CompTIA SY0-601 Practice Test

Prepare smarter and boost your chances of success with our CompTIA SY0-601 Practice test. This test helps you assess your knowledge, pinpoint strengths, and target areas for improvement. Surveys and user data from multiple platforms show that individuals who use SY0-601 practice exam are 40–50% more likely to pass on their first attempt.

Start practicing today and take the fast track to becoming CompTIA SY0-601 certified.

18860 already prepared
Updated On : 13-Aug-2025
886 Questions
4.8/5.0

Page 21 out of 89 Pages

Topic 3: Exam Pool C

Which of the following will MOST likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back-end LAMP server and OT systems with human-management interfaces that are accessible over the Internet via a web interface? (Choose two.)

A.

Cross-site scripting

B.

Data exfiltration

C.

Poor system logging

D.

Weak encryption

E.

SQL injection

F.

Server-side request forgery

D.   

Weak encryption


F.   

Server-side request forgery

A Chief Information Security Officer (CISO) is concerned about the organization's ability to
continue business operation in the event of a prolonged DDoS attack on its local
datacenter that consumes database resources. Which of the following will the CISO MOST likely recommend to mitigate this risk?

A.

Upgrade the bandwidth available into the datacenter

B.

Implement a hot-site failover location

C.

Switch to a complete SaaS offering to customers

D.

Iplement a challenge response test on all end-user queries

B.   

Implement a hot-site failover location

A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?

A.

Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis

B.

Restrict administrative privileges and patch ail systems and applications.

C.

Rebuild all workstations and install new antivirus software

D.

Implement application whitelisting and perform user application hardening

A.   

Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis

A cybersecurity administrator is using iptables as an enterprise firewall. The administrator
created some rules, but the network now seems to be unresponsive All connections are
being dropped by the firewall. Which of the following would be the BEST option to remove
the rules?

A.

# iptables -t mangle -X

B.

# iptables -F

C.

# iptables -Z

D.

# iptables -P INPUT -j DROP

D.   

# iptables -P INPUT -j DROP

A software developer needs to perform code-execution testing, black-box testing, and nonfunctional testing on a new product before its general release. Which of the following BEST describes the tasks the developer is conducting?

A.

Verification

B.

Validation

C.

Normalization

D.

Staging

A.   

Verification

A root cause analysis reveals that a web application outage was caused by one of the company’s developers uploading a newer version of the third-party libraries that were shared among several applications. Which of the following implementations would be BEST to prevent the issue from reoccurring?

A.

CASB

B.

SWG

C.

Containerization

D.

Automated failover

C.   

Containerization

A security engineer needs to Implement the following requirements:
• All Layer 2 switches should leverage Active Directory tor authentication.
• All Layer 2 switches should use local fallback authentication If Active Directory Is offline.
• All Layer 2 switches are not the same and are manufactured by several vendors.
Which of the following actions should the engineer take to meet these requirements?
(Select TWO).

A.

Implement RADIUS.

B.

Configure AAA on the switch with local login as secondary.

C.

Configure port security on the switch with the secondary login method.

D.

Implement TACACS+

E.

Enable the local firewall on the Active Directory server.

F.

Implement a DHCP server.

A.   

Implement RADIUS.


B.   

Configure AAA on the switch with local login as secondary.

MOST likely trying to protect against.

A.

Loss of proprietary information

B.

Damage to the company’s reputation

C.

Social engineering

D.

Credential exposure

C.   

Social engineering

Which of the following environments minimizes end-user disruption and is MOST likely to
be used to assess the impacts of any database migrations or major system changes by
using the final version of the code?

A.

Staging

B.

Test

C.

Production

D.

Development

B.   

Test

A security analyst is performing a packet capture on a series of SOAP HTTP requests for a
security assessment. The analyst redirects the output to a file After the capture is complete,
the analyst needs to review the first transactions quickly and then search the entire series
of requests for a particular string Which of the following would be BEST to use to
accomplish the task? (Select TWO).

A.

head

B.

Tcpdump

C.

grep

D.

rail

E.

curl

F.

F. openssi

G.

dd

A.   

head


C.   

grep
Page 21 out of 89 Pages
SY0-601 Practice Test Previous