What should you do?

Posted by: Pdfprep Category: 70-680 Tags: , ,

Your network consists of one Active Directory domain. You have two computers named Computer1 and Computer2 that run Windows 7. Both computers are members of the domain. From Computer1, you can recover all Encrypting File System (EFS) encrypted files for users in the domain. You need to ensure that you can recover all EFS encrypted files from Computer2.

What should you do?
A . On Computer1, back up %systemroot%DigitalLocker. On Computer2, restore %systemroot%DigitalLocker.
B . On Computer1, export the data recovery agent certificate. On Computer2, import the data recovery agent certificate.
C . On Computer1, run Secedit.exe and specify the /export parameter. On Computer2, run Secedit.exe and specify the /import parameter.
D . On Computer1, run Cipher.exe and specify the /removeuser parameter. On Computer2, run Cipher.exe and specify the /adduser parameter.

Answer: B

Explanation:

You can import the recovery agent to another computer running Windows 7 if you want to recover files encrypted on the first computer. You can also recover files on another computer running Windows 7 if you have exported the EFS keys from the original computer and imported them on the new computer. You can use the Certificates console to import and export EFS keys.

NOT Secedit.exe:

You can use both the Local Group Policy Editor and the Local Security Policy console to import and export security-related Group Policy settings. You can use this import and export functionality to apply the same security settings to stand-alone computers that are not part of a domain environment. Exported security files are written in Security Template .inf format. As well as using Local Group Policy Editor and the Local Security Policy console to import policies that are stored in .inf format, you can apply them using the Secedit.exe command-line utility.

NOT Cipher.exe /removeuser /adduser.

NOT DigitalLocker.

Leave a Reply

Your email address will not be published.