COMPTIA SECURITY+ SY0-601 EXAM ACTUAL
PREP QUESTIONS AND WELL REVISED
ANSWERS - LATEST AND COMPLETE UPDATE
WITH VERIFIED SOLUTIONS – ASSURES PASS
1. Which of the following best describes the principle of least privilege?
A. Users have access to all systems regardless of need
B. Users are granted only the access necessary to perform their job
C. Administrators have no restrictions on access
D. Users can request elevated permissions as needed
Answer: B
Rationale: The principle of least privilege restricts users’ access rights to
only what is necessary to perform their job functions, reducing potential
attack vectors.
2. What type of malware restricts access to a system or files until a ransom is
paid?
A. Virus
B. Trojan
C. Ransomware
D. Worm
Answer: C
Rationale: Ransomware encrypts or locks a system’s data and demands
payment for restoration, unlike viruses or worms which primarily replicate
or damage systems.
,3. Which protocol provides secure remote access to network devices over an
insecure network?
A. Telnet
B. SSH
C. FTP
D. HTTP
Answer: B
Rationale: SSH (Secure Shell) encrypts data in transit, providing secure
remote access, while Telnet and FTP transmit data in plaintext.
4. What is the main purpose of a firewall?
A. To encrypt data
B. To filter incoming and outgoing network traffic
C. To scan for malware
D. To manage user credentials
Answer: B
Rationale: Firewalls monitor and control network traffic based on security
rules, serving as a barrier between trusted and untrusted networks.
5. Which type of attack involves sending fraudulent emails to trick users into
revealing sensitive information?
A. Phishing
B. DDoS
C. SQL Injection
D. Cross-site scripting
Answer: A
Rationale: Phishing is a social engineering attack that deceives users into
providing credentials or personal data, often via email.
,6. What security concept ensures that data cannot be altered without
authorization?
A. Confidentiality
B. Integrity
C. Availability
D. Non-repudiation
Answer: B
Rationale: Integrity ensures data remains accurate and unaltered, whereas
confidentiality protects data from unauthorized access.
7. Which of the following is an example of multifactor authentication (MFA)?
A. Password only
B. Smart card only
C. Fingerprint and password
D. Username only
Answer: C
Rationale: MFA requires two or more types of authentication factors:
something you know (password), something you have (smart card), or
something you are (biometric).
8. A hacker exploits a flaw in a web application to retrieve sensitive
information from a database. This is an example of:
A. Phishing
B. SQL Injection
C. DDoS attack
D. Brute force attack
Answer: B
Rationale: SQL Injection occurs when attackers input malicious SQL
statements into input fields to manipulate the database.
, 9. What is the primary purpose of a VPN?
A. Increase internet speed
B. Provide secure encrypted connections over untrusted networks
C. Filter malware from incoming traffic
D. Backup data automatically
Answer: B
Rationale: VPNs create an encrypted tunnel between devices and networks,
ensuring confidentiality and integrity of data in transit.
10.Which of the following attacks attempts to overwhelm a service by flooding
it with traffic?
A. Man-in-the-middle
B. Denial-of-service (DoS)
C. Spear phishing
D. Keylogging
Answer: B
Rationale: DoS attacks aim to disrupt services by overwhelming them with
traffic, making systems unavailable to legitimate users.
11.What does TLS provide for data transmission?
A. Authentication only
B. Encryption and authentication
C. Integrity only
D. Malware detection
Answer: B
Rationale: TLS (Transport Layer Security) encrypts data in transit and
provides authentication to ensure secure communication.
12.Which type of control prevents security incidents before they occur?
A. Detective
PREP QUESTIONS AND WELL REVISED
ANSWERS - LATEST AND COMPLETE UPDATE
WITH VERIFIED SOLUTIONS – ASSURES PASS
1. Which of the following best describes the principle of least privilege?
A. Users have access to all systems regardless of need
B. Users are granted only the access necessary to perform their job
C. Administrators have no restrictions on access
D. Users can request elevated permissions as needed
Answer: B
Rationale: The principle of least privilege restricts users’ access rights to
only what is necessary to perform their job functions, reducing potential
attack vectors.
2. What type of malware restricts access to a system or files until a ransom is
paid?
A. Virus
B. Trojan
C. Ransomware
D. Worm
Answer: C
Rationale: Ransomware encrypts or locks a system’s data and demands
payment for restoration, unlike viruses or worms which primarily replicate
or damage systems.
,3. Which protocol provides secure remote access to network devices over an
insecure network?
A. Telnet
B. SSH
C. FTP
D. HTTP
Answer: B
Rationale: SSH (Secure Shell) encrypts data in transit, providing secure
remote access, while Telnet and FTP transmit data in plaintext.
4. What is the main purpose of a firewall?
A. To encrypt data
B. To filter incoming and outgoing network traffic
C. To scan for malware
D. To manage user credentials
Answer: B
Rationale: Firewalls monitor and control network traffic based on security
rules, serving as a barrier between trusted and untrusted networks.
5. Which type of attack involves sending fraudulent emails to trick users into
revealing sensitive information?
A. Phishing
B. DDoS
C. SQL Injection
D. Cross-site scripting
Answer: A
Rationale: Phishing is a social engineering attack that deceives users into
providing credentials or personal data, often via email.
,6. What security concept ensures that data cannot be altered without
authorization?
A. Confidentiality
B. Integrity
C. Availability
D. Non-repudiation
Answer: B
Rationale: Integrity ensures data remains accurate and unaltered, whereas
confidentiality protects data from unauthorized access.
7. Which of the following is an example of multifactor authentication (MFA)?
A. Password only
B. Smart card only
C. Fingerprint and password
D. Username only
Answer: C
Rationale: MFA requires two or more types of authentication factors:
something you know (password), something you have (smart card), or
something you are (biometric).
8. A hacker exploits a flaw in a web application to retrieve sensitive
information from a database. This is an example of:
A. Phishing
B. SQL Injection
C. DDoS attack
D. Brute force attack
Answer: B
Rationale: SQL Injection occurs when attackers input malicious SQL
statements into input fields to manipulate the database.
, 9. What is the primary purpose of a VPN?
A. Increase internet speed
B. Provide secure encrypted connections over untrusted networks
C. Filter malware from incoming traffic
D. Backup data automatically
Answer: B
Rationale: VPNs create an encrypted tunnel between devices and networks,
ensuring confidentiality and integrity of data in transit.
10.Which of the following attacks attempts to overwhelm a service by flooding
it with traffic?
A. Man-in-the-middle
B. Denial-of-service (DoS)
C. Spear phishing
D. Keylogging
Answer: B
Rationale: DoS attacks aim to disrupt services by overwhelming them with
traffic, making systems unavailable to legitimate users.
11.What does TLS provide for data transmission?
A. Authentication only
B. Encryption and authentication
C. Integrity only
D. Malware detection
Answer: B
Rationale: TLS (Transport Layer Security) encrypts data in transit and
provides authentication to ensure secure communication.
12.Which type of control prevents security incidents before they occur?
A. Detective
