Overview

Introduction

Welcome to the Certificate Services Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercise:

  • Exercise 1 - Manage Certification Authority After completing this lab, you will be able to:
  • Install and configure Subordinate Certification Authority
  • Understand how certificates are issued to users
  • Understand certificate properties

Exam Objectives

The following exam objectives are covered in this lab:

  • Understand encryption - certificate properties, certificate services, PKI/certificate services infrastructure

Lab Duration

It will take approximately 30 minutes to complete this lab.

Exercise 1 - Managing Certification Authority

Public Key Infrastructure (PKI) is a framework for managing policies in the creation, distribution, and management of digital certificates in an organization. PKI provides secure electronic transfer of information between devices in the public network such as the Internet and used extensively in e-commerce transactions, online banking, and secure e-mail. When a user password is not enough to verify a user’s identity, PKI provides additional security layer as it requires proof to confirm the identities of both parties involved and encrypts the information exchanged over an unsecured public network.

PKI is implemented in Windows Server through Active Directory Certificate Services (AD CS) and works alongside with Active Directory Domain Services (AD DS). Although AD DS is not a mandatory requirement, it simplifies the administration of users, computers or services that require certificates to verify their identity.

When AD CS is installed on a server, the server assumes the role of a Root Certification Authority (CA) that signs and verifies the certificates issued to a requesting party. To protect the Root CA from security breaches, it is normally kept in a secure network accessible only to trusted personnel. To ensure that users, computers or service can request a certificate from a trusted source, a subordinate CA is typically installed that will handle this requirement. A subordinate CA gets its authority to issue certificates from the Root CA server.

In this exercise, you will learn how to install and configure subordinate CA. Then know how to setup a client to request a certificate from a CA server in the corporate network.

Learning Outcomes

After completing this exercise, you will be able to:

  • Install and configure Subordinate Certification Authority
  • Understand how certificates are issued to users
  • Understand certificate properties

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.