comptia-security-sy0-701-exam-objectives-(5-0).pdf
Transcript
CompTIA Security+ Certification Exam Objectives EXAM NUMBER: SY0-701 CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. About the Exam The CompTIA Security+ certif...
CompTIA Security+ Certification Exam Objectives EXAM NUMBER: SY0-701 CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. About the Exam The CompTIA Security+ certification exam will certify the successful candidate has the knowledge and skills required to: Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions. Monitor and secure hybrid environments, including cloud, mobile, and Internet of Things (IoT). Operate with an awareness of applicable regulations and policies, including principles of governance, risk, and compliance. Identify, analyze, and respond to security events and incidents. EXAM DEVELOPMENT CompTIA exams result from subject matter expert workshops and industry-wide survey results regarding the skills and knowledge required of an IT professional. CompTIA AUTHORIZED MATERIALS USE POLICY CompTIA Certifications, LLC is not affiliated with and does not authorize, endorse, or condone utilizing any content provided by unauthorized third-party training sites (aka “brain dumps”). Individuals who utilize such materials in preparation for any CompTIA examination will have their certifications revoked and be suspended from future testing in accordance with the CompTIA Candidate Agreement. In an effort to more clearly communicate CompTIA’s exam policies on use of unauthorized study materials, CompTIA directs all certification candidates to the CompTIA Certification Exam Policies. Please review all CompTIA policies before beginning the study process for any CompTIA exam. Candidates will be required to abide by the CompTIA Candidate Agreement. If a candidate has a question as to whether study materials are considered unauthorized (aka “brain dumps”), he/she should contact CompTIA at [email protected] to confirm. PLEASE NOTE The lists of examples provided in bulleted format are not exhaustive lists. Other examples of technologies, processes, or tasks pertaining to each objective may also be included on the exam, although not listed or covered in this objectives document. CompTIA is constantly reviewing the content of our exams and updating test questions to be sure our exams are current, and the security of the questions is protected. When necessary, we will publish updated exams based on existing exam objectives. Please know that all related exam preparation materials will still be valid. CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. TEST DETAILS Required exam SY0-701 Number of questions Maximum of 90 Types of questions Multiple-choice and performance-based Length of test 90 minutes Recommended experience A minimum of 2 years of experience in IT administration with a focus on security, hands-on experience with technical information security, and broad knowledge of security concepts EXAM OBJECTIVES (DOMAINS) The table below lists the domains measured by this examination and the extent to which they are represented. DOMAIN PERCENTAGE OF EXAMINATION 1.0 General Security Concepts 12% 2.0 Threats, Vulnerabilities, and Mitigations 22% 3.0 Security Architecture 18% 4.0 Security Operations 28% 5.0 Security Program Management and Oversight 20% Total 100% CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 1.0 General Security Concepts 1.1 Compare and contrast various types of security controls. Categories Control types - Technical - Preventive - Managerial - Deterrent - Operational - Detective - Physical - Corrective - Compensating - Directive 1.2 Summarize fundamental security concepts. Confidentiality, Integrity, and o Policy Engine o Pressure Availability (CIA) - Data Plane o Microwave Non-repudiation o Implicit trust zones o Ultrasonic Authentication, Authorization, and o Subject/System Deception and disruption Accounting (AAA) o Policy Enforcement Point technology - Authenticating people Physical security - Honeypot - Authenticating systems - Bollards - Honeynet - Authorization models - Access control vestibule - Honeyfile Gap analysis - Fencing - Honeytoken Zero Trust - Video surveillance - Control Plane - Security guard o Adaptive identity - Access badge o Threat scope reduction - Lighting o Policy-driven access control - Sensors o Policy Administrator o Infrared CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 1.0 | General Security Concepts 1.3 Explain the importance of change management processes and the impact to security. Business processes impacting Technical implications Documentation security operation - Allow lists/deny lists - Updating diagrams - Approval process - Restricted activities - Updating policies/procedures - Ownership - Downtime Version control - Stakeholders - Service restart - Impact analysis - Application restart - Test results - Legacy applications - Backout plan - Dependencies - Maintenance window - Standard operating procedure 1.4 Explain the importance of using appropriate cryptographic solutions. Public key infrastructure (PKI) Tools - Certificate revocation lists - Public key - Trusted Platform Module (TPM) (CRLs) - Private key - Hardware security module - Online Certificate Status - Key escrow (HSM) Protocol (OCSP) Encryption - Key management system - Self-signed - Level - Secure enclave - Third-party o Full-disk Obfuscation - Root of trust o Partition o Steganography - Certificate signing request (CSR) o File o Tokenization generation o Volume o Data masking - Wildcard o Database Hashing o Record Salting - Transport/communication Digital signatures - Asymmetric Key stretching - Symmetric Blockchain - Key exchange Open public ledger - Algorithms Certificates - Key length - Certificate authorities CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 2.0 Threats, Vulnerabilities, and Mitigations 2.1 Compare and contrast common threat actors and motivations. Threat actors Motivations - Nation-state - Data exfiltration - Unskilled attacker - Espionage - Hacktivist - Service disruption - Insider threat - Blackmail - Organized crime - Financial gain - Shadow IT - Philosophical/political beliefs Attributes of actors - Ethical - Internal/external - Revenge - Resources/funding - Disruption/chaos - Level of sophistication/capability - War 2.2 Explain common threat vectors and attack surfaces. Message-based Unsecure networks Human vectors/social engineering o Email - Wireless - Phishing o Short Message Service (SMS) - Wired - Vishing o Instant messaging (IM) - Bluetooth - Smishing Image-based Open service ports - Misinformation/disinformation File-based Default credentials - Impersonation Voice call Supply chain - Business email compromise Removable device - Managed service providers - Pretexting Vulnerable software (MSPs) - Watering hole o Client-based vs. agentless - Vendors - Brand impersonation Unsupported systems and - Suppliers - Typosquatting applications CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 2.0 | Threats, Vulnerabilities, and Mitigations 2.3 Explain various types of vulnerabilities. Application Hardware Misconfiguration - Memory injection - Firmware Mobile device - Buffer overflow - End-of-life - Side loading - Race conditions - Legacy - Jailbreaking o Time-of-check (TOC) Virtualization Zero-day o Time-of-use (TOU) - Virtual machine (VM) escape - Malicious update - Resource reuse Operating system (OS)-based Cloud-specific Web-based Supply chain - Structured Query Language - Service provider injection (SQLi) - Hardware provider - Cross-site scripting (XSS) - Software provider Cryptographic 2.4 Given a scenario, analyze indicators of malicious activity. Malware attacks Amplified o - Birthday - Ransomware Reflected o Password attacks - Trojan - Domain Name System (DNS) - Spraying - Worm attacks - Brute force - Spyware - Wireless Indicators - Bloatware - On-path - Account lockout - Virus - Credential replay - Concurrent session usage - Keylogger - Malicious code - Blocked content - Logic bomb Application attacks - Impossible travel - Rootkit - Injection - Resource consumption Physical attacks - Buffer overflow - Resource inaccessibility - Brute force - Replay - Out-of-cycle logging - Radio frequency identification - Privilege escalation - Published/documented (RFID) cloning - Forgery - Missing logs - Environmental - Directory traversal Network attacks Cryptographic attacks - Distributed denial-of-service - Downgrade (DDoS) - Collision 2.5 Explain the purpose of mitigation techniques used to secure the enterprise. Segmentation Monitoring - Host-based firewall Access control Least privilege - Host-based intrusion prevention - Access control list (ACL) Configuration enforcement system (HIPS) - Permissions Decommissioning - Disabling ports/protocols Application allow list Hardening techniques - Default password changes Isolation - Encryption - Removal of unnecessary Patching - Installation of endpoint software Encryption protection CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 3.0 Security Architecture 3.1 Compare and contrast security implications of different architecture models. Architecture and infrastructure - On-premises - Cost concepts - Centralized vs. decentralized - Responsiveness - Cloud - Containerization - Scalability o Responsibility matrix - Virtualization - Ease of deployment o Hybrid considerations - IoT - Risk transference o Third-party vendors - Industrial control systems (ICS)/ - Ease of recovery - Infrastructure as code (IaC) supervisory control and data - Patch availability - Serverless acquisition (SCADA) - Inability to patch - Microservices - Real-time operating system - Power - Network infrastructure (RTOS) - Compute o Physical isolation - Embedded systems ° Air-gapped - High availability o Logical segmentation Considerations o Software-defined - Availability networking (SDN) - Resilience 3.2 Given a scenario, apply security principles to secure enterprise infrastructure. Infrastructure considerations o Sensors Internet protocol security o - Device placement - Port security (IPSec) - Security zones o 802.1X - Software-defined wide area - Attack surface o Extensible Authentication network (SD-WAN) - Connectivity Protocol (EAP) - Secure access service edge - Failure modes - Firewall types (SASE) o Fail-open o Web application firewall Selection of effective controls o Fail-closed (WAF) - Device attribute o Unified threat management o Active vs. passive (UTM) o Inline vs. tap/monitor o Next-generation firewall - Network appliances (NGFW) o Jump server o Layer 4/Layer 7 o Proxy server Secure communication/access o Intrusion prevention system - Virtual private network (VPN) (IPS)/intrusion detection system - Remote access (IDS) - Tunneling o Load balancer o Transport Layer Security (TLS) CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 3.0 | Security Architecture 3.3 Compare and contrast concepts and strategies to protect data. Data types - Public Methods to secure data - Regulated - Restricted - Geographic restrictions - Trade secret - Private - Encryption - Intellectual property - Critical - Hashing - Legal information General data considerations - Masking - Financial information - Data states - Tokenization - Human- and non-human- o Data at rest - Obfuscation readable o Data in transit - Segmentation Data classifications o Data in use - Permission restrictions - Sensitive - Data sovereignty - Confidential - Geolocation 3.4 Explain the importance of resilience and recovery in security architecture. High availability - Technology - Recovery - Load balancing vs. clustering - Infrastructure - Replication Site considerations Testing - Journaling - Hot - Tabletop exercises Power - Cold - Fail over - Generators - Warm - Simulation - Uninterruptible power supply - Geographic dispersion - Parallel processing (UPS) Platform diversity Backups Multi-cloud systems - Onsite/offsite Continuity of operations - Frequency Capacity planning - Encryption - People - Snapshots CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 4.0 Security Operations 4.1 Given a scenario, apply common security techniques to computing resources. Secure baselines - Installation considerations Wireless security settings - Establish o Site surveys - Wi-Fi Protected Access 3 - Deploy o Heat maps (WPA3) - Maintain Mobile solutions - AAA/Remote Authentication Hardening targets - Mobile device management Dial-In User Service (RADIUS) - Mobile devices (MDM) - Cryptographic protocols - Workstations - Deployment models - Authentication protocols - Switches o Bring your own device (BYOD) Application security - Routers o Corporate-owned, personally - Input validation - Cloud infrastructure enabled (COPE) - Secure cookies - Servers o Choose your own device - Static code analysis - ICS/SCADA (CYOD) - Code signing - Embedded systems - Connection methods Sandboxing - RTOS o Cellular Monitoring - IoT devices o Wi-Fi Wireless devices o Bluetooth 4.2 Explain the security implications of proper hardware, software, and data asset management. Acquisition/procurement process Disposal/decommissioning Assignment/accounting - Sanitization - Ownership - Destruction - Classification - Certification Monitoring/asset tracking - Data retention - Inventory - Enumeration CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 4.0 | Security Operations 4.3 Explain various activities associated with vulnerability management. Identification methods - Confirmation - Compensating controls - Vulnerability scan o False positive - Exceptions and exemptions - Application security o False negative Validation of remediation o Static analysis - Prioritize - Rescanning o Dynamic analysis - Common Vulnerability Scoring - Audit o Package monitoring System (CVSS) - Verification - Threat feed - Common Vulnerability Reporting o Open-source intelligence Enumeration (CVE) (OSINT) - Vulnerability classification o Proprietary/third-party - Exposure factor o Information-sharing - Environmental variables organization - Industry/organizational impact o Dark web - Risk tolerance - Penetration testing Vulnerability response and - Responsible disclosure program remediation o Bug bounty program - Patching - System/process audit - Insurance Analysis - Segmentation 4.4 Explain security alerting and monitoring concepts and tools. Monitoring computing resources - Alert response and remediation/ management (SIEM) - Systems validation - Antivirus - Applications o Quarantine - Data loss prevention (DLP) - Infrastructure o Alert tuning - Simple Network Management Activities Tools Protocol (SNMP) traps - Log aggregation - Security Content Automation - NetFlow - Alerting Protocol (SCAP) - Vulnerability scanners - Scanning - Benchmarks - Reporting - Agents/agentless - Archiving - Security information and event CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 4.0 | Security Operations 4.5 Given a scenario, modify enterprise capabilities to enhance security. Firewall Operating system security - Gateway - Rules - Group Policy File integrity monitoring - Access lists - SELinux DLP - Ports/protocols Implementation of secure Network access control (NAC) - Screened subnets protocols Endpoint detection and response IDS/IPS - Protocol selection (EDR)/extended detection and - Trends - Port selection response (XDR) - Signatures - Transport method User behavior analytics Web filter DNS filtering - Agent-based Email security - Centralized proxy - Domain-based Message - Universal Resource Locator Authentication Reporting and (URL) scanning Conformance (DMARC) - Content categorization - DomainKeys Identified Mail - Block rules (DKIM) - Reputation - Sender Policy Framework (SPF) 4.6 Given a scenario, implement and maintain identity and access management. Provisioning/de-provisioning user - Discretionary o Somewhere you are accounts - Role-based Password concepts Permission assignments and - Rule-based - Password best practices implications - Attribute-based o Length Identity proofing - Time-of-day restrictions o Complexity Federation - Least privilege o Reuse Single sign-on (SSO) Multifactor authentication o Expiration - Lightweight Directory Access - Implementations o Age Protocol (LDAP) o Biometrics - Password managers - Open authorization (OAuth) o Hard/soft authentication - Passwordless - Security Assertions Markup tokens Privileged access management Language (SAML) o Security keys tools Interoperability - Factors - Just-in-time permissions Attestation o Something you know - Password vaulting Access controls o Something you have - Ephemeral credentials - Mandatory o Something you are CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 4.0 | Security Operations 4.7 Explain the importance of automation and orchestration related to secure operations. Use cases of automation and Benefits Other considerations scripting - Efficiency/time saving - Complexity - User provisioning - Enforcing baselines - Cost - Resource provisioning - Standard infrastructure - Single point of failure - Guard rails configurations - Technical debt - Security groups - Scaling in a secure manner - Ongoing supportability - Ticket creation - Employee retention - Escalation - Reaction time - Enabling/disabling services - Workforce multiplier and access - Continuous integration and testing - Integrations and Application programming interfaces (APIs) 4.8 Explain appropriate incident response activities. Process Training - Chain of custody - Preparation Testing - Acquisition - Detection - Tabletop exercise - Reporting - Analysis - Simulation - Preservation - Containment Root cause analysis - E-discovery - Eradication Threat hunting - Recovery Digital forensics - Lessons learned - Legal hold 4.9 Given a scenario, use data sources to support an investigation. Log data Data sources - Firewall logs - Vulnerability scans - Application logs - Automated reports - Endpoint logs - Dashboards - OS-specific security logs - Packet captures - IPS/IDS logs - Network logs - Metadata CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 5.0 Security Program Management and Oversight 5.1 Summarize elements of effective security governance. Guidelines - Physical security Monitoring and revision Policies - Encryption Types of governance structures - Acceptable use policy (AUP) Procedures - Boards - Information security policies - Change management - Committees - Business continuity - Onboarding/offboarding - Government entities - Disaster recovery - Playbooks - Centralized/decentralized - Incident response External considerations Roles and responsibilities for - Software development lifecycle - Regulatory systems and data (SDLC) - Legal - Owners - Change management - Industry - Controllers Standards - Local/regional - Processors - Password - National - Custodians/stewards - Access control - Global 5.2 Explain elements of the risk management process. Risk identification - Impact Risk reporting Risk assessment Risk register Business impact analysis - Ad hoc - Key risk indicators - Recovery time objective (RTO) - Recurring - Risk owners - Recovery point objective (RPO) - One-time - Risk threshold - Mean time to repair (MTTR) - Continuous Risk tolerance - Mean time between failures Risk analysis Risk appetite (MTBF) - Qualitative - Expansionary - Quantitative - Conservative - Single loss expectancy (SLE) - Neutral - Annualized loss expectancy Risk management strategies (ALE) - Transfer - Annualized rate of occurrence - Accept (ARO) o Exemption - Probability o Exception - Likelihood - Avoid - Exposure factor - Mitigate CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 5.0 | Security Program Management and Oversight 5.3 Explain the processes associated with third-party risk assessment and management. Vendor assessment Agreement types - Non-disclosure agreement - Penetration testing - Service-level agreement (SLA) (NDA) - Right-to-audit clause - Memorandum of agreement - Business partners agreement - Evidence of internal audits (MOA) (BPA) - Independent assessments - Memorandum of understanding Vendor monitoring - Supply chain analysis (MOU) Questionnaires Vendor selection - Master service agreement (MSA) Rules of engagement - Due diligence - Work order (WO)/statement of - Conflict of interest work (SOW) 5.4 Summarize elements of effective security compliance. Compliance reporting Compliance monitoring o National - Internal - Due diligence/care o Global - External - Attestation and - Data subject Consequences of non-compliance acknowledgement - Controller vs. processor - Fines - Internal and external - Ownership - Sanctions - Automation - Data inventory and retention - Reputational damage Privacy - Right to be forgotten - Loss of license - Legal implications - Contractual impacts o Local/regional 5.5 Explain types and purposes of audits and assessments. Attestation Penetration testing Internal - Physical - Compliance - Offensive - Audit committee - Defensive - Self-assessments - Integrated External - Known environment - Regulatory - Partially known environment - Examinations - Unknown environment - Assessment - Reconnaissance - Independent third- o Passive party audit o Active CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. 5.0 | Security Program Management and Oversight 5.6 Given a scenario, implement security awareness practices. Phishing - Insider threat - Campaigns - Password management - Recognizing a phishing attempt - Removable media and cables - Responding to reported - Social engineering suspicious messages - Operational security Anomalous behavior recognition - Hybrid/remote work - Risky environments - Unexpected Reporting and monitoring - Unintentional - Initial User guidance and training - Recurring - Policy/handbooks Development - Situational awareness Execution CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. CompTIA Security+ SY0-701 Acronym List The following is a list of acronyms that appears on the CompTIA Security+ SY0-701 exam. Candidates are encouraged to review the complete list and attain a working knowledge of all listed acronyms as part of a comprehensive exam preparation program. Acronym Spelled Out Acronym Spelled Out AAA Authentication, Authorization, and CHAP Challenge Handshake Authentication Accounting Protocol ACL Access Control List CIA Confidentiality, Integrity, Availability AES Advanced Encryption Standard CIO Chief Information Officer AES-256 Advanced Encryption Standards 256-bit CIRT Computer Incident Response Team AH Authentication Header CMS Content Management System AI Artificial Intelligence COOP Continuity of Operation Planning AIS Automated Indicator Sharing COPE Corporate Owned, Personally Enabled ALE Annualized Loss Expectancy CP Contingency Planning AP Access Point CRC Cyclical Redundancy Check API Application Programming Interface CRL Certificate Revocation List APT Advanced Persistent Threat CSO Chief Security Officer ARO Annualized Rate of Occurrence CSP Cloud Service Provider ARP Address Resolution Protocol CSR Certificate Signing Request ASLR Address Space Layout Randomization CSRF Cross-site Request Forgery ATT&CK Adversarial Tactics, Techniques, and CSU Channel Service Unit Common Knowledge CTM Counter Mode AUP Acceptable Use Policy CTO Chief Technology Officer AV Antivirus CVE Common Vulnerability Enumeration BASH Bourne Again Shell CVSS Common Vulnerability Scoring System BCP Business Continuity Planning CYOD Choose Your Own Device BGP Border Gateway Protocol DAC Discretionary Access Control BIA Business Impact Analysis DBA Database Administrator BIOS Basic Input/Output System DDoS Distributed Denial of Service BPA Business Partners Agreement DEP Data Execution Prevention BPDU Bridge Protocol Data Unit DES Digital Encryption Standard BYOD Bring Your Own Device DHCP Dynamic Host Configuration Protocol CA Certificate Authority DHE Diffie-Hellman Ephemeral CAPTCHA Completely Automated Public Turing Test to DKIM DomainKeys Identified Mail Tell Computers and Humans Apart DLL Dynamic Link Library CAR Corrective Action Report DLP Data Loss Prevention CASB Cloud Access Security Broker DMARC Domain Message Authentication Reporting CBC Cipher Block Chaining and Conformance CCMP Counter Mode/CBC-MAC Protocol DNAT Destination Network Address Translation CCTV Closed-circuit Television DNS Domain Name System CERT Computer Emergency Response Team DoS Denial of Service CFB Cipher Feedback DPO Data Privacy Officer CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. Acronym Spelled Out Acronym Spelled Out DRP Disaster Recovery Plan IEEE Institute of Electrical and Electronics DSA Digital Signature Algorithm Engineers DSL Digital Subscriber Line IKE Internet Key Exchange EAP Extensible Authentication Protocol IM Instant Messaging ECB Electronic Code Book IMAP Internet Message Access Protocol ECC Elliptic Curve Cryptography IoC Indicators of Compromise ECDHE Elliptic Curve Diffie-Hellman Ephemeral IoT Internet of Things ECDSA Elliptic Curve Digital Signature Algorithm IP Internet Protocol EDR Endpoint Detection and Response IPS Intrusion Prevention System EFS Encrypted File System IPSec Internet Protocol Security ERP Enterprise Resource Planning IR Incident Response ESN Electronic Serial Number IRC Internet Relay Chat ESP Encapsulated Security Payload IRP Incident Response Plan FACL File System Access Control List ISO International Standards Organization FDE Full Disk Encryption ISP Internet Service Provider FIM File Integrity Management ISSO Information Systems Security Officer FPGA Field Programmable Gate Array IV Initialization Vector FRR False Rejection Rate KDC Key Distribution Center FTP File Transfer Protocol KEK Key Encryption Key FTPS Secured File Transfer Protocol L2TP Layer 2 Tunneling Protocol GCM Galois Counter Mode LAN Local Area Network GDPR General Data Protection Regulation LDAP Lightweight Directory Access Protocol GPG Gnu Privacy Guard LEAP Lightweight Extensible Authentication GPO Group Policy Object Protocol GPS Global Positioning System MaaS Monitoring as a Service GPU Graphics Processing Unit MAC Mandatory Access Control GRE Generic Routing Encapsulation MAC Media Access Control HA High Availability MAC Message Authentication Code HDD Hard Disk Drive MAN Metropolitan Area Network HIDS Host-based Intrusion Detection System MBR Master Boot Record HIPS Host-based Intrusion Prevention System MD5 Message Digest 5 HMAC Hashed Message Authentication Code MDF Main Distribution Frame HOTP HMAC-based One-time Password MDM Mobile Device Management HSM Hardware Security Module MFA Multifactor Authentication HTML Hypertext Markup Language MFD Multifunction Device HTTP Hypertext Transfer Protocol MFP Multifunction Printer HTTPS Hypertext Transfer Protocol Secure ML Machine Learning HVAC Heating, Ventilation Air Conditioning MMS Multimedia Message Service IaaS Infrastructure as a Service MOA Memorandum of Agreement IaC Infrastructure as Code MOU Memorandum of Understanding IAM Identity and Access Management MPLS Multi-protocol Label Switching ICMP Internet Control Message Protocol MSA Master Service Agreement ICS Industrial Control Systems MSCHAP Microsoft Challenge Handshake IDEA International Data Encryption Algorithm Authentication Protocol IDF Intermediate Distribution Frame MSP Managed Service Provider IdP Identity Provider MSSP Managed Security Service Provider IDS Intrusion Detection System MTBF Mean Time Between Failures MTTF Mean Time to Failure CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. Acronym Spelled Out Acronym Spelled Out MTTR Mean Time to Recover PKI Public Key Infrastructure MTU Maximum Transmission Unit POP Post Office Protocol NAC Network Access Control POTS Plain Old Telephone Service NAT Network Address Translation PPP Point-to-Point Protocol NDA Non-disclosure Agreement PPTP Point-to-Point Tunneling Protocol NFC Near Field Communication PSK Pre-shared Key NGFW Next-generation Firewall PTZ Pan-tilt-zoom NIDS Network-based Intrusion Detection System PUP Potentially Unwanted Program NIPS Network-based Intrusion Prevention System RA Recovery Agent NIST National Institute of Standards & Technology RA Registration Authority NTFS New Technology File System RACE Research and Development in Advanced NTLM New Technology LAN Manager Communications Technologies in Europe NTP Network Time Protocol RAD Rapid Application Development OAUTH Open Authorization RADIUS Remote Authentication Dial-in User Service OCSP Online Certificate Status Protocol RAID Redundant Array of Inexpensive Disks OID Object Identifier RAS Remote Access Server OS Operating System RAT Remote Access Trojan OSINT Open-source Intelligence RBAC Role-based Access Control OSPF Open Shortest Path First RBAC Rule-based Access Control OT Operational Technology RC4 Rivest Cipher version 4 OTA Over the Air RDP Remote Desktop Protocol OVAL Open Vulnerability Assessment Language RFID Radio Frequency Identifier P12 PKCS #12 RIPEMD RACE Integrity Primitives Evaluation P2P Peer to Peer Message Digest PaaS Platform as a Service ROI Return on Investment PAC Proxy Auto Configuration RPO Recovery Point Objective PAM Privileged Access Management RSA Rivest, Shamir, & Adleman PAM Pluggable Authentication Modules RTBH Remotely Triggered Black Hole PAP Password Authentication Protocol RTO Recovery Time Objective PAT Port Address Translation RTOS Real-time Operating System PBKDF2 Password-based Key Derivation Function 2 RTP Real-time Transport Protocol PBX Private Branch Exchange S/MIME Secure/Multipurpose Internet Mail PCAP Packet Capture Extensions PCI DSS Payment Card Industry Data Security SaaS Software as a Service Standard SAE Simultaneous Authentication of Equals PDU Power Distribution Unit SAML Security Assertions Markup Language PEAP Protected Extensible Authentication SAN Storage Area Network Protocol SAN Subject Alternative Name PED Personal Electronic Device SASE Secure Access Service Edge PEM Privacy Enhanced Mail SCADA Supervisory Control and Data Acquisition PFS Perfect Forward Secrecy SCAP Security Content Automation Protocol PGP Pretty Good Privacy SCEP Simple Certificate Enrollment Protocol PHI Personal Health Information SD-WAN Software-defined Wide Area Network PII Personally Identifiable Information SDK Software Development Kit PIV Personal Identity Verification SDLC Software Development Lifecycle PKCS Public Key Cryptography Standards SDLM Software Development Lifecycle Methodology CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. Acronym Spelled Out Acronym Spelled Out SDN Software-defined Networking TOTP Time-based One-time Password SE Linux Security-enhanced Linux TOU Time-of-use SED Self-encrypting Drives TPM Trusted Platform Module SEH Structured Exception Handler TTP Tactics, Techniques, and Procedures SFTP Secured File Transfer Protocol TSIG Transaction Signature SHA Secure Hashing Algorithm UAT User Acceptance Testing SHTTP Secure Hypertext Transfer Protocol UAV Unmanned Aerial Vehicle SIEM Security Information and Event Management UDP User Datagram Protocol SIM Subscriber Identity Module UEFI Unified Extensible Firmware Interface SLA Service-level Agreement UEM Unified Endpoint Management SLE Single Loss Expectancy UPS Uninterruptable Power Supply SMS Short Message Service URI Uniform Resource Identifier SMTP Simple Mail Transfer Protocol URL Universal Resource Locator SMTPS Simple Mail Transfer Protocol Secure USB Universal Serial Bus SNMP Simple Network Management Protocol USB OTG USB On the Go SOAP Simple Object Access Protocol UTM Unified Threat Management SOAR Security Orchestration, Automation, UTP Unshielded Twisted Pair Response VBA Visual Basic SoC System on Chip VDE Virtual Desktop Environment SOC Security Operations Center VDI Virtual Desktop Infrastructure SOW Statement of Work VLAN Virtual Local Area Network SPF Sender Policy Framework VLSM Variable Length Subnet Masking SPIM Spam over Internet Messaging VM Virtual Machine SQL Structured Query Language VoIP Voice over IP SQLi SQL Injection VPC Virtual Private Cloud SRTP Secure Real-Time Protocol VPN Virtual Private Network SSD Solid State Drive VTC Video Teleconferencing SSH Secure Shell WAF Web Application Firewall SSL Secure Sockets Layer WAP Wireless Access Point SSO Single Sign-on WEP Wired Equivalent Privacy STIX Structured Threat Information eXchange WIDS Wireless Intrusion Detection System SWG Secure Web Gateway WIPS Wireless Intrusion Prevention System TACACS+ Terminal Access Controller Access Control WO Work Order System WPA Wi-Fi Protected Access TAXII Trusted Automated eXchange of Indicator WPS Wi-Fi Protected Setup Information WTLS Wireless TLS TCP/IP Transmission Control Protocol/Internet XDR Extended Detection and Response Protocol XML Extensible Markup Language TGT Ticket Granting Ticket XOR Exclusive Or TKIP Temporal Key Integrity Protocol XSRF Cross-site Request Forgery TLS Transport Layer Security XSS Cross-site Scripting TOC Time-of-check CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0 Copyright © 2023 CompTIA, Inc. All rights reserved. CompTIA Security+ SY0-701 Hardware and Software List CompTIA has included this sample list of hardware and software to assist candidates as they prepare for the Security+ SY0-701 certification exam. This list may also be helpful for training companies that wish to create a lab component for their training offering. The bulleted lists below each topic are sample lists and are not exhaustive. Equipment Software Tablet Windows OS Laptop Linux OS Web server Kali Linux Firewall Packet capture software Router Pen testing software Switch Static and dynamic analysis tools IDS Vulnerability scanner IPS Network emulators Wireless access point Sample code Virtual machines Code editor Email system SIEM Internet access Keyloggers DNS server MDM software IoT devices VPN Hardware tokens DHCP service Smartphone DNS service Spare Hardware Other NICs Access to cloud environments Power supplies Sample network documentation/diagrams GBICs Sample logs SFPs Managed Switch Wireless access point UPS Tools Wi-Fi analyzer Network mapper NetFlow analyzer © 2023 CompTIA, Inc., used under license by CompTIA, Inc. All rights reserved. All certification programs and education related to such programs are operated exclusively by CompTIA, Inc. CompTIA is a registered trademark of CompTIA, Inc. in the U.S. and internationally. Other brands and company names mentioned herein may be trademarks or service marks of CompTIA, Inc. or of their respective owners. Reproduction or dissemination prohibited without the written consent of CompTIA, Inc. Printed in the U.S. 10179-Jan2023
