Cybersecurity cert-prep add-on

CompTIA Security+ Exam Prep Add-On

Convert SOC Analyst Fundamentals into a Security+ (SY0-701) exam-ready ramp in 30 hours.

$97 add-on30h additional studyTarget exam: CompTIA Security+Exam fee: $404

What the add-on ships

++Five domain reviews mapped to the official CompTIA Security+ SY0-701 exam objectives
++Four full-length 90-question mock exams in performance-based-question format
++Flagged-answer review workflow that surfaces weak domains for targeted re-study
++Exam-day checklist covering pacing strategy, time per domain, and PBQ approach
++Direct link to the official CompTIA exam blueprint as the canonical reference

Built on the parent course

++SOC Analyst Fundamentals six-module curriculum aligned to NIST SP 800-61, NIST SP 800-92, and MITRE ATT&CK
++Alert lifecycle, triage, containment, and hunting workflows already practiced in the parent course

Parent course: soc analyst fundamentals

Best for

++Working professionals who completed SOC Analyst Fundamentals and want first-attempt pass
++Career changers using DoD 8140 benefits where Security+ is the IAT Level II floor
++IT support staff sitting for the exam after one or two years of operational experience

Practice surface

++Four 90-question mock exams matching CompTIA's PBQ format
++Question bank organized by exam objective for targeted weak-area drilling
++Performance-based-question scenarios with the same shape the exam ships

Buy the add-on

$97 on top of the soc analyst fundamentals parent course. Lifetime access to the practice materials, mock exams, and exam-day worksheets.

See the parent course

Exam summary

CompTIA Security+ (SY0-701) is the entry-level vendor-neutral cybersecurity credential and the most-cited baseline cert for SOC analyst, junior security engineer, and GRC analyst hiring. The exam covers five domains spanning general security concepts, threats and mitigations, security architecture, security operations, and security program management. The exam runs 90 minutes with up to 90 multiple-choice and performance-based questions; passing score is 750 on a scaled 100-900 scale. The credential is DoD 8140 approved for IAT Level II work roles. CompTIA refreshes the exam every three years; SY0-701 is the current version released November 2023.

Domain reviews

General Security Concepts

12%

Foundational vocabulary the rest of the exam builds on. Security controls (technical, managerial, operational, physical), the CIA triad with non-repudiation, change management, and cryptographic primitives.

++Control categories: technical, managerial, operational, physical, and the matching control types (preventive, deterrent, detective, corrective, compensating, directive)
++CIA triad plus authentication, authorization, accounting, and non-repudiation
++Change management: approval, scheduling, version control, rollback, ownership
++Cryptographic primitives: symmetric vs asymmetric, hashing, digital signatures, certificates, PKI, key escrow, key stretching
++Zero trust: control plane, data plane, policy decision point, policy enforcement point, adaptive identity

Primary sources:

Threats, Vulnerabilities, and Mitigations

22%

The largest single domain on the exam. Threat actors, motivations, vectors, common malicious software, application vulnerabilities, and the matching mitigation patterns.

++Threat actor categories: nation-state, organized crime, hacktivist, insider, unskilled attacker, and the matching motivations
++Attack vectors: message-based, image-based, file-based, voice call, removable media, vulnerable software, unsecured networks, open service ports, default credentials, supply chain
++Malware: virus, worm, trojan, ransomware, spyware, bloatware, keylogger, rootkit, logic bomb
++Application vulnerabilities: memory injection, buffer overflow, race conditions (TOCTOU), malicious update, hardware (firmware) vulnerabilities
++Mitigation techniques: segmentation, access control (ACL), application allow list, isolation, patching, encryption, monitoring, least privilege, configuration enforcement, decommissioning, hardening

Primary sources:

Security Architecture

18%

How architectural choices shape the security posture. Cloud and virtualization, network architecture, infrastructure, secure data design, data states, and resilience.

++Architecture models: cloud, serverless, microservices, network infrastructure, IaC, on-premises, centralization vs decentralization, containerization, virtualization, IoT, ICS/SCADA, RTOS, embedded systems, high availability
++Network considerations: availability, resilience, cost, responsiveness, scalability, ease of deployment, risk transference, ease of recovery, patch availability, inability to patch, power, compute
++Secure infrastructure: device placement, security zones, attack surface, connectivity (firewall, IDS/IPS, load balancer, sensors, proxy, gateway, jump server)
++Data classification, data states (in transit, at rest, in use), data types (sensitive, regulated, intellectual property, legal), data sovereignty
++Resilience and recovery: site redundancy (geographic dispersion, hot, warm, cold), platform diversity, multi-cloud, backups, capacity planning, testing (tabletop, fail-over, simulation, parallel processing)

Primary sources:

Security Operations

28%

The largest domain by weight. Day-to-day defense: hardening, security techniques across the infrastructure, identity and access, automation, incident response, and digital forensics.

++Hardening targets: mobile, workstation, switch, router, cloud, server, ICS, IoT, embedded systems
++Wireless security: WPA3, AAA / RADIUS, cryptographic protocols, authentication protocols (PEAP, EAP-TLS, EAP-TTLS), site surveys, heat maps
++Application security: input validation, secure cookies, static analysis (SAST), code signing, sandboxing, monitoring
++Vulnerability management: discovery (scanner, agent, OSINT, static / dynamic analysis, bug bounty, penetration testing), analysis (CVSS, CVE), validation (false positive), reporting
++Identity and access: provisioning, deprovisioning, federation (SAML, OIDC), SSO, LDAP, OAuth, MFA factors (something you know / have / are / where you are / what you do), password policies, password managers, passwordless, privileged access (just-in-time, password vaulting, ephemeral credentials)
++Incident response: preparation, detection, analysis, containment, eradication, recovery, lessons learned (NIST SP 800-61 Rev 2 lifecycle)
++Digital forensics: legal hold, chain of custody, acquisition, reporting, preservation, e-discovery

Primary sources:

Security Program Management and Oversight

20%

The governance and risk-management view. Security governance, risk-management process, third-party risk, compliance, audit, and security awareness.

++Security governance: policies, standards, procedures, guidelines, external considerations (regulatory, legal, industry, local / regional / national / global)
++Risk-management process: risk identification, assessment (qualitative, quantitative, SLE, ALE, ARO), analysis, treatment (transfer, accept, avoid, mitigate), reporting
++Third-party risk: vendor selection (due diligence, conflict of interest), agreements (SLA, MOA, MOU, MSA, WO/SOW, NDA, BPA), monitoring, questionnaires, rules of engagement
++Compliance: regulated industries, reporting (internal, external), monitoring, attestation, automation, due diligence, due care, attestation, acknowledgement
++Audit and assessment: internal vs external attestation, examinations, penetration testing (physical, offensive, defensive, integrated, known / partially known / unknown environment), reconnaissance (passive, active)
++Security awareness: phishing, recognizing a phishing attempt, anomalous behavior recognition (risky, unexpected, unintentional), user guidance and training

Primary sources:

Practice scenarios (15)

Practice scenarios are scenario-based learning, not exam-question mimicry. Each scenario maps to a specific exam domain and includes a worked explanation plus a primary-source citation. Reproducing actual exam items would violate the cert body's NDA; the format here exercises the same underlying concepts under different surface phrasing.

Preview scenario 1 of 15 · General Security Conceptsfree preview

A junior SOC analyst is documenting controls for the organization's authentication system. Multi-factor authentication is enforced for all administrative access; the help desk is empowered to override MFA on a documented exception basis with a 24-hour expiry. Which control category and type best describe the help-desk override capability under the SY0-701 control taxonomy?

A. Technical preventive control
B. Managerial compensating control
C. Operational corrective control
D. Physical detective control

Answer: B

The help-desk override is a process, not a technology, so it is managerial. The override compensates for the situation where the primary MFA control cannot satisfy a legitimate access need (lost device, locked account, etc.), so the type is compensating. Technical controls are technology-implemented (firewalls, MFA itself); operational controls are people-executed routine work; physical controls govern physical access. The CompTIA SY0-701 exam objectives explicitly require candidates to map controls to both category and type.

Reference: NIST SP 800-53 Rev. 5 Section 2.2 (Control Structure and Organization)

Unlock the rest

14 more practice scenarios with full explanations and primary-source citations

The remaining scenarios cover every exam domain at the same depth as the preview above. Includes the exam-day strategy guide and additional study resources. $97 one-time, lifetime access.

Exam-day strategy

++Read each question twice before looking at the options. SY0-701 questions are written carefully; the second read often reveals a qualifier (most, least, best, first) that changes which option is correct.
++For performance-based questions (PBQs), spend time understanding the scenario, then commit to your answer and move on. PBQs cannot be revisited after you leave the section if the test environment locks them.
++On multiple-choice questions, eliminate two distractors before choosing between the remaining options. The right answer is usually the most operationally complete and most aligned with NIST SP 800-53 control families.
++Watch for trick distractors that swap categories (technical vs managerial vs operational vs physical) or control types (preventive vs detective vs corrective vs compensating). The SY0-701 exam tests this distinction repeatedly.
++Pace for 60 seconds per multiple-choice question on the first pass; flag tough questions and return. The 90-minute clock is tight only if you spend more than 3 minutes on any single PBQ.

Additional resources

Sources

Official CompTIA Security+ exam page (certifying body)

Exam fee and blueprint last verified 2026-05-22. Confirm current values with the certifying body before scheduling the exam.

What the add-on ships

++Five domain reviews mapped to the official CompTIA Security+ SY0-701 exam objectives

++Four full-length 90-question mock exams in performance-based-question format

++Flagged-answer review workflow that surfaces weak domains for targeted re-study

++Exam-day checklist covering pacing strategy, time per domain, and PBQ approach

++Direct link to the official CompTIA exam blueprint as the canonical reference

Exam summary

Domain reviews

General Security Concepts

12%

++Control categories: technical, managerial, operational, physical, and the matching control types (preventive, deterrent, detective, corrective, compensating, directive)
++CIA triad plus authentication, authorization, accounting, and non-repudiation
++Change management: approval, scheduling, version control, rollback, ownership
++Cryptographic primitives: symmetric vs asymmetric, hashing, digital signatures, certificates, PKI, key escrow, key stretching
++Zero trust: control plane, data plane, policy decision point, policy enforcement point, adaptive identity

Primary sources:

Threats, Vulnerabilities, and Mitigations

22%

The largest single domain on the exam. Threat actors, motivations, vectors, common malicious software, application vulnerabilities, and the matching mitigation patterns.

++Threat actor categories: nation-state, organized crime, hacktivist, insider, unskilled attacker, and the matching motivations
++Attack vectors: message-based, image-based, file-based, voice call, removable media, vulnerable software, unsecured networks, open service ports, default credentials, supply chain
++Malware: virus, worm, trojan, ransomware, spyware, bloatware, keylogger, rootkit, logic bomb
++Application vulnerabilities: memory injection, buffer overflow, race conditions (TOCTOU), malicious update, hardware (firmware) vulnerabilities
++Mitigation techniques: segmentation, access control (ACL), application allow list, isolation, patching, encryption, monitoring, least privilege, configuration enforcement, decommissioning, hardening

Primary sources:

Security Architecture

18%

How architectural choices shape the security posture. Cloud and virtualization, network architecture, infrastructure, secure data design, data states, and resilience.

++Architecture models: cloud, serverless, microservices, network infrastructure, IaC, on-premises, centralization vs decentralization, containerization, virtualization, IoT, ICS/SCADA, RTOS, embedded systems, high availability
++Network considerations: availability, resilience, cost, responsiveness, scalability, ease of deployment, risk transference, ease of recovery, patch availability, inability to patch, power, compute
++Secure infrastructure: device placement, security zones, attack surface, connectivity (firewall, IDS/IPS, load balancer, sensors, proxy, gateway, jump server)
++Data classification, data states (in transit, at rest, in use), data types (sensitive, regulated, intellectual property, legal), data sovereignty
++Resilience and recovery: site redundancy (geographic dispersion, hot, warm, cold), platform diversity, multi-cloud, backups, capacity planning, testing (tabletop, fail-over, simulation, parallel processing)

Primary sources:

Security Operations

28%

The largest domain by weight. Day-to-day defense: hardening, security techniques across the infrastructure, identity and access, automation, incident response, and digital forensics.

++Hardening targets: mobile, workstation, switch, router, cloud, server, ICS, IoT, embedded systems
++Wireless security: WPA3, AAA / RADIUS, cryptographic protocols, authentication protocols (PEAP, EAP-TLS, EAP-TTLS), site surveys, heat maps
++Application security: input validation, secure cookies, static analysis (SAST), code signing, sandboxing, monitoring
++Vulnerability management: discovery (scanner, agent, OSINT, static / dynamic analysis, bug bounty, penetration testing), analysis (CVSS, CVE), validation (false positive), reporting
++Identity and access: provisioning, deprovisioning, federation (SAML, OIDC), SSO, LDAP, OAuth, MFA factors (something you know / have / are / where you are / what you do), password policies, password managers, passwordless, privileged access (just-in-time, password vaulting, ephemeral credentials)
++Incident response: preparation, detection, analysis, containment, eradication, recovery, lessons learned (NIST SP 800-61 Rev 2 lifecycle)
++Digital forensics: legal hold, chain of custody, acquisition, reporting, preservation, e-discovery

Primary sources:

Security Program Management and Oversight

20%

The governance and risk-management view. Security governance, risk-management process, third-party risk, compliance, audit, and security awareness.

++Security governance: policies, standards, procedures, guidelines, external considerations (regulatory, legal, industry, local / regional / national / global)
++Risk-management process: risk identification, assessment (qualitative, quantitative, SLE, ALE, ARO), analysis, treatment (transfer, accept, avoid, mitigate), reporting
++Third-party risk: vendor selection (due diligence, conflict of interest), agreements (SLA, MOA, MOU, MSA, WO/SOW, NDA, BPA), monitoring, questionnaires, rules of engagement
++Compliance: regulated industries, reporting (internal, external), monitoring, attestation, automation, due diligence, due care, attestation, acknowledgement
++Audit and assessment: internal vs external attestation, examinations, penetration testing (physical, offensive, defensive, integrated, known / partially known / unknown environment), reconnaissance (passive, active)
++Security awareness: phishing, recognizing a phishing attempt, anomalous behavior recognition (risky, unexpected, unintentional), user guidance and training

Primary sources:

Practice scenarios (15)

Preview scenario 1 of 15 · General Security Conceptsfree preview

A. Technical preventive control
B. Managerial compensating control
C. Operational corrective control
D. Physical detective control

Answer: B

Reference: NIST SP 800-53 Rev. 5 Section 2.2 (Control Structure and Organization)

Unlock the rest

14 more practice scenarios with full explanations and primary-source citations

The remaining scenarios cover every exam domain at the same depth as the preview above. Includes the exam-day strategy guide and additional study resources. $97 one-time, lifetime access.

Exam-day strategy

++Read each question twice before looking at the options. SY0-701 questions are written carefully; the second read often reveals a qualifier (most, least, best, first) that changes which option is correct.

++For performance-based questions (PBQs), spend time understanding the scenario, then commit to your answer and move on. PBQs cannot be revisited after you leave the section if the test environment locks them.

++On multiple-choice questions, eliminate two distractors before choosing between the remaining options. The right answer is usually the most operationally complete and most aligned with NIST SP 800-53 control families.

++Watch for trick distractors that swap categories (technical vs managerial vs operational vs physical) or control types (preventive vs detective vs corrective vs compensating). The SY0-701 exam tests this distinction repeatedly.

++Pace for 60 seconds per multiple-choice question on the first pass; flag tough questions and return. The 90-minute clock is tight only if you spend more than 3 minutes on any single PBQ.