CertNova
Menu

This page is provided for study guidance and may not always reflect the latest official exam updates. If you are unsure about any detail, verify on the official provider website. Official exam page.

CompTIA • Security Plus

CompTIA Security+ (SY0-701)

Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions.

Practice setup

Start full practice setupQuick practice setsFlash CardsPerformance-based questions

Exam info

Exam ID
SY0-701
Number of Questions
Maximum of 90
View full exam details
Duration
90 minutes
Passing Score
750 (on a scale of 100-900)
Cost
$425 USD

Domains and Objectives

General security concepts1.012%

Objectives in this domain

  • Compare types of security controls (technical, preventive, managerial, deterrent, operational, detective, physical, corrective, compensating, directive).
  • Summarize core tenets (CIA and non-repudiation), AAA concepts, zero trust, and deception/disruption techniques.
  • Explain change management processes, business/technical impacts, documentation needs, and version control.
  • Apply cryptographic approaches such as PKI, encryption, obfuscation, hashing, digital signatures, and blockchain.
Threats, vulnerabilities, and mitigations2.022%

Objectives in this domain

  • Differentiate common threat actors and motives (e.g., nation-states, unskilled attackers, hacktivists, insiders, organized crime, shadow IT; goals like exfiltration, espionage, financial gain).
  • Describe threat vectors and attack surfaces (message-based, insecure networks, social engineering, file-based, voice calls, supply chain, vulnerable software).
  • Explain vulnerability categories (application, hardware, mobile, virtualization, OS, cloud, web, supply chain).
  • Analyze malicious activities (malware, password, application, physical, network, and cryptographic attacks).
  • Select mitigation techniques (segmentation, access control, configuration enforcement, hardening, isolation, patching).
Security architecture3.018%

Objectives in this domain

  • Compare architecture models (on‑premises, cloud, virtualization, IoT, ICS, IaC).
  • Apply security principles to enterprise infrastructure, control selection, and secure communications/access.
  • Differentiate data types and classifications and select appropriate protection methods and considerations.
  • Describe resilience and recovery (high availability, site strategies, testing, power, platform diversity, backups, continuity of operations).
Security operations4.028%

Objectives in this domain

  • Harden and monitor computing resources using secure baselines, mobile solutions, wireless and application security, and sandboxing.
  • Manage assets across acquisition, assignment, tracking/monitoring, and disposal for hardware, software, and data.
  • Run a vulnerability management lifecycle (identify, analyze, remediate, validate, report).
  • Explain alerting and monitoring tools and typical activities on computing resources.
  • Adjust enterprise defenses (firewalls, IDS/IPS, DNS filtering, DLP, NAC, EDR/XDR).
  • Implement identity and access management (provisioning, SSO, MFA, privileged access tools).
  • Use automation/orchestration and scripting appropriately, with benefits and considerations.
  • Execute incident response (processes, training, testing, root cause analysis, threat hunting, digital forensics).
  • Leverage logs and other data sources to support investigations.
Security program management and oversight5.020%

Objectives in this domain

  • Summarize security governance (guidelines, policies, standards, procedures, external factors, monitoring, governance structures, roles/responsibilities).
  • Explain risk management (identification, assessment/analysis, register, tolerance/appetite, strategies, reporting, BIA).
  • Manage third‑party risk (vendor assessment/selection, agreements, monitoring, questionnaires, rules of engagement).
  • Address security compliance (reporting, consequences of non‑compliance, monitoring, privacy).
  • Differentiate audits and assessments (attestation, internal/external audits, penetration testing).
  • Implement security awareness (phishing training, anomaly recognition, user guidance, reporting, monitoring).

Resources

Official Exam Page (Security+ SY0-701)

The official Security+ (SY0-701) exam overview from CompTIA with exam details, objectives summary, skills, and resources.

Open resource

Security+ Practice Test (V7) — Official Sample Questions

Free, official Security+ (SY0-701) practice questions from CompTIA.

Open resource

CompTIA CertMaster Training — Official Overview

Overview of CompTIA’s official training products (CertMaster Learn, Labs, Practice, Study, Perform, CE).

Open resource

CertMaster Study (Official eBook platform)

CompTIA’s official digital study guide platform (CertMaster Study) with interactive content and downloadable resources.

Open resource

Store: CertMaster Learn products (includes Security+ SY0-701)

Official store category for CertMaster Learn eLearning courses; includes Security+ (SY0-701).

Open resource

Store: CertMaster Practice products (includes Security+ SY0-701)

Official store category for CertMaster Practice exam prep; includes Security+ (SY0-701).

Open resource

Store: All Security+ Products (SY0-701)

Official store listing for Security+ items, including CertMaster Learn + Labs, Practice, and vouchers for SY0-701.

Open resource

Store: Security+ Bundles (SY0-701)

Official store bundles that combine Security+ (SY0-701) training and exam vouchers.

Open resource

Store: Security+ Exam Voucher (SY0-701)

Official store page for purchasing Security+ (SY0-701) exam vouchers and voucher+retake options.

Open resource

Help: What Are Performance-Based Questions (PBQs)?

Official guidance on PBQs you may encounter on Security+ and how to approach them.

Open resource

Help: Practice Questions in CertMaster Learn

Official article explaining how practice questions work within CertMaster Learn.

Open resource

CompTIA Policy: Unauthorized Training Materials

CompTIA’s official policy on avoiding braindumps and using authorized prep resources.

Open resource

CompTIA Policy: Candidate ID Requirements

Official identification requirements and related testing policies.

Open resource

Exam history

CompTIA launched Security+ SY0-701 (V7) on November 7, 2023 to replace SY0-601; SY0-701 remains active with retirement TBD as of April 10, 2026.

Last reviewed: 2026-04-10

Security+ SY0-701 is the seventh version (V7) of CompTIA’s baseline cybersecurity certification, officially launched in English on November 7, 2023 and announced in a November 8, 2023 press release; language availability subsequently expanded, with Japanese delivery beginning on April 23, 2024 and current listings showing English, Japanese, Portuguese, Spanish and Thai for SY0-701. ([comptia.org](https://www.comptia.org/certifications/security/?utm_source=openai))

SY0-701 succeeded SY0-601 (V6) during an overlap period: the English SY0-601 exam retired on July 31, 2024, and remaining localizations (Portuguese, Spanish, Thai and Vietnamese) retired on January 31, 2025; as of April 10, 2026 SY0-701 has no posted retirement date (CompTIA notes retirements are usually ~3 years after launch), and the Security+ program marked a major milestone on November 18, 2025 with more than one million certified since its 2002 introduction. ([comptia.org](https://www.comptia.org/en/blog/the-new-comptia-security-your-questions-answered/))

Change tracker

LatestNovember 2023

SY0-701 exam launch

CompTIA released Security+ (SY0-701, V7). Official exam pages list a launch date of November 7, 2023; CompTIA issued a press release the following day announcing the update.

March 2025

OnVUE language policy clarified

CompTIA’s Help Center article (updated March 3, 2025) confirms candidates may take any CompTIA exam online in any translation available for that exam; proctor communications and the OnVUE software remain in English.

July 2024

SY0-601 English retirement

The English-language predecessor exam SY0-601 retired on July 31, 2024, concluding the primary overlap window with SY0-701.

January 2025

SY0-601 non‑English retirements

Remaining non‑English SY0-601 localizations (e.g., Portuguese, Spanish, Thai, Vietnamese) retired on January 31, 2025, completing the transition to SY0-701.

February 2024

U.S. voucher price noted at $404

CompTIA’s official site lists the Security+ exam cost as $404 USD (as of February 1, 2024). Current voucher pages still show $404; no formal historical price bulletin was found.

December 2025

Reschedule policy clarified

CompTIA’s Help Center (updated December 10, 2025) reiterates rescheduling rules: test center appointments must be changed at least 24 hours in advance; online appointments must be rescheduled before the start time, or fees may be forfeited.

April 2026

U.S. voucher price listed at $425

CompTIA’s official Marketplace currently lists the Security+ (SY0-701) exam voucher at $425 USD; this reflects an increase from $404 previously noted in early 2024.

April 2026

Additional SY0-701 languages listed

CompTIA’s Security+ pages now list English, Japanese, Portuguese, Spanish and Thai as available languages for SY0-701; initial launch was English with other languages to follow.

April 2025

Candidate ID requirements updated

Help Center guidance (updated April 18, 2025) reiterates two valid IDs are required; details include passport requirements when testing outside your issuing country and that U.S. DoD CACs are not accepted for OnVUE online testing.

April 2024

Japanese-language SY0-701 availability

CompTIA’s Japanese site records the Japanese version start date as April 23, 2024, following the November 2023 English launch.