Navigation

How Can We Help?

CompTIA Security Plus: DOMAIN 1 – GENERAL SECURITY CONCEPTS (SY0-701)

Created On
Last Updated On
byAdmin
Print
You are here:
< All Topics

 

🧠 DOMAIN 1 – GENERAL SECURITY CONCEPTS (SY0-701)

Study Summary for Reinforcement

1.1 Fundamental Security Concepts

  • CIA Triad:
    • Confidentiality – prevent unauthorized access (e.g., encryption, MFA)
    • Integrity – ensure data isn’t tampered with (e.g., hashing, digital signatures)
    • Availability – ensure systems are accessible when needed
  • AAA Model: Authentication, Authorization, Accounting
  • Non-Repudiation – Proof of actions (e.g., digital signature)
  • Defense in Depth – Multiple control layers (technical, physical, administrative)

1.2 Security Control Categories

  • Control Types: Administrative, Technical, Physical
  • Function Types: Preventive, Detective, Corrective, Deterrent, Compensating

1.3 Threat Actors and Attributes

  • Actors: Script Kiddies, Hacktivists, Insiders, Nation States, Organized Crime, Shadow IT
  • Attributes: Motivation, Sophistication, Resources, Intent, Internal/External

1.4 Security Roles and Responsibilities

  • Data Owner, System Owner, Custodian, User, Privacy Officer, SOC Analyst
  • Blue Team vs Red Team – defense vs simulated attacks

1.5 Security Posture and Metrics

  • Security Posture: asset inventory, patching, controls, baselines
  • Metrics: MTTD, MTTR, RPO, RTO

πŸ“ DOMAIN 1 MINI QUIZ (5 Questions)

Pass threshold: 4/5 (80%)

  1. Which of the following best describes ‘non-repudiation’?
    • a) Making sure data is encrypted at rest
    • b) Ensuring system uptime and availability
    • c) Ensuring users cannot deny their actions
    • d) Assigning least privilege access
  2. A security guard and badge scanner represent which types of control respectively?
    • a) Physical and administrative
    • b) Physical and technical
    • c) Administrative and detective
    • d) Detective and compensating
  3. What metric measures the maximum tolerable downtime for a system before serious impact?
    • a) MTTD
    • b) RTO
    • c) RPO
    • d) MTTR
  4. Which role is primarily responsible for maintaining backup systems and applying patches?
    • a) Data Owner
    • b) Custodian
    • c) System Owner
    • d) Privacy Officer
  5. A firewall that blocks malicious packets before they reach a system is acting as what type of control?
    • a) Corrective
    • b) Detective
    • c) Preventive
    • d) Deterrent

 

Tags:
Table of Contents