CtrlK

Search...

Trending this month -AWS CCP•CISSP•AZ-900•A+•TOGAF•AI-102•Sec+•AZ-104•CSA•ITIL 4

Quick Feedback

Back to Security+

CompTIA Security+ Study Notes

Comprehensive study notes covering all SY0-701 exam domains with detailed explanations, tables, and exam tips.

CompTIA Security+ Study Notes

General Security Concepts

Fundamental security principles and concepts

CIA Triad

Principle	Definition	Controls/Examples
Confidentiality	Prevent unauthorized disclosure of information	Encryption, access controls, data classification
Integrity	Ensure data is not modified without authorization	Hashing, digital signatures, version control
Availability	Ensure systems/data are accessible when needed	Redundancy, backups, fault tolerance, load balancing

Additional Security Concepts

Non-Repudiation

Ensures parties cannot deny actions. Achieved through digital signatures, audit logs, timestamps.

Authentication

Verifying identity. Something you know, have, are, somewhere you are, something you do.

Authorization

Determining what authenticated users can access. RBAC, ABAC, MAC, DAC.

Accounting

Tracking user actions for auditing. Logs, monitoring, SIEM.

AAA Framework

Authentication (who are you?), Authorization (what can you do?), and Accounting (what did you do?) form the foundation of access control.

Security Controls

Types of controls and their categories

Control Types

Type	Description	Examples
Technical (Logical)	Hardware/software mechanisms	Firewalls, encryption, IDS, access controls, antivirus
Administrative (Managerial)	Policies and procedures	Security policies, training, background checks, risk assessments
Physical	Protect physical assets	Locks, guards, cameras, fencing, biometrics, mantrap

Control Categories

Category	Purpose	Examples
Preventive	Stop incidents before they occur	Firewall rules, encryption, security training, access controls
Detective	Identify when incidents occur	IDS, log analysis, security audits, motion sensors
Corrective	Fix problems after detection	Patching, restoring backups, incident response
Deterrent	Discourage threats	Warning signs, security cameras, login banners
Compensating	Alternative when primary control not feasible	Increased monitoring when can't encrypt
Directive	Direct actions	Policies, procedures, guidelines

Defense in Depth

Layer multiple security controls so if one fails, others still protect. Combine technical, administrative, and physical controls across all categories.

Cryptography Fundamentals

Encryption, hashing, and key concepts

Encryption Types

Type	Description	Examples	Use Cases
Symmetric	Same key for encrypt/decrypt	AES, DES, 3DES, Blowfish	Bulk data encryption, file encryption
Asymmetric	Public/private key pair	RSA, ECC, Diffie-Hellman	Key exchange, digital signatures, PKI
Hashing	One-way function, fixed output	SHA-256, SHA-3, MD5 (weak)	Integrity verification, password storage

Key Concepts

Digital Signatures

Hash message, encrypt hash with private key. Provides integrity, authentication, non-repudiation.

Digital Certificates

Bind public key to identity. Issued by Certificate Authority (CA). X.509 standard.

PKI

Public Key Infrastructure. CAs, certificates, CRLs, OCSP for certificate management.

Key Exchange

Securely share symmetric keys. Diffie-Hellman, ECDH, RSA key exchange.

Deprecated Algorithms

Do NOT use: MD5, SHA-1, DES, RC4, SSL 2.0/3.0, TLS 1.0/1.1

Use instead: SHA-256+, AES-256, TLS 1.2/1.3

Back to Security+

CompTIA Security+ Study Notes

Comprehensive study notes covering all SY0-701 exam domains with detailed explanations, tables, and exam tips.

CompTIA Security+ Study Notes

General Security Concepts

Fundamental security principles and concepts

CIA Triad

Principle	Definition	Controls/Examples
Confidentiality	Prevent unauthorized disclosure of information	Encryption, access controls, data classification
Integrity	Ensure data is not modified without authorization	Hashing, digital signatures, version control
Availability	Ensure systems/data are accessible when needed	Redundancy, backups, fault tolerance, load balancing

Additional Security Concepts

Non-Repudiation

Ensures parties cannot deny actions. Achieved through digital signatures, audit logs, timestamps.

Authentication

Verifying identity. Something you know, have, are, somewhere you are, something you do.

Authorization

Determining what authenticated users can access. RBAC, ABAC, MAC, DAC.

Accounting

Tracking user actions for auditing. Logs, monitoring, SIEM.

AAA Framework

Authentication (who are you?), Authorization (what can you do?), and Accounting (what did you do?) form the foundation of access control.

Security Controls

Types of controls and their categories

Control Types

Type	Description	Examples
Technical (Logical)	Hardware/software mechanisms	Firewalls, encryption, IDS, access controls, antivirus
Administrative (Managerial)	Policies and procedures	Security policies, training, background checks, risk assessments
Physical	Protect physical assets	Locks, guards, cameras, fencing, biometrics, mantrap

Control Categories

Category	Purpose	Examples
Preventive	Stop incidents before they occur	Firewall rules, encryption, security training, access controls
Detective	Identify when incidents occur	IDS, log analysis, security audits, motion sensors
Corrective	Fix problems after detection	Patching, restoring backups, incident response
Deterrent	Discourage threats	Warning signs, security cameras, login banners
Compensating	Alternative when primary control not feasible	Increased monitoring when can't encrypt
Directive	Direct actions	Policies, procedures, guidelines

Defense in Depth

Layer multiple security controls so if one fails, others still protect. Combine technical, administrative, and physical controls across all categories.

Cryptography Fundamentals

Encryption, hashing, and key concepts

Encryption Types

Type	Description	Examples	Use Cases
Symmetric	Same key for encrypt/decrypt	AES, DES, 3DES, Blowfish	Bulk data encryption, file encryption
Asymmetric	Public/private key pair	RSA, ECC, Diffie-Hellman	Key exchange, digital signatures, PKI
Hashing	One-way function, fixed output	SHA-256, SHA-3, MD5 (weak)	Integrity verification, password storage

Key Concepts

Digital Signatures

Hash message, encrypt hash with private key. Provides integrity, authentication, non-repudiation.

Digital Certificates

Bind public key to identity. Issued by Certificate Authority (CA). X.509 standard.

PKI

Public Key Infrastructure. CAs, certificates, CRLs, OCSP for certificate management.

Key Exchange

Securely share symmetric keys. Diffie-Hellman, ECDH, RSA key exchange.

Deprecated Algorithms

Do NOT use: MD5, SHA-1, DES, RC4, SSL 2.0/3.0, TLS 1.0/1.1

Use instead: SHA-256+, AES-256, TLS 1.2/1.3