Lorem ipsum dolor sit amet, elit eget consectetuer adipiscing aenean dolor

Security+ (SY0-401) – Study Guide

How To Use This Study Guide

First, let’s be clear about what this study guide is NOT. It is Not comprehensive, and it is NOT intended to be enough for you to study off exclusively. There are probably whole sections I skipped or glossed over, mostly because I thought they were too obvious to need written down.

This guide is brief on purpose. This guide is an excellent resource to review information, to be reminded of terms you’ve learned about but may have forgotten, and to understand how to mentally organize the information so you can recall it easier. 

This guide is a great companion to Darril Gibsons GCGA Textbook. I took notes on almost the entire book, and supplemented a lot of the information with my own additional research. If you haven’t bought his book, seriously, go do it. It’s perfectly crafted to the test, and allowed me to pass exam compass quizzes with 0 effort.

I really hope this guide helps you pass the test. I know not everyone likes to take notes while they read, but it helps me process information quickly, and it allows me to give back to the IT community in some small way.

If you really appreciate this study guide and found it useful, why not buy me a coffee?

You can send a few dollars my way at paypal.me/thegeekiestone if you feel so inclined, and if you guys are generous enough, I’ll put that money to more certifications and keep building out study guides as I go.


Bellow are links to the categories of the guide. Security+ (SY0-401) – Study Guide

  1. Security Basics

    1. CIA (Confidentiality, Integrity, Availability)
      1. Confidentiality
      2. Integrity
      3. Availability
      4. Safety
      5. Layered Security/Defense
    2. Authentication Services
    3. Control Implementation Methods
      1. Technical Controls
      2. Management Controls
      3. Operational Controls
      4. NIST – National Institute of Standards and Technology
      5. Control Goals
      6. Physical Security Controls
      7. Doors
      8. Logical Access Controls
      9. Access Control Models
  2. Network Security

    1. Protocols
      1. Basic Connectivity Protocols
      2. Encryption Protocols
      3. Application Protocols
      4. E-mail Protocols
        1. Assorted DNS
      5. Ports
    2. Assorted Basic Network Security
      1. Routers
      2. Firewalls
      3. Protecting the Network Permeter
  3. Advanced Network Security

    1. Securing WLAN
      1. Misc. Wireless Principles
      2. Remote Access
  4. Securing Hosts and Data

    1. Virtualisation
    2. Patches
    3. Security in Static Environments
    4. Protecting Data
    5. Understanding SANS
    6. Understanding Cloud Computing
  5. Malware and Social Engineering

    1. Types of Malware
    2. Recognising Common Attacks
    3. Blocking Malware and Other Attacks
    4. Why Social Engineering Works
  6. Identifying Advanced Attacks

    1. Comparing Common Attacks
    2. Understanding Secure Coding Concepts
    3. Identifying Application Attacks
  7. Managing Risk

    1. Checking for Vulnerabilities
      1. Anatomy of an Attack
      2. Vulnerability Assessment
      3. Identifing Security Tools
  8. Preparing for Business Continuity

    1. Adding Redundancy
    2. Comparing Business Continuity Elements
  9. Understanding Cryptography

    1. Basics
    2. Hashing
    3. Encryption
    4. Using Cryptographic Protocols
    5. Exploring PKI Concepts
  10. Exploring Security Policies

  11. Extra Ports Information