Professional Documents
Culture Documents
Module 10
• What is BitLocker?
• How BitLocker Works?
• BitLocker Requirements
• Configuring BitLocker
• Using Group Policy to Manage BitLocker
• Demonstration: Demonstration: Configuring
BitLocker
• Recovering Drives Encrypted with BitLocker
What is BitLocker?
• What Is EFS?
• How EFS Works
• Recovering EFS–Encrypted Files
• Demonstration: Encrypting a File by Using EFS
What Is EFS?
Private key
FEK header
File
Encrypted file
Public
key File
Encrypted
file with
FEK
in header
Symmetric key
FEK header
Symmetric key
Encrypted file
Recovering EFS–Encrypted Files
Audit Logon Creates an event when a user logs in Successful log ins
Events interactively (locally) to a computer or over the are audited
network (remotely)
Audit Account Audits events, including the creation, deletion, Successful account
Management or modification of user, group, or computer management
accounts, and the resetting of user passwords activities are
audited
Audit Directory Audits events that are specified in the system Successful
Service Access access control list (SACL), which is seen in an directory service
Active Directory object’s Properties Advanced access events are
Security Settings dialog box audited
Audit Process Audits events such as program activation and No events are
Tracking process exit audited
Audit Object Audits access to objects such as files, folders, No events are
Access registry keys, and printers that have their own audited
SACLs
Specifying Auditing Settings on a File or Folder
• Auditing settings for a file or folder are specified by modifying the
SACL: