CompTIA Security+ SY0-701 Cheat Sheet
The ports, acronyms, and core concepts worth memorising for SY0-701 β on one page.
Some Security+ points are pure recall β ports, acronyms, and a handful of definitions. Get these into memory and you free up brain-space for the reasoning questions.
Common ports to memorise
Port questions are among the easiest marks on the exam β if you've memorised them. Focus on the secure-vs-insecure pairs (for example FTP vs. SFTP, HTTP vs. HTTPS): the exam loves to test whether you reach for the encrypted option.
| Port | Protocol | Secure? | Used for |
|---|---|---|---|
| 22 | SSH / SFTP / SCP | Yes | Encrypted remote admin & file transfer |
| 23 | Telnet | No | Remote admin in cleartext β avoid; use SSH |
| 25 | SMTP | No | Sending email (587 with STARTTLS is the modern secure option) |
| 53 | DNS | β | Name resolution (UDP/TCP); see DNSSEC for integrity |
| 80 | HTTP | No | Web traffic in cleartext |
| 443 | HTTPS | Yes | Web traffic encrypted with TLS |
| 389 / 636 | LDAP / LDAPS | 636 yes | Directory services; 636 is LDAP over TLS |
| 445 | SMB | β | Windows file sharing (a frequent malware target) |
| 3389 | RDP | β | Remote Desktop; secure it, never expose it raw to the internet |
Acronyms you must know cold
Security+ is dense with acronyms. These are the ones that show up again and again across multiple domains.
| Acronym | Stands for | In one line |
|---|---|---|
| CIA | Confidentiality, Integrity, Availability | The three goals of security |
| AAA | Authentication, Authorization, Accounting | Prove who you are, what you can do, and log it |
| MFA | Multi-Factor Authentication | Two or more factor types (know / have / are) |
| IAM | Identity & Access Management | Managing accounts and their permissions |
| SIEM | Security Information & Event Management | Central log collection, correlation & alerting |
| SOAR | Security Orchestration, Automation & Response | Automating incident response playbooks |
| DLP | Data Loss Prevention | Stops sensitive data leaving the organisation |
| PKI | Public Key Infrastructure | The system of keys, certificates & CAs |
| MTTR | Mean Time To Repair/Respond | How fast you handle an incident |
Symmetric encryption uses one shared key for both encrypt and decrypt β it's fast, so it protects the actual data (AES). Asymmetric uses a key pair (public + private) β it's slow, so it's used to exchange keys and to sign (RSA, ECC). The common real-world pattern: asymmetric to safely agree on a symmetric key, then symmetric for the bulk data.
Give every user and process the minimum access needed to do the job β and nothing more. It's the single most-tested operational principle, and the right answer to a surprising number of scenario questions.
- Know the secure-vs-insecure port pairs (SSH 22, HTTPS 443, LDAPS 636).
- CIA, AAA, MFA, IAM, SIEM and PKI recur across every domain.
- Symmetric = one fast shared key (data); asymmetric = slow key pair (exchange + signing).
- Least privilege is the default-right answer to many scenario questions.
Frequently asked questions
What ports should I memorise for Security+?
Prioritise the secure/insecure pairs: 22 (SSH/SFTP), 23 (Telnet), 80 (HTTP) vs 443 (HTTPS), 389 (LDAP) vs 636 (LDAPS), plus 3389 (RDP) and 445 (SMB).
What's the difference between symmetric and asymmetric encryption?
Symmetric uses one shared key and is fast, so it encrypts the bulk data (AES). Asymmetric uses a public/private key pair and is slower, so it's used for key exchange and digital signatures (RSA, ECC).
Independent study resource. Not affiliated with, authorized, endorsed by, or sponsored by CompTIA, Amazon Web Services, Microsoft, or ISC2. All trademarks are the property of their respective owners and are used here for identification only. All practice questions are original.