| Author |
Spid's Thu (10/24) Win2k Pro. QoD
|
|
|
| Have fun with this little EFS question for you on this wonderful Thursday 
You are the administrator of a workgroup supporting computers running Windows 2000 Professional. A remote computer named Remote2000 is used for remote encryption. You want to achieve these results:
1. Use EFS to encrypt files on Remote2000.
2. Use EFS to encrypt data transferred over the network.
3. Use EFS to encrypt the \Documents folder on your computer running Windows 2000 Professional.
4. Set an OU Group Policy for recovery of EFS-encrypted data.
Your proposed solution is to logon to your computer as Administrator, use Windows Explorer to encrypt the \Documents folder, and use the Cipher command-line utility to encrypt the appropriate folders and files on Remote2000.
Which results does the proposed solution provide? (Choose all that apply)
A. Files in the \Documents folder on Remote2000 are encrypted using EFS.
B. Data transferred over the network is encrypted using EFS.
C. The \Documents folder on your computer is encrypted using EFS.
D. An OU Group Policy is defined for recovery of EFS encrypted data.
Good luck and see you tomorrow for the answer! | |
| oldsaltdoggie 2002-10-24, 9:28 am |
| A,C,D, | |
| soccer4net 2002-10-24, 10:24 am |
| Since its a workgroup it can't be D(no group policy) or A(no authority over a remote computer with only local administrative authority)
So I'll go with B and C. Provided that the data in B is talking about the local documents folder, not files and folders in general. | |
| Surender 2002-10-24, 10:32 am |
| A,C. | |
| tweetgirl 2002-10-24, 10:34 am |
| I am going with A and C as well. | |
| jtcors 2002-10-24, 10:57 am |
| I would go with A and C | |
|
| Hmmmmm... looks like we've got a little debate going between A and B  | |
| Slinky 2002-10-24, 11:22 am |
| I'll say A & C also. | |
| denis_baribeau 2002-10-24, 12:05 pm |
| Lordy Lordy ,4 days in a row I'm struggling with QOD. (Not Funny At All)
Gonna go for A,C on this one.
That all that Cipher command-line utility
wants to tell me . | |
| vickim13 2002-10-24, 1:04 pm |
| I am going with just C because your solution didn't specify anything about transmitting data. | |
| namrak 2002-10-24, 3:03 pm |
| Going with answers (A) and (C), but theirs always the edit option for later if I dredge any info up.  | |
| soccer4net 2002-10-24, 3:11 pm |
| Actually as I reread the question, I'm less sure what your asking, EFS doesn't encrypt network traffic like say IPsec, but I hold fast to my answer the Documents folder remains encrypted after being transfered over the network. | |
|
| quote:
Originally posted by soccer4net
Actually as I reread the question, I'm less sure what your asking, EFS doesn't encrypt network traffic like say IPsec, but I hold fast to my answer the Documents folder remains encrypted after being transfered over the network.
Maybe the question is not worded the best but I don't understand what you are unclear about. I'll try to re-word it again.
I am an Administrator of a workgroup. (the adminstrator account and password is the same for all systems I maintain). I've got a "remote" system used specifically for storing data in an encrypted state.
1) I logon to my computer as Administrator and use Explorer to encrypt the documents folder.
2)I use cipher to encrypt the appropriate folders and files on Remote2000, (i.e the documents folder or any other data folders that are appropriate).
A. Being logged in as Administrator, can you use cipher to encrypt a folder on a remote system in a workgroup environment?
B. Does data get encrypted by EFS as it traverses the network?
C. Can I encrypt the documents folder on my workstation?
D. Is an OU policy defined for EFS recovery?
There are two "Yes" answers. | |
| hazz_bin 2002-10-25, 1:45 am |
| Well Spid, that last explanation cleared it up for me. I'd been struggling with A, as "want to achieve" specified "encrypt files" and the results specify only "\Documents" on the remote box. (It's those little details that nail us on the exams.) Nowhere did you happen to mention IPSec or SSL, so I'll go with A and C along with everyone else. | |
|
| quote:
Originally posted by Spid
Have fun with this little EFS question for you on this wonderful Thursday
You are the administrator of a workgroup supporting computers running Windows 2000 Professional. A remote computer named Remote2000 is used for remote encryption. You want to achieve these results:
1. Use EFS to encrypt files on Remote2000.
2. Use EFS to encrypt data transferred over the network.
3. Use EFS to encrypt the \Documents folder on your computer running Windows 2000 Professional.
4. Set an OU Group Policy for recovery of EFS-encrypted data.
Your proposed solution is to logon to your computer as Administrator, use Windows Explorer to encrypt the \Documents folder, and use the Cipher command-line utility to encrypt the appropriate folders and files on Remote2000.
Which results does the proposed solution provide? (Choose all that apply)
A. Files in the \Documents folder on Remote2000 are encrypted using EFS.
B. Data transferred over the network is encrypted using EFS.
C. The \Documents folder on your computer is encrypted using EFS.
D. An OU Group Policy is defined for recovery of EFS encrypted data.
Good luck and see you tomorrow for the answer!
And the answers are....A and C
I know this wasn't the best worded question you'll ever run across. My apologizes. I think my last explanation helped clear things up a bit with respect to what the original question was trying to get across.
A. Correct: Encryption is available by default and is activated by setting the encryption attribute on a file or folder. By encrypting the \Documents folder on the remote computer, any files created in this folder are encrypted. You should apply this encryption when the folder is empty. If files are in the folder and you choose to apply encryption to the folders, subfolders, and files, other users who are not recovery agents on the computer will not be able to decrypt the files.
B. Incorrect: Data encryption is integrated with NTFS version 5 and functions locally. Data is not encrypted by EFS as it traverses the network.
C. Correct: As with the remote computer (Remote2000), encryption is available by default. On both the remote computer and local computer, the first user created during the Windows 2000 setup routine or the local Administrator account is designated as the recovery agent.
D. Incorrect: An OU is a construct of a Windows 2000 domain. If the computers are members of a Windows 2000 domain, you can assign a GPO to the OU containing the computers and then configure a recovery agent Group Policy setting in this GPO. By default, the domain Administrator account is designated as the recovery agent in the Default Domain Policy GPO.
I'll come up with a better question for Friday. I promise |
|
|
|