This mock exam will help you practice for the Security+ SY0-601 test. If there are any questions that you struggle with, you can refer to the book CompTIA Security+: SY0-601 Certification Guide for targeted study.
Best of luck!

Mock Exam 2

1 / 51

Your organization’s data center is in a region that recently encountered a blackout power failure. The company generators failed to take over, and the systems in the data center were unable to shut down gracefully. You are looking for a solution that will provide your team enough time to shut down the most critical systems gracefully. Which of the following technologies should you advise using?

2 / 51

You are part of a team designing an industrial control system. The system must have response times that are predictable to within milliseconds and should therefore be processing data immediately rather than relying on buffering information. What type of system is your team designing?

3 / 51

Your business uses Microsoft Windows OSes. You have concerns about pass-the-hash attacks in relation to password security. Which of the following would enable you to protect against pass-the-hash attacks with your Windows systems? Choose two.

4 / 51

Providing guidance in the software development life cycle, this charity publishes a number of secure application development resources in areas such as mobile apps, embedded apps, and web input output validation: which of the following fits this definition?

5 / 51

These keys have a short use time and are used for a one-time session, ensuring the same key is not used twice: which of the following fits this definition?

6 / 51

You are having trouble attempting to expand your data center due to lack of power outlets and are looking for a solution that provides multiple power output sockets from a single unit and allows a data center device (a server, switch, or router) to receive power by connecting to a single power output socket. Which device provides for the necessary solution criteria?

7 / 51

There is an attack in progress on one of your Hyper-V servers that has compromised a VM that should only be accessible from the company intranet. The attackers have used this to access other VMs that are customer-facing. What type of attack are you experiencing?

8 / 51

You are part of a team supporting the merger of two large organizations. As part of the merger, customer databases must be joined together to provide speed and accuracy, duplicate data must be cleansed, and unstructured data must be eliminated. Which of the following technologies will provide this solution?

9 / 51

To connect to the corporate IT system, you are required to provide a username, password, and the TOTP send to your company phone. You also need to be in the correct country to access the system. How many factors of authentication are you using? Choose the best answer.

10 / 51

When performing a risk assessment to determine how far your offsite backup storage should be from your business premises, which of the following should you consider? Choose two.

11 / 51

Which of the following provides security solutions such as general monitoring, enterprise firewall, SIEM systems, virus scanning, and IDS/IPS, as well as providing highly skilled employees to take on a company’s IT security headache?

12 / 51

You have joined a new bank and you wish to use the online banking facility. The bank has provided you with a password that has no time limit on its use but can only be used once as part of your initial connection to the banking app. Which of the following has the bank provided?

13 / 51

You are a security analyst within a Security Operations Center (SOC). Your team has recently captured and reverse-engineered malware. The reverse engineering has revealed the IP addresses, file hashes, and URLs associated with the malware, which you have shared with the IT security community. The information captured can be described as which of the following?

14 / 51

What is a prepared SQL code that has been tested and then saved with the aim of securing the code while being able to use the code repeatedly?

15 / 51

Your company has moved its entire data center solution to the cloud. Services such as authentication, web applications, and communications are created via Function as a Service (FaaS), utilizing containers that are spun up and torn down as required. This has decreased costs because the company is not charged for the execution time per hour as they otherwise would be. What term describes this solution?

16 / 51

A company is looking for a solution to keep the business running in the event the current site became unavailable due to a disaster. The solution must have a barebones site that can be equipped and operational within 96 hours. If cost is a concern, which of these would be the best option?

17 / 51

When selecting a Customer Relationship Management (CRM) tool, your organization has opted for a cloud-based solution whereby everything except permissions to the data is managed by the cloud provider. Which of the following best suits your company's needs?

18 / 51

You have written an e-book. You are concerned you might lose ownership of your work and are looking for a method to retain ownership and stop the files being modified or distributed outside of the license agreement it was purchased under. Which of the following will provide this level of protection?

19 / 51

You are looking for a solution for your developers. The solution must provide servers, storage, and networking but also development tools, business intelligence systems, and database management. Which of the following solutions should you choose?

20 / 51

You configure your security systems to look for known malicious domains. Your solution intercepts requests to go to these sites and redirects the user’s request to an intranet page that informs them that they have been prevented from visiting a known malicious site. What have you implemented?

21 / 51

Your company has used ML, combined with training, to enhance the strength of your malware behavioral detection. A politically motivated group of bad actors have been providing data to your systems to make their malicious malware look benign. What have the bad actors developed?

22 / 51

You are researching cloud services. You need a cloud provider that can provide servers, network appliances, and storage, but they will not install or configure the software. Which cloud service is this?

23 / 51

Which of the following are examples of MFA?

24 / 51

Although training has been provided, it has become apparent that users are creating weak, easy-to-compromise passwords. Which technology would help create stronger passwords? (Choose the best answer.)

25 / 51

Which device runs on tracks, has a camera and night vision, can patrol your home when you’re away, and will alert you via an app if an intruder is detected?

26 / 51

You work as a part of the security team within a large organization and are planning a new data center that will hold sensitive corporate data and customer records. C-level executives have determined the new facility should look like a warehouse from the outside. Security for the facility is going to include a perimeter fence with a moat, a guarded security gate, and security cameras. This security includes which of the following? (Choose two.)

27 / 51

An online store is looking for a secure method of storing customer credit card information. The solution must meet the following criteria:

  • Must store plain text as a token value mapping in a database.
  • Can store structured data such as credit card details and phone numbers.
  • Original data never leaves the organization. Satisfying regulatory compliance is a major concern with this objective.

Which of the following satisfies these conditions?

28 / 51

You are an IT security technician at a green energy company. Among its technologies, your organization has thousands of internet of things (IoT) devices communicating telemetry about the health of windmills. Data received at the data center could indicate a failure is imminent at a windmill, and you are concerned about the time it takes to receive and react to the data. You are looking for a solution that reduces latency, conserves network bandwidth, and places decision-making at the source of the collected data. Which of the following can provide this solution?

29 / 51

A major banking organization has its main office in Canary Wharf, London. It has a mirror site 30 miles away in Slough. All data generated in the London office is replicated in real time to the Slough office. If a disaster makes the London office unavailable, business operations can be immediately switched to the Slough office where there are work areas to relocate to. Which type of disaster recovery is this?

30 / 51

Kirsten has an online store account on which she has stored her credit and debit card details. When she makes a purchase, she has to choose which card to use. The store does not display the full card number—only the last four characters. What term names the process of only displaying the last four characters here?

31 / 51

Your company needs to take credit and debit card payments. Your bank insists you are PCI DSS compliant. While reviewing the PCI DSS process, you become concerned about how much PII and cardholder data you will be storing. You need a solution that can be applied directly to sensitive data and can monitor where data is being stored, how it is being used, and how it is being transferred. Which of the following solutions provides this level of security?

32 / 51

Roger is using a personal digital assistant (PDA) connected to a drone to intercept email and internet relay chat (IRC) messages being carried on wireless networks. Which of the following best describes Roger’s actions?

33 / 51

In a security exercise, which team hunts security vulnerabilities and takes action to mitigate them in a bid to make the company secure?

34 / 51

Courtney has infiltrated a PC belonging to a large corporation. From there, she has managed to use the company network to gain access to other devices. What type of attack is Courtney performing?

35 / 51

Rebekah has been researching various websites looking for weaknesses and issues, especially in relation to security exploits and vulnerabilities. Rebekah has joined a program where any issues she finds can be reported in return for financial compensations. What kind of program has Rebekah joined?

36 / 51

Which of the following is an open industry standard for assessing how severe a security vulnerability is and assigning a severity score to help IT teams prioritize responses to incidents and determine the resources required for the response?

37 / 51

Alexis wants to locate a framework that will help her team understand how known security threats and vulnerabilities can compromise the company’s systems. Which threat reference model should she choose?

38 / 51

A clearing bank has a mainframe computer that no longer receives updates or support from the original equipment manufacturer (OEM). The system is mission-critical to the bank, and they are concerned that if they turn it off for maintenance, it may never start up again. This is an example of which of the following?

39 / 51

A new malware containing a C2 domain has been detected on a device in the sales department.  Using the Diamond Model of Intrusion Analysis, the security team has identified firewall log entries revealing other devices contacting the C2 IP address for the last 177 days. Internet research of the IP address suggests the address belongs to a foreign nation state. This is an example of which of the following?

40 / 51

Your organization spends millions of pounds every year on marketing, intellectual property, and branding to ensure it is perceived to be a caring, environmentally friendly, customer-focused company. The CEO has become concerned that the company image could be damaged by the content of electronic messages sent from within the organization and wants to guard against threats to their reputation and prevent their messages ending up in recipients’ spam folders. What tools can be used to solve this problem?

41 / 51

Billy is trying to compromise Microsoft application security. He has developed and plans to release a dynamic link library (DLL) that will be delivered as a trojan horse to unsuspecting victims. The DLL could allow remote code execution if a user opens a legitimate Microsoft Office file (such as an Excel spreadsheet file). If the spreadsheet has been stored in the same directory as the DLL file, Billy could potentially install programs and view, change, or delete data. Billy’s main target is to access the account of an administrator who is logged in so that he can take control of the system. What has Billy developed?

42 / 51

The DNS cache on PC1 has resolved the IP address to IP address Pedro has created a rogue identical web server with address with nefarious intent and has managed to change the DNS record for in the PC1 cache to This is an example of which of the following?

43 / 51

Which of the following best describes a trojan horse designed to infiltrate communication between a browser and its security controls? It’s mainly employed in financial fraud.

44 / 51

You are a security consultant. A customer requires a technology that will allow authorized personnel access to their company data center. The solution must provide two-way communication and should preferably be built into identity passes and require authorized personnel to be no more than a few centimeters away from the security panel. Which of the following is the best solution?

45 / 51

Your crucial customer service systems have higher utilization of RAM than expected. The systems were running fine until a few days ago, and your team is now reviewing the system configuration and logs for Indicators of Compromise (IOCs). There are some suspicious activities showing in the logs and you suspect your systems are under attack from a zero-day malware exploit that’s causing RAM to be consumed without being released when the processes are complete. This attack is an example of which of the following?

46 / 51

The Seattle marketing department of your organization has been allocated the address range. All systems in the department obtain their addresses from DHCP. You are attempting to add a new user’s laptop to the network but are unsuccessful. You check the DHCP scope and all addresses in the scope of been allocated. What is this an example of?

47 / 51

You are part of the development team for a large online sales business. Customers have been complaining about errors showing when they go to their basket. You work through the process manually and observe two threads simultaneously writing to the same variable at the same memory location. This is an example of which of the following?

48 / 51

Will has infiltrated your company’s machine learning (ML)/artificial intelligence (AI) system. He wants to ensure his command and control (C2C) botnet activities are not detected by your ML/AI system and has poisoned data so that it ignores his activities. This is an example of which of the following?

49 / 51

Sally has written and released a freeware game for phones and tablets to the internet. Once a user has installed her software on their device, Sally can turn on their camera, listen to their microphone, and install additional files on the user’s device. What kind of software has Sally released?

50 / 51

Carly is designing software to infiltrate computers, gather information, and send it back to her computer. She is concerned that her software will be detected if it uses too many resources (CPU and RAM, for instance). What kind of software is Carly designing?

51 / 51

Senior management has introduced BYOD into the company. A policy for allowed devices, OSes, anti-malware, and update management has been agreed with the IT department. John (a user in accounting) uses his personal Windows 10 laptop as a BYOD device, with his personal choice of accounting software. John has contacted IT, stating that his device is slow and needs regular restarts due to high system resource utilization. Which of the following is the most likely cause of these issues?

Your score is