I just passed CompTIA Security+ exam on the first attempt with less than a month of study. You can do the same thing if you set appropriate time to learn the material.

I used Darril Gibson’s book, CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. This study guide is CompTIA Approved Quality Content (CAQC) and covers every aspect of the SY0-401 exam. I found the book to be very easy to understand. Here’s 2 good resources from Mr. Gibson’s website:
The 2 practice exams in the book were a great comprehensive review. After reading the book, taking notes, doing both practice exams, and browsing through additional materials on his website: Security Blog Links on Get Certified Get Ahead, I moved on to Professor Messer’s content.
Professor Messer has a series of free videos that go into the SY0-401 objectives. He actually uses tools and shows real world examples which really helps to drive points home.
Table of Contents
CompTIA Security+ SY0-401 Certification Course – Playlist 1 of 2
CompTIA Security+ SY0-401 Certification Course – Playlist 2 of 2
I feel good about the exam. I could have studied more or even purchased additional materials but I’m happy with how everything went. I can provide some study notes if there is a demand for it ( I did 🙂 ). Other than that, the exam isn’t too hard. Just know your stuff and avoid unauthorized study materials (brain dumps) like the plague.
Other Sources
- CompTIA Security+ SY0-401 Exam Objectives at CompTIA
- Professor Messer on YouTube
- /r/CompTIA on Reddit
- Free Practice Quizzes on GoCertify
- Free Practice Exams on ExamCompass
- Free Study Materials on Crucial Exams
Last week’s post:
Important Note on Unauthorized 3rd Party Training Sites (Brain Dumps):
Here are a few links to articles that explain in greater detail why brain dumps are bad. Learn the material and stay on the up and up and you’ll be fine.
- Thread: Unauthorized Third-Party Training sites at TechExams
- Why You Should Avoid “Brain Dumps” When Preparing for IT Certifications at Tom’s IT Pro
- Definition: brain dump at TechTarget
- Ways Braindumps Hurt Your IT Career at Career Level Up
- Dangers of Brain Dumps at Get Certified Get Ahead
- In Depth: Pirates, cheats and IT certs at Computer World
Study Tips
- Review the exam objectives if you haven’t already.
- Get a good book. If you need to take classes in preparation for the exam, enroll or purchase materials from authorized partners. Unauthorized 3rd party training sites are against the candidate agreement.
- Set a study schedule and plan a date for the exam.
- Buy the exam voucher from Pearson Vue or CompTIA store.
- Schedule the exam through Pearson Vue.
- Take practice questions.
- Review material that’s still fuzzy to you. Watch videos, review concepts, and improve.
Exam Taking Tips
- If you’re confused or not certain on a particular question, flag it and move on. You can come back to it later in the review.
- Regarding beta questions: these are ungraded questions designed to test the structure and validity of these new questions. It’s unknown which questions are beta questions or even how many of them are in the exam. Don’t put too much thought into it, just answer all questions as best as you can.
Exam Background
Update 1/7/2017: The following section is now updated and available on its own separate page. View the SY0-401 exam overview for more information.
Exam Structure
- Number of Questions: 90 questions
- Duration: 90 minute duration, not including survey time, about 1 minute per question
- Score Range: 100-900
- Passing Score: 750 (roughly 83%, not including experimental questions)
- Types of Questions:
- Multiple Choice – can have more than one answer
- Performance Based – perform the requested action
- Matching – match items from 2 lists
- Drag and Drop – visual matching
- Data Entry – fill in the blank
Exam Domains
- Network Security 20%
- Compliance and Operational Security 18%
- Threats and Vulnerabilities 20%
- Application, Data and Host Security 15%
- Access Control and Identity Management 15%
- Cryptography 12%
Exam History
- SY0-401: Current, Launched May 2014
- SY0-301: 2011, retired December 31, 2014
- SY0-201: 2008, retired December 31, 2011
- SY0-101: 2002, retired July 31, 2009