print the agenda
Title: 2821 Deploying and Managing a Public Key Infrastructure
Delivery Method: Instructor-led Classroom Learning
Duration: 4.00 Day(s)
This course provides students with the knowledge and skills to design, deploy, and manage a public key infrastructure (PKI) to support applications that require distributed security.
Who Should Attend:
This course is intended for IT systems engineers who are responsible for designing and implementing security solutions. Individuals should have knowledge and experience to install and configure the Active Directory directory service and security mechanisms for computers running Microsoft Windows 2000 Server or Windows Server 2003 family.
At Course Completion:
After completing this course, students will be able to:
- Describe PKI and the major components of a PKI.
- Design a certification authority (CA) hierarchy to meet business requirements.
- Install Certificate Services to create a CA hierarchy.
- Perform certificate management tasks, CA management tasks, and plan for disaster recovery of Certificate Services.
- Create and publish a certificate template, and replace an existing certificate template.
- Enroll a certificate manually, autoenroll a certificate, and enroll a smart card certificate.
- Implement manual and automatic key archival and recovery in a Windows Server 2003 PKI.
- Configure trust between organizations by configuring and implementing qualified subordination.
- Deploy smart cards in a Windows environment.
- Secure a Web environment by implementing SSL security and certificate-based authentication for Web applications.
- Implement secure e-mail messages by using Microsoft Exchange Server in a Windows 2000 or Windows 2003 environment.
2152B Implementing Microsoft Windows 2000 Professional and Server
2153A Implementing a Microsoft Windows 2000 Network Infrastructure
2154A Implementing and Administering Microsoft Windows 2000 Directory Services
2274 Managing a Microsoft Windows Server 2003 Environment
2275 Maintaining a Microsoft Windows Server 2003 Environment
2277 Implementing Managing and Maintaining a Microsoft Windows Server 2003 Network Infrastructure Network Services
2279 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure
Lesson 1: Overview of Public Key Infrastructure
Introduction to PKI
Introduction to Cryptography
Certificates and Certification Authorities
Lesson 2: Designing a Certification Authority Hierarchy
Identifying CA Hierarchy Design Requirements
Common CA Hierarchy Designs
Documenting Legal Requirements
Analyzing Design Requirements
Designing a CA Hierarchy Structure
Lesson 3: Creating a Certification Authority Hierarchy
Creating an Offline CA
Planning CRL Publication
Installing a Subordinate CA
Lesson 4: Managing a Public Key Infrastructure
Introduction to PKI Management
Managing Certification Authorities
Planning for Disaster Recovery
Lesson 5: Configuring Certificate Templates
Introduction to Certificate Templates
Designing and Creating a Certificate Template
Publishing a Certificate Template
Managing Changes in a Certificate Template
Lesson 6: Configuring Certificate Enrollment
Introduction to Certificate Enrollment
Enrolling Certificates Manually
Lesson 7: Configuring Key Archival and Recovery
Introduction to Key Archival and Recovery
Implementing Manual Key Archival and Recovery
Implementing Automatic Key Archival and Recovery
Lesson 8: Configuring Trust Between Organizations
Introduction to Advanced PKI Hierarchies
Qualified Subordination Concepts
Configuring Constraints in a Policy.inf File
Implementing Qualified Subordination
Lesson 9: Deploying Smart Cards
Introduction to Smart Cards
Enrolling Smart Card Certificates
Deploying Smart Cards
Lesson 10: Securing Web Traffic by Using SSL
Introduction to SSL Security
Enabling SSL on a Web Server
Implementing Certificate-based Authentication
Lesson 11: Configuring E-mail Security
Introduction to E-mail Security
Configuring Secure E-mail Messages
Recovering E-mail Private Keys
Migrating a KMS Database to a CA Running Windows Server 2003
This course will provide students with the knowledge and skills to design, deploy, and manage a public key infrastructure (PKI) to support applications that require distributed security. (see
full course description)
print this agenda