compTIA Security+ SY0-601 Practice Questions
and Answers 2025 – 2026(Verified)complete sol,
Exams of Computer Communication Systems
Which of the following is MOST likely to contain ranked and ordered information
on the likelihood and potential impact of catastrophic events that may affect
business processes and systems, while also highlighting the residual risks that
need to be managed after mitigating controls have been implemented?
A. An RTO report
B. A risk register
C. A business impact analysis
D. An asset value register
E. A disaster recovery plan B. A risk register
A risk register is a document that records all of your organization's identified risks, the likelihood
and consequences of a risk occurring, the actions you are taking to reduce those risk and who is
responsible for managing them
An application developer accidentally uploaded a company's code-signing
certificate private key to a public web server. The company is concerned
about malicious use of its certificate. Which of the following should the
company do FIRST?
A. Delete the private key from the repository.
B. Verify the public key is not exposed as well.
C. Update the DLP solution to check for private keys.
D. Revoke the code-signing certificate. D. Revoke the code-signing certificate.
1|Page
,Explanation: We need to revoke the code-signing certificate as this is the most secure way to
ensure that the compromised key wont be used by attackers. Usually there are bots crawling all
over repos searching for this kind of human error.
Which of the following will increase cryptographic security?
A. High data entropy
B. Algorithms that require less computing power
C. Longer key longevity
D. Hashing A. High data entropy
Entropy, in cyber security, is a measure of the randomness or diversity of a data-generating
function. Data with full entropy is completely random and no meaningful patterns can be found.
Low entropy data provides the ability or possibility to predict forthcoming generated values.
Digital signatures use asymmetric encryption. This means the message is
encrypted with:
A. the sender's private key and decrypted with the sender's public key
B. the sender's public key and decrypted with the sender's private key
C. the sender's private key and decrypted with the recipient's public key.
D. the sender's public key and decrypted with the recipient's private key A. the sender's
private key and decrypted with the sender's public key
What is Asymmetric Encryption? As the name implies, asymmetric encryption is different on
each side; the sender and the recipient use two different keys. Asymmetric encryption, also
known as public key encryption, uses a public key-private key pairing: data encrypted with the
public key can only be decrypted with the private key.
Which of the following is a reason to publish files' hashes?
A. To validate the integrity of the files
B. To verify if the software was digitally signed
C. To use the hash as a software activation key
D. To use the hash as a decryption passphrase A. To validate the integrity of the files
2|Page
,Which of the following is the FIRST step the senior colleague will most
likely tell the analyst to perform to accomplish this task?
A. Create an OCSP
B. Generate a CSR
C. Create a CRL
D. Generate a .pfx file B. Generate a CSR (Certificate Signing Request)
What is OCSP? Online Certificate Status Protocol
What is CSR? Certificate Signing Request
What is CRL? Certificate Revocation List
Which of the following encryption algorithms require one encryption key?
(Choose two.)
A. MD5
B. 3DES
C. BCRYPT
D. RC4
E. DSA B. 3DES
D. RC4
A security analyst was called to investigate a file received directly from a
hardware manufacturer. The analyst is trying to determine whether it is
modified in transit before installation on the user's computer. Which of the
following can be used to safely access the file?
A. Check the hash of the installation file
B. Match the file names
C. Verify the URL download location
D. Verify the code-signing certificate A. Check the hash of the installation file
3|Page
, A forensic analyst needs to prove that data has not been tampered with
since it was collected. Which of the following methods will the analyst
MOST likely use?
A. Look for tampering on the evidence collection bag
B. Encrypt the collected data using asymmetric encryption
C. Ensure proper procedures for chain of custody are being followed
D. Calculate the checksum using a hashing algorithm D. Calculate the checksum using a
hashing algorithm
What is checksum of a hash? Generated by a cryptographic algorithm, a cryptographic
checksum is a mathematical value assigned to a file sent through a network for verifying that
the data contained in that file is unchanged.
Business partners are working on a security mechanism to validate
transactions securely. The requirement is for one company to be
responsible for deploying a trusted solution that will register and issue
artifacts used to sign, encrypt, and decrypt transaction files. Which of the
following is the BEST solution to adopt?
A. PKI
B. Blockchain
C. SAML
D. OAuth A. PKI
A company wants to simplify the certificate management process. The
company has a single domain with several dozen subdomains, all of which
are publicly accessible on the internet. Which of the following BEST
describes the type of certificate the company should implement?
A. Subject alternative name
B. Wildcard
C. Self-signed
4|Page
and Answers 2025 – 2026(Verified)complete sol,
Exams of Computer Communication Systems
Which of the following is MOST likely to contain ranked and ordered information
on the likelihood and potential impact of catastrophic events that may affect
business processes and systems, while also highlighting the residual risks that
need to be managed after mitigating controls have been implemented?
A. An RTO report
B. A risk register
C. A business impact analysis
D. An asset value register
E. A disaster recovery plan B. A risk register
A risk register is a document that records all of your organization's identified risks, the likelihood
and consequences of a risk occurring, the actions you are taking to reduce those risk and who is
responsible for managing them
An application developer accidentally uploaded a company's code-signing
certificate private key to a public web server. The company is concerned
about malicious use of its certificate. Which of the following should the
company do FIRST?
A. Delete the private key from the repository.
B. Verify the public key is not exposed as well.
C. Update the DLP solution to check for private keys.
D. Revoke the code-signing certificate. D. Revoke the code-signing certificate.
1|Page
,Explanation: We need to revoke the code-signing certificate as this is the most secure way to
ensure that the compromised key wont be used by attackers. Usually there are bots crawling all
over repos searching for this kind of human error.
Which of the following will increase cryptographic security?
A. High data entropy
B. Algorithms that require less computing power
C. Longer key longevity
D. Hashing A. High data entropy
Entropy, in cyber security, is a measure of the randomness or diversity of a data-generating
function. Data with full entropy is completely random and no meaningful patterns can be found.
Low entropy data provides the ability or possibility to predict forthcoming generated values.
Digital signatures use asymmetric encryption. This means the message is
encrypted with:
A. the sender's private key and decrypted with the sender's public key
B. the sender's public key and decrypted with the sender's private key
C. the sender's private key and decrypted with the recipient's public key.
D. the sender's public key and decrypted with the recipient's private key A. the sender's
private key and decrypted with the sender's public key
What is Asymmetric Encryption? As the name implies, asymmetric encryption is different on
each side; the sender and the recipient use two different keys. Asymmetric encryption, also
known as public key encryption, uses a public key-private key pairing: data encrypted with the
public key can only be decrypted with the private key.
Which of the following is a reason to publish files' hashes?
A. To validate the integrity of the files
B. To verify if the software was digitally signed
C. To use the hash as a software activation key
D. To use the hash as a decryption passphrase A. To validate the integrity of the files
2|Page
,Which of the following is the FIRST step the senior colleague will most
likely tell the analyst to perform to accomplish this task?
A. Create an OCSP
B. Generate a CSR
C. Create a CRL
D. Generate a .pfx file B. Generate a CSR (Certificate Signing Request)
What is OCSP? Online Certificate Status Protocol
What is CSR? Certificate Signing Request
What is CRL? Certificate Revocation List
Which of the following encryption algorithms require one encryption key?
(Choose two.)
A. MD5
B. 3DES
C. BCRYPT
D. RC4
E. DSA B. 3DES
D. RC4
A security analyst was called to investigate a file received directly from a
hardware manufacturer. The analyst is trying to determine whether it is
modified in transit before installation on the user's computer. Which of the
following can be used to safely access the file?
A. Check the hash of the installation file
B. Match the file names
C. Verify the URL download location
D. Verify the code-signing certificate A. Check the hash of the installation file
3|Page
, A forensic analyst needs to prove that data has not been tampered with
since it was collected. Which of the following methods will the analyst
MOST likely use?
A. Look for tampering on the evidence collection bag
B. Encrypt the collected data using asymmetric encryption
C. Ensure proper procedures for chain of custody are being followed
D. Calculate the checksum using a hashing algorithm D. Calculate the checksum using a
hashing algorithm
What is checksum of a hash? Generated by a cryptographic algorithm, a cryptographic
checksum is a mathematical value assigned to a file sent through a network for verifying that
the data contained in that file is unchanged.
Business partners are working on a security mechanism to validate
transactions securely. The requirement is for one company to be
responsible for deploying a trusted solution that will register and issue
artifacts used to sign, encrypt, and decrypt transaction files. Which of the
following is the BEST solution to adopt?
A. PKI
B. Blockchain
C. SAML
D. OAuth A. PKI
A company wants to simplify the certificate management process. The
company has a single domain with several dozen subdomains, all of which
are publicly accessible on the internet. Which of the following BEST
describes the type of certificate the company should implement?
A. Subject alternative name
B. Wildcard
C. Self-signed
4|Page
