LIVE Instructor-Led Courses
Dismiss

SSL/TLS & Internet PKI "in Practice" training course

Tools and Practical Tips to Secure Your Network Communications With SSL/TLS & Internet PKI Technologies

JBI training course London UK

"The trainer is really engaging and super knowledgeable! The course is very interesting and all the content feels very useful and relevant, definitely no filler. I feel like I have a much better understanding of TLS and Internet PKI as a result, and the practical segments really help cement the understanding. Great course!"

HW, Senior Software Engineer, SSL/TLS, April 2021

TAILOR-MADE
Enquire & get a quote
PUBLIC COURSES
Next on 18 Jul - see prices
JBI training course London UK

  • Introduction: Cryptography, SSL/TLS, PKI
  • SSL/TLS in the wild (bugs, attacks)
  • SSL/TLS and tools
  • Installation: openssl
  • Installation: other tools
  • Tools usage & problems
  • Lab with examples and exercises
  • Countermeasures, best practices, discussions

Introduction to Cryptography

Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. We will consider the essentials of Cryptography to give delegates a sound foundation for the rest of the course.

* CIA - Confidentiality, Integrity, Authentication

 * Trust and Cryptography: Alice and Bob

 * Cryptography Mathematics

 * Block and Stream Algorithms

 * Symmetric and Asymmetric Encryption

 * Hashing

 * Signing and encryption

 * Cipher Suite

### Demos and practicals ###

Introduction to SSL/TLS

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as "SSL", are cryptographic protocols that provide communications security over a computer network. 

This section will explain how cryptography and encryption in SSL is used to provide confidentiality, integrity and authenticity of the data transmitted.

 * TLS Handshake (client - server)

 * Trust: What to check?

 * Cryptography: What to check?

 * Applications: What to check?

### Demos and practicals ###

Introduction to PKI

 A public key infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption.

* Trust and Certificates

 * Certificate Authorities

 * Certificate Revocation List and OCSP

### Demos and practical ###

Overview of Bugs, Attacks, Problems

 In this section of the course we will discuss some of the real world issues that you can expect to encounter in a typical Enterprise environment.

* Problems and Attacks: Where? What?

 * Attacks SSL handshake protocol

 * Attacks SSL data protocol

 * Attacks TLS

 * Attacks PKI

 * Exploits 1998 .. 2016

 * SSL/TLS Problems

 * Attacks by example (BEAST, CRIME, Heartbleed, LogJam, PUDDLE, DROWN, ...)

### Demos and practicals ###

Further Considerations

 * What to do?

 * Can tools help?

### Demos and practicals ###

Tools

 A range of practical tools are available to help Engineers check for and help prevent attacks. In this section we will take a close look at some of these, including pros and cons.

* Overview and Functionality

 * Online tools

 * CLI tools

 * Types of tools

 * Comparison and Traps

 ### Demos and practicals ###

* Exercise: analyse-ssl.pl, nmap, openssl, o-saft.pl, stunnel, sslmap.py,  sslscan, sslyze.py, testssl.sh

Tools Installation

It is often a challenge to use tools in development and for checking configurations or applications, in particular when there are legacy systems involved. Using the most up-to-date software is not always a wise choice. This section will describe some problems with tools and show how to install tools properly.

 * What you need to know before installing

 * How to install your tools

 * OpenSSL: Quick Overview

 * Perl modules

 * Usage examples: nmap, openssl, O-Saft

### Demos and practicals ###

Measures, Best Practices

With the benefit of experience gained in the real world, we will provide delegates with some sound skills including tips and tricks of how to best implement the technology and tools in the Enterprise.

 * In general

 * Secure Server Design

 * Server Certificate and Protocol

 * Secure Client's Privacy

 * Configuration: Protocol

 * Configuration: Cipher Suite

 * Configuration: Certificate

 * Configuration: Web Server

   * HSTS, CSP, Cookie

### Demos and practicals ###

Programming

Writing secure and robust software is difficult, even for developers  with a lot expertise. This section will outline some principles for writing secure code. It will show general recipes for developers and                administrator operating secure servers.

 * Principles, In general

 * Principles: Data Validation

 * Principles: Certificate

 * Principles: PKI

 * Principles: Libraries and Frameworks

 * Examples

### Demos and practicals ###

JBI training course London UK

IT staff and especially Administrators and Developers

4.8 out of 5 average

"The trainer is really engaging and super knowledgeable! The course is very interesting and all the content feels very useful and relevant, definitely no filler. I feel like I have a much better understanding of TLS and Internet PKI as a result, and the practical segments really help cement the understanding. Great course!"

HW, Senior Software Engineer, SSL/TLS, April 2021

JBI training course London UK
 
Top 20 "Pain Points" for Data Analysts
 

Problem 11 : You have a very complex Excel spreadsheet and you want to reproduce EXACTLY the same spreadsheet in Power BI
Solution: Power BI is not Excel, it works differently and it has different strengths. In order to tackle this issue the best way is going back to the source and try to...

All 20 points are in our latest Newsletter - Delivered directly to your inbox



CONTACT
+44 (0)20 8446 7555

enquiries@jbinternational.co.uk

SHARE

Corporate Policies     Terms & Conditions
JB International Training Ltd  -  Company number 08458005

Registered address Wohl Enterprise Hub 2B Redbourne Avenue London N3 2BS

POPULAR

Rust training course                                                                          React training course

Threat modelling training course   Python for data analysts training course

Power BI training course                                   Machine Learning training course

Spring Boot Microservices training course              Terraform training course

Kubernetes training course                                                            C++ training course

Power Automate training course                               Clean Code training course