SkillTestPro | CompTIA Security+ Practice Test 33

CompTIA Security+ Practice Test 33

CompTIA Security+ Exam Practice Test

1 / 10

A marketing firm’s employee downloads a free tool from an unverified site. Soon after, files are encrypted with a “.locked” extension, and a ransom note appears. What occurred, and what should the IT team do FIRST?

A Trojan; isolate the system.

A worm; update antivirus.

Ransomware; disconnect from the network.

Spyware; change passwords.

Adware; reboot the system.

2 / 10

A bank processes credit card transactions online. During an audit, regulators demand proof of compliance with a standard requiring encryption and access controls. Which standard applies, and what should the bank demonstrate?

GDPR; data retention policies.

PCI DSS; encrypted cardholder data.

HIPAA; patient record security.

ISO 27001; risk assessments.

NIST CSF; incident response plans.

3 / 10

A security analyst at a law firm notices a workstation sending 10,000 ICMP echo requests to an external server in one minute, disrupting network performance. What is happening, and what should be done FIRST?

A ping flood; block the external IP.

A SYN flood; reset the workstation.

A hardware issue; replace the NIC.

A software update; ignore it.

A user error; train the employee.

4 / 10

A retail website crashes after a customer submits a form with unusual characters (e.g., ‘ OR 1=1 --), exposing database records. What vulnerability was exploited, and what should the developer fix FIRST?

XSS; sanitize user inputs.

CSRF; add token validation.

SQL injection; implement parameterized queries.

Buffer overflow; limit input size.

Session hijacking; use HTTPS.

5 / 10

A remote team accesses a corporate CRM system via RDP. Recently, logs show brute-force attempts on port 3389 from external IPs. What should the IT admin implement to secure these connections without disrupting access?

Change the port to 443.

Disable RDP entirely.

Allow all traffic on 3389.

Use plaintext passwords.

Enable Network Level Authentication (NLA).

6 / 10

A software vendor releases a critical update with a hash value posted on their site. After downloading, a security analyst notices the file’s hash doesn’t match. What is the MOST likely issue, and what should be done NEXT?

A corrupted download; redownload the file.

A system error; ignore the mismatch.

A hardware issue; replace the drive.

A man-in-the-middle attack; verify the source and report.

A user error; install it anyway.

7 / 10

A healthcare provider is designing a new patient portal hosted in the cloud. The portal must comply with strict privacy laws and protect sensitive data from breaches. Which architecture should the IT team adopt to ensure data security during processing?

A public cloud with shared resources.

A private cloud with confidential computing.

A hybrid cloud with no encryption.

A community cloud with open access.

A serverless model with public APIs.

8 / 10

During a routine audit, a manufacturing firm discovers an employee’s workstation has been sending encrypted packets to an external IP for weeks. Antivirus scans show no threats, but the system has hidden processes. What is the MOST likely cause, and what should be investigated?

A worm; network traffic logs.

A phishing attack; email records.

A hardware glitch; CPU logs.

A misconfiguration; firewall rules.

A rootkit; system files and processes.

9 / 10

An e-commerce company’s server logs show a sudden spike in resource usage overnight, with no scheduled tasks or user activity. A process named “xmrig” is running, consuming 90% of CPU. What is the MOST likely issue, and what should be done FIRST?

A misconfigured update; restart the server.

A hardware failure; replace the CPU.

A legitimate task; ignore it.

Cryptojacking; isolate the server.

A DDoS attack; block external IPs.

10 / 10

A financial firm’s HR manager receives an email marked “urgent” from what appears to be the CEO’s address, requesting employee payroll data. The email domain is slightly misspelled (e.g., ceo@compnay.com instead of ceo@company.com), and it urges immediate action. What is the MOST likely threat, and what should the manager do FIRST?

A worm; update antivirus software.

Typosquatting phishing; verify the sender’s identity.

A Trojan; reboot the system.

A logic bomb; delete the email.

Spyware; change passwords.

Your score is

The average score is 90%