PKI & TLS Security Implementation

3 Day Course
Hands On
Code QAPKI

Book Now - 1 Delivery Method Available:

Scheduled Virtual Onsite

Overview

Recent attacks against individuals and companies online have utilised known vulnerabilities in certificate management in order to spoof websites or gain trust to install malicious software without the user's knowledge. This 3 day workshop provides an opportunity for industry, research and academia communities, and government sectors, to have a broad overview of the use of encryption technology in Public Key Infrastructure and Transport Layer Security. This includes an analysis of the most prolific attacks against crypto systems.

This instructor-led event will combine lectures on the basics of encryption, the Encrypting File System currently used by Windows 7 and Windows 8, the creation of a PKI using a variety of software and looking at tools which can exploit flaws in the implementation of a PKI. The lectures will be complemented with extensive exercises using the software discussed.

Objectives

At the end of the workshop, delegate will have a good understanding of the fundamentals of cryptography and the concept of Public Key Infrastructure. Delegate will gain practical experience in Encryption File System, Web page encryption, Certificate Authority creation and configuration, and Certificate revocation. The practical exercises are used to consolidate the theory discussed throughout the workshop.

Target Audience

The course is intended for anyone who wishes to develop an understanding of the concepts behind public key infrastructure, transport layer security and their application in real life.

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.

Modules

Hide all

Basics of Cryptography (10 topics)

  • CIA Triad
  • History of cryptography
  • Real world application of cryptography
  • Block and Stream Ciphers
  • Symmetric encryption
  • Symmetric encryption algorithms
  • Asymmetric encryption
  • Cryptographic Signatures
  • hashing Algorithms
  • Windows password analysis

Introduction to Public Key Infrastructure (PKI) (4 topics)

  • Definition and PKI components
  • X.509 certificates
  • Certificate Signatures
  • Public Key Cryptography Standards (PKCS)

Disc Encryption (6 topics)

  • Disc Encryption technologies
  • Encrypting File System
  • BitLocker
  • Trusted Platform Modules
  • Attacking Disc Encryption
  • Investigating the Encryption File System: Encrypting and decrypting files with bitlocker

Installing Certificate Authority Hierarchy (10 topics)

  • Certificate of Authority (CA)
  • Types of Certification Authority
  • CA Hierarchy Design Guidelines
  • Root Certificate Authority
  • Analysis of problems with CA
  • Certification revocation
  • Installing an Offline Root Certification Authority
  • Installing and Issuing Certificate Authority
  • Administering certificate templates
  • installing an online responder

Transport Layer Security (TLS) (5 topics)

  • Securing Web sites
  • TLS traffic analysis (Wireshark)
  • Creating a TLS-enabled Web Site
  • Analysing TLS Traffic
  • Revoking a certificate

Prerequisites

The prerequisites for this workshop are attendance of the Information Security Fundamentals course, or equivalent knowledge.

Additional Learning

The courses below may help you meet the knowledge level required to take this course. If you are unsure please ask a training advisor .

  • Information Security Fundamentals

    A 5-day Training Course on Information Security Fundamentals that provides extensive hands-on experience with a variety of security software and techniques

    5 Day Course Hands On Training Course Code QASECFUND
    Scheduled Virtual Onsite

Course PDF

Print

Share this Course

+1
Share

Recommend this Course

Sections