CompTIA Security+ (SY0-701) Certification Exam Complete
Exam Guide: Domains, Concepts, and Practice Questions
with Answers & Rationales
QUESTIONS START ON PAGE 3
🎯 Exam Domains (5 Domains)
The Security+ SY0-701 exam is organized into five domains that cover essential
cybersecurity concepts:
Domain Percentage Description
1. General Security ~20% CIA Triad, control types,
Concepts frameworks, Zero Trust, AAA
2. Threats, Vulnerabilities & ~25% Threat actors, malware, social
Mitigations engineering, attack types
3. Security Architecture ~20% Defense-in-depth, network
segmentation, cloud security
4. Security Operations ~20% Logging, SIEM, incident
response, monitoring
5. Security Program ~15% Policies, GRC, BCP/DR,
Management & Oversight awareness training
📚 Core Security Concepts
The CIA Triad
The CIA Triad is the foundational model for information security:
Principle Definition Key Controls
Confidentiality Ensuring data is not Encryption, access
accessed by unauthorized control, data masking
individuals
, Integrity Ensuring data remains Hashing, checksums,
accurate and unaltered digital signatures
Availability Ensuring authorized users Redundancy, fault
can access data when tolerance, disaster
needed recovery
Additional Core Principles
Non-repudiation ensures a person or entity cannot deny having performed a particular
action. Methods include digital signatures, audit logs, and time-stamping.
AAA Framework (Authentication, Authorization, Accounting):
Authentication: Verifying identity (passwords, biometrics, MFA)
Authorization: Determining access levels (RBAC, ABAC, MAC)
Accounting: Tracking user actions via logging and monitoring
Security Control Categories
Controls are classified by type (how they are implemented):
Control Purpose Examples
Type
Technical Use technology to Firewalls, encryption, antivirus, ACLs
enforce security
Managerial Oversee security Risk assessments, policy development,
program awareness training
Operational Day-to-day security User training, configuration
activities management, monitoring
Physical Protect physical assets Locks, security guards, surveillance
cameras
Controls are also categorized by function:
Function Purpose Examples
Preventive Stop incidents before Firewalls, encryption, access
they occur control
, Deterrent Discourage security Warning signs, visible
violations cameras
Detective Identify active or past IDS, audit logs, file integrity
incidents checkers
Corrective Mitigate impact after Antivirus removal, patch
detection management, system restore
Compensating Alternative when primary MFA as biometric substitute,
control unavailable manual log review
Directive Guide behavior via rules Security policies, employee
handbooks
Zero Trust Model
Zero Trust operates on "never trust, always verify" – no user or device is automatically
trusted, whether inside or outside the network. Key components include continuous
verification, granular access control (least privilege), and micro-segmentation (dividing the
network into smaller zones).
Domain 1: General Security Concepts (Questions 1–20)
1. Which of the following ensures that data is not accessed by unauthorized
individuals?
a) Integrity
b) Confidentiality
c) Availability
d) Non-repudiation
Explanation: Confidentiality ensures data is not accessed by unauthorized individuals,
processes, or systems. It is achieved through encryption, access controls, and data
masking.
2. A company wants to ensure that a user cannot deny having submitted a financial
transaction. Which principle is being enforced?
a) Integrity
b) Confidentiality
c) Availability
d) Non-repudiation
Exam Guide: Domains, Concepts, and Practice Questions
with Answers & Rationales
QUESTIONS START ON PAGE 3
🎯 Exam Domains (5 Domains)
The Security+ SY0-701 exam is organized into five domains that cover essential
cybersecurity concepts:
Domain Percentage Description
1. General Security ~20% CIA Triad, control types,
Concepts frameworks, Zero Trust, AAA
2. Threats, Vulnerabilities & ~25% Threat actors, malware, social
Mitigations engineering, attack types
3. Security Architecture ~20% Defense-in-depth, network
segmentation, cloud security
4. Security Operations ~20% Logging, SIEM, incident
response, monitoring
5. Security Program ~15% Policies, GRC, BCP/DR,
Management & Oversight awareness training
📚 Core Security Concepts
The CIA Triad
The CIA Triad is the foundational model for information security:
Principle Definition Key Controls
Confidentiality Ensuring data is not Encryption, access
accessed by unauthorized control, data masking
individuals
, Integrity Ensuring data remains Hashing, checksums,
accurate and unaltered digital signatures
Availability Ensuring authorized users Redundancy, fault
can access data when tolerance, disaster
needed recovery
Additional Core Principles
Non-repudiation ensures a person or entity cannot deny having performed a particular
action. Methods include digital signatures, audit logs, and time-stamping.
AAA Framework (Authentication, Authorization, Accounting):
Authentication: Verifying identity (passwords, biometrics, MFA)
Authorization: Determining access levels (RBAC, ABAC, MAC)
Accounting: Tracking user actions via logging and monitoring
Security Control Categories
Controls are classified by type (how they are implemented):
Control Purpose Examples
Type
Technical Use technology to Firewalls, encryption, antivirus, ACLs
enforce security
Managerial Oversee security Risk assessments, policy development,
program awareness training
Operational Day-to-day security User training, configuration
activities management, monitoring
Physical Protect physical assets Locks, security guards, surveillance
cameras
Controls are also categorized by function:
Function Purpose Examples
Preventive Stop incidents before Firewalls, encryption, access
they occur control
, Deterrent Discourage security Warning signs, visible
violations cameras
Detective Identify active or past IDS, audit logs, file integrity
incidents checkers
Corrective Mitigate impact after Antivirus removal, patch
detection management, system restore
Compensating Alternative when primary MFA as biometric substitute,
control unavailable manual log review
Directive Guide behavior via rules Security policies, employee
handbooks
Zero Trust Model
Zero Trust operates on "never trust, always verify" – no user or device is automatically
trusted, whether inside or outside the network. Key components include continuous
verification, granular access control (least privilege), and micro-segmentation (dividing the
network into smaller zones).
Domain 1: General Security Concepts (Questions 1–20)
1. Which of the following ensures that data is not accessed by unauthorized
individuals?
a) Integrity
b) Confidentiality
c) Availability
d) Non-repudiation
Explanation: Confidentiality ensures data is not accessed by unauthorized individuals,
processes, or systems. It is achieved through encryption, access controls, and data
masking.
2. A company wants to ensure that a user cannot deny having submitted a financial
transaction. Which principle is being enforced?
a) Integrity
b) Confidentiality
c) Availability
d) Non-repudiation