Project 4 - Lab Completed
Project 4 - Lab Completed
to complete
all required actions in each step of the lab and respond to all questions. The template is designed to be used
as a guide for your lab and not necessarily a project requirement.
In compiling your findings, think of how your experience performing the labs is related to the overall
project goals. You are required to collect information from the lab to understand potential vulnerabilities
and other security challenges, analyze, create your lab report, and incorporate key components in the final
project report.
Please do well to pay attention to each item above and use it as a supplemental guide besides the project
requirements. Finally, note that successfully completing the lab is important for achieving the overall
project goals.
1. Comment on what the PowerShell command outputs above indicate. There will be additional
questions for you to answer later in this lab.
2. In your opinion, how does BitLocker work and how can you tell if a TPM is on my
computer?
3. Can you use BitLocker on an operating system drive without a TPM?
4. Why do you think attempt to enable BitLocker on the C drive without a TPM prompted the
error message that the administrator must set the Allow BitLocker without a compatible
TPM option?
5. In your opinion, why do you think you were able to encrypt the Data-A(H:) drive? What is
Lab Experience Report
OPTIONAL QUESTIONS:
1. Was the C drive encryption successful? Why or why not?
2. What do you think about storage of the recovery key and an encrypted device?
3. Document your observations based on your experience conducting BitLocker encryption.
Please do well to document any errors if any.
NOTE: Proceed to the next page and use the space provided to compile a summary of your lab
experience report. Use additional space as necessary to complete the report.
SUMMARY OF THE LAB EXPERIENCE REPORT
Use the space below to summarize your lab experience report based on your findings from the lab,
making sure to complete all required actions in each step of the lab and respond to all questions. Be
sure to incorporate key part of your findings in your final project report for submission to your
professor. You may use additional space as necessary to complete the lab.
1. Comment on what the PowerShell command outputs above indicate. There will be additional
questions for you to answer later in this lab. Get-Tpm indicated that it is no present and manage-bde -
status show that volume H, I, and D are have protection off and are fully decrypted.
2
Lab Experience Report
2. In your opinion, how does BitLocker work and how can you tell if a TPM is on my computer? It
works by encrypting the entire volume. To see if TPM is on your computer you can look at Control
Panel\System and Security\BitLocker Drive Encryption and click on TPM Administration.
3
Lab Experience Report
3. Can you use BitLocker on an operating system drive without a TPM? Out of all the operation modes
expect one depends on TPM (Solomon, 2019). You will need to use password or USB to store keys if
you don’t have TPM.
4. Why do you think attempt to enable BitLocker on the C drive without a TPM prompted the error
message that the administrator must set the Allow BitLocker without a compatible TPM option? To
change policy settings, you will need administrator access and/or permission. You will need to select
“Allow BitLocker without a compatible TPM”.
5. In your opinion, why do you think you were able to encrypt the Data-A(H:) drive? What is the OS
security implications of this requirement? You are not encrypting the entire operating system, but just
the drive named Data-A(H:). Unless you its unlocked or you have key you will not be able to access
data on drive once it is locked. With new encryption mode (XTS-AEX) it’s not compatible with older
Windows versions.
4
Lab Experience Report
6. When a drive is encrypted with BitLocker and the BitLocker lock is on, what options do you have to
manage that drive in the Manage BitLocker utility? You have ability to apply password to unlock drive.
7. Other than the encryption keys that need to be generated and stored, why does BitLocker require a
TPM chip? TPM is used to help with protecting data and assist in protecting against tampering offline
(Dansimp, 2021). TPM is needed with encrypting operating systems especially if you don’t have USB.
8. What is the best practice for using BitLocker on an operating system drive and what role does TPM
play? [hint: Think of the advantages of a TPM chip?] One of the biggest advantages of using a TPM is
the it’s co-located with computer connected internally. This reducing the loss that could occur if stored
on a USB.
9. What credentials are required to use BitLocker and does BitLocker support multifactor
authentication? You need access to local Administrators group.
5
Lab Experience Report
10. Based on your experience conducting this lab, how long do you think initial encryption will take
when BitLocker is turned on, and what happens if the computer is turned off during encryption or
decryption? Based on my experience conducting this lab it doesn’t take but maybe a few minutes to
include the restart. If system restarts it could cause corruption of the data and/or not successfully
encrypt/decrypt.
11. Based on your experience conducting this lab, what is the difference between a recovery password
and a recovery key? Where are the encryption keys stored? Password is what I created to enter the
encrypted drive where as the key is unique for each drive generated by BitLocker and is stored on disk.
OPTIONAL QUESTIONS:
1. Was the C drive encryption successful? Why or why not? Yes, being a part of the administrator
group I enabled TPM allowing me to successfully encrypt.
2. What do you think about storage of the recovery key and an encrypted device? When trying to store
key on the same drive I was encrypted I received the following error:
6
Lab Experience Report
3. Document your observations based on your experience conducting BitLocker encryption. Please do
well to document any errors if any. I ended up canceling the encryption of (C:). I do not have a USB
flash drive and/or printer.
References
7
Lab Experience Report
Dansimp. (2021, December 3). Bitlocker (Windows 10) - windows security. (Windows 10) - Windows security |
Microsoft Docs. Retrieved from https://docs.microsoft.com/en-us/windows/security/information-
protection/bitlocker/bitlocker-overview
Solomon, M. G. (2019, October). Security strategies in windows platforms and applications, 3rd Edition.
O'Reilly Online Learning. Retrieved from
https://learning.oreilly.com/library/view/security-strategies-in/9781284175639/xhtml/
12_Chapter04_02.xhtml