If you’ve been putting off obtaining your Security+ certification and are not going to attempt the exam before December 31, 2010, you may want to wait until the new version of Security+ SY0-301 is released. CompTIA is planning the new release of Security+ to stay current with the changing IT security landscape. The new Security + exam will address current threats and exploits not covered in SY0-201.
This new version of the exam has different domain names. The weight of each domain has also changed. The new Security+ domains include:
1. Network Security
2. Compliance and Operational Security
3. Threats and Vulnerabilities
4. Application, Data, and Host Security
5. Access Control and Identity Management
The update to this certification is about more than just domain name changes. The third version of Security+ is focused on current cyber security foundations. These changes include a much broader review of many topics previously covered in less depth. Needed coverage of cloud computing has been added. It’s critical that more security practitioners are made aware of the security concerns of this technology as companies migrate to cloud based services.
Also modified in the new version of the exam is the coverage of application layer attacks. There is increased coverage on cross-site scripting, SQL injection, zero day attacks, and even session hijacking. These are nice additions and will offer test candidates the opportunity to learn about current exploits such as Firesheep and other sidejacking exploits. Even the social engineering topics have been expanded to include such terms as whaling. Spear phishing or whaling is a social engineering technique used to trick a user into installing malware or redirect them to a malicious website.
The new exam not only focuses on prevention and detection but also highlights the growing need for responsive security controls such as computer forensics. Exam objectives now address forensics issues such as:
- Chain of custody
- Order of volatility
- Image capture
- Network traffic and logs
- Evidence hashes
I believe it’s a good thing that CompTIA is rolling out this update. IT security is not static. The state of IT security is constantly in flux. The best way to maintain the creditability of this certification and ensure that it provides the needed security skills to entry level IT professionals is to update and include current threats, exploits, and defenses. If you would like to read over the objectives and see what changes are being made, you can find them here: http://www.comptia.org/Libraries/Exam_Objectives/CompTIA_Security_SY0-301.sflb.ashx