CompTIA Security+ 601 Update

The New Security+: SY0-601

The New Security+: SY0-601 1200 628 N2K

Even a Global Pandemic Couldn’t Delay the CompTIA Update

The last time CompTIA touched the Security+ was October of 2017. This was the year of the data breach impacting billions of customers from Equifax to millions of US voters. It also signified the power of ransomware, in the form of the WannaCry cyber attack, affecting over 300 thousand machines in a mere four days. But in the interim, there has been tremendous growth in cyberwarfare, ransomware, IoT botnets, and more organizations facing new cloud challenges with shadow IT as the global pandemic continues to rage on. So, it was definitely time for a content revamp.

What’s new with Security+?

Released in November of 2020, there are 9 new objectives on SY0-601, emphasizing potential indicators of compromise and more types of social engineering techniques, as well as:

  • Cloud-based security controls
  • Additional mobile and IoT vulnerabilities
  • Incident response policies, processes, and procedures
  • Incident investigation using data sources
  • Applying mitigation techniques or controls during an incident
  • Penetration testing and Linux-based file tools
  • More regulations, standards, and frameworks for security best practices and compliance

Instead of 6 domains, the new Security+ breaks up cryptography into the first three domains, with a total of 5 domains:

SY0-601 Domains
New
Old
Attacks, Threats, and Vulnerabilities 24% (+3%) 21%
Architecture and Design 21% (+6%) 15%
Implementation 25%  (+3%) 22%
Operations and Incident Response 16%  16%
Governance, Risk, and Compliance 14% 14%
Cryptography and PKI (0%) 12%

Note that the Technologies and Tools domain has been split up between the Implementation and Operations and Incident Response domains in the SY0-601.

Do I have to take the new Security+?

It depends. If you are currently studying for the previous version, SY0-501, then you have until July 31st to take that certification exam. If you already hold your Security+ certification, no matter which version, you can earn Continuing Education Units (CEUs) to renew the certification every three years. But if you have let your certification expire, then you will need to re-take the Security+ exam.

What’s the Security+?

Let’s revisit the obvious question. The CompTIA Security+ has been a baseline certification used by the US Department of Defense and globally by other organizations to validate core cybersecurity competency for entry-level positions since 2008. In fact, the Security+ is listed specifically as an approved certification across several roles within the Department of Defense Directive (DoDD) 8140/8570. According to CompTIA, the Security+ certification is the equivalent of 2 years of experience in a security or systems administration role. Before taking the certification, candidates should have experience in IT and computer networking, basic knowledge of security concepts, and some familiarity with common security controls. Having CompTIA’s Network+ under your belt is a huge advantage as well, though it is not a prerequisite.

Is the new Security+ exam experience any different?

No. Both the SY0-501 and SY0-601 are tested by a 90-minute exam with up to 90 multiple-choice and performance-based questions. The passing score is still about 80% (750/900) with the new exam. You can take the exam at an official Pearson/VUE test center or at home with remote proctoring through the use of an exam voucher.

What’s on the Security+?

At a high level, the Security+ certification incorporates best practices in hands-on troubleshooting, ensuring candidates have practical security problem-solving skills required to:

  • Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions
  • Monitor and secure hybrid environments, including cloud, mobile, and IoT
  • Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance
  • Identify, analyze, and respond to security events and incidents

What can I do with the Security+?

Should you earn the Security+, you can either round out your current IT career with some cybersecurity know-how or take the first step towards a specialized security role in penetration testing, incident response, or security analysis. According to Cyberseek, Security+ is one of the top 5 most requested certifications in the cybersecurity workforce, with 19% of current US security employees already Security+ certified. The median pay for these positions is $83.5K.

Why does my Workforce Need the Security+?

The Security+ was updated to ensure improve the security posture of organizations by providing:

  • Updated coverage of the latest threats, attacks, and vulnerabilities, including IoT weaknesses, new DDoS attacks, and social engineering attacks reflecting current events
  • Additional coverage of enterprise environments and reliance on the cloud as more organizations make the transition
  • Expanded focus on administering identity, access management, PKI, basic cryptography, wireless, and end-to-end security
  • Additional security assessment and incident response procedures, including basic digital forensics
  • Additional coverage on compliance to regulations, such as PCI-DSS, SOX, HIPAA, GDPR, and NIST

What does N2K Offer for Security+ Training?

An online on-demand and live instruction model that will fit just about any busy schedule. Kaplan is our sister company, so we have embedded the Kaplan Way of Excellence in our course:

  • Prepare: Knowledge is acquired through demonstration and examples at the topic, objective, and domain levels
  • Practice: Knowledge is applied through simulation and practice using knowledge checks, cloud-based labs, and practice tests
  • Perform: Proficiency is evaluated by comparing the initial diagnostic to the final exam performance

Although our comprehensive course can be consumed at whatever pace you’d like, we recommend our live five-week program for the best results.

What’s in N2K’s Security+ Comprehensive Course?

In a nutshell, it is your one-stop certification prep headquarters, which evaluates your strengths and weaknesses early on, so that you can focus on what you need, not just click next through every single video. The course includes:

  • Over 130 on-demand videos from authorized trainers and industry experts
  • Over 30 cloud-based labs that map to Security+ exam objectives
  • Over 1,000 scenario-based, performance-based, and knowledge-based questions
  • Over 300 concept flashcards for rapid recall
  • Step-by-step activity feed with a detailed performance tracker
  • Study book, lesson book, and summary notes
  • Security+ SY0-601 Exam Voucher

This represents over 40 hours of learning content at your fingertips!

When can I get Started?

When you’re ready! The new N2K Security+ comprehensive courses are always enrolling and in Live Online and On-Demand formats, so it’s up to you when you or your team are available to take the next step.