step by step guide for encryption file system · step by step guide for encryption file system...
TRANSCRIPT
![Page 2: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/2.jpg)
Virtual Machines: Server01; Client01
LAB: Active Directory & Certificate Authority Preconfigured
Lab Objective: At the end of this lab you should able to encrypt files by using EFS & recover
Encrypted files by using Data Recovery Agent
Task Steps
Encrypt files on client/Server
1. Login to the Client01 using domain user account(Btech\Darshana)
2. Open my computer > Open Drive “C” > Create a Folder “Data” and create Text file “Credidcardno” inside the “Data” Folder > Add some data to the text file
![Page 3: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/3.jpg)
3. Right click on the file > Select “Properties” > Select “Advanced” > Select “Encrypt Contents to secure data” check box > Click “OK”
4. Click “Apply” > Select “OK” on “Encryption Warning” popup
![Page 4: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/4.jpg)
Verify user certificate on data Encryption
1. Right click on the encrypted folder > Select “Properties” > Click on “Advanced” > Click “Details” > now you can see the thumbprint of the certificate
Test Encrypted data 1. Login to “client01” using different user account “Anne” > Try to open encrypted data. User should get “Access is denied” message
![Page 5: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/5.jpg)
Recover Data Using Data Recovery Agent
1. To verify the recovery certificate, there are two options. Rtght click on the encrypted file > Select properties > Click “ Advanced” > Click “Details”.
2. Now we can seed the recovery user\certificate and users certificate(note the thumbprint)
3. Or using “cipher” with parameter C command we can get the same output
![Page 6: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/6.jpg)
4. Bydefault “Administrator” is the data recovery agent for domain with his self signe recovery certificate.To open the encrypted file on different user account , we need to install this certificate recover agents certificate for that perticular user.
5. To retrieve RA certificate > Loin to the “Domain Controller” with administrators account > Open “Run” > Type “MMC” > Add “Certificate” snapinn to the “Current User” Account
6. Expand Certifcates > Expand “Personel” > Expand “Certificate”
7. Right click on the certificate and verify the “Thumbprint”
![Page 7: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/7.jpg)
8. Now we need to export this certificate with “Private key” > Click on “Copy to File”
![Page 8: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/8.jpg)
9. Select “Yes, export the private key” > Click on “Next” > Assing “ password”
![Page 9: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/9.jpg)
10. Give the name and save the certificate
![Page 10: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/10.jpg)
11. Now we can install this certificate on client computers user session
12. Login to the client computer and open certifcate snapin in “MMC”
![Page 11: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/11.jpg)
13. Import the certicate to “Current User”
14. Give the password
![Page 12: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/12.jpg)
15. Select the “personel” store and click “Next”
16. Now user can open the encrypted file
![Page 13: Step by step guide for encryption file system · Step by step guide for encryption file system Darshana Jayathilake - darshanasam1234@hotmail.com](https://reader031.vdocuments.mx/reader031/viewer/2022022522/5b2b81bd7f8b9afd358b6a05/html5/thumbnails/13.jpg)