Security+ Exam SY0-501 vs 601: What’s New?

We've said it before, cybersecurity is one of the most sought-after competences for all sizes of enterprises. Employers use security certifications as one way to evaluate the expertise of current and prospective security staff. Faced with the pervasive threat of "bad actors" breaking in, disrupting operations, and stealing valuable information, they need staff at many levels with security expertise.

It's not only expert architects, engineers, and analysts that organizations need. They also need qualified administrators to handle the day-to-day security activities to protect enterprise systems, networks, and information. And that's where CompTIA's Security+ certification comes into play. As the leading vendor-neutral certification, it is widely acknowledged as an ideal way to validate baseline security skills.

Because of the ever-changing cybersecurity landscape — the morphing of threats and the evolution of technology — CompTIA updates its certifications every three years. The current CompTIA Security+ certification exam (SY0-501) will be retired on July 31, 2021, at which point it will be replaced by the Security+ SY0-601 exam.

Any time there is a change in a certification process, it raises questions for those who are already certified, those who are on the current certification track, and those who are yet to start. This post will discuss the changes between SY0-501 and SY0-601 and help answer the following questions:

• I am SY0-501-certified already! What does SY0-601 mean to me?

• I am ready to take the SY0-501 exam! Should I go ahead or go for the new exam?

• I'd like to get security-certified! Should I go for the CompTIA Security+ cert?

Then we'll talk about how to prepare for the exam. But first, let's take a look at the changes and what you should expect on the CompTIA Security+ SY0-601 exam.

CompTIA Security+ SY0-601: What's Changed from SY0-501?

Since the CompTIA Security+ SY0-501 curriculum and exam were introduced, there has been a realization that increased emphasis needed to be placed on the core facets of cybersecurity, including security controls, incident response, and forensics. With the continuing trend toward hybrid environments with cloud, mobile, and IoT operations, this has placed a premium on sysadmins and network admins who are proficient in all aspects of day-to-day security management.

Security administrators must be able to determine and implement the appropriate security solutions for the organization's hybrid environment, and then monitor those solutions, identifying and responding to security events and incidents. In addition, certified security professionals must understand and operate within the applicable principles of risk, compliance, and governance.

To this end, the new CompTIA Security+ SY0-601 is more focused but goes deeper than its predecessor. The new exam has five domains — one fewer than SY0-501 — and has fewer objectives (35) but 25% more examples than the previous exam. In their SY0-601 certification exam objectives document, CompTIA states that the new Security+ cert is equivalent to two years of hands-on experience working in a security/systems administrator job role.

The new exam features the following domains:

• Attacks, Threats, and Vulnerabilities (24%)

• Architecture and Design (21%)

• Implementation (25%)

• Operations and Incident Response (16%)

• Governance, Risk, and Compliance (14%)

To give you an example of the depth covered by the exam, let's look at the Threats, Attacks, and Vulnerabilities domain. Here, you'll be expected to be able to identify and explain over 20 different social engineering attack techniques, as well as different threat actors, vectors, intelligence sources and the security concerns associated with various types of vulnerabilities. In addition, you'll be required to analyze given scenarios to identify over 30 types of attacks on systems, networks, and apps, such as malware, cloud-based and on-premises attacks, adversarial AI, API attacks, Secure Sockets Layer (SSL) stripping, distributed denial-of-service (DDoS), etc., etc.

Although the content and focus of the SY0-601 exam has changed, its structure has not. The exam still features up to 90 multiple-choice and performance-based questions. The exam is 90 minutes long, and you will need to score at least 750 on a scale of 100-900 to earn your Security+ certification.

You can take the CompTIA Security+ SY0-601  exam online or in-person at a Pearson VUE testing center. In the United States, an exam voucher costs $370 (USD).

Who Should Take the Security+ SY0-601 Exam?

Of course, since the SY0-501 certification exam is set to retire in July 2021, anyone thinking about getting or renewing their Security+ should take the new exam. Here are some additional scenarios where it makes sense to take the new exam:

You’re Already Security+ Certified

If you have already passed the SY0-501 exam, then your Security+ cert is valid for three years from your certification date. At that time, you will need to take the then-current exam to renew your certificate. Employers typically look at the Security+ certification itself, rather than the specific exam. So, unless your job specifically demands SY0-601 certification, there is nothing you need to do.

You’re Ready to Take the SY0-501 Exam

Perhaps you have already begun studying for the SY0-501 exam? Well, you have until the end of July 2021 to take it, after which you will have to take the new exam. Should you take the SY0-501 exam or go straight for the new one? Unless your job, or the one for which you are aiming, specifically requires the SY0-601 exam, then it's really up to you. Check out the exam objectives documents and practice questions for each exam. Decide which exam do you feel better prepared for — and make your choice!

If you take and pass the SY0-501 exam, then you will be Security+ certified for the next three years before you must renew.

Looking to Get Security-Certified?

Are you a junior-level IT administrator, helpdesk technician, or cloud engineer looking to move into cybersecurity? Perhaps you are a DevOps engineer, a developer, or an IT auditor wanting to add security skills to your resume?

In any of these cases, you should consider the CompTIA Security+ certification as your first step. If you aspire to work in IT for the US Federal Government, then Security+ is one of the security certifications approved by under Department of Defense (DoD 8570.01) guidelines.

For you, the SY0-501 versus SY0-601 debate is a no-brainer! Start studying right away for the new CompTIA Security+ (SY0-601) certification exam.

Preparing for the Security+ SY0-601 Exam

Before you embark on your Security+ SY0-601 certification journey, take note of CompTIA's recommended candidate experiences. They suggest that candidates who attempt the exam should have at least two years of work experience in IT sysadmin, with a focus on security and hands-on technical infosec experience. Don't worry if you don't have that experience. Share your cybersecurity goal with your manager and ask for assignments that will help you build experience.

Your next step should be to see what your course of study must cover. CompTIA provides a detailed drill-down into the topics covered in each SY0-601 certification exam section. In preparation for taking the SY0-601 CompTIA Security+ certification exam, check out our CBT Nuggets' CompTIA Security+ video training, which includes videos, in-video quizzes, and a complete Kaplan IT SY0-601 practice test.

Final Thoughts

CompTIA Security+ was already recognized as a foundational infosec certification and the new SY0-601 certification exam will further strengthen the perceived value of the cert. You can be assured that earning the certification will help develop the baseline skills that you will need for a successful career in cybersecurity. Start learning today with CBT Nuggets!