Security+ is a taxing exam that is best prepared for with the help of a study guide. The exam presents hurdles when it comes to both the vast amount of content covered and the type of questions asked. Adequate preparation is needed if you want to pass this exam on your first attempt.
CompTIAβs Security+ is one of the most coveted entry-level cyber security certifications on the market. Obtaining it demonstrates to yourself and employers that you have a baseline understanding of various cyber security concepts and tools.
Over 500,000 individuals have already passed this exam, but donβt let this number fool you. Security+ is a difficult test that requires diligent studying to pass. To help you ace the exam, weβve created this comprehensive CompTIA Security+ study guide complete with a breakdown of the exam, tips on creating a study plan, how to choose the best study resources, studying strategies, and more.
Understanding the Security+ Exam
To ace the exam, you first need to understand what youβll be tested on, the type of questions youβll face, and other key components of the exam.
Types Of Questions
Security+ comprises a maximum of 90 questions to be answered within 90 minutes. Of these questions, youβll be tasked with answering both multiple choice and Performance Based Questions (or PBQs).
PBQs are hands-on questions that will test your ability to solve complex cyber security problems that may arise on the job. Questions will be provided via simulators of virtual environments.
Because PBQs are more involved questions, they are weighted heavier than multiple choice questions. This also means that the more PBQ questions you have, the fewer multiple choice questions youβll have to answer. CompTIA may ask as many as ten PBQs but is more likely to ask between three to five.
To pass Security+ youβll need to score at least 750/900.
Exam Domains
CompTIA doesnβt leave you guessing when it comes to what to study for Security+.
To receive a comprehensive breakdown of every exam objective Security+ may test you on, head over to their website and download the exam objectives. You can also review our Security+ exam cheat sheet.
For a high-level overview of what the exam tests, here are the five knowledge domains of exam code SYO-601:
This will change when the new version of Security+ (SY0-701) takes effect later this year, which becomes:
- General Security Concepts (12%)
- Threats, Vulnerabilities, and Mitigations (22%)
- Security Architecture (18%)
- Security Operations (28%)
- Security Program Management and Oversight (20%)
Security+ will cover a wide range of cyber security-related topics.
To unpack the domains above, letβs expand on the skills youβll need to pass this exam:
- Assess the security posture of a company and recommend and implement security solutions
- Monitor and secure cloud, mobile, and IoT environments
- Identify, analyze, and respond to security events and incidents
- Be aware of security regulations and policies
Creating a Study Plan
Security+ isnβt the type of certification you can take on a whim. Even if you have the two years of IT experience CompTIA recommends before taking the exam, you will still want to set aside time to study.
Assess What You Already Know
The first and most valuable step you can take when assessing what you already know is to review the exam objectives one by one.
We recommend printing out the list and crossing off each tool, concept, and strategy you already know. Being that Security+ covers an abundance of information, you should save time and focus on only the areas that you arenβt well versed in.
While going through the exam objectives, be honest with what you do and donβt know. Itβs okay if youβre not an expert on the intricacies behind implementing zero trust - but do you at least know what it is and why it should be implemented?
Even if you feel comfortable that you understand a certain concept, there is no harm in briefly brushing up.
Setting a Timeframe
Too often, those aspiring to obtain Security+ will study here and there without any consistency because they have yet to set a date for the test. We know it can be daunting to pay $392 USD for a test you may fail, but this can be avoided with adequate test preparation.
Before setting a date, assess what you know, how much time you can dedicate to studying every day, and how long youβll need to study before youβre prepared for the exam.
Once youβve answered the aforementioned questions, we recommend you pay for the test and set the date. This will give you the impetus you need to study diligently and make your goals a reality. You can reschedule if needed without penalty or fee.
Choosing Resources
Security+ is one of the most popular cyber security certifications, so thereβs a wealth of study resources available. You need to decide how you learn best and identify the best resources.
Preferred Learning Method
How do you prefer to study?
Are you a voracious reader, a hands-on learner, or a video binger? Do you prefer learning via an organized course, or do you prefer to do things your own way?
Answering these questions before investing time and money into studying will reap benefits. Security+ is an in-depth test best attacked with a concrete and detailed action plan. To avoid an unorganized and haphazard study plan, itβs best to develop a cogent study plan.
That all begins with figuring out your preferable learning style.
We recommend enrolling in a course and supplementing your learning by reading articles from reputable sources, watching videos, and taking Security+ practice tests.
A Multi-Pronged Approach
Relying on any one strategy for too long can make for a listless study process.
Keep things fresh and gather information from various resources by utilizing what we call the big three:
- Written Content
- Video Courses and Lectures
- Practice Tests
Written content tends to be the most in-depth and covers more knowledge domains than video content. Weβre a fan of Mike Meyersβ CompTIA Security+ Certification Guide. See our full list of favorite Security+ books here.
If you prefer more of a structured learning approach, we recommend enrolling in a Security+ course that will teach you everything you need to know to ace the exam. A quality Security+ course will address each exam objective in detail and provide real-world examples to help you better understand the material.
Practice tests are also a valuable resource when preparing for Security+. Before studying we recommend taking a practice test to help assess the domain areas that require studying. Throughout your studying process, you should be taking tests as well. Once youβre consistently scoring at least 83% on these tests, you are prepared to take CompTIAβs Security+.
Scroll to the bottom of this article to view suggested courses and practice tests.
Study Strategies
Not all studying strategies are created equal. Just because you use expert resources to help you study doesnβt mean youβre absorbing the information.
Notetaking
The worst thing you can do (aside from not studying at all) is consuming information but refusing to write it down. The amount of information Security+ covers is daunting. You canβt be expected to understand and remember everything simply by watching a lecture or reading a book.
To understand and remember information, we recommend meticulous note-taking. Writing down every concept you cover isnβt necessary and would take far too long. Only take notes on Security+ topics that are new to you or that you havenβt yet fully grasped.
When taking notes donβt just highlight or copy and paste notes. Studies show the most effective note-taking strategy is to take notes by hand.
Writing notes down is just as important as organizing your notes. Categorize notes via the knowledge domains provided by CompTIA. This will make looking back at your notes easier than taking notes haphazardly.
CompTIAβs Acronym List
Download CompTIA Security+βs exam objectives and scroll to the bottom.
There youβll find four pages worth of acronyms.
Part of your CompTIA security+ study guide should include extensively studying that list of acronyms. More often than not CompTIA will use acronyms rather than spelling out what theyβre referring to.
While this list of over 500 acronyms seems daunting, you will organically memorize acronyms while studying for the exam. Toward the end of your preparation, we recommend reviewing the acronyms to memorize and learn acronyms you donβt already know.
When memorizing acronyms, donβt just take notes but rather create flashcards you can later refer to and test yourself with.
Acronym Hacks
- Keep an index of every acronym you encounter and its definition. Keep it separate from your other notes.
- Use the acronyms in all your notes so you only refer to your index cards as needed.
- Take a look at our CompTIA Security+ Cheat Sheet
Tips for Exam Day
If youβve adequately studied the material Security+ covers and have abided by your Comptia Security+ study guide, you should be prepared for the exam. However, there are a few exam strategies you may want to implement when taking Security+.
Skip the PBQs
Every Security+ exam starts with the PBQ section prior to multiple choice.
Everyone has their own strategy, but ours is to skip the PBQs. They are complex, require ample time to complete, and you may struggle.
Instead of zapping up your time and starting the test worried and pessimistic, skip these questions. The multiple choice questions should be relatively easy, provided youβre prepared for the exam. You should easily have enough time to come back and do the PBQs at the end of the exam when you are more relaxed.
Look at the multiple-choice portion of the exam as the warmup for the PBQs. Just be sure to flag these questions so you can easily go back to them once multiple choice questions have been answered.
Taking the Exam at Home Versus in Person
You have the option of taking Security+ at home or in person.
Neither option is objectively beneficial; it all comes down to personal preference.
You want to take the test where youβll feel the most comfortable and focused. For some, that may mean leaving home and taking the exam in person. For others, it means staying home.
Taking the test in the comfort of your home makes sense as youβre familiar with, and most likely comfortable, with the environment. You also have the advantage of taking the exam in the same place where youβve been studying and taking practice exams.
Before taking the exam, take practice tests that simulate the exam environment. Give yourself 90 minutes to complete 90 questions. Do this several times to simulate the test-taking environment so there are no surprises when you write the exam.
If you do choose to take the test at home, the exam will be proctored by PearsonVUE. You are required to have your camera and microphone turned on. You cannot use online resources or look at notes during the exam. Should you break any of their rules you will be warned or, in the worst case, they will end the exam and declare it a fail.
On the flip side, taking the test in-person means you wonβt be distracted by pets, friends, family, or other domestic distractions. Taking the exam at a PearsonVUE testing site also means access to a solid internet connection.
Conclusion
Itβs difficult to say how long you need to study for the exam before youβre ready. This all depends on how much of the test material youβre already familiar with.
If youβre a seasoned IT professional, you may only need to brush up on a few concepts before youβre ready. If youβre new to the world of networking, IT, and cyber security, you may need a few months of study before you feel comfortable taking the exam.
What is certain is that by creating and adhering to a viable CompTIA Security+ study plan, you will be able to pass this exam.
The most important points to keep in mind are:
- Be aware of what you do and donβt know prior to studying
- Find high-value study resources
- Study consistently
- Take practice tests to gauge how much you really know
If you create and follow a quality CompTIA Security+ study guide, the rest will fall into place.