CompTIA Security+ (SY0-401) Comprehensive
Study Test Bank 2 with 800+ Multiple Choice
Questions with Correct Answers/ COMPTIA
Security+ Exam Prep Test Bank 2 2026-2027
Which of the following would allow an administrator to perform internal research
on security threats and common viruses on multiple operating systems without
risking contamination of the production environment?
A. A VLAN
B. A firewall
C. A virtual workstation
D. A honeypot - ANSWER-D
Which of the following threats is mitigated by ensuring operating system patches
are current?
A. ARP poisoning
B. DistributedDoS
C. Unknown threats
D. Known threats - ANSWER-D
Which of the following environmental controls would require a thermostat within
the datacenter?
A. Airflowcontrol
1
,B. Moisture control
C. Temperature control
D. Fire suppression - ANSWER-C
A server needs to be configured to allow the sales department ability to read and
write a file. Everyone else in the company only needs read access. Which of the
following access control lists will do this?
A. Sales: Read=Allow; Write=Allow
Everyone: Read=Allow; Write=None
B. Sales: Read=Allow; Write=Allow
Everyone: Read=Deny; Write=Deny
C. Sales: Read=None; Write=Allow
Everyone: Read=Allow; Write=Allow
D. Sales: Read=Allow; Write=Allow
Everyone: Read=None; Write= None - ANSWER-A
Which of the following will allow a security administrator to help detect a DDoS?
A. Performance baseline
B. Task manager
C. NetBIOS
D. NIC bindings - ANSWER-A
2
,An administrator wants to make sure that all users of a large domain are restricted
from installing software. Which of the following should MOST likely be done?
A. A security policy template is implemented
B. A security IP audit is completed
C. Administrative rights are manually removed
D. All workstations are rebuilt - ANSWER-A
A single point of failure is a security concern primarily because it affects which of
the following?
A. Cryptography
B. Confidentiality
C. Integrity
D. Availability - ANSWER-D
Which of the following is MOST likely the reason why a security administrator
would run a NMAP report on an important server?
A. To correlate which MAC addresses are associated with a switch port
B. To identify vulnerabilities in available services
C. To determine open ports and services
3
, D. To capture network packets for analysis - ANSWER-C
Which of the following should be done if a USB device is found in a parking lot?
A. Call the manufacturer of the USB device.
B. Plug it in to a computer to see who it belongs to.
C. Turn it in to the appropriate security person.
D. Reformat it for personal use at home. - ANSWER-C
Which of the following, if implemented on a server, will ensure availability if half
of the drives fail?
A. RAID 0
B. RAID 1
C. RAID 3
D. RAID 5 - ANSWER-B
Proper planning for disaster recovery includes which of the following?
A. Testing the plan on a regular basis
B. Having system administrators electronically sign the plan
C. Documenting all HDD serial numbers
D. Executing the continuity plan at random - ANSWER-A
4
Study Test Bank 2 with 800+ Multiple Choice
Questions with Correct Answers/ COMPTIA
Security+ Exam Prep Test Bank 2 2026-2027
Which of the following would allow an administrator to perform internal research
on security threats and common viruses on multiple operating systems without
risking contamination of the production environment?
A. A VLAN
B. A firewall
C. A virtual workstation
D. A honeypot - ANSWER-D
Which of the following threats is mitigated by ensuring operating system patches
are current?
A. ARP poisoning
B. DistributedDoS
C. Unknown threats
D. Known threats - ANSWER-D
Which of the following environmental controls would require a thermostat within
the datacenter?
A. Airflowcontrol
1
,B. Moisture control
C. Temperature control
D. Fire suppression - ANSWER-C
A server needs to be configured to allow the sales department ability to read and
write a file. Everyone else in the company only needs read access. Which of the
following access control lists will do this?
A. Sales: Read=Allow; Write=Allow
Everyone: Read=Allow; Write=None
B. Sales: Read=Allow; Write=Allow
Everyone: Read=Deny; Write=Deny
C. Sales: Read=None; Write=Allow
Everyone: Read=Allow; Write=Allow
D. Sales: Read=Allow; Write=Allow
Everyone: Read=None; Write= None - ANSWER-A
Which of the following will allow a security administrator to help detect a DDoS?
A. Performance baseline
B. Task manager
C. NetBIOS
D. NIC bindings - ANSWER-A
2
,An administrator wants to make sure that all users of a large domain are restricted
from installing software. Which of the following should MOST likely be done?
A. A security policy template is implemented
B. A security IP audit is completed
C. Administrative rights are manually removed
D. All workstations are rebuilt - ANSWER-A
A single point of failure is a security concern primarily because it affects which of
the following?
A. Cryptography
B. Confidentiality
C. Integrity
D. Availability - ANSWER-D
Which of the following is MOST likely the reason why a security administrator
would run a NMAP report on an important server?
A. To correlate which MAC addresses are associated with a switch port
B. To identify vulnerabilities in available services
C. To determine open ports and services
3
, D. To capture network packets for analysis - ANSWER-C
Which of the following should be done if a USB device is found in a parking lot?
A. Call the manufacturer of the USB device.
B. Plug it in to a computer to see who it belongs to.
C. Turn it in to the appropriate security person.
D. Reformat it for personal use at home. - ANSWER-C
Which of the following, if implemented on a server, will ensure availability if half
of the drives fail?
A. RAID 0
B. RAID 1
C. RAID 3
D. RAID 5 - ANSWER-B
Proper planning for disaster recovery includes which of the following?
A. Testing the plan on a regular basis
B. Having system administrators electronically sign the plan
C. Documenting all HDD serial numbers
D. Executing the continuity plan at random - ANSWER-A
4
