Chapter 14 - 04 - Discuss PKI and Certificate Management Concepts - 04_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
OCRed
Tags
Full Transcript
o, CTER‘ Cryptogr IS b 0 TeCANniIcian ap ECUnty Techni aphv hv Cryptogr cian...
o, CTER‘ Cryptogr IS b 0 TeCANniIcian ap ECUnty Techni aphv hv Cryptogr cian Exam 212.82 Exam 212-82 ga Root €A (ffling) @ In cure PKI, In sese | | Al cu PKI, roorotot anan in rmreedia dg | | intete rmediatete CAs CAs are Create | | i : an root CaAg are d, Created, and d root CAs can €an be taken | | v off lin e, be taken le av in offline, leaving g the Certific | | v i issuing tasks to the certificate ate | | issuin g tasks to the the Intermediate ca v intermediate in | ,’ Sete rvrm e ed as iath tee acCAs (w(which cas * Intermediate ca tive hich | | i i. *w serve as the aCtive CAs) CAS) | | r Intermediate ca :: -:.............................i Eerssn , nniienn,, ::. * |.:........u.....‘............................ @ When the validity ,’ v................. When the validity ofof anap | 2, e intermediate intermediate caca exp || m., v v v T expires, the js brought ires, the m u || 1z 6 root root CACA oy m m 2 v js brought onl online to 6 o m m m perform perform renewal task ine to ,' ,’ e : g m mv renewa) taskss Whs ; seanassuincici] R o 0 i ot e......;......... ;............... 0 () :............... i............ [ ] o — = Root €A (Offline) Root ca (Oflline) e..................................................................................... S oo v\4 E" °o vA4 —— Intermediate Intermediateca °o v\4 ca —s °° Intermediatecpca Intermediate ‘- — Intermediate ca Intermediate cp vv vv vv £ v4 vv £ ‘i £ v4 g 2. (& 4 £..............................| :...........................................1'................5..........................:..... Aevsomesrrnasnnnaaerans, i Client ClientCertificates Certificates eenttnnsessraann i Figure Figure14.29. 14.29:Online Onlineys,vs,offline offlineCAsCAs Module 14 Module 14Page Page1704 1704 CertifiedCybersecurlty Certified Cvbersecurlty Technician Technician Copyright Copyright © by All All RighRig tshtsRese Res Ecocouncll rverv eq.ed,ReprRep o roduction ic © by EC-Connrir Certified Cybersecurity Technician Exam 212-82 Cryptography Certification Authorities dgcert Sgicert ”: mosary —— o esas| esam| i! comMoDo €oMOoDOo 0O swwen O 0w & tgn @ usow vsvor. () (T e [rer— Kol besmarg Fotees Q DIGITAL CERTIFICATES FOR Buy SSL Certificates EVERY SECURITY NEED @ ‘@ Secure Your Site with SSL Today! Starting at $125 IdenTrust e"y Buries Communty Conticotss Contionss Nessge My Cortiats Cortiuste Sappect Get an SSL certificate. o Show visitors you're trustworthy and i oJo One identity, multiple uses. authentic. i: o o & e Sty neseernest, 4000 443 4K H Prtps//www.identrust.com Copyright © by EC L All Rights Reserved. Reproduction Reproductionisis Strictly Prohibited Certification Authorities Certification authorities (CAs) are trusted entities that issue digital certificates. The digital certificate certifies the possession of the public key by the subject (user, company, or system) specified in the certificate. This aids others to trust signatures or statements made by the private key that is associated with the certified public key. Some popular CAs are discussed below: = Comodo Source: https://www.comodoca.com Comodo offers a range of PKI digital certificates with strong SSL encryption (128/256 available) with Server-Gated Cryptography (SGC). It ensures standards of confidentiality, system reliability, and pertinent business practices as judged via qualified independent audits. It offers PKI management solutions such as Comodo Certificate Manager and Comodo EPKI Manager. Module 14 Page 1705 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography E,RMR,RR cc.,g‘m,gfig @ support (O chat & Login &) USDollarv & US Dollar v~ SSL Certificates SSL Web Security Signing Certificates Certificate Manager Certificate Manager PCI Scanning Website Backup Website Partners Q (U @ Home > Homepage.. Buy SSL Certificates Secure Secure Your Your Site Site with with SSL SSL Today! I oday. | Starting at $125 Starting at $125 As low as $125/ year ComodoCA DV Certificates « Compatible with all popular browsers Copodoc oy certiicates Unlimited Unlimited server server licensing licensing ComodoCA OV Certificates ComodoCA OV Certificates ComodoCA EV Certificates ComodoCA EV Certificates 24/7 expert support from our team Unlimited re-issuance ComodoCA Multi-Domain 30-day money back guarantee ComodoCA Wildcard Certificates ComodoCA UCC Certificate Compare Certificates Figure 14.30: Screenshot of Comodo Website * |denTrust Source: https://www.identrust.com IdenTrust is a trusted third party that provides CA services for many sectors such as banks, corporates, governments, and healthcare. It provides solutions such as digital signing and sealing, compliance with NIST SP 800-171, global identity networks, and managed PKI hosting services. Application Status My Account Announcements Announcements Contact Us] Us} ldenTrust Iden!&g%}] My Buying Community Certificates Manage My Certificate Support part of 10D Globiw Eo o.' One identity, multiple uses. Authentication. Digital signatures, Encryption. Encryption, I[ EXPLORE SOLUTIONS ]l Figure 14.31: Screenshot of IdenTrust Website Module 14 Page 1706 Certified Cybersecurity Technician Copyright © by EG-Council EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography = DigiCert CertCentral Source: https://www.digicert.com CertCentral simplifies the entire lifecycle by consolidating tasks for issuing, installing, inspecting, remediating, and renewing TLS/SSL certificates. It manages high-volume TLS/SSL certificate issuance for multiple individuals and teams. C;g[CCIL TLS/SSL Certificates « PKI & 10T Trust + Partners PPOIt v @ OQaQe (7] Figure 14.32: Screenshot of DigiCert Website = GoDaddy Source: https://www.godaddy.com GoDaddy SSL Certificates offer a complete range of certificates that comply with CA/Browser Forum guidelines. They provide the SHA-2 hash algorithm and 2048-bit encryption, protection of unlimited servers, etc. Help by GoDaddy Guides Signinv SSL Certificates Get an SSL certificate. Show visitors you're trustworthy and authentic. Call for a free security assessment: (480) 463-8327 Figure 14.33: Screenshot of GoDaddy Website Module 14 Page 1707 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited.
