CompTIA SY0-601 Practice Test

Prepare smarter and boost your chances of success with our CompTIA SY0-601 Practice test. This test helps you assess your knowledge, pinpoint strengths, and target areas for improvement. Surveys and user data from multiple platforms show that individuals who use SY0-601 practice exam are 40–50% more likely to pass on their first attempt.

Start practicing today and take the fast track to becoming CompTIA SY0-601 certified.

18860 already prepared
Updated On : 13-Aug-2025
886 Questions
4.8/5.0

Page 18 out of 89 Pages

Topic 3: Exam Pool C

A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)

A.

Perform a site survey

B.

Deploy an FTK Imager

C.

Create a heat map

D.

Scan for rogue access points

E.

Upgrade the security protocols

F.

Install a captive portal

A.   

Perform a site survey


C.   

Create a heat map

A security analyst needs to be proactive in understand the types of attacks that could potentially target the company's execute. Which of the following intelligence sources should to security analyst review?

A.

Vulnerability feeds

B.

Trusted automated exchange of indicator information

C.

Structured threat information expression

D.

Industry information-sharing and collaboration groups

D.   

Industry information-sharing and collaboration groups

The SOC is reviewing process and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. The allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?

A.

Updating the playbooks with better decision points

B.

Dividing the network into trusted and untrusted zones

C.

Providing additional end-user training on acceptable use

D.

Implementing manual quarantining of infected hosts

A.   

Updating the playbooks with better decision points

In which of the following risk management strategies would cybersecurity insurance be used?

A.

Transference

B.

Avoidance

C.

Acceptance

D.

Mitigation

C.   

Acceptance

A company recently experienced a data breach and the source was determined to be an executive who was charging a phone in a public area. Which of the following would MOST likely have prevented this breach?

A.

A firewall

B.

A device pin

C.

A USB data blocker

D.

Biometrics

C.   

A USB data blocker



Explanation: https://www.promorx.com/blogs/blog/how-does-a-usb-data-blocker-work
Connecting via the data port of your mobile device, the Data Blockers creates a barrier
between your mobile device and the charging station. Your phone will draw power as
usual, allowing you to use it normally and charge it at the same time, but this clever piece
of equipment will prevent any data exchange.
“Malicious USB charging cables and plugs are also a widespread problem. As with card
skimming, a device may be placed over a public charging port at airports and other transit
locations. A USB data blocker can provide mitigation against these juice- jacking attacks by
preventing any sort of data transfer when the smartphone or laptop is connected to a
charge point ”

A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers'?

A.

A capture-the-flag competition

B.

A phishing simulation

C.

Physical security training

D.

Baste awareness training

B.   

A phishing simulation

An attacker is trying to gain access by installing malware on a website that is known to be
visited by the target victims. Which of the following is the attacker MOST likely attempting?

A.

spear-phishing attack

B.

A watering-hole attack

C.

Typo squatting

D.

A phishing attack

B.   

A watering-hole attack

In which of the following common use cases would steganography be employed?

A.

Obfuscation

B.

Integrity

C.

Non-repudiation

D.

Blockchain

A.   

Obfuscation

Following a prolonged datacenter outage that affected web-based sales, a company has
decided to move its operations to a private cloud solution. The security team has received
the following requirements:
• There must be visibility into how teams are using cloud-based services.
• The company must be able to identify when data related to payment cards is being sent
to the cloud.
• Data must be available regardless of the end user's geographic location
• Administrators need a single pane-of-glass view into traffic and trends.
Which of the following should the security analyst recommend?

A.

Create firewall rules to restrict traffic to other cloud service providers.

B.

Install a DLP solution to monitor data in transit.

C.

Implement a CASB solution.

D.

Configure a web-based content filter.

B.   

Install a DLP solution to monitor data in transit.

An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include: Check-in/checkout of credentials The ability to use but not know the password Automated password changes Logging of access to credentials
Which of the following solutions would meet the requirements?

A.

OAuth 2.0

B.

Secure Enclave

C.

A privileged access management system

D.

An OpenID Connect authentication system

D.   

An OpenID Connect authentication system
Page 18 out of 89 Pages
SY0-601 Practice Test Previous