Security+ Certification Hub - Infosec Resources

600,000+

# of Security+ holders

$78,000

Avg. U.S. salary

2+ years

Recommended experience

Security+ exam objectives

The Security+ exam covers five objectives, or domains. The current Security+ exam objectives are listed below:

Attacks, threats and vulnerabilities (24%)

Covers cyberattacks, including social engineering attacks, DDoS attacks and malware, as well as basic penetration testing techniques and attack vectors.

Learn More
Architecture and design (21%)

Covers enterprise environments and the usage of hybrid networks as organizations transition to the cloud.

Learn More
Implementation (25%)

Covers basic cryptography, end-to-end security, access management, public key infrastructure (PKI) and identity management.

Learn More
Operations and IR (16%)

Covers organizational security assessments and incident response, including threat detection, risk mitigation, security controls and digital forensics.

Learn More
Governance, risk and compliance (14%)

Covers knowledge of organizational risk management and regulatory compliance to standards like HIPAA, CCPA, SOX, PCI-DSS, NIST, GDPR and FISMA.

Learn More

Learn more about the Security+ domains.

How do I get the Security+?

As CompTIA’s Director of Products Patrick Lane notes, the Security+ is designed for individuals with around two years of professional experience. That’s because cybersecurity should not be the first thing you learn or do, says Patrick.

“People say, ‘You can’t secure a network unless you know how the network works,'” says Lane. “If you’re thinking about taking Security+, you’ve got to make sure you understand networking basics, networking fundamentals.”

Earning your A+ and Network+ — or at least studying what’s on the exams — can help build that foundation. However, there are no Security+ requirements needed to earn your Security+ eligibility. The only requirement is simple: pass the Security+ exam.

What is the current Security+ version?

SY0-501 vs. SY0-601

CompTIA updates the Security+ exam every three years to stay current with emerging trends in information technology and cybersecurity. Launched in November 2020, the newest version of the exam is the CompTIA Security+ (SY0-601). The biggest difference between the latest version (601) and the previous version (Security+ 501) is that it only covers five exam objectives instead of six.

Security+ 601 also places a greater emphasis on additional threats, the use of cloud environments, entry-level incident response and GRC (governance, risk and compliance). The current version of Security+ is compliant with ISO 17024 standards and U.S. DoD directive 8140/8570.01-M requirements. For more information, watch the full webinar with CompTIA’s Patrick Lane Everything you need to know about the SY0-601 update.

Security+ SY0-601 exam FAQs

CompTIA is currently working on the Job Task Analysis (JTA) for the next version of the Security+ exam, but that is not expected to be released until the autumn of 2023, and the current version of the exam is expected to be valid until the summer of 2024. Here’s what you should know about the current Security+ exam (SY0-601):

What is the Security+ exam outline and structure?
- The CompTIA Security+ exam is made up of 90 questions divided among the five exam objectives discussed in the Security+ exam objectives section. Test-takers have 90 minutes to complete the performance-based exam and must reach a passing score of 750/900.
  
  There are two types of questions on the Security+ exam: performance-based questions, which involve performing a task or solving a problem, and traditional questions, which include multiple-choice, drag-and-drop and fill-in-the-blank.
How hard is the Security+ exam?
- Although Security+ difficulty will vary from person to person, keep in mind that the CompTIA Security+ is geared towards early career professionals. Questions will assess that you have a basic, practitioner-level knowledge of the five exam objectives. The test itself is made up of 90 questions, and test-takers must earn at least 750/900 points to earn a passing grade.
  
  Some fairly prominent cybersecurity practitioners have failed their Security+ exam, so if it takes more than one attempt to pass, don’t let it discourage you from a career in cybersecurity.
Where to take the Security+ exam?
- You can take the Security+ exam at a Pearson VUE testing center (or OnVUE, which is the online proctoring service for Pearson VUE). To register for the exam, you’ll need to visit the CompTIA website and purchase a Security+ voucher. The voucher code allows you to sign up for the test. To schedule the exam, you’ll need to create a free account with Pearson VUE and select a location and time. Security+ Pearson Vue testing locations are scattered across the world to accommodate international learners and military members stationed abroad. In fact, some military members may be eligible to take the exam at an on-base testing center.
  
  More information can be found on the Pearson VUE CompTIA page.
How much does the Security+ exam cost?
- The CompTIA Security+ certification costs vary based on location:
  - USA: $381 (USD)
  - Australia: $515 AUD
  - Emerging Market: $213 (USDe)
  - Euro: 344 EURO
  - Great Britain 226 GBP
  - Japan 43,469 JPY
  - South Africa: 2,928 ZAR
  The most up-to-date pricing for CompTIA exams can be found on the CompTIA website.
How to pass the CompTIA Security+ exam?
- To pass the CompTIA Security+ exam, you need to earn at least 750 points out of a total of 900 points. The exam itself is 90 questions, meaning you have to answer over 80% of the questions correctly to earn a passing grade.
  
  Pass rates vary depending on an individual’s experience, study habits and test-taking strategies. Those who take an Infosec Security+ Boot Camp average a 93% pass rate. For more advice on passing the exam, check out our 10 tips for CompTIA Security+ exam success.
How long should you study for the Security+ exam?
- The amount of time you should dedicate to studying for the Security+ depends on your familiarity with the material covered in the five test objectives. Chances are, you’re more comfortable with some of these objectives and less familiar with others, so you may wish to focus your efforts on areas where more preparation is needed.
  
  Similarly, if you’re looking to land your first job, you may need to devote more time to studying than a professional who’s already one or two years into their career. Although the amount of preparation time will vary from person to person, most test-takers study for 30 to 45 days prior to taking the exam.
How long is my Security+ valid?
- Once you pass the Security+ exam, your certification is valid for three years from the exam date. To keep your Security+ certification valid, you’ll need to renew it every three years.
How do I renew my Security+ certification? How much does it cost to renew?
- CompTIA offers flexible options for renewal. To renew your Security+ certification, you’ll have to earn continuing education units (CEUs). CEUs are earned by completing activities approved by CompTIA. There are two renewal tracks.
  
  Renew Security+ with a single activity:
  - Earn the CompTIA CertMaster CE
  - Complete a higher-level CompTIA certification
  - Complete a non-CompTIA IT industry certification
  - Re-take and pass the latest CompTIA Security+ exam
  Renew Security + with multiple activities:
  - Earn an additional CompTIA certification
  - Complete non-CompTIA IT industry certifications
  - Complete higher education or training
  - Gain relevant professional experience
  - Participate in industry activities
  - Publish an industry article, blog post or book
  You will also need to pay a continuing education renewal fee. The fee comes out to $50 a year or $150 for the three-year cycle.

Free and self-study Security+ materials

Studying for the Security+ exam is the best way to prepare yourself to earn a passing grade. Luckily, there are tons of helpful Security+ resources to help. Before you start scouting out the best Security+ books, we recommend taking a look at the official exam outline since it will shed light on what topics you’ll need to study.

Security+ study guides and Security+ books

Study guides and books are useful for doing a deep dive into each section of the test. You can find them at your local library or book store, or at online stores like Amazon, CompTIA and elsewhere:

Official CompTIA Security+ SY0-601 Certification Study Guide
CompTIA Security+ Get Certified Get Ahead: SY0-601 Study Guide by Darril Gibson
Mike Meyers’ CompTIA Security+ Certification Guide, Third Edition

Get your free ebook, CompTIA Security+ 601: How the world’s most popular cert is changing for a brief overview of the certification and the exam.

Security+ practice exams and simulations

Put your knowledge to the test by taking a Security+ practice exam — or by reviewing Security+ flashcards and Security+ cheat sheets. CompTIA has both free practice questions and paid Security+ simulation questions. Paid courses like the one taught by Mike Meyers in Infosec Skills also include both practice exam questions and hands-on Security+ labs.

You can also find previous exam takers who share notes and training resources in online forums, although using Security+ exam dumps with questions from the actual exam is considered cheating, warns CompTIA. Whichever study resources you end up choosing, we recommend taking a few Security+ free practice exams along the way to help pinpoint exactly which domains you should focus further studies on.

Other free Security+ training resources

There are a number of other free Security+ training materials being produced and shared by the community:

Forums like TechExams and Reddit allow you to connect directly with others who are studying for or have already taken the Security+.
YouTube is another great place to connect with cybersecurity practitioners and learn about the Security+ exam. Although most Security+ courses cost money, there are numerous free Security+ videos available to watch, including our Security+ exam webcast with CompTIA’s Patrick Lane.
Podcasts may not help you directly study for your Security+ exam, but those like the Cyber Work Podcast are a great way to learn about cybersecurity career options and your peers’ career journeys.

Security+ jobs, careers and salary

Security+ is a popular certification for people interested in careers in IT and cybersecurity. Whether you’re looking for your first industry job or want to move up in the ranks, Security+ can pave the way to new opportunities and a higher salary.

What are Security+ jobs?
- The Security+ certification prepares you for entry-level jobs that relate to network and computer systems administration. According to CompTIA, some of the most popular job titles for Security+ include:
  - Security administrator
  - Systems administrator
  - Helpdesk manager
  - Network/cloud engineer
  - Security engineer
  - DevOps/software developer
  - IT auditors
  - IT project manager
  Although not all of the jobs listed above are entry-level, Security+ provides an essential stepping stone on the pathway to those roles. If you have a particular senior-level career in mind, like ICS security practitioner or security engineer, it can be helpful to work backward and plot out what certifications you will need along the way.
  
  And if you’re unsure, that’s OK too — Security+ is one of the most popular and versatile entry-level certifications for new IT professionals.
What are entry-level security jobs?
- Security+ is an ideal certification for early career professionals. The certification can unlock a variety of entry-level jobs in the IT and cybersecurity spaces. Some of the most popular entry-level jobs for Security+ holders are:
  - Systems administrator
  - Security administrator
  - Security specialist
  - Security analyst
  - Network administrator
  - Junior IT auditor/penetration tester
  A SOC analyst (security analyst) is one of the most common entry-level cybersecurity roles. See our SOC analyst career hub to learn more.
  
  Want to learn more about your job options? Take a look at our Security+ job outlook and opportunities article for more information.
What does a Security+ certification do?
- The Security+ certification shows you’ve mastered skills related to threat identification, intrusion risk management and troubleshooting networks. Popular career options for Security+ holders are in the areas of security analysis and systems administration.
  
  Having your Security+ is a signal for hiring managers in IT and cybersecurity departments that you’re a qualified candidate — at least enough to get your foot in some doors and prove your worth during the interview.
  
  For more on acing your next interview, read our Top 25 Security+ interview questions or download our free ebook of cybersecurity interview tips.
Is Security+ worth it?
- If you’re thinking about getting the Security+, you may be asking yourself, “Is it worth it to get CompTIA Security+?” The answer to this question depends on your career goals, but if you want to break into the information security field with your first certification, then, yes! Security+ is a great option.
  
  There’s a reason it’s the most popular cybersecurity certification available. It’s also a great option for anyone working in the government or contractor space as it’s approved for several 8570 roles.
What is the Security+ average salary?
- CompTIA Security+ is geared towards professionals in the early phase of their careers. This is reflected in the national average salary data for popular Security+ jobs (source: Glassdoor).
  - Security specialist — $64,000
  - Network administrator — $69,000
  - Systems administrator — $75,000
  - Junior IT auditor — $84,000
  - Security administrator — $86,000
  - Security engineer — $110,000
  - Security consultant — $121,000
  Payscale has a similar average salary listed of $78,000.
  
  Keep in mind that your CompTIA Security+ certification is only one factor of many that determine your salary. Work experience, education, other certifications and even your geographic area will all play a role in how much you make.
  
  Read our Security+ salary article for more information.

Paid CompTIA Security+ training and exam prep

When it comes to preparing for the Security+ exam, you can choose to train yourself with books and free resources, or you can find a paid course. Most Security+ courses fall into two categories: live online Security+ boot camps or on-demand Security+ courses where you go at your own pace.

Live Security+ boot camps

A Security+ boot camp provides days of in-depth instruction from an expert instructor. For example, Infosec partners with CompTIA to provide a five-day Security+ boot camp that you can take live online or in person. There are a number of other training providers that offer similar options.

The benefits of a live Security+ boot camp include:

Live training and Q&A: As a newbie, you will have questions — and you may not know the best place to get them answered. A live instructor can set you on the right path.
Complete training package: Most Security+ boot camps come with everything you need: instruction, exam vouchers, books, practice exams and labs. Training with a live instructor is more expensive, so when shopping around, be sure you know what’s included in your purchase — and what you’ll have to pay extra for.
Improved pass rates: Boot camp providers like Infosec stand by their training with an Exam Pass Guarantee. That means if you fail your exam on your first attempt, you’ll get a second attempt to pass — for free.

Self-paced Security+ training

If you’re not in a hurry to earn your Security+, the go-at-your-own-pace model can be a great (and more affordable) option. These types of courses usually consist of a number of pre-recorded videos, along with practice exams and labs or exercises you can do on your own to reinforce the material.

The benefits of on-demand Security+ training include:

Train when you want: You’re in charge of your training schedule, whether that’s daily on your lunch break or cramming all weekend long. For further motivation, you can join a study group or connect with others who are preparing for the exam.
Build an individual training plan: Don’t waste time learning what you already know. Since you’re not tied to a group, you can spend more time focused on the areas you need to learn most.
Prepare at your own pace: With on-demand training, you can take your time preparing for your Security+. Just don’t go too slow! Studies show you can quickly forget the information your’re studying — unless you’re actively using it or reviewing it.

Security+ comparisons and alternatives

Security+ is the most popular entry-level cybersecurity certification, but it’s not the only one. Depending on your career goals, you may wish to explore alternative options. Check out these articles to learn more:

Five best entry-level information security certifications: Security+ vs. SSCP, CEH, GSEC and CCNA
7 top security certifications you should have: What about more advanced certs like CISSP, CISA and CISM?
A security pro’s guide to CompTIA certifications: Whether you know nothing about computers or are pro with 10 years of experience, CompTIA provides a career path you can jump into and follow.
Vendor-specific vs. vendor-neutral certifications: Confused about vendor-neutral vs. vendor-specific IT and cybersecurity certifications? We break them down in detail.

Most recent Security+ articles

View All

CompTIA Security+

What is the CompTIA Security+ certification?