Home    |    Instructor-led Training    |    Online Training     
         
 
Courses
ADA
Adobe
Agile
AJAX
Android
Apache
AutoCAD
Big Data
BlockChain
Business Analysis
Business Intelligence
Business Objects
Business Skills
C/C++/Go programming
Cisco
Citrix
Cloud Computing
COBOL
Cognos
ColdFusion
COM/COM+
CompTIA
CORBA
CRM
Crystal Reports
Data Science
Datawarehousing
DB2
Desktop Application Software
DevOps
DNS
Embedded Systems
Google Web Toolkit (GWT)
IPhone
ITIL
Java
JBoss
LDAP
Leadership Development
Lotus
Machine learning/AI
Macintosh
Mainframe programming
Mobile
MultiMedia and design
.NET
NetApp
Networking
New Manager Development
Object oriented analysis and design
OpenVMS
Oracle
Oracle VM
Perl
PHP
PostgreSQL
PowerBuilder
Professional Soft Skills Workshops
Project Management
Python
Rational
Ruby
Sales Performance
SAP
SAS
Security
SharePoint
SOA
Software quality and tools
SQL Server
Sybase
Symantec
Telecommunications
Teradata
Tivoli
Tomcat
Unix/Linux/Solaris/AIX/
HP-UX
Unisys Mainframe
Visual Basic
Visual Foxpro
VMware
Web Development
WebLogic
WebSphere
Websphere MQ (MQSeries)
Windows programming
XML
XML Web Services
Other
SSL/TLS Deep Dive
Networking Training Overview

This course is designed to provide a very thorough understanding of Transport Layer Security and Secure Sockets Layer (TLS and SSL) - the protocols which are used to secure the vast majority of the Internet. This is meant to turn students with some minor exposure to SSL/TLS into SSL/TLS Subject Matter Experts (SMEs).

The class will start with an overview of SSL, which will lead into a discussion of the Cryptography necessary to understand how TLS/SSL provides security to Internet communication; including a real example of the math behind RSA Key Generation, Encryption, and Signing.

The class will then be introduced to the whole SSL Process, from establishing a Public and Private Key pair to getting a signed Certificate from a Certificate Authority. Following that, we will take a closer look at the contents of a Certificate, a Private Key, and a Certificate Signing request. The student will then complete a collaborative lab where they set up their own Certificate Authority and use it to sign their certificates from the other students in the class.

Afterwards, the class will take a close look at exactly how a Client validates a Server's Certificate - the heart of Public Key Infrastructure. The class will then discuss the concept of Certificate Chains: why they are important and how they work. Then we take a quick look at the different types of Certificates available (DV, OV, EV), before continuing with an explanation of the two primary means of revoking a compromised certificate.

Lastly, the class will tie everything together with a comprehensive look at what happens in the first few milliseconds of browsing to any HTTPS website… the SSL Handshake. Each message in the SSL Handshake and their contents are illustrated and explained. The lecture concludes with a look at the different variations of the SSL Handshake which allows for different features, extensions, and levels of security.

Finally, the students complete two additional labs. The first is designed to make them experts at determining complete, proper certificate chains. And the second one is a manual look at the Certificate Revocation process: how it works and its effectiveness.

By the end of class, the student will be able to:
  • Explain the overarching process of securing a website using HTTPS
  • Understand the role of the Client and Server in an SSL Handshake
  • Understand the role of the Certificate Authority and intermediate CAs
  • Discuss the cryptography involved in SSL and how it is used to provide secured communication
  • Describe the contents of an X509 Certificate, RSA Private Key, and Certificate Signing Request (CSR)
  • Explain and Convert Certificates and Keys between the three major versions (PEM/DER/PFX)
  • Illustrate what a Client checks to validate a Server's Certificate
  • Understand the purpose and functional operation of a Certificate Chain
  • Describe the various messages in an SSL Handshake
  • Know, Understand, and be able to define and explain the following concepts and terms:
    • Certificate Chains, Certificate Revocation List (CRL), Certificate Signing Request (CSR), Change Cipher Spec, Cipher Suites, Common Name, Distinguished Named, Domain Validation (DV), End Entity Certificate, Ephemeral Key Exchanges, Export grade ciphers, Extended Validation (EV) Certificate, Handshake Messages, Intermediate Certificates, Issuer, Message Signing, OCSP Stapling, Online Certificate Status Protocol (OCSP), Organization Validation (OV) Certificate, Perfect Forward Secrecy, Root Certificate, Server Name Indication (SNI), SSL Records, Subject, Subject Alternative Name (SAN) Cert
Networking Training Audience

Anyone who interacts with SSL/TLS who want a deep understanding of how those protocols work

Networking Training Course duration

3 days

Networking Training Course outline
  • SSL Overview
    • Versions
    • Key Players
    • Purpose
  • Cryptography 101
    • Hashing
    • Encryption
    • Public Key Infrastructure
    • RSA Example
    • Diffie-Hellman
  • X509 Certificates and Keys
    • What is in a Certificate?
    • What is in a RSA key file?
    • What is in a CSR?
    • Certificate Formats
  • Security through Certificates
    • Certificate Validation
    • Certificate Chains
    • Certificate Types
    • Certificate Revocation
  • SSL Handshake
    • Cipher Suites
    • SSL Messages
    • SSL Handshake
    • Handshake Variants
  • Security Concerns
    • Protocol Downgrade Attack
    • CCS Injection
    • Heartbleed
    • False Chain
    • Insecure Renegotiation
    • POODLE
    • BEAST
    • CRIME

Please contact your training representative for more details on having this course delivered onsite or online

Training Outlines - the one stop shopping center for IT training.
© Training Outlines All rights reserved