CompTIA Security+ (SY0-701) Resources — Official Docs, Frameworks, Tools & Labs
A curated, blueprint-aligned list for SY0-701: official CompTIA pages, security frameworks (NIST/ISO/CIS), OWASP & MITRE, cloud/shared-responsibility guides, crypto/PKI references, incident response/forensics, and vetted open-source tools and lab ideas.
On this page
Use this page as your launchpad. Pair it with the Syllabus, Cheatsheet, and Practice.
CompTIA official
- Security+ (SY0-701) exam page — outline, pricing, languages, scheduling
https://www.comptia.org/certifications/security - Exam objectives (download) — blueprint we map our syllabus to
https://www.comptia.org/certifications/security/exam-details - Candidate handbook & policies — IDs, rules, retakes, accommodations
https://www.comptia.org/testing - Continuing Education (CE) & renewal — CEUs and activities
https://www.comptia.org/continuing-education - Pearson VUE scheduling — in-person or online proctoring
https://home.pearsonvue.com/comptia
Core frameworks & references (GRC)
- NIST Cybersecurity Framework (CSF) — identify/protect/detect/respond/recover
https://www.nist.gov/cyberframework - NIST Risk Management Framework (RMF) — categorize → select → implement → assess → authorize → monitor
https://csrc.nist.gov/projects/risk-management - NIST SP 800-53 (controls catalog) • SP 800-61 (Computer Security Incident Handling) • SP 800-37 (RMF)
https://csrc.nist.gov/publications - ISO/IEC 27001/27002 — ISMS & control practices
https://www.iso.org/standard/27001 - CIS Critical Security Controls — prioritized safeguard set
https://www.cisecurity.org/controls - SOC 2 (Trust Services Criteria) — audit lens for service orgs
https://www.aicpa-cima.com/resources/article/soc-2-faq
Threats, testing & intel
- MITRE ATT&CK® — adversary TTP knowledge base
https://attack.mitre.org/ - CISA — alerts, advisories, known exploited vulnerabilities (KEV)
https://www.cisa.gov/ - NVD / CVE — public vulnerability database and identifiers
https://nvd.nist.gov/ • https://www.cve.org/ - OWASP Top 10 & Cheat Sheets — appsec risks and secure coding patterns
https://owasp.org/www-project-top-ten/ • https://cheatsheetseries.owasp.org/ - PTES (Penetration Testing Execution Standard) — methodology overview
http://www.pentest-standard.org/
Identity & access (IAM)
- NIST Digital Identity Guidelines (SP 800-63) — authentication/MFA guidance
https://pages.nist.gov/800-63-3/ - SAML, OAuth 2.0, OIDC — standards hubs & primers
https://docs.oasis-open.org/security/saml/ • https://oauth.net/2/ • https://openid.net/connect/
Crypto, TLS & PKI
- TLS 1.3 overview and best practices (IETF / vendor primers)
https://datatracker.ietf.org/doc/rfc8446/ - Public Key Infrastructure basics (cert chains, OCSP/CRL, stapling)
https://letsencrypt.org/docs/ - Cryptographic toolkit (OpenSSL, GnuPG guides)
https://www.openssl.org/docs/ • https://gnupg.org/documentation/
Cloud & container security
- Shared responsibility models (IaaS/PaaS/SaaS)
- CSPM/CASB fundamentals — posture & SaaS governance (vendor-neutral primers)
https://cloudsecurityalliance.org/ - Containers/Kubernetes security — image signing, runtime controls, RBAC
https://kubernetes.io/docs/concepts/security/
Operations, IR & forensics
- NIST SP 800-61 — Incident Handling Guide
https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final - SANS digital forensics posters & DFIR resources (free references)
https://www.sans.org/posters/ - Chain of custody & evidence handling (forensics primers)
https://www.nist.gov/itl/ssd/cybersecurity - BCP/DR basics — RTO/RPO, exercises, continuity concepts
https://www.ready.gov/business-continuity-plan
Email, web & DNS protections
- SPF / DKIM / DMARC — implementing email authentication
https://dmarc.org/overview/ - Web app defenses — WAF fundamentals, HSTS, CSP, SRI (see OWASP Cheat Sheets)
https://cheatsheetseries.owasp.org/ - DNSSEC / DoT / DoH — integrity & privacy for DNS
https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en
Tools you should recognize (open-source or free tiers)
- Recon/Scanning: Nmap, Nikto, OpenVAS/Nessus (community/learners)
https://nmap.org/ • https://www.openvas.org/ - Traffic & logs: Wireshark, Zeek, tcpdump, Elastic/Logstash/Kibana (ELK)
https://www.wireshark.org/ • https://zeek.org/ - Web testing: OWASP ZAP, Burp (community)
https://www.zaproxy.org/ • https://portswigger.net/burp/communitydownload - Exploitation lab: Metasploit Framework
https://www.metasploit.com/ - Endpoint/Windows triage: Sysinternals (ProcMon, Autoruns, TCPView)
https://learn.microsoft.com/sysinternals/ - Forensics: Volatility, Autopsy/Sleuth Kit, hash utilities
https://www.volatilityfoundation.org/ • https://www.sleuthkit.org/autopsy/ - Scripting: PowerShell docs, Python docs
https://learn.microsoft.com/powershell/ • https://docs.python.org/3/
Safe hands-on labs (free or low-cost)
- Blue-team mini-SOC: 2–3 VMs (Linux + Windows) with a syslog stack (ELK) and sample logs; practice detection → triage → IR decisions.
- Web app & WAF practice: Run OWASP Juice Shop in a container; test input validation and see WAF rule effects (in a lab only).
- TLS/PKI drill: Generate a test CA, issue a leaf cert, enable OCSP stapling on a lab web server, and validate in a browser/
openssl s_client. - IAM/SSO walkthrough: Configure a simple SAML/OIDC integration using a free developer IdP and a demo app; practice MFA and role/attribute mappings.
- Cloud posture sandbox: Create a trial project; practice least-privilege roles, storage encryption, and scanning for misconfigurations.
Always follow laws, ROE, and ethics. Keep testing in isolated labs only.