Learn Today, Lead Tomorrow with the thrilling Diwali offers! Buy 1 Get 1 Free | Offer ending in:
D H M S Grab Now

What’s new in CompTIA Security+ SY0-601?

CompTIA Security+ is a renowned and one of the most sought-out certification exams validating the baseline security skills of the professionals to secure a network from external threats. The Security+ certification is compliant with ISO 17024 standards and approved by the Department of Defense (DoD) of the US to meet directive 8140/8570.01-M requirements. Employers widely use this certification to make their hiring decisions.

CompTIA Security+ Training

CompTIA updates the exam version every three years. The ongoing exam version (SY0-501) is going to expire in the spring of 2021. Consequently, the CompTIA is launching the new Security+ SY0-601 Exam in November 2020.

This article gives an insight into the changes we may look forward to in the new CompTIA Security+ SY0-601.

What’s in the current Security+ SY0-501 exam?

The CompTIA Security+ SY0-501 enables participants to identify various threats & vulnerabilities, learn security technologies, risk management, and implement security architecture. The Security+ SY0-501 validates the skills to:

  • Install secure applications and devices in the system.
  • Perform threat analysis & respond to security-related incidents.
  • Participate in risk mitigation.
  • To operate with an awareness of existing laws, regulations, and policies.
  • To operate following the principles of confidentiality, integrity, and availability.
  • Have an understanding of Cryptography and PKI.

What’s new in the CompTIA Security+ SY0-601?

The new Security+ certification includes trends and technologies that the industry had not adopted back in 2017 when SY0-501 was launched. Keeping the rising sophisticated attacks and ever-increasing dependency on cloud and IoT into consideration, the objectives of the updated exam may include the following topics:

  • Cloud security
  • Securing the increasing virtualization platforms
  • Protecting the IoT environment
  • Securing the online payment systems
  • Monitoring tools
  • Application skills such as administration and configuration skills
  • Network access control models 

Comparison of domains covered by Security+ SY0-501 & SY0-601 exam

The current CompTIA Security+ SY0-501 exam covers six domains, whereas the new SY0-601 exam covers only five domains as some of the domains and objectives are renamed and reordered.

The following table showcases the respective domains of both the versions with their percentage weightage in the examination.

Domains covered by CompTIA Security+ SY0-501 Exam domains covered by CompTIA Security+ SY0-601
1.     Threats, Attacks, and Vulnerabilities (21%)


1.     Attacks, Threats, and Vulnerabilities (24%)


2.     Technologies and Tools (22%)


2.     Architecture and Design (21%)


3.     Architecture and Design (15%)


3.     Implementation (25%)


4.     Identity and access management (16%) 4.     Operations and Incident Response (16%)


5.     Risk management (14%)


5.     Governance, Risk, and compliance (14%)


6.     Cryptography and PKI (12%)

 Changes in the exam domains

CompTIA has made several changes to the exam domains and added the latest technologies to keep up with the ever-evolving cyber landscape. The following are the significant changes in the exam domains.

  1. Broadened the ‘Threats, attacks and vulnerability’ domain

In the updated version, the ‘Threats, attacks, and vulnerability’ domain has 8 exam objectives. The domain extensively covers the latest social engineering techniques, different types of attacks (including the adversarial artificial intelligence attacks, physical attacks). It explains different types of threat actors, vectors, and intelligence sources that are not introduced in the SY0-501. It also includes a security assessment and pen testing techniques. The exam weightage of the domains in the updated version has increased to 24%. 

  1. The disintegration of the Technology and tools domain

The ‘Technology and tools’ domain is broken apart and added in the domains where it is applied. For example, the SIEM tool is introduced in the ‘Operations and incidence response’ domain.

  1. Merging the ‘Cryptography & PKI’ and ‘Identity & Access management’ domains

The Cryptography & PKI and Identity & Access management domains are the fourth and sixth domains of the Security+ SY0-501 exam. These two domains are merged into the ‘Architecture & Design’ and ‘Implementation’ domains of the new Security+ SY0-601 exam. The public key infrastructure (PKI), Wireless security settings, Identity & access management topics are merged in the ‘Implementation’ domain.

  1. Operations and incidence response domain

In the present time, an IT professional must have the ability to respond to security-related incidents. The incidence response was introduced as an objective in the Risk management domain in SY0-501. The new Security+ SY0-601 has created a separate domain for Operations and incidence response. It covers procedures of incidence response, attack frameworks, and key aspects of digital forensic.

  1. Governance, Risk, and compliance

The SY0-501 exam emphasized on the risk management and created a separate domain for it. In the updated version (SY0-601), the ‘Risk management’ domain is merged in the ‘Governance, Risk, and compliance’ domain. The updated version covers risk management processes, regulations, and policies necessary for the organization’s Security.

Comparison of exam objectives of SY0-501 & SY0-601

  • The CompTIA Security+ SY0-601 Exam has fewer exam objectives than the SY0-501 exam. CompTIA Security+ SY0-501 covers 37 exam objectives. In comparison, SY0-601 is expected to cover 35 objectives under 5 domains.
  • The SY0-601 exam objectives have more examples listed under each objective. The number of examples is increased by about 25%. These Examples help understand the concept behind each objective and prepare the candidates for job roles in the cybersecurity domain. 

An overview of domains of Security+ SY0-601 exam

The new CompTIA Security+ SY0-601 exam covers five major domains focusing on the skill sets required for the current industry roles.

  1. Attacks, Threats, and Vulnerabilities

The domain includes more sophisticated DDOS and social engineering attacks and the threats, attacks & vulnerabilities related to the IoT devices. It helps candidates in identifying vulnerabilities and prevent the possibility of cyber-attack.

  1. Architecture and Design

The domain covers the enterprise environment and dependence on the cloud as organizations are shifting towards the hybrid environment (on-premises and cloud). It helps in understanding the concept of secure automation of applications and virtual platforms.

  1. Implementation

The implementation domain emphasizes Identity and access management, cryptography, PKI, wireless, and end to end security.

IT professionals must be able to implement security measures and protocols for cloud design, wireless, and mobile solutions.

  1. Operations and Incident Response

The domain includes the security assessment and incident response, such as detection, risk mitigation, and the basics of forensics. IT professionals must know the methods of mitigation and security controls to protect the valuable information systems of the organizations.

  1. Governance, Risk, and Compliance

The domain focuses on risk management, teamwork to stay compliant to the regulations such as HIPAA, GDPR, NIST, DSS. IT professionals should be aware of the policies & regulations and how these regulations can be implemented to strengthen the security posture of organizations.

Skills validated by the Security+ SY0-601 exam:

The Security+ SY0-601 exam validates the following skills of the certification holder:

  • Analyzing the security posture of an organization and establishing the necessary security measures.
  • Monitoring and protecting hybrid environments such as cloud, mobile, and IoT (internet of things)

The certification approves that:

  • The Candidate is well-versed of all the applicable laws, policies about Governance, compliance, and risks.
  • The Candidate can respond to the incidents related to cybersecurity.

Get certified with Infosec Train

Whether you go for the Security+ SY0-501 or SY0-601 certification, Infosec Train is delighted to help you get through both the examinations. Our certified and qualified instructors are well-versed in the respective domains. They follow comprehensive teaching methodology and focus more on practical knowledge to transform individuals into highly skilled professionals.

Key features of our CompTIA Security+ Training program 

  • 40 hours of instructor-led training
  • Blended delivery model (emphasizing on practical knowledge along with theory)
  • Certified & Experienced Trainers
  • 24/7 technical support
  • Get access to recorded training sessions

Join us today to earn the CompTIA Security+ certification in the first attempt and forge a promising career in the cybersecurity domain.

Shubham Bhatt ( )
Infosec Train
Shubham Bhatt holds a bachelor's degree in computer science & engineering. He is passionate about information security and has been writing on it for the past three years. Currently, he is working as a Content Writer & Editor at Infosec Train.