CompTIA SY0-601 Online Practice
Questions and Exam Preparation
SY0-601 Exam Details
Exam Code
:SY0-601
Exam Name
:CompTIA Security+
Certification
:CompTIA Certifications
Vendor
:CompTIA
Total Questions
:1334 Q&As
Last Updated
:May 26, 2026
CompTIA SY0-601 Online Questions &
Answers
Question 901:
A user reset the password for a laptop but has been unable to log in to it since then. In addition, several unauthorized emails were sent on the user's behalf recently. The security team investigates the issue and identifies the following findings:
Firewall logs show excessive traffic from the laptop to an external site.
Unknown processes were running on the laptop.
RDP connections that appeared to be authorized were made to other network devices from the laptop.
High bandwidth utilization alerts from that user's username.
Which of the following is most likely installed on the laptop?
A. Worm B. Keylogger C. Trojan D. Logic bomb
C. Trojan
Question 902:
A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?
A. Cross-site scripting B. Buffer overflow C. Jailbreaking D. Side loading
C. Jailbreaking Jailbreaking is a process in which an individual gains unauthorized access to the operating system of a mobile device, typically to remove software restrictions imposed by the manufacturer or carrier. This allows users to install unauthorized apps and make modifications to the device's operating system, which can create security risks and expose the device to potential threats and vulnerabilities. By adding a clause to the Acceptable Use Policy (AUP) that prohibits employees from modifying the operating system on mobile devices, the company aims to prevent the practice of jailbreaking, which helps mitigate potential security risks associated with unauthorized software modifications.
Question 903:
A company wants to move one of its environments to the cloud. The biggest requirement is to have as much control as possible regarding the environment. Which of the following would most likely satisfy this requirement?
A. SaaS B. IaaS C. PaaS D. MaaS
B. IaaS
Question 904:
A newly identified network access vulnerability has been found in the OS of legacy IoT devices. Which of the following would best mitigate this vulnerability quickly?
A. Insurance B. Patching C. Segmentation D. Replacement
C. Segmentation If support from the manufacturer is not available, and the vulnerability is in the OS of legacy IoT devices, the best option to quickly mitigate the vulnerability is C. Segmentation. Since patching may not be feasible without manufacturer support, segmentation can help isolate the vulnerable devices from the rest of the network. This can limit the potential attack surface and reduce the risk of exploitation, even if the devices themselves cannot be patched or updated. Segmentation can be an effective short-term strategy to enhance security when dealing with unsupported legacy IoT devices.If support from the manufacturer is not available, and the vulnerability is in the OS of legacy IoT devices, the best option to quickly mitigate the vulnerability is C. Segmentation. Since patching may not be feasible without manufacturer support, segmentation can help isolate the vulnerable devices from the rest of the network. This can limit the potential attack surface and reduce the risk of exploitation, even if the devices themselves cannot be patched or updated.
Question 905:
During a security assessment, a security analyst finds a file with overly permissive permissions. Which of the following tools will allow the analyst to reduce the permissions for the existing users and groups and remove the set-user-ID bit from the file?
A. ls B. chflags C. chmod D. lsof E. setuid
C. chmod Chmod removes the setuido permission, that is, it removes the S bit. Setuido is the specific permission, but it is removed with Chmod. In Unix and Unix-like operating systems, chmod is the command and system call used to change the access permissions of file system objects sometimes known as modes. It is also used to change special mode flags such as setuid and setgid flags and a 'sticky' bit. The request is filtered by the umask https://www.cbtnuggets.com/blog/technology/system-admin/linux-file-permissions-understanding-setuid-setgid-and-the-sticky-bit
Question 906:
An organization has decided to purchase an insurance policy because a risk assessment determined that the cost to remediate the risk is greater than the five- year cost of the insurance policy. The organization is enabling risk:
A. avoidance B. acceptance C. mitigation D. transference
D. transference Explanation Explanation/Reference:Risk Transference is transferring risk to a third party such as a vendor. In cyber security, that can be through utilizing cyber-risk insurance. Cyber insurance generally covers a business' liability for a data breach involving sensitive customer information, such as account numbers, credit card numbers, health records etc. ============================================== Other Choices: Risk Avoidance - Strategy that eliminates risk by avoiding activities that would expose themselves to the risk. Risk Mitigation - the practice of reducing the impact of risks through preventative and reactive planning Risk Acceptance - When a business or individual accepts the potential loss from a risk. Generally occurs when the business or individual feels that the risk does not warrant the countermeasures.
Question 907:
A threat actor was able to use a username and password to log in to a stolen company mobile device. Which of the following provides the best solution to increase mobile data security on all employeesA. Application management B. Full disk encryption C. Remote wipe D. Containerization
D. Containerization
Question 908:
Which of the following would satisfy three-factor authentication?
A. Password, retina scanner, and NFC card B. Password, fingerprint scanner, and retina scanner C. Password, hard token, and NFC card D. Fingerpnint scanner, hard token, and retina scanner
A. Password, retina scanner, and NFC card
Question 909:
Which of the following provides guidelines for the management and reduction of information security risk?
A. CIS B. NIST CSF C. ISO D. PCI DSS
B. NIST CSF
Question 910:
A security analyst receives the configuration of a current VPN profile and notices the authentication is only applied to the IP datagram portion of the packet. Which of the following should the analyst implement to authenticate the entire packet?
A. AH B. ESP C. SRTP D. LDAP
B. ESP Explanation Explanation/Reference:When AH tunnel mode is used, the entire packet is signed for integrity and authentication. But when ESP tunnel mode is used, the encapsulated packet between the ESP header and the ESP trailer is signed for integrity and authentication. The new packet can also be encrypted for greater security.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your SY0-601 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.