1. Home
  2. CompTIA
  3. SY0-601

CompTIA SY0-601 Online Practice Questions and Exam Preparation

SY0-601 Exam Details

  • Exam Code
    :SY0-601
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1334 Q&As
  • Last Updated
    :May 26, 2026

CompTIA SY0-601 Online Questions & Answers

  • Question 1061:

    A vulnerability scan returned the following results:

    2 Critical 5 High 15 Medium 98 Low

    Which of the following would the information security team most likely use to decide if all discovered vulnerabilities must be addressed and the order in which they should be addressed?

    A. Risk appetite
    B. Risk register
    C. Risk matrix
    D. Risk acceptance

  • Question 1062:

    An organization with a low tolerance for user inconvenience wants to protect laptop hard drives against loss or data theft. Which of the following would be the MOST acceptable?

    A. SED
    B. HSM
    C. DLP
    D. TPM

  • Question 1063:

    A user's laptop constantly disconnects from the Wi-Fi network. Once the laptop reconnects, the user can reach the internet but cannot access shared folders or other network resources. Which of the following types of attacks is the user MOST likely experiencing?

    A. Bluejacking
    B. Jamming
    C. Rogue access point D. Evil twin

  • Question 1064:

    Which of the following agreements defines response time, escalation points, and performance metrics?

    A. BPA
    B. MOA
    C. NDA
    D. SLA

  • Question 1065:

    Per company security policy, IT staff members are required to have separate credentials to perform administrative functions using just-in-time permissions. Which of the following solutions is the company Implementing?

    A. Privileged access management
    B. SSO
    C. RADIUS
    D. Attribute-based access control

  • Question 1066:

    A security analyst finds a rogue device during a monthly audit of current endpoint assets that are connected to the network. The corporate network utilizes 802.1 X for access control. To be allowed on the network, a device must have a known hardware address, and a valid username and password must be entered in a captive portal. The following is the audit report:

    Which of the following is the most likely way a rogue device was allowed to connect?

    A. A user performed a MAC cloning attack with a personal device.
    B. A DHCP failure caused an incorrect IP address to be distributed.
    C. An administrator bypassed the security controls for testing.
    D. DNS hijacking let an attacker intercept the captive portal traffic.

  • Question 1067:

    A security administrator is integrating several segments onto a single network. One of the segments, which includes legacy devices, presents a significant amount of risk to the network.

    Which of the following would allow users to access to the legacy devices without compromising the security of the entire network?

    A. NIDS
    B. MAC filtering
    C. Jump server
    D. IPSec
    E. NAT gateway

  • Question 1068:

    An organization has been experiencing outages during holiday sales and needs to ensure availability of its point-of-sale systems The IT administrator has been asked to improve both server-data fault tolerance and site availability under high consumer load Which of the following are the BEST options to accomplish this objective? (Select TWO)

    A. Load balancing
    B. Incremental backups
    C. UPS
    D. RAID
    E. Dual power supply
    F. NIC teaming

  • Question 1069:

    As part of annual audit requirements, the security team performed a review of exceptions to the company policy that allows specific users the ability to use USB storage devices on their laptops. The review yielded the following results. The exception process and policy have been correctly followed by the majority of users A small number of users did not create tickets for the requests but were granted access All access had been approved by supervisors. Valid requests for the access sporadically occurred across multiple departments. Access, in most cases, had not been removed when it was no longer needed

    Which of the following should the company do to ensure that appropriate access is not disrupted but unneeded access is removed in a reasonable time frame?

    A. Create an automated, monthly attestation process that removes access if an employee's supervisor denies the approval
    B. Remove access for all employees and only allow new access to be granted if the employee's supervisor approves the request
    C. Perform a quarterly audit of all user accounts that have been granted access and verify the exceptions with the management team
    D. Implement a ticketing system that tracks each request and generates reports listing which employees actively use USB storage devices

  • Question 1070:

    An organization is repairing the damage after an incident. Which of the following controls is being implemented?

    A. Detective
    B. Preventive
    C. Corrective
    D. Compensating

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-601 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.