✕
📋 Security+ SY0-701 Exam Strategy
⏱️ TIME MANAGEMENT (90 min, max 90 questions)
- Skip PBQs first. Performance-Based Questions appear at the start — flag them and come back. They eat time. Do multiple choice first.
- 60 seconds per question max. Flag and move on. You can review flagged questions at the end.
- Save 15-20 min for PBQs and review at the end.
- Answer EVERY question. No penalty for guessing. Never leave a blank.
🎯 ELIMINATION STRATEGY
- Eliminate absolutes. Words like "always," "never," "all," "none" are usually WRONG. Security is about context.
- "BEST" and "MOST" = there are multiple right answers. Pick the MOST correct/complete one. Think like a manager, not a technician.
- Two similar answers? One of them is probably correct — the exam is testing whether you know the difference.
- Overly complex answer? CompTIA usually favors the straightforward, industry-standard solution.
- Read ALL choices before answering. The first plausible answer isn't always the best one.
🧠 THE COMPTIA MINDSET
- Think like a security manager, not a hacker. CompTIA wants the POLICY answer, not the cool technical trick.
- Defense in depth. If an answer combines multiple controls, it's often better than a single solution.
- Least privilege + separation of duties are almost always good answers when they appear.
- "What should you do FIRST?" = Usually: check the policy, assess risk, or contain the incident. NOT jump to technical fixes.
- Incident response order: Preparation → Detection → Containment → Eradication → Recovery → Lessons Learned. They WILL test the order.
- Risk questions: Know the formulas cold. SLE = AV × EF. ALE = SLE × ARO. They're free points.
📊 WHERE THE POINTS ARE
- Domain 4: Security Operations = 28% — nearly 1/3 of the exam. Drill this HARD.
- Domain 2: Threats = 22% — know your attack types cold.
- Domain 5: Governance = 20% — frameworks, compliance, risk formulas.
- Domain 3: Architecture = 18% — ports, cloud models, resilience.
- Domain 1: General = 12% — smallest but foundational. CIA triad, crypto basics.
- Focus 70% of study time on Domains 4+2+5 — that's 70% of the exam!
🔢 MUST-MEMORIZE ITEMS
- Ports: 21(FTP), 22(SSH), 23(Telnet), 25(SMTP), 53(DNS), 80(HTTP), 88(Kerberos), 110(POP3), 143(IMAP), 161(SNMP), 389(LDAP), 443(HTTPS), 445(SMB), 636(LDAPS), 993(IMAPS), 1433(MSSQL), 1812(RADIUS), 3306(MySQL), 3389(RDP)
- Crypto: AES=symmetric king, RSA=asymmetric, SHA-256=hashing, MD5/SHA-1=broken, PBKDF2/bcrypt=key stretching
- IR Order: Prep→Detect→Contain→Eradicate→Recover→Lessons
- Risk: SLE=AV×EF, ALE=SLE×ARO, Risk=Likelihood×Impact
- RAID: 0=stripe, 1=mirror, 5=stripe+parity(3+), 6=double parity, 10=1+0
- DR Sites: Hot(instant)→Warm(partial)→Cold(empty)
- Backup: Full→Differential(since last full)→Incremental(since last any)
🏆 DAY-OF TIPS
- Brain dump first. As soon as the timer starts, write down ports, formulas, and IR order on the provided whiteboard/notepad.
- Read the question TWICE. CompTIA loves tricky wording — "LEAST likely," "BEST," "FIRST."
- 750/900 to pass (83%). You can miss some. Don't panic over hard questions.
- PBQs are partial credit. Even if unsure, attempt them — partial points count.
- Trust your gut on the first pass. Studies show first instinct is usually right. Only change if you find clear evidence.
💡 "The exam tests whether you think like a security professional. Technical knowledge gets you to 70% — the security mindset gets you to pass."
— Built by Beeglie 🐝 for the Cyber Duo 🔐