1. Home
  2. CompTIA
  3. SY0-601

CompTIA SY0-601 Online Practice Questions and Exam Preparation

SY0-601 Exam Details

  • Exam Code
    :SY0-601
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1334 Q&As
  • Last Updated
    :May 26, 2026

CompTIA SY0-601 Online Questions & Answers

  • Question 191:

    Which of the following best describes a legal hold?

    A. It occurs during litigation and requires retention of both electronic and physical documents.
    B. It occurs during a risk assessment and requires retention of risk-related documents.
    C. It occurs during incident recovery and requires retention of electronic documents.
    D. It occurs during a business impact analysis and requires retention of documents categorized as personally identifiable information.

  • Question 192:

    A forensics examiner is attempting to dump password cached in the physical memory of a live system but keeps receiving an error message. Which of the following BEST describes the cause of the error?

    A. The examiner does not have administrative privileges to the system
    B. The system must be taken offline before a snapshot can be created
    C. Checksum mismatches are invalidating the disk image
    D. The swap file needs to be unlocked before it can be accessed

  • Question 193:

    A company recently expenenced an attack dunng which #5 main website was directed to the atacker's web server, allowing the attacker to harvest credentials from unsuspecting customers. Which of the following snould the company Implement to prevent this type of attack from accurting in the future?

    A. IPSec
    B. SSL/TLS
    C. DNSSEC
    D. S/MIME

  • Question 194:

    Which of the following documents provides guidance regarding the recommended deployment of network security systems from the manufacturer?

    A. Cloud control matrix
    B. Reference architecture
    C. NIST RMF
    D. CIS Top 20

  • Question 195:

    An information security manager for an organization is completing a PCI DSS self- assessment for the first time. which of the is following MOST likely reason for this type of assessment?

    A. An international expansion project is currently underway.
    B. Outside consultants utilize this tool to measure security maturity.
    C. The organization is expecting to process credit card information.
    D. A government regulator has requested this audit to be completed

  • Question 196:

    The Chief Information Security Officer wants to pilot a new adaptive, user-based authentication method. The concept Includes granting logical access based on physical location and proximity. Which of the following Is the BEST solution for the pilot?

    A. Geofencing
    B. Self-sovereign identification
    C. PKl certificates
    D. SSO

  • Question 197:

    Which of the following provides a calculated value for known vulnerabilities so organizations can prioritize mitigation steps?

    A. CVSS
    B. SIEM
    C. SOAR
    D. CVE

  • Question 198:

    A company Is concerned about is security after a red-team exercise. The report shows the team was able to reach the critical servers due to the SMB being exposed to the Internet and running NTLMV1,

    Which of the following BEST explains the findings?

    A. Default settings on the servers
    B. Unsecured administrator accounts
    C. Open ports and services
    D. Weak Data encryption

  • Question 199:

    A help desk technician receives a phone call from someone claiming to be a part of the organization's cybersecurity modem response team The caller asks the technician to verify the network's internal firewall IP address

    Which of the following 15 the technician's BEST course of action?

    A. Direct the caller to stop by the help desk in person and hang up declining any further requests from the caller
    B. Ask for the callers name, verify the persons identity in the email directory and provide the requested information over the phone
    C. Write down the phone number of the carter if possible, the name of the person requesting the information hang up. and notify the organization's cybersecurity officer
    D. Request the caller send an email for identity verification and provide the requested information via email to the caller

  • Question 200:

    A security policy states that common words should not be used as passwords. A security auditor was able to perform a dictionary attack against corporate credentials Which of the following controls was being violated?

    A. Password complexity
    B. Password history
    C. Password reuse
    D. Password length

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-601 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.