There's two ways to encrypt data in our environment. One way street winning over the previous lesson was bit locker.
The other one is it could to file civil service. So e f s
now worship good to look at what's involved in the F S in our environment. The first thing we need to do is make sure that our
environment supports it. May controllers, we have it
supported by default. We take a look at it on our domain controllers. So if we look at our actor director, use the computers. Consul,
You know, we get now to our
domain controllers environment so as not to be in control, his environment.
And then we check, go ahead and right click on our D C one, which is what we're working with here
and looking our properties.
Yes, we actually have a
option. Here is his delegation.
This one says, trust this computer for delegation for any service curb rose only
trust computer for delegation. She's just specified service is only so Kerberos or authentication protocol or do not test for Delegation bear mind if we're gonna do this in a file server?
We need to actually have this
middle ones like to trust his computer for delegation to any service is
any service covers only
selected for that server, that file server for it to function properly. So we would go to a duck and make sure that our server that is going to be hosting the encrypted file storage space it's going to be configured for that.
What's we know? That we have that upper running? We're gonna go ahead, switch over to ah client computer to see how things actually are done in the production of art.
So they were on a client computer. Wish you're logged on as a regular and user, not as administrator.
And we now want to connect to
a location where we're gonna see data.
So just go ahead and connect to a share on our server, so slash, slash They were there.
and this one. We did that. It brings up a couple of options here, one of which is my 10 share. Gonna select my 10 share
and we have one folder there. It's called Marketing.
We could actually create a new folder
or we could create a new item so It doesn't matter what we're gonna do here marketing to stay there and we're going thio go right click in the space and click on a new
Well, no, sir. Get several list items of the sister.
Relax, You're gonna choose do Microsoft Word document.
So and we're gonna call it
Encrypted just for purposes of the lab
we would not recall is in production in a production environment. Hopefully
and then we open it. We could double click on it, or if it's highlighted, we could go ahead. Quick answer.
office. Word of our bit
If there's an activation wizard,
if you have a new office environment has been activated. You're getting activation, Wizard.
We're not in the case. We have ready to go.
And now we can go through the process of
added something to it. It's on the document. We're gonna wanna type in some information,
first things first. We can
ask me later. I don't need to worry about figuring things we can ask me later and we're gonna do a my secret data. So
popped up before I was ready. So
spellcheck should fix this for me already.
So nurses spellcheck did not spit fix it, so we're gonna actually fix it manually.
That's all we're gonna put in there,
cause we just wanna have something in the data. So we're gonna go ahead. Once you've done that, we can actually hit control, asked to save it,
or we get to city button. We closed out a word.
Hey, we now actually have a
file that we're gonna use for my encrypted file.
Next. We're what, actually, right. Click on that file
and look at their properties of that file. So go ahead and click on the file and click on the properties of the file,
and you will get a general tab.
They opens up first. We're gonna look at our advanced option in that general tab.
choose the settings you want for this folder. Know, since his father's ready for archiving, allow this file to have contents index in addition to file properties that compress or attributes down here,
Prescott is to say, displaced or a crypt Contents to secure data.
Well, if we're gonna encrypt it, that's what wanted it. We want to encrypt the contents to secure data. So you're gonna go ahead and
Click on. Okay, so check it and a quick on. Okay.
And, Roy, go ahead and click out okay. Again.
we could do two things. First, we signed out of here and test it. But we also
what to you. Before we issue signed out of this, we're gonna actually pop over to our
d. C. And we ask, you want open up our file Explorer on D. C. One.
So in this particular case will go to D. C. One. Open a bar
any part of our screen here.
And remember where we were working with?
We were actually working with
our environment. So if you want to get down into the C drive, so we're gonna go to R C drive and get out of users.
He's got Doug, right?
There's Doug and underneath. Doug,
you're gonna go to AP data. So was going to go down here to AP data
options there. We have
local roaming et cetera. We're going to expand out of room.
We're going to expand out Microsoft,
and now we're gonna expand out. Beyond that, we're going to
go to your sister's certificates
or we have requests. Oh, my
certificates. So we're gonna expand that out,
and this gives us their certificate associated with that file. So basically, we know that we have a certificate used for the encryption.
That's important. We wanna make sure that we have a certificate associated. Remember, encryption is done with certificates of 11 a certificate associated with it.
We're not going to get the results that we want, what we do encryption, And we may not be able to decrypt if we're not, if it's not being done properly, So we're actually gonna go back over to our
other machine, will go back to our client machine, we're gonna log off, and we're gonna log in
and see what happens when we try to access the count. So we'll take a quick second to do that and we'll get a lot. What's your log back in? Well,
with the process here.
Okay, Now, this guy didn't flip over to our client machine where were logged in as a another user. So click over to our client machine. And this time, instead of being dug,
we are now Alex. So Alex's who's logged in, and we want to test it, See what's going on with that file. We just did. It's good heading to the desktop here,
Go to our network drive, so we're gonna go to slash slash
l o N dash D C. One slash
They were gonna goto my 10 share.
You know, we're gonna
open this my encrypted file. So we got a double click on that
and it couldn't launch it. And they open up
by default because of says access denied contact administrator Exactly what's expected. You want to go and click on OK, there is telling us that we don't have access to that because
we have a situation where if the file is encrypted,
files are corrupted by, uh, certificate that we don't agree, but we don't directly have access to And that's how file a Christian that works. So we actually cannot access it.
And that's how we know that
we have a properly encrypted file in our environment. It we're going clothes out of Microsoft Word. We're back where we were,
and that's how we use encrypted files
on our network for advanced security.