Knowledge of network, Windows Server and Active Directory.
Objective
Active Directory Certificate Services (AD CS) offer a variety of possible configuration errors, some of which are very critical. In many Active Directory environments, it is possible to become a domain administrator as an unprivileged user or computer via the Certificate Services. This course covers the basics of Public Key Infrastructure, followed by a discussion of the issue of trust (with a best practice PKI design). The anatomy of a certification authority (CA) is then examined in more detail (including the structure and necessary functions of a CA and revocation lists, differences between public and private CAs, root and intermediate certification authorities). It also shows how the AD CS is integrated into Active Directory, how certificates are distributed, what dependencies exist in AD, etc. - In a best practice setup, certificate templates are discussed, including typical vulnerabilities, as well as how to audit your own environment with pentest tools and what immediate actions can be taken.
Comment
This hands-on course is not a Microsoft certified course and does not work towards passing an official Microsoft exam.
