Practice FC0-U61 Security questions with full explanations on every answer.
Start practicing
Security — choose a session length
Free · No account required
Click any question to see the full explanation and answer options, or start a focused practice session above.
A small business owner wants to protect sensitive customer data stored on a laptop that is frequently used on public Wi-Fi networks. The owner is considering implementing a security control that ensures data remains confidential even if the laptop is stolen. Which of the following is the BEST control for this scenario?
2A security analyst is reviewing user permissions and discovers that several users have been granted more privileges than necessary to perform their job functions. The analyst wants to apply the principle of least privilege. Which TWO actions should the analyst take? (Choose TWO.)
3A help desk technician receives an alert from the security monitoring system showing multiple events like the one in the exhibit. The technician is investigating a possible brute-force attack. Based on the exhibit, which of the following is the primary attack vector being used?
4You are the IT security administrator for a mid-sized law firm that handles sensitive client data. The firm has a mix of Windows 10 workstations, a Windows Server 2019 domain controller, and a network printer. All users have standard user accounts. The senior partner recently received a phishing email that appeared to be from a known client, requesting that he click a link to review a document. He clicked the link and entered his domain credentials on a fake login page. Shortly after, the firm's file server began encrypting files and displaying a ransom note. The incident response team isolated the infected server and restored files from backup. However, the senior partner now reports that he cannot access the file server from his workstation. He receives an 'Access Denied' message. You check his account in Active Directory and find that his account is not locked out and the password is correct. The file server is back online and accessible by other users. You verify that the senior partner's workstation has network connectivity and can ping the file server. Which of the following is the MOST likely cause of the access issue?
5Which TWO of the following are examples of social engineering attacks?
6Refer to the exhibit. A security analyst reviews the NTFS permissions on the C:\Shared folder. Which user or group has the ability to delete files created by other users?
7You are the IT administrator for a small accounting firm with 25 employees. The firm uses a Windows Server 2019 domain controller, a file server, and an email server running Microsoft Exchange. Each employee has a company-issued laptop running Windows 10. The firm recently experienced a ransomware attack that encrypted all files on the file server. The attacker demanded a ransom in Bitcoin. The firm restored the files from a backup that was taken the previous night. However, the CEO is concerned about future attacks and wants to implement additional security measures. The firm has a limited budget and cannot afford a full security suite. Which of the following is the BEST course of action to reduce the risk of another ransomware infection?
8Drag and drop the steps to shut down a Windows 10 computer properly into the correct order.
9Match each troubleshooting step to its order in the CompTIA A+ methodology.
10A user wants to ensure data confidentiality. Which action is most appropriate?
11Which of the following is an example of a strong password?
12A company wants to prevent unauthorized physical access to its server room. Which control is best?
13An employee receives an email from 'IT Support' asking for his password due to 'system maintenance'. This is an example of:
14A small business wants to secure its wireless network. Which configuration provides the strongest encryption?
15After a ransomware attack, which step should be taken FIRST in the incident response process?
16Which principle ensures that data is not modified by unauthorized users?
17A user wants to prevent unauthorized access to their laptop if stolen. Which is the best method?
18Which type of malware replicates itself across a network without user interaction?
19Which TWO of the following are examples of social engineering attacks?
20Which THREE of the following are best practices for creating secure passwords?
21Which TWO of the following are types of malware?
22Which security threat is indicated in the exhibit?
23Which security best practice is being demonstrated?
24Which security principle is being applied?
25An employee receives an email from an unknown sender that includes an attachment labeled 'Invoice.pdf'. The employee does not recall ordering anything. What is the most secure action for the employee to take?
26A company requires all employees to use strong passwords. Which of the following password policies best aligns with security best practices?
27An employee receives a phone call from someone claiming to be from the IT department. The caller states there is a security issue and requests the employee's login credentials to 'fix the problem'. What should the employee do?
28A security guard notices an individual following closely behind an employee through a secured door without swiping a badge. This scenario is an example of which type of security threat?
29Which two of the following are types of malware? (Choose two.)
30Which three of the following are recommended practices for securing a home wireless network? (Choose three.)
31Based on the exhibit, which type of attack is most likely occurring?
32You are the IT administrator for a small company with 50 employees. The company uses a shared network drive for project files. Employees have read/write access to all folders on the drive. Recently, a ransomware attack encrypted many files on the network drive after an employee's workstation became infected. The employee had mapped the drive as a local letter. Backups are available but restoring takes several hours. Management wants to reduce the risk of future ransomware damage to the network drive. You are considering implementing one of the following controls. Which control would be most effective in limiting the spread of ransomware to the network drive?
33A medium-sized business has a policy that requires all employees to use two-factor authentication (2FA) when accessing the corporate email system. The authentication method uses a time-based one-time password (TOTP) app on employees' smartphones. Several employees have reported that they cannot log in because they recently changed phones and did not transfer the TOTP seed. The help desk has been resetting 2FA for these users, but management is concerned about the security of the reset process. Which of the following procedures should the help desk follow to securely reset 2FA for a user?
34A user reports that their computer is running slowly and the network activity light is constantly on. The technician runs the command shown in the exhibit. Based on the output, what is the most likely cause?
35Which TWO of the following are best practices for creating and managing passwords?
36A small real estate office with 12 employees has been using the same network setup for five years. Employees use both company-issued laptops and personal smartphones to access email and client listings. Last week, an employee clicked a link in a phishing email, which led to a ransomware infection on the company file server. The server was encrypted, and the attackers demanded a ransom. The office had no backups; all client data and contracts were lost. The office manager wants to prevent such incidents in the future. Which of the following should be the FIRST security measure implemented, considering the root cause of the breach?
The Security domain covers the key concepts tested in this area of the FC0-U61 exam blueprint published by CompTIA. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all FC0-U61 domains — no account required.
The Courseiva FC0-U61 question bank contains 36 questions in the Security domain. Click any question to see the full explanation and answer breakdown.
Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.
Yes — the session launcher on this page draws questions exclusively from the Security domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.
Save your results, see per-domain analytics, and get readiness scores — free, for every certification.
Sign Up FreeFree forever · Every certification included