CompTIA SY0-601 Practice Test

Prepare smarter and boost your chances of success with our CompTIA SY0-601 Practice test. This test helps you assess your knowledge, pinpoint strengths, and target areas for improvement. Surveys and user data from multiple platforms show that individuals who use SY0-601 practice exam are 40–50% more likely to pass on their first attempt.

Start practicing today and take the fast track to becoming CompTIA SY0-601 certified.

18860 already prepared
Updated On : 13-Aug-2025
886 Questions
4.8/5.0

Page 11 out of 89 Pages

Topic 3: Exam Pool C

A security analyst is reviewing logs on a server and observes the following output:

Which of the following is the security analyst observing?

A.

A rainbow table attack

B.

A password-spraying attack

C.

A dictionary attack

D.

A keylogger attack

C.   

A dictionary attack

A company’s bank has reported that multiple corporate credit cards have been stolen over the past several weeks. The bank has provided the names of the affected cardholders to the company’s forensics team to assist in the cyber-incident investigation. An incident responder learns the following information:
The timeline of stolen card numbers corresponds closely with affected users
making Internet-based purchases from diverse websites via enterprise desktop
PCs.
All purchase connections were encrypted, and the company uses an SSL
inspection proxy for the inspection of encrypted traffic of the hardwired network.
Purchases made with corporate cards over the corporate guest WiFi network,
where no SSL inspection occurs, were unaffected.
Which of the following is the MOST likely root cause?

A.

HTTPS sessions are being downgraded to insecure cipher suites

B.

The SSL inspection proxy is feeding events to a compromised SIEM

C.

The payment providers are insecurely processing credit card charges

D.

The adversary has not yet established a presence on the guest WiFi network

C.   

The payment providers are insecurely processing credit card charges

The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern?

A.

install a smart meter on the staff WiFi.

B.

Place the environmental systems in the same DHCP scope as the staff WiFi.

C.

Implement Zigbee on the staff WiFi access points.

D.

Segment the staff WiFi network from the environmental systems network.

B.   

Place the environmental systems in the same DHCP scope as the staff WiFi.

A user reports constant lag and performance issues with the wireless network whenworking at a local coffee shop. A security analyst walks the user through an installation ofWireshark and get a five-minute pcap to analyze. The analyst observes the following output:

Which of the following attacks does the analyst MOST likely see in this packet capture?

A.

Session replay

B.

Evil twin

C.

Bluejacking

D.

ARP poisoning

B.   

Evil twin

A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals, typically within four minutes of services being restored. Outages continue throughout the day, impacting all inbound and outbound connections and services. Services that are limited to the local LAN or WiFi network are not impacted, but all WAN and VoIP services are affected. Later that day, the edge-router manufacturer releases a CVE outlining the ability of an attacker to exploit the SIP protocol handling on devices, leading to resource exhaustion and system reloads. Which of the following BEST describe this type of attack? (Choose

A.

DoS

B.

SSL stripping

C.

Memory leak

D.

Race condition

E.

Shimming

F.

Refactoring

A.   

DoS


D.   

Race condition

A security analyst is reviewing the following attack log output

Which of the following types of attacks does this MOST likely represent?

A.

Rainbow table

B.

Brute-force

C.

Password-spraying

D.

Dictionary

C.   

Password-spraying

A security analyst discovers that a company username and password database was posted on an internet forum. The username and passwords are stored in plan text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?

A.

Create DLP controls that prevent documents from leaving the network

B.

Imment salting and hashing

C.

Configure the web content filter to block access to the forum.

D.

Increase password complexity requirements

A.   

Create DLP controls that prevent documents from leaving the network

A security analyst is looking for a solution to help communicate to the leadership team the seventy levels of the organization’s vulnerabilities. Which of the following would BEST meet this need?

A.

CVE

B.

SIEM

C.

SOAR

D.

CVSS

D.   

CVSS

A critical file server is being upgraded and the systems administrator must determine which
RAID level the new server will need to achieve parity and handle two simultaneous disk
failures. Which of the following RAID levels meets this requirements?

A.

RAID 0+1

B.

RAID 2

C.

RAID 5

D.

RAID 6

C.   

RAID 5

Under GDPR, which of the following is MOST responsible for the protection of privacy and
website user rights?

A.

The data protection officer

B.

The data processor

C.

The data owner

D.

The data controller

C.   

The data owner
Page 11 out of 89 Pages
SY0-601 Practice Test Previous