|
Home > Archive > 70-210 > November 2002 > Spid's Fri (11/8) Win2k Pro. QoD
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Spid's Fri (11/8) Win2k Pro. QoD
|
|
|
| Here's an EFS question to keep you busy this weekend.
Hlang has called in sick (you don't really believe him because he was partying all night with those nurses yesterday  ) but you do give him the benefit of the doubt.
His Windows 2000 Professional computer has a small data file that you need for a report you are working on. You log on to his system as an Administrator, browse to the data file and discover that it is encrypted.
After yelling out some colorful metaphores about Hlang, you compose yourself and remember that you should be able to get around the encryption.
What is the easiest way to obtain a decrypted copy of the data file while maintaining security on the original file? (Select the best choice).
Tip - emphasis on maintaining security on the original file
A. Copy the file to a FAT partition.
B. Compress and then decompress the file, and copy the file to your home folder.
C. Backup the file to an NTFS partition, and restore the file to a FAT partition on Hlang's computer.
D. Backup the file to a FAT partition, and restore the file to a new NTFS partition on Hlang's computer.
E. Change Hlang's password, log on as Hlang, and copy the file to a floppy diskette.
F. Assign yourself the role of Recovery Agent, use cipher.exe to decrypt the file, copy the file to a network share, and then encrypt the original file.
Good Luck and see you Monday for the answer!! | |
| soccer4net 2002-11-08, 9:21 am |
| F | |
| Slinky 2002-11-08, 9:56 am |
| Hmm, kind of tricky. I think E is the better option here. If you do F, and encrypt it with your certificate then hlang won't be able to decrypt it. Plus its a small file and should fit quite nicely onto a floppy.  | |
| tweetgirl 2002-11-08, 10:13 am |
| I am going with E. | |
| Surender 2002-11-08, 1:07 pm |
| E | |
| NetChild1985 2002-11-08, 1:15 pm |
| I'm going with E as well. | |
| Deja-vue 2002-11-08, 3:48 pm |
| "E" might be the easy way out,but i don't think this is what Microsoft wants to hear from us in the test.
Going with F. ( the M$ way)
 | |
| hazz_bin 2002-11-08, 8:38 pm |
| Good point Deja, I would likely go with E in the real world (change the password and then let him stew a bit the next morning before fixing it for him) but my answer will be F. Also, the tip about maintaining security - the wording of E does not specifically address that, where F does. The tricky wording that has burned me quite a bit in the recent past. | |
| namrak 2002-11-08, 11:36 pm |
| I agree with what you say hazz_bin. I'd simply change hlang's password with administrative rights and then copy the file over. But I think Deja has a point as well. CompTIA has similar questions on their test and you have to go with best practices, not what's the easiest way sometimes. I would answer (E), but I think Microsoft wants to see answer (F). | |
| tom45 2002-11-09, 11:04 pm |
| Should be "E", But I do believe M$ wants "F" as the answer | |
| Slinky 2002-11-09, 11:56 pm |
| Maybe I'm looking at things differently or analyzing the question too much, but I see a couple of things wrong with F. I agree that M$ wants you to use the recovery agent, but answer F just doesn't make complete sense to me.
First off, the question didn't mention anything about an existing network. All it says is that hlang has a Windows 2000 Professional based computer and the administrator wants to have access to an encrypted file on that machine. So why would you need to copy it to a network share? Even if there was a network, copying a file in clear text over the network can compromise the security of the file. Thats why its not recommended to use the network to send a file to back to a user after decrypting unless its secure. Spids tip was "Tip - emphasis on maintaining security on the original file". Security is NOT maintained here if you do that. Lastly, encrypting the file with the recovery agents certificate will "deny" access to the file when hlang comes back.
Anybody have any more thoughts on this? | |
|
| Hmmm....looks like we've got a little debate going on between "E" and "F".
Yes, one of those answers is correct. | |
|
| quote:
Hlang has called in sick (you don't really believe him because he was partying all night with those nurses yesterday ) but you do give him the benefit of the doubt.
( coughing out loud )
Thanks Spid for the benefit. Yeah I wasn't feel that good friday but several days of intensive care by those sweet nurses have done miracles.
About the question: I must say that although I from a personal viewpoint find it a bad solution to change my password ( I mean it took me nearly two years to learn how to memorize it ), I think in the term of preserving security to the encrypted file it must be the best solution. so my answer would be E.
Just remember that according to Murphy I will aclaim my new password one morning when you're on vacation and therefore have been involved into some heavy drinking the night before. Also according to Murphy you will have forgotten what you'd change my password to, so you will have to drive all the way to the office to logon and for the second time change my password. | |
| Slinky 2002-11-10, 10:52 am |
| quote:
Originally posted by hazz_bin
Also, the tip about maintaining security - the wording of E does not specifically address that, where F does.
Are you sure? I think E addresses security more than F does. Theres one thing in F that really sticks out that can compromise security, so take a closer look and you shall see it too.
I feel bad for Spid once the answer is finally revealed.  | |
|
| quote:
Originally posted by Spid
Here's an EFS question to keep you busy this weekend.
Hlang has called in sick (you don't really believe him because he was partying all night with those nurses yesterday ) but you do give him the benefit of the doubt.
His Windows 2000 Professional computer has a small data file that you need for a report you are working on. You log on to his system as an Administrator, browse to the data file and discover that it is encrypted.
After yelling out some colorful metaphores about Hlang, you compose yourself and remember that you should be able to get around the encryption.
What is the easiest way to obtain a decrypted copy of the data file while maintaining security on the original file? (Select the best choice).
Tip - emphasis on maintaining security on the original file
A. Copy the file to a FAT partition.
B. Compress and then decompress the file, and copy the file to your home folder.
C. Backup the file to an NTFS partition, and restore the file to a FAT partition on Hlang's computer.
D. Backup the file to a FAT partition, and restore the file to a new NTFS partition on Hlang's computer.
E. Change Hlang's password, log on as Hlang, and copy the file to a floppy diskette.
F. Assign yourself the role of Recovery Agent, use cipher.exe to decrypt the file, copy the file to a network share, and then encrypt the original file.
Good Luck and see you Monday for the answer!!
Well we sure had some fun with this one, and I 'll be tied up at work most of the morning so I'm going to post the answer now and see what everyone thinks about it.
The answer is.....E
The easiest way to obtain a copy of the encrypted file is to log on as Hlang and then create a decrypted copy of the file.
Once you log on as Hlang, you can then access the encrypted file. Once you access the file as the file's creator/owner, you have several options available to decrypt the contents. In this scenario, copying the file to a floppy disk is the easiest way to obtain a decrypted copy of the file while maintaining security on the original file.
EFS, which is only supported by Windows 2000, provides security for folders and files. An encrypted file cannot be opened, copied, moved or otherwise modified by anyone but the person who created the file, with three exceptions. An encrypted file can be backed up with the Windows 2000 Backup application; another user with appropriate permissions to the folder can delete the file; and a designated recovery agent can decrypt an encrypted file by using either Windows Explorer or Cipher.exe in conjunction with an EFS recovery agent certificate. When an encrypted file is backed up, it maintains its encrypted status. If someone other than the user who encrypted the file attempts to restore the file to a FAT folder, which does not support encryption, then the restoration will fail.
In this scenario, a recovery agent could decrypt the file and make a copy, but when the agent encrypts the original file, Hlang would no longer have access to it. That's why "F" is not the "best" answer. | |
| soccer4net 2002-11-11, 11:07 am |
| I realized that about Hlang not being able to access the file when doing F after I posted, which doesn't make it a very good idea, E is better however you don't want to go around changing users passwords without their knowledge if you can avoid it. Some people aren't very happy when you do that. |
|
|
|
|