Domain 1: General Security Concepts

CompTIA Security+ (SY0-701) · this domain is approximately 12.0% of the exam · 56 practice questions.

General Security Concepts is the foundational domain of the SY0-701 exam, covering roughly 12% of exam content. It introduces core security terminology, cryptographic principles, authentication types, and the fundamental frameworks that underpin every other domain. Candidates are expected to understand security control categories, basic cryptography mechanics, and how certificate-based infrastructure works. Mastery here provides the vocabulary and conceptual grounding needed to answer questions across all other domains.

Key concepts

access control access management aes authentication botnet certificate authority command and control compliance comptia security+ containment cryptography data privacy digital certificates digital signatures dmz encryption firewall identity verification incident response information security iso 27001 malware mfa network security network segmentation network traffic analysis non-repudiation nsa pki security awareness security controls security fundamentals security+ social engineering symmetric encryption threat detection threat intelligence tls vulnerability management

Free practice questions

What is multi-factor authentication (MFA)?

Free question · easy · full answer + explanation

An organization experiences a sudden spike in outbound network traffic from several workstations to unknown IPs. Which attack is MOST likely occurring?

Free question · medium · full answer + explanation

Which encryption algorithm provides the strongest security for sensitive government communications and is approved by the NSA for TOP SECRET information?

Free question · medium · full answer + explanation

What is a DMZ (Demilitarized Zone)?

Free question · easy · full answer + explanation

Practice all 56 questions in this domain

The full CompTIA Security+ (SY0-701) bank includes 52 more questions in this domain, each with a verified answer and a written explanation.

Which of the following best describes Infrastructure as Code (IaC) security? Unlock answer & explanation →
What is the principle of least privilege (PoLP)? Unlock answer & explanation →
Which type of test simulates a disaster without affecting production systems? Unlock answer & explanation →

Practice CompTIA Security+ (SY0-701) Questions Free