CompTIA Security+
Validates core cybersecurity skills required for IT security roles including threat detection, risk management, security architecture, security operations, and program governance. Covers hands-on security problem-solving across hybrid environments including cloud, mobile, IoT, and operational technology. ISO 17024 compliant and approved by the U.S. Department of Defense for directive 8140/8570.01-M requirements.
Exam domains
- Security Operations28%
Apply common security techniques to computing resources (secure baselines, hardening, wireless devices, mobile solutions, configuration enforcement, decommissioning), and manage asset, vulnerability, alerting/monitoring, enterprise security capabilities (firewall rules, IDS/IPS, web filter, OS security, DNS filtering, email security, file integrity monitoring, NAC, EDR, UBA), identity and access management (provisioning, single sign-on, federation, RBAC, MFA, password vaulting), automation and orchestration tools, incident response (preparation, detection, analysis, containment, eradication, recovery, lessons learned), and digital forensics, plus log data sources for investigations.
- Threats, Vulnerabilities, and Mitigations22%
Identify threat actors and motivations, common attack vectors and surfaces (message-based, image-based, file-based, voice call, removable device, supply chain), application vulnerabilities (memory injection, buffer overflow, race conditions, malicious updates), OS-based vulnerabilities, web-based and cloud-specific vulnerabilities, and indicators of malicious activity. Apply mitigation techniques including segmentation, access control, application allow-listing, isolation, patching, encryption, monitoring, least privilege, configuration enforcement, decommissioning, and hardening.
- Security Program Management and Oversight20%
Apply security governance elements including policies, standards, procedures, external considerations (regulatory, legal, industry, geographical), and the role/responsibility split for governance committees. Implement risk management process: identification, assessment, analysis, strategy, register, tolerance, appetite, risk reporting. Apply third-party risk concepts (vendor assessment, vendor monitoring, vendor selection, agreement types, supply chain analysis), security compliance (compliance reporting, consequences of non-compliance, monitoring, privacy, attestation), security audits and assessments (penetration testing, attestation, audits), and security awareness practices including phishing campaigns, anomalous behavior recognition, user guidance/training, reporting/monitoring, and development.
Sources
Questions are grounded in 150 references from official and authoritative materials.