TrainACE - IT and Cybersecurity Training Blog

CompTIA's New Security+ Exam: SYO-501

[fa icon="calendar"] Oct 23, 2017 12:00:00 PM / by Madeline Sita

sec blog-1The lucrative world of Information Technology is dynamic and developing constantly. With some of the highest job growth projections of any industry, there has never been a better time to get certified and start a new career path in this industry. So you are probably asking yourself, where do I begin?


A good starting point, besides CompTIA’s A+/Network+ course, is a Security+ course, especially since CompTIA just announced an updated exam for Security+, SYO-501. No matter the old (SYO-401) or new exam, the Security+ course will teach you everything relative to security concepts pertaining to communications, infrastructure, and cryptography—all knowledge you will need when it comes to exam time! This credential will demonstrate to employers that you have the necessary skills to protect you and your company from the bad guys (hackers).


Here are some key differences between SYO-401 and SYO-501:

  • The range of topics is similar, but some topics are explored in more detail; there is more content to cover.
    • For example, some SY0-401 objectives are broken down into several SY0-501 objectives to expand coverage of the same topic.
  • SY0-501 objectives cover lower Bloom’s taxonomy layers compared to SY0-401.
    • SY0-401 objectives focused on analyzing (Layer 4) – intermediate skills and entry-level
    • SY0-501 focuses on applying (Layer 3) – entry-level skills
  • SY0-501 objectives cover usually lower-level learning objectives through knowledge, comprehension, and application. The SY0-401 exam covered the more intermediate analysis level. Analysis is now found in intermediate-level certifications, such as CompTIA Cybersecurity Analyst (CSA+).
  • The updated exam puts more of a stress on attacks, risk management and hands-on skills using the applicable technologies and tools. The domains were re-ordered and re-named to mirror better ID organization and importance of cybersecurity industry trends, as determined in the Security+ SY0-501 Job Task Analysis (JTA).
  • In a nutshell, there is more content to cover, because there is more detail, makes sense!
    • The exam questions focus on applying technology (Layer 3) instead of previously more-difficult analysis (Layer 4) skills.


New themes:

  • The importance of risk mitigation concepts, best practices and techniques.
    • Distribute Denial of Service (DDoS), ransomware, phishing, and business email attacks have become quite common. As these and other attacks have become more varied and popular, it is more important for security professionals to accurately identify threats and issues, and then act fast to assign resources to resolve them.
  • A fresh perspective on policy-based decisions, as well as understanding frameworks.
  • Progressively, security procedures have become a policy-based. The exam shows a renewed emphasis on multifactor authentication techniques and tools.
  • An emphasis on how security techniques and best practices are the foundation for privacy.
    • This is a continuing concern at the level of the security administrator, one of the job roles defined by the Security+ Job Task Analysis (JTA). Professionals in the industry have noted that an organization must first have its security practices in order before beginning to address privacy.


Why is the Security+ exam changing?

CompTIA suggests that 25% of the exam content has changed and that the content is both broader and more in depth. The exam is updated to reflect the latest cybersecurity technology and workforce trends at the Security+ level. In addition, ISO/ANSI 17024 approval requires an exam update every three years. It is anticipated that Security+ will continue to raise the standard for cybersecurity professionals worldwide.



  • Can I still take SYO-401 if I have been studying for that exam?
    • The answer is yes. CompTIA indicates that the SY0-401 exam will be available until July 31st, 2018.
  • When will the new exam be available?
    • I know the suspense is killing you! The SY0-501 Exam will be marketed and generally available to the public starting October 25th, 2017. Only a couple more days!

So that about covers the essentials for the new SYO-501 exam. Keep browsing our website for related course postings in the near future as we discover and confirm its relevance. 

Stay secure!


Topics: CompTIA, Cybersecurity, Security+

Madeline Sita

Written by Madeline Sita

Need IT Certifications?
Want more info?

Call (301) 220-2802