240+ practice questions with detailed answers and explanations — organized by exam domain, free and open source.
Built for cybersecurity professionals preparing for CompTIA certifications. Every question includes the correct answer, a full explanation of why it's correct, and why the other choices are wrong. Questions are scenario-based and aligned with official exam objectives.
Continually adding resource materials, preperations, and modules. Let me know if something should be added!!
| Certification | Exam Code | Questions | Domains |
|---|---|---|---|
| Security+ | SY0-701 | 120 | 5 |
| SecAI+ | CY0-001 | 120 | 5 |
- Team leads building study programs for junior security staff
- Career changers breaking into cybersecurity
- IT professionals adding security certifications to their resume
- Self-studiers who want free, high-quality practice material without subscriptions
Each certification has its own directory with questions organized by exam domain:
cert-prep/
├── security-plus-sy0-701/
│ ├── question-bank/
│ │ ├── domain-1-general-security/ # 14 questions (12%)
│ │ ├── domain-2-threats-vulns/ # 26 questions (22%)
│ │ ├── domain-3-security-architecture/ # 22 questions (18%)
│ │ ├── domain-4-security-operations/ # 34 questions (28%)
│ │ └── domain-5-program-management/ # 24 questions (20%)
│ ├── study-notes/
│ ├── exam-prep/
│ └── resources/
│
├── secai-plus-cy0-001/
│ ├── question-bank/
│ │ ├── domain-1-ai-concepts/ # 20 questions (17%)
│ │ ├── domain-2-ai-threats/ # 28 questions (~23%)
│ │ ├── domain-3-securing-ai/ # 36 questions (~30%)
│ │ ├── domain-4-ai-secops/ # 20 questions (~17%)
│ │ └── domain-5-ai-grc/ # 16 questions (~13%)
│ ├── study-notes/
│ ├── exam-prep/
│ └── resources/
│
├── LICENSE
└── README.md
Each question uses collapsible answer sections — test yourself before revealing the answer:
### Q1. Zero Trust Architecture
An organization is implementing a zero trust architecture.
Which principle is MOST fundamental to this approach?
- A) All internal network traffic is inherently trusted
- B) Never trust, always verify — regardless of network location
- C) Perimeter firewalls are the primary security control
- D) VPN connections from remote users are always trustedClick Answer to reveal the correct answer and explanation. Study by selecting your answer first, then checking. Pay attention to explanations even for questions you get right — understanding the reasoning matters more than memorizing answers.
| Detail | Info |
|---|---|
| Questions | Max 90 (multiple-choice + PBQs) |
| Duration | 90 minutes |
| Passing Score | 750 / 900 |
| Experience | CompTIA Network+ and 2 years IT security |
| Detail | Info |
|---|---|
| Questions | Max 60 (multiple-choice + PBQs) |
| Duration | 60 minutes |
| Passing Score | 600 / 900 |
| Experience | 3–4 years IT, 2+ years cybersecurity |
Found an error? Have a better explanation? PRs welcome. Please follow the existing question format and include full explanations for all answer choices.
This work is licensed under CC BY-NC 4.0 — free to share and adapt for non-commercial use with attribution.
Built by a working cybersecurity professional for team training and self-study. Not affiliated with CompTIA.