Difference between CompTIA Security+ SY0-401 and SY0-501?
Really cool resource!
Are you certified on the CompTIA Security+ SY0-401 exam, but need to update your certification for the next generation? In the study guides below, we’ve isolated every sub-objective that’s both new and specific to Security+ SY0-501 for each Main Domain. With our help, you’ll be able to streamline your studying, avoid repetitive material from the past exam, and zero in exclusively on new content.
|Security+ SY0-501 Main Domains||Click below links for downloadable PDFs|
|1.0 Threats, Attacks and Vulnerabilities||Security+ Exam sub-objectives 1.0 New to SY0-501|
|2.0 Technologies and Tools||Security+ Exam sub-objectives 2.0 New to SY0-501|
|3.0 Architecture and Design||Security+ Exam sub-objectives 3.0 New to SY0-501|
|4.0 Identity and Access Management||Security+ Exam sub-objectives 4.0 New to SY0-501|
|5.0 Risk Management||Security+ Exam sub-objectives 5.0 New to SY0-501|
|6.0 Cryptography and PKI||Security+ Exam sub-objectives 6.0 New to SY0-501|
So how different should we expect the new Security+ SY0-501 to be compared to the current SY0-401?
How much of the content is changed?
Between SY0-401 and SY0-501 there is about a 25% overall change in content. The new exam focuses more on:
- Risk management
- …and hands-on skills using technologies and tools
The main exam objectives have been re-ordered and re-named to better reflect instructional design organization as well as the changing emphasis of industry cybersecurity trends.
The broad brush
So what kind of new content can you expect to see in the Security+ SY0-501?
Remember that Security+ is about a mile wide and an inch deep, so we need a broad brush. Essentially, the new material in CompTIA’s Certification Exam Objectives for Security+ SY0-501 covers technologies that weren’t yet widely used when the SY0-401 was released.
These newer technologies include the following:
– Cloud support and cloud security
– Expansion of Virtualization and how to secure it
– Mobile device security and common breaches
– Securing cart technology and payment systems
– More on monitoring tools and the analysis of their metrics
– More on network access control models
– Sideloaded applications, including their management, verification and validation
– Samsung, LG and/or other manufacturer specific issues
For a more detailed breakdown, follow the links to the pdfs above.
Like previous CompTIA Security+ updates, the SYO-501 will also increase the emphasis on practical knowledge. These sub-objectives will start with phrases like “Given a scenario…”
Step #1: The Job Task Analysis
The first step in any CompTIA exam update is to perform a Job Task Analysis (JTA), in which CompTIA consults hundreds of subject matter experts. These experts tell CompTIA exactly what changes are occurring in the profession and what trends to watch in the near future. CompTIA then updates its exam questions accordingly.
What has NOT changed: The job roles
The Security+ SY0-501 exam remains grounded in the same job roles as the SY0-401: security administrator and information assurance specialist.
Typical SY0-501 job titles include:
- Security Administrator
- Systems Administrator
- Network Administrator
- Security Specialist
- Security Administrator
- Security Consultant
- Junior IT Auditor
- Junior Penetration Tester
Nature of changes to the exam content
There are several new themes for the new Security+ 501 exam. Here are the main changes:
- Importance of risk mitigation concepts
- Best practices
This is the result of seeing more Distribute Denial of Service (DDoS), ransomware, phishing, and business email attacks. These and other attacks have over the last few years become more varied, sophisticated and therefore more successful, it is more important than ever for security professionals to accurately identify these threats and understand how to rapidly deploy the most effective responses to resolve them.
There is also a new emphasis on policy-based decisions, as well as understanding frameworks. Increasingly, security procedures have become a policy-based. The exam includes a renewed emphasis on multifactor authentication techniques and tools.
What is all that security for?
It is important to set these very long lists of exam objectives in a meaningful context. Therefore, the Security+ 501 exam now includes an emphasis on how security techniques, policies, and best practices all are the foundation for privacy. For the security administrator, one of the job roles defined by the Security+ JTA, this must remain a critical focus. The surveys done in preparation for the SY0-501 update have shown that an organization must first have its security practices in order before it can address privacy properly.
Should I take the Security+ SY0-401 now or wait for the SY0-501 exam?
The short answer is of course that you should take the version available at the time you need to be certified. Doesn’t take a genius to figure that one out! However, there are other considerations too. One is that although the “latest and greatest” always has its appeal, chances of success at the exam matters too. When it comes to CompTIA certification your certification is valid for three years from the date you pass the exam. It doesn’t matter if that date happens to be one day before the retirement date of the exam, you are still certified for three years no matter what. The other consideration is always a tendency to prefer “the devil we know”. There is predictability in committing to Security+ SY0-401 that the SY0-501 objectives can’t offer just yet as it is known that CompTIA adjusts and recalibrates an exam for the first six months to a year post release date.
Here is the recommendation
If you are planning on getting certified in the spring/summer of 2018 you will have a choice of two versions: Pick whichever one you are the most comfortable with after taking a really close look at the exam objectives of both.
CompTIA Security+ Practice Test
CertBlaster offers practice tests for Security+ SY0-501. The product includes 450 questions, including what CompTIA calls Performance-Based Questions (PBQs). Below is a screenshot of an important Performance Based Question type that you’ll face in the Security+ exam. This type of question puts you in a situation where you’ve been hacked and can see the script used. Based on the script, you’ll be asked what server is under attack, what type of attack it is, and the best defense against that attack.