The demands of a career in cybersecurity are changing fast. And CompTIA Security+ is changing to meet them. As the foundational IT certification in the CompTIA Cybersecurity Career Pathway, the newest iteration of the CompTIA Security+ serves as a springboard for cybersecurity careers, ensuring security professionals are better prepared to solve a wide variety of issues when securing and defending networks in today's complicated business computing landscape. Below, we’ve answered some of the questions you may have about the changes to CompTIA Security+ and how you can add this powerful updated certification to your resume.
Why should I get the new CompTIA Security+?
If you want to get a job in cybersecurity, the new CompTIA Security+ will provide you with an endorsement of your skills that is respected globally and industry-wide. This will work strongly in your favor with potential employers for entry-level cybersecurity positions. But just as importantly, CompTIA Security+ allows you to confirm to yourself that you've mastered the latest skills and concepts that act as the foundation of a career in cybersecurity. When you've earned CompTIA Security+, you can be confident that your skills are up to par.
What sort of questions should I expect on the new CompTIA Security+?
IT is a hands-on pursuit. Keeping a business of any size cybersecure requires thinking on the fly and deducing what choices to make. To accurately test this, many CompTIA certifications, including CompTIA Security+, include performance-based questions. The revamped CompTIA Security+ features questions that require you to apply knowledge in simulations of the type of situations you would find yourself in on the job – questions that go more in-depth than traditional multiple-choice questions.
CompTIA Security+ is the only entry-level cybersecurity certification that includes this type of hands-on evaluation. Those who earn it will uniquely demonstrate to employers that they have more than just an academic understanding of what's needed for the job. Test-takers report that performance-based questions take up about one-third of their total time on the exam.
Concepts like risk management and risk mitigation have quickly moved to the forefront of the world of cybersecurity. Malware is more nefarious, and hackers have developed craftier forms of social engineering and system entry. And new devices that require security protocols are emerging every day.
Keeping a business cybersecure requires entry-level security technicians to have a better picture of the full operations of a network than was necessary even five years ago. So, the skills for identifying strange behavior on networks, understanding how proper network architecture can mitigate the damage of cyber-attacks and other higher-level concepts have begun to filter down the job ladder.
To put it simply, the baseline skills security pros need to do the job at the entry level have increased, and the new CompTIA Security+ reflects that.
What’s different between SY0-401 and SY0-501?
As cybersecurity has evolved, CompTIA Security+ has become the foundational certification while CompTIA Cybersecurity Analyst (CySA+) and the forthcoming CompTIA PenTest+ have taken on the role of specialized certifications. The updated Security+ covers the baseline skills needed to perform core security functions, including topics like risk management, risk mitigation, configuring resilient networks and using security frameworks. It goes more in depth than SY0-401 and includes four new objectives.
We also reorganized the exam so it covers threats, attacks and vulnerabilities before addressing tools and risk management techniques. In other words, it starts by answering what and then how but delves less into why than some of our more advanced certifications. It emphasizes application over analytics.
Do I really need to know these new concepts to keep networks safe?
In a word – yes! Being able to do hands-on audits of network security and penetration testing to reveal holes in security is becoming ever more crucial to hardening networks and maintaining appropriate security for business of all sizes. And it's also becoming more sought after by employers. So understanding these concepts – in addition to classic CompTIA Security+ material like cryptography – will only help you, both in your job search and in your mastery of the profession as you continue onward and upward.
What sort of jobs will CompTIA Security+ prepare me for?
In the past, CompTIA Security+ has verified the skills necessary for positions like network administrator, systems administrator and security administrator. With its enhanced objectives, the new CompTIA Security+ will, in addition to those positions, confirm a candidate's ability to thrive in emerging business-critical cybersecurity roles like junior IT auditor and penetration tester.
How can I prepare for the exam?
There are a range of exam prep tools, instructional videos, training boot camps and the like out there. CompTIA offers online study tools and books, including CompTIA CertMaster Learn, CompTIA CertMaster Labs, CompTIA CertMaster Practice and the Official CompTIA Security+ Study Guide. Explore these tools and find a way to study that works for you.
When does the old exam expire?
The English version of the CompTIA Security+ SY0-401 exam will retire on July 31, 2018, and will at that point be completely replaced by SY0-501.
I am interested in a military tech role. Do I need CompTIA Security+?
Many government, military and military contractor-related job roles require IT professionals to hold certifications that demonstrate baseline skills and comply with Department of Defense (DoD) directive 8570.01-M.
Because of the recognition it receives in both the public and private spheres and its reputation for thoroughness, CompTIA Security+ has long been, and will continue to be, a top choice for IT professionals who need to meet DoD benchmarks for cybersecurity roles. CompTIA Security+ is rated as an Information Assurance Technical (IAT) level 2 and Information Assurance Management (IAM) level 1.
Ready to get to work on the new CompTIA Security+? Get started today!
Matthew Stern is a freelance writer based in Chicago who covers information technology, retail and various other topics and industries.