Understanding Public Key Infrastructure

Practice Labs Module
Time
1 hour
Difficulty
Intermediate

The Understanding Public Key Infrastructure module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises: Install and Configure Active Directory Certificate Services, Using TLS/SSL.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Overview

Introduction

The Understanding Public Key Infrastructure module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:

  • Install and Configure Active Directory Certificate Services
  • Using TLS/SSL

Exercise 1 - Install and Configure Active Directory Certificate Services

Public Key Infrastructure (PKI) is a system that supports the distribution and identification of public keys sometimes called digital certificates that enables users, computers and network services to securely exchange data over a public network like the Internet and verify the identity of the other party.

To implement a public key infrastructure, organizations must entrust the other parties Certificate issuing authority to be safe and trustworthy. In addition, the certificate issuing authority will ensure that their identities and keys will remain valid and verifiable.

In this exercise, you will install and configure Active Directory Certificate Services or ADCS in a Windows domain environment. ADCS is Microsoft’s implementation of public key infrastructure in its operating system product line.

Exercise 2 - Using TLS and SSL

One of the issues that you encounter when sending data over a public network such as the Internet is how to secure data as it traverses over a public network.

You can use TLS/SSL to authenticate servers and clients and then use it to encrypt messages between authenticated parties. The Transport Layer Security (TLS) protocol, Secure Sockets Layer (SSL) protocol are based on public key cryptography that was illustrated in the earlier exercise.

For servers to authenticate to clients, TLS/SSL does not require server keys (certificates) to be stored on domain controllers or servers. Client computers confirm the identity of the server’s credentials with a trusted root certification (CA) certificates. If the certificate issuer is not trusted, the user is warned beforehand and it’s up to the user if he wants to enter the web site with an untrusted certificate.

Learning Partner
Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.