Use this lab experience report template to document your findings from the lab and make sure

to complete
all required actions in each step of the lab and respond to all questions. The template is designed to be used
as a guide for your lab and not necessarily a project requirement.

ADDITIONAL LAB GUIDANCE

Below is a list of additional guidance and/or recommendations for your lab experience report:
 Completing the labs: All sections or parts of the labs should be completed as required.
 Answering the lab questions: You are required to answer all the lab questions (if any).
 Taking screenshots: While taking screenshots is recommended in your lab, try to limit them
and only focus on the applicable ones to support your lab report.
 Writing your lab experience report: You are required to write a summary of the lab
experience report based on your findings and incorporate them into your final deliverables.
 File name convention: Please change the generic file name of this template to reflect part of
your name, the course ID, or the project/lab title.
o e.g. 1: CST610 Project 1 Lab- Network Traffic Capture and Analysis
o e.g. 2: CST610 Project 1 Lab- Network Traffic Capture and Analysis—John Doe
o e.g. 3: CST610-Project 1 Lab_ Network Traffic Capture and Analysis (5/15/22)

In compiling your findings, think of how your experience performing the labs is related to the overall
project goals. You are required to collect information from the lab to understand potential vulnerabilities
and other security challenges, analyze, create your lab report, and incorporate key components in the final
project report.
Please do well to pay attention to each item above and use it as a supplemental guide besides the project
requirements. Finally, note that successfully completing the lab is important for achieving the overall
project goals.

THE LAB QUESTIONS

Acting as a cybersecurity consultant, you have been able to ensure highest levels of security required to
prevent data exfiltration by employing BitLocker Drive Encryption (BDE). Specifically, you decided to use
BDE as a data protection tool to integrate with the internal operating system (OS) and encrypted user hard
drives with the aim of addressing threats of data privacy. Based on the knowledge and experience gained
from the lab about the use of BitLocker encryption, answer the following questions.

PART 2—TASK 2, TASK 3, TASK 4: Performing BitLocker Encryption/Decryption, Changing

Encryption/Decryption Password, TPM chip

1. Comment on what the PowerShell command outputs above indicate. There will be additional
questions for you to answer later in this lab.
2. In your opinion, how does BitLocker work and how can you tell if a TPM is on my
computer?
3. Can you use BitLocker on an operating system drive without a TPM?
4. Why do you think attempt to enable BitLocker on the C drive without a TPM prompted the
error message that the administrator must set the Allow BitLocker without a compatible
TPM option?
5. In your opinion, why do you think you were able to encrypt the Data-A(H:) drive? What is
 Lab Experience Report

the OS security implications of this requirement?

6. When a drive is encrypted with BitLocker and the BitLocker lock is on, what options do you
have to manage that drive in the Manage BitLocker utility?
7. Other than the encryption keys that need to be generated and stored, why does BitLocker
require a TPM chip?
8. What is the best practice for using BitLocker on an operating system drive and what role does
TPM play? [hint: Think of the advantages of a TPM chip?]
9. What credentials are required to use BitLocker and does BitLocker support multifactor
authentication?
10. Based on your experience conducting this lab, how long do you think initial encryption will
take when BitLocker is turned on, and what happens if the computer is turned off during
encryption or decryption?
11. Based on your experience conducting this lab, what is the difference between a recovery
password and a recovery key? Where are the encryption keys stored?

OPTIONAL QUESTIONS:
1. Was the C drive encryption successful? Why or why not?
2. What do you think about storage of the recovery key and an encrypted device?
3. Document your observations based on your experience conducting BitLocker encryption.
Please do well to document any errors if any.

NOTE: Proceed to the next page and use the space provided to compile a summary of your lab
experience report. Use additional space as necessary to complete the report.
SUMMARY OF THE LAB EXPERIENCE REPORT

Use the space below to summarize your lab experience report based on your findings from the lab,
making sure to complete all required actions in each step of the lab and respond to all questions. Be
sure to incorporate key part of your findings in your final project report for submission to your
professor. You may use additional space as necessary to complete the lab.

PART 2—TASK 2, TASK 3, TASK 4: Performing BitLocker Encryption/Decryption, Changing

Encryption/Decryption Password, TPM chip

1. Comment on what the PowerShell command outputs above indicate. There will be additional
questions for you to answer later in this lab. Get-Tpm indicated that it is no present and manage-bde -
status show that volume H, I, and D are have protection off and are fully decrypted.

2
 Lab Experience Report

2. In your opinion, how does BitLocker work and how can you tell if a TPM is on my computer? It
works by encrypting the entire volume. To see if TPM is on your computer you can look at Control
Panel\System and Security\BitLocker Drive Encryption and click on TPM Administration.

3
 Lab Experience Report

3. Can you use BitLocker on an operating system drive without a TPM? Out of all the operation modes
expect one depends on TPM (Solomon, 2019). You will need to use password or USB to store keys if
you don’t have TPM.

4. Why do you think attempt to enable BitLocker on the C drive without a TPM prompted the error
message that the administrator must set the Allow BitLocker without a compatible TPM option? To
change policy settings, you will need administrator access and/or permission. You will need to select
“Allow BitLocker without a compatible TPM”.

5. In your opinion, why do you think you were able to encrypt the Data-A(H:) drive? What is the OS
security implications of this requirement? You are not encrypting the entire operating system, but just
the drive named Data-A(H:). Unless you its unlocked or you have key you will not be able to access
data on drive once it is locked. With new encryption mode (XTS-AEX) it’s not compatible with older
Windows versions.

4
 Lab Experience Report

6. When a drive is encrypted with BitLocker and the BitLocker lock is on, what options do you have to
manage that drive in the Manage BitLocker utility? You have ability to apply password to unlock drive.

7. Other than the encryption keys that need to be generated and stored, why does BitLocker require a
TPM chip? TPM is used to help with protecting data and assist in protecting against tampering offline
(Dansimp, 2021). TPM is needed with encrypting operating systems especially if you don’t have USB.

8. What is the best practice for using BitLocker on an operating system drive and what role does TPM
play? [hint: Think of the advantages of a TPM chip?] One of the biggest advantages of using a TPM is
the it’s co-located with computer connected internally. This reducing the loss that could occur if stored
on a USB.

9. What credentials are required to use BitLocker and does BitLocker support multifactor
authentication? You need access to local Administrators group.

5
 Lab Experience Report

10. Based on your experience conducting this lab, how long do you think initial encryption will take
when BitLocker is turned on, and what happens if the computer is turned off during encryption or
decryption? Based on my experience conducting this lab it doesn’t take but maybe a few minutes to
include the restart. If system restarts it could cause corruption of the data and/or not successfully
encrypt/decrypt.

11. Based on your experience conducting this lab, what is the difference between a recovery password
and a recovery key? Where are the encryption keys stored? Password is what I created to enter the
encrypted drive where as the key is unique for each drive generated by BitLocker and is stored on disk.

OPTIONAL QUESTIONS:

1. Was the C drive encryption successful? Why or why not? Yes, being a part of the administrator
group I enabled TPM allowing me to successfully encrypt.

2. What do you think about storage of the recovery key and an encrypted device? When trying to store
key on the same drive I was encrypted I received the following error:

BitLocker Driver Encryption Error

This location can’t be used.
Your recover key can’t be saved to an encrypted drive. Choose different location.

6
 Lab Experience Report

3. Document your observations based on your experience conducting BitLocker encryption. Please do
well to document any errors if any. I ended up canceling the encryption of (C:). I do not have a USB
flash drive and/or printer.

References
7
 Lab Experience Report

Dansimp. (2021, December 3). Bitlocker (Windows 10) - windows security. (Windows 10) - Windows security |
Microsoft Docs. Retrieved from https://docs.microsoft.com/en-us/windows/security/information-
protection/bitlocker/bitlocker-overview

Solomon, M. G. (2019, October). Security strategies in windows platforms and applications, 3rd Edition.
O'Reilly Online Learning. Retrieved from
https://learning.oreilly.com/library/view/security-strategies-in/9781284175639/xhtml/
12_Chapter04_02.xhtml