Loading page
10 free CompTIA Security+ SY0-701 practice questions for Domain 2, Threats, Vulnerabilities, and Mitigations, which is about 22% of the exam. Each question has the correct answer and a clear explanation. No account or signup needed.
Last updated June 2026
A specific mid-level finance employee receives a carefully tailored email referencing real internal projects to trick them into wiring funds. Which attack is this?
Correct answer: A. Spear phishing
Spear phishing targets a specific individual with personalized details. Whaling specifically targets senior executives, generic phishing is mass and untargeted, and vishing uses voice calls.
Which type of malware self-replicates and spreads across a network on its own, without needing a host file or any user action?
Correct answer: A. Worm
A worm self-propagates across systems without user interaction. A virus needs a host file and usually user action to spread, a Trojan disguises itself as legitimate software, and spyware secretly gathers information.
A user downloads what appears to be a free productivity tool, but it secretly installs a backdoor. Which type of malware is this?
Correct answer: A. Trojan horse
A Trojan disguises malicious functionality inside something that looks legitimate. A worm self-replicates, a logic bomb waits for a trigger condition, and ransomware encrypts files for extortion.
Malicious code is planted in an application and lies dormant until a specific date arrives, then deletes files. What is this called?
Correct answer: A. Logic bomb
A logic bomb is dormant code that triggers when a condition, such as a date, is met. A rootkit hides privileged access, a worm self-spreads, and a keylogger records keystrokes.
Thousands of compromised devices in a botnet simultaneously flood a company website with traffic until it goes offline. Which attack is this?
Correct answer: A. Distributed denial-of-service (DDoS)
A DDoS uses many compromised hosts (a botnet) to overwhelm a target and deny service. An on-path attack intercepts traffic, privilege escalation raises permissions, and phishing is social engineering.
An attacker uses software that systematically tries every possible character combination to guess a password. Which attack is this?
Correct answer: A. Brute-force attack
A brute-force attack tries every possible combination until it finds the password. Pass-the-hash reuses a captured hash, phishing tricks a user into revealing it, and SQL injection targets a database.
An application accepts more input than a memory buffer can hold, letting an attacker overwrite adjacent memory and run their own code. Which vulnerability is being exploited?
Correct answer: A. Buffer overflow
A buffer overflow writes past the bounds of a memory buffer, corrupting adjacent memory and potentially executing attacker code. The other options are distinct web and timing flaws.
A newly deployed network camera is compromised because it was left with the manufacturer default username and password. Which weakness allowed this?
Correct answer: A. Default or weak credentials (misconfiguration)
Leaving default credentials in place is a configuration weakness that attackers routinely exploit. A zero-day is an unknown, unpatched flaw, a supply chain attack compromises a vendor, and an insider misuses legitimate access.
Attackers compromise a trusted software vendor and insert malware into a routine product update, which then installs on every customer that updates. This is best described as a?
Correct answer: A. Supply chain attack
A supply chain attack abuses trust in a vendor or supplier to reach their customers. A watering hole compromises a site the target frequents, brute force guesses credentials, and an evil twin is a rogue wireless access point.
An attacker phones an employee, pretends to be IT support, and convinces them to read out their password. Which social engineering technique is this?
Correct answer: A. Vishing
Vishing is voice phishing, carried out over a phone call. Smishing uses SMS text messages, whaling targets executives, and tailgating is following someone through a secure door.
SecPlus Mastery covers all five SY0-701 domains with over 1,000 practice questions, timed mock exams, and spaced review that targets your weak spots so you walk in ready.
Original practice questions aligned to the CompTIA Security+ SY0-701 objectives. CompTIA and Security+ are trademarks of CompTIA, used here for identification only.