CertVector

CompTIA Security+ SY0-701

A practical early-career cybersecurity exam covering threats, architecture, operations, risk, governance, and security concepts.

Sign in

Exam facts

Exam code

SY0-701

Questions

Maximum of 90

Duration

90 minutes

Format

Multiple-choice and performance-based questions

Passing score

750 on a 100-900 scale

Recommended experience

CompTIA Network+ and two years in a security or systems administrator role

CertVector bank: 707 managed questions.

Last updated: Jul 1, 2026

Last reviewed: Jun 9, 2026

SY0-701 domains

1.0

General Security Concepts

12%

Security controls, CIA, AAA, zero trust, change management, and cryptographic concepts.

2.0

Threats, Vulnerabilities, and Mitigations

22%

Threat actors, attack surfaces, vulnerabilities, malicious activity, and mitigation techniques.

3.0

Security Architecture

18%

Secure infrastructure, cloud, virtualization, data protection, resilience, and recovery.

4.0

Security Operations

28%

Hardening, asset management, vulnerability management, monitoring, IAM, automation, and incident response.

5.0

Security Program Management and Oversight

20%

Governance, risk, third-party risk, compliance, audits, assessments, and security awareness.

Public demo

Security+ demo scenario

This is an original sample format preview. It is not pulled from the live question bank.

A help desk technician needs temporary access to reset MFA for a locked-out employee. The access should expire automatically after the ticket is resolved. Which approach best supports least privilege?

A. Add the technician to a permanent global admin group.
B. Use just-in-time privileged access with approval and automatic expiration.
C. Share a senior administrator account for the reset window.
D. Disable MFA for the department until the issue is fixed.
Show answer and rationale

Answer: B

Just-in-time privileged access grants only the needed role, for a limited period, with an approval trail. That matches least privilege better than permanent or shared admin access.

How CertVector prepares you

Use a baseline drill, let Smart Review identify weak domains, run timed simulations, and use AI tutor explanations when a rationale does not click.