Vol. 01 · Spring 2026 · Cipher Lane SE7

GARY'S SECURITY & STORIES

A Study Quarterly for SY0-701.

22 Narratives · 5 Domains · 6 Napkins

Every exam concept arrives as a scene in Gary's Coffee Shop on Cipher Lane. No bullet lists. No drills. Just stories that lock the material in.

Resume Reading Browse Domains
Vol. 01 · All 22 Stories

The Complete Run.

Reference · All Stories

The Napkin Index.

Every formula introduced across the 22 stories. The napkin is the artefact. The formula is the lock-in.

Formula / Rule What it means Story
SLE = AV × EFSingle Loss Expectancy: one incident's cost01 — Risk Assessment
ALE = SLE × AROAnnualised Loss Expectancy: yearly cost of a threat01 — Risk Assessment
ALE(before) − ALE(after) > cost of controlCost-benefit test: if true, buy the control01 — Risk Assessment
TCP: SYN → SYN-ACK → ACKThree-way handshake: reliable connection setup04 — TCP, DNS, DHCP
DHCP DORA: Discover → Offer → Request → AcknowledgeIP address assignment sequence over UDP04 — TCP, DNS, DHCP
Digital Signature = Hash + Encrypt(Private Key)Integrity + non-repudiation in one operation11 — Cryptography
ALE(before) − ALE(after) > cost → buy itRisk treatment decision rule01 — Risk Assessment
RPO = maximum acceptable data loss (backward)Determines backup frequency12 — Resilience & Backups
RTO = maximum acceptable downtime (forward)Determines recovery speed requirement12 — Resilience & Backups
RAID 5 = stripe + parity (survives 1 drive failure)Minimum recommended RAID for most use12 — Resilience & Backups
RAID 6 = double parity (survives 2 drive failures)Higher tolerance for storage pools12 — Resilience & Backups
Bell-LaPadula: no read up, no write downConfidentiality model for MAC08 — Access Control
Biba: no read down, no write upIntegrity model for MAC (opposite of Bell-LaPadula)08 — Access Control
Exam Mode · SY0-701

Test Yourself.

602 SY0-701 practice questions across 5 domains, audited against the official CompTIA objectives. Quick Drill, Mock Exam (90Q · 90 min), Domain Focus, Review Drill (wrong + spaced-repetition due). Plus 5 Performance-Based Question scenarios — the high-value simulation questions worth most of the exam score.

// Streak
0 days
 
// Drill queue
0
Wrong + spaced-rep due
// Best score
0%
 
// Questions seen
0/602
 
// Domain accuracy
602 Questions · 5 Domains · Audited
MCQ Practice
Quick Drill · Full Practice (timed) · Domain Focus · Review Wrong.
NOT STARTED 4 modes
5 Scenarios · Hotspot + Simulation
PBQ Walkthroughs
Attack/remediation matching · Log analysis · VPN config · Cloud diagram · Resiliency design.
REFERENCE 5 scenarios
SY0-701 · Domain Map

Five Domains.

1 General Security Concepts

The foundations. CIA triad, authentication models, cryptography, PKI, access control, and the vocabulary of security controls. Seven stories build this domain — it is the broadest of the five.

2 Threats, Vulnerabilities & Mitigations

The adversary's toolkit. Social engineering, malware taxonomy, application and network attacks, physical security, and the rogues gallery of threat actors. Five stories — dense with exam-critical specifics.

3 Security Architecture

How Cipher Lane is built. RAID, RPO/RTO, backup types, hot/warm/cold sites, DMZ, VLANs, zero trust, and VPN types. Two stories cover the structural layer that holds everything else up.

4 Security Operations

The shop floor. Ports and protocols, the OSI model, TCP/DNS/DHCP, and incident response. Four stories that cover the operational layer — what you see on the wire and what you do when it goes wrong.

5 Security Program Management & Oversight

The numbers behind the decisions. Risk assessment, quantitative vs qualitative methods, and the four risk responses. One story — the one that started it all — covering the maths Gary wrote on a napkin the morning after the break-in.