Deploying and Managing a Public Key Infrastructure

This four-day, instructor-led course provides students with the knowledge and skills to design, deploy, and manage a public key infrastructure (PKI) to support applications that require distributed security. Students get hands-on experience implementing solutions to secure PKI-enabled applications and services, such as Microsoft Internet Explorer, Microsoft Exchange Server, Microsoft Internet Information Server, Microsoft Outlook, and remote access services.

Module 1: Overview of Public Key Infrastructure

• Introduction to PKI
• Introduction to Cryptography
• Certificates and Certification Authorities

Module 2: Designing a Certification Authority Hierarchy

• Identifying CA Hierarchy Design Requirements
• Common CA Hierarchy Designs
• Documenting Legal Requirements
• Analyzing Design Requirements
• Designing a CA Hierarchy Structure

Module 3: Creating a Certification Authority Hierarchy

• Creating an Offline CA
• Validating Certificates
• Planning CRL Publication
• Installing a Subordinate CA

Module 4: Managing a Public Key Infrastructure

• Introduction to PKI Management
• Managing Certificates
• Managing Certification Authorities
• Planning for Disaster Recovery

Module 5: Configuring Certificate Templates

• Introduction to Certificate Templates
• Designing and Creating a Certificate Template
• Publishing a Certificate Template
• Managing Changes in a Certificate Template

Module 6: Configuring Certificate Enrollment

• Introduction to Certificate Enrollment
• Enrolling Certificates Manually
• Autoenrolling Certificates

Module 7: Configuring Key Archival and Recovery

• Introduction to Key Archival and Recovery
• Implementing Manual Key Archival and Recovery
• Implementing Automatic Key Archival and Recovery

Module 8: Configuring Trust Between Organizations

• Introduction to Advanced PKI Hierarchies
• Qualified Subordination Concepts
• Configuring Constraints in a Policy.inf File
• Implementing Qualified Subordination

Module 9: Deploying Smart Cards

• Introduction to Smart Cards
• Enrolling Smart Card Certificates
• Deploying Smart Cards

Module 10: Securing Web Traffic by Using SSL

• Introduction to SSL Security
• Enabling SSL on a Web Server
• Implementing Certificate-based Authentication

Module 11: Configuring E-mail Security

• Introduction to E-mail Security
• Configuring Secure E-mail Messages
• Recovering E-mail Private Keys
• Migrating a KMS Database to a CA Running Windows Server 2003

This course is intended for IT systems engineers who are responsible for designing and implementing security solutions. Individuals should have knowledge and experience to install and configure the Active Directory directory service and security mechanisms for computers running Microsoft Windows 2000 Server or Windows Server 2003 family

Familiarity with Windows 2000 or Windows Server 2003 core technologies, such as those described in the following Microsoft Official Curriculum (MOC) courses:
?Course 2274: Managing a Microsoft Windows Server 2003 Environment
?Course 2275: Maintaining a Microsoft Windows Server 2003 Environment
?Course 2152: Implementing Microsoft Windows 2000 Professional and Server
• Familiarity with Windows 2000 or Windows 2003 networking technologies, such as those described in the following MOC courses:
?Course 2277: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services

Currently there are no Q&As for this course. Be the first to ask a question.