Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computer Certification > MCDST > Encryption Question in MCDST Study Book.

Reply
Thread Tools

Encryption Question in MCDST Study Book.

 
 
Richard H
Guest
Posts: n/a
 
      07-27-2005
Hello. I am seeking some clarification on a question and answer in the MCDST
study book.

Question: "One of your users has a computer running Windows XP Professional
at her office and a portable computer running XP Home. She copies the
contents of an encrypted folder to her portable computer, which she then
takes home with her. At home, her son often needs to use her coputer, so she
configured a separtate user account for him. She calls you to say that her
son can access the contents of the encrypted folder even when logging on
using his own account. What should you tell her?"

Answer: "Windows XP Home does not support file encryption. When the user
copied the encrypted folder to the portable computer, file encryption was
lost, The user has to upgrade her portable computer to XP Professional if
she needs to maintain file encryption."

I thought the whole point of file encryption was that even if someone else
could obtain the file, they could not open it. For instance, I thought that
if you went to lunch and someone sat at your computer while it was still
logged on as yourself, and then e-mailed an encrypted file to himself, he
would not be able to open it on the other computer. It sounds like that is
not the case. Could someone please elaborate on this please?

Thanks!

Richard
 
Reply With Quote
 
 
 
 
Wayne
Guest
Posts: n/a
 
      07-28-2005
Go to http://www.microsoft.com and enter "windows server 2003 encrypting
file system" into the search (top right, usually). Look through the list,
within the first 20 results you'll find a few good whitepapers to read.
In the example you give below, when the user transferred the files across,
they would have got an error message stating the file would *not* be
encrypted if copied to this location. Try it yourself, encrypt a file and
then try copying it to a floppy or any non-NTFS partition.

Wayne
Brisbane, Oz

"Richard H" <Richard http://www.velocityreviews.com/forums/(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hello. I am seeking some clarification on a question and answer in the
> MCDST
> study book.
>
> Question: "One of your users has a computer running Windows XP
> Professional
> at her office and a portable computer running XP Home. She copies the
> contents of an encrypted folder to her portable computer, which she then
> takes home with her. At home, her son often needs to use her coputer, so
> she
> configured a separtate user account for him. She calls you to say that
> her
> son can access the contents of the encrypted folder even when logging on
> using his own account. What should you tell her?"
>
> Answer: "Windows XP Home does not support file encryption. When the user
> copied the encrypted folder to the portable computer, file encryption was
> lost, The user has to upgrade her portable computer to XP Professional if
> she needs to maintain file encryption."
>
> I thought the whole point of file encryption was that even if someone else
> could obtain the file, they could not open it. For instance, I thought
> that
> if you went to lunch and someone sat at your computer while it was still
> logged on as yourself, and then e-mailed an encrypted file to himself, he
> would not be able to open it on the other computer. It sounds like that
> is
> not the case. Could someone please elaborate on this please?
>
> Thanks!
>
> Richard



 
Reply With Quote
 
 
 
 
msnews.microsoft.com
Guest
Posts: n/a
 
      07-28-2005
As you said, if someone "sat at your computer while it was still logged on
as yourself, and then e-mailed an encrypted file to himself," they would be
able to read the file. Effectivly they are decrypting the file and then
using it. It is not true that once a file is encrypted, it is always
encrypted. The point of the encryption is that if someone picked up your
computer and walked out the door with it, they would not be able to just
copy the file and read it. Also, someone who wasn't you would not be able to
read the encrypted files when not logged on as you. You, however, can do
whatever you want with your file including permanently decrypting it.


"Richard H" <Richard (E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hello. I am seeking some clarification on a question and answer in the

MCDST
> study book.
>
> Question: "One of your users has a computer running Windows XP

Professional
> at her office and a portable computer running XP Home. She copies the
> contents of an encrypted folder to her portable computer, which she then
> takes home with her. At home, her son often needs to use her coputer, so

she
> configured a separtate user account for him. She calls you to say that

her
> son can access the contents of the encrypted folder even when logging on
> using his own account. What should you tell her?"
>
> Answer: "Windows XP Home does not support file encryption. When the user
> copied the encrypted folder to the portable computer, file encryption was
> lost, The user has to upgrade her portable computer to XP Professional if
> she needs to maintain file encryption."
>
> I thought the whole point of file encryption was that even if someone else
> could obtain the file, they could not open it. For instance, I thought

that
> if you went to lunch and someone sat at your computer while it was still
> logged on as yourself, and then e-mailed an encrypted file to himself, he
> would not be able to open it on the other computer. It sounds like that

is
> not the case. Could someone please elaborate on this please?
>
> Thanks!
>
> Richard



 
Reply With Quote
 
Jupiter Jones [MVP]
Guest
Posts: n/a
 
      07-29-2005
Richard;
"...someone sat at your computer while it was still logged on as
yourself..."
You have a major security issue and it has nothing to do with technology, in
fact there is really no technological solution.
If sensitive data is involved, you MUST log off or there is nothing to
protect your data.
When they copy the data to floppy, Email the data etc, the data is first
decrypted.

See the links near the bottom of this page for more information:
http://www3.telus.net/dandemar/encrypt.htm

--
Jupiter Jones [MVP]
http://www3.telus.net/dandemar
http://www.dts-l.org


"Richard H" <Richard (E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hello. I am seeking some clarification on a question and answer in the
> MCDST
> study book.
>
> Question: "One of your users has a computer running Windows XP
> Professional
> at her office and a portable computer running XP Home. She copies the
> contents of an encrypted folder to her portable computer, which she then
> takes home with her. At home, her son often needs to use her coputer, so
> she
> configured a separtate user account for him. She calls you to say that
> her
> son can access the contents of the encrypted folder even when logging on
> using his own account. What should you tell her?"
>
> Answer: "Windows XP Home does not support file encryption. When the user
> copied the encrypted folder to the portable computer, file encryption was
> lost, The user has to upgrade her portable computer to XP Professional if
> she needs to maintain file encryption."
>
> I thought the whole point of file encryption was that even if someone else
> could obtain the file, they could not open it. For instance, I thought
> that
> if you went to lunch and someone sat at your computer while it was still
> logged on as yourself, and then e-mailed an encrypted file to himself, he
> would not be able to open it on the other computer. It sounds like that
> is
> not the case. Could someone please elaborate on this please?
>
> Thanks!
>
> Richard



 
Reply With Quote
 
msnews.microsoft.com
Guest
Posts: n/a
 
      07-29-2005
Hey I know:
You're thinking of IRM. (or DRM and I think I've seen it called CRM once)
http://www.microsoft.com/technet/pro...e/of03irm.mspx

With IRM you can specify whether someone can print, copy, read, change,
etc.. If someone sat at your computer and emailed an IRM protected file to
themselves, they wouldn't be able to read the document unless they had been
given permission. Also, since the RMS *should* be auditable, at least you'd
know someone sat at you computer, and say, chaged the permissions so they
could read the file on their computer.

Richard





"Richard H" <Richard (E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hello. I am seeking some clarification on a question and answer in the

MCDST
> study book.
>
> Question: "One of your users has a computer running Windows XP

Professional
> at her office and a portable computer running XP Home. She copies the
> contents of an encrypted folder to her portable computer, which she then
> takes home with her. At home, her son often needs to use her coputer, so

she
> configured a separtate user account for him. She calls you to say that

her
> son can access the contents of the encrypted folder even when logging on
> using his own account. What should you tell her?"
>
> Answer: "Windows XP Home does not support file encryption. When the user
> copied the encrypted folder to the portable computer, file encryption was
> lost, The user has to upgrade her portable computer to XP Professional if
> she needs to maintain file encryption."
>
> I thought the whole point of file encryption was that even if someone else
> could obtain the file, they could not open it. For instance, I thought

that
> if you went to lunch and someone sat at your computer while it was still
> logged on as yourself, and then e-mailed an encrypted file to himself, he
> would not be able to open it on the other computer. It sounds like that

is
> not the case. Could someone please elaborate on this please?
>
> Thanks!
>
> Richard



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Which hard drive encryption program has the strongest tested encryption & security? =?iso-8859-1?Q?-=3D|__=28=BAL=BA=29__|=3D-____o=3D=5B:::::::::::::::=BB?= Computer Security 6 02-20-2008 01:35 PM
MCDST Study Material =?Utf-8?B?YTE0NG1i?= Microsoft Certification 1 03-28-2006 09:29 AM
News: MCDST Hits Milestone &i find MCDST is Launch at February 2004^^ =-Zero@HK-=ASP.Net / VB MCDST 0 08-23-2005 02:30 PM
MCDST Study Material Tazman Microsoft Certification 1 01-10-2005 12:59 AM
MCDST Study Material eXPerience MCDST 1 02-05-2004 02:03 AM



Advertisments