Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
25 Cards in this Set
- Front
- Back
|
BitLocker
|
BitLocker is a full volume encryption and system protection feature that is available on computers running the Enterprise and Ultimate editions of Windows 7.
|
|
|
BitLocker provides the following benefits:
|
It prevents an attacker from recovering data from a stolen computer
It simplifies the process of hard disk drive disposal. It protects the integrity of the boot environment against unauthorized modification by checking the boot environment each time you turn on the computer. |
|
|
BitLocker Modes
|
TP M-only mode
TP M with startup key TP M with PIN TP M with PIN and startup key BitLocker without a TP M |
|
|
TPM
|
Trusted Platform Module
|
|
|
DRAs
|
Data Recovery Agents (DRAs)
|
|
|
Data Recovery Agents (DRAs)
|
Data Recovery Agents (DRAs) are special user accounts that you can use to recover encrypted data.
|
|
|
policies to allow specific volume types to utilize the DRA:
|
Choose How BitLocker-Protected Operating System Drives Can Be Recovered
Choose How BitLocker-Protected Fixed Drives Can Be Recovered Choose How BitLocker-Protected Removable Drives Can Be Recovered |
|
|
manage-bde –SetIdentifier
|
you may have already enabled BitLocker on a volume prior to preparing a DRA. You can update a volume to support a DRA by using the manage-bde –SetIdentifier
|
|
|
Enabling BitLocker
|
To enable BitLocker on a computer, open the BitLocker Drive Encryption control panel and then click Turn On BitLocker.
|
|
|
Which policy must you configure to allow a computer that does not have a TPM
chip to use BitLocker with a startup key stored on a compatible USB device? |
You must configure the Require Additional Authentication At Startup policy to allow a computer that does not have a TPM chip to use BitLocker with a startup key stored on a compatible USB device.
|
|
|
BitLocker To Go
|
BitLocker To Go is a feature that is available in the Enterprise and Ultimate editions of Windows 7.
|
|
|
BitLocker To Go What for?
|
allows for removable storage devices to be encrypted using BitLocker
BitLocker To Go does not require that the computer have a TPM chip or that Group Policy be configured to allow some other form of authentication such as a startup key |
|
|
Policies to allow to manage BitLocker To Go
|
Control Use of BitLocker On Removable Drives
Configure Use Of Smart Cards On Removable Data Drives Deny Write Access To Removable Drives Not Protected By BitLocker Allow Access To BitLocker-Protected Removable Data Drives From Earlier Versions of Windows Configure Use Of Passwords For Removable Data Drives Choose How BitLocker-Protected Removable Drives Can Be Recovered |
|
|
The following events trigger recovery mode:
|
The boot environment changes. This could include one of the boot files being modified.
TPM is disabled or cleared. An attempt is made to boot without the TPM, PIN, or USB key being provided. You attach a BitLocker-encrypted operating system volume to another computer. |
|
|
Manage-bde.exe
|
Manage-bde.exe is the BitLocker command-line utility
Manage-bde.exe allows you to unlock locked BitLocker volumes and allows you to modify BitLocker PINs, passwords, and keys |
|
|
Common Manage-bde.exe Parameters
|
-status
-on (encrypt) -off (decrypt) -resume/-pause -lock -unlock -SetIdentifier -changepin -changepassword -changekey |
|
|
The Offline Files feature in Windows 7 has the four following modes of operation:
|
Online mode
Auto offline mode Manual offline mode Slow-link mode |
|
|
Several important policies available in this node include (for offline files):
|
Administratively Assigned Offline Files
Configure Background Sync Non-Default Server Disconnect Actions Encrypt The Offline Files Cache Configure Slow-Link Mode Configure Slow Link Speed |
|
|
transparent caching
|
Windows 7 keeps a cached copy of all files that a user
opens from shared folders on the local volume. Windows 7 triggers transparent caching when the round-trip latency value exceeds the amount specified in the Enable Transparent Caching policy, |
|
|
When you click Resolve within the View Sync Conflicts area, you can choose among three
actions: |
Keep the local version
Keep the server version Keep both versions |
|
|
What are some of the differences between transparent caching and BranchCache when it comes to shared folders on remote networks?
|
Transparent caching does not require file servers running Windows Server 2008 R2. Transparent caching does not use a shared file cache. Windows 7 Professional
supports transparent caching. Transparent caching can be used with computers that are not members of a domain. |
|
|
Windows 7 comes with three power plans
|
Performance
Balance Power Saver |
|
|
Windows 7 supports the following sleep, shutdown, and hibernation modes:
|
Sleep
Hybrid Sleep Hibernate Shutdown |
|
|
Using the Advanced Settings dialog box in Power Options, you can configure the following
settings for both the On Battery and Plugged In states: |
Require A Password On Wakeup
Turn Off Hard Disk Desktop Background Settings Wireless Adapter Settings |
|
|
Powercfg.exe
|
It is possible to use Powercfg.exe to configure
a number of Windows 7 power-related settings that you cannot configure through Group Policy or the Advanced Plan Settings dialog box. You can use Powercfg.exe to configure specific devices so that they are able to wake the computer from the Sleep state |
