1|Page
Comptia Security + SY0-601 (2025) comprehensive
questions and verified answers ( detailed &
elaborated) ACTUAL EXAM 2025 TEST!!
CIA Triad - (ANSWER)Confidentially, Integrity and Availability.
Least privilege /Need-to-know basis - (ANSWER)Giving someone the most limited
access required to so they can perform their job.
Defence in Depth - (ANSWER)Protecting a company's data with a series of
protective layers.
Annual Risk Assessment - (ANSWER)A risk register where the financial director
will look at all of the risks associated with money and the IT manager will look at
all of the risks posed.
Annual Security Awareness Training - (ANSWER)Where you are reminded about
what you should be doing on a daily basis to keep the company safe.
Change Advisory Board (CAB) - (ANSWER)Assists with the prioritisation of
changes.
Business Continuity Plan (BCP) - (ANSWER)Contingency planning to keep the
business up and running when a disaster occurs, by identifying single points of
failure.
,2|Page
Firewall Rule - (ANSWER)A rule in the firewall specifying if a connection is allowed
or denied.
Antivirus/Antimalware - (ANSWER)Software or hardware that protects against or
removes malicious software.
Screen Saver - (ANSWER)A feature that logs computers off when they are idle.
Screen Filter - (ANSWER)A device which prevents people from viewing your
screen, while they are walking past.
Closed Circuit Television (CCTV) - (ANSWER)Equipment used to record events
through cameras and or sensors.
Log Files - (ANSWER)Text files that record events and times that occur.
Write-Once Read-Many Drive (WORM) - (ANSWER)A hard drive that can only be
written to once, but read many times.
Fire Suppression System - (ANSWER)An oxygen suppressant system that starves a
fire to prevent damage to equipment.
Disable User Accounts - (ANSWER)When someones leaves a company, their
account is disabled and password changed immediately.
,3|Page
Operating System Hardening - (ANSWER)The operating system is fully patched, all
unused features and services are disabled.
Identification (Access Controls) - (ANSWER)An identifying piece of information
such as a number or list of characters.
Security Identifier (SID) - (ANSWER)An identifier, that is tied to an account.
Authentication (Access Controls) - (ANSWER)The person making the request, is
who they say they are.
Authorisation (Access Controls) - (ANSWER)The amount of access given to a user.
New Technology File System (NTFS) - (ANSWER)A proprietary file system created
by Microsoft.
Discretionary Access Control (DAC) - (ANSWER)A control system, that the user is
only given access, that they need to perform their job.
Full Control (DAC) - (ANSWER)The user has full control.
Modify (DAC) - (ANSWER)The user can change, read and execute data.
, 4|Page
Read and Execute (DAC) - (ANSWER)The user can read the data or run the
program.
List Folder Contents (DAC) - (ANSWER)The user can see the directory and its
subdirectories.
Read (DAC) - (ANSWER)The user can read the data.
Write (DAC) - (ANSWER)The user can write to the file.
Special Permissions (DAC) - (ANSWER)The user has granular access.
Data Creator/Owner (DAC) - (ANSWER)The user has permission to get
permissions for other users.
Mandatory Access Control (MAC) - (ANSWER)A classification of data based on
how much damage it could cause.
Top Secret (MAC) - (ANSWER)The highest level of damage.
Secret (MAC) - (ANSWER)Causes serious damage.
Comptia Security + SY0-601 (2025) comprehensive
questions and verified answers ( detailed &
elaborated) ACTUAL EXAM 2025 TEST!!
CIA Triad - (ANSWER)Confidentially, Integrity and Availability.
Least privilege /Need-to-know basis - (ANSWER)Giving someone the most limited
access required to so they can perform their job.
Defence in Depth - (ANSWER)Protecting a company's data with a series of
protective layers.
Annual Risk Assessment - (ANSWER)A risk register where the financial director
will look at all of the risks associated with money and the IT manager will look at
all of the risks posed.
Annual Security Awareness Training - (ANSWER)Where you are reminded about
what you should be doing on a daily basis to keep the company safe.
Change Advisory Board (CAB) - (ANSWER)Assists with the prioritisation of
changes.
Business Continuity Plan (BCP) - (ANSWER)Contingency planning to keep the
business up and running when a disaster occurs, by identifying single points of
failure.
,2|Page
Firewall Rule - (ANSWER)A rule in the firewall specifying if a connection is allowed
or denied.
Antivirus/Antimalware - (ANSWER)Software or hardware that protects against or
removes malicious software.
Screen Saver - (ANSWER)A feature that logs computers off when they are idle.
Screen Filter - (ANSWER)A device which prevents people from viewing your
screen, while they are walking past.
Closed Circuit Television (CCTV) - (ANSWER)Equipment used to record events
through cameras and or sensors.
Log Files - (ANSWER)Text files that record events and times that occur.
Write-Once Read-Many Drive (WORM) - (ANSWER)A hard drive that can only be
written to once, but read many times.
Fire Suppression System - (ANSWER)An oxygen suppressant system that starves a
fire to prevent damage to equipment.
Disable User Accounts - (ANSWER)When someones leaves a company, their
account is disabled and password changed immediately.
,3|Page
Operating System Hardening - (ANSWER)The operating system is fully patched, all
unused features and services are disabled.
Identification (Access Controls) - (ANSWER)An identifying piece of information
such as a number or list of characters.
Security Identifier (SID) - (ANSWER)An identifier, that is tied to an account.
Authentication (Access Controls) - (ANSWER)The person making the request, is
who they say they are.
Authorisation (Access Controls) - (ANSWER)The amount of access given to a user.
New Technology File System (NTFS) - (ANSWER)A proprietary file system created
by Microsoft.
Discretionary Access Control (DAC) - (ANSWER)A control system, that the user is
only given access, that they need to perform their job.
Full Control (DAC) - (ANSWER)The user has full control.
Modify (DAC) - (ANSWER)The user can change, read and execute data.
, 4|Page
Read and Execute (DAC) - (ANSWER)The user can read the data or run the
program.
List Folder Contents (DAC) - (ANSWER)The user can see the directory and its
subdirectories.
Read (DAC) - (ANSWER)The user can read the data.
Write (DAC) - (ANSWER)The user can write to the file.
Special Permissions (DAC) - (ANSWER)The user has granular access.
Data Creator/Owner (DAC) - (ANSWER)The user has permission to get
permissions for other users.
Mandatory Access Control (MAC) - (ANSWER)A classification of data based on
how much damage it could cause.
Top Secret (MAC) - (ANSWER)The highest level of damage.
Secret (MAC) - (ANSWER)Causes serious damage.