Back to trainings
Cybersécurité
Microsoft PKI (Windows Server) - Advanced Exploitation and Security
5 jour(s) • 35h
Description
This advanced program on Microsoft PKI (Windows Server, AD CS) is designed for infrastructure and security teams responsible for a production PKI. It delves into architecture and operations: secure design (including offline root), hardening and controls, continuity and high availability (notably OCSP), as well as integration of associated services based on needs (NDES/SCEP, 802.1X/NPS). The training alternates between methodological inputs and practical work, with the goal of making the PKI more reliable and structuring its operations through operational procedures and runbooks.
Learning Objectives
- Hardening an AD CS PKI and reducing risks related to templates and permissions.
- Design a secure architecture (including offline root) and formalize crisis procedures (DRP/incidents).
- Implement continuity and high availability (OCSP priority) and validate proper operation.
- Integrate associated services depending on the context (NDES/SCEP, 802.1X/NPS).
- Produce a level 2 operational runbook and an actionable remediation plan.
Target Audience
Infrastructure/IT Services engineers responsible for operational maintenance of an AD CS PKI.
Security engineers/referents responsible for PKI hardening, controls, and compliance.
Senior system/network administrators involved in service continuity (OCSP/CRL/HA) and integrations (NDES, 802.1X/NPS).
Prerequisites
Have already deployed or operated a Microsoft AD CS PKI (or completed the foundation level).
Master the fundamentals of Windows Server / Active Directory (DNS, GPO, accounts and rights).
Useful knowledge of high availability (NLB/cluster) and certificate usage (TLS).
Program Outline
Informations
Duration
5 jour(s)
35h
Tarif
Sur demande