Start a practice session for CompTIA Security+ (SY0-701) below, or open the full app in a new tab.
For the best experience, open the full app in a new tab and navigate with swipes/gestures or the mouse wheel—just like on your phone or tablet.
▶ Click to Load Interactive App
Open Full App in a New Tab
A small set of questions is available for free preview.
Subscribers can unlock full access by signing in with the same account used on mobile.
Prefer to practice on your phone or tablet? Download the
AWS Exam Prep – AWS, Azure, GCP & CompTIA exam prep app for iOS
or
AWS Exam Prep app on Google Play (Android)
and then sign in with the same account on web to continue your sessions on desktop.
Tip: Begin with 20–25 question domain drills for weak areas, then move to mixed sets and full mocks . Aim for consistent ~75–80% before test day.
Suggested progression
Domain drills (daily): 2× 20–25 question sets focused on a single SY0-701 domain (Threats, Architecture/Design, Implementation, Ops/IR, GRC).Scenario sets (alternate days): 1× 20–25 questions emphasizing PBQ-style items (logs/pcaps, control selection, IR order).Mixed sets (weekly): 1× 30–40 questions combining 2–3 domains to build transfer.Full mocks (final 1–2 weeks): 2–3 complete exams mirroring live-exam tone/coverage. Review every miss and tag weak objectives.
Timeboxing
Domain set: ~30–35 minutes
Scenario set: ~35–45 minutes
Mixed set: ~55–65 minutes
Full mock: ~90 minutes (leave a buffer to revisit flagged items and PBQs)
Scoring & review
Mark + return: Flag uncertain items; review after you finish the set.Pattern log: Track recurring themes (e.g., SAML vs OAuth/OIDC , RBAC vs ABAC , WAF vs NGFW , CSPM vs CASB , IR phase boundaries , PKI revocation ).Turn misses into notes: Convert each theme into 1–2 “rules of thumb,” then re-drill that domain the next day.
IAM choices:
SSO: SAML (web SSO) • Delegation: OAuth 2.0 • Login on OAuth: OIDC.Prefer MFA and least privilege (RBAC/ABAC); use 802.1X/NAC at access.
Crypto/TLS:
Integrity → SHA-256/HMAC ; Transport → TLS 1.3 (ECDHE + AEAD) ; At rest → AES-GCM .
PKI → understand OCSP/CRL , stapling , cert types (DV/OV/EV, SAN, wildcard).
Network/Web:
App layer attacks → WAF ; network policy → NGFW/ACLs ; segmentation → VLANs/microsegmentation ; Wi-Fi → WPA3 , disable WPS .
Email auth → SPF/DKIM/DMARC ; DNS filtering; HSTS/CSP on web apps.
Cloud:
Shared responsibility varies by IaaS/PaaS/SaaS; detect misconfig with CSPM ; govern SaaS with CASB ; store secrets in vaults ; avoid long-lived keys.
Ops/IR:
IR order: Preparation → Identification → Containment → Eradication → Recovery → Lessons learned.Evidence: order of volatility; chain of custody; hash artifacts before/after.
What to pair with practice
Syllabus: Objective-by-domain outline → view
Cheatsheet: High-yield contrasts & quick pickers → open
Overview: Format, pacing, and 3–5 week plan → read
Tips for exam-style pacing
First pass fast: ~60–70 seconds per item; skip PBQs early and return later.Aim your reading: For long scenarios, read the final ask first, then scan for relevant details.Eliminate aggressively: Toss options that break least privilege , secure defaults , policy/safety , or order of operations (e.g., eradication before containment).Justify choices: Prefer preventive, auditable, and scalable controls over ad-hoc fixes.
Ready to drill?
Open the app above and choose:
Domain Drills: Threats • Architecture/Design • Implementation • Operations/IR • GRCScenario Sets: Logs/pcaps • Crypto/IAM picks • Control selection • IR orderingFull Mocks: Exam-length simulations with review mode
Exam snapshot
Certification: CompTIA Security+ — SY0-701Audience: Early-career security analysts/engineers, IT pros moving into security, career-switchers, studentsExperience target: ~1 year of hands-on IT/networking/security fundamentalsFormat: Multiple-choice (single/multiple) + PBQs (performance-based questions)Timing / count: Varies by form; keep a buffer to review flagged items
Study funnel: Read this Overview → work the Syllabus
Cheatsheet
Practice
What SY0-701 measures (by domain)
1) Threats, Attacks & Vulnerabilities
Social engineering, credential attacks, malware/ransomware, web/app exploits (XSS/SQLi/CSRF/SSRF), wireless & network attacks, supply chain, cloud misconfig; threat intel & attacker TTPs.
2) Architecture & Design
Secure network/cloud patterns, segmentation & microsegmentation, zero trust principles (verify explicitly, least privilege, assume breach), resiliency/BCP, secure data lifecycle.
3) Implementation
Identity & access (MFA, federation/SSO, RBAC/ABAC, 802.1X/NAC), endpoint/network/cloud controls (EDR, NGFW, WAF, VPN, CASB/CSPM), crypto & PKI (TLS, certs), email/web/DNS protections, automation.
4) Operations & Incident Response
Monitoring & telemetry (SIEM/UEBA/SOAR), triage, evidence handling, containment → eradication → recovery, forensics fundamentals, continuity planning.
5) Governance, Risk & Compliance (GRC)
Policies/standards/procedures, frameworks (NIST/ISO/CIS), risk treatments (accept/avoid/transfer/mitigate), privacy concepts, audits.
Readiness checklist (be honest)
zero trust and pick least-privilege, segmented designs in scenarios.SAML / OAuth 2.0 / OIDC and justify the choice.PKI/TLS basics (chains, OCSP/CRL, common cert types) and crypto contrasts (hash/HMAC/AES/RSA/ECDHE).controls (WAF for SQLi/XSS, NAC/802.1X, NGFW rules, EDR response).IR phases , order of volatility , and evidence handling.vulnerability scanning vs penetration testing and when to use each.
If you checked fewer than 6, slow down and spend two extra days on Cheatsheet sections + small labs.
Compact 3–5 week study plan
Week 1 — Threats & Foundations
Social engineering, common network/web attacks, wireless risks
Daily: 20–25 mixed questions (threats + controls)
Week 2 — Architecture & Zero Trust
Segmentation/microsegmentation, secure network/cloud patterns, data lifecycle
Lab: design a small zero-trust flow (IdP → PDP/PEP → resource)
Week 3 — IAM, Crypto & Implementation
SAML/OAuth/OIDC, RBAC/ABAC, 802.1X/NAC, TLS/PKI, endpoint/network controls
Lab: build an allow-list firewall policy; review cert chains
Week 4 — Operations, IR & Forensics
SIEM triage, alert → containment → eradication → recovery, chain of custody
Full mock #1 ; convert misses into 2-bullet rules; re-drill weak objectives
Week 5 (optional) — Polish
Full mock #2 ; targeted drills on IAM/crypto/IR/GRC; short labs (packet read, log triage)
High-yield workflows to memorize
Zero Trust quick logic
IR sequence
Crypto picks SHA-256 / HMAC • Transport: TLS 1.3 (ECDHE + AEAD) • At rest: AES-GCM • Signatures/KE: RSA/ECC/ECDH .
Scanning vs pentesting
PBQ expectations & practice ideas
Design PBQ: choose controls for a given architecture (segment, IAM, WAF/NGFW, VPN).Log/pcap PBQ: identify attack stage and pick the next action .IR PBQ: order steps correctly; separate containment from eradication.Crypto/IAM PBQ: select proper cert type or auth flow for a use case.
Small lab: 2–3 VMs + a test web app/container; capture traffic, raise mock alerts, practice triage decisions.
Exam-day tactics
First pass fast (~60–70s/item); flag PBQs & long stems for the end.Read long scenarios, then the final question to target your reading.
Prefer preventive , auditable , least-privilege answers with realistic ops.
Keep a 5–10 minute buffer to revisit flagged items and PBQs.
What to read next
Syllabus: domain objectives & quick links → Open
Cheatsheet: high-yield contrasts & pickers → Open
Practice: timed drills, mixed sets, full mocks → Start