Introduction to PKI
- Basic Security Concepts
- Public Key Infrastructure Defined
- Digital Certificates and Signatures
- Smart Cards
- PKI Standards
- Basic cryptography
- Uses of Cryptography
- History of Cryptography including early methods
- Symmetric and Asymmetric Encryption plus Algorithms
- Diffie-Hellman Key Generation
- Hashing for Integrity plus Algorithms
- Cryptographic Functions
- Hashing
- Cryptographic Keys
- Key Types
- Key Lengths
Practical uses for encryption and associated issues
Signed and Encrypted Email using S/MIME and PGP Secure connections to websites Digitally signing PDFs Encrypting files Encrypting hard drives Encrypting “containers” SSL, VPN and Wireless PKI and Cloud Computing Attacks on Encryption Certificate Authorities Public v Private CAs Regulations governing CAs CA Certificate Policies Types of Certificates Provided CA Hierarchies Certificate Authority Operations Certificate expiration Certificate revocation
Certificate Revocation Lists (CRL)
- Base and Delta CRL Overview
- CRL Overlap
- Design Principles
Online Certificate Status Protocol (OCSP)
- Key recovery
- Installing a CA and issuing certificates
Smart Card Logon
- Smart Card Concept
- Working and Logon Process in Detail
SSL in Detail
- Working of SSL using Network Traces
- Troubleshooting of SSL issues
- Discuss some common error codes
Certificates & Certificate Stores
- Digital Certificates
- Keypairs
- Windows Certificate Stores
Lab : Deploy a 2-tier PKI
- Certificate Validation
- Chain Building
- Revocation checking
- Troubleshooting Tools and Techniques
Lab : Online Certificate Status Protocol
- Overview
- OCSP Process
- Limitations
- Design Configurations
- Weaknesses
Enterprise Templates
- Overview
- Template Schema Versions
- Template Properties
- Template Configuration Versioning
Certificate Enrollment Types
- Enrollment Overview
- Certificate Authority Web Enrollment (CAWE)
- Cross Forest Enrollment
Automated Certificate Enrollment
- Certificate Autoenrollment Overview
- Group Policy Settings
- Autoenrollment Processes
- Troubleshooting
Certificate Enrollment Web Services (CES/CEP) and NDES (SCEP)
- Overview
- Infrastructure Requirements
- Installation & Configuration
- Troubleshooting
- Common ADCS Mistakes
- ADCS Known Issues
- Troubleshooting CA Issues
- ADCS Debug Logs
- ADCS Configuration
- Certutil
- Hands on with OpenSSL
- Summary and Closing