CompTIA SY0-601 Online Practice
Questions and Exam Preparation
SY0-601 Exam Details
Exam Code
:SY0-601
Exam Name
:CompTIA Security+
Certification
:CompTIA Certifications
Vendor
:CompTIA
Total Questions
:1334 Q&As
Last Updated
:May 26, 2026
CompTIA SY0-601 Online Questions &
Answers
Question 121:
Which of the following best represents an application that does not have an on-premises requirement and is accessible from anywhere?
A. PaaS B. Hybrid cloud C. Private cloud D. IaaS E. SaaS
E. SaaS
Question 122:
The concept of connecting a user account across the systems of multiple enterprises is BEST known as:
A. federation. B. a remote access policy. C. multifactor authentication. D. single sign-on.
A. federation. The key difference between SSO and FIM is while SSO is designed to authenticate a single credential across various systems within one organization, federated identity management systems offer single access to a number of applications across various enterprises. Source: https://www.okta.com/identity-101/federated-identity-vs-sso/#:~:text=The%20key%20difference%20between%20SSO,of%20applications%20across%20various%20enterprises.
Question 123:
After a phishing scam for 9 user's credentals, the red team was able to craft a payload to deploy on @ server. The attack allowed the installaton of malicious software that intiates @ new remote session. Which of the following types of attacks has occurred?
A. Privilege escalation B. Session replay C. Application programming interface D. Directory traversal
A. Privilege escalation Explanation Explanation/Reference:Privilege escalation DOES NOT always mean you are escalating to elevated permissions. Privilege escalations can also be horiztonal movements. In this case, the red team compromises a user's account through the phising attack. The red team then deploys payload on the server through the comprised user account. The malware then initiates a new remote session, enabling the hackers to access the server directly. The comprised account is User A and the red team directly connected as a result of the malware can be thought of as User B. In this case, privilege escalation refers to user B being able to access user A resources.
Question 124:
After segmenting the network, the network manager wants to control the traffic between the segments. Which of the following should the manager use to control the network traffic?
A. A DMZ B. A VPN a C. A VLAN D. An ACL
D. An ACL "CONTROL" the trafic between segments. the network is already segmented either via VLAN or physicaly.
Question 125:
Which of the following controls is used to make an organization initially aware of a data compromise?
A. Protective B. Preventative C. Corrective D. Detective
D. Detective Detective control identifies security events that have already occurred. Intrusion detection systems are detective controls. ======================= Preventative Controls - acts to eliminate or reduce the likelihood that an attack can succeed. A preventative control operates before an attack can take place. They are comparing the configurations to a secure guideline to ensure no gaps. Meaning they are pre-emptively hardening their systems against future attack vectors. Corrective Controls - controls that remediate security issues that have already occurred. Restoring backups after a ransomware attack is an example of a corrective control. https://purplesec.us/security-controls/
Question 126:
A company recently decided to allow employees to work remotely. The company wants to protect its data without using a VPN. Which of the following technologies should the company implement?
A. Secure web gateway B. Virtual private cloud endpoint C. Deep packet inspection D. Next-generation firewall
A. Secure web gateway
Question 127:
Which of the following best describes an environment where a business owns the application and operating system but requires the resources to host them in the cloud?
A. IaaS B. XaaS C. PaaS D. SaaS
A. IaaS
Question 128:
During an intemal penetration test, a security analyst identified a network device that had accepted cleartext authentication and was configured with a default credential. Which of the following recommendations should the security analyst make to secure this device?
A. Configure SNMPv1. B. Configure SNMPv2c C. Configure SNMPv3. D. Configure the default community string.
C. Configure SNMPv3. Explanation Explanation/Reference:In this scenario, the security analyst discovered a network device with cleartext authentication and a default credential. To secure the device, the best recommendation is to configure SNMPv3. SNMP (Simple Network Management Protocol) is commonly used for network monitoring and management. SNMPv1 and SNMPv2c use cleartext authentication, which means that the credentials are transmitted without encryption, making them vulnerable to eavesdropping and potential credential theft. SNMPv3 is the most secure version of SNMP and provides several security features, including data encryption, message integrity, and authentication. It uses technologies such as HMAC (Hash-based Message Authentication Code) and encryption algorithms to protect sensitive information, making it the preferred choice when securing network devices and preventing unauthorized access or misuse.
Question 129:
A vulnerability has been discovered and a known patch to address the vulnerability does not exist. Which of the following controls works BEST until a proper fix is released?
A. Detective B. Compensating C. Deterrent D. Corrective
B. Compensating
Question 130:
A company is providing security awareness training regarding the importance of not forwarding social media messages from unverified sources. Which of the following risks would this training help to prevent?
A. Hoaxes B. SPIMs C. Identity fraud D. Credential harvesting
A. Hoaxes Explanation Explanation/Reference:Hoax A hoax is a falsehood deliberately fabricated to masquerade as the truth. It is distinguishable from errors in observation or judgment, rumors, urban legends, pseudo sciences, and April Fools' Day events that are passed along in good faith by believers or as jokes. Identity theft Identity theft occurs when someone uses another person's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term identity theft was coined in 1964. Identity fraud (also known as identity theft or crime) involves someone using another individual's personal information without consent, often to obtain a benefit. Credential Harvesting Credential Harvesting (or Account Harvesting) is the use of MITM attacks, DNS poisoning, phishing, and other vectors to amass large numbers of credentials (username / password combinations) for reuse.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your SY0-601 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.