CompTIA SY0-601 Practice Test

Prepare smarter and boost your chances of success with our CompTIA SY0-601 Practice test. This test helps you assess your knowledge, pinpoint strengths, and target areas for improvement. Surveys and user data from multiple platforms show that individuals who use SY0-601 practice exam are 40–50% more likely to pass on their first attempt.

Start practicing today and take the fast track to becoming CompTIA SY0-601 certified.

18860 already prepared
Updated On : 13-Aug-2025
886 Questions
4.8/5.0

Page 25 out of 89 Pages

Topic 5: Exam Pool E (NEW)

A Chief Information Officer receives an email stating a database will be encrypted within 24 hours unless a payment of $20,000 is credited to the account mentioned In the email. This BEST describes a scenario related to:

A.

whaling.

B.

smishing.

C.

spear phishing

D.

vishing

C.   

spear phishing

A nationwide company is experiencing unauthorized logins at all hours of the day. The
logins appear to originate from countries in which the company has no employees. Which
of the following controls.
should the company consider using as part of its IAM strategy? (Select TWO).

A.

A complex password policy

B.

Geolocation

C.

An impossible travel policy

D.

Self-service password reset

E.

Geofencing

F.

Time-based logins

A.   

A complex password policy


B.   

Geolocation

A systems administrator needs to install the same X.509 certificate on multiple servers. Which of the following should the administrator use?

A.

Key escrow

B.

A self-signed certificate

C.

Certificate chaining

D.

An extended validation certificate

C.   

Certificate chaining

During an investigation, a security manager receives notification from local authorities mat
company proprietary data was found on a former employees home computer, The former
employee’s corporate workstation has since been repurposed, and the data on the hard
drive has been overwritten Which of the following would BEST provide the security
manager with enough details to determine when the data was removed from the company
network?

A.

Properly congured hosts with security logging

B.

Properly congured endpoint security tool with darting

C.

Properly congured SIEM with retention policies

D.

Properly congured USB blocker with encryption

A.   

Properly congured hosts with security logging

The new Chief Executive Officer (CEO) of a large company has announced a partnership
with a vendor that will provide multiple collaboration applications t
make remote work easier. The company has a geographically dispersed staff located in
numerous remote offices in different countries. The company's IT
administrators are concerned about network traffic and load if all users simultaneously
download the application. Which of the following would work BEST to
allow each geographic region to download the software without negatively impacting the
corporate network?

A.

Update the host IDS rules.

B.

Enable application whitelisting

C.

Modify the corporate firewall rules

D.

Deploy all applications simultaneously.

B.   

Enable application whitelisting

A grocery store is expressing security and reliability concerns regarding the on-site backup
strategy currently being performed by locally attached disks. The main concerns are the
physical security of the backup media and the durability of the data stored on these devices
Which of the following is a cost-effective approach to address these concerns?

A.

Enhance resiliency by adding a hardware RAID.

B.

Move data to a tape library and store the tapes off site

C.

Install a local network-attached storage.

D.

Migrate to a cloud backup solution

D.   

Migrate to a cloud backup solution

A security analyst is reviewing the following output from a system:

Which of the following is MOST likely being observed?

A.

ARP poisoning

B.

Man in the middle

C.

Denial of service

D.

DNS poisoning

C.   

Denial of service

Which of the following is a reason why an organization would define an AUP?

A.

To define the lowest level of privileges needed for access and use of the organization's resources.

B.

To define the set of rules and behaviors for users of the organization's IT systems

C.

To define the intended partnership between two organizations

D.

To define the availability and reliability characteristics between an IT provider and
consumer

A.   

To define the lowest level of privileges needed for access and use of the organization's resources.

An organization's finance department is implementing a policy to protect against collusion.
Which of the following control types and corresponding procedures should the
organization implement to fulfill this policy's requirement? (Select TWO).

A.

Corrective

B.

Deterrent

C.

Preventive

D.

Mandatory vacations

E.

Job rotation

F.

Separation of duties

D.   

Mandatory vacations


E.   

Job rotation

An.. that has a large number of mobile devices is exploring enhanced security controls to
manage unauthorized access if a device is lost or stolen. Specifically, if mobile devices are
more
than 3mi (4 8km) from the building, the management team would like to have the security
team alerted and server resources restricted on those devices. Which of the following
controls should the organization implement?

A.

Geofencing

B.

Lockout

C.

Near-field communication

D.

GPS tagging

A.   

Geofencing
Page 25 out of 89 Pages
SY0-601 Practice Test Previous