Loading page
10 free CompTIA Security+ practice questions spanning all five SY0-701 domains, each with the correct answer and a plain-English explanation. No account, no payment, nothing to install. Read the question, pick your answer, then reveal the explanation.
Last updated June 2026
Which security principle ensures that information has not been altered by an unauthorized party?
Correct answer: B. Integrity
Integrity ensures data is not modified by unauthorized users, and hashing is used to verify it. Confidentiality is about secrecy, availability is about access, and non-repudiation is about proving who took an action.
A system uses a key pair so that data encrypted with the public key can only be decrypted with the matching private key. What type of cryptography is this?
Correct answer: C. Asymmetric encryption
Asymmetric (public key) cryptography uses a public and private key pair. Symmetric encryption uses one shared key, hashing is one-way and cannot be decrypted, and steganography hides data inside other data.
A login requires a password plus a code from an authenticator app. Which two authentication factors are in use?
Correct answer: A. Something you know and something you have
A password is something you know, and a one-time code from an authenticator app is something you have. Combining two different factor types is what makes it true multifactor authentication.
An attacker sends a text message pretending to be your bank to trick you into giving up your credentials. What is this attack called?
Correct answer: C. Smishing
Smishing is phishing carried out over SMS text messages. Vishing uses voice or phone calls, whaling targets high-value executives, and phishing is the general email-based term.
Which type of malware encrypts a victim's files and demands payment for the decryption key?
Correct answer: C. Ransomware
Ransomware encrypts files and demands a ransom for the key. A rootkit hides privileged access, a worm self-propagates across systems, and a logic bomb triggers when a specific condition is met.
Which device sits inline on the network and can automatically block malicious traffic, not just alert on it?
Correct answer: B. IPS
An IPS (intrusion prevention system) sits inline and can drop or block malicious traffic in real time. An IDS (intrusion detection system) only detects and alerts, it does not stop the traffic.
Which approach best protects a critical server against a single point of failure?
Correct answer: B. Redundancy and high availability
Redundancy through clustering, failover, and load balancing removes single points of failure and supports availability. Passwords and encryption protect confidentiality, not uptime.
What is the best first step to reduce the attack surface of a newly deployed server?
Correct answer: A. Disable unnecessary services and close unused ports
Disabling unneeded services, closing unused ports, and removing default or guest accounts hardens the host and shrinks its attack surface. Enabling guest accounts or default credentials does the opposite.
In a public key infrastructure (PKI), what is the primary role of a Certificate Authority (CA)?
Correct answer: B. It issues, signs, and revokes digital certificates
A Certificate Authority issues, signs, and revokes digital certificates that bind a public key to a verified identity. It is the trust anchor of a PKI.
A company buys cyber insurance to cover the financial impact of a potential breach. Which risk response is this?
Correct answer: C. Risk transference
Buying insurance transfers the financial risk to a third party, which is risk transference. Avoidance stops the risky activity, acceptance takes no action, and mitigation reduces the likelihood or impact with controls.
This is a free sample. SecPlus Mastery has over 1,000 practice questions, full timed mock exams, spaced review that targets your weak spots, and lessons across all five domains.
Practice questions are original study material aligned to the CompTIA Security+ SY0-701 objectives. CompTIA and Security+ are trademarks of CompTIA, used here for identification only.