Everything You Need To Know About The CompTIA Security+ Exam

About The CompTIA Security+ Exam

The CompTIA Security+ exam is a test that allows candidates to earn an entry-level cybersecurity certification. It provides evidence to potential employers of your qualifications in designing and managing cybersecurity solutions. Upon passing the exam, you earn the CompTIA Security+ certification, which you can maintain by earning continuing education credits as the years pass.

The Security+ exam is also one of the more well-known tests of cybersecurity skills. Corporations and military organizations depend on it to verify that a candidate is not only cybersecurity-savvy but also has the knowledge necessary to meet specific compliance requirements. For example, organizations can use it to check if someone can work within DoD 8570 standards. These cover cybersecurity qualifications that apply to people who work for the United States government.

What Are the Covered Exam Objectives?

This exam covers five domains connected to cybersecurity. The range of topics is intentionally broad, mainly because it’s meant to demonstrate the ability of certification holders to build and maintain a wide variety of security solutions.

These skills break down into five different categories:

• Domain 1.0 (24% of exam): Identifying and managing threats, attacks, and vulnerabilities. This section of the exam tests your knowledge of the threats organizations may encounter, along with common attack methods. It also covers the different types of vulnerabilities common to networks and devices that hackers could take advantage of.
• Domain 2.0 (21% of exam): Developing architecture and design. Cybersecurity architecture is a critical component of this domain, which involves the methodologies and technologies used to construct a robust cyber defense system. It also covers network design from a security perspective and ways to create safer applications.
• Domain 3.0 (25% of exam): Security implementation. Security implementation involves identity and access management, which is a crucial line of defense for organizations to protect their digital assets from intruders. Security implementation also touches on cryptography, endpoint security, wireless security, and public key infrastructure (PKI).
• Domain 4.0 (16% of exam): Conducting operations and incident response. This domain encompasses a range of technologies and tools that cybersecurity professionals can use to detect, mitigate, and prevent threats. In addition to incident response techniques, these also include security controls and digital forensics.
• Domain 5.0 (14% of exam): Ensuring conformance with governance, risk, and compliance standards. The exam makes sure candidates are aware of how to navigate PCI-DSS (Payment Card Industry Data Security Standard), SOX (Sarbanes-Oxley Act), HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation), FISMA (Federal Information Security Management Act), NIST (National Institute of Standards and Technology), and CCPA (California Consumer Privacy Act).

What Types of Questions Are on the Exam?

The CompTIA Security+ exam is comprised of 90 multiple choice and performance-based questions.

The Performance-Based Questions (PBQs) simulate real-world scenarios to evaluate your problem-solving skills and knowledge. These PBQs offer the opportunity to earn partial credit, and although you can navigate back and forth between them, you must complete each virtual PBQ the first time you encounter it on the exam.

How Much Is The CompTIA Security+ Exam?

The cost of a Security+ exam voucher is $392 (US).

How Long Is The Exam?

The CompTIA Security+ exam is 90 minutes long, but you have the option of finishing sooner.

How Many Questions Are on the Exam?

There are 90 questions on the CompTIA Security+ exam. As mentioned above, these consist of a combination of multiple-choice and performance-based questions.

How Is The Test Graded?

Your exam gets graded on a scale from 100 to 900, with 900 being the highest possible score.

What Is A Passing Score?

To achieve certification, you must earn a minimum score of 750 points.

How Soon Will I Know If I’ve Passed?

Once you have completed the exam and have taken the exam exit survey, your exam score will be shown to you on-screen. If you have successfully passed the exam, you will receive an email from CompTIA Certmetrics that contains instructions to access your exam record. To access your certification account, you need to have the following information:

• Your assigned exam registration number and the instructions for accessing your exam record
• The email address you used when you registered for the exam

You will have access to a score report which will show you how you performed in each of the five domains of the exam whether you passed or failed. There are two ways to receive your score report:

• If you took the exam in a testing center, you receive a printed score report before you leave
• If you took the exam on-line, you will be able to download your score report from your Pearson VUE account

---

---

What’s New In Version SY0-601?

The SY0-601 version has several new features to ensure it tests the most current knowledge needed by cybersecurity professionals. For example, this version covers cloud security, which refers to methodologies and tools used to protect cloud-based networks and applications, as well as the data they work with.

Version SY0-601 also covers mobile device security. This kind of security is unique in that it focuses on safeguarding laptops, smartphones, and other mobile devices. Some technologies the test may touch on include mobile device access control systems, firewalls, and anti-malware.

The most recent threats and trends are also included in SY0-601. For example, it tests knowledge of ransomware and how it works. The exam also covers the kinds of threats faced by companies with remote, hybrid, or distributed workforces.

Can I Take The Exam Online?

Yes, you can take the CompTIA Security+ exam online.

Next Steps for Taking the CompTIA Security+ Exam

Now that you know the skills the exam covers and the basic details of the test, it’s time to get the domain knowledge and test prep you need to pass with flying colors. Regardless of how many years of cybersecurity experience you have, getting a high score will require some test prep.

This begins with getting familiar with the kinds of questions on the exam, as well as how to best answer them. Your prep routine should also involve reviewing and understanding the five domains the test consists of. The domains are designed to cover the skills mentioned earlier, and they include:

• Threats, attacks, and vulnerabilities. This domain focuses on indicators of compromise and pinpointing the kinds of malware involved in an attack.
• Identity and access management (IAM). IAM centers around using technologies and controls that make it easier to verify the identities of users while keeping their account data safe from hackers.
• Technologies and tools. In the technology and tools domain, you must demonstrate your knowledge of how to address common issues pertaining to both desktop and mobile devices.
• Risk management. The risk management domain covers knowledge of the policies and procedures that organizations can use to mitigate risk.
• Architecture and design. The architecture and design domain includes the secure development of applications and deploying them, including within cloud and virtualized environments.
• Cryptography and PKI. This domain focuses on cryptography and PKI, which enable communication between users and systems using scrambled messages that can only be deciphered using secure decoding keys.

You can learn all you need to know for each of these domains with United Training. To start preparing to earn your CompTIA Security+ certification, reach out to United Training today.