Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

engitech@oceanthemes.net

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram
Domain 1 of 5 Light
COMPTIA · SECURITY+ · STUDY GUIDE · FREE PREVIEW

Domain 1: General Security Concepts

The foundation of cybersecurity. Master the controls, concepts, and cryptographic tools that every security professional must know.

12%
Exam Weight
4
Objectives
~30m
Read Time
SY0-701
Exam Code
Domain 1 — 12% of exam100%
All Domains
01Key Concepts at a Glance

Six Ideas That Drive Every Question

These concepts appear across almost every Domain 1 question. Know them cold.

S

Security Controls

4 categories × 6 types = the exam's favorite matrix

"A warning sign is NOT preventive — it's deterrent. A firewall IS preventive. The exam tests whether you know the difference."

Deep dive in 1.1 Security Controls
C

CIA Triad

The 3 objectives every control maps back to

"Every firewall rule exists to serve one of these three. If it doesn't map to C, I, or A — why is it there?"

Deep dive in 1.2 Fundamental Concepts
Z

Zero Trust

Never trust, always verify — Control Plane + Data Plane

"Your VPN user authenticated once and has full network access? That's the opposite of Zero Trust."

Deep dive in 1.2 Fundamental Concepts
A

AAA

Authentication proves who, Authorization proves what, Accounting proves when

"A user logs in (authentication), accesses the finance share (authorization), and it's all logged (accounting)."

Deep dive in 1.2 Fundamental Concepts
M

Change Management

Every unmanaged change is a potential vulnerability

"A sysadmin pushes a patch without a backout plan. The patch breaks production. Now what?"

Deep dive in 1.3 Change Management
K

Cryptography

Symmetric for speed, asymmetric for trust, hashing for proof

"You encrypted the password database with AES-256. Great — but passwords should be hashed, not encrypted. Encryption is reversible."

Deep dive in 1.4 Cryptographic Solutions
↓ Download Domain 1 Cheat Sheet (PDF)
02Diagnostic Quiz

Find Out Where to Start

5 questions across Domain 1 — see which objectives need the most work.

Focus on these objectives

    You've got these

      03Objective Navigator

      4 Objectives — Pick Your Path

      Each lesson teaches through real scenarios — concept, textbook, hard choice, exam signal. Start anywhere or go in order. Completed lessons show a checkmark.

      1.1
      Security Controls Free

      Compare and contrast categories (Technical, Managerial, Operational, Physical) and types (Preventive, Deterrent, Detective, Corrective, Compensating, Directive)
      1.2
      Fundamental Security Concepts Free

      CIA, Non-repudiation, AAA, Zero Trust, Physical Security, Deception Technology
      1.3
      Change Management Free

      Business processes, technical implications, documentation, version control
      1.4
      Cryptographic Solutions Free

      PKI, encryption, tools (TPM/HSM), obfuscation, hashing, certificates
      🔨

      Hands-on labs and adaptive quizzes — Coming Soon

      TJS Platform will have scenario-based drills, matching exercises, and AI-powered explanations for every objective.

      Coming Soon
      04Memory Aids

      Learn It, Test It, Lock It In

      Each card has 3 layers. Click to advance: mnemonicscenario challengeanswer + exam tip.

      0 / 6 mastered
      Security Control Grid
      4 Categories × 6 Types
      Technical, Managerial, Operational, Physical × Preventive, Deterrent, Detective, Corrective, Compensating, Directive
      Scenario

      A biometric lock on a server room door — what CATEGORY and TYPE?

      Answer

      Technical + Preventive. The biometric scanner is an electronic/software mechanism (Technical category) that prevents unauthorized entry (Preventive type). The door itself is Physical, but the biometric authentication component makes this a Technical control.

      Exam tip: if the control uses hardware/software logic to make a decision, it's Technical — even if it's attached to a physical door. A lock = Physical. A smart lock with biometrics = Technical.
      click to advance →1 of 3
      CIA Triad
      Confidentiality · Integrity · Availability
      The three pillars every security control maps back to.
      Scenario

      Data was modified in transit without detection. Which pillar was violated?

      Answer

      Integrity. Modification = integrity. Disclosure = confidentiality. Downtime = availability.

      Exam tip: modification = integrity, disclosure = confidentiality, downtime = availability. Map every scenario to one pillar.
      click to advance →1 of 3
      Zero Trust Planes
      Control Plane + Data Plane
      Policy Engine decides, Policy Enforcement Point enforces.
      Scenario

      Which plane contains the Policy Enforcement Point?

      Answer

      Data Plane. The Control Plane (Policy Engine + Policy Administrator) makes the decision. The Data Plane (Policy Enforcement Point) carries it out.

      Exam tip: Control plane decides, data plane enforces. The PEP is always in the data plane.
      click to advance →1 of 3
      Honey-*
      Honeypot · Honeynet · Honeyfile · Honeytoken
      Deception technology: fake systems, networks, files, and data.
      Scenario

      A fake credential planted in a database that alerts when used?

      Answer

      Honeytoken. Pot = system, net = network, file = document, token = data. A planted credential is data, so it's a honeytoken.

      Exam tip: pot = system, net = network, file = document, token = data. Match the suffix to the scale.
      click to advance →1 of 3
      Change Management
      RFC → Impact → Approve → Implement → Backout
      The process can be accelerated but never skipped.
      Scenario

      A zero-day drops. Can you skip change management?

      Answer

      No — even emergency changes need a backout plan. The process can be accelerated (emergency CAB, expedited approval) but never bypassed entirely.

      Exam tip: the process can be accelerated but never skipped. "Skip change management" is always wrong.
      click to advance →1 of 3
      Crypto Basics
      Symmetric (1 key, fast) / Asymmetric (2 keys, slow) / Hashing (1 way)
      Speed vs trust vs proof — know which to use when.
      Scenario

      AES-256 uses how many keys?

      Answer

      One — it's symmetric. AES (Advanced Encryption Standard) uses a single shared key. Fast for bulk data. Asymmetric (RSA, ECC) uses a key pair but is slower.

      Exam tip: symmetric = shared key = fast. Asymmetric = key pair = slow but solves key distribution.
      click to advance →1 of 3

      The Elimination Rule — Exam Strategy

      Eliminate 2 obviously wrong answers. Between the remaining 2, choose the one that is more specific, more technical, or more directly addresses the scenario. Security+ rewards precision over generality.

      ↓ Download Flashcards (Anki-Compatible)
      05Think Like a Tech

      Security+ Tests How You Solve Problems

      01
      Scenario

      Server Room Breach

      Security cameras capture an unauthorized person following an employee into the server room. The visitor was not challenged. What combination of controls should you recommend?
      • ×
        Add more camerasDetective only — doesn't prevent the next breach
      • ×
        Fire the employee who held the doorCorrective, but doesn't address the root cause
      • Anti-tailgating mantrap (preventive) + security awareness training (directive)Layered defense: physical prevention + behavioral change addresses root cause.
      • ×
        Post a "No Tailgating" signDeterrent only — signs don't stop determined intruders
      Principle: Layer detective + preventive + directive controls. No single control is enough.
      02
      Scenario

      Patch Emergency

      A critical zero-day vulnerability is being actively exploited. Your team wants to push the patch immediately to all production servers. What should you do FIRST?
      • ×
        Deploy the patch immediatelySkips change management entirely
      • ×
        Wait for the next maintenance windowActive exploitation means urgency matters
      • Initiate emergency change management with a backout planFast-track the process, but never skip it. A backout plan ensures recoverability.
      • ×
        Isolate the servers from the networkCompensating control, but doesn't fix the vulnerability
      Principle: Change management can be accelerated but never skipped. Always have a backout plan.
      03
      Scenario

      Password Breach

      Your password database was stolen. The passwords were stored using AES-256 encryption. An attacker with the key can recover all passwords. What should have been done differently?
      • ×
        Use a stronger encryption algorithmAES-256 is already strong — wrong tool, not weak tool
      • ×
        Encrypt the encryption keyKey management helps but doesn't fix the fundamental flaw
      • Hash passwords with bcrypt/Argon2 + unique salt per passwordHashing is one-way — even with the database, passwords can't be reversed. Salting prevents rainbow tables.
      • ×
        Implement MFA so passwords don't matterDefense in depth, but passwords should still be properly stored
      Principle: Passwords are hashed, not encrypted. Encryption is reversible; hashing is not.
      🎯

      Adaptive practice drills — Coming Soon

      TJS Platform will track your weak areas and generate focused drills. AI Study Buddy will explain why you got it wrong.

      Coming Soon
      06Common Traps

      The Tempting Wrong Answer

      1

      Deterrent vs Preventive

      A sign discourages (deterrent). A lock prevents (preventive). Both are physical, but different types.

      2

      Honeypot vs Honeytoken

      Honeypot = fake system. Honeytoken = fake data. The exam tests this distinction by scale.

      3

      Authentication vs Authorization

      Authentication = who you are. Authorization = what you can do. Logging in vs accessing a resource.

      4

      Encryption vs Hashing

      Encryption is reversible (with the key). Hashing is one-way. Passwords get hashed, not encrypted.

      5

      TPM vs HSM

      TPM = endpoint chip (built into motherboard). HSM = enterprise appliance (dedicated hardware for key management).

      6

      Symmetric vs Asymmetric

      Symmetric = speed (one key, bulk data). Asymmetric = trust (two keys, key exchange, signatures).

      07Self-Check Quiz

      5 Practice Questions

      Select an answer, then click Check. Full adaptive quiz engine with 200+ questions coming soon on TJS Platform.

      UnderstandBeginner1.1
      Q1. A security guard stationed at a building entrance who checks employee badges is an example of which control CATEGORY and TYPE?
      • A Technical / Preventive
      • B Operational / Preventive
      • C Physical / Detective
      • D Managerial / Directive
      Correct: B

      A security guard depends on a human performing an action (Operational category) and actively prevents unauthorized entry by checking badges (Preventive type). A locked door would be Physical; the guard is Operational because it requires human judgment.

      Objective 1.1 — Security Controls
      ApplyIntermediate1.2
      Q2. In a Zero Trust architecture, which component makes the final access decision?
      • A Policy Enforcement Point
      • B Policy Engine
      • C Policy Administrator
      • D Identity Provider
      Correct: B

      The Policy Engine evaluates requests and makes the allow/deny decision. The PEP enforces it. The Policy Administrator communicates the decision to the PEP.

      Objective 1.2 — Fundamental Security Concepts
      ApplyIntermediate1.3
      Q3. A developer pushes a configuration change directly to production during a weekend. The change causes an outage Monday morning. What is the ROOT failure?
      • A Insufficient testing infrastructure
      • B Bypassing change management process
      • C Lack of weekend monitoring
      • D Missing rollback automation
      Correct: B

      The root failure is bypassing change management. Proper CM would have required impact analysis, approval, and a backout plan before any production change.

      Objective 1.3 — Change Management
      RememberBeginner1.4
      Q4. Which cryptographic technique adds random data to each password before hashing to prevent rainbow table attacks?
      • A Key stretching
      • B Salting
      • C Peppering
      • D Steganography
      Correct: B

      Salting adds unique random data to each password before hashing. This ensures identical passwords produce different hashes, defeating precomputed rainbow tables.

      Objective 1.4 — Cryptographic Solutions
      AnalyzeAdvanced1.2
      Q5. An organization places a fake database record containing fabricated credentials. When accessed, it triggers a SIEM alert. What is this technique called?
      • A Honeypot
      • B Honeynet
      • C Honeytoken
      • D Honeyfile
      Correct: C

      A honeytoken is a piece of fake data (credential, record, API key) planted to detect unauthorized access. Honeypots are systems, honeynets are networks, honeyfiles are documents.

      Objective 1.2 — Deception Technology

      Continue Your Prep

      Choose how you want to study. All paths lead to the same goal — passing the Security+ on exam day.

      Recommended
      TJS Platform

      All 5 domains, 200+ adaptive questions, AI Study Buddy, timed exams, and certificate of completion.

      Coming Soon
      Coming Soon
      Pocket Reference PDF

      Printable desk reference with key concepts, mnemonics, and quick-reference tables for all 5 domains.

      $12 / one-time
      Get the PDF
      Free Cheat Sheet

      Domain 1 key concepts on one page. Control matrix, CIA mapping, crypto basics, and the traps you need to know.

      Free / email signup
      Download Free
      Disclaimer
      This content is provided for educational and exam preparation purposes only. It is designed to supplement your study efforts with additional context, scenarios, and practice material. This is not official CompTIA content, is not endorsed by CompTIA, and does not guarantee exam success. All practice questions are original and based on published exam objectives — they are not actual exam questions. Exam content, format, and policies are determined solely by CompTIA. Always refer to the official CompTIA Security+ SY0-701 Exam Objectives as your primary reference. Tech Jacks Solutions is not responsible for exam outcomes.
      Tech Jacks Solutions

      CompTIA Security+ SY0-701 Exam Objectives · GAIO Integrity Lock Active · No brain dumps · No fabricated statistics