CompTIA Security+ (SY0-701) Exam Survival Guide

Window: Global | Entry-level security | 90 Q / 90 min

Must-do topics

• Threats/attacks: malware, phishing, social engineering, MITM, password attacks
• Architecture/design: secure networks, segmentation, zero trust, cloud security basics
• Implementation: firewalls, IDS/IPS, VPNs, wireless security (WPA3, EAP)
• Operations: incident response, disaster recovery, business continuity
• Governance/risk: frameworks (NIST, ISO), risk mgmt, privacy laws

Top traps (avoid)

• Confusing symmetric vs asymmetric key uses
• Mixing IDS vs IPS functions
• Forgetting WPA2/WPA3 differences
• Choosing “block everything” instead of least privilege
• Ignoring legal/ethics boundaries in scenarios

Time split

• 90 Q, 90 min → 1 min/Q
• Use 2-pass method: quick recall → return to scenarios

Last-48h checklist

• Port numbers 20/21 (FTP), 22 (SSH), 25 (SMTP), 443 (HTTPS)
• CIA triad examples; hashing vs encryption vs signing
• IR steps: Prep → Detect → Contain → Eradicate → Recover → Lessons
• Cloud models: IaaS, PaaS, SaaS differences

Quick facts

• Symmetric (AES) = fast, bulk encryption
• Asymmetric (RSA/ECC) = key exchange, digital signatures
• Hash (SHA, MD5) = integrity only
• Risk = Likelihood × Impact

Speed tactics

• Eliminate impossible answers fast (e.g., “use WEP”)
• Map Q to CIA triad; answer consistent with need
• In doubt → choose secure + least privilege option

Day-of mini-plan

• Warm-up: 10 port numbers + 5 acronyms
• Keep pace: 30 Q every 30 min
• Mark 5 min for flagged reviews