Cybersecurity is dense. Acronyms stack on acronyms. Frameworks reference other frameworks.
This hub exists to cut through that โ using cartoon analogies, spaced repetition flashcards,
interactive games, and a full curated library to make Security+ SY0-701 (and beyond) actually stick.
Scroll down for domain breakdowns across all 5 exam objectives, 361+ flashcards
using the Leitner system, video resources, a Who Wants to Be a Millionaire
study game, and a library of 20+ books, guides, and reference PDFs โ from SANS forensics
to CCNA networking to real-world pentest reports. Whether you're cramming for an exam or building
a deeper foundation, start anywhere and go at your own pace.
"A complete study repository using cartoon analogies to make complex security concepts stick โ because if Mystery Inc. can solve a breach, so can you."
Each cartoon maps to specific Security+ domains. Click any show to explore character analogies, themed flashcards, quizzes, study notes, and more โ all in that cartoon's color scheme.
SY0-701 exam objectives โ organized by domain with objective-level breakdowns. Click any domain to expand. For cartoon-themed analogies, visit the individual cartoon pages above.
Categories: Technical, Managerial, Operational, Physical. Types: Preventive, Deterrent, Detective, Corrective, Compensating, Directive.
CIA Triad, Non-repudiation, AAA framework, Gap analysis, Zero Trust (Control Plane & Data Plane), Physical Security, Deception Technology.
Approval process, Ownership, Impact analysis, Backout plan, Maintenance windows, Version control, Documentation updates.
PKI, Symmetric/Asymmetric encryption, Key exchange, Hashing, Salting, Digital signatures, Steganography, Tokenization, Data masking, Certificates, CRL, OCSP.
Nation-state, Unskilled attacker, Hacktivist, Insider threat, Organized crime, Shadow IT. Attributes: internal/external, resources, sophistication.
Message-based (email, SMS, IM), Image/file-based, Voice, Removable devices, Vulnerable software, Unsecure networks, Supply chain, Social engineering (Phishing, Vishing, Smishing, Typosquatting).
Buffer overflow, Race conditions (TOC/TOU), SQLi, XSS, Firmware, VM escape, Cloud-specific, Zero-day, Misconfiguration, Mobile (sideloading, jailbreaking).
Account lockout, Impossible travel, Missing logs. Mitigations: Segmentation, ACLs, Allow lists, Patching, Encryption, Least privilege, Hardening techniques.
Cloud (IaaS/PaaS/SaaS), IaC, Serverless, Microservices, SDN, Containerization, Virtualization, IoT, SCADA/ICS, RTOS, Embedded systems, High availability.
Device placement, Security zones, Fail-open/closed, Jump server, IPS/IDS, Load balancer, Port security (802.1X/EAP), WAF, UTM, NGFW, VPN, TLS, IPSec, SD-WAN, SASE.
Data types & classifications, Data at rest/in transit/in use, Data sovereignty, Encryption, Hashing, Masking, Tokenization, Segmentation, Geographic restrictions.
Hot/Warm/Cold sites, Geographic dispersion, Multi-cloud, Capacity planning, Tabletop exercises, Backups (onsite/offsite, snapshots, replication), Generators, UPS.
Secure baselines, Hardening (mobile, workstations, routers, servers, IoT), MDM (BYOD/COPE/CYOD), WPA3, Application security, Asset lifecycle management.
Vulnerability scanning, CVSS, CVE, Penetration testing, Bug bounty. SIEM, SOAR, Log aggregation, Alert tuning, DLP, NetFlow, EDR/XDR.
Provisioning, MFA (biometrics, tokens, keys), SSO (LDAP, OAuth, SAML), RBAC, ABAC, DAC, MAC, PAM (JIT, password vaulting, ephemeral credentials).
IR Lifecycle: Preparation โ Detection โ Analysis โ Containment โ Eradication โ Recovery โ Lessons Learned. Chain of custody, Order of volatility, Legal hold, E-discovery.
Policies (AUP, BCP, IR, SDLC, change management), Standards, Procedures, External considerations (GDPR, HIPAA, PCI DSS), Governance structures, Data roles (Owner/Controller/Processor/Custodian).
Risk identification, Qualitative vs quantitative analysis, SLE = AV ร EF, ALE = SLE ร ARO, Risk register, Risk appetite (expansionary/neutral/conservative), Strategies: Transfer/Accept/Avoid/Mitigate.
Vendor assessment, Right-to-audit, Supply chain analysis, Due diligence. Agreements: SLA, MOU, MOA, NDA, MSA, SOW, BPA.
Compliance monitoring, Privacy (GDPR, HIPAA, PCI DSS), Attestation, Internal/external audits, Penetration testing types, Phishing campaigns, Security awareness training.
361+ exam-focused flashcards using the Leitner spaced repetition system โ five domain decks, each with precise SY0-701 definitions. Cards you miss come back more often; cards you know advance to longer review intervals. Expand any deck below to start studying.
Cards you miss return to Box 1 (reviewed every session). Cards you know advance to higher boxes reviewed less often โ all the way to Box 5 (Mastered). Your brain gets more practice exactly where it needs it most, automatically. Each deck below covers a specific CompTIA SY0-701 domain using precise, exam-focused definitions โ no cartoons, just the concepts.
Cards move forward when you get them right, and back to Box 1 when you miss. Each box is reviewed less frequently โ only Box 5 cards are mastered.
Full-length Security+ SY0-701 practice exam experience โ cartoon-styled, domain-balanced questions covering all five exam objectives. Sharpen your knowledge before test day with scenario-based questions, randomized answer choices, and instant feedback.
Three exam modes โ Full Exam (100 questions), Quick Quiz (35 questions), or By Domain (20 questions) โ weighted to match the real SY0-701 breakdown. Answers are hidden until you finish, just like the real test. MCQs plus performance-based drag-and-drop and matching questions, optional 90-minute countdown timer, a flag-and-return queue for tricky questions, and a printable domain-score report at the end. 15 cartoons mapped across all five domains โ SpongeBob, Scooby-Doo, Avatar, Ben 10, Futurama, Gravity Falls, and more. Scoring scaled to CompTIA's 750/900 passing system.
Cartoon-themed study videos and audio guides covering core Security+ and networking concepts. Expand any section below โ click a video thumbnail to play it full-screen.
Listen while you commute, exercise, or just need a screen break. Audio study guides cover Security+ SY0-701 concepts across all five domains โ hands-free reinforcement that works alongside your main study routine.
Gamified review tools โ some live, some coming soon.
Sprint all 361+ cartoon-themed cards across all domains back-to-back. Best for final review before exam day.
75 port number flashcards in speed mode โ Hermes needs a receipt for every single hangar door.
Practice SLE ร ARO = ALE with Ms. Frizzle's field trip scenarios until the formula is automatic.
Test your Incident Response knowledge with Scooby-Doo mystery scenarios โ contain before you eradicate!
CompTIA Security+ edition โ 15 questions, 4 lifelines, rising stakes. Can you go all the way to $1,000,000?
Match 47 must-know Security+ acronyms to their definitions at speed. How fast can you clear the board?
From Security+ SY0-701 and CompTIA A+ to CCNA networking, SANS forensics, red teaming, threat hunting, Linux, Bash scripting, digital forensics, career pivoting, and beyond โ this library covers the full stack of what it takes to break into and grow in cybersecurity. PDFs, books, audio, video, and guides. Click any section to explore.
The official exam blueprint from CompTIA โ all 5 domains, topics, and subtopics you are responsible for on test day.
๐ Open PDFFree, objective-by-objective study notes written alongside his free video series. Print-friendly and perfectly exam-aligned.
๐ DownloadA comprehensive SY0-701 study guide covering all exam domains, key terms, and review questions. Great as a structured reading companion alongside video courses.
๐ View GuideThe gold-standard study guide for SY0-701 โ comprehensive coverage, review questions, and access to online practice tests.
๐ View BookThe definitive Linux reference โ covers installation, command line, shell scripting, networking, security, and system administration across major distributions. Essential for anyone building a serious security or sysadmin foundation.
๐ View BookBy Rufus Stewart โ a comprehensive guide to Bash scripting covering variables, loops, functions, and automation. Directly supports security automation, log parsing, and the scripting skills needed for SOC and pentesting roles.
๐ View BookBy Christine Bresnahan & Richard Blum โ Sybex official study guide for the LPI Linux Essentials exam. Covers Linux basics, open source philosophy, command line fundamentals, and scripting. Great entry-level Linux certification prep.
๐ View GuideBy Shiva V. N. Parasram โ hands-on guide to performing data acquisition, recovery, network forensics, and malware analysis using Kali Linux. Bridges Domain 4 incident response concepts with real practitioner tools and methodology.
๐ View BookAn accessible intro to penetration testing methodology โ covers intelligence gathering, test mapping, exploitation, analysis, documentation, and reporting. Great conceptual foundation for understanding what pentesters actually do before diving into technical tools.
๐ View BookBy Black Hills Information Security โ community-written guide covering common cyber threats, OSINT, GRC fundamentals, malware analysis, cloud security, tabletop exercises, network engineering, IT helpdesk career paths, and more. Packed with actionable knowledge and genuinely fun illustrations.
๐ View GuideStrategic breakdown of all control categories (Managerial, Operational, Technical, Physical) and functions (Preventive, Detective, Corrective, Deterrent, Compensating, Directive) with a built-in exam arbitration framework for tricky multiple-choice questions.
๐ View GuideIn-depth guide to using Wireshark for network security analysis, packet capture, and traffic inspection. Directly applicable to Domain 2 network analysis and threat monitoring skills.
๐ View BookCovers red team methodology, adversary simulation, and attack planning from a practitioner's perspective. Useful context for understanding offensive techniques tested in Domain 2.
๐ View BookBy Alfie Champion โ covers the art of collaborative defense by combining red team offensive techniques with blue team detection. Bridges the gap between attack simulation and real-world defensive improvement. Directly relevant to Domain 2 threat analysis and Domain 4 incident response.
๐ View BookExam Cram practice question bank by David L. Prowse covering both CompTIA A+ Core 1 and Core 2 exams. Reinforces foundational hardware, OS, networking, and security knowledge โ builds the baseline that Security+ assumes.
๐ View QuestionsSANS Institute courseware for FOR508 โ the gold standard in advanced incident response, threat hunting, and digital forensics. Aligned with the GIAC GCFA certification. Deep-dives into memory forensics, timeline analysis, and adversary tracking.
๐ View CoursewareSecuring Windows endpoints, cloud workloads, and infrastructure against ransomware using Microsoft Intune, Sentinel, and Defender. Practical coverage of detection rules, containment strategies, and recovery โ directly applicable to Domain 4 incident response.
๐ View BookA practical guide to modern web application pentesting โ covers recon, injection attacks, authentication bypasses, API testing, and reporting. Expands on Domain 2 threat techniques and Domain 4 vulnerability assessment concepts.
๐ View BookIndependent guide to getting the most from AI tools in 2025, including interactive AI projects and practical skill-building exercises. Relevant to AI/ML security implications and the emerging intersection of artificial intelligence and cybersecurity.
๐ View GuideSybex 4th edition โ 1,000+ practice questions covering both A+ Core 1 and Core 2 exams by Audrey O'Shea. Reinforces hardware, OS, networking, and security fundamentals that underpin everything in Security+.
๐ View BookA supplementary SY0-701 exam study guide covering all five domains with key terms, concept summaries, and review questions. Useful as a quick-reference companion alongside longer video or book-based study.
๐ View GuideStudy materials from Jason Dion's CySA+ CS0-003 certification prep course. Covers threat and vulnerability management, software and systems security, security operations and monitoring, and incident response โ directly relevant to Domain 4 operations.
๐ View BookComprehensive SY0-701 study guide by Ian Neil covering all five domains with exam tips, practice questions, and real-world scenarios. Ian Neil is known for his clear, example-driven teaching style.
๐ View BookA structured matrix mapping all CompTIA Security+ control categories and functions. Useful for quickly identifying which control type applies to a given scenario โ a common exam question pattern across Domains 1 and 2.
๐ View MatrixThe official ISC2 practice test bank for the CISSP exam covering all eight domains. While CISSP-level, these questions build deep analytical thinking that makes Security+ feel more manageable โ and prepare you for the next certification milestone.
๐ View TestsA quick-reference cheat sheet covering the most essential Linux command line commands โ navigation, file management, permissions, process control, networking, and more. Keep this open during labs and CTF practice.
๐ View Cheat SheetSybex official practice test book for the CySA+ CS0-003 exam by Mike Chapple and David Seidl. Full-length practice exams and chapter-by-chapter questions covering threat intelligence, vulnerability management, incident response, and security architecture.
๐ View TestsA practical reference for Wireshark display filter syntax covering protocol filters, IP and port filtering, flag-based filtering, and combining conditions with logical operators. Invaluable during packet analysis labs and network forensics practice.
๐ View ReferenceA structured overview of core networking concepts including IP addressing, subnetting, protocols, and network devices. Strong foundational reading for anyone working toward Security+ or Network+ who wants to solidify the networking layer before moving to security-specific topics.
๐ View ReferenceA condensed, print-optimized Security+ study guide. Covers key terms, formulas, and exam reminders in a layout designed to be printed double-sided and carried with you โ great for last-minute review before the exam.
๐ View GuideA concise reference guide for Cisco router CLI commands covering interface configuration, routing protocols, access control lists, and troubleshooting. Useful for CCNA study and understanding the router-level network security concepts that appear in Security+ Domain 3.
๐ View ReferenceA compact Security+ SY0-701 quick-reference guide. Covers high-priority topics, acronyms, and exam reminders in a streamlined format โ ideal for last-week review when you want to reinforce key concepts without re-reading full chapters.
๐ View GuideComplete free video playlist covering every single SY0-701 objective in order. The #1 free video resource for Security+. No account required.
๐ฌ Watch on YouTubeTop-rated SY0-701 video course with concise, exam-focused delivery. Frequently on sale. Includes lifetime access and practice questions.
๐ View on UdemyThe definitive knowledge base of adversary tactics, techniques, and procedures (TTPs). Directly referenced in Domain 2 threat actor and attack analysis.
๐ MITRE ATT&CKFree Security+ practice exams organized by domain and objective. Good for quick topic-specific quizzes and identifying weak areas.
๐งช Start PracticingBy Artem Polynko โ a free browser-based Security+ SY0-701 practice exam simulator with realistic question formats and instant feedback to help identify knowledge gaps before test day.
๐งช Launch SimulatorBy Artem Polynko โ free downloadable certification study guides covering Security+ and related cybersecurity certifications. Concise, practical, and exam-focused.
๐ Download Guides900+ SY0-701 practice questions with detailed answer explanations. Consistently rated the most realistic question bank available.
๐งช View BundleBrowser-based, guided hands-on labs covering Security+ concepts. No setup required โ learn by actually doing the thing, beginner-friendly.
๐ TryHackMeImport community-built Security+ decks and let the spaced repetition algorithm tell you what to review. Available on desktop and mobile.
๐ Get AnkiScan suspicious files, URLs, IPs, and hashes against 70+ antivirus engines. A go-to hands-on tool for practicing threat analysis and malware triage skills from Domain 2.
๐ VirusTotalThe US government's primary cybersecurity authority. Publishes advisories, alerts, best practices, and free training. Directly referenced in Domain 5 compliance topics.
๐๏ธ CISA.govThe gold standard voluntary framework for managing cybersecurity risk โ Identify, Protect, Detect, Respond, Recover. Core reference for Domain 5 governance and risk.
๐ NIST CSFFull library of NIST Special Publications (SP 800 series), FIPS standards, and the NIST CSF. The authoritative source for US federal cybersecurity guidance.
๐ NIST CSRCA public-private partnership between the FBI and the private sector for sharing critical infrastructure threat intelligence. Useful context for Domain 2 threat actor topics.
๐ InfraGardOfficial database of publicly disclosed vulnerabilities. Look up any CVE, view CVSS severity scores, and explore remediation guidance โ core to Domain 4.
๐ NVDDaily handler diaries and a global network of sensors tracking suspicious internet activity. Excellent for staying current on active threats โ relevant to Domain 2 threat monitoring.
๐ SANS ISCCommunity-driven, open threat intelligence sharing platform with millions of Indicators of Compromise (IoCs). Search IPs, domains, file hashes, and subscribe to threat pulses.
๐ OTXOne of the world's largest commercial threat intelligence teams. Provides real-time threat data, vulnerability disclosures, malware analysis, and IP/domain reputation lookups.
๐ TalosIndustry-standard blocklists and real-time threat intelligence for spam, malware distribution, and botnet command-and-control servers. Widely integrated into enterprise email security.
๐ SpamhausEnterprise-grade intelligence from one of the most respected incident response and threat research firms. Known for nation-state and APT group attribution and reporting.
๐ MandiantAdversary intelligence covering nation-state actors, eCrime groups, and hacktivists. Excellent for understanding threat actor profiling and the concepts behind Domain 2 TTPs.
๐ CrowdStrikeEnterprise threat intelligence platform that aggregates and operationalizes feeds from hundreds of sources. Used in SOC environments to correlate and act on threat data at scale.
๐ AnomaliOpen-source project tracking malware, botnets, and ransomware infrastructure. Provides free threat feeds including URLhaus, MalwareBazaar, and Feodo Tracker โ popular with SOC analysts.
๐ Abuse.CHA curated, searchable directory of free and open-source threat intelligence feeds. Useful for discovering which feeds are available for different threat types and how to consume them.
๐ ThreatFeeds.ioFree real-time IoC feeds from the Center for Internet Security's Multi-State Information Sharing & Analysis Center. Designed for government and election infrastructure partners.
๐ CIS MS-ISACCheck if an email address or password has appeared in a known data breach. Excellent for demonstrating real-world credential exposure risks covered in Domain 2 and Domain 4.
๐ HIBPBy Artem Polynko โ a curated collection of hands-on cybersecurity projects you can actually put on a resume. Covers multiple roles so you can target exactly what you want to break into.
๐ ๏ธ Browse ProjectsBy Artem Polynko โ a step-by-step SIEM monitoring lab using real attack scenarios. Builds hands-on SOC skills with log analysis, alert triage, and detection โ exactly what Security+ Domain 4 puts on the exam.
๐ Start LabBy Artem Polynko โ ten hands-on cloud security projects designed for aspiring cloud security engineers. Covers identity, policy, monitoring, and incident response in cloud environments โ relevant to Domain 3 cloud architecture.
โ๏ธ View ProjectsBy Artem Polynko โ ten practical projects to build and demonstrate SOC analyst skills for your resume. Covers threat detection, log analysis, SIEM work, and incident response โ tying directly to Domain 4 operations.
๐ต๏ธ View ProjectsBy Artem Polynko โ ten hands-on identity and access management projects for IAM analyst roles. Builds practical skills around authentication, authorization, and provisioning โ concepts central to Domain 1 and Domain 4.
๐ View ProjectsBy Artem Polynko โ seven practical GRC projects to build governance, risk, and compliance skills. Directly supports Domain 5 (Program Management & Oversight) and prepares you for GRC analyst roles.
๐ View ProjectsBy Artem Polynko โ seven hands-on projects for building tech support skills and adding them to your resume. Great for entry-level candidates using IT support as a stepping stone into cybersecurity.
๐ฅ๏ธ View ProjectsBy Artem Polynko โ seven practical sysadmin projects that build the foundational infrastructure skills security professionals rely on daily. Covers user management, scripting, networking, and hardening.
โ๏ธ View ProjectsBy Gerald Auger (SimplyCyber) โ covers cybersecurity roles in industry, how to find jobs, resume templates for cyber professionals including lab work, and interview prep with Q&A breakdowns. Practical job-hunting guide for people transitioning into cyber.
๐ View KitA complete interview preparation guide for breaking into cybersecurity. Covers technical interview questions, resume strategy, role-specific prep (SOC analyst, pentester, GRC), and soft skills โ the bridge from studying to landing the job.
๐ View BookSpecial Thanks
A sincere thank you to Misty Branch and Soufiane El Hamdani for generously sharing materials and resources that made this collection possible. Your support and willingness to help others in their learning journey is greatly appreciated.
Resource Disclaimer
The materials, files, and links shared here were collected from publicly available sources or received from others for educational purposes. I do not own, author, or take credit for any third-party content. If a resource becomes unavailable, it is beyond my control. All trademarks and copyrights belong to their respective owners. Please use these resources responsibly and in accordance with each platform's terms of service.
ยฉ 2026 Charlene LueQuee โ All Rights Reserved.
The original study pages, cartoon analogies, interactive features, curriculum design, and creative content throughout this hub were created by Charlene LueQuee and are protected by copyright.
You may use this material for personal study only. Reproduction, redistribution, republication, or use of this original content โ in whole or in part โ without express written permission is prohibited.
This platform was intentionally designed to demonstrate applied competencies in instructional design, governance, and human-centered learning โ not just technical knowledge.
Every page on this hub follows the ADDIE instructional design model. Learner needs were analyzed against CompTIA SY0-701 exam objectives; content was designed around schema activation and character-to-concept mapping; interactive elements (flashcards, quizzes, games) were developed to support spaced repetition and retrieval practice; the site is deployed via GitHub Pages for open access; and ongoing revisions reflect continuous evaluation of what works for retention.
The curriculum is scoped directly to the NIST Cybersecurity Framework and CompTIA SY0-701 domain objectives, with dedicated coverage of Governance, Risk, and Compliance concepts including risk registers, policy frameworks, incident response procedures, and audit readiness. Content organization mirrors how security awareness training is structured in enterprise environments.
This platform was built entirely through human-led, AI-assisted development โ using Claude to generate, iterate, and refine every component from the ground up. The result demonstrates not just what was learned, but proficiency in leveraging modern AI tools to produce professional-grade instructional content, interactive applications, and technical documentation at speed.
Interested in how this curriculum was structured? The full instructional design portfolio โ including ADDIE documentation, learning objective mapping, and Training & Curriculum work โ lives on the main portfolio site.
View Full Portfolio & Curriculum Design Work โ
