Main menu

CompTIA Security+ Certification Exam Overview

CompTIA Security+ Certification is a vendor neutral credential validating foundation-level security skills and knowledge. The current, active version of the exam is labeled SY0-501. It was launched on October ​4, 2017 and is scheduled to retire approximately 3 years from its release date.

Question Types On The Security+ Exam

Multiple-choice / multiple-selection questions: questions requiring test takers to choose one or more correct response by clicking on the correct answer.

Performance-based questions: questions that require solving problems in a simulated IT environment (examples include command prompt or networking environments). These types of questions are also present on CompTIA A+, CompTIA Network+, and CompTIA Advanced Security Practitioner (CASP) exams.

Exam Prerequisites

CompTIA doesn't set any prerequisites for its exams. Although there are no formal restrictions related to age or educational background, the official description of each exam includes a set of informal recommendations for candidates. Specific recommendations related to the Security+ SY0-501 exam include CompTIA Network+ certification and two years of experience in IT administration with a security focus.

An additional, general recommendation for every exam provided by CompTIA is that the candidate should be at least 13 years old.

Securiy+ Exam Domains

CompTIA Security+ SY0-501 Certification Exam Domains
Domain% of the Exam Content 
1.0 Threats, Attacks and Vulnerabilities 21%
2.0 Technologies and Tools 22%
3.0 Architecture and Design 15%
4.0 Identity and Access Management 16%
5.0 Risk Management 14%
6.0 Cryptography and PKI 12%
Total 100%

The general description of certification test topics can be found in exam objectives, which are pdf documents outlining the scope of the actual CompTIA certification test. These documents are published by CompTIA and available for public view.

Exam objectives include domain weighting, test objectives, as well as example topics and concepts for better clarification of the material covered on the actual exam.

CompTIA is constantly reviewing the content of its certification exams and updating test questions to ensure that certification exams stay current and the security of the questions is protected.

Certification test domains might get an update while a given exam remains active, which involves revision of the existing domains, but also inclusion of new topics and concepts.

Exam Renewal Policy

Security+ bridge exam scheme retired on 31st of December 2010 (along with all other CompTIA bridge exams which are no longer available). The SY0-501 exam is part of the Continuing Education (CE) program, under which lifetime certification status granted previously by passing the Security+ exam is no longer offered by CompTIA and periodic renewal becomes mandatory to be able to hold a valid certification document.

Starting from 1st of January 2011, all new CompTIA A+, CompTIA Network+ and CompTIA Security+ certifications are valid for three years from the date the candidate is certified. After three years, they must be renewed either by passing the new release of the exam, or by fulfilling units from the CE program.

Individuals certified in CompTIA A+, CompTIA Network+ or CompTIA Security+ on or before Dec. 31, 2010, are considered certified for life. For individuals certified on or after Jan. 1, 2011, these certifications can be maintained by passing the most current CompTIA exam prior to the three-year expiration date or enrolling in CompTIA's new Continuing Education (CE) program. This initiative allows participants to keep skills and certifications current through a variety of activities that show an understanding of relevant industry knowledge.

Starting from 9th of July 2012, CompTIA exams are available only through Pearson VUE testing centers (exams are booked online at the Pearson VUE website).

CompTIA Security+ Certification Credentials

CompTIA Security+ certification fulfills the U.S. Department of Defense’s Directive 8570.01-M. Department of Defense (DOD) approves CompTIA Security+ to fulfill certification requirements for Information Assurance Management (IAM) Level 1 positions.

CompTIA Security+ certification can also help in demonstrating compliance with government regulations under FISMA (the Federal Information Security Management Act).

Exam Retake Policies

CompTIA does not offer any free re-tests nor discounts on exam retakes and candidates must pay the exam price each time they attempt the exam. There is no waiting period between the first and second attempt to pass the exam, only before the third attempt or any subsequent attempt there is a mandatory wait period of at least 14 calendar days from the date of the last attempt.

Exam Resources

CompTIA Security+ SY0-501 exam objectives
Free CompTIA Security+ practice exams from ExamCompass
Professor Messer's free CompTIA Security+ video training course