CompTIA Security+

Security+ is vendor-neutral and concept-heavy — the exam tests breadth across 5 domains rather than depth in any single tool. The Macksofy bootcamp pairs every concept with at least one hands-on tool so candidates leave with practitioner instinct, not just exam answers.

• Wireshark + tcpdump. Packet capture, protocol decoding, and traffic analysis for the General Security Concepts + Threats/Vulnerabilities/Mitigations domains. Bootcamp includes ARP-poisoning capture, TLS handshake walkthrough, and DNS-tunnelling detection labs.
• Nmap + Nessus Essentials. Service enumeration + vulnerability scanning for the Threats domain. Nessus Essentials is free for up to 16 IPs and adequate for the exam’s vulnerability-management coverage.
• Burp Suite Community + OWASP ZAP. Web-app testing primer for the Application Security topics. Not deep pentesting — just enough to demonstrate XSS, SQLi, and CSRF in a controlled lab.
• Kali Linux + a Windows AD lab VM. Practical environment for offensive concepts (privilege escalation primer, AD enumeration with bloodhound-lite). Bootcamp ships a pre-built VM image.
• OpenSSL + GnuPG + a Hashicorp Vault demo. Cryptography and PKI hands-on: key generation, X.509 certificate creation, AES vs RSA performance, hashing collisions, HMAC vs digital signatures.
• Splunk Free + Elastic Stack. Logging and monitoring fundamentals for the Security Operations domain. Free tiers are adequate to demonstrate SIEM correlation, alert tuning, and incident triage workflow.
• OpenVPN + WireGuard + a strongSwan IPsec demo. VPN architecture comparison hands-on. Maps to the Architecture domain’s networking-security topics.
• Microsoft Sentinel + Defender for Endpoint trial. Cloud-native SIEM and EDR exposure. Microsoft 365 Developer trial gives free Sentinel access for 90 days — bootcamp leverages this for the cloud-security exam topics.
• OWASP ASVS + CIS Controls v8. Framework reference reading. Bootcamp walks through the Governance/Risk/Compliance domain using these two open standards as the worked examples.
• NIST SP 800-53 + ISO 27001 reference. Compliance-context reading. Macksofy doesn’t drill memorisation of control IDs — focus is on conceptual framework comparison, which is what SY0-701 tests.

Security+ is exam-heavy on PBQs (performance-based questions) — drag-and-drop firewall-rule sequences, log-snippet triage, and protocol-identification scenarios. Memorising MCQ-style facts isn’t enough; you need rep-based exposure to the PBQ formats. The Macksofy bootcamp lab is built around this:

• Pre-built Kali + Windows + Linux server VM image with the toolchain above pre-installed. Avoids the ‘configure-the-VM week’ that derails most self-study candidates.
• 20+ PBQ-style scenarios drilled across the 12 weeks: firewall rulebook ordering, port-protocol matching, log-event triage (Windows event ID lookups, Linux syslog patterns), wireless-config validation, certificate-chain trust validation.
• Splunk-on-laptop SIEM lab ingesting simulated attack telemetry (failed logins, port scans, lateral movement signals). Drills the SIEM-correlation + alert-tuning exam topics.
• 3 full-length practice exams (90-question Sec+ format, 90-min timer) administered Saturday week 6, week 9, and week 11. Scoring with answer-rationale debriefs identifies weak domains for last-mile prep.
• India-context case study set covering DPDP Act 2023 mapping to Sec+ governance topics, RBI cyber framework alignment, and IT Rules 2021 — useful both for the exam’s compliance section and for India-job interview prep.

All labs are accessible from the candidate’s laptop; no cloud subscription required (Splunk Free + Microsoft 365 Developer trial cover the cloud-security exposure free of charge). Mobile / tablet access is not supported — Security+ PBQ practice needs a real keyboard.

The SY0-701 exam is 90 minutes for up to 90 questions (mix of MCQ and PBQ). Passing score is 750/900. Bootcamp graduates target 800+ to compensate for question-pool variance.

• Exam format: typically 5-10 PBQs appear in the first 15 questions. Skip PBQs on first pass — they cost 4-6 minutes each. Complete all MCQs first (target: 50-55 in 35 minutes), then return to PBQs with remaining 50+ minutes.
• Pearson VUE online proctored vs test-centre: bootcamp recommends test-centre delivery in India — fewer technical-disconnect risks, better PBQ rendering on a real monitor vs a laptop screen. Test-centres are available in Mumbai, Delhi NCR, Bengaluru, Hyderabad, Pune, Chennai, Kolkata, Kochi, Ahmedabad, Jaipur, Lucknow, Chandigarh.
• Exam voucher cost (2026): retail USD 404 (≈ ₹34,000). CompTIA Continuing Education programme requires CEUs every 3 years to maintain the cert — budget ₹2,000-5,000/year on CEU activity post-cert.
• Bootcamp voucher: Macksofy bundle pricing includes the official Pearson VUE voucher + 1 free retake voucher (CompTIA’s ‘Second Shot’ programme when available, otherwise our retake guarantee covers the second attempt within 90 days at no extra fee).
• Macksofy pass-rate: 87% of bootcamp candidates pass on first attempt (rolling 12-month average across 2024-25 cohorts). Of the 13% who fail attempt #1, 95% pass attempt #2 within 90 days with mentor-led remediation.

Day-of-exam protocol: hydrate, eat a light meal, arrive 30 min early for ID verification, bring two government-issued IDs (Aadhaar + PAN works; Aadhaar + driving licence works). Test-centre rules forbid watches and notes; lockers provided. The exam includes a 5-minute survey at start (counts against the 90 minutes if you let it) — skip it.

Security+ is the single highest-volume entry-level cybersecurity cert in Indian hiring filters. ~70% of India BFSI + IT-services SOC L1/L2 JDs list ‘Security+ or equivalent’ as the baseline credential. Comp bands (Q1 2026, public Naukri + Glassdoor + LinkedIn aggregators):

• Fresher / 0-1 yr (SOC L1, IT-helpdesk-to-security pivot): ₹3.5 – 6 LPA at IT-services bench employers (TCS / Infosys / Wipro / HCL / Tech Mahindra). ₹4 – 7 LPA at direct-hire BFSI L1 SOC.
• 1-3 yr (SOC L2, junior IAM, junior compliance analyst): ₹5 – 11 LPA depending on employer + city. Mumbai / Bengaluru pay 15-25% above non-metro for equivalent role.
• 3-5 yr (SOC L3, IAM engineer, junior security architect): ₹9 – 18 LPA. At this stage Sec+ alone caps the comp ceiling; layer CSA / CEH v13 / SOC-200 to break ₹15 LPA.
• Public-sector / PSU bank (SBI SO-CS, banks via UPSC pipeline): Pay-scale-II ₹13-15 LPA total CTC equivalent. Sec+ is sufficient credential for entry-level SO-CS Pay-scale-II.

India-employer pattern: HDFC Bank, ICICI Bank, Axis Bank, Kotak Mahindra, Federal Bank, Bajaj Finserv, HDFC Life, NPCI, and Jio Financial all list Security+ as either required or strongly-preferred for L1/L2 SOC roles (see our BFSI cybersecurity employers guide for per-employer detail). IT-services delivery centres (TCS / Wipro / HCL / Tech Mahindra / LTIMindtree) staff most of their bank-engagement SOC seats with Sec+-only freshers and uplevel to CEH / SOC-200 in year 2-3.

Career-progression sequence we recommend: Sec+ → 12-18 months SOC operations experience → CEH v13 OR SOC-200 (OSDA) → first lateral to BFSI principal at ₹8-13 LPA. From there, branch to either offensive (OSCP) or defensive (CISSP at 5+ years experience).

The 3-cert entry-cluster comes up in every fresher-cybersecurity consultation. Macksofy’s recommendation depends on your background:

• Security+ first if your target is SOC / blue-team / compliance / GRC roles. Vendor-neutral, broadly accepted, lowest CV-friction for any L1 SOC application.
• CEH v13 first if your target is pentest / offensive / red-team roles AND you already have a Linux + networking baseline. CEH alone won’t pass OSCP — but it gets you past automated CV-screen filters at India employers who use ‘CEH or equivalent’ as a JD requirement.
• Network+ first ONLY if you have zero networking background and Sec+’s networking domain (10-15% of the exam) would be opaque. Most CS / IT graduates can skip Network+ entirely — Sec+ assumes basic networking.

Cost comparison (2026): Security+ voucher ₹34k vs CEH v13 voucher ₹95k+iLabs vs Network+ voucher ₹30k. Security+ wins on ROI for the entry-tier IT-services SOC path; CEH wins on ROI for the pentest path if you have offensive aptitude. Network+ adds little if you already have Sec+.

Common mistake to avoid: stacking Sec+ + CEH + CISA + CISM all back-to-back as a fresher. This is signal-flat (no employer values a 4-cert fresher over a 2-cert + 1-year-experience candidate). Pick 2 certs max in year 1 + immediately log practical work (a TryHackMe / HackTheBox / SOC simulation portfolio).

One of the first hands-on exercises (week 2) is a packet-capture analysis of an ARP poisoning attack on a 3-host network. The capture is provided as a .pcap file; candidates open it in Wireshark and answer:

1. Which MAC address is the attacker? (Filter arp.opcode == 2 and look for the host claiming the gateway IP with a different MAC than the legitimate gateway saw earlier in the capture.)
2. What’s the gateway’s real MAC vs the spoofed MAC? (Diff the ARP-reply frames at t=0 vs t=12.4 seconds in the sample capture.)
3. What downstream attack is the ARP poisoning enabling? (Hint: filter http.request and look for the host that’s now seeing all clear-text HTTP traffic from the other two hosts — that’s the MitM payoff.)
4. Which Security+ domain does this map to? (Threats / Vulnerabilities / Mitigations — specifically, the network-attack subdomain.)
5. What’s the SY0-701 exam expects you to recommend as mitigation? (Dynamic ARP Inspection on managed switches + DHCP snooping + 802.1X for endpoint authentication.)

Mentors walk through the answer-set live in the week-2 Saturday session. Candidates who self-complete before the live session report substantially better retention on the Threats domain in their week-9 practice exam. This is one of 20+ similar PBQ-format exercises across the 12-week cohort.

Macksofy admits two candidate profiles into the Security+ cohort:

• CS / IT graduates (BCA / MCA / B.Tech CS or IT) — these candidates typically have networking + OS basics from coursework. Bootcamp jumps straight into the Threats and Architecture domains week 1.
• Working IT-helpdesk / sysadmin / desktop-support pros pivoting to security — these candidates have practical IT but often lack the security-mindset framing. Bootcamp’s first 2 weeks include a security-fundamentals primer (CIA triad, defence-in-depth, threat-actor categories) before joining the main syllabus.

Minimum prerequisites: comfort with the Windows + Linux command line (basic file operations, process management, network commands like ipconfig / ifconfig / netstat / ss / nslookup / dig). Comfort with IPv4 networking concepts (subnetting, OSI layers, common ports + protocols). Reading-fluent in English (Security+ exam is English-only in India test-centres).

Not strictly required but speeds learning: any prior CompTIA exposure (A+ or Network+), familiarity with a SIEM (Splunk / Elastic / QRadar / Sentinel — even read-only exposure), exposure to one cloud (AWS / Azure / GCP). None of these are dealbreakers but they compress the first 4 weeks.

Time commitment: 12 weeks × ~10 hours / week (live sessions + lab time + mock exams). Working professionals join the weekend cohort (6 hours Saturday + 4 hours self-paced lab during the week). Full-time candidates join the weekday cohort.