Exam Details

  • Exam Code
    :SY0-601
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1334 Q&As
  • Last Updated
    :Mar 29, 2025

CompTIA CompTIA Certifications SY0-601 Questions & Answers

  • Question 1251:

    Which of the following is best to use when determining the severity of a vulnerability?

    A. CVE

    B. OSINT

    C. SOAR

    D. CVSS

  • Question 1252:

    Which of the following best describes an environment where a business owns the application and operating system but requires the resources to host them in the cloud?

    A. IaaS

    B. XaaS

    C. PaaS

    D. SaaS

  • Question 1253:

    An organization wants to minimize the recovery time from backups in case of a disaster. Backups must be retained for one month, while minimizing the storage space used for backups. Which of the following is the best approach for a backup strategy?

    A. Full monthly, incremental daily, and differential weekly

    B. Full weekly and incremental daily

    C. Full weekly and differential daily

    D. Full daily

  • Question 1254:

    An incident analyst finds several image files on a hard disk. The image files may contain geolocation coordinates. Which of the following best describes the type of information the analyst is trying to extract from the image files?

    A. Log data

    B. Metadata

    C. Encrypted data

    D. Sensitive data

  • Question 1255:

    A company uses a SaaS vendor to host its customer database. The company would like to reduce the risk of customer data exposure if the systems are breached. Which of the following risks should the company focus on to achieve this objective?

    A. Access auditing

    B. Outsourced code development

    C. Supply chain

    D. Open ports and services

  • Question 1256:

    An employee finds a USB flash drive labeled "Salary Info" in an office parking lot. The employee picks up the USB flash drive, goes into the office, and plugs it into a laptop. Later, a technician inspects the laptop and realizes it has been compromised by malware. Which of the following types of social engineering attacks has occurred?

    A. Smishing

    B. Baiting

    C. Tailgating

    D. Pretexting

  • Question 1257:

    The primary goal of the threat-hunting team at a large company is to identify cyberthreats that the SOC has not detected. Which of the following types of data would the threat-hunting team primarily use to identify systems that are exploitable?

    A. Vulnerability scan

    B. Packet capture

    C. Threat feed

    D. User behavior

  • Question 1258:

    Which of the following best describes the process of adding a secret value to extend the length of stored passwords?

    A. Hashing

    B. Quantum communications

    C. Salting

    D. Perfect forward secrecy

  • Question 1259:

    Adding a value to the end of a password to create a different password hash is called:

    A. salting.

    B. key stretching.

    C. steganography.

    D. MD5 checksum.

  • Question 1260:

    An organization is concerned about hackers bypassing MFA through social engineering of phone carriers. Which of the following would most likely protect against such an attack?

    A. Receiving alerts about unusual log-in activity

    B. Receiving a six-digit code via SMS

    C. Receiving a push notification to a mobile application

    D. Receiving a phone call for automated approval

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-601 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.