CompTIA Security+ SY0-701 Cheat Sheet

The ports, acronyms, and core concepts worth memorising for SY0-701 β€” on one page.

Entry-levelQuick referenceSY0-701
⏱️ Reference

Some Security+ points are pure recall β€” ports, acronyms, and a handful of definitions. Get these into memory and you free up brain-space for the reasoning questions.

In short: This cheat sheet collects the most commonly tested CompTIA Security+ SY0-701 facts: well-known network ports (like 22/SSH, 443/HTTPS, 3389/RDP), essential acronyms (CIA, AAA, MFA, SIEM, IAM), and core concepts such as symmetric vs. asymmetric encryption and the principle of least privilege.

Common ports to memorise

Port questions are among the easiest marks on the exam β€” if you've memorised them. Focus on the secure-vs-insecure pairs (for example FTP vs. SFTP, HTTP vs. HTTPS): the exam loves to test whether you reach for the encrypted option.

Frequently tested network ports and services.
PortProtocolSecure?Used for
22SSH / SFTP / SCPYesEncrypted remote admin & file transfer
23TelnetNoRemote admin in cleartext β€” avoid; use SSH
25SMTPNoSending email (587 with STARTTLS is the modern secure option)
53DNSβ€”Name resolution (UDP/TCP); see DNSSEC for integrity
80HTTPNoWeb traffic in cleartext
443HTTPSYesWeb traffic encrypted with TLS
389 / 636LDAP / LDAPS636 yesDirectory services; 636 is LDAP over TLS
445SMBβ€”Windows file sharing (a frequent malware target)
3389RDPβ€”Remote Desktop; secure it, never expose it raw to the internet

Acronyms you must know cold

Security+ is dense with acronyms. These are the ones that show up again and again across multiple domains.

High-frequency Security+ acronyms.
AcronymStands forIn one line
CIAConfidentiality, Integrity, AvailabilityThe three goals of security
AAAAuthentication, Authorization, AccountingProve who you are, what you can do, and log it
MFAMulti-Factor AuthenticationTwo or more factor types (know / have / are)
IAMIdentity & Access ManagementManaging accounts and their permissions
SIEMSecurity Information & Event ManagementCentral log collection, correlation & alerting
SOARSecurity Orchestration, Automation & ResponseAutomating incident response playbooks
DLPData Loss PreventionStops sensitive data leaving the organisation
PKIPublic Key InfrastructureThe system of keys, certificates & CAs
MTTRMean Time To Repair/RespondHow fast you handle an incident
πŸ’‘ Symmetric vs. asymmetric β€” the one that trips people up

Symmetric encryption uses one shared key for both encrypt and decrypt β€” it's fast, so it protects the actual data (AES). Asymmetric uses a key pair (public + private) β€” it's slow, so it's used to exchange keys and to sign (RSA, ECC). The common real-world pattern: asymmetric to safely agree on a symmetric key, then symmetric for the bulk data.

πŸ”‘ Least privilege, in one sentence

Give every user and process the minimum access needed to do the job β€” and nothing more. It's the single most-tested operational principle, and the right answer to a surprising number of scenario questions.

βœ… Key takeaways
  • Know the secure-vs-insecure port pairs (SSH 22, HTTPS 443, LDAPS 636).
  • CIA, AAA, MFA, IAM, SIEM and PKI recur across every domain.
  • Symmetric = one fast shared key (data); asymmetric = slow key pair (exchange + signing).
  • Least privilege is the default-right answer to many scenario questions.

Frequently asked questions

What ports should I memorise for Security+?

Prioritise the secure/insecure pairs: 22 (SSH/SFTP), 23 (Telnet), 80 (HTTP) vs 443 (HTTPS), 389 (LDAP) vs 636 (LDAPS), plus 3389 (RDP) and 445 (SMB).

What's the difference between symmetric and asymmetric encryption?

Symmetric uses one shared key and is fast, so it encrypts the bulk data (AES). Asymmetric uses a public/private key pair and is slower, so it's used for key exchange and digital signatures (RSA, ECC).

Ready to test yourself under exam-style conditions?
Try the full Security+ practice exam β†’

Independent study resource. Not affiliated with, authorized, endorsed by, or sponsored by CompTIA, Amazon Web Services, Microsoft, or ISC2. All trademarks are the property of their respective owners and are used here for identification only. All practice questions are original.