Skip to content

CompTIA Practice Tests
A+ Practice Tests
Security+ Practice Tests
Network+ Practice Tests

CompTIA Security+ Practice Test 6

Time limit: 0

Quiz Summary

0 of 20 Questions completed

Questions:

Information

You have already completed the quiz before. Hence you can not start it again.

Quiz is loading…

You must sign in or sign up to start the quiz.

You must first complete the following:

Results

Test complete. Results are being recorded.

Results

0 of 20 Questions answered correctly

Your time:

Time has elapsed

You have reached 0 of 0 point(s), (0)

Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)

Categories

Not categorized 0%

Next Test Main Menu

Question 1 of 20

1. Question
How can you configure a company’s workstations to connect automatically to their WSUS server for updates?
- A. Baseline definition
- B. Group Policy
- C. Automated remediation
- D. Initial configuration
Correct

Incorrect
Question 2 of 20

2. Question
You are an IT security professional for a large corporation. After receiving reports about some users being unable to access external websites, you reviewed the firewall logs. Which of the following would be a PRIMARY indicator in the logs that a rule is blocking the outbound traffic?
- A. Multiple entries of the same external IP address being ALLOWED
- B. Timestamps showing large gaps between entries
- C. Entries showing DROP/REJECT actions for outbound traffic to port 80 and 443
- D. Logs showing inbound traffic from multiple unknown external IP addresses
Correct

Incorrect
Question 3 of 20

3. Question
After detecting suspicious activity on a network, a digital forensic analyst is dispatched to acquire data from a potentially compromised system. The analyst decides to capture an image of the affected system’s memory. This technique of capturing volatile data is particularly beneficial because:
- A. It helps identify deleted files
- B. It can capture data in real-time operations
- C. It provides information on patch levels
- D. It offers insights into firewall configurations
Correct

Incorrect
Question 4 of 20

4. Question
The first step in effective threat hunting is to define clear objectives. What is the second step?
- A. Aggregate data from various sources
- B. Analyze data using a variety of tools and techniques
- C. Isolate the threat in a controlled environment for further study
- D. Utilize the insights from the process to improve future techniques
Correct

Incorrect
Question 5 of 20

5. Question
Once the root cause data is collected, which analysis provides invaluable insights into the root cause by performing a sequence of events?
- A. Sequence analysis
- B. Timed sequence analysis
- C. Segregation analysis
- D. Timeline analysis
Correct

Incorrect
Question 6 of 20

6. Question
Your company recently upgraded its security infrastructure. They decided to imitate specific cyber threats in a controlled environment to validate how the new system would respond in real-world scenarios without exposing it to actual risks. What kind of test is your company planning to conduct?
- A. Penetration testing
- B. Simulation testing
- C. Vulnerability assessment
- D. Failover testing
Correct

Incorrect
Question 7 of 20

7. Question
Your team is conducting a tabletop exercise. Which part simulates job urgency, requiring the team to make quick yet informed decisions under pressure?
- A. Time constraints
- B. Scenario design
- C. Decision points
- D. Role assignment
Correct

Incorrect
Question 8 of 20

8. Question
Which NIST incident response lifecycle phase focuses on the detection and discovery of indicators of compromise?
- A. Preparation
- B. Containment, eradication and recovery
- C. Detection and analysis
- D. Post-incident activity
Correct

Incorrect
Question 9 of 20

9. Question
Which of the following is an appropriate example of postmortem reviews?
- A. Basic orientation and SOPs
- B. IDS configurations and CISSP
- C. Incident retrospectives
- D. Crisis simulation and cyber drills
Correct

Incorrect
Question 10 of 20

10. Question
When examining the cost of automation, it is important to approach it through the lens of not just initial expenses but _______________. (Complete the sentence.)
- A. long-term investments
- B. long-term impact on finances
- C. seed investment
- D. the cost of depreciation
Correct

Incorrect
Question 11 of 20

11. Question
An employee in the finance department opened an email from someone outside the organization. He downloaded and opened an attachment that turned out to be ransomware. It locked his computer and severely affected the network. Which security solution would have stopped the malicious process and alerted the IT security team?
- A. Network access control
- B. Endpoint detection and response
- C. Endpoint scan and quarantine software
- D. File integrity monitoring
Correct

Incorrect
Question 12 of 20

12. Question
A company’s online retail website faces DDoS attacks that cause significant downtime. Their current setup relies on manual verification of traffic spikes before mitigation efforts are deployed. What change could BEST enhance the company’s reaction time to such attacks in the future?
- A. Educate users to report slow website loading times
- B. Manually back up the website data every hour
- C. Deploy a web application firewall with automated DDoS mitigation features
- D. Increase the website’s bandwidth to handle traffic spikes
Correct

Incorrect
Question 13 of 20

13. Question
An organization plans to integrate a security information and event management (SIEM) system with an incident response platform to allow for automated data sharing and action triggers between the two systems. Which automated linkage can be used for this purpose?
- A. Integrations and application programming interfaces (APIs)
- B. Standard infrastructure configurations (SIC)
- C. Automated systems linking configurations (ASLC)
- D. Continuous integrations system (CIS)
Correct

Incorrect
Question 14 of 20

14. Question
Which key process of CI/CT involves compiling the committed code and building an executable while immediately flagging any errors in this process, ensuring that the codebase remains stable?
- A. Code commitment
- B. Static analysis
- C. Automated build process
- D. Deployment
Correct

Incorrect
Question 15 of 20

15. Question
Your company wants to use transient credentials that are automatically generated for a specific session. They want the credentials to become invalid once the job they were created for is completed. Which temporary solution is the better choice for this job?
- A. Password vaulting credentials
- B. Password access management
- C. Passwordless credentials
- D. Ephemeral credentials
Correct

Incorrect
Question 16 of 20

16. Question
ABC company’s IT department is rolling out a new authentication protocol for remote workers. As part of the multifactor authentication process, employees must provide memorized information that cannot be physically taken from them. Which of the following represents this type of authentication factor?
- A. Fingerprint
- B. Smart card
- C. PIN
- D. USB security key
Correct

Incorrect
Question 17 of 20

17. Question
You have been directed to assign permissions to specific databases and configure who can perform what kind of operations on each database. You want to assign the IT department write permissions while the accounts department should be able to read the entries only. Which type of permission is most suitable in this situation?
- A. Role-based permissions
- B. Resource-based permissions
- C. Group-level permissions
- D. User-level permissions
Correct

Incorrect
Question 18 of 20

18. Question
The IT department for a cleaning chemicals manufacturer is configuring access controls for a new product inventory system. They want the sales team to update the inventory levels and product details but don’t want them to access financial data stored in the same system. Which access control principle is the IT department applying?
- A. Least privilege
- B. Role-based access control (RBAC)
- C. Mandatory access control (MAC)
- D. User-based access control (UBAC)
Correct

Incorrect
Question 19 of 20

19. Question
Identify the SAML modes by analyzing each diagram. Choose the statement that accurately describes the diagrams. (Refer to the exhibit.)
- A. Diagram A is IdP-initiated mode, Diagram B is SP-initiated mode.
- B. Diagram A is SP-initiated mode, Diagram B is IdP-initiated mode.
- C. Diagram A is SAML assertion mode, Diagram B is SAML-intuitive mode
- D. Diagram A is SAML protocol mode, Diagram B is a binding-initiated mode
Correct

Incorrect
Question 20 of 20

20. Question
In a basic OAuth exchange, which tiny piece of code containing authorization information is sent to the client by the authorization server? (Refer to the exhibit.)
- A. Access request
- B. Access grant
- C. Access token
- D. Access resource
Correct

Incorrect

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

Current
Correct
Incorrect

About Us
Contact Us
Privacy Policy

CompTIA® is a registered trademark of the Computing Technology Industry Association, Inc. This website is not endorsed, affiliated, or approved by CompTIA Inc.

Quiz Summary

Information

Results

Results

Categories

1. Question

How can you configure a company’s workstations to connect automatically to their WSUS server for updates?

2. Question

You are an IT security professional for a large corporation. After receiving reports about some users being unable to access external websites, you reviewed the firewall logs. Which of the following would be a PRIMARY indicator in the logs that a rule is blocking the outbound traffic?

3. Question

After detecting suspicious activity on a network, a digital forensic analyst is dispatched to acquire data from a potentially compromised system. The analyst decides to capture an image of the affected system’s memory. This technique of capturing volatile data is particularly beneficial because:

4. Question

The first step in effective threat hunting is to define clear objectives. What is the second step?

5. Question

Once the root cause data is collected, which analysis provides invaluable insights into the root cause by performing a sequence of events?

6. Question

Your company recently upgraded its security infrastructure. They decided to imitate specific cyber threats in a controlled environment to validate how the new system would respond in real-world scenarios without exposing it to actual risks. What kind of test is your company planning to conduct?

7. Question

Your team is conducting a tabletop exercise. Which part simulates job urgency, requiring the team to make quick yet informed decisions under pressure?

8. Question

Which NIST incident response lifecycle phase focuses on the detection and discovery of indicators of compromise?

9. Question

Which of the following is an appropriate example of postmortem reviews?

10. Question

When examining the cost of automation, it is important to approach it through the lens of not just initial expenses but _______________. (Complete the sentence.)

11. Question

12. Question

A company’s online retail website faces DDoS attacks that cause significant downtime. Their current setup relies on manual verification of traffic spikes before mitigation efforts are deployed. What change could BEST enhance the company’s reaction time to such attacks in the future?

13. Question

An organization plans to integrate a security information and event management (SIEM) system with an incident response platform to allow for automated data sharing and action triggers between the two systems. Which automated linkage can be used for this purpose?

14. Question

Which key process of CI/CT involves compiling the committed code and building an executable while immediately flagging any errors in this process, ensuring that the codebase remains stable?

15. Question

Your company wants to use transient credentials that are automatically generated for a specific session. They want the credentials to become invalid once the job they were created for is completed. Which temporary solution is the better choice for this job?

16. Question

17. Question

18. Question

19. Question

Identify the SAML modes by analyzing each diagram. Choose the statement that accurately describes the diagrams. (Refer to the exhibit.)

20. Question

In a basic OAuth exchange, which tiny piece of code containing authorization information is sent to the client by the authorization server? (Refer to the exhibit.)