We Knew It Was Coming: Security+ SY0-401 (Part 1 of 3)April 29, 2014 at 5:01 pm | Posted in CompTIA, Study hints | 1 Comment
Tags: CompTIA, Performance-Based Testing, Security+, study tips
Has it been three years already? It seems like just last week I was talking about SY0-301, and now here I am trying to catch my breath after pushing the 2014 Security+ exam, SY0-401, over the finish line and into our practice test lineup. (But really, I am just glad to finally get to write about something other than project management.) As usual, the new Security+ exam will include many of the same topics as the previous version. In this post I’ll focus on the overall differences between SY0-301 and SY0-401. In the next two posts (get excited!) I’ll take a closer look at changes within the examination blueprint, which can be downloaded here from CompTIA. (Note: the download requires you to provide personal information.)
Topics and weightings
At first glance, it may seem that very little has changed. The six domains are the same apart from some shifts in weighting (the percentage of the test devoted to that topic):
1.0 Network Security 20% (21% in SY0-301) 2.0 Compliance and Operational Security 18% (no change) 3.0 Threats and Vulnerabilities 20% (21% in SY0-301) 4.0 Application, Data and Host Security 15% (16% in SY0-301) 5.0 Access Control and Identity Management 15% (13% in SY0-301) 6.0 Cryptography 12% (11% in SY0-301)
As you can see from these numbers, this new distribution will probably only mean one or two questions more for Domains 5 and 6. But it’s more important to note that within each domain, there are many topic-level changes that will affect your study plan. Within these domains CompTIA has added several new topics which were not tested in 301. These new topics include application-aware devices, unified threat management, defense-in-depth, OS hardening, white-listing versus black-listing, and many others that I’ll cover in the next two posts. There are three new sub-domains distributed among Domains 2 and 4. These new sub-domains add topic coverage on mobile security, mitigating security risks in a static environment, and implementing basic forensic procedures. That last sub-domain leads neatly into my next topic: you can expect increased difficulty and more applied concept questions on the new Security+ exam, in comparison to the older style of asking straight knowledge-based questions.
Stop, Drop, & Scenario!
While many of the sub-domains cover the same list of topics, CompTIA has changed many of the keywords from “understand” and “explain” to “implement” and “troubleshoot.” Several also show the addition of one important phrase: “given a scenario.” Because this phrasing was added to so many domains, I feel I should take a little time to explain the distinction. As many of you know, the Security+ exam has been considered a mostly knowledge-based exam that includes mostly knowledge-based questions. Scenario questions are the next logical step up from knowledge-based questions. They expect you to take those tidbits of knowledge that you have memorized, remember them, and then apply them in the scenario to come up with the correct answer. Let me give you an example. First, look at a sample knowledge-based question from our practice test:
Which of the following is a default port used by FTP? a. 20 b. 53 c. 80 d. 443
Now look at another example, which turns this same question into a scenario:
Your company has recently implemented a new firewall. Users start complaining that they are unable to access resources on your company’s FTP server. What should you do? a. Open ports 20 and 21 on the new firewall. b. Open port 53 on the new firewall. c. Open port 80 on the new firewall. d. Open port 443 on the FTP server.
As you can see from my examples, you still need the same basic knowledge to answer both of these questions. So REALLY, answering these two questions is the same level of difficulty, but by adding the scenario you are ensuring that the student understands how the knowledge applies in a real-world situation. Instead of remembering which port belongs with FTP, the student also has to identify the location where the ports should be configured. I could also increase the difficulty of the scenario question by including more invalid options. We have released our SY0-401 practice test, a feat we are especially proud of because we are the first product to market. Please visit the product page for more information!
The next post will dive into the topic-level changes in Network Security (Domain 1), Compliance and Operational Security (Domain 2), and Threats and Vulnerabilities (Domain 3).
I’ll cover the other three domains in the final post in this series.
Until next time! –Robin