1. What is the primary purpose of a Security Information and Event Management (SIEM) system?
Log analysis and event correlation
Network traffic encryption
User authentication management
Physical security monitoring
✅ Correct Answer: Log analysis and event correlation
2. Which security control is used to detect and respond to potential security breaches?
Intrusion Detection System (IDS)
Firewall
Antivirus software
Biometric authentication
✅ Correct Answer: Intrusion Detection System (IDS)
3. What is the purpose of a vulnerability scan?
To identify security weaknesses in a system
To block unauthorized access to a network
To manage hardware resources
To run applications
✅ Correct Answer: To identify security weaknesses in a system
4. Which security control is used to verify the identity of a user?
Multi-Factor Authentication
Firewall
Antivirus software
Intrusion Detection System (IDS)
✅ Correct Answer: Multi-Factor Authentication
5. What is the purpose of a Security Operations Center (SOC)?
To monitor and respond to security incidents
To store user data
To manage hardware resources
To run applications
✅ Correct Answer: To monitor and respond to security incidents
6. Which security control is used to protect against malware?
Antivirus software
Firewall
Biometric authentication
Intrusion Detection System (IDS)
✅ Correct Answer: Antivirus software
7. What is the purpose of a Security Information and Event Management (SIEM) system?
Log analysis and event correlation
Network traffic encryption
User authentication management
Physical security monitoring
✅ Correct Answer: Log analysis and event correlation
8. Which security principle ensures that users have the minimum level of access required to perform their tasks?
Least Privilege
Separation of Duties
Role-Based Access Control
Multi-Factor Authentication
✅ Correct Answer: Least Privilege
9. What is the purpose of a firewall in network security?
To block unauthorized access to a network
To store user data
To manage hardware resources
To run applications
✅ Correct Answer: To block unauthorized access to a network
10. Which security control is used to prevent unauthorized access to physical locations?
Biometric authentication
Firewall
Antivirus software
Intrusion Detection System (IDS)
✅ Correct Answer: Biometric authentication
11. What is the purpose of a VPN (Virtual Private Network)?
To create a secure connection over the internet
To store user data
To manage hardware resources
To run applications
✅ Correct Answer: To create a secure connection over the internet
12. Which security principle ensures that no single individual has complete control over a process?
Separation of Duties
Least Privilege
Role-Based Access Control
Multi-Factor Authentication
✅ Correct Answer: Separation of Duties
13. What is the purpose of an Intrusion Detection System (IDS)?
To detect and alert on potential security breaches
To block unauthorized access to a network
To manage hardware resources
To run applications
✅ Correct Answer: To detect and alert on potential security breaches
14. Which security control is used to verify the identity of a user?
Multi-Factor Authentication
Firewall
Antivirus software
Intrusion Detection System (IDS)
✅ Correct Answer: Multi-Factor Authentication
15. What is the purpose of a Security Operations Center (SOC)?
To monitor and respond to security incidents
To store user data
To manage hardware resources
To run applications
✅ Correct Answer: To monitor and respond to security incidents
16. Which security control is used to protect against malware?
Antivirus software
Firewall
Biometric authentication
Intrusion Detection System (IDS)
✅ Correct Answer: Antivirus software
17. What is the purpose of a Security Information and Event Management (SIEM) system?
Log analysis and event correlation
Network traffic encryption
User authentication management
Physical security monitoring
✅ Correct Answer: Log analysis and event correlation
18. Which security principle ensures that users have the minimum level of access required to perform their tasks?
Least Privilege
Separation of Duties
Role-Based Access Control
Multi-Factor Authentication
✅ Correct Answer: Least Privilege
19. What is the purpose of a firewall in network security?
To block unauthorized access to a network
To store user data
To manage hardware resources
To run applications
✅ Correct Answer: To block unauthorized access to a network
20. Which security control is used to prevent unauthorized access to physical locations?
Biometric authentication
Firewall
Antivirus software
Intrusion Detection System (IDS)
✅ Correct Answer: Biometric authentication
21. Which tool is commonly used for analyzing network traffic in real-time?
Wireshark
Nmap
Metasploit
Nessus
✅ Correct Answer: Wireshark
22. What is the primary purpose of a honeypot in cybersecurity?
To detect and analyze attacks
To block malicious traffic
To encrypt sensitive data
To authenticate users
✅ Correct Answer: To detect and analyze attacks
23. Which protocol is commonly used for secure remote system administration?
SSH
HTTP
FTP
Telnet
✅ Correct Answer: SSH
24. What does IOC stand for in threat intelligence?
Indicator of Compromise
Internet of Computers
Integrity of Code
Internal Operations Center
✅ Correct Answer: Indicator of Compromise
25. Which type of attack involves manipulating DNS records?
DNS spoofing
SQL injection
Cross-site scripting
Buffer overflow
✅ Correct Answer: DNS spoofing
26. What is the primary purpose of a playbook in security operations?
To document response procedures
To track vulnerabilities
To manage user accounts
To encrypt communications
✅ Correct Answer: To document response procedures
27. Which tool is specifically designed for web application security testing?
Burp Suite
Nmap
Wireshark
Metasploit
✅ Correct Answer: Burp Suite
28. What is the primary purpose of the MITRE ATT&CK framework?
To document adversary tactics and techniques
To manage firewall rules
To encrypt sensitive data
To authenticate users
✅ Correct Answer: To document adversary tactics and techniques
29. Which security control is most effective against zero-day exploits?
Behavior-based detection
Signature-based antivirus
Firewall rules
VPN encryption
✅ Correct Answer: Behavior-based detection
30. What does DLP stand for in data security?
Data Loss Prevention
Digital License Protection
Directory List Protocol
Dynamic Link Protection
✅ Correct Answer: Data Loss Prevention
31. Which type of malware encrypts files and demands payment for decryption?
Ransomware
Spyware
Adware
Trojan
✅ Correct Answer: Ransomware
32. What is the primary purpose of a sandbox in malware analysis?
To safely execute suspicious code
To store backups
To encrypt communications
To authenticate users
✅ Correct Answer: To safely execute suspicious code
33. Which protocol provides encrypted communication between web browsers and servers?
HTTPS
HTTP
FTP
SMTP
✅ Correct Answer: HTTPS
34. What does CVSS stand for in vulnerability management?
Common Vulnerability Scoring System
Critical Vulnerability Security Standard
Common Vulnerability Security System
Critical Vulnerability Scoring Standard
✅ Correct Answer: Common Vulnerability Scoring System
35. Which type of security assessment involves attempting to exploit vulnerabilities?
Penetration testing
Vulnerability scanning
Risk assessment
Compliance audit
✅ Correct Answer: Penetration testing
36. What is the primary purpose of a SOAR platform?
To automate security operations
To encrypt network traffic
To authenticate users
To manage firewall rules
✅ Correct Answer: To automate security operations
37. Which authentication factor is considered 'something you are'?
Biometrics
Password
Security token
PIN
✅ Correct Answer: Biometrics
38. What does EDR stand for in endpoint security?
Endpoint Detection and Response
Encrypted Data Recovery
Enterprise Defense Router
Event Data Repository
✅ Correct Answer: Endpoint Detection and Response
39. Which type of attack involves flooding a network with traffic?
DDoS
Phishing
SQL injection
Cross-site scripting
✅ Correct Answer: DDoS
40. What is the primary purpose of a certificate authority (CA)?
To issue digital certificates
To encrypt network traffic
To authenticate users
To manage firewall rules
✅ Correct Answer: To issue digital certificates
41. Which security framework focuses on payment card industry compliance?
PCI DSS
NIST CSF
ISO 27001
HIPAA
✅ Correct Answer: PCI DSS
42. What does IDS stand for in network security?
Intrusion Detection System
Internet Data Service
Integrated Defense System
Identity Security
✅ Correct Answer: Intrusion Detection System
43. Which type of security control is a firewall?
Technical control
Administrative control
Physical control
Operational control
✅ Correct Answer: Technical control
44. What is the primary purpose of threat hunting?
To proactively search for threats
To respond to incidents
To patch vulnerabilities
To authenticate users
✅ Correct Answer: To proactively search for threats
45. Which protocol is used for secure email transmission?
S/MIME
SMTP
POP3
IMAP
✅ Correct Answer: S/MIME
46. What does RBAC stand for in access control?
Role-Based Access Control
Rule-Based Access Control
Risk-Based Access Control
Resource-Based Access Control
✅ Correct Answer: Role-Based Access Control
47. Which type of encryption uses the same key for encryption and decryption?
Symmetric
Asymmetric
Hashing
Public key
✅ Correct Answer: Symmetric
48. What is the primary purpose of a security baseline?
To establish minimum security standards
To detect intrusions
To encrypt data
To authenticate users
✅ Correct Answer: To establish minimum security standards
49. Which tool is used for password cracking?
John the Ripper
Wireshark
Nmap
Metasploit
✅ Correct Answer: John the Ripper
50. What does SIEM stand for in security monitoring?
Security Information and Event Management
System Integrity and Event Monitoring
Secure Internet Email Management
Security Incident Evidence Management
✅ Correct Answer: Security Information and Event Management
51. Which type of attack involves intercepting communication between two parties?
Man-in-the-middle
Phishing
SQL injection
Cross-site scripting
✅ Correct Answer: Man-in-the-middle
52. What is the primary purpose of a chain of custody in digital forensics?
To maintain evidence integrity
To encrypt data
To authenticate users
To manage firewall rules
✅ Correct Answer: To maintain evidence integrity
53. Which security framework was developed by NIST?
Cybersecurity Framework (CSF)
ISO 27001
PCI DSS
HIPAA
✅ Correct Answer: Cybersecurity Framework (CSF)
54. What does BYOD stand for in mobile security?
Bring Your Own Device
Backup Your Organizational Data
Block Your Online Devices
Bypass Your Organizational Defenses
✅ Correct Answer: Bring Your Own Device
55. Which type of security assessment identifies vulnerabilities without exploiting them?
Vulnerability scanning
Penetration testing
Red team exercise
Social engineering
✅ Correct Answer: Vulnerability scanning
56. What is the primary purpose of a jump box?
To provide secure access to sensitive systems
To encrypt network traffic
To authenticate users
To manage firewall rules
✅ Correct Answer: To provide secure access to sensitive systems
57. Which protocol is used for network time synchronization?
NTP
SNMP
LDAP
DNS
✅ Correct Answer: NTP
58. What does PII stand for in data protection?
Personally Identifiable Information
Protected Internet Infrastructure
Public Information Index
Private Institutional Information
✅ Correct Answer: Personally Identifiable Information
59. Which type of security control is an acceptable use policy?
Administrative control
Technical control
Physical control
Operational control
✅ Correct Answer: Administrative control
60. What is the primary purpose of a canary token?
To detect unauthorized access
To encrypt data
To authenticate users
To manage firewall rules
✅ Correct Answer: To detect unauthorized access
61. Which security standard focuses on healthcare information protection?
HIPAA
PCI DSS
ISO 27001
NIST CSF
✅ Correct Answer: HIPAA
62. What does NAC stand for in network security?
Network Access Control
Network Authentication Certificate
Next-gen Antivirus Control
National Advisory Committee
✅ Correct Answer: Network Access Control
63. Which type of encryption algorithm is AES?
Symmetric
Asymmetric
Hashing
Elliptic curve
✅ Correct Answer: Symmetric
64. What is the primary purpose of a deception technology?
To detect attackers through decoys
To encrypt data
To authenticate users
To manage firewall rules
✅ Correct Answer: To detect attackers through decoys
65. Which protocol is used for centralized authentication?
LDAP
HTTP
FTP
SMTP
✅ Correct Answer: LDAP
66. What does CSRF stand for in web security?
Cross-Site Request Forgery
Cross-Site Resource Forgery
Client-Side Request Forgery
Certificate Security Request Forgery
✅ Correct Answer: Cross-Site Request Forgery
67. Which security framework is international in scope?
ISO 27001
NIST CSF
PCI DSS
HIPAA
✅ Correct Answer: ISO 27001
68. What is the primary purpose of a TPM chip?
To provide hardware-based security
To encrypt network traffic
To authenticate users
To manage firewall rules
✅ Correct Answer: To provide hardware-based security
69. Which type of attack involves manipulating database queries?
SQL injection
Cross-site scripting
Phishing
DDoS
✅ Correct Answer: SQL injection
70. What does XDR stand for in security operations?
Extended Detection and Response
External Data Repository
Cross-Domain Resource
Extended Data Recovery
✅ Correct Answer: Extended Detection and Response
71. Which security control is most effective against phishing attacks?
User awareness training
Firewall rules
Antivirus software
VPN encryption
✅ Correct Answer: User awareness training
72. What is the primary purpose of a purple team exercise?
To improve detection and response capabilities
To test physical security
To encrypt data
To authenticate users
✅ Correct Answer: To improve detection and response capabilities
73. Which protocol is used for secure file transfer?
SFTP
HTTP
FTP
Telnet
✅ Correct Answer: SFTP
74. What does BIA stand for in risk management?
Business Impact Analysis
Basic Information Assessment
Backup Integrity Audit
Business Intelligence Assessment
✅ Correct Answer: Business Impact Analysis
75. Which type of security assessment involves simulated attacks without defender knowledge?
Red team exercise
Vulnerability scanning
Penetration testing
Compliance audit
✅ Correct Answer: Red team exercise
76. What is the primary purpose of a zero trust architecture?
To verify all access requests
To encrypt network traffic
To authenticate users
To manage firewall rules
✅ Correct Answer: To verify all access requests
77. Which tool is used for log analysis and correlation?
SIEM
Nmap
Metasploit
Wireshark
✅ Correct Answer: SIEM
78. What does RTO stand for in disaster recovery?
Recovery Time Objective
Risk Tolerance Objective
Real-Time Operation
Response Time Order
✅ Correct Answer: Recovery Time Objective
79. Which type of encryption algorithm is RSA?
Asymmetric
Symmetric
Hashing
Block cipher
✅ Correct Answer: Asymmetric
80. What is the primary purpose of a whitelisting approach?
To allow only approved applications
To block known threats
To encrypt data
To authenticate users
✅ Correct Answer: To allow only approved applications
81. Which security framework focuses on industrial control systems?
NIST SP 800-82
PCI DSS
HIPAA
ISO 27001
✅ Correct Answer: NIST SP 800-82
82. What does APT stand for in threat intelligence?
Advanced Persistent Threat
Automated Penetration Testing
Application Protection Technology
Authorized Personnel Training
✅ Correct Answer: Advanced Persistent Threat
83. Which protocol is used for network device management?
SNMP
HTTP
FTP
SMTP
✅ Correct Answer: SNMP
84. What is the primary purpose of a memory forensics tool?
To analyze volatile memory
To encrypt data
To authenticate users
To manage firewall rules
✅ Correct Answer: To analyze volatile memory
85. Which type of attack involves manipulating input to execute malicious scripts?
Cross-site scripting (XSS)
SQL injection
Phishing
DDoS
✅ Correct Answer: Cross-site scripting (XSS)
86. What does RPO stand for in disaster recovery?
Recovery Point Objective
Risk Probability Objective
Response Process Order
Real-time Protection Order
✅ Correct Answer: Recovery Point Objective
87. Which security control is most effective against insider threats?
User behavior analytics
Firewall rules
Antivirus software
VPN encryption
✅ Correct Answer: User behavior analytics
88. What is the primary purpose of a threat intelligence feed?
To provide information about current threats
To encrypt data
To authenticate users
To manage firewall rules
✅ Correct Answer: To provide information about current threats
89. Which protocol is used for secure directory services?
LDAPS
HTTP
FTP
SMTP
✅ Correct Answer: LDAPS
90. What does DDoS stand for in network attacks?
Distributed Denial of Service
Data Destruction of Systems
Direct Denial of Security
Domain Defense of Services
✅ Correct Answer: Distributed Denial of Service
The CompTIA_CS0_003_CySA_Plus certification is a globally recognized credential for IT professionals.
This practice test helps you prepare by covering key topics like hardware, networking, troubleshooting, and security.
Want more practice? Check out our other mock exams: