|
Home > Archive > microsoft.public.cert.exams.mcse > February 2003 > RE: 70-210 EFS Question
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
RE: 70-210 EFS Question
|
|
| Grant Conrad 2003-02-28, 3:23 pm |
| Well I never use EFS and without referencing my sources I
would take a stab at A and D
As I recall, In order to decrypt and EFS you either need
to
A. Be a recovery agent (of which I do not recall the
Administrator being this be default rather it had to be
configured) Well now that I think about it further, You
cannot just change the users password to get at the file
becasue you would need the users encryption key which is
not tied to the user ID. Hmm... I guess I would have to
say A and C.
Thats my final answer.
So! Did I blow it?
>-----Original Message-----
>Hello, All!
>
>I would be interested to see how many people in the group
would get this correct. I managed to pick 1 correct
answer, and thought I had eliminated 2 wrong ones which
left me with the second correct answer, but it didn't!
>
>Terry works in the HR department in your organization.
She goes out on maternity leave with no contact
information and no-one in the company knows her password
to log on to the network. Terry has a spreadsheet on her
network drive that is needed immediately for the director
of HR who is about to give a presentation in which he is
going to use the data from that spreadsheet. The
spreadsheet contains confidential data so Terry has it in
an encrypted folder for security. What can you do to allow
access to the HR director to this file? Choose two.
>
>A In the Encrypted Data Recovery Agents Group Policy
Settings, add the HR director as a recovery agent and have
him unencrypt the file using the cipher command.
>B Give the HR director NTFS permissions to the folder.
Have him copy the file to an unencrypted folder and access
the file.
>C Log on as an Enterprise Administrator. Unencrypt the
file and make sure the HR director has permissions to
access the file.
>D Change Terry's password. Log onto the network as Terry
and move the file to an unencrypted directory and give the
HR director permissions to that directory.
>
>
>I will post the answer that I was given later. Please
note that it asks you to choose 2 responses.
>.
>
| |
| Laura A. Robinson 2003-02-28, 10:23 pm |
| circa Fri, 28 Feb 2003 12:24:32 -0800, in
microsoft.public.cert.exam.mcse, Grant Conrad (gconrad@hotmail.com)
said,
> Well I never use EFS and without referencing my sources I
> would take a stab at A and D
> As I recall, In order to decrypt and EFS you either need
> to
> A. Be a recovery agent (of which I do not recall the
> Administrator being this be default rather it had to be
> configured) Well now that I think about it further, You
> cannot just change the users password to get at the file
> becasue you would need the users encryption key which is
> not tied to the user ID. Hmm... I guess I would have to
> say A and C.
> Thats my final answer.
> So! Did I blow it?
>
You can't add a recovery agent after the file is encrypted in Win2K
without re-encrypting it.
Encryption keys are stored in a user's profile. If you can log on as
a user and access his/her profile, you have the keys.
Laura
--
Time flies like an arrow; fruit flies like a banana.
-Groucho Marx
| |
| Laura A. Robinson 2003-02-28, 10:23 pm |
| circa Fri, 28 Feb 2003 22:32:01 -0500, in
microsoft.public.cert.exam.mcse, Laura A. Robinson
(firstinitiallastname@technolo
gist.com) said,
> You can't add a recovery agent after the file is encrypted in Win2K
> without re-encrypting it.
>
>
Although you can with XP via cipher /u, btw.
Laura
--
Time flies like an arrow; fruit flies like a banana.
-Groucho Marx
|
|
|
|
|