3.1. Domain 2.0 - Security

Imagine a castle with only one wall. An attacker who breaches that wall has access to everything. Now imagine a castle with walls, a moat, guards, locked doors, and a vault. That's defense-in-depth—and it's how modern security works.

What happens without proper security? A single phishing email can compromise an entire network. A stolen laptop without encryption exposes every file. A shared admin password means you can't trace who made a destructive change. Security isn't about paranoia; it's about understanding what breaks when protections fail.

This domain covers 28% of the exam—tied with Operating Systems as the largest. You'll need to understand both physical security (locks, cameras, access control) and logical security (authentication, encryption, malware defense). Consider: why does MFA matter more than a complex password alone? What's the trade-off between user convenience and security?