Guide to Certifications and Technology News for IT Professionals
Get Your Free IT Resume Guide
The New CompTIA Security+ (Exam SY0-301) Certification Guide

The New CompTIA Security+ (Exam SY0-301) Certification Guide

Topics Mentioned
Certification(s):
Exam(s):

The New CompTIA Security+ (Exam SY0-301) Certification GuideThough both of the SY0-201 and SY0-301 Security+ exams are meant to provide a stamp of approval coinciding with the knowledge and expertise of IT security professionals, SY0-301 has many additions in contrast to SY0-201.

While SY0-201 was designed after analyzing the results of the industry wide Job Task Analysis and the survey conducted in 2007 – the primary aim was limited to the know-how of the security concerns of IT firms. The SY0-301 exam on the other hand is the refinement of the previous version that actually validates the expertise in addressing these security concerns. The eligibility however remains unchanged in both cases.

ISO Accreditation

As of now CompTIA Security SY0-301 is accredited by ISO which validates that the entire exam and its contents were designed according to internationally accepted standardization procedures. It also means that the contents and procedures adopted will be scrutinized and revised periodically. It also means that IT professionals will have to update their knowledge and certifications in accordance to the changing exam content and patterns. This definitely enhances the credibility of the CompTIA Security+ SY0-301 and takes it to an entirely new level.

Percentile weightage of core subjects also has undergone significant changes from SY0-201 to SY0-301. Figures 1.1 and 1.2 depict the changed subjects from SY0-201 to SY0-301 and their relative weightage in these exams.

SY0-201

Figure 1.1 (SY0-201)

SY0-301

Figure 1.2 (SY0-301)

Evident from the tables above, the composition has undergone a major overhaul shifting the focus of the exam from know-how to implementation.

SY0-301 – Network Security

This module has the highest weightage of 21 percent in SY0-301 certification exam. It is assumed that the professional already is aware of the type and threats and their implications on the IT system (which was covered in Systems Security in SY0-201). While SY0-201 was bent towards educating the professional on all kinds and threats and security risks, SY0-301 is more geared towards mitigation of these risks by taking appropriate measures using relevant software and hardware. It is one thing to know about the threats, it is entirely another to know what to do to prevent and to detect them. After all, you cannot prevent something from destroying a computer system if it cannot be detected in the first place.

The perfect example here is the Iranian nuclear facility team that is under constant barrage of computer viruses that seem to be targeting the system that controls the nuclear facility. These Iranian computer engineers may or may not have taken SY0-301.

SY0-301 – Compliance and Operational Security

This module was missing in the earlier version. Since it is an entirely new addition to the exam, 18 percent of weightage is given to this module. Human intervention often is one the most plausible reasons for security breaches. The module focuses on educating the professional on methods as an administrator he or she can take to thwart such incidents. A small chapter is also included on cloud computing as many experts believe that companies sooner or later will be adopting cloud computing heavily. This is just thinking about the future and any education should be focused on that, at least a little. There are many advantages to cloud computing but it does carry some risks in its own right as well.

SY0-301 – Threats and Vulnerabilities

This module again has highest weightage in the module of 21 percent. The Threats and Vulnerabilities module is quite similar to the System Security module of the SY0-201. However, in SY0-301, the study is in-depth and comprises of:

  • Study of different types of malware
  • Analyzing different types of security breaches and attacks
  • Social engineering attacks
  • Wireless attacks
  • Application attacks
  • Study of mitigation and deterrent techniques
  • Tools for identifying security threats and breaches

SY0-301 – Application, Data, and Host Security

As custom built applications are an integral part of IT infrastructure in the organizations of the contemporary era, security breaches often occur through them. This module particularly deals with how application security can be enhanced thereby protecting the underlying data and further provide security to the host. Some of the salient features of this module are as follows:

  • Application security
  • Procedures to ensure host security
  • Data security

SY0-301 – Access Control and Identity Management

This module again corresponds to the Access Control module of SY0-201. In SY0-301, this however is covered in detail. Areas that are covered in this module are listed directly below:

  • Different types of authentication and authorization methods
  • Best practices for authentication, authorization, and access control
  • Account management

SY0-301 – Cryptography

This is the only module in both exams which are almost similar. Protocols, public key cryptography, certificate management, encryption concepts are some of the topics covered under this module. This module has the least weightage, sitting at about 11 percent. Eleven percent is still palpable; this section is still integral to this course.

More Related Posts

  1. CompTIA Security+ Cert Prep: Implementing Security Applications
  2. Windows 7, Configuring (Exam 70-680) MCTS Certification Guide
  3. CompTIA Changes Certification Renewal Policy for A+, Network+ and Security+ Certifications
  4. Get SQL Certified: SQL Server 2008 Developer (70-433) Exam Guide
  5. CISSP Security Certification Overview

About the Author

is from Sacramento, CA. He has two master degrees and served time in the U.S. Navy. His second master's degree is an MBA in Global Management from the Univ. of Phoenix where he attributes his writing prowess-2006. His bachelor's degree is from Ca. St. Univ. of Sacramento-1999 where he was on a baseball pitching scholarship. Now he writes professionally for several clients and a few online companies, one of them in which is publically traded. He spent 4 years in the U.S. Navy, worked in the corporate world, and for public agencies. He teaches English online to Korean elementary school students in the Spring and Summer and has lived in Korea and Saudi Arabia while he was an English Instructor. He misses Saudi food and living in Korea. Benjamin has a tremendous work ethic and is quite focused. He spends his time in between Northern, CA. and Cabo San Lucas, Mexico writing on various subjects, one of which is the spectacular rise in SEO needed content.

Discussion

No comments or trackbacks for “The New CompTIA Security+ (Exam SY0-301) Certification Guide

Post a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

About Us

TrainSignal is a fun, profitable and high growth company founded in 2002 that produces premium quality computer training videos with a focus on making learning more fun and more effective. Our training is very comprehensive and designed to give our customers in-depth knowledge, build hands-on skills and promote career advancement.

Connect with Us

Copyright © 2002-2012 TrainSignal, Inc. All Rights Reserved. All logos and trademarks are property of their respective owners.