Practice Questions
100 Free CompTIA Security+ Practice Questions for the SY0-701 Exam
Test your knowledge with 100 free CompTIA Security+ practice questions covering all five exam domains. Includes answers, explanations, and performance-based question (PBQ) examples.
Domain 1: General Security Concepts (25%)
These questions cover the CIA Triad, Zero Trust, AAA framework, change management, and cryptographic solutions — the foundation of information security.
Domain 2: Threats, Vulnerabilities, and Mitigations (24%)
Questions focus on threat actors, social engineering, attack types, malware, and vulnerability mitigation techniques. Be ready to identify attack types from real-world scenarios.
Domain 3: Security Architecture (21%)
Questions cover cloud security models, network security devices (firewalls, IDS/IPS), data protection, and disaster recovery. Know the shared responsibility model and firewall types.
Domain 4: Security Operations (25%)
The largest domain on the exam. Questions cover hardening, vulnerability management, SIEM/SOAR, incident response, IAM, and digital forensics. Expect detailed scenario questions.
Domain 5: Security Program Management (5%)
The smallest domain but still important. Questions cover governance, risk management, compliance (GDPR, HIPAA, PCI DSS), third-party risk, and security awareness.
Performance-Based Questions (PBQs)
PBQs test your ability to configure security controls, analyze logs, and apply security concepts in simulated environments. Common PBQ topics include: configuring firewall ACLs to allow/deny traffic, placing security controls in a network diagram, identifying attack types from log entries, ordering incident response steps correctly, and configuring a VPN tunnel.