arrow_backBack to field notes
CERTIFICATIONS Published 13 Jul 2026

Security+ PBQs: What They Are and How to Pass Them

A clear breakdown of Security+ performance-based questions (PBQs) and practical strategies to prepare for them on exam day.

What Are Performance-Based Questions?

Performance-based questions (PBQs) are interactive, simulation-style items on the CompTIA Security+ exam that require you to complete a task rather than just select an answer from a list. Instead of pure multiple choice, you might drag and drop items into categories, configure a firewall rule, match log entries to attack types, or place network devices in the correct topology. CompTIA uses PBQs to test whether you can actually apply security concepts, not just recognize terminology.

Why CompTIA Uses PBQs

Multiple-choice questions are efficient to grade but limited in what they can measure. They're good at testing recall and recognition, but weak at testing whether someone can actually configure a system, interpret real output, or troubleshoot a scenario under time pressure. PBQs close that gap. They simulate small slices of real job tasks: reading a packet capture, identifying a misconfigured ACL, sorting vulnerabilities by severity, or matching mitigation techniques to specific threats. This aligns with Security+'s goal of certifying baseline, hands-on-capable security practitioners rather than people who simply memorized flashcards.

Common PBQ Formats on Security+

While the exact questions change between exam versions, the format types tend to repeat:

  • Drag-and-drop matching — pairing terms with definitions, attack types with descriptions, or controls with the risks they mitigate.
  • Network diagram building — placing firewalls, routers, switches, IDS/IPS sensors, and servers into a topology that satisfies given security requirements.
  • Log and packet analysis — reviewing a snippet of firewall logs, syslog output, or a Wireshark capture and identifying indicators of compromise or misconfiguration.
  • Configuration tasks — setting firewall rules, ACL entries, or basic hardening settings within a simulated interface.
  • Categorization exercises — sorting a list of items (vulnerabilities, controls, policies) into the correct bucket, such as by CIA triad impact or control type (preventive, detective, corrective).

How PBQs Are Scored

PBQs are typically scored based on partial credit for multi-part tasks, meaning you don't need every single placement correct to earn some points. This is important psychologically during the exam: don't freeze up or skip a PBQ entirely just because part of it seems unclear. Attempt every element you're confident about, then make educated guesses on the rest. Skipping a PBQ guarantees zero credit; a partial attempt can still net you points.

Where PBQs Appear in the Exam Flow

On Security+, PBQs tend to appear early in the exam, often within the first several questions. Since the exam software generally doesn't allow you to skip and return to earlier questions on this certification, budget your time carefully. A common strategy: give yourself a firm time cap (for example, two to three minutes) per PBQ. If you're clearly stuck, make your best attempt with the information given and move on rather than burning ten minutes chasing a perfect answer on one item while your overall clock keeps running.

How to Practice for PBQs Effectively

Memorizing definitions alone won't prepare you for PBQs — you need exposure to the interactive format itself.

  • Use official and reputable practice exams that include PBQ-style simulations, not just multiple-choice banks.
  • Study network diagrams actively. Practice drawing or labeling topologies with firewalls, DMZs, VLANs, and segmentation rather than just reading about them.
  • Get comfortable reading raw logs. Review sample firewall logs, Windows Event Viewer entries, and basic packet captures so unfamiliar output doesn't slow you down under pressure.
  • Learn the CIA triad and control categories cold — technical, administrative, physical, and the preventive/detective/corrective/deterrent breakdown — since categorization PBQs lean heavily on this framework.- Simulate time pressure. Practice under a clock so the unfamiliar interface style doesn't eat into your overall exam time on test day.

Final Exam-Day Tips

Read each PBQ prompt twice before touching anything — these questions often bury a key constraint or requirement in the instructions. Look for scenario details like company size, industry, or specific compliance requirements, since these often determine the

This article was generated with AI assistance and published to the Korra Studio knowledge base.

Ready to go further?

This is one note from the Korra Studio knowledge base — the platform pairs every topic with 1-to-1 mentoring.

Get started freearrow_forward