Students and our sales staff are asking lots of questions about the recently announced CompTIA Security+ SY0-501 exam. Selected aspects of the exam have not been announced. I was able to review a CompTIA partner webinar covering the new exam, and acquire a forty page detailed mapping document. My deep dive isn’t complete, though this blog should suffice to answer the most relevant student and sales questions.
You might get somewhat of an overview on your own directly from CompTIA by reading through their Security+ pages. Click the link for exam details or scroll down the page, where you can monitor for any updates. Don’t check too soon, however, since CompTIA indicates that they will not start their public marketing effort until October 25th, 2017.
I have access to their partners’ page which provides a few more details, and you should be able minimally to access the landing page to monitor for additional updates or changes.
Although I prefer prose, this blog will more closely affect a FAQ so that you can quickly find the answers most relevant to your needs.
When will the new exam be released?
CompTIA has announced that the Security+ SY0-501 exam will become available on October 4th, 2017. Early availability is primarily being provided for partners, courseware developers, and instructors so that they can prepare or certify by taking the new exam. The SY0-501 Exam will be marketed and generally available to the public starting October 25th, 2017. Japanese and Portuguese exams will be released shortly after this date.
When will the old (SYO-401) Security+ exam be retired?
CompTIA indicates that the SY0-401 exam will be available until July 31st, 2018 in English. Portuguese and Japanese exams will retire 6 to 9 months after the English version.
Which version of the exam should you or must you take?
During the exam date overlap, you may purchase a voucher and take either exam. You should check with your employer regarding their preference. Regardless of the exam version that you complete, both are part of the CompTIA Continuing Education program, so you will need to retake the then current version of the exam each three years, or complete the alternative recertification elements. The driving factor is possibly your familiarity with exam content on the SY0-401 version versus the SY0-501 version.
When will Interface Technical Training (and other vendors) start delivering content for the SY0-501 exam?
SEC155: CompTIA Security+ Skills with Certification Exam
Courseware developers have only had a few months to conduct courseware updates, with early content releases expected mid or late August. Interface Technical Training will immediately begin reviewing and preparing for delivery. Our planned preparation date is December 2017, and we will be ready to identify the course version on our website. After potential students read this review, we may be driven to provide a couple more cycles of the SY0-401 exam content. Sales and marketing may determine the shift in delivery schedule based on customer demand.
A survey of partners, instructors, other delivery channels who may offer courses supporting the new exam objectives suggested that the following range of start dates:
| Q4 2017 | 36% |
| Q1 2018 | 38% |
| Q2 2018 | 12.5% |
| Q3 2018 | 13.5% |
What are the most significant changes on the exam?
While there are many detailed changes, perhaps the most significant is an increased requirement for hands on troubleshooting skills. Interface Technical Training has always offered, in fact insisted, on substantial hands on opportunity during our course delivery. This trend will continue and grow, since the SY0-501 exam is supposed to contain substantially more validation of hands on skills. This implies more performance based questions on the exam, although CompTIA has not provided information regarding any new exam layout. Indications suggest a similar base of 90 multiple choice questions, with several multiple choice questions being swapped out for each performance based question that the candidate encounters on the exam. Although enforcement may be difficult, CompTIA suggests that hands on labs should be robust and mandatory given the new exam requirements. I consider this an indication that practical application of skills will be more important that rote knowledge or memorization for the new exam version.
CompTIA suggests that 25% of the exam content has changed and that the content is both broader and more in depth. Credential changes are typically based on the Job Tasks Analysis Survey that CompTIA regularly conducts with CompTIA members and partner organizations. Current results suggest far less analysis and far more immediate issue resolution on the Security+ exam. This may be in part due to the new Cyber Security Analysis (CSA+) credential being introduced by CompTIA. CSA+ is now considered the intermediate security credential, while Security+ is being defined more as a skilled, entry level credential.
The exam also places more emphasis on Risk Management, the expanding roles of Cybersecurity jobs (and their required skillsets), and replacement of ‘legacy’ technologies with newer tools. Expanded areas include expansion of spyware, ransomware, threat and attack identification skills, and incorporation of more PKI knowledge within the cryptography realm.
How do I apply for the new exam?
The CompTIA exam application process has not and will not change with the release of the SY0-501 exam. The cost of the exam remains the same, at $320 US. You will still to acquire an exam voucher and schedule examination through Pearson Vue testing centers.
How does the S0=501 Security+ exam fit within the CompTIA credential path?
CompTIA is now promoting an updated and slightly altered approach to the completion and maintenance of IT credentials. The approach is heavily driven by ISO 17024, DoD 8140, and DoD 8570.01-M that require continuing education that meets a three year review and potential grade level promotion.
The recommended CompTIA path now looks like:
- IT Fundamentals is a vocabulary, terminology and context credential offered directly from CompTIA that does not require any formal training or certification exam.
Following IT Fundamentals, all subsequent credentials require passing a forma examination through Pearson Vue testing centers
- A+ requires 6-9 months of IT/Technology experience and the completion of two certification exams (currently 220-901 and 220-902).
- Network+ requires 18 months of IT experience, training in networking infrastructure and technologies, and hands on skills with detailed emphasis on TCP/IP, UDP/IP, and internet packet header content.
- Security+ suggests a minimum of 2 years of IT/technology experience that includes A+, Network+, or equivalent skill sets.
NOTE: Security+ candidates will be expected to have a clear understanding of A+ and Network+ terminology and knowledge which may be incorporated into the Security+ exam. Given the increased content volume on the SY0-501 exam very few training vendors will be able to bring students up to speed on A+ and Network+ content during a week of Security+ training. A candidate should have commensurate skills before taking an SY0-501 class in order to gain optimal benefit from the class or toward exam preparation.
- CSA+, Cyber Security Analysis+ requires at least 3 and suggests 4 years of IT or technology experience. This credential requires a much higher level of analytical knowledge and skills guiding and leading more detailed preparation and response to cyber threats. This is now considered the intermediate security credential. Related, intermediate cybersecurity job offerings are touted as the fastest growing career sector within the IT industry.
- CompTIA CASP, CompTIA Advanced Security Practitioner certification is considered the most advanced security credential available through CompTIA /Pearson Vue. CompTIA recommends 5-10 years of hands on technology security experience, and equates the credential to the CISSP credential offered by (ISC)2.
What do the test domains for the SY0-501 exam look like?
Although a few of the domain titles have changed, and the objectives content sequence is altered, the framework surrounding security content is much the same. Expectations for the knowledge set required of the Security+ candidate are much broader, so a week of classroom training must contain more content and hands-on experience in order to be effective. Expect five long days if you want to gain experience sufficient for exam passage without multiple sources and extensive outside preparation.
| Threats, Attacks, & Vulnerabilities | 21% |
| Technologies & Tools | 22% |
| Architecture & Design | 15% |
| Identity & Access Management | 10% |
| Risk Management | 14% |
| Cryptography & PKI | 12% |
There is an increase from 33 to 37 objective sets. This gives a small indication of the increased breadth of the examination (and class delivery) content.
Given a first look at the detailed objectives, we have covered much of the new content extensively in the classroom based on our instructor knowledge and skill sets. For instance, cryptography content has always been present and the new objectives significantly expand PKI expectations. Interface Technical Training has always expanded PKI content for our students. The shift will be more heavily related to newer generation tools and considerations based on major global cyberattacks and their responses.
Who should take the new SY0-501 exam?
Anyone interested in entering or maintaining competitive advantage and job security within the following four job sets, as defined by CompTIA exam objectives:
- Systems Administrator
- Network Administrator
- Security Administrator
- Junior IT Auditor/Penetration Tester
The fourth job description introduces new requirements to the Security+ credential, and related job skills are the source of much new hands on expectation and tools understanding.
What will the new exam look like?
This is the one area that CompTIA has not disclosed. Prior exam content did not exceed 90 questions and had to be completed within 90 minutes, with a passing score of 750 on a scale of 100 to 900. The expansion of performance based materials and questions may influence a change in the number of questions, exam duration, and required passing score. Stay tuned!
That covers the basics for the new SY0-501 exam. Watch our website for related course postings, and our blog entries for relevant content as we discover and confirm its relevance.
I look forward to seeing you in the classroom, or online!
Steven Fullmer
Interface Technical Training Staff Instructor
Steve teaches PMI-PBA: Business Analysis Certification, PMP: Project Management Fundamentals and Professional Certification, Windows 10, and CompTIA classes in Phoenix, Arizona.
