CompTIA Security+ (SY0-701): General Security Concepts Literacy (Beginner Level)

Topics covered

• compare authentication, authorization, and accounting
• compare authorization models
• compare control categories like technical, managerial, operational, and physical
• compare control types including preventive, deterrent, detective, corrective, compensating, and directive
• compare deception technologies such as honeypots, honeynets, honeyfiles, and honeytokens
• define change management technical implications like allow lists, deny lists, restricted activities, downtime, service restart, application restart, legacy applications, and dependencies
• define non-repudiation
• define preventative physical security controls like bollards, access control vestibule, access badges/cards, fencing, gates, mantraps, and security guards
• outline change management business processes including approval, ownership, stakeholders, impact analysis, test results, backout plan, maintenance window, and standard operating procedures
• outline detective physical security controls like video surveillance, lighting, and infrared, pressure, microwave, and ultrasonic sensors
• outline how to authenticate people
• outline how to authenticate systems
• outline the use of gap analysis in the context of security
• provide an overview of the CIA Triad which includes confidentiality, integrity, and availability
• provide an overview of the Zero Trust control plane including adaptive identity, threat scope reduction, policy-driven access control, and Policy Administrator
• provide an overview of the Zero Trust data plane which includes implicit trust zones, subject/system, and Policy Enforcement Points
• understand the importance of comprehensive documentation and version control