CompTIA Security+ Quiz

What is the primary goal of information security?

Which of the following is a common security principle known as the “principle of least privilege”?

Which encryption protocol is commonly used to secure web traffic?

Which type of malware disguises itself as a legitimate program or file?

What is the purpose of a firewall in a network security context?

Which of the following is not a secure password practice?

What is the purpose of biometric authentication?

What is the primary security concern with public Wi-Fi networks?

Which encryption algorithm is commonly used for securing email communication?

What is the purpose of a security policy in an organization?

What is a DMZ in network security?

Which security protocol is used to secure remote logins and data transfers over the internet?

What is the primary function of an intrusion detection system (IDS)?

In the context of cryptography, what is the term for the process of converting plaintext into unreadable text?

Which of the following is an example of a physical security control?

Which protocol is commonly used for secure remote access to a corporate network?

What is a common social engineering technique that involves sending fraudulent emails to trick recipients into revealing sensitive information?

What type of attack involves an attacker making multiple attempts to guess a user’s password?

Which of the following is a best practice for wireless network security?

What is the purpose of a security risk assessment?

What is the primary purpose of access control in information security?

Which of the following is a type of denial-of-service (DoS) attack that uses multiple compromised systems to flood a target with traffic?

What is the primary function of a security token in two-factor authentication (2FA)?

Which of the following is an example of a secure disposal method for old hard drives and storage media?

What is the primary purpose of a security incident response plan?

What is the primary purpose of a VPN (Virtual Private Network)?

Which security concept involves the practice of separating duties and responsibilities among multiple employees or systems to prevent fraud or errors?

What is a common method for securing mobile devices and data on them?

What type of malware encrypts a user’s data and demands a ransom for decryption?

Which cryptographic algorithm is commonly used to secure web traffic and provide data integrity and authentication?

Which of the following is an example of a physical access control method?

What does the term “pharming” refer to in the context of security threats?

Which security protocol is commonly used to encrypt email messages?

Which of the following is a secure method for disposing of printed documents that contain sensitive information?

What is the primary purpose of an intrusion prevention system (IPS)?

What is a common security measure to protect against malware infections in an organization?

Which encryption protocol is commonly used to secure email communication between clients and servers?

What is the primary purpose of a network firewall?

What is the purpose of a Certificate Authority (CA) in a Public Key Infrastructure (PKI) system?

Which of the following is a common method to protect against eavesdropping on wireless networks?

What does the term “zero-day vulnerability” refer to in the context of security?

What is the purpose of penetration testing in cybersecurity?

Which authentication factor falls into the “something you know” category?

What is the primary function of a proxy server in a network security context?

Which of the following is a key component of a disaster recovery plan (DRP)?

What is the purpose of a Security Information and Event Management (SIEM) system?

What is the term for a system that verifies the identity of a user or device before allowing access to a network or application?

Which of the following is a best practice for secure password management?

What is a common form of physical security control for restricting access to a data center or server room?

What does the term “BYOD” stand for in the context of security?

What is the purpose of a VPN concentrator in a virtual private network (VPN) infrastructure?

Which of the following is a common security protocol used for remote desktop access?

What does “SSO” stand for in the context of access control?

What is the primary purpose of a security token in multi-factor authentication (MFA)?

What is the primary goal of network segmentation in security architecture?

Which of the following is a common wireless security protocol that provides encryption for wireless networks?

What does “ACL” stand for in network security?

What is the term for a security mechanism that grants or denies access based on the source IP address of incoming traffic?

What is the primary purpose of data loss prevention (DLP) technology?

What is the term for a security technique that hides internal network addresses from external view?

What does “PKI” stand for in the context of security?

What is the primary purpose of a security assessment or audit?

Which of the following is an example of a security control for protecting against data exfiltration?

What is the primary purpose of a security awareness and training program within an organization?

Which of the following is a common security measure for protecting against SQL injection attacks?

What does “MAC” stand for in the context of security?

Which of the following is an example of a public cloud service model?

What is the primary purpose of a security incident response plan (SIRP)?

What is the primary purpose of a security baseline in security configuration management?

What does the term “RTO” stand for in the context of disaster recovery?

What is the primary purpose of a security assessment in the context of risk management?

What does “OT” stand for in the context of cybersecurity?

Which of the following is a common security measure to protect against ransomware attacks?

What is the primary function of a security policy in an organization?

What does the term “MFA” stand for in the context of authentication?

What is the primary purpose of a data classification policy?

What does the term “DLP” stand for in the context of security?

What is the primary purpose of a business continuity plan (BCP)?

What is the purpose of a security control in information security?

What is the term for a system that allows organizations to track and manage the access rights of employees to various resources?

What does the term “IoT” stand for in the context of cybersecurity?

What is the primary goal of a disaster recovery plan (DRP)?

Which of the following is a common authentication factor in multi-factor authentication (MFA)?

What is the primary function of a security incident response plan (SIRP)?

What is the purpose of a security token in two-factor authentication (2FA)?

What does “SSD” stand for in the context of encryption?

What is the term for the process of examining and testing the security of an information system to identify vulnerabilities?

What is the primary purpose of a secure email gateway in an organization?

What does the term “EOL” stand for in the context of software and hardware maintenance?

What is the term for the process of concealing one’s identity on the internet by rerouting network traffic through multiple servers or nodes?

What is the primary purpose of a security template in system security?

What does the term “SSO” stand for in the context of authentication?

Which of the following is a common security measure for securing mobile devices?

What is the primary purpose of a vulnerability assessment in cybersecurity?

Which of the following is an example of a biometric authentication method?

What is the primary purpose of a security token in two-factor authentication (2FA)?

What is the term for a system that monitors and controls access to physical spaces, such as server rooms or data centers?

What is the primary purpose of a security policy in an organization?

Which of the following is a common network security protocol for securing remote login sessions?

What is the term for the process of converting encrypted data back into its original form?

What does “DOS” stand for in the context of cybersecurity?

What is the primary purpose of a security assessment in the context of risk management?

Which of the following is a common security measure to protect against password attacks?

What is the term for the process of confirming that a user is who they claim to be in the context of authentication?

Which security concept involves limiting user access to the minimum level required to perform their job functions?

What does “NAC” stand for in the context of network security?

What is the primary purpose of a security information and event management (SIEM) system?

What is the term for a program or device that can spread and replicate itself to other systems, often with malicious intent?

Which of the following is an example of a security control for protecting against malware?

What is the term for a technique used to trick individuals into revealing sensitive information, such as usernames and passwords, by posing as a trustworthy entity?

What is the primary goal of network segmentation in a security context?

What is the term for a security measure that monitors and records access to a system or network for analysis and auditing?

Which of the following is an example of a security control for protecting against a brute force attack on user passwords?

What does “BYOD” stand for in the context of security?

What is the primary purpose of a security control called “firewall”?

What is the primary purpose of a security control called “IDS” (Intrusion Detection System)?

What is the primary purpose of a security control called “IPS” (Intrusion Prevention System)?

What is the term for a hardware or software solution that provides authentication for users and devices to access a network or application?

What is the primary purpose of a digital certificate in public key infrastructure (PKI)?

What is the term for a method that allows an organization to grant or deny access to specific areas within a facility based on an individual’s role and responsibilities?

What does “WPA” stand for in the context of wireless network security?

What is the primary purpose of a security policy in an organization?

What is the primary purpose of a proxy server in a network security context?

What does the term “ACL” stand for in network security?

What is the primary purpose of a security awareness and training program within an organization?

What is the term for a security measure that enforces strict control over data flows in and out of a network, based on a set of rules?

What is the primary purpose of data classification in an organization?

What does the term “DRP” stand for in the context of cybersecurity?

What is the term for a type of security control that restricts the actions that authenticated users can perform on a system or network?

What does “MFA” stand for in the context of authentication?