Free CompTIA Security+ SY0-701 Threats, Vulnerabilities & Mitigations Practice Test 2026 — CompTIA Security+ (SY0-701) Questions

This free CompTIA Security+ SY0-701 Threats, Vulnerabilities & Mitigations practice test covers Sec+ Domain 2 (~22%) — threats, vulnerabilities, and mitigations, covering malware, social engineering, network/application attacks, and vulnerability management. Each question includes a detailed explanation aligned to the SY0-701 exam objectives — perfect for Security+ exam prep.

Key Topics in CompTIA Security+ SY0-701 Threats, Vulnerabilities & Mitigations

6 Free CompTIA Security+ SY0-701 Threats, Vulnerabilities & Mitigations Practice Questions with Answers

Sample Question 1 — Threats, Vulnerabilities, and Mitigations

A security audit reveals that a significant number of company laptops are missing security patches. Several employees report receiving phishing emails in the last week. What is the MOST immediate action to mitigate the risk?

  1. A. Conduct a full security awareness training session for all employees.
  2. B. Immediately deploy missing patches to all vulnerable laptops. (Correct answer)
  3. C. Implement a new email filtering solution.
  4. D. Review and update the company's security policy.

Correct answer: B

Explanation: Deploying the patches immediately addresses the most immediate threat: the vulnerability of unpatched laptops to exploit. While training, email filtering, and policy updates are important, they are not as immediate as patching the systems that are already exposed. The phishing emails exploit the existing vulnerabilities. Therefore, patching is the priority. Generated by AI

Sample Question 2 — Threats, Vulnerabilities, and Mitigations

Your company uses a third-party cloud storage provider. A recent security breach at the provider exposed some customer data. What is the BEST way to mitigate the risk of similar incidents in the future?

  1. A. Immediately switch to a different cloud provider.
  2. B. Implement data loss prevention (DLP) tools within your organization.
  3. C. Conduct regular security assessments of the third-party provider.
  4. D. Encrypt all sensitive data before uploading it to the cloud storage. (Correct answer)

Correct answer: D

Explanation: Encrypting sensitive data before it is uploaded to a third-party cloud provider (client-side encryption) is the most effective way to ensure data confidentiality. In the event of a security breach at the provider, the data remains unreadable and useless to unauthorized parties because the organization retains control of the decryption keys. While regular security assessments (Option C) are a key part of vendor management, they are often point-in-time and cannot prevent a breach from occurring. Option D provides a proactive technical control that directly mitigates the impact of a provider-side compromise.

Sample Question 3 — Threats, Vulnerabilities, and Mitigations

An employee reports that their workstation is running unusually slowly and responding erratically. You suspect malware. What is the FIRST step you should take?

  1. A. Reinstall the operating system.
  2. B. Run a full system scan with updated antivirus software.
  3. C. Disconnect the workstation from the network. (Correct answer)
  4. D. Contact the help desk to log a support ticket.

Correct answer: C

Explanation: Disconnecting the workstation from the network immediately prevents the malware from spreading to other systems. The other options are important steps in malware remediation, but network isolation should be done first. Generated by AI

Sample Question 4 — Threats, Vulnerabilities, and Mitigations

Your organization is experiencing a denial-of-service (DoS) attack targeting its web server. Which of the following is the MOST effective immediate response?

  1. A. Install a new firewall.
  2. B. Implement a web application firewall (WAF).
  3. C. Contact your internet service provider (ISP) for assistance. (Correct answer)
  4. D. Increase the server's processing power.

Correct answer: C

Explanation: Contacting the ISP is the fastest way to mitigate a DoS attack. They can often filter or block malicious traffic at the network level. While a WAF and better firewall rules are long-term solutions, they won't provide immediate relief. Increasing server power won't help if the attack overwhelms the server's bandwidth. Generated by AI

Sample Question 5 — Threats, Vulnerabilities, and Mitigations

A vulnerability scan reveals a critical SQL injection vulnerability on your company website. Which mitigation strategy should be prioritized?

  1. A. Conduct employee training on secure coding practices.
  2. B. Implement a web application firewall (WAF).
  3. C. Immediately patch the vulnerable web application. (Correct answer)
  4. D. Increase the frequency of vulnerability scans.

Correct answer: C

Explanation: Patching the vulnerability directly addresses the immediate threat. While WAF, training and more frequent scans are important, they are not as immediate or direct of a solution to a critical vulnerability. Generated by AI

Sample Question 6 — Threats, Vulnerabilities, and Mitigations

Your organization is implementing a new BYOD policy. Which security measure is MOST critical to mitigate the risks associated with employee-owned devices accessing company resources?

  1. A. Requiring strong passwords.
  2. B. Implementing mobile device management (MDM) software. (Correct answer)
  3. C. Providing security awareness training.
  4. D. Restricting access to sensitive data.

Correct answer: B

Explanation: MDM software allows for remote management and security enforcement on employee devices, addressing a wide range of risks associated with BYOD. While other options are important, MDM is the most comprehensive solution for securing company resources on employee-owned devices. Generated by AI

About the CompTIA Security+ SY0-701 / CompTIA Security+ (SY0-701) Exam

Other CompTIA Security+ SY0-701 Practice Domains

Start the free CompTIA Security+ SY0-701 Threats, Vulnerabilities & Mitigations practice test now | 10-question quick start | All CompTIA Security+ SY0-701 domains