CompTIA Security+ Attack Types Explained: Social Engineering, Malware, and More

The current Security+ certification is not a generic "cyber" badge. CompTIA frames SY0-701 around five weighted domains, hands-on performance-based work, and a fixed exam window of 90 minutes. The voucher price is $425, the exam can include maximum of 90 questions, and the passing score is 750 on a scale of 100-900.

Attack types covered on SY0-701

The Threats, Vulnerabilities, and Mitigations domain accounts for 22% of SY0-701 and covers a broad range of attack types. Social engineering attacks include phishing (email-based), vishing (voice-based), smishing (SMS-based), whaling (executive-targeted), and pretexting (fabricated scenarios). Each has a distinct delivery method and a distinct defensive control.

Malware types include ransomware (encrypts data for payment), worms (self-propagating), trojans (disguised as legitimate software), spyware (covert data collection), rootkits (deep system persistence), and fileless malware (memory-resident). Security+ tests the behavioral signature of each type, not just the name.

Network-based attacks include man-in-the-middle, DNS poisoning, replay attacks, DDoS, and on-path attacks. Password attacks include spraying (one password against many accounts) and credential stuffing (breached pairs against many accounts).

How defenders should think about these

Security+ rewards a three-part mental model: how the attacker executes, what the defender would notice, and what control best prevents recurrence. Pair every attack type with a detection signal and a mitigation control.

What should you do with this information next?

Our CompTIA Security+ study guide covers all five SY0-701 domains. Available at securitypluscertprep.com/guide.

SimpuTech's Security+ AI tutor can build a personalized study plan. Try it at SimpuTech.com.