Weekend Sale 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Free CompTIA SY0-601 Practice Exam with Questions & Answers | Set: 5

Questions 81

A security analyst is reviewing packet capture data from a compromised host On the In the packet capture. analyst locates packets that contain large of text, Which Of following is most likely installed on compromised host?

Options:
A.

Keylogger

B.

Spyware

C.

Torjan

D.

Ransomware

CompTIA SY0-601 Premium Access
Questions 82

A contractor overhears a customer recite their credit card number during a confidential phone call. The credit card Information is later used for a fraudulent transaction. Which of the following social engineering techniques describes this scenario?

Options:
A.

Shoulder surfing

B.

Watering hole

C.

Vishing

D.

Tailgating

Questions 83

A user is trying to upload a tax document, which the corporate finance department requested, but a security program IS prohibiting the upload A security analyst determines the file contains Pll, Which of

the following steps can the analyst take to correct this issue?

Options:
A.

Create a URL filter with an exception for the destination website.

B.

Add a firewall rule to the outbound proxy to allow file uploads

C.

Issue a new device certificate to the user's workstation.

D.

Modify the exception list on the DLP to allow the upload

Questions 84

A network administrator needs to determine Ihe sequence of a server farm's logs. Which of the following should the administrator consider? (Select TWO).

Options:
A.

Chain of custody

B.

Tags

C.

Reports

D.

Time stamps

E.

Hash values

F.

Time offset

Questions 85

A security administrator is compiling information from all devices on the local network in order to gain better visibility into user activities. Which of the following is the best solution to meet

this objective?

Options:
A.

SIEM

B.

HIDS

C.

CASB

D.

EDR

Questions 86

A website user is locked out of an account after clicking an email link and visiting a different website. Web server logs show the user’s password was changed, even though the user did not change the password. Which of the following is the most likely cause?

Options:
A.

Cross-site request forgery

B.

Directory traversal

C.

ARP poisoning

D.

SQL injection

Questions 87

Security controls in a data center are being reviewed to ensure data is properly protected and that human life considerations are included. Which of the following best describes how the controls should be set up?

Options:
A.

Remote access points should fail closed.

B.

Logging controls should fail open.

C.

Safety controls should fail open.

D.

Logical security controls should fail closed.

Questions 88

A security analyst is working with a vendor to get a new SaaS application deployed to an enterprise. The analyst wants to ensure role-based security policies are correctly applied as users access the application. Which of the following is most likely to solve the issue?

Options:
A.

CASB

B.

AUP

C.

NG-SWG

D.

VPC endpoint

Questions 89

experienced railed log-in attempts when authenticating from the same IP address:

184.168.131.241 - userA - failed authentication

184.168.131.241 - userA - failed authentication

184.168.131.241 - userB - failed authentication

184.168.131.241 - userB - failed authentication

184.168.131.241 - userC - failed authentication

184.168.131.241 - userC - failed authentication

Which of the following most likely describes the attack that took place?

Options:
A.

Spraying

B.

Brute-force

C.

Dictionary

D.

Rainbow table

Questions 90

A company needs to keep the fewest records possible, meet compliance needs, and ensure destruction of records that are no longer needed. Which of the following best describes the policy that meets these requirements?

Options:
A.

Security policy

B.

Classification policy

C.

Retention policy

D.

Access control policy

Questions 91

Visitors to a secured facility are required to check in with a photo ID and enter the facility through an access control vestibule. Which of the following best describes this form of security control?

Options:
A.

Physical

B.

Managerial

C.

Technical

D.

Operational

Questions 92

Which of the following techniques would most likely be used as a part of an insider threat reduction strategy to uncover relevant indicators?

Options:
A.

Blocking known file sharing sites

B.

Requiring credit monitoring

C.

Implementing impossible travel alerts

D.

Performing security awareness training

Questions 93

Which of the following best describes a threat actor who is attempting to use commands found on a public code repository?

Options:
A.

Script kiddie

B.

State actor

C.

Insider threat

D.

Competitor espionage

Questions 94

A security analyst needs to harden access to a network. One of the requirements is to authenticate users with smart cards. Which of the following should the analyst enable to best meet this requirement?

Options:
A.

CHAP

B.

PEAP

C.

MS-CHAPv2

D.

EAP-TLS

Questions 95

A security analyst is assessing several company firewalls. Which of the following tools would the analyst most likely use to generate custom packets to use during the assessment?

Options:
A.

hping

B.

Wireshark

C.

PowerShell

D.

netstat

Questions 96

A software company has a shared codebase for multiple projects using the following strategy:

• Unused features are deactivated but still present on the code.

• New customer requirements trigger additional development work.

Which of the following will most likely occur when the company uses this strategy?

Options:
A.

Malicious code

B.

Dead code

C.

Outsourced code

D.

Code obfuscation

Questions 97

Which of the following best describes the tolerances a security architect follows when designing a control environment?

Options:
A.

Control risk

B.

Risk register

C.

Risk appetite

D.

Inherent risk

Questions 98

Which of the following would be the best way to block unknown programs from executing?

Options:
A.

Access control list

B.

Application allow list

C.

Host-based firewall

D.

DLP solution

Questions 99

Which of the following best describes an environment where a business owns the application and operating system but requires the resources to host them in the cloud?

Options:
A.

laaS

B.

XaaS

C.

PaaS

D.

SaaS

Questions 100

Which of the following is most likely associated with introducing vulnerabilities on a corporate network by the deployment of unapproved software?

Options:
A.

Hacktivists

B.

Script kiddies'

C.

Competitors

D.

Shadow IT

Exam Code: SY0-601
Certification Provider: CompTIA
Exam Name: CompTIA Security+ Exam 2023
Last Update: Jul 19, 2025
Questions: 1063

CompTIA Related Exams

How to pass CompTIA SY0-701 - CompTIA Security+ Exam 2024 Exam
DA0-002 - CompTIA Data+ Exam (2025)
PK0-005 - CompTIA Project+ Certification (2024)
CV0-003 - CompTIA Cloud+ Certification Exam
CS0-003 - CompTIA CyberSecurity Analyst CySA+ Certification Exam
CV0-004 - CompTIA Cloud+ (2024)
CLO-002 - CompTIA Cloud Essentials+
DS0-001 - CompTIA DataSys+ Certification Exam
CNX-001 - CompTIA CloudNetX Exam
220-1102 - CompTIA A+ Certification Core 2 Exam
DY0-001 - CompTIA Data Science Certification Exam
DA0-001 - CompTIA Data+ Certification Exam
N10-008 - CompTIA Network+ Exam
220-1101 - CompTIA A+ Certification Exam: Core 1
CAS-004 - CompTIA Advanced Security Practitioner (CASP+) Exam
CompTIA Free Access
Get CompTIA Full Access

CompTIA Free Exams
CompTIA Free Exams
Examstrack offers comprehensive free resources and practice tests for CompTIA exams.