CompTIA Security+ Exam - SY0-601 Free Exam Questions (2023)
CompTIA Security+ Exam - SY0-601 Free Exam Questions (2023)
CompTIA Security+ Exam - SY0-601 Free Exam Questions (2023)
Limited Time Discount Offer! 15% Off - Ends in 02:11:40 - Use Discount Coupon Code A4T2023
QUESTION NO: 1
After a phishing scam fora user's credentials, the red team was able to craft payload to deploy on a server. The attack allowed the installation of malicious software
that initiates a new remote session Which of the following types of attacks has occurred?
A. Directory traversal
B. Privilege escalation
D. Session replay
Hide answers/explanation
Correct Answer: B
QUESTION NO: 2
Which of the following in a forensic investigation should be priorities based on the order of volatility? (Select TWO).
A. RAM
B. Stored files
C. Page files
D. HDD
E. Event logs
F. Cache
Hide answers/explanation
QUESTION NO: 3
An organization would like to remediate the risk associated with its cloud service provider not meeting its advertised 99.999% availability metrics. Which of the
following should the organization consult for the exact requirements for the cloud provider?
A. SLA
Chat now
https://www.actual4test.com/exam/SY0-601-questions 1/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
B. MOU
C. NDA
D. BPA
Hide answers/explanation
Correct Answer: A
QUESTION NO: 4
An attacked is attempting to exploit users by creating a fake website with the URL www.validwebsite.com.
The attacker's intent is to imitate the look and feel of a legitimate website to obtain personal information from unsuspecting users. Which of the following social-
engineering attacks does this describe?
A. Impersonation
B. Information elicitation
C. Watering-hole attack
D. Type squatting
Hide answers/explanation
Correct Answer: C
QUESTION NO: 5
A SOC is implementing an insider-threat-detection program. The primary concern is that users may be accessing confidential data without authorization. Which of
the following should be deployed to detect a potential insider threat?
B. ADMZ
C. honeyfile
D. DLP
Hide answers/explanation
Correct Answer: C
QUESTION NO: 6
An attacker has determined the best way to impact operations is to infiltrate third-party software vendors. Which of the following vectors is being exploited?
A. Social engineering
B. Social media
C. Supply chain
D. Cloud
Hide answers/explanation
Correct Answer: A
Chat now
https://www.actual4test.com/exam/SY0-601-questions 2/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
QUESTION NO: 7
A security researcher has aferted an organuzation that its sensifive user data was found for sale on a website. Which af the followang should the organzabon use
to inform the affected partes?
A. A communications plan
Hide answers/explanation
Correct Answer: D
QUESTION NO: 8
An organization maintains several environments in which patches are developed and tested before deployed to an operation status. Which of the following is the
environment in which patches will be deployed just prior to being put into an operational status?
A. Test
B. Production
C. Development
D. Staging
Hide answers/explanation
Correct Answer: D
QUESTION NO: 9
An analyst needs to identify the applications a user was running and the files that were open before the user's computer was shut off by holding down the power
button. Which of the following would MOST likely contain that information?
A. Pagefile
B. NetFlow
C. RAM
D. NGFW
Hide answers/explanation
Correct Answer: B
QUESTION NO: 10
A security analyst discovers several .jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a
forensics tool to gather file metadat a. Which of the following would be part of the images if all the metadata is still intact?
https://www.actual4test.com/exam/SY0-601-questions 3/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
Hide answers/explanation
Correct Answer: B
QUESTION NO: 11
The IT department at a university is concerned about professors placing servers on the university network in an attempt to bypass security controls. Which of the
following BEST represents this type of threat?
A. Hacktivism
B. White-hat
C. Shadow IT
D. A script kiddie
Hide answers/explanation
Correct Answer: C
QUESTION NO: 12
it a current private key is compromised, which of the following would ensure it cannot be used to decrypt ail historical data?
A. Eiliptic-curve cryptography
B. Key stretching
C. Homomorphic encryption
Hide answers/explanation
Correct Answer: A
QUESTION NO: 13
An information security officer at a credit card transaction company is conducting a framework-mapping exercise with the internal controls. The company recently
established a new office in Europe. To which of the following frameworks should the security officer map the existing controls? (Select TWO).
A. soc
B. PCI DSS
C. Iso
D. CSA
E. NIST
F. GDPR
Hide answers/explanation
Chat now
https://www.actual4test.com/exam/SY0-601-questions 4/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
QUESTION NO: 14
A junior security analyst iss conducting an analysis after passwords were changed on multiple accounts without users' interaction. The SIEM have multiple logtn
entnes with the following text:
Which of Ihe following is the MOST likely attack conducted on the environment?
A. DNS poisoning
B. Malicious script
C. Privilege escalation
D. Doman hijacking
Hide answers/explanation
Correct Answer: B
QUESTION NO: 15
The findings in a consultant's report indicate the most critical risk to the security posture from an incident response perspective is a lack of workstation and server
investigation capabilities. Which of the following should be implemented to remediate this risk?
A. FDE
B. HIDS
C. NGFW
D. EDR
Hide answers/explanation
Correct Answer: D
QUESTION NO: 16
A tax organization is working on a solution to validate the online submission of documents The solution should be earned on a portable USB device that should be
inserted on any computer that is transmitting a transaction securely. Which of the following is the BEST certificate for these requirements?
A. User certificate
B. Self-signed certificate
C. Root certificate
D. Computer certificate
Hide answers/explanation
Correct Answer: C
Chat now
https://www.actual4test.com/exam/SY0-601-questions 5/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
QUESTION NO: 17
A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller
and finds the following events:
To better understand what is going on, the analyst runs a command and receives the following output:
Based on the analyst's findings, which of the following attacks is being executed?
A. Brute-force
B. Spraying
C. Keylogger
D. Credential harvesting
Hide answers/explanation
Correct Answer: B
QUESTION NO: 18
A company has decovered unauthorized devices are using its WiFi network, and it wants to harden the access point to imporve security. Which f the following
configuration shoujld an analysis enable To improve security? (Select TWO.)
A. PEAP
B. SSL
C. WPA2-PSK
D. WEP-EKIP
E. WPS
F. RADIUS
Hide answers/explanation
QUESTION NO: 19
A security administrator has noticed unusual activity occurring between different global instances and workloads and needs to identify the
Chatsource
nowof the unusual
https://www.actual4test.com/exam/SY0-601-questions 6/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
traffic. Which of the following log sources would be BEST to show the source of the unusual traffic?
A. HIDS
B. UEBA
C. CASB
D. VPC
Hide answers/explanation
Correct Answer: C
QUESTION NO: 20
Which of the following technical controls is BEST suited for the detection and prevention of buffer overflows on hosts?
A. HIDS
B. EDR
C. NIPS
D. DLP
Hide answers/explanation
Correct Answer: B
QUESTION NO: 21
The Chief Executive Officer announced a new partnership with a strategic vendor and asked the Chief Information Security Officer to federate user digital identities
using SAML-based protocols. Which of the following will this enable?
A. PKI
B. OLP
C. SSO
D. MFA
Hide answers/explanation
Correct Answer: C
QUESTION NO: 22
A company reduced the area utilized in its datacenter by creating virtual networking through automation and by creating provisioning routes and rules through
scripting. Which of the following does this example describe?
A. SaaS
B. laC
C. Containers
D. MSSP
Hide answers/explanation
Chat now
https://www.actual4test.com/exam/SY0-601-questions 7/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
Correct Answer: B
QUESTION NO: 23
A security analyst needs to complete an assessment. The analyst is logged into a server and must use native tools to map services running on it to the server's
listening ports. Which of the following tools can BEST accomplish this talk?
A. Nessus
B. Netcat
C. Netstat
D. Nmap
Hide answers/explanation
Correct Answer: C
QUESTION NO: 24
Which of the following actions would be recommended to improve an incident response process?
B. Train the team to identify the difference between events and incidents
D. Modify access so the IT team has full access to the compromised assets
Hide answers/explanation
Correct Answer: B
QUESTION NO: 25
An organization is developing an authentication service for use at the entry and exit ports of country borders.
The service will use data feeds obtained from passport systems, passenger manifests, and high-definition video feeds from CCTV systems that are located at the
ports. The service will incorporate machine-learning techniques to eliminate biometric enrollment processes while still allowing authorities to identify passengers
with increasing accuracy over time. The more frequently passengers travel, the more accurately the service will identify them. Which of the following biometrics
will MOST likely be used, without the need for enrollment? (Choose two.)
A. Gait
B. Vein
C. Fingerprint
D. Facial
E. Retina
F. Voice
Hide answers/explanation
Chat now
https://www.actual4test.com/exam/SY0-601-questions 8/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
QUESTION NO: 26
A security administrator is trying to determine whether a server is vulnerable to a range of attacks. After using a tool, the administrator obtains the following
output:
Which of the following attacks was successfully implemented based on the output?
A. Directory traversal
B. Memory leak
C. SQL injection
D. Race conditions
Hide answers/explanation
Correct Answer: A
QUESTION NO: 27
A company installed several crosscut shredders as part of increased information security practices targeting data leakage risks. Which of the following will this
practice reduce?
A. Information elicitation
B. Shoulder surfing
C. Dumpster diving
D. Credential harvesting
Hide answers/explanation
Correct Answer: C
QUESTION NO: 28
The technology department at a large global company is expanding its Wi-Fi network infrastructure at the headquarters building Which of the following should be
closely coordinated between the technology, cybersecurity, and physical security departments?
A. VPN configuration
B. WAP placement
C. Authentication protocol
D. Encryption type
Hide answers/explanation
Correct Answer: C
QUESTION NO: 29
Against the recommendation of the IT security analyst, a company set all user passwords on a server as "P@)55wOrD". Upon review of the /etc/pesswa file, an
attacker found the following:
Chat now
https://www.actual4test.com/exam/SY0-601-questions 9/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
hich of the following BEST explains why the encrypted passwords do not match?
A. Salting
B. Key stretching
D. Hashing
Hide answers/explanation
Correct Answer: A
QUESTION NO: 30
An engineer wants to access sensitive data from a corporate-owned mobile device. Personal data is not allowed on the device. Which of the following MDM
configurations must be considered when the engineer travels for business?
A. Geofencing
B. Application management
C. Containerization
D. Screen locks
Hide answers/explanation
Correct Answer: C
QUESTION NO: 31
Field workers in an organization are issued mobile phones on a daily basis All the work is performed within one city and the mobile phones are not used for any
purpose other than work The organization does not want these pnones used for personal purposes. The organization would like to issue the phones to workers as
permanent devices so the pnones do not need to be reissued every day Qven the conditions described, which of the following technologies would BEST meet
these requirements'
B. Geofencing
C. Containenzation
D. Remote wiping
Hide answers/explanation
Correct Answer: A
QUESTION NO: 32
A company's Chief Information Security Officer (CISO) recently warned the security manager that the company's Chief Executive Officer (CEO) is planning to
publish a controversial option article in a national newspaper, which may result in new cyberattacks Which of the following would be BEST for the security
manager to use in a threat mode?
Chat now
https://www.actual4test.com/exam/SY0-601-questions 10/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
A. White-hat hackers
B. Insider threats
C. Script kiddies
D. Hacktivists
Hide answers/explanation
Correct Answer: D
QUESTION NO: 33
Which of the following techniques eliminates the use of rainbow tables for password cracking?
A. Tokenization
B. Salting
C. Asymmetric encryption
D. Hashing
Hide answers/explanation
Correct Answer: B
QUESTION NO: 34
After a WiFi scan of a local office was conducted, an unknown wireless signal was identified Upon investigation, an unknown Raspberry Pi device was found
connected to an Ethernet port using a single connection. Which of the following BEST describes the purpose of this device?
A. On-path attack
B. Evil twin
C. loT sensor
Hide answers/explanation
Correct Answer: D
QUESTION NO: 35
A security administrator suspects an employee has been emailing proprietary information to a competitor.
Company policy requires the administrator to capture an exact copy of the employee's hard disk. Which of the following should the administrator use?
A. logger
B. dd
C. dnsenum
D. chmod
Hide answers/explanation
Chat now
https://www.actual4test.com/exam/SY0-601-questions 11/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
Correct Answer: B
QUESTION NO: 36
A securily analysl has receved several reporls of an issue on an inlemal web application. Users state they are having to provide their credentials brice to log in. The
analyst checks with he application team and noles Unis is not an expected bohavier. After looking at several lags, the analysi deciies to in some commands on the
gateway and obtains the following output:
Which of the following BEST describes the attack the company is experiencing?
A. URL redirection
B. ARP paisoning
C. DNS hijacking
D. MAC fleoding
Hide answers/explanation
Correct Answer: B
QUESTION NO: 37
A security analyst needs to produce a document that details how a security incident occurred, the steps that were taken for recovery, and how future incidents can
be avoided. During which of the following stages of the response process will this activity take place?
A. Identification
B. Lessons learned
C. Preparation
D. Recovery
Hide answers/explanation
Correct Answer: B
QUESTION NO: 38
A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following
technologies would be BEST to balance the BYOD culture while also protecting the company's data?
A. Geofencing
B. Containerization
C. Full-disk encryption
D. Remote wipe
Hide answers/explanation
Correct Answer: C
Chat now
https://www.actual4test.com/exam/SY0-601-questions 12/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
QUESTION NO: 39
Which of the following prevents an employee from seeing a colleague who is visiting an inappropriate website?
B. NDA
D. AUP
Hide answers/explanation
Correct Answer: A
QUESTION NO: 40
A security analyst wants to verify that a client-server (non-web) application is sending encrypted traffic. Which of the following should the analyst use?
A. hping
B. openssl
C. tcpdump
D. netcat
Hide answers/explanation
Correct Answer: B
QUESTION NO: 41
hich of the following is the BEST method for ensuring non-repudiation?
A. Digital certificate
B. SSO
C. Token
D. SSH key
Hide answers/explanation
Correct Answer: A
QUESTION NO: 42
A network engineer and a security engineer are discussing ways to monitor network operations. Which of the following is the BEST method?
Chat now
https://www.actual4test.com/exam/SY0-601-questions 13/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
Hide answers/explanation
Correct Answer: A
QUESTION NO: 43
A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the
least delay to determine if the certificate has been revoked. Which of the following would BEST these requirement?
A. CSR
B. OCSP
C. CRL
D. RA
Hide answers/explanation
Correct Answer: C
EASY TO PASS
If you prepare for the exams using our Actual4test testing engine, It is easy to succeed for all certifications in the first attempt. You don't have to deal with all dumps or any free
torrent / rapidshare all stuff.
Chat now
https://www.actual4test.com/exam/SY0-601-questions 14/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
(https://www.actual4test.com)
Here are all the actual test exam dumps for IT exams. Most people prepare for the actual exams with our test dumps to pass their exams. So it's critical to choose and actual
test pdf to succeed.
Useful Links
ABOUT US (HTTPS://WWW.ACTUAL4TEST.COM/PAGE_ABOUT.HTML)
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Chat now
https://www.actual4test.com/exam/SY0-601-questions 15/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
Copyright © 2023 Actual4test NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy
(https://www.actual4test.com/page_privacy.html)
(https://www.facebook.com/sharer.php?u=https://www.actual4test.com/exam/SY0-601-questions)
(https://twitter.com/share?
original_referer=http%3A%2F%2Fwww.actual4test.com%2F&source=tweetbutton&text=Actual4test&url=https://www.actual4test.com/exam/SY0-
601-questions&via=)
(https://plus.google.com/share?url=https://www.actual4test.com/exam/SY0-601-questions)
(https://www.linkedin.com/cws/share?url=https://www.actual4test.com/exam/SY0-601-questions)
(https://pinterest.com/pin/create/button/?url=https://www.actual4test.com/exam/SY0-601-
questions&description=Actual4test&media=https://www.actual4test.com/_/a4t/imgs/product.jpg)
Disclaimer:
Actual4test doesn't offer Real (ISC)² Exam Questions.
Actual4test doesn't offer Real CompTIA Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates
Actual4test material do not contain actual actual Oracle Exam Questions or material.
Actual4test doesn't offer Real Microsoft Exam Questions.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation
Actual4test Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by
CFA Institute.
Actual4test does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help
learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. Actual4test does not own or claim any ownership on
any of the brands.
Chat now
https://www.actual4test.com/exam/SY0-601-questions 16/16