Configuring BitLocker and Windows Encryption
Course Name and Number: _Operating Systems: Hardening and Security - ISSC342_____
Student Name: ___________ Benson Kungu_______________________________________
Instructor Name: __________ Mylonakos, Peter______________________________________
Lab Due Date: ____________June 21, 2015__________________________________________
In this lab, you used the Microsoft Encrypting File System (EFS) to encrypt files and folders on a Windows Server 2012 machine. You documented the success or failure of your encryption efforts. You also installed Microsoft BitLocker Drive Encryption, a data protection feature that is used to resist data theft and the risk of exposure from lost, stolen, or decommissioned computers. You encrypted a data drive on the remote server and decrypt it using a recovery key.
Lab Assessment Questions & Answers
1. Within a Microsoft Windows Server 2012 environment, who has access rights to the EFS features and functions in the server?
The user who creates the file because the encryption will be based on the password of the account.
2. What are some best practices you can implement when encrypting BitLocker drives and the use of BitLocker recovery passwords?
With BitLocker you can have all the data encrypted at once, when you access the data and enter the decryption key you will have access until the encryption is activated again by a user or a restart of the system.
3. What was the recovery key generated by BitLocker in this lab?
4. How would you grant additional users access rights to your EFS encrypted folders and data files?
Using the data/folder properties it can be added the users that the creator users is allowing to access the data.
5. What are the main differences between EFS and BitLocker?
ETS is used for securing files and folders and relies on the logged on user certificate details to encrypt on decrypt files