← Cybersecurity

SY0-701 · Syllabus & Exam Outline 2026

CompTIA Security+ (SY0-701)

In short

The CompTIA Security+ (SY0-701) exam has up to 90 questions in 90 minutes and a fixed passing score of 750 out of 900. It covers general security concepts, threats and mitigations, security architecture, security operations, and security program management. It costs $425. Free practice questions and a full study plan are below.

Practice deck · one-time $4.99

Unlock 1,000+ CompTIA Security+ (SY0-701) active-recall practice cards

Lifetime access to the full deck, with free updates — on web and in the app. Make it yours: add your own sources and edit any card.

  • Lifetime access
  • Free updates
  • Web + mobile app
  • Fully editable
Unlock for $4.99
Questions
Maximum of 90
Time limit
90 minutes
Passing score
750 (on a scale of 100-900)
Cost
$425
Format
Multiple-choice · Performance-based
Delivery
In-person at a Pearson VUE testing center or online
Prep time
~100 hours
Official CompTIA Security+ Page

Exam overview

The CompTIA Security+ (SY0-701) exam validates the foundational knowledge required of any cybersecurity professional. This certification proves your ability to assess enterprise security postures, secure hybrid environments, and respond to security incidents. Achieving this credential demonstrates an understanding of zero-trust principles, risk management, and regulatory compliance. Preparing for the exam can feel daunting, but Only Ever maps every domain to 15-minute study topics, making it easy to master the massive amount of material. By breaking down complex cryptography, threat actors, and incident response procedures into manageable chunks, you can confidently build the hands-on skills required to pass.

Exam domains & weighting

Each domain's share of the exam — study deepest where the weight is highest. Open one for how to study it and its objectives.

How to study this domain

Focus on understanding foundational principles like the CIA triad and Zero Trust frameworks. Practice identifying different control types and recognizing when to apply specific physical security measures.

Key objectives

  • Types of Security Controls
  • Fundamental Security Concepts: CIA and AAA
  • Zero Trust Architecture and Gap Analysis
  • Physical Security and Deception Technologies
  • Change Management Processes
  • Public Key Infrastructure (PKI) and Certificates
  • Cryptographic Concepts and Tools
Study this domain

Readiness self-check

Tick off everything you can confidently explain. Anything left unchecked is your study list — tap “Review” to jump straight into that domain.

Readiness

0 / 11

General Security Concepts

Review

Threats, Vulnerabilities, and Mitigations

Review

Security Architecture

Review

Security Operations

Review

Security Program Management and Oversight

Review

Quick reference

Key Security+ Acronyms

The CompTIA Security+ exam relies heavily on acronyms. Ensure you know what these represent.

AAA
Authentication, Authorization, and Accounting
ACL
Access Control List
AES
Advanced Encryption Standard
BYOD
Bring Your Own Device
CIA
Confidentiality, Integrity, Availability
DDoS
Distributed Denial of Service
MFA
Multifactor Authentication
PII
Personally Identifiable Information
VPN
Virtual Private Network
WAF
Web Application Firewall

Common Security Tools

Important hardware and software tools explicitly listed in the SY0-701 syllabus for laboratory and operational environments.

Wi-Fi Analyzer

Used to map wireless networks and discover vulnerabilities or rogue access points.

Network Mapper

Software used to discover devices on a network and their open service ports.

Packet Capture Software

Captures raw network traffic for in-depth protocol analysis and forensic investigations.

Vulnerability Scanner

Automates the identification of known security vulnerabilities across systems and applications.

Frequently asked questions

Good to know

  • The exam includes both multiple-choice and performance-based questions (PBQs) that test hands-on skills.
  • Candidates must agree to the CompTIA Candidate Agreement and are strictly prohibited from using unauthorized training materials or brain dumps.
  • The syllabus domains are not exhaustive; other related technologies and processes may appear on the exam.
  • A minimum of two years of IT administration experience with a security focus is recommended before testing.

Reading isn’t remembering.

Cybersecurity threats evolve rapidly, and certification exams cover a massive breadth of topics that are difficult to synthesize into a structured study plan.

Only Ever breaks down the official CompTIA Security+ (SY0-701) syllabus into 15-minute, highly focused study sessions. Our content maps directly to the SY0-701 exam objectives to ensure maximum retention and test readiness.