ExamGecko
Home / CompTIA / SY0-601
Ask Question

SY0-601: CompTIA Security+

Vendor:
Exam Questions:
603
 Learners
  2.370
Last Updated
April - 2025
Language
English
16 Quizzes
PDF | VPLUS

Exam Number: SY0-601

Exam Name: CompTIA Security+

Length of test: 90 mins

Exam Format: Multiple-choice, Drag and Drop, and HOTSPOT questions.

Exam Language: English

Number of questions in the actual exam: Maximum of 90 questions

Passing Score: 750/900

The competency level required for the CompTIA SY0-601 Exam is entry-level to intermediate, suitable for individuals with basic to moderate experience in IT security.

This study guide should help you understand what to expect on SY0-601 exam and includes a summary of the topics the exam might cover and links to additional resources. The information and materials in this document should help you focus your studies as you prepare for the exam.

Related questions

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?

Become a Premium Member for full access
  Unlock Premium Member

A desktop support technician recently installed a new document-scanning software program on a computer. However, when the end user tried to launch the program, it did not respond. Which of the following is MOST likely the cause?

A new firewall rule is needed to access the application.
A new firewall rule is needed to access the application.
The system was quarantined for missing software updates.
The system was quarantined for missing software updates.
The software was not added to the application whitelist.
The software was not added to the application whitelist.
The system was isolated from the network due to infected software
The system was isolated from the network due to infected software
Suggested answer: C
Explanation:

The most likely cause of the document-scanning software program not responding when launched by the end user is that the software was not added to the application whitelist. An application whitelist is a list of approved software applications that are allowed to run on a system. If the software is not on the whitelist, it may be blocked from running by the system's security policies. Adding the software to the whitelist should resolve the issue and allow the program to run.

Reference: https://www.techopedia.com/definition/31541/application-whitelisting

asked 02/10/2024
Moraes, Jefferson
50 questions

Which Of the following will provide the best physical security countermeasures to Stop intruders?

(Select two).

Become a Premium Member for full access
  Unlock Premium Member

Which of the following can be used to calculate the total loss expected per year due to a threat targeting an asset?

Become a Premium Member for full access
  Unlock Premium Member

A penetration tester was able to compromise a host using previously captured network traffic. Which of the following is the result of this action?

Become a Premium Member for full access
  Unlock Premium Member

A candidate attempts to go to but accidentally visits http://comptiia.org. The malicious website looks exactly like the legitimate website. Which of the following best describes this type of attack?

Become a Premium Member for full access
  Unlock Premium Member

Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?

Become a Premium Member for full access
  Unlock Premium Member

one of the attendees starts to notice delays in the connection. and the HTTPS site requests are reverting to HTTP. Which of the following BEST describes what is happening?

Birthday collision on the certificate key
Birthday collision on the certificate key
DNS hacking to reroute traffic
DNS hacking to reroute traffic
Brute force to the access point
Brute force to the access point
A SSL/TLS downgrade
A SSL/TLS downgrade
Suggested answer: D
Explanation:

The scenario describes a Man-in-the-Middle (MitM) attack where the attacker intercepts traffic and downgrades the secure SSL/TLS connection to an insecure HTTP connection. This type of attack is commonly known as SSL/TLS downgrade attack or a stripping attack. The attacker is able to see and modify the communication between the client and server.

asked 02/10/2024
Venish Arumugam
41 questions

DRAG DROP

A data owner has been tasked with assigning proper data classifications and destruction methods for various types of data contained within the environment.


CompTIA SY0-601 image Question 1 98690 10022024055400000
Correct answer: CompTIA SY0-601 image answer Question 1 98690 10022024055400000
Explanation:

CompTIA SY0-601 image Question 1 explanation 98690 10022024175400000000

asked 02/10/2024
Shivanth Jha
43 questions

A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?

Become a Premium Member for full access
  Unlock Premium Member