The Expected difference between CompTIA Security+ SY0-501 and SY0-601

Every three years CompTIA releases a new and updated version of its exams. Update: We are now expecting it in November 2020. Although CompTIA is not telling when the new Security+ SY0-601 Exam will be released, we hear that November should be the month. Below we will take a look at what we believe the difference between CompTIA Security+ SY0-501 and SY0-601 may be.

Click here for the current Security+ SY0-501 Exam Simulator and Practice Test

The current Security+ SY0-501 was released on October 4, 2017, and will be retired in the spring of 2021, probably in March – there is a 6 month “grace period” where these two versions will overlap and you will actually be able to choose which exam you prefer to sit for (see bottom of this post for more on that).

How much of the content will change?

Between the new Security+ SY0-601 and the current SY0-501 we should expect about a 25% overall change in content with the rest being carried forward. The new exam will likely focus more on:

  • Cybersecurity threats
  • Risk management techniques
  • IoT threats – Alexa said that this isn’t a problem…
  • …and hands-on skills using technologies and tools

The main exam objectives will be re-organized to better reflect the changing emphasis of industry cybersecurity trends as well as instructional design enhancements.

So, what kind of new content can you expect to see in the Security+ SY0-601?

Understanding that the Security+ exam is about a mile wide and an inch deep, we need a really broad brush.  Essentially, the new material in CompTIA’s Certification Exam Objectives for Security+ SY0-601 will cover technologies that were not yet widely adopted at the time the Security+ SY0-501 was released.

These newer technologies include the following (some or all of which would end up on the new exam objectives):

– Cloud support to likely be enhanced as is and cloud security
– Growth of Virtualization platforms and how to secure them
– Common mobile device security breaches
– Securing online payment systems and cart technology
– More on monitoring tools, their metrics and the analysis of their data
– Emphasis on network access control models
– Manufacturer-specific issues regarding mobile device security

Like previous CompTIA Security+ updates, the SYO-601 will also most probably increase the emphasis on practical knowledge through Performance Based Questions (PBQs). The sub-objectives affected by that would start with a phrase like “Given a scenario…”

Click here for the current Security+ SY0-501 Exam Simulator and Practice Test

Analysis of the Job Task

The first step in any CompTIA exam update is to perform a Job Task Analysis (JTA), in which CompTIA consults subject matter experts drawn from administrators of large networks, device manufacturers and industry leaders. These experts tell CompTIA exactly what changes are occurring in the profession and what developing trends to anticipate. CompTIA then updates its exam questions accordingly.

What is NOT changing: The job roles

The Security+ SY0-601 exam remains grounded in the same job roles as the SY0-501: security administrator and information assurance specialist.

Typical SY0-601 role titles include:

  • Cyber Security Specialist
  • Cyber Security Administrator
  • Cyber Security Consultant
  • Systems Administrator
  • Network Administrator
  • Junior IT Security Auditor
  • Junior Penetration Tester

Nature of changes to the exam content

There are several new themes for the new Security+ 601 exam. Here are the main changes:

  • Risk mitigation with increased device configuration
  • Best practices for cybersecurity and organizational security
  • Deeper penetration test and vulnerability scan

This is the result of seeing more Distribute Denial of Service (DDoS), cryptographic ransomware, phishing, and business email attacks. These and other attacks have over the last few years become more varied, sophisticated and therefore more successful, it is more important than ever for security professionals to accurately identify these threats and act decisively. Resolution of a threat or attack depends on quick identification of the threat type and the rapid deployment of the most effective solution.

There is also a increased emphasis on policy-based decisions, as well as understanding frameworks. Increasingly, security procedures have become a policy-based. The exam includes emphasis on SS0, multifactor authentication techniques and tools.

Cyber Security for what?

It is important to set these very long lists of exam objectives in a meaningful context. Therefore, the Security+ exam now includes an emphasis on how security techniques, policies, and best practices all are the foundation for privacy. For the security administrator (one of the job roles defined by the Security+ JTA) this must remain a crucial focus.  The surveys in preparation for the SY0-601 update will probably show a prerequisite for any organization id that it must first have its security practices in order before it can address privacy in a meaningful way.

Should I take the Security+ SY0-501 now or wait for the new SY0-601 exam?

Logic would indicate that you should take the version available at the time you need to be certified. That’s simple enough. However, there are other things to consider too. One is that although the “latest and greatest” always has its appeal, chances of success at the exam matters too. When it comes to CompTIA certification your certification is valid for three years from the date you pass the exam. It doesn’t matter if that date happens to be one day before the retirement date of the exam, you are still certified for three years no matter what. The other consideration is always a tendency to prefer “the devil you know”. There is predictability in committing to Security+ SY0-501 that the SY0-601 objectives can’t offer just yet as it is known that CompTIA adjusts and recalibrates an exam for the first six months to a year after the release date.

Performance Based Question Security+ SY0-501 Practice Test
Performance Based Question (PBQ) Security+ Practice Test

6 thoughts on “The Expected difference between Security+ SY0-501 and SY0-601

    1. No, not yet. It is slated to come out in October. The current Security+ SY0-501 will still be in the testing centers for about another year i.e. till October plus the 6 mo. “grace period” during which CompTIA allows both tests to be available at the same time. Whichever test you choose, you will be certified for three years from your exam date. Here is some more info on retirement dates:

      1. I have been studying for awhile (since last year) and I am about to take the SY0-501 before it expires. Does the exam add or update questions within the 3 years that it is active?

        For example, if I purchased a book to study from last year for SY0-501 content, do I require a more updated one that was published this year, 2020 in case there were new questions added to the SY0-501 exam? Or does the content stay the same for all 3 years.


        1. Hi John, any addition or update of questions done during the three-year cycle of any CompTIA version, are done against that version’s exam objectives. This means that the book you bought for SY0-501 is still a good study source for the SY0-501 exam. On another note, although the Security+ SY0-501 is soon being replaced by the Security+ SY0-601 you are not in too much of a hurry as the Security+ SY0-501 will benefit from a 6-months “grace period” past the release date of Security+ SY0-601.
          Best of luck on exam day!

  1. So if I want to take the Security+ SY0-501 in December 2020 I can because of the 6 months grace period?

    1. Yes, Ayana, that is exactly right! And best of luck to you from the entire CertBlaster Team!

Leave a Reply

Your email address will not be published. Required fields are marked *

On Facebook

Trust Guard Security Scanned
Share This
Real Time Web Analytics