Security+ domain 3: Understanding security architecture (701 exam update)
The world of cybersecurity is always changing, and the recent update to the Security+ exam reflects that change. Every three years, the exam undergoes a revision to ensure it stays relevant to current threats and best practices. November 2023, the SY0-701 version of the exam was introduced, replacing the SY0-601 version, which retired on July 31, 2024.
This blog post focuses on a specific domain of the exam: security architecture. This domain has been completely reorganized and updated for the new exam. It now focuses on how different system architectures impact security and how to implement security principles within those architectures. We'll break down the changes you need to know and provide an overview of the concepts you'll encounter in this domain.
Become a SOC Analyst: get Security+ certified!
More than 47,000 new SOC analysts will be needed by 2030. Get your CompTIA Security+ to leap into this rapidly growing field — backed with an Exam Pass Guarantee.
What's changed in Security+ domain 3?
The most obvious change is that Security+ domain 3 was named implementation in the 601 exam and is now named security architecture in the 701 exam. This change reflects how the domain now places a strong emphasis on how different architectures impact security posture.
"We need to understand different architectures, even different cloud architectures," said Patrick Lane, Director of Certification Product Management at CompTIA, in a recent CompTIA Security+ update webinar, "You won't be doing a lot of design, but you will be doing a lot where you're actually given a scenario, and then you need to apply the security principles to secure that infrastructure."
Here's a breakdown of the new objective and how they compare to the old exam:
- 3.1 Compare and contrast security implications of different architecture models: This builds on knowledge from the old domain 2 but dives deeper. You'll need to understand the security strengths and weaknesses of on-premises, cloud and zero-trust architectures.
- 3.2 Given a scenario, apply security principles to secure enterprise infrastructure: This expands on the old domain 2 objective of explaining security concepts. You'll be given real-world situations and apply best practices to secure infrastructure.
- 3.3 Compare and contrast concepts and strategies to protect data: This includes elements from the old domain 5 (Governance, Risk and Compliance). You'll need to understand data security strategies and how they differ based on data type and storage location.
- 3.4 Explain the importance of resilience and recovery in security architecture: This builds on two objectives from the old domain 2. Here, the focus is on understanding how architecture choices impact an organization's ability to bounce back after cyberattacks.
Now that we've explored how these domains have changed, let's examine each objective and what you need to know to ace them.
Watch the full Security+ webinar with CompTIA to learn more.
3.1: Architecture model security
The objective "compare and contrast security implications of different architecture models" dives deep into the foundation of modern cybersecurity. As Lane mentioned in the webinar, understanding various architectures like on-premises, cloud and zero-trust models allows you to proactively secure your systems.
The type of architecture you choose shapes your security posture. This objective enables you to assess the strengths and weaknesses of different models. You'll learn about cloud considerations, where responsibility for security lies between you and the cloud provider. You also explore hybrid environments, where on-premises and cloud elements coexist and how to secure them effectively.
But you'll need to know no more than just the big picture. This objective also covers fundamental infrastructure concepts like virtualization, containerization and network segmentation. These technologies offer flexibility and efficiency, but they also introduced new security considerations. By understanding these concepts, you'll be able to identify potential vulnerabilities and implement safeguards to reduce them.
3.2: Apply security principles to enterprise infrastructure
As a security professional in the real world, you might be presented with a scenario where an organization's infrastructure needs security hardening. That's the essence of the objective "Given a scenario, apply security principles to secure enterprise infrastructure." Here, memorizing a list of tools won't be enough.
Understanding underlying security principles before applying them is a concept that Lane emphasized in the webinar. This objective covers how to implement those print symbols using firewalls, intrusion detection systems, secure network configurations and other controls. You'll learn about essential concepts like attack surface management, where to place devices strategically for optimal security and how to choose the right tools for the job.
This objective translates theory into practice. You'll gain the practical skills to select appropriate security controls and secure enterprise infrastructure.
3.3: Strategies to protect data
Data is the lifeblood of any organization, and this objective, which asks you to "compare and contrast concepts and strategies to protect data," equips you to safeguard it. You'll go beyond just knowing the names of different data types and examine their classifications, from highly sensitive financial information to public data. Understanding these classifications is crucial for applying the right security measures.
The objective explores various data states: at rest, in transit and use. Each state requires different protection methods. You'll learn about encryption, a cornerstone of data security, along with other techniques like hashing and tokenization.
But security is more than just about technology. This objective also emphasizes understanding data sovereignty and geolocation laws. Knowing where your data resides and the regulations that govern it enables you to implement effective geographic restrictions if needed.
When you complete this objective, you'll have a comprehensive data security arsenal. You'll be able to choose the appropriate controls for different data types and ensure your organization's valuable information remains confidential and secure.
3.4: Importance of resiliency and recovery
In the real world, a cyberattack can still disrupt your operations even if you've implemented robust security measures. That's where this objective, "Explain the importance of resilience and recovery and security architecture," comes in. As Lane highlighted, building a resilient security architecture allows you "to protect yourself before you've even been attacked."
This objective emphasizes building resilience: the ability of your systems to bounce back from disruptions. Even the most secure systems can face outages due to power failures, natural disasters or human error. By understanding concepts like high availability and redundancy, you'll know which type of systems can withstand these challenges.
This objective also covers disaster recovery strategies like backups, replication and failover procedures. Mastering these ensures you have a plan to restore critical systems and data quickly, minimizing downtime and keeping your organization operational.
This objective prepares you to build a security posture that's not only strong but adaptable. You'll learn to anticipate potential disruptions and implement safeguards to ensure your organization remains resilient.
Preparing for your Security+ exam
Conquering the Security+ exam requires mastering all its domains, and Domain 3: Security Architecture accounts for 18% of your score. Understanding how to secure different architectures and apply security principles in real-world scenarios is essential for any security professional.
But don't forget that there are four other domains in the Security+ exam. To be fully prepared, you'll want to dive deep into these other domains as well:
- Domain 1: General Security Concepts
- Domain 2: Threats, Vulnerabilities and Mitigations
- Domain 4: Security Operations
- Domain 5: Security Program Management and Oversight
To further support your exam preparation, don't forget to check out all of Infosec's Security+ resources:
- Check out our in-depth webinar, CompTIA Security+: Everything you need to know about the SY0-701 update, where industry experts break down the exam changes and offer valuable study tips.
- We've also put together a comprehensive Security+ ebook that serves as an excellent companion to your other study materials.
- For a one-stop shop of all things Security+, visit our CompTIA Security+ certification hub. It's packed with valuable information and links to articles, courses and bootcamps that will teach you even more.
With dedication and the right resources, you'll be well on your way to conquering the Security+ exam and launching a successful career in cybersecurity!