ACTUAL COMPTIA SECURITY+ (SY0-701)
CERTIFICATION TEST
CompTIA Security+ (SY0-701) Practice Exam
1. A security analyst is conducting a penetration test and has gained access to a
system. They want to maintain access for further exploration. Which of the
following actions BEST represents this phase?
a) Scanning
b) Gaining access
c) Privilege escalation
d) Persistence
Answer: d) Persistence
Persistence involves creating backdoors or other methods to ensure continued access to a
compromised system, even after a reboot or password change. This is a key phase after
initial exploitation.
2. A company wants to ensure that even if a user's password is compromised, an
attacker cannot access the corporate VPN without a second form of verification.
Which of the following is the BEST solution?
a) Single sign-on (SSO)
b) Mandatory Access Control (MAC)
c) Multifactor authentication (MFA)
d) Role-based access control (RBAC)
Answer: c) Multifactor authentication (MFA)
MFA requires two or more verification factors (e.g., password and a push notification to a
phone), significantly reducing the risk of account takeover even if one factor is
compromised.
3. An organization experiences a widespread ransomware attack that encrypts
critical servers. The incident response team restores the servers from backups.
Which of the following phases of the incident response process are they currently
in?
a) Preparation
b) Identification
c) Containment, Eradication, and Recovery
,d) Lessons Learned
Answer: c) Containment, Eradication, and Recovery
Restoring systems from backups falls under the Recovery sub-phase, which is part of the
"Containment, Eradication, and Recovery" phase. The goal is to return affected systems to
normal operations.
4. Which of the following threat actors is MOST likely to be state-sponsored and
have the highest level of resources, patience, and operational security?
a) Script kiddie
b) Hacktivist
c) Advanced Persistent Threat (APT)
d) Insider threat
Answer: c) Advanced Persistent Threat (APT)
APTs are typically state-sponsored or state-affiliated groups with significant resources.
They conduct long-term, targeted operations to steal data or maintain persistent access,
often remaining undetected for extended periods.
5. A network administrator is configuring a firewall to block all traffic from a
specific IP address that was identified as a source of a DoS attack. What type of
control is this?
a) Preventive
b) Detective
c) Corrective
d) Compensating
Answer: a) Preventive
Blocking traffic is a preventive control, as it acts to stop a security incident from occurring
or impacting the network. It proactively enforces security rules.
6. Which of the following cryptographic algorithms is considered deprecated and
should generally be avoided due to known vulnerabilities like collision attacks?
a) AES-256
b) RSA-4096
c) SHA-1
d) ECDH
Answer: c) SHA-1
*The SHA-1 hash algorithm has been proven vulnerable to collision attacks, where two
different inputs produce the same hash output. It has been deprecated in favor of more
secure algorithms like SHA-256 and SHA-3.*
7. A security engineer is implementing a solution to ensure that sensitive data
stored in a cloud database is unreadable if the underlying storage media is stolen.
, Which of the following is the BEST control?
a) Hashing
b) Tokenization
c) Encryption at rest
d) Data loss prevention (DLP)
Answer: c) Encryption at rest
Encryption at rest protects data stored on media (like hard drives or databases). If the
media is physically stolen, the data remains unreadable without the decryption key,
ensuring confidentiality.
8. An organization wants to implement a wireless security solution that uses the
latest standards and requires the use of a RADIUS server for centralized
authentication. Which of the following is the BEST choice?
a) WPA2-Personal
b) WPA3-Enterprise
c) Open network with captive portal
d) WEP
Answer: b) WPA3-Enterprise
*WPA3-Enterprise is the latest standard for securing Wi-Fi networks, utilizing 192-bit
encryption in its highest mode and requiring a RADIUS/AAA server for centralized
authentication, which is ideal for organizations.*
9. A system administrator needs to ensure that a software application is free from
known vulnerabilities before it is deployed to production. Which of the following
practices would BEST accomplish this?
a) Static code analysis
b) Fuzzing
c) Vulnerability scanning
d) Penetration testing
Answer: a) Static code analysis
Static code analysis (SAST) examines the source code of the application to identify security
flaws, logic errors, and compliance issues before the application is compiled and deployed.
10. Which of the following types of access control defines permissions based on
the user's job function or position within the organization?
a) Mandatory Access Control (MAC)
b) Discretionary Access Control (DAC)
c) Role-Based Access Control (RBAC)
d) Attribute-Based Access Control (ABAC)
Answer: c) Role-Based Access Control (RBAC)
RBAC assigns permissions to roles (e.g., "Sales Manager," "Database Administrator") rather
CERTIFICATION TEST
CompTIA Security+ (SY0-701) Practice Exam
1. A security analyst is conducting a penetration test and has gained access to a
system. They want to maintain access for further exploration. Which of the
following actions BEST represents this phase?
a) Scanning
b) Gaining access
c) Privilege escalation
d) Persistence
Answer: d) Persistence
Persistence involves creating backdoors or other methods to ensure continued access to a
compromised system, even after a reboot or password change. This is a key phase after
initial exploitation.
2. A company wants to ensure that even if a user's password is compromised, an
attacker cannot access the corporate VPN without a second form of verification.
Which of the following is the BEST solution?
a) Single sign-on (SSO)
b) Mandatory Access Control (MAC)
c) Multifactor authentication (MFA)
d) Role-based access control (RBAC)
Answer: c) Multifactor authentication (MFA)
MFA requires two or more verification factors (e.g., password and a push notification to a
phone), significantly reducing the risk of account takeover even if one factor is
compromised.
3. An organization experiences a widespread ransomware attack that encrypts
critical servers. The incident response team restores the servers from backups.
Which of the following phases of the incident response process are they currently
in?
a) Preparation
b) Identification
c) Containment, Eradication, and Recovery
,d) Lessons Learned
Answer: c) Containment, Eradication, and Recovery
Restoring systems from backups falls under the Recovery sub-phase, which is part of the
"Containment, Eradication, and Recovery" phase. The goal is to return affected systems to
normal operations.
4. Which of the following threat actors is MOST likely to be state-sponsored and
have the highest level of resources, patience, and operational security?
a) Script kiddie
b) Hacktivist
c) Advanced Persistent Threat (APT)
d) Insider threat
Answer: c) Advanced Persistent Threat (APT)
APTs are typically state-sponsored or state-affiliated groups with significant resources.
They conduct long-term, targeted operations to steal data or maintain persistent access,
often remaining undetected for extended periods.
5. A network administrator is configuring a firewall to block all traffic from a
specific IP address that was identified as a source of a DoS attack. What type of
control is this?
a) Preventive
b) Detective
c) Corrective
d) Compensating
Answer: a) Preventive
Blocking traffic is a preventive control, as it acts to stop a security incident from occurring
or impacting the network. It proactively enforces security rules.
6. Which of the following cryptographic algorithms is considered deprecated and
should generally be avoided due to known vulnerabilities like collision attacks?
a) AES-256
b) RSA-4096
c) SHA-1
d) ECDH
Answer: c) SHA-1
*The SHA-1 hash algorithm has been proven vulnerable to collision attacks, where two
different inputs produce the same hash output. It has been deprecated in favor of more
secure algorithms like SHA-256 and SHA-3.*
7. A security engineer is implementing a solution to ensure that sensitive data
stored in a cloud database is unreadable if the underlying storage media is stolen.
, Which of the following is the BEST control?
a) Hashing
b) Tokenization
c) Encryption at rest
d) Data loss prevention (DLP)
Answer: c) Encryption at rest
Encryption at rest protects data stored on media (like hard drives or databases). If the
media is physically stolen, the data remains unreadable without the decryption key,
ensuring confidentiality.
8. An organization wants to implement a wireless security solution that uses the
latest standards and requires the use of a RADIUS server for centralized
authentication. Which of the following is the BEST choice?
a) WPA2-Personal
b) WPA3-Enterprise
c) Open network with captive portal
d) WEP
Answer: b) WPA3-Enterprise
*WPA3-Enterprise is the latest standard for securing Wi-Fi networks, utilizing 192-bit
encryption in its highest mode and requiring a RADIUS/AAA server for centralized
authentication, which is ideal for organizations.*
9. A system administrator needs to ensure that a software application is free from
known vulnerabilities before it is deployed to production. Which of the following
practices would BEST accomplish this?
a) Static code analysis
b) Fuzzing
c) Vulnerability scanning
d) Penetration testing
Answer: a) Static code analysis
Static code analysis (SAST) examines the source code of the application to identify security
flaws, logic errors, and compliance issues before the application is compiled and deployed.
10. Which of the following types of access control defines permissions based on
the user's job function or position within the organization?
a) Mandatory Access Control (MAC)
b) Discretionary Access Control (DAC)
c) Role-Based Access Control (RBAC)
d) Attribute-Based Access Control (ABAC)
Answer: c) Role-Based Access Control (RBAC)
RBAC assigns permissions to roles (e.g., "Sales Manager," "Database Administrator") rather
