00:15:00

CompTIA Security+ Practice Test (SY0-701)

Use the form below to configure your CompTIA Security+ Practice Test (SY0-701). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.

Logo for CompTIA Security+ SY0-701
Questions
Number of questions in the practice test
Free users are limited to 20 questions, upgrade to unlimited
Seconds Per Question
Determines how long you have to finish the practice test
Exam Objectives
Which exam objectives should be included in the practice test

CompTIA Security+ SY0-701 Information

CompTIA Security+ Certification Exam Overview

The CompTIA Security+ certification is a vendor-neutral credential that validates foundational security skills and knowledge. The current version of the exam is SY0-701. The SY0-701 exam is a computer-based test that consists of up to 90 questions, with a duration of 90 minutes. Candidates must achieve a minimum passing score of 750 points on a scale of 100-900.

Question Types on the Security+ Exam

The Security+ exam includes two primary types of questions:

  • Multiple-Choice/Multiple-Selection Questions: These questions require candidates to select one or more correct answers from a list of options.
  • Performance-Based Questions (PBQs): These questions involve solving problems in a simulated IT environment, such as command prompt or networking environments. PBQs are also featured in other CompTIA exams, like A+ and Network+.

Exam Prerequisites

CompTIA does not enforce any prerequisites for the Security+ exam. However, it is recommended that candidates have the CompTIA Network+ certification and at least two years of experience in IT administration with a focus on security. Additionally, CompTIA suggests that candidates be at least 13 years old.

Security+ Exam Domains

The SY0-701 exam focuses on five primary domains:

  • General Security Concepts (12%)
  • Threats, Vulnerabilities, and Mitigations (22%)
  • Security Architecture (18%)
  • Security Operations (28%)
  • Security Program Management and Oversight (20%)

These domains are detailed in the exam objectives, which outline the scope of the test, including domain weighting, test objectives, and example topics.

Exam Renewal Policy

The Security+ certification, along with other CompTIA certifications, must be renewed every three years. The bridge exam scheme was retired on December 31, 2010. Post-January 1, 2011, all new certifications are valid for three years from the date of certification. Renewal can be achieved by passing the latest version of the exam or through the Continuing Education (CE) program. This program allows candidates to keep their skills current through various activities that demonstrate industry knowledge.

Testing Centers

CompTIA exams, including Security+, are available exclusively through Pearson VUE testing centers since July 9, 2012. Exams can be scheduled online, by phone, or at the testing center. Candidates can choose between in-person exams at Pearson VUE centers or online testing.

The CompTIA Security+ certification ensures that IT professionals possess the essential security skills and knowledge required to protect and manage today's increasingly complex IT environments.

More reading:

Free CompTIA Security+ SY0-701 Practice Test

Press start when you are ready, or press Change to modify any settings for the practice test.

  • Questions: 15
  • Time: Unlimited
  • Included Topics:
    General Security Concepts
    Threats, Vulnerabilities, and Mitigations
    Security Architecture
    Security Operations
    Security Program Management and Oversight
Question 1 of 15

Which type of security control is primarily intended to discourage a potential attacker from attempting to breach your security perimeter?

  • You selected this option

    Detective

  • You selected this option

    Corrective

  • You selected this option

    Deterrent

  • You selected this option

    Compensating

  • You selected this option

    Preventive

  • You selected this option

    Directive

Question 2 of 15

A company is evaluating options for remote employees to securely access the corporate network. Which of the following solutions would provide the BEST security for sensitive corporate data while maintaining reliable connectivity?

  • You selected this option

    Utilizing remote access software without two-factor authentication for user convenience

  • You selected this option

    Installing a jump server that remote employees can connect to before accessing the corporate network

  • You selected this option

    Allowing remote access through a basic tunneling protocol with no additional encryption

  • You selected this option

    Implementing a Virtual Private Network (VPN) with strong encryption standards for remote connections

Question 3 of 15

As a security administrator, you've implemented a new company policy to review firewall logs daily. During this review, you notice numerous login attempts from foreign IP addresses outside of business hours. Based on this information, which of the following actions should be prioritized to enhance network security?

  • You selected this option

    Review the latest operating system patches for all company servers

  • You selected this option

    Conduct an additional security awareness training session focusing on foreign cyber threats

  • You selected this option

    Update the firmware on the firewall to the latest version

  • You selected this option

    Configure account lockout thresholds to prevent brute-force attacks

Question 4 of 15

The Information Security Policies should be reviewed and updated on a one-time basis only to ensure their effectiveness over time.

  • You selected this option

    True

  • You selected this option

    False

Question 5 of 15

An employee in a financial institution accidentally visited a website by mistyping the URL of a popular financial news portal. Subsequently, the employee reported that their workstation displayed unusual behavior, such as the browser opening on its own and displaying advertisements. The IT security team suspects a security incident through domain impersonation. What is the likely method used by the threat actor to compromise the employee's workstation?

  • You selected this option

    Domain kiting

  • You selected this option

    Typosquatting

  • You selected this option

    Phishing attempt through a deceptive email

  • You selected this option

    Domain slamming

Question 6 of 15

Which state describes information that is being processed by an application?

  • You selected this option

    Data in use

  • You selected this option

    Data at rest

  • You selected this option

    Encrypted data

  • You selected this option

    Data in transit

Question 7 of 15

A company is planning to implement a new online transaction processing system that will handle sensitive customer payment information. The system is expected to be highly available and scalable during peak transaction periods. To meet these requirements while considering security, which architecture model should the company consider adopting?

  • You selected this option

    Microservices

  • You selected this option

    Monolithic

  • You selected this option

    Serverless

  • You selected this option

    On-premises

Question 8 of 15

During a security assessment, you identified that an employee's desktop application for managing customer data allows for executing arbitrary database queries by modifying inputs within the application. This vulnerability can be exploited by attackers to manipulate or exfiltrate sensitive data from the company database. Which specific type of vulnerability does this scenario describe?

  • You selected this option

    Buffer overflow

  • You selected this option

    Cross-site scripting (XSS)

  • You selected this option

    Directory traversal

  • You selected this option

    SQL injection (SQLi)

Question 9 of 15

Which authentication protocol uses a ticket-granting service as part of its mechanism to provide access to resources across a network?

  • You selected this option

    Kerberos

  • You selected this option

    Simple Sign-On

  • You selected this option

    Network Access Token

  • You selected this option

    Direct Access

Question 10 of 15

Which of the following BEST describes the responsibility of an Owner in the context of data management and protection within an organization?

  • You selected this option

    Conducting periodic audits and reviews of access controls and security measures

  • You selected this option

    Designing and implementing the system's technical architecture that supports data processing requirements

  • You selected this option

    Determining the classification of the data and the necessary controls for its protection

  • You selected this option

    Executing routine tasks such as data backups and applying security patches to the data management systems

Question 11 of 15

In the event of failure, the external firewall is configured to stop allowing traffic to pass through. This is an example of what concept?

  • You selected this option

    Fail-safe

  • You selected this option

    Fail-closed

  • You selected this option

    Fail-on

  • You selected this option

    Fail-open

Question 12 of 15

During a routine audit, your security team has discovered an unauthorized active directory tool being used by the marketing department to synchronize contact information across platforms. The team suspects that this is a case of Shadow IT. What is the PRIMARY risk associated with this discovery?

  • You selected this option

    Security breaches due to unauthorized applications bypassing organizational security processes

  • You selected this option

    Increased IT budget due to additional user licenses required for the unauthorized tool

  • You selected this option

    Decreased usage of IT-approved communication tools

  • You selected this option

    Increased productivity and efficiency within the marketing department

Question 13 of 15

Which type of attack involves attempting possible combination of letters, numbers, and symbols until the correct password is found, often leading to unauthorized system access?

  • You selected this option

    Phishing

  • You selected this option

    Brute force attack

  • You selected this option

    Dictionary attack

  • You selected this option

    Spoofing

Question 14 of 15

A screened subnet is intended to act as an isolated network segment separating a private network from untrusted external networks.

  • You selected this option

    False

  • You selected this option

    True

Question 15 of 15

A financial organization is transitioning its customer-facing portal to a cloud-based service. Considering the data's sensitive nature and regulatory compliance needs, which task would typically be under the organization's control after the migration?

  • You selected this option

    Maintaining the environmental controls such as humidity and temperature within the data center.

  • You selected this option

    Ensuring the physical servers hosting the service are up-to-date with the latest firmware patches.

  • You selected this option

    Implementing secure coding practices and patch management for the portal's codebase.

  • You selected this option

    Upgrading network infrastructure components like routers and switches to support higher data throughput.