Questions Case
Essay Preview: Questions Case
Report this essay
Within a Microsoft Windows 2008 Server R2 environment, who has access rights to the EFS features and functions in the server? Only users that have rights to encrypt file systems certainties and have rights to encrypt and decrypt but this is not a default thing, these rights would have to be given to them.
There are three modes of access control that Bitlocker can enable on drives. List these three modes. Three modes that run on Bitlocker are: TPM, PIN, and USB.
What feature and function can you enable to mitigate the risk caused by USB thumb drives moving confidential data to/from a USB hard drive? You can be able to use either a USB key/password or smartcard, via windows prompts and it should encrypt the data.
What are some best practices you can implement when encrypting BitLocker drives and the use of Bitlocker recovery passwords? For encrypting BitLocker drives and the use of Bitlocker recovery passwords, Windows will ask where you would like to save a recovery key and it gives you some options which are: Save to USB flash drive, a file, or print the recovery key.
What encryption algorithm is supported BitLocker? The main encryption algorithm is asymmetric algorithm, secure hash algorithm or elliptic curve cryptography could be used to.
What is the Trusted Platform Module (TPM) within Bitlocker and how does this verify the integrity of the Workstation Domain and laptops boot process? TPM within Bitlocker is microchip to accomplish and protect the key used for volume encryption and decryption. This will use TPM, PIN, USB and any combination of the three for authentication purposes.
How do you add additional users to have access rights to your EFS encrypted folders and data files? Need to be logged in as the admin and then you will need to enable the user to be able to encrypt and decrypt messages for them to be able to read any secure encrypted messages.
How do you create a backup of your certificate? You can have a security certificate or digital certificate in place that has two keys and you must have both to access the information.
What are the main differences between EFS and BitLocker? EFS allows encrypting and decrypting files or entire folders. BitLocker allows you to encrypt and decrypt entire drives or volumes.
A Data Classification Standard has defined customer privacy data as requiring encryption while residing in hard drives or disk drives within the Workstation Domain and LAN Domain. Users that have access to and that store customer privacy data on their personal user data folders must be encrypted. Customer privacy data residing on shared disk drives on LANs must also be encrypted while residing on shared drives. Describe your solution for meeting this policy requirement. I think I would use EFS, because since they are shared among a network, then EFS will value the need of understanding for the right users while still leaving