SY0-701 · Syllabus & Exam Outline 2026
CompTIA Security+ (SY0-701)
In short
The CompTIA Security+ (SY0-701) exam has up to 90 questions in 90 minutes and a fixed passing score of 750 out of 900. It covers general security concepts, threats and mitigations, security architecture, security operations, and security program management. It costs $425. Free practice questions and a full study plan are below.
Practice deck · one-time $4.99
Unlock 1,000+ CompTIA Security+ (SY0-701) active-recall practice cards
Lifetime access to the full deck, with free updates — on web and in the app. Make it yours: add your own sources and edit any card.
- Lifetime access
- Free updates
- Web + mobile app
- Fully editable
- Questions
- Maximum of 90
- Time limit
- 90 minutes
- Passing score
- 750 (on a scale of 100-900)
- Cost
- $425
- Format
- Multiple-choice · Performance-based
- Delivery
- In-person at a Pearson VUE testing center or online
- Prep time
- ~100 hours
Exam overview
The CompTIA Security+ (SY0-701) exam validates the foundational knowledge required of any cybersecurity professional. This certification proves your ability to assess enterprise security postures, secure hybrid environments, and respond to security incidents. Achieving this credential demonstrates an understanding of zero-trust principles, risk management, and regulatory compliance. Preparing for the exam can feel daunting, but Only Ever maps every domain to 15-minute study topics, making it easy to master the massive amount of material. By breaking down complex cryptography, threat actors, and incident response procedures into manageable chunks, you can confidently build the hands-on skills required to pass.
Exam domains & weighting
Each domain's share of the exam — study deepest where the weight is highest. Open one for how to study it and its objectives.
How to study this domain
Focus on understanding foundational principles like the CIA triad and Zero Trust frameworks. Practice identifying different control types and recognizing when to apply specific physical security measures.
Key objectives
- Types of Security Controls
- Fundamental Security Concepts: CIA and AAA
- Zero Trust Architecture and Gap Analysis
- Physical Security and Deception Technologies
- Change Management Processes
- Public Key Infrastructure (PKI) and Certificates
- Cryptographic Concepts and Tools
Readiness self-check
Tick off everything you can confidently explain. Anything left unchecked is your study list — tap “Review” to jump straight into that domain.
Quick reference
Key Security+ Acronyms
The CompTIA Security+ exam relies heavily on acronyms. Ensure you know what these represent.
- AAA
- Authentication, Authorization, and Accounting
- ACL
- Access Control List
- AES
- Advanced Encryption Standard
- BYOD
- Bring Your Own Device
- CIA
- Confidentiality, Integrity, Availability
- DDoS
- Distributed Denial of Service
- MFA
- Multifactor Authentication
- PII
- Personally Identifiable Information
- VPN
- Virtual Private Network
- WAF
- Web Application Firewall
Common Security Tools
Important hardware and software tools explicitly listed in the SY0-701 syllabus for laboratory and operational environments.
Wi-Fi Analyzer
Used to map wireless networks and discover vulnerabilities or rogue access points.
Network Mapper
Software used to discover devices on a network and their open service ports.
Packet Capture Software
Captures raw network traffic for in-depth protocol analysis and forensic investigations.
Vulnerability Scanner
Automates the identification of known security vulnerabilities across systems and applications.
Frequently asked questions
Good to know
- The exam includes both multiple-choice and performance-based questions (PBQs) that test hands-on skills.
- Candidates must agree to the CompTIA Candidate Agreement and are strictly prohibited from using unauthorized training materials or brain dumps.
- The syllabus domains are not exhaustive; other related technologies and processes may appear on the exam.
- A minimum of two years of IT administration experience with a security focus is recommended before testing.
Reading isn’t remembering.
Cybersecurity threats evolve rapidly, and certification exams cover a massive breadth of topics that are difficult to synthesize into a structured study plan.
Only Ever breaks down the official CompTIA Security+ (SY0-701) syllabus into 15-minute, highly focused study sessions. Our content maps directly to the SY0-701 exam objectives to ensure maximum retention and test readiness.