New Security+ Exam Coming 2017

The new CompTIA Security+ SY0-501 exam will replace the current SY0-401 exam. The Job Task Analysis for this new exam was started by CompTIA back in September 2016. However, due to some delays the SY0-501 exam objectives were not released to their Academic Partners until last month. The SY0-501 exam objectives will probably be available to the general public from CompTIA in April 2017, and the new exam is projected to go live October-November 2017. The current SY0-401 exam will be retired 6 months after this new exam released.

So what's in the new exam objectives that will be on the new test? It's interesting to compare these new exam objectives with previous objectives. The SY0-301 (2011-2014) had 11 pages of exam objectives (excluding the appendices). The current SY0-401 (2014-2017) exam objectives has 15 pages. The upcoming SY0-501 exam objectives has 20 pages. So there is much more material in it. Comparing the domains and percentages of SY0-401 with SY0-501 reveals the following:

1.0 Network Security (20%)
2.0 Compliance & Operating Security (18%)
3.0 Threats & Vulnerabilities (20%)
4.0 Application, Data & Host Security (15%)
5.0 Access Control & Identity Management (15%)
6.0 Cryptography (12%)

1.0 Threats, Attacks & Vulnerabilities (21%)
2.0 Technologies & Tools (22%)
3.0 Architecture & Design (15%)
4.0 Identity & Access Management (16%)
5.0 Risk Management (14%)
6.0 Cryptography & PKI (12%)

My personal observations after working with the new exam objectives are that this is a very strong update. They have eliminated many items that should be eliminated and added many items that should be added. And they've done a good job at eliminating duplicates in the objectives, something that has been a minor problem in previous exam objectives. So SY0-501 becomes more current and relevant for learning security.

So what about new material to support the new Security+ exam? Work has already started on the new Cengage Security+ Guide to Network Security Fundamentals 6th edition. Due to the CompTIA delays the textbook not be available for the start of the Fall 2017 semester. However, it will be available about the same time the new SY0-501 exam goes live, which will be October-November 2017, so that schools that want to teach the new exam in Spring 2018 will be ready to do so.

There are some updates to the new textbook. There are changes in chapter sequencing (i.e., cryptography is moved up to Chapters 3-4 since it now is much more important in protecting against attacks). There are updated section units the group common security chapters together for a more comprehensive understanding of security topics. And the Hands-On Projects are expanded in the companion Lab Manual and in MindTap Virtual Machines, providing a pathway for students to begin with basic projects and then advance through intermediate and advanced level projects. New Blooms taxonomy mappings will help connect the exam objectives to learning outcomes. Finally, all new figures in the book will reflect a more modern design.

Over the next several months we will provide more in-depth information about the new SY0-501 exam and the accompanying Cengage Security+ Guide to Network Security Fundamentals 6th edition.

Stay secure!