CompTIA Security+ (SY0-401) Comprehensive Study Test Bank 1 with 800+ Multiple Choice Questions with Correct Answers/ COMPTIA Security+ Exam Prep Test Bank

CompTIA Security+ (SY0-401) Comprehensive
Study Test Bank 1 with 800+ Multiple Choice
Questions with Correct Answers/ COMPTIA
Security+ Exam Prep Test Bank 1 2026-2027


A security administrator needs to update the OS on all the switches in the
company. Which of the following MUST be done before any actual switch
configuration is performed?


A. The request needs to be sent to the incident management team.


B. The request needs to be approved through the incident management process.


C. The request needs to be approved through the change management process.


D. The request needs to be sent to the change management team. - ANSWER-C


Which of the following BEST describes how the mandatory access control (MAC)
method works?


A. It is an access policy based on a set of rules


B. It is an access policy based on the role that the user has in an organization


C. It is an access policy based on bio-metric technologies

1

,D. It is an access policy that restricts access to objects based on security clearance -
ANSWER-D


The security administrator wants each user to individually decrypt a message but
allow anybody to encrypt it.
Which of the following MUST be implemented to allow this type of authorization?


A. Use of CA certificate
B. Use of public keys only
C. Use of private keys only
D. Use of public and private keys - ANSWER-D


A user in the company is in charge of various financial roles but needs to prepare
for an upcoming audit. They
use the same account to access each financial system. Which of the following
security controls will MOST
likely be implemented within the company?


A. Account lockout policy
B. Account password enforcement
C. Password complexity enabled
D. Separation of duties - ANSWER-D


An employee is granted access to only areas of a network folder needed to perform
their job. Which of the
following describes this form of access control?

2

,A. Separation of duties
B. Time of day restrictions
C. Implicit deny
D. Least privilege - ANSWER-D


Sara, a user, downloads a keygen to install pirated software. After running the
keygen, system performance is extremely slow and numerous antivirus alerts are
displayed. Which of the following BEST describes this type of malware?


A. Logic bomb
B. Worm
C. Trojan
D. Adware - ANSWER-C


Which of the following may significantly reduce data loss if multiple drives fail at
the same time?


A. Virtualization
B. RAID
C. Load balancing
D. Server clustering - ANSWER-B


To help prevent unauthorized access to PCs, a security administrator implements
screen savers that lock the
PC after five minutes of inactivity. Which of the following controls is being
described in this situation?

3

, A. Management
B. Administrative
C. Technical
D. Operational - ANSWER-C


Pete, a network administrator, is capturing packets on the network and notices that
a large amount of the traffic
on the LAN is SIP and RTP protocols. Which of the following should he do to
segment that traffic from the
other traffic?


A. Connect the WAP to a different switch.
B. Create a voice VLAN.
C. Create a DMZ.
D. Set the switch ports to 802.1q mode. - ANSWER-B


Which of the following IP addresses would be hosts on the same subnet given the
subnet mask 255.255.255.224? (Select TWO)


A. 10.4.4.125
B. 10.4.4.158
C. 10.4.4.165
D. 10.4.4.189
E. 10.4.4.199 - ANSWER-CD



4