You’ll notice several SY0-401 differences in Threats and Vulnerabilities compared to the SY0-301 exam. While the objectives are very similar, several of these objectives have new topics within them. However, this domain has more topics compared with the previous version, the weighting of the domain is reduced by 1% to 20%. You can expect to see as many as 20 questions on this topic.
This post is a part of a series showing all the SYO-401 differences compared to the SY0-301 exam. Here are links to all the pages in the series:
- SY0-401 Differences in Domains
- SY0-401 Differences in Network Security
- SY0-401 Differences in Compliance and Operational Security
- SY0-401 Differences in Threats and Vulnerabilities
- SY0-401 Differences in Application, Data and Host Security
- SY0-401 Differences in Access Control and Identity Management
- SY0-401 Differences in Cryptography
- SY0-401 Differences in Acronyms
SY0-301 Available Until December 31, 2014
Remember, you can still take the SY0-301 exam up until December 31, 2014.
Hiring managers rarely care what version of Security+ you have. They only want to know you are Security+ certified. Unless you want to be on the bleeding edge of this certification, you don’t need to pursue the 401 version.
At this writing, there is a limited amount of material available for the 401 version. However, there is plenty of study material available for the 301 version. Many people tell me they take and pass the Security+ exam within 30 days after getting this book: CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.
CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide is now available.
SY0-401 Differences in Malware
The first objective covers malware with only a slight difference in the wording of the objective. This indicates less of a focus on comparing malware with each other but instead understanding each type on its own.
| SY0-301 | SY0-401 |
| Analyze and differentiate among types of malware | Explain types of malware. |
Interestingly, worms have been removed from the objective list.
However, the following items were added:
- Ransomware
- Polymorphic malware
- Armored virus
The 601 Version of the Study Guide
The CompTIA Security+: Get Certified Get Ahead: SY0-601 Study GuideEach of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.
You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.
Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:
- A 75 question pre-test
- A 75 question post-test
- Practice test questions at the end of every chapter.
Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.
If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.
SY0-401 Differences in Attacks
CompTIA changed the wording in this objective placing less emphasis on the attacks. In general, it’s easier to summarize a topic than it is to analyze and differentiate to compared with other topics.
| SY0-301 | SY0-401 |
| Analyze and differentiate among types of attacks | Summarize various types of attacks. |
CompTIA added several additional attacks in this section. They are:
- Password attacks
- Brute force
- Dictionary attacks
- Hybrid
- Birthday attacks
- Rainbow tables
- Typo squatting/URL hijacking
- Watering hole attack
Master Security+ Performance Based Questions Video
SY0-401 Differences in Social Engineering
While this objective first might look like it’s placing less emphasis on social engineering with the word “summarize,” CompTIA has actually increased the required knowledge for this objective by requiring you to also know the associated effectiveness of each attack.
| SY0-301 | SY0-401 |
| Analyze and differentiate among types of social engineering attacks | Summarize social engineering attacks and the associated effectiveness with each attack. |
The following topics provide clarification of what CompTIA is looking for related to the effectiveness of attacks.
- Principles (reasons for effectiveness)
- Authority
- Intimidation
- Consensus/Social proof
- Scarcity
- Urgency
- Familiarity/liking
- Trust
SY0-401 Differences in Wireless Attacks
This objective only includes a slight difference in the wording.
| SY0-301 | SY0-401 |
| Analyze and differentiate among types of wireless attacks | Explain types of wireless attacks. |
Several additional topics were added to existing wireless attacks. Most of these are new but WEP/WPA attacks were included in other objectives in the previous version of the exam.
- Jamming/Interference
- Near field communication
- Replay attacks
- WEP/WPA attacks
- WPS attacks
 | Pass the First Time! |
Up-to-date Content
New multiple-choice and performance-based questions added regularly
Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.Buy The Full Access Study Package Today
60 Days Access
Need more time? You can easily renew for another 60 days at a significantly reduced price.
All materials are available online shortly after making your payment.
Get the Security+ Full Access Study Package Here
Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.
This exam is expensive.
Make sure you’re ready before exam day.
Here’s what you’ll get:- All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
- Over 40 new multiple-choice questions we’ve added after publishing the study guide.
- Over 30 performance-based questions. See a demo here.
- All of the flashcards from the study guide. View them in any Web browser.
- All of the audio from the study guide. Listen to a sample here.
- Access to a free discount code for 10% off your Security+ voucher.
Buy The Full Access Study Package Today
60 Days Access
All materials are available online shortly after making your payment.
SY0-401 Differences in Application Attacks
This objective places less emphasis on comparing attacks, but instead just expects you to them well enough to explain them.
| SY0-301 | SY0-401 |
| Analyze and differentiate among types of application attacks | Explain types of application attacks. |
All of the attacks listed in the SY0-301 exam are included in the SY0-401 exam. Additionally, the following topics were added:
- Integer overflow
- LSO (Locally Shared Objects)
- Flash Cookies
- Arbitrary code execution / remote code execution
SY0-401 Differences in Mitigation
While the knowledge required for the following objective stays the same, CompTIA did alter the wording slightly indicating that you’ll see these questions within a scenario.
| SY0-301 | SY0-401 |
| Analyze and differentiate among types of mitigation and deterrent techniques | Analyze a scenario and select the appropriate type of mitigation and deterrent techniques. |
Several of the bullets within this objective have changed. Most of the original topics remain but the following bullets were removed:
- Manual bypassing of electronic controls
- Failsafe/secure vs. failopen
However, a later objective still includes Bypass security controls.
The Physical security topic is removed, but it has been added to a different objective in the Compliance and Operational Security domain.
Last, the Port security topic has been renamed to Network security. It includes the following two new topics:
- Disabling unused interfaces and unused application service ports
- Rogue machine detection
The first bullet is similar to the SY0-301 bullet of Disabling unused ports, but you can see that it has been expanded to include both physical ports and logical ports.
| Pass the First Time! |
Up-to-date Content
New multiple-choice and performance-based questions added regularly
Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.Buy The Full Access Study Package Today
60 Days Access
Need more time? You can easily renew for another 60 days at a significantly reduced price.
All materials are available online shortly after making your payment.
Get the Security+ Full Access Study Package Here
Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.
This exam is expensive.
Make sure you’re ready before exam day.
Here’s what you’ll get:- All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
- Realistic SY0-601 Security+ Practice Test Questions
- Performance-based questions.
- All of the flashcards from the study guide. View them in any Web browser. See demo here
- All of the audio from the study guide.
- Access to a free discount code for 10% off your Security+ voucher.
Buy The Full Access Study Package Today
60 Days Access
All materials are available online shortly after making your payment.
SY0-401 Differences in Tools and Techniques
The wording of this objective is slightly altered but the word “implement” isn’t much different than “use.” The biggest change here is that questions are likely to be in a scenario format and the topic is not limited to only assessment tools and techniques.
| SY0-301 | SY0-401 |
| Implement assessment tools and techniques to discover security threats and vulnerabilities | Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities. |
The first bullet expands Vulnerability scanning and interpret results to the following bullet:
- Interpret results of security assessment tools
In the Tools bullet, Sniffer is removed but Protocol analyzer remains so the topic isn’t substantially different. Instead, it indicates CompTIA is moving away from the use of the slang word “sniffer.” The following tools were added to this bullet:
- Passive vs. active tools
- Banner grabbing
In the Assessment technique bullet, CompTIA slightly modified two topics:
- Architecture is changed to Review architecture
- Design reviews is changed to Review designs
SY0-401 Differences in Penetration Testing vs Vulnerability Scanning
The following objective is largely the same. CompTIA simplified it by removing the introductory phrase.
| SY0-301 | SY0-401 |
| Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning | Explain the proper use of penetration testing versus vulnerability scanning. |
The Penetration testing topic is the same but the Vulnerability scanning topic includes several new bullets. They are:
- Intrusive vs. non-intrusive
- Credentialed vs. non-credentialed
- False positive
SY0-401 Differences in Threats and Vulnerabilities Summary
The SY0-401 differences in Threats and Vulnerabilities include the addition of several new topics even though the weighting of the domain has been reduced by 1%. Still with a domain weighting of 20% you can expect to see as many as 20 questions from this domain. The only other domain that is this high is the Network Security domain.
