The CompTIA Security+ SY0-401 exam is officially slated to be replaced by Security+ SY0-501 exam on July 31, 2018. Initially released in October 2017, SY0-501 reflects the continuing evolution in the cybersecurity environment. We are pleased to announce that TrainACE is adopting this new version of Security+ in its training schedules.
So what is Security+ and what has changed between versions SY0-501 and SY0-401?
CompTIA Security+ Overview
If you are looking to enter the potentially lucrative cybersecurity industry then CompTIA’s Security+ certification is the baseline certification you will need to get started. Since it was introduced Security+ quickly became the industry standard for anyone looking to get into IT systems security.
Security+ training teaches you the fundamentals of implementing and monitoring security on networks and computer systems, and how to respond to security breaches. The certification gives assurance that you can handle setting up secure environments and handle the challenging situations surrounding security breaches, including the following skills:
- Security fundamentals
- Basic risk identification and analysis
- Threat identification and assessment
- How to secure IT infrastructure security
- Operational security and general security processes
- Incident response and business continuity
As the number of attacks on all types of industry gets increasingly sophisticated and widespread, more and more businesses are realizing the importance of securing networks and data. This realization, coupled with a technical skills shortage, means that if you have attained a Security+ certification you are likely to be much in demand. This is particularly true within the Military and Government, where security is paramount.
In the USA the government has codified certification requirement for its Information Assurance (IA) staff under DoD Directive 8570. This directive states which certifications government and military IT staff must have in order to attain certain roles within these organizations. CompTIA certification figures heavily in Direct 8570, including CompTIA Security+.
In addition, CompTIA’s Security+ certification is recognized globally so even if you are looking to work overseas, Security+ gives your career path wide scope.
Security+: The difference between SY0-501 and SY0-401
Overall, the changes to Security+ re-establish the certification as a baseline for the cybersecurity industry and bring it more in line with a rapidly expanding and maturing field. Over the years Security+ had moved to a more intermediate skill level but with the cybersecurity growing and developing into specialist areas, CompTIA saw the need to reset the certification as a baseline, cover-all test, and move intermediate skills testing into the more advanced certifications such as CySA+.
The new SYO-501 certification is much more focused on a practical understanding of the subject matter. The objectives now cover lower-level learning objectives through knowledge, comprehension, and application whereas the SY0-401 exam covered a more intermediate analysis level. This level of Analysis has been integrated into the intermediate-level certifications, such as CompTIA Cybersecurity Analyst (CySA+). In all CompTIA estimates that there is an approximate 25% change between SY0-501 and SY0-401.
In line with the rapid growth in knowledge of the cybersecurity industry, the new certification covers more content by breaking down similar topic areas into more detail. The domains have been re-ordered and re-named to better reflect organization and emphasis on industry cybersecurity trends, as determined in the Security+ SY0- 501 Job Task Analysis (JTA).
- 1.0 Network Security 20%
- 2.0 Compliance and Operational Security 18%
- 3.0 Threats and Vulnerabilities 20%
- 4.0 Application, Data, and Host Security 15%
- 5.0 Access Control and Identity Management 15%
- 6.0 Cryptography 12%
- 1.0 Threats, Attacks and Vulnerabilities 21%
- 2.0 Technologies and Tools 22%
- 3.0 Architecture and Design 15%
- 4.0 Identity and Access Management 16%
- 5.0 Risk Management 14%
- 6.0 Cryptography and PKI 12%
The new certification has been re-engineered with a stronger focus on attacks, risk management and hands-on skills using technologies and tools. At the same time coverage of Bloom’s taxonomy layers have been lowered to applying Layer 3 or entry-level understanding, whereas the old Security+ SY0-401 covered more intermediate skills by testing analyzing layer 4.
The range of topics in SY0-501 is similar but several SYO-401 topics are expanded into multiple objectives to deepen understanding of the subject.
The job roles remain similar between the two different versions of the certification:
SY0-401 Job Roles
- Security or Systems Administrator
- Network Administrator
- Security Specialist/Administrator
- Security Consultant
SY0-501 Job Roles
- Systems Administrator
- Network Administrator
- Security Administrator
- Junior IT Auditor/Penetration Tester
In conclusion, the changes to the Security+ certification are, in effect, a step back to the future. In pulling back the skill level a little and focusing on practical application of security skills it has been able to broaden the coverage of the exam to encompass an expanding cybersecurity knowledge base. This makes the certification an ideal starting point for anyone looking to jump into the industry regardless of which your future specialization might be.
And, although the new certification requires you to cover more content, in more detail the end result is that while you will have to be prepared to cover more content, you will gain a deeper understanding of the field.