PKI Training

    PKI Training

    Course Date: Jun 21, 2021 - Jun 23, 2021

    $2,500.00

    PKI course is recommended for anyone using or managing certificates, designing or deploying a PKI enterprise solution, or evaluating & selecting a commercial PKI Technology Solution

    SKU: PKI001 Category:

    Description

    Planning a Public Key Infrastructure (PKI) can have a significant skill ceiling, as an organization’s authentication, encryption, and digital signing can depend on how the PKI is built. An organization needs a robust and secure PKI infrastructure to ensure security and privacy and meet regulations and compliance. Creating and managing a PKI requires ample knowledge about it, which Encryption Consulting brings along with the experience needed for organizations to have a custom solution for their needs.
    In our three days, PKI Training delivered online, In-person focusing on Microsoft Active Directory Certificate Service (ADCS) Training, customers will learn how to deploy or design PKI solutions in the enterprise.
    You will learn how to build a PKI on Windows Server 2019, focusing on areas such as integration with HSM, Two-tier PKI, Cloud PKI, and more.
    There is a strong emphasis on: PKI Governance, PKI Design best practices, Certificate Lifecycle Management process and PKI operations and hands-on skills lab
    Class Audience: Beginners, Intermediate, and Advanced

    Course Contents – DAY 1

    Module 01: Introduction to PKI

    • Introduction to Cryptography
    • Symmetric Encryption
    • Asymmetric Encryption
    • Hash Functions and Digital Signatures
    • Introduction to HSM
    • Introduction to PKI

    Module 02: Certificate Revocation and Chain Building

    This module will Give you a vital understanding of

    • Certificate Verification and Chain Building
    • Certificate Revocation Lists (CRLs)
      • Functionality
      • Design considerations
      • How to deal with revocation cache
      • Lab 1: Deploying 2 tier PKI
    • Online Certificate Status Protocol (OCSP)
    • Troubleshooting

    Course Contents – DAY 2

    Module 03: Deploy a Two-Tier PKI Hierarchy

    In this module, you will learn:

    • Define CAPolicy.inf for root Certification Authority (CA) and subordinate CA
    • Active Directory Certificate Services (AD CS) PowerShell cmdlets
    • Install and configure offline root CA
    • Publish root CA certificate and CRL to CDP and AIA URLs
    • Install and configure subordinate CA
    • Post-install health checks
    • CA Security
    • Lab 2: Deploying OCSP

    Module 04: Certificate Templates and Enrollment Methods

    This module covers the purpose of certificate templates. Configuration and management will be explained in addition to different enrollment methods. This module will give you an overview of:

    • Certificate Templates
    • Template Versions
    • Configuration of Templates
    • Enrollment methods

    Course Contents –DAY 3

    Module 05: Enhancements in Windows Server 2012 R2

    Windows Server 2019 and Windows 8 introduce a lot of new PKI-related features:

    • New installation and deployment features
    • New Server Core features
    • Enhanced RPC Security
    • ADCS Site Awareness for ADCS and PKI Clients
    • Support for Internationalized Domain Names (IDNs)
    • Template management and Version 4 templates
    • Group Protected PFX
    • Certificate Lifecycle Notification
    • Key-based renewal
    • Certificate renewal with same key
    • TPM Key Attestation
    • Policy module for NDES

    Module 06: Public Key Infrastructure (PKI) Maintenance & Availability Operations

    CA Operations

    • Offline CA Maintenance
    • CA Backup
    • Private Key Backup & Storage
    • CA Renewal
    • Maintenance Tasks on a Clustered CA

    Module 07: Cloud PKI Hierarchy

    In this module, you will learn:

    • Different PKI Hierarchy in Cloud PKI deployment
    • AWS Certificate Manager (ACM)
    • AWS Private Certificate Authority (CA)
    • CA Security considerations in Cloud
    Download the syllabus

    Certificate of Completion

    Every student that attends and completes the full training scoring 70% in the PKI exam will receive a certificate of completion. The certificate will allow student to qualify for ISC2 continuing education credit for annual CPE commitments.

    Onsite Training

    Along with online training courses, we also offer on-site training programs. We deliver a tailor made training program to fit your needs, and to address customization based on any additional training the customer needs.
    Contact Us

    Related products

    ×

    The private keys of the code-signing certificate can be stored in an HSM to eliminate the risks associated with stolen, corrupted, or misused keys.

    Client-side hashing ensures build performance and avoids unnecessary movement of files to provide a greater level of security

    The command line signing tool provides a faster method to sign requests in bulk

    Robust access control systems can be integrated with LDAP and customizable workflows to mitigate risks associated with granting wrong access to unauthorized users, allowing them to sign code with malicious certificates

    Support for customized workflows of an “M of N” quorum with multi-tier support of approvers

    Support for InfosSec policies to improve adoption of the solution and enable different business teams to have their own workflow for Code Signing

    Validation of code against UpToDate antivirus definitions for virus and malware before digitally signing it will mitigate risks associated with signing malicious code