Exam Codes SY0-401 SY0-501
Launch Date May 1, 2014 October 4, 2017
Exam Description The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability.
Number of Questions Maximum of 90 questions
Type of Questions Multiple choice and performance-based
Length of Test 90 minutes
Passing Score 750 (on a scale of 100-900)
Recommended Experience CompTIA Network+ and two years of experience in IT administration with a security focus
Languages English, Japanese, Portuguese and Simplified Chinese. English (Japanese, Portuguese and Simplified Chinese estimated Q2 2018)
English retirement: July 31, 2018;
Japanese, Portuguese and Simplified Chinese: December 15, 2018
Usually three years after launch
CompTIA Security+ is the certification globally trusted to validate foundational, vendor-neutral IT security knowledge and skills. As a benchmark for best practices in IT security, this certification covers the essential principles for network security and risk management – making it an important stepping stone of an IT security career.
Jobs that use Security+
Security or Systems Administrator
Companies that use CompTIA Security+ include:
U.S. Department of Defense
4 Steps to a Cybersecurity Career
Want more CompTIA Security+ information?
IT security is paramount to organizations as cloud computing and mobile devices have changed the way we do business. With the massive amounts of data transmitted and stored on networks throughout the world, it’s essential to have effective security practices in place. That’s where CompTIA Security+ comes in. Get the Security+ certification to show that you have the skills to secure a network and deter hackers and you’re ready for the job.
Security+ is government approved
CompTIA Security+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA).
Security+ is globally recognized
CompTIA Security+ is a globally recognized credential with certified professionals working in over 147 countries throughout the world.
Security+ provides substantial earnings potential
According to the Bureau of Labor Statistics, Security Specialists, Administrators and Managers earn over $86,000 per year.
Security+ is industry supported
Security+ is developed and maintained by leading IT experts. Content for the exams stems from a combination of industry-wide survey feedback and contributions from our team of subject matter experts. Learn more about the people behind the CompTIA Security+ Advisory Committee.
Certkingdom.com is CompTIA’s intelligent online learning tool to help you learn for your Security+ exam. It can verify what you already know and fill in knowledge where you need it. It’s a great addition to your learning prep and will be your guide on your path to master the Security+ curriculum.
There’s a wealth of training materials available that match your learning needs and learning style. Whether you are studying on your own, or in a classroom environment, we recommend CompTIA Authorized Quality Curriculum (CAQC) training materials that will help you get ready for your certification exam and pass the test.
For all training options, visit our training overview.
Instructor-led training provides a comfortable teaching environment with instructors that are familiar with the certification process and can help you master your certification exam. Find your instructor now.
Ready for the Test?
When you’ve completed your training and you know you can take your certification exam with confidence, head over to the CompTIA Marketplace and purchase your exam voucher that you will need to sign up for the test.
Once you’ve purchased your voucher, you can find a testing location and schedule your test.
Keep your certification up to date with CompTIA’s Continuing Education (CE) program. It’s designed to be a continued validation of your expertise and a tool to expand your skillset. It’s also the ace up your sleeve when you’re ready to take the next step in your career.
Get the most out of your certification
Information technology is an incredibly dynamic field, creating new opportunities and challenges every day. Participating in our Continuing Education program will enable you to stay current with new and evolving technologies and remain a sought-after IT and security expert.
The CompTIA Continuing Education program
Your CompTIA Security+ certification is good for three years from the day of your exam. The CE program allows you to extend your certification in three-year intervals through activities and training that relate to the content of your certification. Like Security+ itself, CompTIA Security+ ce also carries globally-recognized ISO/ANSI accreditation status.
It’s easy to renew
You can participate in a number of activities and training programs, including higher certifications, to renew your CompTIA Security+ certification. Collect at least 50 Continuing Education Units (CEUs) in three years, upload them to your certification account, and Security+ will automatically renew.
A security analyst wishes to increase the security of an FTP server. Currently, all trails to the FTP server is unencrypted. Users connecting to the FTP server use a variety of modem FTP client software. The security analyst wants to keep the same port and protocol, while also still allowing unencrypted connections. Which of the following would BEST accomplish these goals?
A. Require the SFTP protocol to connect to the file server.
B. Use implicit TLS on the FTP server.
C. Use explicit FTPS for the connections.
D. Use SSH tunneling to encrypt the FTP traffic.
A company has three divisions, each with its own networks and services. The company decides to make its secure web portal accessible to all employees utilizing their existing usernames and passwords, The security administrator has elected to use SAML to support authentication. In this scenario, which of the following will occur when users try to authenticate to the portal? (Select TWO)
A. B. The portal will function as an identity provider and issue an authentication assertion
B. C. The portal will request an authentication ticket from each network that is transitively trusted
C. D. The back-end networks will function as an identity provider and issue an authentication assertion
D. The back-end networks will request authentication tickets from the portal, which will act as the third-party service provider authentication store
E. F. The back-end networks will verify the assertion token issued by the portal functioning as the identity provider
Which of the following would a security specialist be able to determine upon examination of a server’s certificate?
A. CA public key
B. Server private key