CompTIA · Official Blueprint · Last reviewed May 2026

SY0-701 Exam Domains & Blueprint

The official CompTIA SY0-701 exam covers 5 domains. Domain weights tell you exactly how much of the exam each topic represents — and where to invest your study time.

Exam Overview Practice Test Study Guide Sample QuestionsExam Domains

SY0-701 Domain Weight Summary

#DomainWeightQuestions

1General Security Concepts

12%

126 practice Q

2Threats, Vulnerabilities, and Mitigations

22%

235 practice Q

3Security Architecture

18%

199 practice Q

4Security Operations

28%

267 practice Q

5Security Program Management and Oversight

173 practice Q

Detailed Domain Breakdown

12%

Domain 1: General Security Concepts

126 practice questions

Security controls (technical, managerial, operational), cryptography fundamentals, PKI, authentication protocols, and core security principles.

Practice General Security Concepts questions

22%

Domain 2: Threats, Vulnerabilities, and Mitigations

235 practice questions

Threat actor types and motivations, common attack techniques (phishing, SQL injection, ransomware), vulnerability scanning, and mitigation strategies.

Practice Threats, Vulnerabilities, and Mitigations questions

18%

Domain 3: Security Architecture

199 practice questions

Network segmentation, zero trust architecture, cloud security models, virtualisation security, and resilience/redundancy design.

Practice Security Architecture questions

28%

Domain 4: Security Operations

267 practice questions

Incident response lifecycle, digital forensics, threat hunting, SIEM/SOAR tools, log analysis, and security automation.

Practice Security Operations questions

Domain 5: Security Program Management and Oversight

173 practice questions

Risk management frameworks, data governance, compliance, third-party risk management, and privacy regulations.

Practice Security Program Management and Oversight questions

How to Use Domain Weights in Your Study Plan

The heaviest domain on the SY0-701 is "General Security Concepts" at 12%. Start here and return to it regularly.

Allocate study time proportional to domain weight — a 25% domain deserves roughly 25% of your prep hours.

Never skip a low-weight domain. A 10% domain still represents 5–7 exam questions — enough to make the difference between pass and fail.

Use Courseiva domain analytics to track your accuracy per domain automatically. The system routes extra questions to your weak areas.

Practice every SY0-701 domain

Courseiva tracks your accuracy per domain automatically and routes you toward your weakest areas — no manual configuration needed.

Free Practice Test Start Practising

SY0-701 Concept Guides

CIA Triad

Three principles sit at the foundation of every security decision ever made: Confidentiality, Integrity, and Availability.

PKI & Certificates

Every time your browser shows a padlock icon, PKI is working in the background.

Zero Trust

The old security model assumed that anything inside the corporate network could be trusted.

Incident Response

When a breach happens, the organizations that limit damage are the ones that have a plan before the attacker arrives.

Risk Management

Security spending without a framework is guesswork.

Cryptography

Cryptography is the engine behind every secure connection, every encrypted file, and every digital signature you rely on without thinking about it.

Related Exam Domains

N10-009

CompTIA Network+

CS0-003

CompTIA CySA+

CAS-004

CompTIA CASP+

AZ-500

Azure Security Engineer

ISC2 Certified in Cybersecurity