COMPTIA SECURITY+ CERTIFICATION
EXAM PRACTICE QUESTIONS AND
CORRECT ANSWERS (VERIFIED
ANSWERS) PLUS RATIONALES 2026
Q&A | INSTANT DOWNLOAD PDF
1. Which type of attack involves sending fraudulent emails that
appear to come from a legitimate source?
Phishing
Phishing attacks attempt to trick users into revealing sensitive
information by impersonating a trusted entity.
2. What protocol is commonly used to secure web traffic?
HTTPS
HTTPS uses SSL/TLS to encrypt data transmitted between a client
and server.
3. Which type of malware restricts access to files until a ransom is
paid?
Ransomware
Ransomware encrypts files and demands payment for the
decryption key.
4. What is the primary purpose of a firewall?
To filter incoming and outgoing network traffic based on security
rules
Firewalls act as a barrier between trusted and untrusted networks.
,5. Which attack attempts to overwhelm a system by flooding it with
traffic?
Denial-of-Service (DoS)
A DoS attack aims to make a service unavailable to legitimate
users.
6. Which principle ensures that users have only the access necessary
to perform their job?
Principle of least privilege
Limiting access reduces the potential impact of a compromised
account.
7. What is the best method to prevent password-based attacks?
Use multi-factor authentication (MFA)
MFA adds an extra layer of security beyond just passwords.
8. Which security model uses classification levels like Top Secret and
Secret?
Bell-LaPadula
The Bell-LaPadula model focuses on maintaining data
confidentiality.
9. Which type of malware can replicate itself without user
interaction?
Worm
Worms spread automatically through networks without needing
host files.
10. What is the main difference between a virus and a worm?
A virus requires user action to spread, while a worm spreads
automatically
Viruses attach to files, while worms exploit network vulnerabilities.
, 11. Which tool is used to detect vulnerabilities in a network?
Vulnerability scanner
Vulnerability scanners identify weaknesses in systems before
attackers exploit them.
12. Which type of attack manipulates DNS responses to redirect
traffic?
DNS spoofing
Attackers alter DNS responses to send users to malicious sites.
13. What is the purpose of a DMZ in network architecture?
To isolate public-facing services from internal networks
A DMZ reduces risk to the internal network by providing a buffer
zone.
14. Which type of backup captures only files that have changed
since the last backup?
Incremental backup
Incremental backups save storage space by backing up only
modified files.
15. Which protocol is used for secure remote administration?
SSH (Secure Shell)
SSH encrypts remote connections, unlike Telnet which is
unencrypted.
16. What is the primary goal of social engineering attacks?
To manipulate individuals into revealing confidential
information
Social engineering exploits human behavior rather than technical
vulnerabilities.
17. Which access control model is based on user roles rather
than individual permissions?
EXAM PRACTICE QUESTIONS AND
CORRECT ANSWERS (VERIFIED
ANSWERS) PLUS RATIONALES 2026
Q&A | INSTANT DOWNLOAD PDF
1. Which type of attack involves sending fraudulent emails that
appear to come from a legitimate source?
Phishing
Phishing attacks attempt to trick users into revealing sensitive
information by impersonating a trusted entity.
2. What protocol is commonly used to secure web traffic?
HTTPS
HTTPS uses SSL/TLS to encrypt data transmitted between a client
and server.
3. Which type of malware restricts access to files until a ransom is
paid?
Ransomware
Ransomware encrypts files and demands payment for the
decryption key.
4. What is the primary purpose of a firewall?
To filter incoming and outgoing network traffic based on security
rules
Firewalls act as a barrier between trusted and untrusted networks.
,5. Which attack attempts to overwhelm a system by flooding it with
traffic?
Denial-of-Service (DoS)
A DoS attack aims to make a service unavailable to legitimate
users.
6. Which principle ensures that users have only the access necessary
to perform their job?
Principle of least privilege
Limiting access reduces the potential impact of a compromised
account.
7. What is the best method to prevent password-based attacks?
Use multi-factor authentication (MFA)
MFA adds an extra layer of security beyond just passwords.
8. Which security model uses classification levels like Top Secret and
Secret?
Bell-LaPadula
The Bell-LaPadula model focuses on maintaining data
confidentiality.
9. Which type of malware can replicate itself without user
interaction?
Worm
Worms spread automatically through networks without needing
host files.
10. What is the main difference between a virus and a worm?
A virus requires user action to spread, while a worm spreads
automatically
Viruses attach to files, while worms exploit network vulnerabilities.
, 11. Which tool is used to detect vulnerabilities in a network?
Vulnerability scanner
Vulnerability scanners identify weaknesses in systems before
attackers exploit them.
12. Which type of attack manipulates DNS responses to redirect
traffic?
DNS spoofing
Attackers alter DNS responses to send users to malicious sites.
13. What is the purpose of a DMZ in network architecture?
To isolate public-facing services from internal networks
A DMZ reduces risk to the internal network by providing a buffer
zone.
14. Which type of backup captures only files that have changed
since the last backup?
Incremental backup
Incremental backups save storage space by backing up only
modified files.
15. Which protocol is used for secure remote administration?
SSH (Secure Shell)
SSH encrypts remote connections, unlike Telnet which is
unencrypted.
16. What is the primary goal of social engineering attacks?
To manipulate individuals into revealing confidential
information
Social engineering exploits human behavior rather than technical
vulnerabilities.
17. Which access control model is based on user roles rather
than individual permissions?
