MindGrove Training Consultancy

HOME
Photographic image of World cities

ABOUT US

INTRODUCTION TO CRYPTOGRAPHY FOR NON-IT SPECIALISTS

COURSE OVERVIEW

This intellectually challenging course is drawn from the demand for an understanding of relatively secure solutions to the problems of authenticity, confidentiality, integrity, non-repudiation and data security offered by the field of cryptography.

COURSE BENEFITS

Skills:

After completion of this course, you will be able to:

  • Understand the challenge of secure transmission and the role of cryptography in protecting your transactions and transmissions

  • Recognise and describe the core cryptographic schemes

  • Evaluate the usefulness of cryptographic security and control solutions to your organisation

  • Review the deployment of cryptographic solutions within the organisation

  • Make framework plans for the adoption of cryptographic solutions within your organisation

Support Materials:

The course is accompanied by a detailed manual that contains briefings illustrations and screenshots, and after-course reference materials to form a powerful personal resource.

WHO SHOULD ATTEND

Those with not less than six months experience in IT Auditing or IT Security that have to extend their activities into the field of cryptography. This course will be beneficial to those taking QiCA, CISA, CISM or CISSP exams. The focus of the course will be on common processes and routine solutions and will involve live software demonstrations and interactions.

COURSE Programme

The Security Challenge

  • The goals of identification – authenticity, non-disturbance – integrity, and privacy – confidentiality

  • Cryptography in war, in commerce and in law

  • Making codes and breaking codes – time to break

  • Keys and cryptographic strength

  • Attacks on cryptographic systems

Understanding Cryptographic Principles

  • Symmetric systems – DES, T-DES, Kerberos

  • Asymmetric systems – RSA

  • Hash functions – MD5, SHA1, SHA2

CASE – SSL

  • Long range trading

  • Long distance mutual authentication

  • The SSL algorithm and the exchange

  • Key lengths

  • Implementation

CASE – IPSEC

  • The nature of IPSEC

  • IPSEC choices

  • Establishing rule sets between client and server

  • The rules for tunnelling and end-points

  • Firewalls and IPSEC

CASE – VPNS

  • What is the purpose of a VPN?

  • Establishing a session

  • Creation of a cryptographic pipe

CASE – Wireless Technologies

  • Cell phones

  • Bluetooth

  • Wi-Fi, WLAN, WEP, WPA

CASE – Digital Signatures

  • The value of a digital signature

  • The perspective in law (UK, Europe)

  • Forming a digital signature

  • Using a digital signature

CASE – Digital Certificates

  • Certificate standards

  • Certificate control, issue and publication

  • Use of certificates

  • Creating and implementing a PKI

  • Trust and breakdown of trust

  • Key escrow

CASE – Evaluating Cryptographic Solutions

  • Mapping information flows

  • Classifying required controls

  • Choosing cryptographic options

PRESENTED BY:
This course is designed, developed and presented by MindGrove Ltd.

TRAINING

In-House Training

Public Course Schedule

Course Library

CONSULTANCY

RESOURCES

CLIENTS

CONTACT US

To discuss bringing this course in-house, please complete our on-line Enquiry Form or call us on 01925 732 757.

Copyright 2008 MindGrove Ltd.

Call us on +44 (0)1925 732 757

All rights reserved.
to discuss your requirements