1-800-THE-TREE (1-800-843-8733)
TRAINING YOU CAN TRUST
 
 

PKI: A Comprehensive Hands-On Introduction

 
Course: 586   Type: Hands-On Training   Duration: 4 Days
 
 

You Will Learn How To

  • Build a Public Key Infrastructure (PKI) to secure Internet, intranet and extranet applications
  • Identify functionality of PKI components based on standards
  • Design PKI architectures to support different trust models
  • Integrate public key certificates into a range of PKI applications
  • Constrain trust among PKIs with qualified subordination
  • Evaluate policy requirements for your enterprise PKI

Course Benefits

A public key infrastructure (PKI) is a critical component for ensuring confidentiality, integrity and authentication in an enterprise. This hands-on course provides essential knowledge and skills needed to select, design and deploy a PKI to secure existing and future applications within your organization. You also learn to link your PKI to other organizations and enable secure communications.

Who Should Attend

PKI designers, technical managers overseeing security and those responsible for developing enterprise security. Anyone connecting a PKI to an external Certification Authority (CA), a bridge or another organization's PKI will also benefit.

Hands-On Training

You gain extensive hands-on experience planning, designing and building a PKI. Exercises include:
  • Setting up an RA to issue certificates to the Entrust Entelligence PKI client
  • Creating custom certificate content
  • Building an Entrust Root CA and connecting to an X.500 directory
  • Cross-certifying with a Bridge CA
  • Constraining trust among PKIs
  • Securing communications with S/MIME, SSL and IPsec
  • Establishing a Microsoft SCA under an Entrust Root CA
  • Authenticating with a smart card
  • Configuring Microsoft compatibility in Entrust CA

Related Courses

  

Upcoming Dates


For complete schedule, please visit www.learningtree.com
 
http://www.learningtree.com/courses/586pf.htm
 
 
1-800-THE-TREE (1-800-843-8733)
TRAINING YOU CAN TRUST
 
 

PKI: A Comprehensive Hands-On Introduction

 
Course: 586   Type: Hands-On Training   Duration: 4 Days
 
 
Course 586 Content
 

Trust in a Digital World

Establishing trust

  • Instigating trust through credentials
  • Verifying with a trusted third party

Implementing trust with cryptography

  • Selecting symmetric and asymmetric algorithms
  • Encrypting with modulo arithmetic
  • Visualizing the Diffie-Hellman algorithm
  • Enforcing non-repudiation with digital signatures

Securing PKI

Ensuring strong authentication

  • Authenticating via zero knowledge proof
  • Enforcing access with M-of-N authentication
  • Requiring multifactor authentication with smart cards

Securing the private key

  • Protecting with the Data Protection API
  • Examining key storage in the user profile
  • Prevent tampering with the Hardware Security Module (HSM)

Ensuring persistence of credentials

  • Auto-archiving the encryption private key
  • Utilizing a key recovery agent
  • Solving deniability with dual-key support

Authenticating with PKI Credentials

Inside PKI X.509 v3 Certificates

  • Interoperating with industry profiles
  • Setting certificate lifetimes
  • Controlling access with attribute certificates
  • Enrolling Cisco devices with SCEP

Customizing certificate templates

  • Creating new certificate fields
  • Implementing policies in templates

Leveraging certificates in applications

  • Securing Web traffic with SSL
  • Setting up a Virtual Private Network (VPN) with IPsec
  • Sending e-mail securely with S/MIME

Establishing Certificate Policy (CP)

  • Identifying with an Object Identifier (OID)
  • Selecting Microsoft application policies
  • Upholding Certification Practice Statements (CPS)
  • Standardizing provisions for CP/CPS

Dissecting PKI Components

Trusting a Certification Authority (CA)

  • Rolling over a CA certificate lifetime
  • CA disaster recovery

Registration Authority (RA)

  • Interfacing with PKCS and PKIX standards
  • Contrasting online RA vs. offline RA

Connecting to the PKI Repository

  • Identifying with a distinguished name (DN)
  • Accessing the X.500 directory with LDAP v3

X.509 v2 Certificate Revocation List (CRL)

  • Selecting complete, delta or partitioned CRL
  • Publishing CA certificates and CRLs
  • Authenticating certificates with OCSP

Validating an entity certificate

  • Forming a certificate chain
  • Locating the Trust Anchor
  • Confirming via path processing

Designing Trust Architectures

Building an enterprise hierarchical trust model

  • Distributing trust to subordinate CAs
  • Increasing security with an offline root CA
  • Designating CAs: Issuing, intermediate or policy

Linking with a distributed trust model

  • Extending trust with cross-certification
  • Controlling trust transitivity with path length

Restricting trust with Qualified Subordination

  • Constraining names and policies
  • Mapping equivalent policies with peer CAs
  • Path processing a Certificate Trust List

Integrating with a Bridge CA

  • Centralizing trust policy relationships
  • Introducing the Federal Bridge CA (FBCA)

Interfacing with Microsoft PKI

  • Enterprise CA vs. Standalone CA
  • Delegating Common Criteria roles
 
http://www.learningtree.com/courses/586pf.htm
 
 
1-800-THE-TREE (1-800-843-8733)
TRAINING YOU CAN TRUST
 
 

PKI: A Comprehensive Hands-On Introduction Tuition

 
Course: 586   Type: Hands-On Training   Duration: 4 Days
 
 

Course Tuition
$ 2,650 Standard Tuition
Tuition with a Savings Plan
$ 1,660 10-Day Pass
$ 1,665 Training Passport
$ 1,830 Flex-Pass
$ 2,095 Voucher 10-Pack
$ 2,385 Alumni Gold Discount
$ 2,360 Government Discount
 

 

Your Course Tuition Entitles You To...

  • Class participation
  • Team workshops
  • Use of in-class hands-on equipment
  • Comprehensive course materials
  • Morning and afternoon refreshments
  • Course Completion Certificate awarding Continuing Education Units
  • FREE participation in Professional Certification
  • FREE participation in College Credit programs (including related exams)
  
 

Tuition Savings Plans

Training Passport
  • 3 courses in 12 months
  • As little as $1,665 per course
  • Savings as much as 40%
  • Only $4,990
Flex Pass
  • 3 courses in 24 months
  • As little as $1,830 per course
  • Save as much as 35%
10-Day Pass
  • A NEW way to save on training
  • 10 days of training for one person
  • Save as much as $990 per course
  • Only $4,150
Training Vouchers
  • Save as much as $950 per course
  • Fully transferable
  • As low as $2,095 per course
Alumni Gold Discount Attend your first course and you'll receive a personalized Alumni Gold Discount card, entitling you to save as much as $295 on each course you take within the following 12 months. Take just one course each year and you'll be entitled to ongoing discounts...year after year!

Your Guarantee of Satisfaction

Unless you feel 100% satisfied that Learning Tree delivered even more than you expected, there is no fee for your course attendance. Our Guarantee of Quality lets you experience the value of the course--and then pay only if you feel the course was well worth the tuition.

Enrolling is Easy and Flexible!

Enroll by phone or online. If your plans change, just let us know and, without a fee, you can transfer to another course or cancel your enrollment. Pay after you've taken the course, and then only if you are 100% satisfied.
 
http://www.learningtree.com/courses/586pf.htm