CompTIA Security+ Exam - SY0-601 Free Exam Questions (2023)

Download as pdf or txt
Download as pdf or txt
You are on page 1of 16

3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

Limited Time Discount Offer! 15% Off - Ends in 02:11:40 - Use Discount Coupon Code A4T2023

Input your exam code ... 

CompTIA Security+ Exam - SY0-601 Free Exam Questions

QUESTION NO: 1
After a phishing scam fora user's credentials, the red team was able to craft payload to deploy on a server. The attack allowed the installation of malicious software
that initiates a new remote session Which of the following types of attacks has occurred?

A. Directory traversal

B. Privilege escalation

C. Application programming interface

D. Session replay

Hide answers/explanation

Correct Answer: B

QUESTION NO: 2
Which of the following in a forensic investigation should be priorities based on the order of volatility? (Select TWO).

A. RAM

B. Stored files

C. Page files

D. HDD

E. Event logs

F. Cache

Hide answers/explanation

Correct Answer: C,F

QUESTION NO: 3
An organization would like to remediate the risk associated with its cloud service provider not meeting its advertised 99.999% availability metrics. Which of the
following should the organization consult for the exact requirements for the cloud provider?

A. SLA

Chat now

https://www.actual4test.com/exam/SY0-601-questions 1/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

B. MOU

C. NDA

D. BPA

Hide answers/explanation

Correct Answer: A

QUESTION NO: 4
An attacked is attempting to exploit users by creating a fake website with the URL www.validwebsite.com.
The attacker's intent is to imitate the look and feel of a legitimate website to obtain personal information from unsuspecting users. Which of the following social-
engineering attacks does this describe?

A. Impersonation

B. Information elicitation

C. Watering-hole attack

D. Type squatting

Hide answers/explanation

Correct Answer: C

QUESTION NO: 5
A SOC is implementing an insider-threat-detection program. The primary concern is that users may be accessing confidential data without authorization. Which of
the following should be deployed to detect a potential insider threat?

A. File integrity monitoring

B. ADMZ

C. honeyfile

D. DLP

Hide answers/explanation

Correct Answer: C

QUESTION NO: 6
An attacker has determined the best way to impact operations is to infiltrate third-party software vendors. Which of the following vectors is being exploited?

A. Social engineering

B. Social media

C. Supply chain

D. Cloud

Hide answers/explanation

Correct Answer: A
Chat now

https://www.actual4test.com/exam/SY0-601-questions 2/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

QUESTION NO: 7
A security researcher has aferted an organuzation that its sensifive user data was found for sale on a website. Which af the followang should the organzabon use
to inform the affected partes?

A. A communications plan

B. A disaster recovery plan

C. A business continuity plan

D. A An incident response plan

Hide answers/explanation

Correct Answer: D

QUESTION NO: 8
An organization maintains several environments in which patches are developed and tested before deployed to an operation status. Which of the following is the
environment in which patches will be deployed just prior to being put into an operational status?

A. Test

B. Production

C. Development

D. Staging

Hide answers/explanation

Correct Answer: D

Explanation: (Only visible for Actual4test members)

QUESTION NO: 9
An analyst needs to identify the applications a user was running and the files that were open before the user's computer was shut off by holding down the power
button. Which of the following would MOST likely contain that information?

A. Pagefile

B. NetFlow

C. RAM

D. NGFW

Hide answers/explanation

Correct Answer: B

QUESTION NO: 10
A security analyst discovers several .jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a
forensics tool to gather file metadat a. Which of the following would be part of the images if all the metadata is still intact?

A. The total number of print jobs


Chat now

https://www.actual4test.com/exam/SY0-601-questions 3/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

B. The GPS location

C. When the file was deleted

D. The number of copies made

Hide answers/explanation

Correct Answer: B

QUESTION NO: 11
The IT department at a university is concerned about professors placing servers on the university network in an attempt to bypass security controls. Which of the
following BEST represents this type of threat?

A. Hacktivism

B. White-hat

C. Shadow IT

D. A script kiddie

Hide answers/explanation

Correct Answer: C

QUESTION NO: 12
it a current private key is compromised, which of the following would ensure it cannot be used to decrypt ail historical data?

A. Eiliptic-curve cryptography

B. Key stretching

C. Homomorphic encryption

D. Pertect forward secrecy

Hide answers/explanation

Correct Answer: A

QUESTION NO: 13
An information security officer at a credit card transaction company is conducting a framework-mapping exercise with the internal controls. The company recently
established a new office in Europe. To which of the following frameworks should the security officer map the existing controls? (Select TWO).

A. soc

B. PCI DSS

C. Iso

D. CSA

E. NIST

F. GDPR

Hide answers/explanation

Chat now

https://www.actual4test.com/exam/SY0-601-questions 4/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

Correct Answer: B,F

QUESTION NO: 14
A junior security analyst iss conducting an analysis after passwords were changed on multiple accounts without users' interaction. The SIEM have multiple logtn
entnes with the following text:

Which of Ihe following is the MOST likely attack conducted on the environment?

A. DNS poisoning

B. Malicious script

C. Privilege escalation

D. Doman hijacking

Hide answers/explanation

Correct Answer: B

QUESTION NO: 15
The findings in a consultant's report indicate the most critical risk to the security posture from an incident response perspective is a lack of workstation and server
investigation capabilities. Which of the following should be implemented to remediate this risk?

A. FDE

B. HIDS

C. NGFW

D. EDR

Hide answers/explanation

Correct Answer: D

Explanation: (Only visible for Actual4test members)

QUESTION NO: 16
A tax organization is working on a solution to validate the online submission of documents The solution should be earned on a portable USB device that should be
inserted on any computer that is transmitting a transaction securely. Which of the following is the BEST certificate for these requirements?

A. User certificate

B. Self-signed certificate

C. Root certificate

D. Computer certificate

Hide answers/explanation

Correct Answer: C

Chat now

https://www.actual4test.com/exam/SY0-601-questions 5/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

QUESTION NO: 17
A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller
and finds the following events:

To better understand what is going on, the analyst runs a command and receives the following output:

Based on the analyst's findings, which of the following attacks is being executed?

A. Brute-force

B. Spraying

C. Keylogger

D. Credential harvesting

Hide answers/explanation

Correct Answer: B

Explanation: (Only visible for Actual4test members)

QUESTION NO: 18
A company has decovered unauthorized devices are using its WiFi network, and it wants to harden the access point to imporve security. Which f the following
configuration shoujld an analysis enable To improve security? (Select TWO.)

A. PEAP

B. SSL

C. WPA2-PSK

D. WEP-EKIP

E. WPS

F. RADIUS

Hide answers/explanation

Correct Answer: C,D

QUESTION NO: 19
A security administrator has noticed unusual activity occurring between different global instances and workloads and needs to identify the
Chatsource 
nowof the unusual

https://www.actual4test.com/exam/SY0-601-questions 6/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
traffic. Which of the following log sources would be BEST to show the source of the unusual traffic?

A. HIDS

B. UEBA

C. CASB

D. VPC

Hide answers/explanation

Correct Answer: C

QUESTION NO: 20
Which of the following technical controls is BEST suited for the detection and prevention of buffer overflows on hosts?

A. HIDS

B. EDR

C. NIPS

D. DLP

Hide answers/explanation

Correct Answer: B

QUESTION NO: 21
The Chief Executive Officer announced a new partnership with a strategic vendor and asked the Chief Information Security Officer to federate user digital identities
using SAML-based protocols. Which of the following will this enable?

A. PKI

B. OLP

C. SSO

D. MFA

Hide answers/explanation

Correct Answer: C

QUESTION NO: 22
A company reduced the area utilized in its datacenter by creating virtual networking through automation and by creating provisioning routes and rules through
scripting. Which of the following does this example describe?

A. SaaS

B. laC

C. Containers

D. MSSP

Hide answers/explanation
Chat now

https://www.actual4test.com/exam/SY0-601-questions 7/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

Correct Answer: B

QUESTION NO: 23
A security analyst needs to complete an assessment. The analyst is logged into a server and must use native tools to map services running on it to the server's
listening ports. Which of the following tools can BEST accomplish this talk?

A. Nessus

B. Netcat

C. Netstat

D. Nmap

Hide answers/explanation

Correct Answer: C

QUESTION NO: 24
Which of the following actions would be recommended to improve an incident response process?

A. Contact the authorities if a cybercrime is suspected

B. Train the team to identify the difference between events and incidents

C. Restrict communication surrounding the response to the IT team

D. Modify access so the IT team has full access to the compromised assets

Hide answers/explanation

Correct Answer: B

QUESTION NO: 25
An organization is developing an authentication service for use at the entry and exit ports of country borders.
The service will use data feeds obtained from passport systems, passenger manifests, and high-definition video feeds from CCTV systems that are located at the
ports. The service will incorporate machine-learning techniques to eliminate biometric enrollment processes while still allowing authorities to identify passengers
with increasing accuracy over time. The more frequently passengers travel, the more accurately the service will identify them. Which of the following biometrics
will MOST likely be used, without the need for enrollment? (Choose two.)

A. Gait

B. Vein

C. Fingerprint

D. Facial

E. Retina

F. Voice

Hide answers/explanation

Correct Answer: A,D

Chat now

https://www.actual4test.com/exam/SY0-601-questions 8/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
QUESTION NO: 26
A security administrator is trying to determine whether a server is vulnerable to a range of attacks. After using a tool, the administrator obtains the following
output:

Which of the following attacks was successfully implemented based on the output?

A. Directory traversal

B. Memory leak

C. SQL injection

D. Race conditions

Hide answers/explanation

Correct Answer: A

QUESTION NO: 27
A company installed several crosscut shredders as part of increased information security practices targeting data leakage risks. Which of the following will this
practice reduce?

A. Information elicitation

B. Shoulder surfing

C. Dumpster diving

D. Credential harvesting

Hide answers/explanation

Correct Answer: C

QUESTION NO: 28
The technology department at a large global company is expanding its Wi-Fi network infrastructure at the headquarters building Which of the following should be
closely coordinated between the technology, cybersecurity, and physical security departments?

A. VPN configuration

B. WAP placement

C. Authentication protocol

D. Encryption type

Hide answers/explanation

Correct Answer: C

QUESTION NO: 29
Against the recommendation of the IT security analyst, a company set all user passwords on a server as "P@)55wOrD". Upon review of the /etc/pesswa file, an
attacker found the following:
Chat now

https://www.actual4test.com/exam/SY0-601-questions 9/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

hich of the following BEST explains why the encrypted passwords do not match?

A. Salting

B. Key stretching

C. Perfect forward secrecy

D. Hashing

Hide answers/explanation

Correct Answer: A

QUESTION NO: 30
An engineer wants to access sensitive data from a corporate-owned mobile device. Personal data is not allowed on the device. Which of the following MDM
configurations must be considered when the engineer travels for business?

A. Geofencing

B. Application management

C. Containerization

D. Screen locks

Hide answers/explanation

Correct Answer: C

QUESTION NO: 31
Field workers in an organization are issued mobile phones on a daily basis All the work is performed within one city and the mobile phones are not used for any
purpose other than work The organization does not want these pnones used for personal purposes. The organization would like to issue the phones to workers as
permanent devices so the pnones do not need to be reissued every day Qven the conditions described, which of the following technologies would BEST meet
these requirements'

A. Mobile device management

B. Geofencing

C. Containenzation

D. Remote wiping

Hide answers/explanation

Correct Answer: A

QUESTION NO: 32
A company's Chief Information Security Officer (CISO) recently warned the security manager that the company's Chief Executive Officer (CEO) is planning to
publish a controversial option article in a national newspaper, which may result in new cyberattacks Which of the following would be BEST for the security
manager to use in a threat mode? 
Chat now

https://www.actual4test.com/exam/SY0-601-questions 10/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

A. White-hat hackers

B. Insider threats

C. Script kiddies

D. Hacktivists

Hide answers/explanation

Correct Answer: D

QUESTION NO: 33
Which of the following techniques eliminates the use of rainbow tables for password cracking?

A. Tokenization

B. Salting

C. Asymmetric encryption

D. Hashing

Hide answers/explanation

Correct Answer: B

Explanation: (Only visible for Actual4test members)

QUESTION NO: 34
After a WiFi scan of a local office was conducted, an unknown wireless signal was identified Upon investigation, an unknown Raspberry Pi device was found
connected to an Ethernet port using a single connection. Which of the following BEST describes the purpose of this device?

A. On-path attack

B. Evil twin

C. loT sensor

D. Rogue access point

Hide answers/explanation

Correct Answer: D

QUESTION NO: 35
A security administrator suspects an employee has been emailing proprietary information to a competitor.
Company policy requires the administrator to capture an exact copy of the employee's hard disk. Which of the following should the administrator use?

A. logger

B. dd

C. dnsenum

D. chmod

Hide answers/explanation

Chat now

https://www.actual4test.com/exam/SY0-601-questions 11/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

Correct Answer: B

QUESTION NO: 36
A securily analysl has receved several reporls of an issue on an inlemal web application. Users state they are having to provide their credentials brice to log in. The
analyst checks with he application team and noles Unis is not an expected bohavier. After looking at several lags, the analysi deciies to in some commands on the
gateway and obtains the following output:

Which of the following BEST describes the attack the company is experiencing?

A. URL redirection

B. ARP paisoning

C. DNS hijacking

D. MAC fleoding

Hide answers/explanation

Correct Answer: B

QUESTION NO: 37
A security analyst needs to produce a document that details how a security incident occurred, the steps that were taken for recovery, and how future incidents can
be avoided. During which of the following stages of the response process will this activity take place?

A. Identification

B. Lessons learned

C. Preparation

D. Recovery

Hide answers/explanation

Correct Answer: B

QUESTION NO: 38
A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following
technologies would be BEST to balance the BYOD culture while also protecting the company's data?

A. Geofencing

B. Containerization

C. Full-disk encryption

D. Remote wipe

Hide answers/explanation

Correct Answer: C 
Chat now

https://www.actual4test.com/exam/SY0-601-questions 12/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

QUESTION NO: 39
Which of the following prevents an employee from seeing a colleague who is visiting an inappropriate website?

A. Job rotation policy

B. NDA

C. Separation Of duties policy

D. AUP

Hide answers/explanation

Correct Answer: A

QUESTION NO: 40
A security analyst wants to verify that a client-server (non-web) application is sending encrypted traffic. Which of the following should the analyst use?

A. hping

B. openssl

C. tcpdump

D. netcat

Hide answers/explanation

Correct Answer: B

QUESTION NO: 41
hich of the following is the BEST method for ensuring non-repudiation?

A. Digital certificate

B. SSO

C. Token

D. SSH key

Hide answers/explanation

Correct Answer: A

QUESTION NO: 42
A network engineer and a security engineer are discussing ways to monitor network operations. Which of the following is the BEST method?

A. Disable Telnet and force SSH.

B. Establish a continuous ping.

C. Enable SNMPv3 With passwords.

D. Utilize an agentless monitor

Chat now

https://www.actual4test.com/exam/SY0-601-questions 13/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

Hide answers/explanation

Correct Answer: A

QUESTION NO: 43
A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the
least delay to determine if the certificate has been revoked. Which of the following would BEST these requirement?

A. CSR

B. OCSP

C. CRL

D. RA

Hide answers/explanation

Correct Answer: C

QUALITY AND VALUE


Actual4test Practice Exams are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development - no all
study materials.

TESTED AND APPROVED


We are committed to the process of vendor and third party approvals. We believe professionals and executives alike deserve the confidence of quality coverage these
authorizations provide.

EASY TO PASS
If you prepare for the exams using our Actual4test testing engine, It is easy to succeed for all certifications in the first attempt. You don't have to deal with all dumps or any free
torrent / rapidshare all stuff.

Chat now

https://www.actual4test.com/exam/SY0-601-questions 14/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]

TRY BEFORE BUY


Actual4test offers free demo of each product. You can check out the interface, question quality and usability of our practice exams before you decide to buy.

(https://www.actual4test.com)

Here are all the actual test exam dumps for IT exams. Most people prepare for the actual exams with our test dumps to pass their exams. So it's critical to choose and actual
test pdf to succeed.

Latest Actual Test

NSE4_FGT-7.0-JPN actual test (https://www.actual4test.com/NSE4_FGT-7.0-JPN_examcollection.html)


May 28, 2022

MB-800-Deutsch actual test (https://www.actual4test.com/MB-800-Deutsch_examcollection.html)


May 28, 2022

Manufacturing-Cloud-Professional actual test (https://www.actual4test.com/Manufacturing-Cloud-Professional_examcollection.html)


May 28, 2022

P-C4H340-24 actual test (https://www.actual4test.com/P-C4H340-24_examcollection.html)


May 28, 2022

Useful Links

ALL PRODUCTS (HTTPS://WWW.ACTUAL4TEST.COM/ALLPRODUCTS.PHP) 

FREQUENTLY ASKED QUESTIONS (HTTPS://WWW.ACTUAL4TEST.COM/PAGE_FAQS.HTML) 

GUARANTEE & REFUND POLICY (HTTPS://WWW.ACTUAL4TEST.COM/PAGE_GUARANTEE.HTML) 

HOW TO BUY? (HTTPS://WWW.ACTUAL4TEST.COM/PAGE_HOWTOBUY.HTML) 

ABOUT US (HTTPS://WWW.ACTUAL4TEST.COM/PAGE_ABOUT.HTML) 

Contact Us

Our Working Time: ( GMT 0:00-15:00 )


From Monday to Saturday

Support: Contact now  (https://www.actual4test.com/contact.php)

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Chat now

https://www.actual4test.com/exam/SY0-601-questions 15/16
3/3/23, 6:13 PM CompTIA Security+ Exam - SY0-601 Free Exam Questions [2023]
Copyright © 2023 Actual4test NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy
(https://www.actual4test.com/page_privacy.html)

 (https://www.facebook.com/sharer.php?u=https://www.actual4test.com/exam/SY0-601-questions)
 (https://twitter.com/share?
original_referer=http%3A%2F%2Fwww.actual4test.com%2F&source=tweetbutton&text=Actual4test&url=https://www.actual4test.com/exam/SY0-
601-questions&via=)
 (https://plus.google.com/share?url=https://www.actual4test.com/exam/SY0-601-questions)
 (https://www.linkedin.com/cws/share?url=https://www.actual4test.com/exam/SY0-601-questions)
 (https://pinterest.com/pin/create/button/?url=https://www.actual4test.com/exam/SY0-601-
questions&description=Actual4test&media=https://www.actual4test.com/_/a4t/imgs/product.jpg)

Disclaimer:
Actual4test doesn't offer Real (ISC)² Exam Questions.
Actual4test doesn't offer Real CompTIA Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates
Actual4test material do not contain actual actual Oracle Exam Questions or material.
Actual4test doesn't offer Real Microsoft Exam Questions.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation
Actual4test Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by
CFA Institute.
Actual4test does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help
learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. Actual4test does not own or claim any ownership on
any of the brands.

Chat now

https://www.actual4test.com/exam/SY0-601-questions 16/16

You might also like