Welcome to the Security+ certification exam study guide. The core Security+ exam objectives covered in this guide are based on CompTIA Security+ Certification, a vendor-neutral credential. The CompTIA Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge used by organizations and security professionals around the globe.
The CompTIA Security+ exam will certify that the successful candidate has the knowledge and skills required to identify risk and participate in risk mitigation activities; provide infrastructure, application, operational, and information security; apply security controls to maintain confidentiality, integrity, and availability; identify appropriate technologies and products; and operate with an awareness of applicable policies, laws, and regulations.
The CompTIA Security+ Certification is aimed at IT security professionals who have achieved the following:
- A minimum of two years’ experience in IT administration, with a focus on security
- Day-to-day technical information security experience
- Broad knowledge of security concerns and implementation, including the topics in the domain areas below
CompTIA Security+ is ISO 17024 Accredited (Personnel Certification Accreditation) and, as such, undergoes regular reviews of and updates to the exam objectives. The CompTIA Security+ objectives in this study guide reflect the subject areas in this edition of the exam, and result from subject matter expert workshops and industry-wide survey results regarding the skills and knowledge required of an information security professional with two years of experience.
This examination blueprint includes domain weighting, test objectives, and example content. Example topics and concepts are included to clarify the test objectives and should not be construed as a comprehensive listing of all the content in this examination.
The domain areas measured by this examination and the approximate extent to which they are represented in the examination (by percentage) are as follows:
- Network Security (21%)
- Compliance and Operational Security (18%)
- Threats and Vulnerabilities (21%)
- Application, Data, and Host Security (16%)
- Access Control and Identity Management (13%)
- Cryptography (11%)
How This Guide Works
This guide is divided into six chapters that represent each of the individual SY0-301 domains. At the beginning of each chapter, all of the domain objectives are listed. Within each chapter, we will then discuss all of the content in each of the domain objectives, paying special attention to difficult principles and providing many illustrations to assist in learning. Finally, each chapter will include a quiz at the end to help you assess how well you have assimilated the material.