CIS 157 Lesson 9 Securing Infrastructure Services

CIS 157 Lesson 9 Securing Infrastructure Services

 

This was quiet an involved chapter in terms of reading.  Within this chapter I learned that Win Svr 08 provides Remote Access Services which is part of Network Policy.   This enables users to connect to the network via VPN for example.

In a Virtual Private Network (VPN) Connection the remote client and the remote access server are connected to a network via the internet and do not have to a share the same service provider.

I learned about the tunneling process where two computers establish a PPP connection but instead of transmitting PPP packets they encapsulate the packets again using one of the three VPN protocols supported by Win Svr 08.

DIK that Remote Access in Win Svr 08 uses an authentication system that is entirely separate from the Kerberos authentication system that clients on a local network use?  Now you can rest easy at night with that information under your pillow.

Also a digital certificate is a digitally signed document, issued by a third party called a Certification Authority. (CA) This binds a user or service holding a private key with its corresponding public key.

Also Certificated Templates are sets of rules and settings that define the format and content of a certificate based on the certificate’s intended use.

Active Directory Certificate Services supports several certificate enrollment methods such as a client’s choice of enrollment for obtaining certificates is typically dictated by the type of CA the client is requesting the certificate from and whether the client and CA can communicate across a network. 

I found this chapter to be very enlightening and it “Cleared up some misconceptions I had about Infrastructure Hierarchy.