This post has info on the Security+ SY0-401 exam. This is an entry level IT certification.

Exam Structure

  • Number of Questions: 90 questions
  • Duration: 90 minute duration, not including survey time, about 1 minute per question
  • Score Range: 100-900
  • Passing Score: 750 (roughly 83%, not including experimental questions)
  • Types of Questions:
    • Multiple Choice – can have more than one answer
    • Performance Based – perform the requested action
    • Matching – match items from 2 lists
    • Drag and Drop – visual matching
    • Data Entry – fill in the blank

Exam Domains

  1. Network Security 20%
  2. Compliance and Operational Security 18%
  3. Threats and Vulnerabilities 20%
  4. Application, Data and Host Security 15%
  5. Access Control and Identity Management 15%
  6. Cryptography 12%

Exam History

  • SY0-601: November 12, 2020, current
  • SY0-501: October ​4, 2017, retiring July 31, 2021
  • SY0-401: May 1, 2014, retired July 31, 2018 (US date, all others December 15, 2018)
  • SY0-301: 2011, retired December 31, 2014
  • SY0-201: 2008, retired December 31, 2011
  • SY0-101: 2002, retired July 31, 2009

Update: Added the new SY0-601 exam to the list.
Update: Added the new SY0-501 exam to the list.

Study Notes

A current overview of CompTIA Security+ certification exam SY0-401. In same order as Darril Gibson’s book, CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.

  1. Security Basics
  2. Network Security
  3. Advanced Network Security
  4. Securing Hosts and Data
  5. Malware and Social Engineering
  6. Identifying Advanced Attacks
  7. Managing Risk
  8. Preparing for Business Continuity
  9. Understanding Cryptography
  10. Exploring Security Policies
  11. Review Those Ports

After the Exam

Likely Jobs

  • Security Administrator / Specialist / Consultant / Engineer / Architect
  • Systems Administrator
  • Helpdesk Manager / Analyst
  • Network / Cloud Engineer / Administrator
  • Security Engineer / Analyst
  • DevOps / Software Developer
  • IT Auditors
  • IT Project Manager
  • Information Assurance Technician

The U.S. Department of Defense requires CompTIA Security+ certification for military personnel or military contractors.

Security+ Acronym Addendum

Be prepared to know what these are or in the very least, what they reference to.

3DESTriple Digital Encryption Standard
802.1xPort-based authentication protocol
AAAAuthentication, Authorization, and Accounting
ACEAccess Control Entity
ACLAccess Control List
AESAdvanced Encryption Standard
AES-256Advanced Encryption Standards 256-bit
AHAuthentication Header
ALEAnnualized Loss Expectancy
APAccess Point
APIApplication Programming Interface
APTAdvanced Persistent Threat
AROAnnualized Rate of Occurrence
ARPAddress Resolution Protocol
ASCIIAmerican Standard Code for Information Interchange
ASPApplication Service Provider
AUPAcceptable Use Policy
BACBusiness Availability Center
BCPBusiness Continuity Planning
BIABusiness Impact Analysis
BINDBerkeley Internet Name Domain
BIOSBasic Input / Output System
BPABusiness Partners Agreement
BPDUBridge Protocol Data Unit
BYODBring Your Own Device
CACertificate Authority
CACCommon Access Card
CANController Area Network
CAPTCHACompletely Automated Public Turing Test to Tell Computers and Humans Apart
CARCorrective Action Report
CCMPCounter-Mode / CBC-Mac Protocol
CCTVClosed-Circuit Television
CERTComputer Emergency Response Team
CFBCipher Feedback
CHAPChallenge Handshake Authentication Protocol
CIAConfidentiality, Integrity, and Availability
CIOChief Information Officer
CIRTComputer Incident Response Team
CMSContent Management System
COOPContinuity of Operation Planning
CPContingency Planning
CRCCyclical Redundancy Check
CRLCertificate Revocation List
CSPCloud Service Provider
CSRCertificate Signing Request
CSRControl Status Register
CSRFCross-Site Request Forgery
CSUChannel Service Unit
CTOChief Technology Officer
CVECommon Vulnerabilities and Exposures
DACDiscretionary Access Control
DACLDiscretionary Access Control List
DBADatabase Administrator
DDOSDistributed Denial of Service
DEPData Execution Prevention
DESDigital Encryption Standard
DHCPDynamic Host Configuration Protocol
DHEData-Handling Electronics
DHEDiffie-Hellman Ephemeral
DLLDynamic Link Library
DLPData Loss Prevention
DMZDemilitarized Zone
DNATDestination Network Address Transaction
DNATDynamic Network Address Translation
DNSDomain Name Service (Server)
DNSSECDomain Name System Security Extensions
DOSDenial of Service
DRPDisaster Recovery Plan
DSADigital Signature Algorithm
DSLDigital Subscriber line
DSUData Service Unit
EAPExtensible Authentication Protocol
EAP-TLSExtensible Authentication Protocol – Transport Layer Security
EAP-TTLSExtensible Authentication Protocol – Tunneled Transport Layer Security
ECCElliptic Curve Cryptography
ECDHEElliptic Curve Diffie-Hellman Exchange
ECDSAElliptic Curve Digital Signature Algorithm
EFSEncrypted File System
EMIElectromagnetic Interference
ESDElectrostatic Discharge
ESNElectronic Serial Number
ESPEncapsulated Security Payload
FACLFile System Access Control List
FCoEFibre Channel over Ethernet
FDEFull Disk Encryption
FTPFile Transfer Protocol
FTPSFile Transfer Protocol Secured (over SSL)
GCMGalois Counter Mode
GPGGnu Privacy Guard
GPOGroup Policy Object
GPSGlobal Positioning System
GPUGraphic Processing Unit
GREGeneric Routing Encapsulation
GUIGraphical User Interface
HDDHard Disk Drive
HIDSHost Based Intrusion Detection System
HIPSHost Based Intrusion Prevention System
HMACHashed Message Authentication Code
HOTPHMAC based One Time Password
HSMHardware Security Module
HTMLHyperText Markup Language
HTTPHypertext Transfer Protocol
HTTPSHypertext Transfer Protocol Secure (over SSL)
HVACHeating, Ventilation Air Conditioning
IaaSInfrastructure as a Service
ICMPInternet Control Message Protocol
ICSIndustrial Control Systems
IDFIntermediate Distribution Frame
IdPIdentity Provider
IDSIntrusion Detection System
IEEEInstitute of Electrical and Electronics Engineers
IGMPInternet Group Management Protocol
IISInternet Information Services
IKEInternet Key Exchange
IMInstant Messaging
IMAP4Internet Message Access Protocol v4
IPInternet Protocol
IPSIntrusion Prevention System
IPSECInternet Protocol Security
IPv4Internet Protocol version 4
IPv6Internet Protocol version 6
IRIncident Response
IRCInternet Relay Chat
IRPIncident Response Procedure
IRTIncident Response Team
ISAInterconnection Security Agreement
iSCSIInternet Small Computer System Interface
ISPInternet Service Provider
ISSOInformation Systems Security Officer
ITCPIT Contingency Plan
IVInitialization Vector
JBODJust a Bunch of Disks
KDCKey Distribution Center
KEKKey Encryption Key
L2TPLayer 2 Tunneling Protocol
LANLocal Area Network
LDAPLightweight Directory Access Protocol
LEAPLightweight Extensible Authentication Protocol
LSOLocal Shared Objects
MaaSMonitoring as a Service
MACMandatory Access Control
MACMedia Access Control
MACMessage Authentication Code
MANMetropolitan Area Network
MBRMaster Boot Record
MD5Message Digest 5
MDFMain Distribution Frame
MOUMemorandum of Understanding
MPLSMulti-Protocol Layer Switch
MSCHAPMicrosoft Challenge Handshake Authentication Protocol
MTBFMean Time Between Failures
MTTFMean Time to Failure
MTTRMean Time to Recover
MTUMaximum Transmission Unit
NACNetwork Access Control
NATNetwork Address Translation
NDANon-Disclosure Agreement
NDPNetwork Discovery Protocol
NFCNear Field Communication
NICNetwork Interface Card
NIDSNetwork Based Intrusion Detection System
NIPSNetwork Based Intrusion Prevention System
NISTNational Institute of Standards & Technology
NOPNo operation
NOSNetwork Operating System
NoSQLNot only Structured Query Language
NTFSNew Technology File System
NTLMNew Technology LANMAN
NTPNetwork Time Protocol
OAUTHOpen Authorization
OCSPOnline Certificate Status Protocol
OLAOpen License Agreement
OSOperating System
OSIOpen Systems Interconnection
OVALOpen Vulnerability Assessment Language
P2PPeer to Peer
PaaSPlatform as a Service
PACProxy Auto Configuration
PAMPluggable Authentication Modules
PANPersonal Area Network
PAPPassword Authentication Protocol
PATPort Address Translation
PBKDF2Password Based Key Derivation Function 2
PBXPrivate Branch Exchange
PCAPPacket Capture
PEAPProtected Extensible Authentication Protocol
PEDPersonal Electronic Device
PFSPerfect Forward Secrecy
PGPPretty Good Privacy
PIIPersonally Identifiable Information
PIVPersonal Identity Verification
PKIPublic Key Infrastructure
POP3Post Office protocol version 3
POTSPlain Old Telephone Service
PPPPoint-to-point Protocol
PPTPPoint to Point Tunneling Protocol
PSKPre-Shared Key
RARecovery Agent
RARegistration Authrity
RADRapid Application Development
RADIUSRemote Authentication Dial-in User Server
RAIDRedundant Array of Inexpensive Disks
RAID-0Disk striping
RAID-1Disk mirroring
RAID-5Disk striping with parity, 3 or more disks
RAID-6Disk striping with parity, 4 or more disks
RAMRandom Access Memory
RASRemote Access Server
RATRemote Access Tool
RBACRole Based Access Control
RBACRule Based Access Control
RC4Rivest Cipher 4 (Ron’s Code)
RDPRemote Desktop Protocol
RFIRadio Frequency Interference
RFIDRadio Frequency Identification
RIPEMDRACE Integrity Primitives Evaluation Message Digest
ROIReturn of Investment
RPORecovery Point Objective
RSARivest, Shamir, & Adleman
RTORecovery Time Objective
RTPReal-Time Transport Protocol
S/MIMESecure / Multipurpose Internet Mail Extensions
SaaSSoftware as a Service
SAMLSecurity Assertions Markup Language
SANStorage Area Network
SCADASystem Control and Data Acquisition
SCAPSecurity Content Automation Protocol
SCEPSimple Certificate Enrollment Protocol
SCSISmall Computer System Interface
SDLCSoftware Development Life Cycle
SDLMSoftware Development Life Cycle Methodology
SEHStructured Exception Handler
SELinuxSecurity Enhanced Linux
SHASecure Hashing Algorithm
SFTPSecure File Transfer Protocol
SHTTPSecure Hypertext Transfer Protocol
SIDSecurity Identifier
SIEMSecurity Information and Event Management
SIMSubscriber Identity Module
SIRTSecurity Incident Response Team
SLAService Level Agreement
SLESingle Loss Expectancy
SMSShort Message Service
SMTPSimple Mail Transfer Protocol
SMTPSSimple Mail Transfer Protocol Secure
SNMPSimple Network Management Protocol
SOAPSimple Object Access Protocol
SONETSynchronous Optical Network Technologies
SPIMSpam over Internet Messaging
SPOFSingle Point of Failure
SQLStructured Query Language
SSDSolid State Drive
SSHSecure Shell
SSIDService Set Identifier
SSLSecure Sockets Layer
SSOSingle Sign On
SSTPSecure Socket Tunneling Protocol
STPShielded Twisted Pair
STPSpanning Tree Protocol
TACACS+Terminal Access Controller Access Control System
TCOTotal Cost of Ownership
TCP/IPTransmission Control Protocol / Internet Protocol
TFTPTrivial File Transfer Protocol
TGTTicket Granting Ticket
TKIPTemporal Key Integrity Protocol
TLSTransport Layer Security
TOTPTime-Based One-Time Password
TPMTrusted Platform Module
TSIGTransaction Signature
UATUser Acceptance Testing
UEFIUnified Extensible Firmware Interface
UDPUser Datagram Protocol
UPSUninterruptable Power Supply
URIUniform Resource Identifier
URLUniversal Resource Locator
USBUniversal Serial Bus
UTMUnified Threat Management
UTPUnshielded Twisted Pair
VDIVirtualization Desktop Infrastructure
VLANVirtual Local Area Network
VLSMVariable Length Subnet Masking
VMVirtual Machine
VoIPVoice over IP
VPNVirtual Private Network
VSANVirtual Storage Area Network
VTCVideo Teleconferencing
WAFWeb Application Firewall
WAPWireless Access Point
WEPWired Equivalent Privacy
WIDSWireless Intrusion Detection System
WIPSWireless Intrusion Prevention System
WPAWireless Protected Access
WPA2WiFi Protected Access 2
WPSWiFi Protected Setup
WTLSWireless TLS
XMLExtensible Markup Language
XSRFCross-Site Request Forgery
XSSCross-Site Scripting
XTACACSExtended Terminal Access Controller Access-Control System

Pin It on Pinterest