1. Based on this information, which of the following statements is true?
a. None of the three administrators has correctly configured the new domain
controllers with the appropriate security settings.
b. One of the three domain controllers is correctly configured with the appro
priate security settings; the other two are not.
c. Two of the three domain controllers are correctly configured with the appro
priate security settings; the other one is not.
d. All three of the new domain controllers are correctly configured with the
appropriate security settings.
c
11 Creating and Managing
Digital Certificates
Exam Objectives in this Chapter:
■ Configure Active Directory directory service for certificate publication.
■ Plan a public key infrastructure (PKI) that uses Certificate Services.
❑ Identify the appropriate type of certificate authority to support certificate issu
ance requirements.
❑ Plan the enrollment and distribution of certificates.
❑ Plan for the use of smart cards for authentication.
Why This Chapter Matters
The public key infrastructure (PKI) is an important element of the security philos
ophy of the Microsoft Windows Server 2003 family, and digital certificates pro-
vide the cornerstone of the PKI. With certificates, you can protect network data and
secure communications using a variety of cryptographic algorithms and key lengths
that enable you to implement as much security as you need for your organization.
Before you actually use certificates on your network, you must understand the
architecture of the PKI and create a plan that is suitable for your network.
Lessons in this Chapter:
■ Lesson 1: Introducing Certificates . . . 11-2
■ Lesson 2: Designing a Public Key Infrastructure . . . 11-9
■ Lesson 3: Managing Certificates . . . 11-19
Before You Begin
This chapter requires a basic understanding of Windows Server 2003 security, Active
Directory directory service, and group policies. You should complete Chapter 8, “Plan
ning a Secure Baseline Installation,” and Chapter 9, “Hardening Servers,” before begin
ning this chapter.
To perform the practice exercises in this chapter, you must have installed and config
ured Windows Server 2003 according to the procedure in “About This Book,” and you
must have installed Internet Information Services (IIS) on the computer, as described in
the practice exercises for Chapter 7, “Clustering Servers.”
Bạn đang xem 1. - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 293 PHẦN 6 PPTX