Assessment Worksheet
Implementing an Information System Security Policy
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you used the Microsoft Encrypting File System (EFS) to encrypt files and folders on a Windows Server 2012 machine. You documented the success or failure of your encryption efforts. You also installed Microsoft BitLocker Drive Encryption, a data protection feature that is used to resist data theft and the risk of exposure from lost, stolen, or decommissioned computers. You encrypted a data drive on the remote server and decrypted it using a recovery key.
Lab Assessment Questions & Answers
1. Within a Microsoft Windows Server 2012 environment, who has access rights to the EFS features and functions in the server?
All users have access to encrypt files. Only authorized users can decrypt or members of data recovery group.
2. What are some best practices you can implement when encrypting BitLocker drives and the use of BitLocker recovery passwords?
Store recovery information in AD domain services to provide a secure storage location physically store in a separate drive for password recovery
Use multifactor authentication which increases volume security
3. What was the recovery key generated by BitLocker in this lab?
4. How would you grant additional users access rights to your EFS
