CompTIA Security+ (SY0-601) Practice Questions

Question 1
A Chief Financial Officer (CFO) has been receiving email messages that have suspicious links embedded from unrecognized senders. The emails ask the recipient for identity verification. The IT department has not received reports of this happening to anyone else. Which of the following is the MOST likely explanation for this behavior?

A. The CFO is the target of a whaling attack.
B. The CFO is the target of identity fraud.
C. The CFO is receiving spam that got past the mail filters.
D. The CFO is experiencing an impersonation attack.

Question 2
Joe, an employee, knows he is going to be fired in three days. Which of the following characterizations describes the employee?

A. An insider threat
B. A competitor
C. A hacktivist
D. A state actor

Question 3
The IT department receives a call one morning about users being unable to access files on the network shared drives. An IT technician investigates and determines the files became encrypted at 12:00 a.m. While the files are being recovered from backups, one of the IT supervisors realizes the day is the birthday of a technician who was fired two months prior. Which of the following describes what MOST likely occurred?

A. The fired technician placed a logic bomb.
B. The fired technician installed a rootkit on all the affected users' computers.
C. The fired technician installed ransomware on the file server.
D. The fired technician left a network worm on an old work computer.

Question 4
An organization has a policy in place that states the person who approves firewall controls/changes cannot be the one implementing the changes. Which of the following describes this policy?

A. Change management
B. Job rotation
C. Separation of duties
D. Least privilege

Question 5
Which of the following would be the BEST method to prevent the physical theft of staff laptops at an open-plan bank location with a high volume of customers each day?

A. Guards at the door
B. Cable locks
C. Visitor logs
D. Cameras

Question 6
Which of the following disaster recovery sites would require the MOST time to get operations back online?

A. Colocation
B. Cold
C. Hot
D. Warm

Question 7
A security manager needed to protect a high-security datacenter, so the manager installed an access control vestibule that can detect an employee's heartbeat, weight, and badge. Which of the following did the security manager implement?

A. A physical control
B. A corrective control
C. A compensating control
D. A managerial control

Security+ (SY0-601) Answer Key

Question 1) A. The CFO is the target of a whaling attack.

Question 2) A. An insider threat

Question 3) A. The fired technician placed a logic bomb.

Question 4) C. Separation of duties

Question 5) B. Cable locks

Question 6) B. Cold

Question 7) A. A physical control