Your Command Center
Study Dashboard
โœ…
0
Questions Answered
๐ŸŽฏ
โ€”
Overall Score
๐Ÿ”ฅ
0
Day Streak
โฑ๏ธ
0
Study Minutes

Domain Radar

Complete quizzes to see your radar fill in

Domain Breakdown & Exam Weights

1. General Security Concepts
12% โ€”
2. Threats, Vulns & Mitigations
22% โ€”
3. Security Architecture
18% โ€”
4. Security Operations
28% โ€”
5. Program Management & Oversight
20% โ€”
Exam Readiness0%
Not ReadyGetting ThereExam Ready
Know the Battlefield
All 5 Exam Domains

Click each domain to expand key topics, exam tips, and what to focus on.

1

General Security Concepts

Cryptography ยท Authentication ยท Controls ยท PKI

12% of exam โ€บ
Security controls (preventive, detective, corrective)
CIA Triad (Confidentiality, Integrity, Availability)
Symmetric vs Asymmetric Encryption
PKI, Digital Certificates, CA hierarchy
Hashing algorithms (MD5, SHA-1, SHA-256)
Authentication factors (MFA, biometrics)
Zero Trust architecture principles
AAA framework (Authentication, Authorization, Accounting)
โšก Exam Tip: Know the difference between authentication and authorization cold. Expect scenario questions where you must identify the right control type. PKI questions appear frequently โ€” memorize the certificate chain.
2

Threats, Vulnerabilities & Mitigations

Attack types ยท Malware ยท Social Engineering ยท Scanning

22% of exam โ€บ
Malware types (ransomware, rootkit, trojan, worm)
Social engineering (phishing, vishing, spear phishing)
SQL injection, XSS, CSRF attacks
Buffer overflow attacks
DDoS attack types and mitigations
Vulnerability scanning vs penetration testing
CVSS scoring system
Zero-day vulnerabilities
โšก Exam Tip: This is the LARGEST domain at 22%. Spend extra time here. Know every type of social engineering attack. Scenario questions will describe an attack โ€” you must identify it correctly. Phishing subtypes (spear, whaling, vishing) are heavily tested.
3

Security Architecture

Network design ยท Cloud ยท Virtualization ยท Segmentation

18% of exam โ€บ
Network segmentation and DMZ design
Firewalls (stateful, stateless, NGFW)
VPNs (IPSec, SSL/TLS, Split tunnel)
Cloud models (IaaS, PaaS, SaaS, shared responsibility)
Virtualization and container security
SD-WAN and SASE frameworks
IDS vs IPS placement and types
Load balancers and high availability
โšก Exam Tip: Cloud shared responsibility model is heavily tested. Know exactly what the customer vs provider is responsible for in IaaS, PaaS, and SaaS. Network diagrams may appear โ€” know where to place firewalls, IDS/IPS, and DMZs.
4

Security Operations

Incident Response ยท SIEM ยท Forensics ยท Identity Management

28% of exam โ€บ
Incident response lifecycle (PICERL)
SIEM tools and log analysis
Digital forensics (chain of custody, order of volatility)
Identity and Access Management (IAM)
Privilege access management (PAM)
Endpoint detection and response (EDR)
Patch management lifecycle
Security awareness training
โšก Exam Tip: Domain 4 is the BIGGEST at 28%. Master the incident response phases โ€” you will see multiple scenario questions. Know the order of volatility for forensics: CPU registers โ†’ RAM โ†’ Swap โ†’ HDD โ†’ Remote logs. Chain of custody questions appear on almost every exam.
5

Security Program Management & Oversight

Risk ยท Compliance ยท Privacy ยท Frameworks

20% of exam โ€บ
Risk management (likelihood ร— impact)
Risk response (accept, avoid, transfer, mitigate)
Compliance frameworks (NIST, ISO 27001, SOC 2)
GDPR, HIPAA, PCI-DSS requirements
Business continuity and disaster recovery (BCP/DRP)
RTO vs RPO definitions
Data classification and handling
Third-party risk management
โšก Exam Tip: Know RTO (Recovery Time Objective) vs RPO (Recovery Point Objective) โ€” these appear constantly. Memorize the 4 risk response strategies. Compliance questions will ask which regulation applies to a given scenario โ€” know HIPAA = healthcare, PCI-DSS = payment cards, GDPR = EU data.

Struggling with a domain? We can help.

Our instructors teach Security+ in live seminars and 1-on-1 mentorship sessions. Register now and get guided support through every domain.

๐Ÿ“… Register for Seminar ๐ŸŽฏ Apply for 1-on-1 Mentorship
Build Real Skill
Practice Quiz

100 domain questions + 85-question final exam simulation. Track your weak spots automatically.

๐ŸŽฏ
Ready to Practice?
Select a domain above and click Start Quiz to begin.
Your progress is automatically saved to this browser.
Memorize Key Terms
Flashcards

Click the card to flip it. Master every Security+ term before exam day.

Card 1 of 40
Term
CIA Triad
Click to reveal definition
Definition
The three core principles of information security: Confidentiality (only authorized access), Integrity (data is accurate and unaltered), and Availability (systems are accessible when needed).
1 / 40
Your Roadmap to Pass
30 / 60 / 90 Day Study Plan

Follow this plan at 1 hour per day. Consistent beats intense every time.

Week 1
  • Create free Professor Messer account and start Domain 1 videos
  • Read CompTIA SY0-701 exam objectives (free PDF on comptia.org)
  • Complete 20 Domain 1 practice questions on this site
  • Set up free Anki account and download Security+ flashcard deck
Week 2
  • Complete Domain 2 (Threats) โ€” the biggest domain, take your time
  • Lab: Set up TryHackMe free account, complete "Pre-Security" path
  • Complete 20 Domain 2 practice questions
  • Review weak areas from quiz results on your dashboard
Week 3
  • Complete Domains 3 and 4 videos on Professor Messer
  • Complete 20 questions each for Domain 3 and 4
  • Lab: Practice Wireshark packet analysis (YouTube: David Bombal)
  • Start reviewing acronyms โ€” know 50 key Security+ acronyms
Week 4
  • Complete Domain 5 and all flashcards on this page
  • Take the 85-question Final Exam simulation โ€” aim for 70%+
  • Review every wrong answer and re-study those topics
  • If scoring 75%+ consistently: book your exam on Pearson VUE
Weeks 1โ€“2
  • Deep dive Domain 1: General Security Concepts (30 min video + 20 min quiz daily)
  • Build flashcard deck for cryptography terms
  • Set up home lab: VirtualBox + Kali Linux
Weeks 3โ€“4
  • Domain 2: Threats โ€” study every attack type in detail
  • TryHackMe: Complete "Jr Penetration Tester" path (free)
  • Practice 10 scenario questions per day
Weeks 5โ€“6
  • Domains 3 & 4: Architecture and Operations
  • Lab: Practice with Wireshark, analyze pcap files from Malware Traffic Analysis
  • Study incident response scenarios in detail
Weeks 7โ€“8
  • Domain 5: Risk, compliance, and governance deep dive
  • Take full 85-question final exam twice โ€” aim for 80%+
  • Book exam date โ€” commit to a real deadline
  • Join r/CompTIA Reddit and read recent passing posts
Month 1
  • Complete all Professor Messer Security+ videos (free on his site)
  • Read Mike Chapple's "Security+ Study Guide" (get from library free)
  • Complete all domain practice questions on this site once
  • Build home lab: VirtualBox, Kali Linux, Metasploitable
Month 2
  • Deep lab work: TryHackMe SOC Level 1 path (free)
  • Complete Jason Dion's Security+ practice tests (Udemy, usually $12)
  • Weak domain focused study โ€” use your dashboard to identify gaps
  • Study PBQ (performance-based question) strategies in depth
Month 3
  • Take full exam simulation twice per week
  • Daily: 30 flashcards + review wrong answers
  • Final week: Read notes only โ€” no new material
  • Book exam for Week 12 โ€” you are ready
โฐ Morning
15 min
  • Read one article from The Hacker News or Krebs on Security
  • Review 10 flashcards from yesterday's weak terms
  • Check your streak โ€” don't break the chain
๐Ÿ“š Study Block
30 min
  • Watch one Professor Messer video section (10โ€“15 min)
  • Take notes in your own words โ€” never copy-paste
  • Complete 10 practice questions from today's topic
๐Ÿ› ๏ธ Lab Time
15 min
  • Spend time in TryHackMe or your home lab
  • Practice one hands-on skill: packet analysis, log review, etc.
  • Screenshot what you built โ€” add to your portfolio
๐Ÿ“ Evening
10 min
  • Log what you studied in your Notion journal
  • Identify one thing you're not confident about โ€” study it tomorrow
  • Post weekly on LinkedIn about your progress (Sundays)

Want a study plan built just for YOU?

Our mentors build custom 30/60/90 day plans based on your current knowledge, available time, and target exam date. No guessing โ€” just a clear path to passing.

๐Ÿ“… Join a Seminar ๐ŸŽฏ Get 1-on-1 Mentorship
Vetted & Free
Top Free Study Resources

Every resource here is free. These are the best on the internet โ€” curated and tested.

๐ŸŽฌ
Professor Messer โ€” Security+
FREE ยท Video Course
The gold standard free Security+ course. Full video series, study groups, and practice exams all on one site. Start here.
professormesser.com โ†’
๐Ÿ“–
CompTIA Official Exam Objectives
FREE ยท PDF Download
The official blueprint of every topic that can appear on your exam. Download and highlight every objective you've studied.
comptia.org โ†’
๐Ÿ–ฅ๏ธ
TryHackMe โ€” Security+ Path
FREE Tier ยท Hands-On Labs
Browser-based labs that teach Security+ concepts by doing, not just reading. The SOC Level 1 path is perfect for Domain 4.
tryhackme.com โ†’
๐Ÿƒ
Anki Flashcard Decks (Security+)
FREE ยท Spaced Repetition
Download pre-made Security+ Anki decks. The spaced repetition algorithm shows you cards right before you forget them โ€” scientifically proven to work.
ankiweb.net โ†’
๐Ÿ‘ฅ
r/CompTIA Reddit Community
FREE ยท Community
500,000+ members. Read recent "I passed!" posts for strategies. Ask questions and get answers from people who just took the exam.
reddit.com/r/CompTIA โ†’
๐ŸŽฏ
Cybrary โ€” Security+ Course
FREE Tier ยท Video + Labs
Professional-grade cybersecurity training. The Security+ course is free on the basic plan and includes assessments.
cybrary.it โ†’
๐Ÿ“Š
CyberSeek Career Pathway
FREE ยท Career Planning
NIST-backed tool that maps Security+ to exact job titles, salaries, and next certifications. Use this to see your career path after passing.
cyberseek.org โ†’
๐Ÿ”ฌ
Wireshark (Free Lab Tool)
FREE ยท Home Lab
Required for Security+ practical knowledge. Capture and analyze real network traffic on your own machine. Watch David Bombal's free tutorials on YouTube.
wireshark.org โ†’
Know Every Term
Security+ Glossary

Search any term. Every definition is exam-accurate.

Be Prepared
Exam Day Guide & Checklist

Check off each item as you complete it. Don't leave anything to chance.

๐Ÿ“… 1 Week Before

Book your exam on Pearson VUE (pearsonvue.com/comptia)
Take one full 85-question practice exam โ€” score 80%+ before booking
Review all 5 domain exam objectives one final time
Review your weak domains using the dashboard above
Stop learning new material โ€” only review what you know

๐ŸŒ™ Night Before

Get 8 hours of sleep โ€” this is more valuable than last-minute cramming
Prepare your government-issued ID (required at test center)
Know your test center location and parking situation
Eat a real meal โ€” don't test on an empty stomach
Lay out clothes โ€” one less thing to think about in the morning

๐ŸŒ… Morning Of

Arrive 30 minutes early to the test center
Bring two forms of ID (one must be government-issued with photo)
Leave your phone in the car โ€” no electronics in the test room
Use the bathroom before entering the exam room
Request scratch paper โ€” use it for brain dump after exam starts

๐ŸŽฏ During the Exam

Do PBQs (performance-based) first if you know them โ€” skip if unsure
Flag uncertain questions and return at the end
Never change your first answer unless you're 100% sure
Pace yourself: 90 questions in 90 minutes = 1 min per question
Read every word of scenario questions โ€” the details always matter

๐Ÿ† PBQ Strategy (Performance-Based Questions)

PBQs are drag-and-drop, simulation, or fill-in-the-blank questions. Attempt them first if you know them โ€” they're worth more points. If a PBQ confuses you, skip it immediately and return at the end. Do not waste 10 minutes on one PBQ when you could answer 10 multiple choice questions in the same time. Common PBQ types: network diagrams, log analysis, drag-and-drop attack identification, and firewall rule configuration.

You Passed โ€” Now What?
After Your Security+ Certification

The cert is the door opener. Here's how to turn it into a career.

๐Ÿ“‹ Immediately After Passing

  • โœ“Add cert to LinkedIn โ€” CompTIA sends you a digital badge via Credly
  • โœ“Update your resume โ€” add "CompTIA Security+ (SY0-701)"
  • โœ“Post on LinkedIn โ€” "I just passed Security+!" gets massive engagement
  • โœ“Start applying to SOC Analyst Tier 1 roles immediately
  • โœ“Search: "Security+ required" on LinkedIn Jobs and Indeed

๐Ÿ’ผ Jobs Security+ Unlocks

  • โ†’SOC Analyst Tier 1 ($45,000โ€“$65,000)
  • โ†’IT Security Analyst ($55,000โ€“$75,000)
  • โ†’Systems Administrator ($50,000โ€“$70,000)
  • โ†’Network Security Engineer ($65,000โ€“$90,000)
  • โ†’Government/DoD IT roles (requires Security+ by law)
Your Next Certification
CySA+
CompTIA Cybersecurity Analyst
$75,000โ€“$105,000
Best next step for blue team / SOC roles
CEH
Certified Ethical Hacker
$85,000โ€“$120,000
Best next step for offensive/pen test path
CASP+
CompTIA Advanced Security
$100,000โ€“$140,000
Advanced โ€” for senior security roles

Ready to fast-track your Security+ journey?

Join our live seminar or get 1-on-1 mentorship. Our instructors have helped hundreds of students go from zero to certified. You're next.

๐Ÿ“… Register for Seminar ๐ŸŽฏ Apply for 1-on-1 Mentorship โ† Back to All Tracks