SY0-701 Exam Domains and Weighting

The CompTIA Security+ SY0-701 exam was released in November 2023, replacing SY0-601. It consists of a maximum of 90 questions, with a mix of multiple-choice and performance-based questions (PBQs). You have 90 minutes to complete the exam. The passing score is 750 on a scale of 100-900. The exam covers five domains, each with a specific weighting that reflects how many questions fall within that domain. Understanding the domain structure helps you prioritize your study time based on how heavily each area is tested.

Domain 1: General Security Concepts accounts for approximately 12% of the exam — about 11 questions. This domain covers foundational security principles that underpin everything else: the CIA triad (Confidentiality, Integrity, Availability), authentication and authorization concepts, cryptographic foundations (symmetric/asymmetric encryption, hashing, PKI), the difference between security control types (technical, managerial, operational) and categories (preventive, detective, corrective, deterrent, compensating). Questions in this domain test your understanding of why security controls exist and the theoretical framework for organizing them.