CompTIA Security+ SY0-701 Exam
2025 – Comprehensive Practice Test
with Actual Questions & Verified
Correct Answers
Question 1
What type of security control is a firewall?
Answer: Technical
Rationale: Firewalls use hardware or software to enforce security policies, making them a
technical control.
Question 2
What is the primary purpose of a vulnerability scan?
Answer: Identify risks in systems and networks
Rationale: Vulnerability scans detect weaknesses but do not exploit them, unlike penetration
testing.
Question 3
Which threat actor is most likely to be hired by a foreign government to attack critical systems?
Answer: Organized crime
Rationale: Organized crime groups are often contracted for state-sponsored cyberattacks due to
their expertise.
Question 4
What technique adds complexity before using a one-way data transformation algorithm?
Answer: Salting
Rationale: Salting adds random data to passwords before hashing, increasing resistance to brute-
force attacks.
,Question 5
An employee clicked a link in an email from a payment website and received a “page not found”
error after entering credentials. What type of attack occurred?
Answer: Phishing
Rationale: Phishing involves fraudulent emails tricking users into revealing sensitive
information.
Question 6
What method allows users to access multiple applications with one set of credentials?
Answer: Single sign-on (SSO)
Rationale: SSO enables access to multiple systems with a single authentication.
Question 7
What is the primary distinction between a Certificate Policy (CP) and a Certificate Practice
Statement (CPS)?
Answer: A CP provides recommended baseline security requirements for PKI components
Rationale: A CP outlines security requirements, while a CPS details how a CA manages
certificates.
Question 8
What is a common indicator of a phishing attack?
Answer: Urgent language requesting credentials
Rationale: Phishing emails often use urgency to prompt quick action.
Question 9
What is the purpose of multifactor authentication (MFA)?
Answer: Verify identity using multiple factors
Rationale: MFA requires two or more factors (e.g., password, token) to enhance security.
Question 10
What type of attack involves sending a text message to trick a user into revealing sensitive
information?
Answer: Smishing
Rationale: Smishing uses SMS to deceive users, often impersonating legitimate sources.
, Question 11
What is a common mitigation for ransomware?
Answer: Regular backups
Rationale: Backups allow data recovery without paying the ransom.
Question 12
What protocol is used for secure file transfer?
Answer: SFTP
Rationale: SFTP encrypts file transfers, ensuring confidentiality.
Question 13
What is the purpose of a Security Information and Event Management (SIEM) system?
Answer: Monitor and analyze security events
Rationale: SIEM systems aggregate and analyze logs to detect threats.
Question 14
What is a characteristic of a zero-day vulnerability?
Answer: Unknown to the vendor
Rationale: Zero-day vulnerabilities are exploited before patches are available.
Question 15
What is the primary goal of penetration testing?
Answer: Simulate real-world attacks to identify vulnerabilities
Rationale: Penetration testing mimics attacker methods to test security defenses.
Question 16
What is a common physical security measure?
Answer: Biometric access control
Rationale: Biometrics like fingerprints enhance physical access security.
Question 17
What is the purpose of a Web Application Firewall (WAF)?
Answer: Protect web applications from attacks
Rationale: A WAF filters malicious traffic targeting web applications.
2025 – Comprehensive Practice Test
with Actual Questions & Verified
Correct Answers
Question 1
What type of security control is a firewall?
Answer: Technical
Rationale: Firewalls use hardware or software to enforce security policies, making them a
technical control.
Question 2
What is the primary purpose of a vulnerability scan?
Answer: Identify risks in systems and networks
Rationale: Vulnerability scans detect weaknesses but do not exploit them, unlike penetration
testing.
Question 3
Which threat actor is most likely to be hired by a foreign government to attack critical systems?
Answer: Organized crime
Rationale: Organized crime groups are often contracted for state-sponsored cyberattacks due to
their expertise.
Question 4
What technique adds complexity before using a one-way data transformation algorithm?
Answer: Salting
Rationale: Salting adds random data to passwords before hashing, increasing resistance to brute-
force attacks.
,Question 5
An employee clicked a link in an email from a payment website and received a “page not found”
error after entering credentials. What type of attack occurred?
Answer: Phishing
Rationale: Phishing involves fraudulent emails tricking users into revealing sensitive
information.
Question 6
What method allows users to access multiple applications with one set of credentials?
Answer: Single sign-on (SSO)
Rationale: SSO enables access to multiple systems with a single authentication.
Question 7
What is the primary distinction between a Certificate Policy (CP) and a Certificate Practice
Statement (CPS)?
Answer: A CP provides recommended baseline security requirements for PKI components
Rationale: A CP outlines security requirements, while a CPS details how a CA manages
certificates.
Question 8
What is a common indicator of a phishing attack?
Answer: Urgent language requesting credentials
Rationale: Phishing emails often use urgency to prompt quick action.
Question 9
What is the purpose of multifactor authentication (MFA)?
Answer: Verify identity using multiple factors
Rationale: MFA requires two or more factors (e.g., password, token) to enhance security.
Question 10
What type of attack involves sending a text message to trick a user into revealing sensitive
information?
Answer: Smishing
Rationale: Smishing uses SMS to deceive users, often impersonating legitimate sources.
, Question 11
What is a common mitigation for ransomware?
Answer: Regular backups
Rationale: Backups allow data recovery without paying the ransom.
Question 12
What protocol is used for secure file transfer?
Answer: SFTP
Rationale: SFTP encrypts file transfers, ensuring confidentiality.
Question 13
What is the purpose of a Security Information and Event Management (SIEM) system?
Answer: Monitor and analyze security events
Rationale: SIEM systems aggregate and analyze logs to detect threats.
Question 14
What is a characteristic of a zero-day vulnerability?
Answer: Unknown to the vendor
Rationale: Zero-day vulnerabilities are exploited before patches are available.
Question 15
What is the primary goal of penetration testing?
Answer: Simulate real-world attacks to identify vulnerabilities
Rationale: Penetration testing mimics attacker methods to test security defenses.
Question 16
What is a common physical security measure?
Answer: Biometric access control
Rationale: Biometrics like fingerprints enhance physical access security.
Question 17
What is the purpose of a Web Application Firewall (WAF)?
Answer: Protect web applications from attacks
Rationale: A WAF filters malicious traffic targeting web applications.
