CompTIA Security+ SYO-701 Practice Questions

1. Which of the following is the best example of a physical security control?

a) Firewall
b) Security badge
c) Antivirus software
d) Access control list

Correct Answer: b) Security badge
Explanation: Physical security controls include measures like security badges, cameras, and biometric locks to restrict access.

2. What type of attack involves sending fraudulent emails to trick users into providing sensitive information?

a) Spoofing
b) Phishing
c) Man-in-the-middle
d) Brute force

Correct Answer: b) Phishing
Explanation: Phishing attacks trick users into revealing credentials or financial information by impersonating legitimate entities.

3. What security principle ensures that data is only accessible by authorized individuals?

a) Integrity
b) Availability
c) Confidentiality
d) Redundancy

Correct Answer: c) Confidentiality
Explanation: Confidentiality ensures that sensitive data is only accessed by authorized users.

4. Which hashing algorithm is considered outdated and should not be used for password storage?

a) SHA-256
b) MD5
c) AES-256
d) Blowfish

Correct Answer: b) MD5
Explanation: MD5 is vulnerable to collisions and should not be used for password hashing.

5. What type of malware encrypts a user’s data and demands payment for decryption?

a) Spyware
b) Worm
c) Ransomware
d) Rootkit

Correct Answer: c) Ransomware
Explanation: Ransomware encrypts files and demands payment for the decryption key.

6. What security concept involves using multiple layers of security controls?

a) Zero Trust
b) Least Privilege
c) Defense in Depth
d) Non-repudiation

Correct Answer: c) Defense in Depth
Explanation: Defense in Depth employs multiple security layers to reduce risks.

7. What does a firewall primarily protect against?

a) Malware infections
b) Unauthorized network traffic
c) SQL injection attacks
d) Phishing emails

Correct Answer: b) Unauthorized network traffic
Explanation: Firewalls monitor and filter network traffic to block unauthorized access.

8. What type of attack exploits human psychology to gain unauthorized access to systems?

a) Social engineering
b) Denial-of-service
c) SQL injection
d) Buffer overflow

Correct Answer: a) Social engineering
Explanation: Social engineering manipulates people into revealing confidential information.

9. Which security model enforces access control based on predefined rules and classifications?

a) Discretionary Access Control (DAC)
b) Mandatory Access Control (MAC)
c) Role-Based Access Control (RBAC)
d) Attribute-Based Access Control (ABAC)

Correct Answer: b) Mandatory Access Control (MAC)
Explanation: MAC assigns access based on classifications and policies rather than user discretion.

10. What protocol encrypts network traffic between a web server and a client?

a) FTP
b) HTTPS
c) Telnet
d) SNMP

Correct Answer: b) HTTPS
Explanation: HTTPS encrypts web traffic using TLS to ensure secure communication.

11. What is the primary purpose of a honeypot?

a) Encrypt sensitive data
b) Detect and analyze malicious activity
c) Authenticate users
d) Prevent denial-of-service attacks

Correct Answer: b) Detect and analyze malicious activity
Explanation: Honeypots attract and monitor attackers to study their behavior.

12. What security measure ensures that a user cannot deny having performed an action?

a) Non-repudiation
b) Integrity
c) Confidentiality
d) Availability

Correct Answer: a) Non-repudiation
Explanation: Non-repudiation uses mechanisms like digital signatures to verify actions.

13. Which attack specifically targets vulnerabilities in databases?

a) Cross-site scripting (XSS)
b) SQL injection
c) ARP poisoning
d) DNS spoofing

Correct Answer: b) SQL injection
Explanation: SQL injection manipulates database queries to gain unauthorized access.

14. What type of security control involves user training on security policies?

a) Administrative
b) Technical
c) Physical
d) Preventive

Correct Answer: a) Administrative
Explanation: Administrative controls include policies, security training, and guidelines.

15. Which encryption method is used to secure Wi-Fi networks?

a) WEP
b) WPA2
c) Telnet
d) FTP

Correct Answer: b) WPA2
Explanation: WPA2 provides secure encryption for wireless networks.

16. What is the purpose of penetration testing?

a) Patch vulnerabilities in software
b) Simulate cyberattacks to identify weaknesses
c) Detect viruses in network traffic
d) Implement security policies

Correct Answer: b) Simulate cyberattacks to identify weaknesses
Explanation: Penetration testing assesses system security by simulating attacks.

17. What authentication method uses a one-time password (OTP)?

a) Biometric authentication
b) Multifactor authentication
c) Role-based authentication
d) Single sign-on

Correct Answer: b) Multifactor authentication
Explanation: OTPs are commonly used in MFA as an extra security layer.

18. Which of the following best describes risk avoidance?

a) Reducing the likelihood of a risk occurring
b) Transferring the risk to a third party
c) Eliminating the risk by not engaging in the activity
d) Accepting the risk

Correct Answer: c) Eliminating the risk by not engaging in the activity
Explanation: Risk avoidance means completely removing the risk by not performing the associated activity.

19. What is the primary function of a security information and event management (SIEM) system?

a) Encrypt network traffic
b) Monitor and analyze security logs
c) Block malware
d) Secure Wi-Fi connections

Correct Answer: b) Monitor and analyze security logs
Explanation: SIEM systems aggregate and analyze security logs for threat detection.

20. What does the principle of least privilege (PoLP) dictate?

a) Users should have the highest level of access
b) Users should only have access necessary to perform their job
c) All users should have administrator rights
d) Privileges should never be granted or revoked

Correct Answer: b) Users should only have access necessary to perform their job
Explanation: PoLP minimizes security risks by restricting unnecessary access.

21. What is the purpose of a digital signature?

a) Encrypts network traffic
b) Provides integrity and non-repudiation
c) Masks an IP address
d) Blocks malicious software

Correct Answer: b) Provides integrity and non-repudiation
Explanation: Digital signatures verify authenticity and ensure data integrity.

22. What type of malware hides its presence and gains administrative access to a system?

a) Worm
b) Spyware
c) Rootkit
d) Ransomware

Correct Answer: c) Rootkit
Explanation: Rootkits allow attackers to maintain control while avoiding detection.

23. What security tool is used to analyze network traffic in real-time?

a) IDS/IPS
b) Firewall
c) Load balancer
d) VPN

Correct Answer: a) IDS/IPS
Explanation: Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) monitor and analyze network traffic for threats.

24. What is the main purpose of a DLP (Data Loss Prevention) system?

a) Encrypt stored files
b) Prevent unauthorized data transfer
c) Detect malware
d) Secure Wi-Fi networks

Correct Answer: b) Prevent unauthorized data transfer
Explanation: DLP prevents sensitive data from being leaked or exfiltrated.

25. Which type of backup only stores data that has changed since the last backup?

a) Full backup
b) Incremental backup
c) Differential backup
d) Snapshot

Correct Answer: b) Incremental backup
Explanation: Incremental backups store only changed data, reducing storage requirements.

26. What does an attacker use a botnet for?

a) Encrypt sensitive data
b) Launch distributed denial-of-service (DDoS) attacks
c) Secure a network
d) Authenticate users

Correct Answer: b) Launch distributed denial-of-service (DDoS) attacks
Explanation: Botnets consist of compromised devices used for large-scale attacks.

27. Which access control model is most commonly used in organizations?

a) MAC
b) RBAC
c) DAC
d) ABAC

Correct Answer: b) RBAC
Explanation: Role-Based Access Control (RBAC) assigns permissions based on user roles.

28. What type of attack involves sending many small packets to a target to consume network bandwidth?

a) SQL injection
b) DNS poisoning
c) SYN flood
d) XSS attack

Correct Answer: c) SYN flood
Explanation: SYN floods overwhelm a system by sending excessive connection requests.

29. What authentication protocol is commonly used in Microsoft Active Directory?

a) RADIUS
b) Kerberos
c) TACACS+
d) LDAP

Correct Answer: b) Kerberos
Explanation: Kerberos is a secure authentication protocol used in Active Directory environments.

30. Which security control prevents users from installing unauthorized software?

a) Firewall
b) Group Policy
c) VPN
d) DMZ

Correct Answer: b) Group Policy
Explanation: Group Policy in Windows enforces security settings, including software restrictions.

31. What type of encryption uses the same key for both encryption and decryption?

a) Asymmetric encryption
b) Hashing
c) Symmetric encryption
d) Digital signatures

Correct Answer: c) Symmetric encryption
Explanation: Symmetric encryption (e.g., AES) uses the same key for encryption and decryption.

32. What attack involves an attacker tricking a system into treating untrusted input as part of a command?

a) Phishing
b) SQL injection
c) Ransomware
d) Brute force

Correct Answer: b) SQL injection
Explanation: SQL injection allows attackers to manipulate database queries by injecting malicious input.

33. What type of malware spreads across networks without user intervention?

a) Trojan horse
b) Spyware
c) Worm
d) Ransomware

Correct Answer: c) Worm
Explanation: Worms self-replicate and spread across systems without user action.

34. What is a primary advantage of a security token for authentication?

a) Requires no additional hardware
b) Provides an additional layer of security
c) Uses only passwords for authentication
d) Encrypts all network traffic

Correct Answer: b) Provides an additional layer of security
Explanation: Security tokens add multi-factor authentication by requiring a physical or digital token.

35. What type of attack exploits a software vulnerability before it is patched?

a) Zero-day attack
b) Phishing
c) DoS attack
d) Keylogging

Correct Answer: a) Zero-day attack
Explanation: Zero-day attacks target vulnerabilities before a patch is available.

36. Which regulation is designed to protect healthcare information?

a) GDPR
b) HIPAA
c) PCI-DSS
d) SOX

Correct Answer: b) HIPAA
Explanation: The Health Insurance Portability and Accountability Act (HIPAA) protects patient data.

37. What type of certificate allows multiple subdomains under one domain?

a) Wildcard certificate
b) Extended validation certificate
c) Root certificate
d) Self-signed certificate

Correct Answer: a) Wildcard certificate
Explanation: Wildcard certificates secure multiple subdomains under a single domain.

38. What is the purpose of salting in password security?

a) Speed up decryption
b) Strengthen password hashes against brute-force attacks
c) Convert plaintext passwords into ciphertext
d) Encrypt network communications

Correct Answer: b) Strengthen password hashes against brute-force attacks
Explanation: Salting adds random data to passwords before hashing, making them harder to crack.

39. What security control helps prevent insider threats?

a) VPN
b) Security awareness training
c) Firewall
d) Digital certificate

Correct Answer: b) Security awareness training
Explanation: Training employees on security policies reduces the risk of insider threats.

40. What term describes the process of confirming a user’s identity?

a) Authorization
b) Authentication
c) Accounting
d) Access control

Correct Answer: b) Authentication
Explanation: Authentication verifies user identity before granting access.

41. What type of software monitors keystrokes to steal sensitive information?

a) Rootkit
b) Keylogger
c) Ransomware
d) Adware

Correct Answer: b) Keylogger
Explanation: Keyloggers record keystrokes to steal login credentials and other sensitive data.

42. What protocol is commonly used for encrypted remote management of network devices?

a) Telnet
b) SSH
c) RDP
d) SNMP

Correct Answer: b) SSH
Explanation: SSH (Secure Shell) provides encrypted remote management.

43. What is a primary purpose of SIEM log correlation?

a) Block phishing attacks
b) Detect security incidents across multiple sources
c) Increase network speed
d) Prevent brute force attacks

Correct Answer: b) Detect security incidents across multiple sources
Explanation: SIEM correlates logs from various sources to identify potential security threats.

44. What type of security assessment simulates an attack to identify vulnerabilities?

a) Vulnerability scan
b) Penetration test
c) Security audit
d) Risk assessment

Correct Answer: b) Penetration test
Explanation: A penetration test (pen test) simulates a cyberattack to identify and exploit vulnerabilities in a system.

45. What is the most effective way to mitigate social engineering attacks?

a) Implement strong firewalls
b) Regularly update software
c) Conduct security awareness training
d) Use an intrusion prevention system

Correct Answer: c) Conduct security awareness training
Explanation: Security awareness training teaches employees to recognize and avoid social engineering tactics.

46. What attack involves an attacker intercepting and altering communications between two parties?

a) Denial-of-service attack
b) Phishing
c) Man-in-the-middle attack
d) DNS poisoning

Correct Answer: c) Man-in-the-middle attack
Explanation: In a man-in-the-middle attack (MITM), an attacker intercepts and potentially modifies communication between two parties.

47. What security principle involves providing users with only the minimum permissions needed to perform their jobs?

a) Separation of duties
b) Least privilege
c) Defense in depth
d) Zero trust

Correct Answer: b) Least privilege
Explanation: The principle of least privilege (PoLP) ensures that users and systems only have the access necessary to perform their tasks, reducing security risks.

48. What security control ensures that critical systems remain operational after a cyberattack?

a) Intrusion prevention system (IPS)
b) Business continuity planning (BCP)
c) Firewall
d) Access control list (ACL)

Correct Answer: b) Business continuity planning (BCP)
Explanation: Business continuity planning ensures organizations can continue operations after a cyberattack, disaster, or system failure.

49. What is the purpose of multifactor authentication (MFA)?

a) To encrypt user credentials
b) To require users to change passwords frequently
c) To add an additional layer of security by requiring multiple authentication factors
d) To ensure passwords are stored securely

Correct Answer: c) To add an additional layer of security by requiring multiple authentication factors
Explanation: MFA strengthens security by requiring two or more authentication factors, such as a password and a fingerprint scan.

50. What type of attack floods a network or system with excessive traffic to cause disruption?

a) SQL injection
b) DDoS attack
c) Privilege escalation
d) Cross-site scripting (XSS)

Correct Answer: b) DDoS attack
Explanation: A Distributed Denial-of-Service (DDoS) attack overwhelms a system with excessive traffic, preventing legitimate access.