SY0-701 Exam Objectives

Master the Security+ Exam

Your comprehensive, domain-by-domain breakdown of the CompTIA Security+ SY0-701 certification objectives.

Start Learning Exam Tips
1.0 Concepts 2.0 Threats 3.0 Architecture 4.0 Operations 5.0 Management

The CompTIA Security+ SY0-701 certification verifies that you have the core knowledge and skills required to assess the security posture of an enterprise environment and recommend and implement appropriate security solutions. This study guide breaks down the exam into its five key domains, providing a structured path to mastering security concepts, threat analysis, architecture, operations, and governance. Use this guide to track your progress and ensure you are fully prepared for exam day.

1.0

General Security Concepts

12% of Exam Content

  • 1.1 – Compare and contrast various types of security controls.

    Distinguishes technical, physical, and administrative controls by purpose (preventive, detective, corrective, etc.).

  • 1.2 – Summarize fundamental security concepts.

    Covers principles like CIA triad, AAA, Zero Trust, and least privilege.

  • 1.3 – Explain the importance of change management processes and the impact to security.

    Describes how unmanaged changes create risk and disrupt secure environments.

  • 1.4 – Explain the importance of using appropriate cryptographic solutions.

    Highlights the role of cryptography in confidentiality, integrity, and non-repudiation.

2.0

Threats, Vulnerabilities, and Mitigations

22% of Exam Content

  • 2.1 – Compare and contrast common threat actors and motivations.

    Identifies adversaries like nation-states, hacktivists, and insiders based on objectives and sophistication.

  • 2.2 – Explain common threat vectors and attack surfaces.

    Describes how attackers exploit entry points such as emails, open ports, and supply chains.

  • 2.3 – Explain various types of vulnerabilities.

    Examines software flaws, weak configurations, and emerging zero-day threats.

  • 2.4 – Given a scenario, analyze indicators of malicious activity.

    Demonstrates use of logs, alerts, and behavioral anomalies to identify threats.

  • 2.5 – Explain the purpose of mitigation techniques used to secure the enterprise.

    Outlines practices like patching, segmentation, and encryption for minimizing exposure.

3.0

Security Architecture

18% of Exam Content

  • 3.1 – Compare and contrast security implications of different architecture models.

    Addresses cloud, hybrid, and OT systems like ICS or SCADA.

  • 3.2 – Given a scenario, apply security principles to secure enterprise infrastructure.

    Focuses on zoning, segmentation, and access control practices.

  • 3.3 – Compare and contrast concepts and strategies to protect data.

    Covers encryption, tokenization, and data classification across data states.

  • 3.4 – Explain the importance of resilience and recovery in security architecture.

    Explores HA, backups, and disaster recovery to ensure business continuity.

4.0

Security Operations

28% of Exam Content

  • 4.1 – Security Techniques

    Given a scenario, apply common security techniques to computing resources. System hardening, patch management, and endpoint protection are key techniques.

  • 4.2 – Asset Management

    Explain the security implications of proper hardware, software, and data asset management. Asset inventory and tracking support risk mitigation and compliance.

  • 4.3 – Vulnerability Management

    Explain various activities associated with vulnerability management. Includes scanning, prioritizing, remediating, and validating vulnerabilities.

  • 4.4 – Monitoring Tools

    Explain security alerting and monitoring concepts and tools. SIEMs, IDS/IPS, and endpoint monitoring help detect and respond to threats.

  • 4.5 – IAM

    Given a scenario, implement and maintain identity and access management. MFA, SSO, and RBAC reduce unauthorized access risks.

  • 4.6 – Security Enhancements

    Given a scenario, modify enterprise capabilities to enhance security. Security upgrades must be integrated into business processes and tools.

  • 4.7 – Automation

    Explain the importance of automation and orchestration related to secure operations. Automated processes reduce errors and improve response times.

  • 4.8 – Incident Response

    Explain appropriate incident response activities. Activities include detection, containment, eradication, recovery, and lessons learned.

  • 4.9 – Data Sources

    Given a scenario, use data sources to support an investigation. Logs, alerts, and forensic data reveal indicators of compromise.

5.0

Program Management and Oversight

20% of Exam Content

  • 5.1 – Governance

    Summarize elements of effective security governance. Defines security roles, responsibilities, and policies that align with business goals.

  • 5.2 – Risk Management

    Explain elements of the risk management process. Risk identification, analysis, and mitigation help prioritize defense strategies.

  • 5.3 – Third-Party Risk

    Explain the processes associated with third-party risk assessment and management. Includes vendor evaluations, SLAs, and due diligence procedures.

  • 5.4 – Compliance

    Summarize elements of effective security compliance. Involves understanding and adhering to standards and regulations like GDPR or HIPAA.

  • 5.5 – Audits

    Explain types and purposes of audits and assessments. Audits verify control effectiveness; assessments identify gaps or misalignments.

  • 5.6 – Awareness

    Given a scenario, implement security awareness practices. Training programs build a security-minded workforce and reduce human error.

Ready to Start Your Security+ Journey?

Now that you understand the exam objectives, it's time to dive deeper. Check out our comprehensive study guides and exam tips to fast-track your certification.

Read Exam Tips Explore Threats & Vulnerabilities