Overview
The official CompTIA Security+ (Exam SY0-701) course is the primary curriculum you will need to take if your job responsibilities include securing network services, devices, and traffic in your organization. You can also take this course to prepare for the CompTIA Security+ certification examination.
As one of the top IT certifications for beginners globally, this course will provide guidance and expertise to build on your knowledge of and professional experience with security fundamentals, networks, and organizational security as you acquire the specific skills required to implement basic security services on any type of computer network.
Explore more about cybersecurity certifications with our cybersecurity training and certifications guide.
Skills Covered
- General Security Concepts
- Threats, Vulnerabilities & Mitigations
- Security Architecture
- Security Operations
- Security Program Management & Oversight
Who Should Attend
This CompTIA Security+ course is targeted toward the:
- Information technology (IT) professional who has networking and administrative skills in Windows®-based Transmission Control Protocol/Internet Protocol (TCP/IP) networks and familiarity with other operating systems, such as macOS®, Unix, or Linux
- Those who wants to further a career in IT by acquiring foundational knowledge of security topics
- Candidates preparing for the CompTIA Security+ certification examination
- Cybersecurity professionals using Security+ as the foundation for advanced security certifications or career roles
Course Curriculum
Prerequisites
To ensure your success in this course, you should possess basic Windows user skills and a fundamental understanding of computer and networking concepts.
CompTIA A+ and CompTIA Network+ certifications, or equivalent knowledge, and six to nine months’ experience in networking, including configuring security parameters, are strongly recommended.
Additional introductory courses or work experience in application development and programming, or in network and operating system administration for any software platform or system, are helpful but not required. Note that the prerequisites for this course might differ significantly from the prerequisites for the CompTIA certification exams.
Download Course Syllabus
Course Modules
Topic 1A: Security Concepts
Exam objectives covered:
- 1.2 Summarize fundamental security concepts
Topic 1B: Security Controls
Exam objectives covered:
- 1.1 Compare and contrast various types of security controls.
Topic 2A: Threat Actors
Exam objectives covered:
- 2.1 Compare and contrast common threat actors and motivations.
Topic 2B: Attack Surfaces
Exam objectives covered:
- 2.2 Explain common threat vectors and attack surfaces.
Topic 2C: Social Engineering
Exam objectives covered:
- 2.2 Explain common threat vectors and attack surfaces.
Topic 3A: Cryptographic Algorithms
Exam objectives covered:
- 1.4 Explain the importance of using appropriate cryptographic solutions
Topic 3B: Public Key Infrastructure
Exam objectives covered:
- 1.4 Explain the importance of using appropriate cryptographic solutions.
Topic 3C: Cryptographic Solutions
Exam objectives covered:
- 1.4 Explain the importance of using appropriate cryptographic solutions
Topic 4A: Authentication
Exam objectives covered:
- 4.6 Given a scenario, implement and maintain identity and access management.
Topic 4B: Authorization
Exam objectives covered:
- 4.6 Given a scenario, implement and maintain identity and access management.
Topic 4C: Identity Management
Exam objectives covered:
- 4.6 Given a scenario, implement and maintain identity and access management
Topic 5A: Enterprise Network Architecture
Exam objectives covered:
- 3.1 Compare and contrast security implications of different architecture models.
- 3.2 Given a scenario, apply security principles to secure enterprise infrastructure
Topic 5B: Network Security Appliances
Exam objectives covered:
- 3.2 Given a scenario, apply security principles to secure enterprise infrastructure.
Topic 5C: Secure Communications
Exam objectives covered:
- 3.2 Given a scenario, apply security principles to secure enterprise infrastructure
Topic 6A: Cloud Infrastructure
Exam objectives covered:
- 3.1 Compare and contrast security implications of different architecture models
Topic 6B: Embedded Systems and Zero Trust Architecture
Exam objectives covered:
- 1.2 Summarize fundamental security concepts.
- 3.1 Compare and contrast security implications of different architecture models
Topic 7A: Asset Management
Exam objectives covered:
- 3.4 Explain the importance of resilience and recovery in security architecture.
- 4.2 Explain the security implications of proper hardware, software, and data asset management.
Topic 7B: Redundancy Strategies
Exam objectives covered:
- 1.2 Summarize fundamental security concepts.
- 3.4 Explain the importance of resilience and recovery in security architecture.
Topic 7C: Physical Security
Exam objectives covered:
- 1.2 Summarize fundamental security concepts.
Topic 8A: Device and OS Vulnerabilities
Exam objectives covered:
- 2.3 Explain various types of vulnerabilities.
Topic 8B: Application and Cloud Vulnerabilities
Exam objectives covered:
- 2.3 Explain various types of vulnerabilities
Topic 8C: Vulnerability Identification Methods
Exam objectives covered:
- 4.3 Explain various activities associated with vulnerability management.
Topic 8D: Vulnerability Analysis and Remediation
Exam objectives covered:
- 4.3 Explain various activities associated with vulnerability management
Topic 9A: Network Security Baselines
Exam objectives covered:
- 4.1 Given a scenario, apply common security techniques to computing resources.
- 4.5 Given a scenario, modify enterprise capabilities to enhance security.
Topic 9B: Network Security Capability Enhancement
Exam objectives covered:
- 4.5 Given an scenario, modify enterprise capabilities to enhance security.
Topic 10A: Implement Endpoint Security
Exam objectives covered:
- 2.5 Explain the purpose of mitigation techniques used to secure the enterprise.
- 4.1 Given a scenario, apply common security techniques to computing resources.
- 4.5 Given a scenario, modify enterprise capabilities to enhance security.
Topic 10B: Mobile Device Hardening
Exam objectives covered:
- 4.1 Given a scenario, apply common security techniques to computing resources.
Topic 11A: Application Protocol Security Baselines
Exam objectives covered:
- 4.5 Given a scenario, modify enterprise capabilities to enhance security.
Topic 11B: Cloud and Web Application Security Concepts
Exam objectives covered:
- 4.1 Given a scenario, apply common security techniques to computing resources
Topic 11B: Cloud and Web Application Security Concepts
Exam objectives covered:
- 4.1 Given a scenario, apply common security techniques to computing resources
Topic 12A: Incident Response
Exam objectives covered:
- 4.8 Explain appropriate incident response activities.
Topic 12B: Digital Forensics
Exam objectives covered:
- 4.8 Explain appropriate incident response activities.
Topic 12C: Data Sources
Exam objectives covered:
- 4.9 Given a scenario, use data sources to support an investigation
Topic 12D: Alerting and Monitoring Tools
Exam objectives covered:
- 4.4 Explain security alerting and monitoring concepts and tools
Topic 13A: Malware Attack Indicators
Exam objectives covered:
- 2.4 Given a scenario, analyze indicators of malicious activity.
Topic 13B: Physical and Network Attack Indicators
Exam objectives covered:
- 2.4 Given a scenario, analyze indicators of malicious activity.
Topic 13C: Application Attack Indicators
Exam objectives covered:
- 2.4 Given a scenario, analyze indicators of malicious activity.
Topic 14A: Policies, Standards, and Procedures
Exam objectives covered:
- 5.1 Summarize elements of effective security governance.
Topic 14B: Change Management
Exam objectives covered:
- 1.3 Explain the importance of change management processes and the impact to security.
Topic 14C: Automation and Orchestration
Exam objectives covered:
- 4.7 Explain the importance of automation and orchestration related to secure operations.
Topic 15A: Risk Management Processes and Concepts
Exam objectives covered:
- 5.2 Explain elements of the risk management process.
Topic 15B: Vendor Management Concepts
Exam objectives covered:
- 5.3 Explain the processes associated with third party risk assessment and management
Topic 15C: Audits and Assessments
Exam objectives covered:
- 5.5 Explain types and purposes of audits and assessments
Topic 16A: Data Classification and Compliance
Exam objectives covered:
- 3.3 Compare and contrast concepts and strategies to protect data.
- 5.4 Summarize elements of effective security compliance.
Topic 16B: Personnel Policies
Exam objectives covered:
- 5.6 Given a scenario, implement security awareness practices
Request More Information
Training Options
- ILT: Instructor-Led Training
- VILT: Virtual Instructor-Led Training
Exam & Certification
The CompTIA Security+ certification exam will certify the successful candidate has the knowledge and skills required to:
- Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions.
- Monitor and secure hybrid environments, including cloud, mobile, and Internet of Things (IoT).
- Operate with an awareness of applicable regulations and policies, including principles of governance, risk, and compliance.
- Identify, analyze, and respond to security events and incidents.
Training & Certification Guide
- More choose Security+ – chosen by more corporations and defense organizations than any other certification on the market to validate baseline security skills and for fulfilling the DoD 8570 compliance.
- Security+ proves hands-on skills – the only baseline cybersecurity certification emphasizing hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of today’s complex issues.
- More job roles turn to Security+ to supplement skills – baseline cybersecurity skills are applicable across more of today’s job roles to secure systems, software and hardware.
- Security+ is aligned to the latest trends and techniques – covering the most core technical skills in risk assessment and management, incident response, forensics, enterprise networks, hybrid/cloud operations, and security controls, ensuring high-performance on the job.
CompTIA Security+ is the first security certification a candidate should earn. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Security+ incorporates best practices in hands-on troubleshooting, ensuring candidates have practical security problem-solving skills required to:
- Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions
- Monitor and secure hybrid environments, including cloud, mobile, and IoT
- Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance
- Identify, analyze, and respond to security events and incidents
Security+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
The CompTIA Security+ SY0-701 certification exam will verify the successful candidate has the knowledge and skills required to assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; monitor and secure hybrid environments, including cloud, mobile, and IoT; operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; identify, analyze, and respond to security events and incidents.
TEST DETAILS
- Required exam: SY0-701
- Number of questions: Maximum of 90
- Types of questions: Multiple-choice and performance-based
- Length of test: 90 minutes
- Recommended experience: A minimum of 2 years of experience in IT administration with a focus on security, hands-on experience with technical information security, and broad knowledge of security concepts
EXAM OBJECTIVES (DOMAINS)
The table below lists the domains measured by this examination and the extent to which they are represented:
- 1.0 General Security Concepts: 12%
- 2.0 Threats, Vulnerabilities, and Mitigations: 22%
- 3.0 Security Architecture: 18%
- 4.0 Security Operations: 28%
- 5.0 Security Program Management and Oversight: 20%
Total 100%
Your Guide to Top CompTIA Certifications in 2023
CompTIA certifications are designed to validate IT professionals skills and knowledge in various areas of information technology, from computer hardware and networking to cybersecurity and cloud computing.
5 Job Opportunities with CompTIA Data+ Certification
As the importance of data analytics grows, more job roles are required to set context and better communicate vital business intelligence. Collecting, analyzing, and reporting on data can drive priorities and lead business decision-making. CompTIA Data+ validates you have the skills required to facilitate these decisions.
Frequently Asked Questions
CompTIA Security+ certification is a global certification exam that validates the baseline skills you need to perform core security functions and pursue an IT security career.
CompTIA Security+ emphasizes hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of issues. It is the first security certification IT professionals should earn and establishes the core knowledge required of any cybersecurity role to provide a springboard to intermediate-level cybersecurity jobs. Cybersecurity professionals with CompTIA Security+ know how to address security incidents, not just identify them.
- More job roles use CompTIA Security+ for baseline cybersecurity skills than any other
certification in the industry. - The updated Security+ embraces the latest trends to meet industry demands including,
zero trust, risk management & hybrid environments. - Security+ is the only ISO/ANSI-accredited early career cybersecurity certification with
hands-on, performance-based questions
CompTIA Security+ is the industry standard for validating baseline skills needed to perform core security functions and pursue an IT security career. CompTIA Security+ is compliant with ISO 17024 standards and approved by the U.S. Department of Defense (DoD) to meet directive 8140/8570.01-M requirements.
The new CompTIA Security+ certification covers the junior IT auditor/penetration tester job role, in addition to the following:
- Systems administrator
- Network administrator
- Security administrator.
Companies like Northrop Grumman, Brotherhood Mutual, The Joint Commission, Nationwide, Agile Defense and Modern Technology Solutions, Inc. (MTSI) all look for CompTIA Security+ certification in hiring.
Certification makes a great first impression. According to an IDC report, 96 percent of HR managers use IT certifications as screening or hiring criteria during recruitment.* Learn more about all the places you career can go with CompTIA certifications.
CompTIA Security+ is the industry standard for validating baseline skills needed to perform core security functions and pursue an IT security career. CompTIA Security+ is compliant with ISO 17024 standards and approved by the U.S. Department of Defense (DoD) to meet directive 8140/8570.01-M requirements.
The new CompTIA Security+ certification covers the junior IT auditor/penetration tester job role, in addition to the following positions:
- Systems administrator
- Network administrator
- Security administrator
You will earn the CompTIA Security+ certification by passing one exam that consists of both multiple-choice and performance-based questions Read on for some common-sense advice that can increase your chance to succeed in your exam and achieve CompTIA Security+ certification status.
In its very basic nature, the CompTIA Security+ exam is not that much different from any other written test that you may have taken to-date. The exam uses various question types to verify your knowledge in specific areas of information security, including the following:
- Securing applications, networks and devices
- Threat analysis and response
- Risk management
Being well-prepared remains your best bet to score a positive exam outcome, namely passing the test and being awarded the CompTIA Security+ certification.
CompTIA Security+ is a global certification that validates the baseline skills you need to perform core security functions and pursue an IT security career.
CompTIA Security+ is the first security certification IT professionals should earn. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Successful candidates will have the following skills:
- Detect various types of compromise and understand penetration testing and vulnerability scanning concepts
- Install, configure, and deploy network components while assessing and troubleshooting issues to support organizational security
- Implement secure network architecture concepts and systems design
- Install and configure identity and access services, as well as management controls
- Implement and summarize risk management best practices and the business impact
- Install and configure wireless security settings and implement public key infrastructure
The CompTIA Security+ exam focuses on today’s best practices for risk management and risk mitigation, including more emphasis on the practical and hands-on ability to both identify and address security threats, attacks and vulnerabilities.
Each second, 75 records go missing, and 30,000 websites are hacked each day. Obviously, cyber-attacks are on the rise. The COVID-19 pandemic increased the rate of digital transformation, which has made organizations more vulnerable than ever to these attacks. This explains why cybersecurity is important in 2021, and why it will continue to grow in importance in the future.
As such, it is imperative that you expand mastery of your cybersec expertise with the following recommended certifications:
CT-CYSA+: CompTIA® Cybersecurity Analyst
This course covers the duties of cybersecurity analysts who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT).
CT-CASP+: CompTIA® Advanced Security Practitioner
CompTIA Advanced Security Practitioner (CASP+) is the ideal certification for technical professionals who wish to remain immersed in technology, as opposed to strictly managing.
CT-PENTEST+: CompTIA® PenTest+
CompTIA PenTest+ focuses on offense through penetration testing and vulnerability assessment. It involves launching attacks on systems, discovering the vulnerabilities and managing them.