INF204x Module 2 Lab 2: Using Encrypting File System (EFS) on Windows 10 Clients

Similar documents
INF204x Module 1, Lab 3 - Configure Windows 10 VPN

INF204x Module 1 Lab 2: Configuring and Troubleshooting Networking Part 2

Module 3 Remote Desktop Gateway Estimated Time: 90 minutes

This course comes with a virtual lab environment where you can practice what you learn.

INF204x Module 1 Lab 1: Configuring and Troubleshooting Networking Part 1

LAB 5 IMPLEMENTING WINDOWS IN AN ENTERPRISE ENVIRONMENT

Module 4 Network Controller Estimated Time: 90 minutes

List of Virtual Machines Used in This Lab

Student Lab Manual MS101.1x: Microsoft 365 Security Management

20411D D Enayat Meer

Module 1 Web Application Proxy (WAP) Estimated Time: 120 minutes

Course CLD211.5x Microsoft SharePoint 2016: Search and Content Management

DOCUMENT SECURITY IN WORD 2010

BitLocker to Go: Encryption for personal USB

Outlook Desktop Application for Windows

Lab: Configuring and Troubleshooting DNS

Lab - System Restore in Windows 8

Using Attix5 Pro with EFS

CLD206x Compliance in Office 365: Data Governance

Lab - Share Resources in Windows

8 MANAGING SHARED FOLDERS & DATA

Course CLD221x: Enabling Office 365 Clients

Installing the WinSCP Secure FTP Client

IT Essentials v6.0 Windows 10 Software Labs

Lab - Remote Assistance in Windows

INF220x Security Practical Exercises

Lab - System Restore in Windows 7 and Vista

Aspera Connect Windows XP, 2003, Vista, 2008, 7. Document Version: 1

Downloading & Installing Audacity

Lab B: Configuring Disk Compression and Quotas

Lab 11-1 Lab User Profiles and Tracking

Student Lab Manual MS100.1x: Office 365 Management

Lab 3-1 Lab Installing Kofax Capture 10

8x8 Virtual Office Salesforce Call Center Interface User Guide

VMware AirWatch - Workspace ONE, Single Sign-on and VMware Identity Manager

Computer Setup Guide for SEC301

Azure for On-Premises Administrators Practice Exercises

Byte Classic Miracle Integration Guide 7/19/07

File systems security: Shared folders & NTFS permissions, EFS Disk Quotas

End User Manual. December 2014 V1.0

1) Log on to the computer using your PU net ID and password.

5. A small dialog window appears; enter a new password twice (this is different from Dori!) and hit Go.

Manual UCSFwpa Configuration for Windows 7

Wireless Setup Instructions for Windows 7

SharePoint General Instructions

SIU s Secure App (XenMobile) Migration for Android

SharePoint 2013 Power User EVALUATION COPY. (SHP version 1.0.1) Copyright Information. Copyright 2013 Webucator. All rights reserved.

Status Web Evaluator s Guide Software Pursuits, Inc.

Windows 2000 Disk Management

Module 10: Denial of Service

How to make a Work Profile for Windows 10

Azure 209x Practical Exercises Overview

Getting Started with Cisco WebEx Meeting Applications

VMware AirWatch: Directory and Certificate Authority

Fleet Manager 2002 Professional Network Configuration Guide

Abila MIP DrillPoint Reports. Installation Guide

Module Overview. Instructor Notes (PPT Text)

Pontem Check for Updates Guide

LAB MANUAL. Craig Zacker.

MyNIC Team Site - Document Sharing

You can also check the videos at the bottom of this page:

Windows quick start instructions Pg. 1. OS X quick start instructions Pg. 4. ios quick start instructions Pg. 6

PST for Outlook Admin Guide

BROWSER-BASED SUPPORT CONSOLE USER S GUIDE. 31 January 2017

Demonstration Instructions

Detailed Installation Guide

In most cases, the userid is Adatum\Administrator and the password is Pa55w.rd, but read the instructions carefully.

Connecting to the NJITSecure wireless network.

Configuring File Server Resource Manager (FSRM)

How to Install, Configure and Use sftp (Windows Version)

Connect to Wireless, certificate install and setup Citrix Receiver

KG-TOWER Software Download and Installation Instructions

User Guide. BlackBerry Workspaces for Windows. Version 5.5

Getting Started with BarTender

Mobile Inventory Tracking & Sales Management Software. Installation Procedure

APP NOTES Onsight Rugged Smart Camera Wireless Network Configuration

ASSA ABLOY. CLIQ Connect PC Application User Manual

Please click on the appropriate link to navigate through the available solutions:

ms-help://ms.technet.2004apr.1033/win2ksrv/tnoffline/prodtechnol/win2ksrv/howto/efsguide.htm

This course comes with a virtual lab environment where you can practice what you learn.

DSS User Guide. End User Guide. - i -

Windows Server 2012 Immersion Experience Enabling Secure Remote Users with RemoteApp, DirectAccess, and Dynamic Access Control

OTC Student Wireless Network

Installation Guide. Last Revision: Oct 03, Page 1-

GIAC Introduction to Security Fundamentals. Laptop and External Drive Configuration Guide Version 1.1 SEC301

Using Expressions Web to Edit an FCNet Department Web Site

Pacific Premier Bank s Business e- Banking Getting Started Guide With QuickBooks for Mac

Practice and Review Activities Software

Storing Your Exercise Files

Application Notes for Telephonetics IP Messaging Utility with Avaya IP Office 9.0 using Avaya Voic Pro Issue 1.0

ms-help://ms.technet.2004apr.1033/ad/tnoffline/prodtechnol/ad/windows2000/howto/mapcerts.htm

LiveNX Upgrade Guide from v5.1.2 to v Windows

Implementing Messaging Security for Exchange Server Clients

How to use Microsoft OneDrive

Desktop & Laptop Edition

Remote Deposit. Getting Started Guide

Business Insights Dashboard

Hill s Pet Nutrition Admin Center Guide

Create MedicCoin Master Node Instruction Rev2

Files.Kennesaw.Edu. Kennesaw State University Information Technology Services. Introduces. Presented by the ITS Technology Outreach Team

Transcription:

INF204x Module 2 Lab 2: Using Encrypting File System (EFS) on Windows 10 Clients Estimated Time: 30 minutes You have a standalone Windows 10 client computer that you share with your colleagues. You plan to take advantage of the Encrypting File System to control access to selected files on the local computer. Objectives After completing this lab, students will be able to: Encrypt files and folders by using EFS Share access to encrypted files Lab Environment The lab consists of two virtual machines: LON-WIN10 - Windows 10 Enterprise client (Adatum.com Active Directory domain member) with IPv4 address of 172.16.0.40 LON-DC1 Windows Server 2012 R2 Datacenter server (Adatum.com Active Directory domain controller) with IPv4 address of 172.16.0.10 Exercise 1: Encrypt local files and folders by using EFS In this exercise, you will create two local user accounts on a Windows 10 computer, you will log on as the first user and encrypt a file by using EFS, and log on as the second user and ensure that the file is not accessible. The main tasks for this exercise are as follows: 1. Create two Windows 10 local user accounts 2. Encrypt a file by using EFS as the first user. 3. Attempt to access the encrypted file as the second user. Task 1: Create two Windows 10 local user accounts 1. Sign in to the lab virtual machine LON-WIN10 with the following credentials (note that these are local, rather than domain, credentials): USERNAME:.\Admin PASSWORD: Pa$$w0rd 2. On your lab virtual machine, click the Windows logo in the lower left corner and click Settings in the Start menu. 3. In the Settings app, click Accounts 4. Click Other users

5. Click Add someone else to this PC 6. On the Create an account for this PC page, specify the following information: User name: luser1 Enter password: luser1pa$$ Re-enter password: luser1pa$$ Password hint: Default 7. Click Next 8. Click again Add someone else to this PC 9. On the How will this person sign in? page, click I don t have this person s sign-in information 10. On the Let s create your account page, click Add a user without a Microsoft account. 11. On the Create an account for this PC page, specify the following information: User name: luser2 Enter password: luser2pa$$ Re-enter password: luser2pa$$ Password hint: Default 12. Click Next 13. Launch File Explorer 14. Create folder C:\Data 15. Sign out from the lab virtual machine. Task 2: Encrypt a file by using EFS as the first user 1. Sign in to the lab virtual machine (LON-WIN10) with the following credentials (note that these are local, rather than domain, credentials): USERNAME:.\luser1 PASSWORD: luser1pa$$ 2. Launch File Explorer and navigate to C:\Data folder. 3. Create a file named File1.txt, type a random text in it, and save it in the C:\Data folder. 4. Right-click on File1.txt and select Properties from the context-sensitive menu. 5. In the Properties dialog box, click Advanced. 6. In the Advanced Attributes dialog box, enable the checkbox next to Encrypt contents to secure data. 7. Click OK. 8. Back in the Properties dialog box, click OK.

9. When prompted with the Encryption Warning dialog box, select Encrypt the file only and click OK. Note that, in general, you should choose the option to Encrypt the file and its parent folder (recommended). In some cases, if the file is modified, the editing software might create a temporary, unencrypted copy of the file in the same folder. By using this option, you ensure that such files are also encrypted. We use the option to Encrypt the file only for demo purposes only. Keep in mind that you should back up encryption keys, so you can recover encrypted files if the encryption key stored in your user profile is lost or damaged. The encryption key is part of the EFS certificate and is generated automatically when you encrypt a file for the first time. You will receive at that point notification to Back up file encryption certificate and key giving you the option to back up certificate to removable media. Selecting this option will automatically trigger Certificate Export Wizard, guiding you through the process of exporting the certificate. Alternatively, you can also use the option to Back up keys appearing in the User Access to filename dialog box, accessible via Details command button on the Advanced Attributes dialog box of any encrypted file. 10. Note that the file is displayed in green color. Right-click on it again and select Properties from the context-sensitive menu. 11. In the Properties dialog box, click Advanced again. 12. In the Advanced Attributes dialog box, click Details next to Encrypt contents to secure data label. 13. In the User Access to File1.txt, note that the current user account (luser1) is the only one who can access this file. 14. Click Add. 15. In the Encrypting File System dialog box, you should see only the single certificate for luser1. Effectively, at this point, you cannot grant access to the encrypted file to other users. 16. Click Cancel three times to close all dialog boxes. Task 3: Attempt to access the encrypted file as the second user. 2. Sign in to the lab virtual machine with the following credentials (note that these are local, rather than domain, credentials): USERNAME:.\luser2 PASSWORD: luser2pa$$ 3. Launch File Explorer and navigate to C:\Data folder. 4. Double click the File1.txt file. 5. Verify that you get the Access is denied message.

6. Click OK and close Notepad. Results: After completing this exercise, you will have created two Windows 10 local user accounts, encrypted a file by using the first of them, and verified that the second one does not have access to the encrypted file. Exercise 2: Share access to encrypted files In this exercise, you will first encrypt a file as the second user, grant access to the previously encrypted file to the second user, and verify that the second user at that point can access the file. The main tasks for this exercise are as follows: 1. Encrypt a file by using EFS as the second user. 2. Grant shared access to the previously encrypted file. 3. Verify that the second user can access the shared encrypted file. Task 1: Encrypt a file by using EFS as the second user 1. While signed on as the second user, create a file named File2.txt, type a random text in it, and save it in the C:\Data folder. 2. Right-click on File2.txt and select Properties from the context-sensitive menu. 3. In the Properties dialog box, click Advanced. 4. In the Advanced Attributes dialog box, enable the checkbox next to Encrypt contents to secure data. 5. Click OK. 6. Back in the Properties dialog box, click OK. 7. When prompted with the Encryption Warning dialog box, select Encrypt the file only and click OK. By encrypting a file as the second user, you generate an EFS certificate that now can be used by the first use to provide shared access to File1.txt. Task 2: Grant shared access to the previously encrypted file. 2. Sign in to the lab virtual machine with the following credentials: USERNAME:.\luser1 PASSWORD: luser1pa$$ 3. In the File Explorer and navigate to C:\Data folder. 4. Right-click on File1.txt and select Properties from the context-sensitive menu. 5. In the Properties dialog box, click Advanced. 6. In the Advanced Attributes dialog box, click Details next to Encrypt contents to secure data label.

7. In the User Access to File1.txt, click Add. 8. Note that you can see at this point an additional EFS certificate for luser2. Make sure it is selected and click OK. 9. Back in the User Access to File1.txt dialog box, you should at this point see both luser1 and luser2 as the users who can access the file. 10. Click OK three times to close all dialog boxes. Task 3: Verify that the second user can access the shared encrypted file. 2. Sign in to the lab virtual machine with the following credentials: USERNAME:.\luser2 PASSWORD: luser2pa$$ 3. Launch File Explorer and navigate to C:\Data folder. 4. Double click the File1.txt file. 5. Verify that you can successfully open the file. 6. Click OK and close Notepad. Results: After completing this exercise, you will have encrypted a file as the second user to generate an EFS certificate, grant shared access to the previously encrypted file as the first user, and verify that you can access that file successfully as the second user.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback