Microsoft PKI – the complete workshop

מק"ט: #7155 | משך קורס: 40 שעות אק'

This course will be delivered on Windows 7 & 8, Server 2008 R2 & 2012 R2

This five-day instructor-led workshop provides students with the knowledge and skills to deploy, and manage a public key infrastructure (PKI) to support applications that require distributed security. Students get hands-on experience implementing solutions to secure PKI-enabled applications and services.

*שדות חובה
PDF version

קהל יעד

This course is intended for IT systems engineers who are responsible for designing and implementing security solutions. Individuals should have knowledge and experience to install and configure the Active Directory service and security mechanisms for computers running Microsoft Windows Server.

תנאי קדם

Before attending this course, students must be familiarity with Windows Server core technologies, Microsoft Windows Server Environment and the Windows Active Directory service


Module 1: Overview of Security and Public Key Infrastructure

  • Introduction to Cryptography
  • Introduction to PKI
  • The Certificate Authority  Hierarchy


Module 2: Installing Microsoft Server Certificate Authority

  • Choosing The CA Type
  • Installing Windows Certificate Services
  • Configure Authority Information Access – AIA
  • Configuring CRL Distribution Point – CRL
  • Understanding Certificate Policies – CPS
  • Publishing Offline CA in the Active Directory Environment
  • Configure Server OSCP
  • Understanding Key concepts of using Hardware Security Module - HSM

Module 3: Managing a Public Key Infrastructure

  • Introduction to PKI Management
  • Managing Certificates
  • Managing Certification Authorities
  • Managing the CRL
  • Managing OCSP Services


Module 4: Managing a Certificate Templates

  • Introduction to Certificate Templates
  • Comparing Template Version 1’ Version 2 and Template Version 3
  • Managing Certificate Template


Module 5: Configuring Certificate Enrollment

  • Introduction to Certificate Enrollment
  • Enrolling Certificates Manually
  • Auto Enrolling Certificates
  • Certificate Auto request
  • Introducing Certificate Request Web Service and Policies
  • Understanding Simple Certificate Enrollment Protocol - SCEP


Module 6: Configuring Key Archival and Recovery

  • Introduction to Key Archival and Recovery
  • Implementing Manual Key Archival and Recovery
  • Understanding and Managing Credential Roaming


Module 7: Deploying Smart Cards

  • Introduction to Smart Cards
  • Enrolling Smart Card Certificates Manually
  • Enrolling Smart Card Certificates using Enrolment Agent


Module  8: Deploying PKI enabled applications

  • Enabling SSL on a Web Server
  • Implementing Certificate-based Authentication
  • Introduction to E-mail Security
  • Configuring Secure E-mail Messages


Module 9: Introduction to IPSec and 802.1X Certificate

  • Introduction to IPSec
  • Introduction to NAP and 802.1X
  • Configuring IPSec Auto Request
  • Configuring 802.1X Auto Request


Module 10: Introduction Enterprise Trust

  • Introduction to Trust Between Organizations
  • Implementing Certificate Trust List - CTL