Implementation

This section covers Exam Objective 3 of the CompTIA Security+ SY0-701 exam. It focuses on the practical application of security concepts, including deploying secure protocols, implementing cryptography, and hardening systems.

🔐 Cryptography & PKI

Cryptography is the backbone of secure communication. You need to understand how to implement encryption standards and manage Public Key Infrastructure (PKI).

• ▸ Encryption Concepts: Understanding Symmetric (AES, ChaCha20) vs. Asymmetric (RSA, ECC) encryption and when to use each.
• ▸ Hashing & Signatures: Using hashing algorithms (SHA-256) for integrity and Digital Signatures for non-repudiation.
• ▸ PKI Components: Managing Certificates, Certificate Authorities (CA), CRLs, and OCSP for validating trust.

📡 Secure Protocols

Implementing secure protocols is essential for protecting data in transit. Key protocols include:

• ▸ SSH (Secure Shell): Secure remote administration replacing Telnet.
• ▸ SSL/TLS: Encrypting web traffic (HTTPS) and other communications.
• ▸ IPSec: Securing IP communications by authenticating and encrypting each IP packet of a communication session (VPNs).
• ▸ DNSSEC: protecting the Domain Name System from attacks like cache poisoning.

💻 Host & Application Security

Securing the endpoints and the applications running on them is a critical line of defense.

🌐 Secure Network Protocols

Beyond basic connectivity, implementing secure versions of network protocols ensures infrastructure integrity.

• ▸ SNMPv3: Secure network management with authentication and encryption.
• ▸ LDAPS: Lightweight Directory Access Protocol over SSL for secure directory services.
• ▸ SRTP: Secure Real-time Transport Protocol for voice and video traffic.
• ▸ FTPS/SFTP: Secure file transfer alternatives to unencrypted FTP.

📚 Additional Resources

• ▸ Practice Questions for Security+ Exam
• ▸ Official CompTIA Website