Security+: Implementing Secure Protocols

Introduction

The Security+ syllabus is updated every three years. Normally, the exam is denoted by a code consisting of a sequence of letters and numbers; for example, SY0-401 is the most recently outdated exam. During the revision, a number of changes are made from the previous to the most recent exam. This article covers the most recent changes leading to the current exam – SY0-501. We shall be covering the changes related to the implementation of secure protocols, how it is covered in the new exam, and how that differs from the previous exam.

Exam Changes Overview

Between the two exams SY0-401 and SY0-501, there has been a significant overall change in the content. The new exam focuses on attacks, risk management and hands-on skills using technologies and tools. As a result, the domains have been re-named and re-ordered to reflect cyber security trends as determined in the Security+ SY0-501 Job Task Analysis (JTA).

Under the previous exam (SY0-401), the implementation of secure protocols was found under the Network Security domain, which covered 20% of the exam, but is currently found within the Technologies and Tools domain which now covers 22% of the exam.

The most recent changes to the exam have also been structured to ensure that candidates are more able to explain the learned concepts by translating them to real-life problems.

Exam Changes Comparison

SY0-401 Overview

The SY0-401 exam featured numerous protocols within the Network Security domain. Emphasis was on the different protocols, ports and their relevance to the OSI stack. Compared with the new exam, much effort was placed in the implementation of numerous protocols that had not been adequately streamlined to the most recent security concerns. For example, in compliance to industry-wide best practice, many organizations today have shut down (or effectively reconfigured) certain protocols that (Read more...)