The CompTIA Security+ certification exam will verify the successful candidate has the knowledge and skills required to assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; monitor and secure hybrid environments, including cloud, mobile, and IoT; operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; identify, analyze, and respond to security events and incidents
Number of Questions Maximum of 90 questions
Type of Questions Multiple choice and performance-based
Length of Test 90 minutes
Passing Score 750 (on a scale of 100-900)
Recommended Experience CompTIA Network+ and two years of experience in IT administration with a security focus
Languages English, Japanese, Portuguese and Simplified Chinese English, Japanese
Retirement English retires: July 31, 2021
All other languages retire: Q1 2022
Usually three years after launch
Testing Provider Pearson VUE
Testing Centers : Online Testing
Official CompTIA Content (OCC) has been designed from the ground up to help you learn and master the material in your certification exam. Trust self-paced CompTIA study guides that are
Clearly written and structured.
Flexible so you can learn at any pace.
Focused on your exam success.
Save With a Bundle
CompTIA Training bundles are a great way to continue your learning process in every stage of your exam preparation. Complement a study guide with popular training options such as:
Learn online with CertMaster Learn.
Apply your knowledge with CertMaster Labs
Practice and prepare for your exam with CertMaster Practice.
Why is it different?
More choose Security+ – chosen by more corporations and defense organizations than any other certification on the market to validate baseline security skills and for fulfilling the DoD 8570 compliance.
Security+ proves hands-on skills – the only baseline cybersecurity certification emphasizing hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of today’s complex issues.
More job roles turn to Security+ to supplement skills – baseline cybersecurity skills are applicable across more of today’s job roles to secure systems, software and hardware.
Security+ is aligned to the latest trends and techniques – covering the most core technical skills in risk assessment and management, incident response, forensics, enterprise networks, hybrid/cloud operations, and security controls, ensuring high-performance on the job.
Two people looking at many monitors.
About the exam
CompTIA Security+ (SY0-501) English language exam will retire on July 31, 2021.
The new Security+ (SY0-601) is now available.
CompTIA Security+ is the first security certification a candidate should earn. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Security+ incorporates best practices in hands-on troubleshooting, ensuring candidates have practical security problem-solving skills required to:
Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions
Monitor and secure hybrid environments, including cloud, mobile, and IoT
Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance
Identify, analyze, and respond to security events and incidents
Security+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
What Skills Will You Learn?
HARDWARE : Attacks, Threats and Vulnerabilities
Focusing on more threats, attacks, and vulnerabilities on the Internet from newer custom devices that must be mitigated, such as IoT and embedded devices, newer DDoS attacks, and social engineering attacks based on current events.
SECURITY
Architecture and Design
Includes coverage of enterprise environments and reliance on the cloud, which is growing quickly as organizations transition to hybrid networks.
HARDWARE & NETWORK TROUBLESHOOTING
Implementation
Expanded to focus on administering identity, access management, PKI, basic cryptography, wireless, and end-to-end security.
WINDOWS OPERATING SYSTEMS
Operations and Incident Response
Covering organizational security assessment and incident response procedures, such as basic threat detection, risk mitigation techniques, security controls, and basic digital forensics.
SOFTWARE TROUBLESHOOTING
Governance, Risk and Compliance
Expanded to support organizational risk management and compliance to regulations, such as PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.
Jobs that use CompTIA Security+
Security Administrator
Systems Administrator
Helpdesk Manager / Analyst
Network / Cloud Engineer
Security Engineer / Analyst
DevOps / Software Developer
IT Auditors
IT Project Manager
QUESTION 1
Which of the following will MOST likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back-end LAMP server and OT systems with human-management interfaces that are accessible over the Internet via a web interface? (Choose two.)
A. Cross-site scripting
B. Data exfiltration
C. Poor system logging
D. Weak encryption
E. SQL injection
F. Server-side request forgery
Correct Answer: DF
QUESTION 2
A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD
culture while also protecting the company’s data?
A. Containerization
B. Geofencing
C. Full-disk encryption
D. Remote wipe
Correct Answer: C
QUESTION 3
A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)
A. Perform a site survey
B. Deploy an FTK Imager
C. Create a heat map
D. Scan for rogue access points
E. Upgrade the security protocols
F. Install a captive portal
Correct Answer: AC
QUESTION 4
Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?
A. SSAE SOC 2
B. PCI DSS
C. GDPR
D. ISO 31000
Correct Answer: C
Actualkey CompTIA Security+ SY0-601 Exam pdf, Certkingdom CompTIA Security+ SY0-601 PDF
Best CompTIA Security+ SY0-601 Certification, CompTIA Security+ SY0-601 Training at certkingdom.com
