We prepared 20 practice test questions for the CompTIA Security+ certification exam. You can test yourself before taking the exam.
Question: Which of the following is an example of a physical security control?
A) Firewall
B) Intrusion Detection System (IDS)
C) Biometric door lock
D) Antivirus software
Answer: C) Biometric door lock
Question: What is the primary purpose of a Certificate Authority (CA)?
A) To encrypt data during transmission
B) To authenticate digital certificates
C) To detect and prevent malware infections
D) To monitor network traffic for security threats
Answer: B) To authenticate digital certificates
Question: Which of the following best describes a man-in-the-middle (MITM) attack?
A) Modifying data in transit without detection
B) Intercepting communication between two parties to eavesdrop or alter the data
C) Overflowing a buffer to execute malicious code
D) Decrypting encrypted data using a brute-force attack
Answer: B) Intercepting communication between two parties to eavesdrop or alter the data
Question: What security measure helps prevent unauthorized access to a wireless network by hiding the network's name?
A) WPA2 encryption
B) SSID broadcasting
C) MAC filtering
D) WEP authentication
Answer: B) SSID broadcasting
Question: Which of the following is a characteristic of a Trojan horse?
A) Self-replicating code that spreads across a network
B) Malicious software disguised as legitimate software
C) A type of denial-of-service attack
D) A cryptographic algorithm used for data encryption
Answer: B) Malicious software disguised as legitimate software
Question: What does the CIA triad represent in cybersecurity?
A) Confidentiality, Integrity, Availability
B) Compliance, Identification, Authentication
C) Configuration, Intrusion detection, Analysis
D) Collaboration, Information sharing, Awareness
Answer: A) Confidentiality, Integrity, Availability
Question: Which security protocol is used to secure email communication by encrypting the message contents?
A) SSL/TLS
B) IPsec
C) S/MIME
D) SNMP
Answer: C) S/MIME
Question: What is the purpose of a network intrusion detection system (NIDS)?
A) To encrypt data during transmission
B) To authenticate users accessing the network
C) To detect and respond to suspicious network traffic
D) To filter incoming and outgoing emails for spam
Answer: C) To detect and respond to suspicious network traffic
Question: Which of the following is a social engineering technique that involves manipulating individuals into divulging confidential information?
A) Phishing
B) Spoofing
C) Brute-force attack
D) Cross-site scripting (XSS)
Answer: A) Phishing
Question: What is the purpose of hashing in cryptography?
A) To encrypt data during transmission
B) To verify the integrity of data
C) To establish a secure communication channel
D) To authenticate users during login
Answer: B) To verify the integrity of data
Question: Which of the following is a characteristic of a SQL injection attack?
A) Exploiting vulnerabilities in web applications to execute arbitrary commands
B) Intercepting communication between two parties to eavesdrop or alter the data
C) Overflowing a buffer to execute malicious code
D) Encrypting sensitive data during transmission
Answer: A) Exploiting vulnerabilities in web applications to execute arbitrary commands
Question: What security measure is used to ensure that data cannot be read or altered during transmission over a network?
A) SSL/TLS encryption
B) MAC address filtering
C) Antivirus software
D) Intrusion Prevention System (IPS)
Answer: A) SSL/TLS encryption
Question: Which of the following authentication methods involves confirming a user's identity based on physical characteristics such as fingerprints or retinal scans?
A) Token-based authentication
B) Biometric authentication
C) Password-based authentication
D) Certificate-based authentication
Answer: B) Biometric authentication
Question: What is the purpose of a security policy in an organization?
A) To detect and prevent malware infections on network devices
B) To define rules and guidelines for protecting information assets
C) To monitor and analyze network traffic for security threats
D) To encrypt sensitive data during transmission
Answer: B) To define rules and guidelines for protecting information assets
Question: Which cryptographic algorithm is commonly used for digital signatures?
A) RSA
B) AES
C) DES
D) MD5
Answer: A) RSA
Question: What is the purpose of a security incident response plan?
A) To prevent security incidents from occurring
B) To detect and respond to security incidents in a timely manner
C) To encrypt sensitive data during transmission
D) To authenticate users accessing the network
Answer: B) To detect and respond to security incidents in a timely manner
Question: Which security control restricts access to resources based on the roles and responsibilities of individual users?
A) Least privilege
B) Mandatory access control
C) Role-based access control
D) Access control lists
Answer: C) Role-based access control
Question: What is the primary goal of a denial-of-service (DoS) attack?
A) To gain unauthorized access to a system
B) To intercept communication between two parties
C) To overwhelm a target system with a flood of traffic
D) To execute arbitrary commands on a remote server
Answer: C) To overwhelm a target system with a flood of traffic
Question: Which of the following is a security best practice to protect against ransomware attacks?
A) Regularly updating software and security patches
B) Disabling firewalls to improve network performance
C) Sharing passwords with trusted colleagues
D) Ignoring suspicious emails without opening them
Answer: A) Regularly updating software and security patches
Question: What is the purpose of a security assessment?
A) To recover data after a security incident occurs
B) To identify and mitigate security vulnerabilities
C) To monitor network traffic for security threats
D) To authenticate users accessing the network
Answer: B) To identify and mitigate security vulnerabilities
