Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AD CS Server 2016 > Basics > Flashcards

Basics Flashcards

1
Q

What does PKI stand for?

A

Public Key Infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a PKI (Public Key Infrastructure)?

A

Two key (asymmetric) cryptosystem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the benefits of PKI?

A

Integrity

Confidentiality

Authenticity

Non-repudiation -

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain the concept of PKI’s Integrity?

A

Data doesn’t change in transit. It came from who state it came from.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Explain the concept of PKI Confidentiality?

A

(Digital Encryption) Ensures the designated person is the only one who can view the document.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Explain the concept of PKI Authenticity?

A

Logging on, when you enter your password the local security authority runs a hash on your password (Algorithm is called Digest), a Digest is sent over the network to the server. The server (which knows your password) puts a Hash algorithm on your password and it should be the same digest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Explain the concept or PKI Non-repudiation

A

A maker of a signed software is not able to repudiate it since the certificate that contains the key pair is on the software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a Certificate Authority?

A

A Certificate Authority binds public keys with respected identities of entities. This binding is done through a process of registration and issuance of certificates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the concept of Certificate Enrollment?

A

Where the public key binding is done through registration and issuance of certificates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What can a private CA do?

A

Certify Entities such as User accounts, Smart Phone, Router, laptop or a website. It can perform the duties which a CA Infrastructure can do.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the difference between a Stand Alone CA vs Enterprise CA?

A

The stand-alone CA

  1. Offline
  2. No AD DS required
  3. All certificates are approved manually.

Enterprise CA

  1. Online
  2. AD DS required.
  3. Certificates can be issued or denied automatically based on a policy.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a two-tier CA?

A
  1. Root CA (stand-alone CA), after issuing certificates to Issuing CA it goes offline.
  2. Issuing CA is Enterprise CA and it’s always online. Auto-enrollment enabled.

Note: This prevents any rogue CA coming into your network since it needs to be certified through the root CA.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a policy hierarchy?

A
  1. Root CA (stand-alone CA), after issuing certificates to Policy CA it goes offline.
  2. Policy CA defines policy at granular level and issues certificates to to Issue CA
  3. Issuing CA is Enterprise CA and it’s always online. Auto-enrollment enabled.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Can Root CA and Issuing CA be on the same server?

A

Yes, they can, many companies use this method.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does ADCS stand for?

A

Active Directory Certificate Services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the purpose of Active Directory Certificate Services?

A

AD CS is the “Server Role that allows you to build a public key infrastructure (PKI) and provide public key cryptography, digital certificates, and digital signature capabilities for your organization.”

Basically what this means is rather than going to a third party Certificate Authority (CA) to get PKI certificates and using their hosted services, you can actually handle this in-house.

17
Q

What are the 6 roles in Active Directory Certificate Services?

A
  1. Certificate Authority (CA).
  2. Online Responder.
  3. Network Device Enrollment Service (NDES).
  4. Certificate Enrollment Web Service.
  5. Certificate Enrollment Policy Web Service
  6. Certification Authority Web Enrollment
18
Q

In ADCS, what is the purpose of Certificate Authority (CA).?

A

This is the core component which creates certificates for use. These certificates are issued to users or devices or to a subordinate CA.

19
Q

In ADCS, what is the purpose of Online Responder?

A

This component provides a way for certificates to be checked that is uses a small amount of network traffic.

20
Q

In ADCS, what is the purpose of Network Device Enrollment Service?

A

This component allows non-domain devices like switches and routers to obtain certificates.

21
Q

In ADCS, what is the purpose of Certificate Enrollment Web Service?

A

This allows certificates to be obtained using the web.

22
Q

In ADCS, what is the purpose of Certification Authority Web Enrollment

A

This component provides a web interface which end users can use to obtain certificates.

23
Q

What is a certificate revocation list (or CRL)?

A

A certificate revocation list (or CRL) is “a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their scheduled expiration date and should no longer be trusted.”

AD CS Server 2016 (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions