I just passed CompTIA Security+ exam on the first attempt with less than a month of study. You can do the same thing if you set appropriate time to learn the material.

Security+ (SY0-401) Study Guide

I used Darril Gibson's book, CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. This study guide is CompTIA Approved Quality Content (CAQC) and covers every aspect of the SY0-401 exam. I found the book to be very easy to understand. Here's 2 good resources from Mr. Gibson's website:

  1. Log Entries and Security+
  2. Blog Links on Attacks

The 2 practice exams in the book were a great comprehensive review. After reading the book, taking notes, doing both practice exams, and browsing through additional materials on his website: Security Blog Links on Get Certified Get Ahead, I moved on to Professor Messer's content.

Professor Messer has a series of free videos that go into the SY0-401 objectives. He actually uses tools and shows real world examples which really helps to drive points home.

CompTIA Security+ SY0-401 Certification Course – Playlist 1 of 2

CompTIA Security+ SY0-401 Certification Course – Playlist 2 of 2


I feel good about the exam. I could have studied more or even purchased additional materials but I'm happy with how everything went. I can provide some study notes if there is a demand for it ( I did 🙂 ). Other than that, the exam isn't too hard. Just know your stuff and avoid unauthorized study materials (brain dumps) like the plague.

Other Sources

Last week's post:

Important Note on Unauthorized 3rd Party Training Sites (Brain Dumps):

Here are a few links to articles that explain in greater detail why brain dumps are bad. Learn the material and stay on the up and up and you'll be fine.

Study Tips

  1. Review the exam objectives if you haven’t already.
  2. Get a good book. If you need to take classes in preparation for the exam, enroll or purchase materials from authorized partners. Unauthorized 3rd party training sites are against the candidate agreement.
  3. Set a study schedule and plan a date for the exam.
  4. Buy the exam voucher from Pearson Vue or CompTIA store.
  5. Schedule the exam through Pearson Vue.
  6. Take practice questions.
  7. Review material that's still fuzzy to you. Watch videos, review concepts, and improve.

Exam Taking Tips

  1. If you're confused or not certain on a particular question, flag it and move on. You can come back to it later in the review.
  2. Regarding beta questions: these are ungraded questions designed to test the structure and validity of these new questions. It's unknown which questions are beta questions or even how many of them are in the exam. Don't put too much thought into it, just answer all questions as best as you can.

Exam Background

Update 1/7/2017: The following section is now updated and available on its own separate page. View the SY0-401 exam overview for more information.

Exam Structure

  • Number of Questions: 90 questions
  • Duration: 90 minute duration, not including survey time, about 1 minute per question
  • Score Range: 100-900
  • Passing Score: 750 (roughly 83%, not including experimental questions)
  • Types of Questions:
    • Multiple Choice – can have more than one answer
    • Performance Based – perform the requested action
    • Matching – match items from 2 lists
    • Drag and Drop – visual matching
    • Data Entry – fill in the blank

Exam Domains

  1. Network Security 20%
  2. Compliance and Operational Security 18%
  3. Threats and Vulnerabilities 20%
  4. Application, Data and Host Security 15%
  5. Access Control and Identity Management 15%
  6. Cryptography 12%

Exam History

  • SY0-401: Current, Launched May 2014
  • SY0-301: 2011, retired December 31, 2014
  • SY0-201: 2008, retired December 31, 2011
  • SY0-101: 2002, retired July 31, 2009

Pin It on Pinterest