Lab #3 - Assessment Worksheet
Configuring BitLocker and Windows Encryption
Course Name and Number: _Operating Systems: Hardening and Security - ISSC342_____
In this lab, you used the Microsoft Encrypting File System (EFS) to encrypt files and folders on a Windows Server 2012 machine. You documented the success or failure of your encryption efforts. You also installed Microsoft BitLocker Drive Encryption, a data protection feature that is used to resist data theft and the risk of exposure from lost, stolen, or decommissioned computers. You encrypted a data drive on the remote server and decrypt it using a recovery key.
Lab Assessment Questions & Answers
The user who creates the file because the encryption will be based on the password of the account.
With BitLocker you can have all the data encrypted at once, when you access the data and enter the decryption key you will have access until the encryption is activated again by a user or a restart of the system.
Using the data/folder properties it can be added the users that the creator users is allowing to access the data.
ETS is used for securing files and folders and relies on the logged on user certificate details to encrypt on decrypt files and folders. BitLocker is used for securing the hard drive’s contents when the computer is offline and uses the computers TPM chip to store encryption keys and does not rely on individual user credentials.
Fort the local data or LAN I will prefer the use of the BitLocker method because it’s easier to manage and encrypt all data at once. For the laptop I prefer to use the EFS because it can be used by different users and have their own data secure at all times.
LAB #3 ScreenShots
Documents Folder, green in color, with the Microsoft Encryption File System.
“Access is denied” when another user tryes to enter the EFS of another user.
Comfirmation of the creation of the New Volume, disk E: .
Using the PowerShell to enable BitLocker on the new created drive, command used: Enable-BitLocker -MountPoint "E:" -EncryptionMethod Aes256 -UsedSpaceOnly -RecoveryPasswordProtector
The disk is unlocked after introducing the security key.