CompTIA - Security+ SY0-701

Summary

CompTIA Security+ is a certification that has gained populairty and became the favorite for most people trying to break into the cybersecurity field. It is not just a basic Cybersecurity certification, but a certification that is required in many positions.

My Experience

It has been a certification I’ve been looking to obtain since I decided to undertake my journey in cybersecurity. Since the price is not very accessible for most people in Latinamerica it was a bit of a journey to obtain it. Through this journey I encounter several ways to obtain discounts for the certification which I’ll explain later in detail.

Comparing it a bit with ISC2 - Certified in Cybersecurity, I can say that while they share many similarities, they offer different takeaways. The content in CompTIA Security+ is notably more in-depth, providing a deeper understanding of certain topics but I can reafirm what I said before, ISC2 - Certified in Cybersecurity was a great preparation for this certification.

It took me about 3 months to study for this certification while doing University and other activities. I’ll admit that at the beginning, I didn’t have the most effective study approach, but over time, I improved it and was able to pass the exam with what I consider a good score.

While this certification is still quite theorical, it is well-regarded both in the US and Latinamerica. There are few key points to know about the exam and I’ll be listing the resources I used to prepare. It is also worth to mention that this certification doesn’t target a specific role within cybersecurity, rather, it ensures that the applicant has the general knowledge required to work in field.

Working roles

EDIT*** This is a list of approved work roles for CompTIA Security+ as DOD 8140 Cyber Workforce: · 411 - Technical support specialist · 431 - Knowledge manager · 441 - Network operations specialist · 451 - System administrator · 461 - Systems security analyst · 511 - Cyber defense analyst · 521 - Cyber defense infrastructure support specialist · 531 - Cyber defense incident responder · 541 - Vulnerability assessment analyst · 612 - Security control assessor · 622 - Secure software assessor · 641 - Systems requirements planner · 671 - System testing and evaluation specialist · 722 - Information systems security manager · 723 - COMSEC manager · 752 - Cyber policy and strategy planner · 801 - Program manager · 802 - IT project manager · 804 - IT investment/portfolio manager · 805 - IT program auditor

For reference you can check the following articles from CompTIA:

• What 8140 means for companies working with DOD
• CompTIA and DoDM 8140.03: Upholding cybersecurity classification standards

Study Content

Similar to ISC2 - Certified in Cybersecurity, there is 5 domains to study in the Security+ certification, and they are divided as follows:

• Domain 1. General Security Concepts
  • 1.1 - Compare and contrast various types of security controls
  • 1.2 - Summarize fundamental security concepts
  • 1.3 - Explain the importance of change management processes and the impact to security.
  • 1.4 - Explain the importance of using appropriate cryptographic solutions.
• Domain 2. Threats, Vulnerabilities, and Mitigations
  • 2.1 - Compare and contrast common threat actors and motivations.
  • 2.2 - Explain common threat vectors and attack surfaces
  • 2.3 - Explain various types of vulnerabilities.
  • 2.4 - Given a scenario, analyze indicators of malicious activity.
  • 2.5 - Explain the purpose of mitigation techniques used to secure the enterprise.
• Domain 3. Security Architecture
  • 3.1 - Comapare and contrast security implications of different architecture models.
  • 3.2 - Given a scenario, apply security principles to secure enterprise infrastructure.
  • 3.3 - Compare and constrast concepts and strategies to protect data.
  • 3.4 - Explain the importance of resilience and recovery in security architecture.
• Domain 4. Security Operations
  • 4.1 - Given a scenario, apply common security techniques to computing resources.
  • 4.2 - Explain the security implications of proper hardware, software, and data asset management.
  • 4.3 - Explain various activities associated with vulnerability management.
  • 4.4 - Explain security alerting and monitoring concepts and tools.
  • 4.5 - Given a scenario, modify enterprise capabilities to enhance security.
  • 4.6 - Given a scenario, implement and maintain identity and access management.
  • 4.7 - Explain the importance of automation and orchestration related to secure operations.
  • 4.8 - Explain appropriate incident response activities.
  • 4.9 - Given a scenario, use data sources to support an investigation.
• Domain 5. Security Program Management and Oversight
  • 5.1 - Summarize elements of effective security governance
  • 5.2 - Explain elements of the risk management process.
  • 5.3 - Explain the processes associated with third-party risk assessment and management.
  • 5.4 - Summarize elements of effective security compliance.
  • 5.5 - Explain types and purposes of audits and assessments.
  • 5.6 - Given a scenario, implement security awareness practices.

If you want to see the exam objectives in more detail, check the Certification Exam Objectives PDF: General Objectives - PDF

Pricing

CompTIA sells not only vouchers but as well different bundles to prepare for the test. Each voucher is valid for 12 months. There is a CompTIA academic store but is only valid for students enrolled in the US, UK and Canada.

As of today September 18th, 2025 the prices are the following:

• Regular Store (North America)
  • $425 USD (without retake)
  • $474 USD (with retake)

  Note: At the moment the Academic Store is under maintenance

The links provided are for reference only. If you are purchasing a voucher, make sure to buy it from the correct regional store.

Some ways to save money

If you are based in the US, UK or Canada and are a student the easiest way is to get the voucher through the academic store as stated before. If other, here are couple of options:

1. Coursera Google. Once completed the course you receive a voucher with a 30% discount over the price. (The discount only applies for the full price voucher test).
2. Dion Training. They sell exam vouchers with a ~10% discount + 50% off the Practice exam app.
3. Professor Messer. Offers Security+ test voucher with a ~10% discount + Exam Hacks eBook.
4. Non-Profit. Some non-profit associations have programs to help you get this certifications at a better price or even provide training for them.

Study Resources Recommendations

For the Security+ I really tried different methods. As I did this certification through a Non-Profit Organization, they provided me with certain resources and as well I got some on the side to reinforce:

• CertMaster Practice for Security+ (SY0-701) This is a set of questions divided by domain and subdomain to help you test what you’ve study and check weak points. If you have the means to aquire this, I highly recommend it, the kind of questions you’ll take in the actual test are worded in very similar way.
• CertMaster Labs for Security+ (SY0-701) Be aware that completing all these labs takes an insane amount of time, it is very well worth it if you haven’t had any practical experience before, since you’ll encounter simulated labs that will cover each area of the test in a practical way, but if you just want to pass the test, this won’t really help much.
• Professor Messer - CompTIA SY0-701 Security+ Training course I think if you haven’t had any contact with the topics covered in the certification, this is a great way to get familiar with them.
• Jason Dion - Udemy CompTIA Security+ (SY0-701) Complete Course & Practice Exam I think this course is really just what you need to pass the test, it is very well worded and I feel it helped me to actually correlate concepts in a more understanding way. Note: I didn’t get its practice questions, just the course.
• Sybex CompTIA Security+ Study Guide by Mike Chapple This guide was amazing, it is very well word it and well you can get it either in Wiley, Amazon, O’reilly,and couple other stores. You get free access to the online practice questions in the Sybex Test Banks Site which is what I used to study on hand with the CertMaster Practice. I have free access to O’Reilly and that was enough to access the extra content.
• Sybex CompTIA Security+ Practice Tests, 3rd Edition Same with this book, I used the bank test and it really was a great experience to review some material. You can get both books as a bundle too.
• Pearson - CompTIA Security+ SY0-701 Cert Guide (Certification Guide) I tried this guide, and at the beggining I think I had a bad approach to my study because I was just reading it and it took way too much time. It is a great guide and I would just recommend it to check topics and review exercises.
• Cyberkraft - Security+ SY0-701 PBQs I would highly recommend watching this playlist to get an idea of the kind of PBQ you’ll get in the test. Usually you get 3-5 PBQ in a test. Mine were all about networking, so I wish you good luck!
• Pearson Practice Test I didn’t really use this practice test for this certification, but I did for the Network+ (which I’ll make a post as well) and this practice test was really worth doing, so I wanted to recomend it over here too. I got access to it through O’Reilly.
• Some other resources
  • Mike Chappel Linkedin Course: I personally didn’t like it and found it very boring. Contrary to the ISC2 - CC where his course is very well made for that certification. (This was my first approach into studying for Sec+)
  • Andrew Ramdayal: I personally didn’t like his way of teaching and I think lot of concepts were left on the side, but mind myself since I only watch the first couple of videos and left it.

Study Tips

• It is faster to study watching videos, but as well it is important to make notes and do active recall on what you are learning.
• It is important to start doing the practice questions from the beggining, I did them every time I would finish a subdomain/domain.
• I did couple full lenght tests 1 week before the test and aim to score about 90%. Don’t get scared if at the beggining you score 60%, it is normal at the beggining and it’s better to get that score while practicing than in the real test. So, don’t let that discourage you.
• Only use approved materials to study, I’ve seen people on the internet getting their certifications revoked because they used a practice test bank that was on a black list, so please just be mindful of that.

Test Day Tips

• Don’t do anything overstimulating.
• Be calm.
• Leave the PBQ for the end.
• Don’t think too much, but enough.
• Flag questions you are not sure, but answer all of them before going to the PBQ in case you don’t have enough time at the end to review them all.

If you have a substrack account, I'll be posting this content as well in there!