CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA Security+ SY0-701 Practice Test

Prepare for the CompTIA Security+ SY0-701 exam with our free practice test. Randomly generated and customizable, this test allows you to choose the number of questions.

  • Questions: 15
  • Time: 15 minutes (60 seconds per question)
  • Included Objectives:
    • Threats, Vulnerabilities, and Mitigations
    • Security Operations
    • Security Program Management and Oversight
    • Security Architecture
    • General Security Concepts
Question 1 of 15

During a routine review of system logs, an administrator notices that a network printer has made several authentication requests to a database server. Which type of anomalous behavior does this best represent?

  • Unexpected behavior

  • Unintentional error

  • Risky behavior

  • Intentional misuse

Question 2 of 15

An organization is reviewing its security policies to better protect against unauthorized access to employee accounts. Which of the following would be the BEST mitigation strategy to prevent a brute force attack on user passwords?

  • Implementing strong password policies that require complex passwords

  • Disabling unused accounts

  • Monitoring for unauthorized access attempts on user accounts

  • Enabling account lockouts after a specified number of failed login attempts

Question 3 of 15

Which of the following BEST describes the purpose of attestation in the context of security compliance and oversight?

  • The official acknowledgment that an entity meets and operates in accordance with prescribed standards.

  • A detailed examination of the components and configurations within an organization's IT infrastructure.

  • The process of identifying, analyzing, and evaluating potential risks that could affect an organization's operations.

  • The comprehensive appraisal of a business to establish its assets and liabilities and evaluate its commercial potential.

Question 4 of 15

The risk register only needs to be updated when a new risk is identified, not as part of a regular review process.

  • The statement is correct; the risk register only needs to be updated when a new risk is identified.

  • The statement is incorrect; the risk register requires updates during regular review processes as well as when new risks are identified.

Question 5 of 15

A cybersecurity analyst is tasked with selecting an appropriate tool for scanning the security posture of the organization’s network infrastructure. The emphasis is on identifying misconfigurations and unpatched systems. Which of the following tools should the analyst choose for the BEST results?

  • Antivirus software

  • Vulnerability scanner

  • Network sniffer

  • Protocol analyzer

Question 6 of 15

You have ordered a penetration test on the companies website from a 3rd party IT Security consultant. Your web administration team has created a stand-alone test network to ensure the penetration tests do not cause issues on the live website. Other than the IP address of the web server you have not provided the penetration testers with any information. What type of test best describes this scenario?

  • Stand alone

  • Integration

  • Black box

  • White box

Question 7 of 15

A security administrator is hardening the data center's network infrastructure to ensure high availability and reliability. The administrator is concerned about the potential impact if one of the firewalls experiences a failure. Which of the following failure modes should be configured on the firewall to maintain security while still allowing network traffic to flow if the device fails?

  • Fail-closed

  • Fail-pass

  • Fail-stop

  • Fail-open

Question 8 of 15

In the context of security architecture, what does 'Responsiveness' refer to when considering system design and high availability?

  • The ability of the system to acknowledge and handle requests quickly, maintaining service quality.

  • The efficiency of encrypting and decrypting data at rest and data in transit.

  • The capacity of backup power systems to provide electricity during an outage.

  • The frequency at which a system performs routine maintenance and updates.

Question 9 of 15

Your organization has rolled out a new system that leverages Network Access Control (NAC) to enforce security compliance on all devices before they are granted network access. Despite having the latest security patches and antivirus software installed, an employee's device is unable to access the network. Which aspect of the NAC is most likely hindering the access for this otherwise compliant device?

  • Remote Authentication Dial-In User Service (RADIUS) server not authenticating the user's credentials

  • Captive portal blocking the device after a failed interaction with the user

  • Posture assessment component incorrectly evaluating the device's compliance

  • Network access policy does not include the correct compliance requirements

Question 10 of 15

During an organization's security policy review meeting, it was observed that there is currently no formal policy pertaining to the acceptable use of organizational assets and network resources. As part of establishing robust security governance within the company, which of the following policies should be proposed and implemented first to address this issue?

  • Acceptable Use Policy (AUP)

  • Change Management Policy

  • Software Development Lifecycle (SDLC) Policy

  • Disaster Recovery Policy

Question 11 of 15

An international financial organization has data centers in multiple countries and must comply with the European Union's data protection regulations that prohibit certain types of personal data from being transferred outside the EU. Which of the following architectural considerations is most effective in aligning the organization's data storage and transfer practices with these regulations?

  • Using redundant data storage across international locations for high availability

  • Introducing a secure web gateway to filter outbound data traffic

  • Implementing geofencing within the data management policies

  • Establishing a policy that requires manual approval for data transfers

  • Applying strong encryption to data before transferring it between data centers

  • Deploying a data loss prevention (DLP) solution to monitor data transfer

Question 12 of 15

An enterprise is evaluating new servers from various vendors for a high-security environment. Which of the following criteria should be prioritized to BEST ensure the hardware provider meets the company's stringent security policies and risk management?

  • Validating the security of the server's firmware at the time of delivery

  • Obtaining comprehensive documentation for all hardware components

  • Ensuring the hardware provider has no direct affiliations with foreign governments

  • Choosing hardware providers that the enterprise has worked with in the past

Question 13 of 15

What term describes the process of determining whether a detected vulnerability is actually present?

  • Confirmation

  • Threat hunting

  • Reporting

  • False positive

Question 14 of 15

Systems undergoing quarantine due to security alerts must always be disconnected from the network and powered off until further analysis is complete.

  • Systems undergoing quarantine must always be powered off

  • Systems undergoing quarantine should be network isolated but not necessarily powered off

Question 15 of 15

What type of physical security control is primarily utilized for authenticating personnel through the analysis of unique personal attributes before granting access to highly secure areas?

  • Access Control Vestibule

  • Fencing

  • Biometric systems

  • Sensors