5 hours 8 minutes
find a nice big play button on the screen. What we're gonna do, we're actually gonna jump into thehyperfix environment. I'm gonna show you these options, the security options on the screen. So let me jump straight over to my hope of the manager. There we go.
Right. And I have here a machine you see here. This is the actual hype of the manager's software, which we do cover later on. So don't worry too much right now. If you've not seen this before, you think? My God, quickly make some notes.
You can watch this later on. You can quick look at it. But we will be going into in depth into this section. For now. All you need to know is I have a physical machine on the network called Deadpool. Just a little bit of info. All of my machines on my home network are named after marvel characters. I am a huge marvel fan. So
And if you haven't seen it, the new Captain Marvel trailer has just come out.
I thought a spectacular Can't wait for that film anyway, focus, Chris. So we're gonna jump on to the security demonstration and what I'm gonna do is I'm gonna right click on that that the virtual machine and choose settings. Now this machine is off.
The reason that's important is that some of these settings don't allow you to modify them while the machine is turned on. It's kind of the equivalent off booting a turning machine off and then powering on and going into the bio. So the FBI before you then load the operating system.
That's what you do. That's the equivalent when you're in a virtual environment.
So from here you can tell this is a genin to machine because it's not got an I. D. Eagle secure boot, nice and quick. You just take the box. And then we discuss those templates earlier so you would just pick the one that you're choosing. So let's say I had a Lennox environment. I would choose this difficult authority for that.
Underneath it, I can also enable the trusted platform module, which we've just been discussing. Andi allows me to also, when I take the trusted platform module, I cannot encrypt the state and virtual machine migration traffic. We do go into migration later on
unless the T P. M. Has been turned on because it uses that TPM to create the hardware keys to generate the encryption.
So that's why it's kind of a prerequisite so effectively, if I turn this off, you can see it just basically disabled that section
on Dhe. From there, you also have the security policy underneath, which enables the shielding. Now, if I take that,
that turns off everything else you can see. So it basically goes into full lock down mode. So if you're going to shield it, set the other options. First, apply them, then come back and shield
because it will effectively just go into full lock down. This is like the top level stuff that you can get to. It's not going to allow you to make changes while it's shielded,
so it's very highly secure on. You would use that. It's like it's kind of like the lock. You turn the key at the last section and you walk away. You shielded it all the settings of correct leaving a zit is that locks it out and then you have the module arised access that we discussed earlier.
All right, so
moving down. We're gonna be coming these later on I don't think there is actually anything else in this that we need to cover. So we did cover the up to the shielding. Their have integration service is some of these. Even if you take them on and off and we do cover these, they're a little bit more advanced than you. You would
cover totally in the foundation course that we're doing now.
But these allow you to have an easier time off doing backups of the V m telling the VM to shut down without actually logging into the VM. Being able t do copy files from your desktop to the V M's death stop, which is nice if you're wanting to install some software. But you just got it.
You don't wanna have to, like, upload it to a file shaped one. Copy it across and run it.
That kind of thing. This is where you do it. But these are controlled by that shielded environment. Because if if the person who then jumps onto the shielded VM isn't a tenant administrator, they're just gonna find that they're completely blocked out and the system's gonna go. Sorry. You're no supposed to be here. You're supposed to be doing backups.
You can only do backups
on then that saved ST Environment. This is the checkpoints that you would do allows you to take kind of snapshots in time off what's going on with each of the machines. So if you really screw the machine up because of the Windows update, Because if you guys have been following techniques recently, Microsoft have had
a whale of a time with the latest Windows 10 update a cz Muchas. I profess to love Windows 10.
I cringe every time Microsoft release a patch because I'm waiting to see what we break next. But this is basically allowed you to take a snap shop and you could do the update. And if it just absolutely destroys the VM, you go right.
Instead of doing the V m and I'm doing, they put the update and having to roll back. You can just go right? Go back to this moment in time, start from there, and it just fixes everything for you. It's a lifesaver
s. So that's basically what we're looking at for the settings there. So we're gonna jump back onto the the actual,
uh, slights. Go across here. There we go. Right on from here.