The SYO-501 Journey and how i studied for it

Ben Lee
4 min readMar 23, 2021

SYO-501 is an entry level cybersecurity certification that is maintained by COMPTIA and addresses many core aspects of IT security. I chose this as my first cybersecurity certificate as i wanted to expand my general knowledge and concepts as i am currently a student very interested in the IT industry, especially in the cyber area.

The current version that i attempted was the SYO-501 in March, but a new version will be coming out soon in July 2021 so study for the SYO-501 now as the SYO-601 will have more objectives to cover! My advice for anyone to take this certification would be to plan your exam at least 45–90 days out depending on how much time you have available to study each day and take into consideration on how familiar you are already with the concepts. I had some familiarity, but most of the content was very new to me when i first started studying. I started studying late January and passed mid March with an 812/900 with about 6–10 hours per day.

Planning a date to sit the exam helped me out a ton as it forced me to study and review concepts even when i didn’t feel like it and made me prepare much more confidently when i was going to sit the exam.

The Exam consists of a max of 90 questions and a time limit of 90 minutes. Multiple choice and performance based, but mainly multiple choice. There WILL be Log and configuring network questions so prepare for those as well. You must pass with a minimum score of 75o out of 900 (83.33%) and consists of the following objectives:

1.0 Threats, Attacks, and Vulnerabilities 21%

2.0 Technologies and Tools 22%

3.0 Architecture and Design 15%

4.0 Identity and Access Management 16%

5.0 Risk Management 14%

6.0 Cryptography and PKI 12%

If you are sitting the SYO-601 your objectives will be similar but a bit different:

1.0 Attacks, Threats, and Vulnerabilities 24%

2.0 Architecture and Design 21%

3.0 Implementation 25%

4.0 Operations and Incident Response 16%

5.0 Governance, Risk, and Compliance 14%

Resources and method I used to pass the exam:

*Note that my study method may differ from yours. This is what worked best for me. I like reading more than watching videos/ listening to audio and most of my general learning was from reading and writing.

  1. Jason Dion Sec+ Udemy Course — I first watched all his videos and took notes. Very good video course to give you a general idea on what the concepts are for the exam. I made palm cards on the ports and terminology i didn’t know.
  2. Darrel Gibson GCGA Book — This book was my main resource after Dion’s video course. I took notes on EVERYTHING, and did every practice question until i was scoring 90%+. I retained a-lot of information from reading this book. I also used his online package for extra practice questions which i also highly recommend. You can check it out here:
  3. After the Book i used Professor Messer’s Exam’s and Jason Dion Practice exams. These were very good and very similar to the final exam. In my opinion, Professor Messer’s exams were the closest to the real SYO-501 exam. I would recommend redoing these and review the questions and concepts you get wrong until you get about 80–85%+.
  4. Cromwell — I discovered this site by accident when i was trying to find more practice questions to fill in my knowledge gaps during my last week of studying. I would highly recommend doing his domains especially his LOG questions to get you familiar with them, as there WILL be log and configuration questions on the exam. His advice on terminology were also very good for last minute revision. You can check out his site here:
  5. Finally, REVIEW THE OBJECTIVES. This is the MOST important step. Make sure you KNOW all the acronyms. For objectives, make sure you can describe to someone what they all mean and do in at least a sentence. I recommend having a one sheet paper and jotting down all the things you aren’t familiar with.

For some of my notes that i used you can check my github:

My final advice would be to look at each question carefully in the real exam. Sometimes all answers may be correct but you must choose the best one. Don’t overthink, sometimes it’s always the simple answer. If you are spending too much time on one question just move on and guess. Flag the PBQ and do them after the multiple choice.

The test was very tough, i thought i was failing in the first 20 minutes of the exam. I truly believe that they put all the hard questions at the start to destroy your confidence and the easier questions at the end since that was what it felt like to me, but if you know your content and you study hard you will be able to pass! If i can do it, you can do it too!

I hope this blog post will give you a general idea on what to expect and some of the resources to use if you want to take the SYO-501 exam. Good Luck!



Ben Lee

I focus on Malware, RE, DFIR. This blog is used to improve my understanding of these concepts and show my progress.