Windows Server – Public Key Infrastructure Management & Security (PKI)

This 5-day course is considered essential for anyone who would like to expand their knowledge about Public Key Infrastructure (PKI) in Microsoft technologies. During the course PKI is covered in depth, starting from the best practices for implementing secure and reliable PKI and ending up with most common scenarios of certificates usage in the enterprise environment.
To get more practice we offer three extra weeks of labs online!

At the end of the course you will be able to: 

• Understand the core essence of PKI and cryptography.
• Evaluate and select appropriate PKI technologies.
• Install and configure PKI environments according to the best practices taken from practical experience.
• Secure existing PKI infrastructure.
• Choose appropriate types and manage the certificate lifecycle.
• Understand the benefits of certificates used in the infrastructure.
• Adjust PKI to your business needs.
• Become familiar with enterprise solutions that uses PKI and certificates for security.
• Configure and use certificates in: IIS, VPN, Wi-Fi, file encryption, e-mail security and many more.

Module 1: Essence of PKI
This module introduces cryptography basics and fundamentals of public key infrastructure with detailed information about certificates

• Cryptography basics
• Fundamentals of PKI
• Certificate types (X.509)
• Certification authorities
• Certificate Revocation Lists

Module 2: Designing and implementing CA Hierarchy
Module 2 covers one of the most important topics for successful and secure deployment of PKI in enterprise environment

• Planning
• Preparing AD Environment
• Implementing CA Hierarchy
• Securing CA Hierarchy
• Role separation
• Security Policy

Module 3: PKI in Windows domain
In this module, you will become familiar with important aspects of implementing PKI in Windows Server 2019 environment
Managing PKI

• Configuring Certificate Templates
• Configuring Certificate Enrollment
• Configuring Key Archival and Recovery
• Configuring Trust Between Organizations

Module 4: Upgrading PKI Infrastructure
This module focuses on supported scenarios and challenges regarding migration and upgrade of existing infrastructure.

• Supported scenarios
• Upgrading certificate templates
• Migration scenarios

Module 5: PKI Security
This module reviews all aspects of security of PKI and certificates. We also cover physical security and usage of smartcards, TPM and HSM.

• Deploying certificates to Domain Controllers
• Certificate Revocation
• Certificate Validation
• CDP, AIA and OCSP
• Planning and implementing disaster recovery
• Deploying Smart Cards
• TPM Virtual Smartcard
• Private key security with HSM

Module 6: Securing applications with PKI
This module focuses on day-to-day operation and challenges in securing applications with certificates.

• Secure IIS Traffic with SSL
• IIS certificate store security
• IIS users authentication
• Windows logon with Smart Cards
• E-mail security
• Encrypting file systemg.Document and code signing

Module 7: PKI for network security
Last module covers how to use to PKI to increase network security.

• VPN
• Wireless Networking
• 802.1X and NPS
• Radius server
• Ipsec
• Mobile devices certificates with MDM, SCEP and NDE

Netzwerkadministrator*innen
Infrastruktur-Architekt*innen
Sicherheitsexpert*innen
Systemingenieure*innen
Netzwerkadministrator*innen
IT-Fachleute
Sicherheitsberater*innen
Personen, die für die Implementierung von Netzwerk- und Perimetersicherheit verantwortlich sind, Chief Security Officers

• PKI-Grundlagen, fortgeschrittene Kenntnisse in der Verwaltung von Windows-Systemen
• typische Erfahrung in der Verwaltung von Windows-Systemen und Server-Plattformen