CertNova
Menu

This page is provided for study guidance and may not always reflect the latest official exam updates. If you are unsure about any detail, verify on the official provider website. Official exam page.

CompTIA • Security Plus

CompTIA Security+ (SY0-701)

Identify various types of threats, attacks, and vulnerabilities, including malware, social engineering, and application attacks.

Practice setup

Start full practice setupQuick practice setsFlash CardsPBQs (coming soon)

Exam info

Exam ID
SY0-701
Cost of Exam
$425.00
Length of Test
90 Minutes
Number of Questions
Maximum of 90
View full exam details
Exam Version
V7
Launch Date
November 7, 2023
Expected Retirement Date
Currently Unknown
Recommended Experience
CompTIA Network+ and two years of experience working in a security/ systems administrator job role
Validity
3 years
Question Types
Multiple Choice / Performance Based
Passing Score
750 (on a scale of 100-900)

Domains and Objectives

General security concepts1.012%

Objectives in this domain

  • Security controls: comparing technical, preventive, managerial, deterrent, operational, detective, physical, corrective, compensating, and directive controls.
  • Fundamental concepts: summarizing confidentiality, integrity, and availability (CIA); non-repudiation; authentication, authorization, and accounting (AAA); zero trust; and deception/disruption technology.
  • Change management: explaining business processes, technical implications, documentation, and version control.
  • Cryptographic solutions: using public key infrastructure (PKI), encryption, obfuscation, hashing, digital signatures, and blockchain.
Threats, vulnerabilities, and mitigations2.022%

Objectives in this domain

  • Threat actors and motivations: comparing nation-states, unskilled attackers, hacktivists, insider threats, organized crime, shadow IT, and motivations like data exfiltration, espionage, and financial gain.
  • Threat vectors and attack surfaces: explaining message-based, unsecure networks, social engineering, file-based, voice call, supply chain, and vulnerable software vectors.
  • Vulnerabilities: explaining application, hardware, mobile device, virtualization, operating system (OS)-based, cloud-specific, web-based, and supply chain vulnerabilities.
  • Malicious activity: analyzing malware attacks, password attacks, application attacks, physical attacks, network attacks, and cryptographic attacks.
  • Mitigation techniques: using segmentation, access control, configuration enforcement, hardening, isolation, and patching.
Security architecture3.018%

Objectives in this domain

  • Architecture models: comparing on-premises, cloud, virtualization, Internet of Things (IoT), industrial control systems (ICS), and infrastructure as code (IaC).
  • Enterprise infrastructure: applying security principles to infrastructure considerations, control selection, and secure communication/access.
  • Data protection: comparing data types, securing methods, general considerations, and classifications.
  • Resilience and recovery: explaining high availability, site considerations, testing, power, platform diversity, backups, and continuity of operations.
Security operations4.028%

Objectives in this domain

  • Computing resources: applying secure baselines, mobile solutions, hardening, wireless security, application security, sandboxing, and monitoring.
  • Asset management: explaining acquisition, disposal, assignment, and monitoring/tracking of hardware, software, and data assets.
  • Vulnerability management: identifying, analyzing, remediating, validating, and reporting vulnerabilities.
  • Alerting and monitoring: explaining monitoring tools and computing resource activities.
  • Enterprise security: modifying firewalls, IDS/IPS, DNS filtering, DLP (data loss prevention), NAC (network access control), and EDR/XDR (endpoint/extended detection and response).
  • Identity and access management: implementing provisioning, SSO (single sign-on), MFA (multifactor authentication), and privileged access tools.
  • Automation and orchestration: explaining automation use cases, scripting benefits, and considerations.
  • Incident response: implementing processes, training, testing, root cause analysis, threat hunting, and digital forensics.
  • Data sources: using log data and other sources to support investigations.
Security program management and oversight5.020%

Objectives in this domain

  • Security governance: summarizing guidelines, policies, standards, procedures, external considerations, monitoring, governance structures, and roles/responsibilities.
  • Risk management: explaining risk identification, assessment, analysis, register, tolerance, appetite, strategies, reporting, and business impact analysis (BIA).
  • Third-party risk: managing vendor assessment, selection, agreements, monitoring, questionnaires, and rules of engagement.
  • Security compliance: summarizing compliance reporting, consequences of non-compliance, monitoring, and privacy.
  • Audits and assessments: explaining attestation, internal/external audits, and penetration testing.
  • Security awareness: implementing phishing training, anomalous behavior recognition, user guidance, reporting, and monitoring.

Resources

Resources are being added for this exam.

Exam history

The History of CompTIA Security+ (SY0-701 Context)

Last reviewed: 2026-03-08

CompTIA Security+ has become one of the most widely recognized foundational cybersecurity certifications for early-career practitioners. Its long-standing purpose is to validate practical security competency across technical controls, risk awareness, and operational response, making it a common baseline credential for security-focused and security-adjacent roles.

From early versions onward, Security+ has balanced conceptual coverage with hands-on applicability. The exam has consistently emphasized that candidates should be able to apply security principles in real environments, not simply memorize terminology. This practical orientation has helped Security+ remain relevant across industries and job roles.

As the cybersecurity landscape evolved, Security+ objectives expanded beyond perimeter-focused security concepts. Modern versions increasingly account for cloud and hybrid infrastructure, identity-centric security, automation workflows, operational monitoring, and coordinated incident response practices expected in contemporary organizations.

A defining trait of Security+ is that it bridges technical and governance domains. Candidates are expected to understand threats and controls, while also demonstrating awareness of policy, compliance, risk treatment, third-party exposure, and organizational security responsibilities. That breadth reflects real workplace demands where security decisions involve both engineering and oversight.

Recent exam generations highlight steady modernization. SY0-501 reinforced core cyber defense and risk concepts for broad security roles. SY0-601 expanded emphasis toward contemporary attack surfaces and operational security realities. The current SY0-701 version continues this progression with clearer structure around general security concepts, threats and mitigations, architecture, operations, and program oversight.

SY0-701, launched on November 7, 2023, reflects today's baseline expectations for security professionals supporting enterprise environments. The domain mix places meaningful weight on security operations and threat management while preserving foundational coverage of architecture, governance, and resilience planning.

Compared with older versions, SY0-701 gives more explicit attention to operational execution: vulnerability management cycles, monitoring and alerting, identity and access controls, incident response readiness, and use of data sources for investigation. This aligns the exam more closely with day-to-day responsibilities in modern security teams.

Security+ remains a strong first professional cybersecurity credential because it evolves without losing its baseline mission. Its history shows a consistent direction: maintain fundamental security principles while continuously updating objective priorities so certified candidates are prepared for current threats, technologies, and organizational requirements.

Change tracker

LatestNovember 2023

SY0-701 (V7) launched

CompTIA released Security+ SY0-701 with updated domain structure and stronger alignment to current security operations, threat management, and governance expectations in modern enterprise environments.

2023

Increased focus on operational security execution

Current objective framing places clearer emphasis on vulnerability lifecycle handling, monitoring and alerting workflows, incident response readiness, and practical use of security data in investigations.

November 2020

SY0-601 launched

SY0-601 expanded Security+ coverage for contemporary threat landscapes, including broader cloud and hybrid considerations, operational defense practices, and evolving attack techniques.

October 2017

SY0-501 launched

SY0-501 reinforced foundational cybersecurity competencies while maturing exam treatment of risk, attacks, and practical controls used in enterprise security programs.

Program history

Security+ retained as baseline professional cyber credential

Across revisions, CompTIA has maintained Security+ as a vendor-neutral entry-to-mid foundational certification that validates both technical and governance-aware security capability.