Learn: in:
» back to Search Results

Course rating of 0 Vendor rating of 4


This four-day, instructor-led course provides students with the knowledge and skills to design, deploy, and manage a public key infrastructure (PKI) to support applications that require distributed security.


 
Course Outline
This four-day, instructor-led course provides students with the knowledge and skills to design, deploy, and manage a public key infrastructure (PKI) to support applications that require distributed security. Students get hands-on experience implementing solutions to secure PKI-enabled applications and services, such as Microsoft Internet Explorer, Microsoft Exchange Server, Microsoft Internet Information Server, Microsoft Outlook®, and remote access services.

Audience
This course is intended for IT systems engineers who are responsible for designing and implementing security solutions. Individuals should have knowledge and experience to install and configure the Active Directory® directory service and security mechanisms for computers running Microsoft Windows® 2000 Server or Windows Server 2003 family.

At Course Completion

After completing this course, students will be able to:
    * Describe PKI and the major components of a PKI.
    * Design a certification authority (CA) hierarchy to meet business requirements.
    * Install Certificate Services to create a CA hierarchy.
    * Perform certificate management tasks, CA management tasks, and plan for disaster recovery of Certificate Services.
    * Create and publish a certificate template, and replace an existing certificate template.
    * Enroll a certificate manually, autoenroll a certificate, and enroll a smart card certificate.
    * Implement manual and automatic key archival and recovery in a Windows Server 2003 PKI.
    * Configure trust between organizations by configuring and implementing qualified subordination.
    * Deploy smart cards in a Windows environment.
    * Secure a Web environment by implementing SSL security and certificate-based authentication for Web applications.
    * Implement secure e-mail messages by using Microsoft Exchange Server in a Windows 2000 or Windows 2003 environment.


Microsoft Certified Professional Exams
This course helps you prepare for the following Microsoft Certified Professional exams:
    * Exam 70-214: Implementing and Managing Security in a Windows 2000 Network Infrastructure
    * Exam 70-220: Designing Security for a Microsoft Windows 2000 Network
    * Exam 70-298: Designing Security for a Microsoft Windows Server 2003 Network
    * Exam 70-299, Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Course Outline
Module 1: Overview of Public Key Infrastructure
This module explains the basic concepts of a public key infrastructure (PKI) and its components. It also provides an overview of the topics that will be explained in-depth in the course.

Lessons
    * Introduction to PKI
    * Introduction to Cryptography
    * Certificates and Certification Authorities

Lab A: Identifying Trusted Root CAs
    * Creating a Custom MMC
    * Viewing CA Certificates in Certificates MMC
    * Analyzing CA Certificate Distribution Methods

After completing this module, students will be able to:
    * Describe PKI and its basic components.
    * Describe how symmetric and public key encryption works.
    * Define the role of certificates and CAs in a PKI.

Module 2: Designing a Certification Authority Hierarchy

This module introduces students to designing a CA hierarchy. It explains the major tasks that are involved, including identifying business and legal requirements and planning a Certification Authority (CA) hierarchy structure.

Lessons
    * Identifying CA Hierarchy Design Requirements
    * Common CA Hierarchy Designs
    * Documenting Legal Requirements
    * Analyzing Design Requirements
    * Designing a CA Hierarchy Structure

Lab A: Designing a CA Hierarchy
    * Identifying Applications and Certificate Holders
    * Identifying Technical and Business Requirements
    * Designing a CA Hierarchy

After completing this module, students will be able to:
    * Identify technical and business requirements for designing a CA hierarchy.
    * Describe common CA hierarchy designs.
    * Describe policies and documents for specifying the legal requirements of a CA hierarchy design.
    * Identify the impact of design requirements and determine design changes to a CA hierarchy design.
    * Design a CA hierarchy to meet business requirements.

Module 3: Creating a Certification Authority Hierarchy
This module explains how to create a CA hierarchy based on a CA hierarchy design. Students also learn how to install Certificate Services, validate a certificate, and publish a certificate revocation list (CRL) and an Authority Information Access (AIA).

Lessons
    * Creating an Offline CA
    * Validating Certificates
    * Planning CRL Publication
    * Installing a Subordinate CA

Lab A: Installing an Offline CA
    * Configuring CAPolicy.inf for installing the Offline Root CA
    * Installing the Offline Root CA

Lab B: Publishing CRLs and AIAs
    * Defining CRL and AIA Publication Settings
    * Publishing the CRL and AIA Information
    * Adding the Web Server to Local Intranet Sites

Lab C: Implementing a Subordinate Enterprise CA
    * Installing the Subordinate Enterprise CA
    * Validating the PKI Health of your CA Hierarchy

After completing this module, students will be able to:
    * Create an offline root CA.
    * Design an infrastructure to validate certificates.
    * Design an infrastructure to publish CRLs.
    * Install a subordinate CA.

Module 4: Managing a Public Key Infrastructure

This module explains how to manage a PKI by managing certificates and CAs. Students also learn how to recover a PKI in the event of a failure.

Lessons
    * Introduction to PKI Management
    * Managing Certificates
    * Managing Certification Authorities
    * Planning for Disaster Recovery

Lab A: Enabling Role Separation
    * Defining CA Administrators and Certificate Managers
    * Restricting Certificate Managers
    * Generating Certificate Requests
    * Testing CA Administrator Tasks
    * Testing Certificate Manager Tasks
    * Enabling Certificate Services Auditing

Lab B: Backing Up and Restoring a Certification Authority
    * Determining Backup Privileges
    * Backing Up Certificate Services
    * Removing the CA€(TM)s Private Key from the CA Certificate Store
    * Restoring the System State Backup

After completing this module, students will be able to:
    * Describe the use of roles in PKI management.
    * Perform certificate management tasks.
    * Perform CA management tasks.
    * Plan for disaster recovery of Certificate Services.

Module 5: Configuring Certificate Templates

This module introduces students to certificate templates and how to design them. Students also learn about creating, publishing, and changing certificate templates.

Lessons
    * Introduction to Certificate Templates
    * Designing and Creating a Certificate Template
    * Publishing a Certificate Template
    * Managing Changes in a Certificate Template

Lab A: Delegating Certificate Template Management
    * Delegating Certificate Template Administration Permissions

Lab B: Designing a Certificate Template
    * Reviewing an Existing Certificate Template
    * Designing the Custom Code Signing Certificate Template

Lab C: Configuring Certificate Templates
    * Creating a Certificate Template
    * Publishing a Certificate Template
    * Enrolling the Certificate Template
    * Superceding a Certificate Template

After completing this module, students will be able to:
    * Describe the function of certificate templates in a Windows Server 2003 PKI.
    * Design and create a certificate template.
    * Publish a certificate template.
    * Replace an existing certificate template with an updated certificate template.

Module 6: Configuring Certificate Enrollment

In this module, students learn about the various methods of enrolling certificates. Students can either process the certificate requests manually or automatically, depending upon the approval requirement from the certificate manager.

Lessons
    * Introduction to Certificate Enrollment
    * Enrolling Certificates Manually
    * Autoenrolling Certificates

Lab A: Enrolling Certificates
    * Choosing an Enrollment Method
    * Enrolling Computer Certificates by Using the Certificate Enrollment Wizard
    * Creating a User Certificate Template that Enables Autoenrollment
    * Deploying the Certificates by Using Autoenrollment

After completing this module, students will be able to:
    * Select the appropriate certificate enrollment method for a given scenario.
    * Enroll certificates manually.
    * Autoenroll certificates.
    * Enroll smart card certificates.

Module 7: Configuring Key Archival and Recovery

This module describes the importance of creating a strategy for data and key recovery and explains the key archival and recovery process. Students also learn how Windows XP and Windows Server 2003 enhance data protection and data recovery.

Lessons
    * Introduction to Key Archival and Recovery
    * Implementing Manual Key Archival and Recovery
    * Implementing Automatic Key Archival and Recovery

Lab A: Configuring Key Recovery
    * Publishing the Key Recovery Agent Certificate Template
    * Enrolling the Key Recovery Agent Certificates
    * Implementing Key Recovery on an Enterprise CA
    * Creating an Archive-enabled Certificate Template
    * Acquiring an ArchiveEFS Certificate
    * Performing Key Recovery

After completing this module, students will be able to:
    * Describe the key archival and recovery process in a Windows Server 2003 PKI.
    * Implement manual key archival and recovery.
    * Implement automatic key archival and recovery.

Module 8: Configuring Trust Between Organizations
Students learn how to extend an organization€(TM)s PKI trust hierarchy to other organizations. By extending the trust hierarchy, an organization€(TM)s certificates can be used and trusted across organizations for purposes like secure e-mail messages, client authentication, and server authentication.

Lessons
    * Introduction to Advanced PKI Hierarchies
    * Qualified Subordination Concepts
    * Configuring Constraints in a Policy.inf File
    * Implementing Qualified Subordination

Lab A: Implementing a Bridge CA
    * Creating a Qualified Subordination Signing Certificate Template
    * Configuring a Policy.inf File
    * Requesting a Qualified Subordination Signing Certificate
    * Generating a Cross Certification Authority Certificate for the Bridge CA
    * Modifying the Policy.inf File on the Bridge CA
    * Creating the Cross Certification Authority Certificate
    * Publishing the Bridge CA Cross Certification Authority Certificates
    * Issuing Certificates that Meet Qualified Subordination Constraints

After completing this module, students will be able to:
    * Describe advanced PKI hierarchies.
    * Describe how constraints are used in qualified subordination.
    * Configure a policy.inf file to implement qualified subordination constraints.
    * Implement qualified subordination between CA hierarchies.

Module 9: Deploying Smart Cards
In this module, students learn how smart cards provide secure storage for data and also support authentication of users. Students also learn how to configure and deploy smart cards in a Windows Server 2003 PKI environment.

Lessons
    * Introduction to Smart Cards
    * Enrolling Smart Card Certificates
    * Deploying Smart Cards

Lab A: Deploying Smart Cards
    * Modifying and Publishing the Enrollment Agent Certificate Template
    * Acquiring the Enrollment Agent Certificates
    * Creating a Custom Smart Card Certificate
    * Enabling the Downloading of Unsafe Microsoft ActiveX® Controls
    * Performing Smart Card Enrollment Agent Requests
    * Configuring a Certificate to Require a Smart Card Signature during Autoenrollment
    * Signing an Autoenrollment Certificate Request with a Smart Card
    * Planning for Re-enrollment

After completing this module, students will be able to:
    * Describe the use of smart cards for authentication in a Windows Server 2003 PKI environment.
    * Deploy smart cards for authentication in a Windows Server 2003 PKI environment.

Module 10: Securing Web Traffic by Using SSL
This module explains how to secure a Web environment by implementing SSL security and certificate-based authentication for Web applications.

Lessons
    * Introduction to SSL Security
    * Enabling SSL on a Web Server
    * Implementing Certificate-based Authentication

Lab A: Deploying SSL Encryption at a Web Server
    * Enabling SSL Encryption in IIS
    * Securing the Security Virtual Folder
    * Enabling Certificate Mapping in Active Directory
    * Enabling Certificate Mapping in IIS

After completing this module, students will be able to:
    * Describe how security is implemented in a Web environment.
    * Configure IIS to implement SSL security.
    * Implement certificate-based authentication for Web applications.

Module 11: Configuring E-mail Security

In this module, students learn how to implement secure e-mail messages in an Exchange 2003 environment.

Lessons
    * Introduction to E-mail Security
    * Configuring Secure E-mail Messages
    * Recovering E-mail Private Keys
    * Migrating a KMS Database to a CA Running Windows Server 2003

Lab A: Securing E-mail Messages in Exchange Server 2003
    * Creating Exchange Server 2003 Mailboxes
    * Creating and Publishing S/MIME Certificate Templates
    * Configuring Outlook 2002
    * Sending Secure E-mail Between Organizations

After completing this module, students will be able to:
    * Describe how e-mail security is implemented by a server running Exchange in a Windows Server 2003 environment.
    * Securing e-mail messages in an Exchange 2003 environment.
    * Recover e-mail private keys.
    * Migrate a Key Management Service (KMS) database to a Windows Server 2003 Enterprise Edition enterprise CA.
Prerequisites & Certificates
Pre-Requisites

Before attending this course, students must have: * Familiarity with Windows 2000 or Windows Server 2003 core technologies, such as those described in the following Microsoft Official Curriculum (MOC) courses: o Course 2274: Managing a Microsoft Windows Server 2003 Environment o Course 2275: Maintaining a Microsoft Windows Server 2003 Environment o Course 2152: Implementing Microsoft Windows 2000 Professional and Server * Familiarity with Windows 2000 or Windows 2003 networking technologies, such as those described in the following MOC courses: o Course 2277: Implementing, Managing and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: NS o Course 2153:Implementing a Microsoft Windows 2000 Network Infrastructure * Familiarity with Windows 2000 or Windows 2003 directory services technologies, such as those described in the following MOC courses: o Course 2279: Planning, Implementing and Maintaining Microsoft Windows Server 2003 Active Directory Infrastructure o Course 2154: Implementing and Administering Microsoft Windows 2000 Directory Services

Certificates offered

The student kit includes a comprehensive workbook and other necessary materials for this class. Participants will receive a Certificate of completion


Cancellation Policy
10 business day cancellation policy. if the course is confirmed and the student cancels within 10 days of the course, then they get charged and apply a credit for future courses. If they cancel outside of 10 business days, then there are no charges at all.
Map & Reviews
CTE Solutions
[ View Provider's Profile ]

Reviews
 

This course has not yet been rated by one of our members.

If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.

Here are some reviews of the training vendor.
I realize that we are constantly dealing with technology, but I still think for a registration fee of almost $3,000, that a hardcover book should be included. I know that the option to print the book on a one-time basis exists.
Reviewed by 2016
no
Reviewed by 2016
The instructor was very knowledgeable and answered all questions. Jarod did an excellent job presenting.
Reviewed by 2015
The room was cold. I had to sit next to the space heater. It would be good to tell future patrons to dress warmly AHEAD of time. No suprises.
Reviewed by 2015
He was great and offered his contact info for further questions.
Reviewed by 2015
Howard was a fantastic instructor and the course was exactly what I required.
Reviewed by 2014
The trainer was excellent - the course exceeded my expectations.
Reviewed by 2014
This course provides an excellent overview and a bit of practice on the various functions of SharePoint 2013. I was disappointed at the number of exceedingly long breaks given after each module. I would have preferred less break time and more content to the course. Having never taken a SharePoint course with another provider, I don't know if this is the norm with all providers of just this one in particular.
Reviewed by 2014
I ranked the "Use of Technology" low because for Users who were remote the VM's that were setup were a little wonky. Could be very slow at times and then sometimes they needed to be refreshed to work properly with the lab. In some instances we couldn't follow along as replication would not occur fast enough and we would have our lab cut short (for us remote Users).
Reviewed by 2014
The instructor was good at remembering to acknowledge the online students even though he was facing a classroom of students also.
Reviewed by 2014
Insructor was not so good with the live examples. Also the handouts was not so useful
Reviewed by 2013
The trainer was excellent, very knowledgeable and had a lot of valuable experience to share. The problem was that there were way too many workshops that took too long and interfered with getting the maximum benefit from the instructor and the course.
Reviewed by 2013
This was quite informative. It was a great opportunity to have ‘real life’ discussions with certified PMs. The instructor had excellent examples and was able to share his PM experiences with us with concrete examples. In addition, this was a great opportunity to network with private sector/public sector PMs and develop a better appreciation of PM on both sides of the fence. Cheers, CL
Reviewed by 2013
no
Reviewed by 2013
I did not like the video format
Reviewed by 2013
As a remote attendee, it appeared the instructor paid attention to the "Attendee" and "Chat" windows only a few times throughout the day, so I was not confident that he would see if I sent a message or raised my hand during the course.
Reviewed by 2013
The chairs were not very comfortable and the material contained spelling and grammatical error (a few but still)as well as repetition of words.
Reviewed by 2013
Was a bit slow the last 1/2 day. Of course, for some, this was the last of a 4 day course (not just 2 days).
Reviewed by 2013
I really enjoyed the course and I learned a lot. The pace was excellent.
Reviewed by 2013
good!
Reviewed by 2013
The room was excellent on its own - less distraction and no noise around you. There was no direction to the room when I walked in and therefore was not sure if I was heading in the right direction. We were not provided with the direction that there was coffee and fridge on the 3rd floor, and the bathroom floor was dirty.
Reviewed by 2012
This course was great, very informative, had Lionel as instructor and he was also very good.
Reviewed by 2012
Instructor was eager to assist but lacked subject matter expertise. Course time management was very poor. Content provided could have been delivered effectively in a one day course.
Reviewed by 2012
Good Course, good trainer. All questions addressed equally and in a timely professional manner.
Reviewed by 2011
The course content was interesting; however, the instructor didn't have enough knowledge about Microsoft Sharepoint 2010 Development and wasn't able to answer questions without google search. In the future CTE needs to make sure the instructors have real on-hands experience and are highly trained in the technologies they are supposed be teaching.
Reviewed by 2011
need-to-train-a-group-banner

This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates or scheduling a private, in house course for your team.

This page has been viewed 5161 times.