CompTIA Security+ SY0-601 Domain 3: Implementation

1
CompTIA Security SY0-601 Domain 3
Implementation
www.infosectrain.com sales_at_infosectrain.com
2
www.infosectrain.com sales_at_infosectrain.com
3
SecuritySY0-601 Domains Security new exam
version is SY0-601. In this new version, we have
5 domains
www.infosectrain.com sales_at_infosectrain.com
4

• Domain 1.0 Attacks, Threats, and Vulnerabilities
  (24)
• Domain 2.0 Architecture and Design (21)
• Domain 3.0 Implementation (25)
• Domain 4.0 Operations and Incident Response
  (16)
• Domain 5.0 Governance, Risk, and Compliance (14)

In this blog, we discuss domain 3.0
Implementation. ImplementationFor a companys
security program, implementation is critical. It
is the point at which a security system or
technology comes into being, a new security
effort is nothing but a collection of thoughts on
a document if it isnt put into action. In this
domain, we cover 9 objectives and their
subtopics. The objectives covered in security
domain 3.0 are listed below.
www.infosectrain.com sales_at_infosectrain.com
5

1. Implement Secure Protocols
2. Implement Host or Application Security Solutions
3. Implement Secure Network Designs
4. Install and Configure Wireless Security Settings
5. Implement Secure Mobile Solutions
6. Apply Cybersecurity Solutions to the Cloud
7. Implement Identity and Account Management
   Controls
8. Implement Authentication and Authorization
   Solutions
9. Implement Public Key Infrastructure

www.infosectrain.com sales_at_infosectrain.com
6
1. Implement Secure ProtocolsCyber attackers can
take advantage of insecure protocols to damage
data security and the integrity of systems. In
this lesson, youll learn about some of the
protocols and services that provide network hosts
with addressing, name resolution, and monitoring.
These protocols arent as visible as apps like
web servers and email servers, but theyre
essential for securing networks. This lesson
covers two parts Protocols and Use case. Inside
Protocols we learn Domain Name System (DNS), DNS
Security Extensions (DNSSEC), Secure Real-time
Transport Protocol (SRTP), File Transfer Protocol
(FTPS), SSH File Transfer Protocols (SFTP),
Understand Simple Network Management Protocol
(SNMP) framework, Hypertext Transfer Protocol
(HTTP), we can cover email service protocols,
secure POP3 (Post Office Protocol v3), Secure
IMAP (Internet Message Access Protocol v4). We
understand Internet Protocol Security (IPSec) and
its 2 Protocols




www.infosectrain.com sales_at_infosectrain.com
7

• Authentication Header (AH)
• Encapsulation Security Payload (ESP)
• In Use case part we learn how security protocols
  work inside this we cover
• Voice and Video
• Time Synchronization
• Email and Web
• File Transfer
• Directory Services
• Remote Access
• Domain Name Resolution
• Routing and Switching
• Network Address Allocation
• Subscription Services

www.infosectrain.com sales_at_infosectrain.com
8
2. Implement Host or Application Security
Solutions This lesson is concentrated on which
security solutions are implemented for various
hosts and applications. Inside this lesson, we
cover Endpoint Protection, Boot Integrity,
Application Security, Hardening. In Endpoint
Protection we can understand Antivirus and
Anti-Malware, NGFW (Next-generation firewall),
Host-based intrusion detection system (HIDS), 
Endpoint detection and response (EDR), Data Loss
Prevention (DLP). Boot Integrity covers Boot
Security, Unified Extension Firmware Interface
(UEFI), work of Measured boot and Boot
Attestation. Inside Application security we learn
Input Validation, Secure Cookies, HTTP Headers,
we understand Allow list, Block list, Dynamic
Code analysis.




www.infosectrain.com sales_at_infosectrain.com
9
3. Implement Secure Network Designs Networks are
as prevalent in the business as computers
themselves. As a result, understanding secure
network designs is essential for creating a
protected network for your company. In this
lesson we understand the working of Load
balancing, Network segmentation, Virtual local
area network (VLAN), we learn the difference
between Extranet and Intranet. Cover the working
of VPN (Virtual Private Network), DNA, also cover
Network access control (NAC), Access control list
(ACL). We will also understand the use of Port
security.




www.infosectrain.com sales_at_infosectrain.com
10
4. Install and Configure Wireless Security
Settings Wireless security is becoming very
important in the field of information security.
In this lesson, we learn Cryptographic protocols,
WiFi protected Access 2 (WAP2) and WiFi protected
access 3 (WAP3), Simultaneous Authentication of
Equals (SAE). We also cover Authentication
protocols, Extensible authentication protocol
(EAP), Protected Extensible Authentication
Protocol (PEAP), IEEE 802.1X. We understand the
Methods of configuring wireless security and
Installation considerations, WiFi Protected Setup
(WPS), Site surveys, WiFi analyzers, Wireless
access point (WAP) placement.




www.infosectrain.com sales_at_infosectrain.com
11
5. Implement Secure Mobile SolutionsIn this
lesson, we will understand the concept of
Connection methods and receivers. Inside this
concept, we cover Cellular, WiFi, Bluetooth, NFC,
Infrared, Point to Point, Point to multipoint. We
learn Mobile device management (MDM), Application
management, Content management, Remote wipe,
Geofencing, Screen lock, Biometrics, Storage
segmentation. We cover Deployment models, BYOD
(Bring your own device), Corporate-owned
personally enabled (COPE), Choose your own device
(CYOD), Virtual desktop infrastructure (VDI). 6.
Apply Cybersecurity Solutions to the CloudIn
this lesson, we will learn the use of Cloud
security controls, Cybersecurity solutions, and
Cloud-native controls vs third-party solutions.
In Cloud Security controls we will cover several
sub-topics like High availability across zones,
Storage, Network, Compute. And inside
Cybersecurity solutions, we cover Application
security, Next-generation secure web gateway
(SWG), Firewall considerations in a cloud
environment.




www.infosectrain.com sales_at_infosectrain.com
12
7. Implement Identity and Account Management
ControlsIn this lesson, we will learn 3 topics
Identity, Account types, and Account policies. In
the first topic Identity, we cover Identity
providers (IdP), know about Identity Attributes,
how the tokens are used, SSH keys, and Smart
cards. In the second topic, we cover types of
accounts, User account, Guest accounts, Service
accounts. Inside Account policies, we cover
Account permissions, Access policies, Password
complexity, Time-based logins, Account
audits. 8. Implement Authentication and
Authorization SolutionsIn this lesson, we will
learn Authentication management, Password keys,
Password vaults, TPM, Knowledge-based
authentication. We will cover Authentication/autho
rization, inside this topic we will understand
Challenge-Handshake Authentication Protocol
(CHAP), Password Authentication Protocol (PAP),
Terminal Access Controller Access Control System
Plus (TACACS), Kerberos, OpenID. We also cover
Access control schemes and their subtopics
Attribute-based access control (ABAC), Role-based
access control, Rule-based access control,
Privileged access management, Filesystem
permissions.




www.infosectrain.com sales_at_infosectrain.com
13
9. Implement Public Key InfrastructureIn this
lesson, we will cover the concept of Public key
infrastructure (PKI), Key management, 
Certificate authority (CA), Certificate
revocation list (CRL), use of Certificate
attributes, Online Certificate Status Protocol
(OCSP), Certificate signing request (CSR). We
learn types of certificates, Wildcard, Subject
alternative name, Code signing, Domain
Validation, Extended validation. We also cover
formats of certification and Concepts of
certification changing, Key escrow, online vs
offline CA. Learn Security With Us Infosec
Train is a leading provider of IT security
training and consulting organization. We have
certified and experienced trainers in our team
whom you can easily interact with and solve your
doubts anytime. If you are interested and looking
for live online training, Infosec Train provides
the best online security certification training.
You can check and enroll in our CompTIA Security
Online Certification Training to prepare for the
certification exam.




www.infosectrain.com sales_at_infosectrain.com
14
Professional-Level Certifications 1. AWS
Certified Solutions Architect
Professional This certification is a
professional degree of the AWS Certified
Solutions Architect Associate that furnishes
the candidates with capabilities of evaluating an
organizations requirements and making
architectural recommendations for implementing
and deploying applications on AWS. Aspirants must
possess a higher degree of technical skills and
experience in designing AWS-based applications.
It is also recommended to have two years of
practical experience in designing and deploying
cloud architecture on AWS and an understanding of
multi-application architectural design. Youll
get to learn about the finest approaches for
architecting and designing the applications on
AWS, choosing the appropriate AWS service for the
applications requirements, migrating the complex
application systems to AWS, understanding
cost-optimization plans, etc.




www.infosectrain.com sales_at_infosectrain.com
15
Exam details
Exam Pattern Multiple Choice Questions, Multiple-Answer
Number of Questions 75
Exam Duration 180 minutes
Exam Language English, Japanese, Korean, and Simplified Chinese
Prerequisites Qualified as AWS Certified Solutions Architect Associate




www.infosectrain.com sales_at_infosectrain.com
16
2. AWS Certified DevOps Engineer
Professional This certification is a
professional degree of the AWS Certified
Developer Associate. It is entirely about
provisioning, operating, and managing
applications on the AWS platform. It majorly
centers on Continuous Delivery (CD) and the
automation of processes and two fundamental
concepts of the DevOps movement. Aspirants must
have experience in provisioning and managing
AWS-based applications. It is also recommended to
have an in-depth knowledge of modern application
development like the agile development
methodology. Youll get to learn about the
current CD (Continuous Delivery) systems, setting
up, monitoring, and logging systems on AWS,
implementing highly available and scalable
systems on AWS, designing and managing tools that
allow the automation of production operations,
etc.




www.infosectrain.com sales_at_infosectrain.com
17
Exam details
Exam Pattern Multiple Choice Questions, Multiple-Answer
Number of Questions 80
Exam Duration 180 minutes
Exam Language English, Japanese, Korean, and Simplified Chinese
Prerequisites Qualified as AWS Certified Developer Associate




www.infosectrain.com sales_at_infosectrain.com
18
AWS certifications training with Infosec
Train Several global companies have observed
great success with AWS. Tech goliaths like
Facebook, LinkedIn, Netflix, etc., have applied
the benefits of AWS services to enhance their
business efficiency. Due to this widespread
usage, AWS professionals are in high demand and
highly paid in the market. Take your initial step
towards getting AWS certified by joining Infosec
Train, a leading IT security and cloud training
provider that will equip you with the most
in-demand skills to stay ahead in the job market.
Our highly skilled and certified trainers design
the entire action plan that will coach you
towards laying a strong foundation of AWS to
upskill your knowledge to the next level.




www.infosectrain.com sales_at_infosectrain.com
19
About InfosecTrain

• Established in 2016, we are one of the finest
  Security and Technology Training and Consulting
  company
• Wide range of professional training programs,
  certifications consulting services in the IT
  and Cyber Security domain
• High-quality technical services, certifications
  or customized training programs curated with
  professionals of over 15 years of combined
  experience in the domain

www.infosectrain.com sales_at_infosectrain.com
20
Our Endorsements
www.infosectrain.com sales_at_infosectrain.com
21
Why InfosecTrain
Global Learning Partners
Access to the recorded sessions
Certified and Experienced Instructors
Flexible modes of Training
Tailor Made Training
Post training completion
www.infosectrain.com sales_at_infosectrain.com
22
Our Trusted Clients
www.infosectrain.com sales_at_infosectrain.com
23
(No Transcript)
24
Contact us
Get your workforce reskilled by our certified and
experienced instructors!
IND 1800-843-7890 (Toll Free) / US 1
657-221-1127 / UK 44 7451 208413
sales_at_infosectrain.com
www.infosectrain.com