Are you looking to prepare yourself for the CompTIA Security+ (SY0-601) exam? Find out by testing yourself with this course
Each of the practice tests in this set provide an entire exam’s worth of questions, enabling you to confirm your mastery of the topics and providing you with the confidence you’ll need to take your CompTIA Security+ exam. There are 80 questions in each practice test, with a total of questions.
Not sure which practice test course to choose on Check out our features and benefits:
FEATURES & BENEFITS – More practice for studying
Each test has 80 questions, is 90 minutes long, passing grade of 80, domains weighted like the exam – Practice like the real CompTIA Security+ exam
Wrong answers linked to the domain they came from – Targeted studying, don’t waste time studying for topics you already know
Pause or stop the exam whenever you like – Practice on your own time, at your own pace
Detailed explanation of the answer – Better understanding of the content, also understand why the wrong answers are incorrect
Exam questions are written by a panel of experienced test writers* – Know you’re getting relevant, well-written exam questions that mimic the real exam
WHAT’S COVERED? Domain 1.0 – Attacks, Threats, and Vulnerabilities (24%) Domain 2.0 – Architecture and Design (21%) Domain 3.0 – Implementation (25%) Domain 4.0 – Operations and Incident Response (16%) Domain 5.0 – Governance, Risk, and Compliance (14%)
HOW DO I TAKE THE COMPTIA SECURITY+ EXAM? Once you’re ready to take the CompTIA Security+ exam, you must first purchase an exam voucher. (Pro tip: Be sure to search for a discounted voucher!) You will then need to create or login into your account at home.pearsonvue. com, select the CompTIA Security+ exam, and enter the unique ID from your exam voucher.
Next, you will go to a page where you can sign up to take the exam in-person at an authorized PearsonVue Testing Center in your area, or you can sign up for an at-home testing experience using OnVUE.
The last step is to take and pass the exam. Be sure to let me know when you pass, I love to hear about my students’ success!
*Practice test questions are drawn from the McGraw-Hill Mike Meyers’ CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601)
What you’ll learn What types of questions you’ll see on the real exam Which exam domains you need to spend more time studying How you can most efficiently prepare for the exam When you’re ready for the exam by passing these practice tests consistently with a 90-95%
Are there any course requirements or prerequisites? This practice test course is designed for anyone who wants to make sure they are ready to pass the CompTIA Security+ SY0-601 exam CompTIA recommends having your CompTIA Network+ certification (or equivalent) and two years of experience in IT administration with a security focus before sitting for this exam
Who this course is for: This practice test course is for anyone who is preparing to take the CompTIA Security+ Certification (SY0-601) exam and wants to test their knowledge and make sure they are ready to pass the real CompTIA exam
QUESTION 1 Which of the following will MOST likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back-end LAMP server and OT systems with human-management interfaces that are accessible over the Internet via a web interface? (Choose two.)
A. Cross-site scripting B. Data exfiltration C. Poor system logging D. Weak encryption E. SQL injection F. Server-side request forgery
Answer: DF
QUESTION 2 A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company?s data?
A. Containerization B. Geofencing C. Full-disk encryption D. Remote wipe
Answer: C
QUESTION 3 A Chief Security Office’s (CSO’s) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO’s objectives?
A. Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares. B. Purchase cyber insurance from a reputable provider to reduce expenses during an incident. C. Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization’s susceptibility to phishing attacks. D. Implement application whitelisting and centralized event-log management, and perform regular testing and validation of full backups. Answer: D
QUESTION 4 A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)
A. Perform a site survey B. Deploy an FTK Imager C. Create a heat map D. Scan for rogue access points E. Upgrade the security protocols F. Install a captive portal
Answer: A,C
QUESTION 5 A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee?s hard disk. Which of the following should the administrator use?
A. dd B. chmod C. dnsenum D. logger
Answer: A
QUESTION 6 Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?
These CompTIA CySA+ (CS0-002) Practice Exams provide you with realistic test questions and interactive, question-level feedback.
1 = 295 Q&A and 7 full-length practice exams of 75 unique questions, We have carefully hand-crafted each question to put you to the test and prepare you to pass the exam with confidence.
All questions are based on the Exam Objectives for the CompTIA CySA+ (CS0-002) exam for all 5 domains of the exam, so you can take and pass the actual CompTIA CySA+ (CS0-002) Certification Exam with confidence!
Threat and Vulnerability Management (22%) Software and Systems Security (18%) Security Operations and Monitoring (25%) Incident Response (25%) Compliance and Assessment (13%)
After taking this CySA+ (CS0-002) Practice Exam course, you won’t be hoping you are ready, you will know you are ready to sit for and pass the exam.
After practicing these tests and scoring an 90% or higher on them, you should be ready to PASS on the first attempt and avoid costly re-schedule fees, saving you time and money.
You will receive your total final score, a breakdown of how you did in each of the five domains, and a detailed explanation for every question in our database, telling you exactly why each option was correct or wrong. This way, you can pinpoint the areas in CySA+ which you need to improve and study further.
This course stays current and up-to-date with the latest release of the CompTIA CySA+ exam (CS0-002), and also provides a 30-day money-back guarantee if you are not satisfied with the quality of this course for any reason!
What you’ll learn Take and pass the CompTIA CySA+ (CS0-002) certification exam
Are there any course requirements or prerequisites? You should have a basic understanding of networks and network security You should have read a book, watched a video series, or otherwise started studying for the CySA+ exam
Who this course is for: Students preparing for the CompTIA CySA+ (CS0-002) Certification Exam This Course Included
Threat and Vulnerability Management Utilize and apply proactive threat intelligence to support organizational security and perform vulnerability management activities
Security Operations and Monitoring Analyze data as part of continuous security monitoring activities and implement configuration changes to existing controls to improve security
Software and Systems Security Apply security solutions for infrastructure management and explain software & hardware assurance best practices
Incident Response Apply the appropriate incident response procedure, analyze potential indicators of compromise, and utilize basic digital forensics techniques
Compliance and Assessment Apply security concepts in support of organizational risk mitigation and understand the importance of frameworks, policies, procedures, and controls
Jobs that use CompTIA CySA+
Security analyst -Tier II SOC analyst -Security monitoring
Threat intelligence analyst Security engineer
Application security analyst Incident response or handler
Question 1: Which of the following would be used to prevent a firmware downgrade?
A. A. TPM B. B. HSM C. C. SED D. D. Efuse
Correct Answer: D
Explanation OBJ-4.2: eFUSE is an Intel-designed mechanism to allow software instructions to blow a transistor in the hardware chip. One use of this is to prevent firmware downgrades, implemented on some game consoles and smartphones. Each time the firmware is upgraded, the updater blows an eFUSE. When there is a firmware update, the updater checks that the number of blown eFUSEs is not less than the firmware version number. A self-encrypting drive (SED) uses cryptographic operations performed by the drive controller to encrypt a storage device’s contents. A trusted platform module (TPM) is a specification for hardware-based storage of digital certificates, cryptographic keys, hashed passwords, and other user and platform identification information. The TPM is implemented either as part of the chipset or as an embedded function of the CPU. A hardware security module (HSM) is an appliance for generating and storing cryptographic keys. An HSM solution may be less susceptible to tampering and insider threats than software-based storage.
Question 2 After 9 months of C++ programming, the team at Whammiedyne systems has released their new software application. Within just 2 weeks of release, though, the security team discovered multiple serious vulnerabilities in the application that must be corrected. To retrofit the source code to include the required security controls will take 2 months of labor and will cost $100,000. Which development framework should Whammiedyne use in the future to prevent this situation from occurring in other projects?
A. A. Agile Model B. B. DevOps C. C. Waterfall Model D. D. DevSecOps
Correct Answer: D
Explanation OBJ-3.4: DevSecOps is a combination of software development, security operations, and systems operations and refers to the practice of integrating each discipline with the others. DevSecOps approaches are generally better postured to prevent problems like this because security is built-in during the development instead of retrofitting the program afterward. The DevOps development model incorporates IT staff but does not include security personnel. The agile software development model focuses on iterative and incremental development to account for evolving requirements and expectations. The waterfall software development model cascades the phases of the SDLC so that each phase will start only when all of the tasks identified in the previous phase are complete. A team of developers can make secure software using either the waterfall or agile model. Therefore, they are not the right answers to solve this issue.
Question 3: Which of the following secure coding best practices ensures a character like < is translated into the < string when writing to an HTML page?
A. A. Output encoding B. B. Error handling C. C. Session management D. D. Input validation
Correct Answer: A
Explanation OBJ-2.2: Output encoding involves translating special characters into some different but equivalent form that is no longer dangerous in the target interpreter, for example, translating the < character into the < string when writing to an HTML page. Input validation is performed to ensure only properly formed data is entering the workflow in an information system, preventing malformed data from persisting in the database and triggering the malfunction of various downstream components. Improper error handling can introduce various security problems where detailed internal error messages such as stack traces, database dumps, and error codes are displayed to an attacker. The session management implementation defines the exchange mechanism that will be used between the user and the web application to share and continuously exchange the session ID.
Question 4 Which of the following tools is useful for capturing Windows memory data for forensic analysis?
A. A. dd B. B. Memdump C. C. Wireshark D. D. Nessus
Correct Answer: B
Explanation OBJ-4.4: The Memdump, Volatility framework, DumpIt, and EnCase are examples of Windows memory capture tools for forensic use. The dd tool is used to conduct forensic disk images. Wireshark is used for packet capture and analysis. Nessus is a commonly used vulnerability scanner.
Question 5 Hilda needs a cost-effective backup solution that would allow for the restoration of data within a 24 hour RPO. The disaster recovery plan requires that backups occur during a specific timeframe each week, and then the backups should be transported to an off-site facility for storage. What strategy should Hilda choose to BEST meet these requirements?
A. A. Create a daily incremental backup to tape B. B. Create disk-to-disk snapshots of the server every hour C. C. Conduct full backups daily to tape D. D. Configure replication of the data to a set of servers located at a hot site
Correct Answer: A
Explanation OBJ-5.2: Since the RPO must be within 24 hours, daily or hourly backups must be conducted. Since the requirement is for backups to be conducted at a specific time each week, hourly snapshots would not meet this requirement and are not easily transported since they are being conducted as a disk-to-disk backup. Replication to a hot site environment also doesn’t allow for transportation of the data to an off-site facility for storage, and replication would continuously occur throughout the day. Therefore, a daily incremental backup should be conducted since it will require the least amount of time to conduct. The tapes could be easily transported for storage and restored incrementally from tape since the last full backup was conducted.
The CompTIA Security+ certification exam will verify the successful candidate has the knowledge and skills required to assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; monitor and secure hybrid environments, including cloud, mobile, and IoT; operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; identify, analyze, and respond to security events and incidents
Number of Questions Maximum of 90 questions Type of Questions Multiple choice and performance-based Length of Test 90 minutes Passing Score 750 (on a scale of 100-900) Recommended Experience CompTIA Network+ and two years of experience in IT administration with a security focus Languages English, Japanese, Portuguese and Simplified Chinese English, Japanese Retirement English retires: July 31, 2021 All other languages retire: Q1 2022 Usually three years after launch Testing Provider Pearson VUE Testing Centers : Online Testing
Official CompTIA Content (OCC) has been designed from the ground up to help you learn and master the material in your certification exam. Trust self-paced CompTIA study guides that are
Clearly written and structured. Flexible so you can learn at any pace. Focused on your exam success.
Save With a Bundle CompTIA Training bundles are a great way to continue your learning process in every stage of your exam preparation. Complement a study guide with popular training options such as:
Learn online with CertMaster Learn. Apply your knowledge with CertMaster Labs Practice and prepare for your exam with CertMaster Practice.
Why is it different? More choose Security+ – chosen by more corporations and defense organizations than any other certification on the market to validate baseline security skills and for fulfilling the DoD 8570 compliance. Security+ proves hands-on skills – the only baseline cybersecurity certification emphasizing hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of today’s complex issues. More job roles turn to Security+ to supplement skills – baseline cybersecurity skills are applicable across more of today’s job roles to secure systems, software and hardware. Security+ is aligned to the latest trends and techniques – covering the most core technical skills in risk assessment and management, incident response, forensics, enterprise networks, hybrid/cloud operations, and security controls, ensuring high-performance on the job.
Two people looking at many monitors. About the exam CompTIA Security+ (SY0-501) English language exam will retire on July 31, 2021.
The new Security+ (SY0-601) is now available.
CompTIA Security+ is the first security certification a candidate should earn. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Security+ incorporates best practices in hands-on troubleshooting, ensuring candidates have practical security problem-solving skills required to:
Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions Monitor and secure hybrid environments, including cloud, mobile, and IoT Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance Identify, analyze, and respond to security events and incidents
Security+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
What Skills Will You Learn? HARDWARE : Attacks, Threats and Vulnerabilities
Focusing on more threats, attacks, and vulnerabilities on the Internet from newer custom devices that must be mitigated, such as IoT and embedded devices, newer DDoS attacks, and social engineering attacks based on current events.
SECURITY Architecture and Design
Includes coverage of enterprise environments and reliance on the cloud, which is growing quickly as organizations transition to hybrid networks.
HARDWARE & NETWORK TROUBLESHOOTING
Implementation Expanded to focus on administering identity, access management, PKI, basic cryptography, wireless, and end-to-end security.
WINDOWS OPERATING SYSTEMS
Operations and Incident Response Covering organizational security assessment and incident response procedures, such as basic threat detection, risk mitigation techniques, security controls, and basic digital forensics. SOFTWARE TROUBLESHOOTING Governance, Risk and Compliance
Expanded to support organizational risk management and compliance to regulations, such as PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.
Jobs that use CompTIA Security+ Security Administrator
QUESTION 1 Which of the following will MOST likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back-end LAMP server and OT systems with human-management interfaces that are accessible over the Internet via a web interface? (Choose two.)
A. Cross-site scripting B. Data exfiltration C. Poor system logging D. Weak encryption E. SQL injection F. Server-side request forgery
Correct Answer: DF
QUESTION 2 A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company’s data?
A. Containerization B. Geofencing C. Full-disk encryption D. Remote wipe
Correct Answer: C
QUESTION 3 A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)
A. Perform a site survey B. Deploy an FTK Imager C. Create a heat map D. Scan for rogue access points E. Upgrade the security protocols F. Install a captive portal
Correct Answer: AC
QUESTION 4 Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?
Career growth continues to boom in the infrastructure space as more workers telecommute and businesses move to off-premises cloud solutions. The new CompTIA Cloud+ (CV0-003), which will be available in May 2021, reflects these changes with an increased focus on the skills needed to make the cloud more secure and available. Here’s what you need to know about the new CompTIA Cloud+. How Is the New CompTIA Cloud+ Different? While still covering the foundational aspects of cloud technology emphasized in CompTIA Cloud+ (CV0-002), the refreshed offering expands in two important areas – security and high-availability.
The new CompTIA Cloud+ covers in greater depth the skills and abilities needed to secure the cloud, validating that candidates have the hands-on experience needed to secure environments regardless of the vendor solution.
In addition to validating the technical security skills cloud engineers need, the exam continues to highlight the importance of compliance requirements – a key function in today’s ever-changing regulatory world.
The refreshed CompTIA Cloud+ (CV0-003) also includes an entire objective dedicated to high-availability – the goal of ensuring around-the-clock access to all your data and software as a service (SaaS) applications. This highlights the move toward cloud-hosted solutions throughout enterprise and small-business.
CompTIA recognizes that in a work-from-home world, it is critical for remote employees to have secure, uninterrupted access to data, applications and the solutions that allow business to succeed. CompTIA Cloud+ validates the skills and abilities that make this possible.
Overall, the CompTIA Cloud+ exam tests candidates in the following areas of cloud computing: Cloud architecture and design Securing the cloud Automation and virtualization Optimization of cloud environments Disaster recovery Multicloud environments
The Importance of Multi-Vendor Cloud Skills I heard from an IT industry vice president recently that mergers and acquisitions were starting to “take off again.” The effect of this is that if a large enterprise running Amazon Web Services (AWS) acquires two or three smaller organizations running Microsoft Azure and Google Cloud, then cloud engineers would need to understand not just the vendor platform, but the technical underpinnings of the cloud itself so they could work between all the elements of the full cloud stack.
Some enterprises might run multiple infrastructure as a service (IaaS) platforms for years, requiring staff to be able to operate between the major platforms. IT pros who have CompTIA Cloud+ understand the danger of vendor lock-in, and this certification validates they have the skills and knowledge to work across multi-vendor systems.
CompTIA Cloud+ is intended as a mid-career certification, for IT pros with 2 to 3 years of systems administration experience.
Cloud Smart and DoD Proven CompTIA Cloud+ has been adopted by the U.S. Department of Defense (DoD) to ensure that its personnel and contractors are appropriately trained. In February 2020, CompTIA Cloud+ met the DoD Manual 8570.01 requirements for those who work with sensitive information and need to satisfy specific job requirements.
The DoD approved CompTIA Cloud+ for three vital workforce categories: Information Assurance Manager Level I (IAM I) Cybersecurity Service Provider Infrastructure Support (CSSP-IS) CSSP Analyst (CSSP-A)
In addition to these workforce categories, CompTIA Cloud+ aligns with the U.S. Government Cloud Smart initiative. The cloud is about creating continuously updated, secure and highly available solutions – all of which are key components of the new CompTIA Cloud+ exam and illustrate the need for a security-first mindset that allows for flexible implementations of new technologies.
See What’s on the New CompTIA Cloud+ You can begin preparing for the new CompTIA Cloud+ exam now by downloading the exam objectives for free from our website. They can serve as a roadmap for your studies and get you started on the right foot.
CompTIA Cloud+ is a global certification that validates the skills needed to deploy and automate secure cloud environments that support the high availability of business systems and data.
CompTIA Cloud+ is the only performance-based IT certification that views cloud-based infrastructure services in the context of broader IT systems operations regardless of the platform. Migrating to the cloud presents opportunities to deploy, optimize, and protect mission critical applications and data storage. CompTIA Cloud+ validates the technical skills needed to secure these valuable assets.
The reality of operating multicloud environments poses new challenges. CompTIA Cloud+ is ideal for cloud engineers who need to have expertise across multiple products and systems.
CompTIA Cloud+ is the only cloud focused certification approved for DoD 8570.01-M, offering an infrastructure option for individuals who need to certify in IAM Level I, CSSP Analyst and CSSP Infrastructure Support roles.
CompTIA Cloud+ now features flexible training options including self-paced learning, live online training, custom training and labs to advance the career development of IT professionals in server administration.
Official CompTIA Content has been designed from the ground up to help you learn and master the material in your certification exam. Trust self-paced CompTIA study guides that are
Clearly written and structured Flexible so you can learn at any pace Focused on your exam success Bundled with a certification voucher or other learning tools to save you money
CompTIA Training bundles are a great way to continue your learning process in every stage of your exam preparation. Complement a study guide with popular training options such as:
QUESTION 1 An organization suffered a critical failure of its primary datacenter and made the decision to switch to the DR site. After one week of using the DR site, the primary datacenter is now ready to resume operations. Which of the following is the MOST efficient way to bring the block storage in the primary datacenter up to date with the DR site?
A. Set up replication. B. Copy the data across both sites. C. Restore incremental backups. D. Restore full backups.
Correct Answer: A
QUESTION 2 Which of the following service models would be used for a database in the cloud?
A. PaaS B. IaaS C. CaaS D. SaaS
Correct Answer: D
QUESTION 3 A systems administrator is troubleshooting network throughput issues following a deployment. The network is currently being overwhelmed by the amount of traffic between the database and the web servers in the environment. Which of the following should the administrator do to resolve this issue?
A. Set up affinity rules to keep web and database servers on the same hypervisor. B. Enable jumbo frames on the gateway. C. Move the web and database servers onto the same VXLAN. D. Move the servers onto thick-provisioned storage.
Correct Answer: B
QUESTION 4 A systems administrator is building a new visualization cluster. The cluster consists of five virtual hosts, which each have flash and spinning disks. This storage is shared among all the virtual hosts, where a virtual machine running on one host may store data on another host. This is an example of:
A. a storage area network. B. a network file system. C. hyperconverged storage. D. thick-provisioned disks.
Correct Answer: A
QUESTION 5 A cloud administrator is designing a multiregion network within an IaaS provider. The business requirements for configuring the network are as follows: Use private networking in and between the multisites for data replication. Use low latency to avoid performance issues. Which of the following solutions should the network administrator use within the IaaS provider to connect multiregions?
CompTIA Project+ gives business professionals – inside and outside of IT – the basic concepts to successfully manage small- to medium-sized projects.
Why is it different?
CompTIA Project+ is ideal for professionals who need to manage smaller, less complex projects as part of their other job duties but still have foundational project management skills. Project+ is more versatile than other certifications because it covers essential project management concepts beyond the scope of just one methodology or framework.
About the exam The CompTIA Project+ examination is designed for business professionals who coordinate or manage small-to-medium-sized projects. The successful candidate will have the knowledge and skills required to:
Manage the project life cycle Ensure appropriate communication Manage resources and stakeholders Maintain project documentation
Exam Details Exam Codes PK0-004 Exam Description CompTIA Project+ is designed for business professionals who coordinate or manage small-to-medium-size projects, inside and outside of IT. The exam certifies the knowledge and skills required to manage the project life cycle, ensure appropriate, communication, manage resources, manage stakeholders, and maintain project documentation. Number of Questions Maximum of 95 questions Type of Questions Multiple choice questions (single and multiple response), and drag and drops Length of Test 90 Minutes Passing Score 710 (on a scale of 100-900) Recommended Experience At least 12 months of cumulative project management experience or equivalent education Launch Date March 15 2017 Retirement N/A Languages English, Japanese Testing Provider Pearson VUE Testing Centers Online Testing
What Skills Will You Learn? HARDWARE PROJECT BASICS
Summarize the properties of project, phases, schedules, roles and responsibilities, and cost controls, as well as identifying the basic aspects of Agile methodology WINDOWS OPERATING SYSTEMS PROJECT CONSTRAINTS
Predict the impact of various constraint variables and influences throughout the project and explain the importance of risk strategies and activities SOFTWARE TROUBLESHOOTING COMMUNICATION & CHANGE MANAGEMENT
Understand appropriate communication methods of influence and use change control processes within the context of a project NETWORKING PROJECT TOOLS & DOCUMENTATION
Compare and contrast various project management tools and analyze project and partner-centric documentation
Official CompTIA Content (OCC) has been designed from the ground up to help you learn and master the material in your certification exam. Trust self-paced CompTIA study guides that are
Clearly written and structured. Flexible so you can learn at any pace. Focused on your exam success.
Save With a Bundle CompTIA Training bundles are a great way to continue your learning process in every stage of your exam preparation. Complement a study guide with popular training options such as:
QUESTION 1 A project manager is attempting to establish the proper sequencing and duration of project activities. Which of the following would be the MOST beneficial?
A. Network diagram B. Ishikawa diagram C. WBS D. Gantt chart
Correct Answer: A
QUESTION 2 Which of the following are characteristics of a project? (Choose two.)
A. Ongoing B. Temporary C. Start and finish D. Achieving a goal E. Consisting of milestones F. Restricting the budget
Correct Answer: BC
QUESTION 3 A company has determined it does not have the in-house capability to perform a project and wants to procure third-party services. Which of the following documents will the company MOST likely release FIRST?
A. RFO B. RFI C. RFP D. RFQ
Correct Answer: B
QUESTION 4 The project manager was asked to provide recommendations for the removal of a vendor. A meeting was scheduled with the key stakeholders and the project sponsor to highlight the reasons for this recommendation. Which of the following should the project manager bring to the meeting to support this recommendation? (Choose two.)
A. The issue log to show why the vendor should be replaced. B. The team action items to show why the vendor should be replaced. C. The scope statement to show why the vendor should be replaced. D. A procurement plan to show why the vendor should be replaced. E. A change management plan to have the vendor replaced.
Correct Answer: AE
QUESTION 5 A project manager is creating the WBS. In which of the following phases is the project?
A. Initiation B. Planning C. Execution D. Closing
Correct Answer: B
QUESTION 6 Which of the following is a characteristics of a matrix organization?
A. Authority lies solely with the project manager. B. Authority is directed by the project architect. C. Authority is shared between the project manager and project coordinator. D. Authority is shared between functional and project managers.
Security+ opens the door to your cybersecurity career! CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career
Why is it different? More choose Security+ – chosen by more corporations and defense organizations than any other certification on the market to validate baseline security skills and for fulfilling the DoD 8570 compliance.
Security+ proves hands-on skills – the only baseline cybersecurity certification emphasizing hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of today’s complex issues.
More job roles turn to Security+ to supplement skills – baseline cybersecurity skills are applicable across more of today’s job roles to secure systems, software and hardware.
Security+ is aligned to the latest trends and techniques – covering the most core technical skills in risk assessment and management, incident response, forensics, enterprise networks, hybrid/cloud operations, and security controls, ensuring high-performance on the job.
Two people looking at many monitors.
About the exam New CompTIA Security+ (SY0-601) exam launches November 12, 2020!
CompTIA Security+ is the first security certification a candidate should earn. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Security+ incorporates best practices in hands-on troubleshooting, ensuring candidates have practical security problem-solving skills required to:
Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions Monitor and secure hybrid environments, including cloud, mobile, and IoT Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance Identify, analyze, and respond to security events and incidents
Security+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
What Skills Will You Learn?
HARDWARE – Attacks, Threats and Vulnerabilities
Focusing on more threats, attacks, and vulnerabilities on the Internet from newer custom devices that must be mitigated, such as IoT and embedded devices, newer DDoS attacks, and social engineering attacks based on current events. SECURITY – Architecture and Design
Includes coverage of enterprise environments and reliance on the cloud, which is growing quickly as organizations transition to hybrid networks. HARDWARE & NETWORK TROUBLESHOOTING
Implementation Expanded to focus on administering identity, access management, PKI, basic cryptography, wireless, and end-to-end security.
WINDOWS OPERATING SYSTEMS – Operations and Incident Response
Covering organizational security assessment and incident response procedures, such as basic threat detection, risk mitigation techniques, security controls, and basic digital forensics.
SOFTWARE TROUBLESHOOTING – Governance, Risk and Compliance
Expanded to support organizational risk management and compliance to regulations, such as PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.
Jobs that use CompTIA Security+
Security Administrator
Systems Administrator
Helpdesk Manager / Analyst
Network / Cloud Engineer
Security Engineer / Analyst
DevOps / Software Developer
IT Auditors
IT Project Manage
Exam Codes SY0-501 SY0-601 Launch Date October 4, 2017 November 12, 2020
Exam Description: The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability. The CompTIA Security+ certification exam will verify the successful candidate has the knowledge and skills required to assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; monitor and secure hybrid environments, including cloud, mobile, and IoT; operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; identify, analyze, and respond to security events and incidents
Number of Questions Maximum of 90 questions Type of Questions Multiple choice and performance-based Length of Test 90 minutes Passing Score 750 (on a scale of 100-900) Recommended Experience CompTIA Network+ and two years of experience in IT administration with a security focus Languages English, Japanese, Portuguese and Simplified Chinese English, Japanese Retirement July 31, 2021 Usually three years after launch
IT certifications show employers that candidates have the knowledge and skills they need to do the job, and they help IT pros advance in their careers. As cybersecurity has become a critical function, cybersecurity certifications are among the most popular IT certifications globally. More than 500,000 IT pros have earned CompTIA Security+, and the soon-to-be-released 2020 IT Skills and Salary Report includes CompTIA Security+ among the top 10 cybersecurity certifications.
CompTIA Security+ is chosen by more employers than any other IT certification to prove hands-on core cybersecurity skills and fulfills U.S. Department of Defense (DoD) 8570 compliance. As the need to secure more systems, software and hardware grows, more IT job roles are now turning to CompTIA Security+ to supplement cybersecurity skills.
IT Jobs Related to CompTIA Security+ As you may know, the next version of CompTIA Security+ (SY0-601) will launch in November 2020. CompTIA updates its certifications every three years to keep up with evolving technology so your skills are relevant and you stay up to date on the latest technologies.
As cyberattacks continue to grow, more IT job roles are tasked with baseline security readiness and responding to address today’s cyberthreats. Updates to CompTIA Security+ reflect those skills and prepare you to be more proactive in preventing the next cyberattack.
The primary CompTIA Security+ job roles remain the same, as the core security skills’ requirements for those jobs have not largely changed over time: Security Administrator – Systems Administrator
But the following IT job roles can also benefit from a CompTIA Security+ cybersecurity certification:
Help Desk Manager/Analyst Network Engineer Cloud Engineer IT Auditor Security Officer Information Security Manager IT Project Manager DevOps/Software Developer
And even though CompTIA Security+ covers more foundational cybersecurity skills, it sets IT pros up for success in these more advanced cybersecurity job roles: Cybersecurity Analyst Security Engineer Security Architect
CompTIA Security+ 501 vs 601 CompTIA Security+ addresses the latest cybersecurity trends and techniques – covering the most core technical skills in risk assessment and management, incident response, forensics, enterprise networks, hybrid/cloud operations and security controls, ensuring high performance on the job. Let’s break down some of the highlights. CompTIA Security+ 501 vs. 601 Exam Domains
The CompTIA Security+ (SY0-601) exam now covers five major domains instead of six, guided by a maturing industry job role.
Threats, Attacks and Vulnerabilities (21%) Technologies and Tools (22%) Architecture and Design (15%) Identity and Access Management (16%) Risk Management (14%) Cryptography and PKI (12%)
Attacks, Threats and Vulnerabilities (24%) Architecture and Design (21%) Implementation (25%) Operations and Incident Response (16%) Governance, Risk and Compliance (14%)
CompTIA Security+ 601 focuses on the most up-to-date and current skills needed for the following tasks: Assess the cybersecurity posture of an enterprise environment Recommend and implement appropriate cybersecurity solutions Monitor and secure hybrid environments Operate with an awareness of applicable laws and policies Identify, analyze and respond to cybersecurity events and incidents
CompTIA Security+ 501 vs. 601 Exam Objectives IT careers are made here – click to subscribe and get a 10% discount on CompTIA products
Although the exam objectives document is longer, the new exam actually has fewer objectives. CompTIA Security+ (SY0-601) has 35 exam objectives, compared to 37 on SY0-501. The difference is that the exam objectives for SY0-601 include more examples under each objective – the number of examples increased by about 25%.
This was intentional to help you better understand the meaning of each exam objective. The more examples and details we provide, the more helpful the exam objectives are for IT pros to prepare for their certification exam and, ultimately, the job itself.
But remember, exam objectives are not exhaustive: you may encounter other examples of technologies, processes or tasks on the exam. The exam questions are not based on these bulleted examples, but on the overarching exam objectives themselves. CompTIA is constantly reviewing exam content and updating questions to ensure relevance and exam integrity.
How CompTIA Security+ Evolves with the Industry In a field like cybersecurity, where the job is continually evolving, CompTIA exam domains need to reflect what’s happening in the industry. The following table explains why we updated the CompTIA Security+ exam domains and how they relate to job
Exam Domain
Description How It Applies to IT Jobs Attacks, Threats and Vulnerabilities
Includes attacks, threats and vulnerabilities from IoT and embedded devices, newer DDoS attacks and social engineering.
According to Accenture, 68% of business leaders feel their cybersecurity risks are increasing. To combat these emerging threats, IT pros must help identify cyberattacks and vulnerabilities to mitigate them before they infiltrate information systems.
Architecture and Design Includes coverage of enterprise environments and reliance on the cloud, which is growing quickly as organizations transition to hybrid networks (on-premises and cloud).
To maintain a strong cybersecurity posture and to support hybrid environments, IT pros must understand secure virtualization, secure application deployment and automation concepts.
Implementation Includes a focus on administering identity, access management, basic cryptography, PKI, wireless and end-to-end security.
To support organizational cybersecurity, IT pros must identify and implement the best protocols and encryption for a particular network/cloud design, mobile solution or wireless setting, for example.
Operations and Incident Response Includes organizational security assessments and incident response procedures, such as detection, mitigation and basic digital forensics of incidents.
To support operations and the influx of recent cyberattacks, IT pros are called upon to perform incident response earlier in their careers. They must be able to apply basic mitigation techniques and security controls to protect systems.
Governance, Risk and Compliance Includes how to support basic organizational risk management, security controls and teamwork to support regulations such as PCI-DSS, SOX, HIPAA, GDPR, NIST and CCPA.
In a recent survey of CompTIA certification holders, nearly 60% reported an increase in compliance tasks. To support governance, risk and compliance, IT pros must understand compliance security controls, how they reduce risk and how to implement them to improve cybersecurity posture.
How to Train for CompTIA Security+ It may seem like CompTIA Security+ covers a lot of ground, but don’t worry, we’ve got you! CompTIA offers training solutions, including study guides, online self-study tools and instructor-led courses, that are designed to cover what you need to know for your CompTIA exam. No other content library covers all exam objectives for all certifications.
CompTIA training solutions help you prepare for your CompTIA certification exam with confidence. Whether you are just starting to prepare and need comprehensive training with CompTIA CertMaster Learn, want to apply your knowledge hands-on with CompTIA Labs, need a final review with CompTIA CertMaster Practice or need to renew your certification with CompTIA CertMaster CE, CompTIA’s online training tools have you covered.
QUESTION 1 Which of the following will MOST likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back-end LAMP server and OT systems with human-management interfaces that are accessible over the Internet via a web interface? (Choose two.)
A. Cross-site scripting B. Data exfiltration C. Poor system logging D. Weak encryption E. SQL injection F. Server-side request forgery
Correct Answer: DF
QUESTION 2 A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company’s data?
A. Containerization B. Geofencing C. Full-disk encryption D. Remote wipe
Correct Answer: C
QUESTION 3 A Chief Security Office’s (CSO’s) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO’s objectives?
A. Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares. B. Purchase cyber insurance from a reputable provider to reduce expenses during an incident. C. Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization’s susceptibility to phishing attacks. D. Implement application whitelisting and centralized event-log management, and perform regular testing and validation of full backups.
Correct Answer: D
QUESTION 4 A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)
A. Perform a site survey B. Deploy an FTK Imager C. Create a heat map D. Scan for rogue access points E. Upgrade the security protocols F. Install a captive portal
Correct Answer: AC QUESTION 5 A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee’s hard disk. Which of the following should the administrator use?
Recertify with a CompTIA Recertification Exam
The CompTIA Recertification Exam Series bridges the content gap between the exam that you passed and the exam objectives of the most current release.
Overview and Eligibility You are eligible to take a CompTIA recertification exam if you passed an earlier version and your certification has not expired.
If you are eligible to take the recertification exam, CompTIA will automatically notify you via email and provide you with a Private Access Code (PAC).
CompTIA recertification exams are online exams that you may take from anywhere with an internet connection, as long as your system meets the minimum requirements.
Online recertification exams are available for the following CompTIA certifications:
What You Need to Know Timing: Once you register for your exam, you have 45 days to complete it. You must pass the CompTIA recertification exam during your three-year renewal cycle.
Relevance: The exam must match the CompTIA certification you are renewing. If you hold higher-level CompTIA certifications, you will want to review your options to renew the highest level that you have, as it will automatically renew qualifying lower-level CompTIA certifications.
Documentation: After passing the exam, CompTIA will automatically renew your certification. You will not need to submit further documentation.
CE Fees: The CE fees are waived if you pass a recertification exam. CompTIA recertification exams follow the same policies as full CompTIA exams.
CompTIA Security+ Recertification Exam Details
Exam Codes RC0-501
Launch Date December 5, 2017
Eligibility Candidates MUST have:
An active Security+ CE certification earned by passing exam SY0-401 or earlier.
Received an email from CompTIA containing a Private Access Code (PAC).
Exam Description The Security Recertification Exam covers these domains:
1.0 Threats, Attacks and Vulnerabilities (12% of total)
2.0 Technologies and Tools (43% of total)
3.0 Architecture and Design (9% of total)
4.0 Identity and Access Management (27% of total)
5.0 Cryptography and PKI (9% of total)
Recertification Exam Objectives Download
Number of Questions 35
Type of Questions Multiple Choice questions (single and multiple response)
Length of Test 75 Minutes
Passing Score 750 (on a scale of 100-900)
Delivery Non-proctored Pearson IBT
CEU Impact
Only candidates with an active Security+ CE certification will receive CEU credit.
Passing the exam will automatically renew your existing Security+ CE. Please allow 1-3 days for your record to be updated.
QUESTION 1
An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection. Which of the following steps should the responder perform NEXT?
A. Capture and document necessary information to assist in the response.
B. Request the user capture and provide a screenshot or recording of the symptoms.
C. Use a remote desktop client to collect and analyze the malware in real time.
D. Ask the user to back up files for later recovery.
Answer: C
QUESTION 2 When performing data acquisition on a workstation, which of the following should be captured based on memory volatility? (Select two.)
A. USB-attached hard disk
B. Swap/pagefile
C. Mounted network storage
D. ROM
E. RAM
Answer: A,D
QUESTION 3 A company’s user lockout policy is enabled after five unsuccessful login attempts. The help desk notices a user is repeatedly locked out over the course of a workweek. Upon contacting the user, the help desk discovers the user is on vacation and does not have network access. Which of the following types of attacks are MOST likely occurring? (Select two.)
A. Replay
B. Rainbow tables
C. Brute force
D. Pass the hash
E. Dictionary
Answer: D,E
QUESTION 4 As part of a new industry regulation, companies are required to utilize secure, standardized OS settings. A technical must ensure the OS settings are hardened. Which of the following is the BEST way to do this?
A. Use a vulnerability scanner.
B. Use a configuration compliance scanner.
C. Use a passive, in-line scanner.
D. Use a protocol analyzer.
Answer: A
QUESTION 5 A security analyst wishes to increase the security of an FTP server. Currently, all traffic to the FTP server is unencrypted.
Users connecting to the FTP server use a variety of modern FTP client software.
The security analyst wants to keep the same port and protocol, while also still allowing unencrypted connections.
Which of the following would BEST accomplish these goals?
A. Require the SFTP protocol to connect to the file server.
B. Use implicit TLS on the FTP server.
C. Use explicit FTPS for connections.
D. Use SSH tunneling to encrypt the FTP traffic.
