CompTIA Security+ (SY0-701) Domain 1.0
Exam Questions (2026/2027) – General
Security Concepts
Exam
This document contains actual CompTIA Security+ (SY0-701) Domain 1.0 exam
questions focused on General Security Concepts, designed for targeted certification
preparation. It covers security controls (technical, managerial, operational, and physical),
governance, risk, and compliance (GRC), security policies and procedures, the CIA triad
and non-repudiation, threat actors and attack vectors, attack surfaces, threat intelligence
and research sources, and security automation and orchestration. The material follows a
domain-specific question bank format aligned with the CompTIA Security+ SY0-701
exam objectives for the 2026/2027 testing cycle.
Question 1
Which of the following is the BEST description of the CIA triad?
A. Control, Integrity, Access
B. Confidentiality, Integrity, Availability
C. Compliance, Integrity, Authorization
D. Confidentiality, Identification, Auditing
Answer: B
Rationale: The CIA triad stands for Confidentiality (protecting
information from unauthorized access), Integrity (ensuring data is
,accurate and unaltered), and Availability (ensuring systems and data are
accessible when needed). This is a core framework in security principles.
Question 2
What type of security control is a firewall?
A. Physical
B. Managerial
C. Technical
D. Administrative
Answer: C
Rationale: A firewall is a technical control because it uses software and
hardware to prevent or restrict network traffic based on rules
Question 3
Which term describes controls that identify and record unwanted activity?
A. Preventive
B. Detective
C. Compensating
D. Directive
Answer: B
Rationale: Detective controls are meant to detect and alert — for
example, IDS systems, audit logs, and monitoring tools.
Question 4
,Which control type would require annual security training for employees?
A. Physical
B. Operational
C. Administrative
D. Technical
Answer: C
Rationale: Administrative controls include policies, procedures, and
training that govern user behavior and organizational practices. (
Question 5
Which security concept prevents a user from denying that they performed
an action?
A. Non-repudiation
B. Authorization
C. Availability
D. Confidentiality
Answer: A
Rationale: Non-repudiation ensures that once an action has been taken
(e.g., a signed email), the signer cannot deny that event occurred —
typically achieved using digital signatures or audit logs.
(learntechfromzero.com)
Question 6
What is the purpose of authentication in security frameworks?
A. Determining what resources a user can access
, B. Proving the identity of a user or system
C. Logging user activity
D. Encrypting user data
Answer: B
Rationale: Authentication verifies the identity of a user or system before
granting access. It is often part of the AAA framework (Authentication,
Authorization, Accounting). (learntechfromzero.com)
Question 7
Which of the following is an example of authorization?
A. Assigning a password
B. Checking a user’s clearance level to access a file
C. Logging a user’s activities for auditing
D. Encrypting data in transit
Answer: B
Rationale: Authorization determines what an authenticated user can
access — e.g., role-based permissions. (learntechfromzero.com)
Question 8
A company mandates reviews of access permissions every six months.
This practice is an example of:
A. Change management
B. Least privilege
C. Baseline security
D. Accounting
Exam Questions (2026/2027) – General
Security Concepts
Exam
This document contains actual CompTIA Security+ (SY0-701) Domain 1.0 exam
questions focused on General Security Concepts, designed for targeted certification
preparation. It covers security controls (technical, managerial, operational, and physical),
governance, risk, and compliance (GRC), security policies and procedures, the CIA triad
and non-repudiation, threat actors and attack vectors, attack surfaces, threat intelligence
and research sources, and security automation and orchestration. The material follows a
domain-specific question bank format aligned with the CompTIA Security+ SY0-701
exam objectives for the 2026/2027 testing cycle.
Question 1
Which of the following is the BEST description of the CIA triad?
A. Control, Integrity, Access
B. Confidentiality, Integrity, Availability
C. Compliance, Integrity, Authorization
D. Confidentiality, Identification, Auditing
Answer: B
Rationale: The CIA triad stands for Confidentiality (protecting
information from unauthorized access), Integrity (ensuring data is
,accurate and unaltered), and Availability (ensuring systems and data are
accessible when needed). This is a core framework in security principles.
Question 2
What type of security control is a firewall?
A. Physical
B. Managerial
C. Technical
D. Administrative
Answer: C
Rationale: A firewall is a technical control because it uses software and
hardware to prevent or restrict network traffic based on rules
Question 3
Which term describes controls that identify and record unwanted activity?
A. Preventive
B. Detective
C. Compensating
D. Directive
Answer: B
Rationale: Detective controls are meant to detect and alert — for
example, IDS systems, audit logs, and monitoring tools.
Question 4
,Which control type would require annual security training for employees?
A. Physical
B. Operational
C. Administrative
D. Technical
Answer: C
Rationale: Administrative controls include policies, procedures, and
training that govern user behavior and organizational practices. (
Question 5
Which security concept prevents a user from denying that they performed
an action?
A. Non-repudiation
B. Authorization
C. Availability
D. Confidentiality
Answer: A
Rationale: Non-repudiation ensures that once an action has been taken
(e.g., a signed email), the signer cannot deny that event occurred —
typically achieved using digital signatures or audit logs.
(learntechfromzero.com)
Question 6
What is the purpose of authentication in security frameworks?
A. Determining what resources a user can access
, B. Proving the identity of a user or system
C. Logging user activity
D. Encrypting user data
Answer: B
Rationale: Authentication verifies the identity of a user or system before
granting access. It is often part of the AAA framework (Authentication,
Authorization, Accounting). (learntechfromzero.com)
Question 7
Which of the following is an example of authorization?
A. Assigning a password
B. Checking a user’s clearance level to access a file
C. Logging a user’s activities for auditing
D. Encrypting data in transit
Answer: B
Rationale: Authorization determines what an authenticated user can
access — e.g., role-based permissions. (learntechfromzero.com)
Question 8
A company mandates reviews of access permissions every six months.
This practice is an example of:
A. Change management
B. Least privilege
C. Baseline security
D. Accounting
