Watch the webinar here: https://www.infosecinstitute.com/webinar/comptia-security-everything-you-need-to-know-about-the-sy0-701-update/
CompTIA’s Security+, the most popular cybersecurity certification in the world, is getting an overhaul! The updated exam (from SY0-601 to SY0-701) re-aligns the certification to match the most in-demand entry-level cybersecurity skills and trends heading into 2024.
Join Patrick Lane, Director of Certification Product Management at CompTIA, to learn how the Security+ certification is evolving so it remains the “go-to” certification for anyone trying to break into cybersecurity. You’ll learn about:
- Evolving Security+ domain areas and job skills
- Common job roles for Security+ holders
- SY0-601 and SY0-701 exam timelines
- Tips to pass the updated Security+ exam
- Plus Security+ questions from live viewers
5. What is CompTIA Security+?
CompTIA Security+ is a global certification that
validates the foundational cybersecurity skills
necessary to perform core security functions and
pursue an IT security career.
⮚ SY0-701 Release: November 7, 2023
⮚ SY0-601 Retirement: July 31, 2024
6. Cybersecurity job market overview
4.7M cyber pros globally in the workforce and a 3.4M global shortage
Global cybersecurity market value expected to grow from $155B in 2022
to $376B by 2029
Of organizations with a shortage of cybersecurity staff, 43% said
the biggest cause is not being able to find enough qualified talent
Global cybersecurity job market stats
7. Security+ 701 job market
By the numbers
➢ 700,000+ IT pros have received their
Security+ certification
➢ 24% of the total employed cybersecurity
workforce in the U.S. are Security+ certified
(CyberSeek)
➢ 13% of the total cybersecurity job openings
request Security+ in the job req (CyberSeek)
Job role stats
➢ 86,000+ job postings listed in
2023 requested Security+
➢ $80,000 median pay for
Security+ job roles in 2023
8. Security+ 701 differentiation
Value messages
Launch a successful cybersecurity career. Develop a core foundation of essential skills, paving the way for a
fulfilling career. More job roles use Security+ for baseline cybersecurity skills than any other certification in the industry.
Assess on-the-job skills. Security+ is one of the only ISO/ANSI-accredited early career cybersecurity certifications on the
market with hands-on, performance-based questions on the certification exam. These practical questions assess your
ability to effectively problem solve in real-life situations and demonstrate your expertise to potential
employers immediately.
Embrace the latest trends. Understand and use the most recent advancements in cybersecurity technology,
terms, techniques, and tools. By acquiring early career skills in the latest trends such as automation, zero trust, risk
analysis, operational technology, and IoT, you will be well-equipped to excel in the ever-evolving cybersecurity landscape.
What is it?
CompTIA Security+ is a global certification that validates the foundational cybersecurity skills necessary to
perform core security functions and pursue an IT security career.
9. CompTIA cybersecurity career pathway
CompTIA certifications align with the skill sets needed to support and manage IT and
cybersecurity. Enter where appropriate for you. Consider your experience and existing
certifications or course of study.
*Next version of CASP+ to be
renamed CompTIA SecurityX
(CAS-005) for the Q4 2024 release.
11. Security+ 701: Core cybersecurity skills
Security+ 701 has been updated to reflect skills relevant to job roles tasked with baseline security
readiness and response to address today’s threats — and to prepare candidates to be more
proactive in preventing the next attack. The certification exam covers the same:
➢ Assessing the security posture of an enterprise environment and recommending and implementing
appropriate security solutions
➢ Monitoring and securing hybrid environments, including cloud, mobile, Internet of Things (IoT) and
operational technology (OT)
➢ Operating with an awareness of applicable regulations and policies, including principles of governance,
risk and compliance
➢ Identifying, analyzing and responding to security events and incidents
20% of exam objectives were updated to include:
1. Current trends: The latest trends in threats, attacks, vulnerabilities, automation, zero trust, risk, IoT, OT
and cloud environments are emphasized, as well as communication, reporting and teamwork.
2. Hybrid environments: The latest techniques for cybersecurity professionals working in hybrid
environments that are located in the cloud and on premises; cybersecurity professionals should be
familiar with both worlds.
12. How is 701 different from 601?
1. Similar skill level: Exam continues to identify early
career cybersecurity skills at the two-year level
2. SY0-701 has the same number of exam domains (5)
but fewer objectives (28 vs. 35) due to a more focused
job role in a maturing industry
3. Related job roles are similar, although the work of a
security administrator has become more defined, and
the skills performed are identified with more accuracy.
NICE work roles increased.
4. Several exam domains and exam objectives were re-
ordered and re-named to address instructional design
improvements
5. Bloom’s taxonomy indicates more application of skills and
slightly less analysis overall
6. Governance, risk and compliance (GRC) tasks are better
defined for cybersecurity professionals with more focus on
reporting and communication, as opposed to the minutia of
different regulatory standards and their processes.
Security+ 701 Security+ 601 equivalent
1.0 General Security Concepts
2.0 Threats, Vulnerabilities & Mitigations
3.0 Security Architecture
--
4.0 Security Operations
5.0 Security Program Management
and Oversight
12%
22%
18%
28%
20%
--
1.0 Threats, Attacks and Vulnerabilities
2.0 Architecture and Design
3.0 Implementation
4.0 Operations and Incident Response
5.0 Governance, Risk and Compliance
24%
21%
25%
16%
14%
13. Job role comparison
Security+ 701 job roles Security+ 601 job roles
Primary job roles:
• Security administrator
• Systems administrator
Secondary job roles:
• Help desk analyst
• Security engineer
• Security analyst
• NICE Work Roles (18)
Primary job roles:
• Security administrator
• Systems administrator
Secondary job roles:
• Help desk manager / analyst
• Security engineer / analyst
• Network / Cloud engineer
• DevOps / Software developer
• IT auditors
• IT project manager
14.
15. Organizations assisted in SY0-701 development
Subject matter experts (SMEs) from the following organizations assisted with the development of SY0-701.
Some of the biggest contributors are listed below.
Wells Fargo
Nationwide
Johns Hopkins University Applied Physics
Laboratory
Fidelis Risk Advisory
Lippert Components
Cyber Warfare Tactics LLC
Organon
Blue Chip Talent
Deakin University
Growth Arbor
Linford and Company LLC
MindPoint Group
Brotherhood Mutual
SS&C Technologies
Five9
Fidelity Investments
Zoom
Microsoft
SenseOn
U.S. Navy Center for Information Dominance
L3Harris
SecureWorks
General Dynamics IT (GDIT)
Washington State Patrol
Contentful
Deloitte
17. 1.0 General Security Concepts
SY0-701 Exam objectives
1.1 Compare and contrast various types of security controls.
1.2 Summarize fundamental security concepts.
1.3 Explain the importance of change management processes and the impact to
security.
1.4 Explain the importance of using appropriate cryptographic solutions.
18. 2.0 Threats, Vulnerabilities & Mitigations
SY0-701 Exam objectives
2.1 Compare and contrast common threat actors and motivations.
2.2 Explain common threat vectors and attack surfaces.
2.3 Explain various types of vulnerabilities.
2.4 Given a scenario, analyze indicators of malicious activity.
2.5 Explain the purpose of mitigation techniques used to secure the enterprise.
19. 3.0 Security Architecture
SY0-701 Exam objectives
3.1 Compare and contrast security implications of different architecture models.
3.2 Given a scenario, apply security principles to secure enterprise infrastructure.
3.3 Compare and contrast concepts and strategies to protect data.
3.4 Explain the importance of resilience and recovery in security architecture.
20. 4.0 Security Operations
SY0-701 Exam objectives
4.1 Given a scenario, apply common security techniques to computing resources.
4.2 Explain the security implications of proper hardware, software and data asset
management.
4.3 Explain various activities associated with vulnerability management.
4.4 Explain security alerting and monitoring concepts and tools.
4.5 Given a scenario, modify enterprise capabilities to enhance security.
4.6 Given a scenario, implement and maintain identity and access management.
4.7 Explain the importance of automation and orchestration related to secure
operations.
4.8 Explain appropriate incident response activities.
4.9 Given a scenario, use data sources to support an investigation.
21. 5.0 Security Program Management & Oversight
SY0-701 Exam objectives
5.1 Summarize elements of effective security governance.
5.2 Explain elements of the risk management process.
5.3 Explain the processes associated with third-party risk assessment and
management.
5.4 Summarize elements of effective security compliance.
5.5 Explain types and purposes of audits and assessments.
5.6 Given a scenario, implement security awareness practices.
22. Security+ SY0-701 exam details
Item Description
Exam code SY0-701
Launch date November 7, 2023
Availability Worldwide
Retail price $392 USD
Testing Provider Pearson VUE Testing Centers, OnVUE
Question types Performance based and multiple choice
# of questions Maximum of 90 questions
Length of exam 90 minutes
Passing score 750 (on a scale of 100-900)
Languages English, with Japanese, Portuguese and Spanish to follow
Recommended
experience
CompTIA Network+ and two years of experience working in a security/systems administrator job role
Exam retirement SY0-701 to retire July 31, 2024 (English) with other languages to follow
26. About us
Infosec puts people at the center of
cybersecurity through role-guided
training that’s accessible and engaging.
We help IT and security professionals
advance their careers with skills
development and certifications while
empowering all employees with security
awareness and phishing training to stay
cyber-safe at work and home.
www.infosecinstitute.com