Time
1 hour 16 minutes
Difficulty
Beginner
CEU/CPE
3

Video Description

Encryption with EFS This lesson covers encryption with EFS. When configuring with EFS, the first step in the process is making sure the environment supports it. In this lab-based lesson, participants receive step by step directions in encryption with EFS. Using a client computer to connect to a share server, a location is created to store data. You can create a new folder or item to accomplish this.

Video Transcription

00:04
There's two ways to encrypt data in our environment. One way street winning over the previous lesson was bit locker.
00:11
The other one is it could to file civil service. So e f s
00:15
now worship good to look at what's involved in the F S in our environment. The first thing we need to do is make sure that our
00:22
environment supports it. May controllers, we have it
00:25
supported by default. We take a look at it on our domain controllers. So if we look at our actor director, use the computers. Consul,
00:32
You know, we get now to our
00:33
domain controllers environment so as not to be in control, his environment.
00:37
And then we check, go ahead and right click on our D C one, which is what we're working with here
00:42
and looking our properties.
00:45
Yes, we actually have a
00:46
option. Here is his delegation.
00:49
This one says, trust this computer for delegation for any service curb rose only
00:54
trust computer for delegation. She's just specified service is only so Kerberos or authentication protocol or do not test for Delegation bear mind if we're gonna do this in a file server?
01:03
We need to actually have this
01:06
middle ones like to trust his computer for delegation to any service is
01:10
any service covers only
01:11
selected for that server, that file server for it to function properly. So we would go to a duck and make sure that our server that is going to be hosting the encrypted file storage space it's going to be configured for that.
01:26
What's we know? That we have that upper running? We're gonna go ahead, switch over to ah client computer to see how things actually are done in the production of art.
01:33
So they were on a client computer. Wish you're logged on as a regular and user, not as administrator.
01:38
And we now want to connect to
01:42
a location where we're gonna see data.
01:44
So just go ahead and connect to a share on our server, so slash, slash They were there.
01:49
L O N
01:52
dash D C.
01:53
One
01:55
slash
01:57
and this one. We did that. It brings up a couple of options here, one of which is my 10 share. Gonna select my 10 share
02:04
and we have one folder there. It's called Marketing.
02:07
We could actually create a new folder
02:10
or we could create a new item so It doesn't matter what we're gonna do here marketing to stay there and we're going thio go right click in the space and click on a new
02:22
And they do What?
02:23
Well, no, sir. Get several list items of the sister.
02:25
Relax, You're gonna choose do Microsoft Word document.
02:30
So and we're gonna call it
02:32
bye.
02:35
Encrypted just for purposes of the lab
02:38
we would not recall is in production in a production environment. Hopefully
02:42
my encrypted file.
02:44
So
02:45
we go ahead and
02:46
rename it,
02:47
and then we open it. We could double click on it, or if it's highlighted, we could go ahead. Quick answer.
02:51
It'll open a bar
02:52
office. Word of our bit
02:53
to work with it.
02:55
Head
02:57
If there's an activation wizard,
02:58
if you have a new office environment has been activated. You're getting activation, Wizard.
03:02
We're not in the case. We have ready to go.
03:06
And now we can go through the process of
03:10
added something to it. It's on the document. We're gonna wanna type in some information,
03:15
so we'll just say
03:16
first things first. We can
03:19
ask me later. I don't need to worry about figuring things we can ask me later and we're gonna do a my secret data. So
03:27
my
03:30
re skydrive
03:30
popped up before I was ready. So
03:34
bye.
03:37
Secret
03:38
Data
03:40
spellcheck should fix this for me already.
03:44
So nurses spellcheck did not spit fix it, so we're gonna actually fix it manually.
03:49
It's a secret data.
03:51
That's all we're gonna put in there,
03:52
cause we just wanna have something in the data. So we're gonna go ahead. Once you've done that, we can actually hit control, asked to save it,
03:59
or we get to city button. We closed out a word.
04:02
Hey, we now actually have a
04:04
file that we're gonna use for my encrypted file.
04:09
Next. We're what, actually, right. Click on that file
04:12
and look at their properties of that file. So go ahead and click on the file and click on the properties of the file,
04:17
and you will get a general tab.
04:19
They opens up first. We're gonna look at our advanced option in that general tab.
04:25
Got advanced.
04:27
It says
04:29
choose the settings you want for this folder. Know, since his father's ready for archiving, allow this file to have contents index in addition to file properties that compress or attributes down here,
04:38
Prescott is to say, displaced or a crypt Contents to secure data.
04:42
Well, if we're gonna encrypt it, that's what wanted it. We want to encrypt the contents to secure data. So you're gonna go ahead and
04:48
check that box,
04:51
Ed.
04:53
Click on. Okay, so check it and a quick on. Okay.
04:57
No.
04:58
And, Roy, go ahead and click out okay. Again.
05:02
Okay. Okay.
05:03
We now want to see
05:05
if it's working,
05:08
so
05:09
we could do two things. First, we signed out of here and test it. But we also
05:14
what to you. Before we issue signed out of this, we're gonna actually pop over to our
05:17
d. C. And we ask, you want open up our file Explorer on D. C. One.
05:23
So in this particular case will go to D. C. One. Open a bar
05:26
file Explorer
05:29
that it are
05:30
any part of our screen here.
05:33
It's faded out.
05:35
And remember where we were working with?
05:38
We were actually working with
05:40
our environment. So if you want to get down into the C drive, so we're gonna go to R C drive and get out of users.
05:47
He's got Doug, right?
05:49
There's Doug and underneath. Doug,
05:53
you're gonna go to AP data. So was going to go down here to AP data
05:58
that we have
06:00
options there. We have
06:00
local roaming et cetera. We're going to expand out of room.
06:05
We're going to expand out Microsoft,
06:10
and now we're gonna expand out. Beyond that, we're going to
06:14
go to your sister's certificates
06:17
Here. We have
06:18
choices. We have my
06:21
or we have requests. Oh, my
06:24
certificates. So we're gonna expand that out,
06:28
and this gives us their certificate associated with that file. So basically, we know that we have a certificate used for the encryption.
06:34
That's important. We wanna make sure that we have a certificate associated. Remember, encryption is done with certificates of 11 a certificate associated with it.
06:42
We're not going to get the results that we want, what we do encryption, And we may not be able to decrypt if we're not, if it's not being done properly, So we're actually gonna go back over to our
06:53
other machine, will go back to our client machine, we're gonna log off, and we're gonna log in
06:59
as under the user
07:00
and see what happens when we try to access the count. So we'll take a quick second to do that and we'll get a lot. What's your log back in? Well,
07:09
continue on
07:10
with the process here.
07:12
Okay, Now, this guy didn't flip over to our client machine where were logged in as a another user. So click over to our client machine. And this time, instead of being dug,
07:21
we are now Alex. So Alex's who's logged in, and we want to test it, See what's going on with that file. We just did. It's good heading to the desktop here,
07:31
Ed.
07:31
Go to our network drive, so we're gonna go to slash slash
07:38
l o N dash D C. One slash
07:42
They were gonna goto my 10 share.
07:45
You know, we're gonna
07:46
open this my encrypted file. So we got a double click on that
07:51
and it couldn't launch it. And they open up
07:55
off his word
07:57
by default because of says access denied contact administrator Exactly what's expected. You want to go and click on OK, there is telling us that we don't have access to that because
08:07
we have a situation where if the file is encrypted,
08:13
files are corrupted by, uh, certificate that we don't agree, but we don't directly have access to And that's how file a Christian that works. So we actually cannot access it.
08:22
And that's how we know that
08:24
we have a properly encrypted file in our environment. It we're going clothes out of Microsoft Word. We're back where we were,
08:30
and that's how we use encrypted files
08:33
on our network for advanced security.

Up Next

Microsoft Distributed File System Management

The Microsoft Distributed File System Management course encompasses MCSA 411 Modules 9 and 10.

Instructed By

Instructor Profile Image
Michael Boberg
CEO of Broadline Enterprises, LLC
Instructor