Online Course
Apr 29, 2020 - Apr 30, 2020
1 Students Enrolled
Buy Now

To impart knowledge of the Public Key Infrastructure (PKI) and Hardware Security Modules (HSM), this course helps to build knowledge and skills with all of its features. There is a strong emphasis on

  • PKI Governance
  • PKI Design best practices,
  • Certificate Lifecycle management process
  • PKI Operations and hands-on skills labs.

PKI course is recommended for anyone using or managing Certificates , deploying or designing PKI solution in enterprise.

Class Audience: Beginners, INTERMEDIATE and ADVANCED.

Course Contents – DAY 1

Module 01: Introduction to PKI
  • Introduction to Cryptography
  • Symmetric Encryption
  • Asymmetric Encryption
  • Hash Functions and Digital Signatures
  • Introduction to HSM
  • Introduction to PKI
Module 02: Certificate Revocation and Chain Building
  • This module will
    • Give you a vital understanding of
      • Certificate Verification and Chain Building
      • Certificate Revocation Lists (CRLs)
        • Functionality
        • Design considerations
        • How to deal with revocation cache
        • Lab 1: Deploying 2 tier PKI
      • Online Certificate Status Protocol (OCSP)
    • Troubleshooting

Course Contents – DAY 2

Module 03: Deploy a Two-Tier PKI Hierarchy
  • In this module, you will learn:
    • Define CAPolicy.inf for root Certification Authority (CA) and subordinate CA
    • Active Directory Certificate Services (AD CS) PowerShell cmdlets
    • Install and configure offline root CA
    • Publish root CA certificate and CRL to CDP and AIA URLs
    • Install and configure subordinate CA
    • Post-install health checks
    • CA Security
    • Lab 2: Deploying OCSP
Module 04: Certificate Templates and Enrollment Methods
  • This module covers the purpose of certificate templates. Configuration and management will be explained in addition to different enrollment methods.
  • This module will give you an overview of:
    • Certificate Templates
    • Template Versions
    • Configuration of Templates
    • Enrollment methods

Course Contents – DAY 3

Module 05: Enhancements in Windows Server 2012 R2
  • Windows Server 2012 and Windows 8 introduce a lot of new PKI-related features:
    • New installation and deployment features
    • New Server Core features
    • Enhanced RPC Security
    • ADCS Site Awareness for ADCS and PKI Clients
    • Support for Internationalized Domain Names (IDNs)
    • Template management and Version 4 templates
    • Group Protected PFX
    • Certificate Lifecycle Notification
    • Key-based renewal
    • Certificate renewal with same key
    • TPM Key Attestation
    • Policy module for NDES
Module 06: Public Key Infrastructure (PKI) Maintenance & Availability Operations
  • CA Operations
    • Offline CA Maintenance
    • CA Backup
    • Private Key Backup & Storage
    • CA Renewal
    • Maintenance Tasks on a Clustered CA
Module 07: Cloud PKI Hierarchy
  • In this module, you will learn:
    • Different PKI Hierarchy in Cloud PKI deployment
    • AWS Certificate Manager (ACM)
    • AWS Private Certificate Authority (CA)
    • CA Security considerations in Cloud

Certificate of completion
Every student that attends and completes the full training scoring 70% in the PKI exam will receive a certificate of completion. The certificate will allow student to qualify for ISC2 continuing education credit for annual CPE commitments.