Security+ SY0-601 Practice Test

Below are 10 Security plus SY0-601 Practice Test questions. In all of them, you will have the question text first, the distracters, and correct answer(s) second, then an explanation, and finally which CompTIA main domain and exam objective the question pertains to. Any Security+ preparation should start with an in-depth review of the exam objectives. If you do not have them then click here to download the Security+ SY0-601 Exam Objectives PDF.

Security plus SY0-601 Practice Test  – Question 1 

This technique adds malicious code to the beginning of a file. It ensures that the malware is activated when the user opens the modified file.

None of these

Correct answer: Prepending

Explanation: Prepending is adding code to the beginning of a presumably safe file. It activates when the file is opened. Appending malware adds the code to the end of the file. Tainting is not relevant to the subject.

Main Domain 1.0 Attacks, Threats, and Vulnerabilities
Exam Objective 1.1 Compare and contrast different types of social engineering techniques.

Question 2

Of the choices shown, which is the MOST prevalent malware attack vector?

Removeable media
Supply chain

Correct answer: email

Explanation: Easily over 90% of malware is delivered via good old-fashioned email, where the user can be tricked into activating the malicious payload. Wireless attacks exist in the open, but the current WAPs are configured to protect the users. USB sticks are prevalent and can be used maliciously by simply dropping an infected item in your company’s parking lot. Most users would simply plug it in at their desk and they are infected. The supply chain consists of manufacturers, vendors and any source that helps implement delivery of the finished product. There are numerous opportunities to infect products.

Main Domain 1.0 Attacks, Threats, and Vulnerabilities
Exam Objective 1.2 Given a scenario, analyze potential indicators to determine the type of attack.

Question 3

Which of the choices does BEST describe the purpose of diversity training?

Enable employees with dissimilar backgrounds to operate effectively together
Encourage the employee to view situations from the perspective of others
Help employees discredit and overcome common prejudicial stereotypes
Improve the employee’s values and relations in the corporate environment
All of these are correct

Correct answer: Enable employees with dissimilar backgrounds to operate effectively together

Explanation: While all the choices are relevant, the best choice would be to enable employees with dissimilar backgrounds to operate effectively together as this is the main objective of diversity training. The three detractors, although all in and by themselves correct statements are the means to the end that can be achieved by assisting the employee in improving their personal values by viewing things from the perspective of others and discrediting prejudice.

Main Domain 5.0 Governance, Risk, and Compliance
Exam Objective 5.3 Explain the importance of policies to organizational security

Question 4

In 2015 researchers Lindsey, King, Hebl, & Levine tested three diversity training techniques for employee development. Which choice is NOT one of those techniques?

Goal setting
Sensitivity training
Stereotype discrediting

Correct answer: Sensitivity training

Explanation: The research conducted by Lindsey, King, Hebl, & Levine in 2015 tested
three strategies of diversity training. These were Perspective taking, Goal setting, and Stereotype discrediting. Sensitivity training, while important, was not part of the study.

Main Domain 5.0 Governance, Risk, and Compliance
Exam Objective 5.3 Explain the importance of policies to organizational security

Question 5

Credit card transactions are prime targets for hackers. Which of the choices listed specifies the controls necessary to provide secure transactions?

State laws

Correct answer: PCI DSS

Explanation: The Payment Card Industry Data Security Standard (PCI DSS) provides the framework to continuously monitor and enforce the controls specified. The General Data Protection Regulation – GDPR is a legal framework focused on personal information. The National Institute of Standards and Technology – NIST is also broader in scope. State laws although necessary, are not sufficient as they, in and by themselves, would not stop a hacker.

Main Domain 5.0 Governance, Risk, and Compliance
Exam Objective 5.2 Explain the importance of applicable regulations, standards, or frameworks that impact organizational security posture

Question 6

Secure network provenance (SNP) enables network operators to understand why they are in a particular state. Which of the choices is part of SNP?

Use forensic analytics
Determine why suspicious entries appear in routing tables
Determine the origin of a suspicious entry
Identify faulty network equipment
All of these are correct

Correct answer: All of these are correct

Explanation: Secure network provenance uses forensic techniques to analyze the how’s and why’s of adversarial tactics. Routing tables are scrutinized as they can be the origin of suspicious activity on devices. This process will also allow operators to identify faulty equipment.

Main Domain 4.0 Operations and Incident Response
Exam Objective 4.5 Explain the key aspects of digital forensics

Question 7

You are in a meeting with the members involved in your business continuity plan (BCP) to address a simulated emergency. This hands-off discussion centers around the actions to be taken in an emergency along with how those actions will be tested. How is this meeting classified?


Correct answer: Tabletop

Explanation: A tabletop exercise is designed to allow all parties responsible for security and business continuity to share the actions that would be taken in an emergency scenario. This is a setting where concept sharing is encouraged. A walkthrough exercise involves taking the outcome of a tabletop exercise and validating the processes recommended. Simulation uses a backup of the assets in an emergency scenario. Eradication includes the actions necessary to neutralize the threat.

Main Domain 4.0 Operations and Incident Response
Exam Objective 4.3 Given an incident, utilize appropriate data sources to support an investigation

Question 8

Which of the choices shown is an embedded system IC (integrated circuit) chip? (Choose two)

Raspberry Pi
Subscriber Identity Module

Correct answers: FPGA and Arduino

Explanation: Intel’s field-programmable gate array (FPGA) allows system designers to easily make changes to the code embedded on the chip. Arduino is a microcontroller that runs a single instruction repeatedly. Raspberry Pi is a mini-computer and operating system that runs on embedded components. A Subscriber Identity Module (SIM) holds the activation information on cell phones or smartphones. Wearables are not embedded systems.

Main Domain 2.0 Architecture and Design
Exam Objective 2.6 Explain the security implications of embedded and specialized systems

Question 9

You have a new drone and take it to a large field out near the airport. It seems that you can fly freely in all but one direction. What would cause this?

GPS tagging

Correct answer: Geofencing

Explanation: Geofencing around the airport ensures your drone is prevented from flying towards the airport. Airports, government facilities, and other critical sites use geofencing to create a no-fly zone that the drone software will not cross. Geolocation is the process of using GPS to determine your exact location or the location of some device. Geotagging adds additional location data to images and messages sent from your device. GPS tagging is simply another term for geotagging.

Main Domain 3.0 Implementation
Exam Objective 3.5 Given a scenario, implement secure mobile solutions

Question 10

This cyber-attack framework utilizes a globally accessible database based on real-world attacks and techniques.

Cyber Kill Chain
None of these

Correct answer: MITRE

Explanation: The MITRE ATT&CK framework contains methods and techniques used in real-world attacks and can be referenced globally. It is updated frequently. Cyber Kill Chain is a model as is the Diamond Model of Intrusion Analysis.

Main Domain 4.0 Operations and Incident Response
Exam Objective 4.2 Summarize the importance of policies, processes, and procedures for incident response

We hope you enjoyed these Security plus SY0-601 Practice Test questions. Best of luck with the exam!

Security plus SY0-601 Practice Test
Security Configuration and Analysis

Security plus SY0-601 Practice Test


2 thoughts on “Security plus SY0-601 Practice Test

  1. Corrections: Question 2 should say most frequently used instead of “most effective”. Question 10 should say “cyber-attack framework”, since none of the answers are actual attacks. Question 3 should be modified, as the “best” approach for diversity training can very by organization, and a person’s experience and background.

    1. Thanks, Simon, we appreciate the feedback! The relevant edits have been made to questions 2; 3 and 10.
      Best of luck in your quest for certification.

Leave a Reply

Your email address will not be published. Required fields are marked *

On Facebook

Trust Guard Security Scanned
Share This
Real Time Web Analytics