pki

Security University - PKI II - "PKI Exposed" About Us About CNSS Who We Are News Events Partners Classifieds 8570 CNSS GI Bill GSA CISSP Q/ISP QSA Qualified Security Analyst & Pen Tester QPT Qualified Penetration Tester License QEH Qualified Ethical Hacker/Defender QEP Qualified Edge Protector QFE Qualified Forensic Expert Q/IAP QAAP Qualified Access, Authentication, PKI Pro QSP Qualified Security Policy Admin & SOA Security Architect QCA Qualified Security Certification & Accreditation Q/SSE Qualified SW Security Expert 5-Day Bootcamp Qualified SW Security Penetration Testing Qualified SW Testing Bootcamp How to Break Web Security How to Break Software Code Fundamentals of Secure Software Programming Qualified SW Security Hacker Qualified SW Security Testing Best Practices Introduction to Reverse Engineering Q/WAD EC-Council CEH EC Council Ethical Hacking Certification ECSA EC Council Security Analyst LPT License Penetration Tester CHFI Computer Hacking Forensic Investigator On-Site Qualified Security Analysis & Pen Testing Qualified Ethical Hacking Specialty Training Intro Classes Online Virginia California Access, Authentication and PKI Professional PKI II “PKI Exposed” You will learn how to: Build a PKI to secure Internet and applications Evaluate security policy requirements for your enterprise PKI Identify PKI components based on standards Design PKI trust architectures Integrate public key certificates into applications Enhanse your security with your PKI implementation Course benefits: A public key infrastructure (PKI) is an increasingly critical component for ensuring confidentiality, integrity and authentication in an enterprise. This hands-on course provides essential knowledge and skills needed to select, design and deploy a PKI to secure existing and future applications within your organization. Web and other forms of E-Commerce introduce awhole new group of information security challenges. Traditional password authentication, access controls and network perimeter security safeguards often fall short in a dynamic mobile business environment. Data traveling over untrusted networks must be protected by encryption methods that are highly dependent on flexible and robust key management schemes. In this comprehensive, five-day hands-on course, you’ll learn how to plan, evaluate, develop, and implement a successful enterprise network security framework using Public Key Infrastructure (PKI), authentication, identity, and access authorization systems. Upon completion of the class, you’ll have all the experience, confidence, and tools you need to plan Certificate Policy & Certificate Practice Statements and execute a fully integrated PKI, enterprise-wide encryption, authentication and identity plan. Key topics: • PKI needs assessment • Verifiy PKI Trust Concepts • Is it Access & Identity or Encryption you really need? • Understanding Encryption options • Top 10 PKI obstacles • Securing Mail with S/MIME • Install multiple trusted certificate servers in hands-on labs • Build Certificate Policies and Certificate Practice Statements • Recovering a Private key from Microsoft CA • Creating specific certificate OIDs • Cross Certifying with a Bridge CA • Configuring PKI Assurance Hierarchies • Install HSPD -12 PIV, Smart Cards, Smart Tokens, and Biometrics • Product comparisons and demonstrations • Avoiding PKI pitfalls Who should attend: Information Security Officers and Managers, PKI designers, technical managers overseeing security, and those responsible for developing enterprise security policie, Information Systems Administrators and Auditors, Network Administrators, Information Assurance Consultants, Systems and Data- Security Analysts, Project Managers. Course Fee: $2,995 Time: 8:30am - 4:30pm Location: Click here to view the course schedule Learning Level: Basic to Advanced Prerequisites: TCP/IP and network basics CPE Credits: 40 Instructor: Sondra Schneider Throughout this course, you gain extensive hands-on experience planning, designing and building a PKI Course agenda: Introduction to Cryptography PKI Cryptography Essentials Identifying approaches to cryptography Symmetric and asymmetric ciphers Generating hash collisions Authenticating via zero knowledge proof Improving with K-of-N authentication Enforcing non-repudiation with digital signatures From PGP (Pretty Good Privacy) to using digital signature certificates. You’ll learn what cryptography is, what it can and can’t do, and how and when you’ll want to use it. Network Security Refresher Network Defense and Countermeasure Penetration Testing Transmission Security Security Roles and Responsibilities Trust in a Digital World Establishing trust through credentials Verifying trust with a trusted third party Securing the Private key Selecting Cryptographic Service Providers Protecting with Data Protection API Securing with physical smart cards and Hardware Security Model (HSM) Public Key Infrastructure An in-depth look at all the elements and applications of PKI — including the top 10 PKI deployment issues and how to handle them in ways that work for your organization. Establishing PKI Policies Creating a Certificate Policy (CP) Identifying with an object identifier (OID) Obtaining an OID Selecting Microsoft Application Policies Certification Practice Statements (CPS) Upholding the CA policies Standardizing provisions for CP/CPS Contrasting CP vs. CPS Authenticating with PKI Credentials Inside PKI X.509v3 Certificates Interoperating with industry profiles Setting certificate lifetimes Controlling access with attribute certificates Enrolling Cisco devices with SCEP HSPD-12 tools– In an effort to better secure federal resources and reduce the potential for terrorist attacks, Homeland Security Presidential Directive 12 (HSPD-12) has set an October 2006 deadline for agencies to adopt identity and access management controls and procedures intended to establish the reliability of employees and contractors and prevent unauthorized access to government facilities and systems. The goal of HSPD-12 is to require federal agencies to adopt a standard, secure, and reliable identification card (the “PIV card”) for employees and contractors – and to ensure that it's only issued only to intended individuals. Certificates and Signatures When are certificates and signatures used? How do they differ? All questions and issues are answered here. • Signatures vs. certificates • Digital signatures — definitions, applications, and how they work • Certificate structures • Authentication • Access control • Integrity • Non-repudiation Certification Authorities and Directories The ins and outs of CAs and directories, with special emphasis on the challenges inherent in managing multiple CA environments and the role of PKI. • Roles and responsibilities of Certificate Authorities (CAs) • Registration and certification process • Directories defined • Certificate management • Certificate value • Cross certification • Key recovery Leveraging certificates in applications SSL IPsec S/MIME Registration Authority (RA) Interfacing with PKCS & PKIX standards Contrasting online RA vs. offline RA Linking with PKI Repository Identifying with distinguished names Accessing the X.500 directory with LDAPv3 Choosing LDAP chaining or referrals X.509v2 Certificate Revocation List (CRL) Timeliness and scalability solutions Selecting complete or delta CRL Publishing CA certificates and CRLs Validating certificates with OCSP Validating entity certificate Forming a certificate chain Locating the Trust Anchor Matching CA Certificates Validating via path processing Building a hierarchical trust model Distributing trust to subordinate CAs Increasing security with offline root Issuing CA vs intermediate CA Defining CPS with a policy CA Restricting with Qualified Subordination Constraining trust to subordinates Mapping policies with peer CAs Path processing a Certificate Trust List chain Product Comparisons and Demonstrations The information and answers you need to choose the products that match both your strategic objectives and your existing infrastructure. • Comparison matrix • Middleware products • Multiple product demos • Outsourcing CA hosting Overcoming Pitfalls in Public Key Encryption and Certificate Management A look at where a PKI strategy or deployment could go wrong — and how to steer clear. • Underestimating the complexity of a PKI rollout • Challenges associated with encryption • Key management Case Studies Putting all the learning to work with an examination of how PKI and CAs have been used in real organizations — what went right, and what went wrong. Deploying a PKI How to effectively translate well-conceived strategy into smooth-running PKI reality. • The mode l • Deployment success factors • Technological challenges • Non-technological challenges • Deployment approach • Typical PKI deployment team • Deployment tools Course Labs and Exercises • Lab I — Encryption and Digital Signing • Lab II — Netscape CMS installation to network • Lab III — MS installation to network -manual & auto key archival • Lab IV — Entrust and other CA installations • Lab V — Smart Cards and Biometrics • Team Exercises — Creating a PKI framework, policies and OIDs • Discussions — PKI enabling user applications and Risk Management *Course fees are subject to change Top View Class Schedule More Introduction Courses Current Schedule SU Policies Webmaster Contact Us Opt-Out Testimonials Advertise Brochure Copyright © 2008 Security University, Inc. All rights reserved. Translate this page to English to German English to Spanish English to French English to Italian English to Portuguese Français разделы здание лмк катетер перегородка сантехкабин вызов водитель snr roulements планирование день дермато-венеролог купить элеваторный узел зеркало багуа клеить 88 люкс доставка окон интеллектуальный электросчетчик сборщик долг купить раструб выборочный лак купить яйцеварку квн позитивный психология проект электропроводка ванна моечный зона ограничение доступ мэш сервер hp зал аэробика кулер комп антенна радиочастотный сбор д/полоскания горло зубной боль очки защитный педагогика психология купить ломтерезку внешний антенна экг сервис зубной протез помидор купля dect desktop ножной пластырь силуэт слимент лифт портативный радиостанция рак кишка договор суррогатный мать гуп ритуал фарфор подшипниковый узел pki