CompTIA Security+ · SY0-701
Objective 3.3: Compare and contrast concepts and strategies to protect data
Practice questions for Security+ objective 3.3, “Compare and contrast concepts and strategies to protect data.” Every question is original, written to the SY0-701 exam objectives, and comes with a full explanation — answer them below to see instant grading.
This objective sits in Domain 3.0: Security Architecture, which is about 18% of the exam — so mastering it moves your readiness score meaningfully.
1.A scenario: A company collects personal data from EU residents for a mobile app. The legal team discovers that analytics data is being sent to a third-party service in the United States without user consent and without a data transfer agreement. This primarily violates:
2.Which of the following data types is MOST likely to be considered a trade secret?
3.An organization classifies its data into four tiers: Public, Internal, Confidential, and Restricted. A data governance review finds that employees are routinely emailing Confidential-tier documents to personal email accounts, uploading Internal-tier files to unauthorized cloud storage services, and printing Restricted-tier documents without logging. The security team wants to implement a technical control that enforces data handling policies based on content classification rather than relying solely on user compliance. Which control most precisely addresses all three behaviors?
4.Which classification level is typically assigned to data that is approved for public release, such as marketing materials?
5.Which of the following BEST describes the concept of data minimisation as a privacy and security strategy?
Practice every objective, adaptively
CertBench tracks your score on 3.3 and every other objective, then builds a daily plan that targets your weakest spots. Start with the free diagnostic.
Take the free diagnostic