The Security+ exam encompasses five skill sets, and each is weighted according to the percentages shown in Table 1.1.
Table 1.1. Weighted Objectives
Domain
Skill Set
Weight
1.0
General Security Concepts
30%
2.0
Communication Security
20%
3.0
Infrastructure Security
20%
4.0
Basics of Cryptography
15%
5.0
Operational/Organizational Security
15%
Here is a quick breakdown of the various domains:
Domain 1.0 (General Security Concepts) You need to be proficient in several aspects of access control, authentication, attacks, malicious code, social engineering, and auditing.
Domain 2.0 (Communication Security) Tests your knowledge of remote access, email, Web, directory, file-transfer, and wireless technologies as well as the vulnerabilities associated with each.
Domain 3.0 (Infrastructure Security) Requires that you be familiar with network devices and media, security topologies, intrusion detection, and security baselines.
Domain 4.0 (Basics of Cryptography) Tests your understanding of algorithms as well as the concepts of using and deploying cryptography and PKI.
Domain 5.0 (Operational/Organizational Security) Assesses your ability to plan physical security, disaster recovery, business continuity, and policy and procedures.