SY0-501 Study Guide
Woo Hoo! I’ve been working on the SY0-501 Study Guide for a few months now, but gratefully, the end is in sight.
I’ve finished the content for the last chapter and expect everything to move much quicker at this point. I still need to do another pass through it, but expect to pass it to the technical editor today or tomorrow at the latest. I’m also thankful that so many talented people are working behind the scenes to help me with this.
Update: The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is now available.
SY0-501 Next Version
In case you haven’t heard, CompTIA has announced the next version of the Security+ exam. You can still take the 401 version until July 2018 so there’s no need to rush to the 501 version if you don’t have.
Update: The Security+ SY0-501 exam was launched on October 4, 2017.
I frequently get queries from people on the 501 version. Here are a couple of common questions:
Q. Are you creating a 501 version of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide?
Q. When will the 501 version of the study guide be available?
I expect the paperback version to be available in October 2018. One of the important steps is to get it evaluated and approved as Certified Approved Quality Content (CAQC). That process takes as long as 30 days.
I expect the Kindle version to be available in September.
Q. Should I wait and take the 501 exam instead of the 401 exam?
If you want to delay your career, then by all means, wait.
However, if you have a need or desire to earn the Security+ certification, than study for and take the exam that is available now.
One of the biggest differences in the SY0-501 exam is that it covers much more than the SY0-401 exam. For example, the SY0-401 objective list includes 14 pages of actual objectives. In contrast, the SY0-501 exam includes 18 pages of objectives. That’s four more pages of detailed objectives.
This might not be apparent though due to how CompTIA recently reformatted the objectives.
What’s the same?
Many of the objectives are familiar. Here’s a summary of many of the familiar topics.
- Networking. There is still a heavy emphasis on networking topics. The 401 version included Domain 1 Network Security, which was 20% of the exam. The 501 version doesn’t have a Network Security domain, but networking topics are included in many of the new domains.
- Malware and attacks. Many of the common malware types and attacks are included, but there are some new ones.
- Vulnerability and penetration testing. Many of the familiar vulnerability scanning and penetration testing objectives remain.
- Protocols. Many of the familiar protocols are included. However, there is very little mention of ports. In contrast, the 401 version tested ports heavily,
- Risk management. Many of these topics are familiar though there are some additions such as understanding a supply chain assessment.
- Cryptography. Many of the cryptography topics are familiar, but there are some new ones.
For example, there is still a heavy emphasis on networking topics and most of the cryptography topics are the same. Similarly, many of the malware and attack topics are similar, though there are some changes and additions.
A lot. Here’s a summary of many the new items.
- Command line tools. Many specific command line tools are listed such as netstat, tracert, tcpdump, nmap, and netcat.
- Linux. Many specific Linux commands are listed in the objectives. For example, ifconfig is only on Linux systems. Additionally, the objectives open up the possibility of including many more Linux commands. As an example, do you know what chroot is for?
- Programming and development concepts. I was a little surprised at how many programming and development concepts were included in the objectives. Some are basic concepts such as error handling and input validation. However, some are advanced such as normalization, stored procedures, dead code, obfuscation, and more. I wonder how easy these concepts will be for IT professionals without programming experience to master.
- Mobile devices. There is a huge expansion of mobile device coverage. Some of the items are trivial such as “Cellular” as a connection method. There are very few people seeking the Security+ certification that don’t have a cellular phone. But many of the items are complex such as sideloading, rooting, jailbreaking, USB OTG, WiFidirect, and more. There is also increased coverage of mobile device management concepts.
- Embedded systems. One objective is to explain the security implications of embedded systems with a list of systems. While the security implications are common for most of these items, test takers will need to know many acronyms such as SCADA, ICS, IoT, HVAC, SoC, RTOC, MFD, and UAV.
- Use cases. There is an extensive list of use cases. While these can be relatively easy to create in a work environment, they often mean different things to different people. For example, developers create use cases one way and management creates use cases another way. While IT administrators can create them, it isn’t common. I wonder how the test item writers interpreted these objectives.
SY0-501 Study Guide Online Content
With all the new objectives, a challenge I’ve had is keeping the book at a manageable size while also covering all the objectives. I decided to create some online materials that will be free to anyone with the study guide. While these materials aren’t ready for prime time yet, they will include additional practice test questions, some sample performance-based questions, and labs.