1. CompTIA Security+ Top Exam Practice Questions and Answers www.infosectrain.com

2. Introduction If you’re gearing up for the CompTIA Security+ certification exam (SY0-701), you already know this isn’t just another exam—it’s your gateway to a thriving career in cybersecurity. Whether you’re an aspiring IT Security Professional, a Network Administrator, or even a career switcher looking to break into information security, passing the CompTIA Security+ exam is crucial. But let’s be honest—studying for the CompTIA Security+ can feel overwhelming. The exam covers five core domains that are critical in information security: Domain 1: General Security Concepts (12%) Domain 2: Threats, Vulnerabilities, and Mitigations (22%) Domain 3: Security Architecture (18%) Domain 4: Security Operations (28%) Domain 5: Security Program Management and Oversight (20%) Each domain carries a different weightage in the exam, making it essential to focus on high-scoring areas while ensuring a strong grasp of all topics. And that’s just scratching the surface! So, how do you ensure you’re ready to tackle those tricky multiple-choice and performance-based questions with confidence? That’s where this guide becomes your go-to resource. We’ve compiled the top CompTIA Security+ exam practice questions and answers to help you: Master key cybersecurity concepts with real-world scenarios Test your knowledge before the big day Identify weak areas and improve your score Gain confidence to ace the Security+ exam on your first try www.infosectrain.com

3. This isn’t just another Security+ practice test—it’s a carefully curated collection of high-quality, exam type questions that simulate what you’ll actually face on exam day. Plus, we'll provide in-depth explanations and study hacks to make your prep journey smoother. Ready to crush the CompTIA Security+ exam and kickstart your cybersecurity career? Let’s dive in! www.infosectrain.com www.infosectrain.com

4. CompTIA Security+ Practice Exam Questions and Answers Domain 1 General Security Concepts (12%) Q.1. What encryption method should be used to secure files both at rest and during transfer while allowing user-specific access? Partition encryption File encryption Full-disk encryption Record-level encryption Answer: B. File encryption Explanation: File encryption ensures that each file is encrypted individually, allowing for granular, user-specific access control. It also protects data both at rest and in motion, making it ideal for sensitive files shared across networks. rest and in motion, making it ideal for sensitive files shared across networks. Answer: B. File encryption Explanation: File encryption ensures that each file is encrypted individually, allowing for granular, user-specific access control. It also protects data both at STUDY HACK Use the acronym "P-F-F-D" to remember encryption types: Partition Encryption --> Protects sections of a drive File Encryption --> Secures individual files (Best for access control) Full-disk Encryption --> Protects entire drives (Good for lost/stolen devices) Database-level Encryption --> Secures specific database records www.infosectrain.com

5. Domain 1 Q.2. What type of certificate should Valerie use to secure multiple subdomains like sales.example.com and support.example.com? Self-signed certificate Root of trust certificate CRL certificate Wildcard certificate Answer: D. Wildcard certificate Explanation: A Wildcard SSL certificate allows securing multiple subdomains under the same main domain (example.com). It is cost-effective and easier to manage than issuing separate certificates for each subdomain. manage than issuing separate certificates for each subdomain. Answer: D. Wildcard certificate Explanation: A Wildcard SSL certificate allows securing multiple subdomains under the same main domain (example.com). It is cost-effective and easier to STUDY HACK Remember Wildcard certificates as a "Wildcard in a deck of cards"—one card (certificate) can cover multiple values (subdomains). Q.3. During an urgent security update, a development team recommends restarting a live, customer-facing application. What is the primary technical concern when performing this restart? Application configuration changes caused by the restart Whether the patch will apply properly Lack of security controls during the restart The downtime during the restart www.infosectrain.com

6. Domain 1 Answer: D. The downtime during the restart Explanation: Restarting a production system can cause temporary service disruptions, which can impact business operations and user experience. To minimize downtime, organizations often use rolling updates, blue-green deployments, or canary releases to test patches on a small portion of users before a full rollout. before a full rollout. Answer: D. The downtime during the restart Explanation: Restarting a production system can cause temporary service disruptions, which can impact business operations and user experience. To minimize downtime, organizations often use rolling updates, blue-green deployments, or canary releases to test patches on a small portion of users STUDY HACK Remember "PDR" for updates: Plan downtime Deploy updates in stages Rollback if issues occur Q.4. A Security Analyst is concerned that a critical system's password could be vulnerable to brute-force attacks. Which technique helps reduce the risk by increasing the time needed to test each possible key? Master keying Key stretching Key rotation Passphrase armoring Answer: B. Key stretching Explanation: Key stretching enhances password security by adding computational delay to brute-force attempts. Common algorithms include PBKDF2, bcrypt, and Argon2, which require attackers to invest more computing power to crack passwords. computing power to crack passwords. Answer: B. Key stretching Explanation: Key stretching enhances password security by adding computational delay to brute-force attempts. Common algorithms include PBKDF2, bcrypt, and Argon2, which require attackers to invest more www.infosectrain.com

7. Domain 1 STUDY HACK Remember "Stretching Takes Time"—Key stretching is all about slowing down brute-force attacks. Q.5. What type of control category does log monitoring fall under? Technical Managerial Operational Physical Answer: C. Operational Explanation: Log monitoring is an Operational control because it involves continuous monitoring, analysis, and response to security events as part of security operations. security operations. Answer: C. Operational Explanation: Log monitoring is an Operational control because it involves continuous monitoring, analysis, and response to security events as part of STUDY HACK Use the "T-M-O-P" method to classify security controls: Technical --> Uses software/hardware (Firewalls, IDS, Encryption) Managerial --> Policy and procedures (Risk assessments, Training) Operational --> Daily security tasks (Log monitoring, Incident response) Physical --> Tangible security (CCTV, Locks, Guards) www.infosectrain.com

8. Domain 2 Threats, Vulnerabilities, and Mitigations (22%) Q.1. A cybersecurity team is analyzing potential threat actors that may target their organization's infrastructure and systems. Which of the following is the most likely motivation behind a nation-state actor's activities? Financial gain Blackmail Espionage Extortion Answer: C. Espionage Explanation: Nation-state threat actors primarily focus on cyber espionage, gathering intelligence, and disrupting the operations of rival nations or organizations. Unlike cybercriminals seeking financial gain, these actors often conduct long-term, highly sophisticated attacks. conduct long-term, highly sophisticated attacks. Answer: C. Espionage Explanation: Nation-state threat actors primarily focus on cyber espionage, gathering intelligence, and disrupting the operations of rival nations or organizations. Unlike cybercriminals seeking financial gain, these actors often STUDY HACK Remember “GIP (Government, Infrastructure, and Propaganda)” for Nation-State Motivations: Governmental interests (Political, military, or economic spying) Infrastructure disruption (Critical infrastructure attacks) Propaganda and misinformation campaigns www.infosectrain.com

9. Domain 2 Q.2. An investment firm's Marketing Executive receives an email encouraging them to take part in a survey by clicking on an embedded link. The email appears to come from an industry organization, but the recipient is unsure of its legitimacy. What type of attack does this represent? Phishing Social engineering Spear phishing Trojan horse Answer: C. Spear phishing Explanation: Spear phishing is a targeted attack where cybercriminals craft personalized emails to deceive specific individuals or organizations. Unlike generic phishing, these attacks use relevant details to gain trust and increase the likelihood of interaction. the likelihood of interaction. Answer: C. Spear phishing Explanation: Spear phishing is a targeted attack where cybercriminals craft personalized emails to deceive specific individuals or organizations. Unlike generic phishing, these attacks use relevant details to gain trust and increase STUDY HACK Use "SPEAR" to identify spear phishing signs: Specific recipient targeting Personalized details Email urgency or requests for sensitive information Attachment or link included Red flags like unknown senders or slight misspellings in URLs www.infosectrain.com

10. Domain 2 Q.3. A cloud-based application infrastructure is managed by a third-party IT service provider. What is the most effective way to mitigate risks associated with potential security threats from the managed service provider (MSP)? Conduct regular vulnerability scans Implement shared incident response drills Ensure strong contractual security agreements Require an annual penetration test Answer: C. Ensure strong contractual security agreements Explanation: Third-party security risks must be addressed through clear contractual obligations that define data protection, compliance requirements, and security responsibilities. Organizations should also enforce regular security audits and incident response collaboration. audits and incident response collaboration. Answer: C. Ensure strong contractual security agreements Explanation: Third-party security risks must be addressed through clear contractual obligations that define data protection, compliance requirements, and security responsibilities. Organizations should also enforce regular security STUDY HACK Remember "CCM" for MSP Security Management: Contracts that define security expectations Continuous monitoring of MSP activities Mandatory security assessments & compliance checks www.infosectrain.com

11. Domain 2 Q.4. A cybersecurity advisory warns about a vulnerability that allows software running on a virtual machine to execute commands on the underlying hypervisor. What type of security issue does this describe? Resource reuse flaw VM escape vulnerability Jailbreaking exploit Sideloading attack Answer: B. VM escape vulnerability Explanation: VM escape occurs when a malicious process breaks out of the virtual machine, and gains control over the hypervisor or host system. To prevent this, organizations should: • Use strict hypervisor security configurations • Implement strong VM isolation techniques • Apply timely hypervisor updates and patches • Apply timely hypervisor updates and patches Answer: B. VM escape vulnerability Explanation: VM escape occurs when a malicious process breaks out of the virtual machine, and gains control over the hypervisor or host system. To prevent this, organizations should: • Use strict hypervisor security configurations • Implement strong VM isolation techniques STUDY HACK Think of VM escape as a prisoner escaping jail—the attacker moves from a restricted VM to take control of the broader system. www.infosectrain.com

12. Domain 2 Q.5. A Network Administrator is tasked with enhancing workstation security against ransomware threats. Which of the following measures would be most effective? Enabling host-based firewalls Installing endpoint protection software Deploying a host-based intrusion prevention system (HIPS) Removing unnecessary software Answer: B. Installing endpoint protection software Explanation: Endpoint Protection Solutions (EPPs) integrate antivirus, behavioral analysis, and real-time scanning to detect ransomware activity before it encrypts files. Advanced solutions may also include ransomware rollback features. rollback features. Answer: B. Installing endpoint protection software Explanation: Endpoint Protection Solutions (EPPs) integrate antivirus, behavioral analysis, and real-time scanning to detect ransomware activity before it encrypts files. Advanced solutions may also include ransomware STUDY HACK Remember "3D Defense" for Ransomware Prevention: Detect threats using advanced endpoint protection Deny execution of unauthorized programs Data backup strategy for fast recovery www.infosectrain.com

13. Domain 3 Security Architecture (18%) Q.1. Nancy’s organization wants to define the amount of data loss they can tolerate and the maximum time allowed for system recovery after a failure. Which two key parameters should she establish? Recovery Point Objective (RPO) and Recovery Time Objective (RTO) Recovery File Backup Time (RFBT) and Recovery Point Objective (RPO) Recovery Point Objective (RPO) and Mean Time Between Failures (MTBF) Mean Time Between Failures (MTBF) and Recovery File Backup Time (RFBT) Answer: A. Recovery Point Objective (RPO) and Recovery Time Objective (RTO) Explanation: RPO (Recovery Point Objective) is the maximum amount of data loss that an organization can tolerate due to an incident. RTO (Recovery Time Objective) is the duration within which services must be restored to avoid major disruptions. major disruptions. Answer: A. Recovery Point Objective (RPO) and Recovery Time Objective (RTO) Explanation: RPO (Recovery Point Objective) is the maximum amount of data loss that an organization can tolerate due to an incident. RTO (Recovery Time Objective) is the duration within which services must be restored to avoid STUDY HACK RPO determines how much data loss is acceptable, while RTO defines how quickly systems must be restored. RPO is like a “data clock” (tolerable data loss in time) and RTO is a “stopwatch” (time to restore systems). www.infosectrain.com

14. Domain 3 Q.2. John manages an Intrusion Detection System (IDS) for his organization’s network. Occasionally, the IDS reports normal network traffic as an attack. What is this situation called? False positive False negative False trigger False flag Answer: A. False positive Explanation: A false positive happens when an IDS incorrectly identifies normal behavior as a threat, leading to unnecessary alerts and wasted investigation time. investigation time. Answer: A. False positive Explanation: A false positive happens when an IDS incorrectly identifies normal behavior as a threat, leading to unnecessary alerts and wasted STUDY HACK To quickly remember False Positives, think: P – Ping! Too many alerts (Over-reporting) O – Ordinary activity misclassified (Normal traffic flagged) S – Security team distraction (Wastes time & resources) I – Incorrect detection (Wrongly identifies threats) T – Tuning required (IDS needs better rules) I – Impact on efficiency (Real threats may be overlooked) V – Very frustrating (Annoying for analysts) E – Extra verification needed (Manual investigation required) www.infosectrain.com

15. Domain 3 Q.3. Joy is responsible for protecting his company’s backup data from malware. Currently, they back up critical servers to a networked storage device. Which option would be the most effective in preventing backup infections? Isolating the backup server on a separate VLAN Completely air-gapping the backup server Placing the backup server in a different network segment Deploying a honeynet Answer: B. Completely air-gapping the backup server Explanation: Air-gapped backups are completely isolated from any network, making them immune to ransomware and malware that spread through connected environments. connected environments. Answer: B. Completely air-gapping the backup server Explanation: Air-gapped backups are completely isolated from any network, making them immune to ransomware and malware that spread through STUDY HACK To remember Air-Gapped Backups, think: A – Absolutely isolated (No network connection) I – Immune to ransomware & malware R – Requires physical access for backup & restore If no online connection exists, malware can’t spread—air-gapping wins! www.infosectrain.com

16. Domain 3 Q.4. Joy wants a contract with a facility that is fully equipped and can be immediately used for operations in case of a disaster. What type of recovery site should he choose? Hot site Cold site Warm site RTO site Answer: A. Hot site Explanation: A hot site is a fully functional facility that allows businesses to resume operations immediately after a disaster, making it ideal for critical systems requiring high availability. systems requiring high availability. Answer: A. Hot site Explanation: A hot site is a fully functional facility that allows businesses to resume operations immediately after a disaster, making it ideal for critical STUDY HACK HOT = "Ready to GO" Trick H – Highly available (Minimal downtime) O – Operational immediately (No setup needed) T – Technology pre-installed (Fully functional) Hot site = Instant recovery, Cold site = Delayed setup, Warm site = Partial setup! www.infosectrain.com

17. Domain 3 Q.5. Jack is designing IoT devices and wants to ensure that unauthorized parties cannot modify the device's operating system after purchase. What is the best security measure to achieve this? Set a default password Require signed and encrypted firmware Check the MD5 hash of firmware versions Apply regular software patches Answer: B. Require signed and encrypted firmware Explanation: Firmware signing and encryption prevent attackers from injecting malicious firmware, which can lead to backdoors, botnets, and device takeovers. takeovers. Answer: B. Require signed and encrypted firmware Explanation: Firmware signing and encryption prevent attackers from injecting malicious firmware, which can lead to backdoors, botnets, and device STUDY HACK A firmware signing is like a digital passport—only verified updates get through! www.infosectrain.com www.infosectrain.com www.infosectrain.com

18. Domain 4 Security Operations (28%) Q.1. John wants to enhance his organization’s router security. There are no known vulnerabilities currently affecting the device. Which hardening measure would provide the greatest security improvement? Indicator of Compromise (IoC) development Threat hunting Root cause analysis Incident eradication Answer: B. Threat hunting Explanation: Threat hunting proactively detects hidden threats by analyzing system logs and network traffic for anomalies. Even without known vulnerabilities, attackers may exploit misconfigurations or weak security practices. By identifying suspicious activities like unauthorized account creation, threat hunting helps prevent persistence mechanisms before an attack occurs. threat hunting helps prevent persistence mechanisms before an attack occurs. Answer: B. Threat hunting Explanation: Threat hunting proactively detects hidden threats by analyzing system logs and network traffic for anomalies. Even without known vulnerabilities, attackers may exploit misconfigurations or weak security practices. By identifying suspicious activities like unauthorized account creation, STUDY HACK “ACT” Method for Security Hardening A – Analyze logs and network traffic for anomalies. C – Catch suspicious patterns like unauthorized access attempts. T – Thwart potential threats before they escalate. If there’s no known vulnerability, go proactive with Threat Hunting instead of waiting for an attack! www.infosectrain.com

19. Domain 4 Q.2. John's company provides an API for customers. She wants to ensure that only paying customers can access the API. What is the best way to enforce this? Require authentication Configure a firewall Filter based on IP addresses Deploy an Intrusion Prevention System (IPS) Answer: A. Require authentication Explanation: To ensure that only paying customers access the API, implementing authentication mechanisms such as API keys, OAuth, or token-based authentication is the best approach. These methods verify users before granting access, preventing unauthorized usage. before granting access, preventing unauthorized usage. Answer: A. Require authentication Explanation: To ensure that only paying customers access the API, implementing authentication mechanisms such as API keys, OAuth, or token-based authentication is the best approach. These methods verify users STUDY HACK Remember "PAID" to secure API access for paying customers: P – Protect with authentication (API keys, OAuth, tokens) A – Authorize users based on payment status I – Implement rate limiting to prevent misuse D – Deny access to unauthorized users Always enforce authentication for API access control—firewalls, IP filters, and IPS won’t differentiate paying vs. non-paying users! www.infosectrain.com

20. Domain 4 Q.3. Pooja needs access to a network protected by a NAC system that validates devices based on their MAC addresses. How could she potentially bypass this security control? Spoof a valid IP address Perform a Denial-of-Service (DoS) attack on the NAC system Clone a legitimate MAC address None of the above Answer: C. Clone a legitimate MAC address Explanation: Network Access Control (NAC) systems that rely solely on MAC address filtering authenticate devices based on their MAC addresses. However, they do not verify the actual legitimacy of the device behind the MAC. Attackers can easily spoof or clone a legitimate MAC address using readily available tools, allowing them to bypass NAC restrictions. available tools, allowing them to bypass NAC restrictions. Answer: C. Clone a legitimate MAC address Explanation: Network Access Control (NAC) systems that rely solely on MAC address filtering authenticate devices based on their MAC addresses. However, they do not verify the actual legitimacy of the device behind the MAC. Attackers can easily spoof or clone a legitimate MAC address using readily STUDY HACK Remember “MAC ATTACK” to recall NAC bypass tricks: M – Modify your MAC address using spoofing tools A – Analyze a valid device's MAC address on the network C – Clone the legitimate MAC to gain access MAC-based NAC security is weak without additional authentication like 802.1X, certificates, or endpoint security checks! www.infosectrain.com

21. Domain 4 Q.4. Sonika subscribes to a private cybersecurity intelligence service that is only available to vetted users who pay a subscription fee. What type of intelligence feed is this? Proprietary threat intelligence Open-source intelligence (OSINT) Electronic Intelligence (ELINT) Corporate threat intelligence Answer: A. Proprietary threat intelligence Explanation: Proprietary threat intelligence refers to paid, exclusive threat intelligence services provided by specialized vendors. These services offer curated, real-time security insights based on confidential or premium sources, available only to vetted users who pay a subscription fee. available only to vetted users who pay a subscription fee. Answer: A. Proprietary threat intelligence Explanation: Proprietary threat intelligence refers to paid, exclusive threat intelligence services provided by specialized vendors. These services offer curated, real-time security insights based on confidential or premium sources, STUDY HACK Use "PPEC" to remember Threat Intelligence Categories: P – Proprietary (Paid, Exclusive, Subscription-based) P – Public (OSINT) (Free, Open, Community-driven) E – Electronic (ELINT) (Signals, Military, Communications) C – Corporate (Internal, Business-Specific, Private Analysis) If access requires payment and vetting, it's likely proprietary threat intelligence! www.infosectrain.com

22. Domain 4 Q.5. Ruchi wants to enhance her organization’s router security. There are no known vulnerabilities currently affecting the device. Which hardening measure would provide the greatest security improvement? Assigning administrative interfaces to a dedicated VLAN Disabling all unnecessary services Updating the router OS to the latest patch Enabling SNMP-based logging Answer: B. Disabling all unnecessary services Explanation: Disabling unnecessary services reduces the attack surface by preventing attackers from exploiting unused or default functionalities that could be vulnerable to misuse. Many routers come with pre-enabled services that may not be required for operations, and keeping them active increases security risks. risks. Answer: B. Disabling all unnecessary services Explanation: Disabling unnecessary services reduces the attack surface by preventing attackers from exploiting unused or default functionalities that could be vulnerable to misuse. Many routers come with pre-enabled services that may not be required for operations, and keeping them active increases security STUDY HACK To remember key router hardening steps, think "DUST" (because security removes unnecessary elements like dust ) D – Disable unused services U – Update firmware & OS regularly S – Segment networks (VLANs, admin interfaces) T – Track logs & monitor traffic First step in router hardening? Always disable what’s not needed! www.infosectrain.com

23. Domain 5 Security Program Management and Oversight (20%) Q.1. Prerna wants to assess whether the Key Risk Indicators (KRIs) suggested by his team are effective for the organization. Which of the following characteristics is NOT essential for a useful KRI? Actionable Measurable Relevant Inexpensive Answer: D. Inexpensive Explanation: A Key Risk Indicator (KRI) is a measurable value that helps organizations predict, monitor, and mitigate risks. For a KRI to be effective, it must be: • Actionable – It should trigger a response or decision-making process. • Measurable – It must have quantifiable data to track risk levels over time. • Relevant – It should directly relate to the organization's risk landscape. While cost efficiency is beneficial, it does not determine the effectiveness of a KRI. A highly effective KRI may require investment in tools, data collection, and analysis, making "Inexpensive" not an essential characteristic. analysis, making "Inexpensive" not an essential characteristic. Answer: D. Inexpensive Explanation: A Key Risk Indicator (KRI) is a measurable value that helps organizations predict, monitor, and mitigate risks. For a KRI to be effective, it must be: • Actionable – It should trigger a response or decision-making process. • Measurable – It must have quantifiable data to track risk levels over time. • Relevant – It should directly relate to the organization's risk landscape. While cost efficiency is beneficial, it does not determine the effectiveness of a KRI. A highly effective KRI may require investment in tools, data collection, and www.infosectrain.com

24. Domain 5 STUDY HACK To remember essential KRI characteristics, think “ARM Your KRIs”: A – Actionable (Leads to clear decisions) R – Relevant (Aligned with business risks) M – Measurable (Quantifiable & trackable) If a KRI is cheap but ineffective, it won’t help manage risk! www.infosectrain.com www.infosectrain.com www.infosectrain.com

25. Domain 5 Q.2. Amit’s organization has developed a document outlining the acceptable and unacceptable ways employees can use company resources, including networks and systems. What type of policy does this represent? Business continuity policy Acceptable use policy Incident response policy A standard, not a policy Answer: B. Acceptable use policy Explanation: An Acceptable Use Policy (AUP) defines the permissible and prohibited ways employees can use company resources, including networks, systems, and data. This policy ensures compliance, security, and responsible use of organizational assets. use of organizational assets. Answer: B. Acceptable use policy Explanation: An Acceptable Use Policy (AUP) defines the permissible and prohibited ways employees can use company resources, including networks, systems, and data. This policy ensures compliance, security, and responsible STUDY HACK To remember AUP, think: A – Access rules for company systems U – Usage guidelines (What’s allowed vs. prohibited) P – Protection from misuse & legal issues If it defines how employees can use company tech, it's an AUP. www.infosectrain.com

26. Domain 5 Q.3. Anie is conducting a penetration test and retrieves information about her target using the Shodan search engine without directly interacting with the systems. What type of reconnaissance is she performing? Active Commercial Scanner-based Passive Answer: D. Passive Explanation: Passive reconnaissance involves gathering information about a target without directly interacting with its systems, reducing the chance of detection. Tools like Shodan, WHOIS lookups, and OSINT techniques allow attackers or penetration testers to collect valuable insights without triggering security alarms. security alarms. Answer: D. Passive Explanation: Passive reconnaissance involves gathering information about a target without directly interacting with its systems, reducing the chance of detection. Tools like Shodan, WHOIS lookups, and OSINT techniques allow attackers or penetration testers to collect valuable insights without triggering STUDY HACK To remember Passive Reconnaissance, think: P – Publicly available data (Shodan, WHOIS, OSINT) A – Avoids direct interaction (No scanning) S – Silent approach (Undetectable) S – Search engines & open databases used I – Information gathering only (No system engagement) V – Very low risk of detection E – External sources leveraged If no direct contact with the target occurs, it’s passive reconnaissance! www.infosectrain.com

27. Domain 5 Q.4. Nancy’s company is purchasing cybersecurity insurance to reduce the financial impact of a potential data breach. What type of risk management strategy is being used? Transfer Accept Avoid Mitigate Answer: A. Transfer Explanation: Risk transfer shifts the financial burden of a risk to a third party, such as an insurance provider, instead of directly mitigating or accepting it. By purchasing cybersecurity insurance, Nancy’s company ensures that if a data breach occurs, the insurance provider covers the financial losses. breach occurs, the insurance provider covers the financial losses. Answer: A. Transfer Explanation: Risk transfer shifts the financial burden of a risk to a third party, such as an insurance provider, instead of directly mitigating or accepting it. By purchasing cybersecurity insurance, Nancy’s company ensures that if a data STUDY HACK Remember "TAM-A" for the four main risk management strategies: T – Transfer (Shift risk to insurance or third party) A – Accept (Do nothing, absorb the risk) M – Mitigate (Implement controls to reduce the risk) A – Avoid (Eliminate the risk by discontinuing the risky activity) If the company buys insurance, it's a risk transfer! www.infosectrain.com

28. Summary Preparing for the CompTIA Security+ (SY0-701) certification exam can be challenging, but with the right strategy, you can enhance your understanding, refine your exam techniques, and pass with confidence on your first try. This guide has provided you with real-world practice questions, expert explanations, and study hacks tailored to each domain, helping you identify weak areas and strengthen your cybersecurity expertise. The Security+ certification is a globally recognized certification that opens doors to various cybersecurity roles, including Security Analyst, Network Administrator, and SOC Analyst. By mastering encryption methods, risk management strategies, incident response, and security architecture, you’ll be well-equipped to handle today’s evolving cyber threats. But simply reading questions isn’t enough—you need a structured learning path with hands-on labs, expert-led training, and real exam simulations to solidify your understanding. If you’re serious about passing the CompTIA Security+ exam and advancing your cybersecurity career, InfosecTrain’s CompTIA Security+ training course is your ultimate learning solution. www.infosectrain.com

29. Contact us Follow us on www.infosectrain.com sales@infosectrain.com www.infosectrain.com