Threats, Vulnerabilities & Mitigations
71 free practice questions with explanations
PassNova has 71 free CompTIA Security+ practice questions on Threats, Vulnerabilities & Mitigations, each with a clear explanation. Practise them in the browser with instant feedback — 100% free, no sign-up, on any device. Updated for 2026.
Threats, Vulnerabilities & Mitigations: example questions & answers
Here are 6 example questions from this topic. Practise the full set of 71 free in the browser.
-
Which threat actor is typically the most sophisticated and well-funded?
- A Script kiddie
- B Hacktivist
- C Nation-state / APT ✓
- D Insider
Answer: Nation-state actors (APTs) are highly sophisticated, well-funded, and persistent.
-
Which threat actor is motivated by political or social causes?
- A Hacktivist ✓
- B Script kiddie
- C Organized crime
- D Nation-state
Answer: Hacktivists are driven by political or social causes rather than profit.
-
Which threat actor uses existing tools with little technical skill?
- A APT
- B Script kiddie ✓
- C Insider
- D Organized crime
Answer: Script kiddies use pre-built tools and exploits without deep technical understanding.
-
Which threat is posed by a trusted employee misusing access?
- A External hacker
- B Insider threat ✓
- C Script kiddie
- D Nation-state
Answer: An insider threat comes from someone with legitimate access who misuses it.
-
Which threat actor is primarily motivated by financial gain?
- A Hacktivist
- B Organized crime ✓
- C Researcher
- D Shadow IT
Answer: Organized crime groups are primarily motivated by financial gain.
-
What is 'shadow IT'?
- A Approved software
- B Unauthorized hardware/software used without IT approval ✓
- C A backup site
- D An IDS
Answer: Shadow IT is technology used within an organization without IT's knowledge or approval, creating risk.