The Understanding PKI Concepts module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:
- Install and Configure Active Directory Certificate Services
- Configure Certificate Revocation Lists (CRLs)
Lab time: It will take approximately 1 hour to complete this lab.
The following exam objectives are covered in this lab:
- SY0-501 1.6: Explain the impact associated with types of vulnerabilities
- SY0-501 2.3: Given a scenario, troubleshoot common security issues.
- SY0-501 4.3: Given a scenario, implement identity and access management controls
- SY0-501 6.4: Given a scenario, implement public key infrastructure
Exercise 1 - Install and Configure Active Directory Certificate Services
In this exercise, you will install and configure Active Directory Certificate Services in a Windows domain environment.
Exercise 2 - Configure Certificate Revocation Lists (CRLs)
In this exercise, you will configure certificate revocation lists in Certificate Services. When a user certificate is revoked by an administrator regardless of the reason, the Certificate Server records that cancellation to prevent a user from reusing a revoked certificate. In a large network, the revocation of the certificate must be replicated to other CA servers to prevent cancelled certificates from being used to access network resources.