Understand Encryption
LESSON 2.5_A
98-367 Security Fundamentals
98-367 Security Fundamentals
LESSON 2.5_A
Lesson Overview
In this lesson, you will learn about:
• Key features of EFS (encrypted file system)• BitLocker® & BitLocker ToGo®
• Trusted platform module (TPM)• Mail encryption & signing
98-367 Security Fundamentals
LESSON 2.5_A
Anticipatory Set
What threats does BitLocker protect against? What do you want to protect with BitLocker?
98-367 Security Fundamentals
LESSON 2.5_A
BitLocker & BitLocker ToGo BitLocker drive encryption provides enhanced protection against data
theft or exposure on computers that are lost or stolen as well as providing protection for removable drives such as USB flash drives and external hard drives through BitLocker To Go.
98-367 Security Fundamentals
LESSON 2.5_A
BitLocker ToGo Video In Windows® 7, core BitLocker drive encryption functionality is
enhanced to deliver an improved experience for IT professionals and end users.
Includes simple enhancements such as the ability to right-click on a drive to enable BitLocker protection and the automatic creation of the required hidden boot partition.
Learn about these enhancements and the new BitLocker To Go, which gives system administrators control over how removable storage devices can be used and the strength of protection required.
Watch the video.
98-367 Security Fundamentals
LESSON 2.5_A
BitLocker ToGo Recovery Key Required if the encrypted drive is moved to another computer or
changes are made to the system startup information Is so important that it is recommended that you make additional copies
of the key and store the key in safe places so that you can readily find the key if needed to recover access to the drive
Need the recovery key to unlock the encrypted data on the drive if BitLocker enters a locked state
Is unique to this particular drive; cannot use it to recover encrypted data from any other BitLocker-protected drive.
For maximum security, store recovery keys apart from the computer
98-367 Security Fundamentals
LESSON 2.5_A
Trusted Platform Module (TPM) A TPM is a microchip designed to provide basic security-related
functions, primarily involving encryption keys. The TPM is usually installed on the motherboard of a computer or
laptop and communicates with the system using a hardware bus. After the TPM is initialized, the BitLocker setup wizard prompts you to
choose how to store the recovery key. You can choose from the following options:o Save the recovery key to a USB flash drive. Saves the recovery key
to a USB flash drive.o Save the recovery key to a file. Saves the recovery key to a network
drive or other location.o Print the recovery key. Prints the recovery key.
98-367 Security Fundamentals
LESSON 2.5_A
Mail Encryption & SigningS/MIME provides two security services: Digital signatures Message encryption These two services are the core of S/MIME-based message security. All other concepts related to message security support these two
services. Although the full scope of message security may seem complex, these
two services are the basis of message security. After gaining a basic understanding of digital signatures and message
encryption, you can then learn how other concepts support these services.
98-367 Security Fundamentals
LESSON 2.5_A
Class ActivitySetting up mail encryption1. Open Outlook®
2. Click on Tools3. Click on Trust Center4. Click on E-mail Security5. Click Settings
98-367 Security Fundamentals
LESSON 2.5_A
Lesson Review Summarize the importance of file and mail encryption The encrypted file system, or EFS, was introduced in NTFS 3.0 to
provide an additional level of security for files and directories. o It provides cryptographic protection of individual files on NTFS file
system volumes using a public-key system. Typically, the access control to file and directory objects provided by
the Windows security model is sufficient to protect unauthorized access to sensitive information. o However, if a laptop that contains sensitive data is lost or stolen, the
security protection of that data may be compromised. o Encrypting the files increases security.
Top Related