AccueilCertificationsSY0-601 › Questions gratuites

Questions gratuites SY0-601 — CompTIA Security+

Téléchargez gratuitement 60 questions d'entraînement pour la certification SY0-601 proposée par CompTIA. Toutes les questions sont accompagnées de corrections détaillées avec explications techniques.

Caractéristiques de l'examen blanc

Code de certificationSY0-601
ÉditeurCompTIA
Nombre de questions60
TypeQCM avec 4 réponses possibles
Niveauassociate
CatégorieIT
Prix100% gratuit

Aperçu de 8 questions représentatives

Voici un échantillon aléatoire de 8 questions tirées de notre base d'entraînement SY0-601. Pour accéder aux 60 questions complètes, lancez l'examen blanc gratuitement.

Question 1
What attack attempts common passwords against many accounts?
  1. Password spraying
  2. Brute force
  3. Dictionary attack
  4. Rainbow table
Question 2
What document identifies data criticality and handling requirements?
  1. Data classification policy
  2. Firewall configuration
  3. Patch schedule
  4. Vacation calendar
Question 3
Which indicators suggest system compromise?
  1. Unexpected network traffic patterns
  2. Unauthorized account creation
  3. System performance degradation
  4. Normal operations
  5. : unusual network traffic (data exfiltration, C2 communications), unauthorized accounts/privilege escalation, performance issues from malware CPU usage, unexpected processes/services, modified system files, failed login attempts. IoC sources include threat intelligence feeds, SIEM correlation, endpoint detection. Response requires investigation and containment. Normal operations aren't compromise indicators. Baselines enable anomaly detection. Intrusion Detection Systems (IDS/IPS) identify attack patterns. Regular security audits discover indicators before significant damage. Automated response platforms (SOAR) enable rapid reaction to confirmed compromises. Understanding attacker tactics, techniques, procedures (TTPs) via frameworks like MITRE ATT&CK improves detection.
Question 4
What validates security controls are operating effectively?
  1. Security audit or assessment
  2. Ignoring security
  3. Assuming everything works
  4. No validation
  5. . Gap analysis identifies control deficiencies. Remediation plans address findings with tracking to closure. Ignoring security or assuming controls work without validation creates unknown vulnerabilities. Regular assessment adapts to evolving threats. Audit evidence includes: screenshots, configurations, test results, documentation. Third-party audits provide credibility for compliance certification. Continuous monitoring complements periodic audits.
Question 5
What ensures only organization-approved devices connect to network?
  1. NAC (Network Access Control)
  2. Hub
  3. Uncontrolled access
  4. No device verification
Question 6
Which security controls are preventive?
  1. Firewall blocking unauthorized traffic
  2. Encryption protecting data confidentiality
  3. Access control preventing unauthorized entry
  4. Log monitoring (detective control)
Question 7
What process ensures changes don't introduce security vulnerabilities?
  1. Change management with security review
  2. Uncontrolled changes
  3. No review process
  4. Emergency changes without approval
Question 8
Which certificates comprise PKI infrastructure?
  1. Root CA certificates (trust anchors)
  2. Intermediate CA certificates
  3. End-entity certificates (users, servers)
  4. No certificate hierarchy
  5. . No hierarchy creates management difficulties. Private PKI for internal use, public PKI for internet-facing services. Understanding PKI enables proper certificate management. Certificate expiration monitoring prevents outages. Key escrow enables recovery from lost private keys. Compromised CA certificates affect all subordinate certificates.

Accédez aux 60 questions complètes gratuitement

Aucune carte bancaire requise. Examen chronométré, corrections détaillées, score final.

Lancer l'examen blanc SY0-601 →

Pourquoi s'entraîner avec Certifexpress ?