Security+ Exam (SY0-401) Now Live
Many people have been querying me about the new SY0-401 Security+ exam. Here’s some information you might find valuable:
It went live in late April, 2014.- The last date to take the previous version (SY0-301) was December 31, 2014.
- No matter what version you pass, you’re still certified for three years
CompTIA Security+ SY0-401 is a popular certification within the IT field. One IT hiring manager told me that if a résumé doesn’t include the Security+ certification, or a higher-level security certification, he simply sets it aside. He won’t even talk to applicants.
That’s not the same with all IT hiring managers, but it does help illustrate the importance of security within the IT field.
Security+ Exam (SYO-401) Details
Some of the details on the exam include:
| Number of Questions: | Maximum of 90 |
| Question types: | Multiple choice and performance based |
| Exam format: | Traditional—can move back and forth to view previous questions |
| Time to complete exam: | 90 minutes (does not include time to complete pretest and post-test surveys) |
| Passing score: | 750 (on a scale of 100 to 900) |
| Price: | $302 Discounted vouchers available here |
| Exam prerequisites: | None required but Network+ is recommended |
| Exam test provider: | Pearson Vue |
| Study Guide: | CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide |
| Practice Test Questions | CompTIA Security+ SY0-401 Practice Test Questions |
Since CompTIA began adding in the new performance based questions to the Security+ exam, they rarely give you the maximum number of questions. Instead, you can expect to get somewhere between 70 and 90 multiple choice questions and between three and ten performance based questions.
Get Security+ Study Packages Here
CompTIA Security+ SY0-401 is one of the options for certifications required by the U.S. Department of Defense for military personnel and military contractors engaged in information assurance activities. Having this certification makes you more marketable for these types of contractor jobs, which can be very lucrative.
Pass the First Time with the
CompTIA Security+ Get Certified Get Ahead: SY0-401 Study Guide
A Kindle version of the CompTIA Security+ Get Certified Get Ahead: SY0-401 Study Guide
Security+ Exam Number of Questions and Duration
You have 90 minutes to complete up to 90 questions. This gives you about one minute per question. Don’t let this scare you; it’s actually a good thing. With only about a minute to read and answer a question, you know the questions can’t be very long. The exception is the performance-based questions, but you’ll only see a few of those.
Exam Domains for Security+ Exam (SY0-401)
The Security+ exam objectives are divided into the following domains, or general topic areas.
| Domain | % of Examination |
| 1.0 Network Security | 20% |
| 2.0 Compliance and Operational Security | 18% |
| 3.0 Threats and Vulnerabilities | 20% |
| 4.0 Application, Data and Host Security | 15% |
| 5.0 Access Control and Identity Management | 15% |
| 6.0 Cryptography | 12% |
Security+ Exam Beta Questions
Your exam may have some beta questions. They aren’t graded but instead are used to test the validity of the questions. If everyone gets a beta question correct, it’s probably too easy. If everyone gets it incorrect, there’s probably something wrong with the question. After enough people have tested a beta question, CompTIA personnel analyze it and decide if they want to add it to the test bank, or rewrite and test it as a new beta question.
The good news is that CompTIA doesn’t grade the beta questions. However, you don’t know which questions are ungraded beta questions and which questions are live questions, so you need to treat every question equally.
Get Security SY0-401 Practice Test Questions Here
Security+ Exam Prerequisites
All that is required for you to take the exam is money. Other than that, there are no enforced prerequisites. However, to successfully pass the exam, you’re expected to have at least two years of experience working with computers in a networking environment. If you have more than that, the exam materials will likely come easier to you. If you have less, the exam may be more difficult.
How to Pass the Security+ Exam (SY0-401)
There isn’t any guaranteed path to passing the Security+ exam (SY0-401) . However, the following steps outline the path that thousands of people have used to add the Security+ certification to their resume.
- Get a good study guide. The CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide
- Set a goal 45 days out from the day you receive your study guide.
- Start studying the book.
- Supplement your studies with online materials such as blog posts.
- Buy your voucher for your target date. You can get a discount on your voucher here.
- Schedule your exam for your target date.
- Only use practice test questions with explanations. You can use the questions from the study guide or supplement them with other sources.
A target of 45 days allows you to master about one and a half chapters per week. It may be that some of the chapters take you less time and some of the chapters take you more time. No problem. If you want to modify your target date later or reschedule your exam, do so. However, a recipe for success in almost any endeavor includes setting a goal.
When using practice test questions, it’s important to use practice test questions with explanations. Practice test questions without explanations are often incorrect causing you to memorize false information without understanding why. Practice test questions with explanations allow you to understand the reasoning so that you can correctly answer the questions no matter how CompTIA words them.
Security+ Exam Performance-Based Questions Strategy
You’ll see the performance-based questions first and they take much longer than typical multiple-choice questions. If the answer is clear to you, then by all means, take the time to answer it. However, if the question isn’t clear, mark the question and skip it. You can come back to it later. It’s entirely possible that the question is a poorly worded beta question that doesn’t even count. However, if you spend 45 minutes on it, you might run out of time before you finish the multiple-choice questions.
Performance-based questions have occasionally caused problems for the test systems. A common problem is that instead of displaying the question, the screen is mostly blank. If this happens, you can often just use the reset button for the question. This allows you to move past the problem and continue with the test. However, resetting the question erases any answer you’ve entered.
It’s common for people to be nervous when thinking about these performance-based test questions. However, the majority of people who take the test say that these questions really aren’t that difficult. As long as you understand the concepts from the exam objectives, you won’t have any problem. I do recommend you check out the posts on performance-based questions that I’ve posted here.
Get Simulated Performance-based Questions Here
If you’re interested in the differences between the SY0-301 and SY0-401 exams, check out this series of posts:
- SY0-401 Differences in Domains
- Differences in Network Security
- Differences in Compliance and Operational Security
- Differences in Threats and Vulnerabilities
- Differences in Application, Data and Host Security
- Differences in Access Control and Identity Management
- Differences in Cryptography
- Differences in Acronyms
Hello, Darril
I purchased your SY0-401 Review and Study guides and they are my main study tools. My exam is scheduled for Monday 9/28. Any last words of advice? It’s my first certification exam. I’ve been reading the blogs and they said it was harder than they expected. Thanks
The biggest thing I’d suggest is to ensure you can look at any of the practice test questions and identify why the correct answers are correct and why the incorrect answers are incorrect. Your score on a practice test isn’t as important as your understanding.
Also, make sure you read up on the performance-based questions. This page has links to several blog posts.
This site has several groups of performance-based questions.
Good luck.
I passed SY0-401! Exam was difficult, they really make you think. Your study guide was the key. I studied it so much I memorized the paragraphs. The layout is great and easy to comprehend.
Thanks!
Congratulations. That’s always great to hear and good to know the study guide helped you.
Good luck with your next adventure.
Darril:
Good evening. I recently graduated with my MBA with a specialization in computer and information security. While I am not currently working in a security-related position, I know having certifications is a great way to get ahead regardless of the degree. I have been taking a look at your book and based on the reviews and what I have seen so far previewing it online, I’m heavily leaning towards purchasing this to assist me in hopefully passing the Security+ exam. My question for you is: based on all of the other material available out there for the exam, why your book? Why should yours be the one I use to assist me on this journey? Thanks and I hope you’re doing well.
> Why
> Why
I hear from people almost daily telling me they’ve passed using this book and/or resources on on this site.
i used your book and practice questions to pass the test in 2011. I let my certification expire because 2 years ago I obtained my CISSP and for my job I didn’t need to keep my Security+. Well fast forward to 2015 I move to the Greater NY area and I need both CISSP and Security+. I see that the test has greatly changed since 2011. The first thing I did was download a copy of your latest Get Certified, Get Ahead for security+ SY0-401 and the matching Test Question book. in 5 days I had passed the new 401 test.
The first time around your rescuers were the only study materials I had and round two they were the only study materials I used. And for both testing sessions I only took the test once and passed. The thing that was the best for me was the explanation for the questions and understanding why I was getting questions wrong. It truly made the difference.
I have over the years recommended only your resources for passing this exam and will continue.
Rochelle C.
Congratulations Rochelle. That’s great news and I appreciate the kind words. So glad to hear that the Get Certified Get Ahead for Security+ SY0-401 study guide and the matching test question book helped you. Thanks for the recommendations.
See you in three years:).
Darril
Just took the Security+ 401 test today and passed. Used the practice tests on this site and read the Comptia Security +. It would have been helpful if there were more performance based test questions.
Congrats on the pass Michael. Of course, there are many more performance-based practice test questions on the premium site, but cool that you passed without needing them. It’s a tough exam.
Good luck with your next adventure.
I have took this test 2 times in the last 2 months. I have purchased all kinds of study books and material. I still failed. I don’t know what the heck I am doing wrong. I know I past the Sims. I have been in the network field working with switches and routers and firewalls for and servers for 20 years. I do panic on test though. I am going to try one more time and use your book this time. Maybe I will pass on the 3rd try.
Hi Sarah,
First, I applaud your persistence and wish you the best of luck on the next attempt. A couple of things come to mind.
1) This book on this page is for the 401 exam. I recommend you stick with the 301 exam and use materials for it. The CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide has helped many people pass this exam the first time they took it. (http://ow.ly/DIWfh )
2) Not sure if you’ve been using practice test questions without explanations, but if so, that can be the problem. Many of these have incorrect answers causing people to memorize the wrong things. All of my practice test questions have explanations and I encourage you to read them. Ideally, you should be able to know why the incorrect answers are incorrect and why the correct answers are correct. This way, no matter how CompTIA words the questions, you’ll still be able to answer them correctly.
3) If you’re looking for online practice test questions with a testing engine, check out this site: http://gcgapremium.com/. Many of the questions are derived from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide but allow you to practice them in a realistic test engine.
Good luck.
Hello Mr Gibson,
I passed 201 about 3 years ago thanks to your book, but have been going to grad school the past two years (I have not been employed doing security management for the last 2 years) . I think I’m ready for 301 but am wondering how much time you think is good for someone that understands the principles of your 301 security + book. I’ve been reading for about a week and am getting about one or two wrong at the end of chapter reviews. Do you think 2 weeks is adequate preparation for someone that already understands the basics?
Also, I’m not someone that isn’t is hands on from a security perspective (IAO type). For some reason, I’ve always been employed doing more communication and oversight of small to large IT projects (generally above IAMs – more strategic), would you recommend CISSP, or CISM? To the potential employer, I suppose the CISSP is more attractive than the CISM, but I think I excel more with relationship based management over hands on application. Hence, I’m wondering which test may be more in line with my personality and experience. Your thoughts?
Thanks!
Some people take and pass the exam after reading the book for a weekend. Some people take six to eight weeks.
The best gauge is your understanding. In other words, do you understand why the correct answers are correct and why the incorrect answers are incorrect. This is much more important that your scores in the practice exams. If you understand the content, you’ll be able to answer the questions correctly, no matter how CompTIA words them.
Also, make sure you read up on the performance-based questions. This page has links to multiple blogs on them: https://blogs.getcertifiedgetahead.com/security-blog-links/#Performance
Sorry, but I’m not close enough to CISM to give an opinion.
Good luck.
Darril
Here’s the link: http://www.amazon.com/Systems-Security-Certified-Practitioner-Guide/dp/0071771565/
The ISBN you list doesn’t look correct.
(ISC)2 has procedures you can use if you don’t know any SSCPs. However, during your studying, you’re likely to come across people that are and can help.
Good luck.
Hello Mr. Gibson,
I purchased your Security + exam book Get Certified Get Ahead (SY0-301 Study Guide) and it help me pass my exam. My next exam I want to take is SSCP. I checked on amazon.com for your book and I want to confirm with you the ISBN number. 978-0-07-177153-5, Hardcover $35.84, is this the latest book that you have out right now for SSCP study? Also, when I do pass the SSCP exam, I’m going to need someone to endorse me. I have worked in this field in the military for over 20 plus years, but I’m still going to need someone that is SSCP qualified to endorse me. Currently, I don’t know anyone that is. What is your recommendation on this? Thank you for your time and attention and I look forward to getting your book and start toward obtaining my SSCP certification. All feed back is appreciated.
Hi, how difficult is it to pass the Security+ exam? I am an IT student and have taken 1 class 2 semesters ago on security and have the SY0-301 book and have access to some questions. Is studying just this enough? Thanks
> how difficult is it to pass the Security+ exam?
It’s easy if you understand the content.
It’s impossibly difficult if you don’t.
>I am an IT student and have taken 1 class 2 semesters ago on security and have the SY0-301 book
Attending a class on security may not help at all. It depends on the content, how it relates to Security+, your understanding of the concepts, and how much you retained.
> and have the SY0-301 book
Many people have told me that they took and passed the exam after reading the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide. Some people read it multiple times. Some people read it over the weekend. It depends on how much knowledge you have before you start reading it. That said, I’m not sure which book you have.
>and have access to some questions
I’d suggest you make sure you use practice test questions that have explanations. Many questions without explanations have incorrect answers. They encourage people to memorize the wrong content resulting in more than a few failed exams.
This site (http://gcgapremium.com/security/pass-the-security-exam-the-first-time-you-take-it/) has several study packages with over 500 questions all with in-depth explanations so that you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
Hope this helps.
Hey, darril compTIA policy say’s that certification w’l be revoked if found using unauthorised study materials. What are those unauthorised study materials and how they came to know that we are using unauthorised study materials. Plzzz clear this doubt. Regards Dinesh.
Hi Dinesh,
Here’s the CompTIA page and their list: http://certification.comptia.org/Training/testingcenters/policies/unauthorized.aspx
The primary way I understand that CompTIA knows people are using those materials is that they brag about it.
Hey Darril
When will your upgraded book be available?
thanks
alex
I’m shooting for mid-September, but CAQC reviews might slow it down. I expect to have a course online with the course content by mid-September here http://gcgapremium.com/ and hope to have a free sample available there sometime in the next week. I’ll announce everything in the newsletter. You can sign up here: http://eepurl.com/g44Of
I’m thinking about security + certified. Is there an advantage or disadvantage to take the 301 test now instead of the 401 test? Will being certified with the 401 exam give me and advantage over being certified in the 301 exam? Meaning will it look better on my resume or will it not matter which exam I take?
Hi Pete,
There isn’t any advantage of one over the other, at least from the perspective of resumes and hiring managers.
For example, you don’t list the version on your resume. You only list Security+ certified. A hiring manager might ask you when you got it, but that is only because they’re interested in when it expires. Both expire three years after you take it unless you renew it earlier.
Right now, there’ s a lot of good study material for the 301 version, so I’d suggest you take it. If you get some study materials, you can be certified within 45 days just as many others have.
Some people such as “Tim” finish within a week of getting a good study guide:
https://blogs.getcertifiedgetahead.com/security-blog-links/#comment-64086
Good luck.
I am a DBA and wanted to swich to security. What is your advice?
Do it. I’d suggest starting with Security+ and then you expand out from there based on your interests.
I am ready to take the test but my question is if it expires in December or do I still get the 3 years for the ce points?
You still get the three years.
The test expiration date just refers to the last date it offers.
Good luck.
Hi Claudia,
If you have the SY0-301 book, I strongly suggest you take the SY0-301 exam. It will be available until December 31, 2014.
This site has the questions from the book along with many more in a test engine: http://gcgapremium.com/security/pass-the-security-exam-the-first-time-you-take-it/
The full package includes practice test questions, flashcards, and audio, but you can also get just the questions if that’s what you want.
In time, I’ll update the book to the 401 version, and put 401 resources on the http://gcgapremium.com/ site, but not by June.
Good luck.
i have your syo-301 book, i want to take the syo-401 test in say june / summer …. will you ever put those questions in an engine or pdf… i am dyslexic n its so hard to get thru a book without having questions i can go over again n again without paging n paging thru … i am stuck in the sys admin role for very long time n need n want to get out… love security but i have no viable colleagues n guys are not very welcoming when it comes to sharing the knowledge…. any pointers for this struggling techie ….
Are you coming out with a booik for SYO-401?
Hi Danny,
Yes. Absolutely, I’ll be updating the SY0-301 book for the 401 version of the exam.
And you might want to know the timeline.
I don’t have a clear timeline at the moment. I’m in the middle of two large projects and when these are done, I will switch my attention to the SY0-401 version of the study guide. If you want to stay updated on my progress, you can subscribe to the Get Certified Get Ahead newsletter. Sign up now and you’ll also get a free excerpt of chapter 1 of the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.
That said, if you want to get certified, it’s best to get certified now in the 301 version instead of waiting.
I am looking for the SYO-401 book, if its available where can I find it?
My new job is requiring all IT to get there Security + certicate along with getting our ccert for Windows Server 2012. I need all the study notes/books/materials out there.
Thanks,
Darren
It’s now available in a Kindle version here: http://ow.ly/BKctJ
Is their a PDF version available for sale?
PDF versions aren’t available but a Kindle version is. Amazon makes free apps you can use with just about any platform to read Kindle books. You don’t need to have an actual Kindle.
When is the release date for the hard copy? Thanks!
I expect the paperback copy to be out by the end of October. I’m waiting on the review to get it approved as CompTIA Approved Quality Content (CAQC).