Certification // Official CompTIA Security +

• Candidates are encouraged to use this document to help prepare for the CompTIA
• Security+ (SY0-601) certification exam. The CompTIA Security+ certification exam will
• verify the successful candidate has the knowledge and skills required to:

- Assess the security posture of an enterprise environment and recommend

and implement appropriate security solutions

- Monitor and secure hybrid environments, including cloud, mobile, and IoT

- Operate with an awareness of applicable laws and policies, including

principles of governance, risk, and compliance

- Identify, analyze, and respond to security events and incidents

• This is equivalent to two years of hands-on experience working in a security/systems administrator job role.
• These content examples are meant to clarify the test objectives and should not be
• construed as a comprehensive listing of all the content of this examination.
• EXAM DEVELOPMENT
• CompTIA exams result from subject matter expert workshops and industry-wide survey
• results regarding the skills and knowledge required of an IT professional.
• CompTIA AUTHORIZED MATERIALS USE POLICY
• CompTIA Certifications, LLC is not affiliated with and does not authorize, endorse or condone utilizing any
• content provided by unauthorized third-party training sites (aka “brain dumps”). Individuals who utilize
• such materials in preparation for any CompTIA examination will have their certifications revoked and be
• suspended from future testing in accordance with the CompTIA Candidate Agreement. In an effort to more
• clearly communicate CompTIA’s exam policies on use of unauthorized study materials, CompTIA directs
• all certification candidates to the CompTIA Certification Exam Policies. Please review all CompTIA policies
• before beginning the study process for any CompTIA exam. Candidates will be required to abide by the
• CompTIA Candidate Agreement. If a candidate has a question as to whether study materials are considered
• unauthorized (aka “brain dumps”), he/she should contact CompTIA at examsecurity@comptia.org to confirm.
• PLEASE NOTE
• The lists of examples provided in bulleted format are not exhaustive lists. Other examples of
• technologies, processes, or tasks pertaining to each objective may also be included on the exam
• although not listed or covered in this objectives document. CompTIA is constantly reviewing the
• content of our exams and updating test questions to be sure our exams are current, and the security
• of the questions is protected. When necessary, we will publish updated exams based on testing
• exam objectives. Please know that all related exam preparation materials will still be valid.

Required exam SY0-601

Number of questions Maximum of 90

Types of questions Multiple-choice and performance-based

Length of test 90 minutes

Recommended experience • At least 2 years of work experience

 in IT systems administration with

 a focus on security

 • Hands-on technical information security experience

 • Broad knowledge of security concepts

Passing score 750 (on a scale of 100–900)

DOMAIN                                   PERCENTAGE OF EXAMINATION

1.0 Attacks, Threats, and Vulnerabilities   24%

2.0 Architecture and Design                     21%

3.0 Implementation                                  25%

4.0 Operations and Incident Response   16%

5.0 Governance, Risk, and Compliance    14%

Total                                                         100%