As I’m updating the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide, I’ve noticed that the SY0-601 is much more comprehensive. There’s a lot more for test takers to study and understand.
I was wondering if I was just imagining this so I took some time to analyze both sets of objectives. The following table shows how many line items are in each set of objectives. As an example, Objective 1.1 in the 601 objectives has 33 line items such as Phishing, Smishing, and so on.
| Domain | 501 | % | 601 | % | Diff |
| 1 | 130 | 21 | 254 | 24 | + 124 |
| 2 | 203 | 22 | 328 | 21 | +125 |
| 3 | 195 | 15 | 329 | 25 | +134 |
| 4 | 76 | 16 | 152 | 16 | +76 |
| 5 | 150 | 14 | 160 | 14 | +10 |
| 6 | 124 | 12 | |||
| Total | 878 | 1223 | +345 |
Do you have a question about SY0-601?
Every time I write about a new version of an exam, I’m flooded with common questions. If you have a question about the SY0-601 exam, check out this list of frequently asked questions.
SY0-601 Adds About 40% Content
As you can see in the above table, the SY0-501 exam has about 878 line items and the SY0-601 exam has about 1,223 line items. This equates to an increase of about 345 line items, or about 40% more content.
As an example, SY0-601 Objective 1.1 “Compare and contrast different types of social engineering techniques” includes the following new items:
- Eliciting information
- Prepending
- Invoice scams
- Credential harvesting
- Reconnaissance
- Pretexting
- Influence campaigns
- Hybrid warfare
- Social Media
But Wait, There’s More
The SY0-501 objectives includes this: “Example topics and concepts are included to clarify the test objectives and should not be construed as a comprehensive listing of all the content of this examination.”
The SY0-601 objectives includes this: “These content examples are meant to clarify the test objectives and should not be construed as a comprehensive listing of all the content of this examination.”
In other words, both exams can include content beyond what is listed.
Cryptography Not Removed
SY0-501 includes Domain 6 Cryptography and PKI but SY0-601 doesn’t have a Domain 6. This might look good, but don’t be fooled. Cryptography and PKI topics remain in SY0-601.
Most of the SY0-501 Cryptography and PKI objectives have been moved to SY0-601 objectives 2.8 “Summarize the basics of cryptographic concepts” and 3.9 “Given a scenario, implement public key infrastructure.”
More, you’ll find many new topics on cryptography. In SY0-601 objective 2.8, the following topics are new:
- Quantum
- Communications
- Computing
- Post-quantum
- Blockchain
- Public ledgers
- Lightweight cryptography
- Homomorphic encryption
- Entropy
Most, if not all, of the algorithms that were in the SY0-501 objectives have been removed from the SY0-601 objectives. However, it appears that SY0-601 2.8 “Summarize the basics of cryptographic concepts” requires the test taker to know the limitations of algorithms. It includes the following list:
- Limitations
- Speed
- Size
- Weak keys
- Time
- Longevity
- Predictability
- Reuse
- Entropy
- Computational overheads
- Resource vs. security constraints
In order to know the limitations of various algorithms, you have to know about some of them. Unfortunately, because they aren’t listed in the SY0-601 objectives, it’s difficult to know what algorithms you should know about. All of them?
In other words, removing the algorithms from the objectives while expecting you to know about their limitations, adds a layer of complexity to this objective. Perhaps I’m missing something. Time will tell.
SY0-601 Tests Your Knowledge of Scripting
There are several references to scripting included in the objectives. As an example, objective 1.4 “Given a scenario, analyze potential indicators associated with network attacks” includes the following list.:
- Malicious code or script execution
- PowerShell
- Python
- Bash
- Macros
- Visual Basic for Applications (VBA)
I studied PowerShell for about six months while teaching some related classes. While I gained a good understanding of the capabilities, I certainly didn’t master it. Instead, I learned how to look up topics that I didn’t know. More, I learned that if you want to use PowerShell to perform an administrative action, you can usually find a script online to meet your needs.
Python is a rich programming language used to create many websites. I took an online course a few years ago on Python, and while I learned quite a lot about it, it’s not something I use day-to-day. Much of my knowledge has slipped away.
Bash is a Unix (and Linux) command shell that can be accessed via the terminal on a Linux system. Similar to the command prompt in Windows, you can execute commands at the terminal. Windows allows you to string together multiple commands together in a batch file (.bat). If you execute the batch file, it runs all the command within the file. You can also string together Bash commands within a Bash script (.sh) and if you run the Bash script, it runs all of the Bash commands.
Macros and Visual Basic for Applications (VBA) run within Microsoft Office applications. Because they can be used maliciously, they are often disabled.
On the surface, this seems easy. The objective is “Given a scenario, analyze potential indicators associated with network attacks.” Malicious code will cause bad things to happen.
However, the objective seems to imply that if you see an indicator of a network attack, you need to determine which code or script type is being used. If you’ve been working in the field for ten years or more and dabbled with these scripts and programs, this may not be too hard. However, if you’ve only been working in the field for two years, this may be a little challenging.
SY0-601 Differences Summary
The SY0-601 objectives include about 40% new content. If you plan to take it, be aware that you will have a little more content to study.
