CompTIA security plus SY0-501 free practice test exam questions

CompTIA Security+ free practice test for Exam SY0-501

This is a short five-question example of the CompTIA Security+ SY0-501 exam. This practice test consists of multiple-choice questions demonstrating the level of complexity you can expect at the actual exam.


The sample questions below are all multiple choice. To access interactive questions as well as grading, reports, and your custom “Personal Testing Plan”, you will need the CertBlaster exam simulation software.

Question 1

During an IT meeting, your colleague Anne-Marie suggests that there is a single point of failure in the single load balancer in place for the company website ordering system. She suggests having two load balancers configured, with only one in service at a given time. What type of load balancing configuration is Anne-Marie recommending?

  1. Round robin
  2. Active-active
  3. Active-passive
  4. Least connections


Active-passive configurations consist of two load balancers, one of which is active. When the active load balancer is unresponsive, the second load balancer takes over. 1, 2, and 4 are incorrect. Round robin and least connections are load balancer scheduling algorithms and are not related to fault tolerance with multiple load balancers. Active-active means that both load balancers function at the same time and work together to distribute incoming traffic to back-end nodes. So the correct choice is 3.

CompTIA Security+ SY0-501 exam objectives addressed by question 1

Main exam objective: 2.0 Technologies and Tools

Exam sub-objective: 2.1 Install and configure network components, both hardware- and software-based, to support organizational security.

Question 2

You are a business networking consultant and have a large retail outlet as a client. Your project for them consists of configuring a wireless router at their coffee shop area. The wireless connection will be used by waiting customers to connect to the Internet. You want to ensure that wireless clients can connect to the Internet but cannot connect to internal computers owned by the retail outlet’s offices. Where will you plug in the wireless router?

  1. LAN
  2. Port 24 on the switch
  3. Port 1 on the switch
  4. DMZ


Using the LAN connection would allow customers access to the business’s internal network and devices. The ports do not address the separation of functional requirements. A demilitarized zone (DMZ) is a network that allows external unsecure access to resources while preventing direct access to internal resources. If the wireless access point is plugged into the DMZ, this will provide Internet access to customers while not allowing them access to internal business computers. The correct choice is therefore 4.

CompTIA Security+ SY0-501 exam objectives addressed by question 2

Main exam objective: 3.0 Architecture and Design

Exam sub-objective: 3.2 Given a scenario, implement secure network architecture concepts.

Question 3

The Microsoft Group Policy setting for password complexity is “Password must meet complexity requirements.” The policy states that when the setting is enabled, the user password must contain:

English uppercase characters (A through Z),

English lowercase characters (a through z),

Digits (0 through 9), and

Non-alphabetic characters (!, $, #, %).

According to the policy, passwords must contain characters from how many of these different groups?

  1. Four
  2. Three
  3. Two
  4. One


Password complexity policy must contain characters from three of the following four categories— English uppercase characters (A through Z), English lowercase characters (a through z), digits (0 through 9), and non-alphabetic characters (!, $, #, %). The correct choice is answer number 2.

CompTIA Security+ SY0-501 exam objectives addressed by question 3

Main exam objective: 4.0 Identity and Access Management

Exam sub-objective: 4.4 Given a scenario, differentiate common account management practices.

Question 4

You are an IT consultant for a business located in a coastal area that is susceptible to storms and occasional flooding. Because of your company’s location, there is an emphasis on continued business operation. Which of the following plans focus on ensuring that personnel, customers, and IT systems are minimally affected after a disaster?

  1. Risk management
  2. Fault tolerance
  3. Disaster recovery
  4. Business continuity


Business continuity is considered the key goal in which disaster recovery plays a part. Disaster recovery involves implementing steps to get a business operational. Business continuity ensures business operation after the implementation of the DRP. The correct choice is 4.

CompTIA Security+ SY0-501 exam objectives addressed by question 4

Main exam objective: 5.0 Risk Management

Exam sub-objective: 5.6 Explain disaster recovery and continuity of operation concepts.

Question 5

You are a computer security consultant, and your latest client is a military contractor who requires the utmost in security for transmitting messages during wartime. Which of the following provides the best security?

  1. AES
  2. 3DES
  3. One-time pad
  4. RSA


One-time pads are used to combine completely random keys with plain text resulting in ciphertext, after which one-time pads are not used again. A randomized initialization vector (IV), or salt, is used to derive keys. An item used only once is referred to as a nonce. Both communicating parties must have the same one-time pads, which presents a problem if communicating with many entities. No amount of computing power or time can increase the likelihood of breaking this type of ciphertext. The correct choice is 3.

CompTIA Security+ SY0-501 exam objectives addressed by question 5

Main exam objective: 6.0 Cryptography and PKI

Exam sub-objective: 6.1 Compare and contrast basic concepts of cryptography.

CertBlaster exam simulator for CompTIA Security+ SY0-501

The questions above are all multiple choice. Below is a screenshot of one of the performance-based questions available in the interactive CertBlaster exam simulation software.

The CertBlaster practice tests for Security+ SY0-501 includes in excess of 450 questions. It also includes the CompTIA Performance Based Question type (PBQ).  Below is a screengrab of a PBQ.

Practice question in a CertBlaster Security+ practice test
Example of a script based performance based question in a CertBlaster Security+ practice test
Share This
Real Time Web Analytics