CompTIA SY0-601 Practice Test

Prepare smarter and boost your chances of success with our CompTIA SY0-601 Practice test. This test helps you assess your knowledge, pinpoint strengths, and target areas for improvement. Surveys and user data from multiple platforms show that individuals who use SY0-601 practice exam are 40–50% more likely to pass on their first attempt.

Start practicing today and take the fast track to becoming CompTIA SY0-601 certified.

18860 already prepared
Updated On : 13-Aug-2025
886 Questions
4.8/5.0

Page 2 out of 89 Pages

Topic 3: Exam Pool C

In which of the following situations would it be BEST to use a detective control type for mitigation?

A.

company implemented a network load balancer to ensure 99.999% availability of itweb application.

B.

A company designed a backup solution to increase the chances of restoring services in case of a natural disaster.

C.

A company purchased an application-level firewall to isolate traffic between the
accounting department and the information technology department.

D.

A company purchased an IPS system, but after reviewing the requirements, the
appliance was supposed to monitor, not block, any traffic.

E.

A company purchased liability insurance for flood protection on all capital assets.

D.   

A company purchased an IPS system, but after reviewing the requirements, the
appliance was supposed to monitor, not block, any traffic.

A security analyst needs to implement an MDM solution for BYOD users that will allow the
company to retain control over company emails residing on the devices and limit data
exfiltration that might occur if the devices are lost or stolen. Which of the following would
BEST meet these requirements? (Select TWO).

A.

Full-device encryption

B.

Network usage rules

C.

Geofencing

D.

Containerization

E.

Application whitelisting

F.

Remote control

A.   

Full-device encryption


B.   

Network usage rules

The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve in the environment patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have been provided to frontline staff, and a risk analysis has not been performed. Which of the following is the MOST likely cause of the CRO’s concerns?

A.

SSO would simplify username and password management, making it easier for hackers to pass guess accounts.

B.

SSO would reduce password fatigue, but staff would still need to remember more complex passwords.

C.

SSO would reduce the password complexity for frontline staff.

D.

SSO would reduce the resilience and availability of system if the provider goes

D.   

SSO would reduce the resilience and availability of system if the provider goes

When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?

A.

Acceptance

B.

Mitigation

C.

Avoidance

D.

Transference

D.   

Transference

Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?

A.

MOU

B.

MTTR

C.

SLA

D.

NDA

C.   

SLA

Which of the following will MOST likely cause machine learning and Al-enabled systems to operate with unintended consequences?

A.

Stored procedures

B.

Buffer overflows

C.

Data bias

D.

Code reuse

A.   

Stored procedures

A network engineer needs to build a solution that will allow guests at the company’s headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet. Which of the following should the engineer employ to meet these requirements?

A.

Implement open PSK on the APs

B.

Deploy a WAF

C.

Configure WIPS on the APs

D.

Install a captive portal

D.   

Install a captive portal

Which of the following provides the BEST protection for sensitive information and data
stored in cloud-based services but still allows for full functionality and searchability of data
within the cloud-based services?

A.

Data encryption

B.

Data masking

C.

Anonymization

D.

Tokenization

A.   

Data encryption

An analyst needs to identify the applications a user was running and the files that were open before the user’s computer was shut off by holding down the power button. Which of the following would MOST likely contain that information?

A.

NGFW

B.

Pagefile

C.

NetFlow

D.

RAM

C.   

NetFlow

An organization's RPO for a critical system is two hours. The system is used Monday
through Friday, from 9:00 am to 5:00 pm. Currently, the organization performs a full backup
every Saturday that takes four hours to complete. Which of the following additional backup
implementations would be the BEST way for the analyst to meet the business
requirements?

A.

Incremental backups Monday through Friday at 6:00 p.m and differential backups hourly

B.

Full backups Monday through Friday at 6:00 p.m and incremental backups hourly.

C.

incremental backups Monday through Friday at 6:00 p.m and full backups hourly.

D.

Full backups Monday through Friday at 6:00 p.m and differential backups hourly

A.   

Incremental backups Monday through Friday at 6:00 p.m and differential backups hourly
Page 2 out of 89 Pages
SY0-601 Practice Test