Difference between CompTIA Security+ SY0-401 and SY0-501?

Click here for the complete Security+ SY0-501 Exam Objectives

Really cool resource!

Are you certified on the CompTIA Security+ SY0-401 exam, but need to update your certification for the next generation? In the study guides below, we’ve isolated every sub-objective that’s both new and specific to Security+ SY0-501 for each Main Domain. With our help, you’ll be able to streamline your studying, avoid repetitive material from the past exam, and zero in exclusively on new content.

Security+ SY0-501 Main Domains Click below links for downloadable PDFs
1.0   Threats, Attacks and Vulnerabilities Security+ Exam sub-objectives 1.0 New to SY0-501
2.0   Technologies and Tools Security+ Exam sub-objectives 2.0 New to SY0-501
3.0   Architecture and Design Security+ Exam sub-objectives 3.0 New to SY0-501
4.0   Identity and Access Management Security+ Exam sub-objectives 4.0 New to SY0-501
5.0   Risk Management Security+ Exam sub-objectives 5.0 New to SY0-501
6.0   Cryptography and PKI Security+ Exam sub-objectives 6.0 New to SY0-501

So how different should we expect the new Security+ SY0-501 to be compared to the current SY0-401?

How much of the content is changed?

Between SY0-401 and SY0-501 there is about a 25% overall change in content. The new exam focuses more on:

  • Attacks
  • Risk management
  • …and hands-on skills using technologies and tools

The main exam objectives have been re-ordered and re-named to better reflect instructional design organization as well as the changing emphasis of industry cybersecurity trends.

The broad brush

So what kind of new content can you expect to see in the Security+ SY0-501?

Remember that Security+ is about a mile wide and an inch deep, so we need a broad brush.  Essentially, the new material in CompTIA’s Certification Exam Objectives for Security+ SY0-501 covers technologies that weren’t yet widely used when the SY0-401 was released.

These newer technologies include the following:

– Cloud support and cloud security
– Expansion of Virtualization and how to secure it
– Mobile device security and common breaches
– Securing cart technology and payment systems
– More on monitoring tools and the analysis of their metrics
– More on network access control models
– Sideloaded applications, including their management, verification and validation
– Samsung, LG and/or other manufacturer specific issues

For a more detailed breakdown, follow the links to the pdfs above.

Like previous CompTIA Security+ updates, the SYO-501 will also increase the emphasis on practical knowledge. These sub-objectives will start with phrases like “Given a scenario…”

Like previous CompTIA Security+ updates, the SYO-501 will also increase the emphasis on practical knowledge. These sub-objectives will start with phrases like “Given a scenario…”

Step #1: The Job Task Analysis

The first step in any CompTIA exam update is to perform a Job Task Analysis (JTA), in which CompTIA consults hundreds of subject matter experts. These experts tell CompTIA exactly what changes are occurring in the profession and what trends to watch in the near future. CompTIA then updates its exam questions accordingly.

What has NOT changed: The job roles

The Security+ SY0-501 exam remains grounded in the same job roles as the SY0-401: security administrator and information assurance specialist.

Typical SY0-501 job titles include:

  • Security Administrator
  • Systems Administrator
  • Network Administrator
  • Security Specialist
  • Security Administrator
  • Security Consultant
  • Junior IT Auditor
  • Junior Penetration Tester

 

Nature of changes to the exam content

There are several new themes for the new Security+ 501 exam. Here are the main changes:

  • Importance of risk mitigation concepts
  • Best practices
  • Techniques.

This is the result of seeing more Distribute Denial of Service (DDoS), ransomware, phishing, and business email attacks. These and other attacks have over the last few years become more varied, sophisticated and therefore more successful, it is more important than ever for security professionals to accurately identify these threats and understand how to rapidly deploy the most effective responses to resolve them.

There is also a new emphasis on policy-based decisions, as well as understanding frameworks. Increasingly, security procedures have become a policy-based. The exam includes a renewed emphasis on multifactor authentication techniques and tools.

What is all that security for?

It is important to set these very long lists of exam objectives in a meaningful context. Therefore, the Security+ 501 exam now includes an emphasis on how security techniques, policies, and best practices all are the foundation for privacy. For the security administrator, one of the job roles defined by the Security+ JTA, this must remain a critical focus.  The surveys done in preparation for the SY0-501 update have shown that an organization must first have its security practices in order before it can address privacy properly.

Should I take the Security+ SY0-401 now or wait for the SY0-501 exam?

The short answer is of course that you should take the version available at the time you need to be certified. Doesn’t take a genius to figure that one out! However, there are other considerations too. One is that although the “latest and greatest” always has its appeal. When it comes to CompTIA certification your certification is valid for three years from the date you pass the exam. It doesn’t matter if that date happens to be one day before the retirement date of the exam, you are still certified for three years no matter what. The other consideration is always a tendency to prefer “the devil we know”. There is predictability in committing to Security+ SY0-401 that the SY0-501 objectives can’t offer just yet. It seems pretty certain that if you are planning on getting certified in 2016 and even into spring of 2017 you will have to pick the current version.

CompTIA Security+ Practice Test

CertBlaster offers practice tests for Security+ SY0-501. The product includes 450 questions, including what CompTIA calls Performance-Based Questions (PBQs). Below is a screenshot of an important Performance Based Question type that you’ll face in the Security+ exam. This type of question puts you in a situation where you’ve been hacked and can see the script used. Based on the script, you’ll be asked what server is under attack, what type of attack it is, and the best defense against that attack.

 

Performance Based Question Security+ SY0-401 Practice Test
Example of Performance Based Question in CertBlaster Security+ Practice Test

 

 

26 thoughts on “Expected difference between CompTIA Security plus SY0-401 and SY0-501?

    1. Hi Roger, we are expecting Security+ SY0-501 by next summer wuith a “garce period” for SY0-401 till the end of December 2017.

        1. You are right Tom! Initially, Oct. 4th was supposed to only be the CompTIA Partner date for partners to “Certify in SY0-501. Attend/watch on-demand Security+ (SY0-501) Train-the-Trainer or other methods of SY0-501 classroom preparation…” However, now that anyone can register at Pearson/VUE for the test its not “only” anymore… The CompTIA Launch Campaign is however still only starting on October 25th.

      1. Hi Rafi, the proper date is Oct. 25 for the release by CompTIA of the exam and by us of the test prep. We could not immediately find the Oct. 4th reference you are mentioning. If you could narrow it down or send us a screenshot that would be greatly appreciated!

          1. Thanks Dave! That date is supposed to be for CompTIA educational partner while the October 25 date is for the public. I was concerned we were flashing that date on our site…

  1. Hi ,

    I am planning for Security+ SY0-501(October 4, 2017), however there are no any books available till now.
    Is that fine if i will follow the book of Security+ SY0-401 ?.

    1. That is not going to be optimal. You can expect that there will be about a 30% difference between the new SY0-501 objectives and the current SY0-401 exam objectives. Considering that you will need on or about an 85% score to pass this would be a very risky bet. Understand that if you were to take SY0-401 now or in October it will still be valid for the exact same duration as the new SY0-501 i.e. 3 years from exam date.

  2. I am planning to take SY0-401 by October, 2017. Agreed it will be valid for 3 years.

    But what after 3 years? Will I have to take exam with SY0-501 or next launch to validate it again, or they can renew 401 by just paying the renewal?

    1. Actually, you have a lot longer than that. CompTIA gives you a six month “grace period” past the introduction of SY0-501 so, the good news is, you have until the 24th plus six months!

  3. I called CompTIA and asked which exam I should take given the release date of 501 version. I have been studying for the 401 Exam. They told me that I should take the one I have been studying for (401). They said that I had until July 2018 to take the 401. She did say that once the 501 is released and you go to purchase it, make sure and choose the appropriate one that you want (401 or 501)

  4. I am studying to take the test. my question isn’t so much about the test but prepping for it. I was looking over the page and then saw this

    “For Ever License”: Your license duration is literally for longer than you will need it i.e. for the life of the certification exam you are preparing for plus six months past its retirement date!

    -If i buy the cert blaster material for 401. it says its good for the lifetime of the test plus 6 months. I wont need it in the next year but I might need it in 3 years. would I have to pay the full price for 501 material?

    1. Yes John, SY0-401 will still be available until July 2018 at which time it will be retired. During this grace period, both exams will be available at the testing centers. Whichever exam you choose to take your Security+ certification will be valid for three years from your exam date.

  5. I am planning to take the security+ exams at the end of December, 2017. Which version do you recommend I should take? SY0-401 or SY0-501?. Thanks.
    James.

    1. Hi James, it depends mostly on whether you have done any training or prep for SY0-401. If you have, you should absolutely go for that exam. If you are starting “from scratch” now then either will be just as good as the other except that SY0-401 has a hard deadline in July next year as it will then be retired by CompTIA. If you are just planning on passing it within a month or so then both are equals. To compare content you can download the exam objectives for SY0-501 here and for SY0-401 here. We also have a post on that subject here.

  6. Hi i am interested in getting security+ but due to my school not offering it can u recommed where ican get the newest 501 test preparation with book and study guide thank u

    1. Hi Tere, a quick internal straw poll votes “CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide” by Derril Gibson the best SY0-501 book. Also, make sure to check out the Professor Messer videos for Security+. For the newest (and in our opinion best) test preparation software we recommend CertBlaster SY0-501 exam simulation software. Good luck!

Leave a Reply

Your email address will not be published. Required fields are marked *

On Facebook

Share This
Real Time Web Analytics