Certification Prep

CompTIA Security+ is a globally recognised, vendor-neutral entry-level cybersecurity certification. The current version is SY0-701 (released November 2023). It is widely used as a baseline credential for SOC analysts, IT security roles, and is required for many US DoD positions under the 8570 directive. The five domains of Security+ SY0-701 and their exam weightings: 1. General Security Concepts (12%) — Core concepts: cryptography fundamentals, authentication types (MFA, biometrics), security controls taxonomy (preventive, detective, corrective, deterrent), threat types and threat actors. 2. Threats, Vulnerabilities, and Mitigations (22%) — Malware types, social engineering, application vulnerabilities (OWASP), network attacks (DoS, MitM), threat intelligence, vulnerability scanning vs pentesting, patch management. 3. Security Architecture (18%) — Network segmentation, DMZ, cloud security models (IaaS/PaaS/SaaS), virtualisation and container security, zero trust, SASE, SD-WAN, on-premises vs cloud considerations. 4. Security Operations (28%) — The largest domain. Covers: incident response lifecycle, digital forensics, log monitoring, SIEM/SOAR, EDR, identity management, PKI, certificate management, firewall/IPS configurations, data security (DLP, encryption). 5. Security Program Management and Oversight (20%) — Risk management frameworks (NIST, ISO), compliance regulations (GDPR, HIPAA, PCI-DSS), security policies, third-party risk, privacy concepts, data classification, audit and assessment types. Exam format: • 90 questions (multiple choice + performance-based) • 90-minute time limit • Passing score: 750/900 • Recommended experience: 2 years in IT with security focus Recommended study resources: Professor Messer's free video course (profmesser.com), Darril Gibson's study guide, practice exams via ExamCompass or Jason Dion's Udemy course.