CompTIA Security+ Practice Test (SY0-701)
Use the form below to configure your CompTIA Security+ Practice Test (SY0-701). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.

CompTIA Security+ SY0-701 Information
CompTIA Security+ Certification Exam Overview
The CompTIA Security+ certification is a vendor-neutral credential that validates foundational security skills and knowledge. The current version of the exam is SY0-701. The SY0-701 exam is a computer-based test that consists of up to 90 questions, with a duration of 90 minutes. Candidates must achieve a minimum passing score of 750 points on a scale of 100-900.
Question Types on the Security+ Exam
The Security+ exam includes two primary types of questions:
- Multiple-Choice/Multiple-Selection Questions: These questions require candidates to select one or more correct answers from a list of options.
- Performance-Based Questions (PBQs): These questions involve solving problems in a simulated IT environment, such as command prompt or networking environments. PBQs are also featured in other CompTIA exams, like A+ and Network+.
Exam Prerequisites
CompTIA does not enforce any prerequisites for the Security+ exam. However, it is recommended that candidates have the CompTIA Network+ certification and at least two years of experience in IT administration with a focus on security. Additionally, CompTIA suggests that candidates be at least 13 years old.
Security+ Exam Domains
The SY0-701 exam focuses on five primary domains:
- General Security Concepts (12%)
- Threats, Vulnerabilities, and Mitigations (22%)
- Security Architecture (18%)
- Security Operations (28%)
- Security Program Management and Oversight (20%)
These domains are detailed in the exam objectives, which outline the scope of the test, including domain weighting, test objectives, and example topics.
Exam Renewal Policy
The Security+ certification, along with other CompTIA certifications, must be renewed every three years. The bridge exam scheme was retired on December 31, 2010. Post-January 1, 2011, all new certifications are valid for three years from the date of certification. Renewal can be achieved by passing the latest version of the exam or through the Continuing Education (CE) program. This program allows candidates to keep their skills current through various activities that demonstrate industry knowledge.
Testing Centers
CompTIA exams, including Security+, are available exclusively through Pearson VUE testing centers since July 9, 2012. Exams can be scheduled online, by phone, or at the testing center. Candidates can choose between in-person exams at Pearson VUE centers or online testing.
The CompTIA Security+ certification ensures that IT professionals possess the essential security skills and knowledge required to protect and manage today's increasingly complex IT environments.
More reading:
Scroll down to see your responses and detailed results
Free CompTIA Security+ SY0-701 Practice Test
Press start when you are ready, or press Change to modify any settings for the practice test.
- Questions: 15
- Time: Unlimited
- Included Topics:General Security ConceptsThreats, Vulnerabilities, and MitigationsSecurity ArchitectureSecurity OperationsSecurity Program Management and Oversight
A playbook includes a collection of pre-defined rules, actions, and recommendations to automate response and remediation activities for common security incidents.
- You selected this option
True
- You selected this option
False
Answer Description
A playbook is indeed a set of predefined rules, actions, and recommendations designed to standardize the approach to handling security incidents. It often includes automated responses to streamline the remediation process and ensure a consistent and efficient reaction to common incidents across the organization.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What types of incidents can be addressed by a playbook?
How does automation in playbooks improve incident response?
What components are typically included in a security incident playbook?
Which of the following best describes the process of sanitization in asset disposal?
- You selected this option
Physically destroying a storage device to prevent it from being repurposed.
- You selected this option
Removing all data from a storage device to prevent data retrieval when it is disposed of or repurposed.
- You selected this option
Compressing files on a storage device to save space before disposal.
- You selected this option
Encrypting the contents of a storage device as part of the disposal process.
Answer Description
Sanitization refers to the thorough removal of data from storage devices to prevent data retrieval and unauthorized access after the device is disposed of or repurposed. Physically destroying the device is an extreme form but not the definition of sanitization, which focuses more on data removal. Compression and encryption are data protection methods that do not involve data removal for disposal.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some common methods used for data sanitization?
What is the importance of data sanitization in asset disposal?
How does sanitization differ from simple deletion or formatting?
Allow lists are a security measure that permits only approved entities to access resources.
- You selected this option
True
- You selected this option
False
Answer Description
Allow lists specify which entities are permitted access, enhancing security by restricting unauthorized access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are allow lists and how do they work?
What are some advantages of using allow lists over deny lists?
How do I create an effective allow list?
Which of the following consequences directly arises from a violation of security clauses within a business agreement between two companies?
- You selected this option
Regulatory fines imposed by a third-party authority
- You selected this option
Contractual penalties such as fines and legal action
- You selected this option
Inevitable loss of business and clients
- You selected this option
Mandated immediate cybersecurity upgrades
Answer Description
Contractual penalties are specific consequences stipulated in a business agreement that a violating party may incur in the event of a security clause breach. These often include fines and legal action as a direct recourse available to the other party. Loss of business is a secondary effect that may naturally follow due to damaged trust but is not typically an immediate consequence outlined in contracts. Similarly, regulatory fines are imposed by authorities for non-compliance with laws, not for breaches of contracts between private entities. Lastly, forced cybersecurity upgrades are a potential contractual requirement post-breach, but they are not usually an immediate punitive measure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are contractual penalties?
What types of legal action could result from a breach of security clauses?
How do security clauses impact business relationships?
A company is revising its strategic plan and wants to balance its growth objectives with its information security risks. The company seeks neither to aggressively pursue risk for potential gains nor to minimize risk at the expense of new opportunities. Which of the following best describes the company's risk strategy?
- You selected this option
The company strictly minimizes any potential security risks, even if it means passing on potentially lucrative opportunities.
- You selected this option
The company is adopting a neutral risk strategy to support steady growth while efficiently managing security risks.
- You selected this option
The company assesses security risks on a case-by-case basis, with no predefined strategy towards risk.
- You selected this option
The company is aggressively expanding into new markets, often prioritizing potential gains over the strict management of information security risks.
Answer Description
An organization with a neutral risk appetite is one that seeks to maintain a balance between accepting some levels of risk and pursuing new opportunities, without skewing too far towards either risk aversion or risk seeking. Choice A best aligns with this balanced approach, whereas the other options suggest either a greater willingness to take on risk (expansionary) or a more conservative stance (conservative) that minimizes risk exposure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does a neutral risk strategy entail?
What are the implications of having a neutral risk appetite?
How does a neutral risk strategy differ from risk aversion and risk seeking?
Which type of digital certificate allows an organization to secure all subdomains of a domain with a single certificate?
- You selected this option
Root certificate
- You selected this option
Wildcard certificate
- You selected this option
Self-signed certificate
- You selected this option
Extended Validation certificate
Answer Description
A wildcard certificate allows an organization to secure a domain and all of its subdomains with a single certificate. This is achieved by using an asterisk (*) in the domain name portion of the certificate, representing all possible subdomains. Self-signed certificates are generated by the owner and are not trusted by default by browsers and operating systems. Extended Validation (EV) certificates provide higher levels of trust through a rigorous authentication process but do not inherently support multiple subdomains. Root certificates are used to sign other certificates in a certificate hierarchy but are not used to secure specific domains or subdomains.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a wildcard certificate and how does it work?
What are the differences between a wildcard certificate and other types of certificates?
Why are self-signed certificates not trusted by default?
Which of the following best describes the legal implications that should be considered when managing a security program for an organization operating within a specific country?
- You selected this option
Alignment with regional trends
- You selected this option
Compliance with national laws and regulations
- You selected this option
Following global standards
- You selected this option
Adherence to local business norms
Answer Description
The correct answer is Compliance with national laws and regulations, as it directly relates to the obligations an organization has to adhere to the legal framework set forth by the government of the country in which it operates. Non-compliance can result in legal actions, fines, or sanctions against the organization. Local business norms are relevant to cultural practices but do not hold regulatory authority. Regional trends may influence business strategy but lack the legal impact of national laws. Global standards are best practices that might be adopted internationally, yet they do not replace national legal requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some examples of national laws and regulations related to cybersecurity?
What are the consequences of non-compliance with national laws and regulations?
How do organizations ensure compliance with national laws and regulations?
Automated systems for compliance monitoring eradicate the necessity for any manual verification processes to maintain adherence to relevant legal and industry-specific guidelines.
- You selected this option
True
- You selected this option
False
Answer Description
The correct answer is false. While automated systems serve as powerful tools for compliance monitoring, offering continuous oversight and alerting, they cannot completely replace the need for manual verification processes. There are aspects of compliance that require human judgment and interpretation, such as understanding nuanced legal definitions, context-specific evaluations, and managing complex relationships with stakeholders. Furthermore, automated systems may have limitations, require tuning, and be subject to errors and false positives which necessitate manual review to validate and investigate alerts. Thus, a combination of both automated and manual verification processes is essential to ensure a comprehensive approach to maintaining compliance.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some examples of compliance monitoring in different industries?
What are the limitations of relying solely on automated systems for compliance?
What skills are important for manual verification in compliance monitoring?
A corporation has determined that the likelihood of a data breach in their system is once every five years. The estimated financial damage from a single breach event is $3 million. As the Security Analyst tasked with calculating the Annualized Loss Expectancy (ALE) for the data breach risk, which of the following correctly calculates the ALE?
- You selected this option
$1.5 million
- You selected this option
$15 million
- You selected this option
$600,000
- You selected this option
$3 million
Answer Description
Annualized Loss Expectancy is calculated by multiplying the Single Loss Expectancy (SLE) with the Annualized Rate of Occurrence (ARO). In this scenario, the SLE is $3 million per incident, and the ARO is once every five years, which is an ARO of 0.2 (1/5). Therefore, the ALE is $600,000 ($3 million x 0.2).
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Single Loss Expectancy (SLE)?
How do you calculate Annualized Rate of Occurrence (ARO)?
Why is calculating ALE important for a corporation?
An organization wants to ensure its systems are protected against known security vulnerabilities promptly while maintaining operational stability. Which of the following approaches would BEST achieve this objective?
- You selected this option
Schedule annual security assessments to identify vulnerabilities
- You selected this option
Restrict user permissions to prevent unauthorized software changes
- You selected this option
Discontinue the use of software that requires frequent updates
- You selected this option
Implement an automated testing and deployment process for software fixes
Answer Description
Implementing an automated testing and deployment process for software fixes ensures that updates are applied promptly after being validated, reducing the window of exposure to known vulnerabilities while minimizing disruptions to operations. Scheduling annual security assessments is important but too infrequent to address vulnerabilities in a timely manner. Discontinuing the use of software that requires frequent updates is impractical and may hinder business functions. Restricting user permissions enhances security but does not directly address the prompt application of fixes to known vulnerabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an automated testing and deployment process?
Why are annual security assessments not enough for vulnerability management?
What are the risks of discontinuing software that requires frequent updates?
Your company's critical infrastructure is being targeted by highly sophisticated cyber attacks aiming to disrupt defense systems during escalating international tensions. The attackers demonstrate extensive resources and capabilities. Which type of threat actor is MOST likely responsible for these attacks?
- You selected this option
Cybercriminal organization
- You selected this option
Disgruntled employee
- You selected this option
State-sponsored actor
- You selected this option
Hacktivist group
Answer Description
The most likely threat actor in this scenario is a state-sponsored actor. State-sponsored actors have significant resources and advanced capabilities to conduct sophisticated attacks, particularly during times of international tension or war, with the goal of undermining a rival nation's security. Hacktivist groups may be motivated by political or social causes but typically lack the resources for such advanced attacks on defense systems. Cybercriminal organizations focus on financial gain rather than disrupting national defense infrastructure. A disgruntled employee, while potentially harmful, is unlikely to have the means to launch large-scale sophisticated attacks targeting defense systems.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are state-sponsored actors in cybersecurity?
How do state-sponsored attacks differ from cybercriminal attacks?
What makes hacktivists less likely to launch sophisticated attacks on critical infrastructure?
In the event of failure, the external firewall is configured to stop allowing traffic to pass through. This is an example of what concept?
- You selected this option
Fail-closed
- You selected this option
Fail-safe
- You selected this option
Fail-open
- You selected this option
Fail-on
Answer Description
If a system is configured to fail-closed (also called fail-secure) in the event of a failure it will “close” and no longer allow access/pass traffic.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does fail-closed mean?
What are other fail modes like fail-open?
Why is fail-closed often preferred in security?
An organization's security department has detected an ongoing attack that is highly sophisticated, seems to be targeting specific data related to national defense, and is suspected to have significant financial backing. Which type of threat actor is MOST likely responsible for this attack?
- You selected this option
Insider threat
- You selected this option
Hacktivist
- You selected this option
Nation-state
- You selected this option
Unskilled attacker
Answer Description
Given the high level of sophistication, targeted nature of the attack, and significant funding implied by the ongoing attack method, a nation-state actor is the most probable responsible party. Nation-state actors often engage in espionage and target sensitive government-related data. They possess the capabilities and funding to carry out advanced and persistent threats. An unskilled attacker is unlikely to have the required sophistication; a hacktivist would more likely be motivated by political beliefs and not typically target defense data; an insider threat would have access but may not have the same level of sophistication or require significant external resources.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What defines a nation-state threat actor?
How does funding influence the capabilities of threat actors?
What differentiates a hacktivist from a nation-state actor?
A Key Escrow is used to enhance the availability of a user's cryptographic keys by having a third-party store a copy.
- You selected this option
True
- You selected this option
False
Answer Description
Key Escrow is primarily intended to ensure that encrypted data can be decrypted if the user's private key is lost or the user is unavailable. By storing a copy of the key with a trusted third party, encrypted data is not rendered permanently inaccessible. This demonstrates the concept of availability as part of the CIA triad. It's important to note that while Key Escrow can be seen as a way to enhance availability, it is not used for enhancing the security of the keys themselves, since adding more parties to the storage of the keys potentially increases risk.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the CIA triad in cybersecurity?
How does Key Escrow work in practice?
What are the risks associated with Key Escrow?
In Mandatory Access Control systems, permissions to access specific resources are determined at the discretion of the resource owner.
- You selected this option
True
- You selected this option
False
Answer Description
In Mandatory Access Control (MAC) systems, the concept is centered around a centralized enforcement of security policy, where users and data resources are classified and access permissions are controlled by a set of fixed security attributes. It's a label-based system, which means the access decision doesn't rely on the discretion of the resource owner, but rather on the security labels and clearances. This is in contrast to Discretionary Access Control (DAC) systems, where resource owners indeed have the discretion to grant or restrict access to the resources they manage.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are security labels in Mandatory Access Control systems?
How does Mandatory Access Control differ from Discretionary Access Control?
Why is Mandatory Access Control important for security?
Cool beans!
Looks like that's it! You can go back and review your answers or click the button below to grade your test.