CompTIA’s Security+, the most popular cybersecurity certification in the world, is getting an overhaul! The updated exam (from SY0-501 to SY0-601) re-aligns the certification to match the most in-demand entry-level cybersecurity skills and trends heading into 2021.  Join Patrick Lane, Director of Products at CompTIA,  to learn how the Security+ certification is evolving so it remains the “go-to” certification for anyone trying to break into cybersecurity. You’ll learn about: Evolving Security+ domain areas and job skills Common job roles for Security+ holders SY0-501 and SY0-601 exam timelines Tips to pass the updated Security+ exam Plus Security+ questions from live viewers

2. Meet your
speakers
Patrick Lane
Guest speaker
Director, Certification Product Management
CompTIA

3. Agenda
● What is Security+?
○ Baseline cybersecurity skills
○ Job roles and growth indicators
○ SY0-601 vs. 501 Updates
○ Exam details
● Q&A

4. What is the CompTIA
Security+ certification?

5. Security+ assesses baseline cybersecurity skills
Security+ is an entry-level cybersecurity certification exam released
in 2002 and updated every three years. It assesses core technical skills
required to secure networks, systems, software and devices.
● Broad range of baseline cybersecurity skills needed to ensure high
performance on the job
● It appears in nearly 10% of all U.S. cybersecurity job ads because
employers are using it to make their hiring decisions
Large industry influences affecting revised Security+:
● More threats, attacks and vulnerabilities
● Migration to the cloud
● Emphasis on entry-level incident response
● Governance, risk and compliance (GRC)

6. Security+ helps solve an industry problem
As cybersecurity attacks increase (and accelerate in the COVID-19 environment), more
job roles are tasked with bridging the gap between improving baseline security
readiness and incident response to address today’s threats.
Updates to Security+ reflect current skills relevant to these job roles and prepare
candidates to be more proactive in preventing the next attack.
● Problem: Cybersecurity attacks have increased dramatically (up by 68%)
requiring more job roles, both in cybersecurity and related roles, to take
responsibility for baseline readiness and incident response
● Solution: Training and certifying the workforce/employees with the updated
Security+ 601 exam validates the latest skills relevant to security job roles and
related job roles, preparing employees and organizations to be more proactive in
preventing the next attack
● Benefit: Security+ 601 ensures organizations have talent with the latest skills
and competencies needed to improve baseline security readiness and incident
response by applying today’s current best practices for preventing and
addressing the latest attacks, threats and vulnerabilities.

7. Job roles covered in Security+ 601
More job roles use Security+ skills than ever before, thanks to the wide applicability
of Security+ skills. Related job roles doubled (4 to 10) because more jobs require
the baseline cybersecurity skills found in Security+.
SY0-601 primary job roles:
● Security administrator
● Systems administrator
SY0-601 related job roles that use baseline
cybersecurity skills for part of the job:
● Helpdesk managers and analysts
● Network and cloud engineers
● IT auditors
● Security officer
● Security manager
● IT project manager
● DevOps team
● Software developer
SY0-501 primary job roles:
● Security administrator
● Systems administrator
SY0-501 related job roles:
● Network administrator
● Security specialist
● Security consultant
● Security engineer
Security+ sets up IT pros for
success in intermediate and
advanced cybersecurity job
roles such as Security Analyst,
Penetration Tester, Security
Engineer, Forensics Analyst and
Security Architect

8. Job role skills and exam release
These job roles are using Security+ for its baseline cybersecurity skills that include the ability to:
● Identify, analyze and respond to cybersecurity events and incidents
● Monitor and secure hybrid environments, which operate on premises and in the cloud
● Operate with an awareness of applicable laws and policies
● Assess the cybersecurity posture of an enterprise environment using various tools and techniques
● Recommend and implement appropriate cybersecurity solutions
Release scheduled for mid-November 2020
● Available online/onsite at PearsonVUE
● New exam code is SY0-601
● Existing SY0-501 exam retires July 31, 2021

10. 6 changes to the Security+ (601 vs. 501)
● Newer 601 skills include more threats; cloud environments;
entry-level incident response; and governance, risk and
compliance (GRC).
● There are fewer domains in the new version: 5 instead of 6.
● There are fewer objectives: 35 instead of 37.
● There are 25% more bulleted examples listed under each
objective to help contextualize the meaning of the objective.
Although the exam questions are not based on the bulleted
examples, students should be familiar with all of them.
● Several exam domains and exam objectives were re-
ordered and re-named to address instructional design
improvements. For example, the previous Technologies
and Tools domain was broken apart into the domains
where the technologies and tools were applied.
● Bloom’s taxonomy indicates more application of skills
and slightly less analysis overall. Analysis skills are taught
in CySA+, which is higher up the cybersecurity career
pathway. Application of skills, such as administration and
configuration, are covered in Security+.
Security+ 601 Security+ 501
● Attacks, threats and vulnerabilities (24%)
● Architecture and design (21%)
● Implementation (25%)
● Operations and incident response (16%)
● Governance, risk and compliance (14%)
● Threats, attacks and vulnerabilities (21%)
● Technologies and tools (22%)
● Architecture and design (15%)
● Identity and access management (16%)
● Risk management (14%)
● Cryptography and PKI (12%)

11. Job growth indicators
Network and Computer Systems
Administrators jobs will grow 4% between
2019 and 2029.
According to Cyberseek, of the U.S. employed
workforce, 16% are certified with Security+. It
is the 3rd most requested certification in job
openings.
Globally there are almost 600K who have
certified in Security+ since inception.
The U.S. Bureau of Labor Statistics (BLS)
classifies Security+ under Network and
Computer Systems Administrators, which
includes:
• 2019 Median Pay: $83,510 annual per year
• Number of Jobs Available: +373K
* Latest pay info from U.S. Bureau of Labor Statistics; Job openings and hiring manager info derived from CompTIA international research reports.

12. What makes Security+ different
What is Security+?
CompTIA Security+ is a global certification that validates the baseline skills necessary
to perform core security functions and pursue an IT security career.
Why it’s different
• More choose Security+: Chosen by more corporations and defense organizations than any other
certification on the market to validate baseline security skills and for fulfilling the DoD 8570
compliance.
• Security+ proves hands-on skills: The only baseline cybersecurity certification emphasizing
hands-on practical skills, ensuring the security professional is better prepared to problem solve a
wider variety of today’s complex issues.
• More job roles turn to Security+: Baseline cybersecurity skills are applicable across more of
today’s job roles to secure systems, software and hardware.
• Security+ is aligned to the latest trends and techniques: Covering the most core technical skills
in risk assessment and management, incident response, forensics, enterprise networks,
hybrid/cloud operations and security controls, ensuring high-performance on the job.

13. Security+ competitive comparison
CompTIA Security+
(ISC)² Systems
Security Certified
Practitioner (SSCP)
EC-Council Certified
Ethical Hacker
(CEH)
GIAC Security
Essentials (GSEC)
Performance-
based
questions
Yes No No No
Exam focus Core cybersecurity
skills required by
security and network
administrators
Security
administrator job
role or systems
security
Penetration testing
Fundamental
cybersecurity skills
Experience level Entry level Entry level Entry level Entry level
Vendor neutral Yes Yes Yes Yes

14. Security+ SY0-601 Exam Details
Item Description
Exam code SY0-601
Launch Date Mid-November 2020
Availability Worldwide
Testing Provider Pearson VUE Testing Centers, OnVUE
Question Types Performance based and multiple choice
No. of Questions Maximum of 90 questions
Length of Test 90 minutes
Passing Score 750 (on a scale of 100-900)
Languages English, others to follow
Recommended Experience CompTIA Network+ and two years of experience in IT administration with a security focus
Exam retirement SY0-501 to retire July 31, 2021

15. Organizations that assisted in development
● Max Life Insurance
● Aussie Home Loans
● WilCo, LLC
● RxSense
● Southeastern Louisiana University
● Spire Inc.
● University of Redlands
● PCM Sales
● Johns Hopkins University Applied Physics
Laboratory
● Australian Information Security Association /
Deakin University
● University of Petroleum and Engineering
Studies
● Archdiocese of Philadelphia
● Fayetteville Technical Community College
● U.S. Navy Center for Information Dominance
● Tanium
● SecureWorks
● Target Corp.
● Splunk
● Ricoh
● Netflix
● General Dynamics IT (GDIT)
● Boulder Community Health
● Washington State Patrol
● aeSolutions
Subject matter experts (SMEs) from the following organizations assisted with the development of
SY0-601. Some of the biggest contributors are listed below.

16. Questions?

17. Free year of Infosec Skills
($299)
And the winner is ...

18. Everyone gets a free week
of Infosec Skills.
Then it’s just $34/month
infosecinstitute.com/skills

19. About us
At Infosec, we believe knowledge is the most
powerful tool in the fight against cybercrime. We
provide the best certification and skills
development training for IT and security
professionals, as well as employee security
awareness training and phishing simulations.
infosecinstitute.com
708.689.0131
19