Read about the SY0-401 differences in Cryptography here. CompTIA has changed the weighting of this domain increasing it from 11% in the SY0-301 exam to 12% in the SY0-401 exam. You can expect to see as many as 12 questions on cryptography. Overall, most of the topics from the SY0-301 exam are in the SY0-401 exam.
Each of the objectives have been reworded to start with “Given a scenario…” but otherwise are the same. This phrase indicates that more questions might paint a picture first, and than ask a related question. For example, “Sally wants to send an email to Bob and provide assurances to Bob that she actually sent it. What should Sally do?” The answer is to use a digital signature.
This post is a part of a series showing all the SYO-401 differences compared to the SY0-301 exam. Here are links to all the pages in the series:
- SY0-401 Differences in Domains
- SY0-401 Differences in Network Security
- SY0-401 Differences in Compliance and Operational Security
- SY0-401 Differences in Threats and Vulnerabilities
- SY0-401 Differences in Application, Data and Host Security
- SY0-401 Differences in Access Control and Identity Management
- SY0-401 Differences in Cryptography
- SY0-401 Differences in Acronyms
SY0-301 Available Until December 31, 2014
Remember, you can still take the SY0-301 exam up until December 31, 2014.
Hiring managers rarely care what version of Security+ you have. They only want to know you are Security+ certified. Unless you want to be on the bleeding edge of this certification, you don’t need to pursue the 401 version.
At this writing, there is a limited amount of material available for the 401 version. However, there is plenty of study material available for the 301 version. Many people tell me they take and pass the Security+ exam within 30 days after getting this book: CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide. Even if it takes you a little longer, you’ll still have plenty of time to get the certification before December 31, 2014.
CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide is now available
SY0-401 Differences in General Cryptography Concepts
The following table shows how CompTIA modified the words for this objective. However, the intent is largely the same.
|Summarize general cryptography concepts||Given a scenario, utilize general cryptography concepts.|
All of the items from the 301 objectives are included. However, CompTIA added the following new items in this section.
- Session keys
- In-band vs. out-of-band key exchange
- Ephemeral key
- Perfect forward secrecy
Even though “session keys” is added as a new item, it was tested in the previous version. In order to understand asymmetric encryption, you need to understand how session keys are used. The other items are new.
SY0-401 Differences in Cryptographic Methods
This objective was also slightly reworded.
|Use and apply appropriate cryptographic tools and products||Given a scenario, use appropriate cryptographic methods.|
Most of the items from the 301 objectives are included in the 401 objectives. “Whole disk encryption” was removed and “Comparative strengths of algorithms” was changed to “Comparative strengths and performance of algorithms” broadening the scope of this topic. Additionally, CompTIA added several new items in this section.
- Cipher suites
- Strong vs. weak ciphers
- Key stretching
SY0-401 Differences in Public Key Infrastructure (PKI)
The 301 exam separated the PKI topics into two separate objective topics and the 401 exam combines these into a single topic.
|Explain the core concepts of public key infrastructure|
Implement PKI, certificate management and associated components
|Given a scenario, use appropriate PKI, certificate management and associated components.|
All of the items from the previous exam are included in the new exam. Additionally, CompTIA added two new items:
Master Security+ Performance Based Questions Video
SY0-401 Differences in Cryptography Summary
CompTIA is giving a little more weight to Cryptography in the 401 exam by upping it 1% to 12%. A primary difference in the cryptography domain is that each of the objectives are reworded and include the phrase “Given a scenario….” Only one item was removed (“Whole disk encryption”), but several new items were added.