No.

Term
1 Active Directory Certificate Services (AD CS)
2 Public key infrastructure (PKI)
3 Certificate authority (CA)
4 Asymmetric encryption
5 Digital certificate
6 Registration authority (RA)
7 CA Web Enrollment
8 Online Responder
9 Network Device Enrollment Service
10 Certificate Enrollment Web Service
11 Certificate Authority Policy Web Service
12 Standalone CA
13 Enterprise CA
14 Root CA
15 Subordinate CA
16 Authority Information Access (AIA) extension
17 CRL distribution point (CDP) extension
18 Certificate Revocation List (CRL)
19 Delta CRLs

20 Certification practice statement (CPS)

21 Online Certificate Status Protocol (OCSP)
22 CA administrator
23 Certificate manager
24 Backup operator
25 Auditors
Definition
A server role that allows you to issue and manage digital certificates as part of a public key infrastructure.
A system consisting of hardware, software, policies, and procedures that create, manage, distribute, use, store, and
revoke
Within digital
the PKI,certificates.
it binds a public key with respective user identities and issues digital certificates containing the
public key.
encrypt the data, whereas the second key is used to decrypt it. Unlike symmetric key algorithms, this method does
not require a secure initial exchange of one or more secret keys to both sender and receiver. Instead, you can make
the
An public
electronickeydocument
known to that
anyone and use
contains an the other such
identity, key toasencrypt
a user orororganization
decrypt the data.
name,The public
along withkey can be sent to
a corresponding
public
Withinkey.the PKI, it is used to distribute keys, accept registrations for the CA, and validate identities. The RA does
The component
not distribute that provides
digital a method
certificates, instead,tothe
issue
CAand renew certificates for users, computers, and devices that are
does.
not joined to the domain, are not connected directly to the network, or are for users of non-Windows operating
The component that configures and manages Online Certificate Status Protocol (OCSP), which is used to validate
systems.
and revoke certificates.
The component that can be used to assign certificates to routers, switches, and other network devices.
The component that allows computers to connect to a CA using a web browser to request, renew, and install
issued certificates; retrieve CRLs; download a root certificate; and enroll over the Internet or across forests.
The component that is enables users to obtain certificate enrollment policy information.
A CA that works without Active Directory and does not need Active Directory, however, the server can be a
member
A CA that ofrequires
a domain. Active Directory and is typically used to issue certificates to users, computers, devices, and
servers for an organization.
A CA that is at the top of the certificate hierarchy.
A CA that is below the root CA. There can be many of these, based on number of clients and geographic location.
One of the extensions required for a CA to issue certificates. It specifies where to find up-to-date certificates for
the
OneCA.of the extensions required for a CA to issue certificates. It specifies where to find up-to-date CRLs that are
A digitally
signed signed
by the CA. list issued by a CA that contains a list of certificates issued by the CA that have been revoked.
The
CRLs that containallonly
list includes individual revokedrevoked
the certificates certificates including
since the last the serial
regular number
CRL of the certificate,
was published. the date
This allows that to
clients the
certificate
retrieve thewas revoked,
smaller deltaand
CRL theand
revocation
more quicklyreason.
build a complete list of revoked certificates. The use of delta
CRLs also allows revocation data to be published
A policy that is defined by the issuing organiza- tion's moreresponsibilities
frequently because
whenthe size of
issuing thethe delta CRLincluding
certificates usually does
not require as much time to transfer as a full CRL.
identifying the organization issu- ing the certificates, what the certificates will be used for the process used when
assigning the certificates, how the certificates are revoked, and how the certificates are protected. The CPS should
A
be protocol
availablewhich allows
publically to ainternal
recipient ofexternal
and a certificate to submit a certificate status request to a responder by using the
users.
Hypertext
An Transfer
administrator Protocol
that (HTTP).
configures This is used
and maintains theby
CA.an CA
Online Responder.have the ability to assign all other CA
administrators
roles and renew the CA certificate.
A user that issues and manages certificates, and approves certificate enrollment and revocation requests.
A user that backs up and restores files and directories.
Users that manage and read security logs on a computer running the AD CS role.