Overview

Introduction

Welcome to the Encryption Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

  • Exercise 1 -Understand Encrypting File System
  • Exercise 2- Manage Encrypting File System
  • After completing this lab, you will be able to:
  • Enable Encrypting File System
  • Demonstrate what happens when an EFS-encrypted folder is copied or moved

Exam Objectives

The following exam objectives are covered in this lab:

  • Understand encryption - Encrypting file system (EFS); how EFS-encrypted folders impact moving/copying files

Lab Duration

It will take approximately 30 minutes to complete this lab.

Exercise 1 - Enable EFS on Standalone Windows Computer

Encrypting File System (EFS) is a security feature built into Windows that helps secure personal folders and files on a workstation. EFS uses a strong encryption algorithm called DESX. DESX is a variant of the Data Encryption Standard (DES) of the US government.

A Windows user encrypts a folder, including the files within it using a certificate and a key retrieved from the user profile. In this exercise, you will manage an EFS certificate to encrypt and decrypt files on a non-domain joined computer.

Learning Outcomes

After completing this exercise, you will be able to:

  • Enable Encrypting File System
  • Demonstrate what happens when an EFS-encrypted folder is copied or moved

Exercise 2 - Enable EFS on a Windows Domain

Managing EFS for Windows devices attached to an Active Directory Domain is easier as you can use Group Policy to control the network environment and enhance the recovery of encrypted objects protected by this encryption technology.

In this exercise, you will learn how to enable a user account as an EFS recovery agent. An EFS recovery agent is a privileged user account that can decrypt folders and files that were left behind by network users. It is essential that an EFS recovery agent is designated first before allowing users to encrypt files on their workstations.

Learning Outcomes

After completing this exercise, you will be able to:

  • Enable Encrypting File System
  • Demonstrate what happens when an EFS-encrypted folder is copied or moved

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.