Security+ Domain 4: Security Operations
Domain 4.0 — Security Operations · 28% of the exam
The biggest domain on the exam — all 9 objectives (4.1–4.9), from hardening and asset management through vulnerability management, monitoring, IAM, automation, incident response, and forensic data sources. 121 pages with 90 exam-style practice questions.
All study guides — current and every new one.
- Interactive online guide
- Downloadable PDF
- Lifetime updates
- 30-day money-back guarantee
Secure checkout via Stripe · no account needed · instant access
28% of your exam score
Domain 4.0 is worth 28% of the SY0-701 exam. Walk in having mastered it — not hoping it doesn't come up.
Every objective, nothing extra
Built line by line from CompTIA's official objectives 4.1–4.9 — 39 in-depth topics with worked scenarios and exam tips, in a 121-page guide you'll actually finish.
90 exam-style questions
Every question comes with instant feedback and a full explanation, so a wrong answer teaches you as much as a right one.
The industry's baseline cert
Security+ is the most widely held cybersecurity certification in the world — the default HR filter for security roles and the baseline for DoD 8140 work.
Read a real excerpt — free
This is the actual opening of Module 4.1, Securing resources — not marketing copy. If you like how it teaches, the rest of the guide reads the same way.
Given a scenario, apply common security techniques to computing resources
Baselines and hardening for every device class, wireless installation and security, mobile device management and deployment models, and the application-security techniques that keep code trustworthy.
Everything in this module answers one operational question: how do you make a computing resource safe to run, and keep it that way? The answer starts with a secure baseline (an agreed, documented configuration), continues with hardening for each device class (because a router, a SCADA controller, and an iPhone don't share weaknesses), and extends to the wireless networks devices ride on and the applications they run.
Secure baselines: establish → deploy → maintain
A secure baseline is the documented minimum security configuration for a system type — services disabled, patch level, password policy, logging enabled, firewall rules, and so on. Baselines turn "hardened" from an opinion into a checklist. CompTIA breaks the lifecycle into three verbs you should be able to sequence on the exam:
If a scenario says settings were correct at rollout but drifted afterward, the failed step is maintain. If systems were built inconsistently by hand, the failed step is deploy (no automated, repeatable rollout). If nobody ever agreed what "secure" means, the failed step is establish.
Hardening targets
Hardening reduces the attack surface: remove or disable what isn't needed, constrain what remains, and patch what's left. The core moves are the same everywhere — change default credentials, disable unused ports/services/protocols, apply least privilege, patch, encrypt, and log — but each target class adds its own emphasis:
Not ready to buy? Read it later.
We'll email you a free sample of this guide as a PDF — no purchase needed.
Try 3 sample questions
Pulled straight from the guide's 90-question bank — tap an answer for instant feedback and the explanation.
From module 4.1 · Securing resources
1. An audit finds that servers deployed six months ago matched the approved configuration, but many now have unauthorized services enabled and missing patches. Which phase of the secure baseline lifecycle has failed?
From module 4.2 · Asset management
1. A company is returning 200 leased laptops. The lessor requires the hardware back in working condition, but the drives contain confidential project data. What should the company do before shipment?
From module 4.3 · Vulnerability management
1. A vulnerability scanner flags a web server as missing a critical patch, but the administrator confirms the patch was applied and the vulnerable code path is absent. What has the scanner produced?
87 more questions like these are waiting inside.
What's inside
- 39 in-depth topics across 9 modules, mapped to objectives 4.1–4.9
- 90 exam-style practice questions with instant feedback
- Full answer key with explanations for every question
- Complete Security+ acronym & key-term reference
- 121-page downloadable PDF for offline study and printing
- Lifetime updates as the exam evolves
The modules, mapped to the objectives
- 4.110 Qs
Securing resources
Given a scenario, apply common security techniques to computing resources
Mobile devicesWorkstationsSwitchesRoutersCloud infrastructureServers - 4.210 Qs
Asset management
Explain the security implications of proper hardware, software, and data asset management
OwnershipClassification - 4.310 Qs
Vulnerability management
Explain various activities associated with vulnerability management
Vulnerability scanStatic analysisDynamic analysisPackage monitoringPenetration testingResponsible disclosure - 4.410 Qs
Alerting & monitoring
Explain security alerting and monitoring concepts and tools
Log aggregationAlertingScanningReportingArchivingSCAPSecurity Content Automation Protocol - 4.510 Qs
Enterprise capabilities
Given a scenario, modify enterprise capabilities to enhance security
Agent-basedCentralized proxyURL scanningContent categorizationBlock rulesReputation - 4.610 Qs
Identity & access management
Given a scenario, implement and maintain identity and access management
LDAPLightweight Directory Access ProtocolSAMLSecurity Assertions Markup LanguageOAuthOpen AuthorizationBiometricsHard / soft tokensSecurity keys - 4.710 Qs
Automation & orchestration
Explain the importance of automation and orchestration related to secure operations
User provisioningResource provisioningGuard railsSecurity groupsTicket creationEscalation - 4.810 Qs
Incident response
Explain appropriate incident response activities
Legal holdChain of custodyAcquisitionReportingPreservationE-discovery - 4.910 Qs
Investigation data sources
Given a scenario, use data sources to support an investigation
Vulnerability scansAutomated reportsDashboardsPacket capturesPCAP

About the author
Chris Rees
Professional information technologist with 25+ years in IT and the author of 60+ certification training courses — 50+ live on Pluralsight, rated 4.6/5 across more than 2,000 reviews. This guide is that same exam-focused teaching, in a format you can finish.
More about ChrisSitting the whole exam? Get the Complete Security+ Collection.
All 5 SY0-701 domains — including this guide — for $29.95 instead of $49.75.
See everything insideQuestions, answered
Do I need an account to buy?
No. Checkout is a single Stripe form — email and card, about 30 seconds. We create your access from your checkout email automatically and sign you in the moment payment completes.
Is this up to date with the real SY0-701 exam?
Yes — the guide is mapped module-by-module to CompTIA's official Security+ objectives (4.1–4.9), and lifetime updates are included, so as the exam evolves your guide does too.
What exactly do I get?
Instant access to the interactive online guide with all 90 practice questions, plus a 121-page PDF you can download, print, and keep forever.
Do I need the other domains too?
This guide covers Domain 4.0 (28% of the exam). To prepare for the whole exam, the Complete Security+ Collection bundles all 5 domains for $29.95 — less than the price of three guides.
What if it isn't for me?
Every purchase comes with a 30-day money-back guarantee — email us and we'll refund you, no hoops.
Who wrote it?
Chris Rees — a professional information technologist with 25+ years in IT and the author of 60+ certification courses, rated 4.6/5 across 2,000+ reviews on Pluralsight.
Be ready for 28% of the exam — for $9.95
Instant access, lifetime updates, and a 30-day money-back guarantee. The only risk is walking into the exam without it.
Get the guide