security+ practice test Practice Exam: Test Your Knowledge 2025

A security administrator needs to implement a control that prevents users from installing unauthorized software on their workstations. Which of the following would BEST accomplish this goal?

An organization wants to implement a security model where access decisions are made based on the sensitivity of data and the clearance level of users. Which access control model should be implemented?

A penetration tester successfully exploits a web application and gains access to the underlying database. The tester then uses stored credentials to access the company's file server. Which of the following techniques did the tester use after the initial exploit?

An employee receives an email claiming to be from the IT department requesting that they click a link to verify their account credentials. The link leads to a website that looks identical to the company's login page. Which type of attack is this?

A security analyst discovers that an attacker exploited a vulnerability in a web application before a patch was made available by the vendor. Which of the following BEST describes this scenario?

A company's web server is experiencing performance degradation. Analysis reveals that the server is receiving an excessive number of SYN packets from multiple source IP addresses, but the three-way handshake is never completed. Which attack is occurring?

An organization needs to segment its network to isolate payment processing systems from other business operations to meet compliance requirements. Which of the following network security concepts is being implemented?

A security architect is designing a solution to protect the organization's internal network from external threats while allowing employees to access internet resources. The solution should inspect traffic at the application layer. Which device should be implemented?

An organization wants to implement a secure method for remote employees to access internal resources. The solution should encrypt all traffic and authenticate users before granting access. Which technology should be deployed?

A company is implementing a cloud architecture where the security responsibility is shared between the cloud provider and the organization. The provider manages physical security and hypervisor security, while the organization manages guest OS security and application security. Which cloud service model is being used?

A security operations center (SOC) analyst notices unusual outbound traffic from a database server to an external IP address during non-business hours. Which of the following should be the analyst's FIRST response?

An organization wants to proactively identify potential security threats by analyzing indicators of compromise and threat intelligence feeds. Which of the following activities is being described?

A system administrator needs to securely store passwords in a database. Which of the following cryptographic techniques should be used to ensure passwords cannot be reversed even if the database is compromised?

During a security audit, an analyst discovers that several employees are using the same shared administrator account to perform privileged tasks. Which security principle is being violated?

A security team is implementing a SIEM solution to centralize log collection and analysis. Which of the following is the PRIMARY benefit of this implementation?

An organization experiences a ransomware attack that encrypts critical business data. The security team isolates affected systems and begins recovery. Which phase of the incident response process is the team currently in?

A company must comply with regulations requiring annual security assessments by an independent third party. Which of the following BEST describes this type of assessment?

An organization is developing a new mobile application that will handle customer financial data. The security team needs to identify potential security issues early in the development process. Which of the following should be implemented?

A security manager needs to quantify the financial impact of potential security incidents to justify budget allocation for new controls. Which of the following risk assessment approaches should be used?

An organization's security policy requires that all vendor access to internal systems be documented, monitored, and reviewed quarterly. The organization also requires vendors to sign agreements accepting responsibility for security incidents caused by their actions. Which of the following documents should the vendor sign?