Chapter 5: Certificate Authorities | MCSA/MCSE Self-Paced Training Kit (Exam 70-214): Implementing and Administering Security in a Microsoft Windows 2000 Network (Pro-Certification)

Chapter 5

Certificate Authorities

About This Chapter

This chapter covers certificate authorities and Microsoft Certificate Services. A certificate authority (CA) is a service that accepts and completes or revokes certificate requests. Certificate Services is the Microsoft Windows 2000 tool that allows users to request and obtain encryption certificates for use by numerous security services of Windows 2000, such as smart card logon and e-mail encryption.

Chapter 6, "Managing a Public Key Infrastructure," covers the various ways that certificates can be used specifically, including detailed information about how to request certificates within a domain and outside a domain.

Be sure you understand the differences between a root CA and a subordinate CA, as well as the difference between an enterprise CA and a stand-alone CA. You should also know how to protect a root CA from hacking attempts.

Before You Begin

To complete this chapter, you must have

The dc01.domain.fabrikam.com Windows 2000 Server configured with Active Directory
Windows 2000 Server joined to the domain as a member server Active Directory need not be installed on this server
Your original Windows 2000 Server installation CD-ROM