What Is the CompTIA Security+ (Plus) Certification? A Guide

Written by Coursera • Updated on Aug 10, 2021

Learn more about this popular entry-level credential and how to earn it.

A cybersecurity analyst with braided hair and a yellow jacket sits in front of her laptop.

The CompTIA Security+ certification validates that you have the core skills necessary for a career in IT security. For many aspiring cybersecurity professionals, earning this popular entry-level certification can be a first step toward a rewarding, in-demand career.

What is Security Plus?

Security+ is the entry-level cybersecurity credential offered by non-profit trade association CompTIA. It’s often the first certification in information security that an IT professional earns. By showing potential employers that you have the core skills required for a cybersecurity role, you may find more job opportunities as a more competitive candidate.

What does the exam cover?

The CompTIA Security+ ranks as the most popular certification for cybersecurity professionals for good reason. It focuses on hands-on, practical security skills in six major domains. Preparing yourself for the exam gives you a broad base of practical knowledge and skills you’ll need to handle real-world security situations. Here’s a list of the domains and topics covered on the exam:

  • Threats, attacks, and vulnerabilities: This includes social engineering attacks, newer denial-of-service (DDoS) attacks, and vulnerabilities found in internet of things (IoT) and embedded devices.

  • Architecture and design: Expect focus on enterprise, cloud, and hybrid environments.

  • Implementation: This domain covers topics like identity and access management, cryptography, end-to-end security, and public key infrastructure (PKI).

  • Operations and incident response: This section tests your knowledge of incident response procedures, including threat detection, security controls, risk mitigation, and digital forensics.

  • Governance, risk, and compliance: Make sure to understand major risk and compliance regulations, including HIPAA, GDPR, SOC, NIST, CCPA, FISMA, and PCI-DSS.

Security+ prerequisites

There are no formal requirements to take the Security+ exam. CompTIA recommends that you have two years of experience in IT administration with a security focus. It may also be a good idea to have an up-to-date CompTIA Network+ certification first.

CompTIA Security+ exam details

Earning your Security+ certification requires passing a certification exam. Let’s take a closer look at the details of this exam, as of August 2021.

Exam codeSY0-601
Cost (US)$370
Number of questions90
Passing score750 (from 900 possible)
Test length90 minutes
PrerequisitesNone

Types of questions on the Security+ exam

You’ll find two types of questions on the latest version of the Security+ exam, traditional multiple-choice questions and performance-based questions (PBQs). PBQs test your ability to solve security problems in a simulated environment; you might be asked to install and configure a firewall or set up a wireless network, for example.

PBQs often appear toward the beginning of the exam. If you get stuck on a question, you can flag it for review and return to it if you have extra time at the end of the exam. All of your work will be saved. Some PBQs may offer partial credit, so it’s a good idea to complete as much of the question as you can.  

Complete the sample PBQ on the CompTIA website before your exam so you’ll have a better idea of what to expect.

What’s new on version SY0-601

The latest version of the Security+ exam was launched in November 2020. This version covers five domains, including three new or updated domains from the last exam. These new domains—Implementation, Operations and Incident Response, and Governance, Risk, and Compliance—reflect the evolving industry. As you prepare for the exam, be sure your materials cover the 601 exam objectives. 

Placeholder

Is the Security+ certification worth it?

Passing the Security+ exam often requires an investment of both time and money. The return on your investment will depend on your personal career goals. If you’re interested in pursuing a career in cybersecurity, having a credential like the Security+ on your resume could give you a competitive edge as you apply for jobs. 

But there are other potential benefits as well. Preparing for the exam can be a good way to develop your cybersecurity skills, giving you greater confidence in your ability to handle real-world security threats. 

Jobs that hire for Security+

Many jobs in the information security field use the skills and knowledge tested by the Security+. Here’s a look at some available job titles on LinkedIn that request or require this certification, along with their average US salaries from Glassdoor (as of August 2021):

  • SOC analyst: $64,010

  • Systems administrator: $75,161

  • Vulnerability analyst: $76,858

  • Database administrator: $82,202

  • Cybersecurity consultant: $93,993

  • Information security analyst: $97,920

  • Information systems architect: $107,058

  • Threat hunter: $111,216

Read more: 5 Cybersecurity Career Paths (and How to Get Started)

Security clearance

The CompTIA Security+ is one of seven certifications approved by the US Department of Defense as an information assurance (IA) baseline certification. Earning this certification meets the minimum certification requirement for IAT Level II jobs.

Placeholder

Other entry-level cybersecurity certifications

The Security+ isn’t the only entry-level certification worth considering. Here’s a quick comparison of some other popular options.

Security+Systems Security Certified Practitioner (SSCP)Certified Ethical Hacker (CEH)GIAC Security Essentials (GSEC)
ProviderCompTIA(ISC)²EC-CouncilGIAC
Vendor neutralYesYesYesYes
FocusGeneralGeneralPenetration testingGeneral
Cost (US)$370$249$950 to $1,199$2,499
PrerequisitesNoneOne year paid work experience or degree in cybersecurityTwo years of work experience or completed EC-Council trainingNone
LinkedIn job postings (US)4,9313,3566,0023,695

Read more: 10 Popular Cybersecurity Certifications [2021 Updated]

How to prepare for the CompTIA Security+ exam

There’s more than one way to prepare for the Security+ exam. How you choose to prepare will depend on your previous experience, current knowledge, and learning style. Here are some options to consider. 

1. Exam prep courses

Several organizations offer exam preparation courses specifically for the Security+ exam (including CompTIA). Registering for a course can give structure to your learning and help ensure that you cover all the required topics. As you’re researching courses, make sure to find one that covers the latest version of the exam (SY0-601).

2. CompTIA Security+ practice tests

Taking a practice test can help you identify what topics you might need to study up on while giving you a feel for what it’s like to take the actual test. This could have the added benefit of calming nerves on test day. CompTIA offers a free practice test for the Security+, though you can find many others with a quick internet search. 

If you’re preparing for the exam on your own, it might help to take a practice test early in your preparation to assess where you are, then again a couple of weeks before your exam date to determine where you still need to study.

3. Books, blogs, and websites

If you’d prefer to build your own program to prepare for the exam, you’ll find no shortage of resources out there to help you—everything from books and website articles to blogs and podcasts. Here are a few resources recommended by those who’ve passed the exam to get you started:

  • Professor Messar: This popular YouTube channel features 177 free videos specifically for the latest Security+ exam. They’re also available as a podcast.

  • CompTIA Security+ Get Certified Get Ahead: SY0-601 Study Guide: This book by Darril Gibson, available as an ebook or paperback, covers the exam objectives with more than 300 practice test questions with detailed explanations. 

  • Quizlet: Build your own set of flashcards to study acronyms.

4. Exam tips

No matter how you choose to prepare for the certification exam, here are some tips to help you do your best.

  • Use flashcards to help you memorize acronyms and port numbers.

  • Read all the answer options in multiple choice questions carefully, and eliminate the ones you know are wrong before choosing your answer.

  • If you’re unsure about a question, flag it for review and come back to it later if you have time.

  • Pay attention to words like “best,” “most,” and “least” in the test questions. These can sometimes help you narrow down your answer options. 

  • Take sample tests from more than one vendor (if your budget allows). Continue preparing until you can reliably pass with an 80 or 90 percent.

  • Answer every question, even if you have to guess. CompTIA does not penalize your score for wrong answers.

  • You can reschedule your exam up to 24 hours before your appointment time. Feel free to take advantage if you feel you need more time to prepare.

  • Join the CompTIA groups on Reddit and Discord to connect with others studying for the exam.

What’s next: Cybersecurity certification paths

Earning your Security+ is a major accomplishment. It could also be the first step in a long career in cybersecurity. As you advance in the field, you may choose to pursue other certifications to qualify you for better opportunities. Read more about some of the most popular certifications (and how to get them).

Get started in cybersecurity

New to cybersecurity? Start building the job-ready skills you need for an entry-level role with the IBM Cybersecurity Analyst Professional Certificate on Coursera. Get hands-on practice in virtual lab environments as you learn from industry experts, all at your own pace.

Placeholder

IBM Cybersecurity Analyst

IBM

PROFESSIONAL CERTIFICATE

Frequently asked questions (FAQ)

Is CompTIA Security+ for beginners?

The CompTIA Security+ is an entry-level cybersecurity certification geared toward beginners. While not required, CompTIA recommends that you have a couple of years of experience in IT with a security focus before taking the exam.

Should I take Security+ 501 or 601?

The SY0-501 was retired on July 31, 2021 and has been completely replaced by the Security+ SY0-601. If you’ve been studying for the SY0-501, take some time to review the 601 exam objectives to make sure you’re prepared for the new exam.

Will a CompTIA Security+ certification really help in getting a job?

Earning your Security+ certification doesn’t guarantee a job, but it can help to enhance your resume. Plus, many government IT jobs, including contractor positions, require Security+. Take a look at some job listings for roles you’re interested in to see if Security+ is listed as a requirement or preferred qualification.

How hard is CompTIA Security+?

The Security+ exam covers a wide range of information, which can make it challenging for those who are not adequately prepared. To maximize your chances of passing the exam on your first attempt, take plenty of time to prepare yourself. Go through the exam objectives, and make sure you understand everything. Highlight items you’re unsure about, and find resources to develop your understanding.

Join a few online CompTIA or IT certification communities, and you’ll find a wealth of advice from those who’ve passed the exam, as well as lessons learned from those who had to retake it. 

Does the CompTIA Security+ expire?

Yes, the CompTIA Security+ expires three years after the day of your exam. You can extend your certification in three-year intervals by earning 50 Continuing Education Units (CEUs) through training programs and other approved activities.

Written by Coursera • Updated on Aug 10, 2021

This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.

Learn without limits