Home > Articles > CompTIA > Security+

  • Print
  • + Share This
Like this article? We recommend Exam Objectives

Exam Objectives

You can retrieve a full listing of the all the objectives for the SY0-301 Security+ exam here. The following list provides an overview of the topics that are covered in each of the domains.

Network Security

  • Explain the security function and purpose of network devices and technologies
  • Apply and implement secure network administration principles
  • Distinguish and differentiate network design elements and compounds
  • Implement and use common protocols
  • Identify commonly used default network ports
  • Implement wireless network in a secure manner

Compliance and Operational Security

  • Explain risk related concepts
  • Carry out appropriate risk mitigation strategies
  • Execute appropriate incident response procedures
  • Explain the importance of security related awareness and training
  • Compare and contrast aspects of business continuity
  • Explain the impact and proper use of environmental controls
  • Execute disaster recovery plans and procedures
  • Exemplify the concepts of confidentiality, integrity and availability (CIA)

Threats and Vulnerabilities

  • Analyze and differentiate among types of malware
  • Analyze and differentiate among types of attacks
  • Analyze and differentiate among types of social engineering attacks
  • Analyze and differentiate among types of wireless attacks
  • Analyze and differentiate among types of application attacks
  • Analyze and differentiate among types of mitigation and deterrent techniques
  • Implement assessment tools and techniques to discover security threats and vulnerabilities
  • Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning

Application, Data and Host Security

  • Explain the importance of application security
  • Carry out appropriate procedures to establish host security
  • Explain the importance of data security

Access Control and Identity Management

  • Explain the function and purpose of authentication services
  • Explain the fundamental concepts and best practices related to authentication, authorization and access control
  • Implement appropriate security controls when performing account management


  • Summarize general cryptography concepts
  • Use and apply appropriate cryptographic tools and products
  • Explain the core concepts of public key infrastructure
  • Implement PKI, certificate management and associated components
  • + Share This
  • 🔖 Save To Your Account