Part A: Introduction

What is the CompTIA Security+?

CompTIA Security+ is an entry level credential for IT Professionals to identify issues and solve problems with computer network security.

CompTIA Security+ allows you to do the following

  • Detect security threats
  • Install and configure network components that protect critical systems & infrastructure
  • Design security network architecture
  • Install and configure identity and access systems
  • Implement best practices for risk management and business continuity
  • Install and configure public key cryptography infrastructure

You should have

  • At least two years experience in IT administration and security
  • Day-to-day knowledge of technical security information
  • Broad knowledge of security threats
  • Experience with computer networks

CompTIA overlaps with

  • Networking certifications (Cisco CCNA for example)
  • Virtualization certifications (VMWare)
  • Storage certifications

What can you do with a CompTIA Security+ Certification?

  • Security Engineer
  • Systems Administrator
  • Network Administrator
  • Penetration Tester
  • Security Consultant

Department of Defense

The US Department of Defense requires security staff and contractors to have active security certifications.  That means that you won’t be permitted to perform your job without an active certification, even if you have the relevant experience and skills.  CompTIA Security+ is considered a valid DoD certification.

CompTIA is “vendor neutral”

According to CompTIA: “All CompTIA certification exams are vendor-neutral. This means each exam covers multiple technologies, without confining the candidate to any one platform. Vendor-neutrality is important because it ensures IT professionals can perform important job tasks in any technology environment. IT professionals with vendor-neutral certifications can consider multiple solutions in their approach to problem-solving, making them more flexible and adaptable than those with training in just one technology.”

I decided when writing this book, to keep it vendor-neutral, but to use examples of popular technologies.  It is important to understand the theory behind everything, but at the same time, when you are in the field, you will be required to use real software and technology.  Sometimes we can’t help ourselves.  For example, “Group Policy” is one of the topics on the exam, but “Group Policy” is a Microsoft system.  Group Policy can’t be vendor-neutral.

CompTIA Security+ consists of one 90-minute exam

CompTIA Security+ SY0-601 has been updated in October 2020 by adding:

  • Practical and hands on ability to identify real threats

It will probably be updated again in 2024.

How do I obtain the Security+ Certification?

You must pass the exam, SY0-601.  The passing score is 750 (out of a possible score from 100 to 900).  The exam is 90 minutes long and contains a maximum of 90 questions.  The actual number of questions will depend on the difficulty.  If you receive an exam with more difficult questions, there may be fewer questions.

My previous book covered the contents of the previous exam, SY0-501.  That exam is no longer available, but you can still purchase the book.  While there is some overlap, many new topics have been introduced.  Nearly all of the content in the SY0-501 book has been included in this book.

About the Exam

  • You can register online to take the exam.  The online system will show you the dates and times that are available.
  • You may be able to write the exam on a Saturday or Sunday, depending on the Prometric Test Center.
  • You may reschedule the exam for free, if you do so at least 30 calendar days before the exam.
  • You may reschedule the exam for USD$70, if you do so at least 2 calendar days before the exam.
  • You may not reschedule the exam if there are less than 2 calendar days before the exam.
  • If you do not show up to the exam or are more than 15 minutes late to the exam, you will not be allowed to write the exam, and will forfeit the entire fee.

  • At the exam center, you are required to show a piece of government-issued photo ID.
  • You will be required to empty your pockets and place the contents in a locker.
  • If you are wearing eyeglasses, they will be inspected.
  • You may be checked with a metal detector.
  • You can only bring your photo ID and locker key into the exam room.
  • The test center will provide you with scratch paper, a pencil, and a basic calculator.

  • While you write the exam, you will be monitored via audio and video surveillance.
  • Each exam is up to 90 multiple-choice questions, and you have 90 minutes to complete the exam.
  • You can take a break at any time, but the time on the exam will continue to elapse.
  • It goes without saying that cheating will not be tolerated!

  • The questions are
    • Multiple-choice (single, and multiple responses)
    • Drag & Drop
    • Performance Based (you are provided with a scenario, which you must explore; you are required to correct the issue)

About this Book

  • The Exam has 6 Main Topics
  • We’re going to cover each topic in order
  • This is the best way because some readers have advanced knowledge and just need to brush up on specific topics, while other people are starting from the very beginning
  • Sometimes that won’t make sense because we are explaining an advanced concept before explaining a basic concept, but I will explain concepts as necessary
  • Keep everything in the back of your mind; you might choose to go back and re-read a section