T

CompTIA Security+
Certification Exam
AF
Objectives
EXAM NUMBER: SY0-701
R
D

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
About the Exam
The CompTIA Security+ certification exam will certify the successful candidate has the
knowledge and skills required to:

• Assess the security posture of an enterprise environment and recommend and implement
appropriate security solutions.
• Monitor and secure hybrid environments, including cloud, mobile, and Internet of Things (IoT).

T
• Operate with an awareness of applicable regulations and policies, including principles of
governance, risk, and compliance.
• Identify, analyze, and respond to security events and incidents.

EXAM DEVELOPMENT
AF
CompTIA exams result from subject matter expert workshops and industry-wide survey results
regarding the skills and knowledge required of an IT professional.

CompTIA AUTHORIZED MATERIALS USE POLICY

CompTIA Certifications, LLC is not affiliated with and does not authorize, endorse, or condone utilizing
any content provided by unauthorized third-party training sites (aka “brain dumps”). Individuals who
utilize such materials in preparation for any CompTIA examination will have their certifications revoked
and be suspended from future testing in accordance with the CompTIA Candidate Agreement. In an
effort to more clearly communicate CompTIA’s exam policies on use of unauthorized study materials,
CompTIA directs all certification candidates to the CompTIA Certification Exam Policies. Please review
all CompTIA policies before beginning the study process for any CompTIA exam. Candidates will be
required to abide by the CompTIA Candidate Agreement. If a candidate has a question as to whether
study materials are considered unauthorized (aka “brain dumps”), he/she should contact CompTIA at
R
examsecurity@comptia.org to confirm.

PLEASE NOTE
The lists of examples provided in bulleted format are not exhaustive lists. Other examples of
technologies, processes, or tasks pertaining to each objective may also be included on the exam,
although not listed or covered in this objectives document. CompTIA is constantly reviewing the
content of our exams and updating test questions to be sure our exams are current, and the security
D

of the questions is protected. When necessary, we will publish updated exams based on existing
exam objectives. Please know that all related exam preparation materials will still be valid.

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
TEST DETAILS
Required exam SY0-701
Number of questions
Types of questions Multiple-choice and performance-based
Length of test
Recommended experience A minimum of 2 years of experience in IT
administration with a focus on security, hands-on
experience with technical information security,
and broad knowledge of security concepts

T
EXAM OBJECTIVES (DOMAINS)
The table below lists the domains measured by this examination
and the extent to which they are represented.
DOMAIN PERCENTAGE OF EXAMINATION

1.0
2.0
3.0
4.0
5.0
AF
General Security Concepts
Threats, Vulnerabilities, and Mitigations
Security Architecture
Security Operations
Security Program Management and Oversight
12%
22%
18%
28%
20%

Total 100%
R
D

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 1.0 General Security Concepts
1.1 Compare and contrast various types of security controls.
• Categories • Control types
- Technical - Preventive

T
- Managerial - Deterrent
- Operational - Detective
- Physical - Corrective
- Compensating
- Directive

1.2

Availability (CIA)
• Non-repudiation
AF
Summarize fundamental security concepts.
• Confidentiality, Integrity, and

• Authentication, Authorization, and

- Data plane
o

o
Subject/system
Policy Engine
Policy Administrator
o

o
Pressure
Microwave
Ultrasonic
• Deception and disruption
Accounting (AAA) o
Policy enforcement point technology
- Authenticating people • Physical security - Honeypot
- Authenticating systems - Bollards - Honeynet
- Authorization models - Access control vestibule - Honeyfile
• Gap analysis - Fencing - Honeytoken
R
• Zero trust - Video surveillance
- Control plane - Security guard
o
Adaptive identity - Access badge
o
Threat scope reduction - Lighting
o
Policy-driven access control - Sensors
o
Secured zones o
Infrared
D

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 1.0 | General Security Concepts

1.3 Explain the importance of change management processes

and the impact to security.
• Business processes impacting • Technical implications • Documentation
security operation - Allow lists/deny lists - Updating diagrams
- Approval process - Restricted activities - Updating policies/procedures
- Ownership - Downtime • Version control
- Stakeholders - Service restart
- Impact analysis - Application restart

T
- Test results - Legacy applications
- Backout plan - Dependencies
- Maintenance window
- Standard operating procedure

1.4

solutions.

- Public key
- Private key
AF
Explain the importance of using appropriate cryptographic

• Public key infrastructure (PKI) • Tools

- Trusted Platform Module (TPM)
- Hardware security module
- Certificate revocation lists
(CRLs)
- Online Certificate Status
- Key escrow (HSM) Protocol (OCSP)
• Encryption - Key management system - Self-signed
- Level - Secure enclave - Third-party
o
Full-disk • Obfuscation - Root of trust
o
Partition o Steganography - Certificate signing request (CSR)
File o Tokenization generation
R
o

o
Volume o Data masking - Wildcard
o
Database • Hashing
o
Record • Salting
- Transport/communication • Digital signatures
- Asymmetric • Key stretching
- Symmetric • Blockchain
- Key exchange • Open public ledger
D

- Algorithms • Certificates
- Key length - Certificate authorities

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 2.0 Threats, Vulnerabilities, and Mitigations
2.1 Compare and contrast common threat actors and motivations.
• Threat actors • Motivations
- Nation-state - Data exfiltration

T
- Unskilled attacker - Espionage
- Hacktivist - Service disruption
- Insider threat - Blackmail
- Organized crime - Financial gain
- Shadow IT - Philosophical/political beliefs
• Attributes of actors - Ethical

2.2
- Internal/external
- Resources/funding

• Message-based
AF
- Level of sophistication/capability
- Revenge
- Disruption/chaos
- War

Explain common threat vectors and attack surfaces.

• Unsecure networks • Human vectors/social engineering
o Email - Wireless - Phishing
o Short Message Service (SMS) - Wired - Vishing
o Instant messaging (IM) - Bluetooth - Smishing
• Image-based • Open service ports - Misinformation/disinformation
• File-based • Default credentials - Impersonation
R
• Voice call • Supply chain - Business email compromise
• Removable device - Managed service providers - Pretexting
• Vulnerable software (MSPs) - Watering hole
o Client-based vs. agentless - Vendors - Brand impersonation
• Unsupported systems and - Suppliers - Typo squatting
applications
D

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 2.0 | Threats, Vulnerabilities, and Mitigations

2.3 Explain various types of vulnerabilities.

• Application • Hardware • Misconfiguration
- Memory injection - Firmware • Mobile device
- Buffer overflow - End-of-life - Side loading
- Race conditions - Legacy - Jailbreaking
o
Time-of-check (TOC) • Virtualization • Zero-day
o
Target of evaluation (TOE) - Virtual machine (VM) escape
o
Time-of-use (TOU) - Resource reuse
- Malicious update • Cloud-specific

T
• Operating system (OS)-based • Supply chain
• Web-based - Service provider
- Structured Query Language - Hardware provider
injection (SQLi) - Software provider
- Cross-site scripting (XSS) • Cryptographic

2.4

• Malware attacks
- Ransomware
- Trojan
- Worm
- Spyware
AF
Given a scenario, analyze indicators of malicious activity.
Amplified
o

Reflected
o

- Domain Name System (DNS)

attacks
- Wireless
- Birthday
• Password attacks
- Spraying
- Brute force
• Indicators
- Bloatware - On-path - Account lockout
- Virus - Credential replay - Concurrent session usage
- Keylogger - Malicious code - Blocked content
- Logic bomb • Application attacks - Impossible travel
- Rootkit - Injection - Resource consumption
• Physical attacks - Buffer overflow - Resource inaccessibility
R
- Brute force - Replay - Out-of-cycle logging
- Radio frequency identification - Privilege escalation - Published/documented
(RFID) cloning - Forgery - Missing logs
- Environmental - Directory traversal
• Network attacks • Cryptographic attacks
- Distributed denial-of-service - Downgrade
(DDoS) - Collision
D

2.5 Explain the purpose of mitigation techniques used to secure the

enterprise.
• Segmentation • Monitoring - Host-based firewall
• Access control • Least privilege - Host-based intrusion prevention
- Access control list (ACL) • Configuration enforcement system (HIPS)
- Permissions • Decommissioning - Disabling ports/protocols
• Application allow list • Hardening techniques - Default password changes
• Isolation - Encryption - Removal of unnecessary
• Patching - Installation of endpoint software
• Encryption protection

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 3.0 Security Architecture
3.1 Compare and contrast security implications of different
architecture models.
• Architecture and infrastructure -On-premises - Cost

T
concepts -Centralized vs. decentralized - Responsiveness
- Cloud -Containerization - Scalability
o
Responsibility matrix -Virtualization - Ease of deployment
o
Hybrid considerations -IoT - Risk transference
o
Third-party vendors -Industrial control systems (ICS)/ - Ease of recovery
- Infrastructure as code (IaC) supervisory control and data - Patch availability
- Serverless
- Microservices

o
AF
- Network infrastructure
Physical isolation
° Air-gapped
Logical segmentation
Software-defined
networking (SDN)
acquisition (SCADA)
- Real-time operating system
(RTOS)
- Embedded systems
- High availability
• Considerations
- Availability
- Resilience
-
-
-
Inability to patch
Power
Compute

3.2 Given a scenario, apply security principles to secure enterprise

infrastructure.
R
• Infrastructure considerations Sensors
o
Internet protocol security
o

- Device placement - Port security (IPSec)

- Security zones o
802.1X - Software-defined wide area
- Attack surface o
Extensible Authentication network (SD-WAN)
- Connectivity Protocol (EAP) - Secure access service edge
- Failure modes - Firewall types (SASE)
Fail-open Web application firewall • Selection of effective controls
D

o o

o
Fail-closed (WAF)
- Device attribute o
Unified threat management
o
Active vs. passive (UTM)
o
Inline vs. tap/monitor o
Next-generation firewall
- Network appliances (NGFW)
o
Jump server o
Layer 4/Layer 7
o
Proxy server • Secure communication/access
o
Intrusion prevention system - Virtual private network (VPN)
(IPS)/intrusion detection system - Remote access
(IDS) - Tunneling
o
Load balancer o
Transport Layer Security (TLS)

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 3.0 | Security Architecture

3.3 Compare and contrast concepts and strategies to protect data.

• Data types - Public • Methods to secure data
- Regulated - Restricted - Geographic restrictions
- Trade secret - Private - Encryption
- Intellectual property - Critical - Hashing
- Legal information • General data considerations - Masking
- Financial information - Data states - Tokenization
- Human- and non-human- o Data at rest - Obfuscation
readable o Data in transit - Segmentation

T
• Data classifications o Data in use - Permission restrictions
- Sensitive - Data sovereignty
- Confidential - Geolocation

3.4

architecture.
• High availability
AF
Explain the importance of resilience and recovery in security

- Load balancing vs. clustering

• Site considerations
- Hot
- Technology
- Infrastructure
• Testing
- Tabletop exercises
- Recovery
- Replication
- Journaling
• Power
- Cold - Fail over - Generators
- Warm - Simulation - Uninterruptible power supply
- Geographic dispersion - Parallel processing (UPS)
• Platform diversity • Backups
• Multi-cloud systems - Onsite/offsite
R
• Continuity of operations - Frequency
• Capacity planning - Encryption
- People - Snapshots
D

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 4.0 Security Operations
4.1 Given a scenario, apply common security techniques to
computing resources.
• Secure baselines - Installation considerations • Wireless security settings

T
- Establish o
Site surveys - Wi-Fi Protected Access 3
- Deploy o
Heat maps (WPA3)
- Maintain • Mobile solutions - AAA/Remote Authentication
• Hardening targets - Mobile device management Dial-In User Service (RADIUS)
- Mobile devices (MDM) - Cryptographic protocols
- Workstations - Deployment models - Authentication protocols
- Switches Bring your own device (BYOD) • Application security
- Routers

- ICS/SCADA
- Embedded systems
- RTOS
- IoT devices
AF
- Cloud infrastructure
- Servers
o

o
Corporate-owned, personally
enabled (COPE)
o
Choose your own device
(CYOD)
- Connections methods
o

o
Cellular
Wi-Fi
- Input validation
- Secure cookies
- Static code analysis
- Code signing
• Sandboxing
• Monitoring

• Wireless devices o
Bluetooth

4.2 Explain the security implications of proper hardware, software,

and data asset management.
R
• Acquisition/procurement process • Disposal/decommissioning
• Assignment/accounting - Sanitization
- Ownership - Destruction
- Classification - Certification
• Monitoring/asset tracking - Data retention
- Inventory
- Enumeration
D

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 4.0 | Security Operations

4.3 Explain various activities associated with vulnerability

management.
• Identification methods - Confirmation - Compensating controls
- Vulnerability scan o False positive - Exceptions and exemptions
- Application security o False negative • Validation of remediation
o Static analysis - Prioritize - Rescanning
o Dynamic analysis - Common Vulnerability Scoring - Audit
o Package monitoring System (CVSS) - Verification
- Threat feed - Common Vulnerability • Reporting

T
o Open-source intelligence Enumeration (CVE)
(OSINT) - Vulnerability classification
o Proprietary/third-party - Exposure factor
o Information-sharing - Environmental variables
organization - Industry/organizational impact
o Dark web - Risk tolerance

4.4
AF
- Penetration testing
- Responsible disclosure program
o Bug bounty program
- System/process audit
• Analysis
• Vulnerability response and
remediation
- Patching
- Insurance
- Segmentation

Explain security alerting and monitoring concepts and tools.

• Monitoring computing resources - Alert response and remediation/ management (SIEM)
- Systems validation - Antivirus
- Applications o Quarantine - Data loss prevention (DLP)
- Infrastructure o Alert tuning - Simple Network Management
• Activities • Tools Protocol (SNMP) traps
R
- Log aggregation - Security Content Automation - NetFlow
- Alerting Protocol (SCAP) - Vulnerability scanners
- Scanning - Benchmarks
- Reporting - Agents/agentless
- Archiving - Security information and event
D

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 4.0 | Security Operations

4.5 Given a scenario, modify enterprise capabilities to enhance

security.
• Firewall • Operating system security - Gateway
- Rules - Group Policy • File integrity monitoring
- Access lists - SELinux • DLP
- Ports/protocols • Implementation of secure • Network access control (NAC)
- Screened subnets protocols • Endpoint detection and response
• IDS/IPS - Protocol selection (EDR)/extended detection and
- Trends - Port selection response (XDR)

T
- Signatures - Transport method • User behavior analytics
• Web filter • DNS filtering
- Agent-based • Email security
- Centralized proxy - Domain-based Message
- Universal Resource Locator Authentication Reporting and
(URL) scanning Conformance (DMARC)

4.6
- Block rules
- Reputation
AF
- Content categorization - DomainKeys Identified Mail
(DKIM)
- Sender Policy Framework (SPF)

Given a scenario, implement and maintain identity and access

management.
• Provisioning/de-provisioning user - Discretionary o
Somewhere you are
accounts - Role-based • Password concepts
• Permission assignments and - Rule-based - Password best practices
implications - Attribute-based o
Length
R
• Identity proofing - Time-of-day restrictions o
Complexity
• Federation - Least privilege o
Reuse
• Single sign-on (SSO) • Multifactor authentication o
Expiration
- Lightweight Directory Access - Implementations o
Age
Protocol (LDAP) o
Biometrics - Password managers
- Open authorization (OAuth) o
Hard/soft authentication - Passwordless
- Security Assertions Markup tokens • Privileged access management
Language (SAML) Security keys tools
D

• Interoperability - Factors - Just-in-time permissions

• Attestation o
Something you know - Password vaulting
• Access controls o
Something you have - Temporal accounts
- Mandatory o
Something you are

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 4.0 | Security Operations

4.7 Explain the importance of automation and orchestration related

to secure operations.
• Use cases of automation and • Benefits • Other considerations
scripting - Efficiency/time saving - Complexity
- User provisioning - Enforcing baselines - Cost
- Resource provisioning - Standard infrastructure - Single point of failure
- Guard rails configurations - Technical debt
- Security groups - Scaling in a secure manner - Ongoing supportability

T
- Ticket creation - Employee retention
- Escalation - Reaction time
- Enabling/disabling services - Workforce multiplier
and access
- Continuous integration and testing
- Integrations and Application

4.8

• Process
- Preparation
- Detection
AF
programming interfaces (APIs)

Explain appropriate incident response activities.

• Training
• Testing
- Tabletop exercise
- Chain of custody
- Acquisition
- Reporting
- Analysis - Simulation - Preservation
- Containment • Root cause analysis - E-discovery
- Eradication • Threat hunting
- Recovery • Digital forensics
- Lessons learned - Legal hold
R
4.9 Given a scenario, use data sources to support an investigation.
• Log data • Data sources
- Firewall logs - Vulnerability scans
D

- Application logs - Automated reports

- Endpoint logs - Dashboards
- OS-specific security logs - Packet captures
- IPS/IDS logs
- Network logs
- Metadata

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 5.0 Security Program Management
and Oversight
5.1 Summarize elements of effective security governance.

T
• Guidelines - Physical security • Monitoring and revision
• Policies - Encryption • Types of governance structures
- Acceptable use policy (AUP) • Procedures - Boards
- Information security policies - Change management - Committees
- Business continuity - Onboarding/offboarding - Government entities
- Disaster recovery - Playbooks - Centralized/decentralized
- Incident response

- Change management
• Standards
- Password
- Access control
AF
- Software development lifecycle
(SDLC)
• External considerations
- Regulatory
- Legal
- Industry
- Local/regional
- National
- Global
• Roles and responsibilities for
systems and data
- Owners
- Controllers
- Processors
- Custodians/stewards

5.2 Explain elements of the risk management process.

• Risk identification - Impact • Risk reporting
• Risk assessment • Risk register • Business impact analysis
R
- Ad hoc - Key risk indicators - Recovery time objective (RTO)
- Recurring - Risk owners - Recovery point objective (RPO)
- One-time - Risk threshold - Mean time to repair (MTTR)
- Continuous • Risk tolerance - Mean time between failures
• Risk analysis • Risk appetite (MTBF)
- Qualitative - Expansionary
- Quantitative - Conservative
D

- Single loss expectancy (SLE) - Neutral

- Annualized loss expectancy • Risk management strategies
(ALE) - Transfer
- Annualized rate of occurrence - Accept
(ARO) o
Exemption
- Probability o
Exception
- Likelihood - Avoid
- Exposure factor - Mitigate

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 5.0 | Security Program Management and Oversight

5.3 Explain the processes associated with third-party risk assessment

and management.
• Vendor assessment • Agreement types - Non-disclosure agreement
- Penetration testing - Service-level agreement (SLA) (NDA)
- Right-to-audit clause - Memorandum of agreement - Business partners agreement
- Evidence of internal audits (MOA) (BPA)
- Independent assessments - Memorandum of understanding • Vendor monitoring
- Supply chain analysis (MOU) • Questionnaires

T
• Vendor selection - Master service agreement (MSA) • Rules of engagement
- Due diligence - Work order (WO)/statement of
- Conflict of interest work (SOW)

5.4 Summarize elements of effective security compliance.

- Internal
- External

- Fines
- Sanctions
AF
• Compliance reporting

• Consequences of non-compliance

- Reputational damage
• Compliance monitoring
- Due diligence/care
- Attestation and
acknowledgement
- Internal and external
- Automation
• Privacy
-
-
-
-
-
o

o
National
Global
Data subject
Controller vs. processor
Ownership
Data inventory and retention
Right to be forgotten
- Loss of license - Legal implications
- Contractual impacts o
Local/regional
R
5.5 Explain types and purposes of audits and
assessments.
• Attestation • Penetration testing
• Internal - Physical
- Compliance - Offensive
D

- Audit committee - Defensive

- Self-assessments - Integrated
• External - Known environment
- Regulatory - Partially known environment
- Examinations - Unknown environment
- Assessment - Reconnaissance
- Independent third- o
Passive
party audit o
Active

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 5.0 | Security Program Management and Oversight

5.6 Given a scenario, implement security awareness practices.

• Phishing - Insider threat
- Campaigns - Password management
- Recognizing a phishing attempt - Removable media and cables
- Responding to reported - Social engineering
suspicious messages - Operational security
• Anomalous behavior recognition - Hybrid/remote work
- Risky environments

T
- Unexpected • Reporting and monitoring
- Unintentional - Initial
• User guidance and training - Recurring
- Policy/handbooks • Development
- Situational awareness • Execution

AF
R
D

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
CompTIA Security+ SY0-701 Acronym List
The following is a list of acronyms that appears on the CompTIA Security+
SY0-701 exam. Candidates are encouraged to review the complete
list and attain a working knowledge of all listed acronyms as part of a
comprehensive exam preparation program.

T
Acronym Spelled Out Acronym Spelled Out
AAA Authentication, Authorization, and CHAP Challenge Handshake Authentication
Accounting Protocol
ACL Access Control List CIA Confidentiality, Integrity, Availability
AES Advanced Encryption Standard CIO Chief Information Officer

AH
AI
AIS
ALE
AP
API
APT
AF
AES-256 Advanced Encryption Standards 256-bit
Authentication Header
Artificial Intelligence
Automated Indicator Sharing
Annualized Loss Expectancy
Access Point
Application Programming Interface
Advanced Persistent Threat
CIRT
CMS
COOP
COPE
CP
CRC
CRL
CSO
Computer Incident Response Team
Content Management System
Continuity of Operation Planning
Corporate Owned, Personally Enabled
Contingency Planning
Cyclical Redundancy Check
Certificate Revocation List
Chief Security Officer
ARO Annualized Rate of Occurrence CSP Cloud Service Provider
ARP Address Resolution Protocol CSR Certificate Signing Request
ASLR Address Space Layout Randomization CSRF Cross-site Request Forgery
ATT&CK Adversarial Tactics, Techniques, and CSU Channel Service Unit
Common Knowledge CTM Counter Mode
R
AUP Acceptable Use Policy CTO Chief Technology Officer
AV Antivirus CVE Common Vulnerability Enumeration
BASH Bourne Again Shell CVSS Common Vulnerability Scoring System
BCP Business Continuity Planning CYOD Choose Your Own Device
BGP Border Gateway Protocol DAC Discretionary Access Control
BIA Business Impact Analysis DBA Database Administrator
BIOS Basic Input/Output System DDoS Distributed Denial of Service
D

BPA Business Partners Agreement DEP Data Execution Prevention

BPDU Bridge Protocol Data Unit DES Digital Encryption Standard
BYOD Bring Your Own Device DHCP Dynamic Host Configuration Protocol
CA Certificate Authority DHE Diffie-Hellman Ephemeral
CAPTCHA Completely Automated Public Turing Test to DKIM DomainKeys Identified Mail
Tell Computers and Humans Apart DLL Dynamic Link Library
CAR Corrective Action Report DLP Data Loss Prevention
CASB Cloud Access Security Broker DMARC Domain Message Authentication Reporting
CBC Cipher Block Chaining and Conformance
CCMP Counter Mode/CBC-MAC Protocol DNAT Destination Network Address Transaction
CCTV Closed-circuit Television DNS Domain Name System
CERT Computer Emergency Response Team DoS Denial of Service
CFB Cipher Feedback DPO Data Privacy Officer

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
Acronym Spelled Out Acronym Spelled Out
DRP Disaster Recovery Plan IEEE Institute of Electrical and Electronics
DSA Digital Signature Algorithm Engineers
DSL Digital Subscriber Line IKE Internet Key Exchange
EAP Extensible Authentication Protocol IM Instant Messaging
ECB Electronic Code Book IMAP Internet Message Access Protocol
ECC Elliptic Curve Cryptography IoC Indicators of Compromise
ECDHE Elliptic Curve Diffie-Hellman Ephemeral IoT Internet of Things
ECDSA Elliptic Curve Digital Signature Algorithm IP Internet Protocol
EDR Endpoint Detection and Response IPS Intrusion Prevention System

T
EFS Encrypted File System IPSec Internet Protocol Security
ERP Enterprise Resource Planning IR Incident Response
ESN Electronic Serial Number IRC Internet Relay Chat
ESP Encapsulated Security Payload IRP Incident Response Plan
FACL File System Access Control List ISO International Standards Organization
FDE Full Disk Encryption ISP Internet Service Provider
FIM
FPGA
FRR
FTP
FTPS
GCM
GDPR
GPG
AF
File Integrity Management
Field Programmable Gate Array
False Rejection Rate
File Transfer Protocol
Secured File Transfer Protocol
Galois Counter Mode
General Data Protection Regulation
Gnu Privacy Guard
ISSO
IV
KDC
KEK
L2TP
LAN
LDAP
LEAP
Information Systems Security Officer
Initialization Vector
Key Distribution Center
Key Encryption Key
Layer 2 Tunneling Protocol
Local Area Network
Lightweight Directory Access Protocol
Lightweight Extensible Authentication
GPO Group Policy Object Protocol
GPS Global Positioning System MaaS Monitoring as a Service
GPU Graphics Processing Unit MAC Mandatory Access Control
GRE Generic Routing Encapsulation MAC Media Access Control
HA High Availability MAC Message Authentication Code
R
HDD Hard Disk Drive MAN Metropolitan Area Network
HIDS Host-based Intrusion Detection System MBR Master Boot Record
HIPS Host-based Intrusion Prevention System MD5 Message Digest 5
HMAC Hashed Message Authentication Code MDF Main Distribution Frame
HOTP HMAC-based One-time Password MDM Mobile Device Management
HSM Hardware Security Module MFA Multifactor Authentication
HTML Hypertext Markup Language MFD Multifunction Device
HTTP Hypertext Transfer Protocol MFP Multifunction Printer
D

HTTPS Hypertext Transfer Protocol Secure ML Machine Learning

HVAC Heating, Ventilation Air Conditioning
IaaS Infrastructure as a Service
IaC Infrastructure as Code
IAM Identity and Access Management
ICMP Internet Control Message Protocol
ICS Industrial Control Systems
IDEA International Data Encryption Algorithm
IDF Intermediate Distribution Frame
IdP Identity Provider
IDS Intrusion Detection System
MMS Multimedia Message Service
MOA Memorandum of Agreement
MOU Memorandum of Understanding
MPLS Multi-protocol Label Switching
MSA Master Service Agreement
MSCHAP Microsoft Challenge Handshake
Authentication Protocol
MSP Managed Service Provider
MSSP Managed Security Service Provider
MTBF Mean Time Between Failures
MTTF Mean Time to Failure

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
Acronym Spelled Out Acronym Spelled Out
MTTR Mean Time to Recover PKI Public Key Infrastructure
MTU Maximum Transmission Unit POP Post Office Protocol
NAC Network Access Control POTS Plain Old Telephone Service
NAT Network Address Translation PPP Point-to-Point Protocol
NDA Non-disclosure Agreement PPTP Point-to-Point Tunneling Protocol
NFC Near Field Communication PSK Pre-shared Key
NGFW Next-generation Firewall PTZ Pan-tilt-zoom
NIDS Network-based Intrusion Detection System PUP Potentially Unwanted Program
NIPS Network-based Intrusion Prevention System RA Recovery Agent

T
NIST National Institute of Standards & Technology RA Registration Authority
NTFS New Technology File System RACE Research and Development in Advanced
NTLM New Technology LAN Manager Communications Technologies in Europe
NTP Network Time Protocol RAD Rapid Application Development
OAUTH Open Authorization RADIUS Remote Authentication Dial-in User Service
OCSP Online Certificate Status Protocol RAID Redundant Array of Inexpensive Disks
OID
OS
OSINT
OSPF
OT
OTA
OVAL
P12
AF
Object Identifier
Operating System
Open-source Intelligence
Open Shortest Path First
Operational Technology
Over the Air
Open Vulnerability Assessment Language
PKCS #12
RAS
RAT
RBAC
RBAC
RC4
RDP
RFID
RIPEMD
Remote Access Server
Remote Access Trojan
Role-based Access Control
Rule-based Access Control
Rivest Cipher version 4
Remote Desktop Protocol
Radio Frequency Identifier
RACE Integrity Primitives Evaluation
P2P Peer to Peer Message Digest
PaaS Platform as a Service ROI Return on Investment
PAC Proxy Auto Configuration RPO Recovery Point Objective
PAM Privileged Access Management RSA Rivest, Shamir, & Adleman
PAM Pluggable Authentication Modules RTBH Remotely Triggered Black Hole
R
PAP Password Authentication Protocol RTO Recovery Time Objective
PAT Port Address Translation RTOS Real-time Operating System
PBKDF2 Password-based Key Derivation Function 2 RTP Real-time Transport Protocol
PBX Private Branch Exchange S/MIME Secure/Multipurpose Internet Mail
PCAP Packet Capture Extensions
PCI DSS Payment Card Industry Data Security SaaS Software as a Service
Standard SAE Simultaneous Authentication of Equals
PDU Power Distribution Unit SAML Security Assertions Markup Language
D

PEAP Protected Extensible Authentication SAN Storage Area Network

Protocol
PED Personal Electronic Device
PEM Privacy Enhanced Mail
PFS Perfect Forward Secrecy
PGP Pretty Good Privacy
PHI Personal Health Information
PII Personally Identifiable Information
PIV Personal Identity Verification
PKCS Public Key Cryptography Standards
SAN Subject Alternative Name
SASE Secure Access Service Edge
SCADA Supervisory Control and Data Acquisition
SCAP Security Content Automation Protocol
SCEP Simple Certificate Enrollment Protocol
SD-WAN Software-defined Wide Area Network
SDK Software Development Kit
SDLC Software Development Lifecycle
SDLM Software Development Lifecycle
Methodology

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
Acronym Spelled Out Acronym Spelled Out
SDN Software-defined Networking TOE Target of Evaluation
SE Linux Security-enhanced Linux TOTP Time-based One-time Password
SED Self-encrypting Drives TOU Time-of-use
SEH Structured Exception Handler TPM Trusted Platform Module
SFTP Secured File Transfer Protocol TTP Tactics, Techniques, and Procedures
SHA Secure Hashing Algorithm TSIG Transaction Signature
SHTTP Secure Hypertext Transfer Protocol UAT User Acceptance Testing
SIEM Security Information and Event Management UAV Unmanned Aerial Vehicle
SIM Subscriber Identity Module UDP User Datagram Protocol

T
SLA Service-level Agreement UEFI Unified Extensible Firmware Interface
SLE Single Loss Expectancy UEM Unified Endpoint Management
SMS Short Message Service UPS Uninterruptable Power Supply
SMTP Simple Mail Transfer Protocol URI Uniform Resource Identifier
SMTPS Simple Mail Transfer Protocol Secure URL Universal Resource Locator
SNMP Simple Network Management Protocol USB Universal Serial Bus
SOAP
SOAR

SoC
SOC
SOW
SPF
SPIM
Response
AF
Simple Object Access Protocol
Security Orchestration, Automation,

System on Chip
Security Operations Center
Statement of Work
Sender Policy Framework
Spam over Internet Messaging
USB OTG
UTM
UTP
VBA
VDE
VDI
VLAN
VLSM
USB On the Go
Unified Threat Management
Unshielded Twisted Pair
Visual Basic
Virtual Desktop Environment
Virtual Desktop Infrastructure
Virtual Local Area Network
Variable Length Subnet Masking
SQL Structured Query Language VM Virtual Machine
SQLi SQL Injection VoIP Voice over IP
SRTP Secure Real-Time Protocol VPC Virtual Private Cloud
SSD Solid State Drive VPN Virtual Private Network
SSH Secure Shell VTC Video Teleconferencing
R
SSL Secure Sockets Layer WAF Web Application Firewall
SSO Single Sign-on WAP Wireless Access Point
STIX Structured Threat Information eXchange WEP Wired Equivalent Privacy
SWG Secure Web Gateway WIDS Wireless Intrusion Detection System
TACACS+ Terminal Access Controller Access Control WIPS Wireless Intrusion Prevention System
System WO Work Order
TAXII Trusted Automated eXchange of Indicator WPA Wi-Fi Protected Access
Information WPS Wi-Fi Protected Setup
D

TCP/IP Transmission Control Protocol/Internet WTLS Wireless TLS

Protocol XDR Extended Detection and Response
TGT Ticket Granting Ticket XML Extensible Markup Language
TKIP Temporal Key Integrity Protocol XOR Exclusive Or
TLS Transport Layer Security XSRF Cross-site Request Forgery
TOC Time-of-check XSS Cross-site Scripting

CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 2.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
CompTIA Security+ SY0-701 Hardware and
Software List
CompTIA has included this sample list of hardware and software to assist
candidates as they prepare for the Security+ SY0-701 certification exam.
This list may also be helpful for training companies that wish to create a

T
lab component for their training offering. The bulleted lists below each
topic are sample lists and are not exhaustive.

Equipment Software
• Tablet • Windows OS
• Laptop
• Web server
• Firewall
• Router
• Switch
• IDS
• IPS
AF • Linux OS
• Kali Linux
• Packet capture software
• Pen testing software
• Static and dynamic analysis tools
• Vulnerability scanner
• Network emulators
• Wireless access point • Sample code
• Virtual machines • Code editor
• Email system • SIEM
• Internet access • Keyloggers
• DNS server • MDM software
• IoT devices • VPN
R
• Hardware tokens • DHCP service
• Smartphone • DNS service

Spare Hardware Other

• NICs • Access to cloud environments
• Power supplies • Sample network documentation/diagrams
• GBICs • Sample logs
D

• SFPs
• Managed Switch
• Wireless access point
• UPS

Tools
• Wi-Fi analyzer
• Network mapper
• NetFlow analyzer

© 2023 CompTIA, Inc., used under license by CompTIA, Inc. All rights reserved. All certification programs and education related to such
programs are operated exclusively by CompTIA, Inc. CompTIA is a registered trademark of CompTIA, Inc. in the U.S. and internationally.
Other brands and company names mentioned herein may be trademarks or service marks of CompTIA, Inc. or of their respective owners.
Reproduction or dissemination prohibited without the written consent of CompTIA, Inc. Printed in the U.S. 10179-Jan2023