This section covers Exam Objective 1 of the CompTIA Security+ SY0-701 exam. It focuses on the foundational principles of cybersecurity, including security control types, the CIA triad, AAA, and security frameworks.
🧱 Security Control Types
Security controls are measures implemented to protect systems, data, and users. They are categorized into six types:
- Preventive: Block incidents before they occur (e.g., firewalls, locked doors).
- Detective: Identify threats after they occur (e.g., intrusion detection systems, security cameras).
- Corrective: Respond and recover from incidents (e.g., backups, incident response plans).
- Deterrent: Dissuade attackers (e.g., warning signs, security policies).
- Compensating: Provide alternative controls when primary controls are not feasible (e.g., temporary access restrictions).
- Directive: Guide user behavior (e.g., security training, acceptable use policies).
🔐 CIA Triad & AAA
The CIA triad is a fundamental model in cybersecurity, representing the three core principles:
- Confidentiality: Ensures that sensitive information is accessible only to authorized individuals (e.g., encryption, access control).
- Integrity: Ensures that data is accurate and has not been tampered with (e.g., hashing, digital signatures).
- Availability: Ensures that systems and data are accessible when needed (e.g., redundancy, disaster recovery plans).
AAA: Authentication, Authorization, and Accounting are essential for access control:
- Authentication: Verifies the identity of users (e.g., passwords, biometrics).
- Authorization: Determines what actions users are allowed to perform (e.g., role-based access control).
- Accounting: Tracks user activity for auditing purposes (e.g., log files, SIEM tools).
🏗️ Frameworks and Models
Security frameworks provide guidelines for implementing and managing cybersecurity programs. Key frameworks include:
- NIST Cybersecurity Framework (CSF): A risk-based approach to managing cybersecurity.
- ISO/IEC 27001: An international standard for information security management systems.
- COBIT: A framework for IT governance and management.
Zero Trust Architecture: A security model that assumes no user or device is trusted by default, even if inside the network perimeter.
🔒 Roles & Responsibilities
Understanding roles and responsibilities is critical for implementing effective security measures:
- Data Owner: Determines data classification and handling rules.
- System Administrator: Manages day-to-day security controls and configurations.
- Security Officer: Enforces policies and manages risk.
🏢 Physical Security & Deception
Physical security measures protect facilities and equipment from unauthorized access. Examples include:
- Door locks, access control systems, fences, and mantraps.
- Deception strategies like honeypots and honeytokens to detect and mislead attackers.
📚 Additional Resources
Explore more resources to prepare for the Security+ exam: