SY0-601 EVALUATION EXAM 2025/2026 QUESTIONS
AND ANSWERS GUARANTEE A+
✔✔AES Encryption - ✔✔Specifically, AES is an iterative, symmetric-key block cipher
that can use keys of 128, 192, and 256 bits, and encrypts and decrypts data in blocks of
128 bits (16 bytes).
✔✔IPSec - ✔✔Internet Protocol Security. Used to encrypt traffic on the wire and can
operate in both tunnel mode and transport mode. It uses tunnel mode for VPN traffic.
IPsec is built into IPv6, but can also work with IPv4 and it includes both AH and ESP.
AH provides authentication and integrity, and ESP provides confidentiality, integrity, and
authentication. IPsec uses port 500 for IKE with VPN connections.
✔✔SSL - ✔✔An abbreviation for Secure Sockets Layer; it is a protocol that provides
security when communicating on the Internet
✔✔DNS (Domain Name System) - ✔✔The Internet's system for converting alphabetic
names into numeric IP addresses.
✔✔NGFW (Next Generation
Firewall) - ✔✔Combining a traditional
firewall with any other network
device (such as an intrusion
prevention system) to get additional
functionalities.
✔✔TPM - ✔✔Trusted Platform Module
✔✔input validation - ✔✔the process of inspecting data given to a program by the user
and determining if it is valid
✔✔Fuzzing (Fuzz Testing) - ✔✔A type of black box testing that enters random
malformed data as inputs into software programs to determine if they will crash
✔✔Access Control - ✔✔Determines types of user access, such as read-only access
✔✔Mandatory Access Control (MAC) - ✔✔The most restrictive access control model,
typically found in military settings in which security is of supreme importance.
✔✔Discretionary Access Control (DAC) - ✔✔The least restrictive access control model
in which the owner of the object has total control over it.
, ✔✔Role-Based Access Control (RBAC) - ✔✔An access control model that bases the
access control authorizations on the roles (or functions) that the user is assigned within
an organization
✔✔Attribute-based access control (ABAC) - ✔✔This is an access control paradigm
whereby access rights are granted to users with policies that combine attributes
together.
✔✔Public Key Infrastructure (PKI) - ✔✔the system for issuing pairs of public and private
keys and corresponding digital certificates
✔✔ARP - ✔✔Address Resolution Protocol. Resolves IP addresses to MAC addresses.
ARP poisoning attacks can redirect traffic through an attacker's system by sending false
MAC address updates. VLAN segregation helps prevent the scope of ARP poisoning
attacks within a network.
✔✔route - ✔✔The path that must be followed to get to a place
✔✔curl - ✔✔client url
✔✔the harvester - ✔✔gather osint scrape info from google or bing find associated ip
addresses list of people from linkedin
✔✔sn1per - ✔✔Software utility designed for penetration testing reporting and evidence
gathering that can also run automated test suites.
✔✔scanless - ✔✔Utility that runs port scans through third-party websites to evade
detection.
✔✔dnsenum - ✔✔Utility that is used for DNS enumeration to locate all DNS servers and
DNS entries for a given organization
✔✔Nessus - ✔✔A network-vulnerability scanner available from Tenable Network
Security.
✔✔cuckoo - ✔✔a sandbox for malware.
✔✔Concatentation Operator - ✔✔link together in a series.
✔✔grep - ✔✔find things inside files
✔✔chmod - ✔✔change permission modifiers
✔✔logger - ✔✔add entries to the system log
AND ANSWERS GUARANTEE A+
✔✔AES Encryption - ✔✔Specifically, AES is an iterative, symmetric-key block cipher
that can use keys of 128, 192, and 256 bits, and encrypts and decrypts data in blocks of
128 bits (16 bytes).
✔✔IPSec - ✔✔Internet Protocol Security. Used to encrypt traffic on the wire and can
operate in both tunnel mode and transport mode. It uses tunnel mode for VPN traffic.
IPsec is built into IPv6, but can also work with IPv4 and it includes both AH and ESP.
AH provides authentication and integrity, and ESP provides confidentiality, integrity, and
authentication. IPsec uses port 500 for IKE with VPN connections.
✔✔SSL - ✔✔An abbreviation for Secure Sockets Layer; it is a protocol that provides
security when communicating on the Internet
✔✔DNS (Domain Name System) - ✔✔The Internet's system for converting alphabetic
names into numeric IP addresses.
✔✔NGFW (Next Generation
Firewall) - ✔✔Combining a traditional
firewall with any other network
device (such as an intrusion
prevention system) to get additional
functionalities.
✔✔TPM - ✔✔Trusted Platform Module
✔✔input validation - ✔✔the process of inspecting data given to a program by the user
and determining if it is valid
✔✔Fuzzing (Fuzz Testing) - ✔✔A type of black box testing that enters random
malformed data as inputs into software programs to determine if they will crash
✔✔Access Control - ✔✔Determines types of user access, such as read-only access
✔✔Mandatory Access Control (MAC) - ✔✔The most restrictive access control model,
typically found in military settings in which security is of supreme importance.
✔✔Discretionary Access Control (DAC) - ✔✔The least restrictive access control model
in which the owner of the object has total control over it.
, ✔✔Role-Based Access Control (RBAC) - ✔✔An access control model that bases the
access control authorizations on the roles (or functions) that the user is assigned within
an organization
✔✔Attribute-based access control (ABAC) - ✔✔This is an access control paradigm
whereby access rights are granted to users with policies that combine attributes
together.
✔✔Public Key Infrastructure (PKI) - ✔✔the system for issuing pairs of public and private
keys and corresponding digital certificates
✔✔ARP - ✔✔Address Resolution Protocol. Resolves IP addresses to MAC addresses.
ARP poisoning attacks can redirect traffic through an attacker's system by sending false
MAC address updates. VLAN segregation helps prevent the scope of ARP poisoning
attacks within a network.
✔✔route - ✔✔The path that must be followed to get to a place
✔✔curl - ✔✔client url
✔✔the harvester - ✔✔gather osint scrape info from google or bing find associated ip
addresses list of people from linkedin
✔✔sn1per - ✔✔Software utility designed for penetration testing reporting and evidence
gathering that can also run automated test suites.
✔✔scanless - ✔✔Utility that runs port scans through third-party websites to evade
detection.
✔✔dnsenum - ✔✔Utility that is used for DNS enumeration to locate all DNS servers and
DNS entries for a given organization
✔✔Nessus - ✔✔A network-vulnerability scanner available from Tenable Network
Security.
✔✔cuckoo - ✔✔a sandbox for malware.
✔✔Concatentation Operator - ✔✔link together in a series.
✔✔grep - ✔✔find things inside files
✔✔chmod - ✔✔change permission modifiers
✔✔logger - ✔✔add entries to the system log
