Home / Security+ / Overview
CompTIA Security+ (SY0-701)
A vendor-neutral, entry-level cybersecurity certification. It validates the baseline skills to assess security posture, monitor and secure environments, and respond to events — and it's a common compliance requirement (e.g., DoD 8570/8140) for security roles.
New: the all-in-one Learn page. Study every objective in one place — lecture, video, cheat sheet, and a quick quiz, with your progress tracked across all 28 objectives. It's the simplest way to work straight through the exam.
Study tools
Learn (all-in-one)
Lecture, video, cheat sheet & quiz for every objective on one page — with completion tracking. Your primary study path.
Practice
305 questions with instant feedback & explanations. Filter by domain, difficulty, or just your missed ones.
Exam Simulator
90 questions, 90 minutes, domain-weighted like the real exam — with a full per-domain score breakdown.
Flashcards
160 spaced-repetition cards on the highest-yield terms and easily-confused pairs.
Dashboard
Per-domain mastery, mock-exam history, study streak, and a weak-area recommender.
Video Lessons
Curated free Professor Messer SY0-701 videos, organized by domain.
Cheat Sheets
Printable high-yield quick reference for every domain.
Notes
Your own study notes, exportable to Obsidian-friendly Markdown.
Study Guide
Concept summaries for each of the five domains.
6-Week Plan
A day-by-day schedule that takes you to exam day.
The version to take. The current exam is SY0-701 (launched November 2023). Its successor, SY0-801, is expected to preview in late 2026, so SY0-701 remains the right exam to study for in mid-2026. Whichever version you pass, the certification is valid for 3 years from your test date.
Exam facts
| Exam code | SY0-701 |
|---|---|
| Cost | USD $425 per attempt (a single voucher; price varies by region). Watch for CompTIA bundle/voucher discounts. |
| Questions | Up to 90, a mix of multiple-choice and performance-based questions (PBQs) — simulations you actually work through. |
| Time | 90 minutes |
| Passing score | 750 / 900 (scaled — not a simple percentage) |
| Format | Pearson VUE test center or online proctored |
| Recommended background | CompTIA Network+ and ~2 years of IT/security admin experience (recommended, not required) |
| Validity | 3 years; renew via Continuing Education (CEUs) or by passing a higher cert |
The five domains & weightings
The exam is weighted toward operations and threats — plan your study time the same way.
| # | Domain | Weight | What it's about |
|---|---|---|---|
| 1.0 | General Security Concepts | 12% | Control types, CIA triad + AAA, zero trust, cryptography basics, change management. |
| 2.0 | Threats, Vulnerabilities & Mitigations | 22% | Threat actors, attack types, vulnerabilities, indicators, and how to mitigate them. |
| 3.0 | Security Architecture | 18% | Secure design across cloud/network/data; resilience; data protection. |
| 4.0 | Security Operations | 28% | Hardening, identity & access, monitoring, incident response, digital forensics. The biggest slice. |
| 5.0 | Security Program Management & Oversight | 20% | Governance, risk management, third-party risk, compliance, audits, awareness. |
Strategy in one line: Domains 4 (28%) and 2 (22%) are half the exam. Master operations and threats; don't over-invest in the 12% concepts domain beyond the vocabulary the other domains depend on.