MCITP Enterprise Administrator WSUS Options best practices
Without a security policy, the old saying ?I didn?t know?can become a valid excuse. For example, what if security concerns mandate that a certain folder on the infrastructure server can never have its name changed? If a user doesn?t know this, they can always use the ?I didn?t know?excuse after the folder?s integrity has already been compromised. Although not used by all organization, a good practice when implementing mcse 2008 a complicated certi?cate structure is to implement a certification policy that outlines the processes and measures taken to ensure both the validity of a user and the validity of the certi?cate they are using. This may be something as simple as an email to a higher certi?cate authority request- ing permission for a certi?cate or as complex as an intensive background check. Either way, outlining this policy can ease some of the burden of informing users how to attain and man- age certi?cates. The last document recommended by the Microsoft best practices for a public key infra-structure is a certi?cate practice statement (CPS). According to Microsoft, a CPS essentially outlines how a certi?cate authority manages its security and certi?cates. Although you are most likely familiar with all of these technologies from your previous study of Windows certi?cate services for your 70-640, 70-642, and 70-643 exams, it’s important to note that in order to support Windows Server 2008, you must update the schema master to support the new Windows Server 2008 features of the public key infrastructure, including the following: The underlying fabric of any public key infrastructure is the design of the underlying cer- ti?cate authorities. This includes the number of certi?cate authorities (CAs), as well as what type of certi?cates they will use and how the certi?cate authorities will be used, implemented, and so forth. The first step in creating a CA hierarchy is to choose an effective tier-design microsoft exam model. There- fore, the best way to start a certi?cate services design is to decide how many servers are going to be operating as certi?cate authorities and how the process of accessing certi?cates from these CAs will proceed. According to Microsoft best practices, certi?cate authorities can exist in single-, two-, three-, or even four-tiered models, each of which has its own advantages and reason for implementation. In the following sections, I will brie?y touch on each of these models and highlight the strengths and weaknesses of each.
Processing your request, Please wait....
