Designing and Managing a Windows Public Key Infrastructure

Similar documents
Implementing and Managing Microsoft Exchange Server 2003

Implementing Microsoft Internet Security and Acceleration Server 2004

At Course Completion: Course Outline: Course 20742: Identity with Windows Server Learning Method: Instructor-led Classroom Learning

20742: Identity with Windows Server 2016

M20742-Identity with Windows Server 2016

Configuring Advanced Windows Server 2012 Services

Identity with Windows Server 2016

Implementing and Administering Security in a Microsoft Windows 2000 Network Course 2820 Five days Instructor-led Published: February 17, 2004

METHODOLOGY This program will be conducted with interactive lectures, PowerPoint presentations, discussions and practical exercises.

Identity with Windows Server 2016

Implementing an Advanced Server Infrastructure

Microsoft Planning and Implementing Windows Server 2008

Identity with Microsoft Windows Server 2016 (MS-20742)

70-742: Identity in Windows Server Course Overview

Microsoft MCTS Windows Server 2008, Active Directory. Download Full Version :

Active Directory Services with Windows Server

Course Outline 20742B

Certification Authority

Windows Server : Configuring Advanced Windows Server 2012 Services R2. Upcoming Dates. Course Description.

COURSE OUTLINE. COURSE OBJECTIVES After completing this course, students will be able to: 1 - INSTALLING & CONFIGURING DCS

Identity with Windows Server 2016 (20742)

KNOWLEDGE SOLUTIONS. MIC2823 Implementing and Administering Security in a Microsoft Windows Server 2003 Network 5 Day Course

"Charting the Course... MOC B Active Directory Services with Windows Server Course Summary

ACTIVE DIRECTORY SERVICES WITH WINDOWS SERVER

Microsoft Administering Microsoft Exchange Server 2016

MOC Configuring Advanced Windows Server 2012 Services

ADMINISTERING MICROSOFT EXCHANGE SERVER 2016

20412D: Configuring Advanced Windows Server 2012 Services

Configuring Advanced Windows Server 2012 Services

Microsoft Configuring Advanced Windows Server 2012 Services

COURSE A ADMINISTERING EXCHANGE SERVER 2016

NET EXPERT SOLUTIONS PVT LTD

Microsoft Active Directory Services with Windows Server

SEVENMENTOR TRAINING PVT.LTD

Administering Microsoft Exchange Server 2016

Active Directory Services with Windows Server

Course 10969: Active Directory services with Windows Server

Developing Microsoft.NET Applications for Windows (Visual C#.NET)

Course Outline. Core Solutions of Microsoft Exchange Server 2013 Course 20341A: 5 days Instructor Led

Planning and Deploying System Center 2012 Configuration Manager

Module Title : Course 20341A: Core Solutions of Microsoft Exchange Server 2013

Microsoft Implementing an Advanced Server Infrastructure

10969B: Active Directory Services with Windows Server

Administering Microsoft Exchange Server 2016

10969: Active Directory Services with Windows Server

Microsoft Exchange Server 2013

2554 : Administering Microsoft Windows SharePoint Services and SharePoint Portal Server 2003

[MS20414]: Implementing an Advanced Server Infrastructure

Active Directory Services with Windows Server

"Charting the Course... MOC B Implementing a Desktop Infrastructure. Course Summary

20414C: Implementing an Advanced Server Infrastructure

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 6

Core Solutions of Microsoft Exchange Server 2013

Microsoft - Configuring Advanced Windows Server 2012 Services (M20412) (M20412)

This PDF Document was generated for free by the Aloaha PDF Suite If you want to learn how to make your own PDF Documents visit:

A: Administering Microsoft Exchange Server 2016

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010

Course No. MCSA Days Instructor-led, Hands-on

Course 20412: Configuring Advanced Windows Server 2012 Services Duración: 05 Días. Acerca de este curso

Updating Your Skills from Microsoft Exchange Server 2003 or Exchange Server 2007 to Exchange Server 2010 SP1

Updating Your Skills from Microsoft Exchange Server 2003 or Exchange Server 2007 to Exchange Server 2010

2272 : Implementing and Supporting Microsoft Windows XP Professional

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On- Premises Tools

(Installation, Storage, and Compute with Windows Server 2016)

COURSE OUTLINE: OD10969B Active Directory Services with Windows Server

Implementing a Desktop Infrastructure

Windows Server 2016 MCSA Bootcamp

This course prepares the student for Exam : Configuring Advanced Windows Server 2012 Services.

Managing and Maintaining a Microsoft Windows Server 2003 Environment

Updating Your Windows Server 2003 Technology Skills to Windows Server 2008

Administering a SQL Database Infrastructure Microsoft Official Curriculum (MOC 20764)

Course 20341B: Core Solutions of Microsoft Exchange Server 2013

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Microsoft Planning and Deploying System Center 2012 Configuration Manager

IMPLEMENTING A DESKTOP INFRASTRUCTURE. Course: 20415A Duration: 5 Days; Instructor-led

ROYAL INSTITUTE OF INFORMATION & MANAGEMENT

MCSE Server Infrastructure. This Training Program prepares and enables learners to Pass Microsoft MCSE: Server Infrastructure exams

MOC 6232A: Implementing a Microsoft SQL Server 2008 Database

Administering a SQL Database Infrastructure (M20764)

CORE SOLUTIONS OF MICROSOFT EXCHANGE SERVER 2013

Microsoft Certified Solution Associate Windows Server 2016 Training

Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010

Microsoft Certified System Engineer

Lessons Server Manager Roles Windows Server 2008 Features Active Directory Improvements

COURSE OUTLINE: AAdministering Microsoft Exchange Server AAdministering Microsoft Exchange Server 2016

Course 10972B: Administering the Web Server (IIS) Role of Windows Server

Copyright

Installing and Configuring System Center 2012 Operations Manager SCOM

Planning for and Managing Devices in the Enterprise: Enterprise Management Suite (EMS) & On-Premises Tools

MCSA Windows Server 2012

Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010

Implementing a Desktop Infrastructure

Designing Database Solutions for Microsoft SQL Server 2012

Designing Database Solutions for Microsoft SQL Server 2012

Audience(s) : IT Professionals Level : 300 Technology : Microsoft System Center Configuration Manager Delivery Method : Instructor-led (Classroom)

Microsoft Updating Your Windows Server 2003 Technology Skills to Windows Server 2008

Exam : Implementing a Cloud Based Infrastructure

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

10135: Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Service Pack 2

COURSE OUTLINE MOC 10969: ACTIVE DIRECTORY SERVICES WITH WINDOWS SERVER MODULE 1: OVERVIEW OF ACCESS AND INFORMATION PROTECTION

Transcription:

Designing and Managing a Windows Public Key Infrastructure Key Data Course #: 2821A Number of Days: 4 Format: Instructor-Led Certification Track: Exam 70-214: Implementing and Managing Security in a Windows 2000 Network Infrastructure Exam 70-220: Designing Security for a Microsoft Windows 2000 Network Exam 70-298: Designing Security for a Microsoft Windows Server 2003 Network Exam 70-299, Implementing and Administering Security in a Microsoft Windows Server 2003 Network This four-day, instructor-led course provides students with the knowledge and skills to design, deploy, and manage a public key infrastructure (PKI) to support applications that require distributed security. Students get hands-on experience implementing solutions to secure PKI-enabled applications and services, such as Microsoft Internet Explorer, Microsoft Exchange Server, Microsoft Internet Information Server, Microsoft Outlook, and remote access services. Audience This course is intended for IT systems engineers who are responsible for designing and implementing security solutions. Individuals should have knowledge and experience to install and configure the Active Directory directory service and security mechanisms for computers running Microsoft Windows 2000 Server or Windows Server 2003 family. At Course Completion After completing this course, students will be able to: Describe PKI and the major components of a PKI. Design a certification authority (CA) hierarchy to meet business requirements. Install Certificate Services to create a CA hierarchy. Perform certificate management tasks, CA management tasks, and plan for disaster recovery of Certificate Services. Create and publish a certificate template, and replace an existing certificate template. Enroll a certificate manually, autoenroll a certificate, and enroll a smart card certificate. Implement manual and automatic key archival and recovery in a Windows Server 2003 PKI. Configure trust between organizations by configuring and implementing qualified subordination. Deploy smart cards in a Windows environment. Secure a Web environment by implementing SSL security and certificate-based authentication for Web applications. Implement secure e-mail messages by using Microsoft Exchange Server in a Windows 2000 or Windows 2003 environment. Prerequisites Familiarity with Windows 2000 or Windows Server 2003 core technologies, such as those described in the following Microsoft Official Curriculum (MOC) courses: Course 2274: Managing a Microsoft Windows Server 2003 Environment Course 2275: Maintaining a Microsoft Windows Server 2003 Environment Course 2152: Implementing Microsoft Windows 2000 Professional and Server Familiarity with Windows 2000 or Windows 2003 networking technologies, such as those described in the following MOC courses: For more information and to register for classes contact ISONET Education Services 15th Floor RS Tower, 121/56 Ratchadapisek Rd., Dindaeng, Bangkok 10320 Tel: (662) 641-2200-8 Fax: (662) 641-2199 Email: training@isonet.co.th

Course 2277: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services Course 2153: Implementing a Microsoft Windows 2000 Network Infrastructure Familiarity with Windows 2000 or Windows 2003 directory services technologies, such as those described in the following MOC courses: Course 2279: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure Course 2154: Implementing and Administering Microsoft Windows 2000 Directory Services Student Materials The student kit includes a comprehensive workbook and other necessary materials for this class.

Module 1: Overview of Public Key Infrastructure This module explains the basic concepts of a public key infrastructure (PKI) and its components. It also provides an overview of the topics that will be explained in-depth in the course. Introduction to PKI Introduction to Cryptography Certificates and Certification Authorities Lab A: Identifying Trusted Root CAs Creating a Custom MMC Viewing CA Certificates in Certificates MMC Analyzing CA Certificate Distribution Methods Describe PKI and its basic components. Describe how symmetric and public key encryption works. Define the role of certificates and CAs in a PKI. Module 2: Designing a Certification Authority Hierarchy This module introduces students to designing a CA hierarchy. It explains the major tasks that are involved, including identifying business and legal requirements and planning a Certification Authority (CA) hierarchy structure. Identifying CA Hierarchy Design Requirements Common CA Hierarchy Designs Documenting Legal Requirements Analyzing Design Requirements Designing a CA Hierarchy Structure Lab A: Designing a CA Hierarchy Identifying Applications and Certificate Holders Identifying Technical and Business Requirements Designing a CA Hierarchy Identify technical and business requirements for designing a CA hierarchy. Describe common CA hierarchy designs. Describe policies and documents for specifying the legal requirements of a CA hierarchy design. Identify the impact of design requirements and determine design changes to a CA hierarchy design. Design a CA hierarchy to meet business requirements.

Module 3: Creating a Certification Authority Hierarchy This module explains how to create a CA hierarchy based on a CA hierarchy design. Students also learn how to install Certificate Services, validate a certificate, and publish a certificate revocation list (CRL) and an Authority Information Access (AIA). Creating an Offline CA Validating Certificates Planning CRL Publication Installing a Subordinate CA Lab A: Installing an Offline CA Configuring CAPolicy.inf for installing the Offline Root CA Installing the Offline Root CA Lab B: Publishing CRLs and AIAs Defining CRL and AIA Publication Settings Publishing the CRL and AIA Information Adding the Web Server to Local Intranet Sites Lab C: Implementing a Subordinate Enterprise CA Installing the Subordinate Enterprise CA Validating the PKI Health of your CA Hierarchy Create an offline root CA. Design an infrastructure to validate certificates. Design an infrastructure to publish CRLs. Install a subordinate CA. Module 4: Managing a Public Key Infrastructure This module explains how to manage a PKI by managing certificates and CAs. Students also learn how to recover a PKI in the event of a failure. Introduction to PKI Management Managing Certificates Managing Certification Authorities Planning for Disaster Recovery Lab A: Enabling Role Separation Defining CA Administrators and Certificate Managers Restricting Certificate Managers Generating Certificate Requests Testing CA Administrator Tasks Testing Certificate Manager Tasks Enabling Certificate Services Auditing

Lab B: Backing Up and Restoring a Certification Authority Determining Backup Privileges Backing Up Certificate Services Removing the CA s Private Key from the CA Certificate Store Restoring the System State Backup Describe the use of roles in PKI management. Perform certificate management tasks. Perform CA management tasks. Plan for disaster recovery of Certificate Services. Module 5: Configuring Certificate Templates This module introduces students to certificate templates and how to design them. Students also learn about creating, publishing, and changing certificate templates. Introduction to Certificate Templates Designing and Creating a Certificate Template Publishing a Certificate Template Managing Changes in a Certificate Template Lab A: Delegating Certificate Template Management Delegating Certificate Template Administration Permissions Lab B: Designing a Certificate Template Reviewing an Existing Certificate Template Designing the Custom Code Signing Certificate Template Lab C: Configuring Certificate Templates Creating a Certificate Template Publishing a Certificate Template Enrolling the Certificate Template Superceding a Certificate Template Describe the function of certificate templates in a Windows Server 2003 PKI. Design and create a certificate template. Publish a certificate template. Replace an existing certificate template with an updated certificate template. Module 6: Configuring Certificate Enrollment In this module, students learn about the various methods of enrolling certificates. Students can either process the certificate requests manually or automatically, depending upon the approval requirement from the certificate manager.

Introduction to Certificate Enrollment Enrolling Certificates Manually Autoenrolling Certificates Lab A: Enrolling Certificates Choosing an Enrollment Method Enrolling Computer Certificates by Using the Certificate Enrollment Wizard Creating a User Certificate Template that Enables Autoenrollment Deploying the Certificates by Using Autoenrollment Select the appropriate certificate enrollment method for a given scenario. Enroll certificates manually. Autoenroll certificates. Enroll smart card certificates. Module 7: Configuring Key Archival and Recovery This module describes the importance of creating a strategy for data and key recovery and explains the key archival and recovery process. Students also learn how Windows XP and Windows Server 2003 enhance data protection and data recovery. Introduction to Key Archival and Recovery Implementing Manual Key Archival and Recovery Implementing Automatic Key Archival and Recovery Lab A: Configuring Key Recovery Publishing the Key Recovery Agent Certificate Template Enrolling the Key Recovery Agent Certificates Implementing Key Recovery on an Enterprise CA Creating an Archive-enabled Certificate Template Acquiring an ArchiveEFS Certificate Performing Key Recovery Describe the key archival and recovery process in a Windows Server 2003 PKI. Implement manual key archival and recovery. Implement automatic key archival and recovery. Module 8: Configuring Trust Between Organizations Students learn how to extend an organization s PKI trust hierarchy to other organizations. By extending the trust hierarchy, an organization s certificates can be used and trusted across organizations for purposes like secure e-mail messages, client authentication, and server authentication.

Introduction to Advanced PKI Hierarchies Qualified Subordination Concepts Configuring Constraints in a Policy.inf File Implementing Qualified Subordination Lab A: Implementing a Bridge CA Creating a Qualified Subordination Signing Certificate Template Configuring a Policy.inf File Requesting a Qualified Subordination Signing Certificate Generating a Cross Certification Authority Certificate for the Bridge CA Modifying the Policy.inf File on the Bridge CA Creating the Cross Certification Authority Certificate Publishing the Bridge CA Cross Certification Authority Certificates Issuing Certificates that Meet Qualified Subordination Constraints Describe advanced PKI hierarchies. Describe how constraints are used in qualified subordination. Configure a policy.inf file to implement qualified subordination constraints. Implement qualified subordination between CA hierarchies. Module 9: Deploying Smart Cards In this module, students learn how smart cards provide secure storage for data and also support authentication of users. Students also learn how to configure and deploy smart cards in a Windows Server 2003 PKI environment. Introduction to Smart Cards Enrolling Smart Card Certificates Deploying Smart Cards Lab A: Deploying Smart Cards Modifying and Publishing the Enrollment Agent Certificate Template Acquiring the Enrollment Agent Certificates Creating a Custom Smart Card Certificate Enabling the Downloading of Unsafe Microsoft ActiveX Controls Performing Smart Card Enrollment Agent Requests Configuring a Certificate to Require a Smart Card Signature during Autoenrollment Signing an Autoenrollment Certificate Request with a Smart Card Planning for Re-enrollment Describe the use of smart cards for authentication in a Windows Server 2003 PKI environment. Deploy smart cards for authentication in a Windows Server 2003 PKI environment.

Module 10: Securing Web Traffic by Using SSL This module explains how to secure a Web environment by implementing SSL security and certificate-based authentication for Web applications. Introduction to SSL Security Enabling SSL on a Web Server Implementing Certificate-based Authentication Lab A: Deploying SSL Encryption at a Web Server Enabling SSL Encryption in IIS Securing the Security Virtual Folder Enabling Certificate Mapping in Active Directory Enabling Certificate Mapping in IIS Describe how security is implemented in a Web environment. Configure IIS to implement SSL security. Implement certificate-based authentication for Web applications. Module 11: Configuring E-mail Security In this module, students learn how to implement secure e-mail messages in an Exchange 2003 environment. Introduction to E-mail Security Configuring Secure E-mail Messages Recovering E-mail Private Keys Migrating a KMS Database to a CA Running Windows Server 2003 Lab A: Securing E-mail Messages in Exchange Server 2003 Creating Exchange Server 2003 Mailboxes Creating and Publishing S/MIME Certificate Templates Configuring Outlook 2002 Sending Secure E-mail Between Organizations Describe how e-mail security is implemented by a server running Exchange in a Windows Server 2003 environment. Securing e-mail messages in an Exchange 2003 environment. Recover e-mail private keys. Migrate a Key Management Service (KMS) database to a Windows Server 2003 Enterprise Edition enterprise CA.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback