5.6 Encryption (EFS)

Ace your homework & exams now with Quizwiz!

What three steps are necessary for a stand alone computer to have a DRA?

-Run cipher /r to generate the recovery agent keys. You do not need to perform this step if you already have a certificate you will use for the data recovery agent. -Add a Data Recovery Agent to the Encrypting File System policy in Group Policy. -For each user, run the cipher /u command to update encrypted files and add the DRA to each file. Running this command updates only the current user's files.

What is PFX?

A Personal Information Exchange (PFX) file contains EFS keys which can be imported on other computers, or back to the original computer if necessary.

Which right-click option in Group Policy Editor will allow a desktop administrator to enable Encryption File System? A - Refresh B - Properties C - Create new D - Add Data Recovery Agent

B - Properties

You are the desktop support specialist for your company. A user named Peter has left the company, and you have deleted his user account. Later you realize that he had encrypted his Work folder on his Windows 7 computer and you must regain access to this folder. What should you do? a.Log on to Peter's computer with your user account and decrypt the file. b.Log on to Peter's computer with the default administrator account and decrypt the file. c.Recreate Peter's user account, log on with this account, and decrypt the file. d.You cannot access this folder; it is permanently lost.

B. By default, the administrator account created when Windows 7 is first installed is the default recovery agent for files or folders that have been encrypted on this computer, so you can decrypt the file if you log on with this account. Note that this account is disabled by default, so you need to log on with another account and enable the account first. If you recreate Peter's user account, the new account has a different security identifier (SID) so it does not have the capability of decrypting files encrypted with the old account.

What three tools are used to restore, import, and export EFS keys to and from a PFX file?

Certificate Manager Console Manage File Encryption Certificates Cipher command-line tool

Lance is the team leader of a field research group for an environmental research company. The company is working on a new system for toxic contaminant removal from municipal sewage effluents. Researchers in his group have stored experimental data on a Windows 7 Professional laptop computer that they regularly take to the field when performing measurements at several sites. They record their measurements into a folder named Effluents. The network administrator at the company has created a group named Field and added the user accounts for Lance and the other field researchers to this group. Lance's boss is concerned that the laptop could be stolen and the data could fall into the wrong hands. So, he decides to use EFS to encrypt the Effluents folder on the laptop. He needs to enable the other researchers in his group to access data on this folder while in the field. All researchers have valid certificates for using EFS. Lance right-clicks the data folder, chooses Properties, clicks the Advanced button, and then selects the Encrypt contents to secure data option. What else does Lance need to do so that all users of the laptop can access the experimental data? A. In the Advanced Attributes dialog box for the Effluents folder, click Details. In the Encryption Details dialog box that appears, click Add and add the other researchers individually to the list of users that can transparently access the folder. B. In the Advanced Attributes dialog box for the Effluents folder, click Details. In the Encryption Details dialog box that appears, click Add and add the Field group to the list of users that can transparently access the folder. C. Right-click each file in the Effluents folder and choose Properties. Click the Advanced button, and in the Advanced Attributes dialog box for the file, click Details. In the User Access to Effluents dialog box that appears, click Add and add the other researchers individually to the list of users that can transparently access the file. D. Right-click each file in the Effluents folder and choose Properties. Click the Advanced button, and in the Advanced Attributes dialog box for the file, click Details. In the User Access to Effluents dialog box that appears, click Add and add the Field group to the list of users that can transparently access the file.

C. Lance should access the User Access to Effluents dialog box, click Add, and add the other researchers individually to the list of users that can transparently access the file. Windows 7 enables you to enable additional users to access files and folders that are encrypted with EFS. Lance can authorize the users in his group to access the data files in this folder by following the procedure in this option for each of the files in turn. The Encryption Details dialog box does not contain an option for enabling additional users to access the encrypted files, so answers A and B are incorrect. Lance cannot add a group to the list of users who can access the file on the User Access dialog box, so answer D is incorrect.

What if you move or copy EFS files to a non-NTFS volume?

Encryption is removed.

What is the purpose of the 2 keys generated by EFS?

EFS encrypts files or folders with the public key of the user. To decrypt the file or folder, the computer uses the private key.

What if you copy an unencrypted file into an encrypted folder?

EFS encrypts the file.

What must homegroup users do to share encrypted files?

In HomeGroup environments, each user must export their EFS keys to other computers in the HomeGroup.

In a domain where are the EFS keys managed?

In domain environments, the Active Directory Certificate Service centrally manages the EFS keys.

What does command line cipher do? What does the command line do without switches?

Manage encrypted files through the file or folder properties or use the cipher command. Cipher by itself displays the encryption state of a folder or the files it contains.

What file system is necessary for EFS?

NTFS

Are files encrypted as they are sent across the network?

No

By default who can decrypt a file? What is necessary for others to have access?

Only the user who encrypted the file or folder and the Data Recovery Agent (DRA) can access the contents of the file. You can also identify other users who are given access. However, the encryption keys for these users must be available to the local computer.

What versions of W7 is EFS available?

Professional, Enterprise, and Ultimate editions of Windows 7

Why should folders not files be encrypted?

Some programs save temporary copies of data. To ensure that data is never saved in an unencrypted format, encrypt the folder where temporary data is stored.

What is generated the first time a file is encrypted?

When a user encrypts a file for the first time, the key pair (i.e., public and private keys) is generated on the computer.

What if back up and then restore EFS files?

The encryption is preserved.

What if you move or copy an encrypted file on the same computer to an NTFS partition, either to the same partition or another partition?

The file remains encrypted.

What if you move an unencrypted file into an encrypted folder?

The file remains unencrypted.

What if you save an encrypted file to a network share?

The file will be encrypted only if the server is trusted for delegation and has access to the user's certificate.

What is necessary to recover an encrypted file?

The files and recovery key need to be on the same computer. You can export the recovery key and import it onto the computer storing the files you want to recover.

When using the export wizard for certificates and keys where does the resulting backup file get stored by default?

The user's document file

How do you secure unencrypted data sent across the network?

Use IPSec or another encryption method for network communications.

What does the switch /k do with the cypher command?

Use cipher /k to create a new file encryption key for the user running cipher.

What two tools can be used to transfer the encryption certificates from the computer where the EFS-encrypted files originated to the computer where the EFS-encrypted files were copied?

User State Migration Tool (USMT) or cypher command line tool.

What does command line rekeywiz or cipher /rekey do?

When changing the certificate used to encrypt files, run rekeywiz or cipher /rekey. This updates all encrypted files using the new certificate.

What NTFS or share permission must you have for a file or folder to encript it?

Write

What is your option if you do not have the private or recovery key?

You cannot copy or move an encrypted file. You can however, back up the files and restore them to the computer where a recovery key is located.

What file/folder type cannot be encrypted?

You cannot encrypt System or Read-only files.

What file/folder property is incompatible with encryption?

compression


Related study sets

Module 3 Review Questions CIS-16/11/2021

View Set

DISSOULTION and WINDING UP & LIMITED PARTNERSHIPS

View Set

Exam 1 Evolve and Book Questions

View Set

ECO2023 - Quiz and Test Questions

View Set