2023-11-16
At Learning Tree, our commitment is to remain at the forefront of the ever-evolving cybersecurity landscape. Part of this is ensuring that the public is kept up to date about the latest and most consequential advances in the field. That's why, today, we are excited to share with you the most recent changes happening in the realm of CompTIA's Security+ certification.
Why It Matters
The Security+ certification, offered by the Computing Technology Industry Association (CompTIA), is a globally recognized benchmark for foundational cybersecurity knowledge. Obtaining the Security+ certification is widely recommended as an essential first step any IT professional just starting out should take to gain an understanding of the most basic and foundational knowledge about the field of cybersecurity because of its emphasis on a wide range of fundamental security concepts and practices.
Obtaining a CompTIA certification has become synonymous with credibility in the cybersecurity industry. It has become a core requirement for several advanced certifications in the field, including for those working within the US Government to obtain a DoD 8570 certification (soon to be DOD Directive 8140), as well as for IAT Levels II and III.
The Security+ certification has long been recommended as the first step for IT professionals entering the field of cybersecurity. It strongly emphasizes fundamental security concepts and practices, covering a broad range of topics.
The Evolution
The Security+ certification undergoes periodic updates to keep pace with the ever-changing world of cybersecurity. Generally, these updates occur every three years. With each new version, CompTIA introduces changes to the exam objectives, requirements, and the tested concepts and technologies. For instance, the previous iteration, SY0-601, saw the introduction of topics like the Internet of Things (IoT), Security Information and Event Management (SIEM), and emerging technologies such as blockchain, quantum, and cloud. This time around, each of the five domains has been shifted with more streamlined and refined topics.
What to Expect
The SY0-701 version represents a new frontier in the CompTIA Security+ certification. It is expected to emphasize practical skills and include more performance-based questions to evaluate candidates' knowledge of specific commands and cybersecurity tools.
The general structure of the exam will remain the same: candidates will have 90 minutes to complete up to 90 multiple-choice and performance-based questions. Candidates will still need a score of 750 out of 900 to pass, which is approximately 83%. However, that is where the similarities appear to end.
Deeper Expectations
This new version of the exam is expected to be more challenging than its predecessor, the SY0-601. It's not just about expanding the number of concepts; it's about increasing their complexity. CompTIA has also updated its experience recommendations in line with these changes, now suggesting having already obtained a Network+ certification. This is significant as Network+ represents a technical understanding of fundamental networking, protocols, ports, and device technologies.
This skill set will be critical to success and keeping up with the new material. However, not all topics remain the same; some areas recently added to the SY0-601 have already been removed, such as quantum computing, adversarial artificial intelligence, and homomorphic encryption.
Here is a quick comparison between the two exam domain topics and the differences between them:
SYS-601 Exam Domain Topics |
SYS-701 Exam Domain Topics |
1.0 Attacks, Threats, and Vulnerabilities |
1.0 General Security Concepts |
2.0 Architecture and Design |
2.0 Threats, Vulnerabilities, and Mitigations |
3.0 Implementation |
3.0 Security Architecture |
4.0 Operations and Incident Response |
4.0 Security Operations |
5.0 Governance, Risk, and Compliance |
5.0 Security Program Management and Oversight |
The Details
Here are some of the more specific topics added to the official exam objectives:
- Zero Trust: 701 will continue to dive deeper into fundamental security concepts such as zero trust and the more technical processes to achieve. Students must now understand topics such as the control and data plane within that security model.
- Change, Control and Risk Management: New terms and concepts relating to business processes and the tools we utilize to manage them. Much more will be expected related to the change control process outside of ITIL, improved and expanded risk management topics, and the entire new section on Control management.
- Cloud Infrastructure, Access, and Design: With increased use and reliance on the cloud, the new 701 exam follows suit, expanding on concepts such as cloud infrastructure considerations, secure server access and management, and general cloud connectivity mechanisms. More emphasis is placed on security devices and software.
- Government Agencies, Vendor Assessment Supply Chain: We will now need to be familiar with more government agencies and their role in developing, managing, and influencing security. Similarly, the supply chain and its related risks are also covered with more granularity.
- Security Awareness Implementation and Greater Incident Response: Security awareness training and steps to conduct successful training are now part of the exam objectives. Incident response has also been redesigned to be more focused with additional concepts.
- Updated Graphics and Streamlined Content: Updated Graphics and Streamlined Content: CompTIA has clearly redesigned the layout of the material, which is provided more logically: each section leads into the next one in a more understandable format. CompTIA also has updated pictures and graphics to depict the described topics accurately.
Time Matters!
The clock is ticking for individuals aspiring to achieve the Security+ with previous vouchers. The SY0-701 exam was released on November 7th, initiating a 6-month sunset date for the SY0-601 exam. You will have until July 1st, 2024, to use those vouchers and pass the SY0-601 exam.
If you're already studying for SY0-601, continue your preparation for that version and take the exam before its sunset date. Afterward, consider transitioning to SY0-701 to stay current with cybersecurity trends. You don't want to invest time studying for the SY0-601 but run out of time to take the exam.
Your Trusted Partner
As mentioned above, the SY0-701 exam is expected to be significantly more challenging. It's essential to be well-prepared, and Learning Tree is not only here to support you on your journey to becoming a cybersecurity expert but is regarded as the trusted choice for preparing candidates for the Security+ training and certification as an award-winning organization with over 50 years of experience, vast instructor expertise, and recognized by CompTIA as a leader in course delivery and supporting organizational growth.
This expertise has been instrumental in helping countless candidates master the material, pass the exam, and successfully complete the Security+ certification. Our expertise and insights into the field, combined with the capabilities of our instructors, will prepare you to thrive in this dynamic and ever-evolving cyber landscape.
In addition to providing personalized guidance for those interested in learning how both Security+ and prerequisites like Network+ could benefit their career trajectory, Learning Tree is leading the way in developing the most effective and up-to-date material to prepare you for the exam and understand the material for practical use.
As part of our course update, we offer 500 practice exam questions written by Gareth Merchant, an expert in the field and the author of various CompTIA security study guides. These practice exams will help you prepare effectively for the Security+ certification.
To prepare for the Security+ certification, explore our course. This 5-day boot camp will equip you with the knowledge and skills needed to pass the SY0-701 exam. Remember, once a CompTIA certification is acquired, you can utilize the Continuing Education Units (CEUs) program, which offers various courses to help you earn the required training over a three-year period required to renew your certification—without having to re-test. Learning Tree also offers a cybersecurity knowledge check through our Skills Analytics tool, gaining insight into your team's ability to eliminate potential cyber threats and vulnerabilities.
What's Next?
The CompTIA Security+ certification is an essential stepping stone for anyone looking to establish themselves in the field of cybersecurity. With the transition to the SY0-701 version, staying updated and well-prepared becomes even more crucial.
Whether you want to expand your skillset, change careers or are looking to check a box, Learning Tree International is your trusted partner in this journey. Our expertise, comprehensive course materials, and practice exams will equip you with the knowledge and skills needed to excel in the dynamic and ever-evolving field of cybersecurity. Join us in embracing the challenges and opportunities presented by the new SY0-701 version of the CompTIA Security+ exam.
Secure your future with the best cybersecurity training and talent solutions. Your success starts with us.