CompTIA Security+ (SY0-701) Exam Guide

The **CompTIA Security+** certification is the global baseline standard for starting in cybersecurity. It is vendor-neutral and validates the core skills necessary to perform core security functions and pursue an IT security career.

Which attack involves sending targeted fraudulent emails to steal confidential information from a specific user?

Answer : Spear Phishing.

Unlike mass phishing, spear phishing is personalized and often targets a specific organization or individual.

Which security principle involves granting only the minimum necessary rights to a user for their job?

Answer : Least Privilege.

Limiting rights reduces the attack surface and the potential impact of a compromised account.

What type of malware encrypts a victim's files and demands payment to decrypt them?

Answer : Ransomware.

Ransomware blocks access to vital data, often forcing companies to pay or restore from backups.

Which protocol secures web communications by encrypting data between the browser and the server?

Answer : HTTPS (using TLS).

TLS ensures confidentiality, integrity, and authenticity of data exchanged over the web.

What is a 'Zero-day' vulnerability?

Answer : A security flaw unknown to the software vendor for which no patch yet exists.

These flaws are critical because standard defenses can often be bypassed before a patch is released.

Related Certifications

• CompTIA CySA+ (Cybersecurity Analyst)
• CompTIA PenTest+
• CompTIA CASP+ (Advanced Security Practitioner)
• CompTIA Cloud+
• CompTIA Network+

Local Testing

• CompTIA Security+ in FR
• CompTIA Security+ in CA
• CompTIA Security+ in MA
• CompTIA Security+ in BE
• CompTIA Security+ in CH

Careers

• CompTIA Security+ for cloud architect
• CompTIA Security+ for devops engineer
• CompTIA Security+ for data scientist
• CompTIA Security+ for security analyst
• CompTIA Security+ for project manager