Free Security+ Practice Test Questions 2.1

Posted by in Security+ | 2 comments

If you’re preparing for the Security+ SY0-401 exam, you might like to check your readiness with a few free practice test questions. This page includes three free practice test questions from the following objective in the SY0-401 exam.

Master Security+ Performance Based Questions Video

Objective 2.1 Explain risk related concepts

  • Control Types
    • Technical
    • Management
    • Operational
  • False positives
  • Importance of policies in reducing risk
    • Privacy policy
    • Acceptable use
    • Security policy
    • Mandatory vacations
    • Job rotation
    • Separation of duties
    • Least privilege
  • Risk calculation
    • Likelihood
    • ALE
    • Impact
    • ARO
    • MTTR
    • MTTF
    • MTBF
  • Quantitative vs. qualitative
  • Vulnerabilities
  • Threat vectors
  • Probability / threat likelihood
  • Risk-avoidance, transference, acceptance, mitigation, deterrence
  • Risks associated with Cloud Computing and Virtualization
  • Recovery time objective and recovery point objective

The full explanations of all these questions are covered in the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. This study guide includes over 450 realistic practice test questions to help you pass the Security+ exam, the first time you take it.

“Passed SY0-401 first try”

– Amazon reviewer for
CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

Practice Test Question 1

Q. Of the following choices, what type of control is least privilege?

A. Corrective

B. Technical

C. Detective

D. Preventative

 

Answer at end of post.


Learn by listening 
Key points from the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide
Over one hour and 20 minutes of audio from the “Remember This” blocks
Over three hours and 20 minutes of questions and answers on audio.


Practice Test Question 2

Q. What is the purpose of risk mitigation?

 

A. Reduce the chances that a threat will exploit a vulnerability

B. Reduce the chances that a vulnerability will exploit a threat

C. Eliminate risk

D. Eliminate threats

 

Answer at end of post.

Realistic practice test questions for the Security+ SY0-401 exam
Available through LearnZapp on your mobile phone

Practice Test Question 3

Q.  An organization has purchased fire insurance to manage the risk of a potential fire. What method are they using?

 

A. Risk acceptance

B. Risk avoidance

C. Risk deterrence

D. Risk mitigation

E. Risk transference

 

Answer at end of post.


These practice test questions are from the CompTIA Security+: Get Certified Get Ahead- SY0-401 Practice Test Questions book. It includes 275 realistic practice test questions with in-depth explanations for the CompTIA Security+ SY0-401 exam. If you’ve been studying for this exam and want to test your readiness, this book is for you.

It is also available as Kindle ebook for only $9.99 and the Kindle version also includes dozens of flash cards to help you reinforce key testable topics. You can download free Kindle apps from Amazon so that you can access the ebook from just about any platform including:

  • Windows PC
  • MAC
  • iPhone
  • iPad
  • Android
  • BlackBerry
  • Windows Phone 7

You may also like to check out other the Security+ blogs and practice test questions from this link or individually here:

Security+ Practice Test Questions

SYO-401 Practice Test Questions Now Available

Over 440 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 100 random questions. View 100 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 100 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of Security+ Practice Test Questions Here

 SYO-401 Practice Test Questions Now Available


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Additional Security+ questions to help you prepare for the new performance based questions. These are included with the full bank of Security+ practice test questions and are divided into different sections. For example, you'll have access to the following links:

- Performance Based Question - Set 1

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of security to mobile devices and servers in a data center. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 2

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 3

You'll see a graphic showing a network with computers and servers separated by a firewall. The firewall is used to control traffic between the computers and users using rules within an access control list (ACL).  You'll have three questions that test your knowledge and ability to correctly identify the relevant components of the rule. The incorrect answers and explanation provide you with insight into how to correctly answer this type of question on the actual exam.

- Performance Based Question - Set 4

You'll see a graphic explaining what you might be required to do on the actual exam related to what a forensic analyst would do during an investigation. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 5

You'll see a graphic explaining what you might be required to do on the actual exam to match protocols and ports. You'll then have seven questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 6

You'll see a list of security controls along with a graphic showing devices and locations within an organization, along with instructions on what you might be required to do on the actual exam to match the controls with the devices and locations. You'll then have four questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 7

You'll see a list of authentication methods and authentication factors along with instructions on what you might be required to do on the actual exam to match the authentication methods with the authentication factors. You'll then have six questions that test your knowledge and ability to correctly answer the questions. This set also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 8

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This is similar to Set 2 but expands on the possibilities. The set also includes a link to a page showing the end solution for the overall performance based question simulation.

New - Performance Based Question - Set 9

New questions recently added using a different testing engine. See a demo here. This set includes drag and drop and matching questions on ports.

New - Performance Based Question - Set 10

A random set of 20 performance-based questions using drag and drop, matching, sorting, and fill in-the blank. This set includes performance-based questions on RAID.

Get the full bank of Security+ Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Simulated Performance-based Questions

Bonus - Performance Based Questions

Simulated performance-based questions included with all

packages that include practice test questions.

Additional Security+ questions to help you prepare for the new performance based questions. These are included with the full bank of Security+ practice test questions and are divided into different sections. For example, you'll have access to the following links:

- Performance Based Question - Set 1

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of security to mobile devices and servers in a data center. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 2

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 3

You'll see a graphic showing a network with computers and servers separated by a firewall. The firewall is used to control traffic between the computers and users using rules within an access control list (ACL).  You'll have three questions that test your knowledge and ability to correctly identify the relevant components of the rule. The incorrect answers and explanation provide you with insight into how to correctly answer this type of question on the actual exam.

- Performance Based Question - Set 4

You'll see a graphic explaining what you might be required to do on the actual exam related to what a forensic analyst would do during an investigation. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 5

You'll see a graphic explaining what you might be required to do on the actual exam to match protocols and ports. You'll then have seven questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 6

You'll see a list of security controls along with a graphic showing devices and locations within an organization, along with instructions on what you might be required to do on the actual exam to match the controls with the devices and locations. You'll then have four questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 7

You'll see a list of authentication methods and authentication factors along with instructions on what you might be required to do on the actual exam to match the authentication methods with the authentication factors. You'll then have six questions that test your knowledge and ability to correctly answer the questions. This set also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 8

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This is similar to Set 2 but expands on the possibilities. The set also includes a link to a page showing the end solution for the overall performance based question simulation.

New - Performance Based Question - Set 9

New questions recently added using a different testing engine. See a demo here. This set includes drag and drop and matching questions on ports.

New - Performance Based Question - Set 10

A random set of 20 performance-based questions using drag and drop, matching, sorting, and fill in-the blank. This set includes performance-based questions on RAID.

Get the full bank of Security+ Practice Test Questions Here

Simulated performance-based questions included with

all packages that include practice test questions.


SY0-401: Exam Answer 1

Q. Of the following choices, what type of control is least privilege?

A. Corrective

B. Technical

C. Detective

D. Preventative

 

Answer B is correct. The principle of least privilege is a technical control and ensures that users have only the rights and permissions needed to perform the job, and no more.

A is incorrect. A corrective control attempts to reverse the effects of a problem.

C is incorrect. A detective control (such as a security audit) detects when a vulnerability has been exploited.

D is incorrect. A preventative control attempts to prevent an incident from occurring.

 

Objective: 2.1 Explain risk related concepts


All Security+ domain objectives are fully explained in the
CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide


SY0-401 Exam: Answer 2

Q. What is the purpose of risk mitigation?

 

A. Reduce the chances that a threat will exploit a vulnerability

B. Reduce the chances that a vulnerability will exploit a threat

C. Eliminate risk

D. Eliminate threats

 

Answer A is correct. Risk mitigation reduces the chances that a threat will exploit a vulnerability.

 

B is incorrect. Risk is the likelihood that a threat (such as an attacker) will exploit a vulnerability (any weakness). A vulnerability cannot exploit a threat.

C is incorrect.You cannot eliminate risk.

D is incorrect. You cannot eliminate threats.

 

Objective: 2.1 Explain risk related concepts

 


If you’re looking for more information on the CompTIA Security+ exam, click here.
The link provides a listing of relevant blogs on the Get Certified Get Ahead site.


SY0-401: Answer 3

Q. An organization has purchased fire insurance to manage the risk of a potential fire. What method are they using?

 

A. Risk acceptance

B. Risk avoidance

C. Risk deterrence

D. Risk mitigation

E. Risk transference

 

Answer E is correct. Purchasing insurance is a common method of risk transference.
A is incorrect. Organizations often accept a risk when the cost of the control exceeds the cost of the risk.

B is incorrect. An organization can avoid a risk by not providing a service or participating in a risky activity.

C is incorrect. Risk deterrence attempts to discourage attacks with preventative controls such as a security guard.

D is incorrect: Risk mitigation reduces risks through internal controls.

 

Objective: 2.1 Explain risk related concepts


If you want to take and pass the Security+ exam the first time you take it, check out the
CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.


Success is within your reach.

 

Get Certified Get Ahead

2 Comments

  1. I am about to take my Security+ exam in the next couple of weeks, I purchased the book and I am really confident I will do well! I took the Network+ exam and got 3 performance based questions. One of them was to put together a Cat 5 cable. Basically drag and drop in the order it goes. I hope this gives you an idea of what it is going to be like!

Leave a Comment

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Copyright © 2015 Get Certified Get Ahead. All Rights Reserved.