MCSE: Windows(r) Server 2003 Network Security Design Study Guide (70-298)

This role is associated with the Manage CA permission on the CA server. It will allow the account to configure the CA server, manage permissions, and renew CA certificates.

Authentication scheme that allows users to authenticate with the IIS server using a digital certificate. The certificate can be obtained from a third-party certificate vender or from your own public key infrastructure (PKI). The client certificate validation is a feature of SSL. Just remember that certificate authentication can not be used if SSL is not enabled.

A trusted and recognized entity that can be either internal or commercial that issues and manages security credentials and public keys for message encryption.

This role is associated with the Issue And Manage Certificates permission. It will allow the account to initiate a key recovery, manage certificate enrollment, and revoke certificates.

A rule within a software restriction policy that will grant or deny access to software by evaluating its signature and determining if it is signed by a trusted publisher.

Templates used by Windows Server 2003 for generating certificates for various applications. They provide the fields necessary for the application that uses the certificate. An example would be secure e-mail certificates.

The industry standard protocol for performing Point-to-Point Protocol (PPP) authentication. Popular among Internet Service Providers (ISPs), this protocol uses the challenge-and-response mechanism for validating the user.

Allows two organizations to trust each other and rely on each other’s certificates and keys as if they were issued from their own certificate authorities.

These are templates that you create. It is recommended that you base them on predefined templates.