CompTIA Security+ Exam Flashcards

Q: What is the CompTIA Security+ passing score?

The CompTIA Security+ passing score is 750 on a 100-900 scale. Because CompTIA uses scaled scoring and performance-based questions, do not treat this as a simple raw percentage. Use practice results by domain to decide what to review next.

Q: How hard is the CompTIA Security+ exam?

CompTIA Security+ (SY0-701) is moderately challenging because it mixes security vocabulary with applied scenarios. The exam includes up to 90 multiple-choice and performance-based questions in 90 minutes. Prior networking knowledge helps, but candidates still need practice with logs, access control, vulnerability prioritization, incident response, and governance scenarios.

Q: How long should I study for Security+?

Most candidates should plan 90-150 hours, depending on networking background and hands-on security experience. CompTIA recommends Network+ knowledge and two years in a security or systems administrator role, but there are no formal prerequisites. Spend extra time on Security Operations and Threats/Vulnerabilities because they make up half the exam.

Q: Is CompTIA Security+ worth it for government jobs?

Yes. CompTIA lists Security+ for multiple DoD 8140 work roles, including cyber defense analyst, incident responder, vulnerability analyst, security control assessor, system administrator, network specialist, systems planner, IT project manager, information security manager, and secure software assessor.

Q: Which Security+ domains should I prioritize?

Prioritize Security Operations (28%) and Threats, Vulnerabilities, and Mitigations (22%) first because together they make up half the exam. Then cover Security Program Management and Oversight (20%), Security Architecture (18%), and General Security Concepts (12%). Use missed questions to rebalance your final review.

Q: What is the Security+ retake policy and exam cost?

The standard U.S. Security+ exam voucher price is $425. If you fail, you can retake immediately with no waiting period for your second attempt. For a third attempt or subsequent retakes, you must wait at least 14 calendar days. There's no limit on retake attempts, but you pay the full voucher price each time. The certification is valid for 3 years and can be renewed through continuing education units (CEUs).

Question 1

Phishing

Accepted Answer

Social engineering attack using fraudulent emails/messages to trick users into revealing credentials or installing malware. Variants: Spear phishing (targeted), Whaling (executives), Vishing (voice), Smishing (SMS). Defense: user training, email filtering.

Question 2

Ransomware

Accepted Answer

Malware that encrypts victim's data and demands payment for decryption key. Spreads via phishing, RDP, vulnerabilities. Prevention: backups (3-2-1 rule), patching, user training, endpoint protection. Never guarantee recovery if paid.

Question 3

SQL Injection

Accepted Answer

Attack inserting malicious SQL code through user input to manipulate databases. Can extract, modify, or delete data. Prevention: parameterized queries, input validation, least privilege database accounts, WAF.

Question 4

Cross-Site Scripting (XSS)

Accepted Answer

Injecting malicious scripts into web pages viewed by other users. Types: Stored (persistent), Reflected (non-persistent), DOM-based. Steals cookies, sessions, credentials. Prevention: input validation, output encoding, CSP.

Question 5

Man-in-the-Middle (MITM)

Accepted Answer

Attacker secretly intercepts and possibly alters communication between two parties. Can capture credentials, inject malware. Prevention: encryption (HTTPS, VPN), certificate validation, HSTS.

Question 6

DDoS (Distributed Denial of Service)

Accepted Answer

Overwhelming target with traffic from multiple sources to disrupt service. Types: volumetric (bandwidth), protocol (SYN flood), application layer (HTTP flood). Mitigation: CDN, rate limiting, DDoS protection services.

Question 7

Zero-Day

Accepted Answer

Attack exploiting unknown vulnerability before patch is available. Extremely dangerous—no signature for detection. Mitigation: defense in depth, behavior-based detection, least privilege, network segmentation.

Question 8

Password Attacks

Accepted Answer

Brute force: try all combinations. Dictionary: try common words/passwords. Rainbow table: precomputed hash lookup. Password spraying: few passwords against many accounts. Prevention: strong passwords, MFA, account lockout, salted hashes.

Question 9

Symmetric Encryption

Accepted Answer

Same key for encryption and decryption. Fast, efficient for large data. Algorithms: AES (preferred, 128/256-bit), 3DES (legacy), Blowfish. Challenge: secure key distribution. Used for: data at rest, VPNs, disk encryption.

Question 10

Asymmetric Encryption

Accepted Answer

Public/private key pair. Public encrypts, private decrypts (or vice versa for signing). Slower than symmetric. Algorithms: RSA, ECC, Diffie-Hellman. Used for: key exchange, digital signatures, PKI.

Question 11

Hashing

Accepted Answer

One-way function producing fixed-length digest. Cannot reverse to original data. Used for: integrity verification, password storage. Algorithms: SHA-256 (recommended), SHA-3, MD5/SHA-1 (deprecated). Collisions are a concern.

Question 12

Digital Signature

Accepted Answer

Proves authenticity and integrity. Process: hash message, encrypt hash with private key. Recipient decrypts with public key, compares hashes. Provides: authentication, integrity, non-repudiation.

Question 13

PKI (Public Key Infrastructure)

Accepted Answer

Framework for managing digital certificates and keys. Components: CA (Certificate Authority), RA (Registration Authority), certificates, CRL/OCSP (revocation). Enables secure communication and authentication.

Question 14

TLS (Transport Layer Security)

Accepted Answer

Protocol securing network communications. Replaces SSL. Provides: encryption, integrity, authentication. Uses: asymmetric for key exchange, symmetric for data. TLS 1.2/1.3 current standards. Basis for HTTPS.

Question 15

Authentication Factors

Accepted Answer

Something you know (password, PIN). Something you have (token, smart card, phone). Something you are (biometrics). Somewhere you are (location). Something you do (behavior). MFA combines multiple factors.

Question 16

Single Sign-On (SSO)

Accepted Answer

One authentication grants access to multiple systems. Improves user experience, reduces password fatigue. Protocols: SAML, OAuth, OpenID Connect. Risk: compromised credentials affect all systems.

Question 17

LDAP (Lightweight Directory Access Protocol)

Accepted Answer

Protocol for accessing directory services. Stores user/computer info. Active Directory uses LDAP. Port 389 (unencrypted), 636 (LDAPS). Used for centralized authentication and authorization.

Question 18

Access Control Models

Accepted Answer

DAC (Discretionary): Owner controls access. MAC (Mandatory): Labels/clearances, strict hierarchy. RBAC (Role-Based): Access by job role. ABAC (Attribute-Based): Multiple attributes determine access.

Question 19

Least Privilege

Accepted Answer

Users and systems get minimum permissions needed for their function. Reduces attack surface and damage from compromise. Regularly review and revoke unnecessary access. Core security principle.

Question 20

Federation

Accepted Answer

Trust relationship between organizations allowing users to access resources across domains. Uses: SAML, OAuth. Example: using Google account to log into third-party site. Enables B2B and cloud access.

Question 21

Firewall Types

Accepted Answer

Packet filtering: examines headers (Layer 3-4). Stateful: tracks connection state. Application/proxy: inspects content (Layer 7). NGFW: combines features + IPS, DPI, application awareness. WAF: protects web apps.

Question 22

IDS vs IPS

Accepted Answer

IDS (Intrusion Detection): monitors and alerts on suspicious activity, passive. IPS (Intrusion Prevention): monitors and blocks attacks, inline/active. Detection methods: signature-based, anomaly-based, heuristic.

Question 23

VPN (Virtual Private Network)

Accepted Answer

Encrypted tunnel over public network. Types: Site-to-site (between networks), Remote access (individual users). Protocols: IPsec (network layer), SSL/TLS VPN (transport layer), WireGuard. Provides confidentiality and integrity.

Question 24

Network Segmentation

Accepted Answer

Dividing network into smaller zones with controlled access between them. Limits lateral movement if breached. Implementations: VLANs, subnets, firewalls, microsegmentation. Zero trust assumes breach.

Question 25

DMZ (Demilitarized Zone)

Accepted Answer

Network segment between internal network and internet. Hosts public-facing services (web, email, DNS). Protected by firewalls on both sides. Compromised DMZ server can't directly access internal network.

Question 26

NAC (Network Access Control)

Accepted Answer

Controls device access to network based on compliance. Checks: antivirus status, patches, configuration. Non-compliant devices quarantined or remediated. 802.1X for port-based authentication.

Question 27

SIEM (Security Information and Event Management)

Accepted Answer

Centralized log collection, correlation, and analysis. Provides real-time alerts, dashboards, forensics. Aggregates logs from firewalls, servers, endpoints. Key for incident detection and compliance.

Question 28

Vulnerability Scanning

Accepted Answer

Automated discovery of security weaknesses. Types: credentialed (authenticated, more thorough), non-credentialed. Scan regularly, prioritize by severity (CVSS). Tools: Nessus, Qualys, OpenVAS. Different from penetration testing.

Question 29

Penetration Testing

Accepted Answer

Authorized simulated attack to find vulnerabilities. Types: black box (no info), white box (full info), gray box (partial). Steps: recon, scanning, exploitation, post-exploitation, reporting. Get written authorization.

Question 30

Incident Response Steps

Accepted Answer

1) Preparation (plans, tools, training). 2) Identification (detect, verify). 3) Containment (limit damage). 4) Eradication (remove threat). 5) Recovery (restore systems). 6) Lessons learned (improve). Document everything.

Question 31

Chain of Custody

Accepted Answer

Documentation tracking who handled evidence, when, and what was done. Essential for legal proceedings. Includes: date/time, handler name, action taken, storage location. Maintain integrity of evidence.

Question 32

Business Continuity vs Disaster Recovery

Accepted Answer

BC: keeping business running during disruption (alternate sites, processes). DR: restoring IT systems after disaster. RPO: acceptable data loss. RTO: acceptable downtime. Both require planning and testing.

Question 33

Risk Assessment

Accepted Answer

Identifying and evaluating risks. Formula: Risk = Threat × Vulnerability × Impact. Qualitative: high/medium/low ratings. Quantitative: dollar values (ALE = ARO × SLE). Informs security investments.

Question 34

Risk Responses

Accepted Answer

Avoid: eliminate risk by removing activity. Mitigate: reduce likelihood or impact with controls. Transfer: shift risk to third party (insurance, contracts). Accept: acknowledge and document risk. No response = negligence.

Question 35

Security Frameworks

Accepted Answer

NIST: comprehensive US government framework. CIS Controls: prioritized security actions. ISO 27001: international standard, certifiable. COBIT: IT governance. Use frameworks to structure security programs.

Question 36

Regulations

Accepted Answer

HIPAA: healthcare data. PCI DSS: payment cards. GDPR: EU personal data. SOX: financial reporting. FERPA: student records. Non-compliance can result in fines, legal action, reputation damage.

Question 37

Data Classification

Accepted Answer

Categorizing data by sensitivity. Government: Top Secret, Secret, Confidential, Unclassified. Corporate: Confidential, Private, Sensitive, Public. Determines handling, storage, access controls required.

Question 38

Defense in Depth

Accepted Answer

Multiple layers of security controls. If one fails, others provide protection. Layers: physical, network, host, application, data. No single point of failure. Assume each layer may be bypassed.

Question 39

Zero Trust

Accepted Answer

Security model assuming no implicit trust. 'Never trust, always verify.' Verify identity, device health, context for every access request. Microsegmentation, least privilege, continuous validation.

Question 40

Cloud Security

Accepted Answer

Shared responsibility model: cloud provider secures infrastructure, customer secures data/config. Concerns: data sovereignty, multi-tenancy, API security. Tools: CASB, CSPM. Encrypt data, manage access carefully.

Question 41

Virtualization Security

Accepted Answer

Concerns: VM escape (breaking out to hypervisor), VM sprawl (unmanaged VMs), resource contention. Controls: patch hypervisors, isolate networks, secure VM templates, monitor activity.

Question 42

Secure Coding Practices

Accepted Answer

Input validation, output encoding, parameterized queries, error handling (no sensitive info in errors), secure authentication, encryption of sensitive data, principle of least privilege. OWASP Top 10 as guide.

Question 43

EDR (Endpoint Detection and Response)

Accepted Answer

Advanced endpoint security with continuous monitoring, threat detection, and response capabilities. Records endpoint activity, uses behavioral analysis, enables investigation and remediation. Beyond traditional AV.

Question 44

DLP (Data Loss Prevention)

Accepted Answer

Prevents unauthorized data transfer. Types: network (monitor traffic), endpoint (control USB, email), cloud (SaaS visibility). Identifies sensitive data via patterns, keywords, classification. Can block, alert, encrypt.

Question 45

Host-Based Firewall

Accepted Answer

Firewall running on individual computer. Controls inbound/outbound traffic per application. Windows Defender Firewall, iptables (Linux). Defense in depth—protects even on internal network.

Question 46

Hardening

Accepted Answer

Reducing attack surface. Disable unnecessary services/ports, remove unused software, apply patches, strong configurations, disable default accounts. Use security benchmarks (CIS). Regular audits.

Question 47

Physical Security Controls

Accepted Answer

Deterrent: signs, guards. Preventive: locks, mantraps, fencing. Detective: cameras, motion sensors, alarms. Compensating: backup controls when primary fails. Layer physical and logical security.

Question 48

Environmental Controls

Accepted Answer

HVAC: temperature/humidity control for equipment. Fire suppression: FM-200, CO2, water (sprinklers). UPS: battery backup for short outages. Generator: extended power outages. Monitor and maintain.

Question 49

Wireless Security Protocols

Accepted Answer

WEP: deprecated, easily cracked (IV weakness). WPA: TKIP, improved but vulnerable. WPA2: AES-CCMP, current minimum standard. WPA3: SAE (resistant to offline attacks), required for WiFi 6 certification.

Question 50

Wireless Attacks

Accepted Answer

Evil twin: rogue AP mimicking legitimate. Deauthentication: forcing clients to reconnect (capture handshake). WPS attack: brute force PIN. Jamming: disrupting signal. Defense: strong encryption, disable WPS, monitor for rogues.

Free CompTIA Security+ Exam Flashcards

Filter by Topic

Jump to Card

About These CompTIA Security+ Flashcards

Topics Covered

Frequently Asked Questions

CompTIA Security+