CompTIA SY0-601 Online Practice
Questions and Exam Preparation
SY0-601 Exam Details
Exam Code
:SY0-601
Exam Name
:CompTIA Security+
Certification
:CompTIA Certifications
Vendor
:CompTIA
Total Questions
:1334 Q&As
Last Updated
:Jul 15, 2026
CompTIA SY0-601 Online Questions &
Answers
Question 41:
A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing. Which of the following should the CISO read and understand before writing the policies?
A. PCI DSS B. GDPR C. NIST D. ISO 31000
B. GDPR General Data Protection Regulation (GDPR) is a set of rules in the European Union. These rules specify that if data is collected on EU citizens, the data must be stored in the European Union.
Question 42:
A security manager is implementing MFA and patch management. Which of the following would best describe the control type and category? (Choose two.)
A. Physical B. Managerial C. Detective D. Administrative E. Preventative F. Technical
E. Preventative F. Technical
Question 43:
The Chief Executive Officer (CEO) of an organization would like staff members to have the flexibility to work from home anytime during business hours, including during a pandemic or crisis. However, the CEO is concerned that some staff members may take advantage of the flexibility and work from high-risk countries while on holiday or outsource work to a third-party organization in another country. The Chief Information Officer (CIO) believes the company can implement some basic controls to mitigate the majority of the risk. Which of the following would be BEST to mitigate the CEO's concerns? (Choose two.)
A. Geolocation B. Time-of-day restrictions C. Certificates D. Tokens E. Geotagging F. Role-based access controls
A. Geolocation B. Time-of-day restrictions
Question 44:
A company was recently breached Pan of the company's new cybersecurity strategy is to centralize? the togs horn all security devices.
Which of the following components forwards the logs to a central source?
A. Log enrichment B. Log queue C. Log parser D. Log collector
D. Log collector A log collector is a component that forwards the logs from all security devices to a central source. A log collector can be a software tool or a hardware appliance that collects logs from various sources, such as firewalls, routers, servers, applications, or endpoints. A log collector can also perform functions such as log filtering, parsing, aggregation, normalization, and enrichment. A log collector can help centralize logging by sending the collected logs to a central log server or a security information and event management (SIEM) system for further analysis and correlation. References: https://www.comptia.org/certifications/security#examdetails https://www.comptia.org/content/guides/comptia-security-sy0- 601-exam-objectives https://geekflare.com/open-source-centralized-logging/
Question 45:
An organization has too many variations of a single operating system and needs to standardize the arrangement prior to pushing the system image to users. Which of the following should the organization implement first?
A. Standard naming convention B. Hashing C. Network diagrams D. Baseline configuration
D. Baseline configuration
Question 46:
A penetration tester was able to compromise an internal server and is now trying to pivot the current session in a network lateral movement Which of the following tools if available on the server, will provide the MOST useful information for the next assessment step?
A. Autopsy B. Cuckoo C. Memdump D. Nmap
D. Nmap Explanation Explanation/Reference:Nmap is basically mapping a network. The purpose of lateral pivoting is to gain a new perspective, or new information that will allow you to either privilege escalate, or to achieve the goal of the attack. If the compromised server the pen tester is exploiting has nmap enabled, the pen tester will be able to get an in-depth inside view of the internal network structure.
Question 47:
A security engineer is building a file transfer solution to send files to a business partner. The users would like to drop off the files in a specific directory and have the server send to the business partner. The connection to the business partner is over the internet and needs to be secure. Which of the following can be used?
A. S/MIME B. LDAPS C. SSH D. SRTP
C. SSH SSH - SSH or (Secure Shell) is a protocol that enables two computers to communicate securely by encrypting the connection. Since the question is looking to transfer files over the internet to a specific directory, the FTP protocol can be used for the file transfer itself. As SSH can be used with the FTP protocol, this allows for secure(SSH) file transfer(FTP) over the internet. ======================== Other Choices: S/MIME (Secure/Multipurpose internet Mail Extensions) - Digitally signs and encrypts the contents of email messages. LDAPS(Lightweight Directory Access Protocol) - Provides authentication for directory-based traffic SRTP (Secure Real-time Transport Protocol) - Provides authentication/encryption for transmitted audio and video traffic.
Question 48:
DRAG DROP
Drag and drop the correct protocol to its default port.
Select and Place:
Explanation/Reference:
FTP uses TCP port 21.
Telnet uses port 23.
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure filetransfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP).
SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP makes use of UDP ports 161 and 162.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 45, 51
A cybersecurity department purchased o new PAM solution. The team is planning to randomize the service account credentials of the Windows server first. Which of the following would be the BEST method to increase the security on the Linux server?
A. Randomize the shared credentials B. Use only guest accounts to connect. C. Use SSH keys and remove generic passwords D. Remove all user accounts.
C. Use SSH keys and remove generic passwords (Use SSH keys and remove generic passwords.) seems like the better answer because it involves authentication. https://jumpcloud.com/blog/what-are-ssh-keys Using a guest account does nothing for security.
Question 50:
A security architect is required to deploy to conference rooms some workstations that will allow sensitive data to be displayed on large screens. Due to the nature of the data, it cannot be stored in the conference rooms. The fiieshare is located in a local data center. Which of the following should the security architect recommend to BEST meet the requirement?
A. Fog computing and KVMs B. VDI and thin clients C. Private cloud and DLP D. Full drive encryption and thick clients
B. VDI and thin clients Virtual Desktop Infrastructure (VDI) is a technology that refers to the use of virtual machines to provide and manage virtual desktops. VDI hosts desktop environments on a centralized server and deploys them to end-users on request. VDI can be used to provide the desktop experience. The computing hardware for VDI can be split into thin clients and thick clients: - Thin clients are simple computers that can be accessed through a remote connection to a central server which provides the client all of its resources. Thin clients do not have hard drives so data isn't stored locally, and applications would also need to be accessed through a server. Thin clients would work for this scenario since data can't be stored in the conference rooms and thin clients cant store data anyway. - Thick clients are fully functional networked computers that have their OS, local storage, and handles their own processing. Just think company-provided desktop computers or laptops. They can connect to a server if they want, but can work independently as well. Since files can be stored locally on a thick client, they wouldn't work with the requirements of the scenario.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your SY0-601 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.