CompTIA Security+ — free practice exam
50 original practice questions aligned to official exam domains. Run a timed, domain-weighted quiz in your browser — no login required.
Exam domains
| Domain | Weight |
|---|---|
| Domain 1: General Security Concepts | 12% |
| Domain 2: Threats, Vulnerabilities, and Mitigations | 22% |
| Domain 3: Security Architecture | 18% |
| Domain 4: Security Operations | 28% |
| Domain 5: Security Program Management | 20% |
Sample practice questions
- In the AAA security architecture, the process of granting or denying access to resources is known as:
- In the AAA security architecture, the process of tracking accessed services and logging resource consumption is called:
- An access control vestibule (a.k.a. mantrap) is a physical security access control system used to prevent unauthorized…
- Which of the following best applies to the concept of non-repudiation?
- In the context of the AAA framework, common methods for authenticating people include: (Select 3 answers)
- Which of the following answers can be used to describe technical security controls? (Select 3 answers)
- Examples of deterrent security controls include: (Select 3 answers)
- Which of the following examples fall into the category of operational security controls? (Select 3 answers)
- Which of the following examples do not fall into the category of physical security controls? (Select 3 answers)
- Examples of managerial security controls include: (Select 3 answers)
- What are the examples of preventive security controls? (Select 3 answers)
- A hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates is…
- A honeyfile can be used for:
- A honeyfile can be any type of file (e.g., a document, email message, image, or video file) containing real user data…
- What is a honeynet in the context of cybersecurity?
- What is a honeytoken?
- Which of the following should not be used as honeytokens? (Select all that apply)
- What are the key components of the Zero Trust Control Plane's Policy Decision Point (PDP)? (Select 2 answers)
- Key escrow is a cryptographic technique that enables storing copies of encryption keys with a trusted third party. A…
- Which of the answers listed below can be used to describe operational security controls? (Select 3 answers)
- Which of the answers listed below best describes the characteristics of a public-private key pair?
- Which of the answers listed below refer to common methods of device authentication used within the AAA framework?…
- Which of the answers listed below refer(s) to compensating security control(s)? (Select all that apply)
- Which of the answers listed below refer(s) to detective security control(s)? (Select all that apply)
Browse all 50 indexed questions for this exam.