Use this quick start guide to collect all the information about CompTIA Security+ (SY0-501) Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the SY0-501 Security+ exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual CompTIA Security Plus certification exam.
The CompTIA Security+ certification is mainly targeted to those candidates who want to build their career in IT Security domain. The CompTIA Security+ exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of CompTIA Security Plus.
CompTIA Security+ Exam Summary:
Exam Name | CompTIA Security+ |
Exam Code | SY0-501 |
Exam Price | $370 (USD) |
Duration | 90 mins |
Number of Questions | 90 |
Passing Score | 750 / 900 |
Schedule Exam | CompTIA Marketplace |
Sample Questions | CompTIA Security+ Sample Questions |
Practice Exam | CompTIA SY0-501 Certification Practice Exam |
CompTIA SY0-501 Exam Syllabus Topics:
Topic | Details |
---|---|
Threats, Attacks and Vulnerabilities - 21% |
|
Given a scenario, analyze indicators of compromise
and determine the type of malware.
|
- Viruses - Crypto-malware - Ransomware - Worm - Trojan - Rootkit - Keylogger - Adware - Spyware - Bots - RAT - Logic bomb - Backdoor |
Compare and contrast types of attacks. |
1. Social engineering
2. Application/service attacks
3. Wireless attacks
4. Cryptographic attacks
|
Explain threat actor types and attributes. |
1. Types of actors
2. Attributes of actors
3. Use of open-source intelligence |
Explain penetration testing concepts. |
- Active reconnaissance - Passive reconnaissance - Pivot - Initial exploitation - Persistence - Escalation of privilege - Black box - White box - Gray box - Penetration testing vs. vulnerability scanning |
Explain vulnerability scanning concepts. |
- Passively test security controls - Identify vulnerability - Identify lack of security controls - Identify common misconfigurations - Intrusive vs. non-intrusive - Credentialed vs. non-credentialed - False positive |
Explain the impact associated with types of vulnerabilities. |
1. Race conditions 2. Vulnerabilities due to:
3. Improper input handling
13. System sprawl/undocumented assets |
Technologies and Tools - 22% |
|
Install and configure network components, both hardwareand software-based, to support organizational security. |
1. Firewall
2. VPN concentrator
3. NIPS/NIDS
4. Router
5. Switch
6. Proxy
7. Load balancer
8. Access point
9. SIEM
10. DLP
11. NAC
12. Mail gateway
13. Bridge |
Given a scenario, use appropriate software tools to assess the security posture of an organization. |
1. Protocol analyzer 2. Network scanners
3. Wireless scanners/cracker
|
Given a scenario, troubleshoot common security issues. |
1. Unencrypted credentials/clear text 2. Logs and events anomalies 3. Permission issues 4. Access violations 5. Certificate issues 6. Data exfiltration 7. Misconfigured devices
8. Weak security configurations
10. Unauthorized software |
Given a scenario, analyze and interpret output from security technologies. |
1. HIDS/HIPS 2. Antivirus 3. File integrity check 4. Host-based firewall 5. Application whitelisting 6. Removable media control 7. Advanced malware tools 8. Patch management tools 9. UTM 10. DLP 11. Data execution prevention 12. Web application firewall |
Given a scenario, deploy mobile devices securely. |
1. Connection methods
2. Mobile device management concepts
3. Enforcement and monitoring for:
4. Deployment models
|
Given a scenario, implement secure protocols. |
1. Protocols
2. Use cases
|
Architecture and Design - 15% |
|
Explain use cases and purpose for frameworks, best practices and secure configuration guides. |
1. Industry-standard frameworks and reference architectures
2. Benchmarks/secure configuration guides
3. Defense-in-depth/layered security
|
Given a scenario, implement secure network architecture concepts. |
1. Zones/topologies
2. Segregation/segmentation/isolation
3. Tunneling/VPN
4. Security device/technology placement
5. SDN |
Given a scenario, implement secure systems design. |
1. Hardware/firmware security
2. Operating systems
3. Peripherals
|
Explain the importance of secure staging deployment concepts. |
1. Sandboxing 2. Environment
3. Secure baseline |
Explain the security implications of embedded systems. |
1. SCADA/ICS 2. Smart devices/IoT
3. HVAC
|
Summarize secure application development and deployment concepts. |
1. Development life-cycle models
2. Secure DevOps
3. Version control and change management
6. Code quality and testing
7. Compiled vs. runtime code |
Summarize cloud and virtualization concepts. |
1. Hypervisor
2. VM sprawl avoidance
6. On-premise vs. hosted vs. cloud |
Explain how resiliency and automation strategies reduce risk. |
1. Automation/scripting
2. Templates
5. Elasticity |
Explain the importance of physical security controls. |
1. Lighting 2. Signs 3. Fencing/gate/cage 4. Security guards 5. Alarms 6. Safe 7. Secure cabinets/enclosures 8. Protected distribution/Protected cabling 9. Airgap 10. Mantrap 11. Faraday cage 12. Lock types 13. Biometrics 14. Barricades/bollards 15. Tokens/cards 16. Environmental controls
17. Cable locks |
Identity and Access Management - 16% |
|
Compare and contrast identity and access management concepts |
1. Identification, authentication, authorization and accounting (AAA) 2. Multifactor authentication
3. Federation |
Given a scenario, install and configure identity and access services. |
- LDAP - Kerberos - TACACS+ - CHAP - PAP - MSCHAP - RADIUS - SAML - OpenID Connect - OAUTH - Shibboleth - Secure token - NTLM |
Given a scenario, implement identity and access management controls. |
1. Access control models
2. Physical access control
3. Biometric factors
4. Tokens
5. Certificate-based authentication
6. File system security |
Given a scenario, differentiate common account management practices. |
1. Account types
2. General Concepts
3. Account policy enforcement
|
Risk Management - 14% |
|
Explain the importance of policies, plans and procedures related to organizational security |
1. Standard operating procedure 2. Agreement types
3. Personnel management
4. General security policies
|
Summarize business impact analysis concepts. |
1. RTO/RPO 2. MTBF 3. MTTR 4. Mission-essential functions 5. Identification of critical systems 6. Single point of failure 7. Impact
8. Privacy impact assessment |
Explain risk management processes and concepts. |
1. Threat assessment
2. Risk assessment
3. Change management |
Given a scenario, follow incident response procedures. |
1. Incident response plan
2. Incident response process
|
Summarize basic concepts of forensics. |
1. Order of volatility 2. Chain of custody 3. Legal hold 4. Data acquisition
5. Preservation
8. Track man-hours |
Explain disaster recovery and continuity of operation concepts. |
1. Recovery sites
2. Order of restoration
4. Geographic considerations
5. Continuity of operation planning
|
Compare and contrast various types of controls. |
- Deterrent - Preventive - Detective - Corrective - Compensating - Technical - Administrative - Physical |
Given a scenario, carry out data security and privacy practices. |
1. Data destruction and media sanitization
2. Data sensitivity labeling and handling
3. Data roles
4. Data retention |
Cryptography and PKI - 12% |
|
Compare and contrast basic concepts of cryptography. |
1. Symmetric algorithms 2. Modes of operation 3. Asymmetric algorithms 4. Hashing 5. Salt, IV, nonce 6. Elliptic curve 7. Weak/deprecated algorithms 8. Key exchange 9. Digital signatures 10. Diffusion 11. Confusion 12. Collision 13. Steganography 14. Obfuscation 15. Stream vs. block 16. Key strength 17. Session keys 18. Ephemeral key 19. Secret algorithm 20. Data-in-transit 21. Data-at-rest 22. Data-in-use 23. Random/pseudo-random number generation 24. Key stretching 25. Implementation vs. algorithm selection
26. Perfect forward secrecy
|
Explain cryptography algorithms and their basic characteristics. |
1. Symmetric algorithms
2. Cipher modes
3. Asymmetric algorithms
4. Hashing algorithms
5. Key stretching algorithms
6. Obfuscation
|
Given a scenario, install and configure wireless security settings. |
1. Cryptographic protocols
2. Authentication protocols
3. Methods
|
Given a scenario, implement public key infrastructure. |
1. Components
2. Concepts
3. Types of certificates
4. Certificate formats
|
To ensure success in CompTIA Security Plus certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for Security+ (SY0-501) exam.