CompTIA SY0-701 resources for objectives, tools, official links, and source review.
Use this page when you need the current SY0-701 Security+ exam details, a primary source behind a framework term, or a safe lab reference for identity, crypto, cloud, detection, or incident-response practice. Recheck CompTIA directly before booking because pricing, languages, and retirement timing can change.
GRC: Governance, risk, and compliance work that ties policy, risk handling, audit evidence, and oversight together.
PKI: Public key infrastructure, the certificate and trust-chain system behind many authentication and encryption scenarios.
IAM: Identity and access management, which covers authentication, authorization, privilege control, and account lifecycle.
As of March 28, 2026, CompTIA’s current Security+ certification page lists:
| Item | Current CompTIA signal |
|---|---|
| Active exam series | SY0-701 |
| Version | V7 |
| Launch date | November 7, 2023 |
| Question count | Maximum of 90 |
| Duration | 90 minutes |
| Passing score | 750 on a 100-900 scale |
| Languages | English, Japanese, Portuguese, Spanish, and Thai |
| Retirement model | Usually three years after launch (estimated 2026) |
| Recommended background | Network+ plus two years in a security or systems administrator role |
If you only open three external pages before you schedule the exam, make them these:
That covers current exam facts, policy rules, and delivery logistics directly from the exam owner and delivery partner.
Security+ is broad enough that readers can lose time by opening every framework in full. A better order is:
The goal is not to memorize NIST line by line. The goal is to understand why Security+ uses those terms and control ideas.
| If you are coming from… | Open these first | Why |
|---|---|---|
| Help desk or support | CompTIA certification page, NIST CSF, OWASP Top 10 | Builds the bridge from general IT into security thinking |
| Cloud or systems admin | CompTIA certification page, shared-responsibility references, NIST identity and incident-handling references | Strengthens cloud-security and operations judgment |
| Early security or SOC work | CompTIA certification page, MITRE ATT&CK, NIST SP 800-61, OWASP Cheat Sheet Series | Sharpens detection, response, and application-risk context |
Security+ certification page Current exam version, launch date, languages, pricing, and high-level objectives summary.
Security+ exam objectives
Official objective document for SY0-701.
Testing policies and candidate information ID rules, accommodations, scheduling information, and policy references.
CompTIA Continuing Education Renewal model and CE information for keeping the certification active.
Pearson VUE CompTIA scheduling Exam delivery and scheduling details.
Use these when Security+ questions mention governance, controls, incident handling, or audit language and you want the primary framework context behind the term.
| Security+ domain | Most useful outside references |
|---|---|
| General Security Concepts | NIST Digital Identity Guidelines, TLS 1.3 RFC 8446 |
| Threats, Vulnerabilities, and Mitigations | MITRE ATT&CK, OWASP Top 10, CVE Program |
| Security Architecture | Cloud Security Alliance, shared-responsibility references, Kubernetes security concepts |
| Security Operations | NIST SP 800-61 incident handling, Wireshark, Sysinternals |
| Program Management and Oversight | NIST Cybersecurity Framework, CIS Controls, SOC 2 FAQ |
| Role | Useful references |
|---|---|
| Recon and scanning | Nmap, OpenVAS |
| Web testing | OWASP ZAP, Burp Community |
| Endpoint and Windows triage | Sysinternals |
| Traffic and log review | Wireshark, Zeek |
| Exploitation lab tooling | Metasploit Framework |
| Scripting | PowerShell docs, Python docs |
openssl, renew or replace a lab cert, and test trust outcomesKeep all testing inside isolated labs or explicitly authorized environments only.
Security+ usually rewards the candidate who can classify the problem correctly and choose the strongest operationally realistic control, not the candidate who read the most PDFs.