00:15:00

CompTIA Security+ Practice Test (SY0-701)

Use the form below to configure your CompTIA Security+ Practice Test (SY0-701). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.

Logo for CompTIA Security+ SY0-701 (V7)
Questions
Number of questions in the practice test
Free users are limited to 20 questions, upgrade to unlimited
Seconds Per Question
Determines how long you have to finish the practice test
Exam Objectives
Which exam objectives should be included in the practice test

CompTIA Security+ SY0-701 (V7) Information

CompTIA Security+ Certification Exam Overview

The CompTIA Security+ certification is a vendor-neutral credential that validates foundational security skills and knowledge. The current version of the exam is SY0-701. The SY0-701 exam is a computer-based test that consists of up to 90 questions, with a duration of 90 minutes. Candidates must achieve a minimum passing score of 750 points on a scale of 100-900.

Question Types on the Security+ Exam

The Security+ exam includes two primary types of questions:

  • Multiple-Choice/Multiple-Selection Questions: These questions require candidates to select one or more correct answers from a list of options.
  • Performance-Based Questions (PBQs): These questions involve solving problems in a simulated IT environment, such as command prompt or networking environments. PBQs are also featured in other CompTIA exams, like A+ and Network+.

Exam Prerequisites

CompTIA does not enforce any prerequisites for the Security+ exam. However, it is recommended that candidates have the CompTIA Network+ certification and at least two years of experience in IT administration with a focus on security. Additionally, CompTIA suggests that candidates be at least 13 years old.

Security+ Exam Domains

The SY0-701 exam focuses on five primary domains:

  • General Security Concepts (12%)
  • Threats, Vulnerabilities, and Mitigations (22%)
  • Security Architecture (18%)
  • Security Operations (28%)
  • Security Program Management and Oversight (20%)

These domains are detailed in the exam objectives, which outline the scope of the test, including domain weighting, test objectives, and example topics.

Exam Renewal Policy

The Security+ certification, along with other CompTIA certifications, must be renewed every three years. The bridge exam scheme was retired on December 31, 2010. Post-January 1, 2011, all new certifications are valid for three years from the date of certification. Renewal can be achieved by passing the latest version of the exam or through the Continuing Education (CE) program. This program allows candidates to keep their skills current through various activities that demonstrate industry knowledge.

Testing Centers

CompTIA exams, including Security+, are available exclusively through Pearson VUE testing centers since July 9, 2012. Exams can be scheduled online, by phone, or at the testing center. Candidates can choose between in-person exams at Pearson VUE centers or online testing.

The CompTIA Security+ certification ensures that IT professionals possess the essential security skills and knowledge required to protect and manage today's increasingly complex IT environments.

More reading:

Free CompTIA Security+ SY0-701 (V7) Practice Test

Press start when you are ready, or press Change to modify any settings for the practice test.

  • Questions: 15
  • Time: Unlimited
  • Included Topics:
    General Security Concepts
    Threats, Vulnerabilities, and Mitigations
    Security Architecture
    Security Operations
    Security Program Management and Oversight
Question 1 of 15

What term describes a concept in which automation tools are utilized to handle repetitive tasks, allowing the security team to focus on more complex responsibilities and effectively increasing the team's productivity without necessarily increasing the number of team members?

  • Workforce enhancer

  • Workforce multiplier

  • Efficiency optimizer

  • Team scaler

Question 2 of 15

What type of vulnerability within virtualized environments allows an attacker to access the host machine from within a virtual machine?

  • Buffer overflow

  • Firmware compromise

  • SQL injection

  • VM escape

Question 3 of 15

During the analysis phase of an incident, an analyst is tasked with determining the scope of a suspected breach on several servers. Which data source will MOST likely provide the comprehensive information required to assess the activities on the affected servers?

  • Operating system-specific security logs

  • Vulnerability scans

  • Packet captures

  • Firewall logs

Question 4 of 15

Which of the following best describes the 'Confidential' data classification in a security architecture?

  • Information that has the highest level of protection and is intended for a very limited audience.

  • Information that requires some level of protection but is not expected to cause significant harm if disclosed.

  • Information that is available to the public and does not require special protection measures.

  • Information that requires strict access controls and protection because its unauthorized disclosure could significantly impact the organization or individuals.

Question 5 of 15

An organization has noticed that employees are accessing sensitive files unrelated to their responsibilities. The company wants to ensure that users can access only the data required for their tasks. Which of the following methods would BEST address this issue?

  • Implementing role-based access control

  • Enforcing multi-factor authentication

  • Encrypting all sensitive files

  • Applying network segmentation

Question 6 of 15

You want to limit the company losses/downtime in the event that there is data loss so you institute a data backup and recovery strategy. Which control type is being used?

  • Compensating

  • Deterrent

  • Detective

  • Corrective

  • Preventive

Question 7 of 15

What is the consequence of opting for expedient development and deployment measures that prioritize immediate functionality over long-term code maintainability and stability?

  • Code regression

  • Configuration drift

  • System entropy

  • Technical debt

Question 8 of 15

Which of the following best describes why an organization must be aware of local and regional regulations when developing their security program?

  • To apply universal standards of cybersecurity that are recognized globally.

  • To simplify the security program management by adhering to broader compliance laws.

  • To avoid the need for customizing security measures for different company branches.

  • To ensure compliance with specific legal requirements that may not be covered by national or global standards.

Question 9 of 15

Which of the following BEST illustrates the purpose of performing regular self-assessments of security governance within an organization?

  • To ensure that all new technological implementations are secure before they go live into the production environment.

  • To reactively provide details to stakeholders following a security breach or incident.

  • To measure and analyze the effectiveness and compliance of the security governance against internal standards and regulatory requirements.

  • To assess individual employee compliance with security training requirements on an annual basis.

Question 10 of 15

What term best describes a user who repeatedly attempts to access resources outside the scope of their permissions, which may indicate a possible security violation?

  • Anomalous Behavior

  • Acceptable Use Agreement

  • Baseline Compliance

  • Standard Operating Procedure

Question 11 of 15

A company is evaluating options for remote employees to securely access the corporate network. Which of the following solutions would provide the BEST security for sensitive corporate data while maintaining reliable connectivity?

  • Utilizing remote access software without two-factor authentication for user convenience

  • Installing a jump server that remote employees can connect to before accessing the corporate network

  • Implementing a Virtual Private Network (VPN) with strong encryption standards for remote connections

  • Allowing remote access through a basic tunneling protocol with no additional encryption

Question 12 of 15

Which of the following is a physical device used to securely generate, store, and manage cryptographic keys, offering high levels of security for encryption processes?

  • Key Management System

  • Secure Enclave

  • Trusted Platform Module

  • Hardware Security Module

Question 13 of 15

A corporate network administrator is configuring access control on the switches to allow only authorized devices to connect to the LAN. The administrator wants to dynamically assign VLANs based on user identity and prevent unauthorized network access at the port level. Which of the following should be implemented?

  • Utilizing port security with MAC address filtering on the switches

  • Implementing 802.1X on the network switches

  • Setting up Layer 7 firewall rules to assign VLANs

  • Configuring a WAF (Web Application Firewall) for VLAN assignment

Question 14 of 15

Which system is implemented to safeguard sensitive information from being leaked outside of the corporate network?

  • Intrusion Prevention System (IPS)

  • Firewall

  • Data Loss Prevention (DLP) system

  • Antivirus software

Question 15 of 15

Which method should an organization implement to enhance its network security by dividing network traffic into distinct zones, where each can be governed by different security controls?

  • Establishing separate network segments for different departmental functions

  • Enabling secure channels for the transmission of sensitive data across the network

  • Instituting granular subnets for all devices based on IP address classifications

  • Installing firewalls to monitor and filter incoming and outgoing traffic