Manage FileVault Flashcards
How does FileVault protect user data?
FileVault encrypts the APFS Data volume portion of the built-in startup disk.
How does FileVault encrypt Macs with Apple Silicon and Intel-Based Macs WITH the Apple T2 Security chip?
They use their built-in hardware accelerated Advance Encryption Standard (AES) engine to encrypt data by using 256-bit encryption keys tied to the chip’s unique identifier.
What happens if part, or all, of the T2 chip containing encrypted data becomes damaged?
The content of the built-in storage may need to be restored from a backup.
How does FileVault encrypt Macs Intel-Based Macs WITHOUT the Apple T2 Security chip?
FileVault encryption uses XTS-AES-128 encryption with a 256-bit key to prevent unauthorized access to the information on your startup disk. FileVault performs the encryption at the file-system driver level of macOS.
What does the login window show when you start up an Intel-based Mac with FileVault enabled?
It displays all users that are enabled for FileVault
What happens when you start a Mac in macOS Recovery with FileVault enabled?
You have to select a user that you know the password for and then enter password.
What two places can you enable FileVault?
- In the initial setup of the Mac, if Apple ID is provided.
2. Security and Privacy pane in System Preferences.
What are the two ways you can recover if the FileVault-enabled user password is lost?
- User your Apple ID to unlock the FileVault volume
2. Record the key that FileVault randomly generates
True/False: After FileVault is enabled, when you create new user accounts, macOS creates them with the ability to unlock FIleVault by default.
True
If you loose all FileVault-enabled account passwords AND you are unable to access the FileVault recovery key, is there any other way to recover the data on your startup volume?
No
