CompTIA Security SY0-601 Domain 3 Implementation
                     CompTIA Security+ SY0-601 
Domain 3: Implementation 
www.infosectrain.com | [email protected]
www.infosectrain.com | [email protected]
Security+SY0-601 Domains
Security + new exam version is SY0-601. In this new version, we have 5 domains:
www.infosectrain.com | [email protected]
• Domain 1.0: Attacks, Threats, and Vulnerabilities (24%)
• Domain 2.0: Architecture and Design (21%)
• Domain 3.0: Implementation (25%)
• Domain 4.0: Operations and Incident Response (16%)
• Domain 5.0: Governance, Risk, and Compliance (14%)
In this blog, we discuss domain 3.0 Implementation.
Implementation
For a company’s security program, implementation is critical. It is the 
point at which a security system or technology comes into being, a 
new security effort is nothing but a collection of thoughts on a 
document if it isn’t put into action. In this domain, we cover 9 
objectives and their subtopics.
The objectives covered in security+ domain 3.0 are listed below.
www.infosectrain.com | [email protected]
1.Implement Secure Protocols
2.Implement Host or Application Security Solutions
3.Implement Secure Network Designs
4.Install and Configure Wireless Security Settings
5.Implement Secure Mobile Solutions
6.Apply Cybersecurity Solutions to the Cloud
7.Implement Identity and Account Management Controls
8.Implement Authentication and Authorization Solutions
9.Implement Public Key Infrastructure
www.infosectrain.com | [email protected]
1. Implement Secure Protocols
Cyber attackers can take advantage of insecure protocols to damage data 
security and the integrity of systems. In this lesson, you’ll learn about some 
of the protocols and services that provide network hosts with addressing, 
name resolution, and monitoring. These protocols aren’t as visible as apps 
like web servers and email servers, but they’re essential for securing 
networks.
This lesson covers two parts: Protocols and Use case. Inside Protocols we 
learn Domain Name System (DNS), DNS Security Extensions (DNSSEC), 
Secure Real-time Transport Protocol (SRTP), File Transfer Protocol (FTPS), 
SSH File Transfer Protocols (SFTP), Understand Simple Network 
Management Protocol (SNMP) framework, Hypertext Transfer Protocol 
(HTTP), we can cover email service protocols, secure POP3 (Post Office 
Protocol v3), Secure IMAP (Internet Message Access Protocol v4). We 
understand Internet Protocol Security (IPSec) and its 2 Protocols:
www.infosectrain.com | [email protected]
•Authentication Header (AH)
•Encapsulation Security Payload (ESP)
In Use case part we learn how security protocols work inside this we cover:
•Voice and Video
•Time Synchronization
•Email and Web
•File Transfer
•Directory Services
•Remote Access
•Domain Name Resolution
•Routing and Switching
•Network Address Allocation
•Subscription Services
www.infosectrain.com | [email protected]
2. Implement Host or Application Security Solutions
This lesson is concentrated on which security solutions are 
implemented for various hosts and applications. Inside this lesson, 
we cover Endpoint Protection, Boot Integrity, Application Security, 
Hardening.
In Endpoint Protection we can understand Antivirus and Anti-
Malware, NGFW (Next-generation firewall), Host-based intrusion 
detection system (HIDS),  Endpoint detection and response (EDR), 
Data Loss Prevention (DLP). Boot Integrity covers Boot Security, 
Unified Extension Firmware Interface (UEFI), work of Measured boot 
and Boot Attestation.
Inside Application security we learn Input Validation, Secure Cookies, 
HTTP Headers, we understand Allow list, Block list, Dynamic Code 
analysis.
www.infosectrain.com | [email protected]
3. Implement Secure Network Designs
Networks are as prevalent in the business as computers 
themselves. As a result, understanding secure network designs 
is essential for creating a protected network for your company. 
In this lesson we understand the working of Load balancing, 
Network segmentation, Virtual local area network (VLAN), we 
learn the difference between Extranet and Intranet. Cover the 
working of VPN (Virtual Private Network), DNA, also cover 
Network access control (NAC), Access control list (ACL). We will 
also understand the use of Port security.
www.infosectrain.com | [email protected]
4. Install and Configure Wireless Security Settings
Wireless security is becoming very important in the field of 
information security. In this lesson, we learn Cryptographic 
protocols, WiFi protected Access 2 (WAP2) and WiFi protected 
access 3 (WAP3), Simultaneous Authentication of Equals (SAE). 
We also cover Authentication protocols, Extensible 
authentication protocol (EAP), Protected Extensible 
Authentication Protocol (PEAP), IEEE 802.1X. We understand 
the Methods of configuring wireless security and Installation 
considerations, WiFi Protected Setup (WPS), Site surveys, WiFi 
analyzers, Wireless access point (WAP) placement.
www.infosectrain.com | [email protected]
5. Implement Secure Mobile Solutions
In this lesson, we will understand the concept of Connection methods and 
receivers. Inside this concept, we cover Cellular, WiFi, Bluetooth, NFC, 
Infrared, Point to Point, Point to multipoint. We learn Mobile device 
management (MDM), Application management, Content management, 
Remote wipe, Geofencing, Screen lock, Biometrics, Storage segmentation. We 
cover Deployment models, BYOD (Bring your own device), Corporate-owned 
personally enabled (COPE), Choose your own device (CYOD), Virtual desktop 
infrastructure (VDI).
6. Apply Cybersecurity Solutions to the Cloud
In this lesson, we will learn the use of Cloud security controls, Cybersecurity 
solutions, and Cloud-native controls vs third-party solutions. In Cloud Security 
controls we will cover several sub-topics like High availability across zones, 
Storage, Network, Compute. And inside Cybersecurity solutions, we cover 
Application security, Next-generation secure web gateway (SWG), Firewall 
considerations in a cloud environment.
www.infosectrain.com | [email protected]
7. Implement Identity and Account Management Controls
In this lesson, we will learn 3 topics: Identity, Account types, and Account 
policies. In the first topic Identity, we cover Identity providers (IdP), know 
about Identity Attributes, how the tokens are used, SSH keys, and Smart 
cards. In the second topic, we cover types of accounts, User account, Guest 
accounts, Service accounts. Inside Account policies, we cover Account 
permissions, Access policies, Password complexity, Time-based logins, 
Account audits.
8. Implement Authentication and Authorization Solutions
In this lesson, we will learn Authentication management, Password keys, 
Password vaults, TPM, Knowledge-based authentication. We will cover 
Authentication/authorization, inside this topic we will understand Challenge-
Handshake Authentication Protocol (CHAP), Password Authentication 
Protocol (PAP), Terminal Access Controller Access Control System Plus 
(TACACS+), Kerberos, OpenID. We also cover Access control schemes and 
their subtopics Attribute-based access control (ABAC), Role-based access 
control, Rule-based access control, Privileged access management, Filesystem 
permissions.
www.infosectrain.com | [email protected]
9. Implement Public Key Infrastructure
In this lesson, we will cover the concept of Public key infrastructure (PKI), 
Key management,  Certificate authority (CA), Certificate revocation list (CRL), 
use of Certificate attributes, Online Certificate Status Protocol (OCSP), 
Certificate signing request (CSR). We learn types of certificates, Wildcard, 
Subject alternative name, Code signing, Domain Validation, Extended 
validation. We also cover formats of certification and Concepts of 
certification changing, Key escrow, online vs offline CA.
Learn Security+ With Us
Infosec Train is a leading provider of IT security training and consulting 
organization. We have certified and experienced trainers in our team whom 
you can easily interact with and solve your doubts anytime. If you are 
interested and looking for live online training, Infosec Train provides the best 
online security+ certification training. You can check and enroll in our 
CompTIA Security+ Online Certification Training to prepare for the 
certification exam.
www.infosectrain.com | [email protected]
Professional-Level Certifications
1. AWS Certified Solutions Architect – Professional
This certification is a professional degree of the ‘AWS Certified 
Solutions Architect – Associate’ that furnishes the candidates 
with capabilities of evaluating an organization’s requirements 
and making architectural recommendations for implementing and 
deploying applications on AWS. Aspirants must possess a higher 
degree of technical skills and experience in designing AWS-based 
applications. It is also recommended to have two years of 
practical experience in designing and deploying cloud 
architecture on AWS and an understanding of multi-application 
architectural design. You’ll get to learn about the finest 
approaches for architecting and designing the applications on 
AWS, choosing the appropriate AWS service for the application’s 
requirements, migrating the complex application systems to 
AWS, understanding cost-optimization plans, etc.
www.infosectrain.com | [email protected]
Exam details
Exam Pattern Multiple Choice Questions, Multiple-
Answer
Number of Questions 75
Exam Duration 180 minutes
Exam Language English, Japanese, Korean, and 
Simplified Chinese
Prerequisites Qualified as AWS Certified Solutions 
Architect – Associate
www.infosectrain.com | [email protected]
2. AWS Certified DevOps Engineer – Professional
This certification is a professional degree of the ‘AWS Certified 
Developer – Associate.’ It is entirely about provisioning, 
operating, and managing applications on the AWS platform. It 
majorly centers on Continuous Delivery (CD) and the automation 
of processes and two fundamental concepts of the DevOps 
movement. Aspirants must have experience in provisioning and 
managing AWS-based applications. It is also recommended to 
have an in-depth knowledge of modern application development 
like the agile development methodology. You’ll get to learn about 
the current CD (Continuous Delivery) systems, setting up, 
monitoring, and logging systems on AWS, implementing highly 
available and scalable systems on AWS, designing and managing 
tools that allow the automation of production operations, etc.
www.infosectrain.com | [email protected]
Exam details
Exam Pattern Multiple Choice Questions, Multiple-
Answer
Number of Questions 80
Exam Duration 180 minutes
Exam Language English, Japanese, Korean, and 
Simplified Chinese
Prerequisites Qualified as AWS Certified Developer – 
Associate
www.infosectrain.com | [email protected]
AWS certifications training with Infosec Train
Several global companies have observed great success with AWS. 
Tech goliaths like Facebook, LinkedIn, Netflix, etc., have applied 
the benefits of AWS services to enhance their business efficiency. 
Due to this widespread usage, AWS professionals are in high 
demand and highly paid in the market. Take your initial step 
towards getting AWS certified by joining Infosec Train, a leading 
IT security and cloud training provider that will equip you with the 
most in-demand skills to stay ahead in the job market. Our highly 
skilled and certified trainers design the entire action plan that will 
coach you towards laying a strong foundation of AWS to upskill 
your knowledge to the next level.
www.infosectrain.com | [email protected]
About InfosecTrain
• Established in 2016, we are one of the finest 
Security and Technology Training and 
Consulting company
• Wide range of professional training programs, 
certifications & consulting services in the IT 
and Cyber Security domain
• High-quality technical services, certifications 
or customized training programs curated with 
professionals of over 15 years of combined 
experience in the domain
www.infosectrain.com | [email protected]
Our Endorsements
www.infosectrain.com | [email protected]
Why InfosecTrain Global Learning Partners
Certified and Flexible modes Access to the 
Experienced Instructors of Training recorded 
sessions
Post training Tailor Made 
completion Training
www.infosectrain.com | [email protected]
Our Trusted Clients
www.infosectrain.com | [email protected]

Contact us
Get your workforce reskilled 
by our certified and 
experienced instructors!
IND: 1800-843-7890 (Toll Free) / US: +1 657-221-
1127  / UK : +44 7451 208413
[email protected]
www.infosectrain.com