Windows Server - Deployment and Management of PKI (PKI)

Cybersecurity, ICT Security

This PKI course is for administrators and anyone seeking secure Internet and LAN communication, focusing on practical use of PKI, electronic signatures and built-in Windows Server mechanisms to protect data and authenticate users.

Through hands-on lab exercises participants learn to use standard PKI tools, manage certificates in clients and MS Office, and gain basic skills in installing, configuring and administering a Certificate Authority, with emphasis on certificate management and practical labs.

Location, current course term

Contact us

Custom

Customized Training (date, location, content, duration)

The course:

Hide detail

• Electronic signing of documents
1. Principle and importance of electronic document signing
2. Encryption

• Algorithms for encryption and digital signing; hash functions; S/MIME extensions

• Certificate Authorities (CA)
1. Functions of a CA
2. Certificate hierarchies
3. Installing and configuring a CA for certificate issuance

• Certificate types and parameters; obtaining certificates for use

• Installation, configuration, administration and maintenance of a CA on Windows

• Template configuration and automatic certificate issuance
1. Using the certutil utility

• Working with certificates on clients
1. Installing certificates for electronic document signing
2. Importing and exporting certificates (digital IDs)

• Using certificates in messages
1. Sending and receiving digitally signed messages
2. Encrypting messages
3. Handling signed and encrypted messages
4. Verifying signature validity

• Applying PKI and certificates in Microsoft Exchange

• Protecting corporate documents – Active Directory Rights Management Services (ADRMS)
1. Introduction, principles and deployment of ADRMS

• Encryption for server roles and network technologies

• Active Directory Domain Services (AD DS)
1. Authentication, processes and protocols
2. Securing Active Directory

• DNS
1. Overview and deployment of DNSSEC

• Internet Information Services (IIS)
1. HTTPS, SSL and TLS overview
2. PKI-related and protocol attacks
3. Deploying a secured website

• IPsec
1. Introduction to IPsec and Security Associations
2. IPsec protocols and modes
3. Connection types, authentication and Group Policy deployment

• BitLocker
1. Overview, local and domain deployment and management

• Encrypting File System (EFS)
1. Overview, local and domain deployment and management

• Hyper-V
1. Guarded hosts and shielded virtual machines

Assumed knowledge:

Basic experience with Windows or Linux and a general understanding of TCP/IP security.

Recommended previous course:

Network Security (BZP1)

Schedule:

3 days (9:00 AM - 5:00 PM )

Language: