurations, do not offer the same level of centralized control and may be bypassed or require extensive individual configuration management.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is a centralized proxy more effective than client-side browser extensions?
What are the benefits of content categorization in a centralized proxy?
How can a company enforce internet usage policies effectively with a centralized proxy?
Which Bluetooth attack method involves an unauthorized individual gaining unauthorized access to a device's data via a previously paired connection in order to extract sensitive information?
Bluesmacking
Bluesnarfing
Bluejacking
Bluebugging
Answer Description
Bluejacking is an attack in which an attacker sends unsolicited messages to Bluetooth-enabled devices. However, Bluesnarfing is the correct answer because it specifically refers to an attack where the attacker gains unauthorized access through a Bluetooth connection to steal information. This is a significant risk for data leakage in mobile devices that can compromise personal and business data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the differences between Bluejacking and Bluesnarfing?
How can users protect themselves from Bluesnarfing attacks?
What are the potential consequences of a Bluesnarfing attack?
A security auditor finds that certain accounts, intended to have standard user permissions, are executing commands that typically require admin rights. Further investigation reveals these accounts have been added to a group with elevated privileges. Which situation does this observation most accurately reflect?
Privilege escalation due to unauthorized changes in group memberships
Service disruption caused by frequent account lockouts
Data exposure from compromised encryption protocols
Unauthorized access from unchanged default account passwords
Answer Description
This scenario suggests a case of privilege escalation, a situation where user accounts have been granted more access rights than intended, allowing them to execute commands beyond their original permissions. Here, the service accounts, which should have standard privileges, were found to be part of a privileged group, granting them higher access rights typical of system administrators. This specific detail of 'group membership change' distinguishes the issue as privilege escalation rather than other scenarios like default password changes, account lockouts, or compromised encryption keys which relate to different types of security issues.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is privilege escalation?
What are service accounts and their typical usage?
What are the risks of unauthorized changes in group memberships?
An organization wants to ensure its systems are protected against known security vulnerabilities promptly while maintaining operational stability. Which of the following approaches would BEST achieve this objective?
Discontinue the use of software that requires frequent updates
Implement an automated testing and deployment process for software fixes
Schedule annual security assessments to identify vulnerabilities
Restrict user permissions to prevent unauthorized software changes
Answer Description
Implementing an automated testing and deployment process for software fixes ensures that updates are applied promptly after being validated, reducing the window of exposure to known vulnerabilities while minimizing disruptions to operations. Scheduling annual security assessments is important but too infrequent to address vulnerabilities in a timely manner. Discontinuing the use of software that requires frequent updates is impractical and may hinder business functions. Restricting user permissions enhances security but does not directly address the prompt application of fixes to known vulnerabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an automated testing and deployment process?
Why are annual security assessments not enough for vulnerability management?
What are the risks of discontinuing software that requires frequent updates?
A company is rolling out a new software update that will significantly change its online purchasing system. Which of the following is the BEST approach to ensure that the update does not adversely affect the security posture of the organization?
Conduct a thorough impact analysis prior to deployment.
Schedule the update during a maintenance window to reduce downtime.
Update all system diagrams to reflect the new software changes.
Review and approve the software update through the proper channels.
Answer Description
The correct answer is to conduct an impact analysis prior to deployment. An impact analysis is a process of understanding the potential consequences of changes, especially how they affect security controls and operations. By doing this, the company can identify potential security risks introduced by the update and take steps to mitigate them before the system goes live, ensuring that security is maintained throughout the change process. The other options, while they might be parts of the overall change management process, do not directly address the proactive identification and mitigation of security risks specific to the introduction of new software or updates.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an impact analysis in the context of software updates?
Why is it important to consider security when rolling out software updates?
What are some common risks associated with deploying new software updates?
When evaluating security architecture for an enterprise's network infrastructure, what is the primary reason for ensuring patch availability for all software components?
To fix security vulnerabilities and bugs
To increase the system's processing speed
To enhance the graphical user interface
To ensure compatibility with legacy systems
Answer Description
Patch availability is important because patches fix security vulnerabilities and bugs in software, improving the security posture of the system. Without timely patch deployment, systems can remain susceptible to exploits and attacks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are software patches and how do they work?
What are vulnerabilities and how can they affect a network?
What is the impact of not applying patches on network security?
Which type of cryptography allows secure data exchange by utilizing a pair of related keys, addressing the challenge of key distribution without requiring prior secret key sharing?
Hashing algorithms
Symmetric encryption
Asymmetric encryption
Steganography
Answer Description
Asymmetric encryption uses two related keys—a public key and a private key. This key pair allows for secure communication without the need to share secret keys beforehand. One key encrypts the data, and the other decrypts it, effectively solving the key distribution problem inherent in symmetric encryption. In contrast, symmetric encryption uses a single shared key, which must be securely distributed to all parties beforehand.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are public and private keys in asymmetric encryption?
How does asymmetric encryption address the key distribution problem?
What are some common applications of asymmetric encryption?
An organization must transmit highly confidential performance reports to a remote analyst. Which technique is most effective in ensuring that this data, if intercepted, cannot be read by unauthorized entities?
Applying full-disk encryption on the sender's and recipient's computers
Utilizing obfuscation methods when preparing the report
Using certificate-based network authentication
Implementing end-to-end encryption for the transmission
Answer Description
Full-disk encryption is a strong security measure but is relevant to data at rest instead of data in motion. Similarly, obfuscation can make data less obvious but does not protect against a dedicated adversary with the tools to decode the obfuscated data. Certificate-based network authentication adds a layer of security to network access but does not protect the content of data transmissions. End-to-end encryption is specifically designed to protect the confidentiality of data as it travels across a network by ensuring that only the intended recipient, with the correct decryption key, can read the contents.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is end-to-end encryption and how does it work?
What types of encryption algorithms are commonly used in end-to-end encryption?
What are the potential vulnerabilities to end-to-end encryption?
A security administrator is responsible for maintaining the integrity of software deployed in the company's server environment. They need to detect any unauthorized software modifications and ensure that only approved packages are running on the systems. Which solution should the administrator implement to meet these requirements?
Performing regular antivirus scanning on all servers
Implementing a file integrity monitoring solution that automatically checks for changes to software packages
Configuring systems to receive automatic software updates
Maintaining a configuration management database that records installed software versions
Answer Description
Implementing a file integrity monitoring solution that automatically checks the integrity of system and application software files is the correct answer because such a solution can detect changes to critical system files and software packages, alerting administrators if unauthorized modifications occur. Using automatic updates does not necessarily check for unauthorized modifications; it just updates software to the latest versions. Scanning with an antivirus checks for malware but does not validate software package integrity or unauthorized changes. Using a configuration management database is helpful for tracking changes but does not automatically monitor file integrity.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is file integrity monitoring (FIM)?
How does file integrity monitoring help prevent unauthorized modifications?
What are the differences between file integrity monitoring and antivirus scanning?
When establishing a Business Partners Agreement with a new vendor, what element is most crucial to ensure the protection of sensitive data?
Clearly defined security requirements
Specific definitions of the parties involved
Terms of conflict resolution processes
Regularly scheduled review cycles
Answer Description
While all listed aspects are important in their own right, clearly defined security requirements are the most critical to protect sensitive data. These requirements set the minimum security standards that the business partner must adhere to, directly impacting the safeguarding of data involved in the partnership. Elements such as review cycles and party definitions are also important, but their impact on data protection is more indirect compared to the explicit security requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are clearly defined security requirements?
Why are security requirements more crucial than review cycles or conflict resolution terms?
What types of organizations should consider Business Partners Agreements?
Gnarly!
Looks like that's it! You can go back and review your answers or click the button below to grade your test.