Security - Workstation Security Flashcards
When you set up Bitlocker, what two volumes are created?
– System (boot) volume - contains all Windows boot files and is 100 MB in size. This volume is not encrypted.
– Standard volume contains everything else. This is what is encrypted.
The two options BitLocker can use to encrypt the drive are:?
– Encrypt the entire drive at once. This is recommended for drives that are already in use. This process can take a very long time depending on the size of the drive.
– The Encrypt Used Space Only option was introduced with Windows 10. It encrypts only the portion of the drive that is currently in use. As data is written to the drive, it is encrypted. This method speeds up the encryption process.
What does Bitlocker use to generate and store encryption keys?
TPM - Trusted Platform Module
What version does TPM need to be for BitLocker?
Version 1.2
If a computer doesn’t have a TPM how can BitLocker be enabled?
First off, the boot files will not be encrypted. And you need to use a startup USB key or have a system volume password enabled to boot into Windows.
What is the purpose of the recovery key that Windows generates during the enabling of BitLocker?
It’s used to recover data in the follow circumstances:
– The hard drive is moved to a new system.
– Changes are made to startup files.
– BitLocker goes into a locked state.
What options does BitLocker give to back up the recovery key?
– Personal Microsoft account.
– USB drive.
– File on the local computer.
– Printout of the key out.
– Active Directory if the computer is on a Active Directory network.
What is a Data Recovery Agent (DRA)?
A special user account on a Windows Active Directory network that can be used to decrypt any encrypted drive on the network. If the hard drive contains the operating system files, it must be installed into a different machine and configured as a data drive before it can be decrypted.
What is BitLocker To Go?
A special version of BitLocker that is used to encrypt the data stored on a USB drive.
What are the three main methods of encrypting database data?
– Transparent data encryption (TDE)
– Column level encryption
– Application level encryption
What is transparent data encryption in a database and why is called that?
– It encrypts the entire database and all back ups.
– It encrypts data at rest (data not currently being used)
– It’s called transparent because data is automatically decrypted with an authorized user accesses it. The user does not see the process or do anything to decrypt the data.
What is column level encryption?
– Allows the administrator to encrypt each column separately.
– Each column in encrypted using a different key to increase security.
– It causes a hit to the performance of the DB
What is application level encryption?
– The program used to create or modify the data is responsible for encrypting the data.
– Data is encrypted before going into the DB
– Resources required to setup this method can be prohibitive.
What are the important considerations regarding password length?
– Use a minimum of 8 characters
– Increasing the number of characters exponentially increases the time it takes to brute force a password.
– A complex password consisting of 8 characters takes anywhere from a few hours to 6 months to crack.
– A complex password consisting of 12 characters takes approximately 34 thousand years to crack.
– Use a passphrase instead of a password.
What are important considerations regarding password composition?
– Use uppercase, lowercase, numbers, and special characters.
– Don’t set requirements on the number or types of characters to use. This information can be used by a hacker for a brute force attack on the password.