Home
About
LinkedIn
Architecture
Statboard
Lic & Dis
Privacy
comptia security+ logo

CompTIA Security+ Exam Practice Questions

TL;DR

If you're preparing to take the CompTIA Security+ Exam, and looking for a way to practice, then try out the questions below. This entry is just a collection of CompTIA Security+ practice questions to help you, and me, assess our knowledge. Even if you aren't taking the exam anytime soon, these practice questions will still be very helpful to better understand cybersecurity concepts, and to see if you're on the right track to taking your exam. Just a way to challenge what you know about the fundamentals, and what you don't.



Practice Questions

CompTIA Security+

Practice Question 1

Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?

Least privilege
Awareness training
Separation of duties
Mandatory vacation

CompTIA Security+

Practice Question 2

Which of the following refers to applications and systems that are used within an organization without consent or approval?

Shadow IT
OSINT
Dark Web
Insider Threats

CompTIA Security+

Practice Question 3

An organization wants to implement a third factor to an existing multifactor authentication. The organization already uses a smart card and password. Which of the following would meet the organization’s needs for a third factor?

Date of Birth
PIN
Fingerprints
Trusted Platform Module (TPM)

CompTIA Security+

Practice Question 4

What is a common characteristic of a zero-day vulnerability?

It is a patched vulnerability
It is an exploit that is unknown to the vendor
It is a type of phishing attack
It is always a ransomware attack

CompTIA Security+

Practice Question 5

An organization is developing a plan in the event of a complete loss of critical systems and data. Which of the following plans is the organization MOST likely to develop?

Communications
Incident response
Disaster recover
Data retention

CompTIA Security+

Practice Question 6

In which of the following risk management strategies would cybersecurity insurance be used?

Mitigation
Avoidance
Transference
Acceptance

CompTIA Security+

Practice Question 7

A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output:

CPU 0 percent busy, from 300 sec ago
1 sec ave: 99 percent busy
5 sec ave: 97 percent busy
1 min ave: 83 percent busy

Which of the following is the router experiencing?

DDoS attack
Memory leak
Buffer overflow
resource exhaustion

CompTIA Security+

Practice Question 8

Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant security outage or incident?

MOU
SLA
MTTR
NDA

CompTIA Security+

Practice Question 9

A network administrator has been asked to install an Intrusion Detection System (IDS) to improve the security posture of an organization. Which of the following control types is an IDS?

Detective
Physical
Administrative
Corrective

CompTIA Security+

Practice Question 10

Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?

The document is a backup file if the system needs to be recovered.
The document is a standard file that the OS needs to verify the login credentials.
The document is a keylogger that stores all keystrokes should the account be compromised.
The document is a honeyfile and is meant to attract the attention of a cyberintruder.