CompTIA Security+ Certification Exam Overview
CompTIA Security+ Certification is a vendor neutral credential validating foundation-level security skills and knowledge. The current, active version of the exam is labeled SY0-501. It was launched on October 4, 2017 and retires approximately 3 years from its release date.
Question Types on the Security+ Exam
Multiple-choice / multiple-selection questions: questions requiring test takers to choose one or more correct response by clicking on the correct answer.
Performance-Based Questions (PBQs): questions that require solving problems in a simulated IT environment (examples include command prompt or networking environments). These types of questions are also present on other CompTIA exams, including CompTIA A+ and CompTIA Network+.
CompTIA doesn't set any prerequisites for its exams. Although there are no formal restrictions related to age or educational background, the official description of each exam includes a set of informal recommendations for candidates. Specific recommendations related to the Security+ SY0-501 exam include CompTIA Network+ certification and two years of experience in IT administration with a security focus.
An additional, general recommendation for every exam provided by CompTIA is that the candidate should be at least 13 years old.
Security+ Exam Domains
|Domain||% of the Exam Content|
|1.0 Threats, Attacks and Vulnerabilities||21%|
|2.0 Technologies and Tools||22%|
|3.0 Architecture and Design||15%|
|4.0 Identity and Access Management||16%|
|5.0 Risk Management||14%|
|6.0 Cryptography and PKI||12%|
The general description of certification test topics can be found in exam objectives, which are pdf documents outlining the scope of the actual CompTIA certification test. These documents are published by CompTIA and available for public view.
Exam objectives include domain weighting, test objectives, as well as example topics and concepts for better clarification of the material covered on the actual exam.
CompTIA is constantly reviewing the content of its certification exams and updating test questions to ensure that certification exams stay current and the security of the questions is protected.
Certification test domains might get an update while a given exam remains active, which involves revision of the existing domains, but also inclusion of new topics and concepts.
Exam Renewal Policy
Security+ bridge exam scheme retired on 31st of December 2010 (along with all other CompTIA bridge exams which are no longer available). The SY0-501 exam is part of the Continuing Education (CE) program, under which lifetime certification status granted previously by passing the Security+ exam is no longer offered by CompTIA and periodic renewal becomes mandatory to be able to hold a valid certification document.
Starting from 1st of January 2011, all new CompTIA A+, CompTIA Network+ and CompTIA Security+ certifications are valid for three years from the date the candidate is certified. After three years, they must be renewed either by passing the new release of the exam, or by fulfilling units from the CE program.
Individuals certified in CompTIA A+, CompTIA Network+ or CompTIA Security+ on or before Dec. 31, 2010, are considered certified for life. For individuals certified on or after Jan. 1, 2011, these certifications can be maintained by passing the most current CompTIA exam prior to the three-year expiration date or enrolling in CompTIA's new Continuing Education (CE) program. This initiative allows participants to keep skills and certifications current through a variety of activities that show an understanding of relevant industry knowledge.
Starting from 9th of July 2012, CompTIA exams are available only through Pearson VUE testing centers; they can be booked online at the Pearson VUE website.
Exam Retake Policies
CompTIA does not offer any free re-tests nor discounts on exam retakes and candidates must pay the exam price each time they attempt the exam. There is no waiting period between the first and second attempt to pass the exam, only before the third attempt or any subsequent attempt there is a mandatory wait period of at least 14 calendar days from the date of the last attempt.