CompTIA Security+

Security+ domain 1: Understanding general security concepts (701 exam update)

If you're looking to validate your cybersecurity knowledge and advance your IT career, then the CompTIA Security+ certification might be the perfect next step. This globally recognized credential assesses your skills in applying broad cybersecurity concepts and principles to protect organizational assets. 

The Security+ exam is updated roughly every three years to keep pace with the changing cybersecurity landscape. The most recent iteration of the exam, SY0-701, was introduced in November 2023. The previous version, SY0-601, will be retired on July 31, 2024, so if you're planning to take the exam, study the right material. 

In this blog post, we'll break down domain 1.0: general security concepts. We'll look at how it compares to the overall exam, what new concepts you need to master and why these changes matter in the world of cybersecurity. 

Become a SOC Analyst: get Security+ certified!

More than 47,000 new SOC analysts will be needed by 2030. Get your CompTIA Security+ to leap into this rapidly growing field — backed with an Exam Pass Guarantee.

View Pricing

What's changed in Security+ domain 1? 

The new exam topics (Security+ SY0-701) for domain 1 gather the general security concepts previously spread across multiple domains. Patrick Lane, Director of Certification Product Management at CompTIA, joined Infosec for a webinar on the Security+ update and explained that this domain covers all the foundational concepts every cybersecurity professional should know. 

Here are the objectives for Security+ domain 1: 

• 1.1 Compare and contrast various types of security controls: This objective builds on the material in the old exam's objective 5.1 and covers all the things that enforce the CIA (Confidentiality, Integrity, Availability) triad of information security. 
• 1.2 Summarize fundamental security concepts: This subdomain incorporates elements from various sections of the old exam, including core security concepts from objective 2.1 and the importance of physical security from objective 2.7. Here, you'll learn the essential security vocabulary and gain a solid understanding of how to apply it. 
• 1.3 Explain the importance of change management processes and the impact to security: This objective combines information about organizational policies from the old exam's objective 5.3 with new material on implementing secure change management practices. 
• 1.4 Explain the importance of using appropriate cryptographic solutions: This subdomain expands on the cryptographic basics covered in objective 2.8 of the previous exam. In this objective, you'll learn why encryption is vital and how to choose the right solutions. 

 Now let’s explore each objective in detail. 

Watch the full Security+ webinar with CompTIA to learn more.

1.1: Security controls 

The objective "compare and contrast various types of security controls" is essential to understanding how organizations protect their assets from security risks. Security controls are safeguards or countermeasures that aim to preserve the confidentiality, integrity and availability (CIA) of information and are "one of the most foundational concepts in cybersecurity," according to Lane. These controls can be categorized into technical, managerial, operational and physical types. 

Technical controls include firewalls and antivirus software, which protects systems from unauthorized access and malware. Managerial controls involve policies and procedures that govern security practices, such as risk management frameworks like NIST's RMF. Operational controls focus on the day-to-day protection of assets. Physical controls involve measures like locks and access control systems to secure physical locations. 

Security controls can also be classified by their function. Preventative controls aim to stop security incidents before they occur. Deterrent controls discourage malicious activities. Detective controls identify and alert about security breaches. Corrective controls address and fix issues after they occur. Compensating controls provide alternative measures when primary controls fail. Directive controls enforce compliance with security policies. 

This objective builds your essential security vocabulary, ensuring you can confidently discuss and implement the controls that keep your organization safe. 

1.2: Fundamental security concepts 

This objective challenges you to "summarize fundamental security concepts." From the classic CIA triad (Confidentiality, Integrity and Availability) to the Zero Trust model, you'll need to wrap your head around various concepts. 

Lane emphasizes the importance of understanding these foundational elements, as they form the backbone of effective security strategies. Take the AAA framework (Authentication, Authorization and Accounting), for instance. It's not only about keeping bad actors out; it's also about ensuring the right people have the right access at the right time. 

This subdomain doesn't stop at the digital realm. Physical security concepts, from bollards to infrared sensors, are also covered. You also learn about deception technologies like honeypots because, sometimes, the best defense is a good offense. 

These concepts are important because cybersecurity is more than just firewalls and antivirus software. It's about understanding how all these concepts work together to create a robust defense. Once you master these concepts, you'll have the foundation to tackle any security challenge that comes your way. 

1.3: Change management processes 

This objective asks you to "explain the importance of change management processes and the impact to security," which, according to Lane, is no small feat. "Change management is one of the most complex, difficult things to do in it," he stresses. Why? Because in today's interconnected systems, one change can trigger a domino effect across the entire network. 

Think of change management as a high-stakes game of Jenga. Every move you make could potentially topple the whole structure. That's why understanding the business processes, technical implications and documentation requirements is essential. 

From approval processes and impact analysis to allow lists and service restarts, each element plays a vital role in maintaining security while implementing changes. Making the change itself could be the simplest part. Anticipating its ripple effects, having a solid backup plan and ensuring everything is properly documented and version-controlled are where it gets complex. 

In cybersecurity, uncontrolled changes are like leaving your front door wide open. Becoming an expert at change management helps you keep that door locked tight. It's a delicate balance but one that's essential for maintaining robust security in a changing IT landscape. 

1.4: Cryptographic solutions 

In this subdomain, you'll learn to "explain the importance of using appropriate cryptographic solutions." "We have to encrypt our data," says Lane, "because if that's not done, it can be immediately used by a bad actor." This objective is your crash course and keeping information under lock and key in the digital world. 

From public key infrastructure (PKI) to blockchain, the range of cryptographic solutions can seem overwhelming. But each solution is just another tool in your cybersecurity toolbox and this objective will teach you which cryptographic tool to use if it's each security scenario. 

Understanding the differences between symmetric and asymmetric encryption, the various levels of encryption (from full-disk to record-level) and the role of digital signatures might seem like academic knowledge. But it helps you determine how to protect data, whether at rest, in transit or in use. 

In an age where data breaches make headlines almost daily, strong cryptography is often the last line of defense. Learning the concepts in this objective prepares you to be a guardian of digital information in the real world. In cybersecurity, what you don't know can hurt you and your organization. 

Preparing for your Security+ exam 

The first domain of the Security+ SY0-701 exam lays the foundation for understanding the core principles of cybersecurity. This domain lays the groundwork for what you will learn in the other domains and accounts for 12% of the exam. Think of it as the essential toolkit you'll need to tackle the more specific challenges you'll encounter in the remaining domains. 

Once you learn everything that domain 1 has to offer, you'll be well prepared to tackle the remaining four domains: 

• Domain 2: Threats, Vulnerabilities and Mitigations 
• Domain 3: Security Architecture 
• Domain 4: Security Operations 
• Domain 5: Security Program Management and Oversight 

Beyond these articles, we've got many more resources to help you prepare For the Security+ exam, including: 

• Learn valuable insights about the changes to the exam directly from CompTIA’s Patrick Lane in our free webinar, CompTIA Security+: Everything you need to know about the SY0-701 update. 
• If you'd prefer to read about these changes, check out Infosec's ebook, CompTIA Security+ 701: How the world's most popular cert is changing in 2024 (and how it affects you). 
• And if you want to view anything and everything Security+, visit our Security+ certification hub, where you will find in-depth articles and other resources about the exam.