00:15:00

CompTIA Security+ Practice Test (SY0-701)

Use the form below to configure your CompTIA Security+ Practice Test (SY0-701). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-90 questions and set a time limit.

Logo for CompTIA Security+ SY0-701
Questions
Number of questions in the practice test
Free users are limited to 20 questions, upgrade to unlimited
Seconds Per Question
Determines how long you have to finish the practice test
Exam Objectives
Which exam objectives should be included in the practice test

CompTIA Security+ SY0-701 Information

CompTIA Security+ Certification Exam Overview

The CompTIA Security+ certification is a vendor-neutral credential that validates foundational security skills and knowledge. The current version of the exam is SY0-701. The SY0-701 exam is a computer-based test that consists of up to 90 questions, with a duration of 90 minutes. Candidates must achieve a minimum passing score of 750 points on a scale of 100-900.

Question Types on the Security+ Exam

The Security+ exam includes two primary types of questions:

  • Multiple-Choice/Multiple-Selection Questions: These questions require candidates to select one or more correct answers from a list of options.
  • Performance-Based Questions (PBQs): These questions involve solving problems in a simulated IT environment, such as command prompt or networking environments. PBQs are also featured in other CompTIA exams, like A+ and Network+.

Exam Prerequisites

CompTIA does not enforce any prerequisites for the Security+ exam. However, it is recommended that candidates have the CompTIA Network+ certification and at least two years of experience in IT administration with a focus on security. Additionally, CompTIA suggests that candidates be at least 13 years old.

Security+ Exam Domains

The SY0-701 exam focuses on five primary domains:

  • General Security Concepts (12%)
  • Threats, Vulnerabilities, and Mitigations (22%)
  • Security Architecture (18%)
  • Security Operations (28%)
  • Security Program Management and Oversight (20%)

These domains are detailed in the exam objectives, which outline the scope of the test, including domain weighting, test objectives, and example topics.

Exam Renewal Policy

The Security+ certification, along with other CompTIA certifications, must be renewed every three years. The bridge exam scheme was retired on December 31, 2010. Post-January 1, 2011, all new certifications are valid for three years from the date of certification. Renewal can be achieved by passing the latest version of the exam or through the Continuing Education (CE) program. This program allows candidates to keep their skills current through various activities that demonstrate industry knowledge.

Testing Centers

CompTIA exams, including Security+, are available exclusively through Pearson VUE testing centers since July 9, 2012. Exams can be scheduled online, by phone, or at the testing center. Candidates can choose between in-person exams at Pearson VUE centers or online testing.

The CompTIA Security+ certification ensures that IT professionals possess the essential security skills and knowledge required to protect and manage today's increasingly complex IT environments.

More reading:

Free CompTIA Security+ SY0-701 Practice Test

Press start when you are ready, or press Change to modify any settings for the practice test.

  • Questions: 15
  • Time: Unlimited
  • Included Topics:
    General Security Concepts
    Threats, Vulnerabilities, and Mitigations
    Security Architecture
    Security Operations
    Security Program Management and Oversight
Question 1 of 15

Which of the following actions best contributes to securing a server by adhering to the principle of disabling ports/protocols?

  • Closing ports that are not in use by network services.

  • Keeping all ports open to ensure full functionality.

  • Implementing complex passwords for all user accounts.

  • Changing port numbers for common services to non-standard values.

Question 2 of 15

Which of the following options represents a common practice in the hardening of computing systems to enhance security?

  • Allowing unrestricted root access to all users for convenience

  • Using vendor-supplied default passwords for all devices

  • Updating systems regularly

  • Disabling the firewall on all servers

Question 3 of 15

Allow lists are a security measure that permits only approved entities to access resources.

  • True

  • False

Question 4 of 15

An organization wants to enhance server security by implementing a hardware device that can securely generate and manage cryptographic keys and offload cryptographic operations from the servers, thereby improving performance and security. Which of the following would BEST meet this requirement?

  • TPM

  • Key Management System

  • Secure Enclave

  • Hardware Security Module

Question 5 of 15

An attacker is attempting to extract sensitive information from a company's employee by impersonating a trusted individual over the phone. What is this type of social engineering attack called?

  • Impersonation

  • Vishing

  • Phishing

  • Business email compromise

Question 6 of 15

A company is implementing a web content filtering solution to prevent employees from accessing undesirable websites during work hours. What is the BEST approach that the company should employ to ensure maximum effectiveness of the filtering solution?

  • Using a localized hosts file on each computer to block specific website IPs

  • Implementing a centralized proxy for content categorization and filtering

  • Distributing client-side browser extensions to categorize and block content

  • Depending on employees to self-categorize and avoid undesired content

Question 7 of 15

Which Bluetooth attack method involves an unauthorized individual gaining unauthorized access to a device's data via a previously paired connection in order to extract sensitive information?

  • Bluesmacking

  • Bluesnarfing

  • Bluejacking

  • Bluebugging

Question 8 of 15

A security auditor finds that certain accounts, intended to have standard user permissions, are executing commands that typically require admin rights. Further investigation reveals these accounts have been added to a group with elevated privileges. Which situation does this observation most accurately reflect?

  • Privilege escalation due to unauthorized changes in group memberships

  • Service disruption caused by frequent account lockouts

  • Data exposure from compromised encryption protocols

  • Unauthorized access from unchanged default account passwords

Question 9 of 15

An organization wants to ensure its systems are protected against known security vulnerabilities promptly while maintaining operational stability. Which of the following approaches would BEST achieve this objective?

  • Discontinue the use of software that requires frequent updates

  • Implement an automated testing and deployment process for software fixes

  • Schedule annual security assessments to identify vulnerabilities

  • Restrict user permissions to prevent unauthorized software changes

Question 10 of 15

A company is rolling out a new software update that will significantly change its online purchasing system. Which of the following is the BEST approach to ensure that the update does not adversely affect the security posture of the organization?

  • Conduct a thorough impact analysis prior to deployment.

  • Schedule the update during a maintenance window to reduce downtime.

  • Update all system diagrams to reflect the new software changes.

  • Review and approve the software update through the proper channels.

Question 11 of 15

When evaluating security architecture for an enterprise's network infrastructure, what is the primary reason for ensuring patch availability for all software components?

  • To fix security vulnerabilities and bugs

  • To increase the system's processing speed

  • To enhance the graphical user interface

  • To ensure compatibility with legacy systems

Question 12 of 15

Which type of cryptography allows secure data exchange by utilizing a pair of related keys, addressing the challenge of key distribution without requiring prior secret key sharing?

  • Hashing algorithms

  • Symmetric encryption

  • Asymmetric encryption

  • Steganography

Question 13 of 15

An organization must transmit highly confidential performance reports to a remote analyst. Which technique is most effective in ensuring that this data, if intercepted, cannot be read by unauthorized entities?

  • Applying full-disk encryption on the sender's and recipient's computers

  • Utilizing obfuscation methods when preparing the report

  • Using certificate-based network authentication

  • Implementing end-to-end encryption for the transmission

Question 14 of 15

A security administrator is responsible for maintaining the integrity of software deployed in the company's server environment. They need to detect any unauthorized software modifications and ensure that only approved packages are running on the systems. Which solution should the administrator implement to meet these requirements?

  • Performing regular antivirus scanning on all servers

  • Implementing a file integrity monitoring solution that automatically checks for changes to software packages

  • Configuring systems to receive automatic software updates

  • Maintaining a configuration management database that records installed software versions

Question 15 of 15

When establishing a Business Partners Agreement with a new vendor, what element is most crucial to ensure the protection of sensitive data?

  • Clearly defined security requirements

  • Specific definitions of the parties involved

  • Terms of conflict resolution processes

  • Regularly scheduled review cycles