Security+ (SY0-701)
Articles covering CompTIA Security+ (SY0-701) exam objectives. These guides focus on security concepts, threats, vulnerabilities, architecture, operations, and incident response essential for Security+ certification.
Objective 1.1: Compare and Contrast Various Types of Security Controls
Comprehensive guide covering security control categories (Technical, Managerial, Operational, Physical) and control types (Preventive, Deterrent, Detective, Corrective, Compensating, Directive) essential for Security+ certification.
Objective 1.2: Summarize Fundamental Security Concepts
Complete overview of core security principles including CIA triad, AAA framework, Zero Trust architecture, physical security controls, and deception technologies for comprehensive Security+ exam preparation.
Objective 1.3: Explain the Importance of Change Management Processes and the Impact to Security
Detailed examination of change management processes including business processes, technical implications, documentation requirements, and version control, with focus on security impact and best practices.
Objective 1.4: Explain the Importance of Using Appropriate Cryptographic Solutions
Comprehensive coverage of cryptographic solutions including PKI, encryption levels, symmetric/asymmetric encryption, cryptographic tools, obfuscation techniques, hashing, digital signatures, and certificate management.
Objective 2.1: Compare and Contrast Common Threat Actors and Motivations
Detailed analysis of threat actors including nation-states, organized crime, hacktivists, insider threats, and unskilled attackers, with comprehensive coverage of their attributes, motivations, and defense strategies.
Objective 2.2: Explain Common Threat Vectors and Attack Surfaces
Comprehensive coverage of threat vectors including message-based attacks, social engineering techniques, supply chain risks, network vulnerabilities, and attack surface management strategies.
Objective 2.3: Explain Various Types of Vulnerabilities
Comprehensive analysis of vulnerability types including application vulnerabilities, OS-based weaknesses, web-based attacks, hardware vulnerabilities, virtualization risks, cloud-specific issues, and zero-day exploits.
Objective 2.4: Given a Scenario, Analyze Indicators of Malicious Activity
Comprehensive guide to identifying and analyzing indicators of malicious activity including malware attacks, network intrusions, application vulnerabilities, and security incident detection techniques.
Objective 2.5: Explain the Purpose of Mitigation Techniques Used to Secure the Enterprise
Comprehensive coverage of enterprise security mitigation techniques including segmentation, access control, application allow listing, isolation, patching, encryption, monitoring, and hardening techniques.
Objective 3.1: Compare and Contrast Security Implications of Different Architecture Models
Comprehensive analysis of security implications across various architecture models including cloud computing, infrastructure as code, serverless, microservices, network infrastructure, IoT, ICS/SCADA, and specialized systems with detailed security considerations.
Objective 3.2: Given a Scenario, Apply Security Principles to Secure Enterprise Infrastructure
Comprehensive guide to applying security principles in enterprise infrastructure including device placement, security zones, network appliances, port security, firewall types, secure communication methods, and effective control selection for real-world scenarios.
Objective 3.3: Compare and Contrast Concepts and Strategies to Protect Data
Comprehensive analysis of data protection concepts including data types (regulated, trade secret, intellectual property), classifications (sensitive, confidential, public, restricted), data states, and protection methods (encryption, hashing, masking, tokenization, obfuscation, segmentation).
Objective 3.4: Explain the Importance of Resilience and Recovery in Security Architecture
Comprehensive guide to resilience and recovery in security architecture covering high availability (load balancing vs. clustering), site considerations (hot, warm, cold), platform diversity, continuity of operations, capacity planning, testing, backups, and power management strategies.
Objective 4.1: Given a Scenario, Apply Common Security Techniques to Computing Resources
Comprehensive guide to applying security techniques to computing resources including secure baselines (establish, deploy, maintain), hardening targets (mobile devices, workstations, switches, routers, cloud infrastructure, servers, ICS/SCADA, embedded systems, RTOS, IoT), wireless security, mobile solutions, and application security.
Objective 4.2: Explain the Security Implications of Proper Hardware, Software, and Data Asset Management
Comprehensive analysis of asset management security throughout the lifecycle including acquisition/procurement process, assignment/accounting (ownership, classification), monitoring/asset tracking (inventory, enumeration), and disposal/decommissioning (sanitization, destruction, certification, data retention).
Objective 4.3: Explain Various Activities Associated with Vulnerability Management
Comprehensive guide to vulnerability management activities including identification methods (vulnerability scans, application security, threat feeds, penetration testing), analysis (CVSS, CVE, prioritization), response and remediation (patching, segmentation, compensating controls), validation, and reporting.
Objective 4.4: Explain Security Alerting and Monitoring Concepts and Tools
Comprehensive guide to security alerting and monitoring including monitoring computing resources (systems, applications, infrastructure), activities (log aggregation, alerting, scanning, reporting, archiving), alert response and remediation, and security tools (SCAP, SIEM, antivirus, DLP, SNMP, NetFlow, vulnerability scanners).
Objective 4.5: Given a Scenario, Modify Enterprise Capabilities to Enhance Security
Comprehensive guide to modifying enterprise capabilities for enhanced security including firewalls (rules, access lists, ports/protocols, screened subnets), IDS/IPS (trends, signatures), web filtering (agent-based, centralized proxy, URL scanning, content categorization), operating system security (Group Policy, SELinux), secure protocols, DNS filtering, email security (DMARC, DKIM, SPF), file integrity monitoring, DLP, NAC, EDR/XDR, and user behavior analytics.
Objective 4.6: Given a Scenario, Implement and Maintain Identity and Access Management
Comprehensive guide to identity and access management including user provisioning/de-provisioning, permission assignments, identity proofing, federation, SSO (LDAP, OAuth, SAML), interoperability, attestation, access controls (mandatory, discretionary, role-based, rule-based, attribute-based), time-of-day restrictions, least privilege, multifactor authentication (biometrics, tokens, security keys), password concepts and best practices, password managers, passwordless authentication, and privileged access management (just-in-time permissions, password vaulting, ephemeral credentials).
Objective 4.7: Explain the Importance of Automation and Orchestration Related to Secure Operations
Comprehensive guide to automation and orchestration in secure operations including use cases (user provisioning, resource provisioning, guard rails, security groups, ticket creation, escalation, enabling/disabling services and access, continuous integration and testing, integrations and APIs), benefits (efficiency/time saving, enforcing baselines, standard infrastructure configurations, scaling securely, employee retention, reaction time, workforce multiplier), and considerations (complexity, cost, single point of failure, technical debt, ongoing supportability).
Objective 4.8: Explain Appropriate Incident Response Activities
Comprehensive guide to incident response activities including the incident response process (preparation, detection, analysis, containment, eradication, recovery, lessons learned), training and testing (tabletop exercises, simulations), root cause analysis, threat hunting, and digital forensics (legal hold, chain of custody, acquisition, reporting, preservation, e-discovery).
Objective 4.9: Given a Scenario, Use Data Sources to Support an Investigation
Comprehensive guide to using data sources for security investigations including log data analysis (firewall logs, application logs, endpoint logs, OS-specific security logs, IPS/IDS logs, network logs, metadata), data sources (vulnerability scans, automated reports, dashboards, packet captures), data correlation and analysis techniques, and investigation scenarios.
Objective 5.1: Summarize Elements of Effective Security Governance
Comprehensive guide to security governance elements including guidelines, policies (AUP, information security, business continuity, disaster recovery, incident response, SDLC, change management), standards (password, access control, physical security, encryption), procedures (change management, onboarding/offboarding, playbooks), external considerations (regulatory, legal, industry, local/regional, national, global), monitoring and revision, governance structures (boards, committees, government entities, centralized/decentralized), and roles and responsibilities (owners, controllers, processors, custodians/stewards).
Objective 5.2: Explain Elements of the Risk Management Process
Comprehensive guide to risk management process elements including risk identification, risk assessment (ad hoc, recurring, one-time, continuous), risk analysis (qualitative, quantitative, SLE, ALE, ARO, probability, likelihood, exposure factor, impact), risk register (KRIs, risk owners, risk threshold), risk tolerance and appetite (expansionary, conservative, neutral), risk management strategies (transfer, accept, avoid, mitigate), risk reporting, and business impact analysis (RTO, RPO, MTTR).
Objective 5.3: Explain the Processes Associated with Third-Party Risk Assessment and Management
Comprehensive guide to third-party risk assessment and management including vendor assessment (penetration testing, right-to-audit clause, evidence of internal audits, independent assessments, supply chain analysis), vendor selection (due diligence, conflict of interest), agreement types (SLA, MOA, MOU, MSA, WO/SOW, NDA, BPA), vendor monitoring, questionnaires, and rules of engagement.
Objective 5.4: Summarize Elements of Effective Security Compliance
Comprehensive guide to security compliance elements including compliance reporting (internal, external), consequences of non-compliance (fines, sanctions, reputational damage, loss of license, contractual impacts), compliance monitoring (due diligence/care, attestation and acknowledgment, internal and external, automation), and privacy considerations (legal implications, data subject rights, controller vs. processor, ownership, data inventory and retention, right to be forgotten).
Objective 5.5: Explain Types and Purposes of Audits and Assessments
Comprehensive guide to audits and assessments including attestation, internal audits (compliance, audit committee, self-assessments), external audits (regulatory, examinations, assessment, independent third-party audit), and penetration testing (physical, offensive, defensive, integrated, known/partially known/unknown environment, reconnaissance with passive and active methods).
Objective 5.6: Given a Scenario, Implement Security Awareness Practices
Comprehensive guide to implementing security awareness practices including phishing (campaigns, recognizing attempts, responding to reports), anomalous behavior recognition (risky, unexpected, unintentional), user guidance and training (policies/handbooks, situational awareness, insider threat, password management, removable media, social engineering, operational security, hybrid/remote work), and reporting and monitoring (initial, recurring, development, execution).