You have a standalone computer that runs Windows 7. Multiple users share the computer.
You need to ensure that you can read the content of all encrypted files on the computer.
What should you do?
A.
Run the Certificates Enrollment wizard and then run Certutil.exe -importpfx.
B.
Run the Certificates Enrollment wizard and then run Certutil.exe -installcert.
C.
Run Cipher.exe /r and then add a data recovery agent from the local security policy.
D.
Run Cipher.exe /rekey and then import a security template from the local security policy.
Explanation:
Cipher
Displays or alters the encryption of folders and files on NTFS volumes. Used without parameters,
cipher displays the encryption state of the current folder and any files it contains. Administrators can
use Cipher.exe to encrypt and decrypt data on drives that use the NTFS file system and to view the
encryption status of files and folders from a command prompt. The updated version adds another
security option. This new option is the ability to overwrite data that you have deleted so that it
cannot be recovered and accessed.
When you delete files or folders, the data is not initially removed from the hard disk. Instead, the
space on the disk that was occupied by the deleted data is “deallocated.” After it is deallocated, the
space is available for use when new data is written to the disk. Until the space is overwritten, it is
possible to recover the deleted data by using a low-level disk editor or data-recovery software.
If you create files in plain text and then encrypt them, Encrypting File System (EFS) makes a backup
copy of the file so that, if an error occurs during the encryption process, the data is not lost. After
the encryption is complete, the backup copy is deleted. As with other deleted files, the data is not
completely removed until it has been overwritten. The new version of the Cipher utility is designed
to prevent unauthorized recovery of such data.
/K Creates a new certificate and key for use with EFS. If this option is chosen, all the other options
will be ignored. By default, /k creates a certificate and key that conform to current group plicy. If ECC
is specified, a self-signed certificate will be created with the supplied key size.
/R Generates an EFS recovery key and certificate, then writes them to a .PFX file (containing
certificate and private key) and a .CER file (containing only the certificate). An administrator may add
the contents of the .CER to the EFS recovery policy to create the recovery for users, and import the
.PFX to recover individual files. If SMARTCARD is specified, then writes the recovery key and
certificate to a smart card. A .CER file is generated (containing only the certificate). No .PFX file is
genereated. By default, /R creates an 2048-bit RSA recovery key and certificate. If EECC is specified,
it must be followed by a key size of 356, 384, or 521.