If you’re preparing for the Security+ SY0-501 exam, you might like to check your readiness with a few free practice test questions. This page includes six free practice test questions, one from each of the six domains in the Security+ SY0-501 exam. After you’re done, check out this page for six more.

Security+ Practice Test Question 1

Q. Terwilliger installed code designed to enable his account automatically if he ever lost his job as a sidekick on a television show. The code was designed to reenable his account three days after it is disabled. Which of the following does this describe?

A. Logic bomb

B. Rootkit

C. Spyware

D. Ransomware

Answer at end of post.

Security+ Full Access Package

Pass the First Time!

Up-to-date Content

New multiple-choice and performance-based questions added regularly

Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.

Buy The Full Access Study Package Today

60 Days Access

Need more time? You can easily renew for another 60 days at a significantly reduced price.

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.

This exam is expensive.

Make sure you’re ready before exam day. 

Here’s what you’ll get:

• All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
• Over 40 new multiple-choice questions we’ve added after publishing the study guide.
• Over 30 performance-based questions. See a demo here.
• All of the flashcards from the study guide. View them in any Web browser.
• All of the audio from the study guide. Listen to a sample here.
• Access to a free discount code for 10% off your Security+ voucher.

Buy The Full Access Study Package Today

60 Days Access

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Security+ Practice Test Question 2

Q. A penetration tester is running several tests on a server within your organization’s DMZ. The tester wants to identify the operating system of the remote host. Which of the following tools or methods are MOST likely to provide this information?

A. Banner grabbing

B. Vulnerability scan

C. Password cracker

D. Protocol analyzer

Answer at end of post.

Pass the Security+ SY0-501 exam the first time you take it
CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

Security+ Practice Test Question 3

Q. Your organization recently purchased a new hardware-based firewall. Administrators need to install it as part of a DMZ within the network. Which of the following references will provide them with the MOST appropriate instructions to install the firewall?

A. A regulatory framework

B. A non-regulatory framework

C. A general-purpose firewall guide

D. A vendor-specific guide

Answer at end of post.

Security+ Full Access Package

Pass the First Time!

Up-to-date Content

New multiple-choice and performance-based questions added regularly

Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.

Buy The Full Access Study Package Today

60 Days Access

Need more time? You can easily renew for another 60 days at a significantly reduced price.

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.

This exam is expensive.

Make sure you’re ready before exam day. 

Here’s what you’ll get:

• All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
• Realistic SY0-601 Security+ Practice Test Questions
• Performance-based questions.
• All of the flashcards from the study guide. View them in any Web browser. See demo here
• All of the audio from the study guide.
• Access to a free discount code for 10% off your Security+ voucher.

Buy The Full Access Study Package Today

60 Days Access

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Security+ Practice Test Question 4

Q. Your organization recently updated an online application that employees use to log on when working from home. Employees enter their username and password into the application from their smartphone and the application logs their location using GPS. Which type of authentication is being used?

A. One-factor

B. Dual-factor

C. Something you are

D. Somewhere you are

D. Social engineering

Answer at end of post.

Security+ Practice Test Question 5

Q. Martin has worked as a network administrator for several years within your Over time, he has been tasked with performing several jobs, including database administration and application development. Security personnel are concerned that his level of access represents a serious risk. Which of the following is the BEST solution to reduce this risk?

A. Mandatory vacations

B. Exit interview

C. Change management

D. Separation of duties

Answer at end of post.

Learn by listening 
Key points from the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide
Over one hour and 20 minutes of audio from the “Remember This” blocks
Over three hours and 20 minutes of questions and answers on audio.

Security+ Practice Question 6

Q. An organization requested bids for a contract and asked companies to submit their bids via email. After winning the bid, Acme realized it couldn’t meet the requirements of the contract. Acme instead stated that it never submitted the bid. Which of the following would provide proof to the organization that Acme did submit the bid?

A. Digital signature

B. Integrity

C. Repudiation

D. Encryption

Answer at end of post.

You may also like to check out these Security+ blogs:

• Active Fingerprinting vs Passive Fingerprinting
• Ports
• Intrusion Detection Systems and Intrusion Prevention Systems
• DoS, Smurf, and Fraggle Attacks
• Three Factors of Authentication and Multifactor Authentication

SY0-501: Exam Answer 1

Q. Terwilliger installed code designed to enable his account automatically if he ever lost his job as a sidekick on a television show. The code was designed to reenable his account three days after it is disabled. Which of the following does this describe?

A. Logic bomb

B. Rootkit

C. Spyware

D. Ransomware

A is correct. A logic bomb is code that executes in response to an event. In this scenario, the logic bomb executes when it discovers the account is disabled (indicating Bob Terwilliger is no longer employed at the company). In this scenario, the logic bomb is creating a backdoor.

B is incorrect. A rootkit includes hidden processes, but it does not activate in response to an event.

C is incorrect. Spyware is software installed on user systems without their awareness or consent. Its purpose is often to monitor the user’s computer and the user’s activity.

D is incorrect. Ransomware demands payment as ransom.

Objective: 1.1 Given a scenario, analyze indicators of compromise and determine the type of malware.

All Security+ domain objectives are fully explained in the
CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

SY0-501 Exam: Answer 2

Q. A penetration tester is running several tests on a server within your organization’s DMZ. The tester wants to identify the operating system of the remote host. Which of the following tools or methods are MOST likely to provide this information?

A. Banner grabbing

B. Vulnerability scan

C. Password cracker

D. Protocol analyzer

A is correct. Banner grabbing is a technique used to gain information about a remote server and it will identify the operating system of the system in the demilitarized zone (DMZ).

B is incorrect. A vulnerability scanner checks for vulnerabilities.

C is incorrect. A password cracker attempts to discover passwords.

D is incorrect. A protocol analyzer collects packets sent across a network and can be used to analyze the packets.

Objective: 2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization.

SY0-501: Answer 3

Q. Your organization recently purchased a new hardware-based firewall. Administrators need to install it as part of a DMZ within the network. Which of the following references will provide them with the MOST appropriate instructions to install the firewall?

A. A regulatory framework

B. A non-regulatory framework

C. A general-purpose firewall guide

D. A vendor-specific guide

Answer D is correct. A vendor-specific guide for the new hardware-based firewall will have the most appropriate instructions for installing it.

A and B are incorrect. Frameworks (regulatory or non-regulatory) provide structures that can be followed for different purposes, but they wouldn’t be available for a specific firewall.

C is incorrect. A general-purpose guide will provide general instructions, but not instructions for a specific vendor’s firewall.

Objective: 3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides.

If you’re looking for more information on the CompTIA Security+ exam, click here.
The link provides a listing of relevant blogs on the Get Certified Get Ahead site.

SY0-501: Answer 4

Q. Your organization recently updated an online application that employees use to log on when working from home. Employees enter their username and password into the application from their smartphone and the application logs their location using GPS. Which type of authentication is being used?

A. One-factor

B. Dual-factor

C. Something you are

D. Somewhere you are

Answer A is correct. This is using one-factor authentication—something you know. The application uses the username for identification and the password for authentication. Note that even though the application is logging the location using Global Positioning System (GPS), there isn’t any indication that it is using this information for Dual-factor authentication requires another factor of authentication.

B is incorrect. If the application verified you were logging on from a specific GPS location as part of the authentication, it would be dual-factor authentication (something you know and somewhere you are).

C is incorrect. Something you are refers to biometric authentication methods.

D is incorrect. The somewhere you are authentication method verifies you are somewhere, such as in a specific GPS location, but this isn’t being used for authentication in this scenario.

Objective: 4.1 Compare and contrast identity and access management concepts.

SY0-501 Exam: Answer 5

Q. Martin has worked as a network administrator for several years within your Over time, he has been tasked with performing several jobs, including database administration and application development. Security personnel are concerned that his level of access represents a serious risk. Which of the following is the BEST solution to reduce this risk?

A. Mandatory vacations

B. Exit interview

C. Change management

D. Separation of duties

Answers D is correct. A separation of duties policy prevents any single person from performing multiple job functions that might allow the person to commit fraud. In this scenario, the administrator has accumulated privileges across several job functions, which represents the risk.

A is incorrect. A mandatory vacation policy is useful to discover fraud committed by an individual, but this scenario clearly indicates this individual controls too many job functions.

B is incorrect. An exit interview is performed when an employee leaves the organization.

C is incorrect. Change management ensures changes are reviewed before being

Objective: 5.1 Explain the importance of policies, plans and procedures related to organizational security.

SY0-501 Exam: Answer 6

Q. An organization requested bids for a contract and asked companies to submit their bids via email. After winning the bid, Acme realized it couldn’t meet the requirements of the contract. Acme instead stated that it never submitted the bid. Which of the following would provide proof to the organization that Acme did submit the bid?

A. Digital signature

B. Integrity

C. Repudiation

D. Encryption

A is correct. If Acme submitted the bid via email using a digital signature, it would provide proof that the bid was submitted by Acme. Digital signatures provide verification of who sent a message, non-repudiation preventing them from denying it, and integrity verifying the message wasn’t modified.

B is incorrect. Integrity verifies the message wasn’t modified.

C is incorrect. Repudiation isn’t a valid security concept.

D is incorrect. Encryption protects the confidentiality of data, but it doesn’t verify who sent it or provide non-repudiation.

Objective: 6.1 Compare and contrast basic concepts of cryptography.

If you want to take and pass the Security+ exam the first time you take it, check out the
CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.

Success is within your reach.