COMPTIA SECURITY+ – QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) PLUS RATIONALES
2026 Q&A | INSTANT DOWNLOAD PDF.
CORE DOMAINS
General Security Concepts
Threats, Attacks, and Vulnerabilities
Security Architecture
Security Operations
Risk Management
Cryptography and Public Key Infrastructure
INTRODUCTION
The purpose of this examination is to certify foundational knowledge in information security. Candidates are assessed
on their ability to identify and mitigate threats, implement secure network architectures, and adhere to global regulatory
compliance standards. The exam utilizes a blend of multiple-choice and complex scenario-based questions to
measure technical proficiency and professional judgment. Emphasis is placed on real-world application, requiring
,candidates to demonstrate critical thinking when responding to security incidents and organizational risks. Success on
this assessment indicates the candidate possesses the skills necessary to secure enterprise environments, maintain
ethical standards, and effectively manage security operations within diverse infrastructure landscapes.
SECTION ONE: QUESTIONS 1–100
1. A technician is configuring a firewall to block all traffic by default and allow only specific services. Which security
principle is being applied?
A. Least Privilege
B. Implicit Deny
C. Defense in Depth
D. Separation of Duties
🟢 B. Implicit Deny
🔴 RATIONALE: The implicit deny principle ensures that any traffic not explicitly permitted by a rule is
automatically blocked, which is a foundational aspect of secure firewall configuration.
2. Which of the following is the most effective way to prevent tailgating at a secure facility entrance?
A. Security guards
B. Mantraps
C. Motion sensors
D. Privacy filters
🟢 B. Mantraps
🔴 RATIONALE: A mantrap is a physical security control consisting of two interlocking doors where the first door
must close and lock before the second door opens, preventing unauthorized individuals from following someone
through.
3. An organization wants to ensure that data is encrypted while it is being transmitted over a public network. Which
protocol should be prioritized?
A. Telnet
B. FTP
C. TLS
, D. SNMPv1
🟢 C. TLS
🔴 RATIONALE: Transport Layer Security (TLS) provides encryption for data in transit, ensuring confidentiality
and integrity for network communications.
4. Which type of attack involves an attacker sending unsolicited messages to a Bluetooth-enabled device?
A. Bluejacking
B. Bluesnarfing
C. Evil Twin
D. IV attack
🟢 A. Bluejacking
🔴 RATIONALE: Bluejacking is the unauthorized sending of messages to Bluetooth devices, whereas
bluesnarfing involves stealing data from those devices.
5. A company needs to ensure that users only have the minimum level of access required to perform their job
functions. This is known as:
A. Need to know
B. Separation of duties
C. Least privilege
D. Mandatory access control
🟢 C. Least privilege
🔴 RATIONALE: The principle of least privilege dictates that users and processes are granted only the minimum
access rights necessary to perform their intended tasks, thereby limiting the potential damage of a compromise.
6. What is the primary purpose of a security control assessment?
A. To identify all potential threats to an organization
B. To verify that security controls are implemented and functioning as intended
C. To replace existing security policies with new ones
D. To provide a list of hardware requirements for the network
🟢 B. To verify that security controls are implemented and functioning as intended
, 🔴 RATIONALE: Security control assessments are conducted to validate that implemented security measures
are effective and meeting organizational objectives.
7. Which cryptographic attack involves finding two different inputs that produce the same hash value?
A. Replay attack
B. Brute force attack
C. Collision attack
D. Rainbow table attack
🟢 C. Collision attack
🔴 RATIONALE: A hash collision occurs when two distinct inputs result in the same output hash, which can
undermine the integrity verification provided by hashing algorithms.
8. A security administrator notices unusual traffic patterns on the internal network originating from an internal server.
Which tool should be used to capture and analyze this traffic?
A. Vulnerability scanner
B. Protocol analyzer
C. Port scanner
D. SIEM
🟢 B. Protocol analyzer
🔴 RATIONALE: A protocol analyzer (such as Wireshark) allows administrators to capture and inspect packets in
real time to identify suspicious traffic or troubleshooting network issues.
9. Which of the following is a symmetric encryption algorithm?
A. RSA
B. Diffie-Hellman
C. AES
D. ECC
🟢 C. AES
🔴 RATIONALE: Advanced Encryption Standard (AES) is a widely used symmetric encryption algorithm that
uses the same key for both encryption and decryption.
2026 Q&A | INSTANT DOWNLOAD PDF.
CORE DOMAINS
General Security Concepts
Threats, Attacks, and Vulnerabilities
Security Architecture
Security Operations
Risk Management
Cryptography and Public Key Infrastructure
INTRODUCTION
The purpose of this examination is to certify foundational knowledge in information security. Candidates are assessed
on their ability to identify and mitigate threats, implement secure network architectures, and adhere to global regulatory
compliance standards. The exam utilizes a blend of multiple-choice and complex scenario-based questions to
measure technical proficiency and professional judgment. Emphasis is placed on real-world application, requiring
,candidates to demonstrate critical thinking when responding to security incidents and organizational risks. Success on
this assessment indicates the candidate possesses the skills necessary to secure enterprise environments, maintain
ethical standards, and effectively manage security operations within diverse infrastructure landscapes.
SECTION ONE: QUESTIONS 1–100
1. A technician is configuring a firewall to block all traffic by default and allow only specific services. Which security
principle is being applied?
A. Least Privilege
B. Implicit Deny
C. Defense in Depth
D. Separation of Duties
🟢 B. Implicit Deny
🔴 RATIONALE: The implicit deny principle ensures that any traffic not explicitly permitted by a rule is
automatically blocked, which is a foundational aspect of secure firewall configuration.
2. Which of the following is the most effective way to prevent tailgating at a secure facility entrance?
A. Security guards
B. Mantraps
C. Motion sensors
D. Privacy filters
🟢 B. Mantraps
🔴 RATIONALE: A mantrap is a physical security control consisting of two interlocking doors where the first door
must close and lock before the second door opens, preventing unauthorized individuals from following someone
through.
3. An organization wants to ensure that data is encrypted while it is being transmitted over a public network. Which
protocol should be prioritized?
A. Telnet
B. FTP
C. TLS
, D. SNMPv1
🟢 C. TLS
🔴 RATIONALE: Transport Layer Security (TLS) provides encryption for data in transit, ensuring confidentiality
and integrity for network communications.
4. Which type of attack involves an attacker sending unsolicited messages to a Bluetooth-enabled device?
A. Bluejacking
B. Bluesnarfing
C. Evil Twin
D. IV attack
🟢 A. Bluejacking
🔴 RATIONALE: Bluejacking is the unauthorized sending of messages to Bluetooth devices, whereas
bluesnarfing involves stealing data from those devices.
5. A company needs to ensure that users only have the minimum level of access required to perform their job
functions. This is known as:
A. Need to know
B. Separation of duties
C. Least privilege
D. Mandatory access control
🟢 C. Least privilege
🔴 RATIONALE: The principle of least privilege dictates that users and processes are granted only the minimum
access rights necessary to perform their intended tasks, thereby limiting the potential damage of a compromise.
6. What is the primary purpose of a security control assessment?
A. To identify all potential threats to an organization
B. To verify that security controls are implemented and functioning as intended
C. To replace existing security policies with new ones
D. To provide a list of hardware requirements for the network
🟢 B. To verify that security controls are implemented and functioning as intended
, 🔴 RATIONALE: Security control assessments are conducted to validate that implemented security measures
are effective and meeting organizational objectives.
7. Which cryptographic attack involves finding two different inputs that produce the same hash value?
A. Replay attack
B. Brute force attack
C. Collision attack
D. Rainbow table attack
🟢 C. Collision attack
🔴 RATIONALE: A hash collision occurs when two distinct inputs result in the same output hash, which can
undermine the integrity verification provided by hashing algorithms.
8. A security administrator notices unusual traffic patterns on the internal network originating from an internal server.
Which tool should be used to capture and analyze this traffic?
A. Vulnerability scanner
B. Protocol analyzer
C. Port scanner
D. SIEM
🟢 B. Protocol analyzer
🔴 RATIONALE: A protocol analyzer (such as Wireshark) allows administrators to capture and inspect packets in
real time to identify suspicious traffic or troubleshooting network issues.
9. Which of the following is a symmetric encryption algorithm?
A. RSA
B. Diffie-Hellman
C. AES
D. ECC
🟢 C. AES
🔴 RATIONALE: Advanced Encryption Standard (AES) is a widely used symmetric encryption algorithm that
uses the same key for both encryption and decryption.