The Data Encryption module provides you with the instruction and Server hardware to develop your hands-on skills. This module includes the following exercises:

  • Full Disk Encryption using Bitlocker
  • Configure Security for Removable Media
  • Using Cryptography Tools

Lab time: It will take approximately 1 hour to complete this lab.

Exam Objectives

The following exam objectives are covered in this lab:

  • SY0-501 3.6: Summarize secure application development and deployment concepts

Exercise 1 - Full Disk Encryption using BitLocker

Windows BitLocker is a storage encryption technology that gives administrators the capability to secure fixed and removable disks including portable USB drives using encryption services built into the operating system.

BitLocker was first introduced in Windows Server 2008 and Windows 7 Enterprise and then carried over to later versions. Disk encryption can be enabled using a local or domain group policy. To unlock an encrypted disk volume, the user must type the password to unlock it. In the event the user forgets the password for unlocking the encrypted volume, the Recovery Keys generated by BitLocker can be used to gain access to the encrypted drive.

Exercise 2 - Manage Security for Removable Media

For security reasons, most organizations will prohibit their users from using personal storage devices for transporting proprietary information. This is to avoid theft of confidential data that may put the company’s trade secrets at risk. In this exercise, you will configure basic security for portable storage media to disallow their usage by configuring Group Policy Objects or GPO.

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.