Course Overview

This one day course gives a broad but complete and thorough overview of all of the aspects of Certificate Services that every information worker and manager of information workers should know.

PKI technologies and architectures are often considered difficult topics to learn and grasp well. This class uses adult learning techniques and scenario based lessons to make PKI a fun and easy topic to learn and understand well.

Duration: 1 day (7-8 hours)


To ensure your success in Information Workers version of this security awareness class, you should possess basic computer user skills and a fundamental understanding of computer and internet concepts like how to use a web browser and email.

Price: $400

Schedule a Call

Who Should Attend

This course is intended for both novice and experienced IT Professionals, Network Administrators, Help Desk Personnel, Network Support Personnel, Desktop Support Personnel and Managers who oversee IT Personnel and Developers and any Information Worker using SSL, TLS, IPSec, any modern encryption, and trusted systems depending on authentication such as cloud products or mobile operating systems.

Course Objectives:

Upon successful completion of this course, students will be able to:
  • Understand the importance, use and architecture of single and two key technologies
  • Recognize the underlying technology of PKI that is implemented in almost all new IT systems
  • Become proficient in high level analysis of any system that relies on certificate services
  • Understand and implement secure methods of authentication through the use of good PKI policies
  • Effectively plan trust and certificate systems in your organization
  • Understand how to plan the best recovery systems for data and certificates
  • Be able to judge the best use of private and public trust systems
  • Know the basics of Active Directory Certificate Services
  • Understand the use of claims and SSO in cloud systems

Course Agenda:

Lesson 1:  Framework

  • What is PKI and why would we care?
  • What is x.500 and why would we care?
  • Using Hashes in everyday life.

Lesson 2:  Scenario Learning PKI

  • Learning PKI the easy way, scenario 1 browsers the web and an evil hacker
  • Learning PKI the easy way, scenario 2 Big Company and Little Company
  • Learning PKI the easy way, scenario 3 Digital Signing and the disgruntled employee

Lesson 3:  Configuring a basic PKI architecture

  • The most trusted CA
  • Managing certificates, templates and CRLs
  • The value of X.509

Lesson 4:  Configuring a medium to large PKI architecture

  • The offline root and HSMs
  • Building a trust chain
  • Active Directory, X.500 and GPOs

Lesson 5:  Key and certificate management long term

  • Data recovery (DRA)
  • Key recovery (KRA)
  • CA recovery and retirement
  • CRL Management
  • What are wildcards?
  • Use of signed and unsigned certificates
  • How certificates are used with federated systems and other SSO designs
  • How certificates can be used with claims based authentication and authorization

Schedule a Call