CompTIA Security+ Practice Test (SY0-701)
Use the form below to configure your CompTIA Security+ Practice Test (SY0-701). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.
CompTIA Security+ SY0-701 (V7) Information
CompTIA Security+ Certification Exam Overview
The CompTIA Security+ certification is a vendor-neutral credential that validates foundational security skills and knowledge. The current version of the exam is SY0-701. The SY0-701 exam is a computer-based test that consists of up to 90 questions, with a duration of 90 minutes. Candidates must achieve a minimum passing score of 750 points on a scale of 100-900.
Question Types on the Security+ Exam
The Security+ exam includes two primary types of questions:
- Multiple-Choice/Multiple-Selection Questions: These questions require candidates to select one or more correct answers from a list of options.
- Performance-Based Questions (PBQs): These questions involve solving problems in a simulated IT environment, such as command prompt or networking environments. PBQs are also featured in other CompTIA exams, like A+ and Network+.
Exam Prerequisites
CompTIA does not enforce any prerequisites for the Security+ exam. However, it is recommended that candidates have the CompTIA Network+ certification and at least two years of experience in IT administration with a focus on security. Additionally, CompTIA suggests that candidates be at least 13 years old.
Security+ Exam Domains
The SY0-701 exam focuses on five primary domains:
- General Security Concepts (12%)
- Threats, Vulnerabilities, and Mitigations (22%)
- Security Architecture (18%)
- Security Operations (28%)
- Security Program Management and Oversight (20%)
These domains are detailed in the exam objectives, which outline the scope of the test, including domain weighting, test objectives, and example topics.
Exam Renewal Policy
The Security+ certification, along with other CompTIA certifications, must be renewed every three years. The bridge exam scheme was retired on December 31, 2010. Post-January 1, 2011, all new certifications are valid for three years from the date of certification. Renewal can be achieved by passing the latest version of the exam or through the Continuing Education (CE) program. This program allows candidates to keep their skills current through various activities that demonstrate industry knowledge.
Testing Centers
CompTIA exams, including Security+, are available exclusively through Pearson VUE testing centers since July 9, 2012. Exams can be scheduled online, by phone, or at the testing center. Candidates can choose between in-person exams at Pearson VUE centers or online testing.
The CompTIA Security+ certification ensures that IT professionals possess the essential security skills and knowledge required to protect and manage today's increasingly complex IT environments.
More reading:
Free CompTIA Security+ SY0-701 (V7) Practice Test
- 20 Questions
- Unlimited
- General Security ConceptsThreats, Vulnerabilities, and MitigationsSecurity ArchitectureSecurity OperationsSecurity Program Management and Oversight
A security analyst reviews an incident report detailing that an attacker, after compromising a guest virtual machine, exploited a flaw in the hypervisor. This action allowed the attacker to gain unauthorized access to the host operating system and other VMs on the same physical server. Which of the following vulnerability types does this incident describe?
VM escape
Buffer overflow
Firmware compromise
SQL injection
Answer Description
A Virtual Machine (VM) escape is a security vulnerability that allows an attacker to break out from an isolated virtual machine and interact with the host operating system or other VMs. This type of vulnerability is particularly concerning because it undermines the isolation that is a fundamental security principle of virtualization. The other options are incorrect. Buffer overflow and SQL injection are general vulnerability types but are not specific to breaking out of a virtualized environment. A firmware compromise relates to attacks against the low-level software embedded in hardware, which is a different attack vector.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is VM escape?
How does a hypervisor relate to VM escape?
What are some best practices to mitigate the risk of VM escape?
A company is drafting a security policy for its BYOD program. The draft states that employees' personal mobile devices must be secured using only the device's built-in biometric authentication, such as a fingerprint or face scan. A security analyst is asked to review the policy. Which of the following is the BEST reason for the analyst to recommend against this policy?
Relying on biometrics leads to high battery consumption on mobile devices.
Biometric authentication is a single factor that can be bypassed or spoofed, leaving the device vulnerable.
Biometric authentication is not supported by most mobile device management (MDM) platforms.
Users often find biometric authentication less convenient than a traditional password.
Answer Description
While biometric authentication provides a convenient and personal security layer, it should not be the sole method of protection. Biometric systems can be bypassed or spoofed using various techniques. Furthermore, a single authentication factor is inherently weaker than a multi-factor approach. Therefore, the best practice is to require biometrics in conjunction with another factor, like a strong PIN or password, as part of a multi-factor authentication (MFA) strategy to provide defense-in-depth.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the main vulnerabilities of biometric authentication?
Why is multi-factor authentication stronger than single-factor authentication?
How does built-in biometric authentication interact with mobile device management (MDM) platforms?
Which of the following best describes the primary purpose of directive controls in a security context?
To provide guidance and instructions on maintaining security
To implement and manage security technologies
To discourage potential attackers from targeting the organization
To detect and respond to security incidents after they occur
Answer Description
Directive controls are designed to direct the actions of individuals or systems within an organization. They provide guidance and instructions on how to maintain security and comply with established policies. Examples of directive controls include security policies and guidelines that outline acceptable behaviors, procedures, and best practices. These controls help ensure that employees and systems operate in a manner consistent with the organization's security objectives.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some examples of directive controls?
How do directive controls differ from preventative controls?
Why are directive controls important for compliance?
An administrator is tasked with enhancing the password policy to protect against unauthorized attempts to guess user credentials. Which of the following would be the BEST method to mitigate the risk of these types of attacks?
Increase the minimum password length requirement to 16 characters
Set up alerts to monitor accounts for a high number of failed login attempts
Implement an account lockout policy after three unsuccessful login attempts
Require users to change their password every 30 days
Answer Description
Account lockout policies are specifically designed to prevent brute force attacks by locking an account after a certain number of failed login attempts. This directly mitigates the risk by stopping the attacker from continuously trying different password combinations. Using longer passwords increases the difficulty of success for an attacker but does not block continuous attempts. Frequent password changes can be counterproductive as they might lead to weaker password choices by users. Monitoring for failed logins is a reactive measure which helps in identifying that a brute force attack may be occurring but does not prevent it.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an account lockout policy and how does it work?
Why are longer passwords not enough to prevent brute force attacks?
Why is requiring frequent password changes potentially counterproductive?
Which solution aggregates logs and other security data from various hardware and software systems in an organization to assist in identifying and managing potential security incidents?
Data Loss Prevention system
Intrusion Detection System
Network Management with Simple Network Management Protocol traps
Security Information and Event Management system
Answer Description
A Security Information and Event Management system collects and correlates events from different sources across the organization's infrastructure to identify aberrant activities that may signify security threats. The incorrect options do not primarily focus on aggregating and analyzing data from multiple resources to identify security incidents; Data Loss Prevention focuses on protecting sensitive data from leaks, Network Management uses SNMP traps mainly for network device management, and Intrusion Detection Systems monitor network traffic to identify potential malicious activity.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a SIEM system?
How does a SIEM system differ from an IDS?
What role does log aggregation play in a SIEM system?
What type of malware typically encrypts an organization's data and demands payment for the decryption key?
Virus
Worm
Trojan
Ransomware
Answer Description
Ransomware is a type of malware that encrypts the victim's data and requires payment, often demanded in cryptocurrency, to provide the decryption key. This description matches exactly what ransomware does. A Trojan is a malicious program disguised as legitimate software. A Worm replicates itself to spread to other computers, and a Virus requires user interaction to spread and is not defined by demanding a ransom.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How does ransomware spread to an organization's devices?
Why do cybercriminals often demand payment in cryptocurrency for ransomware attacks?
How can organizations prevent and recover from ransomware attacks?
Administrators at a financial institution have noticed that its transaction processing application terminates unexpectedly whenever excessively long strings of characters are entered into the input fields. Which vulnerability might be the most likely cause of this application behavior?
SQL Injection
Directory Traversal
Cross-Site Scripting (XSS)
Buffer Overflow
Answer Description
The described scenario suggests that the application is experiencing a Buffer Overflow vulnerability. Buffer overflow happens when a program attempts to write more data to a fixed-length block of memory, or buffer, than it is allocated to hold. Since the application is crashing when processing long strings, it is likely that the allocated memory for the input data is being exceeded, causing the application to terminate unexpectedly. SQL Injection vulnerabilities are exploited by entering malicious SQL statements into input fields, aiming to manipulate the back-end database, which is not related to the length of input causing crashes. Cross-Site Scripting (XSS) vulnerabilities exploit the way browsers parse HTML and JavaScript but would not cause the application to terminate in the described manner. Directory Traversal attacks aim at accessing files and directories that are stored outside the web root folder, and although they are serious, they do not fit the symptoms described.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a buffer overflow?
Why does a buffer overflow cause an application to crash?
How is a buffer overflow different from SQL Injection?
Your company's data center experienced a critical server failure that disrupted operations for the e-commerce platform. As part of the business continuity plan, what metric should be used to determine the maximum tolerable duration of the disruption before significant losses occur?
Mean Time Between Failures (MTBF)
Recovery Time Objective (RTO)
Recovery Point Objective (RPO)
Mean Time to Repair (MTTR)
Answer Description
The Recovery Time Objective (RTO) is the target time set for the recovery of IT and business activities after a disaster has occurred. It defines the maximum tolerable duration of disruption before the business suffers significant losses or unacceptable consequences. RTO is crucial in developing disaster recovery strategies and allocating the appropriate resources to ensure business continuity.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between RTO and RPO?
How do you determine an appropriate RTO for a business?
How does RTO relate to disaster recovery planning?
A developer allocates a 32-byte character array to store a username but does not validate the length of user input. An attacker submits 128 characters, causing data to be written past the end of the array and overwriting adjacent memory addresses. Which type of vulnerability is the attacker exploiting?
Buffer overflow
SQL injection
Directory traversal
Cross-site scripting (XSS)
Answer Description
Writing more data to a fixed-length memory buffer than it was allocated to hold is a classic buffer overflow. The excess data overwrites neighboring memory, which can result in crashes or allow the attacker to execute arbitrary code. SQL injection and XSS target web application input handling, while directory traversal manipulates file-system paths; none of these involve overrunning a memory buffer.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a buffer overflow?
How can buffer overflows be prevented?
What is the difference between a buffer overflow and SQL injection?
An administrator needs to securely access and manage servers located in an isolated, high-security network segment. To minimize the attack surface, direct administrative access from the general corporate network is prohibited. Which of the following should be used to provide a controlled and monitored entry point for this purpose?
Load balancer
VPN concentrator
Proxy server
Jump server
Answer Description
A jump server, also known as a jump host or bastion host, is a hardened server that acts as a secure intermediary and single point of entry for administrators to connect to other devices in a separate security zone. This approach centralizes access control and monitoring.
A proxy server primarily acts as an intermediary for user requests to other servers (like web servers), but it is not specifically designed for administrative access sessions. A load balancer distributes incoming traffic across multiple servers to improve availability and performance but does not serve as a secure administrative gateway. A VPN concentrator is used to establish secure, encrypted tunnels for remote access, but it typically provides broader network-level access rather than the specific, audited host-to-host administrative access that a jump server provides.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a jump server and how does it provide secure access?
Why is a VPN concentrator not suitable for controlling administrative access?
How does a jump server differ from a proxy server in function?
A network administrator is configuring a new file server. The goal is to simplify permissions by creating groups such as 'Marketing', 'Developers', and 'Executives'. Each user will be assigned to one or more of these groups, and their access to files and folders will be determined solely by their group memberships. Which access control model is the administrator implementing?
Role-Based Access Control (RBAC)
Attribute-Based Access Control (ABAC)
Mandatory Access Control (MAC)
Discretionary Access Control (DAC)
Answer Description
Role-Based Access Control (RBAC) is being implemented. This model grants or denies access based on the roles or groups assigned to users. In this scenario, the 'Marketing', 'Developers', and 'Executives' groups are the roles that determine access rights.
Discretionary Access Control (DAC) is incorrect because it allows the owner of the resource to grant access at their discretion, rather than relying on predefined group-based permissions.
Mandatory Access Control (MAC) is incorrect because it is a stricter model that uses security labels (like 'Confidential' or 'Secret') assigned to both users and resources, which are enforced by the system. It is not based on user-defined groups or roles.
Attribute-Based Access Control (ABAC) is incorrect because it uses a more dynamic set of rules based on attributes of the user, resource, and environment (like time of day or location), not just a user's role or group membership.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Role-Based Access Control (RBAC)?
How does RBAC differ from Discretionary Access Control (DAC)?
Can RBAC be combined with other access control models like ABAC?
What best describes the significance of an expedited reaction time during an incident response?
It minimizes the window of opportunity for attackers, reducing potential damage
It increases the time available for attackers to spread to other network segments
It allows attackers more time to remain undetected within the network
It requires additional resources to be spent on public relations and communication strategies
Answer Description
An expedited reaction time is significant because it minimizes the window of opportunity for an attacker to cause damage or exfiltrate data. This directly corresponds to limiting the severity of the incident, preserving organizational resources, and protecting sensitive information. Ensuring a rapid response is fundamental to effective incident management, aligning with the objectives of maintaining operational resiliency.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is a shorter reaction time critical during an incident response?
What tools or strategies help improve reaction time during an incident response?
How does an Incident Response Plan (IRP) support faster reaction times?
During a quarterly strategy meeting, senior leadership agrees to undertake a series of high-budget R&D projects and enter two new international markets within the next 12 months. Management acknowledges that these moves could significantly increase financial and regulatory exposure but believes the possible returns justify the added uncertainty. Which risk-appetite classification best describes this stance?
Conservative risk appetite
Risk avoidance
Neutral risk appetite
Expansionary risk appetite
Answer Description
An expansionary risk appetite indicates a willingness to accept higher levels of risk in pursuit of significant rewards or growth opportunities. This aligns with the organization's strategy to pursue aggressive growth. A conservative risk appetite involves minimizing risk and focusing on stability, which does not fit the scenario. A neutral risk appetite represents a moderate approach to risk, neither seeking high risk nor avoiding it entirely. Risk avoidance is a strategy where all risks are eliminated, which contradicts the organization's acceptance of higher risks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is meant by 'risk appetite' in the context of organizational strategy?
What differentiates expansionary risk appetite from conservative risk appetite?
How does regulatory exposure factor into risk appetite decisions?
An employee in a financial institution accidentally visited a website by mistyping the URL of a popular financial news portal. Subsequently, the employee reported that their workstation displayed unusual behavior, such as the browser opening on its own and displaying advertisements. The IT security team suspects a security incident through domain impersonation. What is the likely method used by the threat actor to compromise the employee's workstation?
Typosquatting
Domain kiting
Domain slamming
Phishing attempt through a deceptive email
Answer Description
Typosquatting relies on users making mistakes while typing a URL, leading them to land on a malicious site that mimics a legitimate one. Once the user visits the fake website, the threat actor can execute various malicious activities including malware infection. Incorrect spelling variants in URLs are a hallmark of this technique, therefore, visiting a website with a misspelled URL that resulted in these symptoms indicates a typosquatting attack. Misdirecting and phishing attempts, while also deceptive, typically involve more direct interaction, such as fake emails or links, not the accidental misspelling of a URL. Similarly, domain kiting and domain slamming are related to domain registration practices, not user typos.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What exactly is typosquatting, and how does it work?
How can organizations detect and prevent typosquatting attacks?
What are the differences between typosquatting, phishing, and domain kiting?
During an organization's security policy review meeting, it was observed that there is currently no formal policy pertaining to the acceptable use of organizational assets and network resources. As part of establishing robust security governance within the company, which of the following policies should be proposed and implemented first to address this issue?
Software Development Lifecycle (SDLC) Policy
Disaster Recovery Policy
Acceptable Use Policy (AUP)
Change Management Policy
Answer Description
An Acceptable Use Policy (AUP) provides a set of rules and guidelines that outline how the organization's assets and network resources should be used. It helps to ensure that employees and other stakeholders are aware of what constitutes appropriate and inappropriate use, thereby protecting the organization from various risks associated with misuse. The other options listed do not directly address the specific need for governing the use of organizational assets and network resources.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of an Acceptable Use Policy (AUP)?
What are examples of rules included in an AUP?
How does an AUP protect an organization from risks?
A junior security administrator has been tasked with recommending solutions to prevent unauthorized individuals from physically entering a company's new sensitive data center. The administrator is considering options such as biometric scanners, mantraps, and security guards. Which category of security controls do these solutions fall under?
Perimeter controls
Physical controls
Logical controls
Administrative controls
Answer Description
Physical access controls are measures designed to restrict entry to physical areas like data centers. The recommended solutions, such as biometric scanners, mantraps, and security guards, are all examples of physical controls. Logical access controls refer to software-based mechanisms like passwords, firewalls, and access control lists (ACLs) that protect data and systems. Administrative controls are policies and procedures, such as security awareness training and personnel background checks. Perimeter controls can refer to the physical perimeter (fences) or network perimeter (firewalls), but 'physical controls' is the specific category for controlling entry into a room.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some examples of physical access controls?
How do physical access controls differ from logical access controls?
What is a mantrap and how does it enhance security?
A procurement specialist is drafting a request for proposal (RFP) to acquire a cloud-based HR application that will store sensitive employee information. According to best practice for the acquisition/procurement process, why is it critical to embed explicit security requirements in the RFP and contract rather than waiting until after the system goes live?
To ensure security controls are integrated into the design and contractual obligations from the beginning, reducing overall risks and retrofit costs
To merely comply with external audit requirements, with minimal focus on actual security postures
To avoid the need for any further security assessments or monitoring once the system is deployed
To transfer the responsibility for security entirely from the organization to the external vendor
Answer Description
Including detailed security requirements during procurement ensures that controls are built into the service design and contract, binding the vendor to those obligations and reducing risk from the outset. Retrofitting security after deployment is typically more costly and leaves the organization exposed to avoidable threats while changes are made.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it more expensive to retrofit security controls after deployment?
What are some examples of specific security requirements that should be included in an RFP?
How does embedding security requirements in the RFP help reduce risk?
During a security operations review, a team lead proposes automating routine incident-ticket creation and baseline-enforcement scripts. The chief information security officer asks what primary benefit this automation will bring to day-to-day security workflows. Which of the following benefits best addresses the CISO's question?
Efficiency/time saving
Guaranteed cost reduction
Standardized risk spread throughout the organization
Reduction of complexity
Answer Description
Efficiency/time saving is considered a primary benefit of automation in security operations because repetitive tasks execute much faster and with fewer errors, allowing staff to focus on higher-value investigative work. Complexity is actually an implementation challenge, cost savings are possible but not guaranteed once tooling and maintenance are included, and automation does not inherently distribute risk across the organization.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What types of tasks are typically automated in secure operations?
How does automation reduce human error in secure operations?
Are there any challenges associated with implementing automation in secure operations?
A banking application verifies a user's account balance before processing a withdrawal. However, due to a delay between the balance check and the withdrawal transaction, an attacker manages to initiate multiple withdrawals before the balance is updated, resulting in an overdraft. What type of vulnerability does this scenario illustrate?
SQL injection flaw due to improper query handling.
Brute force attack targeting user authentication mechanisms.
Cross-site scripting (XSS) vulnerability in the input fields.
Race condition allowing exploitation of timing gaps between operations.
Answer Description
This scenario illustrates a race condition, where the attacker exploits the timing discrepancy between checking the account balance and processing the withdrawal. By initiating multiple withdrawals in quick succession, the attacker takes advantage of the window where the balance hasn't been updated yet.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Can you explain more about race conditions?
Why are banking applications particularly vulnerable to race conditions?
How can developers prevent race conditions in systems like banking applications?
During a risk assessment it was concluded that the value of an asset was less than the cost of the security control needed to protect it from an identified risk. Because of this, it has been decided not to use the control but still utilize the asset. What type of risk management strategy is being used?
Mitigation
Avoidance
Acceptance
Transference
Answer Description
Risk acceptance is the risk management strategy where a risk to an asset is accepted and no action is taken. This usually happens when the cost to mitigate the risk is more than the loss that would occur in the event the risk materializes.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the concept of risk acceptance in risk management?
How does risk acceptance differ from risk transference?
What factors should be considered before choosing risk acceptance as a strategy?
Woo!
Looks like that's it! You can go back and review your answers or click the button below to grade your test.