Security+ Domain 1: General Security Concepts

Introduction to security controls as safeguards designed to reduce risk and protect confidentiality, integrity, and availability. Understanding the dual classification system of categories and control types.

Hardware and software mechanisms that enforce security automatically. Includes firewalls, encryption, access control lists, IDS/IPS, and endpoint protection.

Administrative and governance controls established by management to define policy, procedure, and oversight. Includes security policies, risk assessments, and compliance management.

Day-to-day procedures relying on human activity to maintain security. Includes incident response, change management, configuration management, and separation of duties.

Controls protecting tangible infrastructure and physical access. Includes locks, fences, security guards, surveillance cameras, and environmental controls.

Controls designed to stop security incidents before they occur. First line of defense including firewalls, MFA, access restrictions, and security training.

Controls that discourage malicious or negligent behavior through psychological effect. Includes warning signs, login banners, visible cameras, and disciplinary policies.

Controls that identify security events as they occur or after the fact. Includes SIEM alerts, IDS, audit logs, and security monitoring.

Controls that restore systems and processes after an incident. Includes patching, backups, system reimaging, and applying security fixes.

Alternative controls that substitute for primary controls when they are infeasible. Must provide equivalent protection and be documented.

Controls that guide or mandate security behavior through rules and expectations. Includes policies, acceptable use agreements, and standard operating procedures.

Layering multiple control types across categories to create comprehensive protection. Understanding how controls work together to provide overlapping security.

The three core principles of information security: Confidentiality (preventing unauthorized disclosure), Integrity (preventing unauthorized modification), and Availability (ensuring authorized access).

Ensuring that a party cannot deny having performed an action. Achieved through digital signatures, audit logs, and other accountability mechanisms.

The process of verifying identity. Understanding authentication of people vs systems, and the factors used (something you know, have, are, somewhere you are).

Methods for determining what authenticated users can access. Includes understanding of permissions, access levels, and authorization decisions.

Tracking and recording user activities for security monitoring, compliance, and forensics. Includes logging, monitoring, and audit trail maintenance.

Comparing current security posture against desired state or standards to identify deficiencies. Used to prioritize security improvements and compliance efforts.

Security model based on "never trust, always verify" principle. Eliminates implicit trust and requires continuous verification regardless of network location.

The decision-making components of zero trust architecture. Includes adaptive identity, threat scope reduction, policy-driven access control, policy administrator, and policy engine.

The enforcement components of zero trust architecture. Includes implicit trust zones, subject/system identification, and policy enforcement points.

Physical barriers and access controls including bollards, access control vestibules (mantraps), fencing, and security guards.

Surveillance and detection systems including video surveillance, access badges, lighting, and various sensors (infrared, pressure, microwave, ultrasonic).

Security tools designed to detect, deceive, and analyze attackers. Includes honeypots, honeynets, honeyfiles, and honeytokens.

Structured process for implementing changes to IT systems while minimizing risk and maintaining security. Understanding why uncontrolled changes create vulnerabilities.

Formal procedures for reviewing and approving changes including ownership, stakeholder involvement, and approval workflows.

Evaluating potential effects of changes on security and operations. Includes impact analysis, test results review, and validation procedures.

Planning for change reversal if issues occur and scheduling changes during appropriate timeframes to minimize business impact.

Understanding technical impacts including allow/deny lists, restricted activities, downtime, service/application restarts, legacy applications, and dependencies.

Maintaining accurate records of changes including updating diagrams, policies, procedures, and using version control systems.

Public Key Infrastructure components and concepts including public keys, private keys, and key escrow. Foundation for understanding digital certificates and encryption.

Understanding the two main encryption approaches: symmetric (same key for encrypt/decrypt) and asymmetric (public/private key pairs). When to use each.

Different scopes of encryption: full-disk, partition, file, volume, database, and record-level encryption. Understanding appropriate use cases for each.

Encrypting data in transit to protect communications. Understanding TLS, IPSec, and other transport-layer security protocols.

Common encryption algorithms (AES, RSA, etc.) and the importance of key length in determining encryption strength.

Hardware components for cryptographic operations including TPM, HSM, key management systems, and secure enclaves.

Methods to hide or obscure data including steganography, tokenization, and data masking. Different from encryption but provides protection.

One-way cryptographic functions for integrity verification and password storage. Understanding hash functions, collision resistance, and salt usage.

Using asymmetric cryptography to verify authenticity and integrity. How digital signatures provide non-repudiation and authentication.

Techniques to strengthen weak passwords or keys by applying cryptographic functions multiple times. Includes PBKDF2, bcrypt, scrypt.

Distributed ledger technology using cryptographic hashing for integrity. Understanding blockchain structure and open public ledger concept.

Entities that issue and manage digital certificates. Understanding root of trust, certificate chains, and third-party vs self-signed certificates.

Lifecycle management of certificates including CSR generation, revocation (CRL, OCSP), wildcard certificates, and renewal processes.