CompTIA Security+ SY0-701 Study Guide

Aligned with the official exam objectives

1.0 General Security Concepts (12%)

  • 1.1 – Compare and contrast various types of security controls. Distinguishes technical, physical, and administrative controls by purpose (preventive, detective, corrective, etc.).
  • 1.2 – Summarize fundamental security concepts. Covers principles like CIA triad, AAA, Zero Trust, and least privilege.
  • 1.3 – Explain the importance of change management processes and the impact to security. Describes how unmanaged changes create risk and disrupt secure environments.
  • 1.4 – Explain the importance of using appropriate cryptographic solutions. Highlights the role of cryptography in confidentiality, integrity, and non-repudiation.

2.0 Threats, Vulnerabilities, and Mitigations (22%)

  • 2.1 – Compare and contrast common threat actors and motivations. Identifies adversaries like nation-states, hacktivists, and insiders based on objectives and sophistication.
  • 2.2 – Explain common threat vectors and attack surfaces. Describes how attackers exploit entry points such as emails, open ports, and supply chains.
  • 2.3 – Explain various types of vulnerabilities. Examines software flaws, weak configurations, and emerging zero-day threats.
  • 2.4 – Given a scenario, analyze indicators of malicious activity. Demonstrates use of logs, alerts, and behavioral anomalies to identify threats.
  • 2.5 – Explain the purpose of mitigation techniques used to secure the enterprise. Outlines practices like patching, segmentation, and encryption for minimizing exposure.

3.0 Security Architecture (18%)

  • 3.1 – Compare and contrast security implications of different architecture models. Addresses cloud, hybrid, and OT systems like ICS or SCADA.
  • 3.2 – Given a scenario, apply security principles to secure enterprise infrastructure. Focuses on zoning, segmentation, and access control practices.
  • 3.3 – Compare and contrast concepts and strategies to protect data. Covers encryption, tokenization, and data classification across data states.
  • 3.4 – Explain the importance of resilience and recovery in security architecture. Explores HA, backups, and disaster recovery to ensure business continuity.

4.0 Security Operations (28%)

4.1 Security Techniques
Given a scenario, apply common security techniques to computing resources. System hardening, patch management, and endpoint protection are key techniques.
4.2 Asset Management
Explain the security implications of proper hardware, software, and data asset management. Asset inventory and tracking support risk mitigation and compliance.
4.3 Vulnerability Management
Explain various activities associated with vulnerability management. Includes scanning, prioritizing, remediating, and validating vulnerabilities.
4.4 Monitoring Tools
Explain security alerting and monitoring concepts and tools. SIEMs, IDS/IPS, and endpoint monitoring help detect and respond to threats.
4.5 IAM
Given a scenario, implement and maintain identity and access management. MFA, SSO, and RBAC reduce unauthorized access risks.
4.6 Security Enhancements
Given a scenario, modify enterprise capabilities to enhance security. Security upgrades must be integrated into business processes and tools.
4.7 Automation
Explain the importance of automation and orchestration related to secure operations. Automated processes reduce errors and improve response times.
4.8 Incident Response
Explain appropriate incident response activities. Activities include detection, containment, eradication, recovery, and lessons learned.
4.9 Data Sources
Given a scenario, use data sources to support an investigation. Logs, alerts, and forensic data reveal indicators of compromise.
4.10 New Section
Given a scenario, implement new security measures. New protocols and technologies enhance overall security.

5.0 Program Management and Oversight (20%)

5.1 Governance
Summarize elements of effective security governance. Defines security roles, responsibilities, and policies that align with business goals.
5.2 Risk Management
Explain elements of the risk management process. Risk identification, analysis, and mitigation help prioritize defense strategies.
5.3 Third-Party Risk
Explain the processes associated with third-party risk assessment and management. Includes vendor evaluations, SLAs, and due diligence procedures.
5.4 Compliance
Summarize elements of effective security compliance. Involves understanding and adhering to standards and regulations like GDPR or HIPAA.
5.5 Audits
Explain types and purposes of audits and assessments. Audits verify control effectiveness; assessments identify gaps or misalignments.
5.6 Awareness
Given a scenario, implement security awareness practices. Training programs build a security-minded workforce and reduce human error.