The current Security+ certification is not a generic "cyber" badge. CompTIA frames SY0-701 around five weighted domains, hands-on performance-based work, and a fixed exam window of 90 minutes. The voucher price is $425, the exam can include maximum of 90 questions, and the passing score is 750 on a scale of 100-900.
Why are PBQs the point where many Security+ candidates lose control of the clock?
CompTIA's Security+ exam article says most PBQs appear at the beginning of the exam. That means the first few minutes can be more interactive and slower-moving than many first-time candidates expect. A study approach that uses only passive reading tends to fail at that point because the exam asks you to classify, configure, prioritize, and interpret rather than simply define.
What do PBQs usually test?
PBQs usually translate a multiple-choice concept into a task. You may need to place controls on a diagram, analyze logs, classify vulnerabilities, choose firewall rules, match ports to services, or respond to an incident sequence.
Ten PBQ-style scenarios to think through
1. Match firewall rules to a DMZ design. 2. Classify malware symptoms from log excerpts. 3. Place controls into preventive, detective, and corrective buckets. 4. Choose the correct certificate action for a trust failure. 5. Identify which ports should be opened for a secure admin workflow. 6. Segment guest wireless away from production assets. 7. Read failed-logon patterns and identify password spraying. 8. Size a subnet for a branch office deployment. 9. Order incident-response steps after confirmed compromise. 10. Choose the least-privileged access design for a new SaaS rollout.