CompTIA Security+ Malware Types: What You Need to Know for SY0-701

Security+ is broad, vendor-neutral, and tied to real exam constraints. The current CompTIA exam is SY0-701. It costs $425, allows maximum of 90 questions in 90 minutes, and requires 750 on a scale of 100-900 to pass.

Malware types on SY0-701

Security+ covers malware taxonomy as part of the Threats, Vulnerabilities, and Mitigations domain at 22% of the exam. The key types are ransomware, worms, trojans, viruses, spyware, adware, rootkits, keyloggers, botnets, and fileless malware.

Ransomware encrypts victim files and demands payment for decryption. It primarily attacks availability. Worms self-propagate across networks without requiring user action. Trojans appear legitimate but contain malicious functionality. Rootkits establish deep persistence, often at the kernel level. Fileless malware runs in memory and avoids file-based detection.

What the exam expects

Security+ does not ask you to memorize malware names in isolation. It presents scenarios and asks you to identify the malware type from behavioral clues — network propagation without user interaction is a worm, payment demand after encryption is ransomware, covert credential logging is a keylogger. Know the behavior, not just the label.

What should you do with this information next?

Our CompTIA Security+ study guide covers all five SY0-701 domains. Available at securitypluscertprep.com/guide.

SimpuTech's Security+ AI tutor can build a personalized study plan. Try it at SimpuTech.com.