A Closer Look at the Revamped Security+ Exam
A new Security+ exam is on the horizon — in just two days, to be exact. CompTIA announced the expected revamp to the exam associated with its vendor-neutral, globally popular IT security certification, the Security+.
If you are an IT newbie, there has never been a better time to start picking up the basics. With the new exam pending, the Security+ is a great place to begin building your IT security career. In this post, we take a look at what's new with the exam and why the Security+ is such a valuable certification.
Overview of the CompTIA Security+ Certification
The CompTIA Security+ certification has long been a stepping stone to a flourishing IT career. Because security is at the cornerstone of all things IT, the Security+ cert is valuable, even for those who pursue a specialized path beside security.
Like other CompTIA certifications, the Security+ is vendor-neutral, so it applies well to a range of organizations regardless of which technology is in place. In terms of subject matter, the certification "covers network security, compliance and operation security, threats and vulnerabilities as well as application, data and host security. Also included are access control, identity management, and cryptography."
The Security+ cert is considered entry-level, but it's helpful to have a couple years of day-to-day experience under your belt, along with some general security knowledge, before tackling the exam. Depending on your goals and experience, you may decide to start with the A+ or Network+ certifications before starting in on the Security+.
Typically, CompTIA releases new exams associated with its certifications every three years. Because the last version, the SY0-401, was released in May 2014, we expected a new version in 2017, and sure enough, it's just about here!
What to Expect with SY0-501
The Security+ certification will continue to be focused on foundation-level security, compliance, threats, and vulnerabilities, which means that the spirit of the Security+ exam won't change. But cybersecurity has advanced, and new threats have emerged since 2014.
So what exam changes should we expect?
Comparing the new 501's objectives to the 401, there are some additions and subtractions. The dedicated Network Security section was removed, but that doesn't mean that the topic is completely gone. Objectives such as installing and configuring network components, implementing secure network architecture concepts, and other network security-related topics are still found throughout the exam.
In the new exam, you'll still be expected to demonstrate the implementation of secure protocols. However, a section addressing ports is no longer included. While the new exam removes some detailed sections like this, it also expands some areas such as cryptography. For example, test takers will now be required to explain cryptography algorithms such as cipher modes, something not found in the SY0-401.
The SY0-401 will not be retired until July 2018, so if you've done all your studying for that version, you still have a grace period in which to take the exam. But if you're just getting started, studying for and passing the SY0-501 is your best bet.
New Security+ Exam: The Details
While some details may continue to evolve right up until launch date, we have some information about the exam for you to use as you plan your training and study.
Launch Date: October 25, 2017
Price: $320 USD
Number of questions: Maximum of 90
Types of questions: Multiple choice and performance-based
Length of test: 90 minutes
Passing score: 750 (on a scale of 100-900)
Prerequisites: None, but CompTIA recommends at least two years of experience in IT administration, focused on security
Exam Objectives (Domains):
Threats, Attacks, and Vulnerabilities 21%
Technologies and Tools 22%
Architecture and Design 15%
Identity and Access Management 16%
Risk Management 14%
Cryptography and PKI 12%
Exam retirement: TBD (usually three years after launch)
With the new changes to the exam, earning your CompTIA Security+ certification ensures that you have the most up-to-date knowledge and skills required to secure networks, deter risks and threats, and effectively contribute to the overall security of an organization.
As with any new exam, the best study tips and guides will hit the market soon after the official launch. Stay tuned to CBT Nuggets for resources, study plans, and more. In the meantime, trainer Keith Barker is ready to help you train for the new exam!